last executing test programs:

14m28.001552215s ago: executing program 32 (id=270):
syz_mount_image$erofs(&(0x7f00000003c0), &(0x7f0000000880)='./file0\x00', 0x18000c6, &(0x7f0000000200)=ANY=[@ANYRES16=0x0, @ANYRES16], 0x0, 0x17d, &(0x7f0000001ac0)="$eJzsmLFP+kAUx7/vyg/yMy6uLg4SxcHSFjUuxLA5mogaNwlUghYx0EGYdPH/cHZwdvOPMM7qYFwY3Uxqej3oQQR10MT4PsPj+7h313evyXcoGIb5szw+vNyvFe+EAWASaaTU/89GXCO0+tfb83Jraj1/OfeUv041robPIwBB8PnnJwDcFAz4Kg+Cwd1p9VuE6OstCCwovQOCqfQeBLaVdkHYVfpA042w3jT3a55rlhteJRRWGOwwOGHIDffXPSNUtP5IW2+1O4clz3Ob3yg+ml+3IJDX+tPfV282ljY/GwK20jkQNpVeRao3m2gk2v2nE/H5xg/fnwULFr9NxP4UXBDmNX9KaP6R9evH2Va7s1irl6pu1T1ynNyKtWRZy05WGlEUx/jff+lPE9r5/0bUJimJk5LvN+0o9nMniu85rpD+J5CZjfLQ+5Mju4nWSe0jqTLGmHKGYRiGYRiGYRiGYRiGYZgvMAOSX0EldIo4GcDZkNVvAQAA///an3MA")
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000000)='./bus\x00')
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x8103, 0x0)

10m46.018169395s ago: executing program 33 (id=1752):
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000700)='./file1\x00', 0x4000, &(0x7f00000012c0), 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==")
syz_mount_image$vfat(&(0x7f0000000b00), &(0x7f00000005c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x195949d, 0x0, 0x3c, 0x0, &(0x7f0000000140))
creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000280)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x824851, 0x0, 0x1, 0x0, &(0x7f0000000180))
syz_mount_image$vfat(&(0x7f0000000b00), &(0x7f00000005c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x181d011, 0x0, 0x40, 0x0, &(0x7f0000000140))
open(&(0x7f00000003c0)='./file1\x00', 0x81, 0x0)

9m50.565530339s ago: executing program 34 (id=2080):
memfd_create(&(0x7f0000000000)='\x103q}2\x9a\xce\xaf\x03\xdfy[\xd9\xffR8\xf4\x1c\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1d\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\x15RJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd9DC\x9fF\x9c[M=\xe0^\xa8\xed)\xe8Z\xe8\x99&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xcb\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05\xd7\xe7X\xc7/\xae5\x93wwT\x13\xbd,\xd6\x16\x84\xcd\xd1\xd8\xe1P_\xbf0\xd8\x8d%Yh\xb5\xb4\"\xf5\x93\xdeh\xce\xa5\xe8\xc8\xec\x88\x89\xf07{\x95\xc9\xd0\xee\xe1\x1d\x80\xcc]-\xc2\xa1\x02ELhI\xd9\xf5\xcfk\x8a&i\xc1\xff9T\x8e\xe2rY\xa3\xd2H9\xfe\x0e\x1e\xac\x0f\xc3\xbd{\xd9\xcc\xbe\xa9\x93\xe0\xa4W\x1cn>\xc1\xf1\x9e\"\x93\x19\x19\x1a\xcc\x7fy\xd2~\x05\x99\xe6\x00o\xca\xe0\xc6\xd4\xf5\xa0\xc8P\xd6;\xf3\xc6~E\xacI\xd4\xe9\xa1|>\x91.K\x81\xa9+\xcf\xff\xcb\xfa\x0f\xe7n\x83H\x12\xac\x80\x16\xf8\x87Q\x97Az\n`\xb6\xe13A\xec\x8d(\\D\xec\xa6\t1\xa0h\xfc\x1f\xdd1@-4\xb4:\xf8\xd5wP \x84m\xe2\xd9\xfcb\xa0\xc3\xc9\xe7W\x86\xd7$\xa4ml\xee\x97[\xb7\xfa', 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="182e0000000000000000000006000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a0101"], 0x57)
setsockopt$inet_mreqsrc(r0, 0x0, 0x28, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)

8m39.535938455s ago: executing program 35 (id=2544):
r0 = syz_clone(0x1104000, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
syz_read_part_table(0x4066, &(0x7f0000008100)="$eJzszzFKw3AUBvAvrcEogSLoJIjFwU3i5pRbdJeewclBxdzEUTyA9/AOjl4hDpJIrYNLQeX3m97Hx3vJP/wR1TgVSZ6XT3tJjufpmuaj3Br6nc+l5jzlbjVJneRq/ebicfP/DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/FKTlXSbpHu5Ph1yNTbLw3Q3bS7qpDqYJffTlO1Rkf1kfvbN3WnymqRI8pZkMdvsMwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/+JyJW1/rethuFtffThJ15Zj2/d9/+PPVsk7u3MsAAAAgACMMskoY+jfCJa+VwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMYOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBABgAAAECYv3Ue7QcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbgoAAP//SIAVRg==")
kcmp$KCMP_EPOLL_TFD(r0, r0, 0x7, 0xffffffffffffffff, 0x0)

7m53.258862554s ago: executing program 7 (id=2797):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='.\x00', 0x0, 0x121)
fcntl$notify(r0, 0x402, 0x10)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x4)
write$P9_RVERSION(r1, &(0x7f0000000a80)=ANY=[], 0x15)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x20000, 0x0)
vmsplice(r2, &(0x7f00000009c0)=[{&(0x7f0000000140)="d0", 0x1}], 0x1, 0x7)

7m52.648565669s ago: executing program 7 (id=2802):
unshare(0x64000600)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup(r1)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
write$tun(r0, &(0x7f00000005c0)={@val={0x8, 0x800}, @val={0x7, 0x0, 0x0, 0x0, 0x3}, @ipv4=@udp={{0x5, 0x4, 0x3, 0x1b, 0x24, 0x64, 0x0, 0x40, 0x11, 0x0, @rand_addr=0x64010101, @dev={0xac, 0x14, 0x14, 0x1b}}, {0x4e20, 0x4e21, 0x10, 0x0, @gue={{0x2, 0x1, 0x1, 0x7, 0x100}}}}}, 0x32)

7m51.816450332s ago: executing program 36 (id=2802):
unshare(0x64000600)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup(r1)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
write$tun(r0, &(0x7f00000005c0)={@val={0x8, 0x800}, @val={0x7, 0x0, 0x0, 0x0, 0x3}, @ipv4=@udp={{0x5, 0x4, 0x3, 0x1b, 0x24, 0x64, 0x0, 0x40, 0x11, 0x0, @rand_addr=0x64010101, @dev={0xac, 0x14, 0x14, 0x1b}}, {0x4e20, 0x4e21, 0x10, 0x0, @gue={{0x2, 0x1, 0x1, 0x7, 0x100}}}}}, 0x32)

6m35.350350154s ago: executing program 37 (id=3237):
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x20, 0x1)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000300)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}})
read$FUSE(r0, &(0x7f0000004280)={0x2020, 0x0, <r1=>0x0}, 0x2020)
capset(&(0x7f00000000c0)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000, 0x0, 0x0, 0x0, 0x8})
write$FUSE_INIT(r0, &(0x7f0000000180)={0x50, 0x0, r1, {0x7, 0x2b, 0xffffffde, 0x318145a8, 0x0, 0xfffe, 0x7, 0xfffffff6, 0x0, 0x0, 0x8, 0x100}}, 0x50)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40242, 0x1)

6m17.02183669s ago: executing program 38 (id=3298):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000780)=ANY=[@ANYBLOB="580000000206030000000000000000000300000705000100070000000900020073797a31000000000c00078008001240000000050500050002000000050004000100000011000300686173683a69702c706f7274"], 0x58}, 0x1, 0x0, 0x0, 0x4000}, 0x20004000)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="50000000090601020000000000000000020000840900020073797a31000000000500010007000000280007800c00018008000140fffffff70500070088000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x90)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001580)={0x28, 0x3, 0x6, 0x5, 0x0, 0x0, {0x2, 0x0, 0x8}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x40}, 0x14)

5m15.182599763s ago: executing program 2 (id=3602):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x9, @b={0x9b, 0x2, 0x1, 0x7, {0x6, "58e84764c3b3"}, 0x2}}, 0xf)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x14, r3, 0x1, 0x123, 0x234}, 0x14}}, 0x0)
setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, 0x0, 0xcee41ba27f27d9e8)

5m14.156118661s ago: executing program 2 (id=3606):
r0 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r0, 0x6)
r1 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080), 0x10)
sendmmsg(r1, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="1b", 0x40000}], 0x1}}], 0x1, 0x24008094)
r2 = accept4$unix(r0, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f0000000c00)=[{{0x0, 0x0, 0x0}, 0x807}, {{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f00000006c0)=""/240, 0xf0}], 0x2c}, 0x1ff}], 0x2, 0x20022, 0x0)

5m13.731946845s ago: executing program 2 (id=3610):
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3})
ioctl$UFFDIO_WRITEPROTECT(r0, 0xc018aa06, &(0x7f0000000140)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x9, 0x2)
syz_clone(0x4d000, 0x0, 0x0, 0x0, 0x0, 0x0)

5m11.345784287s ago: executing program 2 (id=3621):
syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000500)='./bus\x00', 0x18418, &(0x7f0000000200)=ANY=[@ANYRES8=0x0, @ANYRES8], 0xfe, 0x4b1, &(0x7f0000001d00)="$eJzs201sVNUbx/HfM3c6TIf+/5YXCxgCTTSxgkBfsEBqYnix0YQXLVQj8SWVTrHSdkinKCUgLNWdC5Yu3bpwZdwaEpfGhcEYFibIxs2sxB3m3LlvM5TOjG1nKP1+CJx7zzx3OOc8c+ecM5kRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQjrx6uLfPWt0KAADQTCdPj/QOMP8DALCmnGH/DwAAsJaYPP0u054LJTvhn5dlj0/OXLo8emx44cvaTaaUPD/e/c329Q/sf2nwwMGwXPz65bZNp06fOdx9tDB9cTZfLObHu0dnJs8VxvN1P8NSr6+2yx+A7ukLl8YnJord/XsHKh6+3Hlv3fquzqHB945mwtjRY8PDpxMx6bb//L8/5FEr/Iw8vSDTx99/ayclpbT0sajx2llp7X4ndvmdGD027HdkanJsZs49aKkgKlU5JplwjJqQiyVJSa5dllmePVubPP0g05F9JTslyQvHYbf/wXBd7WmFtNu6SurRKsjZY2ydPH0g0619nXojGFc//xnpaqsbhxWXDu7/gpXsTf/9wN1P7m3z+Fvdr89MFBKxlgruqNU+PzTTY/7elJWnU/4dX7IR7Wx1c9Bk7fI0LVPmq0/8dYX8delTQwd27DyUXGFsqfE8LnZvcHPVMye3BUsHS7k/y98v1Cdrnv6U6f5vWf+8J5wDpBsPFrvwj6Y0DyvNPE3J9M+1klnVvtRL7O8jq33uX9n2t2ePFi7Oz06e/2huwcdz2cMfFudmx84t/HB57+ola2rtY6ulGtuS5ay84/v801J0XbAH+F/5LG7NN1fj10JPVRlKvn7qOa57F9vAOsq1yczTXZkm3t9anmeUa3hs1gKX/2GZiqWfLcx0kP90+SyR/5fj8ctaZRnxc/v/8uda4Vpi29nNj6pfify7Nrn8vyPTkb+3Bp9plPPvVcW6uC6Z3r25PYhLZVxcOuxO+RknJqfyvS72gUwbfwpj5cfmgthNcWyfiy3K9MWtytj1QezmOLbfxd6W6c6vC8c+HccOuNh5l6873WFszsXuCGK74ti95wpT47WG1eW/X6a3r79mYZ8fmf/E/X+jqow8lPPFj5cr/52JuhtBXs8G+U/XyP+XMs3/tT3stz/24ctqg/9vnH+3Vv7uZmVsuKHcGMf21dutVnP53yDTvVduR30O+hacxhlK5v+ZdGUZjWuL8r8hUdcZtCvT4FisRcX5KxfGpqbysxxwwAEH0UGr35nQDG7+H3Gz+qBn4TommP87ymfxiun+Z/H8P1RVRlo0/29M1A0Fq5a2tJSdm77YtkXKFuev7JmcHjufP5+fGdg/2Nt/aH/vwMG2TLi4i4/qHrsngcv/bpmu/fhLtI+pXP8tvP7PVZWRFuV/U7JPFeuauodiTXL575Bp8O7taL+52Po/3P/3PFtZRvdfi/K/OVHXGbSro8GxAAAAAAAAAAAAAAAAAIDVJGeenpPp8siLFv6GqJ7v/41XlZHl//5X+YfJNb7/1ZWoG2/S7xoaGmgAAAAAAAAAAIAmScnT1zI9r5JddxUd0olkiSfavwEAAP//G6xIAA==")
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f00000003c0)=@file={0x1, './file1\x00'}, 0x6e)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x8000, 0xa0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x8005, 0x0, 0x0, 0x12, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
truncate(&(0x7f0000000040)='./file1\x00', 0x41bfc)

5m9.824311851s ago: executing program 2 (id=3627):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_mount_image$f2fs(&(0x7f00000105c0), &(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0063eccea4", @ANYBLOB="b6a7a29782938426a4c1e016eedf515af3fd5b546aaacf8d3135c386daf856ecccd471f18f3b0c0d8118f2458d7a7797a3a26a1c7303dce38f54e82d58e84a2d90cbc9d4045b09322e0d4829f9a1ed35be0efa8653195ff1650e3c448d671c5d240daa776e54b6c4374d5a1217b928f24a7dcc1d83727e1e2496be90000d0ba16bf0266e2861636b9b86443ca18e70a2c05ef9389ecbff171bb734f3e0855948dfbbc23445ca276bba463e8f60607626b18799cc5aad8e5463878d9aca519ecfdaf99a675112f906be5e7abce02645ef430ef929cc1a2e435fa67b84f2462752b3693914f369a767e1"], 0x1, 0x105c7, &(0x7f0000020c40)="$eJzs3EtvG1UbB/DHzdvr25YI9bZBjIRAiVRbcZJWZYNSaFSQSBVxWbACx3Yst7Ynip0L3SHBjo/CBvEBWFSw4HuwQyyQ2CGBPDNBSWmlKnXjpPn9pOn/zJlznjnjKpGOHTmAY2sy+fOPUlyMsxExERHnI7J2qTgyC3lci4jXI+LErqNU9P/bcSoizkXExWHxvGapuHTh0eKj32/dvvTjz6/dnZx46/r4nhoYtzcjoruWt7e6eaatPO8X/bXNdpbd+c0i8wvdB8V5mudWcyWrsFXbGVfLcq6Vj0/XNvrDXO3U6sNstVez/rVefsP+ZmunTjbhfm09O280V7Js99MsWw/zdW0X+bA/yOs0inpfZuVjMNjJvL+53cyfZ+1BlvXeoOjP66aN5vYwN4ssbhf1tNPI1rGy75f50Puw3dvYTjab6/122ktuVKq3KtWb5ep62mgOmvPlWrdxcz6ZanWGw8qDZq270ErTVqdZqafd6WSqVa+Xq9Vk6k5zpV3rJdVqZa4yU74xXbSuJ3fvfZp0GsnUMN9t9zYG7U4/WU3Xk3zGdDJbmXt7Onmjmnz81XKy/NHi4tLyJ5/f+eze7aUP3isG/WdZydTszOxsuTpTnq1OvzTPvzSO57/2fNM57krjXgDA0WP/D4yD/b/9fxzY/vf74m4Hvv89cTie/0D2/2f38/9/Zj+TYIf9PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAsfXryR/ezxqT+fn/i/4LRderEXE1Iq5ExOWI+PsJJuLUnpqXIqJUtJ80/uRja/ipFFmF4ZzTxXEuIhaK469XXvSrAAAAAEfeiadd+O6Xr7+JmBg2s3/eOchVMW7FmzZnRlUve8vnf6Oqdikrtj2iapd3So7ElYg4OfnbiKpdHf6Mnv9iRNWeycSeOLMrSnk89XcGAABwdO3dCYxs9wYAAMCh8+24F8DzevwP6p9tfGnX1OKz4NN5FB8Int1zBgAAABxBpXEvAAAAAHjhsv2/7/8DAACAl1v+/X8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/sHP3uIkDURzAn2G9y35p0YqPq1CttqTgEDlCypQpktuk4wyRECfIAUiXI0QQYSZSjFBSeCwr6PeTzIwt+OsZqudBAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJsey+X8bn1z2zRnu2smz90AAAAAp2zK5byaDA/nP9P13+nS34iYRsQkIsYRcap378fXWuYoIoo0P/X+8qiG+4gqYf+Zb+n4ERH/0/H8p+1vAQAAAM7XejVbRPT30+rlXxw18pyz9FsPcuVVj3y+5EobVWFXmdLGr5FZTCKiHD5lSptGRO/XRaa09Pzsff3aMHgzFIeh91FCcd2oRAAAoAP1TmDfvT10Wg8AAABtuey6ALpRrdem/+KnteC0cpgWBL/XzgAAAIBPqOi6AAAAAKB1Vf9v/z8AAAA4b4f9/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGjTplzO16vZomnOdtdMnrsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADghf15R4EQCIMw2Lu+7zR4/2NJg6amJlUgfPyNwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG9+95f/E1PjTDL32lh6HknWTo2tU2Pv3Dj6w/j6NQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxf7cnUAIBEEY7Dv/c1rMPyxp0BhEqIKFjxnmYQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvuh3v/yfmBpnkrnTxtLxSLJ21di6auw9aBw9GG//BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALnbgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirswIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrA/9ygKA2Ech9/M7rJJvUfYPuzHGWysRI/gBwiBnMEDeCEbK9vgRfQKCjqprSSFz9P8/sUMzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAr+ny8MRbRBSR+pkijTdfp/eI+Ii07brR520Wu/OxLe9ztj9Myv7+9LuKiCqKJ/8EAGAYdd88Vutm+ZP7m/uX+59bz9tmMeSjAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4snP/rE2EcRzAnyRNtE52EMFJqYggGpNoyZBFodC3EdsYiqlKmsEWl+4uvgTBQcQtL8HB3UUcBP/MBRVcXJQkl/qUFrkOuYT284Hn8stx3D1PhsD3fpcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCR7O6Ea+M6F0K4MPevHvj44+nqYa9v+4vnxmN54dX3+JyDUxRDCPfXO62bGa5lll1Oedzm1vaDZqfT6ioUCsVeMeEvKAAAjpViMga5/kuxvzLYl2uE8OfF/vx/JapDyvz/7Nvru/G14vxfyWyFsy1t/i/3Nh6XN7e2r69vNNutduvhUu1WpVq9XVsqD2+nlN1UAQAA4D9KyYjzf75xsP9/JqpDyvx/79PnN/G1CvL/AUfv/094QgAAACfYwsVfP3OH7M+VSuFJs9frVkbbvffV0XYKU00vWdCpZMT5v9CY8twAAACATOzu5Pb1/9eiOqTs/5+9874dn7MQQphP+v83Vh911rJbzsyapd//T3ipAAAATNF8MuL+f3H4/H/+0viYfAjh6uKoTv4GMFX+//Du5fn4WvHz/7XsljiT8vXR55Em/w+PrYcwV89gYgAAABxLp5MxyP9fi/2V7u/nyyXP/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwlx07RmkgiAIAutnNKhZiQGysBLUV7awCFoJ4DVEQbOzTeABPkyPYp1VLa0nhDeTP7oik0ICyCfoezP7PzsD8nWr/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN+anhQ7Oa/iMWjysn339Da6iPg8E8PDeHcrRuS9bsteQvWXs/04o+POigEAAOCfqnJ/XxTFSz0+i1gOU/+/H/laOzdab2Lu52f7/hxz7x9j+/X28WOjQbNPdMNX1zeXh5194XLbm3Pdxhxr0l1Cc0NTpaua8vxuc1qnU+/dTyanKyld/VnFAMBvOMixTfL/UcSjRRYGwJ/Vb0fxqf+vhoutCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAL7wEAAP///r1cWg==")
r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x80044940, &(0x7f00000010c0)={0x0, ""/256, <r1=>0x0, <r2=>0x0, 0x0, 0x0, ""/16, ""/16, ""/16, <r3=>0x0, 0x0, <r4=>0x0, <r5=>0x0})
syz_mount_image$msdos(&(0x7f00000003c0), &(0x7f0000000340)='.\x00', 0x126a4b5, &(0x7f0000002380)=ANY=[@ANYRES16=r5, @ANYBLOB="58805873d4e654d320badda8d83d5f9e81dd4455b999353f43a5b2c40e2a878b9bac2d4ad8cb94d670496d1263ed9eaec9ce092278ae1a7bbc416b016b0014be705ed16ba69c5000fbc27f21d01061761e9142d1036ae5926ebf420b26bae1ce6d6aa1fa614b4a6f3ee879abc0450f4cd6e304bb3b8df28d688efab8185e9ec54c1bcd37b4ba0bba5267a33ddcad0069c93c7723d0b0f60393dcd9590a4f05ae5e82c838fdbfe877e758561be7", @ANYRES16=r3, @ANYRES16=r5, @ANYRESDEC=r4, @ANYRES16=r2, @ANYRES16, @ANYBLOB="9a7f40ad4c7145903a868b9020e1e8899ed5747db23004fc9d248900abcaa6b065cf0800930a71dcd8b8955d93c78b9d4e5e06d8d5c9ac9b75d177754d6eba23e6d2be546c0dfecdf61baf732950a5729c01fbdc11e36cb411be200a9135657acd97d21ee46aac313ebdddd9265af16558dd3e5ba4836659a6abfe08aad84276acf949bdaa34bdf7f7b2dfb2fe8b9d6d225dcecebeb6e15f649994728842bd99fc94897d24315ac2d17bf6c2acfbfa8464d80f36304f88b906b78ab359be3479db5b0e7555f04416807c2202d6551f2425440be741dbe053e0bfeb845623e722a9293843f1cf0a71119dcadf7e353af4da52aed3086d6e5a095774248be9a1b1418dec1c03a2cb0ece0840ebeaaf7b67867da45943b700e2d6dad775ae6f33e55aa86ca84c336c91e3b7d7224f7a9a10d5b45a6ce0769d875415bea136b5508e5e0a88290792da3b11b2284a3d757c301cec78b55d3fcfa073615ccb089f66c5b9a5c84f6c1bb78c3370c4687eab260711fa05525687c7709e15cddea061f70798cbf940ad929eb80f33ad8bb4fcd322dd0558f111d7d01351147976b425a27e573402490055054cf3d80bebde6a89f3086170633740f08780aac3a73f17eaeda8deb642c2887962596b4d78c0ffffb28d0e64073b0641f89cf83a69afaaea03ba6070838fdbdaccb81630a6fdaa77fc10146013b9fd79e965a320daf81c1a51f032a3f462f2740e579eb116cad80b4e233326bf94fea52184517accf608b1fbfb395942869841b9ca0f314beff6b2dc0a74d7599012274b24775f0382e72907c1f0c571b994f048c0266feb775d893fec84e5733cd66a96cd45b60f63743b17b05d99c427a2d00a27fef17cadf128059a2e227b80701755b0bc706f32255c8cd619fa995cc7649f28337361a62cff46669fa4cf095a2d148987a9fafa6e1fb9f59b5ac5ff10a4c62e0187a3c75a983f7f5211142c6c09170a13e29c2044e5568bda8055cee4722e445e83ea01307c42cbe63a5bc529e1200e5874f7500275abacd6cc0e3bf8fd38ab7bab39f54d180d60892e2e3a713a3e654c89b8e9ba4474909991844514c04b655c66ccd6f2a17e29ff69d343ebac7ac5e1510ad4ff52e6a932a97bb0d814259da6545022152dd63f06219a1d66ec2278b694876ed6195b0543b8c9289b8438e8ee57dd38bcdb045a6fc4cede28effaa0354afbd4190fcbccd9a0e91508e4399e0e30a0bfdedcc19454b6dd7c2785a6e4fe74a0ece1d683ad07d76eafec02fb0d88debfeacd3531413185da0ffa4fb9b5e6d5a916f7bb5d51efc8ab61e4953fc6b2d1e670769f3ca56d51b804ceb118278acc90422e1f51e448a27d2fe4f93c88cf7c6148474bf650902dd6dd96541044113d244cf938150ec426e7ed63e1f153bbe328f4232552b104c8dee60b0c4e4c25f2605e97cc6f4263d32e8340be2d167137682373ae4cd501fdc9c5359b40f52803a5e4c0e04a5de0412c5cbd4d05e6135a1209d4b2dff50d39e481f1d1b01ed71004fb0c18e736af8ab176f833a439a85c9132e6d2296f665771c6a284eadc08c94ffa520dcc37fd6426c152364699514b15d4df6732fff39834e8ba29688b19db27a970d9d7fbee973c76bee04fb6164963969ebde0f785606781d63726736d8b60a713d5f72207a23f6f00420fdf24d14c069f36a7e236620481cc7a63857cc1355bac8d4f9a3f32785ad4d9d81719077a816b33b98006c322ee473aa9f8f83fae86a4d421104b298a9e42357c44b773e3504b3f9eb5b29330411b776b78fdb6dd9713dd1aee0cc9c7ee8bd23a50d4c8babaf6d74bc25377009a8c57c941f80e58ac08c93a275656cbad3864df9e791305d66103ab30983b07553ede5b5d5b0aab157f805eb6c11c75dd7f297c2cc9110551131a797164dec422b13799f1c261464c765a62c201eb9c8686eee94642d59f429cd137cba0d1a8126dcdfc28ea5c201526c61164a86f480dfde0c60fdf6afd3cd64719de1d89b5a362e058054a9db73aaffac324b04e8903060e1f14ca4ac31c82183066e6d581685efbe3452a20a665166b03808220770d66051971b61d8114376e22a4511cae9fdf7bbed68bb9f45b57eee1c15775730ef1434731d7b82a7cbcd6155396263984edfcea62196189da0ba9908d7d5ef514d75a3e1d4ae42654365083873fc4ce969fa4fac51d640be8d948bb9464d1a7e494c8df98bd5a569ff7fe1aca542c34610148a8f1dc9d60ff0f761270577f286a362f32164184ffce3ad132637e9f0381e9ce76a11f296f9d1e835cdc44926104e1df4d0a282a84b9fbc23064bfcab0d221c6e3124ae8ba6022e62f170dcc2d655f73b40f83fd65f5c705bc1f9e8df13adeadff9e1fe4660a55be7dc969cfffaed607190162dcd09d0cd86a297b22142b88f0eb28dd1a45152a4f4f2dca0d96d39fa594349040f486cd486af619b7083236cf90324cddc6f1ed0f6a103c8d936d7f2f31d420ef50931838e66721bff7494617b6b4bc385f3e51b3f81cf5d6953ac7fddc0f3466682911b38bc7f082e0c18e3ae0badf7f3fd3e186ebc2bab71fa26f77bb14cd97e6761c93c8c25887c0ef1f3dc1d8d86ce0fb73190f66f4deca77977e8d6064bfeeac3fad2bc50488c144e2a1a82fcc1e1c12ac54bf3e2d468e8f53241e4a6ad9e466746a45b053452ded5caa20461881d78d8235e986ba8b77e83601655d2650bf1b64ce17c75314216b43bbd1101a2e12e57525bb7d3b136a70635bdac8af24367a24ce2fe2a72ef2b0e56ff8dc62a82946f86f9b6b1418a89b1971372dfe7d5ce2e6611befff721f04a19bce7f90b1551a4cdead136662c50513fdde6f9d4a199c3907ed8799f231f54dd8347c71d829ff8ddc5d96b5aac2fe58652c81ff7f54e2568119dff2763ef435aa420630dacc7e9414340ee8688f46c7a8ab96d860937641042b3cdf6857ff1d2d4e47cec1f23e65fe541f38cb96b132666f999002e89cd1896ca58c2e63b87382e1a6c1ee9afa56cf3ba923fa9c989e20bff313f37252632fdcff03fbdd2d334ee93baf75c1bdae30feaa81fb2ac1b63c42dda06f20ce8c9d003eb3efed7931def342fb874fce92763f6f477c7f589b75d2129419fc4cb7a8893a1d3f94533ed9fdf9f21fc254fd80aa74750833d390327a2107e761240928d35a36c5eaca61fd848116b8dd7ec8157928bc2dd87f7756aa517cf6a61d2009fd4ba0579ca3b3129cfd5403546f5ab6d0575799a008fc67da9658427636d8f806d9b8cad64aee438d0a9b45957f31a5afe3ed894add9acadfd347246099c6ff0b4ec6f19ac61557daf8739e528185ab1468ca72d6d72e4f026e371e540b774b6576df3014dcc9e91b2cd1f0403a4fcaa6627b22682bb54f92150c2917acaee1972b2b03bc2bd37fdb9e7352c654d94ef196b7229e4da5ee62b7d395ecdd5177f2563242ea49ff78151a4a816a94e89b03f41c7e6684f8be3e5802e9338e7cbd3b43f708c062f944a59f31b02ca9a177e6b681accee8785d2467d2d78636be4330febaa3f6907db07992a2de74e459f3ae8ee6adae20cbc75aabd2d5d3424de0ddcc3ddd981c3a4966c57f8fdb1c42db87395f0bc800ff8ddb4c228a7d793d8a997885494a8578f5433d3f82886ea573641bf16065efbc25718c88f7277ce04c94af560d8deb7968496f849d3fad78741272b08bf7aec3f3c777428d3b8b897333ae5afb6823af63cb7347601ee2e8d4e21b21a12e6d42f66a1aac26d296bc68a998d8ba179ed5f756c2efd8a7acc0e3f08093bb4a83d37f15b4fe07c90858058ad1ff0e21bb7bf4363079c5d452dba5972b21c8f41daf6f11a51d321d3c1d544190238036d907d965ff469ce4895eb7675f3e94a15f83b837b892a40390d87d76e9b15eda02366299d3dd93943466bceeb2f9e465adccc08e1a02c3ac01815931627ed327e0ffbe09563221a365b88c4f2449bd3634920d5bfbde7cdc92c4cb16a579f35f07dafc87ce6ce4de7bf9e8ff0e80b81cdab8f2164a25a0a6929679ce9ae0dc2ac7ed41a787446676f091597551dc2e8c054224bac6652bba5fb675c0b2c94d2faac160f11b7b96fc96415aca8a47fa03658b8afa24b6bd97f7dbeead9ae5f7ec1cb0d000055f41a5043c6c4c97212398b168b5cb9ee650726eabcc31b6712e815fdaae77885350884fb36d6d5444d5e5500a7d636d4eced14b9d411c765b36a4be06ca9be2965d6d6c06c3b6bcb38babeb2999ee71295d48926bf6e39363fabf74de5e57aa0b59f9dddeca142d0c50ab7ff198196c69c971e6ab591220f4e42d6525e2dbd99b6c57949c854e4ee0e4581f9e3e160b3f66b01f23f4d0472c0a1f307837ac8dac0a257d09ab82975148dcd764fe6359a5f21b9cbe2ae7b9b277489a8b3285b8289a84ff854508b4488ffcf68f47ec7a5c18a8c3d06e26b32f754ac74ea8e93a554147fd3b3daf1fbe924e2e389cac13a5f80f3a21dbd250d3917f7b5acfc739a63f2b3d6b3f099efb4be7a842215c89fc87bd8550d11ba2a4af0f111ab124503b26feeae3be3ee24168dd4553a226b9168edb11c3e61bc850adf995b4d6f1aace6db0b91f805c3d1789a3e6b470e5470968f429d5b05c8f76ca2981e37f5bde4ad00a09755c76774ead7d93f3f41255b1d56152e3699b133b2e0b277427c992323d1b4d8c438434e9e901ddd43788f80cb9a975e9dd1671ce16be5ff8033d5da824f00fd78b540edbcd69a2e9aff03e31af9afefb809434f52b4a1239fdd241ed3a268258addde19d1724155a1a4c877bd59b0659b7a786886f6ffcb5999d1f9c007d615020926f7165a9ddd4aaa3c7b631d30cc951e328131d99282ac06a18f88373092320ea5308f06c376e711aecda4cd1c2b639d9ea7a2613d4e9eaa9a0ef72774fdec622f7d131b45135d577897bf686b460a371083070139ea544bda15012251d6c8e7163c25412841faefba76765648ca7cd1b423403a654b6b5754588ae6c309621477db20f7c9236af1e422ebd3fb6d6a712e7a6d00d58416b7d65a53a2514bf51bedfe9207f16a4d79418600389b98ea8b9e06b8da708a86f191e567925af39a09ac9fd7902e8f8e77567baf1b75c05ba1eb7089b424801405afc982a8d79c80fada184a1ab3bab526a3b0a5e20d2dc6bcdd2c5cb7c49f735f3e8f4d36a388ca805876ae08f0e3acca5dd864c1fa1552068bf799095221480374fd2dcaeddb74be93470eff4fe278e190f0a131f32340ada9cca518af769f42943875f4c5707beee2179771da21cd66405b9973648bd047a516d1cf902fa1f0fcdcbc3f4c1f20fc22f9a7e9f4c3a52576399604c46f83ede44f542d06d54e6e8a1e693a2cfcbb16c178d1bace976133e72cc4533bd02b1c4ec2cc22097435aff5a682ca7227414895450831560fa682493f4814ce8fbdb190f8ce2b533ed9582638511bda93aeae5d0690f745b788db622864ba3fb60952f119427fbe66754c5c038c5fb2cb87c326d65862e353c14950bd1fa7c70e36323e9cf90c81f6275e59c7926acac1560a0b6bbc7a850817f2effa19d485315a219d49e293f871278294d02765cf72caa2f438de3337ed205bf68ff6ddaaa5e4b80de5fba022dfcf9cf074a319678df11eb77b3ef66e512b67ba5182265a60eaf457691e973d23cbaf6000537f886695074ebb616f9cdad9de7c6fe9ecfbd13d537d64c34a7c90ca56b50e60d6a7067e391e63561793edf6ed3c2eeb8555909a59ce73da1f096d41fb42de44494128324a9", @ANYRESHEX=0x0, @ANYRES32=r1], 0x5, 0x0, &(0x7f0000000000))
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FITRIM(r6, 0xc0185879, &(0x7f0000000180)={0xffa1, 0xcfffffd})

5m8.995133555s ago: executing program 2 (id=3632):
sendmsg$RDMA_NLDEV_CMD_RES_GET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x20040810)
write$P9_RXATTRWALK(0xffffffffffffffff, &(0x7f0000000100)={0xf, 0x1f, 0x2, 0x2}, 0x51)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
prlimit64(0x0, 0x6, &(0x7f0000000140)={0x0, 0x4}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r0 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f0000000000)={0x0, 0x8, 0x10, 0x9, 0xffffffffe26e9b70}, 0x0)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

5m8.219076268s ago: executing program 39 (id=3632):
sendmsg$RDMA_NLDEV_CMD_RES_GET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x20040810)
write$P9_RXATTRWALK(0xffffffffffffffff, &(0x7f0000000100)={0xf, 0x1f, 0x2, 0x2}, 0x51)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
prlimit64(0x0, 0x6, &(0x7f0000000140)={0x0, 0x4}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r0 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f0000000000)={0x0, 0x8, 0x10, 0x9, 0xffffffffe26e9b70}, 0x0)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

4m0.550147708s ago: executing program 0 (id=3960):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
memfd_create(&(0x7f0000000b40)='\x103q}2[\xe0\x9a\xee\xaf\x03\x97\x9et\v\"|Ma\x86\xe7\xc0\x14\x9f\xb9h\xb1\x96\xe7=I\x860S6\xb5\xa8\xc2\x95Je%\xfeG\'\b\x00\x00\x00\x00\x00\x00\x00\x1c\xa6\xab\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94k\xcd\t\x00\x90k\xd6\x05\xb6&\xd0\x9daA\xc5\x9c_\xd4\x18,\f\xd4s\xb2\x99/\xc0\x9a\xf2Oc\xc0c\x03gB!\xb0\xb8n\x01\x9bT\x95\x10\x86\xe8$\x7f\r[\xf9\x0e1v\xb1\n\x88\v\x95uy\xb5:`\x8b\nC\x18A;\xaa%\xaf\xc7\xa3\xac\xa2D\xb5\xe2\xe1\xdc(\xfd\x05\x9fB\x84O\xfe@\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1a\xa0\x17\xe3\xac\xe9\xc9\xa7\x8a\x1b\x03\"&\xac\xcap>\xccZ\x01\xbc\x18\xc1\xb9\xe9\v\x8b\x9c\xb4Q\xd4\x96EV<>\x99\xca\xb3\xe0\xc4tL\xed\xf5W\xbd#\xcf\x8a\x84\xed\x9f/\xd4\xbb\xea;-Dp\xf8\xd0F\x90\xf8\x92Ip6\xf4\x16\xe8\x14\xe0\x92!\x92-F\xe2\x14D\x91\xa8b\x04\xdd\x1d\a\xdc\xe0\x18\x85{\x80Q\xf6k\x96\xfaQ\x9fW\vO\xf0\xe4O\\\xceS\xe2\x05\x049d\x06#\x88\xc3\xdf\x85O\x1c\xc3\xad?r\xd7\x0e\x00\xd7\x83\xb0\x88\x9c\xf6Y-F\x98\xdd\x9c~\xfd\x95\xc3\xb6lC\xaa\"Y\xa2K\xecz\x84:*\xf5Y\xd1\x9b1\x91\x9b\x15\xd4\xec\x02o\x01&\xaa\x90w\xc4\xc7\x8en\xb5\x1ag\xab&?\xbe\xcb\xe8v\xa8\xe0\xa4\x81sW\xacf\x149\xd2}\xef\x03Ga\x9a$4\x8c\xa5!p\x83\x05\x96%\x02%\xabj\n\b\xc8NC\x91}&y\xd3\xe1\xeep\'\xc5\xab\x19GsX5\x8c\n\x9fh\xee;4\xb1%V\xe0\xa9\x8e\xf30:\xd8\x18N~G\x139\xcaf2\x02F1\xc6\x82\x00E\xae\x9d\xbd/\xd0J\xce=\x924\xc0\x17\x871N:\xb4\xea \x8e\xdelV\x83\x1f\'\xe2\xd6\xc0\xc3\xfc\xc9677u\xf3RUP@o>\xee\xb8\xa3\t\x02\xb7\\,\xebK\xed\x1b\xc9e\xb3\x16\xce\x9bI\xdb\xfa\x82\x85\t\x9bg\xd0s\xe2\f{\x8cp~;\xf8\x96\xf2\x91\x06\x89\xa6D\xce\xac\x03\xc1\x83\xd1\xe6 |\xa75\xd7\x80t\xfc\xf8\xd2\x12N\x1cB7^\xfd4\xae\xb0VFw\b!\xae\x1baTv\xc0z\x19\xc5\xc8H\x7fsk\x9cD\xb3w\xba\x97N\x9a`\x8f\xfc\x9ee\xf9\x00\x1cQA\x14]\r\xd4\"\xc2\x12GD\xdb{\x88\xaa\x81\xc8\xa2\xdeI\xa2\xbel\x0e\xec\x17fNI\x05\xff\x8d\xf4_\x1a\vqA\xb7\x0ed<\x98\xee\xb8\x19\xec\x9f\xee\xe1_\xacG\x8b\xa3\xc3\x13\x80\x0f\xf4I\xdeAwG\xbdkno\xa2\b\x126\x97\x9b\xf9|P\xd94\v\x15\xcb\xc0\x9d\x11\xf3\x18\xae!2\x1b\x12\xa9\xc8~\xb7S\x94\xb5\xc7;\xa90D>s\xe9\xa4N', 0x2)
sendto$inet(r0, &(0x7f0000000140)='^', 0x34000, 0x0, &(0x7f0000004ff0)={0x2, 0x0, @rand_addr=0xfffffffffffffffe}, 0x10)
listen(r0, 0xda90)
ioctl$int_in(r0, 0x5452, &(0x7f0000000380)=0x2003)
accept4(r0, 0x0, 0x0, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f00000000c0)={'syz_tun\x00', &(0x7f0000000700)=@ethtool_link_settings={0x2, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x20, 0x8, [0x0, 0x0, 0x0, 0x400000c, 0x5, 0x0, 0x0, 0x2]}})
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

3m59.079356439s ago: executing program 0 (id=3968):
r0 = fsopen(&(0x7f0000000240)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
mkdir(&(0x7f00000008c0)='./bus\x00', 0x0)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x10c)
getdents64(r2, &(0x7f00000000c0)=""/55, 0x37)
lseek(r2, 0x3, 0x0)

3m58.866502837s ago: executing program 0 (id=3970):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
getsockname$packet(r1, &(0x7f0000000600)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r2, @ANYBLOB="f5ff0f00252155b21c0012000c000100626f6e64000000000c0002000800010001"], 0x3c}}, 0x40000)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000100)={@ipv4={'\x00', '\xff\xff', @multicast2}, 0x56, r2})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000b80)=ANY=[@ANYBLOB="3c00000010000305000000000007000000000000", @ANYRES32=0x0, @ANYBLOB="0000000006100000140012800b00010062726964676500000400028008000a00", @ANYRES32=r2], 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x440b0)

3m56.458034384s ago: executing program 0 (id=3981):
mbind(&(0x7f0000395000/0x2000)=nil, 0x2000, 0x8003, 0x0, 0x9, 0x6)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@mcast2={0xff, 0x5}, 0x200, 0x0, 0x1, 0x3}, 0x20)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ip6_flowlabel\x00')
read$FUSE(r1, &(0x7f00000059c0)={0x2020}, 0x2020)
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000000280)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20)
read$FUSE(r1, &(0x7f00000000c0)={0x2020}, 0x2020)

3m55.611509325s ago: executing program 0 (id=3985):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x2710, @local}, 0x10)
shutdown(r1, 0x1)
r2 = accept(r0, 0x0, 0x0)
ppoll(&(0x7f0000000180)=[{r2, 0x2040}], 0x1, 0x0, 0x0, 0x0)

3m54.539946378s ago: executing program 0 (id=3990):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1042, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r2)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})

3m39.254478955s ago: executing program 40 (id=3990):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1042, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r2)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})

3m0.154831503s ago: executing program 7 (id=4053):
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
close(r0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={<r2=>0x0, 0x1c, &(0x7f0000000240)=[@in6={0xa, 0x4e21, 0x383, @dev={0xfe, 0x80, '\x00', 0x3c}, 0x4}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7a, &(0x7f0000000340)={<r3=>r2, @in6={{0xa, 0x3, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, &(0x7f0000000040)=0x84)
sendmmsg$inet_sctp(r0, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30}], 0x1, 0x0)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000400)={r3}, &(0x7f0000000500)=0x8)

2m59.678773839s ago: executing program 7 (id=4242):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
syz_mount_image$nilfs2(&(0x7f0000000080), &(0x7f0000000300)='./file0\x00', 0x0, &(0x7f00000002c0)=ANY=[], 0x4, 0xaf7, &(0x7f0000000380)="$eJzs3U1sXEfhAPDZtdexk/Qfp/+EmjS0CYW2fNRpHBM+IkiqREhETYW4VKq4RGlaIkKQKBJQVcLJiRutqiBx4kOceqkKQqIXFPXEpRKNVCH1VDhwIAqiEgcIJIu8nlnvTnbzdh3vvrX395OeZ+fNezszz2/f97wJwNiqNv4uLs5VQrj85qsn/vbwX2eWxxxtTjHb+DvZEquFECoxPpl93/sTK+HND1460ymshIXG3+X4luURT11vzrsthLAU9oUrYTbsuXz1lbcXnjx18eSl/e+8duTagKoPAABj5atXjizu/vMf79954/UHjoUtzfHpeH02xrfH4/5j8cA/Hf9XQ3u80jK0msqmm4xDdaZ9uokO0zXymew83WSX/Key/GtdptsS7pz/RMu4TvWGjSytx7OhUp1vi1er8/Mr5+ShcV4/VZm/cO78cy+UVFBg3f3zwRDCvpbh+KX2+CCHtLHpZ56jgyhLZWW/PuD61oe1XDfbcGx4ed2oryi9zkMa6jvK3f4AJPn9wtss5VcW7k7z2yZ7y//6E9XO88M6GPb633P+1XhRraz8kzHP/1cXbXFYP5t1bUr1Sr+j7TGe9t7pGab8+aXuv7/8Tkf72Px+RK3Hcna7j7BR7i90K+fEkMuxVt3Kn68Xm9UXY5iWw5ey9NbfT/4/3Sj/Y6Czf+XX/zfyMB0rVUbeEyNQ/4EM+0agDIa2oX0dr93Nd9VL3PYAoy1/bq6e7o9G+XN9efqWgvTpgvSZgvStBenbCtJhnP3muz8OL1dWz/Pzc/p+r4en62z3xPD/+ixPfj2y3/zz5377dbf5588Twyj73emnz37u2Weurjz/X2mu/7fi+p5ON2bjb+tKnCBdL8yvqzef/Z9tz6faZbp7s/Lc02H6xudd7dNVdq1+T2jZztxWjrn2+XZ0m25v+3Sz2XQzcZjOypsfn2zN5kvHH2m7mpbXZFbfWlaPqawcabuyM4Z5OWAt0vrY7fn/tH7OhVrluXPnzz6e7WP/MFHbsjz+4JDLDdy9Xtv/zIX29j/bm+Nr1bRdCC3717S9OBjeiN/XPn6hmU/7+EMxnvZz35iYaYyfP/Pt88+uf/VhrL3wgxe/efr8+bPf8WHNH748GsXo50M6bRmV8vTwIZ0BlVaMaih/IQzxQ4kbJWAoDvxw5SDgsXPfOv382efPXjh0+PChhYXDnz+0eKBxXH+g9ei+1VIJpQXW0+pOP0/ZXk6BAAAAAAAAAAAAgELfO3ni6rtvffa9lfb/q+3/Uvv/9ORvav//o6z9f95OPrWDT+0Ad3ZIb0yTvWB1KpuuFof/z8q7K8tndzbfh2LY7Mcvtv9P2eXvdU3luS8bX8ujMcPsdQK3vS9lKmsfnfcX+NEYXorhLwOUqDLTeXQMi95vndb11Dqr5b0U9YlxeYnyJpD+b2ltWHmPyWpPrh3f69Tyz945pHKyvgbTeHDqji0LgNHw99F7//fS4L77H6sVL7+ehq7D5HDz+2ljjaiO43pRr3frxaPXHmwA1kfZ/X+m654pvPD7r0wvD2my60+0by/z95dCP/70bnt81PufHHT+eb99w86/7PoPu//PZv93PW//sh7zsvc891q6f//s2nst2YY9veaf1z+9B3pXjxlHN2L+qTaPhN7yr/8iyz+/IdSj/2T5b+0x/9vqv3dt+f835p8W26MPFeSfLgxfXClxpdpejpmsHun+X37dOLmZ1T+92/MO9f/ai53qv8Z7DLdi/jDONko/s/3KjiOaB+2tzxeEvvr/jZbWt//fZmGzzVr+HMZnYjztCNJzDnl/J/2WPz1fkfYDu7PvrxTs3/T/u7F9IYZFv4fU/29aH2fjLr8l3liWKV7rsGw367YGNqr3R+/+37gP0yNQBkPvQ31iDfM1+4krufz1en2wF7QKlJo5pS//ss8Tys6/7OVfJO//Nz+Gb55/7uucnvf/m6fn/f/m6TPxP9QtPe//N1+eef+/efp92ffm/QPPFaR/uCB9T+f05mK7v2D+vQXpHylI399MP9o2RUp/oGD+BwvS7y1If6gg/WMF6R8vSH+4IP3RlvTWPqBT+icK5t/sUnuUTvXXpx9sbnn7vHHb/sE4S/d/uv3+dxWkAxvXT14/ePyZX399dqX9/1Tzeki6j3csxmvx/On7MZ7f9w4t8eW0t2L8L1n6qF/vgHGSvz8j378/UpAObFzpOS+/bxhDlenOo2NY9N6qbsf5bCyfjOGnYvjpGD4Ww/kYHohhuje0MKTyMRjH3/jtkZcrq+f7O7L0Xp8nz9sDtb0nKoRwqMfy5NcH+n2ePX+PX7/uNv81NgcDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoTbXxd3FxrhLC5TdfPfH0qXMHlsccbU4x2/g72RKrNecL4fEYTsTw5/HDzQ9eOtMa3ophJSyESqg0x4enrjdz2hZCWAr7wpUwG/ZcvvrK2wtPnrp48tL+d147cm1wSwAAAAA2v/8FAAD//zjgCFM=")
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f0000000140))
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000380)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
r0 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x1eda02, 0x39)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
sendfile(r0, r1, 0x0, 0xfffe82)
mknod$loop(0x0, 0x6210, 0x0)
lchown(&(0x7f0000000000)='./file0\x00', 0xee00, 0x0)

2m57.897827639s ago: executing program 7 (id=4252):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
prctl$PR_SET_IO_FLUSHER(0x43, 0x1)
prctl$PR_SET_IO_FLUSHER(0x43, 0x0)

2m55.539959423s ago: executing program 7 (id=4259):
madvise(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0xc)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000000000/0x9000)=nil, 0xa00000, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil)

2m54.076610841s ago: executing program 41 (id=4259):
madvise(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0xc)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000000000/0x9000)=nil, 0xa00000, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil)

2m4.566360391s ago: executing program 8 (id=4433):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x400, @empty, 0x100001}, 0x1c)
listen(r1, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000180)={0x2, 0x4e22, @local}, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r3, &(0x7f0000000280)=[{&(0x7f00000005c0)="580000001400192340834b80040d8c560a06ffffff7f00004e220000000058000b480400945f64009400050038925a01000000800000008004000000ff0109000000fff5dd0000000800030006010000418e01400004fcff", 0x58}], 0x1)

2m3.394705102s ago: executing program 8 (id=4441):
r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d031, 0xffffffffffffffff, 0x0)
mlock(&(0x7f0000840000/0x4000)=nil, 0x4000)
r1 = userfaultfd(0x1)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000100))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
read(r1, &(0x7f0000000140)=""/116, 0x74)
syz_io_uring_complete(r0, 0x0)
syz_io_uring_setup(0x131, 0x0, &(0x7f0000ffe000), 0x0, 0x0)
ioctl$UFFDIO_CONTINUE(r1, 0xc020aa08, &(0x7f00000000c0)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})

2m2.346022825s ago: executing program 8 (id=4444):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(0x3)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0xf7}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0f0000000400000004000000a2"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r3}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000006c0)=ANY=[@ANYRES32=r3, @ANYRES32=r2, @ANYBLOB='&'], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r3}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)

2m1.980752001s ago: executing program 8 (id=4445):
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
pipe(&(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000140)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000040)='./file0/../file0/../file0\x00', &(0x7f0000000100)='devpts\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_EXPIRE(r1, 0x810c9365, 0x0)

2m1.484059059s ago: executing program 8 (id=4448):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000880)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x50, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_DESC={0xc, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x1}]}, @NFTA_SET_POLICY={0x8, 0x8, 0x1, 0x0, 0x1}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x78}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x68}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a480000001e0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000001c000380180000800c000180060001"], 0x70}, 0x1, 0x0, 0x0, 0x4451099e661a63b1}, 0x0)

2m0.551424563s ago: executing program 8 (id=4454):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
sendmmsg$inet(r0, &(0x7f0000001240)=[{{0x0, 0x0, &(0x7f0000001dc0)=[{&(0x7f0000000140)="91f8a9849519def28691bbc4173c3d6f357d0272b7319130feaab952ac4703cad04be68907e50e997fc26e4c91ea4feb931647fc5393de2500000000000000", 0x3f}, {&(0x7f0000000e80)="44900000000056ee66c372f3105eb186dd8062fad2d5b5bfb0ba06f274a8d026bd209da8ffa6a26e3b3f8075704a9d0ef9aff7f1e7db24609f02d34e76992c9df9fe6888c6c9a4825c6223be6ac54536025af1dea54e527c68b0ff250261953f2da79a78104c2d9e7b16ed86b124945aa9ab7581ebd385fb61d442035db81e18c2d2462d0bb2", 0x86}], 0x2}}, {{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000fc0)="31cef842", 0x4}], 0x1}}, {{0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000640)="42e013913edbeb683c44e18a52b5a2462064ddd92caaba941de80d06047dedb7eeeff3a27eacf4c416b6979d6c918608807c44d01535dbaab3b390086e4fd43c6b5931187023646d6beac2340fdc7a0d81214ac76a818f64d287311e8828dfd3e3dd67efdb129a6e52745d1540e570891f6bf411cc16a18c4d34e522a1f003498f1a03ea1f8828b6c902286c71a9bc21923972dacfa74fef6a0fd3267e599c1dd33dff5d7b28f134bda4a29962fd5daa4fc9c515a1c3ee25ace1a9948c24b277d0", 0xc1}, {&(0x7f0000000300)="d6f6da22b14bf9ad2fbb765e446f21a90b8d398bc28c67ea1b14020f785656813f94f0a10a80cff62212b5842b9740c2e7c8cbc7ad801a6ec481d22ff828b1ba477f736c1712a1334158d7df5bc9584acb5112d5ca2ba8ac448a37a5347342781c32", 0x62}], 0x2}}], 0x3, 0x2090)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

1m59.716588906s ago: executing program 42 (id=4454):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
sendmmsg$inet(r0, &(0x7f0000001240)=[{{0x0, 0x0, &(0x7f0000001dc0)=[{&(0x7f0000000140)="91f8a9849519def28691bbc4173c3d6f357d0272b7319130feaab952ac4703cad04be68907e50e997fc26e4c91ea4feb931647fc5393de2500000000000000", 0x3f}, {&(0x7f0000000e80)="44900000000056ee66c372f3105eb186dd8062fad2d5b5bfb0ba06f274a8d026bd209da8ffa6a26e3b3f8075704a9d0ef9aff7f1e7db24609f02d34e76992c9df9fe6888c6c9a4825c6223be6ac54536025af1dea54e527c68b0ff250261953f2da79a78104c2d9e7b16ed86b124945aa9ab7581ebd385fb61d442035db81e18c2d2462d0bb2", 0x86}], 0x2}}, {{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000fc0)="31cef842", 0x4}], 0x1}}, {{0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000640)="42e013913edbeb683c44e18a52b5a2462064ddd92caaba941de80d06047dedb7eeeff3a27eacf4c416b6979d6c918608807c44d01535dbaab3b390086e4fd43c6b5931187023646d6beac2340fdc7a0d81214ac76a818f64d287311e8828dfd3e3dd67efdb129a6e52745d1540e570891f6bf411cc16a18c4d34e522a1f003498f1a03ea1f8828b6c902286c71a9bc21923972dacfa74fef6a0fd3267e599c1dd33dff5d7b28f134bda4a29962fd5daa4fc9c515a1c3ee25ace1a9948c24b277d0", 0xc1}, {&(0x7f0000000300)="d6f6da22b14bf9ad2fbb765e446f21a90b8d398bc28c67ea1b14020f785656813f94f0a10a80cff62212b5842b9740c2e7c8cbc7ad801a6ec481d22ff828b1ba477f736c1712a1334158d7df5bc9584acb5112d5ca2ba8ac448a37a5347342781c32", 0x62}], 0x2}}], 0x3, 0x2090)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

13.601056959s ago: executing program 9 (id=4891):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file2\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0xe, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000020000000bca30000000000002403000040feffff720a00fe0000000071a4f0ff000000001f030000000000002e0a0200000000002600000000ff000e61141800000000001d430000000000007a0a00fe00581c1f61147c0000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f30002af51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566de74e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48b936e6f9e0fcda88fe4413537528fdb6153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b602396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54dd84323afc4c10eff46248843187f1dd48ef0900000000000000ff0f4000000000f00700003c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f0e6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963442aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e637d4219ef7ec61261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addbc4b3093c91b8068c5adfcb0d7fd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf699b3746979f99f6a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae543d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80aba439772bf60a1db18c472dafc5569adc2c406f39f82928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a4a274000000000000000000000000000000000000000000000009dd14b38f2f5426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd030000006d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10b0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e8c0a0d213c3ffad44d2a376def42e41e9fc3167a257e040fa7cf32c221aaac6cfdeb33c27500001a0000000000000000000017350000c11ae694b0c69c2c03f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fb705b95b6aae27a8fab1e6984c8bdc12360627137ab6737b68ab08a1a4b94cb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481ffe46a4ce86be0b1f8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0b74903580ac98708007c80d6c7d0de4614195e40d797c0348dd70f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddff771657f3d0288ec3899f1e3ba0151c4037148fb479de703fc52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f1d2156befec432e8e993c79027b7ef285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23ed080000000000002bc261a781fd14126c146a0aac4221839a4b9bbf61e4bba695a41e2109eba8e40c370267cc51ffadbd15cafc97a4d3edfdcb9b5729307c6bdaf7b69325fb05fa8a9869de0600ee477d71bf3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d48357378caf2b6789509b1bacfd4fa812dc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a296c22fdc0500000000000000b1aade386b113045033a6188d56e675564d8cb8d5b40114b0f5bf15dd64c9ece60b8588ee8777d0ea8f4713b258427c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795835f3cec40dff485d2802c08611454d9ea784a205bcc07ec26f906f3cf45bb37014ab6f22af6213618e242b283ea9d3f0677ee598072ec06f7170009d92bb87d9d12c378dfd3e74ec056ee83eef666423d934fc5908c9ff98715218a5964f1e00000000426ac9588e27aefe307f49662990ee823568bbc2f89596ced7c6c52d76b8096f1848410843b93fd404f535be474f456778b5ef85abb8fc2336abd5ea64a6efea8a5aca0015499b88ae780a7bae4df603bd3c72808cf300440b1b638a6640f7de8d0d82f359ca2f779cd48cd8d3603f4f69e47f386988c9b7b5d6dd3d48a1fdca780049d7c87bea42161a4c0d7cf0125b43dc9d8845f3c05a08acda647e7143d0e0aee2949a45e28488b0522c2288072467d2afe269f589fb7e034b92d3ca245b16b71998711bfe206c9690b6d0eebb06a29349229eb45ff15c63aa2c82c56d7420738cd1b04eb16e87cb524315d7361ea3635d3799bb7fcc56aa5e1dbe031a7a12554dee6754b72f43a6fddf427f32ec3df274a88097725679769beebf1aa6eb09d5154e4900000000000d0f7160a05911d969879953d3d4702b2676c07bb0fd14020a66718378825d5ed789711b77d40dc31e0b8fc651b45559da463f0000000000000000000000000052d42124e9c26aba885015e69d42ecd710342ac597ebea576ae15fdf611356f622e831741ab15549e0d7a2bd0324e2b3b48a10551607492c19eaf58485feb4cab19c303b30ba2ddea0d792d77724c9fa4ed58b93668fc20484f141ee2b6a0029e88fdc853189b4dafd36ff23b11967090e508f45e3f10857038a52ef275cf9e3e4b5d30b12d138dfa70930c603b5e3f4b7be67be3dba3cbd8d4d143195af0697d779445d67dcfbd922d12a8b49f93eac7a72faacf80346b3b669615f2710eb8df39fc8c04d2c9c196fa6facfea613569a35cde6451f2edf55ce25c7d72ec7ea85a92458c0559ca3a94727d495bd4671a55a70bc544d71d8e0257707a31936f1adf224077310a86bf447ec92c650acca8c6b0721020894b06178c32f4472d17174d6eb2b067030c5d2c12583f46d2da7fba42d4083259c7cdc8bf1f4299c248865d3c809356c3ed"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xffffffffffffffc2}, 0x48)

12.289185074s ago: executing program 9 (id=4893):
r0 = socket(0x10, 0x3, 0x4)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)=@newqdisc={0x68, 0x14, 0xf0b, 0x4, 0x0, {0x2, 0x0, 0x0, 0x0, {0x4, 0xf}, {0xb, 0x1}, {0xffe8}}, [@TCA_STAB={0x44, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xff, 0xfc, 0x200, 0x80000a, 0x0, 0x1, 0x1}}, {0x4}}, {{0x1c, 0x1, {0x6, 0x4, 0x4, 0x9, 0x2, 0x8, 0x2}}, {0x4}}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x2040806}, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x20000406, &(0x7f0000001d40)={[{@dioread_lock}, {@noblock_validity}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x4}}, {@jqfmt_vfsold}, {@nolazytime}, {@grpjquota, 0x2e}, {@nouid32}, {@resuid}, {@barrier_val={'barrier', 0x3d, 0x1000}}, {@grpid}], [], 0x2c}, 0x84, 0x4fa, &(0x7f00000007c0)="$eJzs3M9vFFUcAPDvTOkPoNCCROWHUkVjI9rSgsrBgxpNuGhM9IDHWipBChhaEyFEijF4NP4F6tHExJMXvWiiRr2o8ap3Y9IYLqAmZs3szrS77Xa73ZZW3M8n2fa9mTcz7/t23vzYtzsBtK2B7E8S0RsRv0REXyVbW2Cg8u/GtUvjf167NJ5EqfTCH0m53PVrl8aLosVyW/PMYBqRvp3E3jrbnbpw8fTY5OTE+Tw/PH3mteGpCxcfPnVm7OTEyYmzo0ePHjk88tijo480FcflZeZncV3f8+a5fbuPvfTes+OlePm7j7P69ubzq+Oo6G9qu40MxECUcvNTu8p/71/12v9btkVEd55ONm1wZWhaR0Rkb1dnuf/3RUfMv3l98cxbc5mvNqiCwE2TnZt2LJrakf9P585fwP9Roo9DmyrO+Nn9b/Faz+uPjTb7ZPZ3ohz/jfz1w3OVtkmze9n+8h17utTyt9eZ1jOfLPUts/3eiDg+89f72Svqfg7RQNJ0SQCAOV9k1z8P1bv+S2uubbbnYyj9EXEwInZGxG0Rsavq0uiOiLhzhdsfWJBffP3z0+YVrnJFsuu/x/OxreJVmVPElczltpXj70xeOTU5cShvk8Ho7M7yIw228eXTP7+71LyBquu/7JVtv7gWzOvx+6bu2mVOjE2PrSLkGrNXIolN9eJP5kYCshbYHRF7Wlh/1manHvxoX5bevnXx/OXjb2ANxplKH0Y8UHn/Z2JB/IWksqWlxieHe2Jy4tBwsVcs9v2PV5+vzndWpWvi72kupp5Wg61j9krElur9vz9q4y+6QTFeO5Xnv+5tehtXf31nyXuaxe9/Esdnqkvk+//m+WbL9v+u5MVyuiuf9sbY9PT5kYjP8wk100fn11bki/JZ/IMHavf/yn1xmh3j/vkgX25vRGQ78V0RcXdE7M/rfk9E3BsRBxrE/+1T973auIVa3P/XwGyxv9Xp/7n+pHq8voVEx+lvPltq+80d/46UU4P5lOrjX9cS6222gqtpOwAAALhVpOUx6CQdqvr+dmFXbEknz01NHxyI18+eqIxV90dnWnzS1Vf1eehI/tlwkR9dkD8cETvK3zTaXM4PjZ+b3LZBMQMVW8v9f0u5/1eOBWk6NFSZ91vHRtcOuOlWNI5W/aWzTz5d+8oA68rvNaF9tdT/t699PYD15/wP7Uv/h/ZVr/9fjrixAVUB1lmr5/+FXxgAbjmlmudTAm3F/T+0L/0f2tLin8Tnj1vJjgmt/+R/cuex1Twx4OYnSn2tLx5Lz5pZ+Qo7mitcPP2i6TU3VziJKMJJG8RVJxHp/JS/86dJlqd0Vsp0NV/V9U+ky5Z5YrnW6FzRMzF66rTG/jzRHRHNrufyurVqcYRIPGUSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4pf0bAAD//56D59U=")
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108)
syz_usb_connect(0x1, 0x2d, &(0x7f0000000100)={{0x12, 0x1, 0x40, 0x5a, 0x1c, 0xb9, 0x8, 0x5ac, 0x921c, 0x99e1, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x8, 0x90, 0x6, "", [{{0x9, 0x4, 0xd2, 0xe3, 0x1, 0x3, 0x25, 0x0, 0x2, [], [{{0x9, 0x5, 0xf, 0x2, 0x200, 0x8, 0x0, 0x7}}]}}]}}]}}, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
r2 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x68})
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000ffb000/0x2000)=nil, 0x2000}, 0x1})
ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa07, &(0x7f0000000280)={{&(0x7f0000ffc000/0x2000)=nil, 0x2000}})
getdents64(r1, 0x0, 0x0)

9.365287132s ago: executing program 9 (id=4906):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
syz_clone3(&(0x7f000000dd80)={0xa00400, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x11c0, 0x0)
acct(&(0x7f0000000040)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x42, 0x0)
acct(&(0x7f00000000c0)='./bus\x00')
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

8.741574505s ago: executing program 3 (id=4911):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xe}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x5, 0x7, 0xb3}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000980)=@newqdisc={0x434, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xffffbddc, {0x0, 0x0, 0x0, r6, {0x10}, {}, {0xe, 0x1}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x408, 0x2, [@TCA_TBF_RTAB={0x404, 0x2, [0x2, 0xdd8a, 0x5, 0x1, 0x7e, 0x2, 0x7, 0x2, 0x92e, 0x4, 0x0, 0x197d, 0x7, 0x4, 0x3, 0x2, 0x80000001, 0x80000001, 0xfff, 0x9, 0xcf8a, 0x23b, 0x524, 0xffffffff, 0x5, 0x8000, 0xf, 0xc, 0x4, 0x2, 0xffffffff, 0x4d, 0x2, 0x9, 0x1, 0x3, 0x3, 0xfffffffa, 0x7, 0xfffffff7, 0x4, 0x5, 0x80000001, 0x400, 0x0, 0xe1c, 0x9, 0xffffffff, 0x6, 0x7, 0x0, 0x9, 0x2499, 0x6, 0x0, 0x2, 0x7, 0xdbb, 0x7e, 0x3, 0x616f, 0xb, 0x3, 0x1, 0xf, 0x7, 0x3ff, 0xe80, 0x50d1, 0x9, 0x4, 0x4, 0x9, 0x40, 0x0, 0xf, 0x5, 0x1, 0x1, 0xc, 0xcc4d, 0xf860, 0x1, 0x2, 0x3, 0x1, 0x2, 0x100, 0x7, 0x7, 0x0, 0x7, 0x9, 0x6, 0x4, 0x3, 0x8, 0x40, 0x8, 0x4, 0x5, 0x1, 0x4, 0x10, 0x4a1, 0xff7, 0x10001, 0x9, 0xfffffff1, 0x92, 0x44d5, 0x7, 0x3ff, 0x5, 0x81, 0xfc, 0x1000, 0x6, 0x4, 0x9, 0xfff, 0x17bd7921, 0x9, 0x80, 0x6, 0x1, 0xd03, 0xfffffffb, 0xa, 0x2, 0x9, 0x5, 0xe0d, 0x3, 0x3, 0xfffffff8, 0x8000, 0x7, 0x6, 0x3, 0x2, 0x1, 0x7fffffff, 0x3af, 0x9, 0x2, 0xfff, 0x7, 0x7, 0x88, 0x2, 0xffffffff, 0x9, 0x1, 0x81, 0x3, 0x6, 0x3, 0x1, 0x13, 0x10001, 0x44, 0x2, 0x0, 0x0, 0x0, 0x14be, 0xfffffffd, 0x3, 0x1000, 0x1, 0x800, 0x4, 0x8, 0x3, 0x1ff, 0x5, 0x2, 0x99, 0xffff, 0x3, 0x200, 0x539, 0xd27a, 0xbd2, 0x3, 0x7ff, 0x5ca8, 0x400000, 0xfff, 0x0, 0x2bc7, 0x2, 0xc5, 0x7fff, 0x2, 0x5, 0x7, 0xcc16, 0x7, 0x401, 0x1, 0x9, 0xe0b, 0x0, 0x4, 0x5, 0xa, 0xd5, 0x0, 0x92, 0x200, 0x3, 0x0, 0x7, 0x0, 0x9, 0x48000, 0x7f, 0x8, 0x2, 0x1, 0xd, 0x2d0a, 0x4, 0x2, 0x1, 0x4, 0x7, 0x5, 0x100, 0x1, 0x7ff, 0x10000, 0x14d400, 0x1, 0x1fa3, 0x4, 0x3, 0x2, 0x9, 0x66, 0x7, 0x7, 0x31, 0xffffffff, 0x8, 0xd1, 0x9, 0x7, 0xffffffff, 0x544c, 0x9, 0x9, 0x4, 0x6]}]}}]}, 0x434}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000)

8.072200638s ago: executing program 9 (id=4912):
socket$inet6(0xa, 0x1, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="020000000400000006000000aa0b"], 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, &(0x7f00000002c0)=""/251, &(0x7f0000000940), &(0x7f0000000200), 0xa7c, r2}, 0x38)

7.53850666s ago: executing program 1 (id=4913):
openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x4004000)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff})
close_range(r4, 0xffffffffffffffff, 0x2)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.current\x00', 0x275a, 0x0)

6.480358353s ago: executing program 4 (id=4915):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xfffff000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
semget(0x0, 0x1, 0x206)

6.368819543s ago: executing program 5 (id=4916):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000))
close(0x4)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/cgroup\x00')
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x215eb000)
socket(0x14, 0x2, 0x4)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000001840), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r0, &(0x7f00000019c0)={0x0, 0x0, &(0x7f0000001980)={&(0x7f0000001880)={0x4c, r1, 0x1, 0x0, 0x0, {0x21}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5}}]}, 0x4c}}, 0x0)

6.2687819s ago: executing program 3 (id=4917):
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x1a5})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1})
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f0000000340)={&(0x7f0000000000)=""/59, 0x312000, 0x800, 0x0, 0x5}, 0x20)
ioctl$UFFDIO_COPY(r0, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000/0x3000)=nil, 0x3000})
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x20, 0x1)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000680), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id='])

5.069043484s ago: executing program 4 (id=4918):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000140)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10)
r2 = accept4(r0, 0x0, 0x0, 0x0)
sendto(r2, &(0x7f0000000200)='9', 0x1, 0x20008080, 0x0, 0x0)
sendmsg$TEAM_CMD_PORT_LIST_GET(r2, &(0x7f0000000240)={0x0, 0xffffff3a, &(0x7f0000000100)={&(0x7f0000003180)=ANY=[], 0x588}, 0x1, 0x0, 0x0, 0x4000004}, 0x4000)
recvfrom(r1, &(0x7f0000000000)=""/44, 0x2c, 0x0, 0x0, 0x0)
setsockopt$sock_int(r1, 0x1, 0x12, &(0x7f00000000c0)=0xb40, 0x4)

4.804788155s ago: executing program 1 (id=4919):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f00000004c0), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x28011, r2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

4.804610383s ago: executing program 6 (id=4920):
landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff6000/0xa000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000090000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r0 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0xa, 0x20002f7})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x7, 0xffff}, {0xe, 0xfff3}}}, 0x24}}, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

4.468042945s ago: executing program 4 (id=4921):
socket(0x10, 0x803, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r0 = io_uring_setup(0x1b7f, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0x0, 0x20002f7})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {}, {0x0, 0xffff}}}, 0x24}}, 0x0)
r1 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000300)=0x8)
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffffb)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

4.380489523s ago: executing program 6 (id=4922):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, 0x0, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)=[{0x0}], 0x1}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=@getqdisc={0x24, 0x26, 0x10, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x1, 0x5}, {0x10, 0xd}, {0x3, 0xc}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000001}, 0x20040000)
r1 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newqdisc={0x3c, 0x24, 0xd0f, 0x70bd29, 0x0, {0x60, 0x0, 0x0, r3, {0x0, 0x8}, {0xffff, 0xffff}, {0x0, 0x5}}, [@qdisc_kind_options=@q_plug={{0x9}, {0xc, 0x2, {0x0, 0xfffffff7}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80d1}, 0x34008098)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)

3.987945521s ago: executing program 4 (id=4923):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, 0x0)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r0, 0x0, 0x0)
nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, 0x0)
syz_80211_inject_frame(0x0, 0x0, 0x0)
r3 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8916, &(0x7f0000000040)={'wlan1\x00', @random="0200ac7f7f00"})

3.797525914s ago: executing program 6 (id=4924):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x2ba)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c0000001000850619fbb7c75150926b00000000", @ANYRES32=r2, @ANYBLOB="fe000000000000001c0012000c000100626f6e64000000000c0002000800010004"], 0x3c}}, 0x0)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x4, &(0x7f0000000580)=ANY=[@ANYBLOB="18020000000000020000000000000000850000001700000095"], &(0x7f00000005c0)='GPL\x00'}, 0x94)
r4 = socket(0x10, 0x803, 0x8)
sendmsg$IPVS_CMD_SET_INFO(r4, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x2d}, 0x1, 0x0, 0x0, 0x8801}, 0x8000)
getsockname$packet(r4, &(0x7f0000000600)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000001c0)={r3, r5, 0x25, 0x0, @val=@netkit={@void, @value=r3}}, 0x1c)

3.257087292s ago: executing program 3 (id=4925):
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x1a5})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1})
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, 0x0, 0x0)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f0000000340)={&(0x7f0000000000)=""/59, 0x312000, 0x800, 0x0, 0x5}, 0x20)
ioctl$UFFDIO_COPY(r0, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000/0x3000)=nil, 0x3000})

3.01614125s ago: executing program 6 (id=4926):
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
bind(r1, &(0x7f0000000400)=@phonet={0x23, 0x0, 0x1, 0x1}, 0x80)
writev(r1, &(0x7f0000002a80)=[{&(0x7f0000000a00)="1b", 0x1}], 0x1)
r2 = openat$comedi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/comedi2\x00', 0x0, 0x0)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x4206, r3)
waitid(0x0, r3, 0x0, 0x8000000a, 0x0)
wait4(r3, 0x0, 0x2, 0x0)
ioctl$COMEDI_DEVCONFIG(r2, 0x40946400, &(0x7f0000000540)={'pcl711\x00', [0x20c, 0x80000003, 0xffffffff, 0xfffffffd, 0x0, 0xb, 0x8000c, 0x3, 0x4, 0x7fe, 0x6, 0x2, 0x1, 0x403, 0x7, 0xfffffff9, 0x4001, 0x2, 0x1, 0x4048000b, 0x5e3c4862, 0x1007fff, 0x200006, 0xd, 0x8004, 0x8, 0x2, 0x5, 0x7, 0x1]})
readv(r0, 0x0, 0x0)

2.69756136s ago: executing program 4 (id=4927):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000340)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x5, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x108})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3})
syz_io_uring_setup(0xf5b, &(0x7f00000001c0)={0x0, 0xc339, 0x40, 0x1, 0x35c}, &(0x7f00000002c0), &(0x7f0000ff4000), &(0x7f0000000000))
close_range(r1, r1, 0x0)

2.596419204s ago: executing program 1 (id=4928):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
r2 = accept(r0, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="120000000400000004000000a4"], 0x48)
writev(r1, &(0x7f0000002640)=[{&(0x7f00000001c0)="80", 0x1}], 0x1)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r3, &(0x7f0000000300), &(0x7f00000002c0)=@tcp6=r2}, 0x47)
recvmmsg$unix(r2, &(0x7f0000000c40)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000200)=""/55, 0x37}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x400000000000281, 0x122, 0x0)

2.006960104s ago: executing program 1 (id=4929):
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(0xffffffffffffffff, 0x7, &(0x7f0000000180), 0x1)
ioctl(0xffffffffffffffff, 0x8b32, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x3000490, &(0x7f00000002c0), 0x45, 0x7b1, &(0x7f0000000c80)="$eJzs3c9rHNcdAPDvrFY/7VYqFFr3JCi0BuNV5ap2C4Wq9FAKNRjaUw+1xWotHK20RrsylhCJTQjkEkhCbsnF5/y8hFzz45BL8n8EGyeRTRxyCAqzP6SVtCvvOtKuHX8+MNZ7M2/2ve+82TfPmtFuAE+tyfSfTMSJiHg5iRivr08iYrCaykbM1so92NzIp0sSW1v/+Sqplrm/uZGPpn1Sx+qZX0fExy9EnMrsr7e8tr44VywWVur5qcrS1any2vrpK0tzC4WFwvLZ6ZmZM+f+dO7s4cX6zefrx++88s/fvzP73fO/evelT5KYjeP1bc1xHJbJmKwfk8H0EO7yj8OurG/ef7aDQk1nQPYoG0OX0o4ZqPfKiRiPgYP6Z7SXLQMAjspzEbHVzkDbLQDAEy2pXf//1u92AAC90vg9wP3NjXxj6e9vJHrr7t8jYqQWf+P+Zm1Ltn7PbqR6H3TsfrLrzkgSEROHUP9kRLzxwf/fSpc4ovuQAK3cuBkRlyYm94//yb5nFrr1h9arF5ozk3s2Gv+gdz5M5z9/bjX/y2zPf6LF/Ge4xXv3UTz8/Z+5fQjVtJXO//7a9Gzbg6b46yYG6rmfVed8g8nlK8VCOrb9PCJOxuBwmp8+oI6T976/125b8/zv61efeTOtP/25UyJzOzu8e5/5ucrcj4m52d2bEb/Jtoo/Hf+Hq/2ftJn/Xuiwjn/95cXX221L40/jbSz74z9aW7ciftey/5PtMsmBzydOVU+HqcZJ0cJ7szHWrv7J7E7/p0taf+P/Ar2Q9v/YwfFPJM3Pa5Y7funtp8U+uzX+UbtCzed/6/hbn/9DyX+r6aH6uutzlcrKdMRQ8u/968/s7NvIN8qn8Z/8bev3f2P8a3H+/y99/UsdHojsnS/ffvT4j1Ya/3xX/d91IkYeLA60q7+z/p/ZtU8n41+nDXzU4wYAAAAAAAAAAAAAAAAAAAAAAAAA3chExPFIMrntdCaTy9W+w/uXMZYplsqVU5dLq8vzUf2u7IkYzDQ+6nK86fNQp+ufh9/In9mT/2NE/CIiXhsereZz+VJxvt/BAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDdsTbf/5/6YnhP4YF+tBAAOBIjLuwA8LRJstl+NwEA6LWRrkqPHlk7AIDe6e76DwD8FLj+A8DT5yHX/71/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdunD+fLpsfbu5kU/z89fWVhdL107PF8qLuaXVfC5fWrmaWyiVFoqFXL601PaFbtR+FEulqzOxvHp9qlIoV6bKa+sXl0qry5WLV5bmFgoXC4M9iwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOldeW1+cKxYLKxJ9SSx+WuuHx6U9Et0l4kat/x6X9hxeIoZ2RonR/gxOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+AHwIAAP//4VQjgA==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r0, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x17)
name_to_handle_at(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x1200)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)

2.006252853s ago: executing program 6 (id=4930):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000280)={'vcan0\x00', <r1=>0x0})
setsockopt$SO_J1939_ERRQUEUE(r0, 0x6b, 0x4, &(0x7f0000000000)=0x1, 0x4)
bind$can_j1939(r0, &(0x7f0000000100)={0x1d, r1, 0x0, {}, 0xfd}, 0x18)
connect$can_j1939(r0, &(0x7f0000000080)={0x1d, r1, 0x0, {0x0, 0x0, 0x2}, 0xfe}, 0x18)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="2800000010005fba00"/20, @ANYRES32=0x0, @ANYBLOB="80000200e180001a08001b"], 0x28}}, 0x800)
sendmsg$can_j1939(r0, &(0x7f0000000180)={0x0, 0xf5, &(0x7f00000001c0)={&(0x7f0000000300)='.', 0x1a000}}, 0x0)

1.985287924s ago: executing program 5 (id=4931):
pipe(&(0x7f0000000140)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f00000005c0)='fd', 0x0, r0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x2)
fchdir(r2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0, 0x0)
mkdirat(r3, &(0x7f0000000040)='./file1\x00', 0x40)
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x200)

1.962242083s ago: executing program 9 (id=4932):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)
getsockname$packet(r2, &(0x7f0000000680)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newqdisc={0x2c, 0x24, 0x5820a61ca228651, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000740)=@newtfilter={0x34, 0x28, 0x575ac7824d421509, 0x70bd29, 0x4, {0x0, 0x0, 0x0, r3, {0x9}, {0xffff}, {0x10, 0x5}}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x11}, 0x40)
r4 = socket(0x10, 0x3, 0x0)
sendmmsg$alg(r4, &(0x7f0000000140), 0x4924b68, 0x0)

1.890059866s ago: executing program 4 (id=4933):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r1, 0x0, r3, 0x0, 0x8000f28, 0x0)
splice(r2, 0x0, r1, 0x0, 0x7f, 0xe)
write(r0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x1000002, 0x4012831, 0xffffffffffffffff, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000580)='smaps_rollup\x00')
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
lseek(r4, 0x2004, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)

1.67068722s ago: executing program 3 (id=4934):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x40006}, 0x4048801)
r0 = syz_io_uring_setup(0x24fe, &(0x7f0000000240)={0x0, 0xf36e, 0x10100, 0x3}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0, &(0x7f0000000000)=<r3=>0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000004c0)=""/120, 0x78}], 0x1)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='='], 0x38}}, 0x4000080)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1400000010"], 0x70}, 0x1, 0x0, 0x0, 0x4451099e661a63b1}, 0x0)
write$UHID_CREATE2(r4, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0)
syz_io_uring_submit(r1, r2, r3, &(0x7f0000000000)=@IORING_OP_TIMEOUT={0xb, 0x40, 0x0, 0x0, 0x8, 0x0, 0x1, 0x12, 0x1})
io_uring_enter(r0, 0x2d3e, 0x2936, 0x0, 0x0, 0x0)

1.636437181s ago: executing program 5 (id=4935):
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0x8)
r1 = accept4(r0, 0x0, 0x0, 0x0)
write(r1, &(0x7f0000000000)="ea", 0x1)
write(r1, &(0x7f00000002c0)="04", 0x1)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000100)={0x3, 0x0, 0x2}, 0x10)
sendto$inet6(r1, &(0x7f0000000200)='x', 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000080)={0x0, 0x1}, 0x44)
close(r1)

1.442560565s ago: executing program 5 (id=4936):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000001a00)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000180)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r3}, &(0x7f0000000280), &(0x7f0000000240)=r0}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000000082c2500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f00000000c0)=r4, 0x4)
sendmsg$inet(r2, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)

1.358472552s ago: executing program 3 (id=4937):
r0 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'veth0_macvtap\x00', <r1=>0x0})
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x88, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x1, [], 0x0, [0x1, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x5c4, 0x8000, 0x0, 0x0, 0x3dc], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}]}, 0x88}}, 0x20000000)
r3 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0xfffbffff, {0x0, 0x0, 0x0, r1, {0x0, 0x8}, {0xffff, 0xffff}, {0xc, 0xfff3}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x1c, 0x2, [@TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x8001}]}]}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40001}, 0x10)
r4 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'veth0_macvtap\x00', <r5=>0x0})
r6 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x24, 0x24, 0xf0b, 0x70bd26, 0x1, {0x0, 0x0, 0x0, r5, {0x0, 0xffff}, {0xffff, 0x8}}}, 0x24}}, 0x20000000)

1.249077649s ago: executing program 6 (id=4938):
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
symlinkat(&(0x7f00000000c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00')
symlinkat(&(0x7f0000000280)='./file0/file1\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00')
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000080)=ANY=[], 0x4, 0x1286, &(0x7f0000002440)="$eJzs3U1rY1UcB+B/2nT6MrapOo7OgHjQjSLEaReu3BSZAbGgVDugru7YVEPTF5pQyCBOXbkS/BiiLt0J4hfoxo1rQRDpxuUsxCttUm2StpPapgV5nk0O557fOef23AZuuIe7+9qXqyvL9fJy1oihQiGKGyNRfJgixVAMR8t2vHT351+efee999+cm5+/vZDSnbl3Z15NKU0998MHn3z7/I+Nq3e/m/p+NHamh3b/mP115/rOjd2/volqPVXraW29kbJ0b329kd2rVdJStb5STuntWiWrV1J1rV7Z7Di+XFvf2GimbG1pcmJjs1Kvp2ytmVYqzdQopMZmM2UfZdW1VC6X0+REcBaLXz/M8zwiz0fiSuR5no/HRFyNx2IypqIU0/F4PBFPxrV4Kq7H0/FM3NhvddnzBgAAAAAAAAAAAAAAAAAAgP+XR+z/L9j/DwAAAAAAAAAAAAAAAAAAAIPXvf+/GOH9/wAAAAAAAAAAAAAAAAAAAHDBHvH+/679/y/b/w8AAAAAAAAAAAAAAAAAAACDMNb6WEhpLGL1863FrcXWZ6t+bjmqUYtK3IpS/Bn7u/9bWuU7b8zfvpX2Tccrqw/a+Qdbi8Od+ZmRUkwXjszPjEdESqkzPxoTh/OzUYprR48/2xq/Kz8WL76wl/+slS9HKX76MNajFksRhfbZ7+c/nUnp9bfmxzvzN/faHWt4wMsCAAAA56mc/tF7/77dbnTk8dah9v15arcsnPD7QNf9eTFuFi/rrDlQb95fyWq1yuZ/LFw5vp8rZ+u5p1CIiCwO10xN/LawN3if/Rxcbuc0n0OF4fPu8MTCyMltzrCmUez7j9nnVPtfnfbkt7tr8lLEaUf//atDNWOnjp+tMNS+zLLadt8XW2zn+UAn1vPPON68vzJ6Uur474zCgL+TuDj/LvplzwQAAAAAAAAAAIDTOPLpv/GI6Hke8OOemoPHwzvjvT0fP/oXF3CGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Dc7cCwAAAAAIMzfOo2ODQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KsAAAD//1IOydo=")
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
linkat(r1, &(0x7f00000004c0)='./file0\x00', r2, &(0x7f0000000500)='./file2\x00', 0x1000)
truncate(&(0x7f0000000080)='./file1\x00', 0xa47b)

1.233631238s ago: executing program 1 (id=4939):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x84, @dev={0xac, 0x14, 0x14, 0xf}, 0x15, 0x3, 'lblcr\x00', 0x1, 0x6, 0x48}, 0x2c)
socket$kcm(0xa, 0x2, 0x0)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$IP_VS_SO_SET_ADDDEST(r1, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010102, 0x4e21, 0x3, 'lc\x00', 0x5, 0x8, 0x77}, {@remote, 0x4e20, 0x10000, 0xc, 0x2}}, 0x44)
sendmsg$sock(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev}, 0x80, 0x0}, 0x0)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADDDEST(r2, 0x0, 0x487, &(0x7f0000000000)={{0x84, @loopback, 0x4e21, 0x3, 'lblcr\x00', 0x0, 0x81, 0x39}, {@rand_addr=0x64010500, 0x4e25, 0x3, 0xc3, 0xfffffff8, 0x12d5c}}, 0x44)
r3 = socket$kcm(0xa, 0x2, 0x0)
sendmsg$sock(r3, &(0x7f0000000400)={&(0x7f0000000140)=@in6={0x2, 0x15, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0)

1.188066276s ago: executing program 9 (id=4940):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f0000000140)=[{0xb1, 0x0, 0x0, 0xfffff024}, {0x6}]}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000002000)=""/102400, 0x19000)
socket$nl_generic(0x10, 0x3, 0x10)
sendmmsg(r0, &(0x7f0000001c00), 0x400000000000159, 0x40840)

974.704197ms ago: executing program 5 (id=4941):
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000240)=0x9, 0x4)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000001600), 0x4)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000240)=0x9, 0x4)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
r2 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r2, &(0x7f0000000180)=[{&(0x7f00000001c0)="580000001400add427323b472545b4560a117fffffff81000e220e227f000008925aa80013007b00090080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000", 0x58}], 0x1)

169.107257ms ago: executing program 1 (id=4942):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$TIPC_CONN_TIMEOUT(0xffffffffffffffff, 0x10f, 0x82, 0x0, 0x0)
clock_settime(0x0, &(0x7f0000000240)={0x77359400})

68.220512ms ago: executing program 3 (id=4943):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'generic-gcm-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000007c0)={0x150, 0x0, 0x10, 0x70bd29, 0x25dfdbfc, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0xe}, {0x6, 0x16, 0x9}, {0x5, 0x12, 0x1}, {0x6, 0x11, 0x8000}, {0x8, 0xb, 0x1}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x80000000}, {0x6, 0x16, 0x6}, {0x5, 0x12, 0x1}, {0x6, 0x11, 0x9}, {0x8, 0xb, 0x7}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8, 0xb, 0x1}, {0x6, 0x16, 0x8}, {0x5, 0x12, 0x1}, {0x6, 0x11, 0x5}, {0x8, 0xb, 0x8}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0xff}, {0x6, 0x16, 0x9}, {0x5, 0x12, 0x1}, {0x6, 0x11, 0x2}, {0x8, 0xb, 0xffffff01}}]}, 0x150}, 0x1, 0x0, 0x0, 0x20000000}, 0x4084)
recvmmsg(r1, &(0x7f0000002180)=[{{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000500)=""/254, 0xfe}, {&(0x7f00000000c0)=""/50, 0x32}], 0x2}, 0x3f}], 0x1, 0x60, 0x0)
syz_emit_ethernet(0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="0180c2000002aaaaaaaaaaaa08004500006000000000002f9078640101000000000024806558000000000000000010000800000086dd"], 0x0)
r2 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e000100636f6e6e6c696d69740000000c00028008000140000000001400017b090001006cdbf80789f3f947dd000280080003"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050840)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc60100000000a000200053582c137153e3704020180fc5409000c00", 0x33fe0}], 0x1}, 0x0)

0s ago: executing program 5 (id=4944):
userfaultfd(0x80001)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$alg(0x26, 0x5, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
syz_usb_connect(0x5, 0x24, 0x0, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'hash\x00', 0x0, 0x0, 'wp256\x00'}, 0x58)
r2 = accept4(r1, 0x0, 0x0, 0x800)
recvmmsg$unix(r2, &(0x7f0000003700)=[{{0x0, 0x700, 0x0, 0x0, 0x0, 0x500}}], 0x600, 0x0, 0x0)

kernel console output (not intermixed with test programs):

31] batman_adv: batadv0: Adding interface: batadv_slave_0
[  723.898750][T17831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  724.003408][T17831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  724.077223][T17831] batman_adv: batadv0: Adding interface: batadv_slave_1
[  724.110198][T17831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  724.200299][T17831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  724.593742][T17831] hsr_slave_0: entered promiscuous mode
[  724.615758][T17831] hsr_slave_1: entered promiscuous mode
[  724.641517][T17831] debugfs: 'hsr0' already exists in 'hsr'
[  724.668398][T17831] Cannot create hsr debugfs directory
[  725.400092][T17901] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3657'.
[  725.763802][ T5847] Bluetooth: hci5: command tx timeout
[  725.849639][T17911] netlink: 48 bytes leftover after parsing attributes in process `syz.8.3659'.
[  725.937045][T17918] netlink: 48 bytes leftover after parsing attributes in process `syz.8.3659'.
[  726.450582][T17911] bond1: peer notification delay (2365) is not a multiple of miimon (80), value rounded to 2320 ms
[  726.518587][T17918] bond1: peer notification delay (2365) is not a multiple of miimon (80), value rounded to 2320 ms
[  727.142789][ T3592] IPVS: starting estimator thread 0...
[  727.198659][T17936] loop8: detected capacity change from 0 to 8192
[  727.234601][T17948] IPVS: sh: FWM 3 0x00000003 - no destination available
[  727.363049][T17944] IPVS: using max 28 ests per chain, 67200 per kthread
[  727.619590][T17952] netlink: 'syz.6.3669': attribute type 1 has an invalid length.
[  727.844982][ T5847] Bluetooth: hci5: command tx timeout
[  727.888706][T17952] 8021q: adding VLAN 0 to HW filter on device bond4
[  728.012388][T17955] bond4: (slave geneve2): making interface the new active one
[  728.034472][T17955] bond4: (slave geneve2): Enslaving as an active interface with an up link
[  728.067842][T17958] bond4: entered promiscuous mode
[  728.087901][T17958] geneve2: entered promiscuous mode
[  728.133326][T17970] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3673'.
[  728.165234][T17974] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3673'.
[  728.593882][T17990] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3677'.
[  728.938947][T17987] netdevsim netdevsim5 netdevsim0: entered allmulticast mode
[  728.957426][T17987] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  729.050572][T17991] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  729.689169][T17831] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  729.757371][T17831] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  729.790431][T17831] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  729.807086][T17831] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  729.923590][ T5847] Bluetooth: hci5: command tx timeout
[  730.139532][T17831] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  730.222277][T17831] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  730.267460][T17831] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  730.346351][T17831] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  730.449585][T18030] ip6tnl1: entered promiscuous mode
[  730.485411][T18030] ip6tnl1: entered allmulticast mode
[  730.688142][T18042] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3688'.
[  730.877625][T18046] fuse: Bad value for 'fd'
[  731.674663][T18072] netlink: 27 bytes leftover after parsing attributes in process `syz.1.3697'.
[  731.800538][T17831] 8021q: adding VLAN 0 to HW filter on device bond0
[  732.218790][T17831] 8021q: adding VLAN 0 to HW filter on device team0
[  732.337926][ T6420] bridge0: port 1(bridge_slave_0) entered blocking state
[  732.345197][ T6420] bridge0: port 1(bridge_slave_0) entered forwarding state
[  732.365746][ T6420] bridge0: port 2(bridge_slave_1) entered blocking state
[  732.373040][ T6420] bridge0: port 2(bridge_slave_1) entered forwarding state
[  733.414415][T18108] netlink: 24 bytes leftover after parsing attributes in process `syz.9.3707'.
[  734.297557][T17831] 8021q: adding VLAN 0 to HW filter on device batadv0
[  734.589933][T17831] veth0_vlan: entered promiscuous mode
[  734.660217][T17831] veth1_vlan: entered promiscuous mode
[  734.971396][T18130] bridge0: port 2(bridge_slave_1) entered disabled state
[  734.979132][T18130] bridge0: port 1(bridge_slave_0) entered disabled state
[  735.067381][T18130] batman_adv: batadv0: Interface deactivated: dummy0
[  735.410589][T18159] netlink: 24 bytes leftover after parsing attributes in process `syz.8.3717'.
[  735.572426][T18130] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  735.623404][T18130] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  735.978427][T18130] netdevsim netdevsim5 netdevsim0: left allmulticast mode
[  735.990971][T18176] overlayfs: failed to clone upperpath
[  736.016304][T18176] overlayfs: failed to clone lowerpath
[  736.148282][T18130] bond2: left promiscuous mode
[  736.189045][T18130] bond3: left promiscuous mode
[  736.231567][T18130] veth3: left promiscuous mode
[  736.517075][T18130] batman_adv: batadv0: Interface deactivated: ip6gretap1
[  737.476118][T18130] hsr1: left promiscuous mode
[  737.510648][T18130] ip6gre1: left promiscuous mode
[  737.547701][T18130] ip6gre1: left allmulticast mode
[  737.589030][T18130] bond5: left allmulticast mode
[  737.763753][T18164] netlink: 24 bytes leftover after parsing attributes in process `syz.8.3717'.
[  737.811209][ T6420] netdevsim netdevsim5 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  737.840217][ T6420] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  737.870264][ T6420] netdevsim netdevsim5 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  737.891494][ T6420] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  738.087660][T18191] bridge0: port 1(bridge_slave_0) entered disabled state
[  738.231340][T18191] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  738.249324][T18191] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  738.283100][T18167] usb 9-1: new high-speed USB device number 13 using dummy_hcd
[  738.447650][ T6420] netdevsim netdevsim5 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  738.458464][T18167] usb 9-1: Using ep0 maxpacket: 32
[  738.471726][ T6420] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  738.472665][T18167] usb 9-1: config 0 has an invalid interface number: 89 but max is 0
[  738.514520][ T6420] netdevsim netdevsim5 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  738.550055][T18167] usb 9-1: config 0 has no interface number 0
[  738.550065][ T6420] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  738.586681][T18167] usb 9-1: config 0 interface 89 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[  738.615762][T18167] usb 9-1: config 0 interface 89 has no altsetting 0
[  738.642044][T18167] usb 9-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=38.4a
[  738.673587][T18167] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  738.687725][ T3515] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  738.697472][T18167] usb 9-1: Product: syz
[  738.706081][T18167] usb 9-1: Manufacturer: syz
[  738.753411][T18167] usb 9-1: SerialNumber: syz
[  738.783183][T18167] usb 9-1: config 0 descriptor??
[  738.820114][T18167] em28xx 9-1:0.89: New device syz syz @ 480 Mbps (0ccd:10af, interface 89, class 89)
[  738.861209][T18167] em28xx 9-1:0.89: Video interface 89 found:
[  738.891269][ T3515] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  738.925246][ T3515] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  739.067043][ T3515] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  739.444082][T18167] em28xx 9-1:0.89: unknown em28xx chip ID (0)
[  739.458926][T17831] veth0_macvtap: entered promiscuous mode
[  739.527618][T17831] veth1_macvtap: entered promiscuous mode
[  739.670903][T17831] batman_adv: batadv0: Interface activated: batadv_slave_0
[  739.744017][T17831] batman_adv: batadv0: Interface activated: batadv_slave_1
[  739.820307][ T6430] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  739.868230][ T6430] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  739.899166][ T6430] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  739.961198][ T6430] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  740.120966][T18167] em28xx 9-1:0.89: failed to get i2c transfer status from bridge register (error=-5)
[  740.190212][T18167] em28xx 9-1:0.89: board has no eeprom
[  740.293910][T18167] em28xx 9-1:0.89: Identified as Terratec Grabby (card=67)
[  740.328316][T18167] em28xx 9-1:0.89: analog set to bulk mode.
[  740.339371][T17306] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  740.360778][ T5931] em28xx 9-1:0.89: Registering V4L2 extension
[  740.375332][T17306] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  741.263219][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  741.417241][T18167] usb 9-1: USB disconnect, device number 13
[  741.465225][T18167] em28xx 9-1:0.89: Disconnecting em28xx
[  741.584188][ T3515] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  741.649854][ T3515] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  741.672964][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  741.742430][ T5931] em28xx 9-1:0.89: Config register raw data: 0xffffffed
[  741.790396][ T5931] em28xx 9-1:0.89: AC97 chip type couldn't be determined
[  741.822379][ T5931] em28xx 9-1:0.89: No AC97 audio processor
[  741.864199][ T5931] usb 9-1: Decoder not found
[  741.896262][ T5931] em28xx 9-1:0.89: failed to create media graph
[  741.927157][ T5931] em28xx 9-1:0.89: V4L2 device video103 deregistered
[  742.066220][ T5931] em28xx 9-1:0.89: Registering snapshot button...
[  742.419688][ T5931] input: em28xx snapshot button as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.89/input/input28
[  742.505406][T18271] netlink: 'syz.6.3741': attribute type 1 has an invalid length.
[  742.659765][ T5931] em28xx 9-1:0.89: Remote control support is not available for this card.
[  742.685967][T18167] em28xx 9-1:0.89: Closing input extension
[  742.707396][T18167] em28xx 9-1:0.89: Deregistering snapshot button
[  742.945780][T18278] netlink: 2036 bytes leftover after parsing attributes in process `syz.0.3742'.
[  743.024666][T18278] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3742'.
[  743.040201][T18274] bond5: (slave geneve3): making interface the new active one
[  743.098022][T18274] bond5: (slave geneve3): Enslaving as an active interface with an up link
[  743.122235][T18167] em28xx 9-1:0.89: Freeing device
[  743.165408][   T75] netdevsim netdevsim6 netdevsim0: set [1, 1] type 2 family 0 port 20004 - 0
[  743.192526][   T75] netdevsim netdevsim6 netdevsim1: set [1, 1] type 2 family 0 port 20004 - 0
[  743.247192][   T75] netdevsim netdevsim6 netdevsim2: set [1, 1] type 2 family 0 port 20004 - 0
[  743.308813][   T75] netdevsim netdevsim6 netdevsim3: set [1, 1] type 2 family 0 port 20004 - 0
[  743.883110][T18288] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3745'.
[  743.909984][T18291] IPv6: NLM_F_CREATE should be specified when creating new route
[  745.023560][   T30] audit: type=1800 audit(1776805994.038:647): pid=18318 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3750" name="nullb0" dev="tmpfs" ino=349 res=0 errno=0
[  745.506456][T18327] netlink: 1363 bytes leftover after parsing attributes in process `syz.5.3754'.
[  745.959829][T18338] overlay: filesystem on ./bus not supported
[  749.045041][T18410] loop9: detected capacity change from 0 to 16
[  749.118398][T18410] erofs: Unknown parameter 'ÿÿ00000000000000000000000ÿw	GÐØÊæDhËïÓù`Kh˜ýUtÌül(
¬ˆI'
[  749.848964][ T1306] ieee802154 phy0 wpan0: encryption failed: -22
[  749.855986][ T1306] ieee802154 phy1 wpan1: encryption failed: -22
[  751.782468][T18472] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3798'.
[  752.316250][T18482] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3802'.
[  752.877475][T18493] 9pnet: p9_errstr2errno: server reported unknown error 0x000000
[  753.154174][T18167] usb 9-1: new high-speed USB device number 14 using dummy_hcd
[  753.236912][T18504] netlink: 168 bytes leftover after parsing attributes in process `syz.9.3795'.
[  753.472958][T18167] usb 9-1: Using ep0 maxpacket: 32
[  753.512452][T18167] usb 9-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  753.523249][T18167] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  753.559284][T18167] usb 9-1: Product: syz
[  753.570308][T18167] usb 9-1: Manufacturer: syz
[  753.593084][T18167] usb 9-1: SerialNumber: syz
[  753.623860][T18167] usb 9-1: config 0 descriptor??
[  753.664780][T18167] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  755.112883][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[  755.202879][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  755.462878][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  755.691158][T18167] gspca_ov534_9: reg_w failed -110
[  755.713614][T18512] bond2: left promiscuous mode
[  755.730105][T18512] bridge1: left promiscuous mode
[  755.831168][T18512] bond4: left promiscuous mode
[  755.845107][T18512] geneve2: left promiscuous mode
[  756.003002][T18167] gspca_ov534_9: Unknown sensor 0000
[  756.003114][T18167] ov534_9 9-1:0.0: probe with driver ov534_9 failed with error -22
[  756.210408][T18523] bridge_slave_0 (unregistering): left allmulticast mode
[  756.235884][T18523] bridge_slave_0 (unregistering): left promiscuous mode
[  756.263156][T18523] bridge0: port 1(bridge_slave_0) entered disabled state
[  756.797473][ T5932] usb 9-1: USB disconnect, device number 14
[  757.006606][ T3515] netdevsim netdevsim6 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  757.037870][ T3515] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  757.068536][ T3515] netdevsim netdevsim6 netdevsim0: unset [1, 1] type 2 family 0 port 20004 - 0
[  757.099077][ T3515] netdevsim netdevsim6 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  757.118414][ T3515] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  757.138142][ T3515] netdevsim netdevsim6 netdevsim1: unset [1, 1] type 2 family 0 port 20004 - 0
[  757.218253][ T3515] netdevsim netdevsim6 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  757.259068][ T3515] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  757.293006][ T3515] netdevsim netdevsim6 netdevsim2: unset [1, 1] type 2 family 0 port 20004 - 0
[  757.312369][ T3515] netdevsim netdevsim6 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  757.326540][ T3515] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  757.346220][ T3515] netdevsim netdevsim6 netdevsim3: unset [1, 1] type 2 family 0 port 20004 - 0
[  757.523251][ T5842] usb 9-1: new high-speed USB device number 15 using dummy_hcd
[  757.642150][T18546] loop9: detected capacity change from 0 to 40427
[  757.669146][T18546] F2FS-fs (loop9): invalid crc value
[  757.705083][ T5842] usb 9-1: Using ep0 maxpacket: 32
[  757.723065][ T5842] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  757.753047][ T5842] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  757.793100][ T5842] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  757.820038][ T5842] usb 9-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[  757.842347][ T5842] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  757.884399][ T5842] usb 9-1: config 0 descriptor??
[  757.967173][T18546] F2FS-fs (loop9): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  757.993684][T18546] F2FS-fs (loop9): Start checkpoint disabled!
[  758.028645][T18546] F2FS-fs (loop9): f2fs_disable_checkpoint() finish, err:0
[  758.048082][T18546] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e6
[  758.155031][   T30] audit: type=1800 audit(1776806007.178:648): pid=18546 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.3811" name="file1" dev="loop9" ino=10 res=0 errno=0
[  758.207766][T18546] syz.9.3811: attempt to access beyond end of device
[  758.207766][T18546] loop9: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  758.297755][T18568] syz.9.3811: attempt to access beyond end of device
[  758.297755][T18568] loop9: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  758.366799][ T5842] input: HID 0458:5011 as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/0003:0458:5011.002B/input/input29
[  758.379722][T18568] syz.9.3811: attempt to access beyond end of device
[  758.379722][T18568] loop9: rw=2049, sector=45112, nr_sectors = 8 limit=40427
[  758.381109][T18568] syz.9.3811: attempt to access beyond end of device
[  758.381109][T18568] loop9: rw=2049, sector=45120, nr_sectors = 8 limit=40427
[  758.469530][ T5842] input: HID 0458:5011 as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/0003:0458:5011.002B/input/input30
[  758.614828][ T5842] kye 0003:0458:5011.002B: input,hiddev0,hidraw0: USB HID v0.00 Mouse [HID 0458:5011] on usb-dummy_hcd.8-1/input0
[  759.039901][T18578] fuse: Bad value for 'fd'
[  759.046378][ T6431] kworker/u8:21: attempt to access beyond end of device
[  759.046378][ T6431] loop9: rw=1, sector=45128, nr_sectors = 32 limit=40427
[  759.152818][ T6431] kworker/u8:21: attempt to access beyond end of device
[  759.152818][ T6431] loop9: rw=2049, sector=45160, nr_sectors = 8 limit=40427
[  759.205628][ T6431] CPU: 0 UID: 0 PID: 6431 Comm: kworker/u8:21 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  759.205692][ T6431] Tainted: [L]=SOFTLOCKUP
[  759.205707][ T6431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  759.205734][ T6431] Workqueue: writeback wb_workfn (flush-7:9)
[  759.205810][ T6431] Call Trace:
[  759.205823][ T6431]  <TASK>
[  759.205838][ T6431]  dump_stack_lvl+0x100/0x190
[  759.205885][ T6431]  f2fs_handle_critical_error+0x5d7/0x970
[  759.205958][ T6431]  ? srso_alias_return_thunk+0x5/0xfbef5
[  759.206009][ T6431]  ? f2fs_build_fault_attr+0x53/0x280
[  759.206073][ T6431]  f2fs_write_end_io+0xf5c/0x1340
[  759.206143][ T6431]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  759.206218][ T6431]  ? srso_alias_return_thunk+0x5/0xfbef5
[  759.206279][ T6431]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  759.206341][ T6431]  bio_endio+0x78f/0x8f0
[  759.206392][ T6431]  submit_bio_noacct+0x64c/0x2000
[  759.206466][ T6431]  f2fs_submit_write_bio+0x135/0x340
[  759.206529][ T6431]  __submit_merged_bio+0x331/0x780
[  759.206601][ T6431]  __submit_merged_write_cond+0x3fe/0x510
[  759.206676][ T6431]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  759.206760][ T6431]  ? __pfx___might_resched+0x10/0x10
[  759.206817][ T6431]  ? srso_alias_return_thunk+0x5/0xfbef5
[  759.206878][ T6431]  f2fs_write_cache_pages+0x20e9/0x2630
[  759.206959][ T6431]  ? __pfx_f2fs_write_cache_pages+0x10/0x10
[  759.207016][ T6431]  ? srso_alias_return_thunk+0x5/0xfbef5
[  759.207065][ T6431]  ? srso_alias_return_thunk+0x5/0xfbef5
[  759.207110][ T6431]  ? find_held_lock+0x2b/0x80
[  759.207169][ T6431]  ? nr_blockdev_pages+0xde/0x120
[  759.207227][ T6431]  ? nr_blockdev_pages+0xde/0x120
[  759.207282][ T6431]  ? srso_alias_return_thunk+0x5/0xfbef5
[  759.207353][ T6431]  ? si_meminfo+0x118/0x230
[  759.207391][ T6431]  ? srso_alias_return_thunk+0x5/0xfbef5
[  759.207440][ T6431]  ? srso_alias_return_thunk+0x5/0xfbef5
[  759.207565][ T6431]  ? srso_alias_return_thunk+0x5/0xfbef5
[  759.207612][ T6431]  ? rcu_is_watching+0x12/0xc0
[  759.207676][ T6431]  f2fs_write_data_pages+0x799/0x16d0
[  759.207718][ T6431]  ? srso_alias_return_thunk+0x5/0xfbef5
[  759.207766][ T6431]  ? trace_f2fs_writepages.constprop.0+0x75/0x230
[  759.207830][ T6431]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  759.207886][ T6431]  ? srso_alias_return_thunk+0x5/0xfbef5
[  759.207947][ T6431]  ? srso_alias_return_thunk+0x5/0xfbef5
[  759.207996][ T6431]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  759.208046][ T6431]  do_writepages+0x278/0x600
[  759.208115][ T6431]  ? __pfx_do_writepages+0x10/0x10
[  759.208178][ T6431]  ? srso_alias_return_thunk+0x5/0xfbef5
[  759.208234][ T6431]  __writeback_single_inode+0x164/0x1350
[  759.208293][ T6431]  ? find_held_lock+0x2b/0x80
[  759.208354][ T6431]  ? srso_alias_return_thunk+0x5/0xfbef5
[  759.208405][ T6431]  ? __pfx___writeback_single_inode+0x10/0x10
[  759.208463][ T6431]  ? srso_alias_return_thunk+0x5/0xfbef5
[  759.208511][ T6431]  ? do_raw_spin_unlock+0x145/0x1e0
[  759.208570][ T6431]  ? srso_alias_return_thunk+0x5/0xfbef5
[  759.208624][ T6431]  writeback_sb_inodes+0x766/0x1c60
[  759.208701][ T6431]  ? trace_hrtimer_start+0x79/0x230
[  759.208753][ T6431]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  759.208813][ T6431]  ? srso_alias_return_thunk+0x5/0xfbef5
[  759.208859][ T6431]  ? hrtimer_start_range_ns+0x860/0x1a50
[  759.208987][ T6431]  ? srso_alias_return_thunk+0x5/0xfbef5
[  759.209032][ T6431]  ? rcu_is_watching+0x12/0xc0
[  759.209085][ T6431]  ? srso_alias_return_thunk+0x5/0xfbef5
[  759.209129][ T6431]  ? queue_io+0x287/0x540
[  759.209182][ T6431]  wb_writeback+0x1bf/0xb90
[  759.209254][ T6431]  ? __pfx_wb_writeback+0x10/0x10
[  759.209328][ T6431]  ? srso_alias_return_thunk+0x5/0xfbef5
[  759.209374][ T6431]  ? mark_held_locks+0x40/0x70
[  759.209418][ T6431]  ? _raw_spin_unlock_irq+0x23/0x50
[  759.209476][ T6431]  wb_workfn+0x14f/0xc00
[  759.209540][ T6431]  ? srso_alias_return_thunk+0x5/0xfbef5
[  759.209587][ T6431]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  759.209643][ T6431]  ? __pfx_wb_workfn+0x10/0x10
[  759.209705][ T6431]  ? srso_alias_return_thunk+0x5/0xfbef5
[  759.209759][ T6431]  ? srso_alias_return_thunk+0x5/0xfbef5
[  759.209810][ T6431]  ? srso_alias_return_thunk+0x5/0xfbef5
[  759.209856][ T6431]  ? rcu_is_watching+0x12/0xc0
[  759.209918][ T6431]  ? srso_alias_return_thunk+0x5/0xfbef5
[  759.209976][ T6431]  process_one_work+0xa0e/0x1980
[  759.210051][ T6431]  ? __pfx_process_one_work+0x10/0x10
[  759.210096][ T6431]  ? srso_alias_return_thunk+0x5/0xfbef5
[  759.210161][ T6431]  ? srso_alias_return_thunk+0x5/0xfbef5
[  759.210217][ T6431]  worker_thread+0x5ef/0xe50
[  759.210287][ T6431]  ? kthread+0x13a/0x450
[  759.210326][ T6431]  ? __pfx_worker_thread+0x10/0x10
[  759.210375][ T6431]  kthread+0x370/0x450
[  759.210415][ T6431]  ? __pfx_kthread+0x10/0x10
[  759.210460][ T6431]  ret_from_fork+0x72b/0xd50
[  759.210511][ T6431]  ? __pfx_ret_from_fork+0x10/0x10
[  759.210559][ T6431]  ? srso_alias_return_thunk+0x5/0xfbef5
[  759.210607][ T6431]  ? __switch_to+0x800/0x1100
[  759.210662][ T6431]  ? __switch_to_asm+0x39/0x70
[  759.210715][ T6431]  ? __pfx_kthread+0x10/0x10
[  759.210761][ T6431]  ret_from_fork_asm+0x1a/0x30
[  759.210842][ T6431]  </TASK>
[  759.705236][ T6431] F2FS-fs (loop9): Stopped filesystem due to reason: 3
[  759.712147][    C1] kye 0003:0458:5011.002B: usb_submit_urb(ctrl) failed: -1
[  760.622996][ T5932] usb 9-1: USB disconnect, device number 15
[  763.104751][T18638] syzkaller1: entered promiscuous mode
[  763.121034][T18638] syzkaller1: entered allmulticast mode
[  764.006567][T18659] netlink: 60 bytes leftover after parsing attributes in process `syz.1.3837'.
[  764.048847][T18659] unsupported nlmsg_type 40
[  764.690318][T18677] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3841'.
[  764.825328][   T30] audit: type=1326 audit(1776806013.848:649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18675 comm="syz.6.3841" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6b4119c819 code=0x0
[  765.405732][T18701] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3846'.
[  765.514910][ T5932] usb 9-1: new high-speed USB device number 16 using dummy_hcd
[  765.731216][ T5932] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  765.789238][ T5932] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  765.849715][ T5932] usb 9-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.80
[  765.900900][ T5932] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  765.976314][ T5932] usb 9-1: config 0 descriptor??
[  766.103673][T18710] loop9: detected capacity change from 0 to 4096
[  766.228145][T18719] NILFS (loop9): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  766.393219][T18707] overlayfs: upper fs does not support tmpfile.
[  766.486755][ T5932] cp2112 0003:10C4:EA90.002C: unknown main item tag 0x0
[  766.518753][ T5932] cp2112 0003:10C4:EA90.002C: unknown main item tag 0x0
[  766.544273][ T5932] cp2112 0003:10C4:EA90.002C: unknown main item tag 0x0
[  766.577880][ T5932] cp2112 0003:10C4:EA90.002C: unknown main item tag 0x0
[  766.598853][ T5932] cp2112 0003:10C4:EA90.002C: unknown main item tag 0x0
[  766.671551][ T5932] cp2112 0003:10C4:EA90.002C: unknown main item tag 0x0
[  766.693623][ T5932] cp2112 0003:10C4:EA90.002C: unknown main item tag 0x0
[  766.745948][ T5932] cp2112 0003:10C4:EA90.002C: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.8-1/input0
[  766.874723][ T5932] cp2112 0003:10C4:EA90.002C: Part Number: 0x00 Device Version: 0x00
[  767.202417][T18729] netlink: 64 bytes leftover after parsing attributes in process `syz.6.3855'.
[  767.448178][ T5932] cp2112 0003:10C4:EA90.002C: error reading lock byte: -71
[  767.514900][ T5932] usb 9-1: USB disconnect, device number 16
[  768.821444][T18753] loop6: detected capacity change from 0 to 8192
[  768.868848][T18763] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3863'.
[  769.721746][T18783] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3868'.
[  770.359376][T18800] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3873'.
[  770.494160][ T5940] usb 7-1: new high-speed USB device number 23 using dummy_hcd
[  770.670450][ T5940] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  770.718333][ T5940] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  770.761640][ T5940] usb 7-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.80
[  770.798372][ T5940] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  770.840242][ T5940] usb 7-1: config 0 descriptor??
[  770.897610][T18814] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3878'.
[  771.075983][T18816] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci5/hci5:200/input31
[  771.342703][ T5940] cp2112 0003:10C4:EA90.002D: unknown main item tag 0x0
[  771.373099][ T5940] cp2112 0003:10C4:EA90.002D: unknown main item tag 0x0
[  771.397551][ T5842] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  771.403765][ T5940] cp2112 0003:10C4:EA90.002D: unknown main item tag 0x0
[  771.459389][ T5940] cp2112 0003:10C4:EA90.002D: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.6-1/input0
[  771.553925][ T5940] cp2112 0003:10C4:EA90.002D: Part Number: 0x00 Device Version: 0x00
[  771.573763][ T5842] usb 1-1: Using ep0 maxpacket: 16
[  771.589090][ T5842] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  771.657647][ T5842] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  771.682686][ T5842] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  771.760149][ T5842] usb 1-1: New USB device found, idVendor=05a4, idProduct=2000, bcdDevice= 0.00
[  771.821655][ T5842] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  771.903318][ T5842] usb 1-1: config 0 descriptor??
[  772.165723][ T5940] cp2112 0003:10C4:EA90.002D: error reading lock byte: -71
[  772.232089][ T5940] usb 7-1: USB disconnect, device number 23
[  772.474014][ T5842] usbhid 1-1:0.0: can't add hid device: -71
[  772.520841][ T5842] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  772.624685][ T5842] usb 1-1: USB disconnect, device number 34
[  773.199174][T18847] netlink: 'syz.6.3889': attribute type 1 has an invalid length.
[  773.465928][T18847] bond6: entered promiscuous mode
[  773.499051][T18847] 8021q: adding VLAN 0 to HW filter on device bond6
[  773.740034][T18851] bond6: (slave bridge2): making interface the new active one
[  773.774884][T18851] bridge2: entered promiscuous mode
[  773.817118][T18851] bond6: (slave bridge2): Enslaving as an active interface with an up link
[  775.185107][T18874] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3895'.
[  775.206784][T18874] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3895'.
[  775.389218][T18873] netlink: 'syz.9.3894': attribute type 5 has an invalid length.
[  776.517400][T18903] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3905'.
[  777.527339][ T5850] Bluetooth: hci4: command 0x0406 tx timeout
[  778.983360][T18947] fuse: fd is not a fuse device
[  780.202952][T18977] loop9: detected capacity change from 0 to 128
[  780.331329][T18977] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  780.452788][T18977] ext4 filesystem being mounted at /225/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  780.910628][T18968] loop8: detected capacity change from 0 to 131072
[  781.052003][T18968] F2FS-fs (loop8): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  781.077070][T18968] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  781.224556][   T30] audit: type=1804 audit(1776806030.238:650): pid=18968 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.8.3924" name="/newroot/316/file1/bus" dev="loop8" ino=10 res=1 errno=0
[  782.275836][T13632] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  782.498962][   T30] audit: type=1804 audit(1776806031.518:651): pid=19013 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.3934" name="/newroot/339/file1" dev="tmpfs" ino=1843 res=1 errno=0
[  782.673600][T19014] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3933'.
[  782.827821][   T30] audit: type=1326 audit(1776806031.848:652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19023 comm="syz.9.3944" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fafe7d9c819 code=0x0
[  783.648779][T19050] xt_hashlimit: size too large, truncated to 1048576
[  787.952137][T19103] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3953'.
[  788.001716][T19103] lo: Master is either lo or non-ether device
[  788.347113][T19108] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3955'.
[  788.439873][T19083] kexec: Could not allocate control_code_buffer
[  788.567708][T19116] netlink: 64 bytes leftover after parsing attributes in process `syz.1.3957'.
[  789.633774][T19125] overlayfs: failed to resolve './file0': -2
[  790.085734][T19147] netlink: 'syz.5.3965': attribute type 5 has an invalid length.
[  790.119986][T19140] sd 0:0:1:0: PR command failed: 1026
[  790.134941][T19140] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  790.142065][T19147] netlink: 1132 bytes leftover after parsing attributes in process `syz.5.3965'.
[  790.154750][T19140] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  790.174902][T19147] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3965'.
[  790.291426][T19153] netlink: 'syz.1.3967': attribute type 1 has an invalid length.
[  790.541284][T19153] 8021q: adding VLAN 0 to HW filter on device bond1
[  790.601947][T19157] team0: Port device team_slave_1 removed
[  790.643354][T19165] netlink: 'syz.0.3970': attribute type 1 has an invalid length.
[  790.656759][T19157] bond1: (slave team_slave_1): Enslaving as an active interface with a down link
[  790.739570][T19160] bond1 (unregistering): (slave team_slave_1): Releasing active interface
[  790.858342][T19160] bond1 (unregistering): Released all slaves
[  791.114332][T19165] bond1: entered promiscuous mode
[  791.120079][T19165] 8021q: adding VLAN 0 to HW filter on device bond1
[  791.432425][T19172] bond1: (slave bridge1): making interface the new active one
[  791.692788][T19172] bridge1: entered promiscuous mode
[  792.467039][T19172] bond1: (slave bridge1): Enslaving as an active interface with an up link
[  792.790027][T19199] netlink: 'syz.5.3980': attribute type 30 has an invalid length.
[  792.836204][T19199] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3980'.
[  792.882253][T19203] netlink: 'syz.5.3980': attribute type 30 has an invalid length.
[  792.958627][T19203] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3980'.
[  793.387149][T19214] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3982'.
[  795.061089][T19243] overlayfs: failed to resolve './cgroup': -2
[  795.973684][T19248] syzkaller0: entered promiscuous mode
[  795.996344][T19248] syzkaller0: entered allmulticast mode
[  797.208781][T19285] overlayfs: failed to clone upperpath
[  798.070874][T19297] loop6: detected capacity change from 0 to 32768
[  798.078959][T19297] btrfs: Deprecated parameter 'usebackuproot'
[  798.085142][T19297] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  798.130703][T19297] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.4008 (19297)
[  798.290660][T19297] BTRFS info (device loop6): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  798.302946][T19297] BTRFS info (device loop6): using crc32c checksum algorithm
[  798.339879][ T6420] BTRFS warning (device loop6): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0
[  798.431131][T19297] BTRFS error (device loop6): failed to load root extent
[  798.438520][T19297] BTRFS warning (device loop6): try to load backup roots slot 1
[  798.451725][ T6420] BTRFS warning (device loop6): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0
[  798.506059][T19289] loop8: detected capacity change from 0 to 131072
[  798.560353][T19289] F2FS-fs (loop8): Wrong CP boundary, start(512) end(1536) blocks(0)
[  798.561885][T19297] BTRFS warning (device loop6): couldn't read tree root
[  798.568737][T19289] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[  798.575906][T19297] BTRFS warning (device loop6): try to load backup roots slot 2
[  798.613193][T18256] BTRFS error (device loop6): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  798.631358][T19289] F2FS-fs (loop8): invalid crc value
[  798.678953][T19297] BTRFS warning (device loop6): couldn't read tree root
[  798.686060][T19297] BTRFS warning (device loop6): try to load backup roots slot 3
[  798.793829][T19289] F2FS-fs (loop8): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  798.816052][T19289] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[  798.823240][T19289] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e4
[  798.831648][T19297] BTRFS info (device loop6): rebuilding free space tree
[  798.994319][T19297] BTRFS info (device loop6): checking UUID tree
[  799.006522][T19297] BTRFS info (device loop6): enabling ssd optimizations
[  799.013738][T19297] BTRFS info (device loop6): turning on async discard
[  799.021249][T19297] BTRFS info (device loop6): enabling free space tree
[  799.028126][T19297] BTRFS info (device loop6): force clearing of disk cache
[  799.035505][T19297] BTRFS info (device loop6): enabling auto defrag
[  799.042142][T19297] BTRFS info (device loop6): trying to use backup root at mount time
[  799.050352][T19297] BTRFS info (device loop6): use zstd compression, level 3
[  799.624248][T19331] fuse: fd is not a fuse device
[  799.903842][T10943] BTRFS info (device loop6): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  800.386119][T19337] loop6: detected capacity change from 0 to 64
[  800.431977][T19339] fuse: fd is not a fuse device
[  801.067136][T19342] overlayfs: failed to clone upperpath
[  802.017418][T19370] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  802.078158][T19370] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  806.182731][T19403] fuse: fd is not a fuse device
[  806.580741][T19408] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4042'.
[  806.619136][T19408] netlink: 'syz.9.4042': attribute type 12 has an invalid length.
[  807.349517][ T5842] usb 7-1: new high-speed USB device number 24 using dummy_hcd
[  807.503327][ T5842] usb 7-1: Using ep0 maxpacket: 8
[  807.516312][ T5842] usb 7-1: too many endpoints for config 0 interface 0 altsetting 255: 137, using maximum allowed: 30
[  807.530558][ T5842] usb 7-1: config 0 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 137
[  807.558082][ T5842] usb 7-1: config 0 interface 0 has no altsetting 0
[  807.571946][ T5842] usb 7-1: New USB device found, idVendor=0079, idProduct=0011, bcdDevice= 0.00
[  807.591505][ T5842] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  807.630512][ T5842] usb 7-1: config 0 descriptor??
[  808.098172][ T5842] hid_parser_main: 4 callbacks suppressed
[  808.098207][ T5842] dragonrise 0003:0079:0011.002E: unknown main item tag 0x0
[  808.137860][ T5842] dragonrise 0003:0079:0011.002E: unknown main item tag 0x0
[  808.145837][ T5842] dragonrise 0003:0079:0011.002E: unknown main item tag 0x0
[  808.153985][ T5842] dragonrise 0003:0079:0011.002E: unknown main item tag 0x0
[  808.181833][ T5842] dragonrise 0003:0079:0011.002E: unknown main item tag 0x0
[  808.190281][ T5842] dragonrise 0003:0079:0011.002E: unknown main item tag 0x0
[  808.198529][ T5842] dragonrise 0003:0079:0011.002E: reserved main item tag 0xe
[  808.227178][ T5842] dragonrise 0003:0079:0011.002E: unknown main item tag 0x0
[  808.236391][ T5842] dragonrise 0003:0079:0011.002E: unknown main item tag 0x0
[  808.244591][ T5842] dragonrise 0003:0079:0011.002E: unknown main item tag 0x0
[  808.251981][ T5842] dragonrise 0003:0079:0011.002E: unknown main item tag 0x0
[  808.284003][ T5842] dragonrise 0003:0079:0011.002E: hidraw0: USB HID v0.20 Device [HID 0079:0011] on usb-dummy_hcd.6-1/input0
[  808.326041][ T5842] usb 7-1: USB disconnect, device number 24
[  808.471742][T19428] fido_id[19428]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory
[  809.157925][T19435] netlink: 24 bytes leftover after parsing attributes in process `syz.6.4052'.
[  810.388524][ T5850] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  810.430581][ T5850] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  810.439547][ T5850] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  810.452349][ T5850] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  810.475696][ T5850] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  810.496946][T19373] ip6tnl1: entered promiscuous mode
[  810.525170][T19373] ip6tnl1: entered allmulticast mode
[  810.584661][T19408] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4042'.
[  810.630448][T19408] netlink: 'syz.9.4042': attribute type 12 has an invalid length.
[  811.304548][ T1306] ieee802154 phy0 wpan0: encryption failed: -22
[  811.312409][ T1306] ieee802154 phy1 wpan1: encryption failed: -22
[  811.372157][T19446] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  811.503114][    T9] usb 7-1: new full-speed USB device number 25 using dummy_hcd
[  811.735235][    T9] usb 7-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  811.785343][    T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  811.838346][    T9] usb 7-1: Product: syz
[  811.861518][    T9] usb 7-1: Manufacturer: syz
[  811.893019][    T9] usb 7-1: SerialNumber: syz
[  811.974095][    T9] usb 7-1: config 0 descriptor??
[  812.279386][    T9] usb 7-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  812.485996][T19440] chnl_net:caif_netlink_parms(): no params data found
[  812.593393][ T5847] Bluetooth: hci6: command tx timeout
[  812.890537][T19472] batadv_slave_0: entered promiscuous mode
[  812.919521][T19472] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4063'.
[  813.041587][T19472] batadv_slave_0 (unregistering): left promiscuous mode
[  813.077927][T19472] batman_adv: batadv0: Removing interface: batadv_slave_0
[  813.183377][T19440] bridge0: port 1(bridge_slave_0) entered blocking state
[  813.216502][T19440] bridge0: port 1(bridge_slave_0) entered disabled state
[  813.243455][T19440] bridge_slave_0: entered allmulticast mode
[  813.279222][T19440] bridge_slave_0: entered promiscuous mode
[  813.310101][T19440] bridge0: port 2(bridge_slave_1) entered blocking state
[  813.330715][T19440] bridge0: port 2(bridge_slave_1) entered disabled state
[  813.355655][T19440] bridge_slave_1: entered allmulticast mode
[  813.390381][T19440] bridge_slave_1: entered promiscuous mode
[  813.576541][T19440] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  813.601209][T19485] loop8: detected capacity change from 0 to 1024
[  813.632195][T19440] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  813.653557][T19485] EXT4-fs: Ignoring removed bh option
[  813.693617][    T9] dvb_usb_rtl28xxu 7-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  813.777140][    T9] usb 7-1: USB disconnect, device number 25
[  813.791655][T19485] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  813.912080][T19440] team0: Port device team_slave_0 added
[  813.912105][T19490] overlayfs: failed to clone upperpath
[  814.017145][T19440] team0: Port device team_slave_1 added
[  814.151080][T12250] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  814.185563][T19440] batman_adv: batadv0: Adding interface: batadv_slave_0
[  814.218128][T19440] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  814.342192][T19440] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  814.404460][T19440] batman_adv: batadv0: Adding interface: batadv_slave_1
[  814.456087][T19440] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  814.542633][T19475] loop9: detected capacity change from 0 to 32768
[  814.555611][T19440] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  814.573495][T19475] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.4064 (19475)
[  814.643023][ T5847] Bluetooth: hci6: command tx timeout
[  814.795121][T19475] BTRFS info (device loop9): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  814.837789][T19475] BTRFS info (device loop9): using sha256 checksum algorithm
[  814.989300][T19440] hsr_slave_0: entered promiscuous mode
[  815.023527][T19475] BTRFS info (device loop9): enabling ssd optimizations
[  815.040165][T19440] hsr_slave_1: entered promiscuous mode
[  815.040809][T19475] BTRFS info (device loop9): turning on async discard
[  815.066994][T19475] BTRFS info (device loop9): enabling free space tree
[  815.076055][T19440] debugfs: 'hsr0' already exists in 'hsr'
[  815.090869][T19524] netlink: 64 bytes leftover after parsing attributes in process `syz.8.4076'.
[  815.099391][T19440] Cannot create hsr debugfs directory
[  816.519570][T13632] BTRFS info (device loop9): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  816.744691][ T5847] Bluetooth: hci6: command tx timeout
[  818.813387][ T5847] Bluetooth: hci6: command tx timeout
[  819.406327][T19565] fuse: fd is not a fuse device
[  820.308107][T19581] sd 0:0:1:0: PR command failed: 1026
[  820.358933][T19581] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  820.402642][T19581] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  820.412693][T19586] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4097'.
[  820.589228][T19564] bridge0: port 1(syz_tun) entered blocking state
[  820.614167][T19564] bridge0: port 1(syz_tun) entered disabled state
[  820.665620][T19564] syz_tun: entered allmulticast mode
[  820.715530][T19564] syz_tun: entered promiscuous mode
[  820.732085][T19564] bridge0: port 1(syz_tun) entered blocking state
[  820.741628][T19564] bridge0: port 1(syz_tun) entered forwarding state
[  820.765071][T19566] bridge0: port 1(syz_tun) entered learning state
[  821.149994][T19598] fuse: fd is not a fuse device
[  821.667438][ T6430] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  823.591492][T19599] netlink: 'syz.6.4099': attribute type 12 has an invalid length.
[  823.864950][ T6430] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  824.395672][ T6430] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  825.366110][ T6430] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  827.098855][T19702] bridge0: port 1(bridge_slave_0) entered disabled state
[  827.482606][T19702] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  827.540799][T19702] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  827.666078][T19723] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4135'.
[  828.550195][T19718] batadv_slave_0: entered promiscuous mode
[  828.586669][T19718] batadv_slave_0: left promiscuous mode
[  828.637813][T19723] batman_adv: batadv0: Removing interface: batadv_slave_0
[  828.757385][   T75] netdevsim netdevsim9 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  828.807731][   T75] netdevsim netdevsim9 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  828.846090][   T75] netdevsim netdevsim9 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  828.876717][   T75] netdevsim netdevsim9 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  829.280038][   T75] netdevsim netdevsim9 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  829.327124][   T75] netdevsim netdevsim9 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  829.379859][ T6431] netdevsim netdevsim9 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  829.443671][ T6431] netdevsim netdevsim9 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  829.740655][T19440] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  830.016365][T19440] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  830.048125][T19440] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  830.119521][T19440] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  830.312638][T19440] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  830.360215][T19440] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  830.441407][ T6430] bridge_slave_1: left allmulticast mode
[  830.470140][ T6430] bridge_slave_1: left promiscuous mode
[  830.508897][ T6430] bridge0: port 2(bridge_slave_1) entered disabled state
[  830.556011][ T6430] bridge_slave_0: left allmulticast mode
[  830.575193][ T6430] bridge_slave_0: left promiscuous mode
[  830.598817][ T6430] bridge0: port 1(bridge_slave_0) entered disabled state
[  830.599040][T19778] netlink: 'syz.9.4149': attribute type 10 has an invalid length.
[  831.209102][T19790] netlink: 164 bytes leftover after parsing attributes in process `syz.1.4145'.
[  831.450702][ T6430] bond1 (unregistering): (slave bridge1): Releasing backup interface
[  831.471267][ T6430] bridge1 (unregistering): left promiscuous mode
[  831.569100][ T6430] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  831.633025][ T6430] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  831.676876][ T6430] bond0 (unregistering): Released all slaves
[  831.725950][ T6430] bond1 (unregistering): Released all slaves
[  831.804840][T19440] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  831.847729][T19440] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  831.973679][T19778] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  833.086545][ T6430] hsr_slave_0: left promiscuous mode
[  833.125657][ T6430] hsr_slave_1: left promiscuous mode
[  833.140988][ T6430] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  833.171547][ T6430] batman_adv: batadv0: Removing interface: batadv_slave_0
[  833.247582][ T6430] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  833.284119][ T6430] batman_adv: batadv0: Removing interface: batadv_slave_1
[  833.395780][ T6430] veth1_macvtap: left promiscuous mode
[  833.421923][ T6430] veth0_macvtap: left promiscuous mode
[  833.446413][ T6430] veth1_vlan: left promiscuous mode
[  833.466198][ T6430] veth0_vlan: left promiscuous mode
[  833.798954][T19832] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4163'.
[  834.029049][T19838] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4164'.
[  834.489319][T19851] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  834.510568][T19851] netlink: 212348 bytes leftover after parsing attributes in process `syz.6.4167'.
[  834.522076][T19851] netlink: Unknown conntrack attr (type=236, max=9)
[  834.621134][ T6430] team0 (unregistering): Port device team_slave_1 removed
[  834.655582][ T6430] team0 (unregistering): Port device team_slave_0 removed
[  834.921287][T19832] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  835.080872][T19440] 8021q: adding VLAN 0 to HW filter on device bond0
[  835.269415][T19440] 8021q: adding VLAN 0 to HW filter on device team0
[  835.326154][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  835.333394][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  835.403123][T19875] binder: 19871:19875 ioctl c0306201 200000000b00 returned -22
[  835.442683][T17306] bridge0: port 2(bridge_slave_1) entered blocking state
[  835.450056][T17306] bridge0: port 2(bridge_slave_1) entered forwarding state
[  835.901428][T19440] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  836.247938][    C0] bridge0: port 1(syz_tun) entered forwarding state
[  837.911466][T17306] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  838.327715][T19917] macsec0: left allmulticast mode
[  838.444808][T19917] ip6tnl1: left promiscuous mode
[  838.462989][T19917] ip6tnl1: left allmulticast mode
[  838.932530][T17306] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  839.915735][T17306] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  840.144871][T19440] 8021q: adding VLAN 0 to HW filter on device batadv0
[  840.265396][T19940] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4188'.
[  840.364491][T17306] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  840.985982][T19963] fuse: fd is not a fuse device
[  841.479528][T17306] bridge_slave_1: left allmulticast mode
[  841.485307][T19974] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4196'.
[  841.520218][T17306] bridge_slave_1: left promiscuous mode
[  841.536414][T17306] bridge0: port 2(bridge_slave_1) entered disabled state
[  841.575580][T17306] bridge_slave_0: left allmulticast mode
[  841.593698][T17306] bridge_slave_0: left promiscuous mode
[  841.612940][T17306] bridge0: port 1(bridge_slave_0) entered disabled state
[  842.201028][T19985] loop9: detected capacity change from 0 to 8
[  842.453110][T19988] 9pnet: p9_errstr2errno: server reported unknown error 0x00000000
[  842.596238][T19997] SQUASHFS error: Failed to read block 0x636: -5
[  842.683882][T19997] SQUASHFS error: Unable to read metadata cache entry [634]
[  842.705016][T19997] SQUASHFS error: Unable to read metadata cache entry [634]
[  842.712471][T19997] SQUASHFS error: Unable to read directory block [629:0]
[  842.811211][T20004] loop8: detected capacity change from 0 to 256
[  842.846317][T20006] netlink: 'syz.1.4204': attribute type 10 has an invalid length.
[  842.928187][T17306] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  842.931044][T20004] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0xffade8b4, utbl_chksum : 0xe619d30d)
[  842.957498][T17306] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  842.988149][T17306] bond0 (unregistering): Released all slaves
[  843.134479][T20006] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  843.902576][T19440] veth0_vlan: entered promiscuous mode
[  843.985290][T19440] veth1_vlan: entered promiscuous mode
[  844.022125][T17306] hsr_slave_0: left promiscuous mode
[  844.038712][T17306] hsr_slave_1: left promiscuous mode
[  844.053869][T17306] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  844.071615][T17306] batman_adv: batadv0: Removing interface: batadv_slave_0
[  844.095466][T17306] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  844.109886][T17306] batman_adv: batadv0: Removing interface: batadv_slave_1
[  844.151140][T17306] veth1_macvtap: left promiscuous mode
[  844.157013][T17306] veth0_macvtap: left promiscuous mode
[  844.171212][T17306] veth1_vlan: left promiscuous mode
[  844.185559][T17306] veth0_vlan: left promiscuous mode
[  844.757179][T20053] netlink: 24 bytes leftover after parsing attributes in process `syz.8.4216'.
[  845.230418][T17306] team0 (unregistering): Port device team_slave_1 removed
[  845.296593][T17306] team0 (unregistering): Port device team_slave_0 removed
[  845.481776][T20073] loop9: detected capacity change from 0 to 128
[  845.505143][T20073] FAT-fs (loop9): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  845.575344][T20073] FAT-fs (loop9): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  845.675388][T20079] netlink: 'syz.5.4222': attribute type 1 has an invalid length.
[  845.860244][T20083] loop9: detected capacity change from 0 to 128
[  845.888135][T20083] FAT-fs (loop9): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  845.927128][T20083] FAT-fs (loop9): error, invalid FAT chain (i_pos 548, last_block 8)
[  845.937009][T20083] FAT-fs (loop9): Filesystem has been set read-only
[  845.943918][T20083] FAT-fs (loop9): error, corrupted file size (i_pos 548, 522)
[  846.155714][T20079] 8021q: adding VLAN 0 to HW filter on device bond7
[  846.280388][T20081] bond7: (slave geneve2): making interface the new active one
[  846.290349][T20081] bond7: (slave geneve2): Enslaving as an active interface with an up link
[  846.374344][ T6427] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  846.430972][ T6427] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  846.431048][ T6427] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  846.431118][ T6427] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  846.952346][T19440] veth0_macvtap: entered promiscuous mode
[  846.987747][T19440] veth1_macvtap: entered promiscuous mode
[  847.144883][T19440] batman_adv: batadv0: Interface activated: batadv_slave_0
[  847.209477][T19440] batman_adv: batadv0: Interface activated: batadv_slave_1
[  847.306602][ T6431] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  847.359723][ T6431] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  847.414418][ T6431] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  847.487608][ T6431] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  847.765544][T20113] ref_ctr_offset mismatch. inode: 0x314 offset: 0x0 ref_ctr_offset(old): 0xffffffff00 ref_ctr_offset(new): 0x0
[  847.947901][ T6430] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  847.982480][ T6430] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  848.812539][T20124] fuse: fd is not a fuse device
[  848.830399][ T6427] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  848.865640][ T6427] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  849.296955][T20133] fuse: fd is not a fuse device
[  849.989822][T20149] loop7: detected capacity change from 0 to 2048
[  850.022497][T20149] NILFS (loop7): broken superblock, retrying with spare superblock (blocksize = 1024)
[  850.194629][ T6071] udevd[6071]: incorrect nilfs2 checksum on /dev/loop7
[  850.243827][T20161] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  850.567563][T20165] loop8: detected capacity change from 0 to 1024
[  850.614277][T20165] EXT4-fs: Ignoring removed bh option
[  850.742177][   T30] audit: type=1800 audit(1776806355.763:653): pid=20166 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.4242" name="file1" dev="loop7" ino=15 res=0 errno=0
[  850.770874][T20165] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  850.957978][T20149] overlayfs: upper fs does not support tmpfile.
[  851.085524][T20149] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  851.131309][T20149] overlayfs: failed to set xattr on upper
[  851.152648][T20149] overlayfs: ...falling back to redirect_dir=nofollow.
[  851.189946][T20149] overlayfs: ...falling back to index=off.
[  851.208773][T20149] overlayfs: ...falling back to uuid=null.
[  851.418461][T20183] loop9: detected capacity change from 0 to 512
[  851.477612][T12250] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  851.781870][T20161] NILFS (loop7): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  852.075833][T20187] loop8: detected capacity change from 0 to 32768
[  852.083622][T20187] btrfs: Deprecated parameter 'usebackuproot'
[  852.089714][T20187] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  852.114308][T20187] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.4251 (20187)
[  852.140068][T20187] BTRFS info (device loop8): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  852.149236][T20161] NILFS error (device loop7): nilfs_bmap_propagate: broken bmap (inode number=4)
[  852.150324][T20187] BTRFS info (device loop8): using crc32c checksum algorithm
[  852.331211][T18256] BTRFS warning (device loop8): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0
[  852.350856][T20187] BTRFS error (device loop8): failed to load root extent
[  852.358090][T20187] BTRFS warning (device loop8): try to load backup roots slot 1
[  852.367100][ T6427] BTRFS warning (device loop8): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0
[  852.381381][T20187] BTRFS warning (device loop8): couldn't read tree root
[  852.388521][T20187] BTRFS warning (device loop8): try to load backup roots slot 2
[  852.397378][ T6430] BTRFS error (device loop8): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  852.453478][T20161] Remounting filesystem read-only
[  852.588883][T20187] BTRFS warning (device loop8): couldn't read tree root
[  852.597098][T20187] BTRFS warning (device loop8): try to load backup roots slot 3
[  852.632807][T20187] BTRFS info (device loop8): rebuilding free space tree
[  852.718602][T20187] BTRFS info (device loop8): checking UUID tree
[  852.730611][T20187] BTRFS info (device loop8): enabling ssd optimizations
[  852.738080][T20187] BTRFS info (device loop8): turning on async discard
[  852.745025][T20187] BTRFS info (device loop8): enabling free space tree
[  852.751834][T20187] BTRFS info (device loop8): force clearing of disk cache
[  852.759238][T20187] BTRFS info (device loop8): enabling auto defrag
[  852.766102][T20187] BTRFS info (device loop8): trying to use backup root at mount time
[  852.774348][T20187] BTRFS info (device loop8): use zstd compression, level 3
[  852.923636][T19440] NILFS error (device loop7): nilfs_bmap_lookup_contig: broken bmap (inode number=2)
[  853.016756][T19440] NILFS error (device loop7): nilfs_bmap_lookup_contig: broken bmap (inode number=2)
[  853.621945][T12250] BTRFS info (device loop8): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  853.651935][T19440] NILFS (loop7): disposed unprocessed dirty file(s) when stopping log writer
[  854.714531][ T3515] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  855.669309][T20251] netlink: 20 bytes leftover after parsing attributes in process `syz.9.4262'.
[  855.708228][ T3515] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  855.914172][T20251] ip6gre1: entered promiscuous mode
[  855.931414][T20251] ip6gre1: entered allmulticast mode
[  855.973976][T20256] netlink: 'syz.9.4262': attribute type 6 has an invalid length.
[  856.037319][T20256] netlink: 72 bytes leftover after parsing attributes in process `syz.9.4262'.
[  856.310565][ T3515] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  856.488273][T20263] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  856.521389][T20263] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  856.546484][T20263] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  856.565596][T20263] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  856.587300][T20263] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  856.805843][ T3515] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  857.515932][T20282] atomic_op ffff88807af38198 conn xmit_atomic 0000000000000000
[  858.644810][ T5847] Bluetooth: hci5: command tx timeout
[  860.076446][T20308] loop8: detected capacity change from 0 to 1024
[  860.724826][ T5847] Bluetooth: hci5: command tx timeout
[  860.836257][ T5940] usb 9-1: new high-speed USB device number 17 using dummy_hcd
[  860.891239][ T3515] bridge_slave_1: left allmulticast mode
[  860.939117][ T3515] bridge_slave_1: left promiscuous mode
[  860.980926][ T3515] bridge0: port 2(bridge_slave_1) entered disabled state
[  861.023870][ T5940] usb 9-1: Using ep0 maxpacket: 32
[  861.051717][ T5940] usb 9-1: config 0 has an invalid interface number: 68 but max is 0
[  861.089855][ T5940] usb 9-1: config 0 contains an unexpected descriptor of type 0x2, skipping
[  861.133220][ T5940] usb 9-1: config 0 has no interface number 0
[  861.159151][ T3515] bridge_slave_0: left allmulticast mode
[  861.177445][ T5940] usb 9-1: New USB device found, idVendor=045e, idProduct=0703, bcdDevice=6e.c0
[  861.196947][T20325] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  861.220000][ T3515] bridge_slave_0: left promiscuous mode
[  861.224420][ T5940] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  861.255099][ T3515] bridge0: port 1(bridge_slave_0) entered disabled state
[  861.261306][ T5940] usb 9-1: Product: syz
[  861.276938][T20325] block device autoloading is deprecated and will be removed.
[  861.284902][ T5940] usb 9-1: Manufacturer: syz
[  861.318436][ T5940] usb 9-1: SerialNumber: syz
[  861.368698][ T5940] usb 9-1: config 0 descriptor??
[  862.343404][ T3515] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  862.391025][ T3515] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  862.409764][ T3515] bond0 (unregistering): Released all slaves
[  862.495516][ T5499] 8021q: adding VLAN 0 to HW filter on device eth9
[  862.805487][ T5847] Bluetooth: hci5: command tx timeout
[  862.916896][T20262] chnl_net:caif_netlink_parms(): no params data found
[  862.962339][ T5940] uvcvideo 9-1:0.68: Found Unit with invalid ID 0
[  863.002732][ T5940] uvcvideo 9-1:0.68: Found UVC 0.40 device syz (045e:0703)
[  863.025682][ T5940] uvcvideo 9-1:0.68: No valid video chain found.
[  863.081861][ T5940] usb 9-1: USB disconnect, device number 17
[  863.985275][ T3515] hsr_slave_0: left promiscuous mode
[  864.027541][ T3515] hsr_slave_1: left promiscuous mode
[  864.056026][ T3515] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  864.094866][ T3515] batman_adv: batadv0: Removing interface: batadv_slave_0
[  864.130745][ T3515] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  864.162646][ T3515] batman_adv: batadv0: Removing interface: batadv_slave_1
[  864.288715][ T3515] veth1_macvtap: left promiscuous mode
[  864.313559][ T3515] veth0_macvtap: left promiscuous mode
[  864.334680][ T3515] veth1_vlan: left promiscuous mode
[  864.351943][ T3515] veth0_vlan: left promiscuous mode
[  864.883010][ T5847] Bluetooth: hci5: command tx timeout
[  864.895854][T20378] xt_cgroup: path and classid specified
[  866.689133][ T3515] team0 (unregistering): Port device team_slave_1 removed
[  866.858442][ T3515] team0 (unregistering): Port device team_slave_0 removed
[  867.807516][T20262] bridge0: port 1(bridge_slave_0) entered blocking state
[  867.842179][T20262] bridge0: port 1(bridge_slave_0) entered disabled state
[  867.886129][T20262] bridge_slave_0: entered allmulticast mode
[  867.950119][T20262] bridge_slave_0: entered promiscuous mode
[  867.988774][ T5499] 8021q: adding VLAN 0 to HW filter on device eth10
[  868.044223][T20262] bridge0: port 2(bridge_slave_1) entered blocking state
[  868.087580][T20262] bridge0: port 2(bridge_slave_1) entered disabled state
[  868.135993][T20262] bridge_slave_1: entered allmulticast mode
[  868.185571][T20262] bridge_slave_1: entered promiscuous mode
[  868.318553][T20408] fuse: fd is not a fuse device
[  868.451502][T20262] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  868.530712][T20262] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  868.780787][T20262] team0: Port device team_slave_0 added
[  868.817055][T20262] team0: Port device team_slave_1 added
[  869.030752][T20262] batman_adv: batadv0: Adding interface: batadv_slave_0
[  869.054389][T20262] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  869.173347][T20262] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  869.299962][T20262] batman_adv: batadv0: Adding interface: batadv_slave_1
[  869.333842][T20262] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  869.393787][T20262] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  869.551312][T20425] fuse: fd is not a fuse device
[  869.784146][T20262] hsr_slave_0: entered promiscuous mode
[  869.807440][T20262] hsr_slave_1: entered promiscuous mode
[  869.832417][T20262] debugfs: 'hsr0' already exists in 'hsr'
[  869.841682][T20262] Cannot create hsr debugfs directory
[  870.057854][T20439] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4312'.
[  870.112658][   T75] netdevsim netdevsim9 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  870.122321][T20439] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4312'.
[  870.155062][   T36] netdevsim netdevsim9 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  870.275966][   T36] netdevsim netdevsim9 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  870.426200][   T36] netdevsim netdevsim9 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  870.877452][T20456] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4314'.
[  871.008065][T20460] loop9: detected capacity change from 0 to 1024
[  871.221907][T20460] EXT4-fs (loop9): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  871.287787][T20460] EXT4-fs (loop9): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  871.413450][T20460] EXT4-fs (loop9): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  871.483901][T20460] EXT4-fs error (device loop9): ext4_get_journal_inode:5896: inode #5: comm syz.9.4315: unexpected bad inode w/o EXT4_IGET_BAD
[  871.545883][T20460] loop9: lost file I/O error report for ino 5 type 5 pos 0x0 len 0x0 error -117
[  871.562890][    C1] EXT4-fs (loop9): error count since last fsck: 1
[  871.578409][    C1] EXT4-fs (loop9): initial error at time 1776806376: ext4_get_journal_inode:5896: inode 5
[  871.588476][    C1] EXT4-fs (loop9): last error at time 1776806376: ext4_get_journal_inode:5896: inode 5
[  871.653367][T20460] EXT4-fs (loop9): no journal found
[  871.690524][T20460] EXT4-fs (loop9): can't get journal size
[  871.753895][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  871.907954][T20460] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  872.729215][ T1306] ieee802154 phy0 wpan0: encryption failed: -22
[  872.740124][ T1306] ieee802154 phy1 wpan1: encryption failed: -22
[  873.302590][ T5499] 8021q: adding VLAN 0 to HW filter on device eth11
[  873.490029][T13632] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  873.904118][T20485] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4321'.
[  873.972706][T20485] vlan2: left allmulticast mode
[  873.996822][T20485] geneve0: left allmulticast mode
[  874.025647][T20485] vlan2: left promiscuous mode
[  874.060076][T20485] geneve0: left promiscuous mode
[  874.090699][   T30] audit: type=1326 audit(1776806379.113:654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20482 comm="syz.9.4320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafe7d9c819 code=0x7fc00000
[  874.121356][T20485] bridge0: port 3(vlan2) entered disabled state
[  874.177503][T20485] bridge_slave_1: left allmulticast mode
[  874.186572][   T30] audit: type=1326 audit(1776806379.113:655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20482 comm="syz.9.4320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafe7d9c819 code=0x7fc00000
[  874.223177][T20485] bridge_slave_1: left promiscuous mode
[  874.232310][T20485] bridge0: port 2(bridge_slave_1) entered disabled state
[  874.263395][   T30] audit: type=1326 audit(1776806379.113:656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20482 comm="syz.9.4320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafe7d9c819 code=0x7fc00000
[  874.349600][T20485] bridge_slave_0: left allmulticast mode
[  874.362000][   T30] audit: type=1326 audit(1776806379.113:657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20482 comm="syz.9.4320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafe7d9c819 code=0x7fc00000
[  874.363171][T20485] bridge_slave_0: left promiscuous mode
[  874.484266][   T30] audit: type=1326 audit(1776806379.113:658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20482 comm="syz.9.4320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafe7d9c819 code=0x7fc00000
[  874.486322][T20485] bridge0: port 1(bridge_slave_0) entered disabled state
[  874.655122][   T30] audit: type=1326 audit(1776806379.113:659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20482 comm="syz.9.4320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafe7d9c819 code=0x7fc00000
[  874.749976][   T30] audit: type=1326 audit(1776806379.113:660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20482 comm="syz.9.4320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafe7d9c819 code=0x7fc00000
[  874.866183][   T30] audit: type=1326 audit(1776806379.113:661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20482 comm="syz.9.4320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fafe7d9c819 code=0x7fc00000
[  874.920727][T20485] bridge0 (unregistering): left promiscuous mode
[  875.564873][T20509] netlink: 88 bytes leftover after parsing attributes in process `syz.8.4324'.
[  876.874866][ T5499] 8021q: adding VLAN 0 to HW filter on device eth12
[  878.058280][T20262] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  878.171612][T20262] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  878.359002][T20262] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  878.457365][T20262] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  878.606217][T20552] team0: Port device team_slave_0 removed
[  878.771328][T20262] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  878.862644][T20262] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  878.884911][T20262] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  879.101393][T20262] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  879.347889][T20566] netlink: 'syz.9.4338': attribute type 4 has an invalid length.
[  879.717303][T20262] 8021q: adding VLAN 0 to HW filter on device bond0
[  879.846947][T20262] 8021q: adding VLAN 0 to HW filter on device team0
[  879.919581][ T3515] bridge0: port 1(bridge_slave_0) entered blocking state
[  879.926917][ T3515] bridge0: port 1(bridge_slave_0) entered forwarding state
[  880.184210][ T3515] bridge0: port 2(bridge_slave_1) entered blocking state
[  880.191456][ T3515] bridge0: port 2(bridge_slave_1) entered forwarding state
[  880.893999][ T5499] 8021q: adding VLAN 0 to HW filter on device eth13
[  882.180511][T20262] 8021q: adding VLAN 0 to HW filter on device batadv0
[  884.052438][T20262] veth0_vlan: entered promiscuous mode
[  884.126481][T20262] veth1_vlan: entered promiscuous mode
[  884.338231][T20262] veth0_macvtap: entered promiscuous mode
[  884.388159][ T5499] 8021q: adding VLAN 0 to HW filter on device eth14
[  884.433971][T20262] veth1_macvtap: entered promiscuous mode
[  884.552613][T20262] batman_adv: batadv0: Interface activated: batadv_slave_0
[  884.639476][T20262] batman_adv: batadv0: Interface activated: batadv_slave_1
[  884.838907][T18256] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  884.864188][T18256] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  884.895588][T18256] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  884.933704][T18256] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  886.372239][ T6427] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  886.422055][ T6427] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  886.711530][ T6427] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  886.746199][ T6427] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  887.335833][T20702] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4261'.
[  887.389127][T20702] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4261'.
[  888.357795][T20717] fuse: fd is not a fuse device
[  888.417306][ T5499] 8021q: adding VLAN 0 to HW filter on device eth15
[  889.710270][T20744] loop6: detected capacity change from 0 to 128
[  889.770601][T20744] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256
[  890.071926][   T30] audit: type=1800 audit(1776806395.093:662): pid=20744 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.4381" name="bus" dev="loop6" ino=115 res=0 errno=0
[  890.236213][T20752] smbdirect: ib_dev[syz1]: added: RNIC max_fast_reg_page_list_len=256 device_cap_flags=0x200000 kernel_cap_flags=0x10 page_size_cap=0x1000
[  890.289171][T20752] smbdirect: ib_dev[syz1]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=1 max_cqe=3276800 max_qp_wr=32768 max_send_sge=6 max_recv_sge=6
[  890.459776][T20752] smbdirect: ib_dev[syz1]PORT[1]: iwarp=1 ib=0 roce=0 v1=0 v2=0 core_cap_flags=0x400008
[  890.618969][T20754] UDF-fs: error (device loop6): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  890.681825][T20752] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  890.810215][   T30] audit: type=1800 audit(1776806395.833:663): pid=20751 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.4381" name="file1" dev="loop6" ino=94 res=0 errno=0
[  892.083691][ T5499] 8021q: adding VLAN 0 to HW filter on device eth16
[  892.579866][T20773] fuse: fd is not a fuse device
[  894.699452][   T30] audit: type=1800 audit(1776806399.723:664): pid=20797 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.9.4390" name="/" dev="fuse" ino=4 res=0 errno=0
[  895.077304][T20833] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4401'.
[  895.243384][T20838] vlan2: entered allmulticast mode
[  895.267117][T20838] bridge1: entered allmulticast mode
[  895.348916][ T5499] 8021q: adding VLAN 0 to HW filter on device eth17
[  898.333153][ T5499] 8021q: adding VLAN 0 to HW filter on device eth18
[  900.253028][T19708] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[  900.433836][T19708] usb 10-1: Using ep0 maxpacket: 32
[  900.456979][T19708] usb 10-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[  900.499717][T19708] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  900.509939][T20905] veth0_vlan: left promiscuous mode
[  900.544140][T19708] usb 10-1: Product: syz
[  900.565645][T19708] usb 10-1: Manufacturer: syz
[  900.573057][T20905] veth0_vlan: entered promiscuous mode
[  900.588118][T19708] usb 10-1: SerialNumber: syz
[  900.634068][T19708] usb 10-1: config 0 descriptor??
[  901.101252][T19708] airspy 10-1:0.0: Board ID: 00
[  901.119152][T19708] airspy 10-1:0.0: Firmware version: 
[  901.638378][ T5499] 8021q: adding VLAN 0 to HW filter on device eth19
[  902.136246][T19708] airspy 10-1:0.0: usb_control_msg() failed -71 request 10
[  902.420544][T19708] airspy 10-1:0.0: Registered as swradio24
[  902.469868][T19708] airspy 10-1:0.0: SDR API is still slightly experimental and functionality changes may follow
[  902.552822][T19708] usb 10-1: USB disconnect, device number 6
[  903.406655][T20945] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4425'.
[  903.558956][T20947] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4427'.
[  903.614416][T20947] vlan2: entered promiscuous mode
[  903.670482][T20947] bridge0: entered promiscuous mode
[  905.661701][ T5499] 8021q: adding VLAN 0 to HW filter on device eth20
[  909.781255][T21060] fuse: Bad value for 'fd'
[  909.862026][T21064] bond0: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0)
[  909.967857][T21067] bond0: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0)
[  910.709608][T20263] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  910.732405][T20263] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  910.761506][T20263] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  910.775944][T20263] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  910.784314][T20263] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  911.917954][T21074] chnl_net:caif_netlink_parms(): no params data found
[  912.884225][T20263] Bluetooth: hci3: command tx timeout
[  913.009841][T21074] bridge0: port 1(bridge_slave_0) entered blocking state
[  913.046732][T21074] bridge0: port 1(bridge_slave_0) entered disabled state
[  913.084540][T21074] bridge_slave_0: entered allmulticast mode
[  913.147593][T21074] bridge_slave_0: entered promiscuous mode
[  913.209433][T21074] bridge0: port 2(bridge_slave_1) entered blocking state
[  913.251902][T21074] bridge0: port 2(bridge_slave_1) entered disabled state
[  913.286031][T21074] bridge_slave_1: entered allmulticast mode
[  913.321197][T21074] bridge_slave_1: entered promiscuous mode
[  913.501049][T21074] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  913.618155][T21074] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  913.812976][T18150] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  913.931620][T21074] team0: Port device team_slave_0 added
[  913.986873][T21074] team0: Port device team_slave_1 added
[  914.020070][T18150] usb 5-1: Using ep0 maxpacket: 16
[  914.054920][T18150] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  914.105732][T18150] usb 5-1: config 0 has no interface number 0
[  914.146279][T18150] usb 5-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  914.188436][T18150] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  914.268186][T18150] usb 5-1: Product: syz
[  914.288073][T18150] usb 5-1: Manufacturer: syz
[  914.310172][T18150] usb 5-1: SerialNumber: syz
[  914.331449][T21074] batman_adv: batadv0: Adding interface: batadv_slave_0
[  914.364525][T21074] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  914.452736][T21074] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  914.491018][T18150] usb 5-1: config 0 descriptor??
[  914.510360][T21074] batman_adv: batadv0: Adding interface: batadv_slave_1
[  914.537444][T21074] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  914.646866][T18150] gspca_main: spca1528-2.14.0 probing 04fc:1528
[  914.666416][T21074] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  914.963098][T20263] Bluetooth: hci3: command tx timeout
[  915.136948][T21074] hsr_slave_0: entered promiscuous mode
[  915.177111][T21074] hsr_slave_1: entered promiscuous mode
[  915.209130][T21074] debugfs: 'hsr0' already exists in 'hsr'
[  915.268522][T21074] Cannot create hsr debugfs directory
[  915.559380][T21138] bond0: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0)
[  915.707765][T21138] bond0: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0)
[  916.440064][T18150] gspca_spca1528: reg_r err -71
[  916.467181][T18150] spca1528 5-1:0.1: probe with driver spca1528 failed with error -71
[  916.538063][T18150] usb 5-1: USB disconnect, device number 8
[  917.043137][T20263] Bluetooth: hci3: command tx timeout
[  917.117879][T21157] xt_CT: You must specify a L4 protocol and not use inversions on it
[  917.562756][T21154] ipip0: entered promiscuous mode
[  919.136360][T20263] Bluetooth: hci3: command tx timeout
[  921.178922][T21074] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  921.272581][T21074] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  921.319500][T21074] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  921.367711][T21074] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  921.407982][T21074] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  921.482409][T21074] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  921.517981][T21074] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  921.584564][T21074] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  921.718570][   T30] audit: type=1326 audit(1776806426.733:665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21229 comm="syz.5.4491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15a779c819 code=0x7ffc0000
[  921.835037][   T30] audit: type=1326 audit(1776806426.743:666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21229 comm="syz.5.4491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15a779c819 code=0x7ffc0000
[  921.957592][   T30] audit: type=1326 audit(1776806426.773:667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21229 comm="syz.5.4491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=323 compat=0 ip=0x7f15a779c819 code=0x7ffc0000
[  922.064817][   T30] audit: type=1326 audit(1776806426.773:668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21229 comm="syz.5.4491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15a779c819 code=0x7ffc0000
[  922.145950][T21074] 8021q: adding VLAN 0 to HW filter on device bond0
[  922.154780][   T30] audit: type=1326 audit(1776806426.773:669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21229 comm="syz.5.4491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15a779c819 code=0x7ffc0000
[  922.231581][   T30] audit: type=1326 audit(1776806426.773:670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21229 comm="syz.5.4491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f15a779c819 code=0x7ffc0000
[  922.269642][T21074] 8021q: adding VLAN 0 to HW filter on device team0
[  922.298875][T21242] ipip2: entered promiscuous mode
[  922.310364][   T30] audit: type=1326 audit(1776806426.773:671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21229 comm="syz.5.4491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15a779c819 code=0x7ffc0000
[  922.357816][   T75] bridge0: port 1(bridge_slave_0) entered blocking state
[  922.365162][   T75] bridge0: port 1(bridge_slave_0) entered forwarding state
[  922.392454][   T30] audit: type=1326 audit(1776806426.773:672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21229 comm="syz.5.4491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15a779c819 code=0x7ffc0000
[  922.447265][ T6427] bridge0: port 2(bridge_slave_1) entered blocking state
[  922.454621][ T6427] bridge0: port 2(bridge_slave_1) entered forwarding state
[  922.490443][   T30] audit: type=1326 audit(1776806426.773:673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21229 comm="syz.5.4491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f15a779c819 code=0x7ffc0000
[  922.601165][   T30] audit: type=1326 audit(1776806426.773:674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21229 comm="syz.5.4491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15a779c819 code=0x7ffc0000
[  922.691843][T21251] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4498'.
[  922.959047][T21262] batadv_slave_1: entered allmulticast mode
[  922.971464][T21260] batadv_slave_1: left allmulticast mode
[  923.339714][T21074] 8021q: adding VLAN 0 to HW filter on device batadv0
[  923.363231][T21279] fuse: fd is not a fuse device
[  923.496850][T21074] veth0_vlan: entered promiscuous mode
[  923.548932][T21074] veth1_vlan: entered promiscuous mode
[  923.719513][T21074] veth0_macvtap: entered promiscuous mode
[  923.749488][T21074] veth1_macvtap: entered promiscuous mode
[  923.851841][T21074] batman_adv: batadv0: Interface activated: batadv_slave_0
[  923.929504][T21074] batman_adv: batadv0: Interface activated: batadv_slave_1
[  923.987948][ T6427] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  924.060922][ T6427] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  924.079670][ T6427] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  924.144223][ T6427] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  925.777667][T21307] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4511'.
[  925.777693][T21304] overlayfs: failed to clone upperpath
[  926.275369][T21313] syz_tun: entered allmulticast mode
[  926.321603][T17306] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  926.355137][T21318] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4512'.
[  926.383213][T17306] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  926.408052][T21312] syz_tun: left allmulticast mode
[  926.454963][T21321] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4514'.
[  926.733143][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  926.775696][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  926.829253][T21335] loop9: detected capacity change from 0 to 512
[  926.944256][T21335] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  926.981632][   T30] kauditd_printk_skb: 15 callbacks suppressed
[  926.981663][   T30] audit: type=1326 audit(1776806431.983:690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21341 comm="syz.5.4519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15a779c819 code=0x7ffc0000
[  927.034318][T21335] ext4 filesystem being mounted at /348/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  927.088904][   T30] audit: type=1326 audit(1776806431.993:691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21341 comm="syz.5.4519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15a779c819 code=0x7ffc0000
[  927.190621][T21344] ptrace attach of "./syz-executor exec"[21347] was attempted by "./syz-executor exec"[21344]
[  928.147326][   T30] audit: type=1326 audit(1776806431.993:692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21341 comm="syz.5.4519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f15a779c819 code=0x7ffc0000
[  928.553094][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  928.721501][   T30] audit: type=1326 audit(1776806431.993:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21341 comm="syz.5.4519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15a779c819 code=0x7ffc0000
[  928.790843][   T30] audit: type=1326 audit(1776806431.993:694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21341 comm="syz.5.4519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f15a779c819 code=0x7ffc0000
[  928.820766][   T30] audit: type=1326 audit(1776806431.993:695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21341 comm="syz.5.4519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15a779c819 code=0x7ffc0000
[  928.908148][   T30] audit: type=1326 audit(1776806431.993:696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21341 comm="syz.5.4519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15a779c819 code=0x7ffc0000
[  929.041841][   T30] audit: type=1326 audit(1776806431.993:697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21341 comm="syz.5.4519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f15a779c819 code=0x7ffc0000
[  929.228784][   T30] audit: type=1326 audit(1776806431.993:698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21341 comm="syz.5.4519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f15a7796597 code=0x7ffc0000
[  929.355706][   T30] audit: type=1326 audit(1776806431.993:699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21341 comm="syz.5.4519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f15a773db99 code=0x7ffc0000
[  929.828098][T13632] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  930.058365][T21369] loop4: detected capacity change from 0 to 2048
[  933.298619][T21442] fuse: Bad value for 'fd'
[  934.170848][ T1306] ieee802154 phy0 wpan0: encryption failed: -22
[  934.181920][ T1306] ieee802154 phy1 wpan1: encryption failed: -22
[  935.323117][T18143] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  935.543027][T18143] usb 5-1: Using ep0 maxpacket: 8
[  935.618118][T18143] usb 5-1: unable to get BOS descriptor or descriptor too short
[  935.627608][T18143] usb 5-1: unable to read config index 0 descriptor/start: -71
[  935.643588][T18143] usb 5-1: can't read configurations, error -71
[  935.679649][T21492] netlink: 'syz.9.4551': attribute type 51 has an invalid length.
[  935.739805][T21492] batman_adv: batadv0: Removing interface: batadv_slave_0
[  935.796138][T21492] batman_adv: batadv0: Removing interface: batadv_slave_1
[  935.868773][T21497] xt_hashlimit: size too large, truncated to 1048576
[  937.481602][T21507] loop4: detected capacity change from 0 to 2048
[  937.882726][T21507] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  937.923091][T21510] ceph: No mds server is up or the cluster is laggy
[  937.936603][T19706] libceph: connect (1)[c::]:6789 error -22
[  937.971145][T19706] libceph: mon0 (1)[c::]:6789 connect error
[  938.254580][T19706] libceph: connect (1)[c::]:6789 error -22
[  938.283647][T19706] libceph: mon0 (1)[c::]:6789 connect error
[  938.359583][T20262] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  940.494842][T21554] fuse: fd is not a fuse device
[  940.909367][T21563] fuse: fd is not a fuse device
[  943.495157][T21620] overlayfs: failed to clone upperpath
[  945.982790][T21671] fuse: Bad value for 'fd'
[  946.498537][T21678] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4598'.
[  946.611945][   T30] kauditd_printk_skb: 60 callbacks suppressed
[  946.611974][   T30] audit: type=1800 audit(1776806707.630:760): pid=21683 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.4597" name="/" dev="fuse" ino=1 res=0 errno=0
[  947.076314][T21691] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4600'.
[  947.088320][T21691] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4600'.
[  947.116900][T21697] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4601'.
[  947.765057][T21712] fuse: fd is not a fuse device
[  948.190362][T21721] trusted_key: encrypted_key: insufficient parameters specified
[  948.317445][T21727] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4607'.
[  948.445895][T21723] team0: No ports can be present during mode change
[  948.693543][T21727] team0 (unregistering): Port device team_slave_0 removed
[  949.320880][T21732] : entered promiscuous mode
[  949.954942][T21756] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4628'.
[  953.322775][T21793] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4625'.
[  953.381621][T21793] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4625'.
[  954.025574][T21808] overlayfs: failed to clone upperpath
[  954.472665][T21816] overlayfs: failed to clone upperpath
[  954.607955][T21810] netlink: set zone limit has 4 unknown bytes
[  954.768621][T21824] netlink: 'syz.1.4635': attribute type 4 has an invalid length.
[  954.854308][ T6432] bridge_slave_1: left allmulticast mode
[  954.870816][ T6432] bridge_slave_1: left promiscuous mode
[  954.900309][ T6432] bridge0: port 2(bridge_slave_1) entered disabled state
[  954.966691][ T6432] bridge_slave_0: left allmulticast mode
[  954.999070][ T6432] bridge_slave_0: left promiscuous mode
[  955.021017][ T6432] bridge0: port 1(bridge_slave_0) entered disabled state
[  956.969952][T21862] fuse: Bad value for 'fd'
[  957.042232][T19706] kernel write not supported for file bpf-map (pid: 19706 comm: kworker/0:13)
[  957.188149][ T6432] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  957.242183][ T6432] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  957.290050][ T6432] bond0 (unregistering): (slave team0): Releasing backup interface
[  957.321255][ T6432] bond0 (unregistering): Released all slaves
[  957.386060][ T6432] bond1 (unregistering): Released all slaves
[  958.095591][ T5932] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  958.213938][ T6432] tipc: Disabling bearer <udp:syz2>
[  958.709601][ T5932] usb 5-1: config 0 has no interfaces?
[  958.736229][ T6432] tipc: Left network mode
[  958.742720][ T5932] usb 5-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  958.742765][ T5932] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  958.742797][ T5932] usb 5-1: Product: syz
[  958.742822][ T5932] usb 5-1: Manufacturer: syz
[  958.742904][ T5932] usb 5-1: SerialNumber: syz
[  958.761247][ T5932] usb 5-1: config 0 descriptor??
[  958.937619][T21893] xt_hashlimit: size too large, truncated to 1048576
[  960.297595][  T985] usb 5-1: USB disconnect, device number 11
[  961.157494][T21925] fuse: fd is not a fuse device
[  961.546376][ T6432] hsr_slave_0: left promiscuous mode
[  962.327124][ T6432] hsr_slave_1: left promiscuous mode
[  962.355526][    T0] NOHZ tick-stop error: local softirq work is pending, handler #102!!!
[  962.397775][ T6432] batman_adv: batadv0: Removing interface: batadv_slave_1
[  963.487483][ T6432] team0 (unregistering): Port device team_slave_1 removed
[  964.247271][T21969] fuse: Bad value for 'fd'
[  966.469317][T22002] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4678'.
[  967.164810][T22005] bridge0: port 2(bridge_slave_1) entered disabled state
[  967.172608][T22005] bridge0: port 1(bridge_slave_0) entered disabled state
[  967.803540][T22005] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  967.852164][T22005] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  968.351598][ T6432] IPVS: stop unused estimator thread 0...
[  968.371847][ T6427] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  968.422293][ T6427] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  968.474107][ T6427] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  968.512121][ T6427] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  970.414203][ T5842] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[  970.635521][ T5842] usb 10-1: config 0 has no interfaces?
[  970.679675][ T5842] usb 10-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  970.707470][ T5842] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  970.763208][ T5842] usb 10-1: Product: syz
[  970.785268][ T5842] usb 10-1: Manufacturer: syz
[  970.812606][ T5842] usb 10-1: SerialNumber: syz
[  970.870890][ T5842] usb 10-1: config 0 descriptor??
[  971.273207][T22093] veth0_vlan: left promiscuous mode
[  971.374248][T22093] veth0_vlan: entered promiscuous mode
[  971.651220][ T5842] usb 10-1: USB disconnect, device number 7
[  972.339757][T22120] futex_wake_op: syz.1.4712 tries to shift op by 144; fix this program
[  972.707341][T22123] loop3: detected capacity change from 0 to 1024
[  972.923650][T22123] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  972.957328][   T30] audit: type=1326 audit(1776806733.940:761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22129 comm="syz.9.4714" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fafe7d9c819 code=0x0
[  973.771421][T22138] batman_adv: batadv0: Adding interface: dummy0
[  973.783204][T22138] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  973.923502][T22138] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active
[  974.107515][T21074] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  974.354811][T22147] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4718'.
[  974.819777][T22156] team0: No ports can be present during mode change
[  974.868936][T22156] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4720'.
[  974.958466][T22156] team0 (unregistering): Port device team_slave_0 removed
[  975.024710][T22156] team0 (unregistering): Port device team_slave_1 removed
[  975.616134][T22170] fuse: fd is not a fuse device
[  979.041238][T22205] batman_adv: batadv0: Adding interface: dummy0
[  979.093233][T22205] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  979.151319][T22205] batman_adv: batadv0: Interface activated: dummy0
[  979.248761][T22215] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  979.266869][T22211] batadv0: mtu less than device minimum
[  979.319371][T22211] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  979.331200][T22211] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  979.343272][T22211] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  979.355023][T22211] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  979.366629][T22211] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  979.378563][T22211] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  979.385458][T22215] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  979.390530][T22211] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  979.410702][T22211] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  979.422767][T22211] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  979.564811][T22215] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  980.519929][ T5850] Bluetooth: hci1: unexpected event 0x04 length: 245 > 10
[  980.520086][ T5850] Bluetooth: hci1: connection err: -111
[  981.349590][T22256] lo: Caught tx_queue_len zero misconfig
[  981.815144][T22262] netlink: 'syz.6.4748': attribute type 1 has an invalid length.
[  981.972720][T22265] loop4: detected capacity change from 0 to 256
[  982.024520][T22265] exfat: Deprecated parameter 'utf8'
[  982.202272][T22262] 8021q: adding VLAN 0 to HW filter on device bond7
[  982.223190][T22265] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x72bddf51, utbl_chksum : 0xe619d30d)
[  982.404570][ T5850] Bluetooth: hci5: command 0x0406 tx timeout
[  983.435032][ T5499] 8021q: adding VLAN 0 to HW filter on device eth1
[  983.954791][T22305] loop3: detected capacity change from 0 to 128
[  984.006437][T22305] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  984.114306][T22305] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  984.349919][ T6427] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  984.412730][T22305] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  989.510769][ T5499] 8021q: adding VLAN 0 to HW filter on device eth2
[  989.573591][T22344] net_ratelimit: 11 callbacks suppressed
[  989.573621][T22344] netlink: set zone limit has 4 unknown bytes
[  989.893041][T22366] fuse: fd is not a fuse device
[  989.976862][T22368] loop9: detected capacity change from 0 to 256
[  990.022496][T22368] exfat: Deprecated parameter 'utf8'
[  990.119353][T22368] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0x72bddf51, utbl_chksum : 0xe619d30d)
[  990.374064][T22378] tipc: Failed to remove unknown binding: 66,0,0/0:958975534/958975535
[  990.402716][T22378] tipc: Failed to remove unknown binding: 66,0,0/0:958975534/958975535
[  991.923016][T22410] hugetlbfs: syz.3.4786 (22410): Using mlock ulimits for SHM_HUGETLB is obsolete
[  992.071297][T22416] overlayfs: failed to clone upperpath
[  992.298162][T22419] debugfs: Bad value for 'source'
[  992.810023][ T5499] 8021q: adding VLAN 0 to HW filter on device eth3
[  994.980543][T22467] loop9: detected capacity change from 0 to 1024
[  995.015759][T22467] EXT4-fs: Ignoring removed i_version option
[  995.080468][T22467] EXT4-fs (loop9): Test dummy encryption mode enabled
[  995.189353][T22467] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  995.611598][ T1306] ieee802154 phy0 wpan0: encryption failed: -22
[  995.618179][ T1306] ieee802154 phy1 wpan1: encryption failed: -22
[  995.986184][T13632] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  997.251115][T22499] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4810'.
[  997.350170][T22499] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4810'.
[  997.438668][ T5499] 8021q: adding VLAN 0 to HW filter on device eth4
[  998.637761][T22523] loop9: detected capacity change from 0 to 4096
[  998.657725][T22523] EXT4-fs: Ignoring removed orlov option
[  998.682294][T22523] EXT4-fs (loop9): Test dummy encryption mode enabled
[  998.708736][T22523] EXT4-fs (loop9): can't mount with both data=journal and delalloc
[ 1000.689358][T22550] ipip2: left promiscuous mode
[ 1000.819618][ T6430] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1000.875244][ T6430] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1000.923871][ T6430] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1000.991521][ T6430] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1002.194585][T18148] usb 10-1: new high-speed USB device number 8 using dummy_hcd
[ 1002.422964][T18148] usb 10-1: Using ep0 maxpacket: 16
[ 1002.456867][T18148] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1002.504432][T18148] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1002.548296][T18148] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1002.608336][T18148] usb 10-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1002.641743][T18148] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1002.689074][T18148] usb 10-1: config 0 descriptor??
[ 1003.009405][T22578] Cannot find add_set index 2 as target
[ 1004.275835][T18148] usbhid 10-1:0.0: can't add hid device: -71
[ 1004.293067][T18148] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[ 1004.496390][T18148] usb 10-1: USB disconnect, device number 8
[ 1008.201841][T20263] Bluetooth: hci4: unexpected event 0x04 length: 245 > 10
[ 1008.201971][T20263] Bluetooth: hci4: connection err: -111
[ 1009.330974][T22713] fuse: fd is not a fuse device
[ 1010.232761][T22724] fuse: fd is not a fuse device
[ 1010.682705][   T30] audit: type=1800 audit(1776806771.700:762): pid=22734 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.4866" name="bus" dev="tmpfs" ino=1447 res=0 errno=0
[ 1013.293924][T20263] Bluetooth: hci3: unexpected event 0x04 length: 245 > 10
[ 1013.294043][T20263] Bluetooth: hci3: connection err: -111
[ 1013.316474][T22767] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1013.408054][T22767] batman_adv: batadv0: Interface activated: dummy0
[ 1013.415179][T22767] batadv0: mtu less than device minimum
[ 1013.422416][T22767] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1013.434410][T22767] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1013.446326][T22767] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1013.458340][T22767] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1013.470462][T22767] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1013.482596][T22767] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1013.494901][T22767] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1013.507066][T22767] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1013.519295][T22767] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1013.599148][T22775] dummy0: Caught tx_queue_len zero misconfig
[ 1014.637076][T22803] batman_adv: batadv0: Interface deactivated: dummy0
[ 1017.350391][T22846] loop9: detected capacity change from 0 to 512
[ 1017.430918][T22846] EXT4-fs error (device loop9): dx_probe:791: inode #2: comm syz.9.4893: Directory hole found for htree index block 0
[ 1017.518166][T22846] loop9: lost file I/O error report for ino 2 type 5 pos 0x0 len 0x0 error -117
[ 1017.522971][    C0] EXT4-fs (loop9): error count since last fsck: 1
[ 1017.538766][    C0] EXT4-fs (loop9): initial error at time 1776806778: dx_probe:791: inode 2
[ 1017.547434][    C0] EXT4-fs (loop9): last error at time 1776806778: dx_probe:791: inode 2
[ 1017.727379][T22846] EXT4-fs (loop9): Cannot turn on journaled quota: type 1: error -117
[ 1017.796883][T22846] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1018.203055][T18148] usb 10-1: new low-speed USB device number 9 using dummy_hcd
[ 1018.405330][T18148] usb 10-1: config 0 has an invalid interface number: 210 but max is 0
[ 1018.416226][T22850] EXT4-fs error (device loop9): ext4_validate_block_bitmap:440: comm ext4lazyinit: bg 0: block 255: padding at end of block bitmap is not set
[ 1018.441780][T18148] usb 10-1: config 0 has no interface number 0
[ 1018.479664][T18148] usb 10-1: config 0 interface 210 altsetting 227 endpoint 0xF is Bulk; changing to Interrupt
[ 1018.526011][T18148] usb 10-1: config 0 interface 210 has no altsetting 0
[ 1018.542825][T22865] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4899'.
[ 1018.560559][T18148] usb 10-1: string descriptor 0 read error: -22
[ 1018.578435][T18148] usb 10-1: New USB device found, idVendor=05ac, idProduct=921c, bcdDevice=99.e1
[ 1018.620386][T18148] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1018.641288][T22865] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4899'.
[ 1018.669028][T18148] usb 10-1: config 0 descriptor??
[ 1018.699230][T22846] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[ 1018.751406][T18148] appledisplay 10-1:0.210: Could not find int-in endpoint
[ 1018.785888][T18148] usbhid 10-1:0.210: couldn't find an input interrupt endpoint
[ 1018.929221][   T30] audit: type=1326 audit(1776806779.950:763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22874 comm="syz.4.4902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92de59c819 code=0x7ffc0000
[ 1018.984665][   T30] audit: type=1326 audit(1776806779.950:764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22874 comm="syz.4.4902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92de59c819 code=0x7ffc0000
[ 1019.029850][T22846] EXT4-fs error (device loop9): dx_probe:791: inode #2: comm syz.9.4893: Directory hole found for htree index block 0
[ 1019.046927][   T30] audit: type=1326 audit(1776806779.980:765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22874 comm="syz.4.4902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f92de59c819 code=0x7ffc0000
[ 1019.089703][ T5933] usb 10-1: USB disconnect, device number 9
[ 1019.120322][   T30] audit: type=1326 audit(1776806779.980:766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22874 comm="syz.4.4902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92de59c819 code=0x7ffc0000
[ 1019.194360][   T30] audit: type=1326 audit(1776806779.980:767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22874 comm="syz.4.4902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92de59c819 code=0x7ffc0000
[ 1019.246091][T22876] loop4: detected capacity change from 0 to 4096
[ 1019.277985][T22876] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1019.290442][   T30] audit: type=1326 audit(1776806779.990:768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22874 comm="syz.4.4902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f92de59c819 code=0x7ffc0000
[ 1019.327987][T22876] EXT4-fs (loop4): stripe (97) is not aligned with cluster size (16), stripe is disabled
[ 1019.503163][T22876] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1019.583671][   T30] audit: type=1326 audit(1776806779.990:769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22874 comm="syz.4.4902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f92de59c582 code=0x7ffc0000
[ 1019.626379][   T30] audit: type=1326 audit(1776806780.090:770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22874 comm="syz.4.4902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f92de55d04e code=0x7ffc0000
[ 1019.828751][   T30] audit: type=1326 audit(1776806780.230:771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22874 comm="syz.4.4902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f92de59c647 code=0x7ffc0000
[ 1019.875471][   T30] audit: type=1326 audit(1776806780.260:772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22874 comm="syz.4.4902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f92de55d04e code=0x7ffc0000
[ 1019.978230][T13632] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1020.138940][T20262] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1020.537599][T18148] Process accounting resumed
[ 1021.169131][T22910] Process accounting resumed
[ 1024.816709][T22965] fuse: fd is not a fuse device
[ 1025.180703][T22972] lo: Caught tx_queue_len zero misconfig
[ 1025.870113][T22982] netlink: 'syz.6.4924': attribute type 1 has an invalid length.
[ 1025.918715][T22975] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1027.605075][T23014] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4932'.
[ 1027.690106][T23011] bridge0: port 1(syz_tun) entered disabled state
[ 1028.382433][   T10] IPVS: starting estimator thread 0...
[ 1028.533463][T23042] IPVS: using max 23 ests per chain, 55200 per kthread
[ 1029.778301][T23055] netlink: 212368 bytes leftover after parsing attributes in process `syz.3.4943'.
[ 1134.882879][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 1134.889908][    C1] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P23046/1:b..l
[ 1134.899051][    C1] rcu: 	(detected by 1, t=10502 jiffies, g=180941, q=209 ncpus=2)
[ 1134.906876][    C1] task:syz.9.4940      state:R  running task     stack:27432 pid:23046 tgid:23041 ppid:13632  task_flags:0x40044c flags:0x00080000
[ 1134.922736][    C1] Call Trace:
[ 1134.926024][    C1]  <TASK>
[ 1134.928964][    C1]  __schedule+0x10e9/0x6820
[ 1134.933506][    C1]  ? irqentry_exit+0x246/0x790
[ 1134.938303][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1134.944004][    C1]  ? __pfx___schedule+0x10/0x10
[ 1134.948937][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1134.954607][    C1]  ? page_table_check_clear+0x47e/0x8f0
[ 1134.960193][    C1]  ? preempt_schedule_thunk+0x16/0x30
[ 1134.965608][    C1]  preempt_schedule_common+0x42/0xc0
[ 1134.970931][    C1]  preempt_schedule_thunk+0x16/0x30
[ 1134.976179][    C1]  _raw_spin_unlock+0x3e/0x50
[ 1134.980882][    C1]  __zap_vma_range+0x1791/0x4bf0
[ 1134.985901][    C1]  ? __pfx___zap_vma_range+0x10/0x10
[ 1134.991331][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1134.997019][    C1]  ? find_held_lock+0x2b/0x80
[ 1135.001760][    C1]  unmap_vmas+0x299/0x5f0
[ 1135.006140][    C1]  ? __pfx_unmap_vmas+0x10/0x10
[ 1135.011036][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1135.016703][    C1]  ? mas_next_slot+0x10a3/0x1960
[ 1135.021835][    C1]  exit_mmap+0x1ef/0xa10
[ 1135.026157][    C1]  ? __pfx_exit_mmap+0x10/0x10
[ 1135.030975][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1135.035874][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1135.041724][    C1]  ? uprobe_clear_state+0x5f/0x260
[ 1135.046989][    C1]  ? uprobe_clear_state+0x5f/0x260
[ 1135.052486][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1135.058164][    C1]  ? __lock_acquire+0x4a5/0x2630
[ 1135.063157][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1135.068829][    C1]  ? arch_uprobe_clear_state+0x107/0x150
[ 1135.074510][    C1]  __mmput+0x12a/0x410
[ 1135.078624][    C1]  mmput+0x67/0x80
[ 1135.082406][    C1]  do_exit+0x833/0x2a60
[ 1135.086685][    C1]  ? __pfx_do_exit+0x10/0x10
[ 1135.091315][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1135.096988][    C1]  ? do_raw_spin_lock+0x128/0x260
[ 1135.102044][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1135.107713][    C1]  ? find_held_lock+0x2b/0x80
[ 1135.112441][    C1]  ? get_signal+0x7e0/0x21e0
[ 1135.117085][    C1]  do_group_exit+0xd5/0x2a0
[ 1135.121634][    C1]  get_signal+0x1ec7/0x21e0
[ 1135.126184][    C1]  ? __schedule+0x3291/0x6820
[ 1135.131089][    C1]  ? __pfx_get_signal+0x10/0x10
[ 1135.135976][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1135.141873][    C1]  ? do_futex+0x192/0x350
[ 1135.146311][    C1]  arch_do_signal_or_restart+0x91/0x7a0
[ 1135.152195][    C1]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1135.158494][    C1]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1135.163852][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1135.169665][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1135.174495][    C1]  exit_to_user_mode_loop+0x86/0x4a0
[ 1135.179900][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1135.185570][    C1]  do_syscall_64+0x706/0xf80
[ 1135.190406][    C1]  ? irqentry_exit+0x117/0x790
[ 1135.195318][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1135.201387][    C1] RIP: 0033:0x7fafe7d9c819
[ 1135.205859][    C1] RSP: 002b:00007fafe5fcd0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1135.214303][    C1] RAX: fffffffffffffe00 RBX: 00007fafe8016098 RCX: 00007fafe7d9c819
[ 1135.222285][    C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fafe8016098
[ 1135.230274][    C1] RBP: 00007fafe8016090 R08: 0000000000000000 R09: 0000000000000000
[ 1135.238472][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1135.246488][    C1] R13: 00007fafe8016128 R14: 00007fff39ac1a60 R15: 00007fff39ac1b48
[ 1135.254622][    C1]  </TASK>
[ 1135.257691][    C1] rcu: rcu_preempt kthread timer wakeup didn't happen for 10501 jiffies! g180941 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402
[ 1135.270162][    C1] rcu: 	Possible timer handling issue on cpu=0 timer-softirq=75782
[ 1135.278646][    C1] rcu: rcu_preempt kthread starved for 10502 jiffies! g180941 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=0
[ 1135.290210][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 1135.300194][    C1] rcu: RCU grace-period kthread stack dump:
[ 1135.306092][    C1] task:rcu_preempt     state:I stack:28304 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00080000
[ 1135.318093][    C1] Call Trace:
[ 1135.321392][    C1]  <TASK>
[ 1135.324337][    C1]  __schedule+0x10e9/0x6820
[ 1135.328912][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1135.334707][    C1]  ? __pfx___schedule+0x10/0x10
[ 1135.339672][    C1]  ? find_held_lock+0x2b/0x80
[ 1135.344482][    C1]  ? schedule+0x2bf/0x390
[ 1135.348839][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1135.354686][    C1]  schedule+0xdd/0x390
[ 1135.358823][    C1]  schedule_timeout+0x127/0x280
[ 1135.363703][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[ 1135.369115][    C1]  ? __pfx_process_timeout+0x10/0x10
[ 1135.374448][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1135.380115][    C1]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1135.385963][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1135.391818][    C1]  ? prepare_to_swait_event+0xdf/0x4a0
[ 1135.397371][    C1]  rcu_gp_fqs_loop+0x1a9/0x900
[ 1135.402165][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1135.407829][    C1]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[ 1135.413150][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1135.418818][    C1]  ? __pfx_rcu_gp_init+0x10/0x10
[ 1135.423792][    C1]  ? __pfx_rcu_gp_cleanup+0x10/0x10
[ 1135.429017][    C1]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1135.434865][    C1]  rcu_gp_kthread+0x179/0x230
[ 1135.439574][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1135.444795][    C1]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1135.450757][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1135.456445][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1135.462136][    C1]  ? __kthread_parkme+0x18c/0x230
[ 1135.467205][    C1]  ? kthread+0x13a/0x450
[ 1135.471469][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1135.476692][    C1]  kthread+0x370/0x450
[ 1135.480800][    C1]  ? __pfx_kthread+0x10/0x10
[ 1135.485417][    C1]  ret_from_fork+0x72b/0xd50
[ 1135.490391][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[ 1135.495559][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1135.501227][    C1]  ? __switch_to+0x800/0x1100
[ 1135.505946][    C1]  ? __switch_to_asm+0x39/0x70
[ 1135.510743][    C1]  ? __pfx_kthread+0x10/0x10
[ 1135.515446][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1135.520288][    C1]  </TASK>
[ 1135.523321][    C1] rcu: Stack dump where RCU GP kthread last ran:
[ 1135.529933][    C1] Sending NMI from CPU 1 to CPUs 0:
[ 1135.535353][    C0] NMI backtrace for cpu 0
[ 1135.535385][    C0] CPU: 0 UID: 0 PID: 23058 Comm: syz.1.4942 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1135.535431][    C0] Tainted: [L]=SOFTLOCKUP
[ 1135.535443][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1135.535465][    C0] RIP: 0010:lock_is_held_type+0xcf/0x140
[ 1135.535524][    C0] Code: 74 13 31 c0 41 f6 46 22 03 0f 95 c0 44 39 e0 0f 94 c0 0f b6 c0 48 c7 c7 d0 1c f3 8d 89 44 24 04 e8 56 17 00 00 ba ff ff ff ff <65> 0f c1 15 f1 95 7b 08 83 fa 01 8b 44 24 04 75 2d 9c 5a 80 e6 02
[ 1135.535558][    C0] RSP: 0018:ffffc90000007e48 EFLAGS: 00000086
[ 1135.535584][    C0] RAX: 0000000000000000 RBX: ffff8880b84284d8 RCX: 0000000000000001
[ 1135.535606][    C0] RDX: 00000000ffffffff RSI: ffffffff8df31cd0 RDI: ffffffff8c1c1e80
[ 1135.535629][    C0] RBP: ffff888036b63d80 R08: 0000000000000005 R09: 0000000000000000
[ 1135.535650][    C0] R10: 0000000000000001 R11: 0000000000000001 R12: 00000000ffffffff
[ 1135.535671][    C0] R13: 0000000000000046 R14: ffff888036b64910 R15: 0000000000000000
[ 1135.535696][    C0] FS:  00007f420938c6c0(0000) GS:ffff8881242df000(0000) knlGS:0000000000000000
[ 1135.535725][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1135.535747][    C0] CR2: 00007f420938bff8 CR3: 000000009fa6b000 CR4: 0000000000350ef0
[ 1135.535770][    C0] Call Trace:
[ 1135.535783][    C0]  <IRQ>
[ 1135.535802][    C0]  __hrtimer_run_queues+0x7c3/0xa00
[ 1135.535862][    C0]  hrtimer_interrupt+0x3e5/0x940
[ 1135.535924][    C0]  __sysvec_apic_timer_interrupt+0x10b/0x460
[ 1135.535972][    C0]  sysvec_apic_timer_interrupt+0x9e/0xc0
[ 1135.536020][    C0]  </IRQ>
[ 1135.536031][    C0]  <TASK>
[ 1135.536043][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1135.536082][    C0] RIP: 0010:_raw_spin_unlock_irqrestore+0x31/0x80
[ 1135.536129][    C0] Code: f5 53 48 8b 74 24 10 48 89 fb 48 83 c7 18 e8 66 92 49 f6 48 89 df e8 3e e2 49 f6 f7 c5 00 02 00 00 75 23 9c 58 f6 c4 02 75 37 <bf> 01 00 00 00 e8 25 b7 39 f6 65 8b 05 3e 5f 78 08 85 c0 74 16 5b
[ 1135.536161][    C0] RSP: 0018:ffffc90004c67d78 EFLAGS: 00000246
[ 1135.536186][    C0] RAX: 0000000000000006 RBX: ffffffff9b23d118 RCX: 0000000000000000
[ 1135.536214][    C0] RDX: 0000000000000000 RSI: ffffffff8df571e0 RDI: ffffffff8c1c1e80
[ 1135.536236][    C0] RBP: 0000000000000283 R08: 0000000000000001 R09: 0000000000000000
[ 1135.536257][    C0] R10: 0000000000000001 R11: 0000000000000000 R12: 1ffff9200098cfb6
[ 1135.536278][    C0] R13: 000000000d4da879 R14: 000000000d4da879 R15: 0000000000000000
[ 1135.536315][    C0]  do_settimeofday64+0x326/0x4d0
[ 1135.536353][    C0]  ? __pfx_do_settimeofday64+0x10/0x10
[ 1135.536388][    C0]  ? security_capable+0x80/0x260
[ 1135.536430][    C0]  ? qat_asym_algs_unregister+0x15/0x70
[ 1135.536486][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1135.536526][    C0]  ? capable+0xd3/0xf0
[ 1135.536570][    C0]  do_sys_settimeofday64+0x1dc/0x260
[ 1135.536612][    C0]  __x64_sys_clock_settime+0x1c1/0x2a0
[ 1135.536666][    C0]  ? __pfx___x64_sys_clock_settime+0x10/0x10
[ 1135.536721][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1135.536761][    C0]  ? rcu_is_watching+0x12/0xc0
[ 1135.536811][    C0]  do_syscall_64+0x10b/0xf80
[ 1135.536858][    C0]  ? irqentry_exit+0x117/0x790
[ 1135.536912][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1135.536947][    C0] RIP: 0033:0x7f420859c819
[ 1135.536979][    C0] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1135.537012][    C0] RSP: 002b:00007f420938c028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e3
[ 1135.537041][    C0] RAX: ffffffffffffffda RBX: 00007f4208816180 RCX: 00007f420859c819
[ 1135.537063][    C0] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000000
[ 1135.537084][    C0] RBP: 00007f4208632c91 R08: 0000000000000000 R09: 0000000000000000
[ 1135.537106][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1135.537126][    C0] R13: 00007f4208816218 R14: 00007f4208816180 R15: 00007ffda69bcb58
[ 1135.537162][    C0]  </TASK>
[ 1281.629761][    C1] watchdog: BUG: soft lockup - CPU#1 stuck for 246s! [kworker/u8:8:3515]
[ 1281.629806][    C1] Modules linked in:
[ 1281.629827][    C1] irq event stamp: 6268062
[ 1281.629843][    C1] hardirqs last  enabled at (6268061): [<ffffffff8b98c716>] irqentry_exit+0x246/0x790
[ 1281.629939][    C1] hardirqs last disabled at (6268062): [<ffffffff8b98b2fe>] sysvec_apic_timer_interrupt+0xe/0xc0
[ 1281.630011][    C1] softirqs last  enabled at (6268058): [<ffffffff81c90572>] __irq_exit_rcu+0x162/0x210
[ 1281.630082][    C1] softirqs last disabled at (6268049): [<ffffffff81c90572>] __irq_exit_rcu+0x162/0x210
[ 1281.630166][    C1] CPU: 1 UID: 0 PID: 3515 Comm: kworker/u8:8 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1281.630228][    C1] Tainted: [L]=SOFTLOCKUP
[ 1281.630244][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1281.630274][    C1] Workqueue: events_unbound toggle_allocation_gate
[ 1281.630342][    C1] RIP: 0010:smp_call_function_many_cond+0x58e/0x1700
[ 1281.630396][    C1] Code: 00 fc ff df 48 8b 54 24 08 49 89 d5 49 89 d4 49 c1 ed 03 41 83 e4 07 49 01 c5 41 83 c4 03 e8 f9 7f 0c 00 f3 90 41 0f b6 45 00 <41> 38 c4 7c 08 84 c0 0f 85 63 0f 00 00 8b 45 08 31 ff 83 e0 01 41
[ 1281.630440][    C1] RSP: 0018:ffffc900106ef870 EFLAGS: 00000293
[ 1281.630472][    C1] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff81fcd9ed
[ 1281.630501][    C1] RDX: ffff888033cc9ec0 RSI: ffffffff81fcd9c7 RDI: ffff888033cc9ec0
[ 1281.630531][    C1] RBP: ffff8880b8443180 R08: 0000000000000005 R09: 0000000000000000
[ 1281.630586][    C1] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000003
[ 1281.630613][    C1] R13: ffffed1017088631 R14: 0000000000000001 R15: ffff8880b853c700
[ 1281.630645][    C1] FS:  0000000000000000(0000) GS:ffff8881243df000(0000) knlGS:0000000000000000
[ 1281.630683][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1281.630712][    C1] CR2: 00007f1c3353b9e0 CR3: 000000000e596000 CR4: 0000000000350ef0
[ 1281.630742][    C1] Call Trace:
[ 1281.630756][    C1]  <TASK>
[ 1281.630783][    C1]  ? __pfx_do_sync_core+0x10/0x10
[ 1281.630858][    C1]  ? __pfx_smp_call_function_many_cond+0x10/0x10
[ 1281.630909][    C1]  ? __pfx_text_poke_memcpy+0x10/0x10
[ 1281.630982][    C1]  ? __pfx___text_poke+0x10/0x10
[ 1281.631045][    C1]  ? __pfx_do_sync_core+0x10/0x10
[ 1281.631106][    C1]  on_each_cpu_cond_mask+0x40/0x90
[ 1281.631159][    C1]  ? kmem_cache_alloc_from_sheaf_noprof+0x39/0x190
[ 1281.631221][    C1]  smp_text_poke_batch_finish+0x337/0xc60
[ 1281.631292][    C1]  ? __pfx_smp_text_poke_batch_finish+0x10/0x10
[ 1281.631358][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1281.631406][    C1]  ? arch_jump_label_transform_queue+0xc0/0x120
[ 1281.631472][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1281.631518][    C1]  ? find_held_lock+0x2b/0x80
[ 1281.631596][    C1]  arch_jump_label_transform_apply+0x1c/0x30
[ 1281.631659][    C1]  jump_label_update+0x37a/0x550
[ 1281.631725][    C1]  static_key_enable_cpuslocked+0x1bc/0x270
[ 1281.631789][    C1]  static_key_enable+0x1a/0x20
[ 1281.631847][    C1]  toggle_allocation_gate+0xfe/0x2d0
[ 1281.631901][    C1]  ? __pfx_toggle_allocation_gate+0x10/0x10
[ 1281.631955][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1281.632005][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1281.632052][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1281.632107][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1281.632163][    C1]  process_one_work+0xa0e/0x1980
[ 1281.632230][    C1]  ? __pfx_process_one_work+0x10/0x10
[ 1281.632274][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1281.632333][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1281.632386][    C1]  worker_thread+0x5ef/0xe50
[ 1281.632443][    C1]  ? __pfx_worker_thread+0x10/0x10
[ 1281.632490][    C1]  ? kthread+0x13a/0x450
[ 1281.632528][    C1]  ? __pfx_worker_thread+0x10/0x10
[ 1281.632575][    C1]  kthread+0x370/0x450
[ 1281.632613][    C1]  ? __pfx_kthread+0x10/0x10
[ 1281.632656][    C1]  ret_from_fork+0x72b/0xd50
[ 1281.632702][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[ 1281.632747][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1281.632792][    C1]  ? __switch_to+0x800/0x1100
[ 1281.632844][    C1]  ? __switch_to_asm+0x39/0x70
[ 1281.632894][    C1]  ? __pfx_kthread+0x10/0x10
[ 1281.632937][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1281.633011][    C1]  </TASK>
[ 1281.633025][    C1] Sending NMI from CPU 1 to CPUs 0:
[ 1282.044024][    C0] NMI backtrace for cpu 0
[ 1282.044055][    C0] CPU: 0 UID: 0 PID: 23058 Comm: syz.1.4942 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1282.044102][    C0] Tainted: [L]=SOFTLOCKUP
[ 1282.044114][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1282.044134][    C0] RIP: 0010:advance_sched+0x1c5/0xc80
[ 1282.044191][    C0] Code: df 48 c1 ea 03 80 3c 02 00 0f 85 06 0a 00 00 48 8b 43 f8 48 89 44 24 20 48 85 ed 0f 84 58 08 00 00 e8 af 27 68 f8 4c 8b 34 24 <4d> 85 f6 0f 84 e4 07 00 00 e8 9d 27 68 f8 49 8d be 50 01 00 00 48
[ 1282.044223][    C0] RSP: 0018:ffffc90000007dd8 EFLAGS: 00000046
[ 1282.044250][    C0] RAX: 0000000080010002 RBX: ffff8880512f3300 RCX: ffffffff89a1377d
[ 1282.044272][    C0] RDX: ffff888036b63d80 RSI: ffffffff89a13211 RDI: ffff888036b63d80
[ 1282.044301][    C0] RBP: ffff888035473000 R08: 0000000000000005 R09: 0000000000000000
[ 1282.044322][    C0] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000001
[ 1282.044343][    C0] R13: ffff888036b648f8 R14: ffff888035471400 R15: ffff8880b8428650
[ 1282.044368][    C0] FS:  00007f420938c6c0(0000) GS:ffff8881242df000(0000) knlGS:0000000000000000
[ 1282.044398][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1282.044420][    C0] CR2: 00007f420938bff8 CR3: 000000009fa6b000 CR4: 0000000000350ef0
[ 1282.044441][    C0] Call Trace:
[ 1282.044454][    C0]  <IRQ>
[ 1282.044470][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1282.044513][    C0]  ? find_held_lock+0x2b/0x80
[ 1282.044569][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1282.044610][    C0]  ? do_raw_spin_unlock+0x145/0x1e0
[ 1282.044655][    C0]  ? __pfx_advance_sched+0x10/0x10
[ 1282.044705][    C0]  __hrtimer_run_queues+0x470/0xa00
[ 1282.044766][    C0]  hrtimer_interrupt+0x3e5/0x940
[ 1282.044829][    C0]  __sysvec_apic_timer_interrupt+0x10b/0x460
[ 1282.044879][    C0]  sysvec_apic_timer_interrupt+0x9e/0xc0
[ 1282.044930][    C0]  </IRQ>
[ 1282.044940][    C0]  <TASK>
[ 1282.044953][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1282.044990][    C0] RIP: 0010:_raw_spin_unlock_irqrestore+0x31/0x80
[ 1282.045038][    C0] Code: f5 53 48 8b 74 24 10 48 89 fb 48 83 c7 18 e8 66 92 49 f6 48 89 df e8 3e e2 49 f6 f7 c5 00 02 00 00 75 23 9c 58 f6 c4 02 75 37 <bf> 01 00 00 00 e8 25 b7 39 f6 65 8b 05 3e 5f 78 08 85 c0 74 16 5b
[ 1282.045070][    C0] RSP: 0018:ffffc90004c67d78 EFLAGS: 00000246
[ 1282.045095][    C0] RAX: 0000000000000006 RBX: ffffffff9b23d118 RCX: 0000000000000000
[ 1282.045116][    C0] RDX: 0000000000000000 RSI: ffffffff8df571e0 RDI: ffffffff8c1c1e80
[ 1282.045138][    C0] RBP: 0000000000000283 R08: 0000000000000001 R09: 0000000000000000
[ 1282.045159][    C0] R10: 0000000000000001 R11: 0000000000000000 R12: 1ffff9200098cfb6
[ 1282.045180][    C0] R13: 000000000d4da879 R14: 000000000d4da879 R15: 0000000000000000
[ 1282.045218][    C0]  do_settimeofday64+0x326/0x4d0
[ 1282.045257][    C0]  ? __pfx_do_settimeofday64+0x10/0x10
[ 1282.045292][    C0]  ? security_capable+0x80/0x260
[ 1282.045340][    C0]  ? qat_asym_algs_unregister+0x15/0x70
[ 1282.045397][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1282.045437][    C0]  ? capable+0xd3/0xf0
[ 1282.045484][    C0]  do_sys_settimeofday64+0x1dc/0x260
[ 1282.045525][    C0]  __x64_sys_clock_settime+0x1c1/0x2a0
[ 1282.045580][    C0]  ? __pfx___x64_sys_clock_settime+0x10/0x10
[ 1282.045636][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1282.045676][    C0]  ? rcu_is_watching+0x12/0xc0
[ 1282.045728][    C0]  do_syscall_64+0x10b/0xf80
[ 1282.045775][    C0]  ? irqentry_exit+0x117/0x790
[ 1282.045826][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1282.045861][    C0] RIP: 0033:0x7f420859c819
[ 1282.045889][    C0] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1282.045921][    C0] RSP: 002b:00007f420938c028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e3
[ 1282.045950][    C0] RAX: ffffffffffffffda RBX: 00007f4208816180 RCX: 00007f420859c819
[ 1282.045973][    C0] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000000
[ 1282.045994][    C0] RBP: 00007f4208632c91 R08: 0000000000000000 R09: 0000000000000000
[ 1282.046015][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1282.046036][    C0] R13: 00007f4208816218 R14: 00007f4208816180 R15: 00007ffda69bcb58
[ 1282.046073][    C0]  </TASK>
[ 1282.459154][    C1] Kernel panic - not syncing: softlockup: hung tasks
[ 1282.465933][    C1] CPU: 1 UID: 0 PID: 3515 Comm: kworker/u8:8 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1282.477166][    C1] Tainted: [L]=SOFTLOCKUP
[ 1282.481617][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1282.491860][    C1] Workqueue: events_unbound toggle_allocation_gate
[ 1282.498518][    C1] Call Trace:
[ 1282.501808][    C1]  <IRQ>
[ 1282.504678][    C1]  dump_stack_lvl+0x100/0x190
[ 1282.509473][    C1]  vpanic+0x552/0x970
[ 1282.513476][    C1]  ? __pfx_vpanic+0x10/0x10
[ 1282.517993][    C1]  ? __entry_text_end+0x1020b5/0x1020b9
[ 1282.523569][    C1]  ? do_raw_spin_unlock+0x145/0x1e0
[ 1282.528811][    C1]  panic+0xd1/0xe0
[ 1282.532558][    C1]  ? __pfx_panic+0x10/0x10
[ 1282.536996][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1282.542675][    C1]  ? __pfx_printk_trigger_flush+0x10/0x10
[ 1282.548446][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1282.554107][    C1]  ? wq_watchdog_touch+0xec/0x1a0
[ 1282.559198][    C1]  ? watchdog_timer_fn.cold+0x5/0x25
[ 1282.564509][    C1]  ? watchdog_timer_fn+0x702/0x7a0
[ 1282.569839][    C1]  watchdog_timer_fn.cold+0x16/0x25
[ 1282.575071][    C1]  ? __pfx_watchdog_timer_fn+0x10/0x10
[ 1282.580648][    C1]  __hrtimer_run_queues+0x142/0xa00
[ 1282.586258][    C1]  hrtimer_interrupt+0x3e5/0x940
[ 1282.591353][    C1]  __sysvec_apic_timer_interrupt+0x10b/0x460
[ 1282.597381][    C1]  sysvec_apic_timer_interrupt+0x9e/0xc0
[ 1282.603060][    C1]  </IRQ>
[ 1282.605991][    C1]  <TASK>
[ 1282.608920][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1282.614929][    C1] RIP: 0010:smp_call_function_many_cond+0x58e/0x1700
[ 1282.621724][    C1] Code: 00 fc ff df 48 8b 54 24 08 49 89 d5 49 89 d4 49 c1 ed 03 41 83 e4 07 49 01 c5 41 83 c4 03 e8 f9 7f 0c 00 f3 90 41 0f b6 45 00 <41> 38 c4 7c 08 84 c0 0f 85 63 0f 00 00 8b 45 08 31 ff 83 e0 01 41
[ 1282.641359][    C1] RSP: 0018:ffffc900106ef870 EFLAGS: 00000293
[ 1282.647449][    C1] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff81fcd9ed
[ 1282.655569][    C1] RDX: ffff888033cc9ec0 RSI: ffffffff81fcd9c7 RDI: ffff888033cc9ec0
[ 1282.663574][    C1] RBP: ffff8880b8443180 R08: 0000000000000005 R09: 0000000000000000
[ 1282.671562][    C1] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000003
[ 1282.679547][    C1] R13: ffffed1017088631 R14: 0000000000000001 R15: ffff8880b853c700
[ 1282.687579][    C1]  ? smp_call_function_many_cond+0x5ad/0x1700
[ 1282.693774][    C1]  ? smp_call_function_many_cond+0x587/0x1700
[ 1282.699884][    C1]  ? __pfx_do_sync_core+0x10/0x10
[ 1282.704956][    C1]  ? __pfx_smp_call_function_many_cond+0x10/0x10
[ 1282.711318][    C1]  ? __pfx_text_poke_memcpy+0x10/0x10
[ 1282.716735][    C1]  ? __pfx___text_poke+0x10/0x10
[ 1282.721752][    C1]  ? __pfx_do_sync_core+0x10/0x10
[ 1282.726812][    C1]  on_each_cpu_cond_mask+0x40/0x90
[ 1282.732038][    C1]  ? kmem_cache_alloc_from_sheaf_noprof+0x39/0x190
[ 1282.738570][    C1]  smp_text_poke_batch_finish+0x337/0xc60
[ 1282.744336][    C1]  ? __pfx_smp_text_poke_batch_finish+0x10/0x10
[ 1282.750621][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1282.756281][    C1]  ? arch_jump_label_transform_queue+0xc0/0x120
[ 1282.762569][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1282.768227][    C1]  ? find_held_lock+0x2b/0x80
[ 1282.772955][    C1]  arch_jump_label_transform_apply+0x1c/0x30
[ 1282.778979][    C1]  jump_label_update+0x37a/0x550
[ 1282.784010][    C1]  static_key_enable_cpuslocked+0x1bc/0x270
[ 1282.789950][    C1]  static_key_enable+0x1a/0x20
[ 1282.794844][    C1]  toggle_allocation_gate+0xfe/0x2d0
[ 1282.800171][    C1]  ? __pfx_toggle_allocation_gate+0x10/0x10
[ 1282.806184][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1282.811849][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1282.817515][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1282.822432][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1282.828199][    C1]  process_one_work+0xa0e/0x1980
[ 1282.833191][    C1]  ? __pfx_process_one_work+0x10/0x10
[ 1282.838596][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1282.844532][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1282.850203][    C1]  worker_thread+0x5ef/0xe50
[ 1282.854868][    C1]  ? __pfx_worker_thread+0x10/0x10
[ 1282.860009][    C1]  ? kthread+0x13a/0x450
[ 1282.864275][    C1]  ? __pfx_worker_thread+0x10/0x10
[ 1282.869437][    C1]  kthread+0x370/0x450
[ 1282.873540][    C1]  ? __pfx_kthread+0x10/0x10
[ 1282.878152][    C1]  ret_from_fork+0x72b/0xd50
[ 1282.882769][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[ 1282.887904][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1282.893558][    C1]  ? __switch_to+0x800/0x1100
[ 1282.898276][    C1]  ? __switch_to_asm+0x39/0x70
[ 1282.903071][    C1]  ? __pfx_kthread+0x10/0x10
[ 1282.907686][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1282.912519][    C1]  </TASK>
[ 1284.095921][    C1] Shutting down cpus with NMI
[ 1284.101125][    C1] Kernel Offset: disabled
[ 1284.105457][    C1] Rebooting in 86400 seconds..