last executing test programs:

9.526937261s ago: executing program 0:
mknodat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='./file2\x00', 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
setgid(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1000, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r4, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(0xffffffffffffffff, &(0x7f00000004c0)='<', 0x1, 0x0, 0x0, 0x0)
ioctl$sock_inet_tcp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f00000012c0))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x0, 0x0)
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

7.686110983s ago: executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000001e000018600000000011000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000001800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1}, 0x0, &(0x7f00000002c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r2}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r3, &(0x7f0000000200), 0x42400)

6.518482282s ago: executing program 0:
syz_btf_id_by_name$bpf_lsm(0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000280)={'wg2\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYRES64=0x0, @ANYRES32, @ANYRES8=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffc2, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x0, 0x1}, 0x48)
geteuid()
getresgid(&(0x7f00000023c0), &(0x7f0000002400), &(0x7f0000002440))
openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000080), 0x4)

5.024007861s ago: executing program 0:
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0}, 0x90)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000040260933334000000000010902240001000000000904000001030100000921000000012201000905810308"], 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r2 = inotify_init1(0x0)
inotify_add_watch(r2, &(0x7f0000000080)='.\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
lsetxattr$system_posix_acl(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f00000001c0)=ANY=[@ANYBLOB], 0x24, 0x0)
syz_open_dev$hidraw(0x0, 0x400, 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io(r1, &(0x7f00000011c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="000002"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_ep_write(r1, 0x81, 0xf4, &(0x7f0000000240)="b9425b446512d23236973599b76c4705397f00466e5b7462c24a16941ff5f4b4f1f0add7fc8280adbfa66d5b5ebea62a394e79f19c484d4609741adf42b8f59f90604e07d2388862672dfbf3e0c9d3969890524f3323746bde8946c7ec160f9e688f6b86781684ed273a5bd5531d459dc627ec0af211ebbf909987f5d2e8dcb3351da332165081af7d0814c57f5d65e4b436aa9f50bc0f19b7df372ff9ebcede3ff0cc752cf246a5d2da34a5a297dc14a469c3dd3e26b41c356484e06fd66e3f2c7807e8773ecd7b94fad89ab84feadec2ea95f65bba452eaef4b0cf962e50bdc395c270f7279a07e2815e472c8469ea4e8efb52")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='ext4_writepages\x00', r5}, 0x10)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000080))
gettid()
r6 = syz_usb_connect(0x3, 0x52c, &(0x7f0000001200)={{0x12, 0x1, 0x201, 0x23, 0xc5, 0x3a, 0x20, 0x45e, 0x417, 0xa02a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x51a, 0x2, 0xe, 0x1, 0x20, 0x4, [{{0x9, 0x4, 0x8b, 0x72, 0xc, 0x5e, 0x34, 0x1b, 0x5, [@cdc_ecm={{0x8, 0x24, 0x6, 0x0, 0x0, "acc0cd"}, {0x5, 0x24, 0x0, 0x4}, {0xd, 0x24, 0xf, 0x1, 0x8, 0x81, 0x8001, 0x40}, [@mdlm={0x15}, @country_functional={0xa, 0x24, 0x7, 0x20, 0xde, [0x0, 0x0]}]}], [{{0x9, 0x5, 0x6, 0x8, 0x60, 0x81, 0x9f, 0x80, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x2, 0x2}, @generic={0xd9, 0x5, "ca3bf322d3f7776be0952ec36820edcc6c655c0576a3cf977a13915d0634edd2189bff5c34c9ca909ab0abe00e86746f1e206438b40819a2042e1a09fcf85cf5b66777ff0a603f1f3326b7fb95fd0ea247d5f0b16d276510b7f9fa75a1a3a6dc4379cc0e5365e08bcbc7f689d737b7c83e272b1720f6da6c1757ee2654c87ed39f72b7342f94dab68a4ef892e19a56e309cd954c02ddf253b4698eb8ad6ea921b261d417eee82cb8140f8ad7fd27a00f60d7b4f994401f6309538fc9787d39fb0ff21667b041025be6754bc63fab3de9585ab8c292286e"}]}}, {{0x9, 0x5, 0xa, 0x2, 0x400, 0x20, 0x5, 0xe7, [@generic={0xa0, 0x5, "8417330908ba4de4a607178fd947b8119a68726eb58a62b3cfe7095557a87878827463be0ab56d961c4e7b7f578e459108140bfc2a2dc707b10b3f1fd7db936b7fd81a920b8e783a8f7a8ad327aa4ff721ed1e5b5a147b1ca037e242492c26b7658140d6004a03c2821de181fee74822df1c968851268bf5e02bdc97b7dbea0a0c8fe6e84ec638c9a4ba1a7cf4ece0f82487b9fc2c9ecfe65588217a9814"}]}}, {{0x9, 0x5, 0x7, 0x0, 0x40, 0xfc, 0x6, 0x40, [@generic={0x1c, 0x24, "df55d1688f4008e62f7d7e0b164a5a695ed2976ba6d0228e409b"}, @uac_iso={0x7, 0x25, 0x1, 0x0, 0x0, 0x5}]}}, {{0x9, 0x5, 0x4, 0x10, 0x8, 0x80, 0x20, 0x4, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0x3e, 0x7f}, @generic={0x5f, 0xb, "2f2aa8b7594f7ce773930b1878700d9547a532eda53205c0a7921a98f4125cee7c10b1343288ae5b55bf70c68d4298e9707e7bae064c867a40e247be4996fee9d954193e21742ca82f2574bc483293a9434120c3f344b6261c2b5413a9"}]}}, {{0x9, 0x5, 0x89, 0x8, 0x40, 0x2, 0x80, 0x6, [@uac_iso={0x7, 0x25, 0x1, 0x83, 0xe1, 0x9}, @uac_iso={0x7, 0x25, 0x1, 0x0, 0x1, 0x4}]}}, {{0x9, 0x5, 0xe, 0x0, 0x3ff, 0x2, 0x40, 0x2, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0xff, 0x5}]}}, {{0x9, 0x5, 0x6, 0x0, 0x3ff, 0x1, 0xff, 0x5, [@generic={0x44, 0x9, "4c6a8e5def62738ba56652b62e15d3609365197c61d71ce8c0d494598ecf5657bf0a95a3979d166de4b22fb75b9d617020e88617bb08f0f85a9f9cddf50d9aef8358"}]}}, {{0x9, 0x5, 0x7, 0x10, 0x200, 0x2, 0x4, 0xff, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x2, 0x8}]}}, {{0x9, 0x5, 0x0, 0x0, 0x40, 0x7, 0x7, 0x0, [@uac_iso={0x7, 0x25, 0x1, 0x83, 0x3}]}}, {{0x9, 0x5, 0x2, 0x0, 0x387, 0x0, 0x0, 0x0, [@generic={0xb, 0x4, "d031d124a9d81192b9"}, @uac_iso={0x7, 0x25, 0x1, 0x80}]}}, {{0x9, 0x5, 0x1, 0x0, 0x10, 0x3, 0xac, 0x2, [@generic={0xfe, 0xc, "235bacf9ad56ce69093ca2b02d2865feb0066120a77c289f956a484c79d038e66d69fb1520b27eccc4151c62dc55808126130aa0f141b22729c9fdef0bc3d202e96e7e7fcfb3cc5fe20ec19acc6be219f8b1b006d4e76abf944daa8046899f17c08514a4ea03a9b1af5927221de98341fa5a53aee0e5a0bd5b46993c57c2324b794b67232cb4c6144932b6c26dbbe5e70b63ec277663b9a0c3e47f4a8e6a7dc2c728a2d8528a3b592169a8cf5d23527a0db4af1005918314dec0bab4218f6329be25791a3f2e0c7e1621db1181826798bd7d8832b6408ee4987dec4581b2d7ae3a52abcd434362a18fc9b7830eb352205496f701a3ebcf12fcaea6ca"}]}}, {{0x9, 0x5, 0x9, 0x0, 0x20, 0x6, 0x1d, 0x6, [@generic={0x74, 0x21, "92151fdd817e98115f6affa2db49268fa677ff9fadbec9ebb17745d4bd7ab7f0a10f99215cf931ab82c866dae5195dc285415c750feb612bbf32c4cefbccfb8083ceb4194e6df524555a0fb43bb3a4840aa57a1e6a5d7942e79fa2708a269f89b653a6627262db64fba4bf4277659845db7c"}]}}]}}, {{0x9, 0x4, 0x24, 0xae, 0x6, 0x5e, 0xb, 0xfc, 0x0, [@hid_hid={0x9, 0x21, 0x7, 0x4, 0x1, {0x22, 0x5e4}}], [{{0x9, 0x5, 0x0, 0x0, 0x8, 0xff, 0x20}}, {{0x9, 0x5, 0xd, 0xc, 0x10, 0x0, 0x0, 0x1, [@generic={0x2}]}}, {{0x9, 0x5, 0x4, 0x10, 0x0, 0x0, 0x80, 0x1, [@generic={0x1c, 0x23, "f4577e117eeb5ea2fdc607e77579f2846685e1b318f5e61f8b05"}]}}, {{0x9, 0x5, 0x0, 0x0, 0x0, 0xed, 0x6, 0x5}}, {{0x9, 0x5, 0xc, 0x8, 0x400, 0x75, 0xdb, 0x20, [@generic={0x2, 0x1}]}}, {{0x9, 0x5, 0x1, 0x1, 0x20, 0x7f, 0x0, 0x3, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x1, 0xef03}]}}]}}]}}]}}, &(0x7f0000000500)={0xa, &(0x7f0000000140)={0xa, 0x6, 0x51, 0x4, 0x86, 0x8c, 0x8, 0x9}, 0xb4, &(0x7f0000000340)={0x5, 0xf, 0xb4, 0x4, [@generic={0x90, 0x10, 0x3, "87fc775c0703d6454b36f83ed9c0f8546714d1d15f70ab9e44eabaa0e4df6b3a83dbad051f6cc6f4c8ba22df6dab5d7fae4ae3fa24316934a98164f5e9580a19dbe00bfa6543461fb85ae32c445f6ffb4d532e8c1a4da41a9edf0f668725f8ac3efb51e9efb19366051b33e2088adfa97baebaa8658e92889ddd2612ff0856649eeb20b81cc6e10f1f19c4e223"}, @ss_cap={0xa, 0x10, 0x3, 0x2fffc5dd1e34b63e, 0x7361038f7e31a4b5, 0x51, 0x0, 0x6}, @wireless={0xb, 0x10, 0x1, 0xc, 0x0, 0x0, 0x2, 0x97b8, 0x80}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x3, 0xff, 0x80, 0x4}]}, 0x4, [{0x4, &(0x7f00000001c0)=@lang_id={0x4, 0x3, 0x3009}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x440a}}, {0x2d, &(0x7f0000000400)=@string={0x2d, 0x3, "cd6422f7dac8a3b3341dc92aaf3720c49a503cd9ef68217b536e6950fb982d9b8bdfb9c3ba35b14788bcae"}}, {0x26, &(0x7f00000004c0)=@string={0x26, 0x3, "9bee93e7b4963df80c85f7e751619d8b74a45eeae98a6ad7f9c8ff6321ca785990a32ca3"}}]})
syz_usb_control_io$uac1(r6, &(0x7f00000005c0)={0x14, &(0x7f00000006c0)={0x0, 0x10, 0xcf, {0xcf, 0xe, "3ffe1df313021f8e9707b8bc42dd9112ed419b25e9563b8db54ab12bb60b05602e63437d489afe687a84f6dd4f63caf6be015ef55ebb567d35d8ac934631ba93cc850901a4d94ed730519495a156389dc9e462d313c7262a7f3f98079a8886af5d3961acf2269581e8459f096e94e7943d16578ae989b560cd8617a9e02ff8d8356eb2ab5316336d71b256ec58f2434884d75877f7325251ce01b250b4eb0e4b09672147bca5be608fef95192545ab6b27d1a5a76678ed5de1599c87aee507fae5132301c1abffeb398ea0511e"}}, &(0x7f00000007c0)={0x0, 0x3, 0xba, @string={0xba, 0x3, "cdd3b3e8cdd458a9349812ebbe904a068f4ffee76492b42bb77c5ab6a0b05874d5c3d813b028a6f7cfc59119861e7c06b88362e1c5476bf2bd6cb6c15465008b341631ecc317e2fe1b8a8da24d3db0322b56c6ce36a7c839265e31d578cc54f71d655db5465ce829cedad77495342a6883c3eb4813609611b9b78eac7400b285e0ec2de838bdd27ea4c221bba3ddb767c372399bed1ed7be3aeaf1893a19156354958efbb1742a63f359b2d4237a1cdaf37e9ce9910cc46c"}}}, &(0x7f0000000bc0)={0x44, &(0x7f0000000880)={0x0, 0x30, 0xcb, "204a012be5857731dbbc940ffc6a75063016c432fe03125d8456089f1578d91b2345c4565076195954524c4a25f9eadd9c5ded7e5e7a1b52baf4f8750595a56f8e897d95e0d937ebc1c2db395b9896e7a9d4ca89910e352cb56e5d854fd41a200f286ff81b9f529169540ba9f38d02c3e7486a921f016a09ee40f85927edb2dd5d74067e9c267a7b89174713f1c50fb70e407eecaf7242388b35bdb8233d1730d3323cdd85481a60e2a34ebf1dc87e80beb679ccfb7d783910fa6a3c785d0bd87f218b6a72081d66b4ffcf"}, &(0x7f0000000600)={0x0, 0xa, 0x1, 0x1}, &(0x7f0000000980)={0x0, 0x8, 0x1, 0x20}, &(0x7f00000009c0)={0x20, 0x81, 0x2, "8dad"}, &(0x7f0000000a00)={0x20, 0x82, 0x1, 'i'}, &(0x7f0000000b00)={0x20, 0x83, 0x3, "f6e968"}, &(0x7f0000000b40)={0x20, 0x84, 0x2, "308d"}, &(0x7f0000000b80)={0x20, 0x85, 0x3, "4042bc"}})

4.900985829s ago: executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000800000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYBLOB="0000000000000000240012800b0001006272696467650000140002800800040000000000050017"], 0x44}}, 0x0)

4.407582675s ago: executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x0, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="1809000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r4}, &(0x7f0000000540), &(0x7f0000000580)=r5}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r4, &(0x7f0000000780)}, 0x20)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000200)={0x1f, 0x0, @none, 0x0, 0x2}, 0xe)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180), 0x48)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000003880)=ANY=[@ANYBLOB='huge=always'])
chdir(&(0x7f0000000140)='./file0\x00')
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x801008, &(0x7f0000000500)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

4.37405297s ago: executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000001e000018600000000011000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000001800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1}, 0x0, &(0x7f00000002c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r2}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r3, &(0x7f0000000200), 0x42400)

4.04923238s ago: executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='ext4_request_blocks\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)

4.025637124s ago: executing program 3:
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mkdirat(r0, &(0x7f0000000000)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0x4, &(0x7f0000000800)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x50}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r3, &(0x7f0000000480)=ANY=[@ANYBLOB="9802"], 0x298)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f00000005c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}})
mkdirat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

3.700942803s ago: executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000000)='ext4_mballoc_alloc\x00', r1}, 0x10)
mkdir(&(0x7f0000000240)='./file0\x00', 0x0)

3.561130885s ago: executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000002c0)={0x0, <r1=>0x0}, 0x8)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000140)=r1, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x1b, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r1, r2}, 0x90)

3.439636934s ago: executing program 1:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x1, 0x7fe2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000f7ff0000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000180)='ext4_ext_show_extent\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000180)='ext4_ext_show_extent\x00', r2}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r3, &(0x7f0000000000), 0x400000)

3.405261739s ago: executing program 3:
syz_mount_image$f2fs(&(0x7f0000010240), &(0x7f0000010280)='./mnt\x00', 0x0, &(0x7f00000102c0)=ANY=[@ANYBLOB="cd"], 0x0, 0x10204, &(0x7f0000010300)="$eJzs3D9vG2UcB/DfNbQCWkqEGNh4JEByJGKd7aSCskRUVQdIFdEyMji2Y7lN7ChOnNCJhT8vgg0m3gMvgI2lQ98BEhsSS4UE8t0FoYqhgInB+Xyku+/dc9ffc491y+9UJYBzazn9/FMWV+O5iFiKiCsRxXFWbYWNMl6JiFcj4sIftqwa/33gUkQ8HxFXp8XLmll16atvP/vo6x/ee+PLb75byr/4/Mf5rRqYt9cjYm+/PD7eK3PUL/NeNd6eDIrcW5tUWV7Yu1+dj8o87m0XFY7bp/e1i2z1y/tH+0fjae7stjvT7A92ivH9YTnheNI/rVP8g3vtg+K829sucjAeFdl/UD7XSZUPxodlnW5V7+OifBwenmY53jvplevZv19kZ3hYjZd1R93eyTQnVVbTRXf77/++/xfvD4ZHJ2nSOxgPRsO0Xm/k9Xz1oHNtNc8bb7dW+932Tudar7nWbe+spVpvYzzaXUm1fqeTardu3FhJjbzerOdvplu3P0y73VSb5ruD4dHhYHe8kpr11nq9sZJea6Q7m1tp64ObNze37qbN0TDdHk1SK0+N1vX15vXWW2nrzt3UzJu59Z+p7IznY8F4gQD+Mv0/MA/6f/1/6H/P/fq1b/wjXiAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHPr8vfvHBUHy+X5hWr8hWropeo8q679+ieyJ2ouTetGxMWnvP/TLOJSNcfp9kxEbFTbLy/+u78BAAAALLJHj2sPs6JbL3fL834gztKlYp9d+WRG9YrPOjN7h4oPUS/PqtpS8XyzWunlqL5QzcTF6e7ZWVV7KktnOhsAAPDfoBMAAACAhfbkf8MHAAAAFo/+HwAAABZf0f/7+38AAACw2B49rj2c9zMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzGzr2bIBAEAQCd9ZccoliFPZhYgs1YgoXYkYnB1WEmogaOICIinCIs78FwzO0yuxNuMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC1a3aLdXuc77vWOV+6+U43AAAAwFvT26eX6Th/zTIvufbq7V6eSvUjoomI4Yf7NyVilGfcYxARy4zT5NfNAwAAQL3a7WH17zsAAAAAAAAAAAAAAAAAAAAAD8z/AwAAgCqZ/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFd25+UEABiEAWg/C3T/aYugGwhe3oOEHAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD02Zl1atyoN/0LAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+OzOsQ1AABAF0HMWUNnHEGrbmkVjBiKnEjUh7yWXS/5vPgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/7YOEUtbl0fQVZ5nP27zdPevmqcGf1X/9gAA2NmvQxsAgBAIgv+hAfqvFoOgAwQzyfmzCwBcEL03Wv3n4iEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACK3Tm0AgAGgSjW0n3Yf7wKHh6HSQxfIA4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYOSNPu6JzqgEAKBk31weAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAZwcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrADBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwQAIAAAAg6P/rdgQKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATBQAAP//meMVrw==")
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000020580)={@id={0x2, 0x0, @a}, 0x40, 0x0, '\x00', @a})
mkdirat(0xffffffffffffff9c, &(0x7f0000020640)='mnt/encrypted_dir\x00', 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000020680)='mnt/encrypted_dir\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0), 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x2006}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000001000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008180000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r5}, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x4c}}, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f00000206c0)=@v2={0x2, @aes256, 0x0, '\x00', @a})
openat(0xffffffffffffff9c, &(0x7f0000020700)='mnt/encrypted_dir/file\x00', 0x42, 0x180)

3.271540879s ago: executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5f, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000080000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='mm_page_alloc\x00', r1}, 0x10)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb1, 0x7f}, 0x48)

3.255212262s ago: executing program 1:
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
getgid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, 0x0, 0x0, 0x2, 0x0)
ptrace(0x10, 0x1)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000029000))
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r6 = dup(r5)
sendmsg$netlink(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000540)=ANY=[], 0x1b8}, {&(0x7f0000000580)=ANY=[], 0x1f88}], 0x2}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x100002, 0x0)

3.00624013s ago: executing program 4:
syz_btf_id_by_name$bpf_lsm(0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000280)={'wg2\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYRES64=0x0, @ANYRES32, @ANYRES8=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffc2, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x0, 0x1}, 0x48)
geteuid()
getresgid(&(0x7f00000023c0), &(0x7f0000002400), &(0x7f0000002440))
openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000080), 0x4)

2.918654253s ago: executing program 2:
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x2, 0x4, 0x2}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1a, 0x3, 0x0, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x267e}, 0x90)

2.884668628s ago: executing program 2:
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC=0x0, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000008000b704000000000000850000005700000095"], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1e, 0x0, 0x4, 0xff}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x90)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000000)='jbd2_checkpoint_stats\x00', r2}, 0x10)
ioctl$TUNSETOFFLOAD(r1, 0x4004662b, 0x20001412)

2.830719037s ago: executing program 2:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000001880), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000b40), 0x2b842ac, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0xe, &(0x7f0000001d00)=ANY=[@ANYBLOB="b700000012edfffebfa30000000000007603000028feffff7a0af0fff8ffffff61a4f0ff000000005d040000000000007f000000000000002704000001ed0a002500000017ffffffce040000000000007b0300fe000000002d04000000000000c6000000000000009500000000000000023bc065b7a379d17cf9333379fc9e84af69912435f1b6a693002e7f3be361917adef6ee1c8a2b4f8ef1e50b91f32050e436fe275daf51efd601b6482a0800000098efd2a102ee010400006e7a1de4a21f379dbf01de00b1b564fef3bef70548aed0d600c095199fe3ff3128e599b0eaebbdbd7359a48f5b0afc532e2df58de3c1b7646cb7798b3e6440c2fbdb00a3e35208b0bbf12cd8dff095edc710e4000000000000009fbe4b61a615c6c57a2b649dc74a1a610643b08d9ec21ead2ed51b104d4d91af25b8123deda8a3658d42ecbf28bf6d8e8afcb913466aaa7f6df70252e79166d85827513acd02b5a655a314d31a76e42f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f08050e46850600000000000000d5f728d236619074d6ebdf098bc908f50ae728a40f9411fe7226a4040b96e37c4f46010400000000c3da29faf75ddd1aa96960bca97af133824b881cc1f62c0f8f8f0e8d76b86f9c45636614786f5a2cb77230a874640dcbe0b20bb77c022d4cab080078fce8c5c81b7037181fc2f18f781aaa6e2957d7e39cc1baddcb7ec6667e699f24e41697ee7ea23e4b29a8b6cc9a1f5a7b3caae05f13792292cb949b3aab06b1e042ff2164d80c605532b18ab1c156b97e5889685a96949e4cb40df77b8bb84b0e733a63784ccc214d930cbb7e090df9a2867b3acec439c163fcd7071b53ac29df826f8ae6d6e18c52a2fc1eacf5bf870768d5217e9bb5a05d9e22ce67f1231bd236ed200073826593c4e1a0f50a74bb482e486727d970acc546087acbf30f2f8165b47ba56dfadd14b306e98931485747292c6fe6e188750cf4f87cce2aa7d67c6133a9f05954cde298a35ea6d715ba80aee63300000000000000000000000000000000000040000000000000000386000000b854adb4f8080064e8407c6bdb37114c80fbaa4a0ec5aaf4b0ac6f2128668279eb6fc1caa80e64461c9a1be8fa0061ea9d55ee4716bea8e1cebf9ed39325ab4c5530dd6ee9fffc00000000000000d7c5af73c683625aaad5eda5004a76c9f8975ed4c5e4eb3e77e9885f69754932609f19e2f615a01cb6d17fbf5cb539403cb0572534f054d5514ad8264f7b029b2bdf2ca4958a62a6e744f9a4c1e646e1dd2ca19583f0f8b0dc53debd7d44f334e6ed7445a9580f970e483b307c4b3c018bc194b23d37e6a2e52d8288e5aab6fec586d52386e8c07a88c88e8faec5f1b16b2014f6952ce7d6be12c6bdb9651ca6fc907061be311d1354e6295698594a73136237bee068d3819400e43544830a3f74b7942f22336953978a5b2032da4238cc61162c04c1297395b73e18c9387615a2bc87d9e2445f3d323d3fac347926a4bac694c55fe9d145906d410f58f1951405d10504efe402cae085afef5dbd617e87ddbd239e4a50d7eb8e327fb5db12cbd6a9efe8e671c4f251cabdfe3400a670d14b9b3cd8d86e492997a0168c022ef3536bd1dc731f4f9f8cb6c3857fb8aaaa95024f8da775f72950212b84fc6133ae14d1429cd4905dabb52e43af7e65acf97b4951fa1e967d16a5ed642efc855a4a46b85cd079934ad3188276efae9387eaa232697526e24b5d4fded86c3811ccd00520150b16000080122965558074956da5e4c3bbefcb64aa8be4456ed2caf0f467b6bbf3aa4371f5e76ab3f60afea80bb066aafb7517f787b090f419a20278a3c779e03afd9a6af6fd518e5dce030f88ec5a5cb7601a161da0f8089322d84ac523040d13e1f1300c2c6555bce60d95dd3288e53435713f03add23f14c8db5555c62de4f6260a483632a2ab447f88dd6efec73a0271a19ca3aa860aa4dcaeebe3d53040b853a7c02a5fcc08b3a572969bbe91c921ac1476027772c87d172ab29967e38ba49e3e57fafea83e495a6a1d1a4ebf83434986091dd66ffe3ffed0c39552a312e2db596d9c827e02f6fc13c8ddbb50bfd7dd8aa2f35f259fc83e007fe79d2d25e30830b92fca00a292dd3b856faa4b7e66e1b64505f65900839df71a97d4d07d37f7ecf8ed9a22da26ae674bba16c204f6b2f8f74fc56b7126d7c11ece6e88ec41192aaee75415c58d264a2b6adae02c821b62428902aad499825ab85a348638384cd12e61dbde5c47056f0a20b4e2a2328d5db5cfe56557a129e6be231acf5f57995c60d9fca5f63a0dfd18054717120bda466d04774b53208ad8b022719ca77a4e0a66b4708f791d849a5e2aaa0074a9560ede2600df5a5c41392fe9460080fcb1e65233fb8dbeec4c86dbcf6a0673e38d2d3615e5bfbde44afe0fa7564231fff7e7f1f3ad68492dd2ccb1decb15b5d7d3e37e8b7d28921c4b9280979521173f522df408d9818b6cc400098abb869921911480a876fbba698801937e8b4264eb000400000000000088d22230592a79000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002f316aa0886c174b73decb46c1c85edf50d8fcbac5ff76b365611666da86a8e65b308706bd7c000000000000003f7cd4d5cb9076b81b7741ec03877afb520400000000000000c3ae49f88c462ea2050acf2d9a97d3be29a5614d1eba2c98cf0236401e02d7c445e50f76419ab4f78f67a09e63dd4faa2e7b59399fa5ee0b41e14a6fe6894e901a523fcbadfeff535f2514bc834e876810d9a6a78e70a9e22860c36a724770b4185de44db6bf21fef32a8d5b36d9014fa841061e63d40f4e536314beda5738fee012365f963b2a85e7d8075c333475b9f0284405e30700000041285fbe0bdd37220e31d4731614a50c16c6a41744c3d24eab511317f97b7b4a1c2ec33fedc46e9bf0fa640eebd3d58f0ebdb7cb8ccffd6d6ab7e0e843591d2618e2d2cdc7081c8fafffe8c350a5c554a387de4ee7aac6478d99de7dd82bef044a6d33c789d566c90c46ad581aa22f910547a77d55e26bf19f1d4661550b177ef53933a305e69b8a95119dcf5bda599d625054776151b2cd1fcde238bdc527594a6c17aa9728af24e2bb7a3830e7092b01b119ea4e7e7f0e21527d622cc29c9f0c8720195368f8374337ab4d130619d93c5ef37e7ddd0b2da147e6e513455b88753452de959a6cbfa1ffbc7ad5d8c3b48017fd31dcf72f337b639253f44cb27a12174bc4c191e21015d0c431a71906eb9c6a14c8a060459ef26787ce3d1cbfd5cc459f0048b5d06f6cbd3e9b34c89f3fb2f951ae81d7fcc8bc0000000000000000000000000000000000000000009231feef3117197c7963c2ba910969f776c8b2ea3970f358107945d9e74e9bdfa58e68b65a9201bc4b73b431df5aa29f363917f90e3fa1eaf553db1c761dd9b634a9c4d7c21da4fe6d953ed9438cad0f8dfe03e5e2f73019352f1fb682a5a6ebbf24ebc49e3d7058e696eb3f4b642f36c9006c0067e24a64aa8c53dd824a4ee271e35ed90000800847683c08bfda74a143c855030ae004ac797c575c202d8091eb77565212548ead770d68ad9fa2b2528798df1c36fc438d9c98f168490b41e158bb2e2d8ed19d44b9cce67c79f9f7bfae7ebe09e441745c592ce69c522b5136be09ed1b97ea3d5b317508df23e92c56fc2eb74d27d3861d91745b8fb9f6cc20e9f8b174000c62c4a2b212332a073fc5d0be7347e41454cb27e081c43e92ae7f9f046600db85d945a4666b588629ce0809d5c8506308688db21ec04d365497bf90060000000000000020726298dec1ae960e3d26cdaaa527ab9e2c41d177fdbaf462c2e45f6c261df0fa4934f81278477e00fd2eba63cf8dcbdec85fc3c6f146c53b701e446c218f02ca678b3e0bc4b5253ae32bace19fb0a10e3ff4bf0b870f399842f6966da779be2a481cac5f4f9cfa338df7640267c8c4dce6f6c41777f2606ae31230430052967bc0e3f69351c9f69363abf5bd30b875732a43413d9927435723577bdf74eb6f467dff089c14a4cae6ca551577a289d822aad77ec4701f57049e1222b692f7d8e299591925065907a6e16e962f7a886aa555b4674fdd575efcd14c8cc6edc971053695debde1bd37eb4cda"], &(0x7f00000001c0)='GPL\x00'}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x3}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180100000000200000000000000000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000140)='./file0\x00', 0x800000, &(0x7f0000000440)={[{@shortname_lower}, {@shortname_winnt}, {@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'macinuit'}}, {@shortname_mixed}, {@fat=@codepage={'codepage', 0x3d, '1255'}}, {@fat=@nocase}, {@fat=@fmask={'fmask', 0x3d, 0x1}}, {@rodir}, {@shortname_winnt}, {@iocharset={'iocharset', 0x3d, 'maciceland'}}], [{@uid_eq}, {@uid_eq}]}, 0x1, 0x29f, &(0x7f0000000180)="$eJzs3U1rK1UcB+B/bnNvkguSLITLFaEjLnQV2oq4TZEKYkBRstCVxaYoTS20UNBF213xO+g3EF0KrgQX4lZwLYJUwY111UVlJE5aZ5oXW20a6X2eTU/POb+cc+YMM3TRk7ef3NxY29pZPz4+imq1FOVWtEonpWjEnZiLzEEAALfJSZrGb2lm1nMBAG6G9z8APHomvf9LB+d1r938zACAaflPf//fmcqUAIApe+PNt15ZbrdXXk+SasTm4W5nt5P9zNqX1+O96EU3FqIepxHpuYj9NE1ferm9spD0/dyI6ub+IL+/25kr5hejHo18/st6/7d+fjHJRCefvxv3B/kf7kc3lqIejxfHTwfjL43M34tnn86N34x6fPdObEUv1qKfzfKViNhbTJIXX21fyFf+6jfs+5vcHgAAAAAAAAAAAAAAAAAAAAAAbqlmcq5RPP8mO7+n2RzXnuXz5wPVTkefz7Mw8nyecjxRnu3aAQAAAAAAAAAAAAAAAAAA4P9i54MPN1Z7ve72pML733729VElC/xj58mF0mDcq6UOCzUvPFOcRu1yq7hQeOypnz4e1VSJylWvz78r3I2IfE0yGPKr+SkOel2Fb47effjczoPnx/WJcr7mo/5SC32yHXw4qPn0rKl8uQt+b/T988fg6IkRTb/WI8Z+YHXUDVkb7pzWsx0qxj8/K7R+H/rks1upu10bGr06/W2az9U8+KS1+sXej79cNj7hoZHOXftzCAAAAAAAAAAAAAAAAAAAyP9/+6xnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACz8/f3/1+1UIlCTXVs54NZrxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP4MAAD//wuTkgI=")
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='rdma.current\x00', 0x275a, 0x0)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f00000003c0)='./file1\x00', 0x20421, &(0x7f0000001a40)=ANY=[@ANYBLOB="696f636861727365743d61736369692c646973636172642c646d61736b3d30303030303030303030303030303030303030303030b72c7569643d", @ANYRESDEC, @ANYRESHEX, @ANYRES64, @ANYRESHEX, @ANYRESOCT, @ANYBLOB="c7f66d5a3cf83fe1ebe9"], 0x81, 0x1501, &(0x7f0000000500)="$eJzs3Au0jtX2MPA511oPm6Q3yX3NNR/e5LIISS4JuSRJkiS5JSRJjiQkt9ySkITck9xDcoud3O+33JPkSJIkJCRZ39DpfM75Ov/Tv++c/+cbZ8/fGGvsNffzzvnOZ8899vs87x57f9NxSNX61SrVZWb4l+BfPvQAgBQA6A8A1wFABAAls5TMcvl4Bo09/rUnEf9eD02/2h2Iq0nmn7bJ/NM2mX/aJvNP22T+aZvMP22T+adtMn8h0rJtM3JeLyvtLnn/Py2T1///IEeKjP1iQ5EbO/2BFJl/2ibzT9tk/mmbzD9tk/mnbTL//3wV/8kxmX/aJvMXIi272u8/y7q662p//wkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESBvOhysMAPx1f7X7EkIIIYQQQgghxL9PSH+1OxBCCCGEEEIIIcT/PAQFGgxEkA7SQwpkgIxwDWSCayEzXAcJuB6ywA2QFW6EbJAdckBOyAW5IQ9YIHDAEENeyAdJuAnyw81QAApCISgMHopAUbgFikFxKAG3Qkm4DUoBJEpDGSgL5eAOKA93QgWoCJXgLqgMVaAqVIO7oTrcAzXgXqgJ90EtuB9qwwNQBx6EuvAQ1IOHoT48Ag3gUWgIjaAxNIGm/1f5L0BXeBG6QXfoAT2hF7wEvaEP9IV+0B9ehgHwCgyEV2EQDIYh8BoMhddhGLwBw2EEjIQ3YRSMhjEwFsbBeJgAb8FEeBsmwTswGabAVJgG02EGzIR3YRbMhjnwHsyF92EezIcFsBAWwQewGJZAKnwIS+EjWAbLYQWshFWwGtbAWlgH62EDbIRNsBm2wFbYBh/DdtgBO2EX7IY9sBc+gX3wKeyHz+AAfP4H88/9H/mdEBBQoUKDBtNhOkzBFMyIGTETZsLMmBkTmMAsmAWzYlbMhtkwB+bAXJgL82AeJCRkZMyLeTGJScyP+bEAFsBCWAg9eiyKRbEYFscSWAJLYkkshaWwNJbBMlgOy2F5LI8VsAJWwkpYGStjVayKd+PdeA/WwBpYE2tiLayFtbE21sE6WBfrYj2sh/WxPjbABtgQG2JjbIxNsSk2w2bYHJtjS2yJrbAVtsbW2AbbYFtsi+2wHbbH9tgBO2BH7IidsDN2xhfwBXwRX8TuWFn1xF7YC3tjb+yL/bAfvowD8BV8BV/FQTgYh+Br+Bq+jsPwLA7HETgSR2J5NRrH4FhkNR4n4ASciBNxEk7CyTgFp+A0nI4zcCbOxFk4G2fjezgX38f3cT7Ox4W4CBfhYlyCqZiKS/EcLsPluAJX4ipcjatwLa7DtbgBN+IG3IybcStuxY/xY9yBO3AX7sI9uAc/wU/wU/wUB+EBPIAH8SAewkN4GA/jETyCR/EoHsNjeByP4wk8gSfxFJ7GU3gGz+BZPIfn8TxewAt4EZ/L9VW9PQXXDwJ1mVFGpVPpVIpKURlVRpVJZVKZVWaVUAmVRWVRWVVWlU1lUzlUDpVL5VJ5VB5FihSrWOVVeVVSJVV+lV8VUAVUIVVIeeVVUVVUFVPFVAlVQpVUt6lS6nZVWpVRLXw5VU6VVy19BVVRVVKVVGVVRVVV1VQ1VV1VVzVUDVVT1VS1VC1VWz2g6qie2BcfUpcnU18NxgZqCDZUjVRj1US9jo+pZmoYNlctVEv1hBqBw7G1aubbqKdVWzUG26k/qbH4rOqgxmNH9bzqpDqrLuoF1VU1991UdzUZe6peahr2Vn1UX9VPzcIq6vLEqqpX1SA1WA1Rr6mF+Loapt5Qw9UINVK9qUap0WqMGqvGqfFqgnpLTVRvq0nqHTVZTVFT1TQ1Xc1QM9W7apaareao99Rc9b6ap+arBWqhWqQ+UIvVEpWqPlRL1UdqmVquVqiVapVardaotWqdWq82qI1qk9qstqitapv6WG1XO9ROtUvtVnvUXvWJ2qc+VfvVZ+qA+lwdVH9Wh9QX6rD6Uh1RX6mj6mt1TH2jjqtv1Qn1nTqpTqnT6nt1Rv2gzqpz6rz6UV1QP6mL6md1SQUFGrXSWhsd6XQ6vU7RGXRGfY3OpK/VmfV1OqGv11n0DTqrvlFn09l1Dp1T59K5dR5tNWmnWcc6r86nk/omnV/frAvogrqQLqy9LqKL6lt0MV1cl9C36pL6Nl1K365L6zK6rC6n79Dl9Z26gq6oK+m7dGVdRVfV1fTdurq+R9fQ9+qa+j5dS9+va+sHdB39oK6rH9L19MO6vn5EN9CP6oa6kW6sm+im+jHdTD+um+sWuqV+QrfST+rW+indRj+t2+pndDud7tfXued0R/287qQ76y76Z31JB91Nd9c9dE/dS7+ke+s+uq/up/vrl/UA/YoeqF/Vg/RgPUS/pofq1/Uw/YYerkfokfpNPUqP1mP0WD1Oj9cT9Ft6on5bT9Lv6Ml6ip6qp+npeobu+2ulOf+N/Lf/Qf7AX559q96mP9bb9Q69U+/Su9OD3qv36n16n96v9+sD+oA+qEP3v5zfYX1EH9FH9VF9TB/Tx/VxfUKf0Cf1Kf2j/l6f0T/os/qcPqd/1Bf0BX3x168BGDTKaGNMZNKZ9CbFZDAZzTUmk7nWZDbXmYS53mQxN5is5kaTzWQ3OUxOk8vkNnmMNWScYRObvCafSZqbTH5zsylgCppCprDxpogpam75l/N/r7+mpqlpZpqZ5qa5aWlamlamlWltWps2po1pa9qadqadaW/amw6mg+loOppOppPpYrqYrqar6Wa6mR6mh+llXjK9TR/T1/Qz/c3LZoAZYAaagWaQGWSGmCFmqBlqhplhZrgZbkaakWaUGWXGmDFmnBlnJpgJZqKZaCaZSWaymWymmqlmupluZpqZZpaZZeaYOWaumWvmmXlmgVlgFplFZrFZbFJNqllqlpplZrlZblaalWa1WW3WmrVmvVlvNpqNZrPZbJaZbWab2W62m51mp9ltdpu9Zq/ZZ/aZ/Wa/OWAOmIPmoDlkDpnD5rA5Yo6Yo+aoOWaOmePmuDlhTpiT5qQ5bU6bM+aMOWvOmvPmvLlgLpiL5qK5ZC5dvuyLVKQiE5koXZQuSolSooxRxihTlCnKHGWOElEiyhJlibJGN0bZouxRjihnlCvKHeWJbESRiziKo7xRvigZ3RTlj26OCkQFo0JR4chHRaKi0S1Rsah4FAFAyei2qFR0e1Q6KhOVjcpFd0TlozujClHFqFJ0V1Q5qhJVjapFd0fVo3uiv16Z1oruj2pHD0R1ogejutFDUb3o4ah+9EjUIHo0ahg1ihpHTaKmUfGoRHRr9Efq14jujWpG90W/rR/C2eyP+262u+1he9pe9iXb2/axfW0/29++bAfYV+xA+6odZAfbIfY1O9S+bofZN+xwO8KOtG/aUXa0HWPH2nF2vJ1g37IT7dt2kn3HTrZT7FQ7zU63M+xM+66dZWfbOfY9O9e+b+fZ+XaBXWgX2Q/sYrvEptoP7VL7kV1ml9sVdqVdZVfbNXatXWfX2w12o91kN9stdqvdZj+22+0Ou9PusrvtHrvXfmL32U/tfvuZPWA/twftn+0h+4U9bL+0R+xX9qj92h6z39jj9lt7wn5nT9pT9rT93p6xP9iz9pw9b3+0F+xP9qL92V6y4fLF/eWXdzJkKB2loxRKoYyUkTJRJspMmSlBCcpCWSgrZaVslI1yUA7KRbkoD+Why5iY8lJeSlKS8lN+KkAFqBAVIk+eilJRKkbFqASVoJJUkkpRKSpNpakslaU76A66k+6kilSR7qK7qApVoWpUjapTdapBNagm1aRaVItqU22qQ3WoLtWlelSP6lN9akANqCE1pMbUmJpSU2pGzag5NaeW1JJaUStqTa2pDbWhttSW2lE7ak/tqQN1oI7UkTpRJ+pCXagrdaVu1I16UA/qRb2oN/WmvtSX+lN/GkADaCANpEE0iIbQEBpKQ2kYDaPhNIJG0ps0ikbTGBpL42g8TaAJNJEm0iSaRJNpMk2lqTSdptNMmkmzaBbNoTk0l+bSPJpHC2gBLaJFtJgWUyql0lJaSstoGa2gFbSKVtEaWkPraB1toA20iTbRFtpC22gbbafttJN20m7aTXtpL+2jfbSf9tMBOkAH6SAdokN0mA7TETpCR+koHaNjdJyO0wk6QSfpJJ2m03SGztBZOkvn6TxdoJ/oIv1MlyhQilOQ0V3jMrlrXWZ3nUtxGdzfxjlcTpfL5XZ5nHXZXPa/i8k5V8AVdIVcYeddEVfU3fKbuLQr48q6cu4OV97d6Sr8Jq7u7nE13L2uprvPVXN3/11cy93vartHXB33qKvrGrl6romr7x5xDdyjrqFr5Bq7Jq6Ve9K1dk+5Nu5p19Y985t4sVvi1rn1boPb6Pa5T91596M75r5xIf1Prpvr7vq7l90A94ob6F51g9zg38Qj3ZtulBvtxrixbpwb/5t4qpvmprsZbqZ7181ys38TL3IfuLku1c1z890Ct/CX+HJPqe5Dt9R95Ja55W6FW+lWudVujVv7v3td6Ta7LW6r2+s+cdvdDrfT7XK73Z5f4svnsd995g64z91R97U75L5wh91xd8R99Ut8+fyOu2/dCfedO+lOudPue3fG/eDOunO/nP8F95P73v3sLrnggJEVazYccTpOzymcgTPyNZyJr+XMfB0n+HrOwjdwVr6Rs3F2zsE5ORfn5jxsmdgxc8x5OR8n+SbOzzdzAS7Ihbgwey7CRfkWLsbFuQTfyiX5Ni7Ft3NpLsNluRzfweX5Tq7AFbkS38WVuQpX5Wp8N1fne7gG38s1+T6uxfdzbX6A6/CDXJcf4nr8MNfnR7gBP8oNuRE35ibclB/jZvw4N+cW3JKf4Fb8JLfmp7gNP81t+Rlux3/i9vwsd+DnuCM/z524M3fhF7grv8jduDv34J7ci1/i3tyH+3I/7s8v8wB+hQfyqzyIB/MQfo2H8us8jN/g4TyCR/KbPIpH8xgey+N4PE/gt3giv82T+B2ezFN4Kk/j6TyDZ/K7PItn8xx+j+fy+zyP5/MCXsiL+ANezEs4lT/kpfwRL+PlvIJX8ipezWt4La/j9byBN/Im3sxbeCtv4495O+/gnbyLd/Me3suf8D7+lPfzZ3yAP+eD/Gc+xF/wYf6Sj/BXfJS/5mP8DR/nb/kEf8cn+RSf5u/5DP/AZ/kcn+cf+QL/xBf5Z77EgSHGWMU6NnEUp4vTxylxhjhjfE2cKb42zhxfFyfi6+Ms8Q1x1vjGOFucPc4R54xzxbnjPLGNKXYxx3GcN84XJ+Ob4vzxzXGBuGBcKC4c+7hIXDS+JS4WF49LxLfGJePb4lLx7XHpuEz8yH3l4jvi8vGdcYW4YlwpviuuHFeJq8bV4rvj6vE9cY343rhmfF9cIr4/rh0/ENeJH4zrxg/F9eKH4/rxI3GD+NG4Ydwobhw3iZvGj8XN4sfj5nGLuGX8RNwqfjJuHT8Vt4mfjtvGz/zu8R5xz7hX/FL8UhzCvXpBcmFyUfKD5OLkkmRq8sPk0uRHyWXJ5ckVyZXJVcnVyTXJtcl1yfXJDcmNyU3Jzcktya3JEKqlB49eee2Nj3w6n96n+Aw+o7/GZ/LX+sz+Op/w1/ss/gaf1d/os/nsPofP6XP53D6Pt5688+xjn9fn80l/k8/vb/YFfEFfyBf23hfxRX0T39Q39c384765b+Fb+if8E/5J/6R/yj/ln/Zt/TO+nf+Tb++f9R38c/45/7zv5Dv7Lv4F39W/6Lv57r6H7+F7+V6+t+/t+/q+vr/v7wf4AX6gH+gH+UF+iB/ih/qhfpgf5of74X6kH+lH+VF+jB/jx/lxfoKf4Cf6iX6Sn+Qn+8l+qp/qp/vpfqaf6Wf5WX6On+PnFpjr5/l5foFf4Bf5RX6xX+xTfapf6pf6ZX6ZX+FX+FV+lV/j1/h1fp3f4Df4TX6T3+K3+G1+m9/ut/udfqff7Xf7vX6v3+f3+f1+vz/gD/iD/qA/5A/5w/5Lf8R/5Y/6r/0x/40/7r/1J/x3/qQ/5U/77/0Z/4M/68/58/5Hf8H/5C/6n/0lH/yExFuJiYm3E5MS7yQmJ6YkpiamJaYnZiRmJt5NzErMTsxJvJeYm3g/MS8xP7EgsTCxKPFBYnFiSSI18WFiaeKjxLLE8sSKxMrEqsTqRAi5t8chb8gXkuGmkD/cHAqEgqFQKBx8KBKKhltCsVA8lAi3hpLhtlAq3B5KhzKhbHg0NAyNQuPQJDQNj4Vm4fHQPLQILcMToVV4MrQOT4U24enQNjwT2oU/hfbh2dAhPBc6hudDp9A5dAkvhK7hxdAtdA89Qs/QK7wUeoc+oW/oF/qHl8OA8EoYGF4Ng8LgMCS8FoaG18Ow8EYYHkaEkeHNMCqMDmPC2DAujA8TwlthYng7TArvhMlhSpgapoXpYUaYGd4Ns8LsMCe8F+aG98O8MD8sCAvDovBBWByWhNTwYVgaPgrLwvKwIqwMq8LqsCasDevC+rAhbAybwuawJWwN28LHYXvYEXaGXWF32BP2hk/CvvBp2B8+CwfC5+Fg+HM4FL4Ih8OX4Uj4KhwNX4dj4ZtwPHwbToTvwslwKpwO34cz4YdwNpwL58OP4UL4KVwMP4dL8jdrQgghhBD/LVuy/fPjPf/B59Sv67JeAHDtjpxH/va4BoBNv9bto3K1SgDA0907PvTXVblyjx49fn3sMg1RvvkAkLiS/8tvbH6Nl0NLeBLaQAso9g/766M6X+DfqZ+8DSDj3+SkwJX4Sv3i/0X9x54YubhUfD7LP6k/H6BAvis5GeBKfKV+if+ifvZmv9N/hi8mADT/m5xMcCW+Ur8oPA7PQJu/e6QQQgghhBBCCPEXfVTZ9r93/3z5/jyXuZKTHq7Ev3d/LoQQQgghhBBCiKvv2c5dnnqsTZsW7WUjG9n8T21Cd4D/D9r4I5ur/ZNJCCGEEEII8e925aL/ancihBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEKkXf8v/p3Y1T5HIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQ4mr7XwEAAP//RQ42MA==")
write$binfmt_script(r5, &(0x7f00000008c0), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r5, 0x0)
creat(&(0x7f00000002c0)='./bus\x00', 0x0)
unlink(0x0)

1.913693387s ago: executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x0, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="1809000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r4}, &(0x7f0000000540), &(0x7f0000000580)=r5}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r4, &(0x7f0000000780)}, 0x20)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000200)={0x1f, 0x0, @none, 0x0, 0x2}, 0xe)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180), 0x48)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000003880)=ANY=[@ANYBLOB='huge=always'])
chdir(&(0x7f0000000140)='./file0\x00')
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x801008, &(0x7f0000000500)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

1.709347758s ago: executing program 2:
mknodat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='./file2\x00', 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
setgid(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x0, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1000, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r3, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
ioctl$sock_inet_tcp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f00000012c0))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x0, 0x0)
capset(0x0, &(0x7f0000000040)={0x200000})

1.605695595s ago: executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000001880), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000b40), 0x2b842ac, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001d00)=ANY=[@ANYBLOB="b700000012edfffebfa30000000000007603000028feffff7a0af0fff8ffffff61a4f0ff000000005d040000000000007f000000000000002704000001ed0a002500000017ffffffce040000000000007b0300fe000000002d04000000000000c6000000000000009500000000000000023bc065b7a379d17cf9333379fc9e84af69912435f1b6a693002e7f3be361917adef6ee1c8a2b4f8ef1e50b91f32050e436fe275daf51efd601b6482a0800000098efd2a102ee010400006e7a1de4a21f379dbf01de00b1b564fef3bef70548aed0d600c095199fe3ff3128e599b0eaebbdbd7359a48f5b0afc532e2df58de3c1b7646cb7798b3e6440c2fbdb00a3e35208b0bbf12cd8dff095edc710e4000000000000009fbe4b61a615c6c57a2b649dc74a1a610643b08d9ec21ead2ed51b104d4d91af25b8123deda8a3658d42ecbf28bf6d8e8afcb913466aaa7f6df70252e79166d85827513acd02b5a655a314d31a76e42f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f08050e46850600000000000000d5f728d236619074d6ebdf098bc908f50ae728a40f9411fe7226a4040b96e37c4f46010400000000c3da29faf75ddd1aa96960bca97af133824b881cc1f62c0f8f8f0e8d76b86f9c45636614786f5a2cb77230a874640dcbe0b20bb77c022d4cab080078fce8c5c81b7037181fc2f18f781aaa6e2957d7e39cc1baddcb7ec6667e699f24e41697ee7ea23e4b29a8b6cc9a1f5a7b3caae05f13792292cb949b3aab06b1e042ff2164d80c605532b18ab1c156b97e5889685a96949e4cb40df77b8bb84b0e733a63784ccc214d930cbb7e090df9a2867b3acec439c163fcd7071b53ac29df826f8ae6d6e18c52a2fc1eacf5bf870768d5217e9bb5a05d9e22ce67f1231bd236ed200073826593c4e1a0f50a74bb482e486727d970acc546087acbf30f2f8165b47ba56dfadd14b306e98931485747292c6fe6e188750cf4f87cce2aa7d67c6133a9f05954cde298a35ea6d715ba80aee63300000000000000000000000000000000000040000000000000000386000000b854adb4f8080064e8407c6bdb37114c80fbaa4a0ec5aaf4b0ac6f2128668279eb6fc1caa80e64461c9a1be8fa0061ea9d55ee4716bea8e1cebf9ed39325ab4c5530dd6ee9fffc00000000000000d7c5af73c683625aaad5eda5004a76c9f8975ed4c5e4eb3e77e9885f69754932609f19e2f615a01cb6d17fbf5cb539403cb0572534f054d5514ad8264f7b029b2bdf2ca4958a62a6e744f9a4c1e646e1dd2ca19583f0f8b0dc53debd7d44f334e6ed7445a9580f970e483b307c4b3c018bc194b23d37e6a2e52d8288e5aab6fec586d52386e8c07a88c88e8faec5f1b16b2014f6952ce7d6be12c6bdb9651ca6fc907061be311d1354e6295698594a73136237bee068d3819400e43544830a3f74b7942f22336953978a5b2032da4238cc61162c04c1297395b73e18c9387615a2bc87d9e2445f3d323d3fac347926a4bac694c55fe9d145906d410f58f1951405d10504efe402cae085afef5dbd617e87ddbd239e4a50d7eb8e327fb5db12cbd6a9efe8e671c4f251cabdfe3400a670d14b9b3cd8d86e492997a0168c022ef3536bd1dc731f4f9f8cb6c3857fb8aaaa95024f8da775f72950212b84fc6133ae14d1429cd4905dabb52e43af7e65acf97b4951fa1e967d16a5ed642efc855a4a46b85cd079934ad3188276efae9387eaa232697526e24b5d4fded86c3811ccd00520150b16000080122965558074956da5e4c3bbefcb64aa8be4456ed2caf0f467b6bbf3aa4371f5e76ab3f60afea80bb066aafb7517f787b090f419a20278a3c779e03afd9a6af6fd518e5dce030f88ec5a5cb7601a161da0f8089322d84ac523040d13e1f1300c2c6555bce60d95dd3288e53435713f03add23f14c8db5555c62de4f6260a483632a2ab447f88dd6efec73a0271a19ca3aa860aa4dcaeebe3d53040b853a7c02a5fcc08b3a572969bbe91c921ac1476027772c87d172ab29967e38ba49e3e57fafea83e495a6a1d1a4ebf83434986091dd66ffe3ffed0c39552a312e2db596d9c827e02f6fc13c8ddbb50bfd7dd8aa2f35f259fc83e007fe79d2d25e30830b92fca00a292dd3b856faa4b7e66e1b64505f65900839df71a97d4d07d37f7ecf8ed9a22da26ae674bba16c204f6b2f8f74fc56b7126d7c11ece6e88ec41192aaee75415c58d264a2b6adae02c821b62428902aad499825ab85a348638384cd12e61dbde5c47056f0a20b4e2a2328d5db5cfe56557a129e6be231acf5f57995c60d9fca5f63a0dfd18054717120bda466d04774b53208ad8b022719ca77a4e0a66b4708f791d849a5e2aaa0074a9560ede2600df5a5c41392fe9460080fcb1e65233fb8dbeec4c86dbcf6a0673e38d2d3615e5bfbde44afe0fa7564231fff7e7f1f3ad68492dd2ccb1decb15b5d7d3e37e8b7d28921c4b9280979521173f522df408d9818b6cc400098abb869921911480a876fbba698801937e8b4264eb000400000000000088d22230592a79000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002f316aa0886c174b73decb46c1c85edf50d8fcbac5ff76b365611666da86a8e65b308706bd7c000000000000003f7cd4d5cb9076b81b7741ec03877afb520400000000000000c3ae49f88c462ea2050acf2d9a97d3be29a5614d1eba2c98cf0236401e02d7c445e50f76419ab4f78f67a09e63dd4faa2e7b59399fa5ee0b41e14a6fe6894e901a523fcbadfeff535f2514bc834e876810d9a6a78e70a9e22860c36a724770b4185de44db6bf21fef32a8d5b36d9014fa841061e63d40f4e536314beda5738fee012365f963b2a85e7d8075c333475b9f0284405e30700000041285fbe0bdd37220e31d4731614a50c16c6a41744c3d24eab511317f97b7b4a1c2ec33fedc46e9bf0fa640eebd3d58f0ebdb7cb8ccffd6d6ab7e0e843591d2618e2d2cdc7081c8fafffe8c350a5c554a387de4ee7aac6478d99de7dd82bef044a6d33c789d566c90c46ad581aa22f910547a77d55e26bf19f1d4661550b177ef53933a305e69b8a95119dcf5bda599d625054776151b2cd1fcde238bdc527594a6c17aa9728af24e2bb7a3830e7092b01b119ea4e7e7f0e21527d622cc29c9f0c8720195368f8374337ab4d130619d93c5ef37e7ddd0b2da147e6e513455b88753452de959a6cbfa1ffbc7ad5d8c3b48017fd31dcf72f337b639253f44cb27a12174bc4c191e21015d0c431a71906eb9c6a14c8a060459ef26787ce3d1cbfd5cc459f0048b5d06f6cbd3e9b34c89f3fb2f951ae81d7fcc8bc0000000000000000000000000000000000000000009231feef3117197c7963c2ba910969f776c8b2ea3970f358107945d9e74e9bdfa58e68b65a9201bc4b73b431df5aa29f363917f90e3fa1eaf553db1c761dd9b634a9c4d7c21da4fe6d953ed9438cad0f8dfe03e5e2f73019352f1fb682a5a6ebbf24ebc49e3d7058e696eb3f4b642f36c9006c0067e24a64aa8c53dd824a4ee271e35ed90000800847683c08bfda74a143c855030ae004ac797c575c202d8091eb77565212548ead770d68ad9fa2b2528798df1c36fc438d9c98f168490b41e158bb2e2d8ed19d44b9cce67c79f9f7bfae7ebe09e441745c592ce69c522b5136be09ed1b97ea3d5b317508df23e92c56fc2eb74d27d3861d91745b8fb9f6cc20e9f8b174000c62c4a2b212332a073fc5d0be7347e41454cb27e081c43e92ae7f9f046600db85d945a4666b588629ce0809d5c8506308688db21ec04d365497bf90060000000000000020726298dec1ae960e3d26cdaaa527ab9e2c41d177fdbaf462c2e45f6c261df0fa4934f81278477e00fd2eba63cf8dcbdec85fc3c6f146c53b701e446c218f02ca678b3e0bc4b5253ae32bace19fb0a10e3ff4bf0b870f399842f6966da779be2a481cac5f4f9cfa338df7640267c8c4dce6f6c41777f2606ae31230430052967bc0e3f69351c9f69363abf5bd30b875732a43413d9927435723577bdf74eb6f467dff089c14a4cae6ca551577a289d822aad77ec4701f57049e1222b692f7d8e299591925065907a6e16e962f7a886aa555b4674fdd575efcd14c8cc6edc971053695debde1bd37eb4cda"], &(0x7f00000001c0)='GPL\x00'}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x3}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='rdma.current\x00', 0x275a, 0x0)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f00000003c0)='./file1\x00', 0x20421, &(0x7f0000001a40)=ANY=[@ANYBLOB="696f636861727365743d61736369692c646973636172642c646d61736b3d30303030303030303030303030303030303030303030b72c7569643d", @ANYRESDEC, @ANYRESHEX, @ANYRES64, @ANYRESHEX, @ANYRESOCT, @ANYBLOB="c7f66d5a3cf83fe1ebe9"], 0x81, 0x1501, &(0x7f0000000500)="$eJzs3Au0jtX2MPA511oPm6Q3yX3NNR/e5LIISS4JuSRJkiS5JSRJjiQkt9ySkITck9xDcoud3O+33JPkSJIkJCRZ39DpfM75Ov/Tv++c/+cbZ8/fGGvsNffzzvnOZ8899vs87x57f9NxSNX61SrVZWb4l+BfPvQAgBQA6A8A1wFABAAls5TMcvl4Bo09/rUnEf9eD02/2h2Iq0nmn7bJ/NM2mX/aJvNP22T+aZvMP22T+adtMn8h0rJtM3JeLyvtLnn/Py2T1///IEeKjP1iQ5EbO/2BFJl/2ibzT9tk/mmbzD9tk/mnbTL//3wV/8kxmX/aJvMXIi272u8/y7q662p//wkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESBvOhysMAPx1f7X7EkIIIYQQQgghxL9PSH+1OxBCCCGEEEIIIcT/PAQFGgxEkA7SQwpkgIxwDWSCayEzXAcJuB6ywA2QFW6EbJAdckBOyAW5IQ9YIHDAEENeyAdJuAnyw81QAApCISgMHopAUbgFikFxKAG3Qkm4DUoBJEpDGSgL5eAOKA93QgWoCJXgLqgMVaAqVIO7oTrcAzXgXqgJ90EtuB9qwwNQBx6EuvAQ1IOHoT48Ag3gUWgIjaAxNIGm/1f5L0BXeBG6QXfoAT2hF7wEvaEP9IV+0B9ehgHwCgyEV2EQDIYh8BoMhddhGLwBw2EEjIQ3YRSMhjEwFsbBeJgAb8FEeBsmwTswGabAVJgG02EGzIR3YRbMhjnwHsyF92EezIcFsBAWwQewGJZAKnwIS+EjWAbLYQWshFWwGtbAWlgH62EDbIRNsBm2wFbYBh/DdtgBO2EX7IY9sBc+gX3wKeyHz+AAfP4H88/9H/mdEBBQoUKDBtNhOkzBFMyIGTETZsLMmBkTmMAsmAWzYlbMhtkwB+bAXJgL82AeJCRkZMyLeTGJScyP+bEAFsBCWAg9eiyKRbEYFscSWAJLYkkshaWwNJbBMlgOy2F5LI8VsAJWwkpYGStjVayKd+PdeA/WwBpYE2tiLayFtbE21sE6WBfrYj2sh/WxPjbABtgQG2JjbIxNsSk2w2bYHJtjS2yJrbAVtsbW2AbbYFtsi+2wHbbH9tgBO2BH7IidsDN2xhfwBXwRX8TuWFn1xF7YC3tjb+yL/bAfvowD8BV8BV/FQTgYh+Br+Bq+jsPwLA7HETgSR2J5NRrH4FhkNR4n4ASciBNxEk7CyTgFp+A0nI4zcCbOxFk4G2fjezgX38f3cT7Ox4W4CBfhYlyCqZiKS/EcLsPluAJX4ipcjatwLa7DtbgBN+IG3IybcStuxY/xY9yBO3AX7sI9uAc/wU/wU/wUB+EBPIAH8SAewkN4GA/jETyCR/EoHsNjeByP4wk8gSfxFJ7GU3gGz+BZPIfn8TxewAt4EZ/L9VW9PQXXDwJ1mVFGpVPpVIpKURlVRpVJZVKZVWaVUAmVRWVRWVVWlU1lUzlUDpVL5VJ5VB5FihSrWOVVeVVSJVV+lV8VUAVUIVVIeeVVUVVUFVPFVAlVQpVUt6lS6nZVWpVRLXw5VU6VVy19BVVRVVKVVGVVRVVV1VQ1VV1VVzVUDVVT1VS1VC1VWz2g6qie2BcfUpcnU18NxgZqCDZUjVRj1US9jo+pZmoYNlctVEv1hBqBw7G1aubbqKdVWzUG26k/qbH4rOqgxmNH9bzqpDqrLuoF1VU1991UdzUZe6peahr2Vn1UX9VPzcIq6vLEqqpX1SA1WA1Rr6mF+Loapt5Qw9UINVK9qUap0WqMGqvGqfFqgnpLTVRvq0nqHTVZTVFT1TQ1Xc1QM9W7apaareao99Rc9b6ap+arBWqhWqQ+UIvVEpWqPlRL1UdqmVquVqiVapVardaotWqdWq82qI1qk9qstqitapv6WG1XO9ROtUvtVnvUXvWJ2qc+VfvVZ+qA+lwdVH9Wh9QX6rD6Uh1RX6mj6mt1TH2jjqtv1Qn1nTqpTqnT6nt1Rv2gzqpz6rz6UV1QP6mL6md1SQUFGrXSWhsd6XQ6vU7RGXRGfY3OpK/VmfV1OqGv11n0DTqrvlFn09l1Dp1T59K5dR5tNWmnWcc6r86nk/omnV/frAvogrqQLqy9LqKL6lt0MV1cl9C36pL6Nl1K365L6zK6rC6n79Dl9Z26gq6oK+m7dGVdRVfV1fTdurq+R9fQ9+qa+j5dS9+va+sHdB39oK6rH9L19MO6vn5EN9CP6oa6kW6sm+im+jHdTD+um+sWuqV+QrfST+rW+indRj+t2+pndDud7tfXued0R/287qQ76y76Z31JB91Nd9c9dE/dS7+ke+s+uq/up/vrl/UA/YoeqF/Vg/RgPUS/pofq1/Uw/YYerkfokfpNPUqP1mP0WD1Oj9cT9Ft6on5bT9Lv6Ml6ip6qp+npeobu+2ulOf+N/Lf/Qf7AX559q96mP9bb9Q69U+/Su9OD3qv36n16n96v9+sD+oA+qEP3v5zfYX1EH9FH9VF9TB/Tx/VxfUKf0Cf1Kf2j/l6f0T/os/qcPqd/1Bf0BX3x168BGDTKaGNMZNKZ9CbFZDAZzTUmk7nWZDbXmYS53mQxN5is5kaTzWQ3OUxOk8vkNnmMNWScYRObvCafSZqbTH5zsylgCppCprDxpogpam75l/N/r7+mpqlpZpqZ5qa5aWlamlamlWltWps2po1pa9qadqadaW/amw6mg+loOppOppPpYrqYrqar6Wa6mR6mh+llXjK9TR/T1/Qz/c3LZoAZYAaagWaQGWSGmCFmqBlqhplhZrgZbkaakWaUGWXGmDFmnBlnJpgJZqKZaCaZSWaymWymmqlmupluZpqZZpaZZeaYOWaumWvmmXlmgVlgFplFZrFZbFJNqllqlpplZrlZblaalWa1WW3WmrVmvVlvNpqNZrPZbJaZbWab2W62m51mp9ltdpu9Zq/ZZ/aZ/Wa/OWAOmIPmoDlkDpnD5rA5Yo6Yo+aoOWaOmePmuDlhTpiT5qQ5bU6bM+aMOWvOmvPmvLlgLpiL5qK5ZC5dvuyLVKQiE5koXZQuSolSooxRxihTlCnKHGWOElEiyhJlibJGN0bZouxRjihnlCvKHeWJbESRiziKo7xRvigZ3RTlj26OCkQFo0JR4chHRaKi0S1Rsah4FAFAyei2qFR0e1Q6KhOVjcpFd0TlozujClHFqFJ0V1Q5qhJVjapFd0fVo3uiv16Z1oruj2pHD0R1ogejutFDUb3o4ah+9EjUIHo0ahg1ihpHTaKmUfGoRHRr9Efq14jujWpG90W/rR/C2eyP+262u+1he9pe9iXb2/axfW0/29++bAfYV+xA+6odZAfbIfY1O9S+bofZN+xwO8KOtG/aUXa0HWPH2nF2vJ1g37IT7dt2kn3HTrZT7FQ7zU63M+xM+66dZWfbOfY9O9e+b+fZ+XaBXWgX2Q/sYrvEptoP7VL7kV1ml9sVdqVdZVfbNXatXWfX2w12o91kN9stdqvdZj+22+0Ou9PusrvtHrvXfmL32U/tfvuZPWA/twftn+0h+4U9bL+0R+xX9qj92h6z39jj9lt7wn5nT9pT9rT93p6xP9iz9pw9b3+0F+xP9qL92V6y4fLF/eWXdzJkKB2loxRKoYyUkTJRJspMmSlBCcpCWSgrZaVslI1yUA7KRbkoD+Why5iY8lJeSlKS8lN+KkAFqBAVIk+eilJRKkbFqASVoJJUkkpRKSpNpakslaU76A66k+6kilSR7qK7qApVoWpUjapTdapBNagm1aRaVItqU22qQ3WoLtWlelSP6lN9akANqCE1pMbUmJpSU2pGzag5NaeW1JJaUStqTa2pDbWhttSW2lE7ak/tqQN1oI7UkTpRJ+pCXagrdaVu1I16UA/qRb2oN/WmvtSX+lN/GkADaCANpEE0iIbQEBpKQ2kYDaPhNIJG0ps0ikbTGBpL42g8TaAJNJEm0iSaRJNpMk2lqTSdptNMmkmzaBbNoTk0l+bSPJpHC2gBLaJFtJgWUyql0lJaSstoGa2gFbSKVtEaWkPraB1toA20iTbRFtpC22gbbafttJN20m7aTXtpL+2jfbSf9tMBOkAH6SAdokN0mA7TETpCR+koHaNjdJyO0wk6QSfpJJ2m03SGztBZOkvn6TxdoJ/oIv1MlyhQilOQ0V3jMrlrXWZ3nUtxGdzfxjlcTpfL5XZ5nHXZXPa/i8k5V8AVdIVcYeddEVfU3fKbuLQr48q6cu4OV97d6Sr8Jq7u7nE13L2uprvPVXN3/11cy93vartHXB33qKvrGrl6romr7x5xDdyjrqFr5Bq7Jq6Ve9K1dk+5Nu5p19Y985t4sVvi1rn1boPb6Pa5T91596M75r5xIf1Prpvr7vq7l90A94ob6F51g9zg38Qj3ZtulBvtxrixbpwb/5t4qpvmprsZbqZ7181ys38TL3IfuLku1c1z890Ct/CX+HJPqe5Dt9R95Ja55W6FW+lWudVujVv7v3td6Ta7LW6r2+s+cdvdDrfT7XK73Z5f4svnsd995g64z91R97U75L5wh91xd8R99Ut8+fyOu2/dCfedO+lOudPue3fG/eDOunO/nP8F95P73v3sLrnggJEVazYccTpOzymcgTPyNZyJr+XMfB0n+HrOwjdwVr6Rs3F2zsE5ORfn5jxsmdgxc8x5OR8n+SbOzzdzAS7Ihbgwey7CRfkWLsbFuQTfyiX5Ni7Ft3NpLsNluRzfweX5Tq7AFbkS38WVuQpX5Wp8N1fne7gG38s1+T6uxfdzbX6A6/CDXJcf4nr8MNfnR7gBP8oNuRE35ibclB/jZvw4N+cW3JKf4Fb8JLfmp7gNP81t+Rlux3/i9vwsd+DnuCM/z524M3fhF7grv8jduDv34J7ci1/i3tyH+3I/7s8v8wB+hQfyqzyIB/MQfo2H8us8jN/g4TyCR/KbPIpH8xgey+N4PE/gt3giv82T+B2ezFN4Kk/j6TyDZ/K7PItn8xx+j+fy+zyP5/MCXsiL+ANezEs4lT/kpfwRL+PlvIJX8ipezWt4La/j9byBN/Im3sxbeCtv4495O+/gnbyLd/Me3suf8D7+lPfzZ3yAP+eD/Gc+xF/wYf6Sj/BXfJS/5mP8DR/nb/kEf8cn+RSf5u/5DP/AZ/kcn+cf+QL/xBf5Z77EgSHGWMU6NnEUp4vTxylxhjhjfE2cKb42zhxfFyfi6+Ms8Q1x1vjGOFucPc4R54xzxbnjPLGNKXYxx3GcN84XJ+Ob4vzxzXGBuGBcKC4c+7hIXDS+JS4WF49LxLfGJePb4lLx7XHpuEz8yH3l4jvi8vGdcYW4YlwpviuuHFeJq8bV4rvj6vE9cY343rhmfF9cIr4/rh0/ENeJH4zrxg/F9eKH4/rxI3GD+NG4Ydwobhw3iZvGj8XN4sfj5nGLuGX8RNwqfjJuHT8Vt4mfjtvGz/zu8R5xz7hX/FL8UhzCvXpBcmFyUfKD5OLkkmRq8sPk0uRHyWXJ5ckVyZXJVcnVyTXJtcl1yfXJDcmNyU3Jzcktya3JEKqlB49eee2Nj3w6n96n+Aw+o7/GZ/LX+sz+Op/w1/ss/gaf1d/os/nsPofP6XP53D6Pt5688+xjn9fn80l/k8/vb/YFfEFfyBf23hfxRX0T39Q39c384765b+Fb+if8E/5J/6R/yj/ln/Zt/TO+nf+Tb++f9R38c/45/7zv5Dv7Lv4F39W/6Lv57r6H7+F7+V6+t+/t+/q+vr/v7wf4AX6gH+gH+UF+iB/ih/qhfpgf5of74X6kH+lH+VF+jB/jx/lxfoKf4Cf6iX6Sn+Qn+8l+qp/qp/vpfqaf6Wf5WX6On+PnFpjr5/l5foFf4Bf5RX6xX+xTfapf6pf6ZX6ZX+FX+FV+lV/j1/h1fp3f4Df4TX6T3+K3+G1+m9/ut/udfqff7Xf7vX6v3+f3+f1+vz/gD/iD/qA/5A/5w/5Lf8R/5Y/6r/0x/40/7r/1J/x3/qQ/5U/77/0Z/4M/68/58/5Hf8H/5C/6n/0lH/yExFuJiYm3E5MS7yQmJ6YkpiamJaYnZiRmJt5NzErMTsxJvJeYm3g/MS8xP7EgsTCxKPFBYnFiSSI18WFiaeKjxLLE8sSKxMrEqsTqRAi5t8chb8gXkuGmkD/cHAqEgqFQKBx8KBKKhltCsVA8lAi3hpLhtlAq3B5KhzKhbHg0NAyNQuPQJDQNj4Vm4fHQPLQILcMToVV4MrQOT4U24enQNjwT2oU/hfbh2dAhPBc6hudDp9A5dAkvhK7hxdAtdA89Qs/QK7wUeoc+oW/oF/qHl8OA8EoYGF4Ng8LgMCS8FoaG18Ow8EYYHkaEkeHNMCqMDmPC2DAujA8TwlthYng7TArvhMlhSpgapoXpYUaYGd4Ns8LsMCe8F+aG98O8MD8sCAvDovBBWByWhNTwYVgaPgrLwvKwIqwMq8LqsCasDevC+rAhbAybwuawJWwN28LHYXvYEXaGXWF32BP2hk/CvvBp2B8+CwfC5+Fg+HM4FL4Ih8OX4Uj4KhwNX4dj4ZtwPHwbToTvwslwKpwO34cz4YdwNpwL58OP4UL4KVwMP4dL8jdrQgghhBD/LVuy/fPjPf/B59Sv67JeAHDtjpxH/va4BoBNv9bto3K1SgDA0907PvTXVblyjx49fn3sMg1RvvkAkLiS/8tvbH6Nl0NLeBLaQAso9g/766M6X+DfqZ+8DSDj3+SkwJX4Sv3i/0X9x54YubhUfD7LP6k/H6BAvis5GeBKfKV+if+ifvZmv9N/hi8mADT/m5xMcCW+Ur8oPA7PQJu/e6QQQgghhBBCCPEXfVTZ9r93/3z5/jyXuZKTHq7Ev3d/LoQQQgghhBBCiKvv2c5dnnqsTZsW7WUjG9n8T21Cd4D/D9r4I5ur/ZNJCCGEEEII8e925aL/ancihBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEKkXf8v/p3Y1T5HIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQ4mr7XwEAAP//RQ42MA==")
write$binfmt_script(r5, &(0x7f00000008c0), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r5, 0x0)
creat(&(0x7f00000002c0)='./bus\x00', 0x0)
unlink(&(0x7f0000000140)='./cgroup\x00')

1.237136431s ago: executing program 3:
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000402609333340000000000109022400010000000009040000010301000009210000000122010009058103"], 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r1 = inotify_init1(0x0)
inotify_add_watch(r1, &(0x7f0000000080)='.\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000011c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="000002"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_ep_write(r0, 0x81, 0xf4, &(0x7f0000000240)="b9425b446512d23236973599b76c4705397f00466e5b7462c24a16941ff5f4b4f1f0add7fc8280adbfa66d5b5ebea62a394e79f19c484d4609741adf42b8f59f90604e07d2388862672dfbf3e0c9d3969890524f3323746bde8946c7ec160f9e688f6b86781684ed273a5bd5531d459dc627ec0af211ebbf909987f5d2e8dcb3351da332165081af7d0814c57f5d65e4b436aa9f50bc0f19b7df372ff9ebcede3ff0cc752cf246a5d2da34a5a297dc14a469c3dd3e26b41c356484e06fd66e3f2c7807e8773ecd7b94fad89ab84feadec2ea95f65bba452eaef4b0cf962e50bdc395c270f7279a07e2815e472c8469ea4e8efb52")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='ext4_writepages\x00'}, 0x10)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000080))
gettid()
syz_usb_connect(0x3, 0x53c, &(0x7f0000001200)={{0x12, 0x1, 0x201, 0x23, 0xc5, 0x3a, 0x20, 0x45e, 0x417, 0xa02a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x52a, 0x2, 0xe, 0x1, 0x20, 0x4, [{{0x9, 0x4, 0x8b, 0x72, 0xd, 0x5e, 0x34, 0x1b, 0x5, [@cdc_ecm={{0x8, 0x24, 0x6, 0x0, 0x0, "acc0cd"}, {0x5, 0x24, 0x0, 0x4}, {0xd, 0x24, 0xf, 0x1, 0x8, 0x81, 0x8001, 0x40}, [@mdlm={0x15}, @country_functional={0xa, 0x24, 0x7, 0x20, 0xde, [0x0, 0x0]}]}], [{{0x9, 0x5, 0x6, 0x8, 0x60, 0x81, 0x9f, 0x80, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x2, 0x2}, @generic={0xd9, 0x5, "ca3bf322d3f7776be0952ec36820edcc6c655c0576a3cf977a13915d0634edd2189bff5c34c9ca909ab0abe00e86746f1e206438b40819a2042e1a09fcf85cf5b66777ff0a603f1f3326b7fb95fd0ea247d5f0b16d276510b7f9fa75a1a3a6dc4379cc0e5365e08bcbc7f689d737b7c83e272b1720f6da6c1757ee2654c87ed39f72b7342f94dab68a4ef892e19a56e309cd954c02ddf253b4698eb8ad6ea921b261d417eee82cb8140f8ad7fd27a00f60d7b4f994401f6309538fc9787d39fb0ff21667b041025be6754bc63fab3de9585ab8c292286e"}]}}, {{0x9, 0x5, 0xa, 0x2, 0x400, 0x20, 0x5, 0xe7, [@generic={0xa0, 0x5, "8417330908ba4de4a607178fd947b8119a68726eb58a62b3cfe7095557a87878827463be0ab56d961c4e7b7f578e459108140bfc2a2dc707b10b3f1fd7db936b7fd81a920b8e783a8f7a8ad327aa4ff721ed1e5b5a147b1ca037e242492c26b7658140d6004a03c2821de181fee74822df1c968851268bf5e02bdc97b7dbea0a0c8fe6e84ec638c9a4ba1a7cf4ece0f82487b9fc2c9ecfe65588217a9814"}]}}, {{0x9, 0x5, 0xc, 0x0, 0x200, 0xf7, 0x8, 0x1, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x1, 0x2}]}}, {{0x9, 0x5, 0x7, 0x0, 0x40, 0xfc, 0x6, 0x40, [@generic={0x1c, 0x24, "df55d1688f4008e62f7d7e0b164a5a695ed2976ba6d0228e409b"}, @uac_iso={0x7, 0x25, 0x1, 0x0, 0x0, 0x5}]}}, {{0x9, 0x5, 0x4, 0x10, 0x8, 0x80, 0x20, 0x4, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0x3e, 0x7f}, @generic={0x5f, 0xb, "2f2aa8b7594f7ce773930b1878700d9547a532eda53205c0a7921a98f4125cee7c10b1343288ae5b55bf70c68d4298e9707e7bae064c867a40e247be4996fee9d954193e21742ca82f2574bc483293a9434120c3f344b6261c2b5413a9"}]}}, {{0x9, 0x5, 0x89, 0x8, 0x40, 0x2, 0x80, 0x6, [@uac_iso={0x7, 0x25, 0x1, 0x83, 0xe1, 0x9}, @uac_iso={0x7, 0x25, 0x1, 0x0, 0x1, 0x4}]}}, {{0x9, 0x5, 0xe, 0x0, 0x3ff, 0x2, 0x40, 0x2, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0xff, 0x5}]}}, {{0x9, 0x5, 0x6, 0x0, 0x3ff, 0x1, 0xff, 0x5, [@generic={0x44, 0x9, "4c6a8e5def62738ba56652b62e15d3609365197c61d71ce8c0d494598ecf5657bf0a95a3979d166de4b22fb75b9d617020e88617bb08f0f85a9f9cddf50d9aef8358"}]}}, {{0x9, 0x5, 0x7, 0x10, 0x200, 0x2, 0x4, 0xff, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x2, 0x8}]}}, {{0x9, 0x5, 0x0, 0x0, 0x40, 0x7, 0x7, 0x0, [@uac_iso={0x7, 0x25, 0x1, 0x83, 0x3}]}}, {{0x9, 0x5, 0x2, 0x0, 0x387, 0x0, 0x0, 0x0, [@generic={0xb, 0x4, "d031d124a9d81192b9"}, @uac_iso={0x7, 0x25, 0x1, 0x80}]}}, {{0x9, 0x5, 0x1, 0x0, 0x10, 0x3, 0xac, 0x2, [@generic={0xfe, 0xc, "235bacf9ad56ce69093ca2b02d2865feb0066120a77c289f956a484c79d038e66d69fb1520b27eccc4151c62dc55808126130aa0f141b22729c9fdef0bc3d202e96e7e7fcfb3cc5fe20ec19acc6be219f8b1b006d4e76abf944daa8046899f17c08514a4ea03a9b1af5927221de98341fa5a53aee0e5a0bd5b46993c57c2324b794b67232cb4c6144932b6c26dbbe5e70b63ec277663b9a0c3e47f4a8e6a7dc2c728a2d8528a3b592169a8cf5d23527a0db4af1005918314dec0bab4218f6329be25791a3f2e0c7e1621db1181826798bd7d8832b6408ee4987dec4581b2d7ae3a52abcd434362a18fc9b7830eb352205496f701a3ebcf12fcaea6ca"}]}}, {{0x9, 0x5, 0x9, 0x0, 0x20, 0x6, 0x1d, 0x6, [@generic={0x74, 0x21, "92151fdd817e98115f6affa2db49268fa677ff9fadbec9ebb17745d4bd7ab7f0a10f99215cf931ab82c866dae5195dc285415c750feb612bbf32c4cefbccfb8083ceb4194e6df524555a0fb43bb3a4840aa57a1e6a5d7942e79fa2708a269f89b653a6627262db64fba4bf4277659845db7c"}]}}]}}, {{0x9, 0x4, 0x24, 0xae, 0x6, 0x5e, 0xb, 0xfc, 0x0, [@hid_hid={0x9, 0x21, 0x7, 0x4, 0x1, {0x22, 0x5e4}}], [{{0x9, 0x5, 0x0, 0x0, 0x8, 0xff, 0x20}}, {{0x9, 0x5, 0xd, 0xc, 0x10, 0x0, 0x0, 0x1, [@generic={0x2}]}}, {{0x9, 0x5, 0x4, 0x10, 0x0, 0x0, 0x80, 0x1, [@generic={0x1c, 0x23, "f4577e117eeb5ea2fdc607e77579f2846685e1b318f5e61f8b05"}]}}, {{0x9, 0x5, 0x0, 0x0, 0x0, 0xed, 0x6, 0x5}}, {{0x9, 0x5, 0xc, 0x8, 0x400, 0x75, 0xdb, 0x20, [@generic={0x2, 0x1}]}}, {{0x9, 0x5, 0x1, 0x1, 0x20, 0x7f, 0x6, 0x3, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x1, 0xef03}]}}]}}]}}]}}, &(0x7f0000000500)={0xa, &(0x7f0000000140)={0xa, 0x6, 0x51, 0x4, 0x86, 0x8c, 0x8, 0x9}, 0xb4, &(0x7f0000000340)={0x5, 0xf, 0xb4, 0x4, [@generic={0x90, 0x10, 0x3, "87fc775c0703d6454b36f83ed9c0f8546714d1d15f70ab9e44eabaa0e4df6b3a83dbad051f6cc6f4c8ba22df6dab5d7fae4ae3fa24316934a98164f5e9580a19dbe00bfa6543461fb85ae32c445f6ffb4d532e8c1a4da41a9edf0f668725f8ac3efb51e9efb19366051b33e2088adfa97baebaa8658e92889ddd2612ff0856649eeb20b81cc6e10f1f19c4e223"}, @ss_cap={0xa, 0x10, 0x3, 0x2fffc5dd1e34b63e, 0x7361038f7e31a4b5, 0x51, 0x0, 0x6}, @wireless={0xb, 0x10, 0x1, 0xc, 0x0, 0x0, 0x2, 0x97b8, 0x80}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x3, 0xff, 0x80, 0x4}]}, 0x4, [{0x4, &(0x7f00000001c0)=@lang_id={0x4, 0x3, 0x3009}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x440a}}, {0x2d, &(0x7f0000000400)=@string={0x2d, 0x3, "cd6422f7dac8a3b3341dc92aaf3720c49a503cd9ef68217b536e6950fb982d9b8bdfb9c3ba35b14788bcae"}}, {0x26, &(0x7f00000004c0)=@string={0x26, 0x3, "9bee93e7b4963df80c85f7e751619d8b74a45eeae98a6ad7f9c8ff6321ca785990a32ca3"}}]})

1.179607549s ago: executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x2810000, &(0x7f0000000380)={[{@user_xattr}, {@noquota}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@jqfmt_vfsv1}, {@block_validity}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7b1}}, {@noquota}, {@min_batch_time={'min_batch_time', 0x3d, 0x8}}, {@delalloc}, {@user_xattr}, {@quota}]}, 0x1, 0x562, &(0x7f0000001080)="$eJzs3U1rXFUfAPD/nSR9f56mUIqKSKALK7WTJvGlgou6FC0WdF+H5DaUTDolMylNLLRd2I0bKYKIBXGve5fFL+CnKGihSAm6cDNyJ3fSaTKTt06b2Pv7wW3Puedm/vfMuefMuXNmmAAKayT7pxTxckR8nUQc7igbjLxwZPm4pUfXJ7MtiWbz0z+TSPJ97eOT/P+DeealiPj1y4iTpbVx6wuLM5VqNZ3L86ON2Suj9YXFU5dmK9PpdHp5fGLizNsT4++9+07f6vrG+b+/++Teh2e+Or707c8PjtxJ4mwcyss669Eh2WKIm52ZkRjJH2Aozq46cGyLD7zbbfWJYncYyPv5UGRjwOEYyHs98OK7ERFNoKAS/R8Kqj0PaN/b97gPfmE9/GD5Bmht/QeX3xuJfa17owNLyRN3Rtn97nAf4mcxfvnj7p1si97vQ8SToW/2ITJQdDdvRcTpwcG141+Sj3/bd3oTx6yOUbTXH9hJ97L5z5vd5j+llflPdJn/HOzSd7dj4/5fetCHMD1l87/3u85/Vxathgfy3P9ac76h5OKlapqNbf+PiBMxtDfLr7eec2bpfrNXWef8L9uy+O25YH4eDwb3Pvk3U5VG5Wnq3OnhrYhXus5/k5X2T7q0f/Z8nN9kjGPp3dd6lW1c/2er+WPE613b//GKVrL++uRo63oYbV8Va/11+9hvveLvdP2z9j+wfv2Hk8712vrWY/yw7580mje6lm33+t+TfNZK78n3Xas0GnNjEXuSj9fuH3/8t+18+/is/ieOrz/+dbv+90fE55us/+2jP73aq6xL/UvPu/2nttT+W0/c/+iL73vF31z7v9VKncj3bGb82+wJPs1zBwAAAAAAALtNKSIORVIqr6RLpXJ5+fMdR+NAqVqrN05erM1fnorWd2WHY6jUXuk+3PF5iLH887Dt/Piq/EREHImIbwb2t/LlyVp1aqcrDwAAAAAAAAAAAAAAAAAAALvEwR7f/8/8PrDTZwc8c37yG4prw/7fj196AnYlr/9QXPo/FJf+D8Wl/0Nx6f9QXHn/t9wPBeT1H4pL/wcAAAAAAAAAAAAAAAAAAAAAAAAAAIC+On/uXLY1lx5dn8zyU1cX5mdqV09NpfWZ8uz8ZHmyNnelPF2rTVfT8mRtdqPHq9ZqV8bGY/7aaCOtN0brC4sXZmvzlxsXLs1WptML6dBzqRUAAAAAAAAAAAAAAAAAAAD8t9QXFmcq1Wo6JyGxrcTg7jgNiT4ndnpkAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDH/g0AAP//8UY6Ow==")
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1000f4)
open(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002021702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00'}, 0x10)
lsetxattr$system_posix_acl(&(0x7f0000000400)='.\x00', &(0x7f0000000440)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0xee01, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="02000000", @ANYRES32=0x0, @ANYBLOB="0400000000008000080000", @ANYRES32=0x0, @ANYBLOB='\b\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0], 0x5c, 0x0)
openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0)
mremap(&(0x7f00006bd000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000168000/0x1000)=nil)
mlock2(&(0x7f0000627000/0x3000)=nil, 0x3000, 0x0)
mremap(&(0x7f0000532000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000ffb000/0x3000)=nil)
munmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000)
munmap(&(0x7f0000604000/0x3000)=nil, 0x3000)
mlock(&(0x7f0000626000/0x5000)=nil, 0x5000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./bus\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)

1.031553322s ago: executing program 0:
openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$SNDRV_TIMER_IOCTL_START(0xffffffffffffffff, 0x54a0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x0, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x3, 0xf, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x0, 0xffffff85}}, [], {{0x6, 0x1, 0x5, 0x8}, {0x6, 0x0, 0x5, 0x9}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000000000)=0x8a8, 0x4)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'xfrm0\x00', <r5=>0x0})
recvfrom(r2, &(0x7f0000000400)=""/211, 0xd3, 0x40012301, &(0x7f0000000580)=@can={0x1d, r5}, 0x80)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r7 = dup(r6)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000380)={@cgroup=r7, 0x6, 0x0, 0x8000, 0x0, 0x0, 0x0, &(0x7f0000000280)=[0x0, 0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0], &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x40)
ioctl$USBDEVFS_FREE_STREAMS(0xffffffffffffffff, 0x8008551d, &(0x7f0000000140)=ANY=[@ANYBLOB="00fdffff00000000"])
write$UHID_INPUT(r7, 0x0, 0x0)

74.674879ms ago: executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1807000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='ext4_free_blocks\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000e40)={&(0x7f0000000600)='ext4_free_blocks\x00', r2}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='blkio.bfq.io_service_time\x00', 0x275a, 0x0)
write$cgroup_int(r3, &(0x7f0000000100), 0x1001)
ioctl$SIOCSIFHWADDR(r3, 0x4030582b, 0x0)

29.090696ms ago: executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x3, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_enter\x00'}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0))

21.172617ms ago: executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='ext4_request_blocks\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r1}, 0x10)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)

3.76486ms ago: executing program 0:
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x2, 0x4, 0x2}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1a, 0x3, 0x0, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x267e}, 0x90)

0s ago: executing program 4:
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000000)='./file0\x00', 0x2a08095, &(0x7f00000024c0)=ANY=[], 0x0, 0x2b0, &(0x7f00000017c0)="$eJzs3MFrI1UYAPAvm3Y3XZD0sLIo4o548VTaFe8p0sJqQFGCKB4sbhYlUxc2UEgO2+zJf0LxP9CjBy+CB/HiwX9ABKmCF/cmIow0M8kmu0kTXZJI/f0ueX3v+9775k3oDKW89545bN283b51//5JVJ4txVotavFnxGZciHLkegEAnCd/ZFn8nuVWXQsAsByP9/wvLaIkAGDB5nz+v55/HC+rLABggfz9HwD+f958+51Xd+v1vTeSpBJx+PFR46jR/9woAm7Fh5FGM7ajGn9FFK8KXxWj2f6N+t52cuqXzWgcHhf5x0eN/L8Hdwf5O1GNzWF+/20jy7Jr+zdKeztJbjx/PS4X+T9ejmZcj2pceSS/v/71ifkX44XnR9bfimr88H7cjjRunhY+kn93J0lefq2exFqM5F/qx/VtDLerPLJ1r1x5sracmwQAAAAAAAAAAAAAAAAAAAAAwLmzlQxNPL9na2vaeJ6/O/l8oCzLojI4X2d74vk8a/H02mqvHQAAAAAAAAAAAAAAAAAAAP4r2p1u6yBdz3/opWnzTt4z1vjou8+/mTL0oHHyfe+tWTHdVqlY96yY5TSeeO7nT6bH3CsN9ycuTIkpPdRTi/GYcjHHPyzs62sP9bxbnmOeUm/SUOU07UFPpdj92WWUZ5T67ckHT73YvvrS5JhyPM7d2fh393T9rK/Wb9W4VIyPD92bOmGx6zFr9S9W+jUeXPXM4Kuf1g6+vPvTr/POvOBfPAAAAAAAAAAAAAAAAAAAwCPanW6rsuoiAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDF2p1u6yBNmxej0/0s0rR5Z9BzZmN/jphhY9XXCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfwcAAP//27d+8A==")
r0 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = socket(0x10, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r7, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)={0xa0, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x30, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @mcast1}}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x18, 0x6, 0x0, 0x1, [@CTA_NAT_V6_MINIP={0x14, 0x4, @mcast1}]}]}, 0xa0}}, 0x0)
r9 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r9, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x0)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff", @ANYRES32=r10, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x148, 0x24, 0x100, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {}, {0xffff}}, [@TCA_STAB={0x124, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xa1, 0x79, 0xfff7, 0xcc9, 0x0, 0x553, 0x7, 0x6}}, {0x10, 0x2, [0x0, 0x0, 0x3e5c, 0x2, 0x397e, 0xdc5f]}}, {{0x1c, 0x1, {0x1, 0x0, 0x167, 0x9, 0x0, 0x3f, 0x0, 0x6}}, {0x10, 0x2, [0x0, 0x9, 0x3, 0xe938, 0x81, 0x3]}}, {{0x1c, 0x1, {0x0, 0x6, 0xff, 0x71a7, 0x0, 0x240, 0x81, 0x2}}, {0x8, 0x2, [0x90cd, 0x7]}}, {{0x1c, 0x1, {0x8, 0x19, 0x0, 0x6, 0x0, 0x3, 0x2, 0x3}}, {0xa, 0x2, [0xdf, 0x8, 0x7fff]}}, {{0x1c, 0x1, {0x7, 0x3, 0x40, 0x8, 0x1, 0xfffff1f5, 0x4dd8, 0x2}}, {0x8, 0x2, [0x5, 0xfffb]}}, {{0x1c, 0x1, {0xf3, 0xfe, 0x3ff, 0xfffffffa, 0x1, 0xdf7b, 0x0, 0x4}}, {0xc, 0x2, [0xfffb, 0x400, 0x1, 0xf04]}}, {{0x1c, 0x1, {0x0, 0x3, 0x3, 0x1, 0x1, 0x4, 0x9, 0x8}}, {0x14, 0x2, [0x2, 0x6, 0x8, 0xfffc, 0x0, 0x4, 0x8000, 0x0]}}]}]}, 0x148}, 0x1, 0x0, 0x0, 0x90}, 0x0)
bind$packet(r1, &(0x7f0000000400)={0x11, 0x0, r10, 0x1, 0x0, 0x6, @remote}, 0x14)

kernel console output (not intermixed with test programs):

hout journal. Opts: journal_ioprio=0x0000000000000005,journal_dev=0x0000000000008000,debug_want_extra_isize=0x000000000000005c,minixdf,resgid=0x0000000000000000,grpquota,usrjquota=,,errors=continue. Quota mode: writeback.
[  585.013556][ T7512] usb 3-1: config 0 descriptor??
[  585.288234][T10498] loop3: detected capacity change from 0 to 256
[  585.565215][ T1131] Bluetooth: hci1: command 0x1001 tx timeout
[  585.571072][ T1131] Bluetooth: hci0: command 0x1009 tx timeout
[  585.571176][T10299] Bluetooth: hci1: sending frame failed (-49)
[  586.055261][ T7512] usb 3-1: string descriptor 0 read error: -71
[  586.075247][ T7512] uclogic 0003:256C:006D.0078: failed retrieving string descriptor #200: -71
[  586.083950][ T7512] uclogic 0003:256C:006D.0078: failed retrieving pen parameters: -71
[  586.091892][ T7512] uclogic 0003:256C:006D.0078: failed probing pen v2 parameters: -71
[  586.100031][ T7512] uclogic 0003:256C:006D.0078: failed probing parameters: -71
[  586.107403][ T7512] uclogic: probe of 0003:256C:006D.0078 failed with error -71
[  586.119492][T10506] loop3: detected capacity change from 0 to 512
[  586.125355][ T7512] usb 3-1: USB disconnect, device number 33
[  586.165898][T10506] FAT-fs (loop3): bogus logical sector size 0
[  586.171809][T10506] FAT-fs (loop3): Can't find a valid FAT filesystem
[  586.613371][T10508] loop2: detected capacity change from 0 to 40427
[  586.666863][T10508] F2FS-fs (loop2): invalid crc value
[  586.673019][T10508] F2FS-fs (loop2): Found nat_bits in checkpoint
[  586.695591][T10508] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  586.845206][ T1131] Bluetooth: hci2: command 0x1003 tx timeout
[  586.873846][T10299] Bluetooth: hci2: sending frame failed (-49)
[  587.047395][T10518] loop3: detected capacity change from 0 to 256
[  587.635220][ T7257] Bluetooth: hci1: command 0x1009 tx timeout
[  589.724561][ T7257] Bluetooth: hci2: command 0x1001 tx timeout
[  589.745096][ T3772] Bluetooth: hci2: sending frame failed (-49)
[  589.747152][T10540] loop3: detected capacity change from 0 to 2048
[  589.796929][T10540] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  589.998760][T10553] loop2: detected capacity change from 0 to 256
[  590.883158][T10561] loop4: detected capacity change from 0 to 512
[  590.926192][T10561] FAT-fs (loop4): bogus logical sector size 0
[  590.932106][T10561] FAT-fs (loop4): Can't find a valid FAT filesystem
[  591.389827][T10566] loop3: detected capacity change from 0 to 40427
[  591.446754][T10566] F2FS-fs (loop3): invalid crc value
[  591.453008][T10566] F2FS-fs (loop3): Found nat_bits in checkpoint
[  591.589503][T10573] loop1: detected capacity change from 0 to 256
[  591.677067][T10566] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  591.795226][ T7257] Bluetooth: hci2: command 0x1009 tx timeout
[  591.893035][T10581] loop2: detected capacity change from 0 to 256
[  591.916452][T10580] overlayfs: failed to resolve './file1': -2
[  591.945219][ T7257] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  592.378985][ T9575] attempt to access beyond end of device
[  592.378985][ T9575] loop3: rw=2049, want=45112, limit=40427
[  592.623664][ T7257] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  592.635451][ T7257] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  592.676823][ T7257] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  592.685767][ T7257] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  592.694207][ T7257] usb 5-1: config 0 descriptor??
[  592.880815][T10597] loop3: detected capacity change from 0 to 256
[  593.800902][T10605] loop3: detected capacity change from 0 to 2048
[  593.864973][T10605] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  593.905564][T10611] fuse: Bad value for 'fd'
[  594.095274][ T7257] usb 5-1: string descriptor 0 read error: -71
[  594.115291][ T7257] uclogic 0003:256C:006D.0079: failed retrieving string descriptor #200: -71
[  594.124068][ T7257] uclogic 0003:256C:006D.0079: failed retrieving pen parameters: -71
[  594.132124][ T7257] uclogic 0003:256C:006D.0079: failed probing pen v2 parameters: -71
[  594.140042][ T7257] uclogic 0003:256C:006D.0079: failed probing parameters: -71
[  594.150503][ T7257] uclogic: probe of 0003:256C:006D.0079 failed with error -71
[  594.158731][ T7257] usb 5-1: USB disconnect, device number 33
[  594.464048][T10623] loop1: detected capacity change from 0 to 512
[  594.509866][T10623] FAT-fs (loop1): bogus logical sector size 0
[  594.515886][T10623] FAT-fs (loop1): Can't find a valid FAT filesystem
[  595.078313][T10634] loop2: detected capacity change from 0 to 256
[  595.307723][T10632] loop3: detected capacity change from 0 to 40427
[  595.526518][T10632] F2FS-fs (loop3): invalid crc value
[  595.532762][T10632] F2FS-fs (loop3): Found nat_bits in checkpoint
[  595.569802][T10632] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  596.344153][T10652] loop4: detected capacity change from 0 to 256
[  596.651078][ T7257] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[  596.752108][T10665] loop4: detected capacity change from 0 to 2048
[  596.849705][T10669] fuse: Bad value for 'fd'
[  596.903373][T10665] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  597.125272][ T7512] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  597.235487][ T7257] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  597.246262][ T7257] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  597.255925][ T7257] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  597.264889][ T7257] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  597.273409][ T7257] usb 1-1: config 0 descriptor??
[  597.328201][T10678] loop3: detected capacity change from 0 to 512
[  597.375956][T10678] FAT-fs (loop3): bogus logical sector size 0
[  597.381866][T10678] FAT-fs (loop3): Can't find a valid FAT filesystem
[  597.525362][ T7512] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  597.540068][ T7512] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  597.549972][ T7512] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  597.558931][ T7512] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  597.567456][ T7512] usb 3-1: config 0 descriptor??
[  597.703981][T10683] loop1: detected capacity change from 0 to 256
[  598.065970][T10689] loop4: detected capacity change from 0 to 512
[  598.139471][T10689] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz-executor.4: inode #1: comm syz-executor.4: iget: illegal inode #
[  598.153279][T10689] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz-executor.4: error while reading EA inode 1 err=-117
[  598.166295][T10689] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz-executor.4: inode #1: comm syz-executor.4: iget: illegal inode #
[  598.180086][T10689] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz-executor.4: error while reading EA inode 1 err=-117
[  598.192848][T10689] EXT4-fs (loop4): 1 orphan inode deleted
[  598.198421][T10689] EXT4-fs (loop4): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_dev=0x0000000000008000,debug_want_extra_isize=0x000000000000005c,minixdf,resgid=0x0000000000000000,grpquota,usrjquota=,,errors=continue. Quota mode: writeback.
[  598.695348][ T7257] usb 1-1: string descriptor 0 read error: -71
[  598.715383][ T7257] uclogic 0003:256C:006D.007A: failed retrieving string descriptor #200: -71
[  598.724182][ T7257] uclogic 0003:256C:006D.007A: failed retrieving pen parameters: -71
[  598.732155][ T7257] uclogic 0003:256C:006D.007A: failed probing pen v2 parameters: -71
[  598.740251][ T7257] uclogic 0003:256C:006D.007A: failed probing parameters: -71
[  598.749183][ T7257] uclogic: probe of 0003:256C:006D.007A failed with error -71
[  598.757360][ T7257] usb 1-1: USB disconnect, device number 42
[  599.004672][ T7512] usb 3-1: string descriptor 0 read error: -71
[  599.025590][ T7512] uclogic 0003:256C:006D.007B: failed retrieving string descriptor #200: -71
[  599.034474][ T7512] uclogic 0003:256C:006D.007B: failed retrieving pen parameters: -71
[  599.042477][ T7512] uclogic 0003:256C:006D.007B: failed probing pen v2 parameters: -71
[  599.050644][ T7512] uclogic 0003:256C:006D.007B: failed probing parameters: -71
[  599.058012][ T7512] uclogic: probe of 0003:256C:006D.007B failed with error -71
[  599.066187][ T7512] usb 3-1: USB disconnect, device number 34
[  599.238223][T10704] loop3: detected capacity change from 0 to 256
[  600.177835][T10722] loop2: detected capacity change from 0 to 256
[  600.688343][  T358] Bluetooth: hci0: command 0x1003 tx timeout
[  600.698385][ T9815] Bluetooth: hci0: sending frame failed (-49)
[  600.767429][T10726] loop3: detected capacity change from 0 to 2048
[  600.816730][T10726] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  601.460779][T10737] fuse: Bad value for 'fd'
[  601.757963][T10743] loop2: detected capacity change from 0 to 256
[  602.957200][T10758] loop3: detected capacity change from 0 to 256
[  603.515389][   T26] Bluetooth: hci0: command 0x1001 tx timeout
[  603.521368][ T9815] Bluetooth: hci0: sending frame failed (-49)
[  603.651973][T10765] loop2: detected capacity change from 0 to 256
[  604.743050][ T1131] usb 1-1: new high-speed USB device number 43 using dummy_hcd
[  605.625011][T10784] fuse: Bad value for 'fd'
[  605.826150][ T8404] Bluetooth: hci0: command 0x1009 tx timeout
[  605.860672][T10790] loop2: detected capacity change from 0 to 256
[  605.870479][T10789] loop1: detected capacity change from 0 to 2048
[  605.916341][T10792] loop3: detected capacity change from 0 to 256
[  605.926742][T10789] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  606.366833][ T1131] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  606.378240][ T1131] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  606.388332][ T1131] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  606.397414][ T1131] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  606.409633][ T1131] usb 1-1: config 0 descriptor??
[  606.745454][ T1131] usbhid 1-1:0.0: can't add hid device: -71
[  606.971203][ T1131] usbhid: probe of 1-1:0.0 failed with error -71
[  607.047265][ T1131] usb 1-1: USB disconnect, device number 43
[  607.273179][T10814] loop2: detected capacity change from 0 to 256
[  607.472474][T10818] loop1: detected capacity change from 0 to 256
[  608.786971][T10833] loop2: detected capacity change from 0 to 256
[  610.086464][T10848] loop2: detected capacity change from 0 to 256
[  610.094921][T10849] loop4: detected capacity change from 0 to 256
[  610.223054][T10860] loop0: detected capacity change from 0 to 512
[  611.118998][T10860] FAT-fs (loop0): bogus logical sector size 0
[  611.124939][T10860] FAT-fs (loop0): Can't find a valid FAT filesystem
[  611.726821][T10876] loop4: detected capacity change from 0 to 256
[  611.815638][T10879] loop1: detected capacity change from 0 to 256
[  613.352918][T10889] loop1: detected capacity change from 0 to 256
[  614.959364][T10902] loop3: detected capacity change from 0 to 256
[  615.438449][T10909] loop4: detected capacity change from 0 to 2048
[  615.498397][T10915] loop0: detected capacity change from 0 to 256
[  615.552285][T10909] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  616.056353][T10925] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  616.322823][T10929] loop3: detected capacity change from 0 to 512
[  616.396100][T10929] FAT-fs (loop3): bogus logical sector size 0
[  616.402030][T10929] FAT-fs (loop3): Can't find a valid FAT filesystem
[  616.730233][T10944] loop2: detected capacity change from 0 to 256
[  617.446782][T10954] loop4: detected capacity change from 0 to 256
[  618.386724][T10965] loop1: detected capacity change from 0 to 256
[  618.492310][T10972] loop0: detected capacity change from 0 to 256
[  620.130137][T10980] loop2: detected capacity change from 0 to 256
[  620.179174][T10984] loop3: detected capacity change from 0 to 2048
[  620.254927][T10986] loop4: detected capacity change from 0 to 512
[  620.270368][T10984] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  620.583980][T10993] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'.
[  620.790126][T10986] FAT-fs (loop4): bogus logical sector size 0
[  620.796178][T10986] FAT-fs (loop4): Can't find a valid FAT filesystem
[  621.608194][T10997] loop1: detected capacity change from 0 to 40427
[  621.657297][T10997] F2FS-fs (loop1): invalid crc value
[  621.666655][T10997] F2FS-fs (loop1): Found nat_bits in checkpoint
[  621.756821][T11011] loop2: detected capacity change from 0 to 256
[  621.779976][T10997] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  622.351000][T11021] overlayfs: failed to resolve './file1': -2
[  623.107717][  T688] attempt to access beyond end of device
[  623.107717][  T688] loop1: rw=2049, want=45112, limit=40427
[  623.153881][T11031] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  623.163003][T11031] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  624.187432][T11042] loop2: detected capacity change from 0 to 256
[  624.275820][T11044] loop3: detected capacity change from 0 to 256
[  624.382306][T11046] fuse: Bad value for 'fd'
[  624.779265][T11048] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'.
[  625.089223][T11055] loop2: detected capacity change from 0 to 256
[  625.105279][T11056] loop1: detected capacity change from 0 to 2048
[  625.182077][T11031] loop4: detected capacity change from 0 to 131072
[  625.192421][T11060] loop0: detected capacity change from 0 to 512
[  625.217022][T11056] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  625.286081][T11060] FAT-fs (loop0): bogus logical sector size 0
[  625.292006][T11060] FAT-fs (loop0): Can't find a valid FAT filesystem
[  625.293011][T11031] F2FS-fs (loop4): invalid crc_offset: 0
[  625.305477][T11031] F2FS-fs (loop4): Found nat_bits in checkpoint
[  625.405944][T11031] F2FS-fs (loop4): Mounted with checkpoint version = 753bd00b
[  625.425194][T11026] fscrypt (loop4, inode 3): Error -61 getting encryption context
[  625.525684][T11073] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'.
[  625.705178][ T1131] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  625.984135][T11077] loop2: detected capacity change from 0 to 256
[  626.089088][T11081] loop0: detected capacity change from 0 to 256
[  626.097470][T11079] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  626.122746][T11079] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  626.149992][ T1131] usb 5-1: config 27 has an invalid interface number: 110 but max is 0
[  626.294849][ T1131] usb 5-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  626.304961][ T1131] usb 5-1: config 27 has no interface number 0
[  626.311223][ T1131] usb 5-1: too many endpoints for config 27 interface 110 altsetting 111: 61, using maximum allowed: 30
[  626.322191][ T1131] usb 5-1: config 27 interface 110 altsetting 111 has 0 endpoint descriptors, different from the interface descriptor's value: 61
[  626.335467][ T1131] usb 5-1: config 27 interface 110 has no altsetting 0
[  626.342127][ T1131] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  626.351288][ T1131] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  626.685384][ T1131] usb 5-1: can't set config #27, error -71
[  626.713767][ T1131] usb 5-1: USB disconnect, device number 34
[  627.981456][T11112] fuse: Bad value for 'fd'
[  628.254553][T11079] loop3: detected capacity change from 0 to 131072
[  628.317111][T11079] F2FS-fs (loop3): invalid crc_offset: 0
[  628.324103][T11079] F2FS-fs (loop3): Found nat_bits in checkpoint
[  628.352626][T11122] loop1: detected capacity change from 0 to 256
[  628.359670][T11079] F2FS-fs (loop3): Mounted with checkpoint version = 753bd00b
[  628.373375][T11079] fscrypt (loop3, inode 3): Error -61 getting encryption context
[  628.406475][T11125] loop2: detected capacity change from 0 to 512
[  628.445815][T11125] FAT-fs (loop2): bogus logical sector size 0
[  628.451803][T11125] FAT-fs (loop2): Can't find a valid FAT filesystem
[  628.585257][T10956] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  628.627727][T11127] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'.
[  628.825238][   T20] usb 4-1: new high-speed USB device number 42 using dummy_hcd
[  628.975189][T10956] usb 5-1: Using ep0 maxpacket: 32
[  629.138584][T10956] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  629.147686][T11132] loop2: detected capacity change from 0 to 2048
[  629.148665][T10956] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  629.165408][T10956] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  629.178124][T10956] usb 5-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00
[  629.187474][T10956] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  629.195960][T10956] usb 5-1: config 0 descriptor??
[  629.197886][   T20] usb 4-1: config 27 has an invalid interface number: 110 but max is 0
[  629.209229][   T20] usb 4-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  629.219325][   T20] usb 4-1: config 27 has no interface number 0
[  629.225386][   T20] usb 4-1: too many endpoints for config 27 interface 110 altsetting 111: 61, using maximum allowed: 30
[  629.237382][   T20] usb 4-1: config 27 interface 110 altsetting 111 has 0 endpoint descriptors, different from the interface descriptor's value: 61
[  629.250737][   T20] usb 4-1: config 27 interface 110 has no altsetting 0
[  629.257505][   T20] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  629.266597][   T20] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  629.267230][T11132] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  629.301432][T11139] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  629.310523][T11139] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  629.425196][   T20] usb 4-1: string descriptor 0 read error: -71
[  629.434567][   T20] usb 4-1: USB disconnect, device number 42
[  629.706004][T10956] ntrig 0003:1B96:000A.007C: unknown main item tag 0x0
[  629.715250][T10956] ntrig 0003:1B96:000A.007C: unknown main item tag 0x0
[  629.722079][T10956] ntrig 0003:1B96:000A.007C: unknown main item tag 0x0
[  629.729062][T10956] ntrig 0003:1B96:000A.007C: unknown main item tag 0x0
[  629.743695][T10956] ntrig 0003:1B96:000A.007C: unknown main item tag 0x0
[  629.865278][T10956] ntrig 0003:1B96:000A.007C: hidraw0: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.4-1/input0
[  630.141671][T11150] loop0: detected capacity change from 0 to 256
[  630.151617][T11152] loop3: detected capacity change from 0 to 256
[  630.189437][T10956] usb 5-1: USB disconnect, device number 35
[  630.416797][T11139] loop1: detected capacity change from 0 to 131072
[  630.481205][T11139] F2FS-fs (loop1): invalid crc_offset: 0
[  630.490454][T11139] F2FS-fs (loop1): Found nat_bits in checkpoint
[  630.538459][T11139] F2FS-fs (loop1): Mounted with checkpoint version = 753bd00b
[  630.559473][T11134] fscrypt (loop1, inode 3): Error -61 getting encryption context
[  630.868674][T10956] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  631.033568][T11172] loop3: detected capacity change from 0 to 256
[  631.255209][T10956] usb 2-1: config 27 has an invalid interface number: 110 but max is 0
[  631.300349][T10956] usb 2-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  631.322237][T10956] usb 2-1: config 27 has no interface number 0
[  631.324940][T11168] loop4: detected capacity change from 0 to 40427
[  631.328257][T10956] usb 2-1: too many endpoints for config 27 interface 110 altsetting 111: 61, using maximum allowed: 30
[  631.345445][T10956] usb 2-1: config 27 interface 110 altsetting 111 has 0 endpoint descriptors, different from the interface descriptor's value: 61
[  631.358628][T10956] usb 2-1: config 27 interface 110 has no altsetting 0
[  631.365398][T10956] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  631.374141][T10956] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  631.379179][T11168] F2FS-fs (loop4): invalid crc value
[  631.388669][T11168] F2FS-fs (loop4): Found nat_bits in checkpoint
[  631.411316][T11168] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  631.442993][T11179] loop2: detected capacity change from 0 to 512
[  631.470488][T11179] FAT-fs (loop2): bogus logical sector size 0
[  631.476421][T11179] FAT-fs (loop2): Can't find a valid FAT filesystem
[  631.627376][T11185] loop3: detected capacity change from 0 to 256
[  631.642862][T11134] fscrypt (loop1, inode 3): Error -61 getting encryption context
[  631.651130][T11134] fscrypt (loop1, inode 3): Error -61 getting encryption context
[  631.659658][T11134] fscrypt (loop1, inode 3): Error -61 getting encryption context
[  631.671324][T11183] overlayfs: failed to resolve './file1': -2
[  632.078839][T11189] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'.
[  632.309694][  T309] attempt to access beyond end of device
[  632.309694][  T309] loop4: rw=2049, want=45112, limit=40427
[  632.385204][T10956] usb 2-1: string descriptor 0 read error: -71
[  632.392600][T10956] usb 2-1: USB disconnect, device number 30
[  632.541930][T11200] loop3: detected capacity change from 0 to 2048
[  632.634268][T11200] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  633.506674][T11212] loop0: detected capacity change from 0 to 256
[  634.016535][T11215] loop1: detected capacity change from 0 to 256
[  634.623391][T11229] loop2: detected capacity change from 0 to 512
[  634.892783][T11232] loop1: detected capacity change from 0 to 256
[  634.951358][T11229] FAT-fs (loop2): bogus logical sector size 0
[  634.957288][T11229] FAT-fs (loop2): Can't find a valid FAT filesystem
[  635.714160][T11251] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  635.723674][T11251] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  636.979941][T11259] loop0: detected capacity change from 0 to 256
[  637.086534][T11261] loop3: detected capacity change from 0 to 256
[  637.628813][T11267] loop2: detected capacity change from 0 to 2048
[  637.765509][T11275] loop0: detected capacity change from 0 to 256
[  637.859128][T11276] incfs: Backing dir is not set, filesystem can't be mounted.
[  637.866747][T11276] incfs: mount failed -2
[  638.168740][T11267] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  638.317556][T11251] loop4: detected capacity change from 0 to 131072
[  638.347073][T11251] F2FS-fs (loop4): invalid crc_offset: 0
[  638.360555][T11251] F2FS-fs (loop4): Found nat_bits in checkpoint
[  638.410430][T11251] F2FS-fs (loop4): Mounted with checkpoint version = 753bd00b
[  638.435399][T11241] fscrypt (loop4, inode 3): Error -61 getting encryption context
[  638.525207][  T358] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  638.676623][T11296] loop3: detected capacity change from 0 to 512
[  638.731436][T11297] loop0: detected capacity change from 0 to 512
[  638.815271][T11296] FAT-fs (loop3): bogus logical sector size 0
[  638.821198][T11296] FAT-fs (loop3): Can't find a valid FAT filesystem
[  638.942536][T11300] loop2: detected capacity change from 0 to 256
[  638.957719][T11297] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz-executor.0: inode #1: comm syz-executor.0: iget: illegal inode #
[  638.975547][T11297] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz-executor.0: error while reading EA inode 1 err=-117
[  638.990174][T11297] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz-executor.0: inode #1: comm syz-executor.0: iget: illegal inode #
[  639.039733][T11297] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz-executor.0: error while reading EA inode 1 err=-117
[  639.052944][T11297] EXT4-fs (loop0): 1 orphan inode deleted
[  639.058574][T11297] EXT4-fs (loop0): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_dev=0x0000000000008000,debug_want_extra_isize=0x000000000000005c,minixdf,resgid=0x0000000000000000,grpquota,usrjquota=,,errors=continue. Quota mode: writeback.
[  639.123093][  T299] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  639.205227][  T358] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  639.216108][  T358] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  639.225636][  T358] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  639.234477][  T358] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  639.242738][  T358] usb 2-1: config 0 descriptor??
[  639.501991][T11307] loop2: detected capacity change from 0 to 256
[  639.545200][  T299] usb 5-1: unable to read config index 0 descriptor/all
[  639.551983][  T299] usb 5-1: can't read configurations, error -71
[  640.238180][T11311] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'.
[  640.745359][  T358] usb 2-1: string descriptor 0 read error: -71
[  640.765438][  T358] uclogic 0003:256C:006D.007D: failed retrieving string descriptor #200: -71
[  640.797463][  T358] uclogic 0003:256C:006D.007D: failed retrieving pen parameters: -71
[  640.834932][  T358] uclogic 0003:256C:006D.007D: failed probing pen v2 parameters: -71
[  640.861130][  T358] uclogic 0003:256C:006D.007D: failed probing parameters: -71
[  640.868482][  T358] uclogic: probe of 0003:256C:006D.007D failed with error -71
[  640.876647][  T358] usb 2-1: USB disconnect, device number 31
[  640.917324][ T1131] Bluetooth: hci0: command 0x1003 tx timeout
[  640.923364][ T9815] Bluetooth: hci0: sending frame failed (-49)
[  641.572569][T11337] loop2: detected capacity change from 0 to 256
[  641.771749][T11341] loop4: detected capacity change from 0 to 2048
[  641.867733][T11341] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  642.074559][T11349] loop3: detected capacity change from 0 to 512
[  642.125880][T11349] FAT-fs (loop3): bogus logical sector size 0
[  642.131777][T11349] FAT-fs (loop3): Can't find a valid FAT filesystem
[  642.375067][T11355] loop1: detected capacity change from 0 to 256
[  642.843991][T11362] loop3: detected capacity change from 0 to 256
[  643.541542][T11368] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'.
[  644.374551][   T20] Bluetooth: hci0: command 0x1001 tx timeout
[  644.393383][ T9815] Bluetooth: hci0: sending frame failed (-49)
[  644.583895][T11380] loop2: detected capacity change from 0 to 256
[  644.847088][T11384] incfs: Backing dir is not set, filesystem can't be mounted.
[  644.854972][T11384] incfs: mount failed -2
[  645.025171][   T20] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  645.404989][   T20] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  645.416936][   T20] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  645.430692][   T20] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  645.728680][T11395] loop2: detected capacity change from 0 to 256
[  645.858785][   T20] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  645.927094][   T20] usb 5-1: config 0 descriptor??
[  646.034880][T11401] loop1: detected capacity change from 0 to 512
[  646.085838][T11401] FAT-fs (loop1): bogus logical sector size 0
[  646.091790][T11401] FAT-fs (loop1): Can't find a valid FAT filesystem
[  646.435181][  T299] Bluetooth: hci0: command 0x1009 tx timeout
[  646.865289][   T20] usb 5-1: string descriptor 0 read error: -71
[  646.885217][   T20] uclogic 0003:256C:006D.007E: failed retrieving string descriptor #200: -71
[  646.893982][   T20] uclogic 0003:256C:006D.007E: failed retrieving pen parameters: -71
[  646.901860][   T20] uclogic 0003:256C:006D.007E: failed probing pen v2 parameters: -71
[  646.909911][   T20] uclogic 0003:256C:006D.007E: failed probing parameters: -71
[  646.917327][   T20] uclogic: probe of 0003:256C:006D.007E failed with error -71
[  646.927171][   T20] usb 5-1: USB disconnect, device number 38
[  647.006595][T11416] loop3: detected capacity change from 0 to 256
[  647.613862][T11418] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'.
[  647.911422][T11426] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  647.920383][T11426] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  648.151228][T11434] incfs: Backing dir is not set, filesystem can't be mounted.
[  648.159005][T11434] incfs: mount failed -2
[  648.546239][T11435] loop3: detected capacity change from 0 to 256
[  648.960046][T11443] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  648.982258][T11443] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  649.511014][T11456] loop4: detected capacity change from 0 to 2048
[  649.622347][T11456] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  649.786849][T11467] loop2: detected capacity change from 0 to 256
[  649.893205][T11426] loop1: detected capacity change from 0 to 131072
[  649.975071][T11426] F2FS-fs (loop1): invalid crc_offset: 0
[  650.005758][T11426] F2FS-fs (loop1): Found nat_bits in checkpoint
[  650.080952][T11475] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'.
[  650.227994][T11426] F2FS-fs (loop1): Mounted with checkpoint version = 753bd00b
[  650.260166][T11425] fscrypt (loop1, inode 3): Error -61 getting encryption context
[  650.260842][T11443] loop3: detected capacity change from 0 to 131072
[  650.337017][T11443] F2FS-fs (loop3): invalid crc_offset: 0
[  650.357700][T11443] F2FS-fs (loop3): Found nat_bits in checkpoint
[  650.423143][T11443] F2FS-fs (loop3): Mounted with checkpoint version = 753bd00b
[  650.448433][T11442] fscrypt (loop3, inode 3): Error -61 getting encryption context
[  650.484707][T11484] loop4: detected capacity change from 0 to 256
[  650.743080][T11486] incfs: Backing dir is not set, filesystem can't be mounted.
[  650.750860][T11486] incfs: mount failed -2
[  651.366830][T10956] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  652.068928][T11496] loop0: detected capacity change from 0 to 512
[  652.131069][T11500] loop2: detected capacity change from 0 to 256
[  652.375677][   T60] usb 4-1: new high-speed USB device number 43 using dummy_hcd
[  652.639916][T11496] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz-executor.0: inode #1: comm syz-executor.0: iget: illegal inode #
[  652.653871][T11496] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz-executor.0: error while reading EA inode 1 err=-117
[  652.667260][T11496] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz-executor.0: inode #1: comm syz-executor.0: iget: illegal inode #
[  652.680965][T11496] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz-executor.0: error while reading EA inode 1 err=-117
[  652.699126][T11496] EXT4-fs (loop0): 1 orphan inode deleted
[  652.704684][T11496] EXT4-fs (loop0): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_dev=0x0000000000008000,debug_want_extra_isize=0x000000000000005c,minixdf,resgid=0x0000000000000000,grpquota,usrjquota=,,errors=continue. Quota mode: writeback.
[  652.830468][T11514] loop4: detected capacity change from 0 to 2048
[  652.881361][T11522] loop3: detected capacity change from 0 to 256
[  652.916739][T11514] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  653.170608][T11529] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'.
[  653.612847][T11533] loop2: detected capacity change from 0 to 256
[  654.603840][T11546] loop4: detected capacity change from 0 to 512
[  654.787702][   T20] Bluetooth: hci0: command 0x1003 tx timeout
[  654.793565][ T3772] Bluetooth: hci0: sending frame failed (-49)
[  654.803372][T11546] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz-executor.4: inode #1: comm syz-executor.4: iget: illegal inode #
[  654.818067][T11546] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz-executor.4: error while reading EA inode 1 err=-117
[  654.830739][T11546] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz-executor.4: inode #1: comm syz-executor.4: iget: illegal inode #
[  654.844885][T11546] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz-executor.4: error while reading EA inode 1 err=-117
[  654.857808][T11546] EXT4-fs (loop4): 1 orphan inode deleted
[  654.857841][T11553] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  654.863351][T11546] EXT4-fs (loop4): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_dev=0x0000000000008000,debug_want_extra_isize=0x000000000000005c,minixdf,resgid=0x0000000000000000,grpquota,usrjquota=,,errors=continue. Quota mode: writeback.
[  654.872725][T11553] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  655.035933][T11560] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  655.044696][T11560] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  655.388279][T11553] loop1: detected capacity change from 0 to 131072
[  655.426931][T11553] F2FS-fs (loop1): invalid crc_offset: 0
[  655.433890][T11553] F2FS-fs (loop1): Found nat_bits in checkpoint
[  655.469790][T11553] F2FS-fs (loop1): Mounted with checkpoint version = 753bd00b
[  655.488459][T11550] fscrypt (loop1, inode 3): Error -61 getting encryption context
[  655.512246][T11560] loop2: detected capacity change from 0 to 131072
[  655.556899][T11560] F2FS-fs (loop2): invalid crc_offset: 0
[  655.563781][T11560] F2FS-fs (loop2): Found nat_bits in checkpoint
[  655.586582][T11560] F2FS-fs (loop2): Mounted with checkpoint version = 753bd00b
[  655.600684][T11560] fscrypt (loop2, inode 3): Error -61 getting encryption context
[  655.765186][   T20] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  655.875189][   T26] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[  656.040161][T11578] loop3: detected capacity change from 0 to 2048
[  656.066781][T11578] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  656.125265][   T20] usb 2-1: config 27 has an invalid interface number: 110 but max is 0
[  656.133403][   T20] usb 2-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  656.143345][   T20] usb 2-1: config 27 has no interface number 0
[  656.149361][   T20] usb 2-1: too many endpoints for config 27 interface 110 altsetting 111: 61, using maximum allowed: 30
[  656.160301][   T20] usb 2-1: config 27 interface 110 altsetting 111 has 0 endpoint descriptors, different from the interface descriptor's value: 61
[  656.173460][   T20] usb 2-1: config 27 interface 110 has no altsetting 0
[  656.180146][   T20] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  656.189001][   T20] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  656.305227][   T26] usb 3-1: config 27 has an invalid interface number: 110 but max is 0
[  656.313415][   T26] usb 3-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  656.323664][   T26] usb 3-1: config 27 has no interface number 0
[  656.329754][   T26] usb 3-1: too many endpoints for config 27 interface 110 altsetting 111: 61, using maximum allowed: 30
[  656.341076][   T26] usb 3-1: config 27 interface 110 altsetting 111 has 0 endpoint descriptors, different from the interface descriptor's value: 61
[  656.354460][   T26] usb 3-1: config 27 interface 110 has no altsetting 0
[  656.361347][   T26] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  656.370265][   T26] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  656.445911][T11550] fscrypt (loop1, inode 3): Error -61 getting encryption context
[  656.454224][T11550] fscrypt (loop1, inode 3): Error -61 getting encryption context
[  656.462120][T11550] fscrypt (loop1, inode 3): Error -61 getting encryption context
[  656.626068][T11560] fscrypt (loop2, inode 3): Error -61 getting encryption context
[  656.634157][T11560] fscrypt (loop2, inode 3): Error -61 getting encryption context
[  656.641972][T11560] fscrypt (loop2, inode 3): Error -61 getting encryption context
[  656.755171][T10956] Bluetooth: hci1: command 0x1003 tx timeout
[  656.761195][ T3772] Bluetooth: hci1: sending frame failed (-49)
[  656.835199][T10956] Bluetooth: hci0: command 0x1001 tx timeout
[  656.841183][ T3772] Bluetooth: hci0: sending frame failed (-49)
[  656.921002][T11585] loop3: detected capacity change from 0 to 256
[  657.005311][   T20] usb 2-1: string descriptor 0 read error: -71
[  657.011995][   T20] usb 2-1: USB disconnect, device number 33
[  657.576479][T11589] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'.
[  657.680340][   T26] usb 3-1: string descriptor 0 read error: -71
[  657.696608][   T26] usb 3-1: USB disconnect, device number 35
[  658.032513][T11596] loop3: detected capacity change from 0 to 256
[  658.601560][T11604] loop2: detected capacity change from 0 to 256
[  658.858310][   T39] Bluetooth: hci1: command 0x1001 tx timeout
[  658.865268][ T3772] Bluetooth: hci1: sending frame failed (-49)
[  658.915243][   T26] Bluetooth: hci0: command 0x1009 tx timeout
[  659.344185][T11615] loop1: detected capacity change from 0 to 40427
[  659.386644][T11615] F2FS-fs (loop1): invalid crc value
[  659.392750][T11615] F2FS-fs (loop1): Found nat_bits in checkpoint
[  659.414920][T11615] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  659.503944][T11622] loop1: detected capacity change from 0 to 2048
[  659.536911][T11622] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  660.337879][T11636] loop2: detected capacity change from 0 to 256
[  660.636648][T11640] loop1: detected capacity change from 0 to 512
[  660.656184][T11640] FAT-fs (loop1): bogus logical sector size 0
[  660.662120][T11640] FAT-fs (loop1): Can't find a valid FAT filesystem
[  660.925286][   T39] Bluetooth: hci1: command 0x1009 tx timeout
[  661.244562][T11651] loop2: detected capacity change from 0 to 256
[  662.181275][T11666] loop2: detected capacity change from 0 to 256
[  663.459398][T11682] loop0: detected capacity change from 0 to 2048
[  664.048906][T11687] loop2: detected capacity change from 0 to 512
[  664.264744][T11688] loop3: detected capacity change from 0 to 256
[  664.275202][ T3772] Bluetooth: hci0: sending frame failed (-49)
[  664.329261][T11682] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  664.395650][T11687] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz-executor.2: inode #1: comm syz-executor.2: iget: illegal inode #
[  664.409571][T11687] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz-executor.2: error while reading EA inode 1 err=-117
[  664.422382][T11687] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz-executor.2: inode #1: comm syz-executor.2: iget: illegal inode #
[  664.436331][T11687] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz-executor.2: error while reading EA inode 1 err=-117
[  664.449005][T11687] EXT4-fs (loop2): 1 orphan inode deleted
[  664.454555][T11687] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_dev=0x0000000000008000,debug_want_extra_isize=0x000000000000005c,minixdf,resgid=0x0000000000000000,grpquota,usrjquota=,,errors=continue. Quota mode: writeback.
[  665.240585][T11707] loop4: detected capacity change from 0 to 512
[  665.295989][T11707] FAT-fs (loop4): bogus logical sector size 0
[  665.301884][T11707] FAT-fs (loop4): Can't find a valid FAT filesystem
[  665.615140][ T7257] usb 1-1: new high-speed USB device number 44 using dummy_hcd
[  665.975640][ T7257] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  665.987811][ T7257] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  665.997449][ T7257] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  666.006510][ T7257] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  666.018072][ T7257] usb 1-1: config 0 descriptor??
[  666.051231][T11721] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  666.060031][T11721] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  666.197393][T11723] loop4: detected capacity change from 0 to 256
[  666.365145][   T39] Bluetooth: hci0: command 0x1003 tx timeout
[  666.371107][ T9815] Bluetooth: hci0: sending frame failed (-49)
[  666.613338][T11728] loop3: detected capacity change from 0 to 512
[  666.743488][T11728] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz-executor.3: inode #1: comm syz-executor.3: iget: illegal inode #
[  666.757361][T11728] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz-executor.3: error while reading EA inode 1 err=-117
[  666.770018][T11728] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz-executor.3: inode #1: comm syz-executor.3: iget: illegal inode #
[  666.783770][T11728] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz-executor.3: error while reading EA inode 1 err=-117
[  666.796455][T11728] EXT4-fs (loop3): 1 orphan inode deleted
[  666.802010][T11728] EXT4-fs (loop3): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_dev=0x0000000000008000,debug_want_extra_isize=0x000000000000005c,minixdf,resgid=0x0000000000000000,grpquota,usrjquota=,,errors=continue. Quota mode: writeback.
[  666.883688][T11721] loop2: detected capacity change from 0 to 131072
[  666.926697][T11721] F2FS-fs (loop2): invalid crc_offset: 0
[  666.933494][T11721] F2FS-fs (loop2): Found nat_bits in checkpoint
[  667.089693][T11721] F2FS-fs (loop2): Mounted with checkpoint version = 753bd00b
[  667.165690][T11721] fscrypt (loop2, inode 3): Error -61 getting encryption context
[  667.185221][ T7257] usb 1-1: string descriptor 0 read error: -71
[  667.205226][ T7257] uclogic 0003:256C:006D.007F: failed retrieving string descriptor #200: -71
[  667.213889][ T7257] uclogic 0003:256C:006D.007F: failed retrieving pen parameters: -71
[  667.221751][ T7257] uclogic 0003:256C:006D.007F: failed probing pen v2 parameters: -71
[  667.229688][ T7257] uclogic 0003:256C:006D.007F: failed probing parameters: -71
[  667.236945][ T7257] uclogic: probe of 0003:256C:006D.007F failed with error -71
[  667.245131][ T7257] usb 1-1: USB disconnect, device number 44
[  667.445196][T10956] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  667.711329][T11742] loop0: detected capacity change from 0 to 256
[  667.907982][T10956] usb 3-1: config 27 has an invalid interface number: 110 but max is 0
[  667.916168][T10956] usb 3-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  667.926353][T10956] usb 3-1: config 27 has no interface number 0
[  667.932370][T10956] usb 3-1: too many endpoints for config 27 interface 110 altsetting 111: 61, using maximum allowed: 30
[  667.943473][T10956] usb 3-1: config 27 interface 110 altsetting 111 has 0 endpoint descriptors, different from the interface descriptor's value: 61
[  667.956826][T10956] usb 3-1: config 27 interface 110 has no altsetting 0
[  667.963504][T10956] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  667.972363][T10956] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  668.074418][T11748] loop4: detected capacity change from 0 to 512
[  668.159290][T11748] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz-executor.4: inode #1: comm syz-executor.4: iget: illegal inode #
[  668.173109][T11748] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz-executor.4: error while reading EA inode 1 err=-117
[  668.185694][T11748] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz-executor.4: inode #1: comm syz-executor.4: iget: illegal inode #
[  668.199343][T11748] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz-executor.4: error while reading EA inode 1 err=-117
[  668.211939][T11748] EXT4-fs (loop4): 1 orphan inode deleted
[  668.217504][T11748] EXT4-fs (loop4): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_dev=0x0000000000008000,debug_want_extra_isize=0x000000000000005c,minixdf,resgid=0x0000000000000000,grpquota,usrjquota=,,errors=continue. Quota mode: writeback.
[  668.373886][T11721] fscrypt (loop2, inode 3): Error -61 getting encryption context
[  668.382010][T11721] fscrypt (loop2, inode 3): Error -61 getting encryption context
[  668.390012][T11721] fscrypt (loop2, inode 3): Error -61 getting encryption context
[  668.435255][ T7257] Bluetooth: hci0: command 0x1001 tx timeout
[  668.441217][T10299] Bluetooth: hci0: sending frame failed (-49)
[  668.462370][T11754] loop0: detected capacity change from 0 to 2048
[  668.506995][T11754] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  668.675179][   T60] Bluetooth: hci1: command 0x1003 tx timeout
[  668.681196][T10299] Bluetooth: hci1: sending frame failed (-49)
[  668.925218][T10956] usb 3-1: string descriptor 0 read error: -71
[  668.931874][T10956] usb 3-1: USB disconnect, device number 36
[  669.127922][T11764] loop2: detected capacity change from 0 to 512
[  669.165824][T11764] FAT-fs (loop2): bogus logical sector size 0
[  669.171727][T11764] FAT-fs (loop2): Can't find a valid FAT filesystem
[  669.534743][T11769] loop0: detected capacity change from 0 to 256
[  670.195187][  T299] Bluetooth: hci2: command 0x1003 tx timeout
[  670.201202][T10299] Bluetooth: hci2: sending frame failed (-49)
[  670.464873][T11778] loop0: detected capacity change from 0 to 256
[  670.558114][  T299] Bluetooth: hci0: command 0x1009 tx timeout
[  670.726736][T11780] loop2: detected capacity change from 0 to 256
[  670.755166][  T299] Bluetooth: hci1: command 0x1001 tx timeout
[  670.761135][T10299] Bluetooth: hci1: sending frame failed (-49)
[  670.976539][T11782] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'.
[  671.776332][T11791] loop2: detected capacity change from 0 to 256
[  672.275193][  T299] Bluetooth: hci2: command 0x1001 tx timeout
[  672.281111][T10299] Bluetooth: hci2: sending frame failed (-49)
[  672.595943][T11800] loop2: detected capacity change from 0 to 256
[  672.835166][  T299] Bluetooth: hci1: command 0x1009 tx timeout
[  673.337685][T11808] loop2: detected capacity change from 0 to 256
[  673.820814][T11813] loop0: detected capacity change from 0 to 40427
[  673.886672][T11813] F2FS-fs (loop0): invalid crc value
[  673.892776][T11813] F2FS-fs (loop0): Found nat_bits in checkpoint
[  673.914747][T11813] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  673.932969][T11813] overlayfs: failed to resolve './file1': -2
[  673.942631][ T4602] attempt to access beyond end of device
[  673.942631][ T4602] loop0: rw=2049, want=45112, limit=40427
[  674.134910][T11819] loop0: detected capacity change from 0 to 512
[  674.172235][T11819] FAT-fs (loop0): bogus logical sector size 0
[  674.178241][T11819] FAT-fs (loop0): Can't find a valid FAT filesystem
[  674.356516][T11823] loop2: detected capacity change from 0 to 256
[  674.362724][   T39] Bluetooth: hci2: command 0x1009 tx timeout
[  675.195734][T11833] loop0: detected capacity change from 0 to 256
[  676.260337][T11849] loop2: detected capacity change from 0 to 256
[  676.305431][T10956] usb 1-1: new high-speed USB device number 45 using dummy_hcd
[  676.695270][T10956] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  676.706270][T10956] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  676.715978][T10956] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  676.724817][T10956] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  676.733270][T10956] usb 1-1: config 0 descriptor??
[  676.828678][T11851] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  676.837667][T11851] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  677.204788][T11859] loop3: detected capacity change from 0 to 256
[  677.209788][T11851] loop1: detected capacity change from 0 to 131072
[  677.256890][T11851] F2FS-fs (loop1): invalid crc_offset: 0
[  677.263800][T11851] F2FS-fs (loop1): Found nat_bits in checkpoint
[  677.287299][T11857] loop2: detected capacity change from 0 to 40427
[  677.296998][T11851] F2FS-fs (loop1): Mounted with checkpoint version = 753bd00b
[  677.310594][T11851] fscrypt (loop1, inode 3): Error -61 getting encryption context
[  677.319876][T11857] F2FS-fs (loop2): invalid crc value
[  677.326568][T11857] F2FS-fs (loop2): Found nat_bits in checkpoint
[  677.365762][T11857] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  677.388067][T11857] overlayfs: failed to resolve './file1': -2
[  677.397177][ T9159] attempt to access beyond end of device
[  677.397177][ T9159] loop2: rw=2049, want=45112, limit=40427
[  677.687013][T10956] usb 1-1: string descriptor 0 read error: -71
[  677.715241][T10956] uclogic 0003:256C:006D.0080: failed retrieving string descriptor #200: -71
[  677.723862][T10956] uclogic 0003:256C:006D.0080: failed retrieving pen parameters: -71
[  677.731736][T10956] uclogic 0003:256C:006D.0080: failed probing pen v2 parameters: -71
[  677.735157][  T299] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  677.739806][T10956] uclogic 0003:256C:006D.0080: failed probing parameters: -71
[  677.755012][T10956] uclogic: probe of 0003:256C:006D.0080 failed with error -71
[  677.766114][T10956] usb 1-1: USB disconnect, device number 45
[  678.155254][  T299] usb 2-1: config 27 has an invalid interface number: 110 but max is 0
[  678.163388][  T299] usb 2-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  678.173525][  T299] usb 2-1: config 27 has no interface number 0
[  678.179621][  T299] usb 2-1: too many endpoints for config 27 interface 110 altsetting 111: 61, using maximum allowed: 30
[  678.190794][  T299] usb 2-1: config 27 interface 110 altsetting 111 has 0 endpoint descriptors, different from the interface descriptor's value: 61
[  678.205019][  T299] usb 2-1: config 27 interface 110 has no altsetting 0
[  678.211787][  T299] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  678.220940][  T299] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  678.230591][T11876] loop3: detected capacity change from 0 to 512
[  678.305755][T11876] FAT-fs (loop3): bogus logical sector size 0
[  678.311732][T11876] FAT-fs (loop3): Can't find a valid FAT filesystem
[  678.509678][T11851] fscrypt (loop1, inode 3): Error -61 getting encryption context
[  678.520259][T11851] fscrypt (loop1, inode 3): Error -61 getting encryption context
[  678.529944][T11851] fscrypt (loop1, inode 3): Error -61 getting encryption context
[  679.335192][  T299] usb 2-1: string descriptor 0 read error: -71
[  679.344408][  T299] usb 2-1: USB disconnect, device number 34
[  679.379910][T11897] loop0: detected capacity change from 0 to 40427
[  679.501229][T11901] loop4: detected capacity change from 0 to 256
[  679.615193][T11897] F2FS-fs (loop0): invalid crc value
[  679.683248][T11897] F2FS-fs (loop0): Found nat_bits in checkpoint
[  679.735672][T11897] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  679.836452][T11910] loop1: detected capacity change from 0 to 256
[  679.877727][   T60] Bluetooth: hci0: command 0x1003 tx timeout
[  679.883743][ T3772] Bluetooth: hci0: sending frame failed (-49)
[  679.902695][T11897] overlayfs: failed to resolve './file1': -2
[  679.943067][ T4602] attempt to access beyond end of device
[  679.943067][ T4602] loop0: rw=2049, want=45112, limit=40427
[  679.970208][T11908] loop3: detected capacity change from 0 to 40427
[  680.017239][T11908] F2FS-fs (loop3): invalid crc value
[  680.023405][T11908] F2FS-fs (loop3): Found nat_bits in checkpoint
[  680.058783][T11908] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  680.316229][T11908] overlayfs: failed to resolve './file1': -2
[  680.330766][ T9575] attempt to access beyond end of device
[  680.330766][ T9575] loop3: rw=2049, want=45112, limit=40427
[  680.377138][T11923] loop4: detected capacity change from 0 to 2048
[  680.417734][T11923] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  680.892243][T11934] fuse: Unknown parameter 'grou00000000000000000000'
[  682.441275][   T26] Bluetooth: hci0: command 0x1001 tx timeout
[  682.447204][ T3772] Bluetooth: hci0: sending frame failed (-49)
[  682.625975][T11957] loop3: detected capacity change from 0 to 256
[  683.031165][T11965] loop0: detected capacity change from 0 to 40427
[  683.040643][T11973] loop1: detected capacity change from 0 to 256
[  683.087052][T11965] F2FS-fs (loop0): invalid crc value
[  683.093207][T11965] F2FS-fs (loop0): Found nat_bits in checkpoint
[  683.115410][T11965] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  683.239698][T11977] loop4: detected capacity change from 0 to 256
[  683.917698][T11965] overlayfs: failed to resolve './file1': -2
[  683.953025][ T4602] attempt to access beyond end of device
[  683.953025][ T4602] loop0: rw=2049, want=45112, limit=40427
[  684.158816][T11990] fuse: Unknown parameter 'grou00000000000000000000'
[  684.515199][   T26] Bluetooth: hci0: command 0x1009 tx timeout
[  685.595255][T12011] loop4: detected capacity change from 0 to 512
[  685.621041][T12011] FAT-fs (loop4): bogus logical sector size 0
[  685.627358][T12011] FAT-fs (loop4): Can't find a valid FAT filesystem
[  685.885901][T12010] loop1: detected capacity change from 0 to 256
[  685.896418][T12014] loop3: detected capacity change from 0 to 256
[  686.085039][T12016] loop0: detected capacity change from 0 to 2048
[  686.127000][T12016] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  686.380502][T12025] loop3: detected capacity change from 0 to 256
[  686.591303][T12032] loop4: detected capacity change from 0 to 512
[  687.063671][T12036] loop1: detected capacity change from 0 to 256
[  687.184582][T12032] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz-executor.4: inode #1: comm syz-executor.4: iget: illegal inode #
[  687.199358][T12032] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz-executor.4: error while reading EA inode 1 err=-117
[  687.320799][T12032] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz-executor.4: inode #1: comm syz-executor.4: iget: illegal inode #
[  687.375588][T12032] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz-executor.4: error while reading EA inode 1 err=-117
[  687.391489][T12032] EXT4-fs (loop4): 1 orphan inode deleted
[  687.397467][T12032] EXT4-fs (loop4): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_dev=0x0000000000008000,debug_want_extra_isize=0x000000000000005c,minixdf,resgid=0x0000000000000000,grpquota,usrjquota=,,errors=continue. Quota mode: writeback.
[  687.525369][T12039] loop3: detected capacity change from 0 to 40427
[  687.661672][T12047] loop1: detected capacity change from 0 to 256
[  687.764747][T12039] F2FS-fs (loop3): invalid crc value
[  687.771356][T12039] F2FS-fs (loop3): Found nat_bits in checkpoint
[  687.796050][T12039] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  687.890087][T12039] overlayfs: failed to resolve './file1': -2
[  687.914470][ T9575] attempt to access beyond end of device
[  687.914470][ T9575] loop3: rw=2049, want=45112, limit=40427
[  687.980469][T12053] fuse: Unknown parameter 'grou00000000000000000000'
[  688.330987][   T30] audit: type=1400 audit(1718810281.930:3245): avc:  denied  { block_suspend } for  pid=12059 comm="syz-executor.1" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  688.509278][T12071] loop0: detected capacity change from 0 to 512
[  688.606514][T12073] loop1: detected capacity change from 0 to 256
[  688.613376][T12071] FAT-fs (loop0): bogus logical sector size 0
[  688.619316][T12071] FAT-fs (loop0): Can't find a valid FAT filesystem
[  689.097815][T12077] loop4: detected capacity change from 0 to 256
[  689.224472][T12081] loop2: detected capacity change from 0 to 256
[  689.255615][T12083] loop0: detected capacity change from 0 to 2048
[  689.298537][T12083] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  689.358118][T12092] loop3: detected capacity change from 0 to 256
[  690.086901][T12096] loop1: detected capacity change from 0 to 256
[  690.602811][T12105] fuse: Bad value for 'fd'
[  691.131914][T12115] fuse: Unknown parameter 'grou00000000000000000000'
[  691.742927][T12114] bridge0: port 1(bridge_slave_0) entered blocking state
[  691.749945][T12114] bridge0: port 1(bridge_slave_0) entered disabled state
[  691.774376][T12114] device bridge_slave_0 entered promiscuous mode
[  691.781439][T12114] bridge0: port 2(bridge_slave_1) entered blocking state
[  691.788434][T12114] bridge0: port 2(bridge_slave_1) entered disabled state
[  691.795753][T12114] device bridge_slave_1 entered promiscuous mode
[  691.861368][T12114] bridge0: port 2(bridge_slave_1) entered blocking state
[  691.868268][T12114] bridge0: port 2(bridge_slave_1) entered forwarding state
[  691.875373][T12114] bridge0: port 1(bridge_slave_0) entered blocking state
[  691.882115][T12114] bridge0: port 1(bridge_slave_0) entered forwarding state
[  691.918598][ T7257] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  691.926557][ T7257] bridge0: port 1(bridge_slave_0) entered disabled state
[  691.934028][ T7257] bridge0: port 2(bridge_slave_1) entered disabled state
[  692.006355][T12134] loop1: detected capacity change from 0 to 256
[  692.006789][T12135] loop0: detected capacity change from 0 to 512
[  692.063006][T12135] FAT-fs (loop0): bogus logical sector size 0
[  692.069286][T12135] FAT-fs (loop0): Can't find a valid FAT filesystem
[  692.253944][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  692.265976][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  692.274636][   T39] bridge0: port 1(bridge_slave_0) entered blocking state
[  692.281674][   T39] bridge0: port 1(bridge_slave_0) entered forwarding state
[  692.301301][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  692.309804][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  692.317935][  T358] bridge0: port 2(bridge_slave_1) entered blocking state
[  692.324811][  T358] bridge0: port 2(bridge_slave_1) entered forwarding state
[  692.332231][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  692.340604][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  692.348561][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  692.356707][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  692.376687][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  692.385075][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  692.396134][T12114] device veth0_vlan entered promiscuous mode
[  692.408578][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  692.416344][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  692.425800][T12114] device veth1_macvtap entered promiscuous mode
[  692.432750][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  692.440414][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  692.448078][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  692.456069][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  692.464095][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  692.475549][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  692.483719][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  692.493610][ T7257] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  692.501841][ T7257] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  692.510679][  T688] device bridge_slave_1 left promiscuous mode
[  692.516831][  T688] bridge0: port 2(bridge_slave_1) entered disabled state
[  692.524253][  T688] device bridge_slave_0 left promiscuous mode
[  692.530256][  T688] bridge0: port 1(bridge_slave_0) entered disabled state
[  692.538391][  T688] device veth1_macvtap left promiscuous mode
[  692.544316][  T688] device veth0_vlan left promiscuous mode
[  692.996414][T12145] loop1: detected capacity change from 0 to 256
[  692.996513][T12146] loop0: detected capacity change from 0 to 256
[  694.297118][T12163] fuse: Bad value for 'fd'
[  694.638472][T12165] loop0: detected capacity change from 0 to 256
[  694.903799][T12161] loop1: detected capacity change from 0 to 2048
[  695.067595][T12161] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  695.785255][T12179] fuse: Unknown parameter 'grou00000000000000000000'
[  696.308286][T12182] loop0: detected capacity change from 0 to 256
[  696.344435][T12181] fuse: Unknown parameter 'group_i00000000000000000000'
[  696.762943][T12200] loop2: detected capacity change from 0 to 512
[  696.787124][T12200] FAT-fs (loop2): bogus logical sector size 0
[  696.793153][T12200] FAT-fs (loop2): Can't find a valid FAT filesystem
[  696.938259][T12202] loop0: detected capacity change from 0 to 256
[  697.020695][T12204] loop4: detected capacity change from 0 to 256
[  697.030938][T12206] loop3: detected capacity change from 0 to 256
[  697.455618][  T358] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  697.963562][T12217] fuse: Bad value for 'fd'
[  698.462963][T12225] fuse: Unknown parameter 'grou00000000000000000000'
[  698.484078][T12227] loop3: detected capacity change from 0 to 256
[  699.264577][  T358] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  699.305131][  T358] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  699.314998][  T358] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  699.328146][  T358] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  699.336788][  T358] usb 2-1: config 0 descriptor??
[  699.518624][T12240] fuse: Unknown parameter 'group_i00000000000000000000'
[  699.934872][T12247] fuse: Unknown parameter 'group_i00000000000000000000'
[  700.149811][T12249] loop0: detected capacity change from 0 to 256
[  700.342734][T12258] loop4: detected capacity change from 0 to 512
[  700.355222][  T358] usb 2-1: string descriptor 0 read error: -71
[  700.375216][  T358] uclogic 0003:256C:006D.0081: failed retrieving string descriptor #200: -71
[  700.385637][  T358] uclogic 0003:256C:006D.0081: failed retrieving pen parameters: -71
[  700.415887][  T358] uclogic 0003:256C:006D.0081: failed probing pen v2 parameters: -71
[  700.424112][  T358] uclogic 0003:256C:006D.0081: failed probing parameters: -71
[  700.481274][T12261] loop0: detected capacity change from 0 to 512
[  700.490311][T12258] FAT-fs (loop4): bogus logical sector size 0
[  700.496476][T12258] FAT-fs (loop4): Can't find a valid FAT filesystem
[  700.504463][  T358] uclogic: probe of 0003:256C:006D.0081 failed with error -71
[  700.516157][  T358] usb 2-1: USB disconnect, device number 35
[  700.546283][T12261] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz-executor.0: inode #1: comm syz-executor.0: iget: illegal inode #
[  700.560936][T12261] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz-executor.0: error while reading EA inode 1 err=-117
[  700.573731][T12261] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz-executor.0: inode #1: comm syz-executor.0: iget: illegal inode #
[  700.587618][T12261] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz-executor.0: error while reading EA inode 1 err=-117
[  700.600377][T12261] EXT4-fs (loop0): 1 orphan inode deleted
[  700.606135][T12261] EXT4-fs (loop0): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_dev=0x0000000000008000,debug_want_extra_isize=0x000000000000005c,minixdf,resgid=0x0000000000000000,grpquota,usrjquota=,,errors=continue. Quota mode: writeback.
[  701.549570][T12290] loop4: detected capacity change from 0 to 256
[  702.019028][T12298] fuse: Unknown parameter 'group_i00000000000000000000'
[  703.051705][T12306] loop4: detected capacity change from 0 to 256
[  703.129539][T12309] fuse: Unknown parameter 'group_i00000000000000000000'
[  703.148272][  T358] Bluetooth: hci0: command 0x1003 tx timeout
[  703.181301][ T3772] Bluetooth: hci0: sending frame failed (-49)
[  703.419823][T12318] loop1: detected capacity change from 0 to 2048
[  703.482814][T12320] loop2: detected capacity change from 0 to 512
[  703.493383][T12318] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  703.515904][T12320] FAT-fs (loop2): bogus logical sector size 0
[  703.521795][T12320] FAT-fs (loop2): Can't find a valid FAT filesystem
[  704.214544][T12332] loop2: detected capacity change from 0 to 256
[  704.668853][T12344] loop4: detected capacity change from 0 to 256
[  705.280300][T12357] loop2: detected capacity change from 0 to 256
[  705.462984][ T1131] Bluetooth: hci0: command 0x1001 tx timeout
[  705.486850][ T3772] Bluetooth: hci0: sending frame failed (-49)
[  705.510246][T12359] fuse: Unknown parameter 'group_i00000000000000000000'
[  705.882167][T12367] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  705.890962][T12367] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  706.141968][T12375] loop2: detected capacity change from 0 to 512
[  706.194072][T12375] FAT-fs (loop2): bogus logical sector size 0
[  706.200214][T12375] FAT-fs (loop2): Can't find a valid FAT filesystem
[  706.445920][T12367] loop1: detected capacity change from 0 to 131072
[  706.486594][T12367] F2FS-fs (loop1): invalid crc_offset: 0
[  706.493528][T12367] F2FS-fs (loop1): Found nat_bits in checkpoint
[  706.519941][T12367] F2FS-fs (loop1): Mounted with checkpoint version = 753bd00b
[  706.538101][T12367] fscrypt (loop1, inode 3): Error -61 getting encryption context
[  706.559664][T12382] loop4: detected capacity change from 0 to 2048
[  706.596790][T12382] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  706.815155][  T366] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[  706.864633][T12390] loop2: detected capacity change from 0 to 256
[  706.937717][T12392] loop3: detected capacity change from 0 to 256
[  707.445284][  T366] usb 2-1: config 27 has an invalid interface number: 110 but max is 0
[  707.453454][  T366] usb 2-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  707.463754][  T366] usb 2-1: config 27 has no interface number 0
[  707.469855][  T366] usb 2-1: too many endpoints for config 27 interface 110 altsetting 111: 61, using maximum allowed: 30
[  707.481154][  T366] usb 2-1: config 27 interface 110 altsetting 111 has 0 endpoint descriptors, different from the interface descriptor's value: 61
[  707.494342][  T366] usb 2-1: config 27 interface 110 has no altsetting 0
[  707.501271][  T366] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  707.510323][  T366] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  707.565216][  T358] Bluetooth: hci0: command 0x1009 tx timeout
[  707.755981][T12367] fscrypt (loop1, inode 3): Error -61 getting encryption context
[  707.765323][T12367] fscrypt (loop1, inode 3): Error -61 getting encryption context
[  707.976672][T12409] loop2: detected capacity change from 0 to 256
[  708.415226][  T366] usb 2-1: string descriptor 0 read error: -71
[  708.423394][  T366] usb 2-1: USB disconnect, device number 36
[  708.620370][T12418] loop4: detected capacity change from 0 to 256
[  711.152369][T12442] loop4: detected capacity change from 0 to 512
[  711.220367][T12445] loop2: detected capacity change from 0 to 256
[  711.255451][T12442] FAT-fs (loop4): bogus logical sector size 0
[  711.261371][T12442] FAT-fs (loop4): Can't find a valid FAT filesystem
[  711.430574][T12447] loop0: detected capacity change from 0 to 256
[  711.495176][  T299] usb 4-1: new high-speed USB device number 44 using dummy_hcd
[  712.025265][  T299] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  712.036222][  T299] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  712.045940][  T299] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  712.054886][  T299] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  712.064496][  T299] usb 4-1: config 0 descriptor??
[  712.174888][T12462] loop2: detected capacity change from 0 to 256
[  712.990863][T12477] loop4: detected capacity change from 0 to 256
[  713.220962][T12479] loop2: detected capacity change from 0 to 256
[  713.465205][  T299] usb 4-1: string descriptor 0 read error: -71
[  713.495262][  T299] uclogic 0003:256C:006D.0082: failed retrieving string descriptor #200: -71
[  713.504125][  T299] uclogic 0003:256C:006D.0082: failed retrieving pen parameters: -71
[  713.512020][  T299] uclogic 0003:256C:006D.0082: failed probing pen v2 parameters: -71
[  713.519930][  T299] uclogic 0003:256C:006D.0082: failed probing parameters: -71
[  713.527266][  T299] uclogic: probe of 0003:256C:006D.0082 failed with error -71
[  713.865001][T12483] loop0: detected capacity change from 0 to 256
[  713.932917][  T299] usb 4-1: USB disconnect, device number 44
[  713.973214][T12487] loop1: detected capacity change from 0 to 2048
[  714.037101][T12487] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  714.958754][T12498] loop2: detected capacity change from 0 to 256
[  715.690647][T12501] loop0: detected capacity change from 0 to 256
[  716.406529][T12507] loop3: detected capacity change from 0 to 256
[  716.629086][T12509] loop4: detected capacity change from 0 to 256
[  717.623150][T12518] loop2: detected capacity change from 0 to 256
[  717.927752][T12523] loop3: detected capacity change from 0 to 256
[  718.726524][T12535] loop4: detected capacity change from 0 to 256
[  718.803601][T12536] loop1: detected capacity change from 0 to 256
[  718.830973][   T60] usb 1-1: new high-speed USB device number 46 using dummy_hcd
[  719.127898][T12543] loop3: detected capacity change from 0 to 256
[  719.693509][T12550] loop1: detected capacity change from 0 to 256
[  720.044058][T12552] loop4: detected capacity change from 0 to 256
[  720.695221][   T60] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  720.714014][   T60] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  720.729092][T12559] loop2: detected capacity change from 0 to 256
[  720.760271][   T60] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  720.769004][   T60] usb 1-1: config 0 descriptor??
[  721.022018][T12561] loop3: detected capacity change from 0 to 256
[  722.367131][T12572] loop1: detected capacity change from 0 to 256
[  722.632875][T12575] loop2: detected capacity change from 0 to 2048
[  722.640020][T12577] syz-executor.4[12577] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  722.640096][T12577] syz-executor.4[12577] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  722.707027][T12575] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  722.765176][   T60] usbhid 1-1:0.0: can't add hid device: -71
[  722.771242][   T60] usbhid: probe of 1-1:0.0 failed with error -71
[  723.003846][T12585] loop0: detected capacity change from 0 to 256
[  723.011084][T12587] fuse: Bad value for 'fd'
[  723.029555][   T60] usb 1-1: USB disconnect, device number 46
[  724.056845][T12595] loop3: detected capacity change from 0 to 256
[  724.080398][T12596] loop1: detected capacity change from 0 to 256
[  724.347025][T12610] loop1: detected capacity change from 0 to 256
[  724.835496][T12615] loop0: detected capacity change from 0 to 256
[  725.060722][T12617] loop3: detected capacity change from 0 to 256
[  725.464364][T12624] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'.
[  725.517056][T12623] loop4: detected capacity change from 0 to 256
[  726.601451][T12637] loop1: detected capacity change from 0 to 256
[  726.956827][T12639] loop2: detected capacity change from 0 to 256
[  727.335150][ T7257] usb 1-1: new high-speed USB device number 47 using dummy_hcd
[  727.485196][T12650] loop4: detected capacity change from 0 to 512
[  727.705847][T12650] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz-executor.4: inode #1: comm syz-executor.4: iget: illegal inode #
[  727.720386][T12650] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz-executor.4: error while reading EA inode 1 err=-117
[  727.734264][T12650] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz-executor.4: inode #1: comm syz-executor.4: iget: illegal inode #
[  727.748080][T12650] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz-executor.4: error while reading EA inode 1 err=-117
[  727.761057][T12650] EXT4-fs (loop4): 1 orphan inode deleted
[  727.766823][T12650] EXT4-fs (loop4): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_dev=0x0000000000008000,debug_want_extra_isize=0x000000000000005c,minixdf,resgid=0x0000000000000000,grpquota,usrjquota=,,errors=continue. Quota mode: writeback.
[  727.881398][T12658] loop2: detected capacity change from 0 to 256
[  728.065239][ T7257] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  728.076109][ T7257] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  728.085217][ T7257] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  728.115283][ T7257] usb 1-1: config 0 descriptor??
[  728.557923][T12666] loop1: detected capacity change from 0 to 256
[  728.645737][ T7257] keytouch 0003:0926:3333.0083: fixing up Keytouch IEC report descriptor
[  728.655956][ T7257] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.0083/input/input72
[  728.736806][ T7257] keytouch 0003:0926:3333.0083: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0
[  728.810674][T12670] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'.
[  728.855686][  T358] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[  729.118342][T12674] loop3: detected capacity change from 0 to 256
[  729.240196][T12675] UDC core: couldn't find an available UDC or it's busy: -16
[  729.248168][  T358] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  729.248234][  T358] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  729.248324][  T358] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  729.248371][  T358] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  729.249316][  T358] usb 3-1: config 0 descriptor??
[  729.272411][T12675] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  729.421143][T12678] loop1: detected capacity change from 0 to 2048
[  729.486997][T12678] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  729.555241][   T60] Bluetooth: hci0: command 0x1003 tx timeout
[  729.561140][ T3772] Bluetooth: hci0: sending frame failed (-49)
[  729.699201][   T60] usb 1-1: USB disconnect, device number 47
[  729.775620][  T358] keytouch 0003:0926:3333.0084: fixing up Keytouch IEC report descriptor
[  729.784695][  T358] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.0084/input/input73
[  729.876360][  T358] keytouch 0003:0926:3333.0084: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0
[  729.981852][T12668] UDC core: couldn't find an available UDC or it's busy: -16
[  729.989266][T12668] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  729.996894][   T60] usb 3-1: USB disconnect, device number 37
[  730.467031][T12694] loop0: detected capacity change from 0 to 256
[  730.726869][T12696] loop1: detected capacity change from 0 to 256
[  731.579938][T12706] loop2: detected capacity change from 0 to 256
[  731.908638][   T26] Bluetooth: hci0: command 0x1001 tx timeout
[  731.916030][ T3772] Bluetooth: hci0: sending frame failed (-49)
[  731.986920][T12714] loop3: detected capacity change from 0 to 256
[  733.436104][T12732] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'.
[  734.115710][T12734] loop2: detected capacity change from 0 to 256
[  734.848081][T12733] loop0: detected capacity change from 0 to 256
[  734.916800][  T776] Bluetooth: hci0: command 0x1009 tx timeout
[  735.195268][   T20] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[  735.370570][T12747] loop0: detected capacity change from 0 to 256
[  735.561128][  T299] usb 4-1: new high-speed USB device number 45 using dummy_hcd
[  735.805225][   T20] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  735.816743][   T20] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  735.826372][   T20] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  735.835584][   T20] usb 2-1: config 0 descriptor??
[  735.935273][  T299] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  735.946865][  T299] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  735.957259][  T299] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  735.966775][  T299] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  735.975340][  T299] usb 4-1: config 0 descriptor??
[  736.241080][T12757] loop2: detected capacity change from 0 to 256
[  736.415731][   T20] keytouch 0003:0926:3333.0085: fixing up Keytouch IEC report descriptor
[  736.424744][   T20] input: HID 0926:3333 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0926:3333.0085/input/input74
[  736.495563][  T299] keytouch 0003:0926:3333.0086: fixing up Keytouch IEC report descriptor
[  736.507002][   T20] keytouch 0003:0926:3333.0085: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.1-1/input0
[  736.519180][  T299] input: HID 0926:3333 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0926:3333.0086/input/input75
[  736.596688][  T299] keytouch 0003:0926:3333.0086: input,hidraw1: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.3-1/input0
[  736.699822][T12740] UDC core: couldn't find an available UDC or it's busy: -16
[  736.707283][T12740] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  736.715870][  T299] usb 4-1: USB disconnect, device number 45
[  736.976362][T12763] UDC core: couldn't find an available UDC or it's busy: -16
[  736.992323][T12763] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  737.215980][T12767] loop2: detected capacity change from 0 to 256
[  737.848641][T12773] loop3: detected capacity change from 0 to 256
[  738.008000][   T20] usb 2-1: USB disconnect, device number 37
[  738.213937][T12788] loop0: detected capacity change from 0 to 256
[  739.991702][T12804] loop3: detected capacity change from 0 to 256
[  740.197789][T12809] loop0: detected capacity change from 0 to 256
[  740.275298][T12811] fuse: Bad value for 'fd'
[  740.789650][   T30] audit: type=1400 audit(1718810334.390:3246): avc:  denied  { getattr } for  pid=12821 comm="syz-executor.3" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  740.818157][T12822] 9pnet: p9_client_clunk (12822): Trying to clunk with invalid fid
[  740.826102][T12822] CPU: 0 PID: 12822 Comm: syz-executor.3 Not tainted 5.15.149-syzkaller-00165-g85445b5a2107 #0
[  740.836248][T12822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  740.846155][T12822] Call Trace:
[  740.849266][T12822]  <TASK>
[  740.852051][T12822]  dump_stack_lvl+0x151/0x1b7
[  740.856659][T12822]  ? io_uring_drop_tctx_refs+0x190/0x190
[  740.862122][T12822]  ? avc_has_perm_noaudit+0x430/0x430
[  740.867333][T12822]  dump_stack+0x15/0x17
[  740.871333][T12822]  p9_client_clunk+0x2e2/0x3a0
[  740.876019][T12822]  ? v9fs_fid_lookup+0x118/0x160
[  740.880784][T12822]  v9fs_statfs+0x16d/0x4d0
[  740.885036][T12822]  ? selinux_sb_show_options+0x610/0x610
[  740.890677][T12822]  ? v9fs_drop_inode+0x130/0x130
[  740.895449][T12822]  vfs_statfs+0x15c/0x320
[  740.899617][T12822]  ovl_get_lowerstack+0x1ff/0x1fe0
[  740.904564][T12822]  ? ovl_get_workdir+0x102/0x1250
[  740.909424][T12822]  ? ovl_get_upper+0x5f0/0x5f0
[  740.914122][T12822]  ? ovl_get_workdir+0x1250/0x1250
[  740.919061][T12822]  ? __kasan_kmalloc+0x9/0x10
[  740.923574][T12822]  ? __kmalloc+0x13a/0x270
[  740.927829][T12822]  ? ovl_fill_super+0x14ed/0x2a70
[  740.932687][T12822]  ovl_fill_super+0x17af/0x2a70
[  740.937464][T12822]  ? ovl_mount+0x40/0x40
[  740.941556][T12822]  ? register_shrinker_prepared+0xd7/0x100
[  740.947182][T12822]  ? free_anon_bdev+0x30/0x30
[  740.951780][T12822]  ? ovl_mount+0x40/0x40
[  740.955860][T12822]  mount_nodev+0x57/0xf0
[  740.959941][T12822]  ovl_mount+0x2c/0x40
[  740.963842][T12822]  legacy_get_tree+0xf1/0x190
[  740.968363][T12822]  ? virtio_fs_request_complete+0xd70/0xd70
[  740.974092][T12822]  vfs_get_tree+0x88/0x290
[  740.978341][T12822]  do_new_mount+0x2ba/0xb30
[  740.982679][T12822]  ? do_move_mount_old+0x160/0x160
[  740.985155][ T8404] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  740.987641][T12822]  ? security_capable+0x87/0xb0
[  740.999955][T12822]  ? ns_capable+0x89/0xe0
[  741.004113][T12822]  path_mount+0x671/0x1070
[  741.008373][T12822]  __se_sys_mount+0x2c4/0x3b0
[  741.012881][T12822]  ? __x64_sys_mount+0xd0/0xd0
[  741.017484][T12822]  ? __kasan_check_read+0x11/0x20
[  741.022415][T12822]  __x64_sys_mount+0xbf/0xd0
[  741.026769][T12822]  do_syscall_64+0x3d/0xb0
[  741.031020][T12822]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  741.036757][T12822] RIP: 0033:0x7f36ea8fcf29
[  741.041001][T12822] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  741.060443][T12822] RSP: 002b:00007f36e9c770c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  741.068689][T12822] RAX: ffffffffffffffda RBX: 00007f36eaa33f80 RCX: 00007f36ea8fcf29
[  741.076498][T12822] RDX: 0000000020000340 RSI: 00000000200000c0 RDI: 0000000000000000
[  741.084311][T12822] RBP: 00007f36ea96c074 R08: 0000000020000080 R09: 0000000000000000
[  741.092126][T12822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  741.100037][T12822] R13: 000000000000000b R14: 00007f36eaa33f80 R15: 00007ffd5e2f6d18
[  741.107849][T12822]  </TASK>
[  741.113732][T12822] overlayfs: statfs failed on './file0'
[  741.160713][T12825] loop2: detected capacity change from 0 to 256
[  741.940738][T12839] loop3: detected capacity change from 0 to 256
[  741.949110][T12843] loop1: detected capacity change from 0 to 256
[  742.039053][   T26] usb 1-1: new high-speed USB device number 48 using dummy_hcd
[  742.162031][ T8404] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  742.173333][ T8404] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  742.183656][ T8404] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  742.192593][ T8404] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  742.201244][ T8404] usb 5-1: config 0 descriptor??
[  742.718612][   T26] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  742.729799][   T26] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  742.738856][   T26] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  742.751554][   T26] usb 1-1: config 0 descriptor??
[  743.358474][T12816] UDC core: couldn't find an available UDC or it's busy: -16
[  743.370235][T12816] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  743.416759][ T8404] keytouch 0003:0926:3333.0087: fixing up Keytouch IEC report descriptor
[  743.428182][ T8404] input: HID 0926:3333 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0926:3333.0087/input/input76
[  743.550201][ T8404] keytouch 0003:0926:3333.0087: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.4-1/input0
[  743.565611][ T8404] usb 5-1: USB disconnect, device number 39
[  743.574254][T12863] bridge0: port 1(bridge_slave_0) entered blocking state
[  743.581235][T12863] bridge0: port 1(bridge_slave_0) entered disabled state
[  743.588680][T12863] device bridge_slave_0 entered promiscuous mode
[  743.595673][T12863] bridge0: port 2(bridge_slave_1) entered blocking state
[  743.602611][T12863] bridge0: port 2(bridge_slave_1) entered disabled state
[  743.609966][T12863] device bridge_slave_1 entered promiscuous mode
[  743.680688][T12868] loop3: detected capacity change from 0 to 256
[  743.852871][   T26] keytouch 0003:0926:3333.0088: fixing up Keytouch IEC report descriptor
[  743.897551][   T26] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.0088/input/input77
[  743.926234][T12863] bridge0: port 2(bridge_slave_1) entered blocking state
[  743.933114][T12863] bridge0: port 2(bridge_slave_1) entered forwarding state
[  743.940228][T12863] bridge0: port 1(bridge_slave_0) entered blocking state
[  743.947086][T12863] bridge0: port 1(bridge_slave_0) entered forwarding state
[  743.975881][T12875] 9pnet: p9_client_clunk (12875): Trying to clunk with invalid fid
[  743.977491][   T26] keytouch 0003:0926:3333.0088: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0
[  743.983754][T12875] CPU: 0 PID: 12875 Comm: syz-executor.1 Not tainted 5.15.149-syzkaller-00165-g85445b5a2107 #0
[  744.005654][T12875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  744.015549][T12875] Call Trace:
[  744.016579][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  744.018667][T12875]  <TASK>
[  744.018678][T12875]  dump_stack_lvl+0x151/0x1b7
[  744.026361][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  744.028486][T12875]  ? io_uring_drop_tctx_refs+0x190/0x190
[  744.033337][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  744.040805][T12875]  ? avc_has_perm_noaudit+0x430/0x430
[  744.040839][T12875]  dump_stack+0x15/0x17
[  744.040856][T12875]  p9_client_clunk+0x2e2/0x3a0
[  744.068127][T12875]  ? v9fs_fid_lookup+0x118/0x160
[  744.072893][T12875]  v9fs_statfs+0x16d/0x4d0
[  744.077237][T12875]  ? selinux_sb_show_options+0x610/0x610
[  744.082705][T12875]  ? v9fs_drop_inode+0x130/0x130
[  744.087475][T12875]  vfs_statfs+0x15c/0x320
[  744.091729][T12875]  ovl_get_lowerstack+0x1ff/0x1fe0
[  744.096680][T12875]  ? ovl_get_workdir+0x102/0x1250
[  744.096706][T12875]  ? ovl_get_upper+0x5f0/0x5f0
[  744.106135][T12875]  ? ovl_get_workdir+0x1250/0x1250
[  744.111144][T12875]  ? __kasan_kmalloc+0x9/0x10
[  744.115624][T12875]  ? __kmalloc+0x13a/0x270
[  744.121405][T12875]  ? ovl_fill_super+0x14ed/0x2a70
[  744.126358][T12875]  ovl_fill_super+0x17af/0x2a70
[  744.131392][T12875]  ? ovl_mount+0x40/0x40
[  744.135467][T12875]  ? register_shrinker_prepared+0xd7/0x100
[  744.141197][T12875]  ? free_anon_bdev+0x30/0x30
[  744.145895][T12875]  ? ovl_mount+0x40/0x40
[  744.150088][T12875]  mount_nodev+0x57/0xf0
[  744.150120][T12875]  ovl_mount+0x2c/0x40
[  744.150135][T12875]  legacy_get_tree+0xf1/0x190
[  744.150153][T12875]  ? virtio_fs_request_complete+0xd70/0xd70
[  744.168294][T12875]  vfs_get_tree+0x88/0x290
[  744.172630][T12875]  do_new_mount+0x2ba/0xb30
[  744.176971][T12875]  ? do_move_mount_old+0x160/0x160
[  744.181922][T12875]  ? security_capable+0x87/0xb0
[  744.186605][T12875]  ? ns_capable+0x89/0xe0
[  744.190767][T12875]  path_mount+0x671/0x1070
[  744.195056][T12875]  __se_sys_mount+0x2c4/0x3b0
[  744.199634][T12875]  ? __x64_sys_mount+0xd0/0xd0
[  744.199663][T12875]  ? __kasan_check_read+0x11/0x20
[  744.209094][T12875]  __x64_sys_mount+0xbf/0xd0
[  744.213512][T12875]  do_syscall_64+0x3d/0xb0
[  744.217778][T12875]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  744.223488][T12875] RIP: 0033:0x7f39ee3daf29
[  744.227742][T12875] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  744.247579][T12875] RSP: 002b:00007f39ed7550c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  744.247607][T12875] RAX: ffffffffffffffda RBX: 00007f39ee511f80 RCX: 00007f39ee3daf29
[  744.247620][T12875] RDX: 0000000020000340 RSI: 00000000200000c0 RDI: 0000000000000000
[  744.271435][T12875] RBP: 00007f39ee44a074 R08: 0000000020000080 R09: 0000000000000000
[  744.279342][T12875] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  744.287241][T12875] R13: 000000000000000b R14: 00007f39ee511f80 R15: 00007ffccf198d98
[  744.295064][T12875]  </TASK>
[  744.298342][T12875] overlayfs: statfs failed on './file0'
[  744.306547][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  744.318890][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  744.497319][T12870] UDC core: couldn't find an available UDC or it's busy: -16
[  744.504631][T12870] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  744.647151][ T1131] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  744.655765][ T1131] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  744.694690][ T1131] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  744.703735][ T1131] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  744.716757][T12863] device veth0_vlan entered promiscuous mode
[  745.496406][T12890] loop1: detected capacity change from 0 to 256
[  745.966565][ T8404] usb 1-1: USB disconnect, device number 48
[  746.024308][T12863] device veth1_macvtap entered promiscuous mode
[  746.053699][ T1131] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  746.065793][ T1131] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  746.073961][ T1131] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  746.081787][ T1131] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  746.091011][ T1131] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  746.134794][ T1131] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  746.144163][ T1131] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  746.165752][T12899] loop4: detected capacity change from 0 to 256
[  746.586470][  T343] device bridge_slave_1 left promiscuous mode
[  746.626481][  T343] bridge0: port 2(bridge_slave_1) entered disabled state
[  746.698090][  T343] device bridge_slave_0 left promiscuous mode
[  746.730380][  T343] bridge0: port 1(bridge_slave_0) entered disabled state
[  746.732493][T12917] 9pnet: p9_client_clunk (12917): Trying to clunk with invalid fid
[  746.745312][T12917] CPU: 1 PID: 12917 Comm: syz-executor.1 Not tainted 5.15.149-syzkaller-00165-g85445b5a2107 #0
[  746.755792][T12917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  746.765698][T12917] Call Trace:
[  746.768811][T12917]  <TASK>
[  746.771594][T12917]  dump_stack_lvl+0x151/0x1b7
[  746.776235][T12917]  ? io_uring_drop_tctx_refs+0x190/0x190
[  746.781712][T12917]  ? avc_has_perm_noaudit+0x430/0x430
[  746.786910][T12917]  dump_stack+0x15/0x17
[  746.790904][T12917]  p9_client_clunk+0x2e2/0x3a0
[  746.795493][T12917]  ? v9fs_fid_lookup+0x118/0x160
[  746.800638][T12917]  v9fs_statfs+0x16d/0x4d0
[  746.804893][T12917]  ? selinux_sb_show_options+0x610/0x610
[  746.810360][T12917]  ? v9fs_drop_inode+0x130/0x130
[  746.815140][T12917]  vfs_statfs+0x15c/0x320
[  746.819305][T12917]  ovl_get_lowerstack+0x1ff/0x1fe0
[  746.824245][T12917]  ? ovl_get_workdir+0x102/0x1250
[  746.829106][T12917]  ? ovl_get_upper+0x5f0/0x5f0
[  746.833710][T12917]  ? ovl_get_workdir+0x1250/0x1250
[  746.838743][T12917]  ? __kasan_kmalloc+0x9/0x10
[  746.843249][T12917]  ? __kmalloc+0x13a/0x270
[  746.847677][T12917]  ? ovl_fill_super+0x14ed/0x2a70
[  746.852537][T12917]  ovl_fill_super+0x17af/0x2a70
[  746.857229][T12917]  ? ovl_mount+0x40/0x40
[  746.861316][T12917]  ? register_shrinker_prepared+0xd7/0x100
[  746.866949][T12917]  ? free_anon_bdev+0x30/0x30
[  746.871458][T12917]  ? ovl_mount+0x40/0x40
[  746.875537][T12917]  mount_nodev+0x57/0xf0
[  746.879615][T12917]  ovl_mount+0x2c/0x40
[  746.883521][T12917]  legacy_get_tree+0xf1/0x190
[  746.888033][T12917]  ? virtio_fs_request_complete+0xd70/0xd70
[  746.893762][T12917]  vfs_get_tree+0x88/0x290
[  746.898127][T12917]  do_new_mount+0x2ba/0xb30
[  746.902451][T12917]  ? do_move_mount_old+0x160/0x160
[  746.907388][T12917]  ? security_capable+0x87/0xb0
[  746.912078][T12917]  ? ns_capable+0x89/0xe0
[  746.916243][T12917]  path_mount+0x671/0x1070
[  746.920498][T12917]  __se_sys_mount+0x2c4/0x3b0
[  746.925009][T12917]  ? __x64_sys_mount+0xd0/0xd0
[  746.929605][T12917]  ? __kasan_check_read+0x11/0x20
[  746.934552][T12917]  __x64_sys_mount+0xbf/0xd0
[  746.938987][T12917]  do_syscall_64+0x3d/0xb0
[  746.943457][T12917]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  746.949172][T12917] RIP: 0033:0x7f39ee3daf29
[  746.953522][T12917] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  746.973037][T12917] RSP: 002b:00007f39ed7550c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  746.981280][T12917] RAX: ffffffffffffffda RBX: 00007f39ee511f80 RCX: 00007f39ee3daf29
[  746.989092][T12917] RDX: 0000000020000340 RSI: 00000000200000c0 RDI: 0000000000000000
[  746.997250][T12917] RBP: 00007f39ee44a074 R08: 0000000020000080 R09: 0000000000000000
[  747.005071][T12917] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  747.012958][T12917] R13: 000000000000000b R14: 00007f39ee511f80 R15: 00007ffccf198d98
[  747.020789][T12917]  </TASK>
[  747.025694][T12917] overlayfs: statfs failed on './file0'
[  747.033630][  T343] device veth1_macvtap left promiscuous mode
[  747.043871][  T343] device veth0_vlan left promiscuous mode
[  748.097242][T12934] 9pnet: p9_client_clunk (12934): Trying to clunk with invalid fid
[  748.105280][T12934] CPU: 0 PID: 12934 Comm: syz-executor.4 Not tainted 5.15.149-syzkaller-00165-g85445b5a2107 #0
[  748.115427][T12934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  748.125323][T12934] Call Trace:
[  748.128445][T12934]  <TASK>
[  748.131225][T12934]  dump_stack_lvl+0x151/0x1b7
[  748.135735][T12934]  ? io_uring_drop_tctx_refs+0x190/0x190
[  748.141207][T12934]  ? avc_has_perm_noaudit+0x430/0x430
[  748.146422][T12934]  dump_stack+0x15/0x17
[  748.150406][T12934]  p9_client_clunk+0x2e2/0x3a0
[  748.155010][T12934]  ? v9fs_fid_lookup+0x118/0x160
[  748.159790][T12934]  v9fs_statfs+0x16d/0x4d0
[  748.164036][T12934]  ? selinux_sb_show_options+0x610/0x610
[  748.169507][T12934]  ? v9fs_drop_inode+0x130/0x130
[  748.174468][T12934]  vfs_statfs+0x15c/0x320
[  748.178620][T12934]  ovl_get_lowerstack+0x1ff/0x1fe0
[  748.183568][T12934]  ? ovl_get_workdir+0x102/0x1250
[  748.188420][T12934]  ? ovl_get_upper+0x5f0/0x5f0
[  748.193024][T12934]  ? ovl_get_workdir+0x1250/0x1250
[  748.197974][T12934]  ? __kasan_kmalloc+0x9/0x10
[  748.202482][T12934]  ? __kmalloc+0x13a/0x270
[  748.206768][T12934]  ? ovl_fill_super+0x14ed/0x2a70
[  748.211598][T12934]  ovl_fill_super+0x17af/0x2a70
[  748.216291][T12934]  ? ovl_mount+0x40/0x40
[  748.220358][T12934]  ? register_shrinker_prepared+0xd7/0x100
[  748.226001][T12934]  ? free_anon_bdev+0x30/0x30
[  748.230516][T12934]  ? ovl_mount+0x40/0x40
[  748.234593][T12934]  mount_nodev+0x57/0xf0
[  748.238824][T12934]  ovl_mount+0x2c/0x40
[  748.242665][T12934]  legacy_get_tree+0xf1/0x190
[  748.247184][T12934]  ? virtio_fs_request_complete+0xd70/0xd70
[  748.252914][T12934]  vfs_get_tree+0x88/0x290
[  748.257165][T12934]  do_new_mount+0x2ba/0xb30
[  748.261944][T12934]  ? do_move_mount_old+0x160/0x160
[  748.266881][T12934]  ? security_capable+0x87/0xb0
[  748.271569][T12934]  ? ns_capable+0x89/0xe0
[  748.276252][T12934]  path_mount+0x671/0x1070
[  748.280514][T12934]  __se_sys_mount+0x2c4/0x3b0
[  748.285103][T12934]  ? __x64_sys_mount+0xd0/0xd0
[  748.289703][T12934]  ? __kasan_check_read+0x11/0x20
[  748.294564][T12934]  __x64_sys_mount+0xbf/0xd0
[  748.299174][T12934]  do_syscall_64+0x3d/0xb0
[  748.303417][T12934]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  748.309145][T12934] RIP: 0033:0x7fd5e2f7af29
[  748.313400][T12934] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  748.333042][T12934] RSP: 002b:00007fd5e22f50c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  748.341282][T12934] RAX: ffffffffffffffda RBX: 00007fd5e30b1f80 RCX: 00007fd5e2f7af29
[  748.349097][T12934] RDX: 0000000020000340 RSI: 00000000200000c0 RDI: 0000000000000000
[  748.357078][T12934] RBP: 00007fd5e2fea074 R08: 0000000020000080 R09: 0000000000000000
[  748.364890][T12934] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  748.372710][T12934] R13: 000000000000004d R14: 00007fd5e30b1f80 R15: 00007ffff9bd2ed8
[  748.380524][T12934]  </TASK>
[  748.422190][T12934] overlayfs: statfs failed on './file0'
[  748.643407][T12941] loop0: detected capacity change from 0 to 256
[  748.651980][T12944] loop1: detected capacity change from 0 to 256
[  748.658600][ T1131] usb 4-1: new high-speed USB device number 46 using dummy_hcd
[  749.003189][T12952] loop1: detected capacity change from 0 to 256
[  749.816792][T12957] loop4: detected capacity change from 0 to 256
[  750.083935][ T1131] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  750.189831][ T1131] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  750.198891][ T1131] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  750.238129][ T1131] usb 4-1: config 0 descriptor??
[  750.899955][T12971] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'.
[  751.716558][T12972] loop2: detected capacity change from 0 to 256
[  752.023691][ T1131] usb 4-1: can't set config #0, error -71
[  752.425281][T12987] loop3: detected capacity change from 0 to 256
[  752.994670][ T1131] usb 4-1: USB disconnect, device number 46
[  753.160436][T12993] 9pnet: p9_client_clunk (12993): Trying to clunk with invalid fid
[  753.174333][T12993] CPU: 0 PID: 12993 Comm: syz-executor.1 Not tainted 5.15.149-syzkaller-00165-g85445b5a2107 #0
[  753.184677][T12993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  753.194575][T12993] Call Trace:
[  753.197690][T12993]  <TASK>
[  753.200523][T12993]  dump_stack_lvl+0x151/0x1b7
[  753.205070][T12993]  ? io_uring_drop_tctx_refs+0x190/0x190
[  753.210542][T12993]  ? avc_has_perm_noaudit+0x430/0x430
[  753.215748][T12993]  dump_stack+0x15/0x17
[  753.219734][T12993]  p9_client_clunk+0x2e2/0x3a0
[  753.224452][T12993]  ? v9fs_fid_lookup+0x118/0x160
[  753.229211][T12993]  v9fs_statfs+0x16d/0x4d0
[  753.233452][T12993]  ? selinux_sb_show_options+0x610/0x610
[  753.238929][T12993]  ? v9fs_drop_inode+0x130/0x130
[  753.243786][T12993]  vfs_statfs+0x15c/0x320
[  753.247952][T12993]  ovl_get_lowerstack+0x1ff/0x1fe0
[  753.252893][T12993]  ? ovl_get_workdir+0x102/0x1250
[  753.257752][T12993]  ? ovl_get_upper+0x5f0/0x5f0
[  753.262351][T12993]  ? ovl_get_workdir+0x1250/0x1250
[  753.267305][T12993]  ? __kasan_kmalloc+0x9/0x10
[  753.271809][T12993]  ? __kmalloc+0x13a/0x270
[  753.276058][T12993]  ? ovl_fill_super+0x14ed/0x2a70
[  753.280920][T12993]  ovl_fill_super+0x17af/0x2a70
[  753.285641][T12993]  ? ovl_mount+0x40/0x40
[  753.289704][T12993]  ? register_shrinker_prepared+0xd7/0x100
[  753.295429][T12993]  ? free_anon_bdev+0x30/0x30
[  753.299933][T12993]  ? ovl_mount+0x40/0x40
[  753.304007][T12993]  mount_nodev+0x57/0xf0
[  753.308096][T12993]  ovl_mount+0x2c/0x40
[  753.311998][T12993]  legacy_get_tree+0xf1/0x190
[  753.316502][T12993]  ? virtio_fs_request_complete+0xd70/0xd70
[  753.322233][T12993]  vfs_get_tree+0x88/0x290
[  753.326495][T12993]  do_new_mount+0x2ba/0xb30
[  753.330836][T12993]  ? do_move_mount_old+0x160/0x160
[  753.335781][T12993]  ? security_capable+0x87/0xb0
[  753.340610][T12993]  ? ns_capable+0x89/0xe0
[  753.344712][T12993]  path_mount+0x671/0x1070
[  753.348966][T12993]  __se_sys_mount+0x2c4/0x3b0
[  753.353493][T12993]  ? __x64_sys_mount+0xd0/0xd0
[  753.358083][T12993]  ? __kasan_check_read+0x11/0x20
[  753.362946][T12993]  __x64_sys_mount+0xbf/0xd0
[  753.367367][T12993]  do_syscall_64+0x3d/0xb0
[  753.371618][T12993]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  753.377344][T12993] RIP: 0033:0x7f39ee3daf29
[  753.381602][T12993] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  753.401249][T12993] RSP: 002b:00007f39ed7550c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  753.409458][T12993] RAX: ffffffffffffffda RBX: 00007f39ee511f80 RCX: 00007f39ee3daf29
[  753.417271][T12993] RDX: 0000000020000340 RSI: 00000000200000c0 RDI: 0000000000000000
[  753.425087][T12993] RBP: 00007f39ee44a074 R08: 0000000020000080 R09: 0000000000000000
[  753.432900][T12993] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  753.440715][T12993] R13: 000000000000000b R14: 00007f39ee511f80 R15: 00007ffccf198d98
[  753.448522][T12993]  </TASK>
[  753.455284][T12993] overlayfs: statfs failed on './file0'
[  753.507745][T13002] loop4: detected capacity change from 0 to 256
[  754.216923][T13011] loop1: detected capacity change from 0 to 256
[  754.650719][T13014] loop4: detected capacity change from 0 to 256
[  754.980645][T13026] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'.
[  755.165707][T13027] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  755.275160][  T366] usb 1-1: new high-speed USB device number 49 using dummy_hcd
[  755.659952][T13043] 9pnet: p9_client_clunk (13043): Trying to clunk with invalid fid
[  755.667787][T13043] CPU: 0 PID: 13043 Comm: syz-executor.3 Not tainted 5.15.149-syzkaller-00165-g85445b5a2107 #0
[  755.677837][T13043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  755.687733][T13043] Call Trace:
[  755.690856][T13043]  <TASK>
[  755.693639][T13043]  dump_stack_lvl+0x151/0x1b7
[  755.698150][T13043]  ? io_uring_drop_tctx_refs+0x190/0x190
[  755.703624][T13043]  ? avc_has_perm_noaudit+0x430/0x430
[  755.708824][T13043]  dump_stack+0x15/0x17
[  755.712815][T13043]  p9_client_clunk+0x2e2/0x3a0
[  755.717415][T13043]  ? v9fs_fid_lookup+0x118/0x160
[  755.722276][T13043]  v9fs_statfs+0x16d/0x4d0
[  755.726528][T13043]  ? selinux_sb_show_options+0x610/0x610
[  755.731996][T13043]  ? v9fs_drop_inode+0x130/0x130
[  755.736772][T13043]  vfs_statfs+0x15c/0x320
[  755.740936][T13043]  ovl_get_lowerstack+0x1ff/0x1fe0
[  755.745893][T13043]  ? ovl_get_workdir+0x102/0x1250
[  755.750748][T13043]  ? ovl_get_upper+0x5f0/0x5f0
[  755.755365][T13043]  ? ovl_get_workdir+0x1250/0x1250
[  755.760294][T13043]  ? __kasan_kmalloc+0x9/0x10
[  755.764801][T13043]  ? __kmalloc+0x13a/0x270
[  755.769057][T13043]  ? ovl_fill_super+0x14ed/0x2a70
[  755.773961][T13043]  ovl_fill_super+0x17af/0x2a70
[  755.778608][T13043]  ? ovl_mount+0x40/0x40
[  755.782684][T13043]  ? register_shrinker_prepared+0xd7/0x100
[  755.788325][T13043]  ? free_anon_bdev+0x30/0x30
[  755.792836][T13043]  ? ovl_mount+0x40/0x40
[  755.796918][T13043]  mount_nodev+0x57/0xf0
[  755.800997][T13043]  ovl_mount+0x2c/0x40
[  755.804922][T13043]  legacy_get_tree+0xf1/0x190
[  755.809411][T13043]  ? virtio_fs_request_complete+0xd70/0xd70
[  755.815150][T13043]  vfs_get_tree+0x88/0x290
[  755.819490][T13043]  do_new_mount+0x2ba/0xb30
[  755.823833][T13043]  ? do_move_mount_old+0x160/0x160
[  755.828785][T13043]  ? security_capable+0x87/0xb0
[  755.833556][T13043]  ? ns_capable+0x89/0xe0
[  755.837718][T13043]  path_mount+0x671/0x1070
[  755.841973][T13043]  __se_sys_mount+0x2c4/0x3b0
[  755.846482][T13043]  ? __x64_sys_mount+0xd0/0xd0
[  755.851084][T13043]  ? __kasan_check_read+0x11/0x20
[  755.855971][T13043]  __x64_sys_mount+0xbf/0xd0
[  755.860370][T13043]  do_syscall_64+0x3d/0xb0
[  755.864621][T13043]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  755.870349][T13043] RIP: 0033:0x7f36ea8fcf29
[  755.874602][T13043] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  755.894131][T13043] RSP: 002b:00007f36e9c770c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  755.902377][T13043] RAX: ffffffffffffffda RBX: 00007f36eaa33f80 RCX: 00007f36ea8fcf29
[  755.910275][T13043] RDX: 0000000020000340 RSI: 00000000200000c0 RDI: 0000000000000000
[  755.918087][T13043] RBP: 00007f36ea96c074 R08: 0000000020000080 R09: 0000000000000000
[  755.925898][T13043] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  755.934229][T13043] R13: 000000000000000b R14: 00007f36eaa33f80 R15: 00007ffd5e2f6d18
[  755.942049][T13043]  </TASK>
[  755.946929][T13043] overlayfs: statfs failed on './file0'
[  756.115202][  T366] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  756.126006][  T366] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  756.134844][  T366] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  756.143572][  T366] usb 1-1: config 0 descriptor??
[  756.247097][T13059] loop2: detected capacity change from 0 to 1024
[  756.268609][T13059] EXT4-fs (loop2): mounted filesystem without journal. Opts: user_xattr,noquota,barrier=0x0000000000000002,jqfmt=vfsv1,block_validity,max_dir_size_kb=0x00000000000007b1,noquota,min_batch_time=0x0000000000000008,delalloc,user_xattr,quota,,errors=continue. Quota mode: writeback.
[  756.476153][   T30] audit: type=1400 audit(1718810350.070:3247): avc:  denied  { setattr } for  pid=13058 comm="syz-executor.2" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  756.625560][  T366] keytouch 0003:0926:3333.0089: fixing up Keytouch IEC report descriptor
[  756.635419][  T366] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.0089/input/input78
[  756.720477][  T366] keytouch 0003:0926:3333.0089: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0
[  757.686480][T13095] loop2: detected capacity change from 0 to 256
[  757.728815][T13096] UDC core: couldn't find an available UDC or it's busy: -16
[  757.754309][T13096] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  757.764960][T13063] loop3: detected capacity change from 0 to 131072
[  757.805951][T13063] F2FS-fs (loop3): Unrecognized mount option "Í" or missing value
[  757.965859][   T39] usb 1-1: USB disconnect, device number 49
[  758.250233][T13111] loop4: detected capacity change from 0 to 256
[  758.493069][T13116] loop2: detected capacity change from 0 to 1024
[  758.567049][T13116] EXT4-fs (loop2): mounted filesystem without journal. Opts: user_xattr,noquota,barrier=0x0000000000000002,jqfmt=vfsv1,block_validity,max_dir_size_kb=0x00000000000007b1,noquota,min_batch_time=0x0000000000000008,delalloc,user_xattr,quota,,errors=continue. Quota mode: writeback.
[  759.657755][   T39] usb 4-1: new high-speed USB device number 47 using dummy_hcd
[  759.673295][T13135] loop4: detected capacity change from 0 to 256
[  859.675217][    C0] rcu: INFO: rcu_preempt self-detected stall on CPU
[  859.682307][    C0] rcu: 	0-...!: (10000 ticks this GP) idle=0b3/1/0x4000000000000000 softirq=62199/62199 fqs=0 last_accelerate: b342/da54 dyntick_enabled: 1
[  859.698109][    C0] 	(t=10000 jiffies g=70417 q=87)
[  859.703565][    C0] rcu: rcu_preempt kthread timer wakeup didn't happen for 9999 jiffies! g70417 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402
[  859.720233][    C0] rcu: 	Possible timer handling issue on cpu=0 timer-softirq=26971
[  859.730035][    C0] rcu: rcu_preempt kthread starved for 10000 jiffies! g70417 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=0
[  859.745861][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  859.757405][    C0] rcu: RCU grace-period kthread stack dump:
[  859.764036][    C0] task:rcu_preempt     state:I stack:28248 pid:   14 ppid:     2 flags:0x00004000
[  859.778814][    C0] Call Trace:
[  859.785351][    C0]  <TASK>
[  859.790549][    C0]  __schedule+0xccc/0x1590
[  859.795863][    C0]  ? __sched_text_start+0x8/0x8
[  859.804585][    C0]  ? __kasan_check_write+0x14/0x20
[  859.811340][    C0]  schedule+0x11f/0x1e0
[  859.815957][    C0]  schedule_timeout+0x18c/0x370
[  859.821957][    C0]  ? _raw_spin_unlock_irq+0x4e/0x70
[  859.827874][    C0]  ? console_conditional_schedule+0x30/0x30
[  859.834628][    C0]  ? update_process_times+0x200/0x200
[  859.842461][    C0]  ? prepare_to_swait_event+0x308/0x320
[  859.849257][    C0]  rcu_gp_fqs_loop+0x2af/0xf80
[  859.854021][    C0]  ? debug_smp_processor_id+0x17/0x20
[  859.859652][    C0]  ? __note_gp_changes+0x4ab/0x920
[  859.864779][    C0]  ? rcu_gp_init+0xc30/0xc30
[  859.869617][    C0]  ? _raw_spin_unlock_irq+0x4e/0x70
[  859.876194][    C0]  ? rcu_gp_init+0x9cf/0xc30
[  859.884746][    C0]  rcu_gp_kthread+0xa4/0x350
[  859.891409][    C0]  ? _raw_spin_lock+0x1b0/0x1b0
[  859.897412][    C0]  ? wake_nocb_gp+0x1e0/0x1e0
[  859.902348][    C0]  ? __kasan_check_read+0x11/0x20
[  859.907817][    C0]  ? __kthread_parkme+0xb2/0x200
[  859.913147][    C0]  kthread+0x421/0x510
[  859.917402][    C0]  ? wake_nocb_gp+0x1e0/0x1e0
[  859.921930][    C0]  ? kthread_blkcg+0xd0/0xd0
[  859.926672][    C0]  ret_from_fork+0x1f/0x30
[  859.931014][    C0]  </TASK>
[  859.933871][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  859.940053][    C0] NMI backtrace for cpu 0
[  859.944203][    C0] CPU: 0 PID: 13132 Comm: syz-executor.0 Not tainted 5.15.149-syzkaller-00165-g85445b5a2107 #0
[  859.954971][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  859.965798][    C0] Call Trace:
[  859.969497][    C0]  <IRQ>
[  859.972275][    C0]  dump_stack_lvl+0x151/0x1b7
[  859.977243][    C0]  ? io_uring_drop_tctx_refs+0x190/0x190
[  859.982703][    C0]  dump_stack+0x15/0x17
[  859.987381][    C0]  nmi_cpu_backtrace+0x2f7/0x300
[  859.992999][    C0]  ? nmi_trigger_cpumask_backtrace+0x270/0x270
[  859.999244][    C0]  ? panic+0x751/0x751
[  860.003451][    C0]  ? arch_trigger_cpumask_backtrace+0x20/0x20
[  860.009502][    C0]  nmi_trigger_cpumask_backtrace+0x15d/0x270
[  860.015424][    C0]  ? arch_trigger_cpumask_backtrace+0x20/0x20
[  860.021415][    C0]  arch_trigger_cpumask_backtrace+0x10/0x20
[  860.027147][    C0]  rcu_check_gp_kthread_starvation+0x1e3/0x250
[  860.033223][    C0]  ? rcu_check_gp_kthread_expired_fqs_timer+0x18e/0x230
[  860.040141][    C0]  print_cpu_stall+0x310/0x5f0
[  860.044892][    C0]  rcu_sched_clock_irq+0x989/0x12f0
[  860.050141][    C0]  ? rcu_boost_kthread_setaffinity+0x340/0x340
[  860.056351][    C0]  ? hrtimer_run_queues+0x15f/0x440
[  860.061655][    C0]  update_process_times+0x198/0x200
[  860.067339][    C0]  tick_sched_timer+0x188/0x240
[  860.072590][    C0]  ? tick_setup_sched_timer+0x480/0x480
[  860.079727][    C0]  __hrtimer_run_queues+0x41a/0xad0
[  860.085102][    C0]  ? hrtimer_interrupt+0xaa0/0xaa0
[  860.094983][    C0]  ? clockevents_program_event+0x22f/0x300
[  860.102870][    C0]  ? ktime_get_update_offsets_now+0x2ba/0x2d0
[  860.110520][    C0]  hrtimer_interrupt+0x40c/0xaa0
[  860.117345][    C0]  __sysvec_apic_timer_interrupt+0xfd/0x3c0
[  860.125797][    C0]  sysvec_apic_timer_interrupt+0x95/0xc0
[  860.132643][    C0]  </IRQ>
[  860.135930][    C0]  <TASK>
[  860.138765][    C0]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  860.145281][    C0] RIP: 0010:kvm_wait+0x147/0x180
[  860.152079][    C0] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 4b 02 f3 03 fb f4 <e9> 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c
[  860.172769][    C0] RSP: 0018:ffffc90000a27960 EFLAGS: 00000246
[  860.178913][    C0] RAX: 0000000000000003 RBX: 1ffff92000144f30 RCX: ffffffff8154fb7f
[  860.188082][    C0] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff888121330c90
[  860.196472][    C0] RBP: ffffc90000a27a10 R08: dffffc0000000000 R09: ffffed1024266193
[  860.204868][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[  860.212790][    C0] R13: ffff888121330c90 R14: 0000000000000003 R15: 1ffff92000144f34
[  860.220948][    C0]  ? __pv_queued_spin_lock_slowpath+0x65f/0xc40
[  860.227713][    C0]  ? asm_common_interrupt+0x27/0x40
[  860.233010][    C0]  ? kvm_arch_para_hints+0x30/0x30
[  860.238064][    C0]  ? __pv_queued_spin_lock_slowpath+0x65f/0xc40
[  860.244425][    C0]  __pv_queued_spin_lock_slowpath+0x6bc/0xc40
[  860.250440][    C0]  ? do_syscall_64+0x49/0xb0
[  860.255165][    C0]  ? __pv_queued_spin_unlock_slowpath+0x310/0x310
[  860.261777][    C0]  ? __kasan_check_write+0x14/0x20
[  860.266864][    C0]  _raw_spin_lock_bh+0x139/0x1b0
[  860.272649][    C0]  ? _raw_spin_lock_irq+0x1b0/0x1b0
[  860.277784][    C0]  ? __local_bh_enable_ip+0x58/0x80
[  860.283038][    C0]  ? lock_sock_nested+0x266/0x300
[  860.288112][    C0]  ? unix_peer_get+0xe0/0xe0
[  860.292536][    C0]  sk_psock_link_pop+0x2e/0x170
[  860.298908][    C0]  ? unix_peer_get+0xe0/0xe0
[  860.304030][    C0]  sock_map_remove_links+0x25/0x570
[  860.310088][    C0]  ? __kasan_check_read+0x11/0x20
[  860.315198][    C0]  ? unix_peer_get+0xe0/0xe0
[  860.319709][    C0]  sock_map_close+0x2ac/0x4c0
[  860.325129][    C0]  ? sock_map_remove_links+0x570/0x570
[  860.331063][    C0]  ? rwsem_mark_wake+0x6b0/0x6b0
[  860.336094][    C0]  ? security_file_free+0xc6/0xe0
[  860.341213][    C0]  unix_release+0x82/0xc0
[  860.345359][    C0]  sock_close+0xdf/0x270
[  860.350032][    C0]  ? sock_mmap+0xa0/0xa0
[  860.354824][    C0]  __fput+0x3fe/0x910
[  860.358833][    C0]  ____fput+0x15/0x20
[  860.363334][    C0]  task_work_run+0x129/0x190
[  860.368121][    C0]  exit_to_user_mode_loop+0xc4/0xe0
[  860.373955][    C0]  exit_to_user_mode_prepare+0x5a/0xa0
[  860.380131][    C0]  syscall_exit_to_user_mode+0x26/0x160
[  860.385922][    C0]  do_syscall_64+0x49/0xb0
[  860.390372][    C0]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  860.396619][    C0] RIP: 0033:0x7f0c0e5eff29
[  860.402680][    C0] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  860.423731][    C0] RSP: 002b:00007ffe55709708 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  860.432513][    C0] RAX: 0000000000000000 RBX: 00000000000b9763 RCX: 00007f0c0e5eff29
[  860.440729][    C0] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  860.448858][    C0] RBP: ffffffffffffffff R08: 0000000000000001 R09: 0000000700000000
[  860.457559][    C0] R10: 00007f0c0e573000 R11: 0000000000000246 R12: 00007f0c0e726f80
[  860.471500][    C0] R13: 00007f0c0e726f8c R14: 0000000000000226 R15: 00007f0c0e728980
[  860.479964][    C0]  </TASK>
[  860.482903][    C0] NMI backtrace for cpu 0
[  860.487142][    C0] CPU: 0 PID: 13132 Comm: syz-executor.0 Not tainted 5.15.149-syzkaller-00165-g85445b5a2107 #0
[  860.497568][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  860.508682][    C0] Call Trace:
[  860.511971][    C0]  <IRQ>
[  860.514838][    C0]  dump_stack_lvl+0x151/0x1b7
[  860.519500][    C0]  ? io_uring_drop_tctx_refs+0x190/0x190
[  860.525189][    C0]  ? ttwu_do_wakeup+0x187/0x430
[  860.530696][    C0]  dump_stack+0x15/0x17
[  860.534924][    C0]  nmi_cpu_backtrace+0x2f7/0x300
[  860.539754][    C0]  ? nmi_trigger_cpumask_backtrace+0x270/0x270
[  860.545986][    C0]  ? _raw_spin_lock_irqsave+0xf9/0x210
[  860.551283][    C0]  ? _raw_spin_lock+0x1b0/0x1b0
[  860.556089][    C0]  ? arch_trigger_cpumask_backtrace+0x20/0x20
[  860.562397][    C0]  nmi_trigger_cpumask_backtrace+0x15d/0x270
[  860.571514][    C0]  ? arch_trigger_cpumask_backtrace+0x20/0x20
[  860.577640][    C0]  arch_trigger_cpumask_backtrace+0x10/0x20
[  860.583618][    C0]  rcu_dump_cpu_stacks+0x1d8/0x330
[  860.588825][    C0]  print_cpu_stall+0x315/0x5f0
[  860.594106][    C0]  rcu_sched_clock_irq+0x989/0x12f0
[  860.599976][    C0]  ? rcu_boost_kthread_setaffinity+0x340/0x340
[  860.607507][    C0]  ? hrtimer_run_queues+0x15f/0x440
[  860.613658][    C0]  update_process_times+0x198/0x200
[  860.619398][    C0]  tick_sched_timer+0x188/0x240
[  860.624549][    C0]  ? tick_setup_sched_timer+0x480/0x480
[  860.630549][    C0]  __hrtimer_run_queues+0x41a/0xad0
[  860.637542][    C0]  ? hrtimer_interrupt+0xaa0/0xaa0
[  860.645576][    C0]  ? clockevents_program_event+0x22f/0x300
[  860.657468][    C0]  ? ktime_get_update_offsets_now+0x2ba/0x2d0
[  860.665041][    C0]  hrtimer_interrupt+0x40c/0xaa0
[  860.669969][    C0]  __sysvec_apic_timer_interrupt+0xfd/0x3c0
[  860.677990][    C0]  sysvec_apic_timer_interrupt+0x95/0xc0
[  860.684292][    C0]  </IRQ>
[  860.687173][    C0]  <TASK>
[  860.689964][    C0]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  860.701710][    C0] RIP: 0010:kvm_wait+0x147/0x180
[  860.707881][    C0] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 4b 02 f3 03 fb f4 <e9> 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c
[  860.730333][    C0] RSP: 0018:ffffc90000a27960 EFLAGS: 00000246
[  860.736527][    C0] RAX: 0000000000000003 RBX: 1ffff92000144f30 RCX: ffffffff8154fb7f
[  860.744440][    C0] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff888121330c90
[  860.754181][    C0] RBP: ffffc90000a27a10 R08: dffffc0000000000 R09: ffffed1024266193
[  860.762760][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[  860.771372][    C0] R13: ffff888121330c90 R14: 0000000000000003 R15: 1ffff92000144f34
[  860.779668][    C0]  ? __pv_queued_spin_lock_slowpath+0x65f/0xc40
[  860.786481][    C0]  ? asm_common_interrupt+0x27/0x40
[  860.791571][    C0]  ? kvm_arch_para_hints+0x30/0x30
[  860.796757][    C0]  ? __pv_queued_spin_lock_slowpath+0x65f/0xc40
[  860.804309][    C0]  __pv_queued_spin_lock_slowpath+0x6bc/0xc40
[  860.810711][    C0]  ? do_syscall_64+0x49/0xb0
[  860.815268][    C0]  ? __pv_queued_spin_unlock_slowpath+0x310/0x310
[  860.821844][    C0]  ? __kasan_check_write+0x14/0x20
[  860.827766][    C0]  _raw_spin_lock_bh+0x139/0x1b0
[  860.833750][    C0]  ? _raw_spin_lock_irq+0x1b0/0x1b0
[  860.840003][    C0]  ? __local_bh_enable_ip+0x58/0x80
[  860.845216][    C0]  ? lock_sock_nested+0x266/0x300
[  860.851186][    C0]  ? unix_peer_get+0xe0/0xe0
[  860.856015][    C0]  sk_psock_link_pop+0x2e/0x170
[  860.860869][    C0]  ? unix_peer_get+0xe0/0xe0
[  860.865665][    C0]  sock_map_remove_links+0x25/0x570
[  860.870986][    C0]  ? __kasan_check_read+0x11/0x20
[  860.876821][    C0]  ? unix_peer_get+0xe0/0xe0
[  860.881620][    C0]  sock_map_close+0x2ac/0x4c0
[  860.887595][    C0]  ? sock_map_remove_links+0x570/0x570
[  860.893559][    C0]  ? rwsem_mark_wake+0x6b0/0x6b0
[  860.899078][    C0]  ? security_file_free+0xc6/0xe0
[  860.904269][    C0]  unix_release+0x82/0xc0
[  860.908636][    C0]  sock_close+0xdf/0x270
[  860.912933][    C0]  ? sock_mmap+0xa0/0xa0
[  860.917416][    C0]  __fput+0x3fe/0x910
[  860.921617][    C0]  ____fput+0x15/0x20
[  860.925917][    C0]  task_work_run+0x129/0x190
[  860.931134][    C0]  exit_to_user_mode_loop+0xc4/0xe0
[  860.936284][    C0]  exit_to_user_mode_prepare+0x5a/0xa0
[  860.942154][    C0]  syscall_exit_to_user_mode+0x26/0x160
[  860.947848][    C0]  do_syscall_64+0x49/0xb0
[  860.952436][    C0]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  860.958232][    C0] RIP: 0033:0x7f0c0e5eff29
[  860.963152][    C0] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  860.983408][    C0] RSP: 002b:00007ffe55709708 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  860.992720][    C0] RAX: 0000000000000000 RBX: 00000000000b9763 RCX: 00007f0c0e5eff29
[  861.000674][    C0] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  861.008591][    C0] RBP: ffffffffffffffff R08: 0000000000000001 R09: 0000000700000000
[  861.017020][    C0] R10: 00007f0c0e573000 R11: 0000000000000246 R12: 00007f0c0e726f80
[  861.025693][    C0] R13: 00007f0c0e726f8c R14: 0000000000000226 R15: 00007f0c0e728980
[  861.033601][    C0]  </TASK>
[  861.036451][    C0] Sending NMI from CPU 0 to CPUs 1:
[  861.041921][    C1] NMI backtrace for cpu 1
[  861.042026][    C1] CPU: 1 PID: 13137 Comm: syz-executor.2 Not tainted 5.15.149-syzkaller-00165-g85445b5a2107 #0
[  861.042056][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  861.042066][    C1] RIP: 0010:kvm_wait+0x147/0x180
[  861.042099][    C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 4b 02 f3 03 fb f4 <e9> 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c
[  861.042113][    C1] RSP: 0018:ffffc90000c47260 EFLAGS: 00000246
[  861.042129][    C1] RAX: 0000000000000003 RBX: 1ffff92000188e50 RCX: ffffffff8154fb7f
[  861.042140][    C1] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff88810eff3c98
[  861.042151][    C1] RBP: ffffc90000c47310 R08: dffffc0000000000 R09: ffffed1021dfe794
[  861.042164][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[  861.042182][    C1] R13: ffff88810eff3c98 R14: 0000000000000003 R15: 1ffff92000188e54
[  861.042194][    C1] FS:  00007f08634dd6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  861.042209][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  861.042220][    C1] CR2: 00007fd5d9ef4000 CR3: 0000000114e58000 CR4: 00000000003506a0
[  861.042235][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  861.042252][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  861.042262][    C1] Call Trace:
[  861.042273][    C1]  <NMI>
[  861.042283][    C1]  ? show_regs+0x58/0x60
[  861.042304][    C1]  ? nmi_cpu_backtrace+0x29f/0x300
[  861.042329][    C1]  ? nmi_trigger_cpumask_backtrace+0x270/0x270
[  861.042353][    C1]  ? kvm_wait+0x147/0x180
[  861.042382][    C1]  ? kvm_wait+0x147/0x180
[  861.042402][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  861.042427][    C1]  ? nmi_handle+0xa8/0x280
[  861.042451][    C1]  ? kvm_wait+0x147/0x180
[  861.042465][    C1]  ? default_do_nmi+0x69/0x160
[  861.042483][    C1]  ? exc_nmi+0xaf/0x120
[  861.042498][    C1]  ? end_repeat_nmi+0x16/0x31
[  861.042515][    C1]  ? __pv_queued_spin_lock_slowpath+0x65f/0xc40
[  861.042536][    C1]  ? kvm_wait+0x147/0x180
[  861.042551][    C1]  ? kvm_wait+0x147/0x180
[  861.042565][    C1]  ? kvm_wait+0x147/0x180
[  861.042579][    C1]  </NMI>
[  861.042584][    C1]  <TASK>
[  861.042590][    C1]  ? asm_sysvec_call_function_single+0x1b/0x20
[  861.042606][    C1]  ? kvm_arch_para_hints+0x30/0x30
[  861.042622][    C1]  ? pv_hash+0x86/0x150
[  861.042637][    C1]  __pv_queued_spin_lock_slowpath+0x6bc/0xc40
[  861.042681][    C1]  ? __pv_queued_spin_unlock_slowpath+0x310/0x310
[  861.042707][    C1]  _raw_spin_lock_bh+0x139/0x1b0
[  861.042726][    C1]  ? _raw_spin_lock_irq+0x1b0/0x1b0
[  861.042744][    C1]  ? sock_hash_bucket_hash+0x31c/0x7e0
[  861.042764][    C1]  sock_hash_delete_elem+0xb1/0x2f0
[  861.042789][    C1]  ? sock_map_unref+0x352/0x4d0
[  861.042815][    C1]  ? bpf_trace_run2+0xec/0x210
[  861.042836][    C1]  ? bpf_trace_run1+0x1c0/0x1c0
[  861.042852][    C1]  ? sock_map_unref+0x352/0x4d0
[  861.042867][    C1]  ? __kasan_check_read+0x11/0x20
[  861.042885][    C1]  ? sock_map_unref+0x352/0x4d0
[  861.042929][    C1]  ? __bpf_trace_kfree+0x6f/0x90
[  861.042945][    C1]  ? sock_map_unref+0x352/0x4d0
[  861.042961][    C1]  ? kfree+0x1f3/0x220
[  861.042978][    C1]  ? sock_map_unref+0x352/0x4d0
[  861.042996][    C1]  ? sock_hash_delete_elem+0x274/0x2f0
[  861.043017][    C1]  ? security_compute_sid+0x1d7d/0x1f40
[  861.043039][    C1]  ? bpf_trace_run2+0xec/0x210
[  861.043055][    C1]  ? context_to_sid+0x5a8/0x600
[  861.043073][    C1]  ? bpf_trace_run1+0x1c0/0x1c0
[  861.043088][    C1]  ? security_compute_sid+0x1d7d/0x1f40
[  861.043111][    C1]  ? security_compute_sid+0x1d7d/0x1f40
[  861.043131][    C1]  ? __bpf_trace_kfree+0x6f/0x90
[  861.043146][    C1]  ? security_compute_sid+0x1d7d/0x1f40
[  861.043188][    C1]  ? kfree+0x1f3/0x220
[  861.043206][    C1]  ? policydb_context_isvalid+0x1de/0x430
[  861.043226][    C1]  ? security_compute_sid+0x1d7d/0x1f40
[  861.043241][    C1]  ? memcpy+0x56/0x70
[  861.043267][    C1]  ? security_transition_sid+0x90/0x90
[  861.043288][    C1]  ? __anon_inode_getfd+0x3af/0x430
[  861.043308][    C1]  ? anon_inode_getfd+0x40/0x40
[  861.043333][    C1]  ? bpf_trampoline_6442451044_0+0x1/0x1000
[  861.043350][    C1]  ? anon_inode_getfd+0x33/0x40
[  861.043367][    C1]  ? __fdget+0x1ce/0x240
[  861.043382][    C1]  ? security_transition_sid+0x7d/0x90
[  861.043399][    C1]  ? selinux_socket_create+0x204/0x330
[  861.043415][    C1]  ? selinux_socket_unix_may_send+0x2f0/0x2f0
[  861.043433][    C1]  ? security_socket_create+0x77/0xb0
[  861.043450][    C1]  ? __sock_create+0xd6/0x760
[  861.043467][    C1]  ? __sys_socketpair+0x29f/0x6e0
[  861.043483][    C1]  ? __ia32_sys_socket+0x90/0x90
[  861.043499][    C1]  ? __kasan_check_read+0x11/0x20
[  861.043515][    C1]  ? __x64_sys_socketpair+0x9b/0xb0
[  861.043531][    C1]  ? do_syscall_64+0x3d/0xb0
[  861.043547][    C1]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  861.043565][    C1]  </TASK>
[ 1013.022571][    C1] watchdog: BUG: soft lockup - CPU#1 stuck for 246s! [syz-executor.2:13137]
[ 1013.031313][    C1] Modules linked in:
[ 1013.035046][    C1] CPU: 1 PID: 13137 Comm: syz-executor.2 Not tainted 5.15.149-syzkaller-00165-g85445b5a2107 #0
[ 1013.045284][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[ 1013.055271][    C1] RIP: 0010:kvm_wait+0x147/0x180
[ 1013.060049][    C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 4b 02 f3 03 fb f4 <e9> 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c
[ 1013.080172][    C1] RSP: 0018:ffffc90000c47260 EFLAGS: 00000246
[ 1013.086084][    C1] RAX: 0000000000000003 RBX: 1ffff92000188e50 RCX: ffffffff8154fb7f
[ 1013.093882][    C1] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff88810eff3c98
[ 1013.101783][    C1] RBP: ffffc90000c47310 R08: dffffc0000000000 R09: ffffed1021dfe794
[ 1013.109596][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[ 1013.117434][    C1] R13: ffff88810eff3c98 R14: 0000000000000003 R15: 1ffff92000188e54
[ 1013.125219][    C1] FS:  00007f08634dd6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 1013.133980][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1013.140406][    C1] CR2: 00007fd5d9ef4000 CR3: 0000000114e58000 CR4: 00000000003506a0
[ 1013.148217][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1013.156025][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1013.163838][    C1] Call Trace:
[ 1013.166966][    C1]  <IRQ>
[ 1013.169659][    C1]  ? show_regs+0x58/0x60
[ 1013.173740][    C1]  ? watchdog_timer_fn+0x4b1/0x5f0
[ 1013.178766][    C1]  ? proc_watchdog_cpumask+0xd0/0xd0
[ 1013.183930][    C1]  ? __hrtimer_run_queues+0x41a/0xad0
[ 1013.189096][    C1]  ? hrtimer_interrupt+0xaa0/0xaa0
[ 1013.194127][    C1]  ? clockevents_program_event+0x22f/0x300
[ 1013.199771][    C1]  ? ktime_get_update_offsets_now+0x2ba/0x2d0
[ 1013.205673][    C1]  ? hrtimer_interrupt+0x40c/0xaa0
[ 1013.210620][    C1]  ? __sysvec_apic_timer_interrupt+0xfd/0x3c0
[ 1013.216520][    C1]  ? sysvec_apic_timer_interrupt+0x95/0xc0
[ 1013.222162][    C1]  </IRQ>
[ 1013.224948][    C1]  <TASK>
[ 1013.227716][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 1013.233709][    C1]  ? __pv_queued_spin_lock_slowpath+0x65f/0xc40
[ 1013.239783][    C1]  ? kvm_wait+0x147/0x180
[ 1013.243991][    C1]  ? asm_sysvec_call_function_single+0x1b/0x20
[ 1013.249981][    C1]  ? kvm_arch_para_hints+0x30/0x30
[ 1013.254919][    C1]  ? pv_hash+0x86/0x150
[ 1013.258919][    C1]  __pv_queued_spin_lock_slowpath+0x6bc/0xc40
[ 1013.264779][    C1]  ? __pv_queued_spin_unlock_slowpath+0x310/0x310
[ 1013.271029][    C1]  _raw_spin_lock_bh+0x139/0x1b0
[ 1013.275801][    C1]  ? _raw_spin_lock_irq+0x1b0/0x1b0
[ 1013.280837][    C1]  ? sock_hash_bucket_hash+0x31c/0x7e0
[ 1013.286128][    C1]  sock_hash_delete_elem+0xb1/0x2f0
[ 1013.291165][    C1]  ? sock_map_unref+0x352/0x4d0
[ 1013.295860][    C1]  ? bpf_trace_run2+0xec/0x210
[ 1013.300549][    C1]  ? bpf_trace_run1+0x1c0/0x1c0
[ 1013.305312][    C1]  ? sock_map_unref+0x352/0x4d0
[ 1013.309998][    C1]  ? __kasan_check_read+0x11/0x20
[ 1013.314861][    C1]  ? sock_map_unref+0x352/0x4d0
[ 1013.319543][    C1]  ? __bpf_trace_kfree+0x6f/0x90
[ 1013.324317][    C1]  ? sock_map_unref+0x352/0x4d0
[ 1013.329004][    C1]  ? kfree+0x1f3/0x220
[ 1013.332918][    C1]  ? sock_map_unref+0x352/0x4d0
[ 1013.337596][    C1]  ? sock_hash_delete_elem+0x274/0x2f0
[ 1013.342894][    C1]  ? security_compute_sid+0x1d7d/0x1f40
[ 1013.348389][    C1]  ? bpf_trace_run2+0xec/0x210
[ 1013.353044][    C1]  ? context_to_sid+0x5a8/0x600
[ 1013.357731][    C1]  ? bpf_trace_run1+0x1c0/0x1c0
[ 1013.362424][    C1]  ? security_compute_sid+0x1d7d/0x1f40
[ 1013.367803][    C1]  ? security_compute_sid+0x1d7d/0x1f40
[ 1013.373191][    C1]  ? __bpf_trace_kfree+0x6f/0x90
[ 1013.377958][    C1]  ? security_compute_sid+0x1d7d/0x1f40
[ 1013.383422][    C1]  ? kfree+0x1f3/0x220
[ 1013.387337][    C1]  ? policydb_context_isvalid+0x1de/0x430
[ 1013.392970][    C1]  ? security_compute_sid+0x1d7d/0x1f40
[ 1013.398358][    C1]  ? memcpy+0x56/0x70
[ 1013.402171][    C1]  ? security_transition_sid+0x90/0x90
[ 1013.407552][    C1]  ? __anon_inode_getfd+0x3af/0x430
[ 1013.412594][    C1]  ? anon_inode_getfd+0x40/0x40
[ 1013.417299][    C1]  ? bpf_trampoline_6442451044_0+0x1/0x1000
[ 1013.423028][    C1]  ? anon_inode_getfd+0x33/0x40
[ 1013.427686][    C1]  ? __fdget+0x1ce/0x240
[ 1013.431765][    C1]  ? security_transition_sid+0x7d/0x90
[ 1013.437060][    C1]  ? selinux_socket_create+0x204/0x330
[ 1013.442353][    C1]  ? selinux_socket_unix_may_send+0x2f0/0x2f0
[ 1013.448274][    C1]  ? security_socket_create+0x77/0xb0
[ 1013.453579][    C1]  ? __sock_create+0xd6/0x760
[ 1013.458083][    C1]  ? __sys_socketpair+0x29f/0x6e0
[ 1013.462941][    C1]  ? __ia32_sys_socket+0x90/0x90
[ 1013.467714][    C1]  ? __kasan_check_read+0x11/0x20
[ 1013.472672][    C1]  ? __x64_sys_socketpair+0x9b/0xb0
[ 1013.477703][    C1]  ? do_syscall_64+0x3d/0xb0
[ 1013.482210][    C1]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1013.488132][    C1]  </TASK>
[ 1013.490975][    C1] Sending NMI from CPU 1 to CPUs 0:
[ 1013.496081][    C0] NMI backtrace for cpu 0
[ 1013.496094][    C0] CPU: 0 PID: 13132 Comm: syz-executor.0 Not tainted 5.15.149-syzkaller-00165-g85445b5a2107 #0
[ 1013.496113][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[ 1013.496128][    C0] RIP: 0010:kvm_wait+0x147/0x180
[ 1013.496151][    C0] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 4b 02 f3 03 fb f4 <e9> 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c
[ 1013.496164][    C0] RSP: 0018:ffffc90000a27960 EFLAGS: 00000246
[ 1013.496180][    C0] RAX: 0000000000000003 RBX: 1ffff92000144f30 RCX: ffffffff8154fb7f
[ 1013.496192][    C0] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff888121330c90
[ 1013.496203][    C0] RBP: ffffc90000a27a10 R08: dffffc0000000000 R09: ffffed1024266193
[ 1013.496215][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[ 1013.496226][    C0] R13: ffff888121330c90 R14: 0000000000000003 R15: 1ffff92000144f34
[ 1013.496238][    C0] FS:  0000555556bf8480(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 1013.496252][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1013.496263][    C0] CR2: 0000001b33328000 CR3: 0000000115ad3000 CR4: 00000000003506b0
[ 1013.496278][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1013.496288][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1013.496298][    C0] Call Trace:
[ 1013.496304][    C0]  <NMI>
[ 1013.496311][    C0]  ? show_regs+0x58/0x60
[ 1013.496328][    C0]  ? nmi_cpu_backtrace+0x29f/0x300
[ 1013.496348][    C0]  ? nmi_trigger_cpumask_backtrace+0x270/0x270
[ 1013.496368][    C0]  ? kvm_wait+0x147/0x180
[ 1013.496381][    C0]  ? kvm_wait+0x147/0x180
[ 1013.496396][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x20
[ 1013.496414][    C0]  ? nmi_handle+0xa8/0x280
[ 1013.496429][    C0]  ? kvm_wait+0x147/0x180
[ 1013.496443][    C0]  ? default_do_nmi+0x69/0x160
[ 1013.496460][    C0]  ? exc_nmi+0xaf/0x120
[ 1013.496475][    C0]  ? end_repeat_nmi+0x16/0x31
[ 1013.496492][    C0]  ? __pv_queued_spin_lock_slowpath+0x65f/0xc40
[ 1013.496512][    C0]  ? kvm_wait+0x147/0x180
[ 1013.496526][    C0]  ? kvm_wait+0x147/0x180
[ 1013.496540][    C0]  ? kvm_wait+0x147/0x180
[ 1013.496554][    C0]  </NMI>
[ 1013.496559][    C0]  <TASK>
[ 1013.496564][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 1013.496580][    C0]  ? kvm_arch_para_hints+0x30/0x30
[ 1013.496596][    C0]  ? __pv_queued_spin_lock_slowpath+0x65f/0xc40
[ 1013.496614][    C0]  __pv_queued_spin_lock_slowpath+0x6bc/0xc40
[ 1013.496632][    C0]  ? do_syscall_64+0x49/0xb0
[ 1013.496648][    C0]  ? __pv_queued_spin_unlock_slowpath+0x310/0x310
[ 1013.496666][    C0]  ? __kasan_check_write+0x14/0x20
[ 1013.496685][    C0]  _raw_spin_lock_bh+0x139/0x1b0
[ 1013.496703][    C0]  ? _raw_spin_lock_irq+0x1b0/0x1b0
[ 1013.496720][    C0]  ? __local_bh_enable_ip+0x58/0x80
[ 1013.496737][    C0]  ? lock_sock_nested+0x266/0x300
[ 1013.496753][    C0]  ? unix_peer_get+0xe0/0xe0
[ 1013.496769][    C0]  sk_psock_link_pop+0x2e/0x170
[ 1013.496785][    C0]  ? unix_peer_get+0xe0/0xe0
[ 1013.496800][    C0]  sock_map_remove_links+0x25/0x570
[ 1013.496817][    C0]  ? __kasan_check_read+0x11/0x20
[ 1013.496834][    C0]  ? unix_peer_get+0xe0/0xe0
[ 1013.496848][    C0]  sock_map_close+0x2ac/0x4c0
[ 1013.496865][    C0]  ? sock_map_remove_links+0x570/0x570
[ 1013.496882][    C0]  ? rwsem_mark_wake+0x6b0/0x6b0
[ 1013.496897][    C0]  ? security_file_free+0xc6/0xe0
[ 1013.496916][    C0]  unix_release+0x82/0xc0
[ 1013.496932][    C0]  sock_close+0xdf/0x270
[ 1013.496949][    C0]  ? sock_mmap+0xa0/0xa0
[ 1013.496964][    C0]  __fput+0x3fe/0x910
[ 1013.496983][    C0]  ____fput+0x15/0x20
[ 1013.496998][    C0]  task_work_run+0x129/0x190
[ 1013.497014][    C0]  exit_to_user_mode_loop+0xc4/0xe0
[ 1013.497030][    C0]  exit_to_user_mode_prepare+0x5a/0xa0
[ 1013.497046][    C0]  syscall_exit_to_user_mode+0x26/0x160
[ 1013.497064][    C0]  do_syscall_64+0x49/0xb0
[ 1013.497078][    C0]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1013.497093][    C0] RIP: 0033:0x7f0c0e5eff29
[ 1013.497110][    C0] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1013.497127][    C0] RSP: 002b:00007ffe55709708 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1013.497142][    C0] RAX: 0000000000000000 RBX: 00000000000b9763 RCX: 00007f0c0e5eff29
[ 1013.497152][    C0] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 1013.497162][    C0] RBP: ffffffffffffffff R08: 0000000000000001 R09: 0000000700000000
[ 1013.497173][    C0] R10: 00007f0c0e573000 R11: 0000000000000246 R12: 00007f0c0e726f80
[ 1013.497184][    C0] R13: 00007f0c0e726f8c R14: 0000000000000226 R15: 00007f0c0e728980
[ 1013.497198][    C0]  </TASK>