last executing test programs:

2m7.752418731s ago: executing program 32 (id=164):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r2, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000040)={0x20, r3, 0x1, 0x0, 0x0, {0x1e}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}]}]}, 0x20}}, 0x0)

1m52.226576588s ago: executing program 33 (id=630):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0xfffffff9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r1}, 0xc)

1m30.826993052s ago: executing program 34 (id=1481):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000080)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0xf, {[@main=@item_4={0x3, 0x0, 0x8, '\t\x00'}, @local=@item_4={0x3, 0x2, 0x0, "93bf0280"}, @main=@item_4={0x3, 0x0, 0xb, "7488dffc"}]}}, 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
ioctl$HIDIOCGREPORTINFO(r1, 0xc00c4809, &(0x7f00000000c0)={0x3, 0x201, 0x8001})

1m9.0358675s ago: executing program 6 (id=2106):
unshare(0x400)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000008c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b53c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={r1, 0x34}, 0x10)

1m9.01243387s ago: executing program 6 (id=2108):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='workqueue_queue_work\x00', r0}, 0x18)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r1, 0x1, 0x1d, &(0x7f00000001c0), 0x4)

1m8.957848161s ago: executing program 6 (id=2110):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x2d}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000180)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x1a, 0x3, &(0x7f00000012c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000080)={r2, r1}, 0xc)

1m8.930436981s ago: executing program 6 (id=2111):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000080), 0x81, 0x7a9, &(0x7f00000007c0)="$eJzs3c9rXNUeAPDvnfxO+17y4MF7dRUQNFA6MTW2Ci4qLkSwUNC1bZhMQ80kUzKT0oRAW0RwI6i4EHTTtT/qzq0/tvpfuJCWqmmx4kJG7mQmmTQzadJmZor5fODmnnPPvTnnO/fXmbmHmQAOrLH0TybiSES8n0SM1JYnEdFXTfVGnFpf797aai6dkqhUXv81qa5zd201Fw3bpA7VMv+PiO/eiTia2V5vaXllbrpQyC/W8hPl+YsTpeWVYxfmp2fzs/mFE5NTU8dPPnfyxP7F+vuPK4dvffDK01+e+vPt/9147/skTsXhWlljHPtlLMZqr0lf+hJu8fJ+V9ZlSbcbwENJT82e9bM8jsRI9FRTLQx1smUAQLtciYgKAHDAJO7/AHDA1D8HuLu2mqtP3f1EorNuvxQRg+vx159vrpf01p7ZDVafgw7fTbY8GUkiYnQf6h+LiE+/fvPzdIo2PYcEaObqtYg4Nzq2/fqfbBuzsFfP7FRYGajOxu5b7PoHnfNN2v95vln/L7PR/4km/Z+BJufuw3jw+Z+5uQ/VtJT2/15sGNt2ryH+mtGeWu5f1T5fX3L+QiGfXtv+HRHj0TeQ5ierqzYfBTV+5687repv7P/99uFbn6X1p/PNNTI3ewe2bjMzXZ5+1Ljrbl+LeKK3WfzJxv5PWvR/z+yyjldfePeTVmVp/Gm89Wl7/O1VuR7xVNP9v7kvkx3HJ05UD4eJ+kHRxFc/fTzcqv7N/T9Qnaf1198LdEK6/4d3jn80aRyvWdp7HT9cH/m2VVnj8d88/ubHf3/yRjXdX1t2ebpcXpyM6E9e2778+Oa29Xx9/TT+8Sebn/+tjv9MbWzsuY1cS9UhtL23fvmi9q+axl91tVX87ZXGP7On/b9DolLb5r6iG/fmelrVv7v9P1VNjdeW7Ob694CWPsLRDAAAAAAAAAAAAAAAAAAAAAAAAAB7l4mIw5FkshvpTCabXf8N7//GcKZQLJWPni8uLcxE9beyR6MvU/+qy5GG70OdrH0ffj1//L78sxHxn4j4aGComs/mioWZbgcPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADWHtv7+/5V0ls2ul/080O3WAQBtM9jtBgAAHef+DwAHz97u/0NtawcA0Dl7fv9fSdrTEACgY3Z9/z/X3nYAAJ3j+T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABtdub06XSq/LG2mkvzM5eWl+aKl47N5Etz2fmlXDZXXLyYnS0WZwv5bK443/IfXV2fFYrFi1OxsHR5opwvlSdKyytn54tLC+WzF+anZ/Nn830diwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdq+0vDI3XSjkFyV2TAw1LxrsesO6lOiNx6IZ//hEf9dqb7xKDHXvAgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwmPs7AAD//yjFJO4=")
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x185641, 0x0)
r0 = open(&(0x7f00000003c0)='./bus\x00', 0x84902, 0x0)
read$FUSE(r0, &(0x7f0000001640)={0x2020}, 0x2020)

1m8.835762173s ago: executing program 6 (id=2114):
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x800700, &(0x7f0000000880)={[{@errors_remount}, {@bsdgroups}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x7}}, {@discard}, {@bsdgroups}, {@init_itable_val={'init_itable', 0x3d, 0x5}}, {@stripe={'stripe', 0x3d, 0x2}}, {@max_batch_time={'max_batch_time', 0x3d, 0x4d}}, {@oldalloc}, {@nojournal_checksum}]}, 0x2, 0x44a, &(0x7f0000000400)="$eJzs281vFOUfAPDvzLbl9+OtFfEFRK0SY+NLSwsqBy8aTTxgNNEDHuu2EMJCDa2JECLVGLyYGBI9G48m/gXevBj1ZOJV74aEKBfQU83MzsDuslsobHcr+/kkA8+z82yf57vPPDPPzLMbwMAaz/5JIrZGxG8RMVrPNhcYr/939fLZ6t+Xz1aTWFl5688kL3fl8tlqWbR835YiM5FGpJ8kRSXNFk+fOT5bq82fKvJTSyfem1o8febZYydmj84fnT85c/Dggf3TLzw/81xX4sziurL7w4U9u15758Lr1cMX3v3p26y9W4v9jXF0y3gW+F8rudZ9T3S7sj7b1pBOhvrYENakEhFZdw3n4380KnG980bj1Y/72jhgXWXXpk2ddy+vAHexJPrdAqA/ygt9dv9bbj2aemwIl16q3wBlcV8ttvqeoUiLMsMt97fdNB4Rh5f/+SrbYp2eQwAANPqs+uWheKbd/C+N+xvKbS/WUMYi4p6I2BER90bEzoi4LyIv+0BEPLjG+luXhm6c/6QXbyuwW5TN/14s1raa53/l7C/GKkVuWx7/cHLkWG1+X/GZTMTwpiw/vUod37/y6+ed9jXO/7Itq7+cCxbtuDjU8oBubnZpNp+UdsGljyJ2D7WLP7m2EpBExK6I2L22P729TBx76ps9nQrdPP5VdGGdaeXriCfr/b8cLfGXktXXJ6f+F7X5fVPlUXGjn385/2an+u8o/i7I+n9z8/HfWmQsaVyvXVx7Hed//7TjPc3tHv8jydv5+WikeO2D2aWlU9MRI8mhPN/0+sz195b5snwW/8Te9uN/R/GeLP6HIiI7iB+OiEci4tGi7Y9FxOMRsXeV+H98ufO+jdD/c23Pf9eO/5b+X3uicvyH7zrVf2v9fyBPTRSv5Oe/m7jVBt7JZwcAAAD/FWn+HfgknbyWTtPJyfp3+HfG5rS2sLj09JGF90/O1b8rPxbDafmka7Theeh0slz8xXp+pnhWXO7fXzw3/qLy/zw/WV2ozfU5dhh0WzqM/8wflX63Dlh37dbRZkb60BCg51rHf9qcPfdGLxsD9JTfa8Pgusn4T3vVDqD3XP9hcLUb/+da8tYC4O7k+g+Dy/iHwWX8w+Ay/mEg3cnv+iUGORHphmiGxDol+n1mAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I5/AwAA///K8u7c")
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000240)=ANY=[@ANYBLOB="01000000000000000a0000000000ff00ff010000000000000000000000000001000001000000000000000000e0ff00000000000000bd0000000000000000000000e4ec010000000040000000000000000000000000000000000000013da51fd47aa2e2f70000000000000000000000000000000000000000000000000000000000000067ff0000000000000005"], 0x310)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f00000005c0)={0x1, {{0xa, 0x0, 0x0, @mcast1}}}, 0x90)

1m8.131834793s ago: executing program 6 (id=2134):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x2, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000300000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x18, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="05000000000000007910000000000000c3000023000000009500740000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='percpu_free_percpu\x00', r2, 0x0, 0x6d}, 0x18)

1m8.130019894s ago: executing program 35 (id=2134):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x2, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000300000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x18, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="05000000000000007910000000000000c3000023000000009500740000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='percpu_free_percpu\x00', r2, 0x0, 0x6d}, 0x18)

55.498644098s ago: executing program 5 (id=2630):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
sysinfo(&(0x7f0000000000)=""/92)

55.460740379s ago: executing program 5 (id=2632):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000dd0000000000003b810000850000006d000000a50000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x4, 0x6}, 0x4)
close(r1)

55.449373349s ago: executing program 5 (id=2635):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = dup(r2)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000080000020100c0", @ANYRESOCT=r0])

55.291385061s ago: executing program 5 (id=2644):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x200056, &(0x7f0000000440)={[{@nogrpid}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1ff}}, {@errors_remount}, {@noblock_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6}}]}, 0x3, 0x451, &(0x7f0000000f80)="$eJzs3M2PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rCdFqq098vuXDOvedyztNzT3vuPS0BjKyp7I8kYntE/B4RE/Vsc4Gp+l/Xr55fuHH1/EIS1erbfyW1cteunl8oihbnbcsz02lE+lkSe9vUu3L23Mn5SmXpTJ6fXT31wezK2XPPnTg1f3zp+NLpg0eOHD409+ILB5/vS5xZm67t+Xh53+433vvqzaNfNMXfEkefTHU7+GS12ufqhmtHQzoZG2JDWJdSRGTdVa6N/4koxVrnTcTrnw61ccBAVavV6rbOhy9UgU0siea8IQ+jovigz+5/i611EvDy4KYfQ3fllfoNUBb39XyrHxmLNC9Tbrm/7aepiHj3wt/fZFsM5jkEAECTH7L5z7Pt5n9pPNBQ7p58bWgyIu6NiJ0RcV9E7IqI+yNqZR+MiIfWWX/rIsmt85/0ck+B3aFs/vdSvrbVPP8rZn8xWcpzO2rxl5NjJypLB/LXZDrKW7L8XJc6fnztty87HWuc/2VbVn8xF8zbcXlsS/M5i/Or8xuJudGVixF7xtrFn9xcCUgiYndE7OmxjhNPf7ev07Hbx99FH9aZqt9GPFXv/wvREn8h6b4+Ofu/qCwdmC2uilv98uultzrVv6H4+yDr//+3vf5vxj+ZNK7Xrqy/jkt/fN7xnqbX6388eaeWHs/3fTS/unpmLmI8OVpvdOP+g2vnFvmifBb/9P72439nrL0SeyMiu4gfjohHIuLRvO2PRcTjEbG/S/w/v/rE+73HP1hZ/Ivr6v+1xHi07mmfKJ386fumSidvif9G9/4/XEtN53vu5P3vTtrV29UMAAAA/z1pRGyPJJ25mU7TmZn69+V3RaSV5ZXVZ44tf3h6sf4bgckop8WTromG56Fz+W19PX8xIupfLSiOH8qfG39d2lrLzywsVxaHHTyMuG0dxn/mz9KwWwcMnN9rwegy/mF0Gf8wuox/GF1txv/WYbQDuPvaff5/MoR2AHdfy/i37AcjxP0/jK6O438z/88/QI3PfxhJK1vj9j+S75oo/qUeT9+0iSj/K5qx8UQ1adu5kQ67YRKDTAz3fQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBf/gkAAP//qmHgTw==")
open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x201000, 0x0)
r0 = open(&(0x7f0000000540)='./bus\x00', 0x4000, 0x0)
preadv2(r0, &(0x7f0000000040)=[{&(0x7f0000002200)=""/4096, 0x1000}], 0x1, 0x0, 0x0, 0xb)

55.199362483s ago: executing program 5 (id=2651):
syz_mount_image$ext4(&(0x7f0000000880)='ext2\x00', &(0x7f0000000000)='./file1\x00', 0x21000e, &(0x7f0000000380), 0xde, 0x52d, &(0x7f0000001500)="$eJzs3c9vHFcdAPDvjHeD07jYBQ6lUn+IBiUVZDeuaWtxaItA3CqByj1Y9sayss5G3nUbWxU44g9AQggqceLEBYkbFySUPwEhVSJ3BAiEIIUDB2DQzM6mzjKb2Mr+SO3PR3q7b97uzvf7Nt7ZNzMvOwGcWi9ExJsRMRcRL0XEYtmeliUO+iV/3od331vPS9789t+SSMq2iKJ6z7nyZfP9u0rdvf1ra+12a6dcbva2bzS7e/uXtrbXNlubresrK8uvrr62+srq5bH0cyEiXv/an370/Z99/fVff/Hd31/5y8Xv5El/tXx80K/xKd69uFPc1vP34p5aROyMN9jMzJX9qc86EQAAjiQfpX4qIj5XjP8XY64YzRWGh3Tz088OAAAAGIfsjYX4dxKRAQAAACfWG8Xc2CRtlHMBFiJNG43+HN7PxBNpu9PtfeFqZ/f6Rn8O7VLU06tb7dblcq7wUtSTfHm5qH+0/PLQ8kpEPBURP1w8Wyw31jvtjVkf/AAAAIBT4tzQ/v8/F/v7/wAAAMAJszTrBAAAAICJG7X/n0w5DwAAAGBynP8HAACAE+0bb72Vl2xw/euNd/Z2r3XeubTR6l5rbO+uN9Y7Ozcam53OZvGbfdsPWlc9Itqdzo0vRezebPZa3V6zu7d/Zbuze713Zcv1AwEAAGBWnnr+9p0kIg6+fLYouTP5zdyIF5grACdGepwn/3FyeQDTN+pr/gjOjDMPYPpqs04AmJ2DWScAzNp9P/VRMSg4PHnnvmMGv5lcTgAAwHhd+OztO9+tOP9fK+fzAyfXsc7/AyfKI5z/Bz7mnP+H06t+rBHArQlmAszKwy71MfLHO6rO/1fODM6yh64LAACYqIWiPJ82ynOBC5GmjUbEk8V/9a8nV7farcsR8cmI+N1i/RP58nLxysTlAQEAAAAAAAAAAAAAAAAAAAAAAADgiLIsiQwAAAA40SLSPyfl9b8uLJ5fGD4+cCb512KUl/R69ydv//jmWq+3s5y3//1ee+/9sv3lWRzBAAAAgNOo9sBHB/vpg/14AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABinD+++tz4o04z7169ExFJV/FrMF/fzUY+IJ/6RRO3Q65KImBtD/INbEfF0VfwkTyuWyiyG46cRcXY68Z/Nsqwy/rkxxIfT7Ha+/Xmz6vOXxgvFffXnv1aWR3Xf9u/MLw89kt7b/s2N2P49ecQYz3zwi+bI+LcinqlVb38G8ZMR8V+sWmHFm/Ltb+3v/19jf+WR/TTiQuX3T3JfrGZv+0azu7d/aWt7bbO12bq+srL86uprq6+sXm5e3Wq3ytuqEPGDZ3/136Ho/8n6iv7HiPhLD+n/+bxSP9SYDYcpg31w8+6n+9X60CqK+BdfrP77e/oB8fO/ic+X3wP54xcG9YN+/bDnfv7b5yoTK+NvjOj/w/79L45a6ZCXvvm9PxzxqQDAFHT39q+ttdutnYlX3s+ybFqxjl6J9KhPLoaLU33HplsZjO4mFmL+cenplCvnH480jlMZx5EtAADgcfPRoH/WmQAAAAAAAAAAAAAAAAAAAMDp1d2LdNI/JzYc82A2XQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeKD/BQAA//8xltmk")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r1, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0x40305829, &(0x7f0000000300)={0x17c04, r1, 0x803, 0x80000001, 0x4, 0x800000008})

55.063787694s ago: executing program 5 (id=2656):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'lo\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)={0x20, r3, 0x1, 0x70bd25, 0x0, {}, [@ETHTOOL_A_DEBUG_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}]}]}, 0x20}}, 0x0)

55.038676915s ago: executing program 36 (id=2656):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'lo\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)={0x20, r3, 0x1, 0x70bd25, 0x0, {}, [@ETHTOOL_A_DEBUG_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}]}]}, 0x20}}, 0x0)

50.222657465s ago: executing program 7 (id=2843):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c10, &(0x7f0000000400), 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=")
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000002b40), 0x24, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
creat(&(0x7f00000001c0)='./file0\x00', 0x0)
removexattr(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)=@known='system.posix_acl_access\x00')

50.115570336s ago: executing program 7 (id=2845):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e00000008000000000018000380140003801000018004000300080001"], 0x44}}, 0x20008000)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x44, r1, 0x7, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_OURS={0x18, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0x8, 0x4, '\x00\x00\x00\x00'}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x9}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}, @ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x44}}, 0x0)

50.053362228s ago: executing program 7 (id=2848):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000000840)=@updpolicy={0x17c, 0x19, 0x1, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x19, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x10, 0x40800000000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, [@tmpl={0xc4, 0x5, [{{@in=@remote, 0x4d2, 0x33}, 0xa, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x3503, 0x2, 0x3, 0x8, 0x400, 0xf, 0xfffffffe}, {{@in=@local, 0x4d6, 0x33}, 0xa, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x3500, 0x1, 0x3, 0xe, 0xcc, 0x2, 0x1853}, {{@in=@remote, 0x4d3, 0x32}, 0xa, @in6=@loopback, 0x3502, 0x2, 0x2, 0x5, 0x2, 0xfffffffb, 0x2cd7}]}]}, 0x17c}}, 0x0)
syz_emit_ethernet(0x7a, &(0x7f00000001c0)={@broadcast, @broadcast, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "f84ec0", 0x44, 0x2f, 0x0, @ipv4, @local}}}}, 0x0)
ioctl$sock_proto_private(0xffffffffffffffff, 0x891d, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

50.007779248s ago: executing program 7 (id=2850):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x2000048, &(0x7f0000000240)={[{@errors_remount}, {@journal_dev={'journal_dev', 0x3d, 0x1}}, {@delalloc}]}, 0x1, 0x429, &(0x7f0000000740)="$eJzs3M1rXFUbAPDn3nzxNu2bWOtXW3XaIAbUpElUCLipqCgILnTnQkKTlGLalCZiW1y0IrgqblzpypX9A9y4EMS9K8GV7qUQpLiWK3fmXjNN5qaZJOMknd8Ppj3n3hPOee6ZM3PuOTMTQM+q5f8kEYcj4reIGGlk7y1Qa/z3191PzuWPJLLs3T+Terk8XxYt/264yIynEelnSZxoUe/Ktesfzi0tLVwp8pOrFy9Prly7/sKFi3PnF84vXJqZfenM9Mzsy7Mzexbrrbsnf13++p2/vzj9+/Crtz54LW/v4eJccxx7pRa1e69lk2f2urIuO9KUTvq72BDa0hcReXcN1Mf/SPTFeueNxOufdrVxQEdlWZYNVZ++kbUyEC0PAwdNYjBDjyrf6Mt7+07cB+9na2cbN0Cb4++PtCgztOH+di/VIuLq+5//kD+iQ+sQAADNfsznP8+3mv+k8WhTuf8Xe0OjEfFQRByNiIcj4lhEPBJRL/tYRDxeVdGN2y0P1zbkN89/0js7j+7+8vnfKy3nv+XsL0b7ityRevwDyeKFpYUzxTVJYmAoz09tUccvb93+tupc8/wvf+T1l3PBoh13+jcs0M3Prc7tJuZmazcjjrec/yblTsDNJCKeiIjjO6zj+7PZV1Xn7h9/Z2XfRDzbsv/Xd+6S9f3JPLtxf3Ky/nyYLJ8Vm538+PJ8Vf1txJ/uPtrN8v4/tHX8o0nzfu1K+3V8N3pqrercTp//g8l79fRgcezq3OrqlamIweTtzcen1/+2zJfl8/jHx1qP/6OxfiVO5P0YEU9GxFMR8XTR9lMRcToixraI/42xNxd2Hn9n5fHPt9X/7Sey7Kefq+rfXv+/WE+NF0e28/q33Qbu5toBAADAQZHWPwOfpBP/ptN0YqLxGf5jcShdWl5ZfW5x+aNL843Pyo/GQFqudI00rYdOFWvDZX56Q36mWDf+su9/9fzEueWlykUx4D8xXDH+c3/0dbt1QMdVf1+rI3tOwD7i+5rQu4x/6F2N8b/Y7WYAXeD9H3rX1uO/6iesgAeB93/oXcY/9C7jH3qX8Q89aTff63+gE4Nt/IiAxIFMlD8rsl/as78SXX5hAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2CP/BAAA//9TS9nx")
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f0000000100)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getdents64(r0, &(0x7f00000005c0)=""/188, 0xbc)
lseek(r0, 0xfffffffffffffff8, 0x1)

49.970513549s ago: executing program 7 (id=2852):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendto$inet(r0, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @multicast2}, 0x10)
sendto$inet(r0, &(0x7f0000000100)='J', 0xfdbe, 0x4004084, 0x0, 0x11000a00)

49.770796262s ago: executing program 7 (id=2853):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080000000100000000000000", @ANYRES32], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x3, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000850000002300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sched_cls=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r2, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000780)="d2205d96c717ab96f0ded75d86dd", 0x0, 0xd5b5, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

49.770574272s ago: executing program 37 (id=2853):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080000000100000000000000", @ANYRES32], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x3, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000850000002300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sched_cls=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r2, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000780)="d2205d96c717ab96f0ded75d86dd", 0x0, 0xd5b5, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

48.695988578s ago: executing program 2 (id=2887):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r1}, 0x9)
syz_mount_image$f2fs(&(0x7f0000000100), &(0x7f0000010600)='./file0\x00', 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="6163746976655f6c6f67733d342c66617374626f6f742c746573745f64756d6d795f656e6372797074696f6e2c6673796e635f6d6f64653d7374726963742c00200da779e57c52e33a83fdbd563a5b7c6b958cb6e49387a5ba5a89b0887c0292eb888cc8efa81040100dc3ba748033542625bc334eaf793332891541000f3c63c0a5f0af254a5bd1f4b81d0c5188ddcadf07eff7b49004e0b243a8a4d93632fbe9ab868d88310829d8e04a3c0572143a3d3d1472cc5da6f72bb097f5f7b95a09e442c0a1463aaa90db7dcbc542dc5bced278eda11583f810469b706968e793db3230"], 0x1, 0x1059a, &(0x7f0000010640)="$eJzs3M1rI2UcB/Bftu6r61pkX/TkgAgNmNC03aIgUnUXXbBL8eXgSdNkGrKbZEqTvrhnPemf4FUQ8ebf4MV/Y/EgeBK8rSiZmcpW96A226zbzwem32eePPPL84RcnkyZAI6t2eTXXypxIc5GxExEnI/I25XyyK0U8WxEPB8RJ+47KmX/nx2nIuJcRFwYFy9qVsqXln+7e++r5268+vk3d6uNn77+cnqrBqbtxYjobxbt3X6RWafIW2V/c6ebZ39pp8zihf7t8jwrcjddzyvsNvfHNfNc7BTjs83t4Tg3es3WODvdjbx/c1C84XCns18nv+BWcys/b6freXaHWZ6dO8W89sq8MxwVddplvU/y8jEa7WfRn+6lxXo2b+fZGozK/qJu1k73xrlTZvl20cp67Xwe6//5Y37kvdMdbO8lO+nWsJsNkqv1xsv1xnKtsZW101G6VGv228tLyVynNx5WG6XN/konyzq9tN7K+tVkrtNq1RqNZO5aut5tDpJGo75Yn69drZatl5K3bn6Q9NrJ3Djf6A62R93eMNnItpLiimqyUF98pZq80EjeW11L1t69fn117f2Prn148/XVG2+Wg/42rWRuYX5hodaYry00qtZ/GJXDXc5x5wsE8K/Z/wPTYP9v/x/2v8d+/bZvHIovEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAsfXjye/ezhuzxfmTZf9TZdczEXElIi5HxKWI+P0BZuLUgZoXI6JSth80/uRf5vB9JfIK42tOl8e5iFgpj3tPP+xPAQAAAB5f3/7w6WcRM+Nm/ue1aU+Io1T+aHNmUvXyn3yemFS1i3mxvQlVu7RfciIuR8TJ2Z8nVO1KRJw4//GEqv0jMwfizH1RKeLEUc4GAAA4Ggd3AhPbvQEAAPDI+WLaE2A68vu15f/il/eCTxdR3hA8e+AMAAAA+B+qTHsCAAAAwEOX7/89/w8AAAAeb8Xz/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD/YuZfcNGI4DsB/oFPoS0UVj6uwqrpkwSF6hC57gPY22XGGSIhzkF2OEEHEjIMyhN2YAZHvkwbbI/jJRmJhmzEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACc00OxnN+t//1vmrPdNZNnNAAAAMApm2I5LyvDqv0l3f+Wbv2IiGlETCJiHBGn5u69+FjLHEVEJ9VPvb846sN9RJmw/0w/XZ8j4le6nr6f+1sAAACA27VezRYRvX21fPl5qPEOpEWbQa68csnnQ660URn2N1Pa+CUyi0lEFMPHTGnTiOh+/Z1arfz+erVi8KroVEW3jV4AAADtqs8Ess3eAAAAuDp/Lt0BLqPcr03/xU97wf2qSBuCn2otAAAA4HodP21/0Gm3HwAAAMAFlPP/N+f/pVUB5/8BAADAbajO/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCcNsVyvl7NFk1ztrtm8owGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAntmfdxQIgTAIg73r+06D9z+WNGhqalIFwsffGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALz53V/+T0yNM8nca2PpeSRZOzW2To29c+PoD+Pr1wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzP3QmEQBCEwb7zP6fF/MOSBo1BhCpY+JhhHhYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+KLf/fJ/YmqcSeZOG0vHI8naVWPrqrH3oHH0YLz9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4GIHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirswIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgr7c2+bMBDGcfi1kyhxm4yQ3uJjBhoqBCPwISFZ8gwMwEI0VLQWi8AKIOCgpTMFz9P8fzpdcQcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7+n09MZHRGSfj8wjH67+DpeDr8jXTTP4vma2Oe7rn1tOtrtRyt8Y/xcRUUTWwm8AANpX3jfFYlnNO2m7aXtp+2nLaV3NXvloAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzuzcsWpTURgA4JOkiVYnRyuI4KCLjU2sRsjiUOguCLqFNpZiqpJmaEuXPoHo5Oor2E1fwRcQHLTg4NBBwUUQJclNeoJBUoR7Q/0++O/9c4dzz8kQ+O9/bgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgWA73wtlBngshzM0c5V3vv+6ujDu/ffZhbhBf7ry5GI/ZHaIYQni43mpeT3Et025ze+dRo9VqtiUSiWSYZP3LBADASVNMolvXfyruL3ev5eoh/Ho1Wv9fifLwl/r/88vzFwbxc+tdJ75XXP8vpLbC6VfubDwtb27vXFvfaKw115qPq9XK4s3FG7dvVcq9ZyVlT0wAAAD4N6Uk4vo/X/+z/38mysOE9f+9pQf343sV1P9jHTX9sp4JAADA/+3cpe/fcmOu50qlsNXodNoL/ePwc6V/zGCqx3Yqibj+L9SznhUAAACQhsO93Ej/fzXKw4T9//nXuwfxmIUQwmzS/59fedJaTW85Uy2N14mzXiMAAADZmk0i7v8Xe/v/88MtD/kQwtXL/Tz5G8CJ6v+PL+6OvLQe7/+vprfEqZSv9b+P3rkWwkwt6xkBAABwkp1OolvsHxT3l9s/ni+V7P8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDf7NgxSgNBFAbgzW5WKzFgpVZeQLSzClgIYuMhREHwBCKIBxBbS+9g6R1SK9hYWKbwBvJmd1TSBCx2lXwfTN4jDJmXSZN/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgrun+d1/Fy6jpy/a954+rk6gvMzW8369vxop+0OXQ/9Bgr+8JAAAAWARVzvdFUbzVj4dRy3HK/3XeE5n/YaXpc56fzf25Pt29buT8f328dfl10Kg5Jz707PzidKezb/j3rc7dMUw3n569VOkHKY9u1qZ1us/B7WRysJTa5S6mBQB+YzvXtsn/h6Lu9jkYAAtj2K7iR/6vxv3OBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANCFzwAAAP//OCtiEg==")

47.928016939s ago: executing program 2 (id=2919):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x50, 0x0, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x3c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @multicast2}}, {0x20, 0x2, @in6={0xa, 0x0, 0x0, @remote}}}}]}]}, 0x50}}, 0x4004800)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB="540000001400b595000000000000000002000000", @ANYRES32=r0, @ANYBLOB="140001000040000000000000000000000000000014000200fe8000000000000000000000000000aa140006"], 0x54}, 0x1, 0x0, 0x0, 0x800}, 0x80)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)=ANY=[], 0x6c}}, 0x4800)

47.696075702s ago: executing program 2 (id=2922):
r0 = syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x1008002, &(0x7f0000000180)={[{@grpquota}, {@sysvgroups}, {@nomblk_io_submit}, {}, {@dioread_nolock}, {@jqfmt_vfsv0}, {@nomblk_io_submit}, {@noauto_da_alloc}]}, 0x0, 0x5e0, &(0x7f0000000bc0)="$eJzs3c1vVFUbAPDnTj9oKe/bQt68igtpYgwkSksLGGJcwNaQBj/ixo2VFkQKNLRGiyaUBDcmxo0xJq5ciP+FEtmy0pULN64MCVHD0sQxd3pv6bR3+kU7t3J/v2TouefM5Zzb6dNz5vScOwFU1mD6Ty1if0RMJxH9yfxiWWdkhYMLz3vw50dn00cS9fprvyeRZHn585Psa192ck9E/PhDEvs6VtY7M3ft4vjU1OTV7Hh49tL08MzctcMXLo2fnzw/eXn0hdETx48dPzFyZFPXdb0g7/TNd9/v/2TszW+++isZ+faXsSROxsvZE5dex1YZjMHG9yRZWdR3YqsrK0lH9nOy9CVOOoue2dW+RrFu+euXvjpPRH90xMMXrz8+fqXUxgHbqp5E1IGKSsQ/VFQ+Dsjf2y9/H1wrZVQCtMP9UwsTACvjv3NhbjB6GnMDux8ksXRaJ4mIzc3MNdsTEXfvjN08d2fsZmzTPBxQbP5GRDxZFP9JI/4HoicGGvFfa4r/dFxwJvua5r+6yfqXTxWLf2ifhfjvWTX+o0X8v7Uk/t/eZP2DD5Pv9DbFf+9mLwkAAAAAAAAq6/apiHi+6O//tcX1P1Gw/qcvIk5uQf2Dy45X/v2/dm8LqgEK3D8V8VLh+t9avvp3oCNL/aexHqArOXdhavJIRPw3Ig5F1670eGSVOg5/uu/LVmWD2fq//JHWfzdbC5i1417nruZzJsZnxx/1uoGI+zcinipc/5ss9v9JQf+f/j6YXmcd+569daZV2drxD2yX+tcRBwv7/4d3rUhWvz/HcGM8MJyPClZ6+sPPvmtV/2bjv/AWE8CGpP3/7tXjfyBZer+emY3XcXSus96qbLPj/+7k9cYtZ7qzvA/GZ2evjkR0J6c70tym/NGNtxkeR3k85PGSxv+hZ1af/ysa//dGxPyy/zv5o3lPce7/f/f92qo9xv9QnjT+JzbU/288MXpr4PtW9a+v/z/W6OsPZTnm/2DBF3mYdjfnF4RjZ1FRu9sLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI+DWkTsiaQ2tJiu1YaGIvoi4n+xuzZ1ZWb2uXNX3rs8kZY1Pv+/ln/Sb//CcZJ//v/AkuPRZcdHI2JvRHze0ds4Hjp7ZWqi7IsHAAAAAAAAAAAAAAAAAACAHaKvxf7/1G8dZbcO2HadZTcAKE1B/P9URjuA9tP/Q3WJf6gu8Q/VJf6husQ/VJf4h+oS/1Bd4h8AAAAAAB4rew/c/jmJiPkXexuPVHdW1lVqy4DtViu7AUBp3OIHqsvSH6gu7/GBZI3ynpYnrXXmaqbPPsLJAAAAAAAAAAAAAFA5B/fb/w9VZf8/VJf9/1Bd+f7/AyW3A2g/7/GBWGMnf+H+/zXPAgAAAAAAAAAAAAC20szctYvjU1OTVyXe2BnNaGeiXq9fT38Kdkp7/uWJfCn8TmnPskS+1299Z5X3OwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGj2TwAAAP//+Ekkyg==")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000080)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0)
quotactl_fd$Q_SETINFO(r0, 0xffffffff80000601, 0x0, &(0x7f0000000000)={0x8, 0x9, 0x0, 0x5})

47.501736105s ago: executing program 2 (id=2926):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x2000048, &(0x7f0000000240)={[{@errors_remount}, {@journal_dev={'journal_dev', 0x3d, 0x1}}, {@delalloc}]}, 0x1, 0x429, &(0x7f0000000740)="$eJzs3M1rXFUbAPDn3nzxNu2bWOtXW3XaIAbUpElUCLipqCgILnTnQkKTlGLalCZiW1y0IrgqblzpypX9A9y4EMS9K8GV7qUQpLiWK3fmXjNN5qaZJOMknd8Ppj3n3hPOee6ZM3PuOTMTQM+q5f8kEYcj4reIGGlk7y1Qa/z3191PzuWPJLLs3T+Terk8XxYt/264yIynEelnSZxoUe/Ktesfzi0tLVwp8pOrFy9Prly7/sKFi3PnF84vXJqZfenM9Mzsy7Mzexbrrbsnf13++p2/vzj9+/Crtz54LW/v4eJccxx7pRa1e69lk2f2urIuO9KUTvq72BDa0hcReXcN1Mf/SPTFeueNxOufdrVxQEdlWZYNVZ++kbUyEC0PAwdNYjBDjyrf6Mt7+07cB+9na2cbN0Cb4++PtCgztOH+di/VIuLq+5//kD+iQ+sQAADNfsznP8+3mv+k8WhTuf8Xe0OjEfFQRByNiIcj4lhEPBJRL/tYRDxeVdGN2y0P1zbkN89/0js7j+7+8vnfKy3nv+XsL0b7ityRevwDyeKFpYUzxTVJYmAoz09tUccvb93+tupc8/wvf+T1l3PBoh13+jcs0M3Prc7tJuZmazcjjrec/yblTsDNJCKeiIjjO6zj+7PZV1Xn7h9/Z2XfRDzbsv/Xd+6S9f3JPLtxf3Ky/nyYLJ8Vm538+PJ8Vf1txJ/uPtrN8v4/tHX8o0nzfu1K+3V8N3pqrercTp//g8l79fRgcezq3OrqlamIweTtzcen1/+2zJfl8/jHx1qP/6OxfiVO5P0YEU9GxFMR8XTR9lMRcToixraI/42xNxd2Hn9n5fHPt9X/7Sey7Kefq+rfXv+/WE+NF0e28/q33Qbu5toBAADAQZHWPwOfpBP/ptN0YqLxGf5jcShdWl5ZfW5x+aNL843Pyo/GQFqudI00rYdOFWvDZX56Q36mWDf+su9/9fzEueWlykUx4D8xXDH+c3/0dbt1QMdVf1+rI3tOwD7i+5rQu4x/6F2N8b/Y7WYAXeD9H3rX1uO/6iesgAeB93/oXcY/9C7jH3qX8Q89aTff63+gE4Nt/IiAxIFMlD8rsl/as78SXX5hAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2CP/BAAA//9TS9nx")
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f0000000100)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getdents64(r0, &(0x7f00000005c0)=""/188, 0xbc)
lseek(r0, 0xfffffffffffffff8, 0x1)

47.330794517s ago: executing program 2 (id=2937):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ec0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0x4, 0x6, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r1}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000000)={r1, 0x0, &(0x7f0000000300)=""/164}, 0x20)

47.11176341s ago: executing program 2 (id=2948):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800003f0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x18)
getrlimit(0xd, &(0x7f0000000280))

47.103160211s ago: executing program 38 (id=2948):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800003f0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x18)
getrlimit(0xd, &(0x7f0000000280))

26.107922678s ago: executing program 1 (id=3776):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x7, 0x2a, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r0}, &(0x7f0000000280), &(0x7f00000002c0)}, 0x20)
process_mrelease(0xffffffffffffffff, 0x1000000)

25.99701178s ago: executing program 1 (id=3777):
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x1d, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000000000b703000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_plug\x00', r0}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

25.94341936s ago: executing program 1 (id=3779):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000000)={0xffffffffffffffff, 0x0, &(0x7f0000002780)=""/4096, 0x4}, 0x20)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={r1, 0x34}, 0x10)

25.94318868s ago: executing program 1 (id=3780):
r0 = getegid()
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000040)='./file0\x00', 0x2000802, &(0x7f0000000200)=ANY=[@ANYBLOB='iocharset=macceltic,time_offset=0x0000000000000003,gid=', @ANYRESHEX=r0, @ANYBLOB="2c666d61736b3d30303030303000303030263030303030303030303030362c696f636861727365743d63703836332c616c6c6f775f7574696d653d30303030303030303030303030303030303030303030322c6e616d65636173653d312c6572726f72733d72656d6f756e742d726f2c757466382c646d61736b3d3030303030303030303030303030303030303030a930312c00"], 0x1, 0x1537, &(0x7f00000034c0)="$eJzs3AuYTlX7MPD7XmvtMSSeJjkMa6178ySHRZLkkCSHJKkkSU4JSZO8kpAYQpKGJCSHIYkhJIeJSeN8Ph8SkqRJkpxyStZ3Tczn7V/v13voy3v95/5d176se/a+1773c8+zn733mPmu69DaTerUaERE8B/Bi/8kAkAsAAwEgLwAEABAhbgKcZnrc0pM/M92wv5cD6Vc6QrYlcT9z964/9kb9z974/5nb9z/7I37n71x/7M37j9j2dmmaYWu4SX7Lvz8Pzvjz///RTLKjP1qTZnrugHE/LMp3P/sjfv/v1bwz2zE/c/euP/ZVeyVLoD9F+D3f3aQ4x+u4f5nb9x/xrKzK/38+UovEPkvew2O5LzYmL/q+BljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsb/AGX+ZAoCs8ZWuizHGGGOMMcYYY38en+NKV8AYY4wxxhhjjLH//xAESFAQQAzkgFjICblAAMDVkAfyQgSugTi4FvLBdZAfCkBBKATxUBiKgAYDFghCKArFIArXQ3G4AUpASSgFpcFBGSgLN0I5uAnKw81QAW6BinArVILKUAWqwm1QDW6H6nAH1IA7oSbUgtpQB+6CunA31IN7oD7cCw3gPrgfHoCG8CA0goegMTwMTeARaAqPQjNoDi2gJbT6t/JfgJ7wIvSC3pAIfaAvvAT9oD8MgJdhILwCg+BVGAyvQRIMgaHwOgyDN2A4vAkjYCSMgrdgNLwNY2AsjIPxkAwTYCK8A5PgXZgM78EUmAopMA2mw/swA2bCLPgAZsOHMAfmwjyYD6nwESyAhZAGH8Mi+ATSYTEsgaWwDJbDClgJq2A1rIG1sA7WwwbYCJtgM2yBrbANtsMO+BR2wmewC3bDHvgc9sIX/2L+6f+R3w0BAQUKVKgwBmMwFmMxF+bC3Jgb82AejGAE4zAO82E+zI/5sSAWxHiMxyJYBA0aJCQsikUxilEsjsWxBJbAUlgKHTosi2WxHN6E5bE8VsAKWBErYiWsjJWxKlbFalgNq2N1rIE1sCbWxNpYG+/Cu7AP1sN6WB/rYwNskPV4ChthI2yMjbEJNsGm2BSbYTNsgS2wFbbC1tga22AbbIftsD22xw7YARMwATtiR+yEnbAzdsYu2AW7Ylfsht2xe8YLOQBfxBexN9YUfbAv9sV+mJRjAL6ML+MrOAhfxVfxNUzCITgUX8fX8Q0cjqdwBI7EUTgKq4m3cQyORRLjMRmTcSJOxEk4CTMLfQ+nYgpOw+k4HWfgTJyJH+Bs/BA/xLk4F+djKqbiAlyIaZiGi/A0puNiXIJLcRkux2W4ElfhSlyDa3ENrsf1uBE34mbcjFtxK27H7fgpKgD8DHfjbkzCvbgX9+E+3I/78QAewAzMwIN4EA/hITyMh/EIHsGjeAyP4zE8iSfxFJ7GM3gGz+E5PI/PxX/T+NOSq5NAZFJCiRgRI2JFrMglconcIrfII/KIiIiIOBEn8ol8Ir/ILwqKgiJexIsioogwwggSYQwAiKiIiuKiuCghSohSopRwwomyoqwoJ8qJ8qK8qCBuERXFraKSqCzauqqiqqgm2rnq4g5RQ9QQNUUtUVvUEXVEXVFX1BP1RH1RXzQQDcT94gHRUPTBAfiQyOxMEzEEm4qh2Ew0F/LSGay1GI5tRFvRTjwhRuII7CBauwTxtOgoxmAn8TcxFp8VXcR47CqeF91Ed9FDvCB6ijaul+gtJmMf0VdMxX6ivxggXhYzsJb4AGfnrC1eE0liiBgqXhfz8Q0xXLwpRoiRYpR4S4wWb4sxYqwYJ8aLZDFBTBTviEniXSHEe2KKmCpSxDQxXbwvZoiZYpb4QMwWH4o5Yq6YJ+aLVPGRWCAWijTxsVgkPhHpYrFYIpaKZWK5WCFWilVitVgj1op1Yr3YIDaKTWKz2CJiYZvYLnaIT8VO8ZnYJXaLPeJzsVd8IfaJL8V+8ZU4IL4WGeIbcVB8Kw6J78Rh8b04In4QR8UxcVycECfFj+KUOC3OiLPinPhJnBc/iwvCC5AohZRSyUDGyBwyVuaUueRVMrcMLr2618g4ea3MJ6+T+WUBWVAWkvGysCwitTTSSpKhLCqLyai8XhaXN8gSsqQsJUtLJ8vIsvJGWU7eJMvLm2UFeYusKG+VlWRlWUVWlbfJavJ2CZGL+6gpa8naso68SybC3bKevEfWl/fKBvI+eb98QDaUD8pG8iHZWD4sm8hHZFP5qGwmm8sWsqVsJR+TreXjso1sK9vJJ2R7+aTsIJ+SCfJp2VH6S98iz8ou8jnZVT4vu8nusof8WV6QXvaSvSX0AdlXviT7yf5yQCwAyFfkIPmqHCxfk0lyiBwqX5fD5BtyuHxTjpAj5Sj5lhwt35Zj5Fg5To6XyXKCnCjfkZPku3KyfE9OkVNlipwmB8iBv8w0S8o/zH/nd/IH/7L3jXKT3Cy3yK1ym9wud8hP5U65U+6Su+QeuUfulXvlPrlP7pf75QF5QGbIDHlQHpSH5CF5WB6WR+QReVQek2flCXlS/ihPydPytDwrz8lz8vyl1wAUKqGkUipQMSqHilU5VS51lcqtrlZ5VF4VUdeoOHWtyqeuU/lVAVVQFVLxqrAqorQyyipSoSqqiqmouh4vfcOoUqq0cqqMKqtu/CU/60cMf5CviqsbVAlV8lf5WfUl/oP6WqlWqrVqrdqoNqqdaqfaq/aqg+qgElSC6qg6qk6qk+qsOqsuqovqqrqqbqqb6qF6qJ6qp+qleqlElaj6qpdUP9VfDVAvq4HqFTVIDVKD1WCVpJLUUDVUDVPD1HA1XI1QI9QoNUqNVqPVGDVGjVPjVLJKVhPVRDVJTVKT1WQ1RU1RKSpFTVfT1Qw1Q81Ss9RsNVvNUXPUPDVPpapUtUAtUGkqTS1Si1S6WqwWq6VqqVqulquVaqVarVartWqtWq/Wq3S1SW1SW9QWtU1tUzvUDrVT7VS7xC61R+1Re9VetU/tU/vVfnVAHVAZKkMdVAfVIXVIHVaH1RF1RB1VR9VxdVydVCfVKXVKnVFn1Dl1Tp1X59UFdSHzsi8QgQhUoIKYICaIDWKDXEGuIHeQO8gT5AkiQSSIC+KCfMF1Qf6gQFAwKBTEB4WDIoEOTGADcam30eD6oHhwQ1AiKBmUCkoHLigTlA1uDMoFNwXlg5uDCsEtQcXg1qBSUDmoElQNbguqBbcH1YM7ghrBnUHNoFZQO6gT3BXUDe4O6gX3BPWDe4MGwX3B/cEDQcPgwaBR8FDQOHg4aBI8EjQNHg2aBc2DFkHLoNWfOr/3pwo87nrp3jpR99F99Uu6n+6vB+iX9UD9ih6kX9WD9Ws6SQ/RQ/Xreph+Qw/Xb+oReqQepd/So/Xbeoweq8fp8TpZT9AT9Tt6kn5XT9bv6Sl6qk7R0/R0/b6eoWfqWfoDPVt/qOfouXqenq9T9Ud6gV6o0/THepH+RKfrxXqJXqqX6eV6hV6pV+nVeo1eq9fp9XqD3qg36c16i96qt+nteof+VO/Un+lderfeoz/Xe/UXep/+Uu/XX+kD+mudob/RB/W3+pD+Th/W3+sj+gd9VB/Tx/UJfVL/qE/p0/qMPqvP6Z/0ef2zvqB95sV95se7UUaZGBNjYk2syWVymdwmt8lj8piIiZg4E2fymXwmv8lvCpqCJt7EmyKmiMlEhkxRU9RETdQUN8VNCVPClDKljDPOlDVlTTlTzpQ35U0FU8FUNBVNJVPJVDFVzG3mNnO7ud3cYe4wd5o7TS1Ty9QxdUxdU9fUM/VMfVPfNDANzP3mftPQNDSNTCPT2DQ2TUwT09Q0Nc1MM9PCtDCtTCvT2rQ2bUwb0860M+1Ne9PBdDAJJsF0NB1NJ9PJdDadTRfTxXQ1XU030830MD1MT9PT9DK9TKJJNH1NX9PP9DMDzAAz0Aw0g8wgM9gMNkkmyQw1Q80wM8wMN8PNCDPSjMo8yZm3zRgz1owz402ySTYTzUQzyUwyk81kM8VMMSkmxUw3080MM8PMMrPMbDPbzDFzzDwzz6SaVLPALDBpJs0sMotMukk3S8wSs8wsMyvMCrPKrDJrzBqzDtaZDWaD2WQ2mS1mi9lmtpkdZofZaXaaXWaX2WP2mL1mr9ln9pn9Zr85YA6YDJNhDpqD5pA5ZA6bw+aIOWKOmqPmuDluTpqT5pQ5Zc6YM+acKXDp89KbrJN5bnu1zWPz2lib0+ayV9msuKAtZONtYVvEapvfFvhVbKy1JWxJW8qWts6WsWXtjb+JK9nKtoqtam+z1ezttvpv4rr2blvP3mPr23ttHXvXr+IG9j6beXXSEBHANreNbUvbxD5im9pHbTPb3LawLW17+6TtYJ+yCfZp29E+85t4gV1oV9nVdo1da3fZ3faMPWsP2e/sOfuT7WV724H2FTvIvmoH29dskh3ym3iUfcuOtm/bMXasHWfH/yaeYqfaFDvNTrfv2xl25m/iVPuRnW3T7Bw7186z83+JM2tKsx/bRfYTm24DWGKX2mV2uV1hV2bV6vPa9XaD3Wh32s/sFrvVbrPb7Y6sC2G72+6xn9u99gt70H5r99uv7AF72GbYb36JM4/vsP3eHrE/2KP2mD1uT9iT9keVlZ157Cfsz/aC9RYICUiSooBiKAfFUk7KRVdRbrqa8lBeitA1FEfXUj66jvJTASpIhSieClMR0mTIElFIRakYRel6yiqvFJUmR2WoLN1I5egmKk83UwW6hSrSrVSJKlMVqkq3UTW6narTHVSD7qSaVItqUx26i+rS3VSP7qH6dC81oPvofnqAGtKD1Igeosb0MDWhR6gpPUrNqDm1oJbUih6j1vQ4taG21I6eoPb0JHWgpyiBnqaO9Ax1or9RZ3qWutBz1JWep27UnXrQC9STXqRe1JsSqQ/1pZeoH/WnAfQyDaRXaBC9SoPpNUqiITSUXqdh9AYNpzdpBI2kUfQWjaa3aQyNpXE0npJpAk2kd2gSvUuT6T2aQlMphabRdHqfZtBMmkUf0Gz6kObQXJpH8ymVPqIFtJDS6GNaRJ9QOi2mJbSUltFyWkEraRWtpjW0ltbRetpAG2kTbaYttJW20XbaQZ/STvqMdtFu2kOf0176gpC+pP30FR2grymDvqGD9C0dou/oMH3ve9MPdJSO0XE6QSfpRzpFp+kMnaVz9BOdp5/pAnmCEEMRylCFQRgT5ghjw5xhrvCqMHd4dZgnzBtGwmvCuPDaMF94XZg/LBAWDAuF8WHhsEioQxPakMIwLBoWC6Ph9WHx8IawRFgyLBWWDl1YJiwb3hiWC28Ky4c3hxXCW8KK4a1hpbBy+Mi9VcPbwmrh7WH18I6wRnhnWDOsFdYO64R3hXXDu8N64T1h/fDesHx4X3h/+EDYMHwwbBQ+FDYOHw6bhI+ETcNHw2Zh87BF2DJsFT4Wtg4fD9uEbcN24RNh+/DJsEP4VJgQPh12DJ/5Zf19C//x+sSwT9g3fCl8KfT+HjkvOj+aGv0ouiC6MJoW/Ti6KPpJND26OLokujS6LLo8uiK6Mroqujq6Jro2ui66ProhujHqfZ0c4NAJJ51ygYtxOVysy+lyuatcbne1y+Pyuoi7xsW5a10+d53L7wq4gq6Qi3eFXRGnnXHWkQtdUVfMRd31rri7wZVwJV0pV9o5V8aVdS1dK9fKtXaPuzaurWvnnnBPuCfdk+4p95R72nV0z7hO7m+us3vWdXHPuefc866b6+56uBdcTzchz8X3ZKLr63yOfq6fG+AGuIFuoBvkBrnBbrBLckluqBvqhrlhbrgb7ka4EW6UG+VGu9FujBvjxrlxLtklu4luopvkJrnJbrKb4qa4FJfiprvpboab4arNvLiXOW6Om+fmuVSX6ha4zGvGNLfILXLpLt0tcUvcMrfMrXAr3Cq3yq1xa9w6t85tcBvcJrfJbXFb3Da3ze1wO9xOt9Pt8nkvTur2un1un9vv9rsD7muX4b5xB9237pD7zh1237sj7gd31B1zx90Jd9L96E650+6MO+vOuZ/cefezu+C8S45MiEyMvBOZFHk3MjnyXmRKZGokJTItMj3yfmRGZGZkVuSDyOzIh5E5kbmReZH5kdTIR5EFkYWRtMjHkUWRTyLpkcWRJZGlkWWR5RHvC28JfVFfzEf99b64v8GX8CV9KV/aO1/Gl/U3+nL+Jl/e3+wr+Ft8RX+rr+Qr+yr+Ud/MN/ctfEvfyj/mW/vHfRvf1rfzT/j2/knfwT/lE/zTvqN/xnfyf/Od/bO+i3/Od/XP+26+u+/hX/A9/Yu+l+/tE30f39e/5Pv5/n6Af9kP9K/4Qf5VP9i/5pP8ED/Uv+6H+Tf8cP+mH+FH+lExb/nRWbfIMN4n+wl+on/HT/Lv+sn+PT/FT/Upfpqf7t/3M/xMP8t/4Gf7D/0cP9fP8/N9qv/IL/ALfZr/2C/yn/h0vzjrobJf4Vf6VX61X+PX+nV+vd/gN/pNfrPf4rf6bX673+E/9Tv9Z36X3+33+M/9Xv+F3+e/9Pv9V/6A/9pn+G/8Qf+tP+S/84f99/6I/8Ef9cf8cX/Cn/Q/+lP+tD/jz/pz/id/3v/sL/DvrDHGGGOM/VMmXB6KX6+5+ASoz+/kiL/buC8AXL21UMbfr8+8olyX/+K4v4hvHwGAp3t3fShrqVkzMTHx0rbpEoJicwGyfhKUKQYux4uhHTwJCdAWyv1u/f1F93P0B/NHbwHI9Xc5sXA5vjz/lwCY+DvzP/bEqAUVwzNx/4/55wKUKHY5JydcjhdDu1+er7SF8v+g/gKt/6D+nF8lA7T5u5zccDm+XH9ZeByegYRfbckYY4wxxhhjjF3UX1TpnHX/mfU/Pn/v/jxeXc7JAZfjP7o/Z4wxxhhjjDHG2JX3bPceTz2WkNC2878+qP7H26jLX8n9r+6iKfy7hfHg3xp4D/B/GwcA/+GEAJkD+Vcexea/ZF9Jl946/3PVsrM+gP+OVv4Zgyt8YmKMMcYYY4z96S5f9P/66+pKFcQYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjGVD/+nfeIN/4q/0XeljZIwxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxq60/xMAAP//U5H4Pg==")
newfstatat(0xffffffffffffff9c, &(0x7f0000002cc0)='./file0\x00', 0x0, 0x7000)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}})

25.929079601s ago: executing program 1 (id=3782):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0xb, 0x8, 0xc, 0x4, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x10005, r0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

25.831764472s ago: executing program 1 (id=3789):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xf, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x4, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

25.831539762s ago: executing program 39 (id=3789):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xf, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x4, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

3.308319161s ago: executing program 8 (id=4504):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xffd, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="500000001000010400000000000000000000ffff", @ANYRES32=0x0, @ANYBLOB="00000000000000001c001280090001007866726d000000000c00028008000200ea000000140003007866726d30"], 0x50}}, 0x0)

3.307931481s ago: executing program 8 (id=4507):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x2c)
r1 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000040)={{{@in=@rand_addr=0x64010102, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x1, 0x0, 0xe00000000, 0x40, 0xfffffffffffffffa}, {}, 0x0, 0x0, 0x1}, {{@in6=@loopback, 0x0, 0x32}, 0xa, @in=@local, 0x0, 0x4}}, 0xe8)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)

3.263497542s ago: executing program 8 (id=4510):
r0 = syz_usb_connect(0x2, 0x36, &(0x7f00000004c0)=ANY=[@ANYBLOB="12010000751c0110e60f00989ad1010203010902240001000000000904290202b48cbb0009050402100002fa000905820240"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000380)={0x1c, &(0x7f0000000280)={0x0, 0x18, 0x6, "ccb58391ca72"}, 0x0, 0x0})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)

1.461736178s ago: executing program 8 (id=4519):
r0 = gettid()
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0)
read$rfkill(r1, 0x0, 0x0)
timer_create(0x0, &(0x7f00000003c0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000380))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

1.461017918s ago: executing program 0 (id=4520):
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc)=0x4, 0x10b, 0x4, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, &(0x7f0000000040), &(0x7f0000048000), 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
exit(0x0)

1.123788223s ago: executing program 3 (id=4535):
socket$packet(0x11, 0xa, 0x300)
socket$packet(0x11, 0x2, 0x300)
socket$packet(0x11, 0x3, 0x300)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ptype\x00')
preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000180)=""/193, 0xc1}, {&(0x7f0000000480)=""/169, 0xa9}], 0x2, 0x6, 0x0)

1.123384133s ago: executing program 3 (id=4537):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ff7fffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000100)='sys_enter\x00', r1}, 0x10)
io_pgetevents(0x0, 0x8000, 0x0, 0x0, 0x0, 0x0)

1.102757483s ago: executing program 3 (id=4539):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='netlink_extack\x00', r1}, 0x10)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x14, 0x16, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0x0)

1.055538954s ago: executing program 3 (id=4540):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f00007fd000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000ffe000/0x2000)=nil)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)

871.110047ms ago: executing program 3 (id=4547):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r0, 0x0, 0x19, &(0x7f0000000040)=0x51ba, 0x4)
sendto$inet(r0, &(0x7f0000000000)="f461c5bbd75c3583", 0x8, 0x0, &(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10)
setsockopt$inet_int(r0, 0x0, 0x17, &(0x7f0000000080)=0x100, 0x4)
recvmmsg(r0, &(0x7f000000e280), 0x13, 0x0, 0x0)

693.939699ms ago: executing program 9 (id=4554):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r1, &(0x7f0000000040)=@pppol2tp={0x18, 0x1, {0x0, r0, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x4}}, 0x26)
syz_emit_ethernet(0x2a, &(0x7f0000000180)={@multicast, @multicast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x1, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x8}}}}}, 0x0)

650.93455ms ago: executing program 9 (id=4556):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x40, &(0x7f0000000180)={[{@errors_remount}, {@min_batch_time={'min_batch_time', 0x3d, 0x5}}, {@user_xattr}]}, 0xfd, 0x573, &(0x7f0000000ec0)="$eJzs3T1sG+UbAPDnzvG/X/mTIoEEqEMFSEWq6iT9gMLUrohKlTogsUDkuFEVJ47iBJooQ7pXiA4IUJeywcAIYmBALIysLCBmpIpGIDUdwMhfaZo4wSl1XHK/n3T2vfee/bzvnZ/XvtOdHEBmHa0/pBHPRsTFJGJoXd1AtCqPNtdbXVkq3ltZKiZRq136LYkkIu6uLBXb6yet50MRsRwRz0TEd/mI4+nmuNWFxcmxcrk02yoPz03NDFcXFk9cmRqbKE2Upk+98uqZs6fPjJ4cXf+ye7X1pfzO+nr95xvvX//h9Vs3Pv/iyHLxw7EkzsVgq259Px6l5jbJx7kNy0/3IlgfJf1uAA8l18rzeio9HUORa2V9J7WhXW0a0GO1fRE1IKMS+Q8Z1f4dUD/+bU+7+fvj9vnmAUg97mpratYMNM9NxP7GscnB35MHjkzqx5uHd7Oh7EnL1yJiZGBg8+c/aX3+Ht7Io2ggPfXt+eaO2rz/07XxJzqMP4Ptc6f/Unv8W900/t2Pn9ti/LvYZYw/3/rlky3jX4t4rmP8ZC1+0iF+GhHvdBn/5ptfn92qrvZpxLHoHL8t2f788PDlK+XSSPOxY4xvjh15bbv+H9wifvOc7f7G10yn7T/TZf+/+v7L55e3if/SC9vv/07b/0BEfNBl/CfvfvbGVnW3ryV36r8Cdrr/68tudRn/5XNHf+pyVQAAAAAAAAAAYAfSxrVsSVpYm0/TQqF5D+9TcTAtV6pzxy9X5qfHm9e8HY582r7SaqhZTurl0db1uO3yyQ3lU7lWwNyBRrlQrJTH+9x3AAAAAAAAAAAAAAAAAAAAeFwc2nD//x+5xv3/G/+uGtirtv7Lb2Cvk/+QXQ/mf9K3dgC7z/c/ZFZN/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv8AAAAAAAAAAAAAAAAAAAAAAAAAANATFy9cqE+1eytLxXp5fGBhfrLy7onxUnWyMDVfLBQrszOFiUplolwqFCtT//R+SaUyMxLT81eH50rVueHqwuLbU5X56fZ/ipbyPe8RAAAAAAAAAAAAAAAAAAAA/PcMNqYkLURE2phP00Ih4v8RcTjyyeUr5dJIRDwRET/m8vvq5dF+NxoAAAAAAAAAAAAAAAAAAAD2mOrC4uRYuVyazcjMwE5WjojlR9uM+jvu+FX51r56XLahmSzM9HlgAgAAAAAAAAAAAAAAAACADLp/02+3r/irtw0CAAAAAAAAAAAAAAAAAACATEp/TSKiPh0benFwY+3/ktVc4zki3rt56aOrY3Nzs6P15XfWls993Fp+sh/tB7rVztN2HgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3VRcWJ8fK5dJsD2f63UcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh/F3AAAA///pCdd8")
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
write$uinput_user_dev(r0, &(0x7f00000005c0)={'syz1\x00', {0xfff7, 0xf7, 0x8944, 0xfc2}, 0x3a, [0xfc, 0xa, 0x10, 0x6, 0x1, 0x6e2f, 0x8664, 0x8, 0x5, 0x800, 0x4, 0x1, 0x9b, 0x8, 0x55, 0x5, 0x9, 0xfd, 0x8, 0x400, 0xb61b, 0x7, 0x8, 0x5, 0x3, 0x8000, 0x8, 0x7, 0x80000000, 0x7, 0x6, 0x3ff, 0x0, 0x5, 0xde, 0x2, 0x4ba, 0xae75, 0xfffffffb, 0x3, 0xfffff800, 0xfffffffa, 0xffff0001, 0x4, 0x40, 0xfe, 0xff, 0x6, 0x4, 0x80000000, 0x3ff, 0x10, 0xff5, 0x8, 0x7, 0x0, 0x4, 0x8, 0x9, 0x1, 0x2, 0xfffffffc, 0x8, 0xf62], [0xc3, 0x9, 0x8a, 0x0, 0x9, 0x80000000, 0x0, 0x6, 0x5, 0x18a3, 0x7, 0x0, 0x8001, 0x81, 0x101, 0xfffffffc, 0x2, 0x3ff, 0x5, 0x1, 0x6, 0x9, 0x4, 0x8, 0x4, 0x1, 0x3ff, 0x8, 0x7, 0x800, 0x2, 0x91, 0x80, 0x7, 0x8, 0x8, 0x7, 0x40800000, 0x8, 0x80000000, 0x8001, 0x6b, 0x0, 0x8, 0x7, 0x8bd2, 0x2, 0x8, 0xff, 0x5, 0x4, 0x1732, 0xa5a, 0x75, 0x10, 0x0, 0x1, 0x1ff, 0x3, 0xffffff01, 0x1, 0x2, 0x4, 0x5], [0x2, 0x9, 0xffff, 0x80000001, 0x4, 0xf, 0x10001, 0xc9, 0x8, 0x7, 0x0, 0x5, 0xeb, 0x8, 0xd, 0xa, 0x2, 0x8, 0x5, 0x7, 0x49, 0x7fffffff, 0x8, 0x7ff, 0x596, 0x3, 0x4, 0x80000000, 0x5, 0x5, 0xa, 0x3, 0xc, 0x4, 0x1000, 0x5025, 0x2, 0x0, 0x8, 0x40, 0x2, 0x5, 0x0, 0x80, 0x0, 0x6, 0x0, 0x1ff, 0x81, 0x2, 0x2, 0x2, 0x7fffffff, 0x1, 0xffff, 0x5, 0x5, 0x3, 0x9, 0x7ff, 0x2, 0x7, 0x5, 0x3fc8], [0x397, 0x7, 0x0, 0x508, 0x19, 0x0, 0x9ee, 0xffff, 0x3, 0x8, 0x5, 0xffff00, 0xfffffff2, 0x3, 0xb, 0x1, 0x9b50, 0x7, 0x3, 0x28, 0xd, 0x8, 0x2, 0x5, 0xf, 0xf, 0x3, 0x200, 0xe603, 0x2, 0x9, 0x5, 0x80000001, 0x2, 0x40, 0x556, 0x101, 0x1, 0xa, 0x81, 0x4, 0xb5, 0x2, 0xd7c, 0x3, 0x1, 0x1, 0xfe, 0x400, 0x0, 0x1, 0x1, 0x1511, 0x4, 0x2, 0x21, 0xffff0000, 0x6, 0x9, 0x1, 0x3, 0x7, 0x0, 0x9]}, 0x45c)
fallocate(r0, 0x0, 0x0, 0x8000c62)

620.9041ms ago: executing program 9 (id=4558):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x408e, &(0x7f00000000c0)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@min_batch_time={'min_batch_time', 0x3d, 0xfff}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x80}}, {@stripe={'stripe', 0x3d, 0x12}}, {@errors_remount}, {@max_batch_time={'max_batch_time', 0x3d, 0x7}}]}, 0x3, 0x43a, &(0x7f0000000340)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJm8zsjjPzeXbs2Z1sAH1rJPuRROyJiN8jYqieXV1gpP7r5tLl6b+XLk8nUa2+9VdSK3dj6fJ0UbR43e48M5pGpJ8lcahFvfMXL52dqlRmL+T58YVz74/PX7z07JlzU6dnT8+enzxx4vixiReen3yuI3Fmbbpx8KO5wwdee+fqG9Mnr77787dJEX9THB0yst7BJ6rVDlfXW3sb0slADxvCppQiIuuucm38D0UpVjpvKF79tKeNA7qqWq1Wd7c/vFgF7mBJbLTk2fzzArgzFF/02fVvsW3T1OO2cP2l+gVQFvfNfKsfGYg0L1Nuur7tpJGIOLn4z1fZFt25DwEAsMr32fznmVbzvzTubyh3d742NBwR90TEvoi4NyL2R8R9EbWyD0TEg5usv3mRZO38J722pcA2KJv/vZivba2e/xWzvxgu5bm9tfjLyakzldmj+XsyGuUdWX5inTp+eOW3L9oda5z/ZVtWfzEXzNtxbWDH6tfMTC1M/ZeYG13/JOLgQKv4k+WVgCQiDkTEwS3Wceapbw63O9Yu/vJG/nAH1pmqX0c8We//xWiKv5Csvz45fldUZo+OF2fFWr/8euXNdvXfuv+7K+v/XS3P/+X4h5PG9dr5zddx5Y/P217TbPX8H0zerqUH830fTi0sXJiIGExerze6cf/kymuLfFE+i3/0SOvxvy9W3olDEZGdxA9FxMMR8Uje9kcj4rGIOLJO/D+9/Ph7W4+/u7L4ZzbV/yuJwWje0zpROvvjd6sqHd5M/Fn/H6+lRvM9G/n820i7tnY2AwAAwP9PGhF7IknHltNpOjZW/3/5/bErrczNLzx9au6D8zP1ZwSGo5wWd7qGGu6HTuSX9UV+sil/LL9v/GVpZy0/Nj1Xmel18NDndrcZ/5k/S71uHdB1nteC/mX8Q/8y/qF/Gf/Qv1qM/529aAew/Vp9/3/cg3YA269p/Fv2gz7i+h/6l/EP/cv4h740vzNu/ZC8hMSaRKS3RTMkupTo9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//9E940M=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
pwritev2(r0, &(0x7f0000000140)=[{&(0x7f0000000180)='\x00', 0x1}], 0x1, 0x5412, 0x0, 0x0)
r1 = open(&(0x7f0000000080)='./file1\x00', 0x64842, 0x86)
preadv2(r1, &(0x7f0000000280)=[{&(0x7f0000000180)=""/190, 0xbe}], 0x1, 0x6, 0xfffffff5, 0xb)

607.426021ms ago: executing program 8 (id=4560):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000002580))

607.140411ms ago: executing program 0 (id=4561):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000200)=0x632a, 0x4)
setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000000)=0xb2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000000e00)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c, 0x0}}], 0x1, 0x0)
recvmmsg(r0, &(0x7f0000001b40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001340)=""/27, 0x1b}}], 0x1, 0x12141, 0x0)

606.879191ms ago: executing program 4 (id=4562):
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0xa18c14, &(0x7f0000000180)={[{@uni_xlate}, {@iocharset={'iocharset', 0x3d, 'maccenteuro'}}, {@shortname_winnt}, {@fat=@codepage={'codepage', 0x3d, '874'}}, {@utf8no}, {@uni_xlateno}, {@shortname_mixed}, {@numtail}, {@shortname_lower}, {@utf8}, {@shortname_mixed}, {@rodir}, {@utf8no}]}, 0x81, 0x29b, &(0x7f0000000580)="$eJzs3c9qK1UYAPBv0iRNVEgWrkRwQBeuwr33CW6QChezUrLQjV5sC5KEQgMB/2Dsyr3gynfwHXwAN76BC5eCO7sQR5KZSdI0bY3EVOrvt5kvc74v509OWyjMyUevjgbHZ+PTiy9+jkYjicrTeBqXSbSjEqWvAgB4SC6zLH7LcnflVqMeEVmreFXZw/AAgH/BNn//AYCH4b33P3in2+sdvZumjYjR15N+Evk1b++exicxjJN4FK34IyJbyOOXnvWOopqm5T8DJs3oR4w+/LF43f01Yl7/OFrRXq+vF1npXLwxmk76s55n11q8kER0syRPeRKteDkiq0XxJvnl7We9oyfp9fro1+PN178rxv/nSXSiFT99HGcxjOP5Wyzrv3ycpm9l3/7+eT6DfkQynfQP53lL2cFePhAAAAAAAAAAAAAAAAAAAAAAAP4XOulCe/X8nPI0wE5nc/uN5wMVJ/xMV87XeZSmaXmMz6Rfi7y+Gq9Uo3p/MwcAAAAAAAAAAAAAAAAAAID/jvGnnw2eD4cn51eCH7JZ0Lw1Zz2ortwpH+u/u2pzMPg+YvuqvxPEQTG0YXKti6Rs2kFfh9skNzd1GpWb1rA6jHzw32w/sNd2NcFbg3J3DZ4ncUdyY/MmWdl15TY8HydbbMhsw9Id3FhV39Hc6y/+0/LmxoWazbi2WMyrVY3ZJ7lyp7bjn5Q1yc5/9wAAAAAAAAAAAAAAAAAAAFctH/qNX641XtzLkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg75bf/78Ior1+Zz2YFsXzO5Xbkw/Pxxu6be95mgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADxwfwUAAP//5OlVhQ==")
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x202402, &(0x7f0000000000)={[{@dax_inode}, {@dioread_nolock}, {@jqfmt_vfsv0}, {@orlov}, {@init_itable}, {@usrjquota, 0x2e}], [], 0x2c}, 0x0, 0x465, &(0x7f00000009c0)="$eJzs28tvG8UfAPDvrvPo85f8Snn0AQQKIuKRNGmBHriAQOKCVAkO5RjStCpNG9QEiVYVDQiVI+pfAByR+As4wQUBJxBXuKNKFeqFwgEtWnvtGj/S2HHqFn8+0iYz+/DM17tjz854AxhYE/mfJGJHRPwSEWMRUWrcYaLy78b1i/N/Xr84n0SWvf57kh8Wf1y/OF/dNSn+by8yk2lE+lES+1qUu3z+wum5xcWFc0V+euXMO9PL5y88c+rM3MmFkwtnZ48cOXxo5vnnZp/tSZw787rufX9p/55X37zy2vyxK299/2Ve3x3F9vo4KsY3XOZETNTek0aPb/jV7yw769LJUB8rQkfytp6fruFy+x+LUtw8eWPxyod9rRywqbIsy0ab1tZ6AKsZ8B+WRL9rAPRH9Ys+v/+tLrex+9F3116s3ADlcd8olsqWoUiLfYYb7m97aSIijq3+9Wm+RMtxCACA3vo67/883ar/l8Z9dfv9r5gbGo+I/0fEroi4JyJ2R8S9EeV974+IBzosf6Ih39z/+WlrV4GtU97/e6GY2/p3/6/a+4vxUpHbWY5/ODlxanHhYPGeTMbwaJ6fWaOMb17++ZN22+r7f/mSl1/tC0bESER6dahhgO743MrcBsOuufZBeQzwUnP8SW0mIImIPRGxt4vX3xIRp578Yn+77beIf209mGfKPo94onL+V6Mh/qpk7fnJ6S2xuHBwunpVNPvhx8tH25W/ofh7ID//21pe/7X4x5P6+drlzsu4/OvHbe9pbh1/6+t/JHmjnB4p1r03t7JybiZiJFltXj9bZIZu5qv75/FPHmjd/ndF/P1Zcei+iMgv4gcj4qGIeLio+yMR8WhEHFgj/u9eeuzt7uPfXHn8xzs6/9VE0rSmXaJ0+tuv2pV/6/iPXh0aPVxOTRZr1vP5t556dXc1AwAAwN0nLf8GPkmnauk0nZqq/IZ/d2xLF5eWV546sfTu2eOV38qPx3BaHekaqxsPnSnGhqv52Yb8ofK4cZZl2dZyfmp+aXGz5tSB9dnepv3nfiv1u3bAputoHq3dE23AXcnzmjC4tH8YXNo/DC7tHwZXq/Z/KeJGH6oC3Ga+/2Fwaf8wuLR/GFzaPwykNs/GJ7HO5+fbHV7R5eEDlSjdGdXoOBHpHVGN7hLphl+n1Lv6jHbQUi7F7Xqj+vzBBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0CP/BAAA//8xr+fd")
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)

537.543782ms ago: executing program 0 (id=4563):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000180100002020692500000000002060207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r0}, 0xc)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=[@cred={{0x1c}}], 0x20}, 0x0)

537.340262ms ago: executing program 0 (id=4564):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000440)={{0xfffe, 0x5, 0x2, 0x5}, 'syz0\x00', 0x1c})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000280)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x50}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000003c0)='kfree\x00', r1}, 0x10)
ioctl$UI_DEV_CREATE(r0, 0x5501)

537.111742ms ago: executing program 4 (id=4565):
r0 = creat(&(0x7f0000000200)='./file1\x00', 0x12e)
close(r0)
socket$xdp(0x2c, 0x3, 0x0)
r1 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000001200), 0xa, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

536.901762ms ago: executing program 4 (id=4566):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_plug\x00', r1}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

521.298072ms ago: executing program 0 (id=4567):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000000000f6000000006debff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
fadvise64(r1, 0x6, 0xb6, 0x4)

475.211233ms ago: executing program 4 (id=4568):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ff7fffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000100)='sys_enter\x00', r1}, 0x10)
capget(&(0x7f0000000040)={0x19980330}, 0x0)

474.996523ms ago: executing program 0 (id=4569):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1801000000000000000000000000000085000000070000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000028008000b703000000009c8c850000006d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000012c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000013c0)="d080", 0x2}], 0x1}, 0x20000801)
recvmsg(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x40002002)

452.264333ms ago: executing program 4 (id=4570):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000c40)='.\x00', &(0x7f0000000080)='./file0/../file0/../file0/../file0\x00', 0x0, 0x2901090, 0x0)
chroot(&(0x7f00000000c0)='./file0\x00')
mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)
pivot_root(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f00000001c0)='./file0/../file0\x00')

396.264934ms ago: executing program 9 (id=4580):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='io_uring_create\x00', r1}, 0x18)
io_uring_setup(0x1de0, &(0x7f00000000c0)={0x0, 0x45d6})

387.754914ms ago: executing program 8 (id=4581):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x408e, &(0x7f00000000c0)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@min_batch_time={'min_batch_time', 0x3d, 0xfff}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x80}}, {@stripe={'stripe', 0x3d, 0x12}}, {@errors_remount}, {@max_batch_time={'max_batch_time', 0x3d, 0x7}}]}, 0x3, 0x43a, &(0x7f0000000340)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJm8zsjjPzeXbs2Z1sAH1rJPuRROyJiN8jYqieXV1gpP7r5tLl6b+XLk8nUa2+9VdSK3dj6fJ0UbR43e48M5pGpJ8lcahFvfMXL52dqlRmL+T58YVz74/PX7z07JlzU6dnT8+enzxx4vixiReen3yuI3Fmbbpx8KO5wwdee+fqG9Mnr77787dJEX9THB0yst7BJ6rVDlfXW3sb0slADxvCppQiIuuucm38D0UpVjpvKF79tKeNA7qqWq1Wd7c/vFgF7mBJbLTk2fzzArgzFF/02fVvsW3T1OO2cP2l+gVQFvfNfKsfGYg0L1Nuur7tpJGIOLn4z1fZFt25DwEAsMr32fznmVbzvzTubyh3d742NBwR90TEvoi4NyL2R8R9EbWyD0TEg5usv3mRZO38J722pcA2KJv/vZivba2e/xWzvxgu5bm9tfjLyakzldmj+XsyGuUdWX5inTp+eOW3L9oda5z/ZVtWfzEXzNtxbWDH6tfMTC1M/ZeYG13/JOLgQKv4k+WVgCQiDkTEwS3Wceapbw63O9Yu/vJG/nAH1pmqX0c8We//xWiKv5Csvz45fldUZo+OF2fFWr/8euXNdvXfuv+7K+v/XS3P/+X4h5PG9dr5zddx5Y/P217TbPX8H0zerqUH830fTi0sXJiIGExerze6cf/kymuLfFE+i3/0SOvxvy9W3olDEZGdxA9FxMMR8Uje9kcj4rGIOLJO/D+9/Ph7W4+/u7L4ZzbV/yuJwWje0zpROvvjd6sqHd5M/Fn/H6+lRvM9G/n820i7tnY2AwAAwP9PGhF7IknHltNpOjZW/3/5/bErrczNLzx9au6D8zP1ZwSGo5wWd7qGGu6HTuSX9UV+sil/LL9v/GVpZy0/Nj1Xmel18NDndrcZ/5k/S71uHdB1nteC/mX8Q/8y/qF/Gf/Qv1qM/529aAew/Vp9/3/cg3YA269p/Fv2gz7i+h/6l/EP/cv4h740vzNu/ZC8hMSaRKS3RTMkupTo9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//9E940M=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
pwritev2(r0, &(0x7f0000000140)=[{&(0x7f0000000180)='\x00', 0x1}], 0x1, 0x5412, 0x0, 0x0)
r1 = open(&(0x7f0000000080)='./file1\x00', 0x64842, 0x86)
preadv2(r1, &(0x7f0000000280)=[{&(0x7f0000000180)=""/190, 0xbe}], 0x1, 0x6, 0xfffffff5, 0xb)

364.972455ms ago: executing program 9 (id=4582):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]})

356.020584ms ago: executing program 4 (id=4583):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ff7fffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000100)='sys_enter\x00', r1}, 0x10)
utimensat(0xffffffffffffffff, 0x0, &(0x7f0000000580)={{0x0, 0x3ffffffe}, {0x0, 0x3ffffffe}}, 0x0)

801.509µs ago: executing program 3 (id=4571):
r0 = gettid()
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0)
read$rfkill(r1, 0x0, 0x0)
timer_create(0x0, &(0x7f00000003c0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000380))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

0s ago: executing program 9 (id=4585):
syz_open_procfs(0x0, &(0x7f0000000000)='net/vlan/vlan0\x00')
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r0, 0x8982, &(0x7f0000002800)={0x1, 'vlan0\x00'})
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000100)='./bus\x00', 0x20008c0, &(0x7f0000000300)={[{@fat=@allow_utime={'allow_utime', 0x3d, 0xff}}, {@shortname_mixed}, {@iocharset={'iocharset', 0x3d, 'cp874'}}, {@shortname_lower}, {@rodir}, {@numtail}, {@shortname_win95}, {@fat=@sys_immutable}, {@numtail}, {@shortname_winnt}, {@numtail}, {@shortname_win95}, {@utf8}, {@uni_xlate}]}, 0x7e, 0x364, &(0x7f0000000400)="$eJzs3U1oHOUbAPBnO5vdtNB/cvhDUbCM3gQNbcWDnhJKCsW9qCx+HMTFpiq7UcjiYnLINl7Eo+BRT9486MFDzyIo4s2DVytIVTxoD0LB4sh+z2Z306QYa/D3OyxPnvd95n0nM+xMJtk3Ly5H/dJcXL5x43rMzxeiuHx+OW4WYjGSGLgSk0pTcgDA0XAzy+K3rGefJYVDnhIAcMi61/+XT+Yyb32xV//M1R8Ajrz+z//Hh4kp1/f5WcWvH9q0AIBDNPH8/4Gx5tL4r/qLub8KAACOqqefe/6JlUrEU2k6H7H+dqvaqsbjo/aVy/FqNGItzsRC3Iro3Sh0Xgrd1wsXK6tn0jRtx4+LUe1UtKoR6+1WtXensJJ068txNhZisV/fv9vIsiy58Gll9WzaFRFX2t3xY73Qqs7Fif74352ItTgXafx/oj7iYmX1XNrfQHV9UN+O2Bk9t+jMfykW4puX4nREXIpO7eC2prK6fTZNz2eVsfpWtdzt1zPzCQgAAAAAAAAAAAAAAAAAAAAAANyRpXRocbj+TTZav2dpaUp7d32cXn1/faCd3vpAWTmLLPv1zYer7yQxtj7Q7vV5WtViHLu7uw4AAAAAAAAAAAAAAAAAAAD/Gs3NUtQajbWN5uZWPR+0N5qbxyKik3ntq48/Px6TfW4TFPtj5JrSfmqrXsuSQecs6fc5FrnypDP4YIMfXR3OOD9EebgXU6dRnt3UaJy8/4f3R5n7ksGW/xz1SWL6Dia7ppEP1v/Xm9JBvlHD4Nxt+lzLsmxW+fYLk1VRiCge/MDtHWSd4Mvrr9zzSPPUo93MZ1nPgw8tPHPtvQ9/rtcanZGjewRLG81bWb3W/3r6yTY7SHLnTyF6QSF/JhRnlZe26rWd8aZa8u0vz9777tf7Gz3LZ96Y0ifp7c4nu5tKvaAzzV1Nx6eNNRcHPQStOzlwpz5Yrl3d/v6n/Vbl3iSmLdTx++m/8V0IAAAAAAAAAAAAAAAAAACIsY/HDzL9D/vO7VX12JOHPzMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+OeM/v9/LtiZyOwn+KMdk03ltY1mROlu7yYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP9xfwUAAP//oHptow==")
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')

kernel console output (not intermixed with test programs):

 ipg=32, mo=a00cc018, mo2=0002]
[  118.038526][ T7826] System zones: 1-12
[  118.050697][ T7826] EXT4-fs (loop4): 1 truncate cleaned up
[  118.053493][ T7835] loop1: detected capacity change from 0 to 256
[  118.079790][ T7835] FAT-fs (loop1): Directory bread(block 64) failed
[  118.086695][ T7835] FAT-fs (loop1): Directory bread(block 65) failed
[  118.094748][ T7835] FAT-fs (loop1): Directory bread(block 66) failed
[  118.101638][ T7835] FAT-fs (loop1): Directory bread(block 67) failed
[  118.108347][ T7835] FAT-fs (loop1): Directory bread(block 68) failed
[  118.115032][ T7835] FAT-fs (loop1): Directory bread(block 69) failed
[  118.121695][ T7835] FAT-fs (loop1): Directory bread(block 70) failed
[  118.128326][ T7835] FAT-fs (loop1): Directory bread(block 71) failed
[  118.134993][ T7835] FAT-fs (loop1): Directory bread(block 72) failed
[  118.141601][ T7835] FAT-fs (loop1): Directory bread(block 73) failed
[  118.231655][ T7847] syz.4.3280[7847] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  118.231708][ T7847] syz.4.3280[7847] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  118.270166][ T7846] loop1: detected capacity change from 0 to 8192
[  118.289444][    T6] hid-generic 0000:0004:0000.0018: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  118.299491][ T7846]  loop1: p2 p3 p4
[  118.303307][ T7846] loop1: p2 start 452985600 is beyond EOD, truncated
[  118.310205][ T7846] loop1: p3 size 33554432 extends beyond EOD, truncated
[  118.317426][ T7846] loop1: p4 start 8388607 is beyond EOD, truncated
[  118.380935][ T7849] loop1: detected capacity change from 0 to 1024
[  118.387471][ T7849] EXT4-fs: Ignoring removed orlov option
[  118.393177][ T7849] EXT4-fs: Ignoring removed nomblk_io_submit option
[  118.437268][ T7854] netlink: 104 bytes leftover after parsing attributes in process `syz.4.3283'.
[  118.516966][ T7870] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3289'.
[  118.566404][ T7872] loop1: detected capacity change from 0 to 512
[  118.573307][ T7872] EXT4-fs (loop1): Test dummy encryption mode enabled
[  118.580627][ T7872] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  118.591110][ T7872] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002]
[  118.600036][ T7872] System zones: 1-12
[  118.604638][ T7872] EXT4-fs (loop1): 1 truncate cleaned up
[  118.651940][ T7868] loop8: detected capacity change from 0 to 40427
[  118.659415][ T7868] F2FS-fs (loop8): fault_injection options not supported
[  118.667108][ T7868] F2FS-fs (loop8): invalid crc value
[  118.673616][ T7868] F2FS-fs (loop8): Found nat_bits in checkpoint
[  118.701875][ T7868] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  118.724865][ T7868] syz.8.3290: attempt to access beyond end of device
[  118.724865][ T7868] loop8: rw=2049, sector=77824, nr_sectors = 256 limit=40427
[  118.746517][ T5208] syz-executor: attempt to access beyond end of device
[  118.746517][ T5208] loop8: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  118.833943][ T7882] loop9: detected capacity change from 0 to 256
[  118.845581][ T7882] FAT-fs (loop9): Directory bread(block 64) failed
[  118.857172][ T7886] loop4: detected capacity change from 0 to 1024
[  118.863770][ T7882] FAT-fs (loop9): Directory bread(block 65) failed
[  118.870449][ T7882] FAT-fs (loop9): Directory bread(block 66) failed
[  118.877296][ T7886] EXT4-fs: Ignoring removed orlov option
[  118.883123][ T7882] FAT-fs (loop9): Directory bread(block 67) failed
[  118.889821][ T7886] EXT4-fs: Ignoring removed nomblk_io_submit option
[  118.896476][ T7882] FAT-fs (loop9): Directory bread(block 68) failed
[  118.903471][ T7882] FAT-fs (loop9): Directory bread(block 69) failed
[  118.910595][ T7882] FAT-fs (loop9): Directory bread(block 70) failed
[  118.917242][ T7882] FAT-fs (loop9): Directory bread(block 71) failed
[  118.923959][ T7882] FAT-fs (loop9): Directory bread(block 72) failed
[  118.930720][ T7882] FAT-fs (loop9): Directory bread(block 73) failed
[  118.967823][ T7895] netlink: 104 bytes leftover after parsing attributes in process `syz.8.3296'.
[  119.004130][   T28] kauditd_printk_skb: 42 callbacks suppressed
[  119.004145][   T28] audit: type=1400 audit(1749263515.156:8664): avc:  denied  { ioctl } for  pid=7899 comm="syz.8.3300" path="socket:[46019]" dev="sockfs" ino=46019 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  119.058524][ T7906] input: syz1 as /devices/virtual/input/input11
[  119.087173][ T7911] loop9: detected capacity change from 0 to 128
[  119.110514][   T39] usb 10-1: USB disconnect, device number 2
[  119.118891][   T39] hid-steam 0003:28DE:1142.0016: Steam wireless receiver disconnected
[  119.136638][ T7919] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3307'.
[  119.178964][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  119.440299][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  119.688080][ T7956] loop9: detected capacity change from 0 to 40427
[  119.707960][ T7956] F2FS-fs (loop9): Invalid log_blocksize (268), supports only 12
[  119.719612][ T7956] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock
[  119.759298][ T7956] F2FS-fs (loop9): invalid crc value
[  119.771158][ T7956] F2FS-fs (loop9): Found nat_bits in checkpoint
[  119.805621][ T7956] F2FS-fs (loop9): Try to recover 1th superblock, ret: 0
[  119.812697][ T7956] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  119.845256][   T28] audit: type=1400 audit(1749263515.996:8665): avc:  denied  { rename } for  pid=7955 comm="syz.9.3328" name="file1" dev="loop9" ino=456 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  119.875277][   T28] audit: type=1400 audit(1749263516.016:8666): avc:  denied  { unlink } for  pid=7955 comm="syz.9.3328" name="file0" dev="loop9" ino=455 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  119.900902][   T43] F2FS-fs (loop9): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  119.911035][   T43] F2FS-fs (loop9): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  120.061898][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  120.088509][   T28] audit: type=1400 audit(1749263516.236:8667): avc:  denied  { bind } for  pid=7985 comm="syz.4.3341" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  120.144441][ T7991] loop4: detected capacity change from 0 to 512
[  120.160047][ T7991] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  120.169760][ T7991] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  120.180801][ T7991] EXT4-fs (loop4): warning: checktime reached, running e2fsck is recommended
[  120.190325][ T7991] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  120.198342][ T7991] System zones: 0-2, 18-18, 34-34
[  120.204193][ T7991] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1087: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  120.219067][ T7991] EXT4-fs (loop4): 1 truncate cleaned up
[  120.261747][   T28] audit: type=1400 audit(1749263516.416:8668): avc:  denied  { ioctl } for  pid=7990 comm="syz.4.3342" path="/62/file1/file1" dev="loop4" ino=15 ioctlcmd=0x5829 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  120.510019][ T7936] loop8: detected capacity change from 0 to 262144
[  120.534113][ T7936] F2FS-fs (loop8): invalid crc value
[  120.561481][ T8006] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3347'.
[  120.580381][ T7936] F2FS-fs (loop8): Found nat_bits in checkpoint
[  120.654255][ T7936] F2FS-fs (loop8): Start checkpoint disabled!
[  120.679068][ T7936] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  120.801973][ T8004] loop1: detected capacity change from 0 to 40427
[  120.825311][ T8004] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  120.833109][ T8004] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  120.849716][ T8004] F2FS-fs (loop1): invalid crc value
[  120.876010][ T8004] F2FS-fs (loop1): Found nat_bits in checkpoint
[  120.946111][ T8004] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  120.955989][ T8004] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  121.060173][   T43] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  121.079308][   T43] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  121.485404][ T8033] loop8: detected capacity change from 0 to 256
[  121.496553][ T8033] FAT-fs (loop8): Directory bread(block 64) failed
[  121.503324][ T8033] FAT-fs (loop8): Directory bread(block 65) failed
[  121.509922][ T8033] FAT-fs (loop8): Directory bread(block 66) failed
[  121.516471][ T8033] FAT-fs (loop8): Directory bread(block 67) failed
[  121.523006][ T8033] FAT-fs (loop8): Directory bread(block 68) failed
[  121.530323][ T8033] FAT-fs (loop8): Directory bread(block 69) failed
[  121.536853][ T8033] FAT-fs (loop8): Directory bread(block 70) failed
[  121.543412][ T8033] FAT-fs (loop8): Directory bread(block 71) failed
[  121.549991][ T8033] FAT-fs (loop8): Directory bread(block 72) failed
[  121.556547][ T8033] FAT-fs (loop8): Directory bread(block 73) failed
[  121.619560][ T8039] loop9: detected capacity change from 0 to 512
[  121.653869][ T8039] EXT4-fs error (device loop9): ext4_get_journal_inode:5710: inode #32: comm syz.9.3361: iget: special inode unallocated
[  121.716565][ T8039] EXT4-fs (loop9): Remounting filesystem read-only
[  121.723218][ T8039] EXT4-fs (loop9): no journal found
[  121.730370][ T8039] EXT4-fs (loop9): can't get journal size
[  121.735412][ T8049] loop8: detected capacity change from 0 to 8192
[  121.736441][ T8039] EXT4-fs (loop9): warning: mounting fs with errors, running e2fsck is recommended
[  121.752108][ T8039] EXT4-fs error (device loop9): ext4_protect_reserved_inode:160: inode #32: comm syz.9.3361: iget: special inode unallocated
[  121.765427][ T8039] EXT4-fs (loop9): Remounting filesystem read-only
[  121.773043][ T8039] EXT4-fs (loop9): failed to initialize system zone (-117)
[  121.780482][ T8039] EXT4-fs (loop9): mount failed
[  121.785402][ T8049]  loop8: p2 p3 p4
[  121.789228][ T8049] loop8: p2 start 452985600 is beyond EOD, truncated
[  121.796182][ T8049] loop8: p3 size 33554432 extends beyond EOD, truncated
[  121.803827][ T8049] loop8: p4 start 8388607 is beyond EOD, truncated
[  121.897618][ T8077] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  121.901152][   T28] audit: type=1400 audit(1749263518.046:8669): avc:  denied  { mounton } for  pid=8079 comm="syz.8.3381" path="/206/file0" dev="incremental-fs" ino=1116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  121.913123][ T8077] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  121.937244][ T8080] incfs: mount failed -22
[  121.961552][   T28] audit: type=1400 audit(1749263518.116:8670): avc:  denied  { map } for  pid=8082 comm="syz.4.3382" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=46893 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  121.998193][   T28] audit: type=1400 audit(1749263518.116:8671): avc:  denied  { read write } for  pid=8082 comm="syz.4.3382" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=46893 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  122.076899][ T8101] loop8: detected capacity change from 0 to 512
[  122.098631][ T8101] EXT4-fs (loop8): orphan cleanup on readonly fs
[  122.105102][ T8101] EXT4-fs (loop8): Cannot turn on journaled quota: type 0: error -13
[  122.119141][ T8101] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  122.149038][ T8101] EXT4-fs error (device loop8): ext4_clear_blocks:883: inode #13: comm syz.8.3390: attempt to clear invalid blocks 2 len 1
[  122.176750][ T8101] EXT4-fs error (device loop8): ext4_free_branches:1030: inode #13: comm syz.8.3390: invalid indirect mapped block 1819239214 (level 0)
[  122.214608][ T8101] EXT4-fs error (device loop8): ext4_free_branches:1030: inode #13: comm syz.8.3390: invalid indirect mapped block 1819239214 (level 1)
[  122.236824][ T8115] loop9: detected capacity change from 0 to 512
[  122.243816][ T8101] EXT4-fs (loop8): 1 truncate cleaned up
[  122.256408][ T8115] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  122.273526][ T8101] EXT4-fs (loop8): warning: mounting fs with errors, running e2fsck is recommended
[  122.282915][ T1762] usb 2-1: new full-speed USB device number 2 using dummy_hcd
[  122.291722][ T8115] EXT4-fs (loop9): mounting ext2 file system using the ext4 subsystem
[  122.300174][ T8101] EXT4-fs error (device loop8): __ext4_remount:6598: comm syz.8.3390: Abort forced by user
[  122.317791][ T8115] EXT4-fs (loop9): warning: checktime reached, running e2fsck is recommended
[  122.327159][ T8115] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  122.335174][ T8101] EXT4-fs (loop8): Remounting filesystem read-only
[  122.335191][ T8101] EXT4-fs (loop8): re-mounted. Quota mode: writeback.
[  122.336800][ T8101] EXT4-fs error (device loop8): ext4_lookup:1855: inode #2: comm syz.8.3390: 'file1' linked to parent dir
[  122.341915][ T8115] System zones: 0-2, 18-18, 34-34
[  122.371488][ T8115] EXT4-fs warning (device loop9): ext4_update_dynamic_rev:1087: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  122.386795][ T8115] EXT4-fs (loop9): 1 truncate cleaned up
[  122.484237][ T8138] loop4: detected capacity change from 0 to 512
[  122.491429][ T8138] EXT4-fs: Ignoring removed mblk_io_submit option
[  122.500670][ T8138] EXT4-fs: Ignoring removed mblk_io_submit option
[  122.501064][ T1762] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  122.517511][ T8140] syz.3.3408[8140] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  122.517566][ T8140] syz.3.3408[8140] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  122.518989][ T8138] EXT4-fs (loop4): Test dummy encryption mode enabled
[  122.534013][ T1762] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  122.557096][ T8138] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  122.573956][ T1762] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  122.599066][ T1762] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  122.609152][ T1762] usb 2-1: Product: syz
[  122.613327][ T1762] usb 2-1: Manufacturer: syz
[  122.617920][ T1762] usb 2-1: SerialNumber: syz
[  122.629359][ T8138] EXT4-fs (loop4): 1 truncate cleaned up
[  122.683258][ T8157] loop8: detected capacity change from 0 to 512
[  122.701070][ T8157] EXT4-fs (loop8): feature flags set on rev 0 fs, running e2fsck is recommended
[  122.710552][ T8157] EXT4-fs (loop8): mounting ext2 file system using the ext4 subsystem
[  122.729216][ T8157] EXT4-fs (loop8): warning: checktime reached, running e2fsck is recommended
[  122.739089][ T8157] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  122.768148][ T8157] System zones: 0-2, 18-18, 34-34
[  122.793717][ T8157] EXT4-fs warning (device loop8): ext4_update_dynamic_rev:1087: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  122.808516][ T8157] EXT4-fs (loop8): 1 truncate cleaned up
[  122.849831][ T1762] usb 2-1: 0:2 : does not exist
[  122.865290][ T1762] usb 2-1: 5:0: failed to get current value for ch 0 (-22)
[  122.895804][ T1762] usb 2-1: USB disconnect, device number 2
[  122.928796][ T8188] loop8: detected capacity change from 0 to 512
[  122.943912][ T8188] EXT4-fs: Ignoring removed mblk_io_submit option
[  122.951914][ T8188] EXT4-fs: Ignoring removed mblk_io_submit option
[  122.958608][ T8188] EXT4-fs (loop8): Test dummy encryption mode enabled
[  122.981832][ T8188] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  122.985257][ T8196] loop4: detected capacity change from 0 to 512
[  123.000345][ T8188] EXT4-fs (loop8): 1 truncate cleaned up
[  123.011392][ T8196] EXT4-fs (loop4): orphan cleanup on readonly fs
[  123.017728][ T8196] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -13
[  123.026517][ T8196] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  123.048960][ T8196] EXT4-fs error (device loop4): ext4_clear_blocks:883: inode #13: comm syz.4.3434: attempt to clear invalid blocks 2 len 1
[  123.072703][ T8196] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.3434: invalid indirect mapped block 1819239214 (level 0)
[  123.099108][ T8196] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.3434: invalid indirect mapped block 1819239214 (level 1)
[  123.115356][ T8196] EXT4-fs (loop4): 1 truncate cleaned up
[  123.129590][ T8196] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[  123.149237][ T8196] EXT4-fs error (device loop4): __ext4_remount:6598: comm syz.4.3434: Abort forced by user
[  123.162755][ T8196] EXT4-fs (loop4): Remounting filesystem read-only
[  123.169563][ T8196] EXT4-fs (loop4): re-mounted. Quota mode: writeback.
[  123.174200][ T8213] loop8: detected capacity change from 0 to 1024
[  123.176456][   T28] audit: type=1400 audit(1749263519.326:8672): avc:  denied  { ioctl } for  pid=8211 comm="syz.3.3442" path="socket:[47098]" dev="sockfs" ino=47098 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  123.210882][ T8196] EXT4-fs error (device loop4): ext4_lookup:1855: inode #2: comm syz.4.3434: 'file1' linked to parent dir
[  123.262379][ T8230] syz.9.3448[8230] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  123.262441][ T8230] syz.9.3448[8230] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  123.323329][ T8244] netlink: 12 bytes leftover after parsing attributes in process `syz.9.3455'.
[  123.378708][   T28] audit: type=1400 audit(1749263519.526:8673): avc:  denied  { setopt } for  pid=8252 comm="syz.9.3460" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  123.397745][ T8256] input: syz0 as /devices/virtual/input/input12
[  123.404635][ T8256] input: failed to attach handler leds to device input12, error: -6
[  123.475432][ T8277] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  123.484516][ T8277] device bridge_slave_0 left promiscuous mode
[  123.491336][ T8277] bridge0: port 1(bridge_slave_0) entered disabled state
[  123.500117][ T8277] device bridge_slave_1 left promiscuous mode
[  123.506295][ T8277] bridge0: port 2(bridge_slave_1) entered disabled state
[  123.537569][ T8287] syz.4.3477[8287] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  123.537630][ T8287] syz.4.3477[8287] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  123.698943][ T1762] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  123.778548][ T8322] loop4: detected capacity change from 0 to 2048
[  123.789051][   T39] usb 10-1: new full-speed USB device number 3 using dummy_hcd
[  123.807386][ T8324] loop4: detected capacity change from 0 to 256
[  123.898954][ T1762] usb 2-1: Using ep0 maxpacket: 16
[  123.905190][ T1762] usb 2-1: config 1 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 30, changing to 8
[  123.916302][ T1762] usb 2-1: config 1 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  123.929088][ T1762] usb 2-1: config 1 interface 0 has no altsetting 0
[  123.937033][ T1762] usb 2-1: New USB device found, idVendor=05ac, idProduct=0215, bcdDevice= 0.40
[  123.946132][ T1762] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  123.954185][ T1762] usb 2-1: Product: syz
[  123.958335][ T1762] usb 2-1: Manufacturer: syz
[  123.962941][ T1762] usb 2-1: SerialNumber: syz
[  123.979967][   T39] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  123.990201][   T39] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 3
[  124.000692][   T39] usb 10-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  124.009975][   T39] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  124.018080][   T39] usb 10-1: Product: syz
[  124.022395][   T39] usb 10-1: Manufacturer: syz
[  124.027160][   T39] usb 10-1: SerialNumber: syz
[  124.131450][ T8343] loop4: detected capacity change from 0 to 1024
[  124.138370][ T8343] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  124.148203][ T8343] EXT4-fs error (device loop4): ext4_get_journal_inode:5710: inode #32: comm syz.4.3502: iget: special inode unallocated
[  124.161147][ T8343] EXT4-fs (loop4): no journal found
[  124.166433][ T8343] EXT4-fs (loop4): can't get journal size
[  124.175753][ T1762] usbhid 2-1:1.0: can't add hid device: -71
[  124.181767][ T1762] usbhid: probe of 2-1:1.0 failed with error -71
[  124.189424][ T1762] usb 2-1: USB disconnect, device number 3
[  124.234351][   T39] usb 10-1: 0:2 : does not exist
[  124.247303][   T28] kauditd_printk_skb: 4 callbacks suppressed
[  124.247316][   T28] audit: type=1400 audit(1749263520.396:8678): avc:  denied  { read write } for  pid=8353 comm="syz.4.3507" name="vhost-vsock" dev="devtmpfs" ino=268 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  124.250392][   T39] usb 10-1: 5:0: failed to get current value for ch 0 (-22)
[  124.254878][   T28] audit: type=1400 audit(1749263520.416:8679): avc:  denied  { open } for  pid=8353 comm="syz.4.3507" path="/dev/vhost-vsock" dev="devtmpfs" ino=268 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  124.315522][   T39] usb 10-1: USB disconnect, device number 3
[  124.485754][   T28] audit: type=1400 audit(1749263520.636:8680): avc:  denied  { read write } for  pid=7080 comm="syz-executor" name="loop4" dev="devtmpfs" ino=122 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  124.520787][ T8378] loop4: detected capacity change from 0 to 2048
[  124.527230][   T28] audit: type=1400 audit(1749263520.636:8681): avc:  denied  { open } for  pid=7080 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=122 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  124.553644][   T28] audit: type=1400 audit(1749263520.636:8682): avc:  denied  { ioctl } for  pid=7080 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=122 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  124.583664][   T28] audit: type=1400 audit(1749263520.646:8683): avc:  denied  { bpf } for  pid=8377 comm="syz.4.3516" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  124.606587][ T8378] Alternate GPT is invalid, using primary GPT.
[  124.618200][ T8378]  loop4: p1 p2 p3
[  124.622264][   T28] audit: type=1400 audit(1749263520.646:8684): avc:  denied  { map_create } for  pid=8377 comm="syz.4.3516" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  124.642857][   T28] audit: type=1400 audit(1749263520.646:8685): avc:  denied  { perfmon } for  pid=8377 comm="syz.4.3516" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  124.674126][   T28] audit: type=1400 audit(1749263520.646:8686): avc:  denied  { map_read map_write } for  pid=8377 comm="syz.4.3516" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  124.694005][   T28] audit: type=1400 audit(1749263520.646:8687): avc:  denied  { prog_load } for  pid=8377 comm="syz.4.3516" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  125.308941][ T1762] usb 5-1: new full-speed USB device number 3 using dummy_hcd
[  125.500280][ T1762] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  125.500306][ T1762] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  125.501844][ T1762] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  125.528730][ T1762] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  125.536773][ T1762] usb 5-1: Product: syz
[  125.541566][ T1762] usb 5-1: Manufacturer: syz
[  125.546164][ T1762] usb 5-1: SerialNumber: syz
[  125.754263][ T1762] usb 5-1: 0:2 : does not exist
[  125.756804][ T1762] usb 5-1: 5:0: failed to get current value for ch 0 (-22)
[  125.781395][ T1762] usb 5-1: USB disconnect, device number 3
[  126.268965][ T1762] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  126.297550][ T8494] syz.9.3571[8494] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  126.297596][ T8494] syz.9.3571[8494] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  126.362671][ T8509] loop8: detected capacity change from 0 to 128
[  126.381208][ T8509] EXT4-fs: Ignoring removed nobh option
[  126.389163][ T8509] ext4 filesystem being mounted at /246/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  126.401454][ T8509] EXT4-fs error (device loop8): __ext4_remount:6598: comm syz.8.3577: Abort forced by user
[  126.411853][ T8509] EXT4-fs (loop8): Remounting filesystem read-only
[  126.418464][ T8509] EXT4-fs (loop8): re-mounted. Quota mode: none.
[  126.421183][ T8518] x_tables: duplicate underflow at hook 4
[  126.469235][ T1762] usb 2-1: Using ep0 maxpacket: 16
[  126.475372][ T1762] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  126.486366][ T1762] usb 2-1: New USB device found, idVendor=0b57, idProduct=2bbd, bcdDevice=e7.cc
[  126.495446][ T1762] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  126.503566][ T1762] usb 2-1: Product: syz
[  126.507724][ T1762] usb 2-1: Manufacturer: syz
[  126.512329][ T1762] usb 2-1: SerialNumber: syz
[  126.517329][ T1762] usb 2-1: config 0 descriptor??
[  126.523026][ T1762] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  126.727163][ T1762] usb 2-1: USB disconnect, device number 4
[  126.940429][ T8528] loop8: detected capacity change from 0 to 16
[  126.954834][ T8528] erofs: (device loop8): mounted with root inode @ nid 36.
[  126.975185][ T8536] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  126.985938][ T8536] device bridge_slave_0 left promiscuous mode
[  126.992889][ T8536] bridge0: port 1(bridge_slave_0) entered disabled state
[  127.000568][ T8538] validate_nla: 3 callbacks suppressed
[  127.000585][ T8538] netlink: 'syz.4.3590': attribute type 30 has an invalid length.
[  127.014559][ T8536] device bridge_slave_1 left promiscuous mode
[  127.023185][ T8536] bridge0: port 2(bridge_slave_1) entered disabled state
[  127.369510][ T8571] loop1: detected capacity change from 0 to 512
[  127.376393][ T8571] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  127.387419][ T8571] EXT4-fs (loop1): 1 truncate cleaned up
[  127.408323][ T8576] 9pnet: p9_errstr2errno: server reported unknown error �@í΂Í(ááí«Qÿ0x0000000000000004
[  127.469059][ T8590] syz.3.3613[8590] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  127.469109][ T8590] syz.3.3613[8590] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  127.510144][ T8592] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  127.532249][ T8592] FAT-fs (loop7): unable to read boot sector
[  127.638993][ T1762] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  127.818974][ T1762] usb 10-1: Using ep0 maxpacket: 32
[  127.825226][ T1762] usb 10-1: config 4 has an invalid interface number: 128 but max is 0
[  127.833517][ T1762] usb 10-1: config 4 has no interface number 0
[  127.839709][ T1762] usb 10-1: config 4 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  127.850908][ T1762] usb 10-1: config 4 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  127.860956][ T1762] usb 10-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  127.870213][ T1762] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.889372][ T1762] hub 10-1:4.128: USB hub found
[  128.089476][ T1762] hub 10-1:4.128: 2 ports detected
[  128.094657][ T1762] hub 10-1:4.128: Using single TT (err -22)
[  128.113430][ T8622] loop8: detected capacity change from 0 to 512
[  128.120432][ T8622] EXT4-fs (loop8): feature flags set on rev 0 fs, running e2fsck is recommended
[  128.129645][ T8622] EXT4-fs (loop8): mounting ext2 file system using the ext4 subsystem
[  128.138457][ T8622] EXT4-fs (loop8): warning: checktime reached, running e2fsck is recommended
[  128.147586][ T8622] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  128.155703][ T8622] System zones: 0-2, 18-18, 34-34
[  128.161489][ T8622] EXT4-fs warning (device loop8): ext4_update_dynamic_rev:1087: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  128.176490][ T8622] EXT4-fs (loop8): 1 truncate cleaned up
[  128.182296][ T8622] EXT4-fs mount: 52 callbacks suppressed
[  128.182309][ T8622] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  128.209431][ T5208] EXT4-fs (loop8): unmounting filesystem.
[  128.224843][ T8628] loop8: detected capacity change from 0 to 1024
[  128.240623][ T8628] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  128.249268][ T8628] ext4 filesystem being mounted at /261/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  128.269961][ T5208] EXT4-fs (loop8): unmounting filesystem.
[  128.294231][ T1762] hub 10-1:4.128: hub_hub_status failed (err = -71)
[  128.311027][ T1762] hub 10-1:4.128: config failed, can't get hub status (err -71)
[  128.352212][ T1762] usb 10-1: USB disconnect, device number 4
[  128.442869][ T8660] binder: 8658:8660 ioctl 40046205 0 returned -22
[  128.455941][ T8663] loop1: detected capacity change from 0 to 1024
[  128.462741][ T8663] EXT4-fs: Ignoring removed i_version option
[  128.468738][ T8663] EXT4-fs: Ignoring removed bh option
[  128.474476][ T8663] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  128.490459][ T8663] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  128.511349][ T6859] EXT4-fs (loop1): unmounting filesystem.
[  128.676645][ T8677] loop1: detected capacity change from 0 to 40427
[  128.684184][ T8677] F2FS-fs (loop1): fault_injection options not supported
[  128.692050][ T8677] F2FS-fs (loop1): invalid crc value
[  128.698791][ T8677] F2FS-fs (loop1): Found nat_bits in checkpoint
[  128.736111][ T8677] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  128.764071][ T8677] syz.1.3649: attempt to access beyond end of device
[  128.764071][ T8677] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  128.779061][ T8677] syz.1.3649: attempt to access beyond end of device
[  128.779061][ T8677] loop1: rw=2049, sector=77824, nr_sectors = 128 limit=40427
[  128.793074][ T8677] syz.1.3649: attempt to access beyond end of device
[  128.793074][ T8677] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  128.813708][ T6859] syz-executor: attempt to access beyond end of device
[  128.813708][ T6859] loop1: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  129.048593][ T8743] xt_bpf: check failed: parse error
[  129.081572][ T8752] loop4: detected capacity change from 0 to 256
[  129.091255][ T8752] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x09567547, utbl_chksum : 0xe619d30d)
[  129.221560][ T8771] loop4: detected capacity change from 0 to 256
[  129.228223][ T8771] exfat: Deprecated parameter 'namecase'
[  129.233932][ T8771] exfat: Deprecated parameter 'namecase'
[  129.241932][ T8771] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xfcc0b04e, utbl_chksum : 0xe619d30d)
[  129.260084][   T28] kauditd_printk_skb: 145 callbacks suppressed
[  129.260097][   T28] audit: type=1400 audit(2000000001.150:8833): avc:  denied  { append } for  pid=8770 comm="syz.4.3690" path="/156/file0/cgroup.stat" dev="loop4" ino=1048694 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  129.290908][ T8774] loop1: detected capacity change from 0 to 16
[  129.297576][   T28] audit: type=1400 audit(2000000001.180:8834): avc:  denied  { create } for  pid=8775 comm="syz.8.3692" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  129.314485][ T8774] erofs: (device loop1): mounted with root inode @ nid 36.
[  129.317467][   T28] audit: type=1400 audit(2000000001.190:8835): avc:  denied  { setopt } for  pid=8775 comm="syz.8.3692" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  129.344128][   T28] audit: type=1400 audit(2000000001.190:8836): avc:  denied  { map } for  pid=8775 comm="syz.8.3692" path="socket:[49946]" dev="sockfs" ino=49946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  129.377791][   T28] audit: type=1400 audit(2000000001.190:8837): avc:  denied  { read accept } for  pid=8775 comm="syz.8.3692" path="socket:[49946]" dev="sockfs" ino=49946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  129.406235][   T28] audit: type=1400 audit(2000000001.260:8838): avc:  denied  { ioctl } for  pid=8777 comm="syz.8.3694" path="socket:[49029]" dev="sockfs" ino=49029 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  129.406250][ T8773] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  129.441548][   T28] audit: type=1400 audit(2000000001.270:8839): avc:  denied  { mount } for  pid=8772 comm="syz.1.3691" name="/" dev="loop1" ino=36 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  129.447644][ T8773] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -4 in[49, 4047] out[1851]
[  129.495425][   T28] audit: type=1400 audit(2000000001.380:8840): avc:  denied  { execute } for  pid=8786 comm="syz.3.3698" path=2F6D656D66643A76A6F56C6A362C72AFE8102FEC67EDE36880B821793677DADDB90A52E84099B98A0F5A09908B70108486748ABAC6FBD20CEF26ADA84DE808B023AC29811E8A0C1144E36C875C1548647E5C1195F8E6A7C3BC182B92924E07A77F4E9B4CF8EB517302F9AD698F0FFF026E9D85EA1A2A1B49D81CE89B5953251D1086A00BEAD989DAA75764A445758C736DA12ED1B2491A0E082416B2FD419816CA8379F91AE706680776A8D8CE59C0E676B5F59DBEA538B432D85624E6C81CAF8EA1EF61B12FEE313DBF4DEA770CA2871C281A2DEBFB56EB34D4435DC77B74F9D560495A0348D986E1324E1FD87BF57A40E0202864656C6574656429 dev="tmpfs" ino=1252 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  129.561020][ T8773] erofs: (device loop1): z_erofs_read_folio: failed to read, err [-117]
[  129.610484][   T28] audit: type=1400 audit(2000000001.500:8841): avc:  denied  { name_bind } for  pid=8797 comm="syz.9.3702" src=3618 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  129.660373][   T28] audit: type=1400 audit(2000000001.520:8842): avc:  denied  { read } for  pid=8801 comm="syz.9.3704" name="usbmon0" dev="devtmpfs" ino=159 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  129.681013][ T8808] loop9: detected capacity change from 0 to 128
[  129.708032][ T8814] loop8: detected capacity change from 0 to 256
[  129.719758][ T8808] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  129.730979][ T8808] ext4 filesystem being mounted at /181/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  129.762986][ T8808] syz.9.3706 (pid 8808) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  129.818333][ T6497] EXT4-fs (loop9): unmounting filesystem.
[  129.858680][ T8829] loop9: detected capacity change from 0 to 16
[  129.876327][ T8829] erofs: (device loop9): mounted with root inode @ nid 36.
[  129.918992][ T8836] tmpfs: Unknown parameter 'context'
[  129.926946][ T8834] IPv6: sit1: Disabled Multicast RS
[  129.946217][ T8838] loop1: detected capacity change from 0 to 512
[  129.980201][ T8838] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  130.002741][ T8852] loop9: detected capacity change from 0 to 512
[  130.014475][ T8838] ext4 filesystem being mounted at /155/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  130.039889][ T8852] EXT4-fs error (device loop9): ext4_orphan_get:1400: inode #15: comm syz.9.3725: casefold flag without casefold feature
[  130.076985][ T8852] EXT4-fs error (device loop9): ext4_orphan_get:1405: comm syz.9.3725: couldn't read orphan inode 15 (err -117)
[  130.090386][ T8838] EXT4-fs error (device loop1): ext4_do_update_inode:5255: inode #2: comm syz.1.3720: corrupted inode contents
[  130.108404][ T8852] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  130.117417][    T6] usb 5-1: new full-speed USB device number 4 using dummy_hcd
[  130.126471][ T8838] EXT4-fs error (device loop1): ext4_dirty_inode:6120: inode #2: comm syz.1.3720: mark_inode_dirty error
[  130.147875][ T8838] EXT4-fs error (device loop1): ext4_do_update_inode:5255: inode #2: comm syz.1.3720: corrupted inode contents
[  130.174830][ T8865] EXT4-fs error (device loop1): ext4_do_update_inode:5255: inode #2: comm syz.1.3720: corrupted inode contents
[  130.187679][ T6497] EXT4-fs (loop9): unmounting filesystem.
[  130.253276][ T8865] EXT4-fs error (device loop1): ext4_dirty_inode:6120: inode #2: comm syz.1.3720: mark_inode_dirty error
[  130.284035][ T8865] EXT4-fs error (device loop1): ext4_do_update_inode:5255: inode #2: comm syz.1.3720: corrupted inode contents
[  130.309967][    T6] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  130.323272][ T8865] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #2: comm syz.1.3720: mark_inode_dirty error
[  130.328930][    T6] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  130.353235][ T8865] EXT4-fs error (device loop1): ext4_do_update_inode:5255: inode #2: comm syz.1.3720: corrupted inode contents
[  130.365370][ T8865] EXT4-fs error (device loop1): ext4_dirty_inode:6120: inode #2: comm syz.1.3720: mark_inode_dirty error
[  130.366973][    T6] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  130.399909][    T6] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  130.417203][    T6] usb 5-1: config 0 descriptor??
[  130.423054][ T6859] EXT4-fs (loop1): unmounting filesystem.
[  130.704580][ T8926] loop1: detected capacity change from 0 to 512
[  130.721217][ T8926] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  130.730914][ T8926] ext4 filesystem being mounted at /160/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  130.795028][ T6859] EXT4-fs (loop1): unmounting filesystem.
[  130.833026][    T6] savu 0003:1E7D:2D5A.0019: hiddev96,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.4-1/input0
[  130.979833][ T8953] loop1: detected capacity change from 0 to 512
[  130.986504][ T8953] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  130.997858][ T8953] EXT4-fs (loop1): 1 truncate cleaned up
[  131.003694][ T8953] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  131.014349][ T8953] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2195: inode #15: comm syz.1.3771: corrupted in-inode xattr
[  131.026546][ T8953] EXT4-fs (loop1): Remounting filesystem read-only
[  131.033105][ T8953] EXT4-fs warning (device loop1): ext4_xattr_set_entry:1732: inode #15: comm syz.1.3771: unable to update i_inline_off
[  131.045555][ T8953] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2195: inode #15: comm syz.1.3771: corrupted in-inode xattr
[  131.057593][ T8953] EXT4-fs (loop1): Remounting filesystem read-only
[  131.069981][ T6859] EXT4-fs (loop1): unmounting filesystem.
[  131.099586][  T308] usb 5-1: USB disconnect, device number 4
[  131.178941][    T6] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  131.208523][ T8962] loop1: detected capacity change from 0 to 40427
[  131.215417][ T8962] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  131.223149][ T8962] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  131.233348][ T8962] F2FS-fs (loop1): Found nat_bits in checkpoint
[  131.260888][ T8962] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  131.267953][ T8962] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  131.360043][    T6] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  131.371104][    T6] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  131.380938][    T6] usb 9-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00
[  131.390072][    T6] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  131.398762][    T6] usb 9-1: config 0 descriptor??
[  131.432917][ T8976] loop1: detected capacity change from 0 to 256
[  131.442258][ T8976] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x23633d53, utbl_chksum : 0xe619d30d)
[  131.513675][   T10] tipc: Disabling bearer <udp:syz2>
[  131.520419][   T10] tipc: Left network mode
[  131.777258][ T9010] bridge0: port 1(bridge_slave_0) entered blocking state
[  131.784770][ T9010] bridge0: port 1(bridge_slave_0) entered disabled state
[  131.793010][ T9010] device bridge_slave_0 entered promiscuous mode
[  131.801823][ T9010] bridge0: port 2(bridge_slave_1) entered blocking state
[  131.809053][ T9010] bridge0: port 2(bridge_slave_1) entered disabled state
[  131.810657][    T6] uclogic 0003:5543:0522.001A: No inputs registered, leaving
[  131.816592][ T9010] device bridge_slave_1 entered promiscuous mode
[  131.826076][    T6] uclogic 0003:5543:0522.001A: hidraw0: USB HID v0.00 Device [HID 5543:0522] on usb-dummy_hcd.8-1/input0
[  131.844496][ T9041] syz.3.3811[9041] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  131.844582][ T9041] syz.3.3811[9041] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  131.910397][ T9051] 9pnet_fd: Insufficient options for proto=fd
[  131.943859][ T9010] bridge0: port 2(bridge_slave_1) entered blocking state
[  131.950947][ T9010] bridge0: port 2(bridge_slave_1) entered forwarding state
[  131.958269][ T9010] bridge0: port 1(bridge_slave_0) entered blocking state
[  131.965306][ T9010] bridge0: port 1(bridge_slave_0) entered forwarding state
[  131.992067][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  131.999999][  T304] bridge0: port 1(bridge_slave_0) entered disabled state
[  132.007219][  T304] bridge0: port 2(bridge_slave_1) entered disabled state
[  132.020260][ T6044] usb 9-1: USB disconnect, device number 6
[  132.028145][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  132.036308][  T304] bridge0: port 1(bridge_slave_0) entered blocking state
[  132.043334][  T304] bridge0: port 1(bridge_slave_0) entered forwarding state
[  132.050934][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  132.059293][  T304] bridge0: port 2(bridge_slave_1) entered blocking state
[  132.066315][  T304] bridge0: port 2(bridge_slave_1) entered forwarding state
[  132.076992][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  132.088542][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  132.102603][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  132.114048][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  132.122085][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  132.129728][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  132.139479][ T9010] device veth0_vlan entered promiscuous mode
[  132.149863][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  132.159176][ T9010] device veth1_macvtap entered promiscuous mode
[  132.168656][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  132.178721][  T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  132.187716][   T10] device vlan2 left promiscuous mode
[  132.193266][   T10] bridge0: port 3(vlan2) entered disabled state
[  132.199840][   T10] device bridge_slave_1 left promiscuous mode
[  132.205920][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  132.213393][   T10] device bridge_slave_0 left promiscuous mode
[  132.219587][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  132.227290][   T10] device veth0_vlan left promiscuous mode
[  132.359503][ T9070] loop0: detected capacity change from 0 to 16
[  132.366172][ T9070] erofs: (device loop0): mounted with root inode @ nid 36.
[  132.564223][ T9091] loop0: detected capacity change from 0 to 512
[  132.594432][ T9091] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a802c01c, mo2=0002]
[  132.603653][ T9091] System zones: 0-2, 18-18, 34-35
[  132.609766][ T9091] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  132.619418][ T9102] loop9: detected capacity change from 0 to 1024
[  132.620031][ T9091] ext4 filesystem being mounted at /11/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  132.626295][ T9102] EXT4-fs: Ignoring removed nobh option
[  132.643142][ T9102] EXT4-fs: Ignoring removed bh option
[  132.648791][ T9102] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  132.661741][ T9010] EXT4-fs (loop0): unmounting filesystem.
[  132.670264][ T9102] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  132.689819][ T6497] EXT4-fs (loop9): unmounting filesystem.
[  132.738987][ T9121] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  132.765072][ T9126] loop8: detected capacity change from 0 to 512
[  132.797520][ T9126] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  132.806568][ T9126] ext4 filesystem being mounted at /288/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  132.852090][ T5208] EXT4-fs (loop8): unmounting filesystem.
[  132.871718][ T9151] loop8: detected capacity change from 0 to 256
[  132.880673][ T9151] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0xfb920961, utbl_chksum : 0xe619d30d)
[  133.149376][ T9192] loop8: detected capacity change from 0 to 40427
[  133.156591][ T9192] F2FS-fs (loop8): fault_injection options not supported
[  133.164322][ T9192] F2FS-fs (loop8): invalid crc value
[  133.170814][ T9192] F2FS-fs (loop8): Found nat_bits in checkpoint
[  133.202381][ T9192] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  133.235342][ T9192] syz.8.3876: attempt to access beyond end of device
[  133.235342][ T9192] loop8: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  133.256416][ T5208] syz-executor: attempt to access beyond end of device
[  133.256416][ T5208] loop8: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  133.372902][ T9209] loop4: detected capacity change from 0 to 40427
[  133.380467][ T9209] F2FS-fs (loop4): fault_injection options not supported
[  133.384756][ T9215] loop8: detected capacity change from 0 to 2048
[  133.388313][ T9209] F2FS-fs (loop4): invalid crc value
[  133.400496][ T9209] F2FS-fs (loop4): Found nat_bits in checkpoint
[  133.428121][ T9209] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  133.457162][ T7080] syz-executor: attempt to access beyond end of device
[  133.457162][ T7080] loop4: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  133.568849][ T9228] loop9: detected capacity change from 0 to 512
[  133.575415][ T9228] EXT4-fs: Ignoring removed nomblk_io_submit option
[  133.582596][ T9228] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  133.602165][ T9228] EXT4-fs error (device loop9): ext4_do_update_inode:5255: inode #16: comm syz.9.3890: corrupted inode contents
[  133.614210][ T9228] EXT4-fs error (device loop9): ext4_dirty_inode:6120: inode #16: comm syz.9.3890: mark_inode_dirty error
[  133.625831][ T9228] EXT4-fs error (device loop9): ext4_do_update_inode:5255: inode #16: comm syz.9.3890: corrupted inode contents
[  133.637879][ T9228] EXT4-fs error (device loop9): __ext4_ext_dirty:202: inode #16: comm syz.9.3890: mark_inode_dirty error
[  133.649349][ T9228] EXT4-fs error (device loop9): ext4_do_update_inode:5255: inode #16: comm syz.9.3890: corrupted inode contents
[  133.661619][ T9228] EXT4-fs error (device loop9) in ext4_orphan_del:305: Corrupt filesystem
[  133.672583][ T9228] EXT4-fs error (device loop9): ext4_do_update_inode:5255: inode #16: comm syz.9.3890: corrupted inode contents
[  133.685074][ T9228] EXT4-fs error (device loop9): ext4_truncate:4314: inode #16: comm syz.9.3890: mark_inode_dirty error
[  133.696564][ T9228] EXT4-fs error (device loop9) in ext4_process_orphan:347: Corrupt filesystem
[  133.719625][ T9228] EXT4-fs (loop9): 1 truncate cleaned up
[  133.723898][ T9240] loop0: detected capacity change from 0 to 2048
[  133.731662][ T9228] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  133.731725][ T9228] ext4 filesystem being mounted at /204/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  133.751269][   T10] EXT4-fs error (device loop9): ext4_release_dquot:6825: comm kworker/u4:1: Failed to release dquot type 1
[  133.771881][ T6497] EXT4-fs (loop9): unmounting filesystem.
[  133.772175][ T9240] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  133.792181][ T9240] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  133.798973][    T6] usb 9-1: new full-speed USB device number 7 using dummy_hcd
[  133.814754][  T304] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 0 with max blocks 1 with error 28
[  133.833113][  T304] EXT4-fs (loop0): This should not happen!! Data will be lost
[  133.833113][  T304] 
[  133.843432][  T304] EXT4-fs (loop0): Total free blocks count 0
[  133.850643][  T304] EXT4-fs (loop0): Free/Dirty block details
[  133.856672][  T304] EXT4-fs (loop0): free_blocks=2415919120
[  133.864297][  T304] EXT4-fs (loop0): dirty_blocks=16
[  133.878951][  T304] EXT4-fs (loop0): Block reservation details
[  133.893844][ T9258] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3904'.
[  133.899472][  T304] EXT4-fs (loop0): i_reserved_data_blocks=1
[  133.915588][ T9010] EXT4-fs (loop0): unmounting filesystem.
[  133.962518][ T9275] loop9: detected capacity change from 0 to 1024
[  133.970546][ T9275] EXT4-fs: Ignoring removed oldalloc option
[  134.008391][ T9275] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  134.019667][    T6] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  134.029830][    T6] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3
[  134.048094][    T6] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  134.056390][ T6497] EXT4-fs (loop9): unmounting filesystem.
[  134.063005][    T6] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  134.078927][    T6] usb 9-1: Product: syz
[  134.083172][    T6] usb 9-1: Manufacturer: syz
[  134.087767][    T6] usb 9-1: SerialNumber: syz
[  134.109810][ T9294] syz.9.3915[9294] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  134.109939][ T9294] syz.9.3915[9294] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  134.187264][ T9302] loop9: detected capacity change from 0 to 256
[  134.290375][ T9322] loop4: detected capacity change from 0 to 512
[  134.297825][    T6] usb 9-1: 0:2 : does not exist
[  134.308969][    T6] usb 9-1: 5:0: failed to get current value for ch 0 (-22)
[  134.324118][ T9322] EXT4-fs (loop4): Test dummy encryption mode enabled
[  134.333442][ T9322] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  134.356300][    T6] usb 9-1: USB disconnect, device number 7
[  134.366840][ T9322] EXT4-fs error (device loop4): ext4_orphan_get:1426: comm syz.4.3932: bad orphan inode 131083
[  134.383261][   T28] kauditd_printk_skb: 119 callbacks suppressed
[  134.383274][   T28] audit: type=1400 audit(2000000006.270:8961): avc:  denied  { write } for  pid=9332 comm="syz.3.3936" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  134.420026][ T9322] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  134.421307][   T28] audit: type=1400 audit(2000000006.270:8962): avc:  denied  { nlmsg_read } for  pid=9332 comm="syz.3.3936" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  134.480814][   T28] audit: type=1400 audit(2000000006.370:8963): avc:  denied  { mount } for  pid=9338 comm="syz.3.3939" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  134.518964][   T28] audit: type=1400 audit(2000000006.370:8964): avc:  denied  { remount } for  pid=9338 comm="syz.3.3939" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  134.659087][  T222] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  134.775091][ T9343] loop0: detected capacity change from 0 to 40427
[  134.788462][ T9343] F2FS-fs (loop0): invalid crc value
[  134.812751][ T9343] F2FS-fs (loop0): Found nat_bits in checkpoint
[  134.858991][  T222] usb 10-1: Using ep0 maxpacket: 16
[  134.865384][  T222] usb 10-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[  134.883027][ T9343] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  134.888969][  T222] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.919366][  T222] usb 10-1: config 0 descriptor??
[  134.942764][ T9010] syz-executor: attempt to access beyond end of device
[  134.942764][ T9010] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  135.119418][ T9386] 9pnet: p9_errstr2errno: server reported unknown error �@í΂Í(ááí«Qÿ0x0000000000000004
[  135.174763][ T9395] syz.0.3964[9395] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  135.174862][ T9395] syz.0.3964[9395] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  135.212600][   T28] audit: type=1400 audit(2000000007.100:8965): avc:  denied  { nlmsg_write } for  pid=9398 comm="syz.8.3966" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  135.276835][ T9403] loop8: detected capacity change from 0 to 512
[  135.293908][ T9403] EXT4-fs error (device loop8): ext4_ext_check_inode:520: inode #15: comm syz.8.3968: pblk 0 bad header/extent: invalid magic - magic 7973, entries 1402, max 27648(0), depth 25964(25964)
[  135.324203][ T9403] EXT4-fs error (device loop8): ext4_orphan_get:1405: comm syz.8.3968: couldn't read orphan inode 15 (err -117)
[  135.332377][  T222] lenovo 0003:17EF:6047.001B: hidraw0: USB HID v1.01 Device [HID 17ef:6047] on usb-dummy_hcd.9-1/input0
[  135.336622][ T9403] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  135.357980][ T7080] EXT4-fs (loop4): unmounting filesystem.
[  135.373941][ T5208] EXT4-fs (loop8): unmounting filesystem.
[  135.520279][   T28] audit: type=1400 audit(2000000007.410:8966): avc:  denied  { bind } for  pid=9435 comm="syz.8.3992" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  135.541285][   T28] audit: type=1400 audit(2000000007.410:8967): avc:  denied  { name_bind } for  pid=9435 comm="syz.8.3992" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  135.562212][   T28] audit: type=1400 audit(2000000007.410:8968): avc:  denied  { node_bind } for  pid=9435 comm="syz.8.3992" saddr=172.20.20.170 src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  135.592875][ T9441] loop4: detected capacity change from 0 to 512
[  135.602767][ T9441] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  135.613050][ T9441] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  135.621944][ T9441] EXT4-fs (loop4): warning: checktime reached, running e2fsck is recommended
[  135.631251][ T9441] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  135.639316][ T9441] System zones: 0-2, 18-18, 34-34
[  135.645223][ T9441] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1087: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  135.659942][ T9441] EXT4-fs (loop4): 1 truncate cleaned up
[  135.665606][ T9441] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  135.687597][ T9450] I/O error, dev loop17, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  135.696939][ T9450] FAT-fs (loop17): unable to read boot sector
[  135.714170][ T7080] EXT4-fs (loop4): unmounting filesystem.
[  135.746060][   T28] audit: type=1400 audit(2000000007.630:8969): avc:  denied  { map } for  pid=9459 comm="syz.8.3991" path="socket:[52794]" dev="sockfs" ino=52794 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  135.785935][   T28] audit: type=1400 audit(2000000007.630:8970): avc:  denied  { read } for  pid=9459 comm="syz.8.3991" path="socket:[52794]" dev="sockfs" ino=52794 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  135.823811][ T9473] loop4: detected capacity change from 0 to 1024
[  135.832279][ T9473] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  135.850284][ T7080] EXT4-fs (loop4): unmounting filesystem.
[  135.941431][  T222] lenovo 0003:17EF:6047.001B: Fn-lock setting failed: -71
[  135.948805][  T222] lenovo 0003:17EF:6047.001B: Sensitivity setting failed: -71
[  135.957384][  T222] usb 10-1: USB disconnect, device number 5
[  136.465943][ T9504] loop4: detected capacity change from 0 to 256
[  136.478280][ T9506] netlink: 'syz.3.4013': attribute type 30 has an invalid length.
[  136.492975][ T9510] binder: 9509:9510 ioctl 40046205 0 returned -22
[  136.496136][ T9504] FAT-fs (loop4): Directory bread(block 64) failed
[  136.513988][ T9504] FAT-fs (loop4): Directory bread(block 65) failed
[  136.520644][ T9504] FAT-fs (loop4): Directory bread(block 66) failed
[  136.527214][ T9504] FAT-fs (loop4): Directory bread(block 67) failed
[  136.533951][ T9504] FAT-fs (loop4): Directory bread(block 68) failed
[  136.540737][ T9504] FAT-fs (loop4): Directory bread(block 69) failed
[  136.547391][ T9504] FAT-fs (loop4): Directory bread(block 70) failed
[  136.560637][ T9504] FAT-fs (loop4): Directory bread(block 71) failed
[  136.575111][ T9504] FAT-fs (loop4): Directory bread(block 72) failed
[  136.582154][ T9504] FAT-fs (loop4): Directory bread(block 73) failed
[  136.603231][ T9504] syz.4.4012: attempt to access beyond end of device
[  136.603231][ T9504] loop4: rw=0, sector=1192, nr_sectors = 4 limit=256
[  136.646418][ T9527] loop4: detected capacity change from 0 to 16
[  136.656743][ T9529] loop8: detected capacity change from 0 to 1024
[  136.663915][ T9527] erofs: (device loop4): mounted with root inode @ nid 36.
[  136.671948][ T9529] EXT4-fs (loop8): Test dummy encryption mode enabled
[  136.694390][ T9529] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  136.738257][ T5208] EXT4-fs (loop8): unmounting filesystem.
[  136.769228][ T9539] syz.8.4027[9539] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  136.769299][ T9539] syz.8.4027[9539] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  136.828246][ T9545] tmpfs: Unknown parameter ''
[  137.013246][ T9559] loop9: detected capacity change from 0 to 16
[  137.029967][ T9559] erofs: (device loop9): mounted with root inode @ nid 36.
[  137.083476][ T9549] loop8: detected capacity change from 0 to 40427
[  137.092092][ T9549] F2FS-fs (loop8): fault_injection options not supported
[  137.099788][ T9549] F2FS-fs (loop8): invalid crc value
[  137.112596][ T9549] F2FS-fs (loop8): Found nat_bits in checkpoint
[  137.157215][ T9549] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  137.191849][ T9568] loop9: detected capacity change from 0 to 1024
[  137.200924][ T5208] syz-executor: attempt to access beyond end of device
[  137.200924][ T5208] loop8: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  137.230465][ T9568] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  137.255911][ T6497] EXT4-fs (loop9): unmounting filesystem.
[  137.429124][ T9582] syz.3.4044[9582] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  137.429196][ T9582] syz.3.4044[9582] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  137.457185][ T9587] loop9: detected capacity change from 0 to 1024
[  137.475672][ T9587] EXT4-fs: Ignoring removed i_version option
[  137.482091][ T9587] EXT4-fs: Ignoring removed bh option
[  137.491347][ T9587] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  137.510612][ T9587] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  137.537249][ T6497] EXT4-fs (loop9): unmounting filesystem.
[  137.563240][ T9596] loop8: detected capacity change from 0 to 512
[  137.570238][ T9596] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  137.581517][ T9596] EXT4-fs (loop8): 1 truncate cleaned up
[  137.587287][ T9596] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  137.615897][ T5208] EXT4-fs (loop8): unmounting filesystem.
[  137.741405][ T9626] loop4: detected capacity change from 0 to 512
[  137.751681][ T9626] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #15: comm syz.4.4063: pblk 0 bad header/extent: invalid magic - magic 7973, entries 1402, max 27648(0), depth 25964(25964)
[  137.766862][ T9602] loop9: detected capacity change from 0 to 40427
[  137.770259][ T9626] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.4063: couldn't read orphan inode 15 (err -117)
[  137.777318][ T9602] F2FS-fs (loop9): fault_injection options not supported
[  137.791621][ T9626] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  137.796714][ T9602] F2FS-fs (loop9): invalid crc value
[  137.821123][ T9602] F2FS-fs (loop9): Found nat_bits in checkpoint
[  137.828385][ T7080] EXT4-fs (loop4): unmounting filesystem.
[  137.873791][ T9602] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  137.909512][ T9647] I/O error, dev loop17, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  137.919526][ T9647] F2FS-fs (loop17): Unable to read 1th superblock
[  137.926298][ T9647] I/O error, dev loop17, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  137.936072][ T9647] F2FS-fs (loop17): Unable to read 2th superblock
[  137.946755][ T6497] syz-executor: attempt to access beyond end of device
[  137.946755][ T6497] loop9: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  138.375486][ T9698] loop9: detected capacity change from 0 to 512
[  138.406915][ T9698] EXT4-fs error (device loop9): ext4_ext_check_inode:520: inode #15: comm syz.9.4091: pblk 0 bad header/extent: invalid magic - magic 7973, entries 1402, max 27648(0), depth 25964(25964)
[  138.449485][ T9698] EXT4-fs error (device loop9): ext4_orphan_get:1405: comm syz.9.4091: couldn't read orphan inode 15 (err -117)
[  138.480652][ T9698] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  138.481398][ T9688] loop0: detected capacity change from 0 to 40427
[  138.496477][ T9688] F2FS-fs (loop0): fault_injection options not supported
[  138.504301][ T9688] F2FS-fs (loop0): invalid crc value
[  138.517073][ T6497] EXT4-fs (loop9): unmounting filesystem.
[  138.526956][ T9688] F2FS-fs (loop0): Found nat_bits in checkpoint
[  138.563500][ T9688] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  138.621869][ T9010] syz-executor: attempt to access beyond end of device
[  138.621869][ T9010] loop0: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  138.925331][ T9738] loop9: detected capacity change from 0 to 512
[  138.946055][ T9738] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a802c01c, mo2=0002]
[  138.946106][ T9738] System zones: 0-2, 18-18, 34-35
[  138.946944][ T9738] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  138.991253][ T9738] ext4 filesystem being mounted at /243/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  139.067892][ T6497] EXT4-fs (loop9): unmounting filesystem.
[  139.082182][ T9742] I/O error, dev loop19, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  139.082216][ T9742] F2FS-fs (loop19): Unable to read 1th superblock
[  139.082332][ T9742] I/O error, dev loop19, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  139.082360][ T9742] F2FS-fs (loop19): Unable to read 2th superblock
[  139.082933][ T9742] I/O error, dev loop19, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  139.123739][ T9742] F2FS-fs (loop19): Unable to read 1th superblock
[  139.123815][ T9742] I/O error, dev loop19, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  139.123846][ T9742] F2FS-fs (loop19): Unable to read 2th superblock
[  139.175938][ T9744] loop9: detected capacity change from 0 to 8192
[  139.219235][ T9744]  loop9: p1 p2 p3 < > p4 < p5 p6 >
[  139.219250][ T9744] loop9: partition table partially beyond EOD, truncated
[  139.219306][ T9744] loop9: p1 start 67108864 is beyond EOD, truncated
[  139.219323][ T9744] loop9: p2 size 61546 extends beyond EOD, truncated
[  139.219779][ T9744] loop9: p3 start 100859904 is beyond EOD, truncated
[  139.220158][ T9744] loop9: p5 start 67108864 is beyond EOD, truncated
[  139.220179][ T9744] loop9: p6 size 61546 extends beyond EOD, truncated
[  139.625226][ T9770] loop4: detected capacity change from 0 to 256
[  140.118962][    T6] usb 5-1: new full-speed USB device number 5 using dummy_hcd
[  140.310019][    T6] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  140.310044][    T6] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  140.311492][    T6] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  140.338421][    T6] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  140.346429][    T6] usb 5-1: Product: syz
[  140.346447][    T6] usb 5-1: Manufacturer: syz
[  140.346462][    T6] usb 5-1: SerialNumber: syz
[  140.549053][    T6] usb 5-1: 0:2 : does not exist
[  140.556373][    T6] usb 5-1: 5:0: failed to get current value for ch 0 (-22)
[  140.560499][    T6] usb 5-1: USB disconnect, device number 5
[  140.605463][   T28] kauditd_printk_skb: 9 callbacks suppressed
[  140.605476][   T28] audit: type=1326 audit(2000000012.490:8980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9793 comm="syz.9.4146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d5ef8e929 code=0x7ffc0000
[  140.605636][   T28] audit: type=1326 audit(2000000012.490:8981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9793 comm="syz.9.4146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6d5ef8e929 code=0x7ffc0000
[  140.605978][   T28] audit: type=1326 audit(2000000012.490:8982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9793 comm="syz.9.4146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d5ef8e929 code=0x7ffc0000
[  140.708952][   T28] audit: type=1326 audit(2000000012.510:8983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9793 comm="syz.9.4146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d5ef8e929 code=0x7ffc0000
[  140.708986][   T28] audit: type=1326 audit(2000000012.580:8984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9793 comm="syz.9.4146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6d5ef8e929 code=0x7ffc0000
[  140.709014][   T28] audit: type=1326 audit(2000000012.590:8985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9793 comm="syz.9.4146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d5ef8e929 code=0x7ffc0000
[  140.709041][   T28] audit: type=1326 audit(2000000012.590:8986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9793 comm="syz.9.4146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d5ef8e929 code=0x7ffc0000
[  140.709067][   T28] audit: type=1326 audit(2000000012.590:8987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9793 comm="syz.9.4146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6d5ef8e929 code=0x7ffc0000
[  140.709092][   T28] audit: type=1326 audit(2000000012.590:8988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9793 comm="syz.9.4146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d5ef8e929 code=0x7ffc0000
[  140.709116][   T28] audit: type=1326 audit(2000000012.590:8989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9793 comm="syz.9.4146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d5ef8e929 code=0x7ffc0000
[  140.902038][ T9810] syz.8.4141[9810] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  140.902109][ T9810] syz.8.4141[9810] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  140.929418][ T9810] usb usb6: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  141.069355][ T9834] SELinux:  Context system_u:object_r:systemd_logind_var_run_t:s0 is not valid (left unmapped).
[  141.124208][ T9840] loop0: detected capacity change from 0 to 512
[  141.160418][ T9840] EXT4-fs: Ignoring removed nomblk_io_submit option
[  141.178221][ T9840] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  141.191908][ T9846] loop4: detected capacity change from 0 to 256
[  141.208366][ T9840] EXT4-fs error (device loop0): ext4_do_update_inode:5255: inode #16: comm syz.0.4157: corrupted inode contents
[  141.226075][ T9854] loop8: detected capacity change from 0 to 2048
[  141.239358][ T9840] EXT4-fs error (device loop0): ext4_dirty_inode:6120: inode #16: comm syz.0.4157: mark_inode_dirty error
[  141.257129][ T9840] EXT4-fs error (device loop0): ext4_do_update_inode:5255: inode #16: comm syz.0.4157: corrupted inode contents
[  141.291606][ T9864] xt_bpf: check failed: parse error
[  141.297683][ T9854] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  141.311940][ T9840] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #16: comm syz.0.4157: mark_inode_dirty error
[  141.323550][ T9854] EXT4-fs error (device loop8): ext4_validate_block_bitmap:438: comm syz.8.4164: bg 0: block 408: padding at end of block bitmap is not set
[  141.329555][ T9840] EXT4-fs error (device loop0): ext4_do_update_inode:5255: inode #16: comm syz.0.4157: corrupted inode contents
[  141.350682][ T9840] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  141.359385][ T9840] EXT4-fs error (device loop0): ext4_do_update_inode:5255: inode #16: comm syz.0.4157: corrupted inode contents
[  141.374106][ T9840] EXT4-fs error (device loop0): ext4_truncate:4314: inode #16: comm syz.0.4157: mark_inode_dirty error
[  141.385438][ T9854] EXT4-fs error (device loop8) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  141.385547][ T9840] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  141.403702][ T9840] EXT4-fs (loop0): 1 truncate cleaned up
[  141.409400][ T9840] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  141.418441][ T9840] ext4 filesystem being mounted at /38/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  141.429103][    T8] EXT4-fs error (device loop0): ext4_release_dquot:6825: comm kworker/u4:0: Failed to release dquot type 1
[  141.453431][  T304] EXT4-fs (loop8): Delayed block allocation failed for inode 16 at logical offset 0 with max blocks 1 with error 28
[  141.483158][  T304] EXT4-fs (loop8): This should not happen!! Data will be lost
[  141.483158][  T304] 
[  141.510624][ T9876] loop9: detected capacity change from 0 to 1024
[  141.513095][  T304] EXT4-fs (loop8): Total free blocks count 0
[  141.517352][ T9876] EXT4-fs: Ignoring removed i_version option
[  141.538923][  T304] EXT4-fs (loop8): Free/Dirty block details
[  141.554397][ T9876] EXT4-fs (loop9): Test dummy encryption mode enabled
[  141.555040][  T304] EXT4-fs (loop8): free_blocks=16
[  141.567109][ T9010] EXT4-fs (loop0): unmounting filesystem.
[  141.577742][  T304] EXT4-fs (loop8): dirty_blocks=16
[  141.582979][ T9876] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  141.589036][  T304] EXT4-fs (loop8): Block reservation details
[  141.595913][ T9879] IPv6: sit1: Disabled Multicast RS
[  141.608047][  T304] EXT4-fs (loop8): i_reserved_data_blocks=1
[  141.620830][ T5208] EXT4-fs (loop8): unmounting filesystem.
[  141.638415][ T6497] EXT4-fs (loop9): unmounting filesystem.
[  141.731361][ T9892] tmpfs: Unknown parameter ''
[  141.765689][ T9899] tmpfs: Unknown parameter ''
[  141.783989][ T9903] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4192'.
[  141.918949][  T308] usb 10-1: new full-speed USB device number 6 using dummy_hcd
[  142.109974][  T308] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  142.120172][  T308] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 3
[  142.130508][  T308] usb 10-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  142.139630][  T308] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  142.147681][  T308] usb 10-1: Product: syz
[  142.151917][  T308] usb 10-1: Manufacturer: syz
[  142.156568][  T308] usb 10-1: SerialNumber: syz
[  142.363434][  T308] usb 10-1: 0:2 : does not exist
[  142.370544][  T308] usb 10-1: 5:0: failed to get current value for ch 0 (-22)
[  142.380803][  T308] usb 10-1: USB disconnect, device number 6
[  142.557099][ T9911] loop4: detected capacity change from 0 to 512
[  142.563748][ T9911] EXT4-fs: Ignoring removed nomblk_io_submit option
[  142.570957][ T9911] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  142.592066][ T9911] EXT4-fs error (device loop4): ext4_do_update_inode:5255: inode #16: comm syz.4.4185: corrupted inode contents
[  142.604201][ T9911] EXT4-fs error (device loop4): ext4_dirty_inode:6120: inode #16: comm syz.4.4185: mark_inode_dirty error
[  142.615746][ T9911] EXT4-fs error (device loop4): ext4_do_update_inode:5255: inode #16: comm syz.4.4185: corrupted inode contents
[  142.634333][ T9911] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #16: comm syz.4.4185: mark_inode_dirty error
[  142.645787][ T9911] EXT4-fs error (device loop4): ext4_do_update_inode:5255: inode #16: comm syz.4.4185: corrupted inode contents
[  142.658426][ T9911] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem
[  142.667128][ T9911] EXT4-fs error (device loop4): ext4_do_update_inode:5255: inode #16: comm syz.4.4185: corrupted inode contents
[  142.679196][ T9911] EXT4-fs error (device loop4): ext4_truncate:4314: inode #16: comm syz.4.4185: mark_inode_dirty error
[  142.690463][ T9911] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem
[  142.699757][ T9911] EXT4-fs (loop4): 1 truncate cleaned up
[  142.705477][ T9911] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  142.714438][ T9911] ext4 filesystem being mounted at /251/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  142.725128][   T43] EXT4-fs error (device loop4): ext4_release_dquot:6825: comm kworker/u4:2: Failed to release dquot type 1
[  142.755397][ T7080] EXT4-fs (loop4): unmounting filesystem.
[  142.883048][ T9925] I/O error, dev loop19, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  142.883454][ T9923] IPv6: sit1: Disabled Multicast RS
[  142.892391][ T9925] F2FS-fs (loop19): Unable to read 1th superblock
[  142.904051][ T9925] I/O error, dev loop19, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  142.913409][ T9925] F2FS-fs (loop19): Unable to read 2th superblock
[  142.973208][ T9932] syz.8.4194[9932] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  142.973315][ T9932] syz.8.4194[9932] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  142.988441][ T9932] bridge0: port 4(vlan2) entered blocking state
[  143.006085][ T9932] bridge0: port 4(vlan2) entered disabled state
[  143.068838][ T9938] loop8: detected capacity change from 0 to 512
[  143.090362][ T9938] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  143.099280][ T9938] ext4 filesystem being mounted at /357/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  143.113262][ T9938] EXT4-fs error (device loop8): ext4_do_update_inode:5255: inode #2: comm syz.8.4197: corrupted inode contents
[  143.125204][ T9938] EXT4-fs error (device loop8): ext4_dirty_inode:6120: inode #2: comm syz.8.4197: mark_inode_dirty error
[  143.137192][ T9938] EXT4-fs error (device loop8): ext4_do_update_inode:5255: inode #2: comm syz.8.4197: corrupted inode contents
[  143.151479][ T9938] EXT4-fs error (device loop8): ext4_do_update_inode:5255: inode #2: comm syz.8.4197: corrupted inode contents
[  143.163470][ T9938] EXT4-fs error (device loop8): ext4_dirty_inode:6120: inode #2: comm syz.8.4197: mark_inode_dirty error
[  143.174957][ T9938] EXT4-fs error (device loop8): ext4_do_update_inode:5255: inode #2: comm syz.8.4197: corrupted inode contents
[  143.186841][ T9938] EXT4-fs error (device loop8): __ext4_ext_dirty:202: inode #2: comm syz.8.4197: mark_inode_dirty error
[  143.198232][ T9938] EXT4-fs error (device loop8): ext4_do_update_inode:5255: inode #2: comm syz.8.4197: corrupted inode contents
[  143.210146][ T9938] EXT4-fs error (device loop8): ext4_dirty_inode:6120: inode #2: comm syz.8.4197: mark_inode_dirty error
[  143.230418][ T5208] EXT4-fs (loop8): unmounting filesystem.
[  143.249192][ T9946] loop8: detected capacity change from 0 to 512
[  143.255700][ T9946] EXT4-fs: Ignoring removed nomblk_io_submit option
[  143.262810][ T9946] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  143.281991][ T9946] EXT4-fs error (device loop8): ext4_do_update_inode:5255: inode #16: comm syz.8.4200: corrupted inode contents
[  143.294590][ T9946] EXT4-fs error (device loop8): ext4_dirty_inode:6120: inode #16: comm syz.8.4200: mark_inode_dirty error
[  143.306124][ T9946] EXT4-fs error (device loop8): ext4_do_update_inode:5255: inode #16: comm syz.8.4200: corrupted inode contents
[  143.318312][ T9946] EXT4-fs error (device loop8): __ext4_ext_dirty:202: inode #16: comm syz.8.4200: mark_inode_dirty error
[  143.329979][ T9946] EXT4-fs error (device loop8): ext4_do_update_inode:5255: inode #16: comm syz.8.4200: corrupted inode contents
[  143.342173][ T9946] EXT4-fs error (device loop8) in ext4_orphan_del:305: Corrupt filesystem
[  143.351025][ T9946] EXT4-fs error (device loop8): ext4_do_update_inode:5255: inode #16: comm syz.8.4200: corrupted inode contents
[  143.363017][ T9946] EXT4-fs error (device loop8): ext4_truncate:4314: inode #16: comm syz.8.4200: mark_inode_dirty error
[  143.374213][ T9946] EXT4-fs error (device loop8) in ext4_process_orphan:347: Corrupt filesystem
[  143.383393][ T9946] EXT4-fs (loop8): 1 truncate cleaned up
[  143.389108][ T9946] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  143.398017][ T9946] ext4 filesystem being mounted at /358/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  143.408714][   T43] EXT4-fs error (device loop8): ext4_release_dquot:6825: comm kworker/u4:2: Failed to release dquot type 1
[  143.437937][ T5208] EXT4-fs (loop8): unmounting filesystem.
[  143.470375][ T9963] sch_tbf: burst 0 is lower than device lo mtu (39799) !
[  143.511872][ T9967] loop4: detected capacity change from 0 to 512
[  143.545014][ T9967] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  143.554152][ T9967] ext4 filesystem being mounted at /254/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  143.569595][ T9967] EXT4-fs error (device loop4): ext4_do_update_inode:5255: inode #2: comm syz.4.4211: corrupted inode contents
[  143.594396][ T9967] EXT4-fs error (device loop4): ext4_dirty_inode:6120: inode #2: comm syz.4.4211: mark_inode_dirty error
[  143.622182][ T9967] EXT4-fs error (device loop4): ext4_do_update_inode:5255: inode #2: comm syz.4.4211: corrupted inode contents
[  143.647798][ T9984] EXT4-fs error (device loop4): ext4_do_update_inode:5255: inode #2: comm syz.4.4211: corrupted inode contents
[  143.682362][ T9988] loop9: detected capacity change from 0 to 256
[  143.685892][ T9984] EXT4-fs error (device loop4): ext4_dirty_inode:6120: inode #2: comm syz.4.4211: mark_inode_dirty error
[  143.709860][ T9984] EXT4-fs error (device loop4): ext4_do_update_inode:5255: inode #2: comm syz.4.4211: corrupted inode contents
[  143.730619][ T9984] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #2: comm syz.4.4211: mark_inode_dirty error
[  143.748231][ T9984] EXT4-fs error (device loop4): ext4_do_update_inode:5255: inode #2: comm syz.4.4211: corrupted inode contents
[  143.778229][ T9984] EXT4-fs error (device loop4): ext4_dirty_inode:6120: inode #2: comm syz.4.4211: mark_inode_dirty error
[  143.812876][T10005] loop8: detected capacity change from 0 to 1024
[  143.814797][ T7080] EXT4-fs (loop4): unmounting filesystem.
[  143.822532][T10005] EXT4-fs error (device loop8): ext4_map_blocks:745: inode #3: block 1: comm syz.8.4227: lblock 1 mapped to illegal pblock 1 (length 1)
[  143.839472][T10005] EXT4-fs error (device loop8): ext4_acquire_dquot:6789: comm syz.8.4227: Failed to acquire dquot type 0
[  143.851217][T10005] EXT4-fs error (device loop8): ext4_free_blocks:6210: comm syz.8.4227: Freeing blocks not in datazone - block = 0, count = 4096
[  143.864866][T10005] EXT4-fs error (device loop8): ext4_read_inode_bitmap:140: comm syz.8.4227: Invalid inode bitmap blk 0 in block_group 0
[  143.868995][   T43] EXT4-fs error (device loop8): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:2: lblock 1 mapped to illegal pblock 1 (length 1)
[  143.877729][T10005] EXT4-fs error (device loop8) in ext4_free_inode:362: Corrupt filesystem
[  143.898268][   T43] EXT4-fs error (device loop8): ext4_release_dquot:6825: comm kworker/u4:2: Failed to release dquot type 0
[  143.913900][T10005] EXT4-fs (loop8): 1 orphan inode deleted
[  143.941887][T10005] EXT4-fs error (device loop8): ext4_map_blocks:635: inode #3: block 1: comm syz.8.4227: lblock 1 mapped to illegal pblock 1 (length 1)
[  143.957617][T10005] EXT4-fs error (device loop8): ext4_acquire_dquot:6789: comm syz.8.4227: Failed to acquire dquot type 0
[  143.976529][   T43] EXT4-fs error (device loop8): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:2: lblock 1 mapped to illegal pblock 1 (length 1)
[  143.990773][   T43] EXT4-fs error (device loop8): ext4_release_dquot:6825: comm kworker/u4:2: Failed to release dquot type 0
[  144.032768][T10017] IPv6: sit1: Disabled Multicast RS
[  144.064066][T10025] loop8: detected capacity change from 0 to 256
[  144.141860][T10033] loop4: detected capacity change from 0 to 1024
[  144.148738][T10033] EXT4-fs (loop4): Test dummy encryption mode enabled
[  144.336362][T10037] loop8: detected capacity change from 0 to 256
[  144.353549][T10037] FAT-fs (loop8): Directory bread(block 64) failed
[  144.360186][T10037] FAT-fs (loop8): Directory bread(block 65) failed
[  144.366754][T10037] FAT-fs (loop8): Directory bread(block 66) failed
[  144.378437][T10037] FAT-fs (loop8): Directory bread(block 67) failed
[  144.385236][T10037] FAT-fs (loop8): Directory bread(block 68) failed
[  144.393352][T10037] FAT-fs (loop8): Directory bread(block 69) failed
[  144.400019][T10037] FAT-fs (loop8): Directory bread(block 70) failed
[  144.406643][T10037] FAT-fs (loop8): Directory bread(block 71) failed
[  144.413235][T10037] FAT-fs (loop8): Directory bread(block 72) failed
[  144.420441][T10037] FAT-fs (loop8): Directory bread(block 73) failed
[  144.441020][T10037] syz.8.4241: attempt to access beyond end of device
[  144.441020][T10037] loop8: rw=0, sector=1192, nr_sectors = 4 limit=256
[  144.504067][T10055] loop9: detected capacity change from 0 to 256
[  144.513255][T10059] I/O error, dev loop17, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  144.517092][T10055] FAT-fs (loop9): Directory bread(block 64) failed
[  144.529388][T10055] FAT-fs (loop9): Directory bread(block 65) failed
[  144.535933][T10055] FAT-fs (loop9): Directory bread(block 66) failed
[  144.542647][T10055] FAT-fs (loop9): Directory bread(block 67) failed
[  144.542790][T10059] F2FS-fs (loop17): Unable to read 1th superblock
[  144.549244][T10055] FAT-fs (loop9): Directory bread(block 68) failed
[  144.562172][T10055] FAT-fs (loop9): Directory bread(block 69) failed
[  144.569553][T10059] I/O error, dev loop17, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  144.570056][T10055] FAT-fs (loop9): Directory bread(block 70) failed
[  144.585354][T10055] FAT-fs (loop9): Directory bread(block 71) failed
[  144.591943][T10055] FAT-fs (loop9): Directory bread(block 72) failed
[  144.598510][T10055] FAT-fs (loop9): Directory bread(block 73) failed
[  144.598962][T10059] F2FS-fs (loop17): Unable to read 2th superblock
[  144.614146][T10060] I/O error, dev loop17, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  144.639730][T10063] loop0: detected capacity change from 0 to 1024
[  144.648952][T10060] F2FS-fs (loop17): Unable to read 1th superblock
[  144.652662][T10055] syz.9.4258: attempt to access beyond end of device
[  144.652662][T10055] loop9: rw=0, sector=1192, nr_sectors = 4 limit=256
[  144.658975][T10060] I/O error, dev loop17, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  144.688535][T10063] EXT4-fs (loop0): Test dummy encryption mode enabled
[  144.705691][T10060] F2FS-fs (loop17): Unable to read 2th superblock
[  144.718942][ T1762] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  144.754270][T10073] loop0: detected capacity change from 0 to 256
[  144.776565][T10075] netlink: 80 bytes leftover after parsing attributes in process `syz.0.4257'.
[  144.785655][T10075] netlink: 80 bytes leftover after parsing attributes in process `syz.0.4257'.
[  144.795204][T10075] netlink: 80 bytes leftover after parsing attributes in process `syz.0.4257'.
[  144.910017][ T1762] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  144.921065][ T1762] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  144.934014][ T1762] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  144.948949][ T1762] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.962312][ T1762] usb 5-1: config 0 descriptor??
[  144.989469][T10094] input: syz1 as /devices/virtual/input/input15
[  144.990169][T10095] syz.0.4264[10095] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  144.995803][T10095] syz.0.4264[10095] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  145.013492][T10095] bridge0: port 3(vlan2) entered blocking state
[  145.031167][T10095] bridge0: port 3(vlan2) entered disabled state
[  145.362937][T10104] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  145.372595][T10104] F2FS-fs (loop7): Unable to read 1th superblock
[  145.373919][ T1762] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0
[  145.379145][T10104] I/O error, dev loop7, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  145.395444][ T1762] plantronics 0003:047F:FFFF.001C: No inputs registered, leaving
[  145.395665][T10104] F2FS-fs (loop7): Unable to read 2th superblock
[  145.413162][ T1762] plantronics 0003:047F:FFFF.001C: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  145.420026][T10104] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  145.434705][T10104] F2FS-fs (loop7): Unable to read 1th superblock
[  145.441136][T10104] I/O error, dev loop7, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  145.450352][T10104] F2FS-fs (loop7): Unable to read 2th superblock
[  145.649814][ T6044] usb 5-1: USB disconnect, device number 6
[  145.974838][   T28] kauditd_printk_skb: 74 callbacks suppressed
[  145.974853][   T28] audit: type=1400 audit(2000000017.860:9055): avc:  denied  { mounton } for  pid=10108 comm="syz.8.4282" path="/381/file0" dev="incremental-fs" ino=2040 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  146.006668][   T28] audit: type=1400 audit(2000000017.900:9056): avc:  denied  { read } for  pid=10108 comm="syz.8.4282" name="file0" dev="incremental-fs" ino=2041 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  146.030620][   T28] audit: type=1400 audit(2000000017.900:9057): avc:  denied  { open } for  pid=10108 comm="syz.8.4282" path="/381/file0/file0" dev="incremental-fs" ino=2041 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  146.055140][   T28] audit: type=1400 audit(2000000017.900:9058): avc:  denied  { write } for  pid=10108 comm="syz.8.4282" path="/381/file0/file0" dev="incremental-fs" ino=2041 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  146.079730][   T28] audit: type=1400 audit(2000000017.920:9059): avc:  denied  { block_suspend } for  pid=10117 comm="syz.8.4277" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  146.190685][T10124] loop0: detected capacity change from 0 to 2048
[  146.267806][   T28] audit: type=1400 audit(2000000018.150:9060): avc:  denied  { write } for  pid=10123 comm="syz.0.4279" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  146.292185][T10124] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.4279: bg 0: block 408: padding at end of block bitmap is not set
[  146.315704][T10124] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  146.325455][   T28] audit: type=1400 audit(2000000018.180:9061): avc:  denied  { add_name } for  pid=10123 comm="syz.0.4279" name="file2" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  146.369739][   T43] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 0 with max blocks 1 with error 28
[  146.382536][   T28] audit: type=1400 audit(2000000018.180:9062): avc:  denied  { create } for  pid=10123 comm="syz.0.4279" name="file2" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  146.402882][   T43] EXT4-fs (loop0): This should not happen!! Data will be lost
[  146.402882][   T43] 
[  146.402898][   T43] EXT4-fs (loop0): Total free blocks count 0
[  146.402909][   T43] EXT4-fs (loop0): Free/Dirty block details
[  146.402919][   T43] EXT4-fs (loop0): free_blocks=16
[  146.402930][   T43] EXT4-fs (loop0): dirty_blocks=16
[  146.446381][   T43] EXT4-fs (loop0): Block reservation details
[  146.458957][   T28] audit: type=1400 audit(2000000018.180:9063): avc:  denied  { read write } for  pid=10123 comm="syz.0.4279" name="file2" dev="loop0" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  146.487134][   T43] EXT4-fs (loop0): i_reserved_data_blocks=1
[  146.515213][   T28] audit: type=1400 audit(2000000018.180:9064): avc:  denied  { open } for  pid=10123 comm="syz.0.4279" path="/48/file2/file2" dev="loop0" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  146.744510][T10174] loop9: detected capacity change from 0 to 512
[  146.754648][T10174] EXT4-fs: Ignoring removed i_version option
[  146.761631][T10174] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  146.783785][T10174] EXT4-fs (loop9): 1 truncate cleaned up
[  147.070738][T10172] loop0: detected capacity change from 0 to 40427
[  147.072484][T10183] loop9: detected capacity change from 0 to 40427
[  147.084320][T10183] F2FS-fs (loop9): heap/no_heap options were deprecated
[  147.091561][T10172] F2FS-fs (loop0): fault_injection options not supported
[  147.092179][T10183] F2FS-fs (loop9): invalid crc value
[  147.104325][T10172] F2FS-fs (loop0): invalid crc value
[  147.110926][T10183] F2FS-fs (loop9): Found nat_bits in checkpoint
[  147.117920][T10172] F2FS-fs (loop0): Found nat_bits in checkpoint
[  147.129707][    C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  147.141901][    C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  147.149704][T10183] F2FS-fs (loop9): Start checkpoint disabled!
[  147.154047][    C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  147.160860][T10183] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e6
[  147.171941][    C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  147.191294][    C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  147.203304][    C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  147.215310][    C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  147.227297][    C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  147.239306][    C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  147.251335][    C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  147.252642][T10172] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  147.306353][   T43] kworker/u4:2: attempt to access beyond end of device
[  147.306353][   T43] loop9: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  147.335036][T10196] loop8: detected capacity change from 0 to 128
[  147.361129][T10196] EXT4-fs: Ignoring removed nobh option
[  147.369787][ T9010] syz-executor: attempt to access beyond end of device
[  147.369787][ T9010] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  147.386538][T10196] ext4 filesystem being mounted at /394/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  147.573952][T10212] loop0: detected capacity change from 0 to 1024
[  147.620065][T10212] ext4 filesystem being mounted at /54/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  147.635209][T10212] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  147.650256][T10212] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 52 with error 28
[  147.662642][T10212] EXT4-fs (loop0): This should not happen!! Data will be lost
[  147.662642][T10212] 
[  147.672814][T10212] EXT4-fs (loop0): Total free blocks count 0
[  147.678805][T10212] EXT4-fs (loop0): Free/Dirty block details
[  147.684817][T10212] EXT4-fs (loop0): free_blocks=4293918720
[  147.690905][T10212] EXT4-fs (loop0): dirty_blocks=64
[  147.696205][T10212] EXT4-fs (loop0): Block reservation details
[  147.702227][T10212] EXT4-fs (loop0): i_reserved_data_blocks=4
[  147.826398][T10232] syz.9.4319[10232] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  147.826516][T10232] syz.9.4319[10232] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  147.916840][T10218] loop8: detected capacity change from 0 to 40427
[  147.935429][T10218] F2FS-fs (loop8): fault_injection options not supported
[  147.943148][T10218] F2FS-fs (loop8): invalid crc value
[  147.949390][T10218] F2FS-fs (loop8): Found nat_bits in checkpoint
[  147.976936][T10218] F2FS-fs (loop8): Start checkpoint disabled!
[  147.983630][T10218] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e6
[  148.020355][   T10] kworker/u4:1: attempt to access beyond end of device
[  148.020355][   T10] loop8: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  148.642046][T10240] loop9: detected capacity change from 0 to 512
[  148.656686][T10244] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  148.670116][T10240] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  148.683581][T10249] loop4: detected capacity change from 0 to 1024
[  148.692153][T10240] EXT4-fs (loop9): 1 truncate cleaned up
[  148.699779][T10240] EXT4-fs warning (device loop9): ext4_group_add:1743: No reserved GDT blocks, can't resize
[  148.707625][T10249] ext4 filesystem being mounted at /270/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  148.727270][T10249] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  148.742144][T10249] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 52 with error 28
[  148.754778][T10249] EXT4-fs (loop4): This should not happen!! Data will be lost
[  148.754778][T10249] 
[  148.764841][T10249] EXT4-fs (loop4): Total free blocks count 0
[  148.771320][T10249] EXT4-fs (loop4): Free/Dirty block details
[  148.777229][T10249] EXT4-fs (loop4): free_blocks=4293918720
[  148.783220][T10249] EXT4-fs (loop4): dirty_blocks=64
[  148.788451][T10249] EXT4-fs (loop4): Block reservation details
[  148.798919][T10249] EXT4-fs (loop4): i_reserved_data_blocks=4
[  148.988972][   T39] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[  149.046541][T10274] loop0: detected capacity change from 0 to 40427
[  149.063751][T10274] F2FS-fs (loop0): invalid crc value
[  149.087353][T10274] F2FS-fs (loop0): Found nat_bits in checkpoint
[  149.121385][T10280] loop4: detected capacity change from 0 to 40427
[  149.123092][T10274] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  149.128425][T10280] F2FS-fs (loop4): Wrong NAT boundary, start(2560) end(3584) blocks(83968)
[  149.144387][T10280] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  149.166701][T10280] F2FS-fs (loop4): Fix alignment : done, start(4096) end(16896) block(12288)
[  149.177718][T10280] F2FS-fs (loop4): invalid crc value
[  149.193280][T10280] F2FS-fs (loop4): Found nat_bits in checkpoint
[  149.209028][   T39] usb 10-1: Using ep0 maxpacket: 32
[  149.215525][   T39] usb 10-1: config 0 has an invalid interface number: 184 but max is 0
[  149.233696][   T39] usb 10-1: config 0 has no interface number 0
[  149.241827][T10280] F2FS-fs (loop4): Start checkpoint disabled!
[  149.248611][T10280] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  149.254656][   T39] usb 10-1: config 0 interface 184 has no altsetting 0
[  149.255907][T10280] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  149.270840][T10306] netlink: 92 bytes leftover after parsing attributes in process `syz.3.4349'.
[  149.280534][T10303] SELinux:  policydb version 0 does not match my version range 15-33
[  149.288638][T10303] SELinux: failed to load policy
[  149.295140][   T39] usb 10-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  149.309812][   T39] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  149.328934][   T39] usb 10-1: Product: syz
[  149.333309][   T39] usb 10-1: Manufacturer: syz
[  149.337993][   T39] usb 10-1: SerialNumber: syz
[  149.349582][T10317] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4353'.
[  149.359247][   T39] usb 10-1: config 0 descriptor??
[  149.367220][   T39] smsc75xx v1.0.0
[  149.410731][T10319] netlink: 'syz.8.4355': attribute type 4 has an invalid length.
[  149.618834][T10335] loop0: detected capacity change from 0 to 128
[  149.625874][T10335] EXT4-fs: Ignoring removed nobh option
[  149.634984][T10335] ext4 filesystem being mounted at /66/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  149.647744][T10335] EXT4-fs error (device loop0): __ext4_remount:6598: comm syz.0.4370: Abort forced by user
[  149.658180][T10335] EXT4-fs (loop0): Remounting filesystem read-only
[  149.664756][T10335] EXT4-fs (loop0): re-mounted. Quota mode: none.
[  149.719243][T10345] cgroup: Unknown subsys name '¬§@﬽æì¦4*oäÂÒ£hÓîºoþüíUÜ'
[  149.768397][T10355] loop4: detected capacity change from 0 to 512
[  149.792863][T10355] ext4 filesystem being mounted at /281/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  149.966857][   T39] smsc75xx 10-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[  149.983533][   T39] smsc75xx 10-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  150.060440][T10387] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4384'.
[  150.077147][T10387] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  150.085257][T10387] IPv6: ADDRCONF(NETDEV_CHANGE): wg1: link becomes ready
[  150.119064][    T6] ip6_tnl_xmit_ctl: 6 callbacks suppressed
[  150.119079][    T6] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  150.199953][   T39] smsc75xx 10-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  150.211623][   T39] smsc75xx 10-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  150.222448][   T39] smsc75xx 10-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  150.226643][T10383] loop4: detected capacity change from 0 to 40427
[  150.232960][   T39] smsc75xx 10-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  150.241006][T10383] F2FS-fs (loop4): invalid crc value
[  150.249488][   T39] smsc75xx: probe of 10-1:0.184 failed with error -71
[  150.261611][T10383] F2FS-fs (loop4): Found nat_bits in checkpoint
[  150.268857][   T39] usb 10-1: USB disconnect, device number 7
[  150.291985][T10383] F2FS-fs (loop4): Start checkpoint disabled!
[  150.298746][T10383] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  150.327529][    T8] kworker/u4:0: attempt to access beyond end of device
[  150.327529][    T8] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  150.809062][    T6] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  151.073713][   T28] kauditd_printk_skb: 32 callbacks suppressed
[  151.073729][   T28] audit: type=1400 audit(2000000022.960:9097): avc:  denied  { setopt } for  pid=10439 comm="syz.9.4405" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  151.100915][   T28] audit: type=1400 audit(2000000022.970:9098): avc:  denied  { read } for  pid=10439 comm="syz.9.4405" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  151.123217][   T28] audit: type=1326 audit(2000000022.990:9099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10403 comm="syz.0.4391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18cd38e929 code=0x7fc00000
[  151.148228][T10450] SELinux:  Context system_u:object_r:systemd_passwd_var_run_t:s0 is not valid (left unmapped).
[  151.158735][   T28] audit: type=1400 audit(2000000023.040:9100): avc:  denied  { mac_admin } for  pid=10449 comm="syz.9.4410" capability=33  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  151.181060][T10453] SELinux:  Context system_u:object_r:hald_log_t:s0 is not valid (left unmapped).
[  151.182032][   T28] audit: type=1400 audit(2000000023.070:9101): avc:  denied  { relabelfrom } for  pid=10451 comm="syz.3.4411" name="" dev="pipefs" ino=55289 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  151.212886][   T28] audit: type=1400 audit(2000000023.070:9102): avc:  denied  { relabelto } for  pid=10449 comm="syz.9.4410" name="296" dev="tmpfs" ino=1570 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:systemd_passwd_var_run_t:s0"
[  151.240405][ T6044] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  151.248337][   T28] audit: type=1400 audit(2000000023.070:9103): avc:  denied  { associate } for  pid=10449 comm="syz.9.4410" name="296" dev="tmpfs" ino=1570 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:systemd_passwd_var_run_t:s0"
[  151.277610][   T28] audit: type=1400 audit(2000000023.080:9104): avc:  denied  { relabelto } for  pid=10451 comm="syz.3.4411" name="" dev="pipefs" ino=55289 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=fifo_file permissive=1 trawcon="system_u:object_r:hald_log_t:s0"
[  151.305962][   T28] audit: type=1400 audit(2000000023.130:9105): avc:  denied  { write } for  pid=6497 comm="syz-executor" name="296" dev="tmpfs" ino=1570 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:systemd_passwd_var_run_t:s0"
[  151.333175][   T28] audit: type=1400 audit(2000000023.130:9106): avc:  denied  { remove_name } for  pid=6497 comm="syz-executor" name="binderfs" dev="tmpfs" ino=1574 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:systemd_passwd_var_run_t:s0"
[  151.396905][T10462] 9pnet_fd: Insufficient options for proto=fd
[  151.463860][T10456] loop9: detected capacity change from 0 to 40427
[  151.471354][T10456] F2FS-fs (loop9): invalid crc value
[  151.477718][T10456] F2FS-fs (loop9): Found nat_bits in checkpoint
[  151.510268][ T6044] usb 5-1: Using ep0 maxpacket: 16
[  151.520037][ T6044] usb 5-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[  151.523521][T10456] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  151.529235][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[  151.543035][ T1332] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  151.543718][ T6044] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  151.575165][T10456] syz.9.4413: attempt to access beyond end of device
[  151.575165][T10456] loop9: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  151.578321][T10492] loop8: detected capacity change from 0 to 128
[  151.595853][ T6044] usb 5-1: config 0 descriptor??
[  151.596769][T10492] EXT4-fs (loop8): Test dummy encryption mode enabled
[  151.607975][ T6497] syz-executor: attempt to access beyond end of device
[  151.607975][ T6497] loop9: rw=2049, sector=45112, nr_sectors = 8 limit=40427
[  151.634161][T10492] ext4 filesystem being mounted at /408/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  151.709429][T10504] loop8: detected capacity change from 0 to 1024
[  151.734848][T10509] loop0: detected capacity change from 0 to 512
[  151.763313][T10509] ext4 filesystem being mounted at /88/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  151.775542][T10509] EXT4-fs error (device loop0): ext4_do_update_inode:5255: inode #2: comm syz.0.4438: corrupted inode contents
[  151.787562][T10509] EXT4-fs error (device loop0): ext4_dirty_inode:6120: inode #2: comm syz.0.4438: mark_inode_dirty error
[  151.799572][T10509] EXT4-fs error (device loop0): ext4_do_update_inode:5255: inode #2: comm syz.0.4438: corrupted inode contents
[  151.811514][T10509] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #2: comm syz.0.4438: mark_inode_dirty error
[  151.824633][T10509] EXT4-fs error (device loop0): ext4_get_first_dir_block:3594: inode #18: comm syz.0.4438: directory missing '.'
[  151.862553][T10520] kvm: emulating exchange as write
[  152.016325][ T6044] lenovo 0003:17EF:6047.001D: hidraw0: USB HID v1.01 Device [HID 17ef:6047] on usb-dummy_hcd.4-1/input0
[  152.288958][  T222] usb 10-1: new high-speed USB device number 8 using dummy_hcd
[  152.328922][   T39] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  152.470048][  T222] usb 10-1: config 0 has no interfaces?
[  152.477098][  T222] usb 10-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d
[  152.486248][  T222] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  152.494331][  T222] usb 10-1: Product: syz
[  152.498574][  T222] usb 10-1: Manufacturer: syz
[  152.503256][  T222] usb 10-1: SerialNumber: syz
[  152.508537][  T222] r8152-cfgselector 10-1: config 0 descriptor??
[  152.520059][   T39] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  152.531002][   T39] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  152.540833][   T39] usb 9-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af
[  152.549911][   T39] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  152.558804][   T39] usb 9-1: config 0 descriptor??
[  152.616629][ T6044] lenovo 0003:17EF:6047.001D: Fn-lock setting failed: -71
[  152.624065][ T6044] lenovo 0003:17EF:6047.001D: Sensitivity setting failed: -71
[  152.632618][ T6044] usb 5-1: USB disconnect, device number 7
[  152.715769][  T304] usb 10-1: config 0 descriptor??
[  152.883920][T10588] loop0: detected capacity change from 0 to 1024
[  152.890900][T10588] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  152.917995][ T6044] usb 10-1: USB disconnect, device number 8
[  152.918967][  T304] usb 10-1: can't set config #0, error -71
[  152.938682][T10588] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #11: comm syz.0.4473: missing EA_INODE flag
[  152.950463][T10588] EXT4-fs (loop0): Remounting filesystem read-only
[  152.956993][T10588] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.4473: error while reading EA inode 11 err=-117
[  152.969425][T10588] EXT4-fs (loop0): Remounting filesystem read-only
[  152.970701][   T39] playstation 0003:054C:0DF2.001E: unknown main item tag 0x0
[  152.976105][T10588] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #11: comm syz.0.4473: missing EA_INODE flag
[  152.983498][   T39] playstation 0003:054C:0DF2.001E: unknown main item tag 0x0
[  152.995190][T10588] EXT4-fs (loop0): Remounting filesystem read-only
[  153.002545][   T39] playstation 0003:054C:0DF2.001E: unknown main item tag 0x0
[  153.002569][   T39] playstation 0003:054C:0DF2.001E: unknown main item tag 0x0
[  153.002590][   T39] playstation 0003:054C:0DF2.001E: unknown main item tag 0x0
[  153.009346][T10588] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.4473: error while reading EA inode 11 err=-117
[  153.017316][   T39] playstation 0003:054C:0DF2.001E: hidraw0: USB HID v1.01 Device [HID 054c:0df2] on usb-dummy_hcd.8-1/input0
[  153.023960][T10588] EXT4-fs (loop0): Remounting filesystem read-only
[  153.230793][ T6044] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  153.238375][ T6044] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[  153.246329][ T6044] hid-generic 0000:0000:0000.001F: hidraw1: <UNKNOWN> HID vffffff.ff Device [syz1] on syz0
[  153.289173][T10620] loop4: detected capacity change from 0 to 1024
[  153.296061][T10620] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  153.313218][T10620] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: inode #11: comm syz.4.4487: missing EA_INODE flag
[  153.325054][T10620] EXT4-fs (loop4): Remounting filesystem read-only
[  153.331599][T10620] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.4487: error while reading EA inode 11 err=-117
[  153.344055][T10620] EXT4-fs (loop4): Remounting filesystem read-only
[  153.350663][T10620] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: inode #11: comm syz.4.4487: missing EA_INODE flag
[  153.362381][T10620] EXT4-fs (loop4): Remounting filesystem read-only
[  153.368948][T10620] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.4487: error while reading EA inode 11 err=-117
[  153.381359][T10620] EXT4-fs (loop4): Remounting filesystem read-only
[  153.381604][   T39] playstation 0003:054C:0DF2.001E: Failed to retrieve feature with reportID 32: -71
[  153.397424][   T39] playstation 0003:054C:0DF2.001E: Failed to retrieve DualSense firmware info: -71
[  153.406984][   T39] playstation 0003:054C:0DF2.001E: Failed to get firmware info from DualSense
[  153.415903][   T39] playstation 0003:054C:0DF2.001E: Failed to create dualsense.
[  153.423801][   T39] playstation: probe of 0003:054C:0DF2.001E failed with error -71
[  153.433275][   T39] usb 9-1: USB disconnect, device number 8
[  153.470762][T10629] loop4: detected capacity change from 0 to 512
[  153.477201][T10629] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  153.501157][T10631] loop4: detected capacity change from 0 to 128
[  153.509539][T10631] ext4 filesystem being mounted at /302/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  153.510952][T10634] loop9: detected capacity change from 0 to 128
[  153.549940][T10634] ext4 filesystem being mounted at /307/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  153.657265][  T222] hid-generic 0000:0004:0000.0020: item fetching failed at offset 0/3
[  153.665633][  T222] hid-generic: probe of 0000:0004:0000.0020 failed with error -22
[  153.918936][    T6] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  153.926597][T10644] loop9: detected capacity change from 0 to 512
[  153.933411][T10644] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  153.944422][T10644] EXT4-fs error (device loop9): ext4_orphan_get:1426: comm syz.9.4506: bad orphan inode 131083
[  154.102888][    T6] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  154.120337][    T6] usb 5-1: config 0 has no interface number 0
[  154.126455][    T6] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  154.150370][    T6] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  154.160151][    T6] usb 5-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.18
[  154.169798][    T6] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  154.178476][    T6] usb 5-1: config 0 descriptor??
[  154.368948][   T39] usb 9-1: new full-speed USB device number 9 using dummy_hcd
[  154.550072][   T39] usb 9-1: config 0 has an invalid interface number: 41 but max is 0
[  154.558161][   T39] usb 9-1: config 0 has no interface number 0
[  154.564302][   T39] usb 9-1: config 0 interface 41 has no altsetting 0
[  154.572389][   T39] usb 9-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  154.581872][   T39] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  154.589946][   T39] usb 9-1: Product: syz
[  154.594120][   T39] usb 9-1: Manufacturer: syz
[  154.598716][   T39] usb 9-1: SerialNumber: syz
[  154.600750][    T6] input: HID 04d9:a055 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.1/0003:04D9:A055.0021/input/input17
[  154.603918][   T39] usb 9-1: config 0 descriptor??
[  154.681349][    T6] holtek_kbd 0003:04D9:A055.0021: input,hidraw0: USB HID v0.00 Keyboard [HID 04d9:a055] on usb-dummy_hcd.4-1/input1
[  154.788849][ T6045] usb 5-1: USB disconnect, device number 8
[  155.303584][T10685] loop0: detected capacity change from 0 to 128
[  155.312537][T10685] EXT4-fs (loop0): Test dummy encryption mode enabled
[  155.321340][T10685] ext4 filesystem being mounted at /100/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  155.421965][   T39] CoreChips 9-1:0.41 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffb9
[  155.434583][   T39] CoreChips: probe of 9-1:0.41 failed with error -71
[  155.442187][   T39] usb 9-1: USB disconnect, device number 9
[  155.935097][T10702] loop9: detected capacity change from 0 to 128
[  155.943301][T10702] EXT4-fs (loop9): Test dummy encryption mode enabled
[  155.951694][T10702] ext4 filesystem being mounted at /320/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  155.979964][T10711] loop9: detected capacity change from 0 to 256
[  155.988697][T10711] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0xfb920961, utbl_chksum : 0xe619d30d)
[  156.001825][    T6] kernel read not supported for file /usbmon9 (pid: 6 comm: kworker/0:0)
[  156.029011][T10718] loop4: detected capacity change from 0 to 1024
[  156.136850][   T28] kauditd_printk_skb: 36 callbacks suppressed
[  156.136866][   T28] audit: type=1400 audit(2000000028.020:9143): avc:  denied  { create } for  pid=10724 comm="syz.4.4528" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  156.171683][   T28] audit: type=1400 audit(2000000028.060:9144): avc:  denied  { connect } for  pid=10724 comm="syz.4.4528" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  156.331823][T10751] syz.9.4541 (10751) used greatest stack depth: 20640 bytes left
[  156.347611][T10749] loop4: detected capacity change from 0 to 8192
[  156.356681][   T28] audit: type=1400 audit(2000000028.240:9145): avc:  denied  { mounton } for  pid=10748 comm="syz.4.4542" path="/312/bus/bus" dev="loop4" ino=1048717 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=file permissive=1
[  156.398940][   T28] audit: type=1400 audit(2000000028.270:9146): avc:  denied  { unmount } for  pid=7080 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  156.404654][T10758] loop4: detected capacity change from 0 to 512
[  156.425888][T10758] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  156.437574][T10758] EXT4-fs (loop4): 1 truncate cleaned up
[  156.452331][T10758] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2195: inode #15: comm syz.4.4544: corrupted in-inode xattr
[  156.472035][T10763] loop9: detected capacity change from 0 to 256
[  156.474416][T10758] EXT4-fs (loop4): Remounting filesystem read-only
[  156.492189][T10758] EXT4-fs warning (device loop4): ext4_xattr_set_entry:1732: inode #15: comm syz.4.4544: unable to update i_inline_off
[  156.505223][T10758] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2195: inode #15: comm syz.4.4544: corrupted in-inode xattr
[  156.519303][T10758] EXT4-fs (loop4): Remounting filesystem read-only
[  156.519988][   T28] audit: type=1400 audit(2000000028.410:9147): avc:  denied  { watch watch_reads } for  pid=10765 comm="syz.9.4546" path="/329" dev="tmpfs" ino=1745 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  156.558924][   T28] audit: type=1400 audit(2000000028.440:9148): avc:  denied  { create } for  pid=10770 comm="syz.4.4548" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  156.575876][T10774] loop4: detected capacity change from 0 to 512
[  156.586264][   T28] audit: type=1400 audit(2000000028.450:9149): avc:  denied  { connect } for  pid=10770 comm="syz.4.4548" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  156.619291][   T28] audit: type=1400 audit(2000000028.450:9150): avc:  denied  { setopt } for  pid=10770 comm="syz.4.4548" laddr=172.20.20.10 lport=7 faddr=172.20.20.187 fport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  156.644231][   T28] audit: type=1400 audit(2000000028.450:9151): avc:  denied  { write } for  pid=10770 comm="syz.4.4548" path="socket:[57119]" dev="sockfs" ino=57119 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  156.667667][   T28] audit: type=1400 audit(2000000028.450:9152): avc:  denied  { read } for  pid=10770 comm="syz.4.4548" path="socket:[57119]" dev="sockfs" ino=57119 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  156.715987][T10788] loop9: detected capacity change from 0 to 1024
[  156.730989][T10788] ext4 filesystem being mounted at /334/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  156.743195][T10788] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  156.758694][T10788] EXT4-fs (loop9): Remounting filesystem read-only
[  156.792012][T10799] loop9: detected capacity change from 0 to 512
[  156.800381][T10798] loop4: detected capacity change from 0 to 256
[  156.812601][T10799] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  156.833448][T10809] input: syz0 as /devices/virtual/input/input18
[  156.847453][T10799] EXT4-fs (loop9): 1 truncate cleaned up
[  156.857575][T10799] EXT4-fs error (device loop9): ext4_xattr_ibody_find:2195: inode #15: comm syz.9.4558: corrupted in-inode xattr
[  156.869690][T10799] EXT4-fs (loop9): Remounting filesystem read-only
[  156.876243][T10799] EXT4-fs warning (device loop9): ext4_xattr_set_entry:1732: inode #15: comm syz.9.4558: unable to update i_inline_off
[  156.889900][T10799] EXT4-fs error (device loop9): ext4_xattr_ibody_find:2195: inode #15: comm syz.9.4558: corrupted in-inode xattr
[  156.907639][T10799] EXT4-fs (loop9): Remounting filesystem read-only
[  156.956677][ T7080] ------------[ cut here ]------------
[  156.962268][ T7080] WARNING: CPU: 1 PID: 7080 at fs/inode.c:332 drop_nlink+0xc5/0x110
[  156.970402][ T7080] Modules linked in:
[  156.974297][ T7080] CPU: 1 PID: 7080 Comm: syz-executor Not tainted 6.1.138-syzkaller-00056-g7af56ffc913d #0
[  156.984318][ T7080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  156.994575][ T7080] RIP: 0010:drop_nlink+0xc5/0x110
[  156.999753][ T7080] Code: 1b 48 8d bb b8 04 00 00 be 08 00 00 00 e8 63 ee f0 ff f0 48 ff 83 b8 04 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 9b 94 ac ff <0f> 0b eb 86 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 5e ff ff ff 4c
[  157.019571][ T7080] RSP: 0018:ffffc90000e47c38 EFLAGS: 00010293
[  157.025818][ T7080] RAX: ffffffff81c35c75 RBX: ffff88813249daf8 RCX: ffff88810d5bd100
[  157.033929][ T7080] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  157.041949][ T7080] RBP: ffffc90000e47c60 R08: 0000000000000004 R09: 0000000000000003
[  157.050115][ T7080] R10: fffff520001c8f78 R11: 1ffff920001c8f78 R12: dffffc0000000000
[  157.058102][ T7080] R13: 1ffff11026493b68 R14: ffff88813249db40 R15: 0000000000000000
[  157.066090][ T7080] FS:  000055556ea0d500(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  157.075035][ T7080] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  157.081655][ T7080] CR2: 000055556ea304e8 CR3: 000000011ff84000 CR4: 00000000003506a0
[  157.089647][ T7080] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  157.097635][ T7080] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  157.105673][ T7080] Call Trace:
[  157.108982][ T7080]  <TASK>
[  157.111912][ T7080]  shmem_rmdir+0x5b/0x90
[  157.116160][ T7080]  vfs_rmdir+0x393/0x500
[  157.120422][ T7080]  incfs_kill_sb+0x105/0x220
[  157.125016][ T7080]  deactivate_locked_super+0xb5/0x120
[  157.130410][ T7080]  deactivate_super+0xaf/0xe0
[  157.135088][ T7080]  cleanup_mnt+0x45f/0x4e0
[  157.139532][ T7080]  __cleanup_mnt+0x19/0x20
[  157.143955][ T7080]  task_work_run+0x1db/0x240
[  157.148553][ T7080]  ? __cfi_task_work_run+0x10/0x10
[  157.153121][T10828] loop8: detected capacity change from 0 to 512
[  157.153688][ T7080]  ? __x64_sys_umount+0x125/0x160
[  157.164928][ T7080]  ? __cfi___x64_sys_umount+0x10/0x10
[  157.166496][T10828] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  157.170320][ T7080]  exit_to_user_mode_loop+0x9b/0xb0
[  157.170350][ T7080]  exit_to_user_mode_prepare+0x5a/0xa0
[  157.190773][ T7080]  syscall_exit_to_user_mode+0x1a/0x30
[  157.196234][ T7080]  do_syscall_64+0x58/0xa0
[  157.200685][ T7080]  ? clear_bhb_loop+0x15/0x70
[  157.205369][ T7080]  ? clear_bhb_loop+0x15/0x70
[  157.210095][ T7080]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  157.214903][T10828] EXT4-fs (loop8): 1 truncate cleaned up
[  157.216000][ T7080] RIP: 0033:0x7ffb15b8fc57
[  157.216019][ T7080] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  157.237025][T10828] EXT4-fs error (device loop8): ext4_xattr_ibody_find:2195: inode #15: comm syz.8.4581: corrupted in-inode xattr
[  157.245645][ T7080] RSP: 002b:00007fff64211e18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  157.245668][ T7080] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007ffb15b8fc57
[  157.245681][ T7080] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff64211ed0
[  157.245692][ T7080] RBP: 00007fff64211ed0 R08: 0000000000000000 R09: 0000000000000000
[  157.289947][ T7080] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff64212f60
[  157.290272][T10828] EXT4-fs (loop8): Remounting filesystem read-only
[  157.297914][ T7080] R13: 00007ffb15c10925 R14: 00000000000264ff R15: 00007fff64212fa0
[  157.297935][ T7080]  </TASK>
[  157.297942][ T7080] ---[ end trace 0000000000000000 ]---
[  157.327076][T10828] EXT4-fs warning (device loop8): ext4_xattr_set_entry:1732: inode #15: comm syz.8.4581: unable to update i_inline_off
[  157.339766][T10828] EXT4-fs error (device loop8): ext4_xattr_ibody_find:2195: inode #15: comm syz.8.4581: corrupted in-inode xattr
[  157.351831][ T7080] ==================================================================
[  157.359889][ T7080] BUG: KASAN: null-ptr-deref in ihold+0x20/0x60
[  157.366153][ T7080] Write of size 4 at addr 0000000000000170 by task syz-executor/7080
[  157.374208][ T7080] 
[  157.376529][ T7080] CPU: 0 PID: 7080 Comm: syz-executor Tainted: G        W          6.1.138-syzkaller-00056-g7af56ffc913d #0
[  157.387986][ T7080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  157.398039][ T7080] Call Trace:
[  157.401318][ T7080]  <TASK>
[  157.404249][ T7080]  __dump_stack+0x21/0x24
[  157.408603][ T7080]  dump_stack_lvl+0xee/0x150
[  157.409079][T10828] EXT4-fs (loop8): Remounting filesystem read-only
[  157.413209][ T7080]  ? __cfi_dump_stack_lvl+0x8/0x8
[  157.413247][ T7080]  ? ihold+0x20/0x60
[  157.413275][ T7080]  ? ihold+0x20/0x60
[  157.432524][ T7080]  print_report+0x3d/0x60
[  157.436864][ T7080]  kasan_report+0x122/0x150
[  157.441376][ T7080]  ? ihold+0x20/0x60
[  157.445287][ T7080]  kasan_check_range+0x280/0x290
[  157.450241][ T7080]  __kasan_check_write+0x14/0x20
[  157.455191][ T7080]  ihold+0x20/0x60
[  157.458929][ T7080]  vfs_rmdir+0x25f/0x500
[  157.463181][ T7080]  incfs_kill_sb+0x105/0x220
[  157.467773][ T7080]  deactivate_locked_super+0xb5/0x120
[  157.473164][ T7080]  deactivate_super+0xaf/0xe0
[  157.477854][ T7080]  cleanup_mnt+0x45f/0x4e0
[  157.482282][ T7080]  __cleanup_mnt+0x19/0x20
[  157.486721][ T7080]  task_work_run+0x1db/0x240
[  157.491319][ T7080]  ? __cfi_task_work_run+0x10/0x10
[  157.496431][ T7080]  ? __x64_sys_umount+0x125/0x160
[  157.501464][ T7080]  ? __cfi___x64_sys_umount+0x10/0x10
[  157.506838][ T7080]  exit_to_user_mode_loop+0x9b/0xb0
[  157.512033][ T7080]  exit_to_user_mode_prepare+0x5a/0xa0
[  157.517488][ T7080]  syscall_exit_to_user_mode+0x1a/0x30
[  157.522978][ T7080]  do_syscall_64+0x58/0xa0
[  157.527392][ T7080]  ? clear_bhb_loop+0x15/0x70
[  157.532067][ T7080]  ? clear_bhb_loop+0x15/0x70
[  157.536754][ T7080]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  157.542662][ T7080] RIP: 0033:0x7ffb15b8fc57
[  157.547076][ T7080] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  157.560492][T10835] loop9: detected capacity change from 0 to 256
[  157.566759][ T7080] RSP: 002b:00007fff64211e18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  157.566784][ T7080] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007ffb15b8fc57
[  157.589366][ T7080] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff64211ed0
[  157.597345][ T7080] RBP: 00007fff64211ed0 R08: 0000000000000000 R09: 0000000000000000
[  157.605312][ T7080] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff64212f60
[  157.613271][ T7080] R13: 00007ffb15c10925 R14: 00000000000264ff R15: 00007fff64212fa0
[  157.621238][ T7080]  </TASK>
[  157.624242][ T7080] ==================================================================
[  157.633433][ T7080] Disabling lock debugging due to kernel taint
[  157.639764][ T7080] BUG: kernel NULL pointer dereference, address: 0000000000000170
[  157.647561][ T7080] #PF: supervisor write access in kernel mode
[  157.653623][ T7080] #PF: error_code(0x0002) - not-present page
[  157.659603][ T7080] PGD 12f335067 P4D 12f335067 PUD 0 
[  157.664902][ T7080] Oops: 0002 [#1] PREEMPT SMP KASAN
[  157.670112][ T7080] CPU: 0 PID: 7080 Comm: syz-executor Tainted: G    B   W          6.1.138-syzkaller-00056-g7af56ffc913d #0
[  157.681569][ T7080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  157.691623][ T7080] RIP: 0010:ihold+0x26/0x60
[  157.696149][ T7080] Code: 33 36 7c df 55 48 89 e5 41 56 53 48 89 fb e8 01 8c ac ff 48 8d bb 70 01 00 00 be 04 00 00 00 e8 a0 e5 f0 ff 41 be 01 00 00 00 <f0> 44 0f c1 b3 70 01 00 00 41 ff c6 bf 02 00 00 00 44 89 f6 e8 f1
[  157.715756][ T7080] RSP: 0018:ffffc90000e47c78 EFLAGS: 00010246
[  157.721827][ T7080] RAX: ffff88810d5bd100 RBX: 0000000000000000 RCX: ffff88810d5bd100
[  157.729801][ T7080] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  157.737774][ T7080] RBP: ffffc90000e47c88 R08: dffffc0000000000 R09: fffffbfff0f2cafd
[  157.743771][T10835] FAT-fs (loop9): Directory bread(block 64) failed
[  157.745746][ T7080] R10: fffffbfff0f2cafd R11: 1ffffffff0f2cafc R12: ffff88813249db04
[  157.745767][ T7080] R13: dffffc0000000000 R14: 0000000000000001 R15: 0000000000000000
[  157.758852][T10835] FAT-fs (loop9): Directory bread(block 65) failed
[  157.760204][ T7080] FS:  000055556ea0d500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  157.783562][ T7080] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  157.790133][ T7080] CR2: 0000000000000170 CR3: 000000011ff84000 CR4: 00000000003506b0
[  157.798095][ T7080] Call Trace:
[  157.801357][ T7080]  <TASK>
[  157.804278][ T7080]  vfs_rmdir+0x25f/0x500
[  157.808511][ T7080]  incfs_kill_sb+0x105/0x220
[  157.813093][ T7080]  deactivate_locked_super+0xb5/0x120
[  157.818455][ T7080]  deactivate_super+0xaf/0xe0
[  157.823121][ T7080]  cleanup_mnt+0x45f/0x4e0
[  157.827539][ T7080]  __cleanup_mnt+0x19/0x20
[  157.831944][ T7080]  task_work_run+0x1db/0x240
[  157.836525][ T7080]  ? __cfi_task_work_run+0x10/0x10
[  157.841626][ T7080]  ? __x64_sys_umount+0x125/0x160
[  157.846639][ T7080]  ? __cfi___x64_sys_umount+0x10/0x10
[  157.852018][ T7080]  exit_to_user_mode_loop+0x9b/0xb0
[  157.857207][ T7080]  exit_to_user_mode_prepare+0x5a/0xa0
[  157.862656][ T7080]  syscall_exit_to_user_mode+0x1a/0x30
[  157.868106][ T7080]  do_syscall_64+0x58/0xa0
[  157.872516][ T7080]  ? clear_bhb_loop+0x15/0x70
[  157.877183][ T7080]  ? clear_bhb_loop+0x15/0x70
[  157.881848][ T7080]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  157.887737][ T7080] RIP: 0033:0x7ffb15b8fc57
[  157.892140][ T7080] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  157.911734][ T7080] RSP: 002b:00007fff64211e18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  157.920137][ T7080] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007ffb15b8fc57
[  157.928098][ T7080] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff64211ed0
[  157.936058][ T7080] RBP: 00007fff64211ed0 R08: 0000000000000000 R09: 0000000000000000
[  157.944016][ T7080] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff64212f60
[  157.951995][ T7080] R13: 00007ffb15c10925 R14: 00000000000264ff R15: 00007fff64212fa0
[  157.959954][ T7080]  </TASK>
[  157.962958][ T7080] Modules linked in:
[  157.966844][ T7080] CR2: 0000000000000170
[  157.970978][ T7080] ---[ end trace 0000000000000000 ]---
[  157.976414][ T7080] RIP: 0010:ihold+0x26/0x60
[  157.980917][ T7080] Code: 33 36 7c df 55 48 89 e5 41 56 53 48 89 fb e8 01 8c ac ff 48 8d bb 70 01 00 00 be 04 00 00 00 e8 a0 e5 f0 ff 41 be 01 00 00 00 <f0> 44 0f c1 b3 70 01 00 00 41 ff c6 bf 02 00 00 00 44 89 f6 e8 f1
[  158.000508][ T7080] RSP: 0018:ffffc90000e47c78 EFLAGS: 00010246
[  158.006564][ T7080] RAX: ffff88810d5bd100 RBX: 0000000000000000 RCX: ffff88810d5bd100
[  158.014522][ T7080] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  158.022482][ T7080] RBP: ffffc90000e47c88 R08: dffffc0000000000 R09: fffffbfff0f2cafd
[  158.030447][ T7080] R10: fffffbfff0f2cafd R11: 1ffffffff0f2cafc R12: ffff88813249db04
[  158.038409][ T7080] R13: dffffc0000000000 R14: 0000000000000001 R15: 0000000000000000
[  158.046370][ T7080] FS:  000055556ea0d500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  158.055286][ T7080] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  158.061874][ T7080] CR2: 0000000000000170 CR3: 000000011ff84000 CR4: 00000000003506b0
[  158.069838][ T7080] Kernel panic - not syncing: Fatal exception
[  158.076166][ T7080] Kernel Offset: disabled
[  158.080474][ T7080] Rebooting in 86400 seconds..