last executing test programs:

1m3.094516251s ago: executing program 3 (id=1055):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb)
gettid()
close(r2)
r3 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x1a1)
fcntl$setlease(r3, 0x400, 0x1)
execve(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)

1m2.977826633s ago: executing program 3 (id=1059):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b702000000040000850000008600000095000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r4}, &(0x7f0000000380), &(0x7f00000003c0)=r5}, 0x20)
r6 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r7 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r7, 0x0)
write$selinux_load(r6, &(0x7f0000000000)=ANY=[], 0xfdb7)
socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x0)
r9 = socket(0x10, 0x803, 0x0)
getsockname$packet(r8, &(0x7f0000000740)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="48000000100001040000000001000000000000", @ANYBLOB="0000000000000000280012800b000100697036746e6c000018000280"], 0x48}}, 0x0)
sendmsg$nl_route(r9, 0x0, 0xeb64d656001f6f32)

1m2.047700767s ago: executing program 3 (id=1062):
socketpair$unix(0x1, 0x5, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000100), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000002cc0)={0x11, 0x13, &(0x7f0000000280)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x0, 0xfffffcc5, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000a40)={0x2020}, 0x2020)
ioctl$UI_SET_PHYS(r0, 0x4008556c, &(0x7f0000000000)='syz0\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f0000000580)=[{{&(0x7f0000000180)=@nfc_llcp, 0x80, &(0x7f0000000980)=[{&(0x7f0000000340)=""/30, 0x1e}, {&(0x7f0000000380)=""/146, 0x92}, {&(0x7f0000000680)=""/150, 0x96}, {&(0x7f0000000740)=""/135, 0x87}, {&(0x7f0000000800)=""/253, 0xfd}, {&(0x7f0000000900)=""/89, 0x59}, {&(0x7f0000002a80)=""/232, 0xe8}], 0x7, &(0x7f0000002b80)=""/82, 0x52}, 0x1000}], 0x1, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff00", @ANYBLOB], 0x48)
r5 = syz_open_procfs(0x0, 0x0)
write$cgroup_int(r5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
syz_open_dev$vcsa(0x0, 0x1, 0x102)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r6}, 0x10)
socket$netlink(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r7, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0xffffff7f}, 0xc, &(0x7f00000005c0)={0x0, 0x88}}, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

1m1.026008513s ago: executing program 3 (id=1065):
r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8002, &(0x7f00000000c0), 0x1, 0x4b4, &(0x7f0000000c80)="$eJzs3E9sFNUfAPDvbHdpgR8/KiIKoi6isdHYQkHh4AWjiQdMjHjQY9MWghRqaE2EECmJwaMh8W48evXgVb0ZTyZe8WhiSIjhAnhaM7sz7e52t//Y7oL7+SRL35t9s+99982bfTNvlwD6Vjn9J4n4X0TcjIidtWxjgXLtz707Vybv37kyGQuVyqm/k2q5u2k+k++3PcuMFCIKXyRNL1gzd+nyuYmZmemLWX5s/vwnY3OXLr969vzEmekz0xfGjx8/euTwsdfHX1t/UC3qS+O6u+/z2f173/noxruTxXz7UPa3Po5OKUe5VVOqXux0ZT22oy6dFHvYENZlICLS7ipVx//OGAidB/2iUqlUBts/vVBpdm3ZFuCRlUSvWwD0Rv5Bn17/5o8uTT0eCrdP1C6A0rjvZY/aM8UoZGVKTde3nTQUER8u/PNN+ohNug8BAFDvpxP5TLB5/leIPXXl/p+toQxHxGMRsSsiHo+I3RHxRES17JMR8VTT65cjorJC/eWm/PL5T+HWAwW4inT+90a2ttU4/8tnfzE8kOV2ROQT5ulD2XsyEqXB02dnpg+vUMfPb/3+VbvnynXzv/SR1p/PBbN23Co23aCbmpif2HDATW5fi9hXbI4/KUYkiysBSUTsjYh963jd4br02Ze/27+YKTWWWz3+qkrLdbQOLFVUvo14qdb/C9HQ/0s1JiuvT44Nxcz0obH0KDjUso5ff7v+Xrv6V43/hz+bd3n72I+nHjTsRWn/b6s7/iNfv12KfziJSBbXa+fWX8f1P75se02ztuP/asM+6fG/Jfmgmt6SbftsYn7+4uGILcnJ5dvHl/bN83n5NP6Rg63H/65sn/SdeDoi0oP4mYh4NiKey9p+ICKej4iDK8T/y5svfLzx+DdXGv9Uy/NfQ/8vrdfPncwTl9aaGDh34Ob9NiePtfX/0WpqJNvS+vyXNJwi1trADryFAAAA8NArRPW7/4XRxXShMDpauwe0O7YVZmbn5l85PfvphanabwSGo1TI73TV7geXkvz+53BdfrwpfyS7b/z1wNZqfnRydmaq18FDn9teHfPJsvGf+mug160DNp2f/ED/Wm3877nRpYYAXefzH/pX3fhfaFNkwTdl4L+p9ed/qevtALqv1fi/uoF9gEdLxViGvmb8Q/8qxvuL6UJPWwJ0m89/6Etr/xX/RhKVwdZPDcXywjG0Oc3Y2qKuniTSmVVPat+6kb3y/02hbZkorPY6xYZjbDCWlxmInvTFmT0dP/gr2XflO93U71cep/l0fRPeqO6ehwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADbLvwEAAP//cdfX0w==")
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0x1, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
clock_nanosleep(0x0, 0x1, &(0x7f0000000100)={0x0, 0x3938700}, &(0x7f0000000140))
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r1 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000040)=0x13)
ioctl$TCXONC(r1, 0x540a, 0x3)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
syz_clone(0x44004100, 0x0, 0xfffffffffffffe65, 0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e00000000000000010000000700000000000000", @ANYRES32=0x1, @ANYBLOB="000000000000000000000002001afbff00000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="4000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE(0x700000000000000, &(0x7f0000000180)=@base={0x1d, 0x4, 0x2, 0x0, 0x201, 0xffffffffffffffff, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x5, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r6, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r7 = dup(r6)
write$FUSE_BMAP(r7, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r7, &(0x7f0000000440)=ANY=[], 0xb0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r7}})

59.649826604s ago: executing program 3 (id=1071):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="61154400000000006113100000000000bfa000000000000007000000ee00160e5e03010000000000140500000000000069163a0000000000bf07000000000000360507000fff0720670600001f000000150600000ee6ffc0bf500000000000002f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05002000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ace0600006e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc0da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d00c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932fb3bba54b3a6aa57f1ad2e99e0e67ab9ff16d20000009f0f53acbb40b4f8e2738270001562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000815266b2c9e1bfadc7498e9dda5d000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631822a11dc3c693962895496d4f6e9cc54db6c7205a6b26f92121ef53e553acdf42068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710eec53f1b11cced7bc3c8da0c44d2fbf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db80300c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f8709d87b27f8a5d9121fdc058447b728f134f72062fc4b1ca0780b1a7af137ff7b4ff139604faf0453b65586f65c7943d56b52f06c870edf0c5d744b5272b44c23480b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61940aabc86b94f8cbde4d47060400e722a6a2af483ad0d3415ed0f9db009acaba9eaea93f811d434e00000000000000000000d154672fea96aedf346279ec00000000000000000000d535d41b0067f01e2e54b9154d876020b669640ead4ca44631fadf7c4ac39a1b331dbdcd52b36df021b731ef1f92330d347f88ced5c1aaadbcdd8d2257e3a9a7c7494fadf9be36f7a2334ee6e9446fa1fd486f85d672a77dc5bd21463994d49f12016305a1e394d292b66840fe32b40ad665d241a8b8a32b3100450c32832789aa8a096f41201b585cd76631c88cf958e9e9047f5af1730c5e83db12460a0768fd4b62be6c41eed307048bac8d1f7f164574241e06027654b248dcc38749eee0c1ee7c61b3f6411a559c3d45637b11e440ed5a99109b8e71d28c3d677af5f0499c6d3fc6a129775056958c9df824ebe5fa9fb306b24a8a8334910627d03efe69d4b61c4345f048c5da8aca16cea848fa77d2507c920a6bd654b00e07789382ed902c80deeff2fd5c78f42e4353e5360c3e55962efd1331e6736eaf4ee27736fa54803ee8ec1a15266ffcd8b30368740b584c2559e691e542cab3d49db327db62328f159d1e0900b3e23e84dedcd1377aa15dbeab7db181bd66980c3557c7d9f7377fcb6023accb5c368a121acf70e5f4c3f2a0ea07011c7149ea979cab2ee65cf7ffa29152b7a8fed89575e6e6fd77d4d9463d21775abac886ee6a1f2d7d8523840438a73d6307a87e2f525867fc3af7ab74520a773ae26bae74cdd405a211e8833e1ba523cde51d04a7ca6732"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setregid(0xffffffffffffffff, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0xd4, 0x0)
syz_mount_image$f2fs(&(0x7f0000000100), &(0x7f0000010600)='./file0\x00', 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="6163746976655f6c6f67733d342c66617374626f6f742c746573745f64756d6d795f656e6372797074696f6e2c6673796e635f6d6f64653d7374726963742c00200da779e57c52e33a83fdbd563a5b7c6b958cb6e49387a5ba5a89b0887c0292eb888cc8efa81040100dc3ba748033542625bc334eaf793332891541000f3c63c0a5f0af254a5bd1f4b81d0c5188ddcadf07eff7b49004e0b243a8a4d93632fbe9ab868d88310829d8e04a3c0572143a3d3d1472cc5da6f72bb097f5f7b95a09e442c0a1463aaa90db7dcbc542dc5bced278eda11583f810469b706968e793db3230"], 0x1, 0x1059a, &(0x7f0000020c00)="$eJzs3M1rI2UcB/Bftu6r61pkX/TkgAgNmNC03aIgUnUXXbBL8eXgSdNkGrKbZEqTvrhnPemf4FUQ8ebf4MV/Y/EgeBK8rSiZmcpW96A226zbzwem32eePPPL84RcnkyZAI6t2eTXXypxIc5GxExEnI/I25XyyK0U8WxEPB8RJ+47KmX/nx2nIuJcRFwYFy9qVsqXln+7e++r5268+vk3d6uNn77+cnqrBqbtxYjobxbt3X6RWafIW2V/c6ebZ39pp8zihf7t8jwrcjddzyvsNvfHNfNc7BTjs83t4Tg3es3WODvdjbx/c1C84XCns18nv+BWcys/b6freXaHWZ6dO8W89sq8MxwVddplvU/y8jEa7WfRn+6lxXo2b+fZGozK/qJu1k73xrlTZvl20cp67Xwe6//5Y37kvdMdbO8lO+nWsJsNkqv1xsv1xnKtsZW101G6VGv228tLyVynNx5WG6XN/konyzq9tN7K+tVkrtNq1RqNZO5aut5tDpJGo75Yn69drZatl5K3bn6Q9NrJ3Djf6A62R93eMNnItpLiimqyUF98pZq80EjeW11L1t69fn117f2Prn148/XVG2+Wg/42rWRuYX5hodaYry00qtZ/GJXDXc5x5wsE8K/Z/wPTYP9v/x/2v8d+/bZvHIovEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAsfXjye/ezhuzxfmTZf9TZdczEXElIi5HxKWI+P0BZuLUgZoXI6JSth80/uRf5vB9JfIK42tOl8e5iFgpj3tPP+xPAQAAAB5f3/7w6WcRM+Nm/ue1aU+Io1T+aHNmUvXyn3yemFS1i3mxvQlVu7RfciIuR8TJ2Z8nVO1KRJw4//GEqv0jMwfizH1RKeLEUc4GAAA4Ggd3AhPbvQEAAPDI+WLaE2A68vu15f/il/eCTxdR3hA8e+AMAAAA+B+qTHsCAAAAwEOX7/89/w8AAAAeb8Xz/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD/YuZfcNGI4DsB/oFPoS0UVj6uwqrpkwSF6hC57gPY22XGGSIhzkF2OEEHEjIMyhN2YAZHvkwbbI/jJRmJhmzEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACc00OxnN+t//1vmrPdNZNnNAAAAMApm2I5LyvDqv0l3f+Wbv2IiGlETCJiHBGn5u69+FjLHEVEJ9VPvb846sN9RJmw/0w/XZ8j4le6nr6f+1sAAACA27VezRYRvX21fPl5qPEOpEWbQa68csnnQ660URn2N1Pa+CUyi0lEFMPHTGnTiOh+/Z1arfz+erVi8KroVEW3jV4AAADtqs8Ess3eAAAAuDp/Lt0BLqPcr03/xU97wf2qSBuCn2otAAAA4HodP21/0Gm3HwAAAMAFlPP/N+f/pVUB5/8BAADAbajO/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCcNsVyvl7NFk1ztrtm8owGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAntmfdxQIgTAIg73r+06D9z+WNGhqalIFwsffGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALz53V/+T0yNM8nca2PpeSRZOzW2To29c+PoD+Pr1wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzP3QmEQBCEwb7zP6fF/MOSBo1BhCpY+JhhHhYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+KLf/fJ/YmqcSeZOG0vHI8naVWPrqrH3oHH0YLz9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4GIHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirswIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgr7c2+bMBDGcfi1kyhxm4yQ3uJjBhoqBCPwISFZ8gwMwEI0VLQWi8AKIOCgpTMFz9P8fzpdcQcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7+n09MZHRGSfj8wjH67+DpeDr8jXTTP4vma2Oe7rn1tOtrtRyt8Y/xcRUUTWwm8AANpX3jfFYlnNO2m7aXtp+2nLaV3NXvloAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzuzcsWpTURgA4JOkiVYnRyuI4KCLjU2sRsjiUOguCLqFNpZiqpJmaEuXPoHo5Oor2E1fwRcQHLTg4NBBwUUQJclNeoJBUoR7Q/0++O/9c4dzz8kQ+O9/bgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgWA73wtlBngshzM0c5V3vv+6ujDu/ffZhbhBf7ry5GI/ZHaIYQni43mpeT3Et025ze+dRo9VqtiUSiWSYZP3LBADASVNMolvXfyruL3ev5eoh/Ho1Wv9fifLwl/r/88vzFwbxc+tdJ75XXP8vpLbC6VfubDwtb27vXFvfaKw115qPq9XK4s3FG7dvVcq9ZyVlT0wAAAD4N6Uk4vo/X/+z/38mysOE9f+9pQf343sV1P9jHTX9sp4JAADA/+3cpe/fcmOu50qlsNXodNoL/ePwc6V/zGCqx3Yqibj+L9SznhUAAACQhsO93Ej/fzXKw4T9//nXuwfxmIUQwmzS/59fedJaTW85Uy2N14mzXiMAAADZmk0i7v8Xe/v/88MtD/kQwtXL/Tz5G8CJ6v+PL+6OvLQe7/+vprfEqZSv9b+P3rkWwkwt6xkBAABwkp1OolvsHxT3l9s/ni+V7P8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDf7NgxSgNBFAbgzW5WKzFgpVZeQLSzClgIYuMhREHwBCKIBxBbS+9g6R1SK9hYWKbwBvJmd1TSBCx2lXwfTN4jDJmXSZN/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgrun+d1/Fy6jpy/a954+rk6gvMzW8369vxop+0OXQ/9Bgr+8JAAAAWARVzvdFUbzVj4dRy3HK/3XeE5n/YaXpc56fzf25Pt29buT8f328dfl10Kg5Jz707PzidKezb/j3rc7dMUw3n569VOkHKY9u1qZ1us/B7WRysJTa5S6mBQB+YzvXtsn/h6Lu9jkYAAtj2K7iR/6vxv3OBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANCFzwAAAP//OCtiEg==")

59.606466935s ago: executing program 3 (id=1073):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYRES32=r3, @ANYBLOB="0000000000000000b702000000040000850000008600000095000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r5}, &(0x7f0000000380), &(0x7f00000003c0)=r6}, 0x20)
r7 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r8 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r8, 0x0)
write$selinux_load(r7, &(0x7f0000000000)=ANY=[], 0xfdb7)
socket$nl_route(0x10, 0x3, 0x0)
r9 = socket(0x10, 0x803, 0x0)
r10 = socket(0x10, 0x803, 0x0)
getsockname$packet(r9, &(0x7f0000000740)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="48000000100001040000000001000000000000", @ANYBLOB="0000000000000000280012800b000100697036746e6c000018000280"], 0x48}}, 0x0)
sendmsg$nl_route(r10, 0x0, 0xeb64d656001f6f32)

59.445867678s ago: executing program 32 (id=1073):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYRES32=r3, @ANYBLOB="0000000000000000b702000000040000850000008600000095000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r5}, &(0x7f0000000380), &(0x7f00000003c0)=r6}, 0x20)
r7 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r8 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r8, 0x0)
write$selinux_load(r7, &(0x7f0000000000)=ANY=[], 0xfdb7)
socket$nl_route(0x10, 0x3, 0x0)
r9 = socket(0x10, 0x803, 0x0)
r10 = socket(0x10, 0x803, 0x0)
getsockname$packet(r9, &(0x7f0000000740)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="48000000100001040000000001000000000000", @ANYBLOB="0000000000000000280012800b000100697036746e6c000018000280"], 0x48}}, 0x0)
sendmsg$nl_route(r10, 0x0, 0xeb64d656001f6f32)

9.961159515s ago: executing program 5 (id=1259):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0xf, {[@main=@item_012={0x0, 0x0, 0x9}, @main=@item_4={0x3, 0x0, 0xc, "6224d50a"}, @global=@item_012={0x1, 0x1, 0x9, "f5"}, @global=@item_012={0x1, 0x1, 0x1, "84"}, @local=@item_4={0x3, 0x2, 0x8, "672591fe"}]}}, 0x0}, 0x0)

9.553417262s ago: executing program 1 (id=1267):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000180), 0x21, 0x4a6, &(0x7f0000000a40)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
pwritev(0xffffffffffffffff, 0x0, 0x0, 0x3, 0xff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x53, 0x20000000)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0xa2, &(0x7f0000000480)=""/162, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdir(0x0, 0x0)
mount$overlay(0x0, 0x0, &(0x7f0000000000), 0x0, 0x0)
chdir(&(0x7f0000000300)='./bus\x00')
setfsgid(0x0)
openat(0xffffffffffffff9c, 0x0, 0x3002, 0x160)
mkdir(&(0x7f0000000240)='./bus\x00', 0x0) (fail_nth: 1)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})

9.529171722s ago: executing program 4 (id=1268):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000180), 0x21, 0x4a6, &(0x7f0000000a40)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
pwritev(0xffffffffffffffff, 0x0, 0x0, 0x3, 0xff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x53, 0x20000000)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0xa2, &(0x7f0000000480)=""/162, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdir(0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000070000000"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r4}, 0x10)
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000080)='\x00', 0x9901)
mount_setattr(r5, &(0x7f0000000180)='.\x00', 0x0, &(0x7f0000001dc0)={0x0, 0x0, 0x20000}, 0x20)
mount$overlay(0x0, 0x0, &(0x7f0000000000), 0x0, 0x0)
chdir(&(0x7f0000000300)='./bus\x00')
setfsgid(0x0)

8.919915492s ago: executing program 4 (id=1269):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNGETFILTER(r0, 0x801054db, 0x0)

8.910162412s ago: executing program 4 (id=1270):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x9)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
r1 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000180)={@mcast1, 0x800, 0x0, 0xff, 0x1}, 0x20)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000010003", @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00', @ANYBLOB='\x00'/10], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000280)={'tunl0\x00', 0x1000})
recvmmsg(r4, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file0\x00', 0x1000801, &(0x7f0000000080)=ANY=[@ANYRES16=0x0], 0x0, 0x1ca, &(0x7f00000008c0)="$eJzsmb+uEkEUxr+Z3QvcG2NiY2GjiTfxmlyW3UUNjQU+gQn4r5PIStAFDGwBJBbExsbH8BUsqCzs7Gy1UBMTCymt18xw2B35J8QQSTy/hNlvZs7MnDnAVwAYhvlv+frl5+dXt0rVUwBncIwsjX+30hhpxH/Kkfj4+l377PPx/H4CQBxvfr4N4G3ZQkT9OP599TE9q5CJvgOJq6TvQcAh/RASd0kHEHhA+omhO4ckwsB51Anrj5th4KrGU42vmuJ8fpORQB1AjvITxnxvMHxaC8OgOy8O4tk5C1Pbij/Uz56UJW4a9VPv1/2XL0aqP6uNa9TPg4RHugiBCukSsnAcJy2Jcf8Ldrq/tcn990Gcy6+LOd2DDFn8AyGMkUMl1Bc6GTk/Gb9fXPVtl4ld2u2VQZ69MPXh6O92zpAJLI1J/VNZ7hXDn2zYiX8UotazQm8wzDdbtUbQCNq+X7zhXnPd635BG9G0XeN/Oe1PR8b+BytiMyKDfi2Kul4fiLpe0venreG4lTedH3qN1P4ncXJ5uof6qOhrZ5efIegl9VOpE2tl8gzDMAzDMAzDMAzDMAzDMFtxEUL/Ckp/VMUr8G/r6F8BAAD///ckZMc=")
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x42}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]})
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000c40)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)

8.453007359s ago: executing program 1 (id=1273):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_GET(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000400)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002c9d7000fcdbdf250b0000000c0005800800780065746800"], 0x20}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed0040, &(0x7f0000000580)={[{@noblock_validity}, {@resgid={'resgid', 0x3d, 0xee00}}, {@block_validity}, {@noload}, {@nobarrier}, {@nodiscard}]}, 0xfe, 0x472, &(0x7f0000000940)="$eJzs3MtvG8UfAPDvOk6a9PFLfyU8GloIFETEI2nSBz1wAYHEAQQSHIo4BSetQt0GNUGiVQSBQxDigCpxRxyR+As4wQUBJySucEeVEMqlhZPR2rtp4tohDydO8ecjbTuzu+7Md2fHnp2xG0DHGkr/SCL2R8SvEdEfEcX6E4Zqf91cmi/9tTRfSqJSee3PJH1Z3FiaL2X/RHVL7avtqFSy/J4G5S6+GTFRLk9dzvKjcxffGZ29cvWp6YsT56fOT10aP3Pm5ImjPafHT7UkzjSuG4Pvzxw5/OIb114unb321o9fp/Xdnx3P42ilodrVbejRVhfWZgdWpJNiGyvChhzI+nt3tf/3R1f0LR/rjxc+amvlgG1VqVQqjT6fMwsV4D8siXbXAGiP/IM+ff7Ntx0aeuwKfzxbewBK476ZbbUjxShk53TXPd+2Um9EnF34+4t0i22ahwAAWOnbdPzzZKPxXyHuWXHe/7I1lIMR8f+IOBQRd0XEQETcHVE9996IuG+D5devkNw+/ilc31Rg65SO/57J1rZWj//y0V8c7MpyB6rxdyfnpstTx7NrMhzde9L82KqXrPbd8798Vr/v02yafWjF+C/d0vLzsWBWj+vFugm6yYm5iZYEn8b/YcRgsVH8yfI6YBIRhyNicJNlTD/+1ZFmx/49/jW0YJ2p8mXEY7X2X4i6+HNJ0/XJsadPj58a7Y3y1PHR/K643U8/L77arPwtxd8CafvvbXj/1+JPnxGT3ojZK1cvVNdrZzdexuJvH5eSJscGNnn/9ySvV9M92b73JubmLo9F9CQvpdm+VfvHb702z+fnp/EPH2vc/w/VHs+qV+L+iEhv4qMR8UBEPJi13UMR8XBEHFsj/h+ee+TtZseat/8as/ItlMY/uUb7p295aepW+2880XXh+2+alV9ZV/ufrKaGsz3ref9bbwW3cu0AAADgTlGofgc+KYwspwuFkZHad/gHYm+hPDM798S5mXcvTda+K38wugv5TFf/ivnQsWxuOM+P1+VPZPPGn3f1VfMjpZnyZLuDhw63r0n/T/3e1e7aAdvO77Wgc+n/0Ln0f+hc+j90Lv0fOlRP490f7HQ9gLbY+Od/77bUA9h5xv/QufR/6Fz6P3Skpr+NL2zpJ/93aqK4O6rRMNG3O6qRJ6KwK6rRusQrn9S6xG6pT54orvs/s9hkYk/DQ+1+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGiNfwIAAP//RwfmeQ==")
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYRESOCT=r0], 0x24}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
madvise(&(0x7f0000833000/0x3000)=nil, 0x3000, 0xa)
syz_clone(0x801000, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_plug\x00', r7}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.time_recursive\x00', 0x275a, 0x0)
r8 = getuid()
r9 = getgid()
syz_mount_image$fuse(&(0x7f0000002040), &(0x7f0000002080)='./file0\x00', 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB="2c726f6f74ac7cc46d6f64653d30303030303030303030303030303030303034303030302c757365725f69643d", @ANYRESDEC=r8, @ANYBLOB=',group_id=', @ANYRESDEC=r9, @ANYBLOB=',\x00'], 0x0, 0x0, &(0x7f0000002140))
socket(0x840000000002, 0x3, 0xff)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x210020, &(0x7f00000002c0)=ANY=[@ANYBLOB='gid=', @ANYRESHEX])

7.483912644s ago: executing program 2 (id=1274):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000180), 0x21, 0x4a6, &(0x7f0000000a40)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
pwritev(0xffffffffffffffff, 0x0, 0x0, 0x3, 0xff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x53, 0x20000000)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0xa2, &(0x7f0000000480)=""/162, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
mkdir(0x0, 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0) (fail_nth: 1)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x0, 0x0)
chdir(&(0x7f0000000300)='./bus\x00')
openat(0xffffffffffffff9c, 0x0, 0x3002, 0x160)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, &(0x7f0000000100)})

7.483603414s ago: executing program 5 (id=1275):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000180), 0x21, 0x4a6, &(0x7f0000000a40)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
pwritev(0xffffffffffffffff, 0x0, 0x0, 0x3, 0xff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x53, 0x20000000)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0xa2, &(0x7f0000000480)=""/162, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
mkdir(0x0, 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x0, 0x0)
chdir(&(0x7f0000000300)='./bus\x00')
openat(0xffffffffffffff9c, 0x0, 0x3002, 0x160)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, &(0x7f0000000100)})

7.413165805s ago: executing program 4 (id=1276):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1, 0x40, 0x6, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x9, 0x0, r1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e8500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r0}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r3}, 0x10)
close(0x3)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x8002, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x2c)
getgroups(0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000001c0)={'tunl0\x00', &(0x7f0000000300)={'tunl0\x00', 0x0, 0x700, 0x80, 0x8, 0x1, {{0x5, 0x4, 0x0, 0x20, 0x14, 0x68, 0x0, 0x6, 0x2f, 0x0, @empty, @multicast1}}}})
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r7, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})

6.727210895s ago: executing program 0 (id=1278):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000540)=ANY=[@ANYRES32, @ANYRES32=0x0, @ANYRES16=0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x10)
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x1b, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xa, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x7ed8, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000580)={0xd0, 0x0, 0x100, 0x70bd28, 0x25dfdbfe, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x1}, {0x6, 0x16, 0x2}, {0x5, 0x12, 0x1}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0xc}, {0x6, 0x16, 0x5}, {0x5}}, {{@pci={{0x8}, {0x11}}, {0x8}}, {0x8}, {0x6, 0x16, 0xf3a4}, {0x5, 0x12, 0x1}}]}, 0xd0}, 0x1, 0x0, 0x0, 0x8800}, 0x80)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=ANY=[@ANYBLOB="740000001000210400000000fcdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="adffa8886004000024001280090001007866726d000000001400028008000100010000000800020011000000050021000000000008000a00", @ANYRES32, @ANYBLOB='\n\x00:'], 0x74}}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000240)={0x0, 0x2a, &(0x7f00000000c0)={0x0}, 0x9, 0x0, 0x0, 0x200400c4}, 0x14008850)
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x2)

6.628669297s ago: executing program 1 (id=1279):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f0000000240)='./file0\x00', 0x18000, &(0x7f0000002f40)=ANY=[@ANYRES8=0x0, @ANYRES64, @ANYRES16=0x0, @ANYRESDEC, @ANYRES32, @ANYRES32], 0x1, 0x2ee, &(0x7f00000006c0)="$eJzs3M9PE1sUwPHTH5S2BMri5b28l7xwoxvdTKC6VhoDibGJBKnxR2IywFSbji2ZaTA1RnTl1vhHuCAs2ZEo/wAbd7px446NiQtZGMd0OkNpGUBKaRG+n4TMYe49nXtnBnLuhGHzzuvHxbyt5fWKhONKQiIiWyLDEhZfyNuG3TgmO72QiwPfPv5/6+69G5lsdmJaqcnMzKW0Umpo5N2TZwmv21q/bAw/2Pya/rLx98a/mz9nHhVsVbBVqVxRupotf67os6ah5gt2UVNqyjR021CFkm1Y9fZyvT1vlhcWqkovzQ8mFyzDtpVeqqqiUVWVsqpYVRV5qBdKStM0NZgUHCS3PD2tZ9pMnuvwYHBMLCujR0Qksaslt9yTAQEAgJ5qrf/DojpZ/6+cW68M3F4d8ur/tVhQ/X/5U/2zmur/uIgE1v/+8QPrf/1w9f/uiuhsOVL9j5NhJLZrV6gR1hqtjJ70fn5dL++vjLoB9T8AAAAAAAAAAAAAAAAAAAAAAH+CLcdJOY6T8rf+V7+IxEXE/z4gNSIiV3swZHTQEa4/ToHGi3vRIRHz1WJuMVffeh3WRcQUQ0YlJT/c+8FTi/03j1TNsLw3l7z8pcVcxG3J5KXg5o9Jqk9a8x1n8np2YkzVNef3SXJnflpS8ldwfjowPyYXzu/I1yQlH+akLKbMu+No5D8fU+razWxLfsLtBwAAAADAaaCpbYHrd03bq72ev72+bn0+EGmsr0cD1+dR+S/a27kDAAAAAHBW2NWnRd00DWufICEH92k/iB7TJ/sz/N0s/28Zjm+m+wT+wZua4t7Ojp+W0CFOyx5BWNrJGqnNRh11Fv5jo736yNR4965g0zD+efP2e+cOcWU1fsBM2w8i+98AfV37BQQAAACgaxpFv79nvLcDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAADgDOrGv0nr9RwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAk+JXAAAA//+qDgR1")
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000040), 0x208e24b)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
fdatasync(r2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mlock2(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0)
mlock2(&(0x7f0000003000/0x4000)=nil, 0x4000, 0x0)

6.209834344s ago: executing program 0 (id=1280):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNGETFILTER(r0, 0x801054db, 0x0)

6.209454184s ago: executing program 2 (id=1281):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000004000000040000002200000000000000", @ANYRES32, @ANYBLOB="0000000000000000623a1989ac65ec8200000000", @ANYRES32=0x0, @ANYBLOB='\x00'/27], 0x48)
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000040)=0x8, 0x4)
bind$inet(r1, &(0x7f0000000280)={0x2, 0x0, @empty}, 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r0, &(0x7f00000001c0), &(0x7f00000004c0)=@udp=r1}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000380)={r0, &(0x7f0000000300)}, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000a850000000f000000850000009e00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000000c0)='sched_switch\x00', r5}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1000000004000000080000000800000000000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYRES32=r5], 0x48)
fcntl$getownex(r4, 0x10, &(0x7f0000000080))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000007c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x80, &(0x7f0000000240), 0x1, 0x50d, &(0x7f0000000980)="$eJzs3WFrI2kdAPD/TJJed7dncypynnh3eCfdQzdpr95dEbk7QfTVgXq+79U2LaVpU5p03ZZFu/gBBBEVfOUr3wh+AEH2I4iwoO9FRRHd1Ze6I0mmum2TNrttmrX9/WCa58kzM///MzSTmczDTACX1ssR8W5EFCLitYiYzN9P82m+Xdnrzvfg/u3F9pRElr3/tySS/L39dbXrxYi41l0kxiPi61+J+GZyNG5zZ3dtoV6vbeX1amt9s9rc2b2xur6wUlupbczOzrw599bcG3PTWe5U/SxHxNtf+tMPv/ezL7/9q89+6/fzf7n+7XZaX/hY8ok8vcVTBeiju+5SZ1vsa2+jrWEEG4FC3p9SYdSZAAAwiPYx/ocj4lOd4//JKHSO5gAAAICLJHtnIv6VRGQAAADAhZVGxEQkaSUfCzARaVqpdMfwfjSupvVGs/WZ5cb2xlK7LaIcpXR5tV6bzscKl6OUtOsz+Rjb/frrh+qzEfFcRPxg8kqnXlls1JdG/eMHAAAAXBLXXjp4/v/PybRTBgAAAC6Yct8KAAAAcFE45QcAAICL786oEwAAAACG6avvvdeesv3neC/d3Nlea9y8sVRrrlXWtxcri42tzcpKo7HSuWff+knrqzcam5+Lje1b1Vat2ao2d3bn1xvbG6351QOPwAYAAADO0XMv3f1dEhF7n7/SmSK/DyDAAX8cdQLAWSqMOgFgZIrtPx+MOgtgFEonzlE8lzyA0UlOaO87eOfXZ58LAAAwHFMfP3r9fyxvO/m3AeD/mbE+AHD5uLoHl1cpCk7z4ZL7UPflmX7tj3/9//CRRZY9UWIAAMCZmehMSVrJrwVORJpWKhHPdh4LWEqWV+u16fz84LeTpWfa9ZnOksmJY4YBAAAAAAAAAAAAAAAAAAAAAAAAgK4sSyIDAAAALrSI9M9J527+EVOTr04c/HXg0FO/fvL+j24ttFpbMxFjyd8n22+NRUTrx/n7r2ceCQAAAABPge55ev46M+psAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALhoHty/vbg/HWgYH27cv34xIsq94hfz0ONRioir/0ii+MhySUQUziD+3p2IeL5X/CQeZllWzrPoFf/KkOOXO5umd/w0Iq6dQXy4zO629z/v9vr8pfFy57X356+YT6fVf/+X/nf/V+iz/3l2wBgv3PtFtW/8OxEvFHvvf/bjJ934SRyK/8qA8T/4xu5uv7bspxFTPb9/kgOxqq31zWpzZ/fG6vrCSm2ltjE7O/Pm3Ftzb8xNV5dX67X8b88Y3//kLx8e1/+rfeKXD/b/yPZ/dcD+//verfsf6RZLveJff6X39+/zfeKn+Xffp/Nyu31qv7zXLT/qxZ//5sXj+r/Up//jJ/T/+oD9f+1r3/3DgLMCAOegubO7tlCv17aOKYwPMM85F955OtIYUuEp3ODDLmTf6f4/nm49p1z8SCE7zeLFOIM0xh7jc3q2hVHulQAAgGH430F/u5Ylo84HAAAAAAAAAAAAAAAAAAAALqMnvEPYeEQMPPPhmHuj6SoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwLH+EwAA//+uy9et")

6.204271234s ago: executing program 5 (id=1282):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000180), 0x21, 0x4a6, &(0x7f0000000a40)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
r0 = openat$binfmt_format(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/fs/binfmt_misc/syz0\x00', 0x2, 0x0)
pwritev(r0, 0x0, 0x0, 0x1, 0xff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x53, 0x20000000)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0xa2, &(0x7f0000000480)=""/162, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
mkdir(0x0, 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x0, 0x0)
chdir(&(0x7f0000000300)='./bus\x00')
openat(0xffffffffffffff9c, 0x0, 0x3002, 0x160)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, &(0x7f0000000100)})

6.085292446s ago: executing program 0 (id=1283):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x1e00, 0x0, '\x00', 0x0, @fallback=0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x4020aeb2, &(0x7f0000000300)={0x0, 0x45, @pic={0xe2, 0xc, 0xf0, 0x5, 0x8, 0xc0, 0xd, 0x8, 0x4, 0x3, 0x9, 0x47, 0xf, 0x7f, 0x6, 0x6}})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0x3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r3}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast})

4.828143785s ago: executing program 0 (id=1284):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x9)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
socket$inet6(0xa, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00', @ANYBLOB='\x00'/10], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000280)={'tunl0\x00', 0x1000})
recvmmsg(r4, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file0\x00', 0x1000801, &(0x7f0000000080)=ANY=[@ANYRES16=0x0], 0x0, 0x1ca, &(0x7f00000008c0)="$eJzsmb+uEkEUxr+Z3QvcG2NiY2GjiTfxmlyW3UUNjQU+gQn4r5PIStAFDGwBJBbExsbH8BUsqCzs7Gy1UBMTCymt18xw2B35J8QQSTy/hNlvZs7MnDnAVwAYhvlv+frl5+dXt0rVUwBncIwsjX+30hhpxH/Kkfj4+l377PPx/H4CQBxvfr4N4G3ZQkT9OP599TE9q5CJvgOJq6TvQcAh/RASd0kHEHhA+omhO4ckwsB51Anrj5th4KrGU42vmuJ8fpORQB1AjvITxnxvMHxaC8OgOy8O4tk5C1Pbij/Uz56UJW4a9VPv1/2XL0aqP6uNa9TPg4RHugiBCukSsnAcJy2Jcf8Ldrq/tcn990Gcy6+LOd2DDFn8AyGMkUMl1Bc6GTk/Gb9fXPVtl4ld2u2VQZ69MPXh6O92zpAJLI1J/VNZ7hXDn2zYiX8UotazQm8wzDdbtUbQCNq+X7zhXnPd635BG9G0XeN/Oe1PR8b+BytiMyKDfi2Kul4fiLpe0venreG4lTedH3qN1P4ncXJ5uof6qOhrZ5efIegl9VOpE2tl8gzDMAzDMAzDMAzDMAzDMFtxEUL/Ckp/VMUr8G/r6F8BAAD///ckZMc=")
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x42}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]})
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000c40)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)

4.826404165s ago: executing program 2 (id=1285):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff3e10, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xee8f010b3d1e850f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file0/../file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x13}, 0x18)

4.807545476s ago: executing program 1 (id=1286):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r2, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
bind$inet6(r2, &(0x7f0000000080)={0xa, 0x4e1f, 0xfffffffe, @dev={0xfe, 0x80, '\x00', 0x2e}}, 0x1c)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
ptrace$ARCH_MAP_VDSO_32(0x1e, r1, 0x1, 0x2002)
r3 = add_key$fscrypt_v1(&(0x7f0000000400), 0x0, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300", 0x8002b}, 0x48, 0xffffffffffffffff)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x7, 0x4, 0x208, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000280)={0x0, r0}, 0x8)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x8, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES16=r5, @ANYRES32=r3], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x18)
syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x88, &(0x7f0000000c80)={[{@nogrpid}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@nombcache}, {@noinit_itable}, {@quota}]}, 0x3, 0x438, &(0x7f0000000580)="$eJzs289rHFUcAPDv7GZT01+Jpf5oWjVaxeCPpElr7cGLouBBQdBDPcYkLbHbRpoItgSNIvUoBe/iUfAv8KQXUU8Fr3oXoUgurZ5WZncm2d1sfnaTrd3PByb5vpm3vPfNzNt9My8bQNcaSn8kEfsj4veI6K8VGysM1X7dXlqY/GdpYTKJSuXtv5NqvVtLC5N51fx1+/JCT0Th8ySOtmh37srVCxPl8vTlrDw6f/GD0bkrV5+fuThxfvr89KXxM2dOnRx78fT4C23JM83r1uDHs8eOvP7u9Tcnz15/75fvkjz/pjzaZGi9g09VKm1urrMO1MVJTwc7wpYUa8M0StXx3x/FWDl5/fHaZx3tHLCjKpVK5cG1Dy9WgHtYEp3uAdAZ+Qd9ev+bb7s09bgr3Hy5dgOU5n0722pHeqKQ1Sk13d+201BEnF389+t0i515DgEA0OCHdP7zXKv5XyHqnwsdzNZQBiLi/og4FBGnI+JwRDwQUa37UEQ8vMX2mxdJVs9/Dm4rr81K538vZWtbjfO/fPYXA8WsdKCafyk5N1OePpH1bDhKe9Ly2Dpt/Pjqb1+2PJA1kc//0i1tP58LZpX+6tnT+LKpifmJO8m53s1PIwZ7WuWfLK8EJBFxJCIGt9nGzDPfHlvr2NCG+a+jDetMlW8inq6d/8Voyj+XrL8+OXpflKdPjOZXxWq/3rj21lrt31H+bZCe/70tr//l/AeS+vXaua23ce2PL9a8p9k4/9bXf2/yTsO+jybm5y+PRfQmb9Q6Xb9/vKne+Er9NP/h463H/6FY+UscjYj0In4kIh6NiMeyvj8eEU9ExPHVqd3ozYKfX3ny/WpQ2k7+OyvNf2pL538l6I3mPa2D4oWfvm9odGAr+afn/1Q1Gs72bOb9bzP92t7VDAAAAP8/hYjYH0lhZDkuFEZGav/Dfzj2Fsqzc/PPnpv98NJU7TsCA1Eq5E+6+uueh45lt/V5ebypfDJ7bvxVsa9aHpmcLU91OnnocvvWGP+pP4ud7h2w43xfC7qX8Q/dy/iH7mX8Q/dqMf77OtEPYPe1+vz/pAP9AHZf0/i37AddxP0/dC/jH7qX8Q9daa4vNv6SvECwKojCXdENwQ4FnX5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaI//AgAA//9Lr+a0")
ioctl$sock_SIOCBRDELBR(r4, 0x89a1, &(0x7f0000000140)='gre0\x00')
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x17c)
pwritev2(r7, &(0x7f00000001c0)=[{&(0x7f0000000000)="ac2090f8f8dbe0f6", 0x8}], 0x1, 0xe7b, 0x0, 0x0)

3.921010409s ago: executing program 5 (id=1287):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
execve(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r2, 0x0, 0x2}, 0x18)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r3, 0xc004743e, 0x110c230000)
socket(0x10, 0x3, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)={0x3c, r8, 0x431, 0x70bd28, 0xffffffff, {}, [@ETHTOOL_A_PAUSE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_PAUSE_RX={0x5}, @ETHTOOL_A_PAUSE_AUTONEG={0x5, 0x2, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff00", @ANYBLOB, @ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000570000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)

2.5659975s ago: executing program 2 (id=1288):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x1e00, 0x0, '\x00', 0x0, @fallback=0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x4020aeb2, &(0x7f0000000300)={0x0, 0x45, @pic={0xe2, 0xc, 0xf0, 0x5, 0x8, 0xc0, 0xd, 0x8, 0x4, 0x3, 0x9, 0x47, 0xf, 0x7f, 0x6, 0x6}})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0x3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r3}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast}) (fail_nth: 1)

2.102398058s ago: executing program 1 (id=1289):
r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8002, &(0x7f00000000c0), 0x1, 0x4b4, &(0x7f0000000c80)="$eJzs3E9sFNUfAPDvbHdpgR8/KiIKoi6isdHYQkHh4AWjiQdMjHjQY9MWghRqaE2EECmJwaMh8W48evXgVb0ZTyZe8WhiSIjhAnhaM7sz7e52t//Y7oL7+SRL35t9s+99982bfTNvlwD6Vjn9J4n4X0TcjIidtWxjgXLtz707Vybv37kyGQuVyqm/k2q5u2k+k++3PcuMFCIKXyRNL1gzd+nyuYmZmemLWX5s/vwnY3OXLr969vzEmekz0xfGjx8/euTwsdfHX1t/UC3qS+O6u+/z2f173/noxruTxXz7UPa3Po5OKUe5VVOqXux0ZT22oy6dFHvYENZlICLS7ipVx//OGAidB/2iUqlUBts/vVBpdm3ZFuCRlUSvWwD0Rv5Bn17/5o8uTT0eCrdP1C6A0rjvZY/aM8UoZGVKTde3nTQUER8u/PNN+ohNug8BAFDvpxP5TLB5/leIPXXl/p+toQxHxGMRsSsiHo+I3RHxRES17JMR8VTT65cjorJC/eWm/PL5T+HWAwW4inT+90a2ttU4/8tnfzE8kOV2ROQT5ulD2XsyEqXB02dnpg+vUMfPb/3+VbvnynXzv/SR1p/PBbN23Co23aCbmpif2HDATW5fi9hXbI4/KUYkiysBSUTsjYh963jd4br02Ze/27+YKTWWWz3+qkrLdbQOLFVUvo14qdb/C9HQ/0s1JiuvT44Nxcz0obH0KDjUso5ff7v+Xrv6V43/hz+bd3n72I+nHjTsRWn/b6s7/iNfv12KfziJSBbXa+fWX8f1P75se02ztuP/asM+6fG/Jfmgmt6SbftsYn7+4uGILcnJ5dvHl/bN83n5NP6Rg63H/65sn/SdeDoi0oP4mYh4NiKey9p+ICKej4iDK8T/y5svfLzx+DdXGv9Uy/NfQ/8vrdfPncwTl9aaGDh34Ob9NiePtfX/0WpqJNvS+vyXNJwi1trADryFAAAA8NArRPW7/4XRxXShMDpauwe0O7YVZmbn5l85PfvphanabwSGo1TI73TV7geXkvz+53BdfrwpfyS7b/z1wNZqfnRydmaq18FDn9teHfPJsvGf+mug160DNp2f/ED/Wm3877nRpYYAXefzH/pX3fhfaFNkwTdl4L+p9ed/qevtALqv1fi/uoF9gEdLxViGvmb8Q/8qxvuL6UJPWwJ0m89/6Etr/xX/RhKVwdZPDcXywjG0Oc3Y2qKuniTSmVVPat+6kb3y/02hbZkorPY6xYZjbDCWlxmInvTFmT0dP/gr2XflO93U71cep/l0fRPeqO6ehwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADbLvwEAAP//cdfX0w==")
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0x1, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
clock_nanosleep(0x0, 0x1, &(0x7f0000000100)={0x0, 0x3938700}, &(0x7f0000000140))
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r1 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000040)=0x13)
ioctl$TCXONC(r1, 0x540a, 0x3)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
syz_clone(0x44004100, 0x0, 0xfffffffffffffe65, 0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e00000000000000010000000700000000000000", @ANYRES32=0x1, @ANYBLOB="000000000000000000000002001afbff00000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="4000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE(0x700000000000000, &(0x7f0000000180)=@base={0x1d, 0x4, 0x2, 0x0, 0x201, 0xffffffffffffffff, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x5, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
r7 = dup(r6)
write$FUSE_BMAP(r7, &(0x7f0000000100)={0x18}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r7}})

1.652154284s ago: executing program 0 (id=1290):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000004000000040000002200000000000000", @ANYRES32, @ANYBLOB="0000000000000000623a1989ac65ec8200000000", @ANYRES32=0x0, @ANYBLOB='\x00'/27], 0x48)
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000040)=0x8, 0x4)
bind$inet(r1, &(0x7f0000000280)={0x2, 0x0, @empty}, 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r0, &(0x7f00000001c0), &(0x7f00000004c0)=@udp=r1}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000380)={r0, &(0x7f0000000300)}, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000a850000000f000000850000009e00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000000c0)='sched_switch\x00', r5}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1000000004000000080000000800000000000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYRES32=r5], 0x48)
fcntl$getownex(r4, 0x10, &(0x7f0000000080))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000007c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x80, &(0x7f0000000240), 0x1, 0x50d, &(0x7f0000000980)="$eJzs3WFrI2kdAPD/TJJed7dncypynnh3eCfdQzdpr95dEbk7QfTVgXq+79U2LaVpU5p03ZZFu/gBBBEVfOUr3wh+AEH2I4iwoO9FRRHd1Ze6I0mmum2TNrttmrX9/WCa58kzM///MzSTmczDTACX1ssR8W5EFCLitYiYzN9P82m+Xdnrzvfg/u3F9pRElr3/tySS/L39dbXrxYi41l0kxiPi61+J+GZyNG5zZ3dtoV6vbeX1amt9s9rc2b2xur6wUlupbczOzrw599bcG3PTWe5U/SxHxNtf+tMPv/ezL7/9q89+6/fzf7n+7XZaX/hY8ok8vcVTBeiju+5SZ1vsa2+jrWEEG4FC3p9SYdSZAAAwiPYx/ocj4lOd4//JKHSO5gAAAICLJHtnIv6VRGQAAADAhZVGxEQkaSUfCzARaVqpdMfwfjSupvVGs/WZ5cb2xlK7LaIcpXR5tV6bzscKl6OUtOsz+Rjb/frrh+qzEfFcRPxg8kqnXlls1JdG/eMHAAAAXBLXXjp4/v/PybRTBgAAAC6Yct8KAAAAcFE45QcAAICL786oEwAAAACG6avvvdeesv3neC/d3Nlea9y8sVRrrlXWtxcri42tzcpKo7HSuWff+knrqzcam5+Lje1b1Vat2ao2d3bn1xvbG6351QOPwAYAAADO0XMv3f1dEhF7n7/SmSK/DyDAAX8cdQLAWSqMOgFgZIrtPx+MOgtgFEonzlE8lzyA0UlOaO87eOfXZ58LAAAwHFMfP3r9fyxvO/m3AeD/mbE+AHD5uLoHl1cpCk7z4ZL7UPflmX7tj3/9//CRRZY9UWIAAMCZmehMSVrJrwVORJpWKhHPdh4LWEqWV+u16fz84LeTpWfa9ZnOksmJY4YBAAAAAAAAAAAAAAAAAAAAAAAAgK4sSyIDAAAALrSI9M9J527+EVOTr04c/HXg0FO/fvL+j24ttFpbMxFjyd8n22+NRUTrx/n7r2ceCQAAAABPge55ev46M+psAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALhoHty/vbg/HWgYH27cv34xIsq94hfz0ONRioir/0ii+MhySUQUziD+3p2IeL5X/CQeZllWzrPoFf/KkOOXO5umd/w0Iq6dQXy4zO629z/v9vr8pfFy57X356+YT6fVf/+X/nf/V+iz/3l2wBgv3PtFtW/8OxEvFHvvf/bjJ934SRyK/8qA8T/4xu5uv7bspxFTPb9/kgOxqq31zWpzZ/fG6vrCSm2ltjE7O/Pm3Ftzb8xNV5dX67X8b88Y3//kLx8e1/+rfeKXD/b/yPZ/dcD+//verfsf6RZLveJff6X39+/zfeKn+Xffp/Nyu31qv7zXLT/qxZ//5sXj+r/Up//jJ/T/+oD9f+1r3/3DgLMCAOegubO7tlCv17aOKYwPMM85F955OtIYUuEp3ODDLmTf6f4/nm49p1z8SCE7zeLFOIM0xh7jc3q2hVHulQAAgGH430F/u5Ylo84HAAAAAAAAAAAAAAAAAAAALqMnvEPYeEQMPPPhmHuj6SoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwLH+EwAA//+uy9et")

1.616853455s ago: executing program 4 (id=1291):
r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8002, &(0x7f00000000c0), 0x1, 0x4b4, &(0x7f0000000c80)="$eJzs3E9sFNUfAPDvbHdpgR8/KiIKoi6isdHYQkHh4AWjiQdMjHjQY9MWghRqaE2EECmJwaMh8W48evXgVb0ZTyZe8WhiSIjhAnhaM7sz7e52t//Y7oL7+SRL35t9s+99982bfTNvlwD6Vjn9J4n4X0TcjIidtWxjgXLtz707Vybv37kyGQuVyqm/k2q5u2k+k++3PcuMFCIKXyRNL1gzd+nyuYmZmemLWX5s/vwnY3OXLr969vzEmekz0xfGjx8/euTwsdfHX1t/UC3qS+O6u+/z2f173/noxruTxXz7UPa3Po5OKUe5VVOqXux0ZT22oy6dFHvYENZlICLS7ipVx//OGAidB/2iUqlUBts/vVBpdm3ZFuCRlUSvWwD0Rv5Bn17/5o8uTT0eCrdP1C6A0rjvZY/aM8UoZGVKTde3nTQUER8u/PNN+ohNug8BAFDvpxP5TLB5/leIPXXl/p+toQxHxGMRsSsiHo+I3RHxRES17JMR8VTT65cjorJC/eWm/PL5T+HWAwW4inT+90a2ttU4/8tnfzE8kOV2ROQT5ulD2XsyEqXB02dnpg+vUMfPb/3+VbvnynXzv/SR1p/PBbN23Co23aCbmpif2HDATW5fi9hXbI4/KUYkiysBSUTsjYh963jd4br02Ze/27+YKTWWWz3+qkrLdbQOLFVUvo14qdb/C9HQ/0s1JiuvT44Nxcz0obH0KDjUso5ff7v+Xrv6V43/hz+bd3n72I+nHjTsRWn/b6s7/iNfv12KfziJSBbXa+fWX8f1P75se02ztuP/asM+6fG/Jfmgmt6SbftsYn7+4uGILcnJ5dvHl/bN83n5NP6Rg63H/65sn/SdeDoi0oP4mYh4NiKey9p+ICKej4iDK8T/y5svfLzx+DdXGv9Uy/NfQ/8vrdfPncwTl9aaGDh34Ob9NiePtfX/0WpqJNvS+vyXNJwi1trADryFAAAA8NArRPW7/4XRxXShMDpauwe0O7YVZmbn5l85PfvphanabwSGo1TI73TV7geXkvz+53BdfrwpfyS7b/z1wNZqfnRydmaq18FDn9teHfPJsvGf+mug160DNp2f/ED/Wm3877nRpYYAXefzH/pX3fhfaFNkwTdl4L+p9ed/qevtALqv1fi/uoF9gEdLxViGvmb8Q/8qxvuL6UJPWwJ0m89/6Etr/xX/RhKVwdZPDcXywjG0Oc3Y2qKuniTSmVVPat+6kb3y/02hbZkorPY6xYZjbDCWlxmInvTFmT0dP/gr2XflO93U71cep/l0fRPeqO6ehwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADbLvwEAAP//cdfX0w==")
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0x1, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
clock_nanosleep(0x0, 0x1, &(0x7f0000000100)={0x0, 0x3938700}, &(0x7f0000000140))
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r1 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000040)=0x13)
ioctl$TCXONC(r1, 0x540a, 0x3)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
syz_clone(0x44004100, 0x0, 0xfffffffffffffe65, 0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e00000000000000010000000700000000000000", @ANYRES32=0x1, @ANYBLOB="000000000000000000000002001afbff00000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="4000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE(0x700000000000000, &(0x7f0000000180)=@base={0x1d, 0x4, 0x2, 0x0, 0x201, 0xffffffffffffffff, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x5, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
r7 = dup(r6)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r7}})

1.420212578s ago: executing program 5 (id=1292):
r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8002, &(0x7f00000000c0), 0x1, 0x4b4, &(0x7f0000000c80)="$eJzs3E9sFNUfAPDvbHdpgR8/KiIKoi6isdHYQkHh4AWjiQdMjHjQY9MWghRqaE2EECmJwaMh8W48evXgVb0ZTyZe8WhiSIjhAnhaM7sz7e52t//Y7oL7+SRL35t9s+99982bfTNvlwD6Vjn9J4n4X0TcjIidtWxjgXLtz707Vybv37kyGQuVyqm/k2q5u2k+k++3PcuMFCIKXyRNL1gzd+nyuYmZmemLWX5s/vwnY3OXLr969vzEmekz0xfGjx8/euTwsdfHX1t/UC3qS+O6u+/z2f173/noxruTxXz7UPa3Po5OKUe5VVOqXux0ZT22oy6dFHvYENZlICLS7ipVx//OGAidB/2iUqlUBts/vVBpdm3ZFuCRlUSvWwD0Rv5Bn17/5o8uTT0eCrdP1C6A0rjvZY/aM8UoZGVKTde3nTQUER8u/PNN+ohNug8BAFDvpxP5TLB5/leIPXXl/p+toQxHxGMRsSsiHo+I3RHxRES17JMR8VTT65cjorJC/eWm/PL5T+HWAwW4inT+90a2ttU4/8tnfzE8kOV2ROQT5ulD2XsyEqXB02dnpg+vUMfPb/3+VbvnynXzv/SR1p/PBbN23Co23aCbmpif2HDATW5fi9hXbI4/KUYkiysBSUTsjYh963jd4br02Ze/27+YKTWWWz3+qkrLdbQOLFVUvo14qdb/C9HQ/0s1JiuvT44Nxcz0obH0KDjUso5ff7v+Xrv6V43/hz+bd3n72I+nHjTsRWn/b6s7/iNfv12KfziJSBbXa+fWX8f1P75se02ztuP/asM+6fG/Jfmgmt6SbftsYn7+4uGILcnJ5dvHl/bN83n5NP6Rg63H/65sn/SdeDoi0oP4mYh4NiKey9p+ICKej4iDK8T/y5svfLzx+DdXGv9Uy/NfQ/8vrdfPncwTl9aaGDh34Ob9NiePtfX/0WpqJNvS+vyXNJwi1trADryFAAAA8NArRPW7/4XRxXShMDpauwe0O7YVZmbn5l85PfvphanabwSGo1TI73TV7geXkvz+53BdfrwpfyS7b/z1wNZqfnRydmaq18FDn9teHfPJsvGf+mug160DNp2f/ED/Wm3877nRpYYAXefzH/pX3fhfaFNkwTdl4L+p9ed/qevtALqv1fi/uoF9gEdLxViGvmb8Q/8qxvuL6UJPWwJ0m89/6Etr/xX/RhKVwdZPDcXywjG0Oc3Y2qKuniTSmVVPat+6kb3y/02hbZkorPY6xYZjbDCWlxmInvTFmT0dP/gr2XflO93U71cep/l0fRPeqO6ehwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADbLvwEAAP//cdfX0w==")
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0x1, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
clock_nanosleep(0x0, 0x1, &(0x7f0000000100)={0x0, 0x3938700}, &(0x7f0000000140))
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r1 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000040)=0x13)
ioctl$TCXONC(r1, 0x540a, 0x3)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
syz_clone(0x44004100, 0x0, 0xfffffffffffffe65, 0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e00000000000000010000000700000000000000", @ANYRES32=0x1, @ANYBLOB="000000000000000000000002001afbff00000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="4000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE(0x700000000000000, &(0x7f0000000180)=@base={0x1d, 0x4, 0x2, 0x0, 0x201, 0xffffffffffffffff, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x5, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r6, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)={'trans=fd,', {'rfdno', 0x3d, r5}})

936.299576ms ago: executing program 2 (id=1293):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNGETFILTER(r0, 0x801054db, 0x0)

216.785997ms ago: executing program 2 (id=1294):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffbfff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="620abfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad00000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b17ad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b8baa0fe08cf79a69c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70420000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53c5cdffe80a03485df1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c2ed01faac2cfea24649266db3b087eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0892049fcad7fa4a50000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x40000}, 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_usb_connect$cdc_ncm(0x2, 0x6e, 0x0, 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xffffffff)
r2 = fsopen(&(0x7f00000000c0)='sysfs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000000)='mand\x00', &(0x7f0000000040)='sysfs\x00', 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet(r3, &(0x7f00000008c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000580)=[@ip_tos_int={{0x18}}], 0x18}}], 0x1, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r2, 0x0, 0x0)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000200)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffc}]})
remap_file_pages(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, 0xffffffffffffffff, 0x800)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r4})

199.036277ms ago: executing program 0 (id=1295):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETVNETLE(0xffffffffffffffff, 0x400454dc, &(0x7f0000000580))
ioctl$AUTOFS_IOC_ASKUMOUNT(r0, 0x80049370, &(0x7f0000000800))
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x80402, 0x3f)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r4}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x18)
mkdir(&(0x7f0000000180)='./file0\x00', 0x334)
mount$overlay(0x0, &(0x7f0000001340)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000680)={0xffffffffffffffff, 0x20, &(0x7f0000000640)={&(0x7f0000000a00)=""/4096, 0x1000, 0x0, &(0x7f00000005c0)=""/123, 0x7b}}, 0x10)
ioctl$KVM_SET_FPU(r2, 0x41a0ae8d, &(0x7f0000000300)={'\x00', 0xef5c, 0x5, 0x2, 0x0, 0xfff9, 0x80a0000, 0xf000, '\x00', 0x4})
setxattr$incfs_size(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280), &(0x7f0000000540)=0xcce0, 0x8, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000002080)=ANY=[@ANYBLOB="c11933b5c51885039c49303fdf128a8b57d5910ff7aaca25edbc4556726ef0f6756451dbec847bf6f1b79366b6bae2fc5ce753dae87862f7d84ff0d337388b6b537474fc38303281e4154056f7b9e642bbd20a1e0c4deb7a75678e886f70b24b382de5d5e97776193f3f0cf91b2c38928e338d8d17705346b4eaede8dfbd98ca649faf6aff87c55b2fa0d3598cff76d4dc32d5610864b12d2e6b3c9eb540f2d17040d913d333133fa654170ac7f4fa65499da17724d8f8c665becae9d7f87f53597e1bebc5682f936c07168c24e2ab92af892c82d5346a841d917caa073bb4377b1f05f7575f3b654e69e9f2ddfe420ca512d7d65be575b4eb5b848a9cc6304a66082f5e2c4fc4555d607be1e069928723a273742424d04caba0fd26e63bb830fbbd8984ab4335abdc2a0a38796cf9c833abc15113f9422afa431dcc77321d8ae09c458cef68f612299ef06f378153843200180958b78a5f6839e9589b61ecddf380ebce9c169195e8d140a9de0531076862de9d1c21e2ecd92992c2c2e50b19da1f9efbc1319ea26663368de5002f4f1155da914de2aa5f5cfa303c015615daba940beac4e766809f04966dcc17d7dffd274431f57729bc33c32a5524a92e336b1e423102d4607cc2b807ac902680df0c3322f6fc6b83bfeba9abbd33432288238c107d775d5b7037ae4a084593e59e19b173118a0142414f90018e153530de6bf7790dea701b8810bbe5ef8f99193a7b351e91b9ce09945d65324a3cc496216ee155138402dee32a9a7069730abdb8a806aefb3b1c30482d40abb91485e05f1a9348c7c75bc21040621c40bf4ace984f388db3f4cdfdfba6600e93c4a64c149e66b5dd22ddbb27a89979c86a26ec44b3848fe378673b7e522d27b318cefba76cb93dca219718d4a36d90487da5e268012df98774242976f156366dc5706c83c3865212c180648e749c5027f6e798d1acc4b21838af62dce82d8d06de7e630f0ce2fd2ea86c9168fc40bd46815d3bbd66f8ab59a2561a1467b0a0e66928f0e47fbc9e227ec1c7b360be0337bda917ffbaf8ee19e1298a89dc734d0048376555def2c546459d40e995669bc883109b797c0c6e9ee6e2368146daa5bce70fed73b89720e4fae862759c74f1562de85746aa9b632b48ee86fb75a64578a5274139d7aefd065a76817eb2173388b857928572f26aa4ad3d10ae6bc5edb907ef9534a17f97b902b9225b5c2242eefd562e6fb612dada02f22a66c8a6c060032356e8013d093a27ae1218a85c66a02011972f522d0b51c364c11217c039087a9a2fc20446bae9ef6a365315e2c56eee19f59e83dc8faaca4cdfcdc85df5ec88e2c58c5197934f2ec9454aad28d76b0b0f86cb72ea801a4f8b586b928f02802c8d7616dc05f46d8b40f881789d3d86e69877013a594dec04282023ae91fb048ed383d193c6e3b20047aa2a8e72e01a172016627d2324babe6e5a74acc0bbc072b2440698be3e7072465ff9394e8635e268eef9a7db8e1c4f7ea84d1e473124994f707ad3ba18db88a45fbda9bfae8a0b8ac65aea4bbf88089db7d10fb4a649bee835fd7decff5415c8c6206a50b47c5321291069c01151870b4d7fc08e6c7eb393789d510c265fdce0d55401380f336ac1dbfeeeb038445757f7405954167b260071b2c39bf5d3ac867502753401f85249337ffa91f9aeb6ed66dcb424768a153a2d930439b9b2888574886641265f1275267811e17b0cb66a479778d5dcef3a07b7f285b0b5a2b1675ffbd823d780250ef67743d68c6891b5b7ead7af0a03f6521b3b878c6c0f6c68b695bfffb8f1eb27a52f9646de1b62632492581b78bf987a3023457b51cc274fd757b56a073d1dad70abff4318e0c78d5bc6a9da34ef5ed34c6eb645fd0cde1631090b217feecdb14f2b73c1d4f904132e3b31f7bff7c170e0a54daf92052649864d38ab7d29595962b109eb8ae6374c4a0dfa0f0d9c8b4094e2a88aa40b39ea81eaf3b1e59a670bda2238b5376e4e63db4bfb46b0b45bacfab3adecb792bbd8d5a9578cdcced2b886e3a42e40a211bc34e0c763ed09e8e77dd4fe924bfc67d848c2fff61373e143aae4a5df14bca4b3eb3c2e26a12983685d28b51b1ba2bac982f0f4de75fc01d1370a2091017807737a77bc112b521b55d0fbbefebf7cd3c808cccc9d1df81debf19f171737365b4c357ef3b4eb41d3b0b3f7c72a960de4a8add1ba2f8684cf1f45a20ec695a1587fbb69e6b8ea33cb94c44cb0f4b1a421bf0fd364e7601b88d6d587c703320235ff39e09a06250dc25083e2f25674d441ae3dbcad1111d718d8d35dc8716a507380bd330df46befdc9d60fa70475cfd2c9645835b8144f0047a393bbe37a7f38ae237a03125d67fe9d886addd5090bf12ad21850aaad0bb3f2106e4fe6d74bf3072aae55dfed59ab707b603cfa482566bd7dd9f317bdf402a12f8e7950fe3d308b55808516c75c60759e0fbf0cb3ef09d7a08ec743d5a0ceb5e674bd9ed6072fab109db440a599cfc7284fba61564aefe7c75f0abbd0a7d9b4ed4cb8db7ad756a39a5bcf0422832334a7ff5d9d1c9c0bccfd49cc01914fdb6fa29c4d842364d772b4025a6971fc18c8611cb53c3684708b77b938cbe381041c20b08233d5c4359d8a9e7826eeb576da4115d1334129f6aec95f9df52f8113467801928d071d738654095d725d1aa5148fb19d91a3e91a04ad7739e1532899d4c485f3e8927238b885def5e8f71a3c451e8ef81bc44850abceb42c2b114a4303803f96eb14995d240e8527dcaa1922c1fc7549491729a08b6bfe390da282ff419b9bfee5a8bbaa2b5e4d8ae3f186b80bef5a171391b1dbd8aa04bba3706dcd2e17c18b0273a8d5379c5033325f2b5b8e5121437907f1b4bd05b616821d92b5583562929e7b8766b335d3c5398c6f2651923d25dd8b4144db2fca4b204b50975de2e25d4ed8e6e73a80c02c2624397651323dedff4e5f016fa1c34031c932093c391325c543b6fba832f37a5b710536611bdca06e2ba300b61a575849f6708435e4328754b6b6eeba06a88aeca93cbc2e85e4743bfde567fe537fbc45eaaa0c997eb0adf6ebb97105bb4be2b8848fd1d6199f953ef2d49e39a5bc1d6bfaaf9799ad8b0f3b3be7985449c8649e8bed6f5b31bf550e3868b440ffc96648ea2b96a007d8fc6fee2e61ac6eacdd7fcc904cc54132a074b58b750e8394059f32f1de5baf9b3d8182da5fff42ad27091b6f0b4588f596841e74c3a74ffcfad03e031d7bfca1181ac4fb08df6b5b85f3dbc90330b8625cdab3d234e48d28eb833d9f0055e00b8e140abbdcaa5bb4d1028cabc6256da1ff113dd2be87c9581401c6e2ef6cc5ffccb3f66e0a220d5603f5cb98f9317be3747c1033aec2f73daf4af35aca23add4a81b3572469b01d96b8acd19b52c2541cfa3f0b273ebf3c2ba1c2c74ac6ebac368a7a0c5582c00ade92e4203626db623ecd48b5c44f8bee407c649989c02969bc37b03387218c81dd30c116189d8af7ece4055228651a3e7bd841faf33d75cd44c6c2babef185a5d4bb3538f302661956a905908230f23988e20a85665015b452b32f6fe33faed797cfca96f46ecdaa7b6f1c9e3762eb37ed838436e728b852fd0bb2d7b98d23c67c9a4f960d519e145ea2f44657664dd94593876cb1aaedca75805865e0d8322081cdd09e59affaff72f2fd5e68476af1768417049d9ede6e8b472ba031a4ad7fc8a633d2271409e1968d4b5bb2b0fd823d8219880e13e940e71f00376f6e496cc773bba29ac5c60d3a2236c8a5d76655d09a6db6477981e7290a88ad7fcf4ac2ff8de55a2d5deac98c2a6f6a224f9ef50efb2605b3f9b80dbf9309b76f477ec394f88db8ff9b7df3709ef1e13fe8c602067c98ca5977e1b36d3850743ec8d0a2ec466c0dbcdb9bbc1103a5183aa428816a3365d5028bed70f8c5649ca1dee5b065112b08a2c8ea0f0842e078527d9b70ae567ac40f8e477d9d2f2d96237cff7180d5415b2b9b44aea2e1923e1bc98ab92b0b3c09010dce2dda5d84da611d511bb1415d8c3905be17d2c1d810b6c811727a74fdee8314a9aed88a1fa35d5c723c62083b07b9f52d38d7cc2e78dba6a37d2dcc8765a9e7de1a6242dcfbe8a965b6e17b3faabb1a990f0e935c2385b841d824fa4caca7f8c67eee7bcef3934a93b366f8652a199e54a1d83ce7b395fb64cb031bfc1351fabce795cc914f0d4325ff346bb4b698cab8f055809643a49fbb58b8432d395a3a78c77523f6164bef065cbab34e331d1cccfeadac4377b2fe05fb44af0db6d4a887d1468b0ffa9afaae06144e539bfcddee2b3e417a28eb2dcd262dcaabb4c8cb32a646b9756799deff78a06f6c936199863462a38156fc3dba7b49c2cf3498a0698875649b502fa16f5f756043300b682724d7dfed070a5457d9febbc6c3dd4fba10ca0130bc5065a0a942450af15c51be241df429570548945fc0e73e233072482b438aa4e805fe6d20177c6294b647fb3dbc568934623683ab4969e8f054a8e40f8f67f93dfcb8d9c2a5f598a65ba2f83870ecd9363afe3c0a387dfd02c9f80cdfe804dd1958437b2d7136ee24275adb5374e02744000bc563814ef3c3c9820ba00f55b706b2ed0b82cc73e5c8ff2147b3eaabec9beeb145d6f6286996ad9e04f508355ac347fcc00489290a3b14be7214fcb6f6314a38efbd013a530695b4eaadbf47f9ea7069f0611eba82aa5045bea245389ab45060e105f53939c60a434df36cb217c01fcce0a7c1b6cf8c0f335c7a8b1a7dd5f45723d992db3546bcf9d820e93c7b8fe5ef05bcea29c3698cc75ec252aa79823aebd54effbd091a80a4ce5c534b8a4cd304b91434014269be7420ea0cd5c8c0b290b8982b548663a28475d69a4130ea51b35234eda6f521f613bfb7d06878b0060e2b5336a3e31cbb0450d0c3908f3793ac3b9e127384b6f7f730e4ac167cb9bffcc0a8f9f89b970b06743e9650dc10ed65c1a7dec1f9afdd62911a346b793cbef3c52f7d19208dc1c59f362fb99e7fe68164abcf5b5382340140dd32efe9f0bfacc8c420853d5b35d0a507e08d06037570372428b5f0ecd14ea43f2d558b9d8a2bc2a8a54cf4dde5c90d33c63c4ee5a456bc9cb8446c57e3d641faa0b02acabe24c82456cf6da3349705a3059a1517cfa35e3727e6763123aa251761646466bcb316328795de8c34be6ea47cc8121261396476be6c506bb406d93000d5a1878a8e7f03d60336da0a27fc954fa726f86121ef2df86f8592cbc9a84cb588483b3fa98c50f0b46ad370b0238ab80024c915a6b76d984195406d79296ec4ece7947f270bfb865196b5284022746f50ff82b82c1cd8255b8d51df074331951f843e4770110a10c6b14e58c27221812da875f597b66b2516c07c2fb9fe102209efd97d228b9d28cc5e1d7a41e028e1100942333ada39fa0ea965b6102319e807d1060e3ad3b9721c79b96eddeeb395e55c3d8a95ae8e1c8a15f3fe2c7cf8deb2d73c96ea2db3c521db19f5e7cc4930fa7472c67f28524e600a8162a6ab0159fbcc6050be605f727bed0ce60d58e45e5a4fd5d0ac1534ed09402fd1f360b4dd167d6373423f5aaff8335bae01f945e31895c1536b3540b9a68f460e66a288afcc7d1b5084fa82082eb5418ba4ea928831172e2b4466777ab41df69acf73763531825fb5ebf5b72aa25c15e53cd67db94f39bb98393c40fdc8ba552a492a2f4a3810b11370c5472cabbf30d655ddde72c50ad6f299a5feb106e8a86118794289"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x4, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={r6, 0x18000000000002a0, 0x4f, 0x0, &(0x7f00000002c0)="d2ff03076003008cb89e08f086dd", 0x0, 0xd5b1, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000002c0)=0x11)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000040)={0xffffffffffffffff, 0x2})
close_range(r0, 0xffffffffffffffff, 0x0) (fail_nth: 1)

188.907787ms ago: executing program 4 (id=1296):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETVNETLE(0xffffffffffffffff, 0x400454dc, &(0x7f0000000580))
ioctl$AUTOFS_IOC_ASKUMOUNT(r0, 0x80049370, &(0x7f0000000800))
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x80402, 0x3f)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r4}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x18)
mkdir(&(0x7f0000000180)='./file0\x00', 0x334)
mount$overlay(0x0, &(0x7f0000001340)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000680)={0xffffffffffffffff, 0x20, &(0x7f0000000640)={&(0x7f0000000a00)=""/4096, 0x1000, 0x0, &(0x7f00000005c0)=""/123, 0x7b}}, 0x10)
ioctl$KVM_SET_FPU(r2, 0x41a0ae8d, &(0x7f0000000300)={'\x00', 0xef5c, 0x5, 0x2, 0x0, 0xfff9, 0x80a0000, 0xf000, '\x00', 0x4})
setxattr$incfs_size(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280), &(0x7f0000000540)=0xcce0, 0x8, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000002080)=ANY=[@ANYBLOB="c11933b5c51885039c49303fdf128a8b57d5910ff7aaca25edbc4556726ef0f6756451dbec847bf6f1b79366b6bae2fc5ce753dae87862f7d84ff0d337388b6b537474fc38303281e4154056f7b9e642bbd20a1e0c4deb7a75678e886f70b24b382de5d5e97776193f3f0cf91b2c38928e338d8d17705346b4eaede8dfbd98ca649faf6aff87c55b2fa0d3598cff76d4dc32d5610864b12d2e6b3c9eb540f2d17040d913d333133fa654170ac7f4fa65499da17724d8f8c665becae9d7f87f53597e1bebc5682f936c07168c24e2ab92af892c82d5346a841d917caa073bb4377b1f05f7575f3b654e69e9f2ddfe420ca512d7d65be575b4eb5b848a9cc6304a66082f5e2c4fc4555d607be1e069928723a273742424d04caba0fd26e63bb830fbbd8984ab4335abdc2a0a38796cf9c833abc15113f9422afa431dcc77321d8ae09c458cef68f612299ef06f378153843200180958b78a5f6839e9589b61ecddf380ebce9c169195e8d140a9de0531076862de9d1c21e2ecd92992c2c2e50b19da1f9efbc1319ea26663368de5002f4f1155da914de2aa5f5cfa303c015615daba940beac4e766809f04966dcc17d7dffd274431f57729bc33c32a5524a92e336b1e423102d4607cc2b807ac902680df0c3322f6fc6b83bfeba9abbd33432288238c107d775d5b7037ae4a084593e59e19b173118a0142414f90018e153530de6bf7790dea701b8810bbe5ef8f99193a7b351e91b9ce09945d65324a3cc496216ee155138402dee32a9a7069730abdb8a806aefb3b1c30482d40abb91485e05f1a9348c7c75bc21040621c40bf4ace984f388db3f4cdfdfba6600e93c4a64c149e66b5dd22ddbb27a89979c86a26ec44b3848fe378673b7e522d27b318cefba76cb93dca219718d4a36d90487da5e268012df98774242976f156366dc5706c83c3865212c180648e749c5027f6e798d1acc4b21838af62dce82d8d06de7e630f0ce2fd2ea86c9168fc40bd46815d3bbd66f8ab59a2561a1467b0a0e66928f0e47fbc9e227ec1c7b360be0337bda917ffbaf8ee19e1298a89dc734d0048376555def2c546459d40e995669bc883109b797c0c6e9ee6e2368146daa5bce70fed73b89720e4fae862759c74f1562de85746aa9b632b48ee86fb75a64578a5274139d7aefd065a76817eb2173388b857928572f26aa4ad3d10ae6bc5edb907ef9534a17f97b902b9225b5c2242eefd562e6fb612dada02f22a66c8a6c060032356e8013d093a27ae1218a85c66a02011972f522d0b51c364c11217c039087a9a2fc20446bae9ef6a365315e2c56eee19f59e83dc8faaca4cdfcdc85df5ec88e2c58c5197934f2ec9454aad28d76b0b0f86cb72ea801a4f8b586b928f02802c8d7616dc05f46d8b40f881789d3d86e69877013a594dec04282023ae91fb048ed383d193c6e3b20047aa2a8e72e01a172016627d2324babe6e5a74acc0bbc072b2440698be3e7072465ff9394e8635e268eef9a7db8e1c4f7ea84d1e473124994f707ad3ba18db88a45fbda9bfae8a0b8ac65aea4bbf88089db7d10fb4a649bee835fd7decff5415c8c6206a50b47c5321291069c01151870b4d7fc08e6c7eb393789d510c265fdce0d55401380f336ac1dbfeeeb038445757f7405954167b260071b2c39bf5d3ac867502753401f85249337ffa91f9aeb6ed66dcb424768a153a2d930439b9b2888574886641265f1275267811e17b0cb66a479778d5dcef3a07b7f285b0b5a2b1675ffbd823d780250ef67743d68c6891b5b7ead7af0a03f6521b3b878c6c0f6c68b695bfffb8f1eb27a52f9646de1b62632492581b78bf987a3023457b51cc274fd757b56a073d1dad70abff4318e0c78d5bc6a9da34ef5ed34c6eb645fd0cde1631090b217feecdb14f2b73c1d4f904132e3b31f7bff7c170e0a54daf92052649864d38ab7d29595962b109eb8ae6374c4a0dfa0f0d9c8b4094e2a88aa40b39ea81eaf3b1e59a670bda2238b5376e4e63db4bfb46b0b45bacfab3adecb792bbd8d5a9578cdcced2b886e3a42e40a211bc34e0c763ed09e8e77dd4fe924bfc67d848c2fff61373e143aae4a5df14bca4b3eb3c2e26a12983685d28b51b1ba2bac982f0f4de75fc01d1370a2091017807737a77bc112b521b55d0fbbefebf7cd3c808cccc9d1df81debf19f171737365b4c357ef3b4eb41d3b0b3f7c72a960de4a8add1ba2f8684cf1f45a20ec695a1587fbb69e6b8ea33cb94c44cb0f4b1a421bf0fd364e7601b88d6d587c703320235ff39e09a06250dc25083e2f25674d441ae3dbcad1111d718d8d35dc8716a507380bd330df46befdc9d60fa70475cfd2c9645835b8144f0047a393bbe37a7f38ae237a03125d67fe9d886addd5090bf12ad21850aaad0bb3f2106e4fe6d74bf3072aae55dfed59ab707b603cfa482566bd7dd9f317bdf402a12f8e7950fe3d308b55808516c75c60759e0fbf0cb3ef09d7a08ec743d5a0ceb5e674bd9ed6072fab109db440a599cfc7284fba61564aefe7c75f0abbd0a7d9b4ed4cb8db7ad756a39a5bcf0422832334a7ff5d9d1c9c0bccfd49cc01914fdb6fa29c4d842364d772b4025a6971fc18c8611cb53c3684708b77b938cbe381041c20b08233d5c4359d8a9e7826eeb576da4115d1334129f6aec95f9df52f8113467801928d071d738654095d725d1aa5148fb19d91a3e91a04ad7739e1532899d4c485f3e8927238b885def5e8f71a3c451e8ef81bc44850abceb42c2b114a4303803f96eb14995d240e8527dcaa1922c1fc7549491729a08b6bfe390da282ff419b9bfee5a8bbaa2b5e4d8ae3f186b80bef5a171391b1dbd8aa04bba3706dcd2e17c18b0273a8d5379c5033325f2b5b8e5121437907f1b4bd05b616821d92b5583562929e7b8766b335d3c5398c6f2651923d25dd8b4144db2fca4b204b50975de2e25d4ed8e6e73a80c02c2624397651323dedff4e5f016fa1c34031c932093c391325c543b6fba832f37a5b710536611bdca06e2ba300b61a575849f6708435e4328754b6b6eeba06a88aeca93cbc2e85e4743bfde567fe537fbc45eaaa0c997eb0adf6ebb97105bb4be2b8848fd1d6199f953ef2d49e39a5bc1d6bfaaf9799ad8b0f3b3be7985449c8649e8bed6f5b31bf550e3868b440ffc96648ea2b96a007d8fc6fee2e61ac6eacdd7fcc904cc54132a074b58b750e8394059f32f1de5baf9b3d8182da5fff42ad27091b6f0b4588f596841e74c3a74ffcfad03e031d7bfca1181ac4fb08df6b5b85f3dbc90330b8625cdab3d234e48d28eb833d9f0055e00b8e140abbdcaa5bb4d1028cabc6256da1ff113dd2be87c9581401c6e2ef6cc5ffccb3f66e0a220d5603f5cb98f9317be3747c1033aec2f73daf4af35aca23add4a81b3572469b01d96b8acd19b52c2541cfa3f0b273ebf3c2ba1c2c74ac6ebac368a7a0c5582c00ade92e4203626db623ecd48b5c44f8bee407c649989c02969bc37b03387218c81dd30c116189d8af7ece4055228651a3e7bd841faf33d75cd44c6c2babef185a5d4bb3538f302661956a905908230f23988e20a85665015b452b32f6fe33faed797cfca96f46ecdaa7b6f1c9e3762eb37ed838436e728b852fd0bb2d7b98d23c67c9a4f960d519e145ea2f44657664dd94593876cb1aaedca75805865e0d8322081cdd09e59affaff72f2fd5e68476af1768417049d9ede6e8b472ba031a4ad7fc8a633d2271409e1968d4b5bb2b0fd823d8219880e13e940e71f00376f6e496cc773bba29ac5c60d3a2236c8a5d76655d09a6db6477981e7290a88ad7fcf4ac2ff8de55a2d5deac98c2a6f6a224f9ef50efb2605b3f9b80dbf9309b76f477ec394f88db8ff9b7df3709ef1e13fe8c602067c98ca5977e1b36d3850743ec8d0a2ec466c0dbcdb9bbc1103a5183aa428816a3365d5028bed70f8c5649ca1dee5b065112b08a2c8ea0f0842e078527d9b70ae567ac40f8e477d9d2f2d96237cff7180d5415b2b9b44aea2e1923e1bc98ab92b0b3c09010dce2dda5d84da611d511bb1415d8c3905be17d2c1d810b6c811727a74fdee8314a9aed88a1fa35d5c723c62083b07b9f52d38d7cc2e78dba6a37d2dcc8765a9e7de1a6242dcfbe8a965b6e17b3faabb1a990f0e935c2385b841d824fa4caca7f8c67eee7bcef3934a93b366f8652a199e54a1d83ce7b395fb64cb031bfc1351fabce795cc914f0d4325ff346bb4b698cab8f055809643a49fbb58b8432d395a3a78c77523f6164bef065cbab34e331d1cccfeadac4377b2fe05fb44af0db6d4a887d1468b0ffa9afaae06144e539bfcddee2b3e417a28eb2dcd262dcaabb4c8cb32a646b9756799deff78a06f6c936199863462a38156fc3dba7b49c2cf3498a0698875649b502fa16f5f756043300b682724d7dfed070a5457d9febbc6c3dd4fba10ca0130bc5065a0a942450af15c51be241df429570548945fc0e73e233072482b438aa4e805fe6d20177c6294b647fb3dbc568934623683ab4969e8f054a8e40f8f67f93dfcb8d9c2a5f598a65ba2f83870ecd9363afe3c0a387dfd02c9f80cdfe804dd1958437b2d7136ee24275adb5374e02744000bc563814ef3c3c9820ba00f55b706b2ed0b82cc73e5c8ff2147b3eaabec9beeb145d6f6286996ad9e04f508355ac347fcc00489290a3b14be7214fcb6f6314a38efbd013a530695b4eaadbf47f9ea7069f0611eba82aa5045bea245389ab45060e105f53939c60a434df36cb217c01fcce0a7c1b6cf8c0f335c7a8b1a7dd5f45723d992db3546bcf9d820e93c7b8fe5ef05bcea29c3698cc75ec252aa79823aebd54effbd091a80a4ce5c534b8a4cd304b91434014269be7420ea0cd5c8c0b290b8982b548663a28475d69a4130ea51b35234eda6f521f613bfb7d06878b0060e2b5336a3e31cbb0450d0c3908f3793ac3b9e127384b6f7f730e4ac167cb9bffcc0a8f9f89b970b06743e9650dc10ed65c1a7dec1f9afdd62911a346b793cbef3c52f7d19208dc1c59f362fb99e7fe68164abcf5b5382340140dd32efe9f0bfacc8c420853d5b35d0a507e08d06037570372428b5f0ecd14ea43f2d558b9d8a2bc2a8a54cf4dde5c90d33c63c4ee5a456bc9cb8446c57e3d641faa0b02acabe24c82456cf6da3349705a3059a1517cfa35e3727e6763123aa251761646466bcb316328795de8c34be6ea47cc8121261396476be6c506bb406d93000d5a1878a8e7f03d60336da0a27fc954fa726f86121ef2df86f8592cbc9a84cb588483b3fa98c50f0b46ad370b0238ab80024c915a6b76d984195406d79296ec4ece7947f270bfb865196b5284022746f50ff82b82c1cd8255b8d51df074331951f843e4770110a10c6b14e58c27221812da875f597b66b2516c07c2fb9fe102209efd97d228b9d28cc5e1d7a41e028e1100942333ada39fa0ea965b6102319e807d1060e3ad3b9721c79b96eddeeb395e55c3d8a95ae8e1c8a15f3fe2c7cf8deb2d73c96ea2db3c521db19f5e7cc4930fa7472c67f28524e600a8162a6ab0159fbcc6050be605f727bed0ce60d58e45e5a4fd5d0ac1534ed09402fd1f360b4dd167d6373423f5aaff8335bae01f945e31895c1536b3540b9a68f460e66a288afcc7d1b5084fa82082eb5418ba4ea928831172e2b4466777ab41df69acf73763531825fb5ebf5b72aa25c15e53cd67db94f39bb98393c40fdc8ba552a492a2f4a3810b11370c5472cabbf30d655ddde72c50ad6f299a5feb106e8a86118794289"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x4, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={r6, 0x18000000000002a0, 0x4f, 0x0, &(0x7f00000002c0)="d2ff03076003008cb89e08f086dd", 0x0, 0xd5b1, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000002c0)=0x11)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000040)={0xffffffffffffffff, 0x2})
close_range(r0, 0xffffffffffffffff, 0x0)

155.165858ms ago: executing program 1 (id=1297):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
execve(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r1, 0x0, 0x2}, 0x18)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r2, 0xc004743e, 0x110c230000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)={0x3c, r7, 0x431, 0x70bd28, 0xffffffff, {}, [@ETHTOOL_A_PAUSE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_PAUSE_RX={0x5}, @ETHTOOL_A_PAUSE_AUTONEG={0x5, 0x2, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

0s ago: executing program 5 (id=1298):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff3e10, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xee8f010b3d1e850f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file0/../file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x13}, 0x18)

kernel console output (not intermixed with test programs):


[  426.271272][ T4395] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x5f52010)
[  426.294161][ T4384] syz.1.1042: attempt to access beyond end of device
[  426.294161][ T4384] loop1: rw=0, sector=145, nr_sectors = 8 limit=128
[  426.295688][ T4395] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[  426.318766][ T4395] F2FS-fs (loop0): Unrecognized mount option "whint_mode=fs-based" or missing value
[  426.336202][ T4384] syz.1.1042: attempt to access beyond end of device
[  426.336202][ T4384] loop1: rw=0, sector=145, nr_sectors = 8 limit=128
[  426.349787][ T4391] syz.1.1042: attempt to access beyond end of device
[  426.349787][ T4391] loop1: rw=0, sector=145, nr_sectors = 8 limit=128
[  426.363121][ T4384] syz.1.1042: attempt to access beyond end of device
[  426.363121][ T4384] loop1: rw=0, sector=145, nr_sectors = 8 limit=128
[  426.377074][ T4391] syz.1.1042: attempt to access beyond end of device
[  426.377074][ T4391] loop1: rw=0, sector=145, nr_sectors = 8 limit=128
[  426.444269][ T4391] syz.1.1042: attempt to access beyond end of device
[  426.444269][ T4391] loop1: rw=0, sector=145, nr_sectors = 8 limit=128
[  426.547456][ T4402] overlayfs: unrecognized mount option "/" or missing value
[  426.643830][ T4409] loop4: detected capacity change from 0 to 512
[  426.670967][ T4409] [EXT4 FS bs=4096, gc=1, bpg=95, ipg=32, mo=e00ee118, mo2=0000]
[  426.685602][ T4409] System zones: 0-2, 34-35
[  426.694873][ T4409] EXT4-fs (loop4): orphan cleanup on readonly fs
[  426.705517][  T342] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  426.814246][ T4409] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #4: comm syz.4.1050: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 2048(2048)
[  427.819306][ T4418] loop2: detected capacity change from 0 to 16
[  427.876669][ T4419] SELinux: failed to load policy
[  428.522772][ T4413] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1051'.
[  428.535256][ T4418] erofs: (device loop2): mounted with root inode @ nid 36.
[  428.606070][ T4418] overlayfs: missing 'workdir'
[  429.874655][ T4409] EXT4-fs error (device loop4): ext4_quota_enable:7000: comm syz.4.1050: Bad quota inode: 4, type: 1
[  429.886804][ T4409] EXT4-fs warning (device loop4): ext4_enable_quotas:7041: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  430.019618][ T4409] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  430.052635][ T4409] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  430.970134][  T287] EXT4-fs (loop4): unmounting filesystem.
[  431.533146][   T28] kauditd_printk_skb: 9 callbacks suppressed
[  431.533215][   T28] audit: type=1400 audit(1750121606.398:2547): avc:  denied  { name_bind } for  pid=4430 comm="syz.2.1058" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  431.739925][ T4438] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1057'.
[  431.775503][  T342] usb 1-1: device not accepting address 17, error -71
[  431.831539][ T4443] SELinux: failed to load policy
[  431.837600][ T4445] loop1: detected capacity change from 0 to 16
[  431.838228][ T4443] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1059'.
[  431.881915][ T4445] erofs: (device loop1): mounted with root inode @ nid 36.
[  431.891272][ T4445] overlayfs: missing 'workdir'
[  432.034577][ T4455] loop0: detected capacity change from 0 to 512
[  432.041864][ T4455] EXT4-fs (loop0): Test dummy encryption mode enabled
[  432.203748][ T4455] EXT4-fs error (device loop0): __ext4_iget:5078: inode #11: block 1: comm syz.0.1061: invalid block
[  432.314227][   T28] audit: type=1400 audit(1750121607.258:2548): avc:  denied  { sqpoll } for  pid=4453 comm="syz.4.1063" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  432.746930][ T4455] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.1061: couldn't read orphan inode 11 (err -117)
[  432.761069][ T4455] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  433.056225][  T286] EXT4-fs (loop0): unmounting filesystem.
[  433.127064][ T4469] loop3: detected capacity change from 0 to 512
[  433.183604][ T4469] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1065: bg 0: block 393: padding at end of block bitmap is not set
[  433.287526][ T4469] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  433.305847][ T4469] EXT4-fs (loop3): 2 truncates cleaned up
[  433.311629][ T4469] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  433.394435][ T4482] loop4: detected capacity change from 0 to 16
[  433.476611][ T4482] erofs: (device loop4): mounted with root inode @ nid 36.
[  433.499967][ T4482] overlayfs: missing 'workdir'
[  434.299699][ T4480] loop2: detected capacity change from 0 to 40427
[  434.328761][ T4480] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  434.355570][ T4480] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  434.385151][ T4480] F2FS-fs (loop2): Found nat_bits in checkpoint
[  434.423520][ T4484] EXT4-fs (loop3): unmounting filesystem.
[  434.448910][ T4480] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  434.463563][ T4489] loop4: detected capacity change from 0 to 1024
[  434.465536][ T4480] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  434.477551][  T342] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  434.508444][ T4489] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  434.541647][ T4489] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  434.568986][ T4489] ext4 filesystem being mounted at /205/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  434.600760][ T4489] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  434.635729][ T4489] EXT4-fs (loop4): Remounting filesystem read-only
[  434.665549][  T287] EXT4-fs (loop4): unmounting filesystem.
[  434.666861][  T342] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  434.694182][  T342] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  434.725663][  T342] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  434.726269][ T4495] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1076'.
[  434.744753][  T342] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  434.766408][  T342] usb 1-1: config 0 descriptor??
[  434.795534][   T28] audit: type=1400 audit(1750121609.738:2549): avc:  denied  { mounton } for  pid=4496 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  434.841214][ T4498] loop2: detected capacity change from 0 to 512
[  434.920854][ T4498] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  434.930900][ T4496] bridge0: port 1(bridge_slave_0) entered blocking state
[  434.945848][ T4498] ext4 filesystem being mounted at /221/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  434.957035][ T4496] bridge0: port 1(bridge_slave_0) entered disabled state
[  434.964682][ T4496] device bridge_slave_0 entered promiscuous mode
[  435.011035][ T4496] bridge0: port 2(bridge_slave_1) entered blocking state
[  435.035508][ T4496] bridge0: port 2(bridge_slave_1) entered disabled state
[  435.043270][ T4496] device bridge_slave_1 entered promiscuous mode
[  435.061693][ T4502] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1076'.
[  435.083393][ T4509] FAULT_INJECTION: forcing a failure.
[  435.083393][ T4509] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  435.097679][ T4498] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1075'.
[  435.098035][ T4509] CPU: 1 PID: 4509 Comm: syz.1.1077 Not tainted 6.1.138-syzkaller-00009-g6246d345f550 #0
[  435.115511][ T4498] netem: unknown loss type 13
[  435.116455][ T4509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  435.116471][ T4509] Call Trace:
[  435.121204][ T4498] netem: change failed
[  435.131233][ T4509]  <TASK>
[  435.131247][ T4509]  __dump_stack+0x21/0x24
[  435.131286][ T4509]  dump_stack_lvl+0xee/0x150
[  435.131313][ T4509]  ? __cfi_dump_stack_lvl+0x8/0x8
[  435.155529][ T4509]  dump_stack+0x15/0x24
[  435.159717][ T4509]  should_fail_ex+0x3d4/0x520
[  435.164414][ T4509]  should_fail+0xb/0x10
[  435.168587][ T4509]  should_fail_usercopy+0x1a/0x20
[  435.173648][ T4509]  _copy_from_user+0x1e/0xc0
[  435.178262][ T4509]  iovec_from_user+0x1aa/0x2e0
[  435.183054][ T4509]  ? _parse_integer+0x2a/0x40
[  435.187762][ T4509]  __import_iovec+0x71/0x470
[  435.192379][ T4509]  import_iovec+0x7c/0xb0
[  435.196736][ T4509]  ___sys_sendmsg+0x1e4/0x290
[  435.201428][ T4509]  ? __sys_sendmsg+0x270/0x270
[  435.206214][ T4509]  ? __kasan_check_write+0x14/0x20
[  435.211352][ T4509]  ? proc_fail_nth_write+0x17a/0x1f0
[  435.216669][ T4509]  ? vfs_write+0x9d6/0xca0
[  435.221116][ T4509]  ? __fdget+0x19c/0x220
[  435.225384][ T4509]  __x64_sys_sendmsg+0x1f0/0x2c0
[  435.230345][ T4509]  ? __cfi___x64_sys_sendmsg+0x10/0x10
[  435.235845][ T4509]  ? fpregs_assert_state_consistent+0xb1/0xe0
[  435.241957][ T4509]  x64_sys_call+0x171/0x9a0
[  435.246488][ T4509]  do_syscall_64+0x4c/0xa0
[  435.250954][ T4509]  ? clear_bhb_loop+0x15/0x70
[  435.255655][ T4509]  ? clear_bhb_loop+0x15/0x70
[  435.260363][ T4509]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  435.266295][ T4509] RIP: 0033:0x7f537998e929
[  435.270727][ T4509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  435.291056][ T4509] RSP: 002b:00007f537a8eb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  435.299499][ T4509] RAX: ffffffffffffffda RBX: 00007f5379bb5fa0 RCX: 00007f537998e929
[  435.307496][ T4509] RDX: 0000000000000000 RSI: 00002000000012c0 RDI: 0000000000000003
[  435.315489][ T4509] RBP: 00007f537a8eb090 R08: 0000000000000000 R09: 0000000000000000
[  435.323491][ T4509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  435.331492][ T4509] R13: 0000000000000000 R14: 00007f5379bb5fa0 R15: 00007ffef59adb58
[  435.339502][ T4509]  </TASK>
[  435.372385][ T4506] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1075'.
[  435.400694][ T4512] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1078'.
[  435.409716][ T4505] loop4: detected capacity change from 0 to 40427
[  435.421636][ T4505] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  435.431991][ T4505] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  435.445360][ T4505] F2FS-fs (loop4): Unrecognized mount option "·" or missing value
[  435.534316][ T4522] loop1: detected capacity change from 0 to 128
[  435.570754][  T285] EXT4-fs (loop2): unmounting filesystem.
[  435.582321][ T4522] bio_check_eod: 1950 callbacks suppressed
[  435.582356][ T4522] syz.1.1081: attempt to access beyond end of device
[  435.582356][ T4522] loop1: rw=2049, sector=145, nr_sectors = 896 limit=128
[  435.634168][ T4524] loop2: detected capacity change from 0 to 512
[  435.659342][ T4524] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.1082: bg 0: block 393: padding at end of block bitmap is not set
[  435.675783][ T4524] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  435.695478][ T4524] EXT4-fs (loop2): 2 truncates cleaned up
[  435.696189][ T4522] syz.1.1081: attempt to access beyond end of device
[  435.696189][ T4522] loop1: rw=524288, sector=145, nr_sectors = 224 limit=128
[  435.702301][ T4524] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  435.719738][ T4522] syz.1.1081: attempt to access beyond end of device
[  435.719738][ T4522] loop1: rw=0, sector=145, nr_sectors = 8 limit=128
[  435.737982][ T3341] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  435.739714][ T4522] syz.1.1081: attempt to access beyond end of device
[  435.739714][ T4522] loop1: rw=0, sector=145, nr_sectors = 8 limit=128
[  435.746939][ T3341] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  435.777971][ T4526] syz.1.1081: attempt to access beyond end of device
[  435.777971][ T4526] loop1: rw=0, sector=145, nr_sectors = 8 limit=128
[  435.791573][ T4526] syz.1.1081: attempt to access beyond end of device
[  435.791573][ T4526] loop1: rw=0, sector=145, nr_sectors = 8 limit=128
[  435.805141][ T4522] syz.1.1081: attempt to access beyond end of device
[  435.805141][ T4522] loop1: rw=0, sector=145, nr_sectors = 8 limit=128
[  435.808109][  T285] EXT4-fs (loop2): unmounting filesystem.
[  435.819179][ T4526] syz.1.1081: attempt to access beyond end of device
[  435.819179][ T4526] loop1: rw=0, sector=145, nr_sectors = 8 limit=128
[  435.838760][ T3341] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  435.854135][ T4526] syz.1.1081: attempt to access beyond end of device
[  435.854135][ T4526] loop1: rw=0, sector=145, nr_sectors = 8 limit=128
[  435.867550][ T4522] syz.1.1081: attempt to access beyond end of device
[  435.867550][ T4522] loop1: rw=0, sector=145, nr_sectors = 8 limit=128
[  435.924172][ T3341] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  435.932907][ T3341] bridge0: port 1(bridge_slave_0) entered blocking state
[  435.939990][ T3341] bridge0: port 1(bridge_slave_0) entered forwarding state
[  435.947921][ T3341] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  435.956387][ T3341] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  435.964686][ T3341] bridge0: port 2(bridge_slave_1) entered blocking state
[  435.971769][ T3341] bridge0: port 2(bridge_slave_1) entered forwarding state
[  435.979698][ T3341] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  435.997089][ T3341] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  436.042469][ T4530] loop2: detected capacity change from 0 to 16
[  436.051656][ T4530] erofs: (device loop2): mounted with root inode @ nid 36.
[  436.070127][ T4530] overlayfs: missing 'workdir'
[  436.287366][  T323] device bridge_slave_1 left promiscuous mode
[  436.300101][  T323] bridge0: port 2(bridge_slave_1) entered disabled state
[  436.426899][  T323] device bridge_slave_0 left promiscuous mode
[  436.491574][  T323] bridge0: port 1(bridge_slave_0) entered disabled state
[  436.560536][  T323] device veth0_vlan left promiscuous mode
[  436.979047][  T342] usbhid 1-1:0.0: can't add hid device: -71
[  436.995863][  T342] usbhid: probe of 1-1:0.0 failed with error -71
[  437.058257][ T4538] loop1: detected capacity change from 0 to 512
[  437.155385][ T4538] EXT4-fs error (device loop1): ext4_do_update_inode:5255: inode #3: comm syz.1.1085: corrupted inode contents
[  437.167935][ T4538] EXT4-fs error (device loop1): ext4_dirty_inode:6120: inode #3: comm syz.1.1085: mark_inode_dirty error
[  437.182258][ T4538] EXT4-fs error (device loop1): ext4_do_update_inode:5255: inode #3: comm syz.1.1085: corrupted inode contents
[  437.196309][ T4538] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #3: comm syz.1.1085: mark_inode_dirty error
[  437.208979][ T4538] Quota error (device loop1): write_blk: dquota write failed
[  437.216655][ T4538] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  437.226779][ T4538] EXT4-fs error (device loop1): ext4_acquire_dquot:6789: comm syz.1.1085: Failed to acquire dquot type 0
[  437.243361][ T4538] EXT4-fs (loop1): 1 orphan inode deleted
[  437.249219][ T4538] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  437.259124][ T4538] ext4 filesystem being mounted at /203/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  437.428706][ T3341] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  437.457910][  T342] usb 1-1: USB disconnect, device number 18
[  437.476008][   T28] audit: type=1326 audit(1750121612.418:2550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4541 comm="syz.2.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa42c18e929 code=0x7ffc0000
[  437.563397][ T3341] EXT4-fs error (device loop1): ext4_release_dquot:6825: comm kworker/u4:11: Failed to release dquot type 1
[  438.094097][ T4532] loop4: detected capacity change from 0 to 40427
[  438.119156][ T1428] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  438.127470][   T28] audit: type=1326 audit(1750121612.468:2551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4541 comm="syz.2.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa42c18e929 code=0x7ffc0000
[  438.151801][   T28] audit: type=1326 audit(1750121612.478:2552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4541 comm="syz.2.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa42c18e929 code=0x7ffc0000
[  438.254279][ T4532] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  438.266587][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  438.274873][   T28] audit: type=1326 audit(1750121612.478:2553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4541 comm="syz.2.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa42c18e929 code=0x7ffc0000
[  438.278678][ T4532] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  438.308193][  T283] EXT4-fs (loop1): unmounting filesystem.
[  438.309575][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  438.322531][   T28] audit: type=1326 audit(1750121612.478:2554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4541 comm="syz.2.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa42c18e929 code=0x7ffc0000
[  438.342471][ T4496] device veth0_vlan entered promiscuous mode
[  438.370204][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  438.371338][   T28] audit: type=1326 audit(1750121612.488:2555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4541 comm="syz.2.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa42c18e929 code=0x7ffc0000
[  438.386925][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  438.403254][   T28] audit: type=1326 audit(1750121612.488:2556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4541 comm="syz.2.1087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa42c18e929 code=0x7ffc0000
[  438.436583][ T4550] loop1: detected capacity change from 0 to 1024
[  438.452891][ T4532] F2FS-fs (loop4): Found nat_bits in checkpoint
[  438.476271][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  438.496536][ T4550] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  438.503400][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  438.522105][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  438.546021][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  438.554606][ T4550] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  438.563255][ T4550] ext4 filesystem being mounted at /204/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  438.566924][ T4496] device veth1_macvtap entered promiscuous mode
[  438.577592][ T4550] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  438.602844][ T4550] EXT4-fs (loop1): Remounting filesystem read-only
[  438.619387][ T4532] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  438.628004][  T283] EXT4-fs (loop1): unmounting filesystem.
[  438.635159][  T323] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  438.666001][  T323] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  438.674375][  T323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  438.685510][ T4532] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  438.718243][  T323] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  438.735708][ T4558] FAULT_INJECTION: forcing a failure.
[  438.735708][ T4558] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  438.750193][  T323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  438.771550][ T4558] CPU: 0 PID: 4558 Comm: syz.1.1090 Not tainted 6.1.138-syzkaller-00009-g6246d345f550 #0
[  438.781420][ T4558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  438.791500][ T4558] Call Trace:
[  438.794797][ T4558]  <TASK>
[  438.797741][ T4558]  __dump_stack+0x21/0x24
[  438.802098][ T4558]  dump_stack_lvl+0xee/0x150
[  438.806716][ T4558]  ? __cfi_dump_stack_lvl+0x8/0x8
[  438.811762][ T4558]  dump_stack+0x15/0x24
[  438.815943][ T4558]  should_fail_ex+0x3d4/0x520
[  438.820653][ T4558]  should_fail+0xb/0x10
[  438.824839][ T4558]  should_fail_usercopy+0x1a/0x20
[  438.826485][ T4560] loop5: detected capacity change from 0 to 512
[  438.829893][ T4558]  _copy_from_user+0x1e/0xc0
[  438.829921][ T4558]  strndup_user+0xb6/0x150
[  438.845202][ T4558]  __se_sys_mount+0x9c/0x380
[  438.849811][ T4558]  ? fput+0x154/0x1a0
[  438.853807][ T4558]  ? __x64_sys_mount+0xd0/0xd0
[  438.858586][ T4558]  ? __cfi_ksys_write+0x10/0x10
[  438.863461][ T4558]  __x64_sys_mount+0xbf/0xd0
[  438.868070][ T4558]  x64_sys_call+0x65d/0x9a0
[  438.872586][ T4558]  do_syscall_64+0x4c/0xa0
[  438.877023][ T4558]  ? clear_bhb_loop+0x15/0x70
[  438.881705][ T4558]  ? clear_bhb_loop+0x15/0x70
[  438.886386][ T4558]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  438.892293][ T4558] RIP: 0033:0x7f537998e929
[  438.896711][ T4558] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  438.916319][ T4558] RSP: 002b:00007f537a8eb038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  438.924738][ T4558] RAX: ffffffffffffffda RBX: 00007f5379bb5fa0 RCX: 00007f537998e929
[  438.932712][ T4558] RDX: 0000200000000b80 RSI: 0000200000000340 RDI: 0000000000000000
[  438.940686][ T4558] RBP: 00007f537a8eb090 R08: 0000200000000380 R09: 0000000000000000
[  438.948666][ T4558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  438.956639][ T4558] R13: 0000000000000000 R14: 00007f5379bb5fa0 R15: 00007ffef59adb58
[  438.964621][ T4558]  </TASK>
[  438.981159][ T4562] loop2: detected capacity change from 0 to 512
[  438.988222][ T4560] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  439.008776][ T4562] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.1092: bg 0: block 393: padding at end of block bitmap is not set
[  439.032894][ T4562] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  439.033764][ T4560] EXT4-fs (loop5): 1 truncate cleaned up
[  439.047648][ T4562] EXT4-fs (loop2): 2 truncates cleaned up
[  439.053428][ T4562] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  439.062994][ T4560] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  439.187967][  T285] EXT4-fs (loop2): unmounting filesystem.
[  439.221839][ T4573] FAULT_INJECTION: forcing a failure.
[  439.221839][ T4573] name failslab, interval 1, probability 0, space 0, times 0
[  439.234593][ T4573] CPU: 1 PID: 4573 Comm: syz.4.1091 Not tainted 6.1.138-syzkaller-00009-g6246d345f550 #0
[  439.244424][ T4573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  439.254945][ T4573] Call Trace:
[  439.258248][ T4573]  <TASK>
[  439.261209][ T4573]  __dump_stack+0x21/0x24
[  439.265573][ T4573]  dump_stack_lvl+0xee/0x150
[  439.270196][ T4573]  ? __cfi_dump_stack_lvl+0x8/0x8
[  439.275253][ T4573]  ? kasan_save_alloc_info+0x25/0x30
[  439.280561][ T4573]  ? __kasan_kmalloc+0x95/0xb0
[  439.285361][ T4573]  ? kvmalloc_node+0x294/0x480
[  439.290155][ T4573]  dump_stack+0x15/0x24
[  439.294356][ T4573]  should_fail_ex+0x3d4/0x520
[  439.299057][ T4573]  ? __kvm_mmu_topup_memory_cache+0x1b9/0x500
[  439.305156][ T4573]  __should_failslab+0xac/0xf0
[  439.309943][ T4573]  should_failslab+0x9/0x20
[  439.314487][ T4573]  kmem_cache_alloc+0x3b/0x330
[  439.319284][ T4573]  __kvm_mmu_topup_memory_cache+0x1b9/0x500
[  439.325219][ T4573]  kvm_mmu_topup_memory_cache+0x20/0x30
[  439.330801][ T4573]  kvm_mmu_load+0x9c/0x25a0
[  439.335336][ T4573]  ? kvm_hv_setup_tsc_page+0x5ea/0xa70
[  439.340828][ T4573]  ? queue_delayed_work_on+0x101/0x150
[  439.346316][ T4573]  ? kvm_apic_has_interrupt+0x78f/0x7a0
[  439.351878][ T4573]  vcpu_enter_guest+0x4958/0x6be0
[  439.356903][ T4573]  ? __kasan_check_write+0x14/0x20
[  439.362033][ T4573]  ? pvclock_gtod_update_fn+0x270/0x270
[  439.367591][ T4573]  ? 0xffffffffa0003e00
[  439.371739][ T4573]  ? is_bpf_text_address+0x177/0x190
[  439.377022][ T4573]  ? kernel_text_address+0xa0/0xd0
[  439.382129][ T4573]  ? __kernel_text_address+0xd/0x30
[  439.387328][ T4573]  ? unwind_get_return_address+0x4d/0x90
[  439.392964][ T4573]  ? __cfi_stack_trace_consume_entry+0x10/0x10
[  439.399146][ T4573]  ? arch_stack_walk+0xfc/0x150
[  439.404027][ T4573]  ? vmx_vcpu_pi_load+0x12d/0x810
[  439.409077][ T4573]  ? stack_trace_save+0x98/0xe0
[  439.413957][ T4573]  ? __cfi_vmx_vcpu_pi_load+0x10/0x10
[  439.419358][ T4573]  ? __stack_depot_save+0x36/0x480
[  439.424503][ T4573]  ? _parse_integer_limit+0x18a/0x1d0
[  439.429901][ T4573]  ? do_vfs_ioctl+0xc36/0x1c80
[  439.434698][ T4573]  ? __this_cpu_preempt_check+0x13/0x20
[  439.440268][ T4573]  ? xfd_validate_state+0x70/0x150
[  439.445412][ T4573]  ? __local_bh_enable_ip+0x58/0x80
[  439.450632][ T4573]  ? fpu_swap_kvm_fpstate+0x4ef/0x5d0
[  439.456029][ T4573]  ? fpu_swap_kvm_fpstate+0x81/0x5d0
[  439.461336][ T4573]  kvm_arch_vcpu_ioctl_run+0xec4/0x1fa0
[  439.466901][ T4573]  kvm_vcpu_ioctl+0x882/0xb70
[  439.471594][ T4573]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[  439.476801][ T4573]  ? selinux_file_ioctl+0x377/0x480
[  439.482004][ T4573]  ? __cfi_selinux_file_ioctl+0x10/0x10
[  439.487555][ T4573]  ? mutex_unlock+0x89/0x220
[  439.492149][ T4573]  ? __cfi_mutex_unlock+0x10/0x10
[  439.497179][ T4573]  ? __fget_files+0x2d5/0x330
[  439.501873][ T4573]  ? security_file_ioctl+0x95/0xc0
[  439.506987][ T4573]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[  439.512196][ T4573]  __se_sys_ioctl+0x12f/0x1b0
[  439.516885][ T4573]  __x64_sys_ioctl+0x7b/0x90
[  439.521488][ T4573]  x64_sys_call+0x58b/0x9a0
[  439.525994][ T4573]  do_syscall_64+0x4c/0xa0
[  439.530420][ T4573]  ? clear_bhb_loop+0x15/0x70
[  439.535098][ T4573]  ? clear_bhb_loop+0x15/0x70
[  439.539780][ T4573]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  439.545685][ T4573] RIP: 0033:0x7f64c938e929
[  439.550101][ T4573] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  439.569714][ T4573] RSP: 002b:00007f64ca188038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  439.578143][ T4573] RAX: ffffffffffffffda RBX: 00007f64c95b6080 RCX: 00007f64c938e929
[  439.586120][ T4573] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  439.594118][ T4573] RBP: 00007f64ca188090 R08: 0000000000000000 R09: 0000000000000000
[  439.602089][ T4573] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  439.610064][ T4573] R13: 0000000000000000 R14: 00007f64c95b6080 R15: 00007ffced10d7e8
[  439.618046][ T4573]  </TASK>
[  439.801351][ T4582] EXT4-fs error (device loop5): ext4_read_inline_dir:1593: inode #12: block 7: comm syz.5.1074: path /0/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=40, inode=2085390, rec_len=0, size=80 fake=0
[  440.148339][ T4584] loop0: detected capacity change from 0 to 16
[  440.177562][ T4584] erofs: (device loop0): mounted with root inode @ nid 36.
[  440.279834][ T4585] overlayfs: missing 'workdir'
[  440.819192][ T4581] fuse: Unknown parameter 'use00000000000000000000'
[  441.046184][ T4589] fuse: Bad value for 'rootmode'
[  442.677121][ T4459] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 256: padding at end of block bitmap is not set
[  442.716290][ T4496] EXT4-fs (loop5): unmounting filesystem.
[  442.881729][ T4611] fuse: Unknown parameter 'user_id00000000000000000000'
[  442.928220][ T4615] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  442.970066][   T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth3: link becomes ready
[  442.987380][   T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth2: link becomes ready
[  443.001361][ T4606] loop4: detected capacity change from 0 to 40427
[  443.017971][ T4606] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  443.029174][ T4606] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  443.042660][ T4606] F2FS-fs (loop4): Found nat_bits in checkpoint
[  443.080875][ T4616] fuse: Unknown parameter 'user_id00000000000000000000'
[  443.086163][ T4606] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  443.094968][ T4606] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  443.205862][ T4622] loop2: detected capacity change from 0 to 512
[  443.224291][ T4622] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.1106: bg 0: block 393: padding at end of block bitmap is not set
[  443.240108][ T4622] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  443.249385][ T4622] EXT4-fs (loop2): 2 truncates cleaned up
[  443.255148][ T4622] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  443.294944][  T285] EXT4-fs (loop2): unmounting filesystem.
[  443.320676][ T4628] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1107'.
[  443.384894][ T4626] FAULT_INJECTION: forcing a failure.
[  443.384894][ T4626] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  443.398242][ T4626] CPU: 1 PID: 4626 Comm: syz.4.1105 Not tainted 6.1.138-syzkaller-00009-g6246d345f550 #0
[  443.408082][ T4626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  443.418166][ T4626] Call Trace:
[  443.421467][ T4626]  <TASK>
[  443.424416][ T4626]  __dump_stack+0x21/0x24
[  443.428781][ T4626]  dump_stack_lvl+0xee/0x150
[  443.433403][ T4626]  ? __cfi_dump_stack_lvl+0x8/0x8
[  443.438464][ T4626]  ? console_unlock+0x2d1/0x550
[  443.443338][ T4626]  ? console_unlock+0x4f3/0x550
[  443.448215][ T4626]  dump_stack+0x15/0x24
[  443.452406][ T4626]  should_fail_ex+0x3d4/0x520
[  443.457110][ T4626]  should_fail+0xb/0x10
[  443.461298][ T4626]  should_fail_usercopy+0x1a/0x20
[  443.466352][ T4626]  _copy_from_user+0x1e/0xc0
[  443.470974][ T4626]  vcs_write+0x4ff/0x1220
[  443.475352][ T4626]  ? __cfi_kstrtouint_from_user+0x10/0x10
[  443.481119][ T4626]  ? __cfi_vcs_write+0x10/0x10
[  443.481913][ T4628] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1107'.
[  443.485928][ T4626]  ? fsnotify_perm+0x67/0x5b0
[  443.485955][ T4626]  ? security_file_permission+0x8a/0xb0
[  443.485977][ T4626]  ? security_file_permission+0x94/0xb0
[  443.510586][ T4626]  ? __cfi_vcs_write+0x10/0x10
[  443.515388][ T4626]  vfs_write+0x40c/0xca0
[  443.519662][ T4626]  ? slab_free_freelist_hook+0xc2/0x190
[  443.525237][ T4626]  ? __cfi_vfs_write+0x10/0x10
[  443.530029][ T4626]  ? __fget_files+0x2d5/0x330
[  443.534743][ T4626]  ? __fdget_pos+0x1f2/0x380
[  443.539356][ T4626]  ? ksys_write+0x71/0x240
[  443.543795][ T4626]  ksys_write+0x140/0x240
[  443.548151][ T4626]  ? __cfi_ksys_write+0x10/0x10
[  443.553033][ T4626]  ? debug_smp_processor_id+0x17/0x20
[  443.558434][ T4626]  __x64_sys_write+0x7b/0x90
[  443.563055][ T4626]  x64_sys_call+0x27b/0x9a0
[  443.567579][ T4626]  do_syscall_64+0x4c/0xa0
[  443.572030][ T4626]  ? clear_bhb_loop+0x15/0x70
[  443.576728][ T4626]  ? clear_bhb_loop+0x15/0x70
[  443.581423][ T4626]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  443.587345][ T4626] RIP: 0033:0x7f64c938e929
[  443.591775][ T4626] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  443.611401][ T4626] RSP: 002b:00007f64ca1a9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  443.619846][ T4626] RAX: ffffffffffffffda RBX: 00007f64c95b5fa0 RCX: 00007f64c938e929
[  443.627847][ T4626] RDX: 0000000000001006 RSI: 0000200000000d00 RDI: 0000000000000006
[  443.635842][ T4626] RBP: 00007f64ca1a9090 R08: 0000000000000000 R09: 0000000000000000
[  443.643840][ T4626] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  443.651845][ T4626] R13: 0000000000000000 R14: 00007f64c95b5fa0 R15: 00007ffced10d7e8
[  443.659851][ T4626]  </TASK>
[  443.771664][ T4628] loop2: detected capacity change from 0 to 40427
[  443.786075][ T4628] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  443.797369][ T4628] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  443.833164][ T4628] F2FS-fs (loop2): Unrecognized mount option "·" or missing value
[  444.592180][ T4652] overlayfs: failed to resolve './file0': -2
[  444.693060][ T4652] loop2: detected capacity change from 0 to 128
[  444.866145][ T4652] EXT4-fs (loop2): Test dummy encryption mode enabled
[  444.893500][ T4652] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  444.893682][ T4651] fuse: Unknown parameter 'use00000000000000000000'
[  444.903171][ T4640] input: syz1 as /devices/virtual/input/input5
[  444.915131][ T4652] ext4 filesystem being mounted at /229/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  444.934953][   T28] kauditd_printk_skb: 26 callbacks suppressed
[  444.934983][   T28] audit: type=1400 audit(1750121619.878:2583): avc:  denied  { read } for  pid=87 comm="acpid" name="event3" dev="devtmpfs" ino=2013 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  444.974533][ T4649] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  444.986253][ T4649] overlayfs: upper fs does not support tmpfile.
[  444.991795][   T28] audit: type=1400 audit(1750121619.878:2584): avc:  denied  { open } for  pid=87 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=2013 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  445.065168][   T28] audit: type=1400 audit(1750121619.878:2585): avc:  denied  { ioctl } for  pid=87 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=2013 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  445.267679][  T285] EXT4-fs (loop2): unmounting filesystem.
[  445.325534][  T490] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  445.351256][ T4665] loop5: detected capacity change from 0 to 256
[  445.586387][ T4661] loop0: detected capacity change from 0 to 40427
[  445.597880][  T490] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  445.654746][  T490] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  445.756103][ T4661] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  445.765520][ T4661] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  445.768089][  T490] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  445.797848][  T490] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  445.807626][ T4661] F2FS-fs (loop0): Found nat_bits in checkpoint
[  445.814825][  T490] usb 5-1: config 0 descriptor??
[  445.851808][ T4675] loop5: detected capacity change from 0 to 1024
[  445.859626][ T4675] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  445.869080][ T4661] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  445.878534][ T4661] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  445.916967][ T4675] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  445.932554][ T4675] ext4 filesystem being mounted at /5/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  445.981024][ T4675] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  446.001448][ T4675] EXT4-fs (loop5): Remounting filesystem read-only
[  446.018384][ T4496] EXT4-fs (loop5): unmounting filesystem.
[  446.130748][ T4682] fuse: Bad value for 'fd'
[  446.148155][ T4657] loop4: detected capacity change from 0 to 256
[  446.186249][ T4657] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  446.197766][ T4657] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  446.209427][ T4657] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  446.297330][   T28] audit: type=1400 audit(1750121621.248:2586): avc:  denied  { rename } for  pid=4656 comm="syz.4.1114" name="file0" dev="loop4" ino=1048777 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  446.320905][ T4687] loop5: detected capacity change from 0 to 16
[  446.332843][ T4687] erofs: (device loop5): mounted with root inode @ nid 36.
[  446.343210][ T4687] overlayfs: missing 'workdir'
[  446.399240][   T28] audit: type=1400 audit(1750121621.248:2587): avc:  denied  { reparent } for  pid=4656 comm="syz.4.1114" name="file0" dev="loop4" ino=1048777 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  446.574369][ T4691] loop2: detected capacity change from 0 to 16
[  446.600834][ T4691] erofs: (device loop2): mounted with root inode @ nid 36.
[  446.686670][ T4691] overlayfs: missing 'workdir'
[  446.939531][ T4695] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1123'.
[  447.019565][ T4696] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1123'.
[  447.455309][ T4696] loop2: detected capacity change from 0 to 40427
[  447.470404][ T4696] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  447.487267][ T4696] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  447.496110][ T4696] F2FS-fs (loop2): Unrecognized mount option "·" or missing value
[  447.547831][  T490] pyra 0003:1E7D:2CF6.0006: item fetching failed at offset 5/7
[  447.565953][  T490] pyra 0003:1E7D:2CF6.0006: parse failed
[  447.571656][  T490] pyra: probe of 0003:1E7D:2CF6.0006 failed with error -22
[  447.594591][   T28] audit: type=1400 audit(1750121622.538:2588): avc:  denied  { name_bind } for  pid=4699 comm="syz.5.1125" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  447.627546][ T4700] input: syz1 as /devices/virtual/input/input6
[  447.645624][  T628] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  447.749009][  T342] usb 5-1: USB disconnect, device number 11
[  447.865525][  T628] usb 1-1: Using ep0 maxpacket: 16
[  447.872031][  T628] usb 1-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  447.881110][  T628] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  447.891517][  T628] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  447.902058][  T628] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  447.911396][  T628] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  447.919669][  T628] usb 1-1: Product: syz
[  447.923899][  T628] usb 1-1: Manufacturer: syz
[  447.928736][  T628] usb 1-1: SerialNumber: syz
[  448.209026][   T28] audit: type=1326 audit(1750121623.158:2589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4707 comm="syz.2.1128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa42c18e929 code=0x7ffc0000
[  448.299961][   T28] audit: type=1326 audit(1750121623.178:2590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4707 comm="syz.2.1128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa42c18e929 code=0x7ffc0000
[  448.361092][  T628] usb 1-1: 0:2 : does not exist
[  448.366949][   T28] audit: type=1326 audit(1750121623.178:2591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4707 comm="syz.2.1128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa42c18e929 code=0x7ffc0000
[  448.391808][   T28] audit: type=1326 audit(1750121623.178:2592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4707 comm="syz.2.1128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa42c18e929 code=0x7ffc0000
[  448.486352][ T4713] loop4: detected capacity change from 0 to 256
[  448.521743][ T4713] exfat: Deprecated parameter 'namecase'
[  448.635542][ T4713] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d)
[  448.758721][ T4717] device bridge0 entered promiscuous mode
[  449.044437][ T4724] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1129'.
[  449.286891][ T4698] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  449.339100][ T4698] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  449.577135][ T4727] loop2: detected capacity change from 0 to 1024
[  449.597096][ T4727] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  449.635542][ T4727] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  449.642724][ T4732] loop1: detected capacity change from 0 to 512
[  449.644200][ T4727] ext4 filesystem being mounted at /234/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  449.662413][ T4732] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.1134: bg 0: block 393: padding at end of block bitmap is not set
[  449.673934][ T4727] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  449.696043][ T4727] EXT4-fs (loop2): Remounting filesystem read-only
[  449.697156][ T4732] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  449.712477][ T4732] EXT4-fs (loop1): 2 truncates cleaned up
[  449.723072][ T4732] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  449.749795][  T285] EXT4-fs (loop2): unmounting filesystem.
[  449.779824][ T4735] loop4: detected capacity change from 0 to 512
[  449.818182][ T4735] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  449.846731][ T4742] loop2: detected capacity change from 0 to 16
[  449.853257][ T4735] ext4 filesystem being mounted at /216/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  449.878240][  T283] EXT4-fs (loop1): unmounting filesystem.
[  449.894278][ T4742] erofs: (device loop2): mounted with root inode @ nid 36.
[  449.929485][ T4742] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  449.943385][ T4742] erofs: (device loop2): z_erofs_read_folio: failed to read, err [-117]
[  449.953124][ T4742] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  449.962866][ T4742] erofs: (device loop2): z_erofs_read_folio: failed to read, err [-117]
[  449.977015][ T4746] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1138'.
[  449.994701][ T4744] fuse: Bad value for 'fd'
[  450.005973][   T28] kauditd_printk_skb: 62 callbacks suppressed
[  450.005989][   T28] audit: type=1400 audit(1750121624.958:2655): avc:  denied  { unmount } for  pid=287 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  450.026407][  T628] usb 1-1: 1:0: failed to get current value for ch 0 (-22)
[  450.040798][ T4748] loop2: detected capacity change from 0 to 16
[  450.051943][  T287] EXT4-fs (loop4): unmounting filesystem.
[  450.080058][ T4748] erofs: Unknown parameter './file0'
[  450.105168][  T628] usb 1-1: USB disconnect, device number 19
[  450.140158][ T4752] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1138'.
[  450.341792][ T4752] loop1: detected capacity change from 0 to 40427
[  450.351871][ T4752] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  450.377270][ T4752] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  450.385760][ T4751] loop4: detected capacity change from 0 to 40427
[  450.398961][ T4751] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  450.414499][ T4752] F2FS-fs (loop1): Unrecognized mount option "·" or missing value
[  450.430103][ T4751] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  451.686369][ T4751] F2FS-fs (loop4): invalid crc value
[  451.713242][ T4759] loop0: detected capacity change from 0 to 256
[  451.727103][ T4751] F2FS-fs (loop4): Found nat_bits in checkpoint
[  451.738380][ T4759] FAT-fs (loop0): Directory bread(block 64) failed
[  451.744965][ T4759] FAT-fs (loop0): Directory bread(block 65) failed
[  451.796954][ T4765] loop5: detected capacity change from 0 to 128
[  451.797857][ T4759] FAT-fs (loop0): Directory bread(block 66) failed
[  451.812141][ T4759] FAT-fs (loop0): Directory bread(block 67) failed
[  451.820554][ T4759] FAT-fs (loop0): Directory bread(block 68) failed
[  451.832249][ T4751] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  451.845534][ T4759] FAT-fs (loop0): Directory bread(block 69) failed
[  451.849716][ T4751] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  451.872416][ T4759] FAT-fs (loop0): Directory bread(block 70) failed
[  451.904749][ T4759] FAT-fs (loop0): Directory bread(block 71) failed
[  451.911420][ T4765] bio_check_eod: 5876 callbacks suppressed
[  451.911439][ T4765] syz.5.1143: attempt to access beyond end of device
[  451.911439][ T4765] loop5: rw=2049, sector=145, nr_sectors = 896 limit=128
[  451.932115][ T4759] FAT-fs (loop0): Directory bread(block 72) failed
[  451.947447][ T4765] syz.5.1143: attempt to access beyond end of device
[  451.947447][ T4765] loop5: rw=524288, sector=145, nr_sectors = 224 limit=128
[  451.961465][ T4765] syz.5.1143: attempt to access beyond end of device
[  451.961465][ T4765] loop5: rw=0, sector=145, nr_sectors = 8 limit=128
[  451.974845][ T4765] syz.5.1143: attempt to access beyond end of device
[  451.974845][ T4765] loop5: rw=0, sector=145, nr_sectors = 8 limit=128
[  451.998309][ T4765] syz.5.1143: attempt to access beyond end of device
[  451.998309][ T4765] loop5: rw=0, sector=145, nr_sectors = 8 limit=128
[  452.007665][ T4759] FAT-fs (loop0): Directory bread(block 73) failed
[  452.024703][ T4765] syz.5.1143: attempt to access beyond end of device
[  452.024703][ T4765] loop5: rw=0, sector=145, nr_sectors = 8 limit=128
[  452.038558][ T4765] syz.5.1143: attempt to access beyond end of device
[  452.038558][ T4765] loop5: rw=0, sector=145, nr_sectors = 8 limit=128
[  452.052136][ T4765] syz.5.1143: attempt to access beyond end of device
[  452.052136][ T4765] loop5: rw=0, sector=145, nr_sectors = 8 limit=128
[  452.069656][ T4765] syz.5.1143: attempt to access beyond end of device
[  452.069656][ T4765] loop5: rw=0, sector=145, nr_sectors = 8 limit=128
[  452.083135][ T4767] syz.5.1143: attempt to access beyond end of device
[  452.083135][ T4767] loop5: rw=0, sector=145, nr_sectors = 8 limit=128
[  452.413157][  T287] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  452.413181][  T287] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  452.428106][  T287] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  452.437683][  T287] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  452.445304][  T287] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  452.453149][  T287] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  452.460796][  T287] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  452.523973][ T4772] loop0: detected capacity change from 0 to 1024
[  452.580527][ T4772] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  452.637744][   T28] audit: type=1400 audit(1750121627.588:2656): avc:  denied  { write } for  pid=4771 comm="syz.0.1145" name="ppp" dev="devtmpfs" ino=158 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  452.679280][   T28] audit: type=1326 audit(1750121627.628:2657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4775 comm="syz.4.1146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64c938e929 code=0x7ffc0000
[  452.735522][   T28] audit: type=1326 audit(1750121627.628:2658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4775 comm="syz.4.1146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f64c938e929 code=0x7ffc0000
[  452.798038][  T286] EXT4-fs (loop0): unmounting filesystem.
[  452.813521][ T4779] loop1: detected capacity change from 0 to 512
[  452.872750][   T28] audit: type=1326 audit(1750121627.628:2659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4775 comm="syz.4.1146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64c938e929 code=0x7ffc0000
[  453.013472][ T4779] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.1148: bg 0: block 393: padding at end of block bitmap is not set
[  453.115024][   T28] audit: type=1326 audit(1750121627.628:2660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4775 comm="syz.4.1146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f64c938e929 code=0x7ffc0000
[  453.141551][ T4788] loop0: detected capacity change from 0 to 1024
[  453.148162][ T4779] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  453.155278][   T28] audit: type=1326 audit(1750121627.628:2661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4775 comm="syz.4.1146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64c938e929 code=0x7ffc0000
[  453.157296][ T4779] EXT4-fs (loop1): 2 truncates cleaned up
[  453.192935][ T4788] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  453.210691][ T4779] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  453.222858][ T4790] FAULT_INJECTION: forcing a failure.
[  453.222858][ T4790] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  453.237853][ T4788] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  453.251787][ T4788] ext4 filesystem being mounted at /217/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  453.267871][   T28] audit: type=1326 audit(1750121627.628:2662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4775 comm="syz.4.1146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f64c938e929 code=0x7ffc0000
[  453.269542][ T4788] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  453.291975][   T28] audit: type=1326 audit(1750121627.628:2663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4775 comm="syz.4.1146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64c938e929 code=0x7ffc0000
[  453.335226][   T28] audit: type=1326 audit(1750121627.628:2664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4775 comm="syz.4.1146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f64c938e929 code=0x7ffc0000
[  453.342492][ T4790] CPU: 1 PID: 4790 Comm: syz.2.1150 Not tainted 6.1.138-syzkaller-00009-g6246d345f550 #0
[  453.368434][ T4790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  453.378509][ T4790] Call Trace:
[  453.381805][ T4790]  <TASK>
[  453.384752][ T4790]  __dump_stack+0x21/0x24
[  453.389137][ T4790]  dump_stack_lvl+0xee/0x150
[  453.393753][ T4790]  ? __cfi_dump_stack_lvl+0x8/0x8
[  453.398806][ T4790]  dump_stack+0x15/0x24
[  453.402989][ T4790]  should_fail_ex+0x3d4/0x520
[  453.407689][ T4790]  should_fail+0xb/0x10
[  453.411864][ T4790]  should_fail_usercopy+0x1a/0x20
[  453.416911][ T4790]  _copy_from_user+0x1e/0xc0
[  453.421517][ T4790]  __sys_bpf+0x277/0x780
[  453.425786][ T4790]  ? bpf_link_show_fdinfo+0x320/0x320
[  453.431191][ T4790]  ? __cfi_ksys_write+0x10/0x10
[  453.436069][ T4790]  ? debug_smp_processor_id+0x17/0x20
[  453.441469][ T4790]  __x64_sys_bpf+0x7c/0x90
[  453.445908][ T4790]  x64_sys_call+0x488/0x9a0
[  453.450428][ T4790]  do_syscall_64+0x4c/0xa0
[  453.454873][ T4790]  ? clear_bhb_loop+0x15/0x70
[  453.459567][ T4790]  ? clear_bhb_loop+0x15/0x70
[  453.464263][ T4790]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  453.470185][ T4790] RIP: 0033:0x7fa42c18e929
[  453.474614][ T4790] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  453.494248][ T4790] RSP: 002b:00007fa42cf4e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  453.502685][ T4790] RAX: ffffffffffffffda RBX: 00007fa42c3b5fa0 RCX: 00007fa42c18e929
[  453.507835][ T4788] EXT4-fs (loop0): Remounting filesystem read-only
[  453.510671][ T4790] RDX: 000000000000002c RSI: 0000200000000080 RDI: 000000000000000a
[  453.510689][ T4790] RBP: 00007fa42cf4e090 R08: 0000000000000000 R09: 0000000000000000
[  453.510704][ T4790] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  453.541220][ T4790] R13: 0000000000000000 R14: 00007fa42c3b5fa0 R15: 00007ffce77035e8
[  453.549225][ T4790]  </TASK>
[  453.574358][  T286] EXT4-fs (loop0): unmounting filesystem.
[  453.657039][  T283] EXT4-fs (loop1): unmounting filesystem.
[  453.711202][ T4800] loop4: detected capacity change from 0 to 128
[  454.140448][ T4806] loop2: detected capacity change from 0 to 512
[  454.357094][ T4806] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  454.375016][ T4807] loop0: detected capacity change from 0 to 16
[  454.385427][ T4807] erofs: (device loop0): mounted with root inode @ nid 36.
[  454.414724][ T4807] overlayfs: missing 'workdir'
[  454.541962][ T4806] EXT4-fs (loop2): 1 truncate cleaned up
[  454.547872][ T4806] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  455.341820][  T285] EXT4-fs (loop2): unmounting filesystem.
[  455.425522][  T628] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  455.539743][ T4816] fuse: Bad value for 'fd'
[  455.583992][ T4820] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1158'.
[  455.615553][  T628] usb 2-1: Using ep0 maxpacket: 16
[  455.620780][  T311] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  455.637881][  T628] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[  455.650866][  T628] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  455.685561][  T628] usb 2-1: Product: syz
[  455.695492][  T628] usb 2-1: Manufacturer: syz
[  455.700329][  T628] usb 2-1: SerialNumber: syz
[  455.706674][ T4824] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1158'.
[  455.725900][  T628] usb 2-1: config 0 descriptor??
[  455.736959][  T628] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[  455.765781][  T628] usb 2-1: Detected FT232H
[  455.835494][  T311] usb 1-1: Using ep0 maxpacket: 16
[  455.846299][  T311] usb 1-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[  455.994940][ T4828] loop5: detected capacity change from 0 to 512
[  456.015945][ T4828] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  456.033431][  T628] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  456.097928][ T4828] EXT4-fs (loop5): orphan cleanup on readonly fs
[  456.115342][  T311] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  456.127284][ T4828] __quota_error: 23 callbacks suppressed
[  456.127314][ T4828] Quota error (device loop5): do_check_range: Getting block 196613 out of range 1-5
[  456.142817][ T4828] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0
[  456.152285][ T4828] EXT4-fs error (device loop5): ext4_acquire_dquot:6789: comm syz.5.1159: Failed to acquire dquot type 1
[  456.166753][ T4828] EXT4-fs (loop5): 1 truncate cleaned up
[  456.253310][  T311] usb 1-1: Product: syz
[  456.314801][  T311] usb 1-1: Manufacturer: syz
[  456.378196][  T311] usb 1-1: SerialNumber: syz
[  456.445983][ T4828] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  456.458192][ T4828] EXT4-fs (loop5): unmounting filesystem.
[  456.501609][  T628] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  456.535418][  T311] usb 1-1: config 0 descriptor??
[  456.726177][  T628] usb 2-1: USB disconnect, device number 7
[  456.997510][ T4824] loop4: detected capacity change from 0 to 40427
[  457.022163][ T4824] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  457.045470][ T4824] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  457.064020][ T4824] F2FS-fs (loop4): Unrecognized mount option "·" or missing value
[  457.282452][ T4834] loop1: detected capacity change from 0 to 16
[  457.317337][ T4834] erofs: (device loop1): mounted with root inode @ nid 36.
[  457.342240][ T4834] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  457.362039][ T4834] erofs: (device loop1): z_erofs_read_folio: failed to read, err [-117]
[  457.382509][ T4834] FAULT_INJECTION: forcing a failure.
[  457.382509][ T4834] name failslab, interval 1, probability 0, space 0, times 0
[  457.405484][ T4834] CPU: 1 PID: 4834 Comm: syz.1.1160 Not tainted 6.1.138-syzkaller-00009-g6246d345f550 #0
[  457.415347][ T4834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  457.425424][ T4834] Call Trace:
[  457.428718][ T4834]  <TASK>
[  457.431662][ T4834]  __dump_stack+0x21/0x24
[  457.436015][ T4834]  dump_stack_lvl+0xee/0x150
[  457.440627][ T4834]  ? __cfi_dump_stack_lvl+0x8/0x8
[  457.445678][ T4834]  ? __kasan_check_write+0x14/0x20
[  457.450883][ T4834]  ? proc_fail_nth_write+0x17a/0x1f0
[  457.456212][ T4834]  dump_stack+0x15/0x24
[  457.460424][ T4834]  should_fail_ex+0x3d4/0x520
[  457.465126][ T4834]  ? getname_flags+0xb9/0x500
[  457.469832][ T4834]  __should_failslab+0xac/0xf0
[  457.474638][ T4834]  should_failslab+0x9/0x20
[  457.479184][ T4834]  kmem_cache_alloc+0x3b/0x330
[  457.483979][ T4834]  getname_flags+0xb9/0x500
[  457.488515][ T4834]  ? __kasan_check_write+0x14/0x20
[  457.493655][ T4834]  user_path_at_empty+0x30/0x1c0
[  457.498609][ T4834]  __se_sys_mount+0x2e3/0x380
[  457.503309][ T4834]  ? __x64_sys_mount+0xd0/0xd0
[  457.508118][ T4834]  ? __cfi_ksys_write+0x10/0x10
[  457.513006][ T4834]  __x64_sys_mount+0xbf/0xd0
[  457.517634][ T4834]  x64_sys_call+0x65d/0x9a0
[  457.522161][ T4834]  do_syscall_64+0x4c/0xa0
[  457.526602][ T4834]  ? clear_bhb_loop+0x15/0x70
[  457.531296][ T4834]  ? clear_bhb_loop+0x15/0x70
[  457.535990][ T4834]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  457.541932][ T4834] RIP: 0033:0x7f537998e929
[  457.546362][ T4834] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  457.565985][ T4834] RSP: 002b:00007f537a8eb038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  457.573826][  T311] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected
[  457.574421][ T4834] RAX: ffffffffffffffda RBX: 00007f5379bb5fa0 RCX: 00007f537998e929
[  457.584264][  T628] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  457.589853][ T4834] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000000
[  457.589873][ T4834] RBP: 00007f537a8eb090 R08: 0000000000000000 R09: 0000000000000000
[  457.589886][ T4834] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  457.589898][ T4834] R13: 0000000000000000 R14: 00007f5379bb5fa0 R15: 00007ffef59adb58
[  457.589918][ T4834]  </TASK>
[  457.599619][  T311] usb 1-1: Detected FT232H
[  457.641291][  T628] ftdi_sio 2-1:0.0: device disconnected
[  457.696425][  T311] ftdi_sio ttyUSB1: Unable to read latency timer: -32
[  457.723578][ T4842] input: syz1 as /devices/virtual/input/input7
[  457.769174][ T4838] loop5: detected capacity change from 0 to 16
[  457.776264][ T4838] erofs: (device loop5): mounted with root inode @ nid 36.
[  457.785821][ T4838] overlayfs: missing 'workdir'
[  457.824503][   T28] audit: type=1326 audit(1750121632.698:2688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4843 comm="syz.1.1164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f537998e929 code=0x7ffc0000
[  457.855090][   T28] audit: type=1326 audit(1750121632.698:2689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4843 comm="syz.1.1164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f537998e929 code=0x7ffc0000
[  457.885680][   T28] audit: type=1326 audit(1750121632.698:2690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4843 comm="syz.1.1164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f537998e929 code=0x7ffc0000
[  457.909955][   T28] audit: type=1326 audit(1750121632.698:2691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4843 comm="syz.1.1164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f537998e929 code=0x7ffc0000
[  458.312459][ T4848] loop2: detected capacity change from 0 to 16
[  458.800210][ T4848] erofs: (device loop2): mounted with root inode @ nid 36.
[  458.875469][ T4849] overlayfs: missing 'workdir'
[  459.273422][ T4851] loop5: detected capacity change from 0 to 16
[  459.274591][  T311] ftdi_sio 1-1:0.0: GPIO initialisation failed: -71
[  459.280481][ T4851] erofs: Unknown parameter './cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'
[  459.411003][   T28] audit: type=1326 audit(1750121632.698:2692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4843 comm="syz.1.1164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f537998e929 code=0x7ffc0000
[  460.012217][  T311] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB1
[  460.024798][  T311] usb 1-1: USB disconnect, device number 20
[  460.031491][  T311] ftdi_sio ttyUSB1: FTDI USB Serial Device converter now disconnected from ttyUSB1
[  460.041074][  T311] ftdi_sio 1-1:0.0: device disconnected
[  460.078592][ T4855] mmap: syz.0.1167 (4855) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  460.085641][   T28] audit: type=1326 audit(1750121632.698:2693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4843 comm="syz.1.1164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f537998e929 code=0x7ffc0000
[  460.156299][   T28] audit: type=1326 audit(1750121632.698:2694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4843 comm="syz.1.1164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f537998e929 code=0x7ffc0000
[  460.376105][ T4861] loop4: detected capacity change from 0 to 16
[  460.377730][   T28] audit: type=1326 audit(1750121632.698:2695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4843 comm="syz.1.1164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f537998e929 code=0x7ffc0000
[  460.394244][ T4861] erofs: (device loop4): mounted with root inode @ nid 36.
[  460.805909][ T4861] overlayfs: missing 'workdir'
[  460.930104][ T4863] loop1: detected capacity change from 0 to 16
[  461.541046][ T4863] erofs: (device loop1): mounted with root inode @ nid 36.
[  461.577596][ T4863] overlayfs: missing 'workdir'
[  462.617369][   T28] audit: type=1326 audit(1750121632.698:2696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4843 comm="syz.1.1164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f537998e929 code=0x7ffc0000
[  462.678299][   T28] audit: type=1326 audit(1750121632.698:2697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4843 comm="syz.1.1164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f537998e929 code=0x7ffc0000
[  462.703477][ T4870] loop0: detected capacity change from 0 to 512
[  462.711606][   T28] audit: type=1326 audit(1750121632.698:2698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4843 comm="syz.1.1164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f537998e929 code=0x7ffc0000
[  462.840752][   T28] audit: type=1326 audit(1750121632.698:2699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4843 comm="syz.1.1164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f537998e929 code=0x7ffc0000
[  462.881170][ T4870] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.1172: bg 0: block 393: padding at end of block bitmap is not set
[  462.892754][   T28] audit: type=1326 audit(1750121632.698:2700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4843 comm="syz.1.1164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f537998e929 code=0x7ffc0000
[  462.924430][   T28] audit: type=1326 audit(1750121632.698:2701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4843 comm="syz.1.1164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f537998e929 code=0x7ffc0000
[  462.939327][ T4879] capability: warning: `syz.4.1173' uses 32-bit capabilities (legacy support in use)
[  462.948464][   T28] audit: type=1326 audit(1750121632.698:2702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4843 comm="syz.1.1164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f537998e929 code=0x7ffc0000
[  462.973510][ T4870] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  462.980751][   T28] audit: type=1326 audit(1750121632.698:2703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4843 comm="syz.1.1164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f537998e929 code=0x7ffc0000
[  463.000892][ T4882] input: syz1 as /devices/virtual/input/input8
[  463.013386][   T28] audit: type=1326 audit(1750121632.698:2704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4843 comm="syz.1.1164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f537998e929 code=0x7ffc0000
[  463.035897][ T4870] EXT4-fs (loop0): 2 truncates cleaned up
[  463.049373][   T28] audit: type=1326 audit(1750121632.698:2705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4843 comm="syz.1.1164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=203 compat=0 ip=0x7f537998e929 code=0x7ffc0000
[  463.065525][ T4870] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  463.082698][ T4878] fuse: Unknown parameter '0x0000000000000006'
[  463.195320][ T4866] loop5: detected capacity change from 0 to 40427
[  463.211077][ T4866] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  463.237230][ T4866] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  463.286418][ T4866] F2FS-fs (loop5): Found nat_bits in checkpoint
[  463.293966][ T4896] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  463.309601][ T4891] loop4: detected capacity change from 0 to 16
[  463.320127][ T4891] erofs: (device loop4): mounted with root inode @ nid 36.
[  463.329225][ T4891] overlayfs: missing 'workdir'
[  463.337576][ T4898] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1178'.
[  463.388083][  T286] EXT4-fs (loop0): unmounting filesystem.
[  463.425823][ T4866] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  463.434136][ T4866] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  463.485561][ T4903] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1178'.
[  464.438027][ T4909] FAULT_INJECTION: forcing a failure.
[  464.438027][ T4909] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  464.496176][ T4909] CPU: 0 PID: 4909 Comm: syz.4.1182 Not tainted 6.1.138-syzkaller-00009-g6246d345f550 #0
[  464.506054][ T4909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  464.516134][ T4909] Call Trace:
[  464.519429][ T4909]  <TASK>
[  464.522374][ T4909]  __dump_stack+0x21/0x24
[  464.526736][ T4909]  dump_stack_lvl+0xee/0x150
[  464.531357][ T4909]  ? __cfi_dump_stack_lvl+0x8/0x8
[  464.536418][ T4909]  dump_stack+0x15/0x24
[  464.540612][ T4909]  should_fail_ex+0x3d4/0x520
[  464.545318][ T4909]  should_fail+0xb/0x10
[  464.549500][ T4909]  should_fail_usercopy+0x1a/0x20
[  464.554552][ T4909]  _copy_from_user+0x1e/0xc0
[  464.559162][ T4909]  iovec_from_user+0x1aa/0x2e0
[  464.563959][ T4909]  __import_iovec+0x71/0x470
[  464.568585][ T4909]  import_iovec+0x7c/0xb0
[  464.572944][ T4909]  do_readv+0x1fe/0x3e0
[  464.577128][ T4909]  ? generic_file_rw_checks+0x2a0/0x2a0
[  464.582703][ T4909]  ? __kasan_check_write+0x14/0x20
[  464.587852][ T4909]  ? fput+0x154/0x1a0
[  464.591861][ T4909]  ? debug_smp_processor_id+0x17/0x20
[  464.597268][ T4909]  __x64_sys_readv+0x7d/0x90
[  464.601891][ T4909]  x64_sys_call+0x3bd/0x9a0
[  464.606424][ T4909]  do_syscall_64+0x4c/0xa0
[  464.610874][ T4909]  ? clear_bhb_loop+0x15/0x70
[  464.615570][ T4909]  ? clear_bhb_loop+0x15/0x70
[  464.620271][ T4909]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  464.626199][ T4909] RIP: 0033:0x7f64c938e929
[  464.630637][ T4909] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  464.650353][ T4909] RSP: 002b:00007f64ca1a9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[  464.658799][ T4909] RAX: ffffffffffffffda RBX: 00007f64c95b5fa0 RCX: 00007f64c938e929
[  464.666804][ T4909] RDX: 0000000000000001 RSI: 0000200000002a40 RDI: 0000000000000006
[  464.674810][ T4909] RBP: 00007f64ca1a9090 R08: 0000000000000000 R09: 0000000000000000
[  464.682813][ T4909] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  464.690813][ T4909] R13: 0000000000000000 R14: 00007f64c95b5fa0 R15: 00007ffced10d7e8
[  464.698852][ T4909]  </TASK>
[  464.700998][ T4903] loop2: detected capacity change from 0 to 40427
[  464.755831][ T4903] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  464.774454][ T4903] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  464.815974][ T4903] F2FS-fs (loop2): Unrecognized mount option "·" or missing value
[  465.586061][ T4922] loop1: detected capacity change from 0 to 16
[  465.610986][ T4922] erofs: (device loop1): mounted with root inode @ nid 36.
[  465.625027][ T4922] overlayfs: missing 'workdir'
[  465.925525][  T202] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  466.115511][  T202] usb 6-1: Using ep0 maxpacket: 32
[  466.303336][  T202] usb 6-1: config 0 has an invalid interface number: 2 but max is 0
[  466.324130][  T202] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  466.350871][  T202] usb 6-1: config 0 has no interface number 0
[  466.362399][  T202] usb 6-1: New USB device found, idVendor=086a, idProduct=0003, bcdDevice=f0.3f
[  466.367625][ T4931] loop1: detected capacity change from 0 to 512
[  466.375643][  T320] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  466.388552][  T202] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  466.415535][  T202] usb 6-1: Product: syz
[  466.606657][ T4931] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.1187: bg 0: block 393: padding at end of block bitmap is not set
[  466.624384][  T202] usb 6-1: Manufacturer: syz
[  466.629163][  T202] usb 6-1: SerialNumber: syz
[  466.636272][ T4931] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  466.645495][  T202] usb 6-1: config 0 descriptor??
[  466.665862][ T4931] EXT4-fs (loop1): 2 truncates cleaned up
[  466.671648][ T4931] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  466.715530][  T320] usb 5-1: Using ep0 maxpacket: 16
[  466.738598][  T283] EXT4-fs (loop1): unmounting filesystem.
[  466.801843][ T4937] fuse: Unknown parameter '0x0000000000000008'
[  466.827499][ T4940] FAULT_INJECTION: forcing a failure.
[  466.827499][ T4940] name failslab, interval 1, probability 0, space 0, times 0
[  466.840305][ T4940] CPU: 0 PID: 4940 Comm: syz.1.1189 Not tainted 6.1.138-syzkaller-00009-g6246d345f550 #0
[  466.850142][ T4940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  466.860222][ T4940] Call Trace:
[  466.863522][ T4940]  <TASK>
[  466.866490][ T4940]  __dump_stack+0x21/0x24
[  466.870854][ T4940]  dump_stack_lvl+0xee/0x150
[  466.875476][ T4940]  ? __cfi_dump_stack_lvl+0x8/0x8
[  466.880532][ T4940]  dump_stack+0x15/0x24
[  466.884724][ T4940]  should_fail_ex+0x3d4/0x520
[  466.889432][ T4940]  __should_failslab+0xac/0xf0
[  466.894212][ T4940]  ? kernfs_fop_write_iter+0x156/0x410
[  466.899694][ T4940]  should_failslab+0x9/0x20
[  466.904227][ T4940]  __kmem_cache_alloc_node+0x3d/0x2c0
[  466.909624][ T4940]  ? kernfs_fop_write_iter+0x156/0x410
[  466.915116][ T4940]  __kmalloc+0xa1/0x1e0
[  466.919301][ T4940]  kernfs_fop_write_iter+0x156/0x410
[  466.924617][ T4940]  vfs_write+0x5db/0xca0
[  466.928883][ T4940]  ? slab_free_freelist_hook+0xc2/0x190
[  466.934457][ T4940]  ? __cfi_vfs_write+0x10/0x10
[  466.939251][ T4940]  ? __cfi_mutex_lock+0x10/0x10
[  466.944125][ T4940]  ? __fdget_pos+0x2cd/0x380
[  466.948742][ T4940]  ? ksys_write+0x71/0x240
[  466.953187][ T4940]  ksys_write+0x140/0x240
[  466.957548][ T4940]  ? __cfi_ksys_write+0x10/0x10
[  466.962424][ T4940]  ? debug_smp_processor_id+0x17/0x20
[  466.967820][ T4940]  __x64_sys_write+0x7b/0x90
[  466.972527][ T4940]  x64_sys_call+0x27b/0x9a0
[  466.977055][ T4940]  do_syscall_64+0x4c/0xa0
[  466.981503][ T4940]  ? clear_bhb_loop+0x15/0x70
[  466.986196][ T4940]  ? clear_bhb_loop+0x15/0x70
[  466.990889][ T4940]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  466.996809][ T4940] RIP: 0033:0x7f537998e929
[  467.001242][ T4940] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  467.020862][ T4940] RSP: 002b:00007f537a8ca038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  467.029299][ T4940] RAX: ffffffffffffffda RBX: 00007f5379bb6080 RCX: 00007f537998e929
[  467.037286][ T4940] RDX: 0000000000000012 RSI: 0000200000000040 RDI: 000000000000000c
[  467.045275][ T4940] RBP: 00007f537a8ca090 R08: 0000000000000000 R09: 0000000000000000
[  467.053268][ T4940] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  467.061267][ T4940] R13: 0000000000000000 R14: 00007f5379bb6080 R15: 00007ffef59adb58
[  467.069269][ T4940]  </TASK>
[  467.149632][  T202] snd-usb-audio: probe of 6-1:0.2 failed with error -2
[  467.192196][ T4082] udevd[4082]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.2/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  467.304804][ T4942] loop2: detected capacity change from 0 to 40427
[  467.311925][ T4942] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  467.319720][ T4942] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  467.356315][ T4942] F2FS-fs (loop2): Found nat_bits in checkpoint
[  467.401447][ T4942] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  467.408633][ T4942] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  467.637625][   T28] kauditd_printk_skb: 67 callbacks suppressed
[  467.637642][   T28] audit: type=1326 audit(1750121642.588:2773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4952 comm="syz.1.1193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f537998e929 code=0x7ffc0000
[  467.672193][ T4951] loop0: detected capacity change from 0 to 16
[  467.673099][   T28] audit: type=1326 audit(1750121642.618:2774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4952 comm="syz.1.1193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f537998e929 code=0x7ffc0000
[  467.703234][ T4951] erofs: (device loop0): mounted with root inode @ nid 36.
[  467.712654][ T4951] overlayfs: missing 'workdir'
[  467.732849][   T28] audit: type=1326 audit(1750121642.618:2775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4952 comm="syz.1.1193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f537998e929 code=0x7ffc0000
[  467.763659][   T28] audit: type=1326 audit(1750121642.618:2776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4952 comm="syz.1.1193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f537998e929 code=0x7ffc0000
[  467.806405][   T28] audit: type=1326 audit(1750121642.618:2777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4952 comm="syz.1.1193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f537998e929 code=0x7ffc0000
[  467.836884][ T4955] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  467.944971][   T28] audit: type=1326 audit(1750121642.618:2778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4952 comm="syz.1.1193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f537998e929 code=0x7ffc0000
[  468.018187][   T28] audit: type=1326 audit(1750121642.618:2779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4952 comm="syz.1.1193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f537998e929 code=0x7ffc0000
[  468.135895][   T28] audit: type=1326 audit(1750121642.618:2780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4952 comm="syz.1.1193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f537998e929 code=0x7ffc0000
[  468.189772][   T28] audit: type=1326 audit(1750121642.618:2781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4952 comm="syz.1.1193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f537998e929 code=0x7ffc0000
[  468.213686][   T28] audit: type=1326 audit(1750121642.618:2782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4952 comm="syz.1.1193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f537998e929 code=0x7ffc0000
[  468.227329][ T4955] device veth0_vlan left promiscuous mode
[  468.294702][ T4955] device veth0_vlan entered promiscuous mode
[  468.326844][ T1255] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  468.339491][ T1255] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  468.355397][ T1255] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  468.393855][ T1255] bridge0: port 1(bridge_slave_0) entered blocking state
[  468.401025][ T1255] bridge0: port 1(bridge_slave_0) entered forwarding state
[  468.417882][  T320] usb 5-1: unable to get BOS descriptor or descriptor too short
[  468.428108][  T320] usb 5-1: unable to read config index 0 descriptor/start: -71
[  468.436932][ T1255] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  468.446142][  T320] usb 5-1: can't read configurations, error -71
[  468.449357][ T1255] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  468.461804][ T1255] bridge0: port 2(bridge_slave_1) entered blocking state
[  468.468970][ T1255] bridge0: port 2(bridge_slave_1) entered forwarding state
[  468.482218][ T1255] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  468.490771][ T1255] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[  468.499722][ T1255] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  468.508136][ T1255] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  468.516427][ T1255] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  468.524670][ T1255] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  468.533410][ T1255] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  468.541716][ T1255] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  468.550181][ T1255] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  468.559130][ T1255] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  468.567627][ T1255] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  468.576089][ T1255] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  468.584286][ T1255] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  468.592479][ T1255] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  468.600675][ T1255] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  468.608893][ T1255] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  468.623467][ T1255] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  468.633084][ T1255] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  468.645089][ T1255] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  468.653473][ T1255] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  468.661466][ T1255] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  468.669176][ T1255] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  468.751987][ T3389] usb 6-1: USB disconnect, device number 2
[  468.776975][ T4965] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  468.787100][ T4965] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[  468.813913][ T4965] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[  468.822585][ T4965] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready
[  468.830704][ T4965] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[  468.860675][ T4974] loop5: detected capacity change from 0 to 16
[  468.868216][ T4974] erofs: (device loop5): mounted with root inode @ nid 36.
[  468.874271][ T4965] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[  468.890498][ T4965] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[  468.927564][ T4965] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  469.499029][ T4980] loop1: detected capacity change from 0 to 16
[  469.508703][ T4980] erofs: (device loop1): mounted with root inode @ nid 36.
[  469.536860][ T4980] overlayfs: missing 'workdir'
[  470.724702][ T4993] overlayfs: missing 'lowerdir'
[  470.732862][ T4995] syz.2.1203 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  471.046929][ T4996] fuse: Unknown parameter '0x0000000000000008'
[  471.163871][ T4993] loop0: detected capacity change from 0 to 131072
[  471.176714][ T4993] F2FS-fs (loop0): Test dummy encryption mode enabled
[  471.194194][ T5003] tap0: tun_chr_ioctl cmd 2148553947
[  471.206456][ T4993] F2FS-fs (loop0): invalid crc value
[  471.214645][ T4993] F2FS-fs (loop0): Found nat_bits in checkpoint
[  471.253429][ T4993] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  471.262015][ T4999] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1204'.
[  471.339741][ T5012] loop2: detected capacity change from 0 to 16
[  471.347330][ T5012] erofs: (device loop2): mounted with root inode @ nid 36.
[  471.356783][ T5012] overlayfs: missing 'workdir'
[  471.981814][ T5022] loop1: detected capacity change from 0 to 16
[  471.991415][ T5022] erofs: (device loop1): mounted with root inode @ nid 36.
[  472.019819][ T5022] overlayfs: missing 'workdir'
[  472.335749][  T490] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  472.575560][  T490] usb 6-1: Using ep0 maxpacket: 16
[  472.943235][ T3389] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  473.088347][ T5031] loop0: detected capacity change from 0 to 512
[  473.229267][ T5031] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  473.232502][ T3389] usb 3-1: Using ep0 maxpacket: 16
[  473.249561][ T3389] usb 3-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[  473.259256][ T3389] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  473.267541][ T3389] usb 3-1: Product: syz
[  473.345527][ T3389] usb 3-1: Manufacturer: syz
[  473.350408][ T3389] usb 3-1: SerialNumber: syz
[  473.528381][ T5035] FAULT_INJECTION: forcing a failure.
[  473.528381][ T5035] name failslab, interval 1, probability 0, space 0, times 0
[  473.541186][ T5035] CPU: 1 PID: 5035 Comm: syz.1.1215 Not tainted 6.1.138-syzkaller-00009-g6246d345f550 #0
[  473.551014][ T5035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  473.561089][ T5035] Call Trace:
[  473.564376][ T5035]  <TASK>
[  473.567320][ T5035]  __dump_stack+0x21/0x24
[  473.571701][ T5035]  dump_stack_lvl+0xee/0x150
[  473.576315][ T5035]  ? __cfi_dump_stack_lvl+0x8/0x8
[  473.581360][ T5035]  ? kasan_check_range+0x11/0x290
[  473.586404][ T5035]  dump_stack+0x15/0x24
[  473.590580][ T5035]  should_fail_ex+0x3d4/0x520
[  473.595271][ T5035]  ? getname_flags+0xb9/0x500
[  473.599967][ T5035]  __should_failslab+0xac/0xf0
[  473.604752][ T5035]  should_failslab+0x9/0x20
[  473.609279][ T5035]  kmem_cache_alloc+0x3b/0x330
[  473.614059][ T5035]  ? __switch_to_asm+0x3a/0x60
[  473.618853][ T5035]  getname_flags+0xb9/0x500
[  473.623380][ T5035]  user_path_at_empty+0x30/0x1c0
[  473.628343][ T5035]  ? do_fchownat+0xdc/0x270
[  473.632859][ T5035]  do_fchownat+0x108/0x270
[  473.637291][ T5035]  ? __cfi_do_fchownat+0x10/0x10
[  473.642253][ T5035]  ? fpregs_restore_userregs+0x128/0x260
[  473.647920][ T5035]  __x64_sys_lchown+0x85/0x90
[  473.652634][ T5035]  x64_sys_call+0x951/0x9a0
[  473.657174][ T5035]  do_syscall_64+0x4c/0xa0
[  473.661714][ T5035]  ? clear_bhb_loop+0x15/0x70
[  473.666424][ T5035]  ? clear_bhb_loop+0x15/0x70
[  473.671130][ T5035]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  473.677058][ T5035] RIP: 0033:0x7f537998e929
[  473.681492][ T5035] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  473.701116][ T5035] RSP: 002b:00007f537a8a9038 EFLAGS: 00000246 ORIG_RAX: 000000000000005e
[  473.709558][ T5035] RAX: ffffffffffffffda RBX: 00007f5379bb6160 RCX: 00007f537998e929
[  473.717561][ T5035] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000040
[  473.725563][ T5035] RBP: 00007f537a8a9090 R08: 0000000000000000 R09: 0000000000000000
[  473.733559][ T5035] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  473.741540][ T5035] R13: 0000000000000000 R14: 00007f5379bb6160 R15: 00007ffef59adb58
[  473.749552][ T5035]  </TASK>
[  473.756946][ T3389] usb 3-1: config 0 descriptor??
[  473.764476][ T3389] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected
[  473.772662][ T3389] usb 3-1: Detected FT232H
[  473.777659][ T5031] syz.0.1209[5031] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  473.777781][ T5031] syz.0.1209[5031] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  473.794529][ T5031] loop0: detected capacity change from 0 to 512
[  473.804476][   T28] kauditd_printk_skb: 28 callbacks suppressed
[  473.804500][   T28] audit: type=1400 audit(1750121648.668:2811): avc:  denied  { append } for  pid=5030 comm="syz.0.1209" name="loop1" dev="devtmpfs" ino=119 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  473.865262][ T5031] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  473.963401][  T286] EXT4-fs (loop0): unmounting filesystem.
[  473.965516][ T3389] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  474.017362][  T490] usb 6-1: unable to get BOS descriptor or descriptor too short
[  474.036377][  T490] usb 6-1: unable to read config index 0 descriptor/start: -71
[  474.046676][  T490] usb 6-1: can't read configurations, error -71
[  474.314994][ T5043] loop0: detected capacity change from 0 to 40427
[  474.328497][ T5043] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  474.349992][ T5043] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  474.380938][ T5043] F2FS-fs (loop0): Found nat_bits in checkpoint
[  474.408516][ T3389] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  474.449559][ T5043] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  474.461137][ T5043] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  474.585513][  T342] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  474.679581][ T3389] usb 3-1: USB disconnect, device number 12
[  474.688601][ T3389] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  474.705680][ T3389] ftdi_sio 3-1:0.0: device disconnected
[  474.775834][  T342] usb 5-1: Using ep0 maxpacket: 8
[  474.782115][  T342] usb 5-1: config 179 has an invalid interface number: 65 but max is 0
[  474.801204][  T342] usb 5-1: config 179 has no interface number 0
[  474.813320][  T342] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[  474.824958][  T342] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[  474.836682][  T342] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[  474.847056][  T342] usb 5-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  474.860686][  T342] usb 5-1: config 179 interface 65 has no altsetting 0
[  474.876727][  T342] usb 5-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  474.894722][ T5058] fuse: Unknown parameter '0x0000000000000008'
[  474.913883][  T342] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  475.553023][   T28] audit: type=1400 audit(1750121650.498:2812): avc:  denied  { setattr } for  pid=5050 comm="syz.4.1219" name="file0" dev="overlay" ino=1401 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  475.796689][  T628] usb 5-1: USB disconnect, device number 14
[  475.832225][ T5078] FAULT_INJECTION: forcing a failure.
[  475.832225][ T5078] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  475.848312][ T5078] CPU: 1 PID: 5078 Comm: syz.2.1224 Not tainted 6.1.138-syzkaller-00009-g6246d345f550 #0
[  475.858165][ T5078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  475.868242][ T5078] Call Trace:
[  475.871538][ T5078]  <TASK>
[  475.874478][ T5078]  __dump_stack+0x21/0x24
[  475.878856][ T5078]  dump_stack_lvl+0xee/0x150
[  475.883463][ T5078]  ? __cfi_dump_stack_lvl+0x8/0x8
[  475.888534][ T5078]  dump_stack+0x15/0x24
[  475.892723][ T5078]  should_fail_ex+0x3d4/0x520
[  475.897441][ T5078]  should_fail+0xb/0x10
[  475.901709][ T5078]  should_fail_usercopy+0x1a/0x20
[  475.906759][ T5078]  _copy_from_user+0x1e/0xc0
[  475.911374][ T5078]  __x64_sys_epoll_ctl+0x123/0x1a0
[  475.916505][ T5078]  ? __cfi___x64_sys_epoll_ctl+0x10/0x10
[  475.922151][ T5078]  ? __kasan_check_write+0x14/0x20
[  475.927288][ T5078]  x64_sys_call+0x839/0x9a0
[  475.931810][ T5078]  do_syscall_64+0x4c/0xa0
[  475.936246][ T5078]  ? clear_bhb_loop+0x15/0x70
[  475.940948][ T5078]  ? clear_bhb_loop+0x15/0x70
[  475.945642][ T5078]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  475.951559][ T5078] RIP: 0033:0x7fa42c18e929
[  475.955987][ T5078] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  475.975611][ T5078] RSP: 002b:00007fa42cf2d038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  475.984054][ T5078] RAX: ffffffffffffffda RBX: 00007fa42c3b6080 RCX: 00007fa42c18e929
[  475.992057][ T5078] RDX: 0000000000000008 RSI: 0000000000000003 RDI: 0000000000000007
[  475.999872][ T5070] netlink: 'syz.1.1223': attribute type 1 has an invalid length.
[  476.000052][ T5078] RBP: 00007fa42cf2d090 R08: 0000000000000000 R09: 0000000000000000
[  476.015752][ T5078] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  476.023746][ T5078] R13: 0000000000000001 R14: 00007fa42c3b6080 R15: 00007ffce77035e8
[  476.031821][ T5078]  </TASK>
[  476.035283][ T5071] loop5: detected capacity change from 0 to 16
[  476.060565][ T5071] erofs: (device loop5): mounted with root inode @ nid 36.
[  476.115618][ T5071] overlayfs: missing 'workdir'
[  477.509849][ T5085] loop1: detected capacity change from 0 to 1024
[  477.542927][ T5085] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  477.622969][ T5085] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  477.635812][ T5085] ext4 filesystem being mounted at /236/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  477.702153][ T5103] loop4: detected capacity change from 0 to 16
[  477.776743][ T5103] erofs: (device loop4): mounted with root inode @ nid 36.
[  477.833398][ T5103] overlayfs: missing 'workdir'
[  478.729540][ T5093] loop2: detected capacity change from 0 to 40427
[  478.749795][ T5096] fuse: Unknown parameter '0x0000000000000008'
[  478.756919][ T5093] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  478.764809][ T5093] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  478.842165][  T283] EXT4-fs (loop1): unmounting filesystem.
[  478.915953][ T5093] F2FS-fs (loop2): Found nat_bits in checkpoint
[  479.350202][ T5093] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  479.357817][ T5093] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  479.499934][ T3389] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  479.705565][ T3389] usb 2-1: Using ep0 maxpacket: 32
[  479.712831][ T3389] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  480.497420][ T3389] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  480.515791][ T3389] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  480.604832][ T3389] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  480.698849][ T3389] usb 2-1: config 0 descriptor??
[  480.705964][ T3389] hub 2-1:0.0: USB hub found
[  480.740923][ T5124] incfs: Can't find or create .index dir in ./file0
[  480.752194][ T5124] incfs: mount failed -14
[  480.850548][   T28] audit: type=1400 audit(1750121655.798:2813): avc:  denied  { setopt } for  pid=5131 comm="syz.4.1243" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  480.871917][   T28] audit: type=1400 audit(1750121655.818:2814): avc:  denied  { write } for  pid=5131 comm="syz.4.1243" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  480.891847][   T28] audit: type=1400 audit(1750121655.818:2815): avc:  denied  { write } for  pid=5131 comm="syz.4.1243" name="nf_conntrack" dev="proc" ino=4026532496 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  480.905071][ T3389] hub 2-1:0.0: 1 port detected
[  480.970889][ T5136] loop0: detected capacity change from 0 to 16
[  480.985987][ T5136] erofs: (device loop0): mounted with root inode @ nid 36.
[  481.000808][ T5136] FAULT_INJECTION: forcing a failure.
[  481.000808][ T5136] name failslab, interval 1, probability 0, space 0, times 0
[  481.070615][ T5136] CPU: 1 PID: 5136 Comm: syz.0.1244 Not tainted 6.1.138-syzkaller-00009-g6246d345f550 #0
[  481.080490][ T5136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  481.090575][ T5136] Call Trace:
[  481.093881][ T5136]  <TASK>
[  481.096833][ T5136]  __dump_stack+0x21/0x24
[  481.096942][ T5140] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  481.101200][ T5136]  dump_stack_lvl+0xee/0x150
[  481.110874][ T5140] erofs: (device loop0): z_erofs_read_folio: failed to read, err [-117]
[  481.115111][ T5136]  ? __cfi_dump_stack_lvl+0x8/0x8
[  481.128533][ T5136]  ? __kasan_check_write+0x14/0x20
[  481.133655][ T5136]  dump_stack+0x15/0x24
[  481.137813][ T5136]  should_fail_ex+0x3d4/0x520
[  481.142495][ T5136]  ? getname_flags+0xb9/0x500
[  481.147178][ T5136]  __should_failslab+0xac/0xf0
[  481.151958][ T5136]  should_failslab+0x9/0x20
[  481.156463][ T5136]  kmem_cache_alloc+0x3b/0x330
[  481.161231][ T5136]  getname_flags+0xb9/0x500
[  481.165736][ T5136]  ? debug_smp_processor_id+0x17/0x20
[  481.171129][ T5136]  __x64_sys_mkdirat+0x7c/0xa0
[  481.175898][ T5136]  x64_sys_call+0x73d/0x9a0
[  481.180425][ T5136]  do_syscall_64+0x4c/0xa0
[  481.184882][ T5136]  ? clear_bhb_loop+0x15/0x70
[  481.189580][ T5136]  ? clear_bhb_loop+0x15/0x70
[  481.194278][ T5136]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  481.200206][ T5136] RIP: 0033:0x7f9603b8e929
[  481.204634][ T5136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  481.224367][ T5136] RSP: 002b:00007f9604a14038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  481.232815][ T5136] RAX: ffffffffffffffda RBX: 00007f9603db5fa0 RCX: 00007f9603b8e929
[  481.240810][ T5136] RDX: 0000000000000000 RSI: 0000200000002040 RDI: ffffffffffffff9c
[  481.248802][ T5136] RBP: 00007f9604a14090 R08: 0000000000000000 R09: 0000000000000000
[  481.256794][ T5136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  481.264781][ T5136] R13: 0000000000000000 R14: 00007f9603db5fa0 R15: 00007ffdaae6c618
[  481.272782][ T5136]  </TASK>
[  481.281042][ T5142] loop2: detected capacity change from 0 to 16
[  481.306428][ T5142] erofs: (device loop2): mounted with root inode @ nid 36.
[  481.366192][ T5139] overlayfs: missing 'workdir'
[  481.613907][ T5145] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1245'.
[  481.755398][ T5146] loop4: detected capacity change from 0 to 1024
[  481.778471][ T3389] hub 2-1:0.0: activate --> -90
[  482.314686][ T5146] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  482.418409][ T5149] loop5: detected capacity change from 0 to 16
[  482.437364][ T5149] erofs: (device loop5): mounted with root inode @ nid 36.
[  482.451317][ T5146] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  482.464902][   T28] audit: type=1400 audit(1750121657.408:2816): avc:  denied  { mount } for  pid=5111 comm="syz.1.1235" name="/" dev="ramfs" ino=30059 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  482.488423][ T5146] ext4 filesystem being mounted at /240/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  482.498121][  T320] usb 2-1: USB disconnect, device number 8
[  482.527480][ T5156] loop0: detected capacity change from 0 to 128
[  482.534940][ T5149] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  482.545142][ T5149] erofs: (device loop5): z_erofs_read_folio: failed to read, err [-117]
[  482.560107][  T287] EXT4-fs (loop4): unmounting filesystem.
[  482.562979][ T5149] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  482.576905][ T5158] loop2: detected capacity change from 0 to 16
[  482.583275][ T5149] erofs: (device loop5): z_erofs_read_folio: failed to read, err [-117]
[  482.592076][ T5158] erofs: (device loop2): mounted with root inode @ nid 36.
[  482.608294][ T5160] loop4: detected capacity change from 0 to 512
[  482.624429][ T5156] bio_check_eod: 28452 callbacks suppressed
[  482.624448][ T5156] syz.0.1249: attempt to access beyond end of device
[  482.624448][ T5156] loop0: rw=2049, sector=145, nr_sectors = 896 limit=128
[  482.634959][ T5158] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  482.658344][ T5156] syz.0.1249: attempt to access beyond end of device
[  482.658344][ T5156] loop0: rw=524288, sector=145, nr_sectors = 224 limit=128
[  482.673853][ T5156] syz.0.1249: attempt to access beyond end of device
[  482.673853][ T5156] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[  482.682962][ T5158] erofs: (device loop2): z_erofs_read_folio: failed to read, err [-117]
[  482.694615][ T5156] syz.0.1249: attempt to access beyond end of device
[  482.694615][ T5156] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[  482.705788][ T5160] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.1250: bg 0: block 393: padding at end of block bitmap is not set
[  482.716620][ T5156] syz.0.1249: attempt to access beyond end of device
[  482.716620][ T5156] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[  482.736898][ T3389] usb 2-1-port1: config error
[  482.742807][ T5156] syz.0.1249: attempt to access beyond end of device
[  482.742807][ T5156] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[  482.755885][ T5160] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  482.758082][ T5156] syz.0.1249: attempt to access beyond end of device
[  482.758082][ T5156] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[  482.769578][ T5160] EXT4-fs (loop4): 2 truncates cleaned up
[  482.778134][ T5156] syz.0.1249: attempt to access beyond end of device
[  482.778134][ T5156] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[  482.797224][ T5156] syz.0.1249: attempt to access beyond end of device
[  482.797224][ T5156] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[  482.810980][ T5156] syz.0.1249: attempt to access beyond end of device
[  482.810980][ T5156] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[  482.827197][ T5160] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  482.996833][  T287] EXT4-fs (loop4): unmounting filesystem.
[  483.031859][   T28] audit: type=1400 audit(1750121657.978:2817): avc:  denied  { unmount } for  pid=283 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  483.107000][ T5180] loop1: detected capacity change from 0 to 128
[  483.135041][ T5181] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  483.165664][ T5183] loop5: detected capacity change from 0 to 1024
[  483.210442][ T5183] EXT4-fs: Ignoring removed nomblk_io_submit option
[  483.230013][ T5183] ext4: Unknown parameter 'fowner'
[  484.159754][ T5194] loop2: detected capacity change from 0 to 1024
[  484.173166][ T5194] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  484.214539][ T5194] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  484.234695][ T5194] ext4 filesystem being mounted at /263/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  484.261536][  T285] EXT4-fs (loop2): unmounting filesystem.
[  484.280463][ T5200] loop0: detected capacity change from 0 to 128
[  484.312492][ T5203] loop2: detected capacity change from 0 to 512
[  484.324483][ T5200] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  484.336581][ T5205] netlink: 168 bytes leftover after parsing attributes in process `syz.1.1264'.
[  484.347131][ T5200] ext4 filesystem being mounted at /240/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  484.365499][  T628] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  484.389197][ T5203] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  484.399732][ T5203] ext4 filesystem being mounted at /264/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  484.507937][ T5212] input: syz1 as /devices/virtual/input/input17
[  484.521887][ T5214] loop1: detected capacity change from 0 to 512
[  484.538794][ T5216] loop4: detected capacity change from 0 to 512
[  484.549664][ T5214] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  484.557011][  T628] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  484.559950][ T5214] ext4 filesystem being mounted at /241/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  484.644379][ T5216] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  484.672656][ T5216] ext4 filesystem being mounted at /244/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  484.807519][  T628] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  484.821864][  T628] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  484.835210][  T628] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  484.851773][  T628] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  484.860921][  T628] usb 6-1: config 0 descriptor??
[  484.938250][  T287] EXT4-fs (loop4): unmounting filesystem.
[  485.017226][ T5227] FAULT_INJECTION: forcing a failure.
[  485.017226][ T5227] name failslab, interval 1, probability 0, space 0, times 0
[  485.029954][ T5227] CPU: 1 PID: 5227 Comm: syz.1.1267 Not tainted 6.1.138-syzkaller-00009-g6246d345f550 #0
[  485.039795][ T5227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  485.049872][ T5227] Call Trace:
[  485.053170][ T5227]  <TASK>
[  485.056115][ T5227]  __dump_stack+0x21/0x24
[  485.060471][ T5227]  dump_stack_lvl+0xee/0x150
[  485.065081][ T5227]  ? __cfi_dump_stack_lvl+0x8/0x8
[  485.070128][ T5227]  ? __kasan_check_read+0x11/0x20
[  485.075182][ T5227]  dump_stack+0x15/0x24
[  485.079360][ T5227]  should_fail_ex+0x3d4/0x520
[  485.084064][ T5227]  ? getname_flags+0xb9/0x500
[  485.088761][ T5227]  __should_failslab+0xac/0xf0
[  485.093554][ T5227]  should_failslab+0x9/0x20
[  485.098090][ T5227]  kmem_cache_alloc+0x3b/0x330
[  485.102874][ T5227]  getname_flags+0xb9/0x500
[  485.107399][ T5227]  ? fpregs_restore_userregs+0x128/0x260
[  485.113060][ T5227]  __x64_sys_mkdir+0x5f/0x80
[  485.117668][ T5227]  x64_sys_call+0x966/0x9a0
[  485.122193][ T5227]  do_syscall_64+0x4c/0xa0
[  485.126630][ T5227]  ? clear_bhb_loop+0x15/0x70
[  485.131319][ T5227]  ? clear_bhb_loop+0x15/0x70
[  485.136012][ T5227]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  485.141955][ T5227] RIP: 0033:0x7f537998e929
[  485.146393][ T5227] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  485.166020][ T5227] RSP: 002b:00007f537a8a9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  485.174470][ T5227] RAX: ffffffffffffffda RBX: 00007f5379bb6160 RCX: 00007f537998e929
[  485.182469][ T5227] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000240
[  485.190489][ T5227] RBP: 00007f537a8a9090 R08: 0000000000000000 R09: 0000000000000000
[  485.198481][ T5227] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  485.206472][ T5227] R13: 0000000000000000 R14: 00007f5379bb6160 R15: 00007ffef59adb58
[  485.214473][ T5227]  </TASK>
[  485.222252][  T286] EXT4-fs (loop0): unmounting filesystem.
[  485.260845][  T285] EXT4-fs (loop2): unmounting filesystem.
[  485.341972][  T628] plantronics 0003:047F:FFFF.0007: collection stack underflow
[  485.386977][  T283] EXT4-fs (loop1): unmounting filesystem.
[  485.398830][  T628] plantronics 0003:047F:FFFF.0007: item 0 4 0 12 parsing failed
[  485.469660][ T5239] loop4: detected capacity change from 0 to 16
[  485.479233][ T5239] erofs: (device loop4): mounted with root inode @ nid 36.
[  485.528539][ T5239] overlayfs: missing 'workdir'
[  485.745067][ T5237] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  485.786095][ T5238] loop1: detected capacity change from 0 to 512
[  485.956338][ T5238] EXT4-fs (loop1): failed to initialize system zone (-117)
[  486.010634][ T5243] loop2: detected capacity change from 0 to 512
[  486.022943][ T5238] EXT4-fs (loop1): mount failed
[  486.035610][ T5237] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[  486.530319][ T5243] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  486.548372][ T5247] loop5: detected capacity change from 0 to 512
[  486.554872][ T5243] ext4 filesystem being mounted at /266/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  486.610105][  T628] plantronics 0003:047F:FFFF.0007: parse failed
[  486.616483][  T628] plantronics: probe of 0003:047F:FFFF.0007 failed with error -22
[  486.626057][  T628] usb 6-1: USB disconnect, device number 5
[  486.637027][ T5237] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[  486.666549][ T5237] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready
[  486.674189][ T5237] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[  486.682213][ T5237] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[  486.690371][ T5237] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[  486.698956][ T5237] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  486.998091][ T5248] fuse: Bad value for 'fd'
[  487.003657][   T28] audit: type=1400 audit(1750121661.948:2818): avc:  denied  { remount } for  pid=5236 comm="syz.1.1273" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  487.094105][ T5247] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  487.108128][ T5247] ext4 filesystem being mounted at /33/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  487.206930][ T5262] FAULT_INJECTION: forcing a failure.
[  487.206930][ T5262] name failslab, interval 1, probability 0, space 0, times 0
[  487.219810][ T5262] CPU: 1 PID: 5262 Comm: syz.2.1274 Not tainted 6.1.138-syzkaller-00009-g6246d345f550 #0
[  487.229654][ T5262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  487.239729][ T5262] Call Trace:
[  487.243020][ T5262]  <TASK>
[  487.245961][ T5262]  __dump_stack+0x21/0x24
[  487.250322][ T5262]  dump_stack_lvl+0xee/0x150
[  487.254943][ T5262]  ? __cfi_dump_stack_lvl+0x8/0x8
[  487.259991][ T5262]  ? finish_task_switch+0x16b/0x7b0
[  487.265207][ T5262]  ? __switch_to_asm+0x3a/0x60
[  487.269991][ T5262]  dump_stack+0x15/0x24
[  487.274171][ T5262]  should_fail_ex+0x3d4/0x520
[  487.278865][ T5262]  ? getname_flags+0xb9/0x500
[  487.283564][ T5262]  __should_failslab+0xac/0xf0
[  487.288348][ T5262]  should_failslab+0x9/0x20
[  487.292873][ T5262]  kmem_cache_alloc+0x3b/0x330
[  487.297654][ T5262]  getname_flags+0xb9/0x500
[  487.302174][ T5262]  ? fpregs_restore_userregs+0x128/0x260
[  487.307823][ T5262]  __x64_sys_mkdir+0x5f/0x80
[  487.312432][ T5262]  x64_sys_call+0x966/0x9a0
[  487.316951][ T5262]  do_syscall_64+0x4c/0xa0
[  487.321388][ T5262]  ? clear_bhb_loop+0x15/0x70
[  487.326078][ T5262]  ? clear_bhb_loop+0x15/0x70
[  487.330770][ T5262]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  487.336692][ T5262] RIP: 0033:0x7fa42c18e929
[  487.341136][ T5262] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  487.360850][ T5262] RSP: 002b:00007fa42bfff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  487.369283][ T5262] RAX: ffffffffffffffda RBX: 00007fa42c3b6160 RCX: 00007fa42c18e929
[  487.377276][ T5262] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00002000000004c0
[  487.385260][ T5262] RBP: 00007fa42bfff090 R08: 0000000000000000 R09: 0000000000000000
[  487.393247][ T5262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  487.401258][ T5262] R13: 0000000000000000 R14: 00007fa42c3b6160 R15: 00007ffce77035e8
[  487.409247][ T5262]  </TASK>
[  487.445185][ T5267] loop1: detected capacity change from 0 to 128
[  487.618751][ T5270] overlayfs: missing 'lowerdir'
[  487.644570][  T285] EXT4-fs (loop2): unmounting filesystem.
[  487.819394][ T5267] bio_check_eod: 20248 callbacks suppressed
[  487.819417][ T5267] syz.1.1279: attempt to access beyond end of device
[  487.819417][ T5267] loop1: rw=2049, sector=145, nr_sectors = 896 limit=128
[  487.852213][ T4496] EXT4-fs (loop5): unmounting filesystem.
[  487.884113][ T5267] syz.1.1279: attempt to access beyond end of device
[  487.884113][ T5267] loop1: rw=524288, sector=145, nr_sectors = 224 limit=128
[  487.899059][ T5267] syz.1.1279: attempt to access beyond end of device
[  487.899059][ T5267] loop1: rw=0, sector=145, nr_sectors = 8 limit=128
[  487.914586][ T5276] loop5: detected capacity change from 0 to 512
[  487.915359][ T5267] syz.1.1279: attempt to access beyond end of device
[  487.915359][ T5267] loop1: rw=0, sector=145, nr_sectors = 8 limit=128
[  487.938107][ T5267] syz.1.1279: attempt to access beyond end of device
[  487.938107][ T5267] loop1: rw=0, sector=145, nr_sectors = 8 limit=128
[  487.959729][ T5277] syz.1.1279: attempt to access beyond end of device
[  487.959729][ T5277] loop1: rw=0, sector=145, nr_sectors = 8 limit=128
[  487.974086][ T5267] syz.1.1279: attempt to access beyond end of device
[  487.974086][ T5267] loop1: rw=0, sector=145, nr_sectors = 8 limit=128
[  487.988788][ T5277] syz.1.1279: attempt to access beyond end of device
[  487.988788][ T5277] loop1: rw=0, sector=145, nr_sectors = 8 limit=128
[  488.028422][ T5281] loop2: detected capacity change from 0 to 512
[  488.134133][ T5267] syz.1.1279: attempt to access beyond end of device
[  488.134133][ T5267] loop1: rw=0, sector=145, nr_sectors = 8 limit=128
[  488.196718][ T5279] device pim6reg1 entered promiscuous mode
[  488.218123][ T5276] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  488.234159][ T5281] EXT4-fs error (device loop2): ext4_do_update_inode:5255: inode #3: comm syz.2.1281: corrupted inode contents
[  488.248371][ T5281] EXT4-fs error (device loop2): ext4_dirty_inode:6120: inode #3: comm syz.2.1281: mark_inode_dirty error
[  488.262579][ T5281] EXT4-fs error (device loop2): ext4_do_update_inode:5255: inode #3: comm syz.2.1281: corrupted inode contents
[  488.275111][ T5281] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #3: comm syz.2.1281: mark_inode_dirty error
[  488.288655][ T5281] Quota error (device loop2): write_blk: dquota write failed
[  488.296311][ T5281] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  488.306387][ T5281] EXT4-fs error (device loop2): ext4_acquire_dquot:6789: comm syz.2.1281: Failed to acquire dquot type 0
[  488.322784][ T5281] EXT4-fs (loop2): 1 orphan inode deleted
[  488.328660][ T5281] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  488.338788][  T304] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  488.349647][ T5281] ext4 filesystem being mounted at /267/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  488.470949][  T304] EXT4-fs error (device loop2): ext4_release_dquot:6825: comm kworker/u4:3: Failed to release dquot type 1
[  488.485170][ T5276] ext4 filesystem being mounted at /34/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  489.112326][ T5267] syz.1.1279: attempt to access beyond end of device
[  489.112326][ T5267] loop1: rw=0, sector=145, nr_sectors = 8 limit=128
[  489.230167][  T285] EXT4-fs (loop2): unmounting filesystem.
[  490.010625][ T4496] EXT4-fs (loop5): unmounting filesystem.
[  490.040930][ T5296] loop0: detected capacity change from 0 to 16
[  490.050524][ T5296] erofs: (device loop0): mounted with root inode @ nid 36.
[  490.077217][ T5296] overlayfs: missing 'workdir'
[  490.338872][ T5298] loop1: detected capacity change from 0 to 512
[  491.480574][ T5298] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  491.528700][ T5301] FAULT_INJECTION: forcing a failure.
[  491.528700][ T5301] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  491.550902][ T5298] EXT4-fs (loop1): 1 truncate cleaned up
[  491.556663][ T5298] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  491.726714][  T283] EXT4-fs (loop1): unmounting filesystem.
[  492.186433][ T5301] CPU: 1 PID: 5301 Comm: syz.2.1288 Not tainted 6.1.138-syzkaller-00009-g6246d345f550 #0
[  492.196303][ T5301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  492.206374][ T5301] Call Trace:
[  492.209663][ T5301]  <TASK>
[  492.212609][ T5301]  __dump_stack+0x21/0x24
[  492.216967][ T5301]  dump_stack_lvl+0xee/0x150
[  492.221583][ T5301]  ? __cfi_dump_stack_lvl+0x8/0x8
[  492.226724][ T5301]  dump_stack+0x15/0x24
[  492.230992][ T5301]  should_fail_ex+0x3d4/0x520
[  492.235689][ T5301]  should_fail+0xb/0x10
[  492.239865][ T5301]  should_fail_usercopy+0x1a/0x20
[  492.244906][ T5301]  _copy_from_user+0x1e/0xc0
[  492.249513][ T5301]  sock_do_ioctl+0x186/0x310
[  492.254124][ T5301]  ? sock_show_fdinfo+0xb0/0xb0
[  492.258992][ T5301]  ? selinux_file_ioctl+0x377/0x480
[  492.264239][ T5301]  sock_ioctl+0x4d8/0x6e0
[  492.268574][ T5301]  ? __cfi_sock_ioctl+0x10/0x10
[  492.273432][ T5301]  ? __fget_files+0x2d5/0x330
[  492.278122][ T5301]  ? security_file_ioctl+0x95/0xc0
[  492.283245][ T5301]  ? __cfi_sock_ioctl+0x10/0x10
[  492.288100][ T5301]  __se_sys_ioctl+0x12f/0x1b0
[  492.292788][ T5301]  __x64_sys_ioctl+0x7b/0x90
[  492.297384][ T5301]  x64_sys_call+0x58b/0x9a0
[  492.301893][ T5301]  do_syscall_64+0x4c/0xa0
[  492.306335][ T5301]  ? clear_bhb_loop+0x15/0x70
[  492.311016][ T5301]  ? clear_bhb_loop+0x15/0x70
[  492.315709][ T5301]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  492.321625][ T5301] RIP: 0033:0x7fa42c18e929
[  492.326040][ T5301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  492.345645][ T5301] RSP: 002b:00007fa42cf4e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  492.354069][ T5301] RAX: ffffffffffffffda RBX: 00007fa42c3b5fa0 RCX: 00007fa42c18e929
[  492.362053][ T5301] RDX: 0000200000000140 RSI: 0000000000008914 RDI: 0000000000000007
[  492.370039][ T5301] RBP: 00007fa42cf4e090 R08: 0000000000000000 R09: 0000000000000000
[  492.378021][ T5301] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  492.385992][ T5301] R13: 0000000000000000 R14: 00007fa42c3b5fa0 R15: 00007ffce77035e8
[  492.393979][ T5301]  </TASK>
[  492.441109][ T5308] loop1: detected capacity change from 0 to 512
[  492.451881][ T5310] loop4: detected capacity change from 0 to 512
[  492.470346][ T5310] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.1291: bg 0: block 393: padding at end of block bitmap is not set
[  492.476475][ T5308] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.1289: bg 0: block 393: padding at end of block bitmap is not set
[  492.488007][ T5310] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  492.499837][ T5308] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  492.508645][ T5310] EXT4-fs (loop4): 2 truncates cleaned up
[  492.522454][ T5310] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  492.592316][ T5316] loop0: detected capacity change from 0 to 512
[  492.630905][ T5308] EXT4-fs (loop1): 2 truncates cleaned up
[  492.706095][ T5308] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  492.825464][ T5316] EXT4-fs error (device loop0): ext4_do_update_inode:5255: inode #3: comm syz.0.1290: corrupted inode contents
[  492.838114][ T5316] EXT4-fs error (device loop0): ext4_dirty_inode:6120: inode #3: comm syz.0.1290: mark_inode_dirty error
[  492.851930][ T5316] EXT4-fs error (device loop0): ext4_do_update_inode:5255: inode #3: comm syz.0.1290: corrupted inode contents
[  492.864530][ T5316] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #3: comm syz.0.1290: mark_inode_dirty error
[  492.877367][ T5316] Quota error (device loop0): write_blk: dquota write failed
[  492.885048][ T5316] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  492.895115][ T5316] EXT4-fs error (device loop0): ext4_acquire_dquot:6789: comm syz.0.1290: Failed to acquire dquot type 0
[  492.912394][ T5316] EXT4-fs (loop0): 1 orphan inode deleted
[  492.918248][ T5316] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  492.928690][ T5316] ext4 filesystem being mounted at /247/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  493.019336][  T304] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  493.081494][ T5320] loop5: detected capacity change from 0 to 512
[  493.109744][  T304] EXT4-fs error (device loop0): ext4_release_dquot:6825: comm kworker/u4:3: Failed to release dquot type 1
[  493.278298][ T5320] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.1292: bg 0: block 393: padding at end of block bitmap is not set
[  493.683713][ T5320] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  493.699214][ T5320] EXT4-fs (loop5): 2 truncates cleaned up
[  493.705002][ T5320] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  493.862202][  T286] EXT4-fs (loop0): unmounting filesystem.
[  493.890581][  T287] EXT4-fs (loop4): unmounting filesystem.
[  493.898606][   T28] audit: type=1326 audit(1750121668.848:2819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5326 comm="syz.2.1294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa42c18e929 code=0x7ffc0000
[  493.923783][  T283] EXT4-fs (loop1): unmounting filesystem.
[  493.926937][   T28] audit: type=1326 audit(1750121668.848:2820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5326 comm="syz.2.1294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa42c18e929 code=0x7ffc0000
[  493.955256][ T5332] 9pnet_fd: Insufficient options for proto=fd
[  493.973560][ T5328] overlayfs: missing 'lowerdir'
[  493.978311][   T28] audit: type=1326 audit(1750121668.848:2821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5326 comm="syz.2.1294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7fa42c18e929 code=0x7ffc0000
[  494.015118][ T5328] can0: slcan on ttyS3.
[  494.020852][   T28] audit: type=1326 audit(1750121668.848:2822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5326 comm="syz.2.1294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa42c18e929 code=0x7ffc0000
[  494.058278][ T4496] EXT4-fs (loop5): unmounting filesystem.
[  494.064412][   T28] audit: type=1326 audit(1750121668.848:2823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5326 comm="syz.2.1294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa42c18e929 code=0x7ffc0000
[  494.090562][ T5328] FAULT_INJECTION: forcing a failure.
[  494.090562][ T5328] name failslab, interval 1, probability 0, space 0, times 0
[  494.103254][   T28] audit: type=1326 audit(1750121668.848:2824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5326 comm="syz.2.1294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa42c18e929 code=0x7ffc0000
[  494.126969][ T5328] CPU: 0 PID: 5328 Comm: syz.0.1295 Not tainted 6.1.138-syzkaller-00009-g6246d345f550 #0
[  494.136811][ T5328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  494.146896][ T5328] Call Trace:
[  494.150198][ T5328]  <TASK>
[  494.151527][   T28] audit: type=1326 audit(1750121668.848:2825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5326 comm="syz.2.1294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa42c18e929 code=0x7ffc0000
[  494.153144][ T5328]  __dump_stack+0x21/0x24
[  494.180851][ T5328]  dump_stack_lvl+0xee/0x150
[  494.185476][ T5328]  ? __cfi_dump_stack_lvl+0x8/0x8
[  494.190536][ T5328]  ? call_rcu+0xb83/0xf90
[  494.194908][ T5328]  ? exit_to_user_mode_loop+0x9b/0xb0
[  494.200328][ T5328]  dump_stack+0x15/0x24
[  494.204495][ T5328]  should_fail_ex+0x3d4/0x520
[  494.209175][ T5328]  __should_failslab+0xac/0xf0
[  494.213940][ T5328]  ? tracepoint_probe_unregister+0x1e6/0x8b0
[  494.219924][ T5328]  should_failslab+0x9/0x20
[  494.224454][ T5328]  __kmem_cache_alloc_node+0x3d/0x2c0
[  494.229834][ T5328]  ? __cfi_mutex_lock+0x10/0x10
[  494.234685][ T5328]  ? delete_node+0x2b3/0xa60
[  494.239274][ T5328]  ? tracepoint_probe_unregister+0x1e6/0x8b0
[  494.245252][ T5328]  __kmalloc+0xa1/0x1e0
[  494.249408][ T5328]  ? __cfi___bpf_trace_sched_switch+0x10/0x10
[  494.255482][ T5328]  tracepoint_probe_unregister+0x1e6/0x8b0
[  494.261288][ T5328]  bpf_probe_unregister+0x61/0x70
[  494.266320][ T5328]  bpf_raw_tp_link_release+0x63/0x90
[  494.271609][ T5328]  bpf_link_free+0x13a/0x390
[  494.276202][ T5328]  ? bpf_link_put_deferred+0x20/0x20
[  494.281487][ T5328]  ? security_file_free+0xd8/0xf0
[  494.286510][ T5328]  bpf_link_release+0x15f/0x170
[  494.291364][ T5328]  ? __cfi_bpf_link_release+0x10/0x10
[  494.296741][ T5328]  __fput+0x1fc/0x8f0
[  494.300725][ T5328]  ? _raw_spin_unlock+0x4c/0x70
[  494.305577][ T5328]  ____fput+0x15/0x20
[  494.309556][ T5328]  task_work_run+0x1db/0x240
[  494.314149][ T5328]  ? __cfi_task_work_run+0x10/0x10
[  494.319266][ T5328]  ? __cfi___close_range+0x10/0x10
[  494.324384][ T5328]  exit_to_user_mode_loop+0x9b/0xb0
[  494.329579][ T5328]  exit_to_user_mode_prepare+0x5a/0xa0
[  494.335038][ T5328]  syscall_exit_to_user_mode+0x1a/0x30
[  494.340500][ T5328]  do_syscall_64+0x58/0xa0
[  494.344917][ T5328]  ? clear_bhb_loop+0x15/0x70
[  494.349589][ T5328]  ? clear_bhb_loop+0x15/0x70
[  494.354319][ T5328]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  494.360236][ T5328] RIP: 0033:0x7f9603b8e929
[  494.364666][ T5328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  494.384272][ T5328] RSP: 002b:00007f9604a14038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  494.392689][ T5328] RAX: 0000000000000000 RBX: 00007f9603db5fa0 RCX: 00007f9603b8e929
[  494.400660][ T5328] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000003
[  494.408631][ T5328] RBP: 00007f9604a14090 R08: 0000000000000000 R09: 0000000000000000
[  494.416596][ T5328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  494.424566][ T5328] R13: 0000000000000000 R14: 00007f9603db5fa0 R15: 00007ffdaae6c618
[  494.432544][ T5328]  </TASK>
[  494.481144][ T5328] CFI failure at __traceiter_sched_switch+0x9b/0xd0 (target: tp_stub_func+0x0/0x10; expected type: 0xee1f7a69)
[  494.492983][ T5328] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[  494.499048][ T5328] CPU: 1 PID: 5328 Comm: syz.0.1295 Not tainted 6.1.138-syzkaller-00009-g6246d345f550 #0
[  494.508842][ T5328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  494.518889][ T5328] RIP: 0010:__traceiter_sched_switch+0x9b/0xd0
[  494.525049][ T5328] Code: 80 3c 30 00 74 05 e8 24 55 69 00 49 8b 7d 08 44 89 e6 48 8b 55 c8 48 8b 4d c0 44 8b 45 d4 41 ba 97 85 e0 11 45 03 57 fc 74 02 <0f> 0b 41 ff d7 48 83 c3 18 48 89 d8 48 c1 e8 03 42 80 3c 30 00 74
[  494.544649][ T5328] RSP: 0018:ffffc9000f9977f0 EFLAGS: 00010096
[  494.550714][ T5328] RAX: 1ffff110266c1ae6 RBX: ffff88813360d728 RCX: ffff8881113ebcc0
[  494.558678][ T5328] RDX: ffff88811b60e540 RSI: 0000000000000001 RDI: ffffc9000fc05000
[  494.566647][ T5328] RBP: ffffc9000f997830 R08: 0000000000000000 R09: fffffbfff0ee42f6
[  494.574611][ T5328] R10: 00000000b720eca3 R11: 1ffffffff0ee42f5 R12: 0000000000000001
[  494.582576][ T5328] R13: ffff88813360d728 R14: dffffc0000000000 R15: ffffffff81710d60
[  494.590540][ T5328] FS:  00007f9604a146c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  494.599463][ T5328] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  494.606046][ T5328] CR2: 00007ffd92c1bff8 CR3: 000000013efdc000 CR4: 00000000003526a0
[  494.614012][ T5328] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  494.621976][ T5328] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  494.629942][ T5328] Call Trace:
[  494.633213][ T5328]  <TASK>
[  494.636137][ T5328]  __schedule+0x1263/0x14e0
[  494.640650][ T5328]  ? kernel_text_address+0xa0/0xd0
[  494.645791][ T5328]  ? release_firmware_map_entry+0x194/0x194
[  494.651700][ T5328]  ? asm_sysvec_reschedule_ipi+0x1b/0x20
[  494.657332][ T5328]  preempt_schedule_irq+0x9b/0x110
[  494.662443][ T5328]  ? __cfi_preempt_schedule_irq+0x10/0x10
[  494.668160][ T5328]  ? dump_stack_lvl+0x122/0x150
[  494.673020][ T5328]  raw_irqentry_exit_cond_resched+0x29/0x30
[  494.679011][ T5328]  irqentry_exit+0x37/0x40
[  494.683430][ T5328]  sysvec_reschedule_ipi+0x78/0x80
[  494.688547][ T5328]  asm_sysvec_reschedule_ipi+0x1b/0x20
[  494.694016][ T5328] RIP: 0010:__mutex_unlock_slowpath+0x0/0x3b0
[  494.700091][ T5328] Code: de 31 d2 e8 62 5e cf fe 65 ff 0d 23 be 13 7b 0f 85 91 fe ff ff e8 fc ca 11 fc 48 89 e0 48 89 c4 e9 81 fe ff ff 0f 1f 44 00 00 <55> 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 e4 e0 48 81 ec e0 00
[  494.719710][ T5328] RSP: 0018:ffffc9000f997ad8 EFLAGS: 00000297
[  494.725775][ T5328] RAX: ffff88811b60e541 RBX: ffff88811b60e540 RCX: 0000000000000000
[  494.733741][ T5328] RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffffffff86fe5b80
[  494.741701][ T5328] RBP: ffffc9000f997b78 R08: dffffc0000000000 R09: fffff52001f32f61
[  494.749678][ T5328] R10: fffff52001f32f61 R11: 1ffff92001f32f60 R12: dffffc0000000000
[  494.757643][ T5328] R13: 1ffff92001f32f5c R14: ffffffff86fe5b80 R15: ffffc9000f997b00
[  494.765616][ T5328]  ? mutex_unlock+0xd8/0x220
[  494.770201][ T5328]  ? __cfi_mutex_unlock+0x10/0x10
[  494.775216][ T5328]  ? __kasan_kmalloc+0x24/0xb0
[  494.779972][ T5328]  ? tracepoint_probe_unregister+0x1e6/0x8b0
[  494.785949][ T5328]  ? __kmalloc+0xb1/0x1e0
[  494.790275][ T5328]  ? __cfi___bpf_trace_sched_switch+0x10/0x10
[  494.796340][ T5328]  tracepoint_probe_unregister+0x84e/0x8b0
[  494.802144][ T5328]  bpf_probe_unregister+0x61/0x70
[  494.807172][ T5328]  bpf_raw_tp_link_release+0x63/0x90
[  494.812449][ T5328]  bpf_link_free+0x13a/0x390
[  494.817051][ T5328]  ? bpf_link_put_deferred+0x20/0x20
[  494.822351][ T5328]  ? security_file_free+0xd8/0xf0
[  494.827393][ T5328]  bpf_link_release+0x15f/0x170
[  494.832248][ T5328]  ? __cfi_bpf_link_release+0x10/0x10
[  494.837659][ T5328]  __fput+0x1fc/0x8f0
[  494.841725][ T5328]  ? _raw_spin_unlock+0x4c/0x70
[  494.846579][ T5328]  ____fput+0x15/0x20
[  494.850556][ T5328]  task_work_run+0x1db/0x240
[  494.855145][ T5328]  ? __cfi_task_work_run+0x10/0x10
[  494.860252][ T5328]  ? __cfi___close_range+0x10/0x10
[  494.865366][ T5328]  exit_to_user_mode_loop+0x9b/0xb0
[  494.870569][ T5328]  exit_to_user_mode_prepare+0x5a/0xa0
[  494.876034][ T5328]  syscall_exit_to_user_mode+0x1a/0x30
[  494.881492][ T5328]  do_syscall_64+0x58/0xa0
[  494.885909][ T5328]  ? clear_bhb_loop+0x15/0x70
[  494.890581][ T5328]  ? clear_bhb_loop+0x15/0x70
[  494.895280][ T5328]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  494.901200][ T5328] RIP: 0033:0x7f9603b8e929
[  494.905625][ T5328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  494.925237][ T5328] RSP: 002b:00007f9604a14038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  494.933676][ T5328] RAX: 0000000000000000 RBX: 00007f9603db5fa0 RCX: 00007f9603b8e929
[  494.941684][ T5328] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000003
[  494.949809][ T5328] RBP: 00007f9604a14090 R08: 0000000000000000 R09: 0000000000000000
[  494.957786][ T5328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  494.965765][ T5328] R13: 0000000000000000 R14: 00007f9603db5fa0 R15: 00007ffdaae6c618
[  494.973752][ T5328]  </TASK>
[  494.976773][ T5328] Modules linked in:
[  494.980673][ T5328] ---[ end trace 0000000000000000 ]---
[  494.986125][ T5328] RIP: 0010:__traceiter_sched_switch+0x9b/0xd0
[  494.992306][ T5328] Code: 80 3c 30 00 74 05 e8 24 55 69 00 49 8b 7d 08 44 89 e6 48 8b 55 c8 48 8b 4d c0 44 8b 45 d4 41 ba 97 85 e0 11 45 03 57 fc 74 02 <0f> 0b 41 ff d7 48 83 c3 18 48 89 d8 48 c1 e8 03 42 80 3c 30 00 74
[  495.011930][ T5328] RSP: 0018:ffffc9000f9977f0 EFLAGS: 00010096
[  495.018007][ T5328] RAX: 1ffff110266c1ae6 RBX: ffff88813360d728 RCX: ffff8881113ebcc0
[  495.026010][ T5328] RDX: ffff88811b60e540 RSI: 0000000000000001 RDI: ffffc9000fc05000
[  495.033985][ T5328] RBP: ffffc9000f997830 R08: 0000000000000000 R09: fffffbfff0ee42f6
[  495.041959][ T5328] R10: 00000000b720eca3 R11: 1ffffffff0ee42f5 R12: 0000000000000001
[  495.049927][ T5328] R13: ffff88813360d728 R14: dffffc0000000000 R15: ffffffff81710d60
[  495.057917][ T5328] FS:  00007f9604a146c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  495.066843][ T5328] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  495.073418][ T5328] CR2: 00007ffd92c1bff8 CR3: 000000013efdc000 CR4: 00000000003526a0
[  495.081387][ T5328] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  495.089349][ T5328] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  495.097317][ T5328] Kernel panic - not syncing: Fatal exception
[  496.249827][ T5328] Shutting down cpus with NMI
[  496.254898][ T5328] Kernel Offset: disabled
[  496.259221][ T5328] Rebooting in 86400 seconds..