last executing test programs:

39.58926873s ago: executing program 3 (id=129):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x8108551b, &(0x7f0000000380)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a0000000086d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f6853772b21a100efb76cba37ff3111d6847e8b9398a646717af75fc008daefba68e6222103472bc55704cdb72b4b996ed831f3b802549db3a8ffff7d34171113d806726615380fe65a6a0a72e1ac2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13f4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe363590d1f600"})
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000340)={0x50, 0xfffffffffffffffe, 0x0, {0x7, 0x28, 0x101, 0x12848a3, 0x0, 0x400, 0x8}}, 0x50)
ioctl$USBDEVFS_CLEAR_HALT(r0, 0xc0105502, &(0x7f0000000340)={0x1, 0x1})

39.532765339s ago: executing program 3 (id=132):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000280)='rss_stat\x00', r0}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
getrandom(&(0x7f0000000040)=""/133, 0xfffffffffffffdde, 0x2)

39.51542893s ago: executing program 3 (id=134):
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r1 = dup(r0)
connect$pppl2tp(r1, &(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, r1, {0x2, 0x4e22, @remote}, 0x2, 0x2, 0x2, 0x4}}, 0x2e)

39.438298279s ago: executing program 3 (id=136):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0xc)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000080)='./file0\x00', &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x2081c80, 0x0)
mount$bind(0x0, &(0x7f0000001200)='./file0/file0\x00', 0x0, 0x84000, 0x0)

39.437964849s ago: executing program 3 (id=138):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4c00000018000100000000000200000002000004fe00fe060014000008001900", @ANYRES32, @ANYBLOB="080006000004000006001c004e22000008001900", @ANYRES32, @ANYBLOB="080005007f"], 0x4c}}, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000005c0)={'bond0\x00', 0x200})

39.368882719s ago: executing program 3 (id=144):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000007111ae00000000008510000002000000850000000500000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000100)={0xffffffffffffffff, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, 0x0, 0xfffffffffffffde1, 0x10, &(0x7f0000002e00), &(0x7f0000000300), 0x8, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={r0, 0xe0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)

39.314810979s ago: executing program 32 (id=144):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000007111ae00000000008510000002000000850000000500000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000100)={0xffffffffffffffff, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, 0x0, 0xfffffffffffffde1, 0x10, &(0x7f0000002e00), &(0x7f0000000300), 0x8, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={r0, 0xe0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)

38.647881987s ago: executing program 2 (id=168):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000090000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={0x0, &(0x7f0000000040)=""/155, 0x1000000, 0x9b, 0x1, 0x0, 0x0, @void, @value}, 0x20)

38.610738717s ago: executing program 2 (id=169):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000380)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x1e, &(0x7f0000000600)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x101}, [@cb_func, @alu={0x7, 0x0, 0xb, 0x0, 0x5, 0x10, 0x10}, @tail_call, @jmp={0x5, 0x0, 0xc}, @cb_func, @call={0x85, 0x0, 0x0, 0x75}, @tail_call, @exit, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffa}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @generic={0x4, 0x0, 0x0, 0x2000, 0x4}, @alu={0x7, 0x1, 0x1, 0x5, 0xb, 0x58, 0xfffffffffffffffc}, @func]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000000)=0x4b)
ioctl$SIOCSIFHWADDR(r0, 0x8946, &(0x7f0000000900)={'veth0_macvtap\x00', @random='\x00\x00\x00 \x00'})

38.522994786s ago: executing program 2 (id=170):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
readlink(0x0, 0x0, 0x0)

38.300986336s ago: executing program 2 (id=171):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000280)='./file0/file0\x00', 0x0, 0x1000, 0x0)
move_mount(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000400)='.\x00', 0x140)

38.225443526s ago: executing program 2 (id=172):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f0000000600)={{0xa, 0x0, 0x8, @local}, {0xa, 0x0, 0x0, @empty}, 0x1}, 0x5c)
setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd3, &(0x7f00000000c0)={{0xa, 0x0, 0x0, @local}, {0xa, 0x0, 0x0, @empty}, 0x1}, 0x5c)

38.091677095s ago: executing program 2 (id=178):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x11, &(0x7f00000008c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100006, 0x0, 0x0, 0x0, 0xfffffffc}, [@call={0x85, 0x0, 0x0, 0x2a}, @snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0x28, 0x0, &(0x7f00000002c0)="b9ff03076003008cb89e08f086dd", 0x0, 0x5da0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

38.057354435s ago: executing program 33 (id=178):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x11, &(0x7f00000008c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100006, 0x0, 0x0, 0x0, 0xfffffffc}, [@call={0x85, 0x0, 0x0, 0x2a}, @snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0x28, 0x0, &(0x7f00000002c0)="b9ff03076003008cb89e08f086dd", 0x0, 0x5da0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

23.738738058s ago: executing program 5 (id=685):
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f00000000c0)='./file2\x00', 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='noinline_xattr,active_logs=4,jqfmt=vfsv1,noinline_data,user_xattr,checkpoint=disable,fastboot,fsync_mode=strict,discard_unit=section,\x00'], 0x21, 0x552d, &(0x7f000000abc0)="$eJzs3EtvG1UUAODjpOmbEiEW7DqoQkqk2qrTh2BXoBUP0aoqsGAFju1abmxPFDtOyIoFS8SCf4JAYsWS38CCNTvEAsQOCeS5E2gKlZDixKT5Pml85t65c+beURTpzFgO4NhazH77pRIX4kxEzEfE+Yhiv1JuhZspvBARFyNi7pGtUvb/1XEyIs5GxIVJ8pSzUh764vL40vWf3/712+9PnTj35Tc/zG7VwKy9FBH99bS/1U8x76T4sOxvjLtF7F8blzEd6K+V7TzFrfZqkWGrsTuuUcSrnTQ+X98cTuKDXqM5iZ3ug6J/fZAuOBx3dvMUJzxsbBTtVnu1iN1hXsTOTprX9k7637YzHKU8rTLfx0X6GI12Y+pvb7fTetbXitgcjMr+lDdvtbcncVzG8nLRzHutYh6r+7nT/2svvtMdbG5n4/bGsJsPsuu1+su1+o1qfSNvtUfta9VGv3XjWrbU6U2GVUftRv9mJ887vXatmfeXs6VOs1mt17OlW+3VbmOQ1eu1q7Ur1evL5d7l7I2772e9VrY0ia91B5ujbm+YPcg3snTGcrZSu/rKcnapnr1751527/7t23fuvffhrQ/uvnrnrdfLQf+YVra0cmVlpVq/Ul2pL+/vBhyp9X9aTnqK64d9qcx6AgBHj/ofmIWDq/837kccfP0f6v+pOFL173Gv/w9g/bAv6n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgGPrx4Wv3ix2FlP7XNn/TNn1XNmuRMRcRPzxL+bj5J6c82WehSeMX3hsDt9VosgwucapcjsbETfL7fdnD/ouAAAAwNPr608ufp6q9fSxOOsJcZjSQ5u58x9NKV8lIhYWf5pStrnJx/NTSlb8fZ+I7SllKx5gnZ5SsvTI7cS0sv0n83vC6UdCJYW5x8+Y2moBAICZ2VsJHG4VAgAAwGH67IlH1g51HhyySuy+ytx9F1x88/7vl31nUturPwAAADi6KrOeAAAAAHDgivrf7/8BAADA0y39/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH+ycy+5aQNxHID/NrjQl4qq7nuV7uAYPUKXXVYcoJfgCOQKuQBnILscIYIIj4NCRB7EY6xE3yfZgy3zmxkei5mRBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBLV9VydvHv5/+2OZttO3l6AwAAAByzrpaz+sUkXX9u7n9tbn1vrouIKCPi2Nh9EB8OMgdNTvXI89WDNlxG1Am7OkbN8SkifqVjG9+6/hQAAADgXRruTqv5YppG6+k06btVtHbCd5gmbcovvzNVXURENbnOlFbu8n5kCqt/38P4mymtnsAaZwpLU27DXGkvUv/d97N243tFkYry6fdn6zsAAHBGg4PivKMQAAAAzulP3w2gCx+ffaKIu6XM/VLgKBXjgwiLfQAAAPB2FX03AAAAAOhcPf4/Zf+/6Gf/v7ix/x8AAAC8Wtr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC6tq+VsNV9M2+Zstu3k6Q0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADALfvzjgIhEAZhsHd9ZzL3P6w0aGpqUgXCx98YDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc7M9LCoRAEETBnPG/k77/YSVBzyBCBDQ8qqhFAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc7Ny/b9xUHADwZ/t8/QGII6AbghBIDLDQ67W0dEMMoIiBPwEpSq8l9MqPNgOtKqQsbChzFwQjQkigsPUfYOqG1EpdytbhhiKxsByyz845TSUuRLEvyecjPb/vOY7f99lSlK+fEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDR6bxon2aYzieNi373Ht1ay/v4TfebOxoPFrGVxVGfSB8Mr1Q9Rt7lEAAAAODqSsr4PITxMN5eyPu7k9X9aHpPV/N8/N4nLev7Jur/sy9o/a7/9+uilrYE6k3Gyk15aHQ5O70yltX+znG/P/+cRrfzK589ekvyGxB+uvzhK8+sZfXv37vvtPDxWR7YAwP9xquyLoPx9KOv7TSYGwJHRqhTeZf2fdJrNCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAOo/XwTBlHIYTF1jTO3H98a+Vp/Z2NB4tlO3/79kb1nNkp0hDCpdXh4HSNc5l312/cvLI8HA6u1R+8GkJoavR3i+lf+XiGg0No5PrsV/DPeDze1Xcdbz7nPQVxcbPnJZ+DETT4QwkAgEMpLVpW1z9MN5eyfdFCCOMfttf/b1TiMGP9/+iT8/eqY1Xr/35tM5x/vbWrX/Su37j51urV5cuDy4PP3j7Tf6d/9sK5cxd6+bOSnicmAAAA7E27aNX6P17Yuf5/shKHGev/L7/rfz0d6Y98q/7fabro13QmAAAAR9sLr/39V/SU/VG7Hb5aXlu71p9stz6fmWwbSHXXjhWtWv8nC01nBQAAANRhtB5tW/+/WInDjOv/z/748s/VcyYhhBPF+v+plc+HF+ubzlyr48+Jm54jAAAAzTpRtOr6f5q//x9vvfIQhxDefH0SF/8GcKb6P/ngm5+qYyWV9//P1jfFuRR3J9cj77shtLrbvvx7Y4kBAABwKB0vWlbs/5luLn36y8mP2t7/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKjbvwEAAP//E41CoA==")
r0 = open(&(0x7f00000002c0)='./file2\x00', 0x14937e, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x103042, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000000)={r0, 0x0, 0x2000000000000})

23.456506067s ago: executing program 5 (id=688):
r0 = socket(0x10, 0x2, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000080)={0x8}, 0x10)
write(r0, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c)
recvmmsg(r0, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})

22.936323225s ago: executing program 5 (id=699):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000005c0)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0x11, &(0x7f0000000100)=@framed={{0x18, 0x2, 0x0, 0x0, 0x3}, [@call={0x85, 0x0, 0x0, 0x17}, @snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)

22.906778835s ago: executing program 5 (id=704):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0xc)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000080)='./file0\x00', &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x2081c80, 0x0)
mount$bind(0x0, &(0x7f0000001200)='./file0/file0\x00', 0x0, 0x84000, 0x0)

22.874278935s ago: executing program 5 (id=705):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xb, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002a20702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
mount(&(0x7f00000001c0)=@filename='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000001200)='vfat\x00', 0x0, 0x0)

22.589051404s ago: executing program 5 (id=712):
r0 = io_uring_setup(0x2624, &(0x7f0000000280)={0x0, 0xfffffffc, 0x800})
r1 = epoll_create1(0x0)
r2 = dup3(r1, r0, 0x0)
epoll_pwait2(r2, &(0x7f0000000080)=[{}], 0x1, 0x0, 0x0, 0x0)

22.574212334s ago: executing program 34 (id=712):
r0 = io_uring_setup(0x2624, &(0x7f0000000280)={0x0, 0xfffffffc, 0x800})
r1 = epoll_create1(0x0)
r2 = dup3(r1, r0, 0x0)
epoll_pwait2(r2, &(0x7f0000000080)=[{}], 0x1, 0x0, 0x0, 0x0)

7.560070885s ago: executing program 4 (id=1138):
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
write$cgroup_int(r0, &(0x7f00000000c0), 0x12)

7.446383265s ago: executing program 4 (id=1142):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={0x0, 0xffffffffffffffff, 0x0, 0x20, &(0x7f0000000000)='/proc/net/\x00\x00t4/c+\x0fG\xf9aK\fX\a0\x04\x00\x00\x82q\xee'}, 0x39)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000b80)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce935b0f327cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1525320e716660000000000b02b001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d3294000000000000000000000000000000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1c77a211bfa02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0843b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={r1, 0x34}, 0x10)

7.406781634s ago: executing program 4 (id=1144):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r0, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

7.343355154s ago: executing program 4 (id=1145):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000780)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000800000095000000000000009500a5050000000077d8f3b423cdac8d80001d0000000020e16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f68a7d06d7535f7866903dc6751dfb265a0e3ccae669e173a649c1cfd6587d452d46b7c57d77578f4c35235138d5521f9453559c3421eed73d5661cfeecf9c66c54c3b3ffe1b4ce25d7c983c044c03bf3ff03fe3e26e7a23129d6606fd28a69989d552af6200000003a00000000000000abecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f1633ed38ae89d24e1cebfba2f87925bfacba83109753f541cd027edd68149ee99eebc6f7d6dd4aed4afe1f44ccb19e810879b70a70000000000000000000000d7900a820b6327944e9a217b9800e02a92895614cd50cbe43a1ed25268816b004519c9c5cff097d8000000000009d27d753a30a147b24a48435bd8a568669596e9e08679b3ce48e90defb6670c3d62ad0a97aec773713a66b223fa8b148871c8d31d24000025449f106b99893ed20fa7a050fbbef90327e827e513e9606800000000e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e69ee52b59d13182e1f24ed200ada12f7a1525320e71666f472a97214d0b2874df30ed5eb1affb87ba55b2d72078e9f40b4ae7dc3b2aeb0d11cd22c35d32940f19dff00ffffffff080000ff003853e59de7621e348955735264f34b1046a1813668297a7edad187ef106ae7fcbb25090f17d0baadeb8ae190a1fb5a315f8347fb037965950000000000000000000000000000002fdf0193ec79c90ed210ebc2fbed6d4216770c1b0dec886b388d138c4e7264093061c660a5100b7cc165889eb94c8d7c83c2fa06f1a4f8e4a6b6cb37e319c5c22f276b03cae853f42b07ca0b03b1eb32a6b1a81cd511731464ad21f07f618efc31023ac60007426162b57e803519954d7c976fda392fa84be38e937d36af1c35138e05a9e8d6dc0272de72c415d7e161ff304402e22af23437126f330f8eb4075daaeae3134ece35cd86d95bd9836bd186c4b6565e967a4e3e86f299b7400994ba136b4eccf3b0f001a266c0d160b3b342ea821d64b52a5ce7f5062940d9eea6903ba9be00000000fb14534328b1252144b73e362354b7326d1bdcf9176490614f346d0a26748177b978e6623acc25bd0bf8d4a2727f9adb39a75dd93713a0faf5d7b921325659459bc5bf4a23fe56fdaead5f24f9e85c09eb48f3f1a1aba4b79fd8724d301d2e29d5730c942311a200eeaeaf8115d1e43548d23b8c1f9c4aed5670d61ce41c67d90000000000008f89fa3633d8e01a3e192d1d9129f27898b34992b5168de4784ac7f00e2a33ab00f08570d1090642b50ad1b57ed774cac3c0f97b20431279647a18f086d9b07857f3a00c0196"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r1}, 0x10)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000080)={0x10, 0x0, &(0x7f0000000840)=[@clear_death], 0x0, 0x0, 0x0})

7.288716564s ago: executing program 4 (id=1146):
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000200)=0x10)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)

7.262304064s ago: executing program 4 (id=1147):
unshare(0x400)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8010aebc, &(0x7f0000000140)={0x0, 0x0, @ioapic})

2.076261017s ago: executing program 7 (id=1267):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = socket(0x11, 0xa, 0x0)
write$vga_arbiter(0xffffffffffffffff, &(0x7f0000000000)=@unlock_all, 0x7)
sendmsg$can_bcm(r0, &(0x7f0000000140)={&(0x7f0000000000), 0x12, &(0x7f0000000080)={0x0}, 0x8}, 0x0)

2.024528687s ago: executing program 7 (id=1268):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000f20b00000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000007f1600850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00', r1}, 0x10)
epoll_pwait2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)

2.024195807s ago: executing program 7 (id=1270):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0xd68210}], 0x1, 0x0, 0x1f00000000000000, 0x200000}, 0x1f00)
sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x7, &(0x7f0000000000), 0x4)

1.108103504s ago: executing program 7 (id=1274):
r0 = socket$packet(0x11, 0xa, 0x300)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0x0, 0x0, 0x0, 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
recvmmsg(r0, &(0x7f0000007040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40, 0x0)

837.285953ms ago: executing program 7 (id=1279):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
pipe(&(0x7f0000005880)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
fsetxattr$security_selinux(r1, &(0x7f00000000c0), &(0x7f0000000040)='system_u:object_r:dhcp_state_t:s0\x00', 0x1e, 0x0)

786.905603ms ago: executing program 7 (id=1282):
syz_mount_image$f2fs(&(0x7f0000010580), &(0x7f00000105c0)='./file1\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='active_logs=4,jqfmt=vfsv0,prjjquota=f2fs\x00,mode=adaptive,heap,norecovery,fsync_mode=posix,user_xattr,disable_roll_forward,\x00\x00\x00'], 0x1, 0x10591, &(0x7f0000020bc0)="$eJzs3M9rI2UYB/An7XZt13Ut4sHbDojQwiY0bXfRW9UuKtil+OPgSdNkGrKbZEqTtnFFWDyLx/1H9OTdu/+EN/EgeFtQMjPVra4INjZ2+/nA5Dvz5s0z74RenpmSAC6sxeSXnytxLRYiYjYirkbk+5Vyy20U8VJEXI+Imce2Sjn++8DliLgSEdfGxYualfKtzx8+2Ho02vrs24c/bX7R+P7G9K4amLZXIqK3V+wf9YrM2kXeLccbh508e+uHZRZv9O6Vx1mRR+lOXuGocTyvkedau5if7R0MxrnbbTTH2e7s5uN7/eKEg8P2cZ38A3cb+/lxK93JszPI8mzfL9Y1KvP+YFjUaZX1Ps3Lx3B4nMV4OkqL69m7l2ezPyzHi7pZKx2N87DM8nTRzLqtfB07//pr/t97t9M/GCWH6f6gk/WTm7X6q7X6rWp9P2ulw3S92ui1bq0nS+3ueFp1mDZ6G+0sa3fTWjPrLSdL7WazWq8nS5vpTqfRT+r12lptpXpzudy7kbx158Ok20qWxvlGp38w7HQHyW62nxSfWE5Wa2uvLScv15P3t7aT7fdu397a/uDjzY/uvL71zpvlpL8sK1laXVldrdZXqqv1Zdd/GvOn+zgXXWXaCwA4f/L+fyH0/8CZ0v/r/0P/e+GvX//Pqej/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAurB/mvn4731ksjp8tx58rh14ojysRMRMRvz7BbFw+UXO2rDP3N/Pn/rSG7yqRVxif45lyuxIRG+X26Pknr/3SRL8JAAAAeDp98+D6V0W3XrwsTntBnKXips3M1U8mVK8SEXOLP06o2sz45cUJFcv/vi/FaELV8htY8xMqVtxyO9t7WbMnYv6xqBQxc6bLAQAAzsTJTsATdQAAgKfXl9NeANNRieNHmcfPgvP/vP/jgeDCiSMAAADgHKpMewEAAADAfy7v/8/z7/8BAAAA/6z4/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgN/YuZ+c1KEoDsCnhb7H+2MkxrlbcQbLcAkOHRIW4CZYAm7BDbAGnLkEA4a2RGowMeltieT7kvb2NubnKWFy7iUFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoEsvxXL6NLt5bJuz2baT5mkAAACAY9bFclpejKv5v/r+RX3rqp5nEZFHxLHefRC/GpmDOqf44u+LTzU8R5QJu//xuz7+RsRtfbxddv0pAAAAwPlazReTqluvTuNTF0SfqkWb/P9dorwsIorxa6K0fHe6ThRWfr+H8ZAorVzAGiUKq5bchqnSvmXQGEYHQ1YNea/lAAAAvWh2Av12IQAAAPTp/uB6dsI66FkW+63M/V5w+cv7jw3BP40ZAAAA8ANlpy4AAAAA6FzZ/3v/HwAAAJy36v1/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdGldLKer+WLSNmezbSfN0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMA7+/OOAiEQBmGwd31nMvc/rDRoampSBcLH3xgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8+d1f/k9MjTPJ3Gtj6XkkWTs1tk6NvXPj6A/j69cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFzsz0sKhEAQRMGc8b+Tvv9hJUHPIEIENDyqqEUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF/0u1/+T0yNM8ncaWPpeCRZu2psXTX2HjSOHoy3fwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFzs3L9rJFUcAPC3P2bPO5BboyycjSeenCjeZs9fCDZXCMFCsBLLJbc5VvdU7lJ4IU0aC8H/wEbbNEJAkFj4F6SwMmVsIsgWESyslPkVJ9koEzWzm73PB968b4aXme+bQMj3vckCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQG98KV/O4ER/aaVzPzv14sL4c97vH+th+f/NK3OK4Vm3a504zfkadaWcBAADAvGvk9X0IYS/aWor7ejup/5/Nx8Q1//qjaZzX88fr/rzPa/+4bX/31TuHN2qn94lCCN+0R4PFymY4266VHHe5xJhkLSFdoWkkP7b6WxuPj6Pkqdc+39l5s5WEF/5bxgDA/+FG3mfByjD9+yjue9NMDIC51cxaKNT/jfZ0cwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACowngjvJDHtRDCk82/4tjuwfrySf1+f/NK3i6/98SnxWvGl4hCCCvD0WCxwrnMsmslx91/sPZBfzQa3DtV8NS/+i6BQHBegjP+BQUAwFyJshbX9XvR1lJ8rrYQwh9fHq3/rxfiULL+/364fb14r2L936tshrOtbP3fXb37cff+g7UXh3f7dwZ3Bh/e7L3ce23x9Vd6r3aT9ZSuVRUAAAD+Xitrxfq/vjC5/3+pEIeS9f8PP7/7S/FeDfX/hNPv/59xQgAAAA+xx67+9mvthPO1Vit80l9dvddLj4df30yPU0j1n12cPHUha8X6v7EwhdwAAACAyo03akf2/28X4lBy///b53//onjNRrYEsTIcDW4sfzS6Xd10Ztbk/n/7xHFV/DtxBdMFAABgSi5mrbj/HyXv/9efzsfUQwjPPZPG2ccAlqr/32h+dqt4r+L7/y9VN8WZVO+kz6PM+//J2E4IzU4FiQEAADCXHslaXP//FG0tvf/1pbdb3v8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+JP9ubdNGAjjOPz6kihxm4yQ3kpgBhoqBCPwISFZ8gwMwEI0VLQWi8AKIMG5pjMUz9P8f8UV9wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvLzLwxdvEVFE6jJFGm9+Tu8R8RFp27ajz1sWu/Ox+brnbH+Y5PyO6W8ZEWUUfZwDANC7qtscq3W9/Mv7n3eQd5i3mjf14pmfBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACu7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirswIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwVgAAAP//+9Vf2g==")
mkdir(&(0x7f0000000000)='./bus\x00', 0x140)
chdir(&(0x7f0000000140)='./bus\x00')
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)

593.848902ms ago: executing program 1 (id=1285):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x900, 0x0, @dev, 0x4}, 0x1c)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/stat\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x7)

553.684362ms ago: executing program 1 (id=1287):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000100fe0000000000d20208850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x45)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000100)='net_dev_xmit\x00', r0}, 0x5a)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e01f3440cee51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cad32b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337602d3e5a815232f5e16c1b30c3a6abc85018e5ff2c91018afc9ffc2cc788bee1b47683db012469398685211dfbbae3e2ed0a50e7393bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d300006aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7af22e30d46a9d26d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977fb536a9caab37d9ac4cfc1c7b400000000000007ffc826b956ba859ac8e3c177b91bd7d5e41ff83ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d000069a16203a967c1bbe09315c29877a308bcc87dc3addb08142bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8240000e3428d2129369ee1b85af9ffffff0d0df414b315f651c8412392191fa83ee830548f11be359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92000000000f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb74d4ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905de328c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a978ee56c83a3466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342e0eaf6f330e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea95ec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf81700cd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be3827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f969369de47422604e2fc5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293b6c833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b612272d40f522d8c98c879aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbe71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd46dbd61627a2e0a74b5e6aefb7eee403502734137ff47a57f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a125e3af1130d66a7b66837ae7e7123dde7404a067ad0a6a2d6bec9411b61cad4121be3c72ff3a04713042253d438e7becf8120de3895b8ce974958bde39cb8da3427a2e9e2de936431e67fed5ab5684db07de39083d8948cc4c8a2608100000000000000000000aecb8b0b7941088f971ce17427eec32a012295cc0cdd32955176b6ad5a4bb953e58ccfa9428f452cfb5a48a9fda26db3985c8be3c2f99827da074825b01c4a3a71fb59d5798100000000000000c76b05a45d2dd8c20d971e2f3e4369168f5cb83d6ff3a18733fec726034fbfa95624135bee374414b2c8c61f52357a520efd6a10aff244bc8a62ed367981fb4d5d77f7bc093958ff46527499957da4934cd4b370cf76f72dd05fa80cdfb68c836fd81be7a58532e041a87f9222f157610a4bcdc05b2a55308c8e7568b90f7a338557e816a16972aea79dff5becefa6f9c5ce6c58fb38da9e7532dc53cfdc2e789b76f7d32aca1bfea2aa62621b78dded30fc07171866bf3d552900000000a32dda61eeda1750e157c2d569b9d08f583c0ee28daec2e8bb85f3c8e91c4448096ee953def18dc73e55cb30f9cd069d8780b00eaba382f0c3ae391c30a5f1b0f36dd0c2193b791995d2890327a10d7abac76d1202f72e97f0105184d7aaaab8d3e29c9a8d263f076b55cf53c5bb9c0662a3d19a6722d7f83ae4331d3256f90af0857788b380ccc3b266c418e66d1d756d5df6423dd0cea67bc235d3776d22270fc19301ead09f156893e9"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03316844268cb89e14f0080047e0ffff00124000632f77fbac14fe16e000030a07080403fe80000020006558845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x24, 0x60000000}, 0x2c)

487.835052ms ago: executing program 1 (id=1289):
r0 = openat$kvm(0x0, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r1, 0x4068aea3, &(0x7f0000000140)={0xdf, 0x0, 0x10000})
ioctl$KVM_CAP_DIRTY_LOG_RING(r1, 0x4068aea3, &(0x7f0000000000)={0xc0, 0x0, 0x10000})

463.431822ms ago: executing program 6 (id=1290):
r0 = fsopen(&(0x7f0000000140)='pstore\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='\b?\xb4\x1bZ\x89ug\xf8=\x1e\xe3\xca\x0e2\xc1\x83\x90\xea\xa3Dt\xc0.\xfa\x9b\xda\xfe\x8f\xd9\xb5n\x7f\xcf\xfd\v\xed\x1e1\xf6\xee\x88\xe9\xc3\xeb\xc4G\xd5\xed\xf9\xdfE-\xd4\xfb\"\xe8\xf3fh\xc7\x8f\x14!%T\xe1\xea\xc9\xa0\xe4\x11\xce\xb0\xe5\xba\xf8\x95\xaf8\xec\x99Y\xaf\x8cP\xd19)-\xbcN5\\\xfe\\\xbb\x96\xd4\xcf\xb0\x96\xb5x\xa6\x98', &(0x7f00000007c0)='mjY\xc9p1\xc1k\xefW\x87\x1c\'\xf8<\xc9\x16\x03m\x06\x99\xec\x97\xc3{\xee\xc1\xfb\x8f\xbc\xa6\xc0\xa9\xd1\xa5\xb5\xb6\x99{\x82\x8f\xb8\xeew\xd0\xb3\xe1Q\xdf\x19\xfd\xdeKS\xf3\x12M\xab@Y\x86Q\x99\xd4\b\x7fK\xd48\a?r\xd8\xc4\x11\x9c\x98jj\xd8 1\xb1\\\xc8{>1Q\xb5!@dRN\xab\x99\xff\xeb/\xb0\xc1\xac\xe3\x1f\xb4\x9a\xe6\xd1\x99\xbc\x8b\xf0\xf6\f;+!s\xf1\xbf\xd7\x82\x89\xde3~\x95\x04\xd1\x97g\xbc\xc3\xf6\r\"\x1f\x1d\x12\xbaL\xf6\xff\x03&\xb1R\xcd\xc1\xbd\xf7~5\x05\x86tfG\xb6\x15\xd5\x03\tM\xee\x90\xac\x94Y!\x8f', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='\'\\${@*-.[{\x00', &(0x7f0000001f80)='\x9d#\x00\xe6Z\x00\xafq%\xa5\x83\xa6\xb5\x00\x83y\xf3\xb2\xe6b \x00\x00\x00\x00\x00\x00\x01\x00\x00\xf7\xffg\xf5\x12oP\xfe\xe6\xd2SLR\xa1\x00\x00\x17\x1f$^\xe1\x00\x00\x00\x00\x00\x00\a\xff;\xeb\xf1\xd0\xce\xe5\x19\x12\b\x01\xd9\xae>/\x05\x00\x00\x00\x15\x00\x00\x00\xa1\xa2\xe0g\x98\xbf*\xdcc\x12.\xb7\xbe`\'\xcb\xb6\xaf\xdc\xa0D\x93.\xf25\x957\xec\xfb\xe6|\\\xe4h\xfc\x14\x05\x00\x00\x00\x00\x00\x00\x00\x91\x98\x15\xec\xdb\xaa\t9\x11\xb4h$&0\xdd\x19\x86\x90\xbe\xd7\xdc\n\xcbC\x15\xfcp\x11\xdai\f{a?\xd0\xe1{\x84\xb5\x82q\x19\xacS\x88|\x99\xfd\x9eS\x80\xcb\x14G\xfa\xff\xff\xff\xff\xff\xff\xff\xcd\xf0%\x97!\xba\xe3J\xc2t\x96\xf8\xb1\xd2\x168\xbf`$\xbf\xca\xea\xa3\x83\x8e-k\x12\xdf\xb9q\xb6Pr\xd4\xb5X\\\xdbD\n\x03G\x00\x04\x00\x00\xbc\xac\x18\xba\xce\xb3%QF\x03\b\x9dh\xcb)\xf4f\x12[\xf9\r\t\xef{h\xb0\xc0:\x8f|\x8f\x06\xf8T\x826`M\x11\x1c\xb0*8\v\x1e\xcf\x03\xd3\xe8,?P\xac\x86\x13b\xa8D\x0f\x93\xab\x1c\x11\x00\xc5\x8d\x82\x9c\xd6B[\xc9\x00\xf5]\x81\xf3\xfd\x06M\xbe\xf9\xba\x9em\xe9\"\x03\x933P\x9b\xcc\x9b\f\xa7\x8f\x91O\xc9\xb9\x14M\x8b\xd0\xc0\xb8L\xbd\x1c4\xb59\x988\tgC\xbc\xe0\xc5\xf4\xe0E%\xd9\xd8w\x00k\x042Y\xd9\xc5\xe59\xa95\xd1m\xd8hCuZYi\x10D\xb9\xe6\xff\x04K%yH\xe5\xf4\x8b\x03Ca8\x1e\xe9\\#\xf8O\fw\xd9\xf5cF\xcc\x1a2ex\xb4\x0fi$\x97\x81.\x02\x04m\xfbT2\xd4\"\x1e\xf0\x16\x0f\x97\xe6j}J\xca\xb8)f\xd5\xfd>\x9bU\xb0\x03Zt0\xc0b\xad\xef@o\xc1\xd6\x17T\f\xc30\xe2\x89\xf6L\x1b1\x9c\t\xa7\x80\x1b:\xbb\x04\xd7\xd1\x06\xa0\xe9\xbah\xb6\xb2\xea/{Q\xca\x14\x13\x9ajWt\xc9\xecd\xe7\xf6\t\x9dJ\xa4^m\xf3\xb5Y\f\x8f\r\xd5)>A\xe9\xf59\'G[\xf0`\xf3\'\xe4\xb2\x1d\xaf\n\xc0\xc1\x1d}DY\x95&\xe7\xf4U\xff\xcd&\a\x9f\x1bg\xe5|~\xc1\xc5n\x12%ur\xa1\x9e`\xc2\x01\b,\x18\xaf\xccD\xdeag\xc6\xf3\xd6\x94\x9d\xae\x8bl\xee\x7fu\xe5bu\x84\x04\xb3@\xa1\xf7\xc6\x13\xf9I?^\xf3,\",aT\xfd\"\x01\x92\xb1\xbf\x8a\x15\x88\xfd\x8f\x88\x87\x82\x9c:L\xd2\xb8\xfa5\x066\x82\xf3_LUr\xfa\xd2\x99d \x97c9G\x99\xe3\xcc$\x96cu\x97\xe7\xc7a\tm\xe8F\xc7j\xf8\x98\x81\xe7\xf7\xab3F\xf4u\xdaav\xd21\v\x99HG\xdfx\x1cPl\t#\xc1\x8e\xddW', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)

441.168592ms ago: executing program 6 (id=1291):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000820000000000000000850000007b00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000280)='netlink_extack\x00', r0}, 0x10)
r1 = socket$inet6(0xa, 0x3, 0x87)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000280)={{{@in6=@empty, @in=@private=0xa010100, 0x0, 0x0, 0x4, 0x7f, 0x2}, {0x0, 0x4, 0x0, 0x0, 0x0, 0x9}, {0x0, 0x1000000000, 0x53e8, 0x21}, 0x0, 0x1, 0x2, 0x0, 0x0, 0x1}, {{@in=@empty, 0x0, 0x32}, 0x2, @in=@remote, 0x3502, 0x1, 0x0, 0x0, 0x0, 0xfffffffd}}, 0xe8)

387.270711ms ago: executing program 6 (id=1293):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x13, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000012003007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000007000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f9001cffb702000008000000b703000000000000850000009b00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x3, 0xe, 0x0, &(0x7f0000000500)="0000001afa3cb651ce2f2f009ec3", 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

329.064201ms ago: executing program 0 (id=1294):
r0 = socket$xdp(0x2c, 0x3, 0x0)
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x8, 0x2000000000032, 0xffffffffffffffff, 0x0)
unshare(0x22020400)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)

312.444001ms ago: executing program 0 (id=1295):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000000c0)='locks_get_lock_context\x00', r0}, 0x18)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
fcntl$lock(r1, 0x26, &(0x7f0000000000))

304.603421ms ago: executing program 1 (id=1296):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast1, 0x1}, 0x1c)
r1 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r1, &(0x7f0000000480)={0xa, 0x4e20, 0xfffffffd, @mcast1, 0x2}, 0x33)

290.308031ms ago: executing program 0 (id=1297):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x23, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r1, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x38000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

268.035481ms ago: executing program 1 (id=1298):
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
syz_mount_image$exfat(&(0x7f0000006c00), &(0x7f0000001b40)='./file0\x00', 0x208008de, &(0x7f0000000240)=ANY=[], 0x1, 0x1503, &(0x7f0000002180)="$eJzs3AuYj1XXMPC99t43Y5L+TXIY9trr5p8G2yRJDgk5JEmSJDklJCZJEhJDTklDEnKcJIchJIdpTBrn8yHnpMkjTZKE5BT2d+np/Tzv0/O+fe9X3+e93lm/69qXvdz/tf7rnjXX3Pf9v66Z73uOqtu8Xq2mRCT+FPj7P8lCiBghxDAhxA1CiEAIUTGuYtyV4/kUJP+5N2F/rUfTrnUH7Fri+eduPP/cjeefu/H8czeef+7G88/deP65G8+fsdxs+5yiN/LKvYs//8/N+Pr/P0hOuclfbyx3c6//QgrPP3fj+eduPP/cjeefu/H8czee//98Nf+TYzz/3I3nz1hudq0/f+Z1bde1/v5jjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMZY7nPNXaSHEv+2vdV+MMcYYY4wxxhj76/i817oDxhhjjDHGGGOM/b8HQgoltAhEHpFXxIh8IlZcJ/KL60UBcYOIiBtFnLhJFBQ3i0KisCgiiop4UUwUF0agsIJEKEqIkiIqbhGlxK0iQZQWZURZ4UQ5kShuE+XF7aKCuENUFHeKSuIuUVlUEVVFNXG3qC7uETVETVFL3Ctqizqirqgn7hP1xf2igXhANBQPikbiIdFYPCyaiEdEU/GoaCYeE83F46KFeEK0FK1Ea9FGtP2/yn9Z9BWviH6iv0gWA8RA8aoYJAaLIWKoGCZeE8PF62KEeEOkiJFilHhTjBZviTHibTFWjBPjxTtigpgoJonJYoqYKlLFu2KaeE9MF++LGWKmmCVmizQxR8wVH4h5Yr5YID4UC8VHYpFYLJaIpSJdfCwyxDKRKT4Ry8WnIkusECvFKrFarBFrxTqxXmwQG8UmsVlsEVvFNrFdfCZ2iJ1il9gt9oi9Yp/4XOwXX4gD4kuRLb76L+af/af8XiBAgAQJGjTkgTwQAzEQC7GQH/JDASgAEYhAHMRBQSgIhaAQFIEiEA/xUByKAwICAUEJKAFRiEIpKAUJkABloAw4cJAIiVAebocKUAEqQkWoBJWgMlSBKlANqkF1qA41oAbUglpQG2pDXagL98F9cD80gAbQEBpCI2gEjaExNIEm0BSaQjNoBs2hObSAFtASWkJraA1toS20g3bQHtpDR+gInaATdIbOkARJ0BW6QjfoBt2hO/SAHtATekIv6A294WV4GV6BV6A/1JYDYCAMhEEwCIbAUBgKr8FweB1ehzcgBUbCKHgT3oS3YAycgbEwDsbDeKguJ8IkmAwkp0IqpMI0mAbTYTrMgJkwE2ZDGsyBuTAX5sF8mA8fwkL4CD6CxbAYlkI6pEMGLINMyITlcBayYAWshFWwGtbAalgH62EdbIRNsBG2wBbYBtvgM/gMdsJO2A27YS/shc/hc/gCvoAUyIZsOAgH4RAcgsNwGHIgB47AETgKR+EYHIPjcBxOwEk4BSfhNJyGM3AWzsE5uAAX4CK8GP9ts72lN6QIeYWWWuaReWSMjJGxMlbml/llAVlARmRExsk4WVAWlIVkIVlEFpHxMl4Wl8UlSpQkQ1lClogRQshSspRMkAmyjCwjnXQyUSbK8rK8rCAryIryTllJ3iUryyqyg6smq8nqsqOrIWvKWrKWrC3ryLqynqwn68v6soFsIBvKhrKRbCQby4dlEzkAhsCj8spkmsuR0EKOgpaylWwt28i34EnZTo6B9rKD7CifluNgLHSW7VySfFZ2lZOgm3xeToYXZA85FXrKl2Qv2Vv2kS/LvrK96yf7yxkwQA6Us2GQHCyHyKFyHtSRVyZWV74hU+RIOUq+KZfCW3KMfFuOlePkePmOnCAnyklyspwip8pU+a6cJt+T0+X7coacKWfJ2TJNzpFz5QdynpwvF8gP5UL5kVwkF8slcqlMlx/LDLlMZspP5HL5qcySK+RKuUqulmvkWrlOrpcb5Ea5SW6WW+RWuU1ul5/JHXKn3CV3yz1yr9wnP5f75RfygPxSZsuv5EH5N3lIfi0Py29kjvxWHpHfyaPye3lM/iCPyx/lCXlSnpI/ydPyZ3lGnpXn5Hl5Qf4iL8pL8rL0UihQUimlVaDyqLwqRuVTseo6lV9drwqoG1RE3aji1E2qoLpZFVKFVRFVVMWrYqq4MgqVVaRCVUKVVFF1iyqlblUJqrQqo8oqp8qpRHWbKq9uVxXUHaqiulNVUnepyqqKqqqqqbtVdXWPqqFqqlrqXlVb1VF1VT11n6qv7lcN1AOqoXpQNVIPqcbqYdVEPaKaqkdVM/WYaq4eVy3UE6qlaqVaqzaqrXpStVNPqfaqg+qonlad1DOqs+qiktSzqqt6TnVTz6vu6gXVQ72oeqqXVC/VW/VRl9Rl5VU/1V8lqwFqoHpVDVKD1RA1VA1Tr6nh6nU1Qr2hUtRINUq9qUart9QY9bYaq8ap8eodNUFNVJPUZDVFTVWp6l01Tb2npqv31Qw1U81Ss1WamqOG/FZpwT/lD/jtqvuP+e/9i/wRv777NrVdfaZ2qJ1ql9qt9qi9ap/ap/ar/eqAOqCyVbY6qA6qQ+qQOqwOqxyVo46oI+qoOqqOqWPquDquTqiT6rz6SZ1WP6sz6qw6q86rC+qCuvjb10Bo0FIrrXWg8+i8Okbn07H6Op1fX68L6Bt0RN+o4/RNuqC+WRfShXURXVTH62K6uDYatdWkQ11Cl9RRfYsupW/VCbq0LqPLaqfL6UR925/O/6P+2uq2up1up9vr9rqj7qg76U66s+6sk3SS7qq76m66m+6uu+seuofuqXvqXrqX7qP76L66r+6n++lknawH6lf1ID1YD9FD9TD9mh6uh+sReoRO0Sl6lB6lR+vReoweo8fqsXq8Hq8n6Al6kp6kp+gpOlWn6ml6mp6up+sZeoaepWfpNJ2m5+q5ep6epxfoBXqhXqgX6UV6iV6i03W6ztAZOlNn6uV6uc7SK/QKvUqv0mv0Gr1Or9Mb9Aa9SW/SW/QWnaW36+16h96hd+ldeo/eo/fpfXq/3q8P6AM6W2frg/qgPqQP6cP6sM7ROfqIPqKP6qP6mD424Lg+rk/oE/qUPqVP69P6jD6jz+lz+oK+oC/qi/qyvnzlti+QgQx0oIM8QZ4gJogJYoPYIH+QPygQFAgiQSSIC+KCgsHNQaGgcFAkKBrEB8WC4oEJMLABBWFQIigZRINbglLBrUFCUDooE5QNXFAuSAxuC8oHtwcVgjuCisGdQaXgrqByUCWoGlQL7g6qB/cENYKaQa3g3qB2UCeoG9QL7gvqB/cHDYIHgobBg0Gj4KGgcfBw0CR4JGgaPBo0Cx4LmgePBy2CJ4KWQaugddAmaPuX1vf+TOGnXD/T3ySbAWagedUMMoPNEDPUDDOvmeHmdTPCvGFSzEgzyrxpRpu3zBjzthlrxpnx5h0zwUw0k8xkM8VMNanmXTPNvGemm/fNDDPTzDKzTZqZY+aaD8w8M98sMB+aheYjs8gsNkvMUpNuPjYZZpnJNJ+Y5eZTk2VWmJVmlVlt1py/UQiz3mwwG80ms9lsMVvNNrPdfGZ2mJ1ml9lt9pi9Zp/53Ow3X5gD5kuTbb4yB83fzCHztTlsvjE55ltzxHxnjprvzTHzgzlufjQnzElzyvxkTpufzRlz1pwz580F84u5aC6Zy8Zfubm/cnlHjRrzYB6MwRiMxVjMj/mxABbACEYwDuOwIBbEQlgIi2ARjMd4LI7F8QpCwhJYAqMYxVJYChMwActgGXToMBETsTyWxwpYAStiRayElbAyVsaqWBXvxrvxHrwHa2JNvBfvxTpYB+thPayP9bEBNsCG2BAbYSNsjI2xCTbBptgUm2EzbI7NsQW2wJbYEltja2yLbbEdtsP22B47YkfshJ2wM3bGJEzCrtgVu2E37I7dsQf2wJ7YE3thL+yDfbAv9sV+2A+TMRkH4kAchINwCA7BYTgMh+NwHIEjMAVTcBSOwtE4GsfgGByL43A8voMTcCJOwsk4BadiKqbiNJyG03E6zsAZOAtnYRqm4Vyci/NwHi7ABbgQF+IiXIRLcAmmYzpmYAZmYiYux+WYhVm4ElfialyNa3Etrsf1uBE34mbcjFtxK27H7bgDd+Au3IV7cA/uw324H/fjATyA2ZiNB/EgHsJDeBgPYw7m4BE8gkfxKB7DY3gcj+MJPIGn8BSextN4Bs/gOTyHF/AXvIiX8DJ6jLFSxNrrbH57vS1gb7AxNp/9x7iILWrjbTFb3BpbyBb+dzFaaxNsaVvGlrXOlrOJ9rbfxZVtFVvVVrN32+r2Hlvjd3F9e79tYB+wDe2Dtp6977c4769xI/uQbWwft03sE7apbWWb2Ta2uX3ctrBP2Ja2lW1t29hO9hnb2XaxSfZZ29U+97s4wy6z6+0Gu9FusvvtF/acPW+P2u/tBfuL7Wf722H2NTvcvm5H2Ddsih35u3i8fcdOsBPtJDvZTrFTfxfPsrNtmp1j59oP7Dw7/3dxuv3YLrSZdpFdbJfYpb/GV3rKtJ/Y5fZTm2VX2JV2lV1t19i1dt3/7nWV3WK32m12n/3c7rA77S672+6xe3+Nr5zHAfulzbZf2SP2O3vIfm0P22M2x377a3zl/I7ZH+xx+6M9YU/aU/Yne9r+bM/Ys7+e/5Vz/8lespett4KAJCnSFFAeyksxlI9i6TrKT9dTAbqBInQjxdFNVJBupkJUmIpQUYqnYlScDCFZIgqpBJWkKN1CpehWSqDSVIbKkqNylEi3UXm6nSrQHVSR7qRKdBdVpipUlarR3VSd7qEaVJNq0b1Um+pQXapH91F9up8a0APUkB6kRvQQNaaHqQk9Qk3pUWpGj1Fzepxa0BPUklpRa2pDbelJakdPUXvqQB3paepEz1Bn6kJJ9Cx1peeoGz1P3ekF6kEvUk96iXpRb+pDL1NfeoX6UX9KpgE0kF6lQTSYhtBQGkav0XB6nUbQG5RCI2kUvUmj6S0aQ2/TWBpH4+kdmkATaRJNpik0lVLpXTqb3qXIlXu9GTSTZtFsSqM5NJc+oHk0nxbQh7SQPqJFtJiW0FJKp48pg5ZRJn1Cy+lTyqIVtJJW0WpaQ2tpHa2nDbSRNtFm2kJbaRttp89oB+2kXbSb9tBe2kef0376gg7Ql5RNX9FB+hsdoq/pMH1DOfQtHaHv6Ch9T8foBzpOP9IJOkmn6Cc6TT/TGTpL5+g8XaBf6CJdosvkSYQQylCFOgzCPGHeMCbMF8aG14X5w+vDAuENYSS8MYwLbwoLhjeHhcLCYZGwaBgfFguLhybE0IYUhmGJsGQYDW8JS4W3hglh6bBMWDZ0YbkwMbwtLB/eHlYI7wgrhneGlcK7wsphlfDxB6uFd4fVw3vCGmHNsFZ4b1g7rBPWDeuF94X1w/vDBuEDYcPwwbBC+FDYOHw4bBI+EjYNHw2bhY+FzcPHwxbhE2HLsFXYOmwTtg2fDNuFT4Xtww5hx/DpsFP4TNg57BImhc+GXcPn/vB4cjggHBi+Gr4aev+AWhJdGk2PfhzNiC6LZkY/iS6PfhrNiq6Iroyuiq6Oromuja6Lro9uiG6Mbopujm6Jbo1ui3pfL69w4KRTTrvA5XF5XYzL52LddS6/u94VcDe4iLvRxbmbXEF3syvkCrsirqiLd8VccWccOuvIha6EK+mi7hZXyt3qElxpV8aVdc6Vc4mujWvr2rp27inX3nVwHd3T7mn3jHvGdXFd3LOuq3vOdXPPu+7uBdfDvehedC+5Xq636+Nedn3dK66f6++SXbIb6Aa6QW6QG+KGuGFumBvuhrsRboRLcSlulBvlRrvRbowb48a6sW68G+8muAlukpvkprgpLtWlumlumpvuprsZboab5Wa5NJfm5rq5bp6b5xa4BW5hwkK3yC1yS9wSl+7SXYbLcJku0y13y12Wy3Ir3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O9wOt8vtcnvcHrfP7XP73X53wB1w2S7bHXQH3SF3yB1237gc96074r5zR9337pj7wR13P7oT7qQ75X5yp93P7ow768658+6C+8VddJfcZeddauTdyLTIe5HpkfcjMyIzI7MisyNpkTmRuZEPIvMi8yMLIh9GFkY+iiyKLI4siSyNpEc+jmRElkUyI59Elkc+jWRFVkRWRlZFVkfWRLwvtiP0JXxJH/W3+FL+Vp/gS/syvqx3vpxP9Lf58v52X8Hf4Sv6O30lf5ev7Kv4qv4J39K38q19G9/WP+nb+ad8e9/Bd/RP+07+Gd/Zd/FJ/lnf1T/nu/nnfXf/gu/hX/Q9/Uu+l+/t+/iXfV//iu/n+/tkP8AP9K/6QX6wH+KH+mH+NT/cv+5H+Dd8ih/pR/k3/Wj/lh/j3/Zj/Tg/3r/jJ/iJfpKf7Kf4qT7Vv+un+ff8dP++n+Fn+ll+tk/zc/xc/4Gf5+f7Bf5Dv9B/5Bf5xX6JX+rT/cc+wy/zmf4Tv9x/6rP8Cr/Sr/Kr/Rq/1q/z6/0Gv9Fv8pv9Fr/Vb/Pb/Wd+h9/pd/ndfo/f6/f5z/1+/4U/4L/02f4rf9D/zR/yX/vD/huf47/1R/x3/qj/3h/zP/jj/kd/wp/0p/xP/rT/2Z/xZ/05f95f8L/4i/6Sv8y/s8YYY4wx9n9E/cHxAf/i/+Rv64qBQojrdxbN+eeamwv9fT9YxneKCCGe7d/z0X9btWsnJyf/9tosJYKSi4UQkav5ecTVeIXoKJ4RSaKDKP8v+xsse1+gP6gfvVOI2KuVfxUr/rn+7f9B/SefHp9RKTwX95/UXyxEQsmrOfnE1fhq/Qr/Qf3C7f6g/3xfpwrR/h9y8our8dX6ieIp8ZxI+nevZIwxxhhjjDHG/m6wrNr9j56frzyfx+urOXnF1fiPns8ZY4wxxhhjjDF27b3Qu0+XJ5OSOnTnzZ/Y1Pjv0QZvePOXba71TybGGGOMMcbYX+3qTf+17oQxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMu9/n/8ObFrfY6MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcbYtfa/AgAA///mJjhh")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
ioctl$FIBMAP(r0, 0x1, &(0x7f0000000000)=0x2)

253.577401ms ago: executing program 0 (id=1299):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe2b, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r0}, 0x10)
restart_syscall()

213.66269ms ago: executing program 0 (id=1300):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0))
ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000200))
ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000240)=0x3)

153.460211ms ago: executing program 6 (id=1301):
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000000900008500000004"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
getrusage(0x1, &(0x7f00000005c0))

98.84003ms ago: executing program 0 (id=1302):
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='comm\x00')
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]})
getpid()
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')

98.38188ms ago: executing program 1 (id=1303):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x6, &(0x7f0000000480)=ANY=[@ANYBLOB="180200003f00ffff0000000000004000850000002c0000001800000004000000000000000700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0)
close(r1)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x27, 0x0, 0x0, 0x0, 0x0, 0x1400, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

69.93554ms ago: executing program 6 (id=1304):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000000c0)=@newlink={0x48, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_MACSEC_SCI={0xc}]}}}, @IFLA_LINK={0x8, 0x5, r1}]}, 0x48}, 0x1, 0x0, 0x0, 0x24044004}, 0x0)

0s ago: executing program 6 (id=1305):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="010000000000000073000040"])

kernel console output (not intermixed with test programs):

   25.863380][  T651] bridge0: port 1(bridge_slave_0) entered blocking state
[   25.871893][  T669] EXT4-fs error (device loop2): ext4_orphan_get:1400: comm syz.2.156: inode #13: comm syz.2.156: iget: illegal inode #
[   25.876949][  T651] bridge0: port 1(bridge_slave_0) entered disabled state
[   25.889774][  T669] EXT4-fs (loop2): Remounting filesystem read-only
[   25.896746][  T651] device bridge_slave_0 entered promiscuous mode
[   25.902518][  T669] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.156: couldn't read orphan inode 13 (err -117)
[   25.920761][  T669] EXT4-fs (loop2): Remounting filesystem read-only
[   25.927158][  T669] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   25.935447][  T651] bridge0: port 2(bridge_slave_1) entered blocking state
[   25.942666][  T651] bridge0: port 2(bridge_slave_1) entered disabled state
[   25.950262][  T651] device bridge_slave_1 entered promiscuous mode
[   25.953201][  T669] EXT4-fs (loop2): shut down requested (2)
[   25.963299][  T669] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[   25.972156][  T669] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[   25.981159][  T669] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[   25.995312][  T669] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[   26.016565][  T669] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[   26.040473][  T292] EXT4-fs (loop2): unmounting filesystem.
[   26.044072][  T677] netlink: 277 bytes leftover after parsing attributes in process `syz.1.159'.
[   26.091414][  T681] netlink: 24 bytes leftover after parsing attributes in process `syz.1.161'.
[   26.100222][  T681] bridge: RTM_NEWNEIGH with unconfigured vlan 2507 on bridge0
[   26.125299][  T687] SELinux: failed to load policy
[   26.131306][  T651] bridge0: port 2(bridge_slave_1) entered blocking state
[   26.138195][  T651] bridge0: port 2(bridge_slave_1) entered forwarding state
[   26.145257][  T651] bridge0: port 1(bridge_slave_0) entered blocking state
[   26.152070][  T651] bridge0: port 1(bridge_slave_0) entered forwarding state
[   26.201052][  T352] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   26.207410][  T694] loop2: detected capacity change from 0 to 256
[   26.214325][  T352] bridge0: port 1(bridge_slave_0) entered disabled state
[   26.224492][  T694] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[   26.236954][  T352] bridge0: port 2(bridge_slave_1) entered disabled state
[   26.263419][  T352] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   26.271757][  T352] bridge0: port 1(bridge_slave_0) entered blocking state
[   26.278647][  T352] bridge0: port 1(bridge_slave_0) entered forwarding state
[   26.287660][  T352] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   26.296690][  T352] bridge0: port 2(bridge_slave_1) entered blocking state
[   26.303548][  T352] bridge0: port 2(bridge_slave_1) entered forwarding state
[   26.322727][   T43] device bridge_slave_1 left promiscuous mode
[   26.331840][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[   26.342110][   T43] device bridge_slave_0 left promiscuous mode
[   26.349781][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[   26.357615][   T43] device veth1_macvtap left promiscuous mode
[   26.363446][   T43] device veth0_vlan left promiscuous mode
[   26.421811][  T352] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   26.444805][   T59] asix 5-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[   26.452573][  T352] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   26.463613][  T352] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   26.464500][   T59] asix 5-1:0.251 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9
[   26.472036][  T352] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   26.482663][   T59] asix: probe of 5-1:0.251 failed with error -71
[   26.499573][   T59] usb 5-1: USB disconnect, device number 3
[   26.499669][  T352] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   26.512738][  T352] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   26.522008][  T651] device veth0_vlan entered promiscuous mode
[   26.533694][  T352] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   26.543334][  T651] device veth1_macvtap entered promiscuous mode
[   26.571372][  T352] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   26.589557][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   26.597888][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   26.628164][  T705] loop2: detected capacity change from 0 to 1024
[   26.646456][  T705] =======================================================
[   26.646456][  T705] WARNING: The mand mount option has been deprecated and
[   26.646456][  T705]          and is ignored by this kernel. Remove the mand
[   26.646456][  T705]          option from the mount to silence this warning.
[   26.646456][  T705] =======================================================
[   26.682544][  T705] EXT4-fs: Ignoring removed nobh option
[   26.689646][  T705] EXT4-fs: Ignoring removed bh option
[   26.695815][  T705] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   26.718086][  T705] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   26.849181][  T292] EXT4-fs (loop2): unmounting filesystem.
[   27.075518][  T750] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check.
[   27.108675][  T731] bridge0: port 1(bridge_slave_0) entered blocking state
[   27.115590][  T731] bridge0: port 1(bridge_slave_0) entered disabled state
[   27.126464][  T754] loop5: detected capacity change from 0 to 1024
[   27.135824][  T731] device bridge_slave_0 entered promiscuous mode
[   27.147154][  T754] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   27.162688][  T731] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.170270][  T731] bridge0: port 2(bridge_slave_1) entered disabled state
[   27.176374][  T754] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   27.177714][  T731] device bridge_slave_1 entered promiscuous mode
[   27.212274][  T651] EXT4-fs (loop5): unmounting filesystem.
[   27.245899][  T765] netlink: 'syz.1.198': attribute type 1 has an invalid length.
[   27.266468][  T589] Bluetooth: hci0: command 0x1003 tx timeout
[   27.272456][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   27.347076][  T780] input: syz0 as /devices/virtual/input/input4
[   27.434232][  T802] loop1: detected capacity change from 0 to 512
[   27.451448][   T43] device bridge_slave_1 left promiscuous mode
[   27.465384][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[   27.477494][   T43] device bridge_slave_0 left promiscuous mode
[   27.487486][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[   27.495043][   T43] device veth1_macvtap left promiscuous mode
[   27.501254][   T43] device veth0_vlan left promiscuous mode
[   27.521669][  T802] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   27.530906][  T802] ext4 filesystem being mounted at /55/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   27.547786][  T288] EXT4-fs (loop1): unmounting filesystem.
[   27.609719][  T731] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.616595][  T731] bridge0: port 2(bridge_slave_1) entered forwarding state
[   27.623689][  T731] bridge0: port 1(bridge_slave_0) entered blocking state
[   27.630486][  T731] bridge0: port 1(bridge_slave_0) entered forwarding state
[   27.639187][  T817] netlink: 23 bytes leftover after parsing attributes in process `syz.0.220'.
[   27.657917][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   27.671807][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   27.686101][  T823] netlink: 8 bytes leftover after parsing attributes in process `syz.4.223'.
[   27.723727][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   27.731367][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   27.753526][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   27.773507][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   27.791098][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   27.797996][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   27.808192][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   27.818452][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   27.826738][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.833577][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   27.841949][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   27.849955][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   27.858864][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   27.868013][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   27.886795][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   27.895355][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   27.903818][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   27.912114][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   27.922909][  T731] device veth0_vlan entered promiscuous mode
[   27.936837][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   27.944343][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   27.954624][  T731] device veth1_macvtap entered promiscuous mode
[   27.962686][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   27.970713][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   27.978952][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   27.989174][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   27.997532][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   28.007059][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   28.015141][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   28.076266][   T24] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   28.221858][  T888] device wireguard0 entered promiscuous mode
[   28.227894][  T888] IPv6: ADDRCONF(NETDEV_CHANGE): wireguard0: link becomes ready
[   28.257530][   T24] usb 1-1: config 0 has an invalid interface number: 81 but max is 0
[   28.269441][  T897] netlink: 'syz.5.256': attribute type 3 has an invalid length.
[   28.274537][   T24] usb 1-1: config 0 has no interface number 0
[   28.294408][   T24] usb 1-1: config 0 interface 81 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   28.316038][  T903] loop5: detected capacity change from 0 to 256
[   28.318668][   T24] usb 1-1: config 0 interface 81 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   28.327845][  T903] exFAT-fs (loop5): failed to load upcase table (idx : 0x0001034b, chksum : 0x6322ccb6, utbl_chksum : 0xe619d30d)
[   28.341809][   T24] usb 1-1: config 0 interface 81 has no altsetting 0
[   28.370760][   T24] usb 1-1: New USB device found, idVendor=056a, idProduct=033b, bcdDevice= 0.00
[   28.379739][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   28.393943][   T24] usb 1-1: config 0 descriptor??
[   28.413381][  T912] usb usb5: usbfs: process 912 (syz.6.263) did not claim interface 0 before use
[   28.422380][  T311] usb 2-1: new full-speed USB device number 2 using dummy_hcd
[   28.496950][  T926] loop5: detected capacity change from 0 to 256
[   28.510152][  T926] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   28.545300][  T931] loop5: detected capacity change from 0 to 1024
[   28.552136][  T931] EXT4-fs: Ignoring removed orlov option
[   28.558542][  T931] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   28.569909][  T931] EXT4-fs (loop5): Test dummy encryption mode enabled
[   28.578568][  T931] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   28.594455][  T931] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[   28.597081][  T937] netlink: 8 bytes leftover after parsing attributes in process `syz.6.274'.
[   28.612080][  T311] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   28.612187][  T651] EXT4-fs (loop5): unmounting filesystem.
[   28.623452][  T311] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[   28.657006][  T311] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   28.675695][  T945] loop6: detected capacity change from 0 to 256
[   28.685164][  T940] loop5: detected capacity change from 0 to 2048
[   28.696062][  T311] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   28.702949][  T945] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[   28.704470][  T311] usb 2-1: Product: syz
[   28.719209][  T940] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   28.728849][  T940] ext4 filesystem being mounted at /31/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   28.730296][  T311] usb 2-1: Manufacturer: syz
[   28.743474][  T311] usb 2-1: SerialNumber: syz
[   28.764012][  T940] fs-verity: sha512 using implementation "sha512-avx2"
[   28.785273][  T955] loop4: detected capacity change from 0 to 1024
[   28.799810][  T955] EXT4-fs: Ignoring removed orlov option
[   28.805473][  T955] EXT4-fs: Ignoring removed nomblk_io_submit option
[   28.805611][   T24] wacom 0003:056A:033B.0001: unknown main item tag 0xe
[   28.819664][  T651] EXT4-fs (loop5): unmounting filesystem.
[   28.822750][   T24] wacom 0003:056A:033B.0001: Unknown device_type for 'HID 056a:033b'. Assuming pen.
[   28.835674][   T24] wacom 0003:056A:033B.0001: hidraw0: USB HID v0.40 Device [HID 056a:033b] on usb-dummy_hcd.0-1/input81
[   28.838107][  T955] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   28.847698][   T24] input: Wacom Intuos S 2 Pen as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.81/0003:056A:033B.0001/input/input5
[   28.879525][  T289] EXT4-fs (loop4): unmounting filesystem.
[   28.923145][  T964] netlink: 28 bytes leftover after parsing attributes in process `syz.6.286'.
[   28.975364][  T311] usb 2-1: 0:2 : does not exist
[   28.993710][  T311] usb 2-1: 5:0: failed to get current value for ch 0 (-22)
[   29.042123][  T311] usb 2-1: USB disconnect, device number 2
[   29.042378][   T39] usb 1-1: USB disconnect, device number 2
[   29.092352][  T990] loop5: detected capacity change from 0 to 128
[   29.122231][  T990] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   29.131088][  T990] ext4 filesystem being mounted at /38/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   29.146145][  T990] EXT4-fs error (device loop5): ext4_validate_block_bitmap:420: comm syz.5.296: bg 0: bad block bitmap checksum
[   29.169211][  T651] EXT4-fs (loop5): unmounting filesystem.
[   29.170277][  T996] loop4: detected capacity change from 0 to 16
[   29.181676][  T996] erofs: (device loop4): mounted with root inode @ nid 36.
[   29.192935][  T996] erofs: (device loop4): z_erofs_fill_inode_lazy: per-inode big pcluster without sb feature for nid 36
[   29.204701][  T996] erofs: (device loop4): z_erofs_fill_inode_lazy: per-inode big pcluster without sb feature for nid 36
[   29.216391][  T996] erofs: (device loop4): z_erofs_read_folio: failed to read, err [-117]
[   29.667312][ T1028] tmpfs: Unknown parameter 'nolazytimeÿÿ'
[   29.675341][ T1027] netlink: 8 bytes leftover after parsing attributes in process `syz.0.311'.
[   29.694779][   T28] kauditd_printk_skb: 106 callbacks suppressed
[   29.694794][   T28] audit: type=1400 audit(1738628616.279:302): avc:  denied  { write } for  pid=1031 comm="syz.1.314" name="ptp0" dev="devtmpfs" ino=260 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   29.716570][ T1027] netlink: 'syz.0.311': attribute type 2 has an invalid length.
[   29.826174][   T28] audit: type=1400 audit(1738628616.409:303): avc:  denied  { getopt } for  pid=1035 comm="syz.4.316" laddr=172.20.20.10 lport=250 faddr=172.20.20.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   29.938871][ T1046] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   29.956273][   T28] audit: type=1400 audit(1738628616.529:304): avc:  denied  { create } for  pid=1045 comm="syz.4.320" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   29.966430][ T1046] FAT-fs (loop9): unable to read boot sector
[   30.022597][   T28] audit: type=1400 audit(1738628616.529:305): avc:  denied  { mounton } for  pid=1045 comm="syz.4.320" path="/48/file0" dev="tmpfs" ino=263 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   30.096683][ T1055] netlink: 12 bytes leftover after parsing attributes in process `syz.0.324'.
[   30.107210][   T28] audit: type=1400 audit(1738628616.689:306): avc:  denied  { unlink } for  pid=289 comm="syz-executor" name="file0" dev="tmpfs" ino=263 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   30.366745][   T28] audit: type=1400 audit(1738628616.959:307): avc:  denied  { connect } for  pid=1079 comm="syz.4.335" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   30.426346][   T28] audit: type=1400 audit(1738628616.999:308): avc:  denied  { watch watch_reads } for  pid=1083 comm="syz.4.337" path="/51" dev="tmpfs" ino=274 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   30.526778][   T28] audit: type=1400 audit(1738628617.119:309): avc:  denied  { write } for  pid=1092 comm="syz.4.341" name="tcp6" dev="proc" ino=4026532422 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[   30.586289][   T28] audit: type=1400 audit(1738628617.139:310): avc:  denied  { write } for  pid=1097 comm="syz.6.344" name="random" dev="devtmpfs" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[   30.602468][ T1103] netlink: 24 bytes leftover after parsing attributes in process `syz.5.346'.
[   30.619353][ T1102] loop4: detected capacity change from 0 to 256
[   30.661605][ T1105] netlink: 32 bytes leftover after parsing attributes in process `syz.6.347'.
[   30.681964][ T1076] loop0: detected capacity change from 0 to 40427
[   30.694922][ T1108] netlink: 20 bytes leftover after parsing attributes in process `syz.5.349'.
[   30.705796][ T1076] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504)
[   30.719775][ T1076] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   30.738318][ T1076] F2FS-fs (loop0): invalid crc value
[   30.752026][   T28] audit: type=1400 audit(1738628617.339:311): avc:  denied  { attach_queue } for  pid=1114 comm="syz.6.353" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[   30.772586][ T1076] F2FS-fs (loop0): Found nat_bits in checkpoint
[   30.783397][ T1121] netlink: 'syz.4.354': attribute type 8 has an invalid length.
[   30.821804][ T1076] F2FS-fs (loop0): Start checkpoint disabled!
[   30.829467][ T1076] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[   30.836953][ T1076] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[   30.923645][   T43] kworker/u4:2: attempt to access beyond end of device
[   30.923645][   T43] loop0: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[   30.943588][ T1135] loop5: detected capacity change from 0 to 256
[   30.978048][ T1135] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[   31.240263][ T1168] loop5: detected capacity change from 0 to 256
[   31.284754][ T1168] FAT-fs (loop5): Directory bread(block 64) failed
[   31.304568][ T1168] FAT-fs (loop5): Directory bread(block 65) failed
[   31.323967][ T1168] FAT-fs (loop5): Directory bread(block 66) failed
[   31.341839][ T1168] FAT-fs (loop5): Directory bread(block 67) failed
[   31.363134][ T1168] FAT-fs (loop5): Directory bread(block 68) failed
[   31.386285][  T353] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   31.401190][ T1168] FAT-fs (loop5): Directory bread(block 69) failed
[   31.416335][ T1168] FAT-fs (loop5): Directory bread(block 70) failed
[   31.422686][ T1168] FAT-fs (loop5): Directory bread(block 71) failed
[   31.432929][ T1168] FAT-fs (loop5): Directory bread(block 72) failed
[   31.440465][ T1168] FAT-fs (loop5): Directory bread(block 73) failed
[   31.441211][ T1172] loop1: detected capacity change from 0 to 4096
[   31.532962][ T1172] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   31.542609][ T1186] loop0: detected capacity change from 0 to 256
[   31.582565][  T288] EXT4-fs (loop1): unmounting filesystem.
[   31.596406][  T353] usb 5-1: Using ep0 maxpacket: 16
[   31.610448][  T353] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   31.621607][   T43] tipc: Subscription rejected, illegal request
[   31.633846][  T353] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   31.647222][  T353] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[   31.653479][ T1130] loop6: detected capacity change from 0 to 131072
[   31.657868][  T353] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   31.672971][  T353] usb 5-1: config 0 descriptor??
[   31.681858][ T1130] F2FS-fs (loop6): invalid crc value
[   31.709415][ T1130] F2FS-fs (loop6): Found nat_bits in checkpoint
[   31.775591][ T1130] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e4
[   31.822286][ T1212] loop1: detected capacity change from 0 to 128
[   31.842176][ T1212] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   31.856501][ T1212] ext4 filesystem being mounted at /89/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   31.882040][  T353] usbhid 5-1:0.0: can't add hid device: -71
[   31.894003][  T353] usbhid: probe of 5-1:0.0 failed with error -71
[   31.911234][  T288] EXT4-fs (loop1): unmounting filesystem.
[   31.913391][  T353] usb 5-1: USB disconnect, device number 4
[   31.948533][ T1219] loop1: detected capacity change from 0 to 256
[   31.962143][ T1219] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[   31.979339][ T1219] exFAT-fs (loop1): hint_cluster is invalid (17)
[   32.094272][ T1227] loop6: detected capacity change from 0 to 512
[   32.114933][ T1227] EXT4-fs (loop6): revision level too high, forcing read-only mode
[   32.124529][ T1227] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002]
[   32.133074][ T1227] System zones: 0-1, 15-15, 18-18, 34-34
[   32.142269][ T1227] EXT4-fs (loop6): orphan cleanup on readonly fs
[   32.148869][ T1227] EXT4-fs warning (device loop6): ext4_enable_quotas:7016: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[   32.164119][ T1227] EXT4-fs (loop6): Cannot turn on quotas: error -22
[   32.170841][ T1227] EXT4-fs error (device loop6): ext4_orphan_get:1426: comm syz.6.393: bad orphan inode 16
[   32.181243][ T1227] ext4_test_bit(bit=15, block=18) = 1
[   32.188838][ T1227] is_bad_inode(inode)=0
[   32.192821][ T1227] NEXT_ORPHAN(inode)=0
[   32.196980][ T1227] max_ino=32
[   32.200201][ T1227] i_nlink=2
[   32.203165][ T1227] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[   32.225294][ T1227] fscrypt (loop6, inode 16): Error -61 getting encryption context
[   32.233862][ T1227] fscrypt (loop6, inode 16): Error -61 getting encryption context
[   32.241839][ T1227] binfmt_misc: register: failed to install interpreter file ./file2
[   32.255755][  T731] EXT4-fs (loop6): unmounting filesystem.
[   32.287209][ T1242] netlink: 12 bytes leftover after parsing attributes in process `syz.6.403'.
[   32.312881][ T1244] loop6: detected capacity change from 0 to 256
[   32.329992][ T1244] FAT-fs (loop6): Directory bread(block 64) failed
[   32.336715][ T1244] FAT-fs (loop6): Directory bread(block 65) failed
[   32.343137][ T1244] FAT-fs (loop6): Directory bread(block 66) failed
[   32.349734][ T1244] FAT-fs (loop6): Directory bread(block 67) failed
[   32.356165][ T1244] FAT-fs (loop6): Directory bread(block 68) failed
[   32.363151][ T1244] FAT-fs (loop6): Directory bread(block 69) failed
[   32.369756][ T1244] FAT-fs (loop6): Directory bread(block 70) failed
[   32.376158][ T1244] FAT-fs (loop6): Directory bread(block 71) failed
[   32.382843][ T1244] FAT-fs (loop6): Directory bread(block 72) failed
[   32.389565][ T1244] FAT-fs (loop6): Directory bread(block 73) failed
[   32.456562][ T1250] loop4: detected capacity change from 0 to 256
[   32.476850][ T1254] binder: 1253:1254 ioctl c0306201 200003c0 returned -22
[   32.482903][ T1250] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   32.510380][ T1250] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010364, chksum : 0x43f9f21b, utbl_chksum : 0xe619d30d)
[   32.511472][ T1256] loop5: detected capacity change from 0 to 256
[   32.572216][ T1256] FAT-fs (loop5): error, fat_free: invalid cluster chain (i_pos 196)
[   32.626095][  T651] FAT-fs (loop5): error, fat_free: invalid cluster chain (i_pos 196)
[   32.637097][ T1270] kvm [1268]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc0010002 data 0x2
[   32.893707][  T311] kernel write not supported for file /uinput (pid: 311 comm: kworker/0:3)
[   32.951593][ T1322] loop6: detected capacity change from 0 to 512
[   32.983472][ T1322] EXT4-fs error (device loop6): ext4_orphan_get:1400: inode #15: comm syz.6.441: casefold flag without casefold feature
[   33.000180][ T1322] EXT4-fs error (device loop6): ext4_orphan_get:1405: comm syz.6.441: couldn't read orphan inode 15 (err -117)
[   33.013609][ T1322] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[   33.031805][  T731] EXT4-fs (loop6): unmounting filesystem.
[   33.047482][ T1332] SELinux:  Context Ü is not valid (left unmapped).
[   33.054777][ T1330] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[   33.196697][ T1355] SELinux:  Context system_u:object_r:crond_var_run_t:s0 is not valid (left unmapped).
[   33.264500][ T1357] loop5: detected capacity change from 0 to 8192
[   33.296441][ T1357] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   33.394197][ T1364] loop5: detected capacity change from 0 to 4096
[   33.414734][ T1364] EXT4-fs: Ignoring removed oldalloc option
[   33.420952][ T1364] EXT4-fs (loop5): Test dummy encryption mode enabled
[   33.434385][ T1364] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   33.452278][ T1346] loop0: detected capacity change from 0 to 40427
[   33.467088][ T1346] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504)
[   33.467718][  T651] EXT4-fs (loop5): unmounting filesystem.
[   33.480226][ T1346] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   33.507348][ T1346] F2FS-fs (loop0): invalid crc value
[   33.526408][   T39] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[   33.556068][ T1346] F2FS-fs (loop0): Found nat_bits in checkpoint
[   33.596152][ T1346] F2FS-fs (loop0): Start checkpoint disabled!
[   33.603574][ T1346] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[   33.610508][ T1346] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[   33.670322][   T43] kworker/u4:2: attempt to access beyond end of device
[   33.670322][   T43] loop0: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[   33.717646][   T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   33.736651][   T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   33.766385][   T39] usb 5-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[   33.785615][   T39] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   33.806074][   T39] usb 5-1: config 0 descriptor??
[   33.811087][  T353] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[   33.867125][ T1415] __nla_validate_parse: 1 callbacks suppressed
[   33.867137][ T1415] netlink: 48 bytes leftover after parsing attributes in process `syz.0.481'.
[   33.893366][ T1417] loop0: detected capacity change from 0 to 16
[   33.902883][ T1417] erofs: (device loop0): mounted with root inode @ nid 36.
[   33.925246][ T1421] binder: 1420:1421 ioctl c018620b 20000400 returned -14
[   33.996314][  T353] usb 7-1: Using ep0 maxpacket: 32
[   34.003750][  T353] usb 7-1: config 0 has no interfaces?
[   34.012126][  T353] usb 7-1: New USB device found, idVendor=ff7a, idProduct=007f, bcdDevice=a6.00
[   34.021453][  T353] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   34.030645][  T353] usb 7-1: Product: syz
[   34.034840][  T353] usb 7-1: Manufacturer: syz
[   34.039629][  T353] usb 7-1: SerialNumber: syz
[   34.045090][  T353] usb 7-1: config 0 descriptor??
[   34.083061][ T1440] tun0: tun_chr_ioctl cmd 1074025680
[   34.102302][ T1442] xt_hashlimit: size too large, truncated to 1048576
[   34.231906][   T39] arvo 0003:1E7D:30D4.0002: item fetching failed at offset 5/7
[   34.241670][   T39] arvo 0003:1E7D:30D4.0002: parse failed
[   34.250474][   T39] arvo: probe of 0003:1E7D:30D4.0002 failed with error -22
[   34.266087][ T1451] loop1: detected capacity change from 0 to 512
[   34.274496][   T39] usb 7-1: USB disconnect, device number 2
[   34.292240][ T1451] EXT4-fs (loop1): Test dummy encryption mode enabled
[   34.302108][ T1451] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   34.325773][ T1451] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   34.345439][ T1451] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002]
[   34.355513][ T1451] System zones: 1-12
[   34.362709][ T1451] EXT4-fs (loop1): 1 truncate cleaned up
[   34.371519][ T1451] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   34.392759][  T288] EXT4-fs (loop1): unmounting filesystem.
[   34.432331][  T353] usb 5-1: USB disconnect, device number 5
[   34.460041][ T1465] loop1: detected capacity change from 0 to 256
[   34.477279][ T1465] FAT-fs (loop1): Directory bread(block 64) failed
[   34.483729][ T1465] FAT-fs (loop1): Directory bread(block 65) failed
[   34.490806][ T1465] FAT-fs (loop1): Directory bread(block 66) failed
[   34.497408][ T1465] FAT-fs (loop1): Directory bread(block 67) failed
[   34.503794][ T1465] FAT-fs (loop1): Directory bread(block 68) failed
[   34.510490][ T1465] FAT-fs (loop1): Directory bread(block 69) failed
[   34.516997][ T1465] FAT-fs (loop1): Directory bread(block 70) failed
[   34.523408][ T1465] FAT-fs (loop1): Directory bread(block 71) failed
[   34.529807][ T1465] FAT-fs (loop1): Directory bread(block 72) failed
[   34.536503][ T1465] FAT-fs (loop1): Directory bread(block 73) failed
[   34.561262][  T352] kworker/u4:4: attempt to access beyond end of device
[   34.561262][  T352] loop1: rw=1, sector=1224, nr_sectors = 8 limit=256
[   34.614273][ T1473] bridge0: port 3(syz_tun) entered blocking state
[   34.623567][ T1474] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[   34.632804][ T1473] bridge0: port 3(syz_tun) entered disabled state
[   34.643339][ T1473] device syz_tun entered promiscuous mode
[   34.654661][ T1473] bridge0: port 3(syz_tun) entered blocking state
[   34.661047][ T1473] bridge0: port 3(syz_tun) entered forwarding state
[   34.669618][ T1477] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[   34.730094][ T1485] bridge0: port 1(bridge_slave_0) entered blocking state
[   34.737001][ T1485] bridge0: port 1(bridge_slave_0) entered forwarding state
[   34.803188][ T1494] loop0: detected capacity change from 0 to 512
[   34.809764][   T28] kauditd_printk_skb: 38 callbacks suppressed
[   34.809777][   T28] audit: type=1400 audit(1738628621.399:349): avc:  denied  { connect } for  pid=1495 comm="syz.6.517" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   34.854859][ T1500] loop5: detected capacity change from 0 to 512
[   34.879600][ T1472] loop1: detected capacity change from 0 to 40427
[   34.881813][ T1494] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[   34.895338][ T1472] F2FS-fs (loop1): Image doesn't support compression
[   34.908635][ T1500] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   34.913395][ T1472] F2FS-fs (loop1): invalid crc value
[   34.917906][ T1500] ext4 filesystem being mounted at /88/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   34.926500][ T1494] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a802c028, mo2=0002]
[   34.941929][ T1494] System zones: 0-2, 18-18, 34-35
[   34.951452][   T28] audit: type=1400 audit(1738628621.539:350): avc:  denied  { setattr } for  pid=1499 comm="syz.5.519" name="work" dev="loop5" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   34.954792][ T1515] syz.4.523 uses obsolete (PF_INET,SOCK_PACKET)
[   34.975305][ T1494] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   34.990981][ T1472] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[   35.008692][ T1500] EXT4-fs (loop5): re-mounted. Quota mode: writeback.
[   35.011277][ T1494] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 3: comm syz.0.516: path /81/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[   35.036100][   T28] audit: type=1400 audit(1738628621.579:351): avc:  denied  { remove_name } for  pid=1499 comm="syz.5.519" name="#7" dev="loop5" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   35.057837][ T1494] EXT4-fs (loop0): Remounting filesystem read-only
[   35.057879][   T28] audit: type=1400 audit(1738628621.579:352): avc:  denied  { rename } for  pid=1499 comm="syz.5.519" name="#7" dev="loop5" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   35.086188][   T28] audit: type=1400 audit(1738628621.579:353): avc:  denied  { unlink } for  pid=1499 comm="syz.5.519" name="#7" dev="loop5" ino=22 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=chr_file permissive=1
[   35.107997][   T28] audit: type=1400 audit(1738628621.579:354): avc:  denied  { unlink } for  pid=1499 comm="syz.5.519" name="#8" dev="loop5" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   35.108492][  T651] EXT4-fs (loop5): unmounting filesystem.
[   35.131032][   T28] audit: type=1400 audit(1738628621.599:355): avc:  denied  { remount } for  pid=1499 comm="syz.5.519" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   35.137111][ T1472] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   35.162055][  T290] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1087: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   35.196782][ T1521] loop4: detected capacity change from 0 to 16
[   35.201103][ T1472] F2FS-fs (loop1): Inconsistent segment (8) type [1, 0] in SSA and SIT
[   35.217178][  T290] EXT4-fs (loop0): unmounting filesystem.
[   35.227253][ T1521] erofs: (device loop4): mounted with root inode @ nid 36.
[   35.247438][ T1524] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[   35.277676][ T1529] loop4: detected capacity change from 0 to 512
[   35.321112][ T1540] loop0: detected capacity change from 0 to 256
[   35.328295][ T1529] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   35.338680][ T1529] ext4 filesystem being mounted at /80/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   35.349508][   T28] audit: type=1326 audit(1738628621.929:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1541 comm="syz.6.534" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7a7258cda9 code=0x0
[   35.384502][ T1540] FAT-fs (loop0): Directory bread(block 64) failed
[   35.396297][ T1540] FAT-fs (loop0): Directory bread(block 65) failed
[   35.413021][ T1540] FAT-fs (loop0): Directory bread(block 66) failed
[   35.426279][ T1540] FAT-fs (loop0): Directory bread(block 67) failed
[   35.442443][ T1540] FAT-fs (loop0): Directory bread(block 68) failed
[   35.453984][ T1540] FAT-fs (loop0): Directory bread(block 69) failed
[   35.462498][ T1540] FAT-fs (loop0): Directory bread(block 70) failed
[   35.470240][ T1540] FAT-fs (loop0): Directory bread(block 71) failed
[   35.476881][ T1540] FAT-fs (loop0): Directory bread(block 72) failed
[   35.477470][  T289] EXT4-fs (loop4): unmounting filesystem.
[   35.483284][ T1540] FAT-fs (loop0): Directory bread(block 73) failed
[   35.527046][ T1540] FAT-fs (loop0): error, corrupted directory (invalid entries)
[   35.542502][ T1540] FAT-fs (loop0): Filesystem has been set read-only
[   35.561381][ T1540] FAT-fs (loop0): error, corrupted directory (invalid entries)
[   35.659471][   T28] audit: type=1400 audit(1738628622.249:357): avc:  denied  { write } for  pid=1565 comm="syz.5.543" name="binder0" dev="binder" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   35.706240][   T28] audit: type=1400 audit(1738628622.249:358): avc:  denied  { set_context_mgr } for  pid=1565 comm="syz.5.543" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[   35.915531][ T1556] loop4: detected capacity change from 0 to 40427
[   35.956802][ T1556] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[   35.968264][ T1556] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   36.010126][ T1556] F2FS-fs (loop4): Found nat_bits in checkpoint
[   36.053431][ T1556] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[   36.060640][ T1556] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   36.104961][ T1556] syz.4.540: attempt to access beyond end of device
[   36.104961][ T1556] loop4: rw=2049, sector=45096, nr_sectors = 520 limit=40427
[   36.131096][ T1619] loop1: detected capacity change from 0 to 128
[   36.152008][ T1619] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   36.160772][ T1619] ext4 filesystem being mounted at /122/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   36.243213][  T288] EXT4-fs (loop1): unmounting filesystem.
[   36.322638][ T1643] loop6: detected capacity change from 0 to 1024
[   36.356682][ T1643] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   36.387903][ T1643] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[   36.500123][  T731] EXT4-fs (loop6): unmounting filesystem.
[   36.501992][ T1646] loop1: detected capacity change from 0 to 40427
[   36.519391][ T1646] F2FS-fs (loop1): invalid crc value
[   36.541084][ T1646] F2FS-fs (loop1): Found nat_bits in checkpoint
[   36.587897][ T1667] loop4: detected capacity change from 0 to 2048
[   36.598974][ T1646] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   36.601210][ T1667] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   36.623711][ T1646] F2FS-fs (loop1): switch extent_cache option is not allowed
[   36.637587][  T288] syz-executor: attempt to access beyond end of device
[   36.637587][  T288] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   36.648029][ T1667] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   36.666711][ T1667] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 31 with max blocks 1 with error 28
[   36.687234][ T1667] EXT4-fs (loop4): This should not happen!! Data will be lost
[   36.687234][ T1667] 
[   36.697028][ T1667] EXT4-fs (loop4): Total free blocks count 0
[   36.702919][ T1667] EXT4-fs (loop4): Free/Dirty block details
[   36.709002][ T1667] EXT4-fs (loop4): free_blocks=2415919104
[   36.714738][ T1667] EXT4-fs (loop4): dirty_blocks=32
[   36.720205][ T1667] EXT4-fs (loop4): Block reservation details
[   36.720467][ T1675] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   36.726106][ T1667] EXT4-fs (loop4): i_reserved_data_blocks=2
[   36.781279][ T1677] loop5: detected capacity change from 0 to 512
[   36.816562][ T1677] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   36.842545][ T1677] ext4 filesystem being mounted at /108/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   36.875192][ T1677] EXT4-fs (loop5): unmounting filesystem.
[   36.887889][ T1682] netlink: 'syz.0.590': attribute type 12 has an invalid length.
[   36.961685][ T1674] loop6: detected capacity change from 0 to 40427
[   36.970182][ T1686] loop1: detected capacity change from 0 to 512
[   36.978997][ T1686] EXT4-fs: Ignoring removed i_version option
[   36.985033][ T1674] F2FS-fs (loop6): fault_injection options not supported
[   36.993382][ T1686] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   36.997257][ T1674] F2FS-fs (loop6): invalid crc value
[   37.025047][ T1686] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2809: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   37.051224][ T1674] F2FS-fs (loop6): Found nat_bits in checkpoint
[   37.082552][ T1686] EXT4-fs (loop1): 1 truncate cleaned up
[   37.097005][ T1686] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   37.129981][  T288] EXT4-fs (loop1): unmounting filesystem.
[   37.139751][ T1674] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[   37.178561][ T1714] loop1: detected capacity change from 0 to 512
[   37.187374][ T1714] EXT4-fs: Ignoring removed mblk_io_submit option
[   37.193888][ T1714] EXT4-fs: Ignoring removed nobh option
[   37.200711][ T1714] EXT4-fs (loop1): Test dummy encryption mode enabled
[   37.220382][ T1714] EXT4-fs error (device loop1): ext4_find_inline_data_nolock:164: inode #12: comm syz.1.601: inline data xattr refers to an external xattr inode
[   37.245198][ T1714] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.601: couldn't read orphan inode 12 (err -117)
[   37.257543][ T1714] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   37.281225][ T1723] loop0: detected capacity change from 0 to 256
[   37.286646][  T288] EXT4-fs (loop1): unmounting filesystem.
[   37.287698][ T1723] exfat: Deprecated parameter 'utf8'
[   37.298155][ T1723] exfat: Deprecated parameter 'utf8'
[   37.305376][ T1723] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[   37.903160][ T1754] loop1: detected capacity change from 0 to 512
[   37.922689][ T1754] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[   37.941168][ T1756] loop4: detected capacity change from 0 to 1024
[   37.951911][ T1756] EXT4-fs: Ignoring removed orlov option
[   37.975060][ T1756] EXT4-fs (loop4): Test dummy encryption mode enabled
[   37.986102][ T1754] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   38.002613][ T1756] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   38.012237][  T288] EXT4-fs (loop1): unmounting filesystem.
[   38.040935][  T289] EXT4-fs (loop4): unmounting filesystem.
[   38.069349][ T1765] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[   38.107877][ T1765] overlayfs: filesystem on './file0' not supported as upperdir
[   38.244417][ T1763] loop1: detected capacity change from 0 to 40427
[   38.261941][ T1763] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504)
[   38.272173][ T1763] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   38.288951][ T1763] F2FS-fs (loop1): invalid crc value
[   38.308744][ T1763] F2FS-fs (loop1): Found nat_bits in checkpoint
[   38.396504][ T1763] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   38.404721][ T1763] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   38.457311][  T288] syz-executor: attempt to access beyond end of device
[   38.457311][  T288] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[   38.478028][    T8] Bluetooth: hci0: Frame reassembly failed (-84)
[   38.485927][ T1780] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[   38.516278][  T353] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   38.612916][ T1787] loop0: detected capacity change from 0 to 2048
[   38.625520][ T1793] netlink: 8 bytes leftover after parsing attributes in process `syz.6.632'.
[   38.635515][ T1787] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   38.645105][ T1787] ext4 filesystem being mounted at /110/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   38.667209][  T290] EXT4-fs (loop0): unmounting filesystem.
[   38.696336][  T353] usb 6-1: Using ep0 maxpacket: 8
[   38.702261][  T353] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   38.714361][  T353] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[   38.724004][  T353] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[   38.724231][ T1801] device wireguard0 entered promiscuous mode
[   38.734895][  T353] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   38.739785][ T1801] IPv6: ADDRCONF(NETDEV_CHANGE): wireguard0: link becomes ready
[   38.748404][  T353] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   38.763866][  T353] usb 6-1: Product: syz
[   38.767889][  T353] usb 6-1: Manufacturer: syz
[   38.772278][  T353] usb 6-1: SerialNumber: syz
[   38.886283][  T311] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   38.898416][ T1818] loop0: detected capacity change from 0 to 256
[   38.912493][ T1818] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[   38.939910][ T1822] netlink: 28 bytes leftover after parsing attributes in process `syz.0.644'.
[   38.981635][  T353] cdc_ncm 6-1:1.0: bind() failure
[   38.987162][  T353] cdc_ncm 6-1:1.1: CDC Union missing and no IAD found
[   38.993850][  T353] cdc_ncm 6-1:1.1: bind() failure
[   39.001934][  T353] usb 6-1: USB disconnect, device number 2
[   39.076275][  T311] usb 2-1: Using ep0 maxpacket: 16
[   39.097980][  T311] usb 2-1: config 0 has an invalid interface number: 251 but max is 0
[   39.107689][  T311] usb 2-1: config 0 has no interface number 0
[   39.113622][  T311] usb 2-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16
[   39.124681][  T311] usb 2-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[   39.130376][ T1838] loop0: detected capacity change from 0 to 128
[   39.136473][  T311] usb 2-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[   39.149749][  T311] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   39.151923][ T1838] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   39.157978][  T311] usb 2-1: Product: syz
[   39.170823][  T311] usb 2-1: Manufacturer: syz
[   39.175242][  T311] usb 2-1: SerialNumber: syz
[   39.177538][  T853] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[   39.180468][  T311] usb 2-1: config 0 descriptor??
[   39.192281][ T1791] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[   39.199541][ T1791] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[   39.246452][ T1844] netlink: 4 bytes leftover after parsing attributes in process `syz.0.655'.
[   39.347348][ T1854] tmpfs: Unknown parameter 'nolazytimeÿÿ'
[   39.367416][  T853] usb 7-1: config 220 has an invalid interface number: 76 but max is 2
[   39.377838][  T853] usb 7-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[   39.390310][  T853] usb 7-1: config 220 has no interface number 2
[   39.397126][  T853] usb 7-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[   39.410399][  T853] usb 7-1: config 220 interface 0 has no altsetting 0
[   39.417108][ T1791] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[   39.424083][ T1791] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[   39.431468][  T853] usb 7-1: config 220 interface 76 has no altsetting 0
[   39.438501][  T853] usb 7-1: config 220 interface 1 has no altsetting 0
[   39.456042][  T853] usb 7-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[   39.465241][  T853] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   39.473351][  T853] usb 7-1: Product: syz
[   39.477669][  T853] usb 7-1: Manufacturer: syz
[   39.482088][  T853] usb 7-1: SerialNumber: syz
[   39.646413][ T1866] loop5: detected capacity change from 0 to 40427
[   39.654129][ T1866] F2FS-fs (loop5): fault_injection options not supported
[   39.662243][ T1866] F2FS-fs (loop5): invalid crc value
[   39.668912][ T1866] F2FS-fs (loop5): Found nat_bits in checkpoint
[   39.692910][  T853] usb 7-1: Found Unit with invalid ID 0.
[   39.710032][  T853] usb 7-1: USB disconnect, device number 3
[   39.710369][ T1866] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[   39.788996][ T1871] loop5: detected capacity change from 0 to 256
[   39.805831][ T1871] FAT-fs (loop5): Directory bread(block 64) failed
[   39.812454][ T1871] FAT-fs (loop5): Directory bread(block 65) failed
[   39.819112][ T1871] FAT-fs (loop5): Directory bread(block 66) failed
[   39.825516][ T1871] FAT-fs (loop5): Directory bread(block 67) failed
[   39.831923][ T1871] FAT-fs (loop5): Directory bread(block 68) failed
[   39.838301][ T1871] FAT-fs (loop5): Directory bread(block 69) failed
[   39.844607][ T1871] FAT-fs (loop5): Directory bread(block 70) failed
[   39.851012][ T1871] FAT-fs (loop5): Directory bread(block 71) failed
[   39.857299][ T1871] FAT-fs (loop5): Directory bread(block 72) failed
[   39.863601][ T1871] FAT-fs (loop5): Directory bread(block 73) failed
[   40.051832][  T311] asix 2-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[   40.061871][  T311] asix 2-1:0.251 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9
[   40.073912][  T311] asix: probe of 2-1:0.251 failed with error -71
[   40.082981][  T311] usb 2-1: USB disconnect, device number 3
[   40.210406][ T1876] bridge0: port 3(syz_tun) entered blocking state
[   40.216781][ T1876] bridge0: port 3(syz_tun) entered disabled state
[   40.223423][ T1876] device syz_tun entered promiscuous mode
[   40.229139][ T1876] bridge0: port 3(syz_tun) entered blocking state
[   40.235401][ T1876] bridge0: port 3(syz_tun) entered forwarding state
[   40.242916][ T1876] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[   40.319057][ T1882] loop0: detected capacity change from 0 to 1024
[   40.326119][ T1882] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   40.337750][ T1882] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   40.355908][  T290] EXT4-fs (loop0): unmounting filesystem.
[   40.546334][  T589] Bluetooth: hci0: command 0x1003 tx timeout
[   40.546348][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   40.576264][  T311] usb 7-1: new full-speed USB device number 4 using dummy_hcd
[   40.660832][ T1894] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[   40.675123][ T1894] overlayfs: filesystem on './file0' not supported as upperdir
[   40.720946][ T1901] loop0: detected capacity change from 0 to 256
[   40.742338][ T1901] FAT-fs (loop0): Directory bread(block 64) failed
[   40.748808][ T1901] FAT-fs (loop0): Directory bread(block 65) failed
[   40.755192][ T1901] FAT-fs (loop0): Directory bread(block 66) failed
[   40.761779][ T1901] FAT-fs (loop0): Directory bread(block 67) failed
[   40.768463][ T1901] FAT-fs (loop0): Directory bread(block 68) failed
[   40.774859][ T1901] FAT-fs (loop0): Directory bread(block 69) failed
[   40.782165][ T1901] FAT-fs (loop0): Directory bread(block 70) failed
[   40.788959][ T1901] FAT-fs (loop0): Directory bread(block 71) failed
[   40.795439][ T1901] FAT-fs (loop0): Directory bread(block 72) failed
[   40.795528][  T311] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   40.802301][  T311] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[   40.821435][ T1901] FAT-fs (loop0): Directory bread(block 73) failed
[   40.829211][  T311] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   40.840423][  T311] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   40.848906][  T311] usb 7-1: Product: syz
[   40.852891][  T311] usb 7-1: Manufacturer: syz
[   40.857565][  T311] usb 7-1: SerialNumber: syz
[   40.909536][ T1902] syz.4.679 (1902) used greatest stack depth: 20328 bytes left
[   40.909736][ T1904] loop0: detected capacity change from 0 to 512
[   40.937128][ T1904] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[   40.951966][ T1908] loop1: detected capacity change from 0 to 256
[   40.987866][   T28] kauditd_printk_skb: 131 callbacks suppressed
[   40.987882][   T28] audit: type=1400 audit(1738628627.579:490): avc:  denied  { create } for  pid=1909 comm="syz.4.682" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   41.021561][ T1908] FAT-fs (loop1): Directory bread(block 64) failed
[   41.023992][   T28] audit: type=1400 audit(1738628627.609:491): avc:  denied  { read } for  pid=1909 comm="syz.4.682" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   41.036493][ T1908] FAT-fs (loop1): Directory bread(block 65) failed
[   41.054497][ T1908] FAT-fs (loop1): Directory bread(block 66) failed
[   41.056364][ T1904] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   41.061130][ T1908] FAT-fs (loop1): Directory bread(block 67) failed
[   41.074906][  T311] usb 7-1: 0:2 : does not exist
[   41.078779][ T1908] FAT-fs (loop1): Directory bread(block 68) failed
[   41.084164][   T28] audit: type=1400 audit(1738628627.669:492): avc:  denied  { write } for  pid=1909 comm="syz.4.682" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   41.087282][ T1908] FAT-fs (loop1): Directory bread(block 69) failed
[   41.112598][ T1908] FAT-fs (loop1): Directory bread(block 70) failed
[   41.118681][  T311] usb 7-1: 5:0: failed to get current value for ch 0 (-22)
[   41.118899][ T1908] FAT-fs (loop1): Directory bread(block 71) failed
[   41.133765][ T1908] FAT-fs (loop1): Directory bread(block 72) failed
[   41.140153][ T1908] FAT-fs (loop1): Directory bread(block 73) failed
[   41.155925][  T311] usb 7-1: USB disconnect, device number 4
[   41.170246][   T28] audit: type=1400 audit(1738628627.759:493): avc:  denied  { getopt } for  pid=1909 comm="syz.4.682" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   41.198516][  T290] EXT4-fs (loop0): unmounting filesystem.
[   41.229107][   T19] kernel write not supported for file /uinput (pid: 19 comm: kworker/0:1)
[   41.379120][ T1919] loop5: detected capacity change from 0 to 40427
[   41.385833][ T1919] F2FS-fs (loop5): Insane cp_payload (553648128 >= 504)
[   41.392693][ T1919] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[   41.401314][ T1919] F2FS-fs (loop5): invalid crc value
[   41.407583][ T1919] F2FS-fs (loop5): Found nat_bits in checkpoint
[   41.433814][ T1919] F2FS-fs (loop5): Start checkpoint disabled!
[   41.440620][ T1919] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[   41.447644][ T1919] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[   41.492142][ T1933] loop0: detected capacity change from 0 to 256
[   41.511915][ T1933] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[   41.518920][   T43] kworker/u4:2: attempt to access beyond end of device
[   41.518920][   T43] loop5: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[   41.531330][ T1933] exFAT-fs (loop0): hint_cluster is invalid (17)
[   41.542009][   T28] audit: type=1400 audit(1738628628.109:494): avc:  denied  { write } for  pid=1932 comm="syz.0.687" name="file2" dev="loop0" ino=1048665 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   41.601033][   T28] audit: type=1400 audit(1738628628.109:495): avc:  denied  { open } for  pid=1932 comm="syz.0.687" path="/145/file2/file2" dev="loop0" ino=1048665 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   41.676294][   T28] audit: type=1400 audit(1738628628.109:496): avc:  denied  { unlink } for  pid=1932 comm="syz.0.687" name="file2" dev="loop0" ino=1048665 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   41.726752][   T28] audit: type=1400 audit(1738628628.299:497): avc:  denied  { ioctl } for  pid=1943 comm="syz.6.691" path="socket:[23288]" dev="sockfs" ino=23288 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   41.752269][   T28] audit: type=1400 audit(1738628628.299:498): avc:  denied  { module_request } for  pid=1943 comm="syz.6.691" kmod="netdev-wpan1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[   41.776695][ T1947] loop6: detected capacity change from 0 to 16
[   41.800921][ T1947] erofs: (device loop6): mounted with root inode @ nid 36.
[   41.828553][ T1949] loop0: detected capacity change from 0 to 256
[   41.927288][ T1949] FAT-fs (loop0): Directory bread(block 64) failed
[   41.933822][ T1949] FAT-fs (loop0): Directory bread(block 65) failed
[   41.946897][ T1949] FAT-fs (loop0): Directory bread(block 66) failed
[   41.953834][ T1949] FAT-fs (loop0): Directory bread(block 67) failed
[   41.960643][ T1949] FAT-fs (loop0): Directory bread(block 68) failed
[   41.967220][ T1949] FAT-fs (loop0): Directory bread(block 69) failed
[   41.973664][ T1949] FAT-fs (loop0): Directory bread(block 70) failed
[   41.980602][ T1949] FAT-fs (loop0): Directory bread(block 71) failed
[   41.987701][ T1949] FAT-fs (loop0): Directory bread(block 72) failed
[   41.994214][ T1949] FAT-fs (loop0): Directory bread(block 73) failed
[   42.084308][   T28] audit: type=1400 audit(1738628628.669:499): avc:  denied  { unmount } for  pid=651 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   42.154714][  T651] bridge0: port 3(syz_tun) entered disabled state
[   42.190940][  T651] device syz_tun left promiscuous mode
[   42.211194][  T651] bridge0: port 3(syz_tun) entered disabled state
[   42.244780][ T1975] tun0: tun_chr_ioctl cmd 1074025680
[   42.277895][ T1978] loop0: detected capacity change from 0 to 128
[   42.295751][ T1978] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   42.304569][ T1978] ext4 filesystem being mounted at /149/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   42.348098][  T290] EXT4-fs (loop0): unmounting filesystem.
[   42.391820][ T1982] loop0: detected capacity change from 0 to 512
[   42.411709][ T1984] loop6: detected capacity change from 0 to 512
[   42.436541][ T1984] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[   42.450239][ T1982] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   42.461172][ T1982] ext4 filesystem being mounted at /150/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   42.486267][   T19] usb 5-1: new full-speed USB device number 6 using dummy_hcd
[   42.495263][ T1984] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a802c028, mo2=0002]
[   42.504495][ T1982] EXT4-fs (loop0): re-mounted. Quota mode: writeback.
[   42.505529][ T1984] System zones: 0-2, 18-18, 34-35
[   42.517619][ T1984] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[   42.536902][ T1991] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[   42.536996][  T290] EXT4-fs (loop0): unmounting filesystem.
[   42.559513][ T1984] EXT4-fs error (device loop6): ext4_readdir:260: inode #2: block 3: comm syz.6.715: path /99/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[   42.584895][ T1984] EXT4-fs (loop6): Remounting filesystem read-only
[   42.597886][  T731] EXT4-fs warning (device loop6): ext4_update_dynamic_rev:1087: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   42.613963][  T731] EXT4-fs (loop6): unmounting filesystem.
[   42.621875][ T1988] bridge0: port 1(bridge_slave_0) entered blocking state
[   42.634062][ T1988] bridge0: port 1(bridge_slave_0) entered disabled state
[   42.643296][ T1988] device bridge_slave_0 entered promiscuous mode
[   42.662897][ T1988] bridge0: port 2(bridge_slave_1) entered blocking state
[   42.671042][ T1988] bridge0: port 2(bridge_slave_1) entered disabled state
[   42.677323][   T19] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   42.678555][ T1988] device bridge_slave_1 entered promiscuous mode
[   42.689517][ T2007] loop6: detected capacity change from 0 to 256
[   42.700376][   T19] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[   42.712391][   T19] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   42.719816][ T2007] FAT-fs (loop6): Directory bread(block 64) failed
[   42.721493][   T19] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   42.732393][ T2007] FAT-fs (loop6): Directory bread(block 65) failed
[   42.741197][   T19] usb 5-1: Product: syz
[   42.742298][ T2007] FAT-fs (loop6): Directory bread(block 66) failed
[   42.746104][   T19] usb 5-1: Manufacturer: syz
[   42.752680][ T2007] FAT-fs (loop6): Directory bread(block 67) failed
[   42.765013][ T2007] FAT-fs (loop6): Directory bread(block 68) failed
[   42.769676][   T19] usb 5-1: SerialNumber: syz
[   42.771796][ T2007] FAT-fs (loop6): Directory bread(block 69) failed
[   42.782995][ T2007] FAT-fs (loop6): Directory bread(block 70) failed
[   42.789426][ T2007] FAT-fs (loop6): Directory bread(block 71) failed
[   42.795869][ T2007] FAT-fs (loop6): Directory bread(block 72) failed
[   42.802489][ T2007] FAT-fs (loop6): Directory bread(block 73) failed
[   42.872364][ T2012] syz.0.732 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   42.929129][ T1988] bridge0: port 2(bridge_slave_1) entered blocking state
[   42.936017][ T1988] bridge0: port 2(bridge_slave_1) entered forwarding state
[   42.943239][ T1988] bridge0: port 1(bridge_slave_0) entered blocking state
[   42.950129][ T1988] bridge0: port 1(bridge_slave_0) entered forwarding state
[   42.992985][   T19] usb 5-1: 0:2 : does not exist
[   43.000658][   T19] usb 5-1: 5:0: failed to get current value for ch 0 (-22)
[   43.016415][   T19] usb 5-1: USB disconnect, device number 6
[   43.040545][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   43.051038][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   43.069187][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   43.080315][   T43] device bridge_slave_1 left promiscuous mode
[   43.086329][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[   43.104180][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[   43.131703][   T43] device veth1_macvtap left promiscuous mode
[   43.147357][   T43] device veth0_vlan left promiscuous mode
[   43.187622][ T2030] I/O error, dev loop13, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   43.196869][ T2030] FAT-fs (loop13): unable to read boot sector
[   43.266534][ T2035] Driver unsupported XDP return value 0 on prog  (id 221) dev N/A, expect packet loss!
[   43.357705][  T352] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   43.371131][  T352] bridge0: port 1(bridge_slave_0) entered blocking state
[   43.378025][  T352] bridge0: port 1(bridge_slave_0) entered forwarding state
[   43.395423][  T352] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   43.415792][  T352] bridge0: port 2(bridge_slave_1) entered blocking state
[   43.422702][  T352] bridge0: port 2(bridge_slave_1) entered forwarding state
[   43.436369][  T352] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   43.455287][  T352] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   43.471508][  T352] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   43.494004][  T352] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   43.504335][  T352] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   43.531232][ T1988] device veth0_vlan entered promiscuous mode
[   43.545766][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   43.554106][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   43.561994][ T2040] loop6: detected capacity change from 0 to 40427
[   43.570049][ T1988] device veth1_macvtap entered promiscuous mode
[   43.580785][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   43.588911][ T2040] F2FS-fs (loop6): invalid crc value
[   43.589331][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   43.602128][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   43.611758][ T2040] F2FS-fs (loop6): Found nat_bits in checkpoint
[   43.611938][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   43.626932][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   43.650044][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   43.658764][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   43.667861][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   43.676066][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   43.714460][ T2040] F2FS-fs (loop6): Start checkpoint disabled!
[   43.753766][ T2040] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[   43.948433][ T2065] loop1: detected capacity change from 0 to 256
[   43.966544][ T2065] FAT-fs (loop1): Directory bread(block 64) failed
[   44.006446][ T2065] FAT-fs (loop1): Directory bread(block 65) failed
[   44.045438][ T2065] FAT-fs (loop1): Directory bread(block 66) failed
[   44.045684][ T2070] loop6: detected capacity change from 0 to 128
[   44.082825][ T2065] FAT-fs (loop1): Directory bread(block 67) failed
[   44.100430][ T2070] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[   44.109060][ T2065] FAT-fs (loop1): Directory bread(block 68) failed
[   44.115512][ T2070] ext4 filesystem being mounted at /106/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   44.126529][ T2065] FAT-fs (loop1): Directory bread(block 69) failed
[   44.136438][ T2065] FAT-fs (loop1): Directory bread(block 70) failed
[   44.142954][ T2065] FAT-fs (loop1): Directory bread(block 71) failed
[   44.166304][ T2065] FAT-fs (loop1): Directory bread(block 72) failed
[   44.176613][ T2065] FAT-fs (loop1): Directory bread(block 73) failed
[   44.184228][  T731] EXT4-fs (loop6): unmounting filesystem.
[   44.229160][ T2079] loop6: detected capacity change from 0 to 256
[   44.272767][ T2079] FAT-fs (loop6): Directory bread(block 64) failed
[   44.301019][ T2068] loop7: detected capacity change from 0 to 40427
[   44.302584][ T2079] FAT-fs (loop6): Directory bread(block 65) failed
[   44.336326][ T2068] F2FS-fs (loop7): Insane cp_payload (553648128 >= 504)
[   44.345976][ T2068] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[   44.356472][ T2079] FAT-fs (loop6): Directory bread(block 66) failed
[   44.362819][ T2079] FAT-fs (loop6): Directory bread(block 67) failed
[   44.369378][ T2084] block device autoloading is deprecated and will be removed.
[   44.371222][ T2068] F2FS-fs (loop7): invalid crc value
[   44.411494][ T2068] F2FS-fs (loop7): Found nat_bits in checkpoint
[   44.423740][ T2079] FAT-fs (loop6): Directory bread(block 68) failed
[   44.436576][ T2079] FAT-fs (loop6): Directory bread(block 69) failed
[   44.443156][ T2079] FAT-fs (loop6): Directory bread(block 70) failed
[   44.452291][ T2079] FAT-fs (loop6): Directory bread(block 71) failed
[   44.459024][ T2079] FAT-fs (loop6): Directory bread(block 72) failed
[   44.465442][ T2079] FAT-fs (loop6): Directory bread(block 73) failed
[   44.497405][ T2068] F2FS-fs (loop7): Start checkpoint disabled!
[   44.512457][  T352] kworker/u4:4: attempt to access beyond end of device
[   44.512457][  T352] loop6: rw=1, sector=1224, nr_sectors = 8 limit=256
[   44.530986][ T2068] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[   44.553652][ T2068] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6
[   44.563924][ T2101] loop6: detected capacity change from 0 to 512
[   44.606820][ T2101] EXT4-fs (loop6): Test dummy encryption mode enabled
[   44.613416][ T2101] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[   44.664295][ T2101] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002]
[   44.679244][ T2101] System zones: 1-12
[   44.707616][ T2101] EXT4-fs (loop6): 1 truncate cleaned up
[   44.713263][ T2101] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[   44.746776][ T2099] loop1: detected capacity change from 0 to 40427
[   44.751668][  T352] kworker/u4:4: attempt to access beyond end of device
[   44.751668][  T352] loop7: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[   44.755758][ T2099] F2FS-fs (loop1): invalid crc value
[   44.788980][  T731] EXT4-fs (loop6): unmounting filesystem.
[   44.801440][ T2099] F2FS-fs (loop1): Found nat_bits in checkpoint
[   44.873183][ T2099] F2FS-fs (loop1): Start checkpoint disabled!
[   44.902727][ T2099] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[   45.007683][ T2117] loop7: detected capacity change from 0 to 256
[   45.103460][ T2126] loop4: detected capacity change from 0 to 256
[   45.132507][ T2126] FAT-fs (loop4): Directory bread(block 64) failed
[   45.146610][ T2126] FAT-fs (loop4): Directory bread(block 65) failed
[   45.162207][ T2126] FAT-fs (loop4): Directory bread(block 66) failed
[   45.170606][ T2126] FAT-fs (loop4): Directory bread(block 67) failed
[   45.183442][ T2126] FAT-fs (loop4): Directory bread(block 68) failed
[   45.195260][ T2126] FAT-fs (loop4): Directory bread(block 69) failed
[   45.202602][ T2126] FAT-fs (loop4): Directory bread(block 70) failed
[   45.209192][ T2126] FAT-fs (loop4): Directory bread(block 71) failed
[   45.215661][ T2126] FAT-fs (loop4): Directory bread(block 72) failed
[   45.232055][ T2135] loop7: detected capacity change from 0 to 256
[   45.243321][ T2126] FAT-fs (loop4): Directory bread(block 73) failed
[   45.257272][ T2135] FAT-fs (loop7): Directory bread(block 64) failed
[   45.283625][ T2075] loop0: detected capacity change from 0 to 131072
[   45.290163][ T2135] FAT-fs (loop7): Directory bread(block 65) failed
[   45.312577][ T2075] F2FS-fs (loop0): Test dummy encryption mode enabled
[   45.322020][ T2135] FAT-fs (loop7): Directory bread(block 66) failed
[   45.329269][ T2135] FAT-fs (loop7): Directory bread(block 67) failed
[   45.335867][ T2135] FAT-fs (loop7): Directory bread(block 68) failed
[   45.345568][ T2075] F2FS-fs (loop0): invalid crc value
[   45.352366][ T2135] FAT-fs (loop7): Directory bread(block 69) failed
[   45.359016][ T2135] FAT-fs (loop7): Directory bread(block 70) failed
[   45.365540][ T2135] FAT-fs (loop7): Directory bread(block 71) failed
[   45.372398][ T2135] FAT-fs (loop7): Directory bread(block 72) failed
[   45.379407][ T2075] F2FS-fs (loop0): Found nat_bits in checkpoint
[   45.386388][ T2135] FAT-fs (loop7): Directory bread(block 73) failed
[   45.423691][    T8] kworker/u4:0: attempt to access beyond end of device
[   45.423691][    T8] loop4: rw=1, sector=1224, nr_sectors = 8 limit=256
[   45.457043][ T2135] FAT-fs (loop7): error, corrupted directory (invalid entries)
[   45.467773][ T2075] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   45.481019][ T2135] FAT-fs (loop7): Filesystem has been set read-only
[   45.511869][ T2135] FAT-fs (loop7): error, corrupted directory (invalid entries)
[   45.645359][ T2137] loop6: detected capacity change from 0 to 40427
[   45.659416][ T2160] netlink: 12 bytes leftover after parsing attributes in process `syz.4.782'.
[   45.687796][ T2137] F2FS-fs (loop6): Insane cp_payload (553648128 >= 504)
[   45.708246][ T2137] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[   45.737550][ T2137] F2FS-fs (loop6): invalid crc value
[   45.751726][ T2137] F2FS-fs (loop6): Found nat_bits in checkpoint
[   45.774067][ T2172] netlink: 28 bytes leftover after parsing attributes in process `syz.1.788'.
[   45.839753][ T2137] F2FS-fs (loop6): Start checkpoint disabled!
[   45.865384][ T2179] loop1: detected capacity change from 0 to 256
[   45.876499][ T2137] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[   45.890767][ T2137] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[   45.897448][ T2179] FAT-fs (loop1): Directory bread(block 64) failed
[   45.918241][ T2179] FAT-fs (loop1): Directory bread(block 65) failed
[   45.925366][ T2179] FAT-fs (loop1): Directory bread(block 66) failed
[   45.932839][ T2179] FAT-fs (loop1): Directory bread(block 67) failed
[   45.956300][ T2179] FAT-fs (loop1): Directory bread(block 68) failed
[   45.970399][ T2179] FAT-fs (loop1): Directory bread(block 69) failed
[   45.984657][ T2179] FAT-fs (loop1): Directory bread(block 70) failed
[   45.999927][ T2179] FAT-fs (loop1): Directory bread(block 71) failed
[   46.029007][ T2179] FAT-fs (loop1): Directory bread(block 72) failed
[   46.037621][ T2179] FAT-fs (loop1): Directory bread(block 73) failed
[   46.037869][   T10] kworker/u4:1: attempt to access beyond end of device
[   46.037869][   T10] loop6: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[   46.127174][ T2179] FAT-fs (loop1): error, corrupted directory (invalid entries)
[   46.145306][ T2179] FAT-fs (loop1): Filesystem has been set read-only
[   46.164561][ T2179] FAT-fs (loop1): error, corrupted directory (invalid entries)
[   46.269656][ T2203] loop0: detected capacity change from 0 to 256
[   46.302343][   T28] kauditd_printk_skb: 40 callbacks suppressed
[   46.302359][   T28] audit: type=1400 audit(1738628632.889:540): avc:  denied  { mounton } for  pid=2201 comm="syz.0.799" path="/164/file1/file0" dev="loop0" ino=1048686 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=dir permissive=1
[   46.423419][ T2190] loop4: detected capacity change from 0 to 40427
[   46.432475][ T2190] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504)
[   46.439896][ T2213] netlink: 45 bytes leftover after parsing attributes in process `syz.6.803'.
[   46.449080][ T2190] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   46.466941][ T2190] F2FS-fs (loop4): invalid crc value
[   46.474910][ T2190] F2FS-fs (loop4): Found nat_bits in checkpoint
[   46.486299][   T39] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   46.512585][ T2190] F2FS-fs (loop4): Start checkpoint disabled!
[   46.519290][ T2190] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[   46.526472][ T2190] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[   46.617329][ T2227] loop6: detected capacity change from 0 to 256
[   46.658877][   T10] kworker/u4:1: attempt to access beyond end of device
[   46.658877][   T10] loop4: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[   46.677660][   T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   46.693865][   T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   46.707199][ T2227] FAT-fs (loop6): Directory bread(block 64) failed
[   46.713614][ T2227] FAT-fs (loop6): Directory bread(block 65) failed
[   46.720066][ T2227] FAT-fs (loop6): Directory bread(block 66) failed
[   46.726526][ T2227] FAT-fs (loop6): Directory bread(block 67) failed
[   46.733125][ T2227] FAT-fs (loop6): Directory bread(block 68) failed
[   46.739628][ T2227] FAT-fs (loop6): Directory bread(block 69) failed
[   46.742148][   T39] usb 2-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[   46.746129][ T2227] FAT-fs (loop6): Directory bread(block 70) failed
[   46.761251][ T2227] FAT-fs (loop6): Directory bread(block 71) failed
[   46.781500][ T2227] FAT-fs (loop6): Directory bread(block 72) failed
[   46.791566][ T2227] FAT-fs (loop6): Directory bread(block 73) failed
[   46.798332][   T39] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   46.839560][   T39] usb 2-1: config 0 descriptor??
[   46.901131][ T2235] loop7: detected capacity change from 0 to 512
[   46.914244][ T2227] FAT-fs (loop6): error, corrupted directory (invalid entries)
[   46.917057][ T2233] loop4: detected capacity change from 0 to 4096
[   46.924149][ T2227] FAT-fs (loop6): Filesystem has been set read-only
[   46.938112][ T2235] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[   46.947438][ T2227] FAT-fs (loop6): error, corrupted directory (invalid entries)
[   46.973614][ T2233] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   46.976532][ T2235] EXT4-fs error (device loop7): ext4_find_inline_data_nolock:164: inode #15: comm syz.7.813: inline data xattr refers to an external xattr inode
[   47.023781][ T2235] EXT4-fs (loop7): Remounting filesystem read-only
[   47.030281][ T2235] EXT4-fs error (device loop7): ext4_orphan_get:1405: comm syz.7.813: couldn't read orphan inode 15 (err -117)
[   47.043294][ T2235] EXT4-fs (loop7): Remounting filesystem read-only
[   47.048903][ T2250] loop6: detected capacity change from 0 to 1024
[   47.052121][ T2235] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[   47.063614][ T2250] EXT4-fs: Ignoring removed orlov option
[   47.067433][ T2252] netlink: 80 bytes leftover after parsing attributes in process `syz.0.820'.
[   47.070305][  T289] EXT4-fs (loop4): unmounting filesystem.
[   47.088726][ T2250] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   47.100511][ T2250] EXT4-fs (loop6): Test dummy encryption mode enabled
[   47.117465][ T2250] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[   47.132156][ T2235] fscrypt (loop7, inode 18): Direct key flag not allowed with different contents and filenames modes
[   47.150315][ T1988] EXT4-fs (loop7): unmounting filesystem.
[   47.164275][  T731] EXT4-fs (loop6): unmounting filesystem.
[   47.253452][   T39] arvo 0003:1E7D:30D4.0003: item fetching failed at offset 5/7
[   47.261143][   T39] arvo 0003:1E7D:30D4.0003: parse failed
[   47.266615][   T39] arvo: probe of 0003:1E7D:30D4.0003 failed with error -22
[   47.460420][   T39] usb 2-1: USB disconnect, device number 4
[   48.053306][ T2273] loop4: detected capacity change from 0 to 128
[   48.081604][ T2273] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   48.093863][ T2277] loop0: detected capacity change from 0 to 2048
[   48.101995][ T2273] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   48.121949][   T28] audit: type=1400 audit(1738628634.709:541): avc:  denied  { getopt } for  pid=2272 comm="syz.4.826" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   48.151881][ T2277] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   48.195441][ T2285] loop6: detected capacity change from 0 to 512
[   48.212351][  T290] EXT4-fs (loop0): unmounting filesystem.
[   48.232558][ T2285] EXT4-fs: Ignoring removed i_version option
[   48.241720][ T2287] netlink: 'syz.4.835': attribute type 1 has an invalid length.
[   48.249276][   T28] audit: type=1400 audit(1738628634.829:542): avc:  denied  { write } for  pid=2286 comm="syz.4.835" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   48.259417][ T2285] EXT4-fs: Ignoring removed mblk_io_submit option
[   48.301506][ T2289] loop0: detected capacity change from 0 to 4096
[   48.316636][ T2285] EXT4-fs (loop6): Test dummy encryption mode enabled
[   48.337391][ T2289] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   48.341228][ T2267] loop1: detected capacity change from 0 to 40427
[   48.355968][ T2267] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504)
[   48.364393][ T2285] EXT4-fs error (device loop6): ext4_orphan_get:1400: comm syz.6.834: inode #13: comm syz.6.834: iget: illegal inode #
[   48.386464][ T2267] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   48.396654][ T2285] EXT4-fs (loop6): Remounting filesystem read-only
[   48.403274][ T2285] EXT4-fs error (device loop6): ext4_orphan_get:1405: comm syz.6.834: couldn't read orphan inode 13 (err -117)
[   48.409572][ T2275] loop7: detected capacity change from 0 to 40427
[   48.416086][  T290] EXT4-fs (loop0): unmounting filesystem.
[   48.426509][ T2275] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12
[   48.427259][ T2267] F2FS-fs (loop1): invalid crc value
[   48.439069][ T2275] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[   48.439504][ T2285] EXT4-fs (loop6): Remounting filesystem read-only
[   48.453736][ T2285] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[   48.466792][ T2267] F2FS-fs (loop1): Found nat_bits in checkpoint
[   48.487415][ T2275] F2FS-fs (loop7): Found nat_bits in checkpoint
[   48.495024][ T2285] EXT4-fs (loop6): shut down requested (2)
[   48.506574][ T2285] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=12
[   48.518636][ T2285] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=12
[   48.521501][ T2267] F2FS-fs (loop1): Start checkpoint disabled!
[   48.527418][ T2285] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=12
[   48.541962][ T2285] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=12
[   48.550783][ T2285] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=12
[   48.550975][ T2267] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   48.566777][ T2267] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[   48.581551][ T2275] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[   48.588657][ T2275] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[   48.589073][  T731] EXT4-fs (loop6): unmounting filesystem.
[   48.716830][ T2275] syz.7.829: attempt to access beyond end of device
[   48.716830][ T2275] loop7: rw=2049, sector=45096, nr_sectors = 520 limit=40427
[   48.736592][  T352] kworker/u4:4: attempt to access beyond end of device
[   48.736592][  T352] loop1: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[   48.776334][  T353] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   48.960921][   T28] audit: type=1400 audit(1738628635.549:543): avc:  denied  { create } for  pid=2329 comm="syz.6.850" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   48.981679][   T28] audit: type=1400 audit(1738628635.549:544): avc:  denied  { write } for  pid=2329 comm="syz.6.850" path="socket:[25370]" dev="sockfs" ino=25370 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   49.010168][  T353] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   49.022428][ T2333] loop1: detected capacity change from 0 to 128
[   49.028738][  T353] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   49.039908][ T2336] loop6: detected capacity change from 0 to 256
[   49.046418][ T2333] EXT4-fs: Ignoring removed nobh option
[   49.052082][  T353] usb 1-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[   49.061364][   T28] audit: type=1400 audit(1738628635.549:545): avc:  denied  { nlmsg_read } for  pid=2329 comm="syz.6.850" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   49.082928][ T2333] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   49.094482][  T353] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   49.107865][ T2333] ext4 filesystem being mounted at /175/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   49.114466][ T2336] FAT-fs (loop6): Directory bread(block 64) failed
[   49.124173][ T2341] loop7: detected capacity change from 0 to 1024
[   49.135558][ T2341] EXT4-fs: Ignoring removed orlov option
[   49.141595][ T2336] FAT-fs (loop6): Directory bread(block 65) failed
[   49.147774][  T353] usb 1-1: config 0 descriptor??
[   49.148702][ T2341] EXT4-fs (loop7): Test dummy encryption mode enabled
[   49.159898][ T2336] FAT-fs (loop6): Directory bread(block 66) failed
[   49.166999][ T2336] FAT-fs (loop6): Directory bread(block 67) failed
[   49.173426][ T2336] FAT-fs (loop6): Directory bread(block 68) failed
[   49.173769][  T288] EXT4-fs (loop1): unmounting filesystem.
[   49.179977][ T2336] FAT-fs (loop6): Directory bread(block 69) failed
[   49.192089][ T2336] FAT-fs (loop6): Directory bread(block 70) failed
[   49.198633][ T2336] FAT-fs (loop6): Directory bread(block 71) failed
[   49.205082][ T2336] FAT-fs (loop6): Directory bread(block 72) failed
[   49.206732][ T2341] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[   49.211985][ T2336] FAT-fs (loop6): Directory bread(block 73) failed
[   49.224357][ T2345] loop4: detected capacity change from 0 to 1024
[   49.286990][ T2345] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   49.339535][   T28] audit: type=1400 audit(1738628635.929:546): avc:  denied  { remove_name } for  pid=289 comm="syz-executor" name="lost+found" dev="loop4" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   49.369193][ T1988] EXT4-fs (loop7): unmounting filesystem.
[   49.375467][   T28] audit: type=1400 audit(1738628635.929:547): avc:  denied  { rmdir } for  pid=289 comm="syz-executor" name="lost+found" dev="loop4" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   49.375934][  T289] EXT4-fs (loop4): unmounting filesystem.
[   49.398038][   T28] audit: type=1400 audit(1738628635.959:548): avc:  denied  { rmdir } for  pid=289 comm="syz-executor" name=".index" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   49.425124][   T28] audit: type=1400 audit(1738628635.959:549): avc:  denied  { unlink } for  pid=289 comm="syz-executor" name="file0" dev="loop4" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   49.505192][ T2367] syz.4.865[2367] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   49.505265][ T2367] syz.4.865[2367] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   49.570926][  T353] arvo 0003:1E7D:30D4.0004: item fetching failed at offset 5/7
[   49.592298][  T312] Bluetooth: hci0: Frame reassembly failed (-84)
[   49.596400][  T353] arvo 0003:1E7D:30D4.0004: parse failed
[   49.603943][  T353] arvo: probe of 0003:1E7D:30D4.0004 failed with error -22
[   49.612570][ T2378] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[   49.620003][ T2381] netlink: 68 bytes leftover after parsing attributes in process `syz.1.871'.
[   49.724781][  T353] kernel write not supported for file /input/event2 (pid: 353 comm: kworker/1:3)
[   49.797021][ T2405] loop4: detected capacity change from 0 to 512
[   49.802476][   T39] usb 1-1: USB disconnect, device number 3
[   49.809654][ T2405] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   49.827863][ T2405] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   49.837106][ T2405] ext4 filesystem being mounted at /136/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   49.855370][  T289] EXT4-fs (loop4): unmounting filesystem.
[   49.893092][ T2413] loop4: detected capacity change from 0 to 128
[   49.908470][ T2413] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   49.917594][ T2413] ext4 filesystem being mounted at /138/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   49.940181][  T289] EXT4-fs (loop4): unmounting filesystem.
[   50.210617][   T39] hid-generic 0000:0003:0000.0005: unknown main item tag 0x0
[   50.217877][   T39] hid-generic 0000:0003:0000.0005: unknown main item tag 0x0
[   50.225663][   T39] hid-generic 0000:0003:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   50.328655][ T2433] netlink: 32 bytes leftover after parsing attributes in process `syz.0.893'.
[   50.662047][ T2455] loop1: detected capacity change from 0 to 512
[   50.677767][ T2455] ext4 filesystem being mounted at /189/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   50.691131][ T2455] EXT4-fs error (device loop1): ext4_map_blocks:634: inode #2: block 18: comm syz.1.904: lblock 23 mapped to illegal pblock 18 (length 1)
[   50.706241][  T311] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   50.723841][ T2460] loop1: detected capacity change from 0 to 1024
[   50.805714][ T2465] netlink: 8 bytes leftover after parsing attributes in process `syz.1.906'.
[   50.849096][ T2473] netlink: 8 bytes leftover after parsing attributes in process `syz.1.910'.
[   50.857816][   T39] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[   50.886316][  T311] usb 1-1: Using ep0 maxpacket: 32
[   50.892468][  T311] usb 1-1: config 1 has an invalid interface number: 112 but max is 0
[   50.900527][  T311] usb 1-1: config 1 has an invalid interface number: 216 but max is 0
[   50.908531][  T311] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 1
[   50.917269][  T311] usb 1-1: config 1 has no interface number 0
[   50.923137][  T311] usb 1-1: config 1 has no interface number 1
[   50.929262][  T311] usb 1-1: config 1 interface 112 altsetting 4 has an invalid endpoint with address 0x0, skipping
[   50.939779][  T311] usb 1-1: config 1 interface 112 altsetting 4 endpoint 0xF has invalid maxpacket 1023, setting to 64
[   50.950699][  T311] usb 1-1: config 1 interface 112 altsetting 4 has 4 endpoint descriptors, different from the interface descriptor's value: 8
[   50.971811][  T311] usb 1-1: too many endpoints for config 1 interface 216 altsetting 57: 229, using maximum allowed: 30
[   50.983025][ T2484] loop1: detected capacity change from 0 to 128
[   50.984057][  T311] usb 1-1: config 1 interface 216 altsetting 57 endpoint 0x8 has an invalid bInterval 70, changing to 10
[   51.001118][ T2485] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.010929][  T311] usb 1-1: config 1 interface 216 altsetting 57 has a duplicate endpoint with address 0xF, skipping
[   51.021826][  T311] usb 1-1: config 1 interface 216 altsetting 57 has an invalid endpoint with address 0x80, skipping
[   51.036289][   T39] usb 5-1: Using ep0 maxpacket: 8
[   51.042718][  T311] usb 1-1: config 1 interface 216 altsetting 57 has 4 endpoint descriptors, different from the interface descriptor's value: 229
[   51.045056][   T39] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   51.066051][  T311] usb 1-1: config 1 interface 112 has no altsetting 0
[   51.073538][  T311] usb 1-1: config 1 interface 216 has no altsetting 0
[   51.086500][  T311] usb 1-1: New USB device found, idVendor=2639, idProduct=0013, bcdDevice=c8.8f
[   51.098102][  T311] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   51.107237][  T311] usb 1-1: Product: syz
[   51.111227][  T311] usb 1-1: Manufacturer: syz
[   51.115713][  T311] usb 1-1: SerialNumber: syz
[   51.132774][   T39] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[   51.146332][   T39] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[   51.163968][   T39] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   51.170458][ T2495] netlink: 'syz.7.921': attribute type 1 has an invalid length.
[   51.173144][   T39] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   51.188916][   T39] usb 5-1: Product: syz
[   51.195302][   T39] usb 5-1: Manufacturer: syz
[   51.200294][   T39] usb 5-1: SerialNumber: syz
[   51.331891][  T311] usb 1-1: USB disconnect, device number 4
[   51.407627][   T39] cdc_ncm 5-1:1.0: bind() failure
[   51.413135][   T39] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[   51.419829][   T39] cdc_ncm 5-1:1.1: bind() failure
[   51.426459][   T39] usb 5-1: USB disconnect, device number 7
[   51.573945][ T2510] loop1: detected capacity change from 0 to 8192
[   51.666253][  T588] Bluetooth: hci0: command 0x1003 tx timeout
[   51.666297][ T1885] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   51.690947][ T2514] loop6: detected capacity change from 0 to 256
[   51.706860][ T2514] FAT-fs (loop6): Directory bread(block 64) failed
[   51.714483][ T2514] FAT-fs (loop6): Directory bread(block 65) failed
[   51.721623][ T2514] FAT-fs (loop6): Directory bread(block 66) failed
[   51.728666][ T2514] FAT-fs (loop6): Directory bread(block 67) failed
[   51.735080][ T2514] FAT-fs (loop6): Directory bread(block 68) failed
[   51.742038][ T2514] FAT-fs (loop6): Directory bread(block 69) failed
[   51.748525][ T2514] FAT-fs (loop6): Directory bread(block 70) failed
[   51.755021][ T2514] FAT-fs (loop6): Directory bread(block 71) failed
[   51.761505][ T2514] FAT-fs (loop6): Directory bread(block 72) failed
[   51.767884][ T2514] FAT-fs (loop6): Directory bread(block 73) failed
[   51.804386][ T2524] loop6: detected capacity change from 0 to 256
[   51.810768][ T2524] exfat: Deprecated parameter 'utf8'
[   51.815934][ T2524] exfat: Deprecated parameter 'namecase'
[   51.821489][ T2524] exfat: Deprecated parameter 'utf8'
[   51.830065][ T2524] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d)
[   51.852154][   T28] kauditd_printk_skb: 15 callbacks suppressed
[   51.852169][   T28] audit: type=1400 audit(1738628638.439:565): avc:  denied  { read append } for  pid=2523 comm="syz.6.934" path="/136/file0/cpuset.memory_pressure_enabled" dev="loop6" ino=1048698 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   52.005326][ T2549] loop7: detected capacity change from 0 to 512
[   52.030896][ T2549] ext4 filesystem being mounted at /39/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   52.065432][ T2561] loop9: detected capacity change from 0 to 4
[   52.072875][   T28] audit: type=1400 audit(1738628638.659:566): avc:  denied  { mounton } for  pid=2558 comm="syz.1.950" path="/syzcgroup/cpu/syz1/cpuset.cpus" dev="cgroup" ino=165 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=file permissive=1
[   52.072937][ T2559] incfs: Options parsing error. -22
[   52.072968][ T2559] incfs: mount failed -22
[   52.121509][ T2565] loop1: detected capacity change from 0 to 256
[   52.140262][ T2565] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[   52.211711][ T2574] loop4: detected capacity change from 0 to 2048
[   52.244168][ T2574] capability: warning: `syz.4.957' uses 32-bit capabilities (legacy support in use)
[   52.276052][ T2594] loop4: detected capacity change from 0 to 512
[   52.282509][ T2594] EXT4-fs: Ignoring removed nobh option
[   52.288956][ T2594] EXT4-fs: Ignoring removed mblk_io_submit option
[   52.295626][ T2594] EXT4-fs (loop4): Test dummy encryption mode enabled
[   52.300660][ T2596] netlink: 8 bytes leftover after parsing attributes in process `syz.1.964'.
[   52.308358][ T2594] EXT4-fs error (device loop4): ext4_orphan_get:1400: comm syz.4.963: inode #13: comm syz.4.963: iget: illegal inode #
[   52.311078][ T2596] Zero length message leads to an empty skb
[   52.323767][ T2594] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.963: couldn't read orphan inode 13 (err -117)
[   52.374574][ T2601] loop1: detected capacity change from 0 to 256
[   52.377471][ T2594] EXT4-fs error (device loop4): ext4_resize_begin:62: comm syz.4.963: resize_inode disabled but reserved GDT blocks non-zero
[   52.424767][ T2601] incfs: Can't find or create .incomplete dir in ./file0
[   52.431888][ T2601] incfs: mount failed -22
[   52.453525][   T28] audit: type=1400 audit(1738628639.039:567): avc:  denied  { sqpoll } for  pid=2605 comm="syz.4.967" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[   52.593357][   T28] audit: type=1400 audit(1738628639.179:568): avc:  denied  { create } for  pid=2630 comm="syz.4.980" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   52.619077][   T28] audit: type=1400 audit(1738628639.199:569): avc:  denied  { write } for  pid=2630 comm="syz.4.980" path="socket:[26544]" dev="sockfs" ino=26544 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   52.653416][   T28] audit: type=1400 audit(1738628639.239:570): avc:  denied  { mount } for  pid=2634 comm="syz.1.981" name="/" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[   52.676073][   T28] audit: type=1400 audit(1738628639.239:571): avc:  denied  { remount } for  pid=2634 comm="syz.1.981" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[   52.696029][   T28] audit: type=1400 audit(1738628639.269:572): avc:  denied  { unmount } for  pid=288 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[   52.724323][ T2642] loop1: detected capacity change from 0 to 256
[   52.856241][   T28] audit: type=1400 audit(1738628639.439:573): avc:  denied  { getopt } for  pid=2647 comm="syz.7.988" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   53.026359][  T853] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[   53.049663][   T28] audit: type=1400 audit(1738628639.639:574): avc:  denied  { read write } for  pid=2680 comm="syz.1.1002" name="ppp" dev="devtmpfs" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   53.103671][ T2685] loop7: detected capacity change from 0 to 256
[   53.226252][  T853] usb 5-1: Using ep0 maxpacket: 32
[   53.232281][  T853] usb 5-1: config 0 has no interfaces?
[   53.238936][  T853] usb 5-1: New USB device found, idVendor=ff7a, idProduct=007f, bcdDevice=a6.00
[   53.247876][  T853] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   53.255595][  T853] usb 5-1: Product: syz
[   53.259649][  T853] usb 5-1: Manufacturer: syz
[   53.264015][  T853] usb 5-1: SerialNumber: syz
[   53.269215][  T853] usb 5-1: config 0 descriptor??
[   53.477428][  T311] usb 5-1: USB disconnect, device number 8
[   53.522928][ T2711] loop7: detected capacity change from 0 to 128
[   53.529579][ T2711] EXT4-fs: Ignoring removed nobh option
[   53.542780][ T2711] ext4 filesystem being mounted at /63/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   53.586738][ T2718] loop6: detected capacity change from 0 to 1024
[   53.601511][ T2718] EXT4-fs error (device loop6): ext4_ext_check_inode:520: inode #11: comm syz.6.1020: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[   53.620722][ T2718] EXT4-fs error (device loop6): ext4_orphan_get:1405: comm syz.6.1020: couldn't read orphan inode 11 (err -117)
[   53.639462][ T2718] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:477: comm syz.6.1020: Invalid block bitmap block 0 in block_group 0
[   53.653808][ T2718] EXT4-fs error (device loop6): ext4_acquire_dquot:6781: comm syz.6.1020: Failed to acquire dquot type 0
[   53.731155][ T2737] loop7: detected capacity change from 0 to 512
[   53.738997][ T2737] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended
[   53.748166][ T2737] EXT4-fs (loop7): mounting ext2 file system using the ext4 subsystem
[   53.757266][ T2737] EXT4-fs (loop7): warning: checktime reached, running e2fsck is recommended
[   53.766070][ T2737] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[   53.774076][ T2737] System zones: 0-2, 18-18, 34-34
[   53.779719][ T2737] EXT4-fs warning (device loop7): ext4_update_dynamic_rev:1087: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   53.794548][ T2737] EXT4-fs (loop7): 1 truncate cleaned up
[   53.854286][ T2746] loop0: detected capacity change from 0 to 256
[   53.868045][ T2746] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x99a53fd9, utbl_chksum : 0xe619d30d)
[   53.956275][  T311] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[   54.008494][ T2767] loop4: detected capacity change from 0 to 512
[   54.033974][ T2767] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   54.050814][ T2767] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[   54.059030][ T2767] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.1042: invalid indirect mapped block 2683928664 (level 1)
[   54.073866][ T2767] EXT4-fs (loop4): 1 truncate cleaned up
[   54.136250][  T311] usb 7-1: Using ep0 maxpacket: 16
[   54.142326][  T311] usb 7-1: config 0 has no interfaces?
[   54.152650][ T2785] loop7: detected capacity change from 0 to 512
[   54.154249][  T311] usb 7-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[   54.167769][  T311] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   54.175658][  T311] usb 7-1: Product: syz
[   54.179180][ T2785] EXT4-fs (loop7): couldn't mount as ext2 due to feature incompatibilities
[   54.186639][  T311] usb 7-1: Manufacturer: syz
[   54.192836][  T311] usb 7-1: SerialNumber: syz
[   54.204267][  T311] usb 7-1: config 0 descriptor??
[   54.257171][ T2790] input: syz0 as /devices/virtual/input/input14
[   54.400438][ T2800] loop4: detected capacity change from 0 to 40427
[   54.407212][ T2800] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[   54.421441][ T2800] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   54.431691][ T2800] F2FS-fs (loop4): Found nat_bits in checkpoint
[   54.472347][ T2800] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[   54.479429][ T2800] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   54.530132][  T853] usb 7-1: USB disconnect, device number 5
[   54.568710][ T2807] binder: 2806:2807 ioctl c0306201 200001c0 returned -22
[   54.622901][ T2817] loop4: detected capacity change from 0 to 512
[   54.637958][ T2817] ext4 filesystem being mounted at /173/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   54.933376][ T2834] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   54.973905][ T2839] loop1: detected capacity change from 0 to 1024
[   54.982654][ T2839] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #11: comm syz.1.1072: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[   55.001639][ T2839] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.1072: couldn't read orphan inode 11 (err -117)
[   55.017139][ T2839] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:477: comm syz.1.1072: Invalid block bitmap block 0 in block_group 0
[   55.031018][ T2839] EXT4-fs error (device loop1): ext4_acquire_dquot:6781: comm syz.1.1072: Failed to acquire dquot type 0
[   55.242476][ T2852] loop6: detected capacity change from 0 to 40427
[   55.260010][ T2852] F2FS-fs (loop6): Found nat_bits in checkpoint
[   55.292123][ T2852] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[   55.339610][  T731] syz-executor: attempt to access beyond end of device
[   55.339610][  T731] loop6: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[   55.526820][ T2869] loop6: detected capacity change from 0 to 512
[   55.544254][ T2869] EXT4-fs (loop6): couldn't mount as ext2 due to feature incompatibilities
[   56.009831][ T2894] loop0: detected capacity change from 0 to 40427
[   56.012758][ T2894] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[   56.012783][ T2894] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   56.032291][ T2894] F2FS-fs (loop0): Found nat_bits in checkpoint
[   56.073332][ T2903] loop1: detected capacity change from 0 to 128
[   56.084200][ T2886] loop4: detected capacity change from 0 to 40427
[   56.103728][ T2903] EXT4-fs (loop1): Test dummy encryption mode enabled
[   56.108481][ T2894] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[   56.117399][ T2894] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   56.117605][ T2886] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[   56.137661][ T2886] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   56.154878][ T2903] ext4 filesystem being mounted at /238/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   56.172016][ T2903] EXT4-fs (loop1): Online defrag not supported for encrypted files
[   56.186761][ T2886] F2FS-fs (loop4): Found nat_bits in checkpoint
[   56.237834][ T2915] loop1: detected capacity change from 0 to 512
[   56.254881][ T2886] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[   56.258880][ T2915] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities
[   56.264442][ T2886] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   56.560763][ T2963] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   56.562578][ T2964] input: syz0 as /devices/virtual/input/input16
[   56.689251][ T2975] input: syz0 as /devices/virtual/input/input17
[   57.116280][  T853] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[   57.187858][ T2978] loop6: detected capacity change from 0 to 512
[   57.202429][   T28] kauditd_printk_skb: 23 callbacks suppressed
[   57.202459][   T28] audit: type=1400 audit(1738628643.789:594): avc:  denied  { mount } for  pid=2980 comm="syz.0.1128" name="/" dev="ramfs" ino=28899 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[   57.205890][ T2978] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[   57.242009][ T2978] EXT4-fs error (device loop6): ext4_xattr_ibody_find:2186: inode #15: comm syz.6.1127: corrupted in-inode xattr
[   57.254820][ T2978] EXT4-fs (loop6): 1 truncate cleaned up
[   57.297647][  T853] usb 2-1: unable to get BOS descriptor or descriptor too short
[   57.309800][  T853] usb 2-1: config 1 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   57.338763][  T853] usb 2-1: config 1 interface 0 has no altsetting 0
[   57.367372][  T853] usb 2-1: New USB device found, idVendor=1b96, idProduct=0009, bcdDevice= 0.40
[   57.385607][  T853] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   57.408768][  T853] usb 2-1: Product: syz
[   57.415350][ T3007] loop0: detected capacity change from 0 to 512
[   57.421949][  T853] usb 2-1: Manufacturer: syz
[   57.426698][  T853] usb 2-1: SerialNumber: syz
[   57.434697][ T3007] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   57.477455][ T3007] ext4 filesystem being mounted at /220/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   57.635994][  T853] usbhid 2-1:1.0: can't add hid device: -71
[   57.641886][  T853] usbhid: probe of 2-1:1.0 failed with error -71
[   57.655765][  T853] usb 2-1: USB disconnect, device number 5
[   57.687731][ T3009] loop7: detected capacity change from 0 to 40427
[   57.691060][   T28] audit: type=1400 audit(1738628644.279:595): avc:  denied  { setattr } for  pid=289 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   57.717399][ T3009] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12
[   57.727595][ T3009] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[   57.746679][ T3009] F2FS-fs (loop7): invalid crc value
[   57.777003][ T3009] F2FS-fs (loop7): Found nat_bits in checkpoint
[   57.847218][ T3009] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[   57.854592][ T3009] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[   57.952915][   T28] audit: type=1400 audit(1738628644.539:596): avc:  denied  { mounton } for  pid=3008 comm="syz.7.1141" path="/88/bus/bus" dev="loop7" ino=455 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   57.953009][ T3009] overlayfs: conflicting options: userxattr,redirect_dir=off
[   57.985885][ T3031] loop6: detected capacity change from 0 to 16
[   57.999167][ T3031] erofs: Unknown parameter 'ÿÿÿÿ'
[   58.031631][  T312] F2FS-fs (loop7): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[   58.040890][  T312] F2FS-fs (loop7): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[   58.047137][ T3031] incfs: Options parsing error. -22
[   58.061440][ T3031] incfs: mount failed -22
[   58.125436][   T28] audit: type=1400 audit(1738628644.709:597): avc:  denied  { nlmsg_read } for  pid=3036 comm="syz.6.1153" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[   58.234327][   T28] audit: type=1400 audit(1738628644.819:598): avc:  denied  { getopt } for  pid=3048 comm="syz.7.1150" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   58.308606][ T3058] loop1: detected capacity change from 0 to 512
[   58.360008][ T3058] ext4 filesystem being mounted at /251/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   58.419555][ T3068] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1166'.
[   58.456549][ T3058] EXT4-fs error (device loop1): ext4_add_entry:2486: inode #12: comm syz.1.1161: Directory hole found for htree leaf block 0
[   58.497303][   T28] audit: type=1326 audit(1738628645.089:599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3075 comm="syz.7.1169" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd42af8cda9 code=0x0
[   58.679719][   T28] audit: type=1400 audit(1738628645.269:600): avc:  denied  { shutdown } for  pid=3090 comm="syz.1.1176" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   58.731575][   T28] audit: type=1400 audit(1738628645.289:601): avc:  denied  { read } for  pid=3090 comm="syz.1.1176" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   58.758593][ T3099] loop0: detected capacity change from 0 to 256
[   58.817425][ T3099] syz.0.1180: attempt to access beyond end of device
[   58.817425][ T3099] loop0: rw=524288, sector=256, nr_sectors = 20 limit=256
[   58.833443][ T3099] syz.0.1180: attempt to access beyond end of device
[   58.833443][ T3099] loop0: rw=0, sector=256, nr_sectors = 8 limit=256
[   58.852009][ T3099] syz.0.1180: attempt to access beyond end of device
[   58.852009][ T3099] loop0: rw=0, sector=256, nr_sectors = 8 limit=256
[   58.876021][ T3097] syz.0.1180: attempt to access beyond end of device
[   58.876021][ T3097] loop0: rw=0, sector=256, nr_sectors = 8 limit=256
[   58.889527][ T3099] syz.0.1180: attempt to access beyond end of device
[   58.889527][ T3099] loop0: rw=0, sector=256, nr_sectors = 8 limit=256
[   58.902755][ T3097] syz.0.1180: attempt to access beyond end of device
[   58.902755][ T3097] loop0: rw=0, sector=256, nr_sectors = 8 limit=256
[   58.916370][ T3099] syz.0.1180: attempt to access beyond end of device
[   58.916370][ T3099] loop0: rw=0, sector=256, nr_sectors = 8 limit=256
[   58.929953][ T3097] syz.0.1180: attempt to access beyond end of device
[   58.929953][ T3097] loop0: rw=0, sector=256, nr_sectors = 8 limit=256
[   58.943061][ T3099] syz.0.1180: attempt to access beyond end of device
[   58.943061][ T3099] loop0: rw=0, sector=256, nr_sectors = 8 limit=256
[   59.300162][ T3116] loop1: detected capacity change from 0 to 40427
[   59.310328][ T3118] loop6: detected capacity change from 0 to 40427
[   59.353673][ T3118] F2FS-fs (loop6): Insane cp_payload (553648128 >= 504)
[   59.377846][ T3123] loop1: detected capacity change from 0 to 1024
[   59.381201][ T3118] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[   59.384298][ T3123] EXT4-fs: Ignoring removed i_version option
[   59.408565][ T3118] F2FS-fs (loop6): invalid crc value
[   59.413808][ T3125] netlink: 'syz.7.1192': attribute type 2 has an invalid length.
[   59.431754][ T3125] netlink: 'syz.7.1192': attribute type 1 has an invalid length.
[   59.440039][ T3118] F2FS-fs (loop6): Found nat_bits in checkpoint
[   59.518755][ T3118] F2FS-fs (loop6): Start checkpoint disabled!
[   59.527796][ T3118] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[   59.534912][ T3118] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[   59.553857][   T28] audit: type=1400 audit(1738628646.139:602): avc:  denied  { setattr } for  pid=3122 comm="syz.1.1191" name="file1" dev="loop1" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[   59.554584][ T3123] EXT4-fs error (device loop1): ext4_clear_blocks:883: inode #14: comm syz.1.1191: attempt to clear invalid blocks 1634560256 len 1
[   59.626463][ T3123] EXT4-fs (loop1): Remounting filesystem read-only
[   59.636445][   T28] audit: type=1400 audit(1738628646.139:603): avc:  denied  { rename } for  pid=3122 comm="syz.1.1191" name="file0" dev="loop1" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   59.720542][ T3140] loop0: detected capacity change from 0 to 2048
[   59.757109][ T3140] Alternate GPT is invalid, using primary GPT.
[   59.763197][ T3140]  loop0: p1 p2 p3
[   59.848483][  T315] udevd[315]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory
[   59.848507][  T965] udevd[965]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[   59.870776][  T391] udevd[391]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[   59.881938][ T3154] loop0: detected capacity change from 0 to 1024
[   59.921859][ T3159] loop7: detected capacity change from 0 to 256
[   59.926318][ T3154] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   59.940344][ T3159] exfat: Deprecated parameter 'utf8'
[   59.949859][ T3154] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 51 with max blocks 1 with error 28
[   59.962775][ T3154] EXT4-fs (loop0): This should not happen!! Data will be lost
[   59.962775][ T3154] 
[   59.969412][ T3159] exfat: Deprecated parameter 'utf8'
[   59.972484][ T3154] EXT4-fs (loop0): Total free blocks count 0
[   59.983287][ T3154] EXT4-fs (loop0): Free/Dirty block details
[   59.989085][ T3154] EXT4-fs (loop0): free_blocks=68451041280
[   59.994821][ T3154] EXT4-fs (loop0): dirty_blocks=16
[   60.001320][ T3154] EXT4-fs (loop0): Block reservation details
[   60.007210][ T3154] EXT4-fs (loop0): i_reserved_data_blocks=1
[   60.013876][ T3161] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 36 with error 28
[   60.014983][ T3159] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d)
[   60.046388][ T3161] EXT4-fs (loop0): This should not happen!! Data will be lost
[   60.046388][ T3161] 
[   60.216765][ T3171] loop7: detected capacity change from 0 to 256
[   60.223310][ T3146] loop1: detected capacity change from 0 to 40427
[   60.233306][ T3146] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[   60.263141][ T3146] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   60.283099][ T3146] F2FS-fs (loop1): invalid crc value
[   60.313501][ T3146] F2FS-fs (loop1): Found nat_bits in checkpoint
[   60.330623][ T3180] loop0: detected capacity change from 0 to 128
[   60.345318][ T3163] loop6: detected capacity change from 0 to 40427
[   60.351860][ T3171] bio_check_eod: 14032 callbacks suppressed
[   60.351882][ T3171] syz.7.1209: attempt to access beyond end of device
[   60.351882][ T3171] loop7: rw=0, sector=256, nr_sectors = 8 limit=256
[   60.390518][ T3163] F2FS-fs (loop6): Image doesn't support compression
[   60.400539][ T3146] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   60.404434][ T3171] syz.7.1209: attempt to access beyond end of device
[   60.404434][ T3171] loop7: rw=0, sector=256, nr_sectors = 8 limit=256
[   60.416254][ T3146] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   60.421516][ T3163] F2FS-fs (loop6): invalid crc value
[   60.444201][ T3171] syz.7.1209: attempt to access beyond end of device
[   60.444201][ T3171] loop7: rw=0, sector=256, nr_sectors = 8 limit=256
[   60.457629][ T3171] syz.7.1209: attempt to access beyond end of device
[   60.457629][ T3171] loop7: rw=0, sector=256, nr_sectors = 8 limit=256
[   60.471749][ T3163] F2FS-fs (loop6): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[   60.494550][ T3171] syz.7.1209: attempt to access beyond end of device
[   60.494550][ T3171] loop7: rw=0, sector=256, nr_sectors = 8 limit=256
[   60.527933][ T3171] syz.7.1209: attempt to access beyond end of device
[   60.527933][ T3171] loop7: rw=0, sector=256, nr_sectors = 8 limit=256
[   60.547393][ T3163] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[   60.556343][ T3171] syz.7.1209: attempt to access beyond end of device
[   60.556343][ T3171] loop7: rw=0, sector=256, nr_sectors = 8 limit=256
[   60.592637][ T3171] syz.7.1209: attempt to access beyond end of device
[   60.592637][ T3171] loop7: rw=0, sector=256, nr_sectors = 8 limit=256
[   60.615938][ T3171] syz.7.1209: attempt to access beyond end of device
[   60.615938][ T3171] loop7: rw=0, sector=256, nr_sectors = 8 limit=256
[   60.635354][  T731] syz-executor: attempt to access beyond end of device
[   60.635354][  T731] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   61.087632][ T3211] pci 0000:00:05.0: vgaarb: changed VGA decodes: olddecodes=io+mem,decodes=none:owns=io+mem
[   61.238924][ T3225] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1230'.
[   61.264598][ T3227] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1231'.
[   61.458460][ T3248] tmpfs: Unknown parameter 'usrquota'
[   61.522577][ T3256] loop7: detected capacity change from 0 to 512
[   61.538730][ T3256] ext4 filesystem being mounted at /122/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   61.555566][ T3256] EXT4-fs warning (device loop7): ext4_group_add:1723: Can't resize non-sparse filesystem further
[   61.576312][  T311] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[   61.777651][  T311] usb 1-1: unable to get BOS descriptor or descriptor too short
[   61.787128][  T311] usb 1-1: config 1 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   61.809977][  T311] usb 1-1: config 1 interface 0 has no altsetting 0
[   61.826714][  T311] usb 1-1: New USB device found, idVendor=1b96, idProduct=0009, bcdDevice= 0.40
[   61.837035][  T311] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   61.844861][  T311] usb 1-1: Product: syz
[   61.850259][  T311] usb 1-1: Manufacturer: syz
[   61.854683][  T311] usb 1-1: SerialNumber: syz
[   61.912193][ T3279] sch_fq: defrate 0 ignored.
[   61.937045][ T3281] SELinux:  Context system_u:object_r:devicekit_power_exec_t:s0 is not valid (left unmapped).
[   61.985518][ T3289] loop6: detected capacity change from 0 to 256
[   62.076642][  T311] usbhid 1-1:1.0: can't add hid device: -71
[   62.082413][  T311] usbhid: probe of 1-1:1.0 failed with error -71
[   62.094713][  T311] usb 1-1: USB disconnect, device number 5
[   62.235796][ T3293] loop1: detected capacity change from 0 to 40427
[   62.242720][ T3293] F2FS-fs (loop1): Image doesn't support compression
[   62.250532][ T3293] F2FS-fs (loop1): invalid crc value
[   62.262460][ T3293] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[   62.293047][ T3293] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   62.336325][  T309] usb 7-1: new full-speed USB device number 6 using dummy_hcd
[   62.413842][   T28] kauditd_printk_skb: 13 callbacks suppressed
[   62.413859][   T28] audit: type=1400 audit(1738628648.999:617): avc:  denied  { mount } for  pid=3299 comm="syz.1.1262" name="/" dev="pstore" ino=14835 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1
[   62.444823][ T3300] loop1: detected capacity change from 0 to 512
[   62.457370][ T3300] journal_path: Lookup failure for './bus'
[   62.463026][ T3300] EXT4-fs: error: could not find journal device path
[   62.533063][  T309] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   62.543802][   T28] audit: type=1400 audit(1738628649.139:618): avc:  denied  { remount } for  pid=3299 comm="syz.1.1262" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1
[   62.547876][  T309] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[   62.586244][   T28] audit: type=1400 audit(1738628649.169:619): avc:  denied  { unmount } for  pid=288 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1
[   62.607321][  T309] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   62.625877][  T309] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   62.642736][  T309] usb 7-1: Product: syz
[   62.651311][  T309] usb 7-1: Manufacturer: syz
[   62.661487][  T309] usb 7-1: SerialNumber: syz
[   62.677638][ T3305] pci 0000:00:05.0: vgaarb: changed VGA decodes: olddecodes=none,decodes=none:owns=io+mem
[   62.754622][ T3302] loop1: detected capacity change from 0 to 40427
[   62.772406][ T3302] F2FS-fs (loop1): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[   62.780705][ T3302] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   62.789901][ T3302] F2FS-fs (loop1): invalid crc value
[   62.799198][ T3302] F2FS-fs (loop1): Found nat_bits in checkpoint
[   62.852964][ T3302] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   62.859996][ T3302] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   63.078938][  T309] usb 7-1: 0:2 : does not exist
[   63.464147][ T3329] loop0: detected capacity change from 0 to 256
[   63.473288][ T3329] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   63.501719][ T3329] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   63.522596][ T3329] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   63.536325][ T3329] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   63.538473][   T39] usb 7-1: USB disconnect, device number 6
[   63.554821][ T3328] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   63.565896][ T3329] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   63.576238][ T3329] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   63.587523][ T3328] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   63.597795][ T3329] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   63.608003][ T3329] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   64.130706][ T3339] loop1: detected capacity change from 0 to 8192
[   64.143954][ T3345] loop6: detected capacity change from 0 to 16
[   64.192559][ T3345] erofs: (device loop6): mounted with root inode @ nid 36.
[   64.231164][ T3345] erofs: (device loop6): z_erofs_readahead: readahead error at page 19 @ nid 36
[   64.252044][ T3345] erofs: (device loop6): z_erofs_readahead: readahead error at page 18 @ nid 36
[   64.270371][ T3351] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1283'.
[   64.277183][ T3345] erofs: (device loop6): z_erofs_readahead: readahead error at page 17 @ nid 36
[   64.288586][ T3351] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1283'.
[   64.316348][ T3345] erofs: (device loop6): z_erofs_readahead: readahead error at page 16 @ nid 36
[   64.338968][ T3345] erofs: (device loop6): z_erofs_pcluster_readmore: readmore error at page 17 @ nid 36
[   64.362861][ T3345] erofs: (device loop6): z_erofs_pcluster_readmore: readmore error at page 16 @ nid 36
[   64.605890][   T28] audit: type=1400 audit(1738628651.189:620): avc:  denied  { setopt } for  pid=3374 comm="syz.0.1294" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   64.719622][ T3383] loop1: detected capacity change from 0 to 256
[   64.758529][ T3383] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[   64.770489][   T28] audit: type=1400 audit(1738628651.349:621): avc:  denied  { ioctl } for  pid=3386 comm="syz.0.1300" path="/dev/ppp" dev="devtmpfs" ino=154 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   64.820538][ T3383] [syz.1.1298/3383] FS: loop1 File: /file1 would truncate fibmap result
[   64.868601][   T28] audit: type=1326 audit(1738628651.459:622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3390 comm="syz.0.1302" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f04c6d8cda9 code=0x0
[   64.927192][ T3395] ==================================================================
[   64.935090][ T3395] BUG: KASAN: use-after-free in dev_map_enqueue+0x40/0x340
[   64.942238][ T3395] Read of size 8 at addr ffff888131763d80 by task syz.1.1303/3395
[   64.949847][ T3395] 
[   64.952020][ T3395] CPU: 1 PID: 3395 Comm: syz.1.1303 Not tainted 6.1.124-syzkaller-00115-g1cf6be70924c #0
[   64.961746][ T3395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   64.971661][ T3395] Call Trace:
[   64.974758][ T3395]  <TASK>
[   64.977524][ T3395]  dump_stack_lvl+0x151/0x1b7
[   64.982047][ T3395]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[   64.987339][ T3395]  ? _printk+0xd1/0x111
[   64.991324][ T3395]  ? __virt_addr_valid+0x242/0x2f0
[   64.996274][ T3395]  print_report+0x158/0x4e0
[   65.000610][ T3395]  ? __virt_addr_valid+0x242/0x2f0
[   65.005564][ T3395]  ? kasan_complete_mode_report_info+0x57/0x1b0
[   65.011691][ T3395]  ? dev_map_enqueue+0x40/0x340
[   65.016325][ T3395]  kasan_report+0x13c/0x170
[   65.021020][ T3395]  ? dev_map_enqueue+0x40/0x340
[   65.025703][ T3395]  ? __page_pool_alloc_pages_slow+0x81f/0x9f0
[   65.031601][ T3395]  __asan_report_load8_noabort+0x14/0x20
[   65.037075][ T3395]  dev_map_enqueue+0x40/0x340
[   65.041589][ T3395]  xdp_do_redirect_frame+0x2b5/0x800
[   65.046701][ T3395]  bpf_test_run_xdp_live+0xc30/0x1f70
[   65.051907][ T3395]  ? __kasan_check_write+0x14/0x20
[   65.056855][ T3395]  ? bpf_test_run_xdp_live+0x7ae/0x1f70
[   65.062233][ T3395]  ? xdp_convert_md_to_buff+0x360/0x360
[   65.067616][ T3395]  ? bpf_dispatcher_change_prog+0xd86/0xf10
[   65.073346][ T3395]  ? 0xffffffffa00038c0
[   65.077342][ T3395]  ? trace_raw_output_bpf_test_finish+0xd0/0xd0
[   65.083424][ T3395]  ? __kasan_check_write+0x14/0x20
[   65.088356][ T3395]  ? _copy_from_user+0x90/0xc0
[   65.092970][ T3395]  bpf_prog_test_run_xdp+0x7d1/0x1130
[   65.098170][ T3395]  ? dev_put+0x80/0x80
[   65.102073][ T3395]  ? __kasan_check_write+0x14/0x20
[   65.107020][ T3395]  ? fput+0x15b/0x1b0
[   65.110837][ T3395]  ? dev_put+0x80/0x80
[   65.114747][ T3395]  bpf_prog_test_run+0x3b0/0x630
[   65.119521][ T3395]  ? bpf_prog_query+0x260/0x260
[   65.124213][ T3395]  ? selinux_bpf+0xd2/0x100
[   65.128555][ T3395]  ? security_bpf+0x82/0xb0
[   65.132884][ T3395]  __sys_bpf+0x59f/0x7f0
[   65.137051][ T3395]  ? bpf_link_show_fdinfo+0x300/0x300
[   65.142271][ T3395]  ? fpregs_restore_userregs+0x130/0x290
[   65.147727][ T3395]  __x64_sys_bpf+0x7c/0x90
[   65.152414][ T3395]  x64_sys_call+0x87f/0x9a0
[   65.156759][ T3395]  do_syscall_64+0x3b/0xb0
[   65.161003][ T3395]  ? clear_bhb_loop+0x55/0xb0
[   65.165529][ T3395]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   65.171340][ T3395] RIP: 0033:0x7f76ed58cda9
[   65.175587][ T3395] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   65.195121][ T3395] RSP: 002b:00007f76ee419038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   65.203368][ T3395] RAX: ffffffffffffffda RBX: 00007f76ed7a5fa0 RCX: 00007f76ed58cda9
[   65.211171][ T3395] RDX: 0000000000000050 RSI: 00000000200000c0 RDI: 000000000000000a
[   65.218993][ T3395] RBP: 00007f76ed60e2a0 R08: 0000000000000000 R09: 0000000000000000
[   65.226794][ T3395] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   65.234605][ T3395] R13: 0000000000000000 R14: 00007f76ed7a5fa0 R15: 00007ffe9150c918
[   65.242810][ T3395]  </TASK>
[   65.245630][ T3395] 
[   65.247884][ T3395] Allocated by task 103:
[   65.251969][ T3395]  kasan_set_track+0x4b/0x70
[   65.256827][ T3395]  kasan_save_alloc_info+0x1f/0x30
[   65.261773][ T3395]  __kasan_kmalloc+0x9c/0xb0
[   65.266196][ T3395]  kmalloc_trace+0x44/0xa0
[   65.270542][ T3395]  kernfs_fop_open+0x70e/0xb10
[   65.275137][ T3395]  do_dentry_open+0x891/0x1250
[   65.279738][ T3395]  vfs_open+0x73/0x80
[   65.283566][ T3395]  path_openat+0x2532/0x2d60
[   65.287981][ T3395]  do_filp_open+0x230/0x480
[   65.292323][ T3395]  do_sys_openat2+0x151/0x870
[   65.296840][ T3395]  __x64_sys_openat+0x243/0x290
[   65.301539][ T3395]  x64_sys_call+0x6bf/0x9a0
[   65.305863][ T3395]  do_syscall_64+0x3b/0xb0
[   65.310124][ T3395]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   65.316029][ T3395] 
[   65.318187][ T3395] Last potentially related work creation:
[   65.323754][ T3395]  kasan_save_stack+0x3b/0x60
[   65.328261][ T3395]  __kasan_record_aux_stack+0xb4/0xc0
[   65.333550][ T3395]  kasan_record_aux_stack_noalloc+0xb/0x10
[   65.339192][ T3395]  kvfree_call_rcu+0x9f/0x800
[   65.343718][ T3395]  kernfs_unlink_open_file+0x327/0x3d0
[   65.349002][ T3395]  kernfs_fop_release+0x253/0x310
[   65.353860][ T3395]  __fput+0x1e5/0x870
[   65.357686][ T3395]  ____fput+0x15/0x20
[   65.361512][ T3395]  task_work_run+0x24d/0x2e0
[   65.365935][ T3395]  exit_to_user_mode_loop+0x94/0xa0
[   65.370966][ T3395]  exit_to_user_mode_prepare+0x5a/0xa0
[   65.376255][ T3395]  syscall_exit_to_user_mode+0x26/0x130
[   65.381636][ T3395]  do_syscall_64+0x47/0xb0
[   65.385896][ T3395]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   65.391617][ T3395] 
[   65.393789][ T3395] Second to last potentially related work creation:
[   65.400210][ T3395]  kasan_save_stack+0x3b/0x60
[   65.404720][ T3395]  __kasan_record_aux_stack+0xb4/0xc0
[   65.409937][ T3395]  kasan_record_aux_stack_noalloc+0xb/0x10
[   65.415579][ T3395]  kvfree_call_rcu+0x9f/0x800
[   65.420083][ T3395]  kernfs_unlink_open_file+0x327/0x3d0
[   65.425487][ T3395]  kernfs_fop_release+0x253/0x310
[   65.430329][ T3395]  __fput+0x1e5/0x870
[   65.434153][ T3395]  ____fput+0x15/0x20
[   65.438224][ T3395]  task_work_run+0x24d/0x2e0
[   65.442659][ T3395]  exit_to_user_mode_loop+0x94/0xa0
[   65.447690][ T3395]  exit_to_user_mode_prepare+0x5a/0xa0
[   65.452978][ T3395]  syscall_exit_to_user_mode+0x26/0x130
[   65.458360][ T3395]  do_syscall_64+0x47/0xb0
[   65.462819][ T3395]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   65.468548][ T3395] 
[   65.470717][ T3395] The buggy address belongs to the object at ffff888131763d80
[   65.470717][ T3395]  which belongs to the cache kmalloc-96 of size 96
[   65.484522][ T3395] The buggy address is located 0 bytes inside of
[   65.484522][ T3395]  96-byte region [ffff888131763d80, ffff888131763de0)
[   65.497361][ T3395] 
[   65.499531][ T3395] The buggy address belongs to the physical page:
[   65.505791][ T3395] page:ffffea0004c5d8c0 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888131763400 pfn:0x131763
[   65.517151][ T3395] flags: 0x4000000000000200(slab|zone=1)
[   65.522629][ T3395] raw: 4000000000000200 ffffea00044225c0 dead000000000002 ffff888100042900
[   65.531131][ T3395] raw: ffff888131763400 000000008020000b 00000001ffffffff 0000000000000000
[   65.539546][ T3395] page dumped because: kasan: bad access detected
[   65.545805][ T3395] page_owner tracks the page as allocated
[   65.551521][ T3395] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12a20(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY), pid 39, tgid 39 (kworker/1:1), ts 21550415806, free_ts 0
[   65.568360][ T3395]  post_alloc_hook+0x213/0x220
[   65.572956][ T3395]  prep_new_page+0x1b/0x110
[   65.577297][ T3395]  get_page_from_freelist+0x2f41/0x2fc0
[   65.582680][ T3395]  __alloc_pages+0x234/0x610
[   65.587107][ T3395]  alloc_slab_page+0x6c/0xf0
[   65.591531][ T3395]  new_slab+0x90/0x3e0
[   65.595437][ T3395]  ___slab_alloc+0x6f9/0xb80
[   65.599863][ T3395]  __slab_alloc+0x5d/0xa0
[   65.604030][ T3395]  __kmem_cache_alloc_node+0x207/0x2a0
[   65.609328][ T3395]  kmalloc_trace+0x2a/0xa0
[   65.613577][ T3395]  dst_cow_metrics_generic+0x55/0x1c0
[   65.618788][ T3395]  icmp6_dst_alloc+0x363/0x510
[   65.623393][ T3395]  ndisc_send_skb+0x28b/0xdc0
[   65.627898][ T3395]  ndisc_send_ns+0xc8/0x150
[   65.632240][ T3395]  addrconf_dad_work+0xb1b/0x16b0
[   65.637103][ T3395]  process_one_work+0x73d/0xcb0
[   65.641800][ T3395] page_owner free stack trace missing
[   65.646994][ T3395] 
[   65.649161][ T3395] Memory state around the buggy address:
[   65.654657][ T3395]  ffff888131763c80: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[   65.662537][ T3395]  ffff888131763d00: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[   65.670434][ T3395] >ffff888131763d80: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[   65.678325][ T3395]                    ^
[   65.682235][ T3395]  ffff888131763e00: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[   65.690134][ T3395]  ffff888131763e80: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[   65.698037][ T3395] ==================================================================
[   65.706037][ T3395] Disabling lock debugging due to kernel taint
[   65.711995][ T3395] general protection fault, probably for non-canonical address 0xdffffc0000000044: 0000 [#1] PREEMPT SMP KASAN
[   65.723482][ T3395] KASAN: null-ptr-deref in range [0x0000000000000220-0x0000000000000227]
[   65.731707][ T3395] CPU: 1 PID: 3395 Comm: syz.1.1303 Tainted: G    B              6.1.124-syzkaller-00115-g1cf6be70924c #0
[   65.742813][ T3395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   65.752828][ T3395] RIP: 0010:dev_map_enqueue+0x91/0x340
[   65.758088][ T3395] Code: d0 00 00 00 4c 89 e8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ef e8 cf 79 25 00 bb 20 02 00 00 49 03 5d 00 48 89 d8 48 c1 e8 03 <42> 80 3c 20 00 74 08 48 89 df e8 b0 79 25 00 48 83 3b 00 0f 84 eb
[   65.777542][ T3395] RSP: 0018:ffffc900007bf5f8 EFLAGS: 00010206
[   65.783437][ T3395] RAX: 0000000000000044 RBX: 0000000000000220 RCX: ffffffff8197a131
[   65.791247][ T3395] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffff888131763d50
[   65.799055][ T3395] RBP: ffffc900007bf638 R08: ffffffff8144b2c3 R09: fffffbfff0f6e6fd
[   65.806866][ T3395] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[   65.814772][ T3395] R13: ffff888131763d50 R14: ffff888131763c80 R15: ffff88812deeb070
[   65.822664][ T3395] FS:  00007f76ee4196c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[   65.831438][ T3395] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   65.837940][ T3395] CR2: 0000001b2de1dff8 CR3: 0000000135993000 CR4: 00000000003526a0
[   65.845840][ T3395] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   65.853655][ T3395] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   65.861475][ T3395] Call Trace:
[   65.864586][ T3395]  <TASK>
[   65.867373][ T3395]  ? __die_body+0x62/0xb0
[   65.871529][ T3395]  ? die_addr+0x9f/0xd0
[   65.875519][ T3395]  ? exc_general_protection+0x317/0x4c0
[   65.880904][ T3395]  ? __kasan_check_write+0x14/0x20
[   65.885852][ T3395]  ? dev_map_enqueue+0x40/0x340
[   65.890537][ T3395]  ? asm_exc_general_protection+0x27/0x30
[   65.896091][ T3395]  ? add_taint+0x93/0xe0
[   65.900197][ T3395]  ? dev_map_enqueue+0x81/0x340
[   65.904859][ T3395]  ? dev_map_enqueue+0x91/0x340
[   65.909572][ T3395]  ? dev_map_enqueue+0x81/0x340
[   65.914234][ T3395]  xdp_do_redirect_frame+0x2b5/0x800
[   65.919359][ T3395]  bpf_test_run_xdp_live+0xc30/0x1f70
[   65.924564][ T3395]  ? __kasan_check_write+0x14/0x20
[   65.929508][ T3395]  ? bpf_test_run_xdp_live+0x7ae/0x1f70
[   65.934892][ T3395]  ? xdp_convert_md_to_buff+0x360/0x360
[   65.940273][ T3395]  ? bpf_dispatcher_change_prog+0xd86/0xf10
[   65.945999][ T3395]  ? 0xffffffffa00038c0
[   65.950003][ T3395]  ? trace_raw_output_bpf_test_finish+0xd0/0xd0
[   65.956083][ T3395]  ? __kasan_check_write+0x14/0x20
[   65.961013][ T3395]  ? _copy_from_user+0x90/0xc0
[   65.965623][ T3395]  bpf_prog_test_run_xdp+0x7d1/0x1130
[   65.970829][ T3395]  ? dev_put+0x80/0x80
[   65.974740][ T3395]  ? __kasan_check_write+0x14/0x20
[   65.979685][ T3395]  ? fput+0x15b/0x1b0
[   65.983490][ T3395]  ? dev_put+0x80/0x80
[   65.987407][ T3395]  bpf_prog_test_run+0x3b0/0x630
[   65.992183][ T3395]  ? bpf_prog_query+0x260/0x260
[   65.996873][ T3395]  ? selinux_bpf+0xd2/0x100
[   66.001199][ T3395]  ? security_bpf+0x82/0xb0
[   66.005567][ T3395]  __sys_bpf+0x59f/0x7f0
[   66.009622][ T3395]  ? bpf_link_show_fdinfo+0x300/0x300
[   66.014837][ T3395]  ? fpregs_restore_userregs+0x130/0x290
[   66.020299][ T3395]  __x64_sys_bpf+0x7c/0x90
[   66.024636][ T3395]  x64_sys_call+0x87f/0x9a0
[   66.028994][ T3395]  do_syscall_64+0x3b/0xb0
[   66.033224][ T3395]  ? clear_bhb_loop+0x55/0xb0
[   66.037825][ T3395]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   66.043557][ T3395] RIP: 0033:0x7f76ed58cda9
[   66.047814][ T3395] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   66.067254][ T3395] RSP: 002b:00007f76ee419038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   66.075503][ T3395] RAX: ffffffffffffffda RBX: 00007f76ed7a5fa0 RCX: 00007f76ed58cda9
[   66.083313][ T3395] RDX: 0000000000000050 RSI: 00000000200000c0 RDI: 000000000000000a
[   66.091125][ T3395] RBP: 00007f76ed60e2a0 R08: 0000000000000000 R09: 0000000000000000
[   66.098926][ T3395] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   66.106738][ T3395] R13: 0000000000000000 R14: 00007f76ed7a5fa0 R15: 00007ffe9150c918
[   66.114655][ T3395]  </TASK>
[   66.117504][ T3395] Modules linked in:
[   66.121287][ T3395] ---[ end trace 0000000000000000 ]---
[   66.126576][ T3395] RIP: 0010:dev_map_enqueue+0x91/0x340
[   66.131830][ T3395] Code: d0 00 00 00 4c 89 e8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ef e8 cf 79 25 00 bb 20 02 00 00 49 03 5d 00 48 89 d8 48 c1 e8 03 <42> 80 3c 20 00 74 08 48 89 df e8 b0 79 25 00 48 83 3b 00 0f 84 eb
[   66.151744][ T3395] RSP: 0018:ffffc900007bf5f8 EFLAGS: 00010206
[   66.157655][ T3395] RAX: 0000000000000044 RBX: 0000000000000220 RCX: ffffffff8197a131
[   66.165428][ T3395] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffff888131763d50
[   66.173356][ T3395] RBP: ffffc900007bf638 R08: ffffffff8144b2c3 R09: fffffbfff0f6e6fd
[   66.181191][ T3395] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[   66.188969][ T3395] R13: ffff888131763d50 R14: ffff888131763c80 R15: ffff88812deeb070
[   66.196779][ T3395] FS:  00007f76ee4196c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[   66.205546][ T3395] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   66.211987][ T3395] CR2: 0000001b2de1dff8 CR3: 0000000135993000 CR4: 00000000003526a0
[   66.219787][ T3395] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   66.227601][ T3395] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   66.235388][ T3395] Kernel panic - not syncing: Fatal exception in interrupt
[   66.242531][ T3395] Kernel Offset: disabled
[   66.246578][ T3395] Rebooting in 86400 seconds..