last executing test programs:

12m53.236636821s ago: executing program 2 (id=21):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000100)=<r1=>0x0)
prlimit64(r1, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000300)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_REG(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)={0x14, r5, 0x4c466994d56c53cd, 0x70bd27}, 0x14}}, 0x8000)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000200)=[{0x6, 0x1, 0x7, 0x7fffffff}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000280)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x75}]}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xfffffffffffffee4)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0x7, 0x9}, 0x50)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000001000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b70300000000ffff850000000400000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r7}, 0xc)
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000000)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaa000800c500001c006700000001907800000000ffffffffe000907800000000"], 0x0)
r8 = geteuid()
quotactl$Q_SETQUOTA(0xffffffff80000802, &(0x7f00000019c0)=@loop={'/dev/loop', 0x0}, r8, &(0x7f0000001a00)={0xdeee, 0x1, 0x1, 0x3, 0x400, 0xc, 0x9, 0x1, 0x8000})
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f0000000380)=[{&(0x7f0000000040)=""/174, 0xae}, {&(0x7f0000000100)=""/29, 0x1d}, {&(0x7f0000000180)=""/28, 0x1c}, {&(0x7f0000000280)=""/248, 0xf8}], 0x4)
syz_usb_connect(0x6, 0x0, 0x0, 0x0)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0)

12m47.932213263s ago: executing program 2 (id=28):
syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000002900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000010, &(0x7f00000022c0)=ANY=[], 0x1, 0x6d0, &(0x7f0000001340)="$eJzs3cFvHFcdB/DvrNeOt1TBaRMaoSKsRCpIEYkTK4VwwSCEcqhQVQ49W4nTWN0kVeKitEKQAoITEof+AQXJNw4IiXtQuHApt159rITEJeIQ9bJoZmfXu/Y6Xif2OoHPJxrPe/Nm3vzmN29mvOusNsD/rctn0ryfIpfPvHG3rG+sL7Y31heP1M3tJGW5kTS7sxQ3k+JBslS2FwNTBubbfLx66a3PHm583q0166laf6q/3exYIY/Yx716ynzd3/zILafH6r/bVxVeXkxypZ4Pmxm3r6EVy6Sdrudw6Drb3NvL5jte78Czr/d0KrrPzW3mkhfqJ3P1O0F9d2hMLsKDsae7HAAAADynPr112BEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA86f+/v+inhr1PPMpet//P9NbVpefQUtjr3n/QOMAAAAAAAAAgMn4+qM8yt0c7dU7RfU3/1NV5Xi+6CRfyvu5k5XcztnczXLWspbbOZ9kbqCjmbvLa2u3z/e3LI3e8sLILS9M6ogBAAAAAAAA4H/SL9Pa/Ps/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8C4pkqjurpuP1PHNpNLPZlnvJP5PMHHa8e1CMWnh/8nEAAADAU5l9gm2+/CiPcjdHe/VOUb3m/0r1enk27+dm1rKatbSzkqv1a+jyVX9jY32xvbG+eKOcyvpwv9//957CmKl7mKpqo/Z8slqjlWtZrZaczZUqmKtpdPd9OjnZi2cgrgEflTEV36uNGVmzTmu5s9/v9C7Cvhh+K6LxmDVbm8El/Yws1LGVWx7rZqCo3qhJtmZi17PTHKrNVb1O9/d0Po3+Oz/HDyDnL9Tz8nh+c6A536t+JhqpMnGhN/rKa+bxmUi+8dc/vX29ffPd69funHl2DmkXUzss3zomFgcy8cpznYnmHtdfqDJxol+/nB/lJzmT+byZ21nNT7OctaykU7cv1+O5/Dn3+EwtDdXe3C2Smfq8dM/ZODHN54dVaTmnqm2PZjVFbuVqVvJ69e9CzufbuZiLuTRwhk/sGHd1bNVV39h61ffO9N9GBn/6m3WhvLv9dvMut/S4I95pdO6X7r2/zOuxgbx2R/3D/lrHBq6DhYEsvdTLzvTIzp/k3tj8al0o9/GrXZ4TkzVXZ6K8gHpPiV50L3cz0ayeRdvH+R865XZp3+x0ri+/t0P/97bUX6vn5bBa/9pua/eMPhX7qxwvL2W2vpMMj46y7eX+XWagrbM5lrttw0/ccrsTVVtR9K7UH+dWNQC2X6kz9e9w23u6ULW9MrJtsWo7OdA29PtWbqWdqxPIHwBP4h9v94tzeWGm9a/Wp61PWr9uXW+9MfuDI9858upMpv8+/d3mwtRrjVeLv+ST/Hzz9T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDk7nzw4bvL7fbK7dGFxs5NQ4VWti7Zqecjo/sp6i/0GWNfz0VhNsnQkup7jiYeRmtrGNsKnV8kE89P70sER6/zu7LQ3DaiRhWWhpb8eXuHH+0xwmK86+IAC41MdqdTGT0ADvGmBEzEubUb752788GH31q9sfzOyjsrN6cvXry0cOni64vnrq22Vxa6Pw87SuAgbD70DzsSAAAAAAAAAAAAYFyjPhhw6sXdPjQy1mc8/M9CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYF9cPpPm/RQ5v3B2oaxvrC+2y6lX3lyzmaTRSIqfJcWDZCndKXMD3RX544N0Ruzn49VLb332cOPzzb6a3fWTRj3f2eNbk9yrp8wnmarnT2GovytP3V/xn94xlAn7otPpLD1dfLA//hsAAP//P3v0tA==")
symlink(&(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
mknod$loop(&(0x7f0000001280)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x40, 0x0)
r0 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)
unlink(&(0x7f0000000200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

12m47.260509955s ago: executing program 2 (id=30):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf5c5d000)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f0000000f80))

12m41.89318595s ago: executing program 2 (id=35):
syz_mount_image$vfat(&(0x7f0000001040), &(0x7f0000000040)='./file1\x00', 0x2000040, &(0x7f0000001080)={[{@rodir}, {@uni_xlate}, {@shortname_mixed}, {@utf8no}, {@fat=@errors_remount}, {@utf8no}, {@fat=@codepage={'codepage', 0x3d, '874'}}, {@uni_xlateno}, {@rodir}, {@utf8}, {@uni_xlate}, {@shortname_mixed}, {@uni_xlate}]}, 0x2, 0x370, &(0x7f0000001200)="$eJzs3T9oXHUcAPDvu7vcJYWaDELR6XQTpLSKgy6mSIViBq0c/ls8aGr1EoUcHlyGXrMojoqLoJNbBx07i4OIWwdXK0hVXMxkocUn997du79pUzCx6ucDLb/3/X2/vz+XRy55JL+8vhqtcwtxfnf3eiwuJlFZfWY1biSxEqUoR+5SAAD/JTfSNH5Pc1ng6dtlf3QkFvJW9VBWBwAchOz9/42j+UVt8G8/9psHANxzZr7/n+/5udF3DmxZAMABGnv/T7LAwxPdU4/5K8XPBAAA/14vvvLqc6fWIs7W60sR8X6n0WnEU6P+U+fjzdiI9TgRy3ErIn9QkD8t6P//7Jm10yfqfT+vRKNf0WlEbPY6jfwrhVPlrL4WJ2M5Vgb1aVFf7tefzOrrEXGpl80fm0mnsRBHBvP/cCTW4+iF5bh/pj7izNrpP9I0zQZobA7rexE7sTjcRH/9x2M5rpayi3PRr83HKsXSIGltor5zuZblAQAAAAAAAAAAAAAAAAAAAADAQTi+VK0PrBTn36Sbvc57ZwcJ9dn+7HyfvHtwPtBOfj5QWhuezvNBefp8oMnzeTqNSpT+0Z0DAAAAAAAAAAAAAAAAAADAvaPdrUZzY2N9q93dbo0a1Y1e3ij1I29/+8XXSzGd81Z5FIlKPtxEziAW3e1WOSL6XeUoytOiPC1nOVPL6JfkkSSal68UKx7PqRW72G41d6/mF6NxasOuIpJUipyjD/306cyk3e3Wn6NIOYquxfbsCrvbyWD+sa7N+/JQP9Lbmlu1RyNpdx8bRJJi75M519I03av84iezI8diRGXmA/d3NL65fuGBx9vHnmgnlVbzq8GhD488uvzStY8//7XV3IgkqpHtorrVvpXe/RTJ6B4ddiUx2XXncXZGkZ2tdrdZ/v63lx/88Ls8UhreG+Vol+aUp+ORd/ee68vpSDVv9JdZ3cdOF+bc/PMbr92cuMMXpl6f25cf+2y1eeXij78MX8w7VY19knBQBwAAAAAAAAAAAAAAAAAAHIqx3xW/C0++cHArAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDDN/r7/2ONnZnIfho3ezHbVVvfau85+dKhbhUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP+xvwIAAP//3y5mJw==")
r0 = syz_open_dev$loop(&(0x7f0000000000), 0x6, 0x2400)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000480)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_misc(r1, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x14, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d960001000000000000000000007efff100004000", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c527d3d458dd4992861ac00", "f4bd000000801900", [0x8, 0xffffffff9673e35d]}})

12m39.585554805s ago: executing program 2 (id=38):
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000340)="662e9ff36c2665f6358ec8f30f1ec66480e22e0f20d86635200000000f22d80f0051ed0f01c4", 0x26}], 0x1, 0x54, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x2000, 0x7f, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x100, 0x5, 0x8, 0x2, 0xffffffffffffffff], 0x0, 0x200})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

12m39.146755009s ago: executing program 2 (id=43):
syz_mount_image$vfat(&(0x7f0000003880), &(0x7f0000000e80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="757466383d302c756e695f786c6174653d312c696f636861727365743d63703933362c757466383d302c696f636861727365743d6575632d6a702c73686f72746e616d653d77696e39352c726f6469722c73686f72746e616d653d77696e6e742c73686f72746e616d653d6c6f7765722c696f636861727365743d63703835322c636f6465706167653d3836332c757466383d312c73686f72746e616d653d77696e6e742c6e6f6e756d7461696c3d302c757466383d302c757466383d302c756e695f786c6174653d302c0073c904e2a76d482b6e7b03a84f97bcec00c06f1fa2250a21a609a4864d1a98d8047f6b7b56861ebe2fbe8243fa8b5f0c36f5e759ab4533ca22754acec999a182ae219cd2e30105793e258b19cab3a61416f09d11b498caeaaf18ce6717e62d265b59fc057680323f8e3c4cf3864ac63012225dbcc674c2090083dc082b24fdb2500e9b5e1382da09eef259a70d5ca350b53fa5a8da313b03ed453ec5783ae9ea21cd47fa70b2f9694ae7a8b4b3a298af9b0ff3575afb1273d176ecba979a0400b0c3bd9c5f56fbd14102197c8f"], 0xfd, 0x2a8, &(0x7f0000000240)="$eJzs3c9qK1UcB/DfpGkSdZEsXInigC5cXW7vE6RIL1zMSslCXah4b0GaILRQ8A/GrgRXblz6BILQnS/hxjfwAQR3dlE4MslMk9Q07UDT+ufz2fT0nPOd8zuTaUsXOfnw5fHB0zz2T778LTqdLBr96MdZFr1oROXrWNL/LgCAf7OzlOKPNFMnl0VEZ3NlAQAbVPvv/+nGSwIANuydd997a3cw2Hs7zzvxePzN8bD4z774Ohvf3Y9PYhTP4mF04zwiXZi1H6eUJs280IvXx5PjYZEcf/BLef3d3yOm+Z3oRm/atZx/MtjbyWcW8pOijufL9ftF/lF048UV6z8Z7D1akY9hK954baH+B9GNXz+OT2MUT6dFzPNf7eT5m+n7P794vyivyGeT42F7Om8ubd3xSwMAAAAAAAAAAAAAAAAAAAAAwH/Yg/LsnHZMz+8pusrzd7bOi2+2I6/0ls/nmeWz6kKXzgeapPihOl/nYZ7nqZw4zzfjpWY072fXAAAAAAAAAAAAAAAAAAAA8M9y9NnnBx+NRs8Ob6VRnQZQva2//nVOp6n+Qs+rsT7Vnq/VKJtrloitak4WsbaeYhO3dFuuazx3Vc0//lT3gp3r52wXa3VucRfVy73QE1VPtvoeti8md6qH5OeqJ6WUWnHD1VtXDaVaj19r5VC39t1ovTBtTNbMieyqwr59Zf5zWQ5ll3fRWrrPS43tsrEQv/Rs1Hqe//67InNaBwAAAAAAAAAAAAAAAAAAbNT8Tb8rBk/WRhupvbGyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBOzT//v0ZjUoZvMLkVh0f3vEUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+B/4KAAD//+KpXP8=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0)

12m38.81863006s ago: executing program 32 (id=43):
syz_mount_image$vfat(&(0x7f0000003880), &(0x7f0000000e80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="757466383d302c756e695f786c6174653d312c696f636861727365743d63703933362c757466383d302c696f636861727365743d6575632d6a702c73686f72746e616d653d77696e39352c726f6469722c73686f72746e616d653d77696e6e742c73686f72746e616d653d6c6f7765722c696f636861727365743d63703835322c636f6465706167653d3836332c757466383d312c73686f72746e616d653d77696e6e742c6e6f6e756d7461696c3d302c757466383d302c757466383d302c756e695f786c6174653d302c0073c904e2a76d482b6e7b03a84f97bcec00c06f1fa2250a21a609a4864d1a98d8047f6b7b56861ebe2fbe8243fa8b5f0c36f5e759ab4533ca22754acec999a182ae219cd2e30105793e258b19cab3a61416f09d11b498caeaaf18ce6717e62d265b59fc057680323f8e3c4cf3864ac63012225dbcc674c2090083dc082b24fdb2500e9b5e1382da09eef259a70d5ca350b53fa5a8da313b03ed453ec5783ae9ea21cd47fa70b2f9694ae7a8b4b3a298af9b0ff3575afb1273d176ecba979a0400b0c3bd9c5f56fbd14102197c8f"], 0xfd, 0x2a8, &(0x7f0000000240)="$eJzs3c9qK1UcB/DfpGkSdZEsXInigC5cXW7vE6RIL1zMSslCXah4b0GaILRQ8A/GrgRXblz6BILQnS/hxjfwAQR3dlE4MslMk9Q07UDT+ufz2fT0nPOd8zuTaUsXOfnw5fHB0zz2T778LTqdLBr96MdZFr1oROXrWNL/LgCAf7OzlOKPNFMnl0VEZ3NlAQAbVPvv/+nGSwIANuydd997a3cw2Hs7zzvxePzN8bD4z774Ohvf3Y9PYhTP4mF04zwiXZi1H6eUJs280IvXx5PjYZEcf/BLef3d3yOm+Z3oRm/atZx/MtjbyWcW8pOijufL9ftF/lF048UV6z8Z7D1akY9hK954baH+B9GNXz+OT2MUT6dFzPNf7eT5m+n7P794vyivyGeT42F7Om8ubd3xSwMAAAAAAAAAAAAAAAAAAAAAwH/Yg/LsnHZMz+8pusrzd7bOi2+2I6/0ls/nmeWz6kKXzgeapPihOl/nYZ7nqZw4zzfjpWY072fXAAAAAAAAAAAAAAAAAAAA8M9y9NnnBx+NRs8Ob6VRnQZQva2//nVOp6n+Qs+rsT7Vnq/VKJtrloitak4WsbaeYhO3dFuuazx3Vc0//lT3gp3r52wXa3VucRfVy73QE1VPtvoeti8md6qH5OeqJ6WUWnHD1VtXDaVaj19r5VC39t1ovTBtTNbMieyqwr59Zf5zWQ5ll3fRWrrPS43tsrEQv/Rs1Hqe//67InNaBwAAAAAAAAAAAAAAAAAAbNT8Tb8rBk/WRhupvbGyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBOzT//v0ZjUoZvMLkVh0f3vEUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+B/4KAAD//+KpXP8=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0)

8m41.768569744s ago: executing program 1 (id=555):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f066bbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000006e80)=[{{0x0, 0x0, 0x0}, 0xa8}], 0x1, 0x10020, 0x0)
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x3, 0x5, &(0x7f00000006c0)=ANY=[@ANYBLOB="180200008000000000000000000000008500000027000000040000002a0000009500000000000000"], &(0x7f0000000680)='GPL\x00'}, 0x5d)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r3, 0x0, 0xe40, 0x0, &(0x7f0000000180)="5becbc0e0d7cca6073a4f11d1b00", 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')

8m38.408569883s ago: executing program 1 (id=564):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
setpriority(0x0, 0x0, 0x2a14b58)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9)
timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xfc778000)
write$nbd(0xffffffffffffffff, 0x0, 0x0)
fcntl$lock(0xffffffffffffffff, 0x26, 0x0)
getresuid(&(0x7f00000000c0), 0x0, 0x0)

8m37.90490274s ago: executing program 1 (id=566):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0xc, &(0x7f0000000140)={[{@grpid}, {@jqfmt_vfsv1}]}, 0x2, 0x53a, &(0x7f00000011c0)="$eJzs3c9vI1cdAPDvOPHmR7NNCj0AArqUwoJW6yTeNqp6YXsBoaoSouLEYRsSN4pir6PYK5qwh+yReyVW4gT8B9w4IPXEgRs3kDj0Ug5IC6xADRIHoxlPEjexE7dJ7ST+fKTJzHszO9/34n3veV5kvwBG1o2I2I2IaxHxdkTM5vlJvsXd9pZe99HThyt7Tx+uJNFqvfXPJDuf5kXHv0k9k99zMiJ++L2InyTH4za2dzaWq9XKVp6eb9Y25xvbO7fXC3lOeWlxaeHVO6+Uz62uL9R+++S762/86Pe/+8qHf9r99s/SYs38/Hp2rrMeh4pnjpnk95npyBuPiDfOfOeLYzz//8Plk7a2z0XEi1n7n42x7NUEAK6yVms2WrOdaQDgqkuf/2ciKZTyuYCZKBRKpfYc3vMxXajWG81bs/UH91cjm8Oai2LhnfVqZSGfK5yLYpKmF7Pjw3T5Y+n3Knci4rmIeG9iKjtfWqlXV4f5xgcARtgzR8b//0y0x/9OZ/8rGABw4UwOuwAAwMB1jP9zwywHADA4nv8BYPR8gvHfpwMB4Irw/A8Ao8f4DwCj59Tx/9FgygEADMQP3nwz3Vp77e+/3v+m7turlcZGqfZgpbRS39osrdXra9VKaaXVOu1+1Xp9c/Hlg2Rje+derf7gfvPeem15rXKv4rsEAGD4nnvh/b+kg/7ua1PZFh1rORir4WorDLsAwNCMDbsAwND4PA+Mrj6e8U0DwBXXZYnetnyCIOl1wWOLv8JldfOL5v9hVJ1l/t/cAVxun27+/zvnXg5g8IzhMLparcSa/wAwYszxAz3//p/r+RUhj/u4+d1PXh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4DGayLSmUsrXAd9OfhVIp4npEzEUxeWe9WlmIiGcj4s8TxYk0vTjsQgMAZ1T4e5Kv/3Vz9qWZo2evJf+dyPYR8dNfvvWLd5ebza3FNP9fB/nNx2n+VHOrfG0YFQAAOu2vu/nBYVY2fpfzfceD/EdPH67sb4Ms4pPXI2JyKou/l2/tM+Mxnu0noxgR0/9O8nRb+n5l7Bzi7z6KiC/s138y3u2IMJPNgbRXPj0aP419/dzjd/7+j8YvfKy+hexcui9mv4vPx5HCAad6//V2P5m3vbSJ5+2vEDeyfff2P5n1UGeX9n9pc9071v8VDvq/sWPxk6zN3zhIn1ySJy//4fvHMluz7XOPIr403i1+chA/6d7/Fl/qs44ffPmrL/Y61/pVxM2u9d9fkbqWdbPzzdrmfGN75/Z6bXmtsla5Xy4vLS4tvHrnlfJ8Nkfd/vnHbjH+8dqtZ3vFT+s/3SP+5Mn1j2/0Wf9f/+/tH3/thPjf+nr31//5E+KnY+I3+4y/PH235/LdafzVHvU/5fWPW33G//BvO6t9XgoADEBje2djuVqtbJ1ykL7XPO0aB/0fpM/2F6AY2UHsRpzXDbNJiYjoek36jvpiVPmzOkiGFv03533DYfdMwGftsNH3vuavgywQAAAAAAAAAAAAAABwTGN7Z2Oi+6e1zu1g2HUEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg6vp/AAAA//9W1cZQ")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@nfs_export_on}]})
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000380))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)
timer_create(0x0, 0x0, &(0x7f0000000240)=<r0=>0x0)
r1 = getpid()
r2 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
quotactl_fd$Q_GETFMT(r2, 0xffffffff80000400, 0x0, 0x0)
r3 = syz_pidfd_open(r1, 0x0)
setns(r3, 0x24020000)
mkdirat(0xffffffffffffff9c, 0x0, 0x40)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x2a05404, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
umount2(&(0x7f0000000040)='.\x00', 0x2)
rmdir(&(0x7f0000000000)='./file0\x00')
timer_settime(r0, 0x0, &(0x7f0000000340)={{0x77359400}, {0x0, 0x989680}}, 0x0)
clock_gettime(0x0, &(0x7f00000003c0)={<r4=>0x0, <r5=>0x0})
clock_nanosleep(0x0, 0x1, &(0x7f00000004c0)={r4, r5+60000000}, 0x0)
syz_mount_image$vfat(&(0x7f0000000880), &(0x7f0000003200)='./file1\x00', 0x4604, &(0x7f0000003240)=ANY=[], 0x3, 0x335, &(0x7f0000000a40)="$eJzs3M9rG0cUwPEnWZYlGVs6lJYWiof20l4WW+25VBQbSgU1tlVqFwxre9UKbSWjFS4qpbZPvZbccwrkYHz0zZD4H/Alt+SSS266BHKICSEb9pf107asyJFjfz8QdjQzTzujGYW3i1f1X///s5i3tLxelXBMSUhE5EQkJWEJhPxj2C1HpdmOfD3+4vHni8srP2Wy2dkFpeYyS9+klVKTUw/++ifudzsck+PUav15+tnxx8ef1t8s/VGwVMFSpXJV6Wqt/LSqr5mG2ihYRU2pedPQLUMVSpZR8drLXnveLG9u1pRe2phIbFYMy1J6qaaKRk1Vy6paqSn9d71QUpqmqYmE4ALOgi7omT6j1wc8GlyRSiWjj4hIvKMltzeUAQEAgKFqz//DTkrfV/4vk27+73Ru5P/7XxxVx385mDx0Ylfrh9Fu+f+3T7z3asn/YyLST/5/Vy6R/3dmRLdLbm+h//wf18NUtKMq1PLKyf8T/vfXtfvb/rRbIP8HAAAAAAAAAAAAAAAAAAAAAOBDcGLbSdu2k8Ex+Nd4hMB/jRvprPUfE5GYs/o263+TLS6vSMx9cM9ZY/O/rdxWzjv6HY5ExBRDpiUpr9394HPKwZNHypGSh+a2G//KOY64LZm8FNz4GUlKqj3etud+zM7OKI8ff/qYUqI5Pi1J+ah7fLo13hn/9lYuKl992RSvSVIerUtZTNlw93Uj/t8ZpX74OdsWH/dOAgAAAADADaApFfIvn1Ot17/e9bumKdW93fuVkUzevU10xv0B7/p6uuv1eST5WWTYswcAAAAA4Hawan8XddM0KucU4nJxn/4Lkd46R9tqRs/rPNI0w17HE3VvZIi867zu9fipthSCP6RoaYr5lf2NJ5j/wNZrp7kmLD1ERdoHP+VUqEuefdefyGlNcNsoesbnLPOd7xM+ZyeMDmw/f3Ln/svBfUG+Owh2wMWdd/s9V6x917mF0av+fwcAAADA+9dI+oOa75ubQ0MZFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAt8yV/KRfW2HYcwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACui7cBAAD//5Oa+gc=")
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, 0xffffffffffffffff, 0x0)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x20048001)

8m37.439373145s ago: executing program 1 (id=569):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000980)={'syz1\x00', {}, 0x22, [0x0, 0x0, 0x0, 0x10001, 0x8, 0x0, 0x0, 0x0, 0x4, 0x0, 0xfffffff9, 0x0, 0x0, 0x2, 0xfffffffd, 0x4, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0xfffffffe, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0xffffff35, 0x5, 0x100, 0x8, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0xfffffffc, 0x0, 0x7, 0x0, 0x7], [0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, 0x2, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x400003, 0xfffffffc, 0x0, 0xffffff2d, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x3, 0x1, 0x0, 0x0, 0x5, 0x800, 0x0, 0x0, 0x0, 0x200, 0x8, 0x0, 0x5, 0x0, 0xffffffff, 0x400, 0xffffffff, 0x58, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x800000, 0x0, 0x6, 0x0, 0xfffffffd], [0x0, 0x0, 0x0, 0x0, 0x0, 0xfffff800, 0x0, 0x0, 0x1fc00, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x3, 0x9, 0x7, 0x2, 0xe0, 0x0, 0xfffffffe, 0xfffffffc, 0x0, 0x60, 0x0, 0x0, 0x0, 0x0, 0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9c9, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x1000000, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x800000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x8, 0x47e9a9e5, 0x10000000, 0x10000000, 0xfffffffc, 0x0, 0x0, 0xfffffffd, 0x8, 0x1, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x10000008, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x2, 0x0, 0xec200, 0x0, 0x0, 0x0, 0xfffffffe, 0x65, 0x0, 0x0, 0x4, 0xffc, 0xfffffffc, 0x3, 0x2, 0x4035e83d, 0x0, 0x0, 0x1]}, 0x45c)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000300)=[{0x6, 0x9, 0xfb, 0x7fff0000}]})
close_range(r1, 0xffffffffffffffff, 0x0)

8m37.116894175s ago: executing program 1 (id=570):
ioctl$int_out(0xffffffffffffffff, 0x5462, &(0x7f0000000080))
truncate(0x0, 0x2fffffd)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$inet6(0xa, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
ptrace$peekuser(0x3, 0xffffffffffffffff, 0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000197, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0x739d, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000bc0), &(0x7f0000000040)='./file1\x00', 0x300001a, &(0x7f0000003740)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c646d61736b3d30313737373737373737373737373737373737373737332c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c2c756e695f786c6174653d302c726f6469722c726f6469722c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d312c6572726f72733d636f6e74696e75650000000000000003667365743d30121df478303030383030303030303030303465302c757466383d302c0077b5b28056fc4549d277ed7fab6b0be27ef17f888ccab55cccc917ad315c8ea56f5a89c104f92d058b92f5881e69e06002f5914c03fefbeb09121733eaf5ded73df976fbd4cfcb8b70b0bf44da1b46bc3935431d5e60a641f9e4ebbf71c77fc9a810ce726b8c6d6295a5f2e2b069b95ba8ecce52ded99b829232fdd05d7b21f9b9941055ed28c37d5e1ec11cdbcabb8a89ebf2cf2771d69e3cf0e676cc6e5b2e542e426bceaab9b2cf261046247bce0565b43a6ca8137aba85fe39756814fda1f0624b33a2025792a477ccfff09befb1d0cf1599d272628028b9786e1fbfb3d637c2561421488c9de8d3739a94bf13ac582f6b67de0cad933631794271b2259fe5d73a74ad7da615c31505c7c0c168052d38e5b64c4bb7d0599e5dcf0000000000000000000000000000002790cf17418aa278cfc0c9d1c81c63e58b877706a4b7eed8a5aff253298db2939adc0efdab4745ab0e09ef8beaaf04e5374c2e7e4656e47fe5a25502919954242f8d771fc2acf14f2cee04696a9d84091f20646210edf871d3f20ad66fcf4b816323b8abb307381d32da887dcc71e35f364baa1b93fd5ee36c02aa4628511442992ced893ab924472440b53fc08cc41403e167b1f2605e04d5f0c16ed49969b50800000000000000893f64421a40f4822ffcc284dfe9ae1c6e4a04293c970f2dae776decf07b085eb5fdeda7d365b0f86c7fcd8df00a87f4dbbf8e623667e3b65e4c487055a2e5cd64402a4de537bf113fc7370099e4faebe6ea9d4f155f8f5f4c5f9b205ce1bbc8c0002a19457e05a210d9e9820bc7f318ebfdfcc22f83150503b2c7fb0340a249135057f87882717e166ef509c14fdcf38f63141e4ed36737c6e55498b350f41c8caed3e347c149162b4c6ed629be8eaaa25d59747816197aff2cf68a42d73e8146c72fedb130521de285872a4ca5353cc354a0b0e2ce57275b34276d28d91b2c0c2fa1041f818ea96f65a3000057dfb8858c268c5a000f01000000010000000360236584faaf1a4d4fabd3b68929729fd006fa91186ac3d0d222e00c77ad726cdc16c8456d6f598254bda7c72b24a6b213162cd6e6f205d16a083b5bf85cd0ea669c5fb5535a49d95389c186be0d5d6aaf673c3b675e34dbc89407aa23b2cd4f0d7674421b4896983d79be4da0fae78339ce15085998a17aaf3158b0cf1c7c1322b944e316711ed73c720ac25fea464ea96fdf6be3f67430188cb9f1ea81316df61c875ff59c8ffa9ffe954ccb28f037ca003109618cff0ec917fc7abe19b6a10a0eae6c72b067e2ffffff7f042466d68ce5d192fae5bdea0b94a9bfbd0efae746ff081eb028e5566a25db8f43ddd07c39db9bed547448fa00c94a0420da4bf03b7deb1399148b3b77268ab867c2509cfce576a477f96eb5f1bd9d7dacdddcbb80400f33d79c861e453bdaa847455877361253b3a242b5854b0d28b47cf37cd515396839509f4da0d6c19ae9d3a052210a5c1d4c75273fa05693d79a463dcd94e60850043027ad28b52cf82ff6c63aff270e89c3d310e13ef7565a26eab1bcad6b26136dbee95b303851b41b619b7bc15316c83cddc57cfa5540ab542c6f7eda25e0ef2641e34d8a61905f919ce96663c2967cba470bae1e3334bec127870982103357136f6d05b940d6ad32843aa2053e3de1a7fa81b13e482bcc895b9f43fd77e8c6b1c3beb3422b16c6c957bc22e80d70b024597f146147fe0928df427c2b37e406f7eca3e74cd61a83c6959eba6fbe582291faaf44346ccd8a7f4b5f6cc3de36f3a1", @ANYBLOB="ad02cadf3e58894c4522482cf3752794fe3532daed3c835282338acae756f9a3ff87577de6c66e2e7a651cf2a5fb80d50da25117bd74596bf2c402d8740158ecf68db60e523b0f08eba55cf35f94e69b2eef2dd9e9091349f35758122e3887a967224a89588a7487b1012d05f6f3b8fb198316e51a7f623f272441b93e5c86751ad59a22cd35394ebe6ce6b1b1543302772e36b6f479856e717b6c7cc2915c946b167ab1b861855a71603b7309be28e9f46d61dbb231c2daed79f475b1178f9c608b34e2babd54e9b57934510e8dba48b7cd236ab5e0066ef4d43c5fb23eefd9b72943f8ff9eab170827686bb1d87e86725fd34b53131808046828aed213d423d8802dfabe587be50d2209424e4adcc9bfb56c5c5c0644301826c78f07a6ccfc8f8fd303eaf323cc1b107881f4bf77f4f82f5fb390d6f2cfa22027f9d6053dbf0442fa1a857544f82904875c2a310be0aefbb2653a47a2e33f63c0889006dab401107cd6ac3be57ffcc4d3724e0a6a746c21642ced2694e554908fd1d648747f8a9730401b2344ae5f3e4bfc25e51edef06e6b87eaff7669695a410da25b013fdcc3525637ab96bc12e8ae21b038183f0f82bce941051b93927ef017cff81d25b76a18c23e4a653ba1de17450217d7a7dec87c2cf73b7d8a971d8044681475b63c1370fee9140e3550bff228bd0b6236936df70214ad0fd0d52311d7a5e1326b54d695bb026c39ab032b3ce67bd882373a5d19f95b27f0b2f9bb80182a75e1e4e92d1f3f9b61d65fa0d4cb2eb3e63acd2cbedde5f9c9c4cb4ed55c977cba3f27464a1832380a98434938c42f2c3f5b727c20903790da670793b4cac945b7ddb8e278dbf1bec394e7058890b3fdb89bd8ea33eb6a12308e67b3878ebac948ad6afbc39f4af25b550f4b718235cc571e8121dbaeeeb5758f36726116bffd7ed2156ba67cbec2f907620ec54da0a188f62f2f0a9d3c5f4bf589146afadd5937e180625a0b1474b58dcd95bf83e60b87f337a8ce503341a1898c60e39755a1888df27d79ea4a61318a3cf67ece32999c16ece473c965776f8380b1bc3cb4ba19a0ce4c0d1eaf649a07803111961b96cecb27d9b6b248ecc4472625f7a1edfd0b74e3c36f3fd3b7b011a62c2e0c8fa6e4be99b10c97d51fa2d0cb34dc347d6ca2c0f1f76fb7dc83a5e1cdf3b6400d6ffa41b18719956c4551139dac72e69642006333f2aa1a4f8f0cc075299cf7191321819c6e4fd538f802f4ac0ecd17975acab52a68bd36d65d35fca9772b08827a403da6995b772f21e52bf72f736a583a091623c31bf53364fa6db83afabe41f1085f81111e0cb60664dd46c6ce4ddea67c3df740abe0497845caf14de7dd48e7c4ab4ea1c686f93a099ae25d25915a2f7f077dced90e6b57864fe9cbabdfbd3bc0667e60e900d549d89af396378b708e9adbf3b037c901100e2b95685fdeededd259b05109f75fb57f2d99fe21296613b4f38391f178f0925200e9053d3da305d5b353ab409b370f353ba8c3ad7275a31b9bfbad220b81e92ed7208b2605f189cfd9545eee72cc8a9275b6f0058ee6efa26696881cd497d87ffd16c8e958626ec5389d900ba4767780bfb930aab4218ef5056aca8e8f7099ce629480d9fbcb7e9597e1e846a3309f22014a7fd4c2853db96783f0b18db03ab929752ff3a29797957c93435453860ecc01006d04c303f9cec041f9ec0fca7a9a4ce3ce56824a974155272a2b16f27906ad7e78dca2a691942ea711401179558f18e653df5a5db24d0129597cc7c4e0e6bcc24ae26adc3c0dd5d125dca7c2cf513aa8b8e3d72df985ca0afd4d73294d05974000623d3724cf52bb0a5c1d6c14434cc359820734ed07eb9b51e125ba921cde60cc9c93df2b93c830cc968afc689971312692e00b12ba077f6e768883f06cae88dcc7dbbf0b2a9e26627d9ed6669212a6c8872124b4bbc93f4c3a65c15c1fa6220e69d7566de3a8fb0cd0df5b278826ebe83d395a064d8eb7776263ae1269999671b457686e3f868f519f2326d580eff500bfe132807e6aee9c851dd3014e57d5e8168ae598fac96e3e5da3e293ce412b9d641dd7257a6b2f91cf2407cd6f465ab0e6eddd154c6cbee56101742876b024aa805f1ce6ce3ac7038970325e8086485abe389467c870c5444eb02cbe4e9ff7bc09235ce59b8ee6ef3293ae27ac98007706c27eaa377d0ab6de97ec6f18f6e528deab24fcd01df48291555875af25aae8eadd36b4f584b975604d7c40e105a90bac5ace9f91122919cd6bd4d4028c0769b2026ea6eeadb8b7387898911c0216e8bab4c89265dbef2f5adc5356932c11c8f1ed35d9a83e5a31c42bf8135c09ab604b0ddc2c2036543ba707ee906230ea985ab3dd76a1483bda83e34ddde98925bd76a6e1374793e57dc46badb94b37dffb8ea5d1d4e614f20b711df652fe6420be4178f8abd0975a7ae2d41a63528872d55286accc2be535bd2040bdd63003c733acb26c72ac2d55048892a1962ac12ff86d069dd54e512b799039abec87f5b63cfc55d029e35cb31997d5bef8bf4f0dfb800d1c2aa6dd88d3fffd0e4874906756fa5159c0ff5ea735ccd111f21c966fc2cb843cb82a782f35930aabe88e96788942488f84b61edd363c242d63fca4508c768996dc75633706c1903a260fab45eb41dffcf370f8ab062b61c69e285d037925f2d998e420e54c4cc6f096a3578593cf26da3cc444903c577fbd14f2bcd547f32a3870f55103ebc6a370880193567c7966c6977e21b6b26206d4ba8b7266ec9835b10bd56df6621b9bd13fccf100671cb35a8d9d26612d71327916f82072899697e6db54cca42a593dfba28a3e70b00fad8df95be35c9720cf522770c7757c8b1420abf93b7ff527af67218620c1efda9f861b403deeb097633af9435ddeccc6e2edcbf3529a11bd7a698d39eaec711958329695d56e58f707ca7d8fce404e44d766a52cbd44093740f987a34040f021e76b0bf3f27bb8a5c5692b6fd7f036c2d7af58f47b622ce768e27c02f36059afd26e316b5c53699a6fb8e7be0f234badc08933707aaf899d17d0de950e85e12449eeaab6d9a376a1a53ca0bc4d40707106dad0c17eb9f08ad3bf9f199cc881a2c1caca821e6ad1579b78731509fd087fe80cb44536d8ee2bfb98f1bca25a21a161c716e6c59c503f6ff1656bddb9f254528c02cbf85826586946d51fa380be9772c40712a9084b3248ce5dd375d7cb64ed232e4297bde07b6dac3cb19584eb226c4c683fdeb94461d468b259651b5095ac736c30324960ce8db6385d631c1f44bf8dbe624dcc7de5d8debc16acc03ff8c6255e7ccb928e98b5defa815702ec00b14912d382c1cc9cd8d72448d239adf6bebdba5d1e6c0cf151b2f1212513ed8c920193b5a795fa02a561a2cb0fefe167cbfd140ef42f5366a8b82c7726661d9c0780899218b07c5aae0aed7404d0506661021922e50e36814c8dcb3635d682b8008a90ee9eb5f514b736bc436a283e0b389e3f2dba242b6192c1871f5af43ee87cdb7cacf03d0450f19ac14ec01c80147bfaac37cc11e916300694bdf17189182f8e51465b35afa5157e3892f5eb74e8cfe3b9581694ceeea3d1d0f129f250312a84a150f84a20e7502738af17821d21d47822d53541d5df331434a459cc3804ef391193925fba9247a4ae59d0edb2b62a9ae28a077826bae07b69fa865dd0ec85bf8141d863b25eebdc4ec1f6d38d01215d424e5377e87b03fa5d440ac2144d7cdafdf84ccf03702c4af54efff1dacf795df4e54fb852756b339b8db881093a996292e97c4c275a312647fab874abf403adad47d622e7bd5436ad2db5f5f238d16cf60b9e9eb4fcea78fca2266c995a68587f0c51cb9c5ef73439b0a4c3d7117969099b8023bf9b1979809742a6a2fe72af4cf65c7ada1b21d02fcfd4a240ca0325b085da43b38f53d0c2e1fd62e290f3ff4fcfff4cbf8265b498d45a778d35b29966d8c3e7ec696716e6d9ee3271383ddecad829e7751c7f42e4db0a39237ee9eb5ee772858144d19980125e4b218a91f20509ebb8b724d91cc352da8e84257b32ad8b9252aa6f893e4eded151c1be10b40118ffb9de200a288ee446e2f5fa4d899d210897d8bde4b654c3605b57c1c0e90b2f41ac9e912665a8596b1e36995d37c041b2cd9d2b542749474ef779cf5ff8de5e7b0be4dc392ca89ffda5755c3d16802f08a2bebf94787f806763ebb0f58cca1578aa9005aedb9a21b613f82b5bfc0d26a14bce42bf99ff48a0852aa30e8e78fdcbd38a675346f1a6fd6043aa7ffb4165a6d8d589250e4434a02408a2cc1c47969411c4001c1e07f8b8801be31b83edee84f56077b922f802fc9982c5d4f2c720fdee497e2bee3540ce2d1aed14b98bba152d3867b64091a5f78a4d9e7995222bf85c9cb14b65567283e8645019e238613e9a5ecda211aeb83e4e775409358ac32061414d40592f77d02283eb43b204fa6220a02f4843d7a6666303c9726f5fd262dd760bd1185bad90985f47fbd27c9d8ffc3fe535d5bf79461dd561343fc2c7b9d8887ea6bd22d0a41ee4ff8fe039b7c12e6ad0b988ee9f728ba697ba8064d3a6f11ec2baf2bd89427cb0688bf38416e57b1abc50a3299a1390e372884fe15ddff4c13a755a26b8caa9c0c406a177f54af22ebb8e9b40a91ba95446572c4217888e952ac0d33cfa29925dda0fc328e634480dae7819c12d6452da843c9a903eba215457abf2d39cc6d4aafc2fdd8e4743bc8a62f7ab8578e7712b8c9d61b0e735f0485937e5106547385451c4291bfd6eacebf0820e4754d46678574f69b238adfd1dc3823ae60930cb842aed6f0e4dab0ccaa86426331daa415bc0ca0d8b2ee2d83c1f712d1ee1df8ae2ecb4d156d258e42247a4522bb9f9b123f03900db675547211801f9279a07cb435193e1cb5419644711bcf49bf42266ddf5b390f939709f4f75f8476c34816786f32157a16d6a7eae02790eb51de49a3d70519623c6c2830c4122f8fd95b9492940aa4991932b7d1f1562bfa274af43781fbde5fff3012fcf67e7363a3e4e9006925cd75b4bba474e2aa23f53a45d15435366d9d8a090c44ebb89133b77415d7d36804ac1328a886314f1ab3b7321f178b98aa7db591bcd24dda8e85183d82b1baa88dec757c00b796e687c1ab08a4fda216d0cbfaf0e32ac080e890600d4ef4a94db3c58372d0d75d6e67a3de3a2b291591cb48f0b3cf48af6979a67014bc42f707a55c8a05b1a3ff25f02d2166c2d295b82d7fd4f2ef5966dadfac4afa15d023cd372611a02b415c329b0b265e97f1f4c861da5ebb55bb2876aec6c6b17a55120a7b88b5c5910cf98b8cfedd3988531f862802a044ae18a801bd4bc46b644e13843ce33b2c201684216e17143b38eaa5d806c104b6cb3fbc6d2848f479394430700f69dc0226bff88efd5d6acc9f428c013c1ab023cd809081c60c896200d7dce46ebefbd1cab819e5fb3ad4e0824cf068561a8a0264bc3d86e1763051de1b67e5a029d264c4a89b278e9926d2c2d7172d7cbf64fe555353a41a4764342e729e9e496f2f3f81be12521d0b76a52af74862f6b7a1258826520c9b91603b74daec136abfcd2c8c65782a11c124e727651ccd12a3dfd91a47477d86f681a4ec17eed859ed56bfc19e5187cf54f99151ab551a685aa0e181f7897fe10bae2316ea90dbb956b50f7800316ad9d0916ad72661c2d33e66d34953041c5d7b0cd5e7a72e6cab95282e86c282ed3468db6f8d9351b391e3589fae4"], 0xfc, 0x2b6, &(0x7f0000000100)="$eJzs3U9rK1UUAPAz+ddUFwniRhEc0IWr8urWTaM8QexKiaBuDL4+kKQUWghYwdpVP4FL8Wu4defabyC4Fdy1i8rIZGaaxCZttP+g/n6b3t57z52TOUOyyskXr+0On+0lcXz6W7TbSdS2YivOkuhGLSrfRSMAgMfjLMvizywimsX/ycqRjdrdZQUA3KXi87/w0LkAAPfj408/+7C3vf30ozRtxyudk3E/iYjdk3G/WO89j69iFDvxJDpxHpFdKMbvf7D9NBpprhtv7h6N++O583t/xPokfjM60V0cv5kWyvh+RP63GS9EGr3nzeqoTry8OP7tBfHRb8Vbb8zkvxGd+PXL2ItRPIs8dhr/7Waavpd9f/rN5/ll8vikFv21yb7SekRWv7eiAAAAAAAAAAAAAAAAAAAAAADw6G2kaVK075n078mnyv479fPJ+kZa6c735yniL/oFF/2Bsihb9Bxl8UPVX+dJmqZZuXEa34hXG35YAAAAAAAAAAAAAAAAAAAAAHIHXx8OB6PRzv6NB/XhYFR1A6i+1v9fD9yamXk9DoeD+vID11a/1my3gTzXKzdHoxG3cFuuH8TP63k+S/b8WOb7709emxb3kzK8KsytvoqX3r3IMC2Xqps8HCTXXatdFe6n2aVWrJxGkszNTGo72tnPJo/EeTZf0/aSm9m6hbuRP6OtFxcu/ZVl2WrnvPN7UaNyJpm02FgtjWY5WPq0tC/X4pflBy59y6jf9D0HAAAAAAAAAAAAAAAAAABYbP6L0/9wfGVo7c6SAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB7Nv39/2rQjoj5mUuDozL4qj3loBX7Bw/8EgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPgf+DsAAP//tERGig==")
truncate(&(0x7f0000000080)='./file1\x00', 0x3)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x84042, 0x1fb)
write$P9_RUNLINKAT(r3, &(0x7f0000000000)={0xfffffffffffffecb, 0x4d, 0x1}, 0xffffffd7)
syz_emit_ethernet(0x165, &(0x7f0000000000)={@local, @local, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "6410a6", 0x12f, 0x0, 0x0, @private2, @empty, {[], "223427d5c9a46b9fa14172170a013589317d2af31ba55431762f462a5abc3f46494ee91bfca594d52f8c3785143e92da5d2d81edc09f68f122fbf741257bf1319408347a17c89212dfe27a0fc65362487e5afe673f0954f60d9d08b61276ce0b3aa520b5f30a9f52c4aa53fc003f8570383ca63530d93b78a7875338b3d7645ef2c24ab05db63cfdcde7b3cac2248c9d1c73d0d4382b3f520ad6e9be698eaa9bf5b939ce09919c9485c4725690ee2483315829a196f85a5ae552ebe19a2d6768ce2a6bf60fbb53104c7919b7cf28fa555fc9460df11e72eddebb2fc4eb6f83b16e0d65307e4210dfc209f0c68df65b57f420fd215546b798af6b6ab7bfb2fe6bd6142f877852717370b1ca39d199c149c3ead97c4e16229ce4c08a111a0fc64651c21e9174dd72442a9ae2a42d9433"}}}}}, 0x0)

8m35.697408301s ago: executing program 1 (id=572):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x3a09007, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)='./file0\x00')

8m20.507418275s ago: executing program 33 (id=572):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x3a09007, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)='./file0\x00')

4m27.175571049s ago: executing program 5 (id=1178):
sendmsg$IPCTNL_MSG_EXP_DELETE(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xd1}, 0x50)
sendmsg$ETHTOOL_MSG_DEBUG_GET(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f00000008c0)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="400001801400020070696d367265673000000000", @ANYBLOB="140002", @ANYBLOB="b39487ce57695430d927980302b4cc2b384450befffac2d74e7f09b6eab8c401b0270bb64370f5fc"], 0x17c}, 0x1, 0x0, 0x0, 0x4008004}, 0x20000080)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="2c385a7af3be", 0x6)
r1 = accept4(r0, 0x0, 0x0, 0x800)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x6, &(0x7f0000000500)=0x8, 0x4)
writev(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f00000002c0)="aefd", 0x2}], 0x1)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb0", 0x49}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x8044)

4m27.029531283s ago: executing program 5 (id=1180):
eventfd2(0x0, 0x0)
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f00000000c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r1, 0xec)
shutdown(r0, 0x0)
connect$unix(r0, &(0x7f0000000200)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r2 = accept(r1, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
pipe2(&(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x80000)
splice(r4, 0x0, r6, 0x0, 0x200006, 0x0)
splice(r5, 0x0, r2, 0x0, 0xa, 0x7)
write(r3, &(0x7f0000000240)="c6", 0x1)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REQ_SET_REG(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000004c0)=ANY=[@ANYRES16, @ANYBLOB="05002d030000fcdbdf251b0000000600210061"], 0x1c}, 0x1, 0x0, 0x0, 0x810}, 0x20000080)
io_submit(0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x0, &(0x7f0000000700)={[{@nojournal_checksum}, {@errors_remount}]}, 0x1, 0x5ae, &(0x7f0000000e80)="$eJzs3U9oHPUeAPDvzGab/sl76YP34L1HD0WFCqWbpH+0emqvYqHQg+BFw2YbSjbZkk20CQHTs0XsQVSKUG968Kh48CBePHrVg+JZKDYoNDnoyu7OpkmapGvMdmv284HZ/f1mZuf7++3Md3ZnmGEC6FlH6y9pxP8i4mISMbhmWl9kE48251teWiiuLC0Uk6jVLv2cRBIR95YWiq35k+z9UEQsRsR/I+KrfMTxdHWR+1qF6tz8xGi5XJrO6kMzk1eHqnPzJ65Mjo6XxktTp5597szZ02dGTo6sbe5KbW0t324vBxqvN364+daNb164ffPjT44sFt8ZTeJcNmV9P3ZTkjX03IbxpzsRrIuSbjeAHclleV5Ppf/EYOSyrH+o/k63DOi0Wn9EDehRifyHHtX6H1A//m0Nj/L/x53zzQOQetzlpYXiG9GK39c8NxH7G8cmB39J1h2Z1I83Dz/KhrInLV6PiOG+vge3/yTb/nZueDcaSEd9eb65oh5c/+nq/ic22f8MtM6d/kWt/d9ytv9b3iR+7sH4+fr+72KbMX57+cf3t4x/vT/+v2n8ZDV+ksWfWPO5NCJebTP+rZc+P7vVtNqHEcdi8/gtyfbnh4cuXymXhpuvm8b44tiR57fuf8TBLeI3z9nub/zMrP3+933QbFPaZv8/+/rTJxa3if/0k9uv/2ST7e9ARLzdZvx/3fvoxa2m3bme3K3/C2hn/a///c3H7TbjP3Pu6PdZ0VlDAAAAAAAAAADYRWnjWrYkLayW07RQaN7D++84mJYr1ZnjlyuzU2PNa94ORz5tXWk12Kwn9fpIdj1uq35yQ/1ULguYO9CoF4qV8liX+w4AAAAAAAAAAAAAAAAAAACPi0Mb7v//Nde4/3/j46qBvarNR34De5D8h961Pv+TrrUDePT8/kPPqsl/6F3yH3qX/IfeJf+hd8l/6F3yH3qX/AcAAAAAAAAAAAAAAAAAAAAAAAAAgI64eOFCfaitLC0U6/WxvrnZicprJ8ZK1YnC5GyxUKxMXy2MVyrj5VKhWJl82PKSSuXqcEzNXhuaKVVnhqpz869MVmanWs8ULeU73iMAAAAAAAAAAAAAAAAAAAD4+xloDElaiMg362laKET8IyIOJ5FcvlIuDUfEPyPi21y+v14f6XajAQAAAAAAAAAAAAAAAAAAYI+pzs1PjJbLpenOFfqyUB0M0X6h78/MHBGLu9uM+hLXjnmznU/lsy+wy1/d3ijkdrQdrjwejd++8F1E7N4Cu7hTAgAAAAAAAAAAAAAAAACAHnX/pt92P/F7ZxsEAAAAAAAAAAAAAAAAAAAAPSn9KYmI+nBs8KmBjVP3Jcu5xntEvH7r0rvXRmdmpkfq4++ujp95Lxt/shvtB9rVytM0Iup5DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANxXnZufGC2XS9M7LPS3MU+3+wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwE38EAAD//2mFzxo=")
r8 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x50)
sendfile(r8, r8, 0x0, 0x800000009)

4m25.962203708s ago: executing program 5 (id=1185):
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="fc0000001900e1f6ddedabc4ac5c000000000000000000000000000000000001ac1414aa00000000000000000000000000000000000000000a00000000000000", @ANYRES32=r0, @ANYRES32=0x0, @ANYBLOB="00000000000000000c00000000000000000000000000000000000000000000000000000000000000ffffffffffffffff000000000000000000000000000000000000000000000000000a000000000000000000000100000006000000000000000000000000000000010000000000000044000500ac1414aa000000000000000000000000000000003c000000020000000a0101020000000000000000000000000600000004"], 0xfc}}, 0x0)
r4 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r4, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c)
sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x36, 0x0, 0x0, 0x20000000}, 0xa}], 0x400000000000172, 0x0)

4m24.734113207s ago: executing program 5 (id=1193):
eventfd2(0x0, 0x0)
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f00000000c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r1, 0xec)
shutdown(r0, 0x0)
connect$unix(r0, &(0x7f0000000200)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r2 = accept(r1, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
pipe2(&(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x80000)
splice(r4, 0x0, r6, 0x0, 0x200006, 0x0)
splice(r5, 0x0, r2, 0x0, 0xa, 0x7)
write(r3, &(0x7f0000000240)="c6", 0x1)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REQ_SET_REG(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000004c0)=ANY=[@ANYRES16, @ANYBLOB="05002d030000fcdbdf251b0000000600210061"], 0x1c}, 0x1, 0x0, 0x0, 0x810}, 0x20000080)
io_submit(0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x0, &(0x7f0000000700)={[{@nojournal_checksum}, {@errors_remount}]}, 0x1, 0x5ae, &(0x7f0000000e80)="$eJzs3U9oHPUeAPDvzGab/sl76YP34L1HD0WFCqWbpH+0emqvYqHQg+BFw2YbSjbZkk20CQHTs0XsQVSKUG968Kh48CBePHrVg+JZKDYoNDnoyu7OpkmapGvMdmv284HZ/f1mZuf7++3Md3ZnmGEC6FlH6y9pxP8i4mISMbhmWl9kE48251teWiiuLC0Uk6jVLv2cRBIR95YWiq35k+z9UEQsRsR/I+KrfMTxdHWR+1qF6tz8xGi5XJrO6kMzk1eHqnPzJ65Mjo6XxktTp5597szZ02dGTo6sbe5KbW0t324vBxqvN364+daNb164ffPjT44sFt8ZTeJcNmV9P3ZTkjX03IbxpzsRrIuSbjeAHclleV5Ppf/EYOSyrH+o/k63DOi0Wn9EDehRifyHHtX6H1A//m0Nj/L/x53zzQOQetzlpYXiG9GK39c8NxH7G8cmB39J1h2Z1I83Dz/KhrInLV6PiOG+vge3/yTb/nZueDcaSEd9eb65oh5c/+nq/ic22f8MtM6d/kWt/d9ytv9b3iR+7sH4+fr+72KbMX57+cf3t4x/vT/+v2n8ZDV+ksWfWPO5NCJebTP+rZc+P7vVtNqHEcdi8/gtyfbnh4cuXymXhpuvm8b44tiR57fuf8TBLeI3z9nub/zMrP3+933QbFPaZv8/+/rTJxa3if/0k9uv/2ST7e9ARLzdZvx/3fvoxa2m3bme3K3/C2hn/a///c3H7TbjP3Pu6PdZ0VlDAAAAAAAAAADYRWnjWrYkLayW07RQaN7D++84mJYr1ZnjlyuzU2PNa94ORz5tXWk12Kwn9fpIdj1uq35yQ/1ULguYO9CoF4qV8liX+w4AAAAAAAAAAAAAAAAAAACPi0Mb7v//Nde4/3/j46qBvarNR34De5D8h961Pv+TrrUDePT8/kPPqsl/6F3yH3qX/IfeJf+hd8l/6F3yH3qX/AcAAAAAAAAAAAAAAAAAAAAAAAAAgI64eOFCfaitLC0U6/WxvrnZicprJ8ZK1YnC5GyxUKxMXy2MVyrj5VKhWJl82PKSSuXqcEzNXhuaKVVnhqpz869MVmanWs8ULeU73iMAAAAAAAAAAAAAAAAAAAD4+xloDElaiMg362laKET8IyIOJ5FcvlIuDUfEPyPi21y+v14f6XajAQAAAAAAAAAAAAAAAAAAYI+pzs1PjJbLpenOFfqyUB0M0X6h78/MHBGLu9uM+hLXjnmznU/lsy+wy1/d3ijkdrQdrjwejd++8F1E7N4Cu7hTAgAAAAAAAAAAAAAAAACAHnX/pt92P/F7ZxsEAAAAAAAAAAAAAAAAAAAAPSn9KYmI+nBs8KmBjVP3Jcu5xntEvH7r0rvXRmdmpkfq4++ujp95Lxt/shvtB9rVytM0Iup5DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANxXnZufGC2XS9M7LPS3MU+3+wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwE38EAAD//2mFzxo=")
r8 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x50)
sendfile(r8, r8, 0x0, 0x800000009)

4m23.185472408s ago: executing program 5 (id=1198):
socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4000008)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x29, 0x41, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r1)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
rmdir(&(0x7f0000000000)='./file0\x00')
tee(0xffffffffffffffff, 0xffffffffffffffff, 0xe, 0x2)
mount$overlay(0x0, 0x0, 0x0, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat$dir(0xffffffffffffff9c, 0x0, 0x20400, 0x20)
chown(0x0, 0x0, 0x0)
mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe)
r2 = openat$cgroup_ro(r1, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r2, &(0x7f0000000200)=0x1, 0x12)

4m22.233413888s ago: executing program 5 (id=1200):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x7, @ipv4={'\x00', '\xff\xff', @local}, 0x1}, 0x1c)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000400)=0x1, 0x4)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), r0)
recvmmsg(r0, &(0x7f0000008bc0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, 0x7fffffff}], 0x3fffffffffffde9, 0x10002, 0x0)

4m6.529828018s ago: executing program 34 (id=1200):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x7, @ipv4={'\x00', '\xff\xff', @local}, 0x1}, 0x1c)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000400)=0x1, 0x4)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), r0)
recvmmsg(r0, &(0x7f0000008bc0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, 0x7fffffff}], 0x3fffffffffffde9, 0x10002, 0x0)

3m14.477001958s ago: executing program 6 (id=1353):
socketpair$tipc(0x1e, 0x5, 0x0, 0x0)
setpriority(0x0, 0x0, 0x2a14b58)
timer_create(0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(0xffffffffffffffff, 0x4008941a, &(0x7f0000000100))
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9)
timer_settime(0x0, 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xfc778000)
syz_open_procfs(0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=@base={0xe, 0x4, 0x4, 0x20002, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x400000, 0x2}, 0x50)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x3ed4, 0x5})
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240)={0x0, <r2=>0x0}, &(0x7f0000000280)=0x5)
setuid(r2)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040), 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$tipc(r3, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})

3m9.784186691s ago: executing program 6 (id=1366):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000480)='./file1\x00', 0x3004050, &(0x7f0000000040)=ANY=[@ANYRES64=0x0], 0x3, 0x1063e, &(0x7f0000020c80)="$eJzs3L1vW1UbAPDHSdOvt2+JEAMLcCWElEjYqtMPUaYArVokWlV8DAghcGzHcmv7RrGbmi6IgQ0xM7KwMfCxsSL+BxYkFiQGJiQ2pCLfc1M1pUCL24Q0v59089xz7vFzn+N4OffaN4A9az777ddKHI1DETEbEUciiv1KuRWWU3g8Ip6KiJlbtkrZf7Njf0Qcjoijk+QpZ6U89NbPz58//cG5Dz/+5scnV7/49vOdmzWw056JiP5a2r/WTzHvpHi57G9sdIvYP7FRxnSgf6Vs5ylea68UGa41Nsc1ini8k8bna1eHk7jaazQnsdNdLfrXBumEw43OZp7iBZcb60W71V4pYneYF7FzPdU1LuP14SjlaZX53ivSx2i0GVN/e9xO81m7UsTmYFT2p7x5qz2exI0ylqeLZt5rFXWs3OENvDF71+/1f9kr3cHVcbbRXh9280F2slZ/rlY/Va2v5632qH2i2ui3Tp3IFjq9ybDqqN3oL3fyvNNr15p5fzFb6DSb1Xo9WzjTXuk2Blm9XjteO1Y9uVjuPZudu/hG1mtlC5P4YndwddTtDbPVfD1Lr1jMlmrHTy9mT9ez1y5cyi69evbshUuvv3PmzYsvXHj5pXLQn8rKFpaOLS1V68eqB2+fz4FP9tT8l+qL0/3/x5Wt7SduJJvt5enS87Cr7HQBALuP9T+wE6z/p1z/PyQewPo3i4hds/795/m//30auTfW/3BPfH4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPasn+a+Pl/szKf2/8r+/5ddj5btSkTMRMSNO5iN/VtyzpZ55v5i/NxtNXxXiSLD5BwHyu1wRCyX2++PpGMAAADAvfvhq8/eTqv19Gd+pwvi3zp01yOzm3vpos3MkXfvUw2ViJib/+U+ZInyYlM8Nn1VyeTzvS/GU2bZrK24gHVw+qqS4pLbvvuV7a7MbgkHbwmVFGa2tRwAAGBbbF0JbO8qBAAAgO300b0M/jI+fXCV8EDdfk+vuJtZfhe//AL/gRTKG4KHtrQAAACAXchP6gEAAODhV6z///75f+OW5/8BAADA7pae/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwB/s3D2O2kAYBuDPgAPkR7GiNNwmJZeIlCOkTJlDcIX0KJTUOUY60uUICCI8E2nNj7S7NkasnkeyBw/w8lmimfFoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK7pT7ma//7543OLiO+H027fTnd3BAAAABzblKt5/aJK129y/7vc9SFfFxExiIhzY/dhvGpkDnNOeeHz5VENvyLqhMNvjPPxOiI+5WP7Pr0HAAAAPN16OVuk0Xo6VbcuiD6lSZvB2y8d5RURUVZ/O0iJPNkUH9tXlRz+36P41jLlf231BNakfVVJPeU26irtUYaNZvKgKVIz6LUcAACgF82RwNlRyLTPegAAALiWr7cugNuon2bmtfh5Af84NfmB4LRxBQAAANyhwjJfAAAAuCvbZ+yPV3/F/n8AAADwsqX9/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALimTbmar5ezRduc3f5EVBGnvRd0czcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8Y3/eUSAEwiAM9q7vTOb+h5UGTU1NqkD4+BuDAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3vzuL/8npsaZZO61sfQ8kqydGlunxt65cfSH8fVrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICL/XlJgRAGYACa6fx0J73/YSVgzyDCe9CSELooAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMATva6T0euz2irjSPJtm0l+nRv+nRq2JO+GvQ/mjR8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADjZuZ/QOKo4DuBvdrPpHxRjjEGiYkVTBTGb3dBCL4IHIXhQD148pummxm6jtjkkJSC5ePPqXW+CRSGX3urRiz0Xgof2WFikQs+V+de8xCRGMbOb9vOBt++3k2HmvVlY9jtvCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMA2vXfDqbKupy8jeV0rtt2+vza/W5+6t9QdS1taJ9UO+8h5oeg/un79k/gaJuP9GxMAAACPn3qZ70MIdxobs2lfG8ny/2S5T5r5157O6zLP75X/b3aaY2X+35z48J1HJxrJz9MIISwsdjvTlc1wYNWeit607m7+EV/DnTs/s9+R6ltlkt+hqWcfW+399ed6jeyqJ9/cuvXecFYe+z8nAQD8N1NlXxTl76O0b/VzYAA8toaKFqL8Xx/p75gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqtBbD2+VdRJCmBjaqlO376/N79bf7DTH7i11s7b5642R+JjpIRohhIXFbme6wrkMstdDO+u7v5x+Kb6GO/e7unrt0ly327mi6Ffx8Kv8oxiU8SgOXqRfWwMwjMMoqv7GAgDgKGsULf2BfKexMZtuS0ZDePjd9vz/RlSHffJ/mf3T9uJK73R8rjj/tyqb4WAr8/9G8tNqfA137tdcvvxF8+rqtbcXL89d7FzsLLXOnTl79txMa2a6md1PabqrAgAAQK6xy7bhosX5vzb69/X/k1EdDpj/P/7+5XZ8rvoTm/9P7PmXMv8/f/739n75f2vR71AHCgAA8ER79tSDP5NdtifDw2Flbnn5Sit/ffS+nb/2Yaj/2rGixfn/+Gi/RwUAAABUobeebFv/vxDV4R/W/8dWfsjaja+nvoyPWS9WwhcWu52p+c+7F6qbzsAq1/8ffDrx28HW/w+v6MP0AQAAqMiJosXr/43s+f/aq+U+tRDCm6/ldfFvAPfI/69se/5/sn3mx/hc8fP/MxXOcRDVxvPrUeb/S+e/ndwr/2f7jocwNN6nwQIAAHDkHS9amv/vNjZmP/v55AfDnv8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+Iv9uUdNIAjjOPzuJCEJpMs9lnycQQQrwcbKxg8QFvYMHsAL2VjZLl5Er6Cos7WVrMXzNP9fMQwzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABP73T3xEtEFJHaTJEGq+/Da0S8RVo3Te/9msXmuK8/bjna7oaXHE/6X/mWzyge/RUAgE6U7eZYLKv5T97fvH95//OW07qadfloAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4swMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04FgAAAAAQ5m+dRscGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABjBQAA///+wog0")
open(&(0x7f00000001c0)='./bus\x00', 0x4c27e, 0x2)

3m3.732733297s ago: executing program 6 (id=1384):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'wg0\x00', <r2=>0x0})
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000140)={0x1, 0x6}, 0x4)
setsockopt$packet_fanout_data(r3, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000000)=[{0x30, 0x0, 0x0, 0xfffff010}, {0x6}]}, 0x10)
sendto$packet(r1, &(0x7f00000002c0)='`', 0x1, 0xc190, &(0x7f0000000200)={0x11, 0x8100, r2, 0x1, 0x19, 0x6, @random="d08463313a3d"}, 0x14)

3m3.354188549s ago: executing program 6 (id=1385):
syz_mount_image$erofs(&(0x7f0000000540), &(0x7f0000000400)='./file1\x00', 0xc, &(0x7f0000000000)=ANY=[], 0x1, 0x1ce, &(0x7f0000000800)="$eJzslc+q00AUxr+Z1KQVn8CNCy94XZgmqYqbC3XjyoXgn+JCsNi0VFMrbRa2IOITuHfnwscQ6taHkCqIguhGXY/MnyRjaYTW1iw8P+jJN5npmTNn4AsIgvhv+fD+51L8OPpUB3ACB/DM+89OsYZb69/Vvz15c/VK5/mdV2+9pd/4PZu38f41AIvLDlIzFkIIe/7APG+A5/omOM4a3QGDb/RdcNwyOgbDbaPvW3os1/t+f5jE/r1x0pMikCGUIZKhtVrf12cMPas+Zs1PZ/MH3SSJJ3sU6zu3+JLXVweOrPrs+/Khqw2s/oXgCI1ugeG60ZfgZb3RLbHOf7JW5Hf+eH4Xf3nsjwCKN/19dtaVW231d4D9k7vfs3CgRHajldezc4HazhIKD6j6OCXidVvfX17qUz3eLE+7ZMrdMI/pfO6f4iXDGcuftJW8UB+LZjp61JzO5ueGo+4gHsQPo6h1MTgfBBeipjIiHddboMrfUP50vMjfKFvrMhePu2k6CXXMx5GO6xyXK//jODyNY3Is3dRdyfsdQLYpMz+unlIdOqXFEwRBVMgpMOXJypczYb4m+YQQ0bWK6yQIgiAIgiAIgiAIYnt+BQAA//9We18t")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000001080)='./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xce04, 0x0, 0x1, 0x0, &(0x7f00000007c0))
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$usbmon(&(0x7f0000000040), 0x1, 0x60000)
ioctl$MON_IOCH_MFLUSH(r3, 0x9208, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000001900)=ANY=[@ANYBLOB="61106800000000006113740000000000bfa00000000000000700000008ffffffd503010017740040950000000000000069163a0000000000bf67000000000000350607000fff07201706000020190000160300000ee60060bf050000000000007b65b0ff000000006507f9ff01000000070700004d83dde4c375000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f17540faf80250aa20c669a5e12814cb1cea5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369226066812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000400c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20ceddf4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10fd7ed6735154beb4000000000000000000000000004000bc00f6746a9709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c1d926a0f6a5480a55c22fe3a5ac00000000000000000000000500002000000000fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e14d90deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b06ff7f0000000000007f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a1f37302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089e0b1c23c0f3cdad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a1a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631d22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0af1cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4c6ea9604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c29984864961a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a09d8be0fc5beecf153236c19740be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081383409ed2912c811ae63f03212a5331c2a4ead000000000000000000000000000000000000000000000000001386866b311bd144bc32e059658c9f8342c90c1ade31b78072841b8b5a943d62a44cea6b050c42e3c205fad6a23fb43c93da0f49d911877265e6ee443e37397ecf89021e7f579e8d3a74c12b52938d91e9de07fc8eeeb9505f4a9c26266bf5449484ccc1317c7476"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb}, 0x48)
r4 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4)
ptrace$peeksig(0x4209, r4, &(0x7f0000000000)={0x1ff}, 0x0)
r5 = gettid()
syz_open_procfs(r5, &(0x7f0000000240)='attr/prev\x00')
openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0)
open(&(0x7f0000000040)='./bus\x00', 0x80242, 0x10)

3m1.452286291s ago: executing program 6 (id=1388):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in, 0x0, 0x0, 0x1000, 0x0, 0xa, 0x20, 0x0, 0x87}, {0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0xfffffffffffffffb}, {0x0, 0x0, 0x200000000000000, 0x4}, 0x0, 0x40000000}}, 0xb8}}, 0x2c000010)
sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="b8000000140001000000000004000000e000000200000000000000000000000000000000000000000000000000000000000000000fff0000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00@'], 0xb8}, 0x1, 0x0, 0x0, 0x404c830}, 0x987a3a9f32358a4c)

2m59.978397679s ago: executing program 6 (id=1391):
syz_mount_image$erofs(&(0x7f0000000540), &(0x7f0000000400)='./file1\x00', 0xc, &(0x7f0000000000)=ANY=[], 0x1, 0x1ce, &(0x7f0000000800)="$eJzslc+q00AUxr+Z1KQVn8CNCy94XZgmqYqbC3XjyoXgn+JCsNi0VFMrbRa2IOITuHfnwscQ6taHkCqIguhGXY/MnyRjaYTW1iw8P+jJN5npmTNn4AsIgvhv+fD+51L8OPpUB3ACB/DM+89OsYZb69/Vvz15c/VK5/mdV2+9pd/4PZu38f41AIvLDlIzFkIIe/7APG+A5/omOM4a3QGDb/RdcNwyOgbDbaPvW3os1/t+f5jE/r1x0pMikCGUIZKhtVrf12cMPas+Zs1PZ/MH3SSJJ3sU6zu3+JLXVweOrPrs+/Khqw2s/oXgCI1ugeG60ZfgZb3RLbHOf7JW5Hf+eH4Xf3nsjwCKN/19dtaVW231d4D9k7vfs3CgRHajldezc4HazhIKD6j6OCXidVvfX17qUz3eLE+7ZMrdMI/pfO6f4iXDGcuftJW8UB+LZjp61JzO5ueGo+4gHsQPo6h1MTgfBBeipjIiHddboMrfUP50vMjfKFvrMhePu2k6CXXMx5GO6xyXK//jODyNY3Is3dRdyfsdQLYpMz+unlIdOqXFEwRBVMgpMOXJypczYb4m+YQQ0bWK6yQIgiAIgiAIgiAIYnt+BQAA//9We18t")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000001080)='./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xce04, 0x0, 0x1, 0x0, &(0x7f00000007c0))
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f0000000040), 0x1, 0x60000)
r3 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
ptrace$peeksig(0x4209, r3, &(0x7f0000000000)={0x1ff}, 0x0)

2m59.159968605s ago: executing program 35 (id=1391):
syz_mount_image$erofs(&(0x7f0000000540), &(0x7f0000000400)='./file1\x00', 0xc, &(0x7f0000000000)=ANY=[], 0x1, 0x1ce, &(0x7f0000000800)="$eJzslc+q00AUxr+Z1KQVn8CNCy94XZgmqYqbC3XjyoXgn+JCsNi0VFMrbRa2IOITuHfnwscQ6taHkCqIguhGXY/MnyRjaYTW1iw8P+jJN5npmTNn4AsIgvhv+fD+51L8OPpUB3ACB/DM+89OsYZb69/Vvz15c/VK5/mdV2+9pd/4PZu38f41AIvLDlIzFkIIe/7APG+A5/omOM4a3QGDb/RdcNwyOgbDbaPvW3os1/t+f5jE/r1x0pMikCGUIZKhtVrf12cMPas+Zs1PZ/MH3SSJJ3sU6zu3+JLXVweOrPrs+/Khqw2s/oXgCI1ugeG60ZfgZb3RLbHOf7JW5Hf+eH4Xf3nsjwCKN/19dtaVW231d4D9k7vfs3CgRHajldezc4HazhIKD6j6OCXidVvfX17qUz3eLE+7ZMrdMI/pfO6f4iXDGcuftJW8UB+LZjp61JzO5ueGo+4gHsQPo6h1MTgfBBeipjIiHddboMrfUP50vMjfKFvrMhePu2k6CXXMx5GO6xyXK//jODyNY3Is3dRdyfsdQLYpMz+unlIdOqXFEwRBVMgpMOXJypczYb4m+YQQ0bWK6yQIgiAIgiAIgiAIYnt+BQAA//9We18t")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000001080)='./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xce04, 0x0, 0x1, 0x0, &(0x7f00000007c0))
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f0000000040), 0x1, 0x60000)
r3 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
ptrace$peeksig(0x4209, r3, &(0x7f0000000000)={0x1ff}, 0x0)

14.020998656s ago: executing program 4 (id=1826):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x29, 0x41, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r1)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
rmdir(&(0x7f0000000000)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file2\x00', 0x207)
mount$overlay(0x0, 0x0, 0x0, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat$dir(0xffffffffffffff9c, 0x0, 0x20400, 0x20)
chown(0x0, 0x0, 0x0)
mkdir(0x0, 0xfffffffffffffffe)
r2 = openat$cgroup_ro(r1, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r2, &(0x7f0000000200)=0x1, 0x12)

13.841385521s ago: executing program 4 (id=1830):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
open(0x0, 0x80, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0xa, 0x26, 0x0, 0x0, 0x5, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x6)
r2 = getpgrp(0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000040)=0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000240)={@mcast2, 0x1c2, 0x2, 0x3, 0x4, 0x179e, 0x1}, &(0x7f0000000480)=0x20)
msgget$private(0x0, 0x0)

9.918627569s ago: executing program 4 (id=1832):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mremap(&(0x7f00001a6000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000440)={0x0, 0x0})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0e000000040000000800000007"], 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x16, 0x6, 0x6, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x10}, 0x50)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f00000000c0)={0x2, 0x4e21, @multicast1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000400008500000001000000850000000e00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000000c0)={r2, 0xffffffffffffffff, 0x60000000}, 0xc)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)

7.168694618s ago: executing program 4 (id=1839):
clock_getres(0x8, &(0x7f0000000100))
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x42795000)
read$msr(0xffffffffffffffff, &(0x7f00000003c0)=""/16, 0x10)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCSETS2(r1, 0x402c542b, &(0x7f00000001c0)={0xfffffe01, 0x0, 0xeffffe01, 0x7fff, 0xb2, "fe6fa820010000040000000000000000ab1400", 0x7f, 0x10})
ioctl$TIOCL_PASTESEL(r1, 0x541c, &(0x7f0000000000))
connect$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)

6.936708506s ago: executing program 4 (id=1840):
capset(&(0x7f0000000500)={0x20080522}, &(0x7f0000000200)={0x200002, 0x200003, 0x801, 0x4, 0x7})
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x6, 0xc, &(0x7f00000008c0)=ANY=[@ANYBLOB="180200000400000000000000000000008500000041000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

6.756336221s ago: executing program 4 (id=1841):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x11, &(0x7f0000000080)={[{@errors_continue}, {@grpjquota}, {@min_batch_time={'min_batch_time', 0x3d, 0x5}}]}, 0x0, 0x639, &(0x7f0000000380)="$eJzs3c9vG1UeAPDvTJwfTXabtFrtbi/bSKtVK+02adJ2VSEkWnGtqvLjxik0aVWaNlUSBCmVSKVyASEuHJA4caD8F1CJKweuHLhwQKhShFAPFBVqNPY4sfPTcWI7jT8faeI3M86876T9+j0/vxkH0LGGsx9pxJGIuJVEDFbtK0S+c7j8vEe/3LmcLUkUi6/8nMSdd5PF6mMl+eNA/st/DEbybRpxuGv9utOIqdm8PDp/49bo3MLtE9duTFxNYurm+P/Hz545febs2MkdnV+hqnzh3htvDb5/8bXPP32SjH3x/cUkzsXTPLbsvMqlnuXn9+6o5uxvNhxDUcw8Xtmaln6e3eGx94pfB2v/xplk9Qb2rCsR0Z0v/4jB6Kr61xyM915qa3BAUxWTKLdQQAdKts7/7rWb+poTDNBClX5A5b39yvvgzaRN7pUArbB0vjxIVs797oio5H+hPDYYfaWxgf5HSc04TxIROxuZK8vq+Obri/eyJWrG4YBmW7xbGeVe3f4npdwcir7SWv+jtCb/06ol2/5yg/UP54+VKOQ/tM7i3Yj4Z97+90TD+f96g/UPr1qX/wAAAAAAANC4B+cj4n/rzf9Ll+f/9Kwz/2cgIs7tQv1bf/6XPswLyS5UB1RZOh/x/Jr5v79Xzw4e6so/5/9raT5Ad3rl2vTUyYg4GBHHo7s3Wx+rPWzNBOETHx7+ZKP6q+f/ZUtWf2UuYH6oh4VVF+JOTsxP7M7ZQ2dbuhvxuDT/92i+pXb+T9b+J2va/w9ezBL8Vp11HP7P/Us1G35ceXnYOv+BZil+FnFs3et/Vrrbyer7c0xdrb4/x2ipPzBa6RWs9a93Pvpyo/rlP7RP1v73b57/vVlpbuH29Ynp6anZue0dvyciTi0Uihvtb7T/35O82hVVd+t5e2J+fnYsoie5ULU9LW8f317MsF9V8qGSL1n+H//35uN/y/3/qjw8EBGLddb596cDP2y0b/P879vBmQJbyfJ/cvP2f6i2/d9uoS/G7w99ld9ibI1LdbX/p0tt+vF8i/E/qLb2fhz1JmhbwgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAZ1waEX+JJB1ZLqfpyEjEQET8LfrT6Zm5+f9emXnz5mS2r/b7/wfL60nl+/+HqtbHV62fiohDEfFx14HS+sjlmenJdp88AAAAAAAAAAAAAAAAAAAA7BEDpWv+i72rr//P/NTV7uiApivkj/IdOk+h4d8s9u5qIEDLNZ7/wLOuEPU2491NjgRotY3b/8dPiiUtDQdoIf1/6FwN5r+PC2Af0P5Dp6pzTK+v2XEA7VB3+7/U3DgAAAAAAIBdcejog++SiFh87kBpyfTk+0z2h/0tbXcAQNuYwwudqzDT7giAdvEeH0iWS7+te7H/xrP/k+YEBAAAAAAAAAAAAACsceyI6/+hU6Wx2Xd/mtsP+9km1/+vl/xuFwD7yMZf/VFP25/oIcAzzHt8YKt23PX/AAAAAAAAAAAAALAH9N2+PjE9PTU7t9DqQm/s9DgvtDzmXSgsTuyJMHa18HSr5xzM/7dt78jdEbE3TrDVhcotONoYRhtfkwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgBp/BgAA///adyde")
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f066bbeeb, 0x8031, r1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000002100)={&(0x7f0000002140)=ANY=[@ANYBLOB], 0x20}, 0x1, 0x0, 0x0, 0x4e0c4}, 0x20004090)
io_submit(0x0, 0x4, &(0x7f00000024c0)=[&(0x7f00000021c0)={0x0, 0x0, 0x0, 0x7, 0x100, 0xffffffffffffffff, 0x0, 0x0, 0x8f, 0x0, 0x2}, &(0x7f00000022c0)={0x0, 0x0, 0x0, 0x0, 0x2, r0, &(0x7f0000002200)="03380bef53851856d3cca43f59ec21ad0fe3292815d49b9bba57bf01f58415579cdbc2ca7038a7271f2d83d885f6a329540af5002364a6cab2ddbb612badbeda1c51e1e6b749a9b217f4c87f4b5d3d", 0x4f, 0x80}, &(0x7f0000002340)={0x0, 0x0, 0x0, 0x4, 0x3, r4, &(0x7f0000002300)="e59144cd0f4fc3d8b9eb4cf5d91e40db143e879ba77b9f41dcb21fd0560206209bce0aaabe83a2a40473b6aea9388fa63b", 0x31, 0x30b, 0x0, 0x2}, &(0x7f0000002480)={0x0, 0x0, 0x0, 0x2, 0x3, r5, &(0x7f0000002380)="1bd25491126939b71aaf67dfdde3cb5a1203991c8fefbd2a5423498316085f0cf3c05325ad0148146c36f0ebbc8f76815603b48c60d9198578237a214e852fb6d8a8c1add9ed7a4859173817238569b1d85899f4b5019f8ddf792034661eaf7dfa97a30a498e170ad2ee3a20dea01ecb245a74ec5ba905dac9c4bb6c0ba595343b9644d852849a85f95c9d10415f00e64a39b8ab262c0bda1fddef741060aab69a95a0bdee6a1e277fae2423d61531234ba00f4b620c7f7da2d1777e783aedc657182709e81960256a0f7e91a83f0fc2a151d103109d3223926f3c", 0xdb, 0x8}])
r6 = syz_open_procfs(0x0, &(0x7f0000000000)='net/netlink\x00')
read$FUSE(r6, &(0x7f0000000080)={0x2020}, 0x2020)
socket(0x2b, 0x6, 0x2)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003f80)=ANY=[], 0x1, 0x2fb, &(0x7f0000000180)="$eJzs3M9PE1sUwPHTn7QlUBYv7+W95IUb3ehmAtW10hhIjE0kSI0/EpMBptp0bEmnwdQY0ZVb4x/hgrBkR6L8A2zc6caNOzYmLmRhrOl0hpYypQVGivD9JGQOc+6h93aG5Nym7dad148LOUvL6RUJxpQERES2RUYkKK6AcwzacVRavZCLg98+/n/r7r0b6UxmckapqfTspZRSanj03ZNncWfY+oBsjjzY+pr6svn35r9bP2cf5S2Vt1SxVFG6mit9ruhzpqEW8lZBU2raNHTLUPmiZZQb+VIjnzNLi4tVpRcXhhKLZcOylF6sqoJRVZWSqpSrKvRQzxeVpmlqKCHoJrsyM6OnD1k87/Nk8JuUy2k9JCLxPZnsSl8mBAAA+qq9/w+K8rP/Xz23URm8vTbs9P/rUa/+//Knxt/a1f/HRMSz/3cf37P/1+v9f1h67f/3dkRny5H6f5wMo9E9pwLNsJ4sp/WE8/9re3l/dcwO6P8BAAAAAAAAAAAAAAAAAAAAAPgTbNdqyVqtlnSP7k89FxOR1t/bhETk6vHPGH7qdP0Hul9/nALND+6Fh0XMV0vZpWzj6AzYEBFTDBmTpPyw7wdHPXY/eaTqRuS9uezULy9lQ3YmnZO8XT8uyYi019dqU9czk+OqYXd9RBKt9SlJyl/e9SnP+qhcON9Sr0lSPsxLSUxZsOfRrH8+rtS1m5m2+rg9DgAAAACA00BTOzz375rWKd+o39lft78+EGrur8c89+dh+S/c37UDAAAAAHBWWNWnBd00jfI+QVy6j2kEkR7GtAfhgww+QOCusNcq970MPk+jt8B98F2pmHPS96clcICnpUMQlMNUjdZXo466Cvdlo05jZHqi51WI+Hkp/3nz9rt/98aVtViXlR4+CO1/A0Sct38BAAAAOEWaTb97ZqK/EwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Aw6ju+36/caAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJPiVwAAAP//FZkC4A==")
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f0000000040), 0x208e24b)
open(&(0x7f0000000200)='./bus\x00', 0x14507e, 0x1)
r8 = open(&(0x7f0000000400)='./bus\x00', 0xc40, 0x0)
ioctl$BLKROSET(r8, 0x125d, &(0x7f0000000080)=0x3f)
fdatasync(r7)

4.160649076s ago: executing program 7 (id=1850):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x29, 0x41, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r1)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
rmdir(&(0x7f0000000000)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file2\x00', 0x207)
mount$overlay(0x0, 0x0, 0x0, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat$dir(0xffffffffffffff9c, 0x0, 0x20400, 0x20)
chown(0x0, 0x0, 0x0)
mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe)
r2 = openat$cgroup_ro(r1, 0x0, 0x275a, 0x0)
write$cgroup_int(r2, &(0x7f0000000200)=0x1, 0x12)

3.991051121s ago: executing program 7 (id=1852):
syz_open_procfs(0x0, 0x0)
listen(0xffffffffffffffff, 0x8)
ioctl$int_in(0xffffffffffffffff, 0x5452, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file1\x00', 0x0, &(0x7f00000003c0)=ANY=[], 0x3, 0x174, &(0x7f0000000240)="$eJzsmD9PwkAYxp9rESJxcMZBE0lEI6UtalxMJPEDmOCfsEGkErSIQgdh85MYv4CLu/GjKJMLo3NN2wNOouKgJsbnN7z3vNe317u3ydOkIIT8W3pPL48XvcaKDmAGaSTk/LM+qtGU+tVssTl3vZ28K9+WdlL3/fH1BADf//rzYwAeCjo8mfv+27vTctyDNtT70LAs9SEEDKnL0HAgtQOBktQnim4G9YZxXHcd46jpVgNhBsEKgh2E/Pj++lcCVWV/Qrne7nRPK67rtH5QTOpfv6BhS9mf+r4GvTGV/lnQYEmdh0BR6k0kBr2JWqKcPxUbra//8vkpKCj+mhj5k38jsKT4U0zxj5zXOM+1O91svVGpOTXnzLbzG+aaaa7budCIoviJ/02H/pRU1p/6oDYu4riseF7LiuIwt6P4nuPGQ//TkFmMciHnVMLvwaxYCIaMLnNCCCGEEEIIIYQQQgj5duYhwr+gE7B3w+rXAAAA//9nP3XZ")
ptrace$setregset(0x4205, r0, 0x1, &(0x7f0000000100)={&(0x7f0000000040)="dcef58b7f29c1f7c93d183044aedba283413e674c7719c33a4b17f028f68610a6c55bb2bf8282853f3e16f8394a8676ff55a3507e2ad50248c6130863b0f7433c7fbc9b978a39eae88bffd05d139cedbee444f7c98e1f92b0f64462b4b470bedced2125e0b1f38fbaa348c6d75aa1a4011e9cdae15ecb9309b0101edbf6dd6d111d6132f1821a4e4cbec8438c571a70e7ca7b0451a6cc55c", 0x98})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0xd, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4)
ptrace$setregset(0x4205, r0, 0x1, &(0x7f00000001c0)={0x0})

3.71360835s ago: executing program 7 (id=1854):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
open(0x0, 0x80, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0xa, 0x26, 0x0, 0x0, 0x5, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x6)
r2 = getpgrp(0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000040)=0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
iopl(0x3)
msgget$private(0x0, 0x0)

2.838184079s ago: executing program 7 (id=1855):
r0 = syz_clone(0x4200000, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = fsopen(&(0x7f0000000180)='proc\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x200)
r2 = fsmount(r1, 0x0, 0x1)
fchdir(r2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="6c0000000203010200000000000000000100000a080003400000040008000340000008000800010001"], 0x6c}, 0x1, 0x0, 0x0, 0x20000001}, 0x4004080)
sendmsg$NFQNL_MSG_CONFIG(r3, 0x0, 0x4040800)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0x8880, 0x85)
getdents64(r4, 0x0, 0x0)
wait4(r0, 0x0, 0x40000000, 0x0)
r5 = fsopen(&(0x7f00000014c0)='proc\x00', 0x0)
fsetxattr$trusted_overlay_upper(r4, &(0x7f00000001c0), &(0x7f0000000200)={0x0, 0xfb, 0x5e, 0x3, 0x1, "a4e7bceb6967cc95f0f3956faf9abb37", "3da0bd1219ddda3e2715c343be58945d92f935b6b96aecabbf7cc2c9a2fd2246491e528fdf2a3f1910745d46d659d4ed581b3f73b80aa398010ed779efde08f4b576b5e1492a14cb4e"}, 0x5e, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r5, 0x1, 0x86)
fchdir(r6)
r7 = openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0x200c80, 0x85)
r8 = syz_usb_connect$cdc_ncm(0x0, 0x8f, &(0x7f00000000c0)=ANY=[], 0x0)
syz_usb_control_io$cdc_ncm(r8, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r8, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r8, 0x0, &(0x7f00000003c0)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000080)={0x20, 0x80, 0xfffffffb, {0xff, 0x2070, 0x1000, 0x3, 0x4, 0x8000, 0xfffd, 0xec, 0x3906, 0xfffc, 0x5, 0xfb}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r8, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r8, &(0x7f0000000900)={0x14, 0x0, &(0x7f00000008c0)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
lseek(r7, 0x101, 0x1)
getdents(r7, &(0x7f00000002c0)=""/201, 0xc9)

2.79679569s ago: executing program 0 (id=1856):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mremap(&(0x7f00001a6000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000440)={0x0, 0x0})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0e000000040000000800000007"], 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x16, 0x6, 0x6, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x10}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000400008500000001000000850000000e00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x60000000}, 0xc)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)

2.675563544s ago: executing program 0 (id=1858):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan0\x00'})
r1 = io_uring_setup(0x5, &(0x7f0000000040)={0x0, 0xe617, 0xc083, 0x3, 0x6d7})
io_uring_enter(r1, 0x2cbc, 0x366, 0x12, 0x0, 0x0)
prlimit64(0x0, 0x4, &(0x7f0000000100)={0x8c, 0x80000100008e}, 0x0)
prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d5000/0x2000)=nil)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x42795000)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='attr/current\x00')
preadv(0xffffffffffffffff, &(0x7f00000003c0)=[{&(0x7f0000000040)=""/48, 0x30}], 0x1, 0x0, 0x0)
writev(r2, &(0x7f00000003c0), 0x100000000000022d)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000480)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xab46c000)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$nl_xfrm(r0, 0x0, 0x0)

1.88901781s ago: executing program 0 (id=1863):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
open(0x0, 0x80, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0xa, 0x26, 0x0, 0x0, 0x5, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x6)
r2 = getpgrp(0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000040)=0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
iopl(0x3)
msgget$private(0x0, 0x0)

1.88886337s ago: executing program 3 (id=1864):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xa000000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r1, 0x2000300, 0xe, 0x0, &(0x7f0000000600)="63e4ed8e46080000003389f7f986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

1.037910967s ago: executing program 0 (id=1865):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000010, &(0x7f0000000000)=ANY=[@ANYRES32=0x0], 0x1, 0x6eb, &(0x7f0000001240)="$eJzs3c1vHGcdB/DvrNeON1Sp0yY0QkGYRCpIEYkTK4VwwSCEcqhQVQ49W4nTWNkkVeKitELgAoITEof+AQXJNw4IiXtQuHApt159rITEJeIQ9bJoZmft3fX6LfFLAp9PNJ5n5nnmmd/+5pkZ7zqrCfB/6+q5NB+myNVzbz4ol1dXZturK7NH6up2krLcSJrdWYo7SfEomSvri74pffMNPl688vZnj1c/7y4166lqP7bVdiOMaLtcT5mu+5seueX4TnexXIeXl5Jcq+eDJnba10DDMmln6zkcus6gRjrLu9l8N+ct8Jzp3Z2K7n1zg6nkaJLJ+veA1FeHxsFFuKe+3ivs6ioHAAAAL6hP7x52BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDiqZ7/31pbbHRXJdMpes//n+itq8vPobkdt3y4r3EAAAAAAAAAwMH42pM8yYMcK8vjSTpF9Tf/M1XliXzRSb6U93M/C7mX83mQ+SxlKfdyMclUX0cTD+aXlu5dXNuyNHrLSyO3vHSQrxoAAAAAAAAA/uf8Mq3u3/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB5USRj3Vk1najnmUqjmfW6LCf/TDJx2PHuQjFq5cODjwMAAACeyeRTbPPykzzJgxzrLXeK6j3/l6v3y5N5P3eylMUspZ2FXK/fQ5fv+hurK7Pt1ZXZ2+VULg/2+/1/7yqMibqHsWpp1J5PVS1auZHFas35XKuCuZ5Gd99nk1O9ePri6vNRGVPxvdoOI2vWaS139vvNPkXYE4MfRTS2aNlaDy5Zy8hMHVu55fFuBorqg5pkOBPDR2fDzpoDS1NVk/G1PV1MY+2TnxP7kPOj9bx8Pb/Z15zvRH8u1jLRSJWJS73RV54zW2ci+cZf//TOzfadWzdv3D93uC9pF8Y2WT88Jmb7MvHaC52J5i7bz1SZOLm2fDU/yk9yLtN5K/eymJ9mPktZSKeun6/Hc/lzautMzQ0svbVdJBP1cekes53ENJ0fVqX5nKm2PZbFFLmb61nIG9W/S7mYb+dyLudK3xE+uWnc1WurzvrG8FnfO9J/Gxn82W/WhfLq9tv1q9zcVq94s9G5V7rX/jKvx/vy2h31j9daHe87D2b6svRKLzvjIzt/mmtj8yt1odzHr7a5TxysqToT5QnUu0v0onu1m4lmdS/aOM7/0Cm3S/tOp3Nz/r1N+l8eWn69npfDauWr27XuGX0o9lY5Xl7JZH0lGRwdZd2ra1eZvrrO+lju1g3eccvtTlZ1RdE7U3+cu9UA2HimTtS/w23s6VJV99pQ3en6Gl7WneqrG/h9K3fTzvUDyB8AT+Mf76wVp3J0ovWv1qetT1q/bt1svTn5gyPfOXJ6IuN/H/9uc2bs9cbp4i/5JD9ff/8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8vfsffHhrvt1euDe60Ni8aqDQyvCa7XoeKhT1A31GtblVP6VgVx0ecmEyycCa6jlHBx5GaziMDYXOL5IDz0/vIYKj2/yuLDR3dLjnBtb8eWOHH20fz1iGxuEOzot9LDSyLz13Xt5kJIxl9AA4rCsScFAuLN1+78L9Dz781uLt+XcX3l24M3758pWZK5ffmL1wY7G9MNP9edhRAvth/aZ/2JEAAAAAAAAAAAAAOzXqqwJnXtruSyMbCo0kw9/x8D8LAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD1x9VyaD1Pk4sz5mXJ5dWW2XU698nrLZpJGIyl+lhSPkrl0p0z1dVfkj4/SGbGfjxevvP3Z49XP1/tqdtsnjXq+ua1rkyzXU6aTjNXzZzDQ37Vn7q/4T+81lAn7otPpzD1bfLA3/hsAAP//ShfsxA==")
symlink(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00')
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=ANY=[@ANYBLOB="18000000"], 0x0, 0x1400)

968.160829ms ago: executing program 3 (id=1866):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mremap(&(0x7f00001a6000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000440)={0x0, 0x0})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0e000000040000000800000007"], 0x50)
close(0x3)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000400008500000001000000850000000e00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x60000000}, 0xc)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)

817.327614ms ago: executing program 3 (id=1867):
r0 = syz_usb_connect$hid(0x0, 0x6c, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000000000040b827ed0100000000000109022400010000000009040000010300000009210000200122050009058103"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
r1 = socket(0x840000000002, 0x3, 0xff)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000100)={0x0, <r2=>0x0, <r3=>0x0}, &(0x7f00000003c0)=0xc)
syz_mount_image$exfat(&(0x7f0000000400), &(0x7f0000000640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000084c, &(0x7f0000000540)=ANY=[@ANYBLOB='iocharset=ascii,discard,dmask=00000000000000000000007,uid=', @ANYRESHEX=r2, @ANYBLOB=',dmask=00000000000000000000152,fmask=00000000000000000000006,gid=', @ANYRESHEX=r3, @ANYBLOB=',uid=', @ANYRESHEX=0xee00, @ANYBLOB="2c646973636172642c00fb278330ab3b4884d36adf6908d11f57832035e96a1513231140da182ca77aeedc492bbc501d94f854a7e26909bde6e698d72a15ec808a86c25d"], 0x1, 0x14f5, &(0x7f0000001580)="$eJzs3AuYjlXXOPC99t43Y5r0NMlh2GuvmycNtkmSHBJySJIkSXJKSJokSUgMOSUNSchxkhyGkBymMWmcz4eckyavNEkSklPY/0vv+33e9+v9vr7v//b/u65v1u+69jV7zf2s9ax71lzz3PdzXfP80HNUvRb1azcjIvEvgb9+SRFCxAghhgkhbhBCBEKISvGV4q8cL6Ag5V97EvbnejT9WnfAriWef97G88/beP55G88/b+P55208/7yN55+38fwZy8u2zyl2I6+8u/j9/7yMX///F8ktP/mbjeVv7vU/SOH55208/7yN55+38fzzNp5/3sbz/9+v1n9xjOeft/H8GcvLrvX7z7yu7brWv3+MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxvKGc/4qLYT4t/217osxxhhjjDHGGGN/Hp//WnfAGGOMMcYYY4yx//dASKGEFoHIJ/KLGFFAxIrrRJy4XhQUN4iIuFHEi5tEIXGzKCyKiKKimEgQxUUJYQQKK0iEoqQoJaLiFlFa3CoSRRlRVpQTTpQXSeI2UUHcLiqKO0QlcaeoLO4SVURVUU1UF3eLGuIeUVPUErXFvaKOqCvqifriPtFA3C8aigdEI/GgaCweEk3Ew6KpeEQ0E4+K5uIx0UI8LlqKJ0Qr0Vq0EW1Fu/+r/FdEX/Gq6Cf6ixQxQAwUr4lBYrAYIoaKYeJ1MVy8IUaIN0WqGClGibfEaPG2GCPeEWPFODFevCsmiIlikpgspoipIk28J6aJ98V08YGYIWaKWWK2SBdzxFzxoZgn5osF4iOxUHwsFonFYolYKjLEJyJTLBNZ4lOxXHwmssUKsVKsEqvFGrFWrBPrxQaxUWwSm8UWsVVsE9vF52KH2Cl2id1ij9gr9okvxH7xpTggvhI54uv/Yf7Z/5DfCwQIkCBBg4Z8kA9iIAZiIRbiIA4KQkGIQATiIR4KQSEoDIWhKBSFBEiAElACEBAICEpCSYhCFEpDaUiERCgLZcGBgyRIggpwO1SEilAJKkFlqAxVoCpUhepQHWpADagJNaE21IY6UAfqQT24D+6D+6EhNIRG0AgaQ2NoAk2gKTSFZtAMmkNzaAEtoCW0hFbQCtpAG2gH7aA9tIcO0AE6QSfoDJ2hC3SBZEiGrtAVukE36A7doQf0gJ7QE3pBb+gNr8Ar8Cq8Cv2hjhwAA2EgDIJBMASGwlB4HYbDG/AGvAmpMBJGwVvwFrwNY+AMjIVxMB7GQw05ESbBZCA5FdIgDabBNJgO02EGzISZMBvSYQ7MhbkwD+bDfPgIFsLH8DEshsWwFDIgAzJhGWRBFiyHs5ANK2AlrILVsAZWwzpYD+tgI2yCjbAFtsA22Aafw+ewE3bCbtgNe2EvfAFfwJfwJaRCDuTAQTgIh+AQHIbDkAu5cASOwFE4CsfgGByH43ACTsIpOAmn4TScgbNwDs7BBbgAF+GlhO+a7y2zIVXIK7TUMp/MJ2NkjIyVsTJOxsmCsqCMyIiMl/GykCwkC8vCsqgsKhNkgiwhS0iUKEmGsqQsKaMyKkvL0jJRJsqysqx00skkmSQryAqyoqwoK8k7ZWV5l6wiq8qOrrqsLmvITq6mrCVry9qyjqwr68n6sr5sIBvIhrKhbCQbycaysWwiH5ZN5QAYAo/KK5NpIUdCSzkKWsnWso1sK9+GJ2V7OQY6yI6yk3xajoOx0EW2d8nyOdlVToJu8gU5GV6UPeRU6Clflr1kb9lHviL7yg6un+wvZ8AAOVDOhkFysBwih8p5UFdemVg9+aZMlSPlKPmWXApvyzHyHTlWjpPj5btygpwoJ8nJcoqcKtPke3KafF9Olx/IGXKmnCVny3Q5R86VH8p5cr5cID+SC+XHcpFcLJfIpTJDfiIz5TKZJT+Vy+VnMluukCvlKrlarpFr5Tq5Xm6QG+UmuVlukVvlNrldfi53yJ1yl9wt98i9cp/8Qu6XX8oD8iuZI7+WB+Vf5CH5jTwsv5W58jt5RH4vj8of5DH5ozwuf5In5El5Sv4sT8tf5Bl5Vp6T5+UF+au8KC/Jy9JLoUBJpZRWgcqn8qsYVUDFqutUnLpeFVQ3qIi6UcWrm1QhdbMqrIqooqqYSlDFVQllFCqrSIWqpCqlouoWVVrdqhJVGVVWlVNOlVdJ6jZVQd2uKqo7VCV1p6qs7lJVVFVVTVVXd6sa6h5VU9VStdW9qo6qq+qp+uo+1UDdrxqqB1Qj9aBqrB5STdTDqql6RDVTj6rm6jHVQj2uWqonVCvVWrVRbVU79aRqr55SHVRH1Uk9rTqrZ1QX9axKVs+prup51U29oLqrF1UP9ZLqqV5WvVRv1UddUpeVV/1Uf5WiBqiB6jU1SA1WQ9RQNUy9roarN9QI9aZKVSPVKPWWGq3eVmPUO2qsGqfGq3fVBDVRTVKT1RQ1VaWp99Q09b6arj5QM9RMNUvNVulqjhryt0oL/hv57/+T/BG/Pfs2tV19rnaonWqX2q32qL1qn9qn9qv96oA6oHJUjjqoDqpD6pA6rA6rXJWrjqgj6qg6qo6pY+q4Oq5OqJPqvPpZnVa/qDPqrDqrzqsL6oK6+LefgdCgpVZa60Dn0/l1jC6gY/V1Ok5frwvqG3RE36jj9U26kL5ZF9ZFdFFdTCfo4rqENhq11aRDXVKX0lF9iy6tb9WJuowuq8tpp8vrJH3bv5z/R/210+10e91ed9AddCfdSXfWnXUX3UUn62TdVXfV3XQ33V131z10D91T99S9dC/dR/fRfXVf3U/30yk6RQ/Ur+lBerAeoofqYfp1PVwP1yP0CJ2qU/UoPUqP1qP1GD1Gj9Vj9Xg9Xk/QE/QkPUlP0VN0mk7T0/Q0PV1P1zP0DD1Lz9LpOl3P1XP1PD1PL9AL9EK9UC/Si/QSvURn6AydqTN1ls7Sy/Vyna1X6BV6lV6l1+g1ep1epzfoDXqT3qS36C06W2/X2/UOvUPv0rv0Hr1H79P79H69Xx/QB3SOztEH9UF9SB/Sh/Vhnatz9RF9RB/VR/UxfUwf18f1CX1Cn9Kn9Gl9Wp/RZ/Q5fU5f0Bf0RX1RX9aXr1z2BTKQgQ50kC/IF8QEMUFsEBvEBXFBwaBgEAkiQXwQHxQKbg4KB0WCokGxICEoHpQITICBDSgIg5JBqSAa3BKUDm4NEoMyQdmgXOCC8kFScFtQIbg9qBjcEVQK7gwqB3cFVYKqQbWgenB3UCO4J6gZ1ApqB/cGdYK6Qb2gfnBf0CC4P2gYPBA0Ch4MGgcPBU2Ch4OmwSNBs+DRoHnwWNAieDxoGTwRtApaB22CtkG7P7W+92eKPOX6mf4mxQwwA81rZpAZbIaYoWaYed0MN2+YEeZNk2pGmlHmLTPavG3GmHfMWDPOjDfvmglmoplkJpspZqpJM++ZaeZ9M918YGaYmWaWmW3SzRwz13xo5pn5ZoH5yCw0H5tFZrFZYpaaDPOJyTTLTJb51Cw3n5lss8KsNKvMarPGrDXrzHqzwWw0m8xms8VsNdvMdvO52WF2ml1mt9lj9pp95guz33xpDpivTI752hw0fzGHzDfmsPnW5JrvzBHzvTlqfjDHzI/muPnJnDAnzSnzszltfjFnzFlzzpw3F8yv5qK5ZC4bf+Xi/srLO2rUmA/zYQzGYCzGYhzGYUEsiBGMYDzGYyEshIWxMBbFopiACVgCS+AVhIQlsSRGMYqlsTQmYiKWxbLo0GESJmEFrIAVsSJWwkpYGStjFayC1bAa3o134z14D9bCWngv3ot1sS7Wx/rYABtgQ2yIjbARNsbG2ASbYFNsis2wGTbH5tgCW2BLbImtsBW2wTbYDtthe2yPHbADdsJO2Bk7YxfsgsmYjF2xK3bDbtgdu2MP7IE9sSf2wl7YB/tgX+yL/bAfpmAKDsSBOAgH4RAcgsNwGA7H4TgCR2AqpuIoHIWjcTSOwTE4FsfheHwXJ+BEnISTcQpOxTRMw2k4DafjdJyBM3AWzsJ0TMe5OBfn4TxcgAtwIS7ERbgIl+ASzMAMzMRMzMIsXI7LMRuzcSWuxNW4GtfiWlyP63EjbsTNuBm34lbcjttxB+7AXbgL9+Ae3If7cD/uxwN4AHMwBw/iQTyEh/AwHsZczMUjeASP4lE8hsfwOB7HE3gCT+EpPI2n8QyewXN4Di/gr3gRL+Fl9BhjpYi119k4e70taG+wMbaA/fu4qC1mE2xxW8IaW9gW+YcYrbWJtowta8tZZ8vbJHvb7+IqtqqtZqvbu20Ne4+t+bu4gb3fNrQP2Eb2QVvf3vcPcWP7kG1iH7dN7RO2mW1tm9u2toV93La0T9hWtrVtY9vazvYZ28U+a5Ptc7arff53caZdZtfbDXaj3WT32y/tOXveHrU/2Av2V9vP9rfD7Ot2uH3DjrBv2lQ78nfxePuunWAn2kl2sp1ip/4unmVn23Q7x861H9p5dv7v4gz7iV1os+wiu9gusUt/i6/0lGU/tcvtZzbbrrAr7Sq72q6xa+26f+91ld1it9ptdp/9wu6wO+0uu9vusXt/i6+cxwH7lc2xX9sj9nt7yH5jD9tjNtd+91t85fyO2R/tcfuTPWFP2lP2Z3va/mLP2LO/nf+Vc//ZXrKXrbeCgCQp0hRQPspPMVSAYuk6iqPrqSDdQBG6keLpJipEN1NhKkJFqRglUHEqQYaQLBGFVJJKUZRuodJ0KyVSGSpL5chReUqi26gC3U4V6Q6qRHdSZbqLqlBVqkbV6W6qQfdQTapFteleqkN1qR7Vp/uoAd1PDekBakQPUmN6iJrQw9SUHqFm9Cg1p8eoBT1OLekJakWtqQ21pXb0JLWnp6gDdaRO9DR1pmeoCz1LyfQcdaXnqRu9QN3pRepBL1FPepl6UW/qQ69QX3qV+lF/SqEBNJBeo0E0mIbQUBpGr9NweoNG0JuUSiNpFL1Fo+ltGkPv0FgaR+PpXZpAE2kSTaYpNJXS6D2aRu/TdPqAZtBMmkWzKZ3m0Fz6kObRfFpAH9FC+pgW0WJaQkspgz6hTFpGWfQpLafPKJtW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nT6nHbSTdtFu2kN7aR99QfvpSzpAX1EOfU0H6S90iL6hw/Qt5dJ3dIS+p6P0Ax2jH+k4/UQn6CSdop/pNP1CZ+gsnaPzdIF+pYt0iS6TJxFCKEMV6jAI84X5w5iwQBgbXhfGhdeHBcMbwkh4Yxgf3hQWCm8OC4dFwqJhsTAhLB6WCE2IoQ0pDMOSYakwGt4Slg5vDRPDMmHZsFzowvJhUnhbWCG8PawY3hFWCu8MK4d3hVXCquHjD1YP7w5rhPeENcNaYe3w3rBOWDesF9YP7wsbhPeHDcMHwkbhg2HF8KGwSfhw2DR8JGwWPho2Dx8LW4SPhy3DJ8JWYeuwTdg2bBc+GbYPnwo7hB3DTuHTYefwmbBL+GyYHD4Xdg2f/8PjKeGAcGD4Wvha6P0Dakl0aTQj+kk0M7osmhX9NLo8+lk0O7oiujK6Kro6uia6Nrouuj66Iboxuim6ObolujW6Lep9/fzCgZNOOe0Cl8/ldzGugIt117k4d70r6G5wEXeji3c3uULuZlfYFXFFXTGX4Iq7Es44dNaRC11JV8pF3S2utLvVJboyrqwr55wr75JcW9fOtXPt3VOug+voOrmn3dPuGfeMe9Y9655zXd3zrpt7wXV3L7oe7iX3knvZ9XK9XR/3iuvrXnX9XH+X4lLcQDfQDXKD3BA3xA1zw9xwN9yNcCNcqkt1o9woN9qNdmPcGDfWjXXj3Xg3wU1wk9wkN8VNcWkuzU1z09x0N93NcDPcLDfLpbt0N9fNdfPcPLfALXALExe6RW6RW+KWuAyX4TJdpstyWW65W+6yXbZb6Va61W61W+vWuvVuvdvoNrrNbrPb6ra67W672+F2uF1ul9vj9rh9bp/b7/a7A+6Ay3E57qA76A65Q+6w+9bluu/cEfe9O+p+cMfcj+64+8mdcCfdKfezO+1+cWfcWXfOnXcX3K/uorvkLjvv0iLvRaZF3o9Mj3wQmRGZGZkVmR1Jj8yJzI18GJkXmR9ZEPkosjDycWRRZHFkSWRpJCPySSQzsiySFfk0sjzyWSQ7siKyMrIqsjqyJuJ98R2hL+lL+ai/xZf2t/pEX8aX9eW88+V9kr/NV/C3+4r+Dl/J3+kr+7t8FV/VV/NP+Fa+tW/j2/p2/knf3j/lO/iOvpN/2nf2z/gu/lmf7J/zXf3zvpt/wXf3L/oe/iXf07/se/nevo9/xff1r/p+vr9P8QP8QP+aH+QH+yF+qB/mX/fD/Rt+hH/Tp/qRfpR/y4/2b/sx/h0/1o/z4/27foKf6Cf5yX6Kn+rT/Ht+mn/fT/cf+Bl+pp/lZ/t0P8fP9R/6eX6+X+A/8gv9x36RX+yX+KU+w3/iM/0yn+U/9cv9Zz7br/Ar/Sq/2q/xa/06v95v8Bv9Jr/Zb/Fb/Ta/3X/ud/idfpff7ff4vX6f/8Lv91/6A/4rn+O/9gf9X/wh/40/7L/1uf47f8R/74/6H/wx/6M/7n/yJ/xJf8r/7E/7X/wZf9af8+f9Bf+rv+gv+cv8P2uMMcYYY/8t6g+OD/gn35N/W1cMFEJcv7NY7n+subnwX/eDZULniBDiuf49H/23VadOSkrK3x6brURQarEQInI1P5+4Gq8QncQzIll0FBX+aX+DZe8L9Af1o3cKEft3OTHiany1/u3/Sf0nnx6fWTk8F/9f1F8sRGKpqzkFxNX4av2K/0n9Iu3/oP8C36QJ0eHvcuLE1fhq/STxlHheJP/DIxljjDHGGGOMsb8aLKt1/6P75yv35wn6ak5+cTX+o/tzxhhjjDHGGGOMXXsv9u7z7JPJyR2784Y3vOHNv2+u9V8mxhhjjDHG2J/t6kX/te6EMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLu/5/fJzYtT5HxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhj7Fr7PwEAAP//SOc8Mw==")
lchown(&(0x7f0000000040)='./file1\x00', 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000b80)={0x24, 0x0, 0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="0022050000002aa9005939"], 0x0}, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x4000800)
r4 = timerfd_create(0x1, 0x80800)
timerfd_settime(r4, 0x3, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
timerfd_settime(r4, 0x3, &(0x7f0000000200)={{}, {0x0, 0x3938700}}, 0x0)

629.02161ms ago: executing program 3 (id=1868):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x42795000)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0xfffffffffffffff7]}, 0x8, 0x80000)
mount$9p_fd(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000140), 0x84, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESDEC=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
syz_open_dev$MSR(0x0, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r3 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r3, 0x7, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x10000, 0x0)

555.853373ms ago: executing program 3 (id=1869):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x29, 0x41, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r1)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
rmdir(&(0x7f0000000000)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file2\x00', 0x207)
mount$overlay(0x0, 0x0, 0x0, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat$dir(0xffffffffffffff9c, 0x0, 0x20400, 0x20)
chown(0x0, 0x0, 0x0)
mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe)
r2 = openat$cgroup_ro(r1, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r2, 0x0, 0x0)

443.848006ms ago: executing program 3 (id=1870):
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
close(0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
splice(r1, 0x0, r2, 0x0, 0xf3a, 0x0)
tee(r0, r2, 0x8f5, 0x100000000000000)
write$cgroup_type(r2, &(0x7f00000000c0), 0x9)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x7, 0x7fff0000}]})
getpeername$packet(0xffffffffffffffff, 0x0, 0x0)

137.035946ms ago: executing program 0 (id=1871):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000040)={0x3, &(0x7f0000000140)=[{0x20, 0x0, 0x80, 0xfffff024}, {0x20, 0x0, 0x0, 0xffbff024}, {0x6, 0xfc, 0x0, 0x7}]}, 0x10)
sendmmsg(r0, &(0x7f0000001c00), 0x400000000000159, 0x40840)

136.836046ms ago: executing program 7 (id=1872):
r0 = creat(&(0x7f0000000140)='./file0\x00', 0x100)
close(r0)
socket$inet6_tcp(0xa, 0x1, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r1 = socket$packet(0x11, 0x3, 0x300)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000640), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

40.53361ms ago: executing program 7 (id=1873):
syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x8410, &(0x7f0000000280)={[{@noquota}, {@lazytime}, {@mblk_io_submit}, {@resuid}, {@block_validity}, {@abort}]}, 0xfd, 0xbd1, &(0x7f0000001340)="$eJzs3M1rHOcZAPBnRquVbKtduZRS91KVUmwoXUsuMrUp1C4uvfRQaK8Fq/LKCK0/kFRcyTqskn8gX+dALoEkJiGH+OxLQnLNJbGvCTkETFCsBEJIFGY/pI2lleR4V6PIvx+8mvedd7TP8+ywO/PC7gbwxBrJ/qQRxyLiYhJRau5PI6JY7w1G1BrHra4sTX65sjSZxNravz5LIomIBytLk63HSprbI83BYES8/9ckfvb05rhzC4szE9VqZbY5Pjl/5frJuYXFP0xfmbhcuVy5Onb6T+Onxk+PnhnvWq1ffXTu9he/+fsnta9f/ebW58+/nMS5GGrOtdfRLSMxsv6ctCtExES3g+Wkr1lPe51JYYd/SnucFAAAHaVt93C/iFL0xcbNWyne/iDX5AAAAICuWOuLWAMAAAAOuMT6HwAAAA641ucAHqwsTbZavp9I2Fv3z0fEcKP+1WZrzBSiVt8ORn9EHH6QRPvXWpPGvz22kYj4+N6ZN7IWPfoe8nZqyxHxy63Of1Kvf7j+Le7N9acRMdqF+CMPjX9M9Z/rQvy86wfgyXTnfONCtvn6l67f/8QW17/CFteuHyLv61/r/m910/3fRv19He7//rnLGDdfefFGp7ms/j/f/tvrrZbFz7aPVdQjuL8c8avCVvUn6/UnHeq/uMsYpW9vVDrN5V3/2ksRx2Pr+luS7X+f6OTUdLUy2vi7ZYzl98Zf6xQ/7/qz83+4Q/2t33/qdP6v7zLGfy5ceHPTznsb3e3rTz8tJv+u94rNPf+fmJ+fHYsoJv/YvP/U9rm0jmk9Rlb/id9u//rfqv7sPaHWfB6ytcByc5uNn3oo5l9u3XyrUz6t9V+e5/9Sh/PfXv+7hc3n/5ldxvjdO8+d6DTXvv7NWha/tRYGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJY0IoYiScvr/TQtlyOORMTP43BavTY3//upa/+7eimbixiO/nRquloZjYhSY5xk47F6f2N86qHxHyPiaES8UDpUH5cnr1Uv5V08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA645ExFAkaTki0ohYLaVpuZx3VgAAAEDXDeedAAAAANBz1v8AAABw8Fn/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0GNHf33nbhIRtbOH6i1TbM7155oZ0Gtp3gkAuenLOwEgN4W8EwBy84hrfLcLcAAlO8wPdpwZ6HouAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOxfx4/duZtERO3soXrLFJtz/blmBvRa2tZPcswD2Ht9200W9i4PYO95icOTyxof2GntP7hxTO37MwM9ywkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/Weo3pK0HBHF5r5yOeInETEc/cnUdLUyGhE/jYgPS/0D2Xgs55wBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADovrmFxZmJarUym3XSaHbW9/Sg09eM3MMQvekkjbxr+yWfg90ZeHanY/4bjxmiGPui0n3ayfNdCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAvMwtLM5MVKuV2bm8MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyNrewODNRrVZme9jJu0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLzXQAAAP//jAsGRw==")
quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f00000003c0)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000280)={0xffffffffffffffc8, 0xefd, 0x3, 0x200000000000008, 0x6, 0x6, 0x20000001000, 0xf64, 0xfffffffc})

0s ago: executing program 0 (id=1874):
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0xc0)
pipe2$9p(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
write$P9_RVERSION(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000ac0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@posixacl}, {@cache_none}]}})

kernel console output (not intermixed with test programs):

syz
[  207.953798][ T5773] usb 1-1: config 0 descriptor??
[  207.964894][ T7065] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  208.008318][ T5773] usb 1-1: Quirk or no altest; falling back to MIDI 1.0
[  208.044658][ T7085] netlink: 8 bytes leftover after parsing attributes in process `syz.1.276'.
[  208.620489][ T5807] usb 1-1: USB disconnect, device number 5
[  212.261087][ T7104] loop4: detected capacity change from 0 to 1024
[  212.427525][ T7112] loop0: detected capacity change from 0 to 512
[  213.410854][ T7112] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  213.423777][ T7112] ext4 filesystem being mounted at /68/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  213.897200][ T7104] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  214.333320][ T7124] netlink: 8 bytes leftover after parsing attributes in process `syz.1.284'.
[  214.378425][ T7104] ext4 filesystem being mounted at /44/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  214.587724][ T7104] EXT4-fs error (device loop4): ext4_lookup:1858: inode #15: comm syz.4.281: inode has both inline data and extents flags
[  214.620405][ T7104] EXT4-fs (loop4): Remounting filesystem read-only
[  214.706374][ T5999] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  214.925408][ T5775] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.219374][ T7143] netlink: 8 bytes leftover after parsing attributes in process `syz.1.289'.
[  215.497193][ T7128] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  217.360690][ T5774] Bluetooth: hci0: command 0x0406 tx timeout
[  218.468035][ T7128] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  219.137903][ T7159] netlink: 8 bytes leftover after parsing attributes in process `syz.0.294'.
[  220.014411][ T7128] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  220.025509][ T7128] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  220.036646][ T7128] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  220.048290][ T7128] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  220.071082][ T7128] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  220.097878][ T7128] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  220.104074][ T7165] loop0: detected capacity change from 0 to 1024
[  220.116630][ T7161] loop1: detected capacity change from 0 to 1024
[  220.128910][ T7165] EXT4-fs: Ignoring removed mblk_io_submit option
[  220.160840][ T7165] EXT4-fs: inline encryption not supported
[  220.201038][ T7161] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  220.275043][ T7165] EXT4-fs (loop0): can't mount with data_err=abort, fs mounted w/o journal
[  220.291371][ T7161] ext4 filesystem being mounted at /80/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  220.511469][ T7161] EXT4-fs error (device loop1): ext4_lookup:1858: inode #15: comm syz.1.295: inode has both inline data and extents flags
[  220.603761][ T5774] Bluetooth: hci0: command 0x0406 tx timeout
[  220.642365][ T7161] EXT4-fs (loop1): Remounting filesystem read-only
[  220.716723][ T7165] loop0: detected capacity change from 0 to 40427
[  220.727452][ T7165] F2FS-fs (loop0): Invalid SB checksum offset: 0
[  220.733931][ T7165] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[  220.753687][ T7165] F2FS-fs (loop0): invalid crc value
[  220.902487][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  220.946261][ T7165] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[  220.953932][ T7165] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  223.389212][ T5774] Bluetooth: hci3: command 0x0406 tx timeout
[  224.369670][ T5774] Bluetooth: hci2: command 0x0406 tx timeout
[  224.377333][ T5774] Bluetooth: hci1: command 0x0406 tx timeout
[  224.820813][ T5831] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  224.991759][ T7193] kvm: emulating exchange as write
[  225.050782][ T5831] usb 4-1: Using ep0 maxpacket: 32
[  225.070219][ T5831] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[  225.096283][ T5831] usb 4-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= a.f5
[  225.115828][ T5831] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  225.139736][ T5775] syz-executor: attempt to access beyond end of device
[  225.139736][ T5775] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  225.155316][ T5831] usb 4-1: Product: syz
[  225.159509][ T5831] usb 4-1: Manufacturer: syz
[  225.194326][ T5831] usb 4-1: SerialNumber: syz
[  225.211548][ T5775] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  225.226994][ T5831] usb 4-1: config 0 descriptor??
[  225.251306][ T7189] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  225.283733][ T5831] usb 4-1: Quirk or no altest; falling back to MIDI 1.0
[  225.559656][ T7198] netlink: 8 bytes leftover after parsing attributes in process `syz.4.305'.
[  226.151954][ T5831] usb 4-1: USB disconnect, device number 5
[  226.393730][ T7202] udevd[7202]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  226.400678][ T5774] Bluetooth: hci2: command 0x0406 tx timeout
[  226.415643][ T5771] Bluetooth: hci1: command 0x0406 tx timeout
[  226.415699][ T5771] Bluetooth: hci3: command 0x0406 tx timeout
[  227.835644][ T7207] loop4: detected capacity change from 0 to 40427
[  227.845034][ T7219] loop3: detected capacity change from 0 to 1024
[  227.955775][ T7207] F2FS-fs (loop4): Corrupted extension count (64 + 1 > 64)
[  227.970270][ T7207] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  227.978918][ T7207] F2FS-fs (loop4): Unrecognized mount option "whint_mode=user-based" or missing value
[  228.013006][ T7219] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  228.032770][ T7219] ext4 filesystem being mounted at /85/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  228.067232][ T7219] EXT4-fs error (device loop3): ext4_lookup:1858: inode #15: comm syz.3.309: inode has both inline data and extents flags
[  230.988762][ T7227] loop0: detected capacity change from 0 to 8
[  231.356462][   T23] usb 2-1: new low-speed USB device number 3 using dummy_hcd
[  231.608479][ T7219] EXT4-fs (loop3): Remounting filesystem read-only
[  231.968872][ T5781] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  232.155681][ T7232] netlink: 8 bytes leftover after parsing attributes in process `syz.4.311'.
[  233.002302][ T7234] loop0: detected capacity change from 0 to 16
[  233.046115][ T7234] erofs: (device loop0): mounted with root inode @ nid 36.
[  233.118343][ T5774] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress 4876 in[4096, 0] out[9000]
[  233.147962][ T7234] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress 4876 in[4096, 0] out[8192]
[  233.236100][   T27] audit: type=1800 audit(1780428063.314:209): pid=7234 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.312" name="file2" dev="loop0" ino=89 res=0 errno=0
[  233.308778][ T7237] loop3: detected capacity change from 0 to 512
[  233.335191][ T7237] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  233.499204][ T7237] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #16: comm syz.3.313: invalid indirect mapped block 4294967295 (level 0)
[  233.567283][ T7247] netlink: 8 bytes leftover after parsing attributes in process `syz.4.314'.
[  233.700844][   T42] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  233.921176][   T42] usb 1-1: Using ep0 maxpacket: 32
[  233.928823][ T7237] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #16: comm syz.3.313: invalid indirect mapped block 4294967295 (level 1)
[  234.025340][   T42] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[  234.163846][   T42] usb 1-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= a.f5
[  234.201034][ T7237] EXT4-fs (loop3): 1 orphan inode deleted
[  234.208603][ T7237] EXT4-fs (loop3): 1 truncate cleaned up
[  234.210889][   T42] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  234.215622][ T7237] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  234.236351][   T42] usb 1-1: Product: syz
[  234.250572][   T42] usb 1-1: Manufacturer: syz
[  234.260752][   T42] usb 1-1: SerialNumber: syz
[  234.283588][   T42] usb 1-1: config 0 descriptor??
[  234.312353][ T7245] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  234.364780][   T42] usb 1-1: Quirk or no altest; falling back to MIDI 1.0
[  234.374138][ T7237] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  234.382585][ T7241] loop1: detected capacity change from 0 to 256
[  234.507892][ T5781] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.518332][ T7241] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x39601bbf, utbl_chksum : 0xe619d30d)
[  235.392737][ T3583] usb 1-1: USB disconnect, device number 6
[  235.600902][ T7267] loop1: detected capacity change from 0 to 512
[  235.644599][ T7268] loop3: detected capacity change from 0 to 1024
[  235.702716][ T7267] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  235.746093][ T7268] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  235.782024][ T7267] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.322: invalid indirect mapped block 9 (level 0)
[  235.820766][ T7268] ext4 filesystem being mounted at /89/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  235.841770][ T7267] EXT4-fs (loop1): 1 truncate cleaned up
[  235.851474][ T7264] EXT4-fs error (device loop3): ext4_lookup:1858: inode #15: comm syz.3.321: inode has both inline data and extents flags
[  235.871400][ T7267] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  235.886559][ T7264] EXT4-fs (loop3): Remounting filesystem read-only
[  236.010340][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.022364][ T5781] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  236.193283][ T7279] netlink: 8 bytes leftover after parsing attributes in process `syz.0.323'.
[  238.332308][ T7304] loop0: detected capacity change from 0 to 512
[  238.363227][ T7304] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  238.373980][ T7304] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  238.384096][ T7304] EXT4-fs (loop0): can't mount with data=, fs mounted w/o journal
[  238.746891][ T7283] loop3: detected capacity change from 0 to 40427
[  238.809385][ T7283] F2FS-fs (loop3): invalid crc value
[  238.840308][ T7283] F2FS-fs (loop3): Found nat_bits in checkpoint
[  239.051241][ T7283] F2FS-fs (loop3): Start checkpoint disabled!
[  239.110677][ T7283] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  239.581988][   T23] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  239.800619][   T23] usb 2-1: Using ep0 maxpacket: 32
[  239.832566][   T23] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[  239.852898][   T23] usb 2-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= a.f5
[  239.870842][   T23] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  240.634635][   T23] usb 2-1: Product: syz
[  240.647085][   T23] usb 2-1: Manufacturer: syz
[  240.670375][   T23] usb 2-1: SerialNumber: syz
[  240.687974][   T23] usb 2-1: config 0 descriptor??
[  240.707697][ T7300] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  240.787032][   T23] usb 2-1: Quirk or no altest; falling back to MIDI 1.0
[  241.003256][   T23] usb 2-1: USB disconnect, device number 4
[  241.706750][ T7323] netlink: 8 bytes leftover after parsing attributes in process `syz.4.338'.
[  242.893055][ T7333] syz.0.336 uses obsolete (PF_INET,SOCK_PACKET)
[  242.951758][ T7338] xt_NFQUEUE: number of total queues is 0
[  244.319984][ T7350] loop3: detected capacity change from 0 to 512
[  244.332368][ T7350] EXT4-fs: Ignoring removed orlov option
[  244.969647][ T7354] loop4: detected capacity change from 0 to 512
[  244.979698][ T7354] EXT4-fs: Ignoring removed bh option
[  244.986520][ T7354] EXT4-fs: inline encryption not supported
[  245.763012][ T7354] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  245.774739][ T7350] EXT4-fs error (device loop3): ext4_orphan_get:1430: comm syz.3.346: bad orphan inode 67108864
[  245.785801][ T7350] EXT4-fs (loop3): Remounting filesystem read-only
[  245.793136][ T7350] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  245.805775][ T7350] ext4 filesystem being mounted at /94/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  245.986087][ T7354] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1154: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  246.038047][ T7354] EXT4-fs error (device loop4): ext4_validate_block_bitmap:439: comm syz.4.348: bg 0: block 248: padding at end of block bitmap is not set
[  246.083394][ T7354] Quota error (device loop4): write_blk: dquota write failed
[  246.091168][ T5781] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  246.100432][ T7354] Quota error (device loop4): qtree_write_dquot: Error -28 occurred while creating quota
[  246.163216][ T7354] EXT4-fs error (device loop4): ext4_acquire_dquot:6953: comm syz.4.348: Failed to acquire dquot type 1
[  246.248904][ T7354] EXT4-fs (loop4): 1 truncate cleaned up
[  246.272461][ T7354] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[  246.499576][ T5999] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[  246.512912][   T49] Quota error (device loop4): do_check_range: Getting block 0 out of range 1-5
[  246.550729][   T49] EXT4-fs error (device loop4): ext4_release_dquot:6989: comm kworker/u4:3: Failed to release dquot type 1
[  247.034017][ T5807] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  247.223799][ T5807] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  247.247524][ T5807] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  247.274213][ T5807] usb 2-1: New USB device found, idVendor=13e5, idProduct=0001, bcdDevice=4e.53
[  247.283782][ T5807] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  247.303081][ T5807] usb 2-1: config 0 descriptor??
[  247.388190][ T7381] netlink: 8 bytes leftover after parsing attributes in process `syz.3.349'.
[  247.999355][ T7371] loop4: detected capacity change from 0 to 40427
[  248.011861][ T7371] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  248.019862][ T7371] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  248.057664][ T7371] F2FS-fs (loop4): invalid crc value
[  248.138055][ T7371] F2FS-fs (loop4): Found nat_bits in checkpoint
[  248.182565][ T7369] loop1: detected capacity change from 0 to 512
[  248.224267][ T7369] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  248.257949][ T7369] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 48 vs 41 free clusters
[  248.274450][ T7369] Quota error (device loop1): write_blk: dquota write failed
[  248.281906][ T7369] Quota error (device loop1): find_free_dqentry: Can't write quota data block 5
[  248.291107][ T7369] Quota error (device loop1): write_blk: dquota write failed
[  248.298559][ T7369] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[  248.308477][ T7369] EXT4-fs error (device loop1): ext4_acquire_dquot:6953: comm syz.1.354: Failed to acquire dquot type 1
[  248.338659][ T7369] EXT4-fs (loop1): 1 truncate cleaned up
[  248.345512][ T7369] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  248.404016][ T5807] usb 2-1: USB disconnect, device number 5
[  248.405446][ T7371] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  248.436715][ T7371] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  248.969085][ T7392] loop0: detected capacity change from 0 to 512
[  248.982009][ T7392] EXT4-fs: Ignoring removed orlov option
[  249.644643][ T7392] EXT4-fs error (device loop0): ext4_orphan_get:1430: comm syz.0.357: bad orphan inode 67108864
[  249.660633][ T7392] EXT4-fs (loop0): Remounting filesystem read-only
[  249.690648][ T7392] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  249.703467][ T7392] ext4 filesystem being mounted at /86/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  249.805883][ T5775] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  250.067866][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  250.902399][ T7408] random: crng reseeded on system resumption
[  251.195868][ T7412] loop3: detected capacity change from 0 to 1024
[  251.263703][ T7412] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  251.281157][ T7412] ext4 filesystem being mounted at /100/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  251.353204][ T7412] EXT4-fs error (device loop3): ext4_lookup:1858: inode #15: comm syz.3.364: inode has both inline data and extents flags
[  251.440675][ T7412] EXT4-fs (loop3): Remounting filesystem read-only
[  252.284765][ T5781] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  252.558554][ T7421] loop3: detected capacity change from 0 to 1024
[  252.574158][ T7421] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  252.592736][ T7421] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (58532!=20869)
[  252.627905][ T7421] JBD2: no valid journal superblock found
[  252.676375][ T7421] EXT4-fs (loop3): Could not load journal inode
[  252.996987][ T7427] netlink: 8 bytes leftover after parsing attributes in process `syz.4.365'.
[  255.614049][ T7423] loop1: detected capacity change from 0 to 40427
[  256.253576][ T7433] loop0: detected capacity change from 0 to 512
[  256.273045][ T7433] EXT4-fs: Ignoring removed orlov option
[  256.770668][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  256.891276][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  256.897647][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[  256.994188][ T7433] EXT4-fs error (device loop0): ext4_orphan_get:1430: comm syz.0.367: bad orphan inode 67108864
[  257.005194][ T7433] EXT4-fs (loop0): Remounting filesystem read-only
[  257.012663][ T7433] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  257.025224][ T7433] ext4 filesystem being mounted at /88/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  257.107520][ T5775] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.541345][ T7455] loop1: detected capacity change from 0 to 512
[  257.569941][ T7455] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  257.579953][ T7450] loop4: detected capacity change from 0 to 1024
[  257.618874][ T7455] EXT4-fs (loop1): invalid journal inode
[  257.634940][ T7455] EXT4-fs (loop1): can't get journal size
[  257.682248][ T7450] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  257.745189][ T7455] EXT4-fs (loop1): 1 truncate cleaned up
[  257.746336][ T7450] ext4 filesystem being mounted at /69/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  257.779098][ T7455] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  257.881888][ T7450] EXT4-fs error (device loop4): ext4_lookup:1858: inode #15: comm syz.4.374: inode has both inline data and extents flags
[  257.923914][ T7450] EXT4-fs (loop4): Remounting filesystem read-only
[  258.044449][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.276453][ T5999] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  258.390007][ T7454] loop3: detected capacity change from 0 to 40427
[  258.840748][ T7199] I/O error, dev loop3, sector 40192 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  260.001982][ T7484] binder_alloc: 7483: binder_alloc_buf, no vma
[  260.206344][ T7486] loop4: detected capacity change from 0 to 512
[  260.250466][ T7488] loop1: detected capacity change from 0 to 1024
[  260.838255][ T7491] loop0: detected capacity change from 0 to 512
[  260.850831][ T7491] EXT4-fs: Ignoring removed orlov option
[  261.452764][ T7486] EXT4-fs error (device loop4): ext4_orphan_get:1404: inode #15: comm syz.4.384: inode has both inline data and extents flags
[  261.485830][ T7486] EXT4-fs error (device loop4): ext4_orphan_get:1409: comm syz.4.384: couldn't read orphan inode 15 (err -117)
[  261.502290][ T7491] EXT4-fs error (device loop0): ext4_orphan_get:1430: comm syz.0.381: bad orphan inode 67108864
[  261.513505][ T7491] EXT4-fs (loop0): Remounting filesystem read-only
[  261.520770][ T7491] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  261.533317][ T7491] ext4 filesystem being mounted at /91/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  261.656872][ T7486] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000070000 r/w without journal. Quota mode: writeback.
[  261.696770][ T7488] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  261.746289][ T5775] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.760895][ T7488] ext4 filesystem being mounted at /104/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  261.837695][ T7488] EXT4-fs error (device loop1): ext4_lookup:1858: inode #15: comm syz.1.385: inode has both inline data and extents flags
[  261.913227][ T7488] EXT4-fs (loop1): Remounting filesystem read-only
[  262.016489][ T5999] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000070000.
[  262.045931][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  262.119079][ T7499] loop3: detected capacity change from 0 to 8
[  262.165161][ T7499] squashfs: Unknown parameter 'þ'
[  262.255597][ T7199] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  263.504502][ T7499] warning: `syz.3.388' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  264.130710][    T9] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  264.882037][ T7530] loop3: detected capacity change from 0 to 512
[  264.894793][ T7530] EXT4-fs: Ignoring removed orlov option
[  265.485400][    T9] usb 5-1: Using ep0 maxpacket: 32
[  265.610677][ T7147] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  265.672457][   T42] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  265.747478][ T7517] loop4: detected capacity change from 0 to 4096
[  265.776630][ T7517] EXT4-fs: inline encryption not supported
[  265.817115][ T7517] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  265.835870][ T7517] EXT4-fs (loop4): Test dummy encryption mode enabled
[  265.876000][ T7517] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  265.920272][   T42] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  265.961526][   T42] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  266.020964][   T42] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  266.063138][   T42] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  266.094909][   T42] usb 1-1: SerialNumber: syz
[  266.361275][   T42] usb 1-1: 0:2 : does not exist
[  266.408923][   T42] usb 1-1: USB disconnect, device number 7
[  266.468640][ T7147] udevd[7147]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  266.589190][ T7517] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[  266.669604][    T9] usb 5-1: unable to get BOS descriptor or descriptor too short
[  266.690304][    T9] usb 5-1: unable to read config index 0 descriptor/start: -71
[  266.699763][    T9] usb 5-1: can't read configurations, error -71
[  267.073211][ T7545] loop0: detected capacity change from 0 to 1024
[  267.139263][ T7545] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  267.160769][ T7545] ext4 filesystem being mounted at /94/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  267.174801][ T7545] EXT4-fs error (device loop0): ext4_lookup:1858: inode #15: comm syz.0.398: inode has both inline data and extents flags
[  267.237983][ T7545] EXT4-fs (loop0): Remounting filesystem read-only
[  267.304950][ T5999] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.390463][ T5775] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  268.504695][ T7560] loop3: detected capacity change from 0 to 256
[  268.685938][ T7564] loop4: detected capacity change from 0 to 8
[  268.757791][ T7564] squashfs: Unknown parameter 'þ'
[  270.154596][ T5844] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  270.172004][ T5844] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  270.408008][ T7571] fido_id[7571]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  270.534864][ T7573] loop0: detected capacity change from 0 to 128
[  270.678872][ T7573] syz.0.407: attempt to access beyond end of device
[  270.678872][ T7573] loop0: rw=2049, sector=138, nr_sectors = 112 limit=128
[  270.763797][ T7575] loop3: detected capacity change from 0 to 1024
[  270.814708][ T7573] syz.0.407: attempt to access beyond end of device
[  270.814708][ T7573] loop0: rw=2049, sector=138, nr_sectors = 8 limit=128
[  272.132407][ T7589] loop1: detected capacity change from 0 to 8
[  272.139441][ T7589] squashfs: Unknown parameter 'þ'
[  273.412849][ T7594] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  273.418979][ T7594] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  273.425300][ T7594] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  273.432094][ T7594] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  273.835009][ T7608] loop3: detected capacity change from 0 to 1024
[  274.037560][ T5813] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  274.120101][ T7614] loop4: detected capacity change from 0 to 512
[  274.152179][ T7614] EXT4-fs: Ignoring removed i_version option
[  274.207106][ T7614] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  274.250571][ T5813] usb 1-1: Using ep0 maxpacket: 32
[  274.257268][ T5813] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[  274.291869][ T7614] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  274.314126][ T5813] usb 1-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= a.f5
[  274.352376][ T5813] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  274.371452][ T7614] ext4 filesystem being mounted at /83/file7 supports timestamps until 2038-01-19 (0x7fffffff)
[  274.385557][ T5813] usb 1-1: Product: syz
[  274.389726][ T5813] usb 1-1: Manufacturer: syz
[  274.415197][ T5813] usb 1-1: SerialNumber: syz
[  274.441729][ T7623] loop3: detected capacity change from 0 to 256
[  274.449485][ T5813] usb 1-1: config 0 descriptor??
[  274.455942][ T7605] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  274.468408][ T5813] usb 1-1: Quirk or no altest; falling back to MIDI 1.0
[  274.522751][ T7614] EXT4-fs error (device loop4): ext4_dx_csum_verify:502: inode #2: comm syz.4.422: dir seems corrupt?  Run e2fsck -D.
[  274.576019][ T7172] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  274.606397][ T7614] EXT4-fs (loop4): Remounting filesystem read-only
[  274.762344][ T5813] usb 1-1: USB disconnect, device number 8
[  275.510639][ T5774] Bluetooth: hci0: command 0x0406 tx timeout
[  275.516707][ T5774] Bluetooth: hci1: command 0x0406 tx timeout
[  275.522983][ T5771] Bluetooth: hci3: command 0x0406 tx timeout
[  275.529004][ T5771] Bluetooth: hci2: command 0x0406 tx timeout
[  275.536484][ T5999] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  276.118508][ T7636] loop0: detected capacity change from 0 to 1024
[  276.186176][ T7636] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  276.198777][ T7636] ext4 filesystem being mounted at /103/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  276.212245][ T7636] EXT4-fs error (device loop0): ext4_lookup:1858: inode #15: comm syz.0.429: inode has both inline data and extents flags
[  276.253625][ T7636] EXT4-fs (loop0): Remounting filesystem read-only
[  276.303903][ T5775] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  277.017991][ T7646] 9pnet_fd: Insufficient options for proto=fd
[  277.586645][ T7646] syz.0.430 (7646) used greatest stack depth: 17096 bytes left
[  277.667749][ T7631] loop4: detected capacity change from 0 to 40427
[  277.742271][ T7631] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  277.760546][ T7631] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  277.862814][ T7631] F2FS-fs (loop4): Found nat_bits in checkpoint
[  278.022138][ T7655] loop0: detected capacity change from 0 to 2048
[  278.043091][ T7655] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  278.063205][ T7655] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  278.095915][ T7655] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 1)!
[  278.121790][ T7655] EXT4-fs (loop0): group descriptors corrupted!
[  278.141478][ T7631] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  278.169347][ T7631] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  279.213918][ T7670] loop3: detected capacity change from 0 to 1024
[  279.688451][ T7675] netlink: 72 bytes leftover after parsing attributes in process `syz.3.440'.
[  281.173441][ T7680] loop1: detected capacity change from 0 to 256
[  283.031999][ T7694] loop0: detected capacity change from 0 to 512
[  283.098433][ T7694] EXT4-fs (loop0): 1 truncate cleaned up
[  283.170792][ T7694] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  283.966663][ T7704] loop3: detected capacity change from 0 to 1024
[  284.097859][ T7172] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  284.152755][ T5775] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.520994][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  284.930600][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  285.016830][ T7710] loop4: detected capacity change from 0 to 512
[  285.023741][ T7710] EXT4-fs: Ignoring removed orlov option
[  285.125168][ T7710] EXT4-fs error (device loop4): ext4_orphan_get:1430: comm syz.4.451: bad orphan inode 67108864
[  285.137580][ T7710] EXT4-fs (loop4): Remounting filesystem read-only
[  285.144856][ T7710] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  285.157385][ T7710] ext4 filesystem being mounted at /89/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  285.353586][ T5999] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  289.017215][ T7722] loop0: detected capacity change from 0 to 8
[  291.456030][ T7728] loop3: detected capacity change from 0 to 40427
[  293.221982][ T7743] loop0: detected capacity change from 0 to 1024
[  293.338113][ T7743] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  293.423156][ T7743] ext4 filesystem being mounted at /112/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  293.506931][ T7743] EXT4-fs error (device loop0): ext4_lookup:1858: inode #15: comm syz.0.460: inode has both inline data and extents flags
[  293.597710][ T7743] EXT4-fs (loop0): Remounting filesystem read-only
[  294.442467][ T7762] loop3: detected capacity change from 0 to 256
[  294.842252][ T5775] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  294.941272][   T27] audit: type=1326 audit(1780428125.054:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7758 comm="syz.3.464" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42cab9ce59 code=0x7fc00000
[  295.948092][ T7768] netlink: 8 bytes leftover after parsing attributes in process `syz.0.465'.
[  296.055976][ T7768] netlink: 8 bytes leftover after parsing attributes in process `syz.0.465'.
[  297.868819][ T7788] loop0: detected capacity change from 0 to 1024
[  298.015565][ T7788] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  298.085242][ T7788] ext4 filesystem being mounted at /115/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  298.181142][ T7788] EXT4-fs error (device loop0): ext4_lookup:1858: inode #15: comm syz.0.473: inode has both inline data and extents flags
[  298.290649][ T7788] EXT4-fs (loop0): Remounting filesystem read-only
[  298.502209][ T5775] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  298.577713][ T7801] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  303.064135][ T7827] loop3: detected capacity change from 0 to 512
[  303.114770][ T7147] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  303.369706][ T7833] loop0: detected capacity change from 0 to 1024
[  303.501993][ T7833] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  303.551742][ T7833] ext4 filesystem being mounted at /118/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  304.239490][ T7829] EXT4-fs error (device loop0): ext4_lookup:1858: inode #15: comm syz.0.485: inode has both inline data and extents flags
[  304.305641][ T7829] EXT4-fs (loop0): Remounting filesystem read-only
[  304.384880][ T5775] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  304.454932][ T7840] loop3: detected capacity change from 0 to 256
[  304.581636][ T7842] loop0: detected capacity change from 0 to 1024
[  304.674698][ T7842] EXT4-fs: Ignoring removed bh option
[  304.691366][ T7842] ext4: Unknown parameter 'subj_role'
[  305.584632][ T7844] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  305.603010][ T7844] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  305.623068][ T7844] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  305.656600][ T7844] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  305.677504][ T7842] loop0: detected capacity change from 0 to 40427
[  305.716384][ T7842] F2FS-fs (loop0): inline encryption not supported
[  305.777457][ T7842] F2FS-fs (loop0): invalid crc value
[  305.824292][ T7842] F2FS-fs (loop0): Found nat_bits in checkpoint
[  306.184648][ T7842] F2FS-fs (loop0): Start checkpoint disabled!
[  306.232800][ T7842] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  307.106947][ T5774] Bluetooth: hci0: command 0x0406 tx timeout
[  307.630403][   T49] kworker/u4:3: attempt to access beyond end of device
[  307.630403][   T49] loop0: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  307.681108][ T5774] Bluetooth: hci1: command 0x0406 tx timeout
[  307.687271][ T5771] Bluetooth: hci2: command 0x0406 tx timeout
[  307.693545][ T5774] Bluetooth: hci3: command 0x0406 tx timeout
[  307.715633][   T49] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  307.754941][   T49] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  307.800564][   T49] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  308.553505][ T7858] loop4: detected capacity change from 0 to 512
[  308.560400][ T7858] EXT4-fs: Ignoring removed orlov option
[  308.626711][   T49] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  308.642802][ T7858] EXT4-fs error (device loop4): ext4_orphan_get:1430: comm syz.4.491: bad orphan inode 67108864
[  308.653936][ T7858] EXT4-fs (loop4): Remounting filesystem read-only
[  308.661210][ T7858] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  308.673862][ T7858] ext4 filesystem being mounted at /99/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  308.769909][ T5999] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  309.285768][ T7872] loop3: detected capacity change from 0 to 1024
[  309.365505][ T7147] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  310.798609][ T5773] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  310.936864][ T7875] loop0: detected capacity change from 0 to 40427
[  310.969687][ T7875] F2FS-fs (loop0): invalid crc value
[  310.990664][ T5773] usb 4-1: Using ep0 maxpacket: 16
[  310.999824][ T5773] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  311.015336][ T5773] usb 4-1: config 0 has no interfaces?
[  311.024589][ T7896] netlink: 104 bytes leftover after parsing attributes in process `syz.1.500'.
[  311.053091][ T5773] usb 4-1: New USB device found, idVendor=045e, idProduct=07c2, bcdDevice= 0.00
[  311.086493][ T5773] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  311.127087][ T5773] usb 4-1: config 0 descriptor??
[  311.148264][ T7875] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  311.204677][ T5775] syz-executor: attempt to access beyond end of device
[  311.204677][ T5775] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  311.239456][ T5775] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  312.571850][ T7902] loop1: detected capacity change from 0 to 256
[  313.187524][ T5807] usb 4-1: USB disconnect, device number 6
[  313.509455][ T7907] loop3: detected capacity change from 0 to 1024
[  314.527462][ T7926] loop0: detected capacity change from 0 to 128
[  314.547727][ T7926] EXT4-fs (loop0): Test dummy encryption mode enabled
[  314.595207][ T7926] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  314.609368][ T7926] ext4 filesystem being mounted at /125/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  318.881936][ T7945] loop3: detected capacity change from 0 to 8
[  320.059751][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  320.066649][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[  320.533807][ T7147] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  320.546343][ T5775] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  320.818844][ T7953] loop1: detected capacity change from 0 to 1024
[  320.891271][ T7953] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  320.925760][ T7957] netlink: 'syz.0.517': attribute type 1 has an invalid length.
[  320.940684][ T7957] netlink: 9 bytes leftover after parsing attributes in process `syz.0.517'.
[  320.951456][ T7953] ext4 filesystem being mounted at /132/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  320.993925][ T7953] EXT4-fs error (device loop1): ext4_lookup:1858: inode #15: comm syz.1.516: inode has both inline data and extents flags
[  321.050568][ T7953] EXT4-fs (loop1): Remounting filesystem read-only
[  321.153978][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  323.453943][ T7973] loop0: detected capacity change from 0 to 256
[  325.104960][ T7997] loop3: detected capacity change from 0 to 1024
[  327.586111][ T8010] loop1: detected capacity change from 0 to 256
[  327.724947][   T27] audit: type=1800 audit(1780428157.834:211): pid=8010 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.532" name="file1" dev="loop1" ino=1048643 res=0 errno=0
[  327.754013][ T8010] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  328.947327][ T8033] loop3: detected capacity change from 0 to 128
[  329.029904][ T7147] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  329.527248][ T8042] loop0: detected capacity change from 0 to 1024
[  329.619684][ T8042] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  329.760747][ T8042] ext4 filesystem being mounted at /129/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  329.843307][ T8042] EXT4-fs error (device loop0): ext4_lookup:1858: inode #15: comm syz.0.539: inode has both inline data and extents flags
[  329.909873][ T8042] EXT4-fs (loop0): Remounting filesystem read-only
[  330.044731][ T5775] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  330.838150][ T8062] Invalid argument reading file caps for ./file0
[  331.262848][ T8069] loop4: detected capacity change from 0 to 1024
[  331.331162][ T8069] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  332.630245][ T8076] loop3: detected capacity change from 0 to 256
[  332.694669][ T8078] loop0: detected capacity change from 0 to 128
[  332.701136][ T8072] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  332.713739][ T7147] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  332.891749][ T5999] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  334.175750][ T8089] loop3: detected capacity change from 0 to 1024
[  334.223177][ T8099] loop0: detected capacity change from 0 to 512
[  334.266343][ T8101] loop4: detected capacity change from 0 to 512
[  334.440446][ T8101] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  334.458558][ T8101] ext4 filesystem being mounted at /115/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  334.459088][ T8099] EXT4-fs (loop0): 1 truncate cleaned up
[  334.541914][ T8099] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  334.676813][ T8099] EXT4-fs error (device loop0): ext4_validate_block_bitmap:439: comm syz.0.556: bg 0: block 465: padding at end of block bitmap is not set
[  334.765171][ T8111] loop3: detected capacity change from 0 to 512
[  334.787286][ T8099] EXT4-fs (loop0): Remounting filesystem read-only
[  334.839787][ T5999] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  334.860714][ T8099] EXT4-fs (loop0): error restoring inline_data for inode -- potential data loss! (inode 15, error -5)
[  335.135072][ T5775] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  335.299502][ T8117] loop3: detected capacity change from 0 to 1024
[  335.310059][ T8117] EXT4-fs: Ignoring removed bh option
[  335.868028][ T8121] loop4: detected capacity change from 0 to 256
[  336.941824][ T5844] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  337.140652][ T5844] usb 1-1: Using ep0 maxpacket: 8
[  337.159306][ T5844] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  337.190742][ T5844] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 7
[  337.223308][ T5844] usb 1-1: New USB device found, idVendor=046d, idProduct=c211, bcdDevice= 0.00
[  337.246496][ T5844] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  337.284721][ T5844] usb 1-1: config 0 descriptor??
[  337.543051][ T5844] usbhid 1-1:0.0: can't add hid device: -71
[  337.549122][ T5844] usbhid: probe of 1-1:0.0 failed with error -71
[  337.596966][ T5844] usb 1-1: USB disconnect, device number 9
[  337.935777][ T8139] loop1: detected capacity change from 0 to 512
[  337.952639][ T8139] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  338.015927][ T8139] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  338.064739][ T8139] ext4 filesystem being mounted at /145/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  339.417608][ T8140] loop4: detected capacity change from 0 to 40427
[  339.990629][ T8140] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  339.998418][ T8140] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  340.137480][ T8140] F2FS-fs (loop4): Mismatch valid blocks 0 vs. 2
[  340.169639][ T8140] F2FS-fs (loop4): Failed to initialize F2FS segment manager (-117)
[  340.556098][ T8163] loop3: detected capacity change from 0 to 256
[  340.812721][ T7172] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  341.952880][ T8174] overlayfs: failed to clone lowerpath
[  343.767691][ T8180] loop4: detected capacity change from 0 to 40427
[  343.826281][ T8180] F2FS-fs (loop4): heap/no_heap options were deprecated
[  343.860797][ T8180] F2FS-fs (loop4): heap/no_heap options were deprecated
[  343.915576][ T8180] F2FS-fs (loop4): Unrecognized mount option "io_bits=00000000000000000010" or missing value
[  346.602378][ T8203] loop3: detected capacity change from 0 to 8
[  348.624877][ T8146] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  349.139111][ T8214] ip6erspan0: renamed from wg0 (while UP)
[  350.353983][ T8231] netlink: 104 bytes leftover after parsing attributes in process `syz.0.590'.
[  350.491085][ T8235] loop4: detected capacity change from 0 to 1024
[  350.509993][ T8235] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  350.523561][ T8235] JBD2: no valid journal superblock found
[  350.532283][ T8235] EXT4-fs (loop4): Could not load journal inode
[  355.105045][ T8240] loop0: detected capacity change from 0 to 8
[  355.185154][ T8240] SQUASHFS error: Failed to read block 0x4de: -5
[  355.193188][ T8240] SQUASHFS error: Failed to read block 0x4de: -5
[  355.214441][   T27] audit: type=1800 audit(1780428185.304:212): pid=8240 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.592" name="file1" dev="loop0" ino=5 res=0 errno=0
[  356.214521][ T8258] mmap: syz.4.598 (8258) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  357.525987][ T5086] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  357.550871][ T5086] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  357.561643][ T5086] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  357.574388][ T5086] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  357.609417][ T5086] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  357.618014][ T5086] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  357.690629][ T8269] netlink: 104 bytes leftover after parsing attributes in process `syz.3.601'.
[  358.211669][ T8265] chnl_net:caif_netlink_parms(): no params data found
[  358.465039][ T8265] bridge0: port 1(bridge_slave_0) entered blocking state
[  358.510789][ T8265] bridge0: port 1(bridge_slave_0) entered disabled state
[  358.518070][ T8265] bridge_slave_0: entered allmulticast mode
[  358.591950][ T8265] bridge_slave_0: entered promiscuous mode
[  359.285734][ T8265] bridge0: port 2(bridge_slave_1) entered blocking state
[  363.622601][ T8284] loop3: detected capacity change from 0 to 8
[  364.224258][ T5086] Bluetooth: hci4: command tx timeout
[  364.266026][ T8288] loop0: detected capacity change from 0 to 512
[  364.275315][ T8288] EXT4-fs: Ignoring removed orlov option
[  364.479224][ T8265] bridge0: port 2(bridge_slave_1) entered disabled state
[  364.721950][ T8265] bridge_slave_1: entered allmulticast mode
[  364.774075][ T8265] bridge_slave_1: entered promiscuous mode
[  364.805306][ T8288] EXT4-fs warning (device loop0): ext4_multi_mount_protect:398: Unable to create kmmpd thread for loop0.
[  365.012748][ T8265] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  365.093056][ T8265] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  365.188345][ T8265] team0: Port device team_slave_0 added
[  365.224117][ T8265] team0: Port device team_slave_1 added
[  365.345578][ T8265] batman_adv: batadv0: Adding interface: batadv_slave_0
[  365.381615][ T8265] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  365.465752][ T8265] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  365.496768][ T8265] batman_adv: batadv0: Adding interface: batadv_slave_1
[  365.520835][ T8265] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  366.140002][ T8265] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  366.327409][ T5086] Bluetooth: hci4: command tx timeout
[  366.505952][ T8265] hsr_slave_0: entered promiscuous mode
[  366.525319][ T8265] hsr_slave_1: entered promiscuous mode
[  366.565614][ T8265] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  366.582399][ T8265] Cannot create hsr debugfs directory
[  366.637817][ T8301] loop0: detected capacity change from 0 to 1024
[  366.667863][ T8301] EXT4-fs: Ignoring removed bh option
[  366.738714][ T8301] EXT4-fs (loop0): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  366.813684][ T8301] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  366.959378][ T8308] loop4: detected capacity change from 0 to 8
[  367.016106][ T8308] squashfs: Unknown parameter 'þ'
[  367.702665][ T8313] netlink: 104 bytes leftover after parsing attributes in process `syz.3.611'.
[  368.233109][ T8265] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  368.269702][ T8316] loop3: detected capacity change from 0 to 128
[  368.303962][ T8265] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  368.363458][ T8265] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  368.390855][ T5086] Bluetooth: hci4: command tx timeout
[  368.405554][ T8265] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  368.755340][ T7147] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  368.834674][ T5775] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  369.164943][ T8265] 8021q: adding VLAN 0 to HW filter on device bond0
[  370.750327][   T23] usb 4-1: new full-speed USB device number 7 using dummy_hcd
[  370.757952][ T5086] Bluetooth: hci4: command tx timeout
[  372.473791][ T8322] loop0: detected capacity change from 0 to 8
[  373.202185][ T8265] 8021q: adding VLAN 0 to HW filter on device team0
[  373.392342][   T23] usb 4-1: device descriptor read/all, error -71
[  373.647464][   T49] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  374.516651][ T3428] bridge0: port 1(bridge_slave_0) entered blocking state
[  374.523864][ T3428] bridge0: port 1(bridge_slave_0) entered forwarding state
[  374.563282][ T3428] bridge0: port 2(bridge_slave_1) entered blocking state
[  374.570657][ T3428] bridge0: port 2(bridge_slave_1) entered forwarding state
[  374.659846][ T8265] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  374.728362][   T49] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  374.848768][   T49] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  374.967323][    T9] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  378.358842][ T8348] loop3: detected capacity change from 0 to 8
[  378.741190][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  378.752551][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[  378.765610][   T49] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  379.065568][ T7147] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  379.282184][    T9] usb 5-1: device not accepting address 4, error -71
[  379.327931][ T8355] loop4: detected capacity change from 0 to 512
[  379.376616][ T8355] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  379.389293][ T8355] ext4 filesystem being mounted at /135/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  379.411893][ T8355] Quota error (device loop4): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8
[  379.423101][ T8355] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  379.433183][ T8355] EXT4-fs error (device loop4): ext4_acquire_dquot:6953: comm syz.4.622: Failed to acquire dquot type 0
[  379.573014][ T8355] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000d40000 ro.
[  379.641977][ T8265] 8021q: adding VLAN 0 to HW filter on device batadv0
[  379.669010][ T8355] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  380.980631][   T49] tipc: Disabling bearer <udp:syz2>
[  380.997732][   T49] tipc: Left network mode
[  382.250000][ T8265] veth0_vlan: entered promiscuous mode
[  382.368701][ T8265] veth1_vlan: entered promiscuous mode
[  386.993394][ T5813] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  387.294521][ T8265] veth0_macvtap: entered promiscuous mode
[  387.325539][ T8265] veth1_macvtap: entered promiscuous mode
[  387.493689][ T8265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  387.550621][ T8265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  387.582871][ T8265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  387.615388][ T8265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  387.661381][ T8265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  387.688777][ T8265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  387.720691][ T8265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  387.777272][ T8265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  387.818148][ T8265] batman_adv: batadv0: Interface activated: batadv_slave_0
[  388.678782][ T8265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  388.701975][ T8265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  388.750848][ T8265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  388.762873][ T8265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  388.773739][ T8265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  388.805099][ T8265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  388.825298][ T8265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  388.960056][ T8265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  388.974032][ T8265] batman_adv: batadv0: Interface activated: batadv_slave_1
[  393.973515][ T8265] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  393.988851][ T8456] loop0: detected capacity change from 0 to 256
[  394.020671][ T8265] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  394.035547][ T8265] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  394.060741][ T8265] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  394.180729][ T8456] FAT-fs (loop0): Directory bread(block 64) failed
[  394.271328][ T8456] FAT-fs (loop0): Directory bread(block 65) failed
[  394.278061][ T8456] FAT-fs (loop0): Directory bread(block 66) failed
[  394.395012][ T8456] FAT-fs (loop0): Directory bread(block 67) failed
[  394.421148][ T8456] FAT-fs (loop0): Directory bread(block 68) failed
[  394.467340][ T8456] FAT-fs (loop0): Directory bread(block 69) failed
[  394.498901][ T8456] FAT-fs (loop0): Directory bread(block 70) failed
[  394.520894][ T8456] FAT-fs (loop0): Directory bread(block 71) failed
[  394.538432][ T8456] FAT-fs (loop0): Directory bread(block 72) failed
[  394.558435][ T8456] FAT-fs (loop0): Directory bread(block 73) failed
[  397.706470][   T41] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  397.726934][   T41] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  397.998855][   T41] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  398.016627][ T8510] gretap0: entered promiscuous mode
[  398.036923][   T41] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  398.225535][   T49] hsr_slave_0: left promiscuous mode
[  398.234414][ T8519] loop0: detected capacity change from 0 to 128
[  398.281851][ T8519] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  398.301699][ T8519] ext4 filesystem being mounted at /158/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  398.318582][   T49] hsr_slave_1: left promiscuous mode
[  398.381489][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  398.396830][   T49] batman_adv: batadv0: Removing interface: batadv_slave_0
[  398.407272][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  398.418918][   T49] batman_adv: batadv0: Removing interface: batadv_slave_1
[  398.427206][   T49] bridge_slave_1: left allmulticast mode
[  398.433324][   T49] bridge_slave_1: left promiscuous mode
[  398.439185][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[  398.494519][   T49] bridge_slave_0: left allmulticast mode
[  399.178339][   T49] bridge_slave_0: left promiscuous mode
[  399.184384][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[  399.281146][   T49] veth1_macvtap: left promiscuous mode
[  399.286751][   T49] veth0_macvtap: left promiscuous mode
[  399.297857][   T49] veth1_vlan: left promiscuous mode
[  399.303961][   T49] veth0_vlan: left promiscuous mode
[  399.330398][ T8534] loop3: detected capacity change from 0 to 512
[  399.374217][ T8462] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  399.395380][ T5775] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  401.803668][ T8538] loop0: detected capacity change from 0 to 8192
[  404.703231][   T49] team0 (unregistering): Port device team_slave_1 removed
[  404.802370][   T49] team0 (unregistering): Port device team_slave_0 removed
[  404.897869][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  404.979807][   T49] bond0 (unregistering): (slave 
3
0
): Releasing backup interface
[  405.721791][   T49] bond0 (unregistering): Released all slaves
[  407.331355][ T8580] netlink: 16 bytes leftover after parsing attributes in process `syz.3.669'.
[  407.710893][ T8593] netlink: 16 bytes leftover after parsing attributes in process `syz.4.676'.
[  409.299533][ T8618] loop0: detected capacity change from 0 to 512
[  409.385081][ T8618] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  409.397818][ T8618] ext4 filesystem being mounted at /165/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  409.414574][ T8618] Quota error (device loop0): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8
[  409.425899][ T8618] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  409.436970][ T8618] EXT4-fs error (device loop0): ext4_acquire_dquot:6953: comm syz.0.674: Failed to acquire dquot type 0
[  409.568450][ T8618] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000d40000 ro.
[  409.924763][ T5775] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  410.086339][ T8628] loop0: detected capacity change from 0 to 8
[  410.119916][ T8628] squashfs: Unknown parameter 'þ'
[  411.006414][ T8642] loop3: detected capacity change from 0 to 512
[  411.293219][ T8650] loop5: detected capacity change from 0 to 512
[  411.390687][ T8650] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  411.550751][ T8650] ext4 filesystem being mounted at /1/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  411.737319][ T8661] loop0: detected capacity change from 0 to 512
[  411.744702][ T8661] ext4: Unknown parameter 'context'
[  412.815532][ T8573] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  414.881569][ T8265] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  417.187085][ T8694] loop3: detected capacity change from 0 to 512
[  417.279882][ T8573] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  418.308957][ T8713] loop5: detected capacity change from 0 to 256
[  418.697636][ T8723] loop5: detected capacity change from 0 to 512
[  418.833483][ T8723] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  419.385702][ T8265] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  419.440558][ T8740] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  421.714410][ T8746] loop3: detected capacity change from 0 to 512
[  421.721422][ T8746] EXT4-fs: Ignoring removed orlov option
[  421.852449][ T8573] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  422.382445][ T8760] loop5: detected capacity change from 0 to 512
[  423.401545][ T8760] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  423.414645][ T8760] ext4 filesystem being mounted at /6/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  424.832859][ T8265] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  425.886905][ T8787] netlink: 104 bytes leftover after parsing attributes in process `syz.0.701'.
[  426.187164][ T5773] usb 6-1: new low-speed USB device number 2 using dummy_hcd
[  426.230721][ T8789] loop3: detected capacity change from 0 to 512
[  426.312765][ T8573] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  426.396115][ T5773] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  426.433161][ T5773] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 8
[  426.478629][ T8796] loop0: detected capacity change from 0 to 256
[  426.480466][ T5773] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  426.548729][ T5773] usb 6-1: New USB device found, idVendor=056e, idProduct=010c, bcdDevice= 0.00
[  426.582885][ T5773] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  426.636977][ T5773] usb 6-1: config 0 descriptor??
[  426.654819][ T8775] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  426.694993][ T8796] FAT-fs (loop0): Directory bread(block 64) failed
[  426.780597][ T8796] FAT-fs (loop0): Directory bread(block 65) failed
[  426.854445][ T8796] FAT-fs (loop0): Directory bread(block 66) failed
[  426.896339][ T8796] FAT-fs (loop0): Directory bread(block 67) failed
[  426.918376][ T8796] FAT-fs (loop0): Directory bread(block 68) failed
[  426.945478][ T8796] FAT-fs (loop0): Directory bread(block 69) failed
[  426.949277][ T8801] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off.
[  427.001604][ T8796] FAT-fs (loop0): Directory bread(block 70) failed
[  427.011079][ T8801] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  427.038724][ T8796] FAT-fs (loop0): Directory bread(block 71) failed
[  427.077783][ T8796] FAT-fs (loop0): Directory bread(block 72) failed
[  427.133714][ T5773] elecom 0003:056E:010C.0002: unknown main item tag 0x3
[  427.142698][ T8796] FAT-fs (loop0): Directory bread(block 73) failed
[  427.167378][ T5773] elecom 0003:056E:010C.0002: unknown main item tag 0x0
[  427.200487][ T5773] elecom 0003:056E:010C.0002: unknown main item tag 0x0
[  427.207513][ T5773] elecom 0003:056E:010C.0002: unknown main item tag 0x0
[  427.250694][ T5773] elecom 0003:056E:010C.0002: unknown main item tag 0x0
[  427.257726][ T5773] elecom 0003:056E:010C.0002: unknown main item tag 0x0
[  427.941667][ T5773] elecom 0003:056E:010C.0002: unknown main item tag 0x0
[  427.948707][ T5773] elecom 0003:056E:010C.0002: unknown main item tag 0x0
[  427.957196][ T5773] elecom 0003:056E:010C.0002: unknown main item tag 0x0
[  428.032659][ T5773] elecom 0003:056E:010C.0002: hidraw0: USB HID v0.04 Device [HID 056e:010c] on usb-dummy_hcd.5-1/input0
[  428.152674][ T8813] loop3: detected capacity change from 0 to 8
[  428.181462][ T8813] squashfs: Unknown parameter 'þ'
[  428.362596][ T5813] usb 6-1: USB disconnect, device number 2
[  428.371658][ T8811] fido_id[8811]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/6-1/report_descriptor': No such file or directory
[  429.308806][ T8837] netlink: 104 bytes leftover after parsing attributes in process `syz.5.710'.
[  429.473308][ T8840] loop3: detected capacity change from 0 to 16
[  429.557456][ T8840] erofs: (device loop3): mounted with root inode @ nid 36.
[  429.745505][ T8840] syz.3.711: attempt to access beyond end of device
[  429.745505][ T8840] loop3: rw=0, sector=48, nr_sectors = 16 limit=16
[  430.134036][ T8852] loop5: detected capacity change from 0 to 128
[  430.141668][ T8852] FAT-fs (loop5): Unrecognized mount option "ÿÿ0x000000000000ee00" or missing value
[  430.219635][ T8571] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  430.610826][ T8861] netlink: 8 bytes leftover after parsing attributes in process `syz.3.716'.
[  431.874932][ T8875] loop3: detected capacity change from 0 to 8
[  432.014887][ T8875] squashfs: Unknown parameter 'þ'
[  432.977816][ T8885] loop5: detected capacity change from 0 to 512
[  432.987116][ T8885] EXT4-fs: Ignoring removed orlov option
[  433.067167][ T8885] EXT4-fs error (device loop5): ext4_orphan_get:1430: comm syz.5.717: bad orphan inode 67108864
[  433.082425][ T8885] EXT4-fs (loop5): Remounting filesystem read-only
[  433.099187][ T8885] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  433.115270][ T8885] ext4 filesystem being mounted at /12/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  434.192568][ T8265] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  434.801006][ T8909] netlink: 16 bytes leftover after parsing attributes in process `syz.0.724'.
[  436.427413][ T8928] loop5: detected capacity change from 0 to 512
[  436.478871][ T8928] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  437.325470][ T8928] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #16: comm syz.5.722: invalid indirect mapped block 4294967295 (level 0)
[  437.382604][ T8928] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #16: comm syz.5.722: invalid indirect mapped block 4294967295 (level 1)
[  437.473565][ T8928] EXT4-fs (loop5): 1 orphan inode deleted
[  437.499772][ T8928] EXT4-fs (loop5): 1 truncate cleaned up
[  437.555776][ T8928] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  437.797207][ T8928] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  437.945640][ T8265] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  440.003563][ T8967] loop5: detected capacity change from 0 to 1024
[  440.031800][ T8967] EXT4-fs: Ignoring removed bh option
[  440.121991][ T8967] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  440.166723][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  440.174230][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[  440.268598][ T8967] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  441.423195][ T8265] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  441.558105][ T8982] loop0: detected capacity change from 0 to 512
[  441.618618][ T8982] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  441.708905][ T8982] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  441.807900][ T8982] ext4 filesystem being mounted at /179/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  442.059522][ T5775] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  445.065102][ T9012] loop0: detected capacity change from 0 to 512
[  445.121099][ T9012] EXT4-fs: Ignoring removed orlov option
[  445.221166][ T9029] netlink: 104 bytes leftover after parsing attributes in process `syz.4.751'.
[  445.272706][ T9012] EXT4-fs error (device loop0): ext4_orphan_get:1430: comm syz.0.747: bad orphan inode 67108864
[  445.349137][ T9012] EXT4-fs (loop0): Remounting filesystem read-only
[  445.395581][ T9012] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  445.436968][ T9012] ext4 filesystem being mounted at /181/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  445.562837][ T5775] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  445.924458][ T9043] netlink: 8 bytes leftover after parsing attributes in process `syz.3.754'.
[  447.651626][ T9055] loop3: detected capacity change from 0 to 1024
[  447.708366][ T8573] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  448.745580][ T9072] netlink: 104 bytes leftover after parsing attributes in process `syz.3.761'.
[  449.392518][ T9092] loop0: detected capacity change from 0 to 8
[  449.412262][ T9092] squashfs: Unknown parameter 'þ'
[  450.104238][ T9080] loop5: detected capacity change from 0 to 40427
[  450.139632][ T9080] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  450.181223][ T9080] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  451.022493][ T9080] F2FS-fs (loop5): Found nat_bits in checkpoint
[  451.113822][ T9120] loop3: detected capacity change from 0 to 1024
[  451.205793][ T9080] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  451.229368][ T9080] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  451.369754][ T9080] syz.5.764: attempt to access beyond end of device
[  451.369754][ T9080] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  452.110192][ T9080] syz.5.764: attempt to access beyond end of device
[  452.110192][ T9080] loop5: rw=0, sector=45096, nr_sectors = 8 limit=40427
[  452.770589][    T9] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  453.785304][ T8265] syz-executor: attempt to access beyond end of device
[  453.785304][ T8265] loop5: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  454.192357][ T8265] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  455.552902][    T9] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 64, changing to 7
[  455.592635][    T9] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 250, changing to 7
[  455.941103][    T9] usb 4-1: New USB device found, idVendor=2a39, idProduct=3fd4, bcdDevice= 0.40
[  455.999518][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  456.050481][    T9] usb 4-1: Product: syz
[  456.054699][    T9] usb 4-1: Manufacturer: syz
[  456.059302][    T9] usb 4-1: SerialNumber: syz
[  456.866935][ T9146] loop0: detected capacity change from 0 to 256
[  456.983185][ T9146] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x39601bbf, utbl_chksum : 0xe619d30d)
[  457.250822][    T9] usb 4-1: 1:1 : UAC_AS_GENERAL descriptor not found
[  457.340633][    T9] usb 4-1: unit 6 not found!
[  457.387882][    T9] usb 4-1: USB disconnect, device number 9
[  457.476481][ T8573] udevd[8573]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  457.609624][ T9167] loop5: detected capacity change from 0 to 1024
[  458.096870][ T9167] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  458.182760][ T9171] loop3: detected capacity change from 0 to 512
[  458.750492][ T8571] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  459.219870][ T9179] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  459.384757][ T8265] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  459.820753][   T23] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  460.040547][   T23] usb 6-1: Using ep0 maxpacket: 32
[  460.041366][ T9211] loop0: detected capacity change from 0 to 512
[  460.063222][ T9211] EXT4-fs: Ignoring removed bh option
[  460.075546][ T9211] EXT4-fs: inline encryption not supported
[  460.140692][ T9211] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  460.619609][ T9199] loop5: detected capacity change from 0 to 4096
[  460.661414][ T9211] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1154: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  460.685813][ T9199] EXT4-fs: inline encryption not supported
[  460.773253][ T9199] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  460.785604][ T9211] EXT4-fs error (device loop0): ext4_validate_block_bitmap:439: comm syz.0.791: bg 0: block 248: padding at end of block bitmap is not set
[  460.844678][ T9199] EXT4-fs (loop5): Test dummy encryption mode enabled
[  460.858638][ T9211] Quota error (device loop0): write_blk: dquota write failed
[  460.866583][ T9211] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[  460.876946][ T9211] EXT4-fs error (device loop0): ext4_acquire_dquot:6953: comm syz.0.791: Failed to acquire dquot type 1
[  460.887041][ T9199] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  461.009467][ T9211] EXT4-fs (loop0): 1 truncate cleaned up
[  461.049062][ T9211] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[  462.059564][   T23] usb 6-1: unable to get BOS descriptor or descriptor too short
[  462.081172][   T23] usb 6-1: unable to read config index 0 descriptor/start: -71
[  462.099961][   T23] usb 6-1: can't read configurations, error -71
[  462.115485][ T5775] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[  462.175445][ T3411] Quota error (device loop0): do_check_range: Getting block 0 out of range 1-5
[  462.190809][ T3411] EXT4-fs error (device loop0): ext4_release_dquot:6989: comm kworker/u4:7: Failed to release dquot type 1
[  462.622297][ T8265] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  462.870649][ T8490] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  463.005675][ T9246] netlink: 104 bytes leftover after parsing attributes in process `syz.5.804'.
[  463.050577][ T8490] usb 1-1: Using ep0 maxpacket: 32
[  463.063321][ T8490] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  463.091481][ T8490] usb 1-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= a.f5
[  463.130744][ T8490] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  463.138797][ T8490] usb 1-1: Product: syz
[  463.153203][ T8490] usb 1-1: Manufacturer: syz
[  463.157831][ T8490] usb 1-1: SerialNumber: syz
[  463.222257][ T8490] usb 1-1: config 0 descriptor??
[  463.239502][ T9250] loop5: detected capacity change from 0 to 512
[  463.253315][ T8490] usb 1-1: Quirk or no altest; falling back to MIDI 1.0
[  463.324851][ T8490] snd-usb-audio: probe of 1-1:0.0 failed with error -2
[  463.334269][ T9250] EXT4-fs error (device loop5): ext4_orphan_get:1404: inode #15: comm syz.5.805: iget: bad i_size value: 38620345925642
[  463.352091][ T8573] udevd[8573]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  463.427365][ T9250] EXT4-fs error (device loop5): ext4_orphan_get:1409: comm syz.5.805: couldn't read orphan inode 15 (err -117)
[  463.479808][ T9250] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  463.835317][ T5773] usb 1-1: USB disconnect, device number 11
[  463.903886][ T9261] EXT4-fs error (device loop5): ext4_validate_block_bitmap:430: comm syz.5.805: bg 0: block 5: invalid block bitmap
[  463.942581][ T9261] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 8 with error 28
[  463.955577][ T9261] EXT4-fs (loop5): This should not happen!! Data will be lost
[  463.955577][ T9261] 
[  463.966464][ T9261] EXT4-fs (loop5): Total free blocks count 0
[  463.973071][ T9261] EXT4-fs (loop5): Free/Dirty block details
[  463.980653][ T9261] EXT4-fs (loop5): free_blocks=0
[  463.985709][ T9261] EXT4-fs (loop5): dirty_blocks=740
[  463.992261][ T9261] EXT4-fs (loop5): Block reservation details
[  463.999364][ T9261] EXT4-fs (loop5): i_reserved_data_blocks=740
[  465.011605][ T3411] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 8 with max blocks 732 with error 28
[  465.237111][ T9274] loop5: detected capacity change from 0 to 8
[  465.269371][ T9274] squashfs: Unknown parameter 'þ'
[  465.371824][ T8573] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  465.798054][ T9280] netlink: 104 bytes leftover after parsing attributes in process `syz.4.815'.
[  465.998156][ T9283] loop0: detected capacity change from 0 to 512
[  466.111386][ T9283] EXT4-fs: Ignoring removed orlov option
[  467.262135][ T9283] EXT4-fs error (device loop0): ext4_orphan_get:1430: comm syz.0.812: bad orphan inode 67108864
[  467.300688][ T9283] EXT4-fs (loop0): Remounting filesystem read-only
[  467.328021][ T9283] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  467.409977][ T9283] ext4 filesystem being mounted at /196/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  468.112043][ T5775] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  469.191121][ T9321] netlink: 104 bytes leftover after parsing attributes in process `syz.0.826'.
[  470.537194][ T9335] loop0: detected capacity change from 0 to 512
[  470.689739][ T9335] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  470.702367][ T9335] ext4 filesystem being mounted at /198/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  470.774464][ T9342] netlink: 24 bytes leftover after parsing attributes in process `syz.4.833'.
[  471.363539][ T9335] Quota error (device loop0): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8
[  471.374231][ T9335] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  471.384415][ T9335] EXT4-fs error (device loop0): ext4_acquire_dquot:6953: comm syz.0.832: Failed to acquire dquot type 0
[  471.578149][ T9335] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000d40000 ro.
[  471.628885][ T9335] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  472.271190][ T9353] netlink: 104 bytes leftover after parsing attributes in process `syz.4.840'.
[  474.348874][ T9376] netlink: 24 bytes leftover after parsing attributes in process `syz.5.843'.
[  475.805544][ T9390] loop5: detected capacity change from 0 to 1024
[  475.870942][ T9389] netlink: 104 bytes leftover after parsing attributes in process `syz.0.850'.
[  476.081328][ T9390] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  476.430704][ T9409] netlink: 24 bytes leftover after parsing attributes in process `syz.4.856'.
[  478.659473][ T9405] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  479.674160][ T8265] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  481.405104][ T9435] loop5: detected capacity change from 0 to 128
[  481.535270][ T9435] syz.5.867: attempt to access beyond end of device
[  481.535270][ T9435] loop5: rw=2049, sector=138, nr_sectors = 112 limit=128
[  481.692530][ T9435] syz.5.867: attempt to access beyond end of device
[  481.692530][ T9435] loop5: rw=2049, sector=138, nr_sectors = 8 limit=128
[  482.685080][ T9453] loop5: detected capacity change from 0 to 256
[  483.220979][ T5086] Bluetooth: hci4: command 0x0406 tx timeout
[  483.826504][ T9467] netlink: 104 bytes leftover after parsing attributes in process `syz.5.878'.
[  484.056286][ T9473] loop5: detected capacity change from 0 to 512
[  484.088597][ T9473] EXT4-fs: Ignoring removed i_version option
[  484.951851][ T9473] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  485.045097][ T9473] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  485.074630][ T9473] ext4 filesystem being mounted at /48/file7 supports timestamps until 2038-01-19 (0x7fffffff)
[  485.419199][ T9473] EXT4-fs error (device loop5): ext4_dx_csum_verify:502: inode #2: comm syz.5.881: dir seems corrupt?  Run e2fsck -D.
[  485.592531][ T9488] EXT4-fs error (device loop5): ext4_validate_block_bitmap:421: comm ext4lazyinit: bg 0: bad block bitmap checksum
[  485.675204][ T9488] EXT4-fs (loop5): Remounting filesystem read-only
[  485.717417][ T9473] EXT4-fs (loop5): Remounting filesystem read-only
[  486.162745][ T8265] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  486.293716][ T9500] netlink: 104 bytes leftover after parsing attributes in process `syz.0.891'.
[  488.681715][ T9530] netlink: 104 bytes leftover after parsing attributes in process `syz.5.902'.
[  489.272912][ T9546] loop5: detected capacity change from 0 to 256
[  490.669082][ T9561] netlink: 104 bytes leftover after parsing attributes in process `syz.5.914'.
[  491.012002][ T9566] loop5: detected capacity change from 0 to 2048
[  491.142744][ T9566] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  491.801248][ T9574] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  493.385661][   T59] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  493.418074][   T59] EXT4-fs (loop5): This should not happen!! Data will be lost
[  493.418074][   T59] 
[  493.450555][   T59] EXT4-fs (loop5): Total free blocks count 0
[  493.474109][   T59] EXT4-fs (loop5): Free/Dirty block details
[  493.500546][   T59] EXT4-fs (loop5): free_blocks=4096
[  493.505811][   T59] EXT4-fs (loop5): dirty_blocks=64
[  493.519905][   T59] EXT4-fs (loop5): Block reservation details
[  493.536296][   T59] EXT4-fs (loop5): i_reserved_data_blocks=4
[  493.572684][   T11] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 45 with error 28
[  494.011274][ T9606] netlink: 104 bytes leftover after parsing attributes in process `syz.5.929'.
[  496.979651][ T9628] overlayfs: overlapping lowerdir path
[  499.494206][ T9656] loop5: detected capacity change from 0 to 256
[  502.581667][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  502.588011][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[  504.328524][ T9675] loop5: detected capacity change from 0 to 8
[  507.237385][ T9704] netlink: 24 bytes leftover after parsing attributes in process `syz.0.961'.
[  509.382611][ T9717] netlink: 24 bytes leftover after parsing attributes in process `syz.0.971'.
[  521.739817][ T9813] loop5: detected capacity change from 0 to 256
[  523.118645][ T9826] loop5: detected capacity change from 0 to 1024
[  523.203864][ T9826] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  524.254953][ T9831] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  524.569238][ T8265] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  525.980649][ T9854] loop5: detected capacity change from 0 to 256
[  539.087532][ T9934] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1027'.
[  541.211019][   T27] audit: type=1326 audit(1780428371.284:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9949 comm="syz.3.1034" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42cab9ce59 code=0x7ffc0000
[  542.035451][   T27] audit: type=1326 audit(1780428371.284:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9949 comm="syz.3.1034" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42cab9ce59 code=0x7ffc0000
[  542.478953][  T787] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  542.520457][   T27] audit: type=1326 audit(1780428371.284:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9949 comm="syz.3.1034" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f42cab9ce59 code=0x7ffc0000
[  542.570538][   T27] audit: type=1326 audit(1780428371.284:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9949 comm="syz.3.1034" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42cab9ce59 code=0x7ffc0000
[  542.640780][   T27] audit: type=1326 audit(1780428371.284:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9949 comm="syz.3.1034" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42cab9ce59 code=0x7ffc0000
[  542.700673][   T27] audit: type=1326 audit(1780428371.284:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9949 comm="syz.3.1034" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=191 compat=0 ip=0x7f42cab9ce59 code=0x7ffc0000
[  542.724778][  T787] usb 6-1: Using ep0 maxpacket: 8
[  542.738403][  T787] usb 6-1: config 1 has an invalid interface number: 216 but max is 0
[  542.759582][  T787] usb 6-1: config 1 has no interface number 0
[  542.783020][  T787] usb 6-1: config 1 interface 216 has no altsetting 0
[  542.792781][   T27] audit: type=1326 audit(1780428371.284:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9949 comm="syz.3.1034" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42cab9ce59 code=0x7ffc0000
[  542.802403][  T787] usb 6-1: New USB device found, idVendor=03f0, idProduct=1efa, bcdDevice=d9.f7
[  542.922560][ T9965] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1037'.
[  542.945239][  T787] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  542.988540][  T787] usb 6-1: Product: syz
[  543.022792][  T787] usb 6-1: Manufacturer: syz
[  543.074091][   T27] audit: type=1326 audit(1780428371.284:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9949 comm="syz.3.1034" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42cab9ce59 code=0x7ffc0000
[  543.127514][  T787] usb 6-1: SerialNumber: syz
[  543.518971][  T787] usb 6-1: can't set config #1, error -71
[  543.548431][  T787] usb 6-1: USB disconnect, device number 5
[  543.554816][   T27] audit: type=1326 audit(1780428371.284:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9949 comm="syz.3.1034" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f42cab9ce59 code=0x7ffc0000
[  543.610537][   T27] audit: type=1326 audit(1780428371.284:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9949 comm="syz.3.1034" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42cab9ce59 code=0x7ffc0000
[  546.931957][   T27] kauditd_printk_skb: 1 callbacks suppressed
[  546.931999][   T27] audit: type=1326 audit(1780428376.834:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9991 comm="syz.0.1045" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8080f9ce59 code=0x7ffc0000
[  547.665729][   T27] audit: type=1326 audit(1780428376.834:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9991 comm="syz.0.1045" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8080f9ce59 code=0x7ffc0000
[  547.805078][   T27] audit: type=1326 audit(1780428376.834:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9991 comm="syz.0.1045" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8080f9ce59 code=0x7ffc0000
[  547.920026][   T27] audit: type=1326 audit(1780428376.834:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9991 comm="syz.0.1045" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8080f9ce59 code=0x7ffc0000
[  548.049026][   T27] audit: type=1326 audit(1780428376.834:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9991 comm="syz.0.1045" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8080f9ce59 code=0x7ffc0000
[  548.164822][   T27] audit: type=1326 audit(1780428376.834:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9991 comm="syz.0.1045" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=191 compat=0 ip=0x7f8080f9ce59 code=0x7ffc0000
[  548.264736][   T27] audit: type=1326 audit(1780428376.834:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9991 comm="syz.0.1045" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8080f9ce59 code=0x7ffc0000
[  548.352425][   T27] audit: type=1326 audit(1780428376.834:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9991 comm="syz.0.1045" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8080f9ce59 code=0x7ffc0000
[  548.445602][   T27] audit: type=1326 audit(1780428376.834:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9991 comm="syz.0.1045" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f8080f9ce59 code=0x7ffc0000
[  548.534858][   T27] audit: type=1326 audit(1780428376.834:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9991 comm="syz.0.1045" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8080f9ce59 code=0x7ffc0000
[  553.740149][T10063] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1070'.
[  554.609881][T10069] loop5: detected capacity change from 0 to 1024
[  554.678957][T10069] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  555.580772][T10075] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  555.653311][ T8265] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  556.227535][T10087] loop5: detected capacity change from 0 to 512
[  556.238126][T10087] ext4: Unknown parameter 'context'
[  559.994795][T10104] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1082'.
[  562.081512][T10127] loop5: detected capacity change from 0 to 512
[  562.088919][T10127] ext4: Unknown parameter 'context'
[  562.195487][T10019] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  563.035354][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  563.041825][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[  567.363467][T10179] loop5: detected capacity change from 0 to 512
[  567.374398][T10179] ext4: Unknown parameter 'context'
[  568.025721][T10019] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  571.204925][T10212] loop5: detected capacity change from 0 to 256
[  571.269385][T10212] exfat: Deprecated parameter 'utf8'
[  571.330879][T10212] exfat: Deprecated parameter 'utf8'
[  571.336374][T10212] exfat: Deprecated parameter 'utf8'
[  571.398189][T10212] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[  583.050892][T10305] netlink: 'syz.3.1147': attribute type 12 has an invalid length.
[  583.100590][T10305] netlink: 'syz.3.1147': attribute type 29 has an invalid length.
[  583.108472][T10305] netlink: 148 bytes leftover after parsing attributes in process `syz.3.1147'.
[  583.564754][T10313] raw_sendmsg: syz.5.1150 forgot to set AF_INET. Fix it!
[  585.528424][T10351] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  588.745352][T10392] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1179'.
[  588.931271][T10396] loop5: detected capacity change from 0 to 1024
[  589.051775][T10396] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  589.140275][T10396] ext4 filesystem being mounted at /117/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  589.301833][T10396] EXT4-fs error (device loop5): ext4_lookup:1858: inode #15: comm syz.5.1180: inode has both inline data and extents flags
[  589.428025][T10396] EXT4-fs (loop5): Remounting filesystem read-only
[  589.833009][ T8265] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  590.076573][T10425] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1189'.
[  590.135542][T10427] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  592.238863][T10438] loop5: detected capacity change from 0 to 1024
[  592.332301][T10438] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  592.416815][T10438] ext4 filesystem being mounted at /119/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  592.442854][T10438] EXT4-fs error (device loop5): ext4_lookup:1858: inode #15: comm syz.5.1193: inode has both inline data and extents flags
[  592.492254][T10438] EXT4-fs (loop5): Remounting filesystem read-only
[  592.593043][ T8265] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  593.545309][T10466] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1199'.
[  596.405505][T10491] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1209'.
[  599.002172][T10523] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1220'.
[  599.730005][T10530] overlayfs: failed to clone upperpath
[  604.293514][T10558] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1233'.
[  608.618420][T10592] overlayfs: failed to clone lowerpath
[  610.032815][T10599] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  610.047402][T10599] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  610.057384][T10599] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  610.066569][T10599] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  610.074717][T10599] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  610.082301][T10599] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  610.587214][T10597] chnl_net:caif_netlink_parms(): no params data found
[  611.127303][T10624] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1248'.
[  612.160549][T10599] Bluetooth: hci0: command tx timeout
[  612.282325][T10597] bridge0: port 1(bridge_slave_0) entered blocking state
[  612.300568][T10597] bridge0: port 1(bridge_slave_0) entered disabled state
[  612.340800][T10597] bridge_slave_0: entered allmulticast mode
[  612.348142][T10597] bridge_slave_0: entered promiscuous mode
[  612.419133][T10597] bridge0: port 2(bridge_slave_1) entered blocking state
[  612.426588][T10597] bridge0: port 2(bridge_slave_1) entered disabled state
[  612.433959][T10597] bridge_slave_1: entered allmulticast mode
[  612.442070][T10597] bridge_slave_1: entered promiscuous mode
[  612.540108][T10597] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  612.578731][T10597] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  612.674917][T10597] team0: Port device team_slave_0 added
[  612.703344][T10597] team0: Port device team_slave_1 added
[  613.147972][T10597] batman_adv: batadv0: Adding interface: batadv_slave_0
[  613.180280][T10597] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  613.340528][T10597] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  613.369921][T10597] batman_adv: batadv0: Adding interface: batadv_slave_1
[  613.380761][T10597] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  613.459928][T10597] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  613.754147][ T3411] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  614.053744][ T3411] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  614.217554][ T3411] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  614.242154][T10599] Bluetooth: hci0: command tx timeout
[  614.265826][T10597] hsr_slave_0: entered promiscuous mode
[  614.273042][T10597] hsr_slave_1: entered promiscuous mode
[  614.280400][T10597] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  614.298097][T10597] Cannot create hsr debugfs directory
[  614.329832][ T3411] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  616.524450][T10599] Bluetooth: hci0: command tx timeout
[  617.003750][T10678] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1261'.
[  617.521722][T10597] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  617.822637][T10597] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  617.950274][T10597] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  617.999427][T10597] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  618.551210][T10599] Bluetooth: hci0: command tx timeout
[  618.880803][T10711] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1268'.
[  619.912433][T10597] 8021q: adding VLAN 0 to HW filter on device bond0
[  620.014983][T10597] 8021q: adding VLAN 0 to HW filter on device team0
[  620.083582][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[  620.090805][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[  620.140755][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[  620.147931][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[  621.168305][T10597] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  621.312078][T10597] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  622.503584][ T3411] hsr_slave_0: left promiscuous mode
[  622.561871][ T3411] hsr_slave_1: left promiscuous mode
[  622.602439][ T3411] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  622.630266][ T3411] batman_adv: batadv0: Removing interface: batadv_slave_0
[  622.647290][ T3411] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  622.655691][ T3411] batman_adv: batadv0: Removing interface: batadv_slave_1
[  622.685221][ T3411] bridge_slave_1: left allmulticast mode
[  622.703025][ T3411] bridge_slave_1: left promiscuous mode
[  622.708915][ T3411] bridge0: port 2(bridge_slave_1) entered disabled state
[  622.733345][ T3411] bridge_slave_0: left allmulticast mode
[  622.739146][ T3411] bridge_slave_0: left promiscuous mode
[  622.750186][ T3411] bridge0: port 1(bridge_slave_0) entered disabled state
[  622.827814][ T3411] veth1_macvtap: left promiscuous mode
[  622.838039][ T3411] veth0_macvtap: left promiscuous mode
[  622.852970][ T3411] veth1_vlan: left promiscuous mode
[  622.874199][ T3411] veth0_vlan: left promiscuous mode
[  624.479316][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  624.485897][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[  624.853360][ T3411] team0 (unregistering): Port device team_slave_1 removed
[  624.905507][ T3411] team0 (unregistering): Port device team_slave_0 removed
[  624.968654][ T3411] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  625.036751][ T3411] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  625.421595][ T3411] bond0 (unregistering): Released all slaves
[  625.667481][T10764] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  626.059346][T10597] 8021q: adding VLAN 0 to HW filter on device batadv0
[  631.203313][T10597] veth0_vlan: entered promiscuous mode
[  631.278659][T10597] veth1_vlan: entered promiscuous mode
[  631.443008][T10597] veth0_macvtap: entered promiscuous mode
[  631.532353][T10597] veth1_macvtap: entered promiscuous mode
[  631.633526][T10597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  631.678567][T10597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  631.749807][T10597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  631.812600][T10597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  631.865520][T10597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  631.930482][T10597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  631.982405][T10597] batman_adv: batadv0: Interface activated: batadv_slave_0
[  632.042033][T10597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  632.089195][T10597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  632.114762][T10597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  632.151568][T10597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  632.164552][T10597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  632.206794][T10597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  632.218853][T10597] batman_adv: batadv0: Interface activated: batadv_slave_1
[  632.232011][T10597] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  632.240794][T10597] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  632.249504][T10597] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  632.270466][T10597] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  632.471690][   T79] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  632.492508][   T79] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  632.561918][ T3480] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  632.569796][ T3480] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  633.793996][T10856] netlink: 104 bytes leftover after parsing attributes in process `syz.6.1244'.
[  634.769454][T10869] loop6: detected capacity change from 0 to 512
[  634.871879][T10869] EXT4-fs (loop6): 1 truncate cleaned up
[  634.919588][T10869] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  635.605539][T10597] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294901760 (level 0)
[  635.703040][T10597] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294967295 (level 1)
[  635.771475][T10597] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 65535 (level 2)
[  636.012897][T10597] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  637.621252][  T787] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  638.480998][  T787] usb 7-1: Using ep0 maxpacket: 32
[  638.521302][  T787] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  638.543577][  T787] usb 7-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= a.f5
[  638.562945][  T787] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  638.573292][  T787] usb 7-1: Product: syz
[  638.577506][  T787] usb 7-1: Manufacturer: syz
[  638.584441][  T787] usb 7-1: SerialNumber: syz
[  638.596670][  T787] usb 7-1: config 0 descriptor??
[  638.611541][T10924] 9pnet_fd: Insufficient options for proto=fd
[  638.612564][  T787] usb 7-1: Quirk or no altest; falling back to MIDI 1.0
[  638.646795][  T787] snd-usb-audio: probe of 7-1:0.0 failed with error -2
[  639.381756][  T787] usb 7-1: USB disconnect, device number 2
[  639.410216][T10808] udevd[10808]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  639.679323][   T27] kauditd_printk_skb: 1 callbacks suppressed
[  639.679338][   T27] audit: type=1326 audit(1780431047.779:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10934 comm="syz.6.1311" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a4b39ce59 code=0x7ffc0000
[  639.750027][   T27] audit: type=1326 audit(1780431047.779:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10934 comm="syz.6.1311" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a4b39ce59 code=0x7ffc0000
[  639.779944][   T27] audit: type=1326 audit(1780431047.819:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10934 comm="syz.6.1311" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7f1a4b39ce59 code=0x7ffc0000
[  640.466081][   T27] audit: type=1326 audit(1780431047.819:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10934 comm="syz.6.1311" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a4b39ce59 code=0x7ffc0000
[  640.547331][   T27] audit: type=1326 audit(1780431047.819:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10934 comm="syz.6.1311" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a4b39ce59 code=0x7ffc0000
[  640.678178][   T27] audit: type=1326 audit(1780431047.929:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10934 comm="syz.6.1311" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f1a4b39ce59 code=0x7ffc0000
[  642.068317][   T27] audit: type=1326 audit(1780431047.929:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10934 comm="syz.6.1311" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a4b39ce59 code=0x7ffc0000
[  642.123837][   T27] audit: type=1326 audit(1780431047.929:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10934 comm="syz.6.1311" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a4b39ce59 code=0x7ffc0000
[  643.050439][   T27] audit: type=1326 audit(1780431047.929:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10934 comm="syz.6.1311" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f1a4b39ce59 code=0x7ffc0000
[  643.123598][   T27] audit: type=1326 audit(1780431047.929:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10934 comm="syz.6.1311" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a4b39ce59 code=0x7ffc0000
[  645.778751][T10995] loop6: detected capacity change from 0 to 1024
[  645.816359][T10995] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  645.831399][T10995] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (58532!=20869)
[  645.905929][T10995] JBD2: no valid journal superblock found
[  646.454195][T10995] EXT4-fs (loop6): Could not load journal inode
[  649.982454][T11025] loop6: detected capacity change from 0 to 128
[  652.646963][T11046] loop6: detected capacity change from 0 to 512
[  652.654082][T11046] EXT4-fs: Ignoring removed orlov option
[  652.708756][T11046] EXT4-fs error (device loop6): ext4_orphan_get:1430: comm syz.6.1333: bad orphan inode 67108864
[  652.723779][T11046] EXT4-fs (loop6): Remounting filesystem read-only
[  652.731094][T11046] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  652.743706][T11046] ext4 filesystem being mounted at /8/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  653.051928][T10597] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  654.483061][T11074] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1339'.
[  659.477184][T11128] loop6: detected capacity change from 0 to 512
[  659.488140][T11128] ext4: Unknown parameter 'context'
[  660.173407][T11117] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  665.896054][   T27] kauditd_printk_skb: 19 callbacks suppressed
[  665.896069][   T27] audit: type=1326 audit(1780431073.999:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11198 comm="syz.4.1363" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6dbf59ce59 code=0x0
[  666.492876][T11213] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1368'.
[  669.019029][T11242] 9pnet: p9_errstr2errno: server reported unknown error 0x0000000
[  669.979053][T11260] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1377'.
[  673.217179][T11296] loop6: detected capacity change from 0 to 16
[  673.282692][T11296] erofs: (device loop6): mounted with root inode @ nid 36.
[  674.342136][T10597] erofs: (device loop6): erofs_read_inode: bogus i_mode (4355) @ nid 46
[  674.511915][T10597] erofs: (device loop6): erofs_read_inode: bogus i_mode (4355) @ nid 46
[  675.960078][   T79] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  676.356653][   T79] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  676.611566][   T79] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  677.712500][   T79] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  678.683258][ T5774] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  679.004799][ T5774] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  679.049069][ T5774] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  679.062299][ T5774] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  679.078275][ T5774] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  679.086482][ T5774] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  679.578316][T11368] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1399'.
[  680.090009][T11351] chnl_net:caif_netlink_parms(): no params data found
[  681.201241][T10599] Bluetooth: hci0: command tx timeout
[  682.299875][T11420] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1407'.
[  682.354257][T11351] bridge0: port 1(bridge_slave_0) entered blocking state
[  682.380968][T11351] bridge0: port 1(bridge_slave_0) entered disabled state
[  682.388234][T11351] bridge_slave_0: entered allmulticast mode
[  682.432966][T11351] bridge_slave_0: entered promiscuous mode
[  682.458940][T11351] bridge0: port 2(bridge_slave_1) entered blocking state
[  682.501645][T11351] bridge0: port 2(bridge_slave_1) entered disabled state
[  682.509023][T11351] bridge_slave_1: entered allmulticast mode
[  682.562691][T11351] bridge_slave_1: entered promiscuous mode
[  682.733843][T11351] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  683.502159][T10599] Bluetooth: hci0: command tx timeout
[  683.715570][T11351] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  683.836279][   T79] hsr_slave_0: left promiscuous mode
[  683.865078][   T79] hsr_slave_1: left promiscuous mode
[  683.889281][   T79] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  683.905492][   T79] batman_adv: batadv0: Removing interface: batadv_slave_0
[  683.926989][   T79] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  683.951280][   T79] batman_adv: batadv0: Removing interface: batadv_slave_1
[  683.972843][   T79] bridge_slave_1: left allmulticast mode
[  683.978542][   T79] bridge_slave_1: left promiscuous mode
[  684.006433][   T79] bridge0: port 2(bridge_slave_1) entered disabled state
[  684.038436][   T79] bridge_slave_0: left allmulticast mode
[  684.060368][   T79] bridge_slave_0: left promiscuous mode
[  684.066200][   T79] bridge0: port 1(bridge_slave_0) entered disabled state
[  684.221703][   T79] veth1_macvtap: left promiscuous mode
[  684.245507][   T79] veth0_macvtap: left promiscuous mode
[  684.280768][   T79] veth1_vlan: left promiscuous mode
[  684.881009][   T79] veth0_vlan: left promiscuous mode
[  685.154037][T11458] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1416'.
[  685.523507][T10599] Bluetooth: hci0: command tx timeout
[  685.925573][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  685.933965][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[  687.615644][T10599] Bluetooth: hci0: command tx timeout
[  688.450018][   T79] team0 (unregistering): Port device team_slave_1 removed
[  688.519552][T11481] fuse: Bad value for 'fd'
[  688.579128][   T79] team0 (unregistering): Port device team_slave_0 removed
[  688.715524][   T79] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  688.803655][   T79] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  690.059078][   T79] bond0 (unregistering): Released all slaves
[  690.184065][T11490] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1425'.
[  690.376248][T11351] team0: Port device team_slave_0 added
[  690.385923][T11351] team0: Port device team_slave_1 added
[  690.624551][T11351] batman_adv: batadv0: Adding interface: batadv_slave_0
[  690.654323][T11351] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  690.820667][T11351] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  690.882711][T11351] batman_adv: batadv0: Adding interface: batadv_slave_1
[  690.889704][T11351] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  690.950356][T11351] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  691.926982][T11351] hsr_slave_0: entered promiscuous mode
[  691.948671][T11351] hsr_slave_1: entered promiscuous mode
[  691.967657][T11351] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  691.990210][T11351] Cannot create hsr debugfs directory
[  692.018928][T11507] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1428'.
[  692.632090][T11351] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  692.643010][T11351] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  692.668089][T11351] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  692.851254][T11351] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  693.668064][T11530] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1433'.
[  693.929367][T11351] 8021q: adding VLAN 0 to HW filter on device bond0
[  693.985197][T11351] 8021q: adding VLAN 0 to HW filter on device team0
[  694.654444][ T3411] bridge0: port 1(bridge_slave_0) entered blocking state
[  694.661745][ T3411] bridge0: port 1(bridge_slave_0) entered forwarding state
[  694.710267][ T3480] bridge0: port 2(bridge_slave_1) entered blocking state
[  694.717471][ T3480] bridge0: port 2(bridge_slave_1) entered forwarding state
[  696.966833][T11572] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1442'.
[  696.982288][T11575] overlayfs: failed to resolve './file1': -2
[  697.552563][T11351] 8021q: adding VLAN 0 to HW filter on device batadv0
[  700.415431][T11616] fuse: Bad value for 'fd'
[  700.546376][T11351] veth0_vlan: entered promiscuous mode
[  700.596305][T11351] veth1_vlan: entered promiscuous mode
[  700.819178][T11623] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  701.572359][T11351] veth0_macvtap: entered promiscuous mode
[  701.631942][T11351] veth1_macvtap: entered promiscuous mode
[  702.665932][T11351] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  702.690202][T11351] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  702.724252][T11351] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  703.452626][T11351] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  703.494328][T11351] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  703.618843][T11351] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  703.749282][T11351] batman_adv: batadv0: Interface activated: batadv_slave_0
[  703.766376][T11635] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1453'.
[  703.912471][T11351] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  703.967281][T11351] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  703.978507][T11351] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  703.993813][T11351] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  704.008050][T11351] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  704.036536][T11351] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  704.054396][T11351] batman_adv: batadv0: Interface activated: batadv_slave_1
[  704.072125][T11351] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  704.081159][T11351] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  704.091457][T11351] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  704.101774][T11351] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  706.542677][ T3428] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  706.574025][ T3428] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  706.712504][ T3411] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  706.761087][ T3411] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  707.095511][T11674] netlink: 104 bytes leftover after parsing attributes in process `syz.7.1393'.
[  707.589517][T11684] overlay: ./file0 is not a directory
[  707.756691][T11688] loop7: detected capacity change from 0 to 1024
[  707.814388][T11688] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  707.863084][T11688] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (58532!=20869)
[  707.909047][T11688] JBD2: no valid journal superblock found
[  707.960537][T11688] EXT4-fs (loop7): Could not load journal inode
[  708.982906][T11706] loop7: detected capacity change from 0 to 128
[  714.765976][T11716] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  714.801895][T11716] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  714.840660][T11716] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  714.881721][T11716] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  714.887854][T11716] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  714.999335][T11716] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  715.350528][T10599] Bluetooth: hci2: command 0x0406 tx timeout
[  717.450127][T10599] Bluetooth: hci1: command 0x0406 tx timeout
[  717.456264][T10599] Bluetooth: hci3: command 0x0406 tx timeout
[  717.460108][ T5774] Bluetooth: hci0: command 0x0c1a tx timeout
[  719.013164][T11818] loop7: detected capacity change from 0 to 512
[  719.032409][T11818] EXT4-fs: Ignoring removed orlov option
[  719.754425][T11783] Bluetooth: hci0: command 0x0c1a tx timeout
[  719.840933][T11818] EXT4-fs error (device loop7): ext4_orphan_get:1430: comm syz.7.1496: bad orphan inode 67108864
[  719.868950][T11818] EXT4-fs (loop7): Remounting filesystem read-only
[  719.877128][T11818] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  719.889995][T11818] ext4 filesystem being mounted at /11/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  719.986698][T11351] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  721.830752][T11783] Bluetooth: hci0: command 0x0c1a tx timeout
[  725.719235][T11902] loop7: detected capacity change from 0 to 512
[  725.732418][T11902] EXT4-fs: Ignoring removed orlov option
[  726.490981][T11902] EXT4-fs error (device loop7): ext4_orphan_get:1430: comm syz.7.1517: bad orphan inode 67108864
[  726.512181][T11902] EXT4-fs (loop7): Remounting filesystem read-only
[  726.519574][T11902] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  726.532128][T11902] ext4 filesystem being mounted at /15/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  726.656161][T11351] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  728.238335][T11943] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[  728.248121][T11943] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[  728.257955][T11943] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  730.441060][T11974] loop7: detected capacity change from 0 to 512
[  730.636167][T11974] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  730.649011][T11974] ext4 filesystem being mounted at /17/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  730.664726][T11974] Quota error (device loop7): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8
[  730.675539][T11974] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota
[  730.686127][T11974] EXT4-fs error (device loop7): ext4_acquire_dquot:6953: comm syz.7.1531: Failed to acquire dquot type 0
[  731.566556][T11974] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000d40000 ro.
[  731.577561][T11974] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  747.357477][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  747.367337][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[  776.154492][T12446] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1644'.
[  777.513736][T11783] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  777.522806][T11783] Bluetooth: hci2: Injecting HCI hardware error event
[  777.533611][T11783] Bluetooth: hci2: hardware error 0x00
[  779.610621][T11783] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  784.732839][T12572] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1677'.
[  792.232737][T11783] Bluetooth: hci0: unexpected event for opcode 0x0c13
[  809.654189][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  809.667406][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[  818.839214][T12800] netlink: 20 bytes leftover after parsing attributes in process `syz.7.1733'.
[  821.426034][T12835] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1748'.
[  823.531256][T12880] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1767'.
[  823.596110][T12880] bridge0: port 2(bridge_slave_1) entered disabled state
[  823.604887][T12880] bridge0: port 1(bridge_slave_0) entered disabled state
[  823.625999][T12880] bridge0: entered allmulticast mode
[  828.600414][T12934] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1773'.
[  837.852393][T13016] netlink: 'syz.3.1814': attribute type 8 has an invalid length.
[  839.967117][T13039] 9pnet_fd: Insufficient options for proto=fd
[  854.878412][T13177] netlink: 64 bytes leftover after parsing attributes in process `syz.7.1855'.
[  855.828983][T13202] ------------[ cut here ]------------
[  855.835587][T13202] WARNING: CPU: 1 PID: 13202 at mm/page_alloc.c:4476 __alloc_pages+0x2e8/0x460
[  855.844814][T13202] Modules linked in:
[  855.848768][T13202] CPU: 1 PID: 13202 Comm: syz.0.1874 Not tainted syzkaller #0
[  855.856702][T13202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  855.866847][T13202] RIP: 0010:__alloc_pages+0x2e8/0x460
[  855.872399][T13202] Code: 0c 25 28 00 00 00 48 3b 8c 24 a0 00 00 00 0f 85 a0 00 00 00 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 c6 05 44 8f a2 0c 01 <0f> 0b eb a4 a9 00 00 08 00 8b 74 24 0c 75 3e 44 89 f1 81 e1 7f ff
[  855.892391][T13202] RSP: 0018:ffffc9000bfcfa80 EFLAGS: 00010246
[  855.898564][T13202] RAX: ffffc9000bfcfa00 RBX: 1ffff920017f9f54 RCX: 0000000000000000
[  855.906646][T13202] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc9000bfcfae8
[  855.915173][T13202] RBP: ffffc9000bfcfb80 R08: ffffc9000bfcfae7 R09: 0000000000000000
[  855.923319][T13202] R10: ffffc9000bfcfac0 R11: fffff520017f9f5d R12: 0000000000000014
[  855.931426][T13202] R13: 0000000000000000 R14: 0000000000040d40 R15: dffffc0000000000
[  855.939718][T13202] FS:  00007f807f1f66c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  855.948908][T13202] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  855.955642][T13202] CR2: 0000200000001000 CR3: 0000000021046000 CR4: 00000000003506e0
[  855.963769][T13202] Call Trace:
[  855.967157][T13202]  <TASK>
[  855.970400][T13202]  ? zone_statistics+0x170/0x170
[  855.975591][T13202]  ? v9fs_fid_find+0x270/0x270
[  855.980517][T13202]  __kmalloc_large_node+0x8c/0x1e0
[  855.985693][T13202]  ? v9fs_fid_get_acl+0x4f/0xf0
[  855.990703][T13202]  __kmalloc+0x111/0x230
[  855.994993][T13202]  v9fs_fid_get_acl+0x4f/0xf0
[  855.999710][T13202]  v9fs_get_acl+0x11b/0x350
[  856.004306][T13202]  v9fs_mount+0x86a/0xb50
[  856.008683][T13202]  ? xfs_fs_commit_blocks+0x6f0/0x6f0
[  856.014186][T13202]  legacy_get_tree+0xea/0x180
[  856.019320][T13202]  ? xfs_fs_commit_blocks+0x6f0/0x6f0
[  856.024942][T13202]  vfs_get_tree+0x8c/0x280
[  856.029427][T13202]  do_new_mount+0x24b/0xa40
[  856.034068][T13202]  __se_sys_mount+0x2e7/0x3d0
[  856.039008][T13202]  ? __x64_sys_mount+0xc0/0xc0
[  856.043971][T13202]  ? lockdep_hardirqs_on+0x98/0x150
[  856.049342][T13202]  ? __x64_sys_mount+0x20/0xc0
[  856.054253][T13202]  do_syscall_64+0x55/0xb0
[  856.058792][T13202]  ? clear_bhb_loop+0x40/0x90
[  856.063644][T13202]  ? clear_bhb_loop+0x40/0x90
[  856.068352][T13202]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  856.074492][T13202] RIP: 0033:0x7f8080f9ce59
[  856.078946][T13202] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  856.098706][T13202] RSP: 002b:00007f807f1f6028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  856.107248][T13202] RAX: ffffffffffffffda RBX: 00007f8081215fa0 RCX: 00007f8080f9ce59
[  856.115366][T13202] RDX: 0000200000000b80 RSI: 0000200000000040 RDI: 0000000000000000
[  856.123910][T13202] RBP: 00007f8081032d6f R08: 0000200000000ac0 R09: 0000000000000000
[  856.132036][T13202] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  856.140307][T13202] R13: 00007f8081216038 R14: 00007f8081215fa0 R15: 00007ffead0810a8
[  856.148338][T13202]  </TASK>
[  856.151575][T13202] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  856.158892][T13202] CPU: 1 PID: 13202 Comm: syz.0.1874 Not tainted syzkaller #0
[  856.166381][T13202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  856.176467][T13202] Call Trace:
[  856.179768][T13202]  <TASK>
[  856.182718][T13202]  dump_stack_lvl+0x18c/0x250
[  856.187437][T13202]  ? show_regs_print_info+0x20/0x20
[  856.192670][T13202]  ? load_image+0x420/0x420
[  856.197246][T13202]  panic+0x2dc/0x730
[  856.201282][T13202]  ? bpf_jit_dump+0xd0/0xd0
[  856.205835][T13202]  __warn+0x2e0/0x470
[  856.209858][T13202]  ? __alloc_pages+0x2e8/0x460
[  856.214646][T13202]  ? __alloc_pages+0x2e8/0x460
[  856.219430][T13202]  report_bug+0x2be/0x4f0
[  856.223816][T13202]  ? __alloc_pages+0x2e8/0x460
[  856.228611][T13202]  ? __alloc_pages+0x2e8/0x460
[  856.233404][T13202]  ? __alloc_pages+0x2ea/0x460
[  856.238194][T13202]  handle_bug+0xcf/0x120
[  856.242541][T13202]  exc_invalid_op+0x1a/0x50
[  856.247079][T13202]  asm_exc_invalid_op+0x1a/0x20
[  856.251970][T13202] RIP: 0010:__alloc_pages+0x2e8/0x460
[  856.257369][T13202] Code: 0c 25 28 00 00 00 48 3b 8c 24 a0 00 00 00 0f 85 a0 00 00 00 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 c6 05 44 8f a2 0c 01 <0f> 0b eb a4 a9 00 00 08 00 8b 74 24 0c 75 3e 44 89 f1 81 e1 7f ff
[  856.276986][T13202] RSP: 0018:ffffc9000bfcfa80 EFLAGS: 00010246
[  856.283058][T13202] RAX: ffffc9000bfcfa00 RBX: 1ffff920017f9f54 RCX: 0000000000000000
[  856.291026][T13202] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc9000bfcfae8
[  856.298993][T13202] RBP: ffffc9000bfcfb80 R08: ffffc9000bfcfae7 R09: 0000000000000000
[  856.306962][T13202] R10: ffffc9000bfcfac0 R11: fffff520017f9f5d R12: 0000000000000014
[  856.314943][T13202] R13: 0000000000000000 R14: 0000000000040d40 R15: dffffc0000000000
[  856.322951][T13202]  ? zone_statistics+0x170/0x170
[  856.327986][T13202]  ? v9fs_fid_find+0x270/0x270
[  856.332754][T13202]  __kmalloc_large_node+0x8c/0x1e0
[  856.337874][T13202]  ? v9fs_fid_get_acl+0x4f/0xf0
[  856.342720][T13202]  __kmalloc+0x111/0x230
[  856.346967][T13202]  v9fs_fid_get_acl+0x4f/0xf0
[  856.351644][T13202]  v9fs_get_acl+0x11b/0x350
[  856.356146][T13202]  v9fs_mount+0x86a/0xb50
[  856.360481][T13202]  ? xfs_fs_commit_blocks+0x6f0/0x6f0
[  856.365859][T13202]  legacy_get_tree+0xea/0x180
[  856.370538][T13202]  ? xfs_fs_commit_blocks+0x6f0/0x6f0
[  856.375920][T13202]  vfs_get_tree+0x8c/0x280
[  856.380340][T13202]  do_new_mount+0x24b/0xa40
[  856.384854][T13202]  __se_sys_mount+0x2e7/0x3d0
[  856.389532][T13202]  ? __x64_sys_mount+0xc0/0xc0
[  856.394293][T13202]  ? lockdep_hardirqs_on+0x98/0x150
[  856.399492][T13202]  ? __x64_sys_mount+0x20/0xc0
[  856.404259][T13202]  do_syscall_64+0x55/0xb0
[  856.408676][T13202]  ? clear_bhb_loop+0x40/0x90
[  856.413350][T13202]  ? clear_bhb_loop+0x40/0x90
[  856.418024][T13202]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  856.423919][T13202] RIP: 0033:0x7f8080f9ce59
[  856.428333][T13202] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  856.447970][T13202] RSP: 002b:00007f807f1f6028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  856.456388][T13202] RAX: ffffffffffffffda RBX: 00007f8081215fa0 RCX: 00007f8080f9ce59
[  856.464363][T13202] RDX: 0000200000000b80 RSI: 0000200000000040 RDI: 0000000000000000
[  856.472344][T13202] RBP: 00007f8081032d6f R08: 0000200000000ac0 R09: 0000000000000000
[  856.480317][T13202] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  856.488280][T13202] R13: 00007f8081216038 R14: 00007f8081215fa0 R15: 00007ffead0810a8
[  856.496279][T13202]  </TASK>
[  856.499528][T13202] Kernel Offset: disabled
[  856.504042][T13202] Rebooting in 86400 seconds..