last executing test programs:

1m17.748258934s ago: executing program 2 (id=158):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000000c0)=ANY=[@ANYRES32, @ANYBLOB="00190000000000001c001680180001801400000000000000000000000100000000000000080004"], 0x44}, 0x1, 0x0, 0x0, 0xc000}, 0x40000880)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000000c0)=ANY=[@ANYBLOB="500000000102010200000800000000000a0000003c0001800c00028005000100000000002c0001"], 0x50}}, 0x0)

1m17.696690954s ago: executing program 2 (id=159):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x1, 0xf, &(0x7f00000005c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000004c0)="b356cb4fc7", 0x5}], 0x1)

1m17.696200024s ago: executing program 2 (id=160):
unshare(0x400)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x6b, 0x11, 0x32}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit={0x95, 0x0, 0x33}], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xb8000000, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={r0, 0xe0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x2, 0x31, &(0x7f0000000180)=[0x0, 0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x59, 0x0}}, 0x10)

1m17.688668994s ago: executing program 2 (id=161):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0x1400c, &(0x7f0000000840)={[{@stripe={'stripe', 0x3d, 0x3d}}, {@init_itable}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x3, 0x44c, &(0x7f0000000340)="$eJzs28tvG1UXAPAzdpx++dKSUMqr5REoiIpH0qQFumABCCQWRUKCBSyjJK1C3QQ1QaJVJFIWZYUQEnvEkn+BFWwQYoXEFvaoUoWyoWVlNPZMYru2m6R2XOrfT5r23Hnk3uOZa9+ZawcwsCbSf5KI/RHxe0SM1YqNO0zU/ru+sTZ3Y2NtLolK5d2/kup+f2+szeW75seN1hciiSMt6l25eOncbLm8cCErT62e/2hq5eKlFxbPz55dOLuwNHPq1MkT0y+/NPNiV/IcjUIWvfXBV2+f/qIh/6Y8umSi08anK5UuV9dfB+riZKiPDWFHihGRnq5Stf+PRTG2Tt5YvPlZXxsH9FSlUqmMtt+8XgHuYkk0lnV5GBT5B316/5svzYOAV3s3/Oi7a6/VboDSvK9nS23L0OYTg1LT/W03TUTE++v/fJMu0ZvnEAAADX5Ixz/Pp6Od5vFfIR6o2++ebG5oPCLujYiDEXFfLMWhiLg/orrvgxHx0A7rb54kuXn8U7i6q8S2KR3/vZLNbTWO//LRX4wXs9KBav6l5MxieeF49poci9K+tDzdoY4f3/jty3bb6sd/6ZLWn48Fs3ZcHdrXeMz87Ors7eRc79rliMNDrfJPNmcCkoh4OCIO77KOxWe/e6Tdtlvn30EX5pkq30Y8Uzv/69GUfy7pPD859b8oLxyfyq+Km/3y65V32tV/W/l3QXr+/9/y+t/Mfzypn69d2XkdV/74vO09zW6v/+HkvWo8nK37ZHZ19cJ0xHByutbo+vUzW8fm5Xz/NP9jR1v3/4Ox9UociYj0In40Ih6LiMeztj8REU9GxNEO+f/8+lMfNq8b2Xb+vZXmP7+j878VDEfzmtZB8dxP3zdUOr4VZvnf6Hz+T1ajY9ma7bz/baddu7uaAQAA4L+nEBH7IylMbsaFwuRk7Tv8hyIK5eWV1efOLH+8NF/7jcB4lAr5k66xuueh09ltfa18OSJqXy3It5+IQvW58dfFkWp5cm65PN/v5GHAjbbp/6k/i/1uHdBzfq8Fg0v/h8Gl/8Pg2ln/39ezdgB7r0X/H+lHO4C91+rz/9M+tAPYe03937QfDBDP/2Bw6f8wuPR/GEgrI3HrH8l3DPK/tMvD79ogSndEM3oWROGOaIagR0F/35cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC65d8AAAD//9S+3I8=")
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})

1m17.528757313s ago: executing program 2 (id=162):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x20001400)
ioctl$PPPIOCSCOMPRESS(r0, 0x4010744d)

1m17.430400793s ago: executing program 2 (id=163):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sys_enter\x00', r0}, 0x10)
readlinkat(0xffffffffffffffff, 0x0, 0x0, 0x0)

1m17.430204383s ago: executing program 32 (id=163):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sys_enter\x00', r0}, 0x10)
readlinkat(0xffffffffffffffff, 0x0, 0x0, 0x0)

44.103492527s ago: executing program 3 (id=1344):
syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f00000002c0)='./file2\x00', 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="00631dda01aef2456795dd9b26209f1c0f624854ea3dd5a00bd6df44035f5c3ae796fec6d633a0ffad0569794acfef7da01767fd4175f2cd82df769aa2ee7bfe3640554507d2e660c9f9e222a72e1e3e71145c480657d2864e5e276f028d64701ae31cde0ceaf408fdb05c0f4142da00e900000100000149e6d308cbe315789f4baffe39bbced9b1d421d2e290e9fc563b62225f002ee310e1fa7321000000000000d6231001a4b2d467825f3abb0c167e129cf1fa0e7854103f4bf2d3a0194983bc86cbd3d75ccef3c8ac4516dac102"], 0xfd, 0x28f, &(0x7f0000000300)="$eJzs201PE18Ux/EfD/8/CMJUURSM8UQ3uplAXblsCCTGJhqkxodoMshUmw4t6TSYGiPs3Po6iEt3JsY3wMZX4EJXbFyyMNa0U6DFGiBRhofvZzOnuXMm9/acNncxd+3+2/l8NnSzXlmdHaZuaVnrUkKd6lKkQ9LjGxvx/2q2rGtD6S8X7z54eCuVTk9Om02lZq4nzWzw0scXr95d/lTuv/d+8EOPVhNP1r4nv64Or46s/Zx5ngstF1qhWDbPZovFsjcb+DaXC/Ou2Z3A90LfcoXQL7WMZ4PiwkLFvMLcQN9CyQ9D8woVy/sVKxetXKqY98zLFcx1XRvoE3aSWZme9lJxzwL/VqmU8iYkjf42klmJZUIAACBWu93/13Sy/z9i2P8fB7X9/6PG77cV+38AAAAAAAAAAAAAAAAAAAAAAA6D9WrVqVarzsb1P6l+wqfa+HxCUp+kfm0d/BmU5EhKSDol6bSkIUlnJJ2VNCzpnKTzkkaanhXvStHOHuqvk5IGqP+RQv2PN+p/vDUd3O2V5t8sZhYz0TUaT2WVUyBfY3L0o17LhiieupmeHLO6hC7MLzXylxYzXa3543JqDdMufzzKt9b8nnrfbeYn5dQarF1+sm1+r65eacp35ejzUxUVaK7ek1v5r8fNJm6nt+WP1u876lzb1LZ+rvun8Sh/D/2x7fvt1mh3vGuHFFZe5r0g8Es7B7WG2PXNBzf4JukATCMKehtlOCjzITiUQbLRRn/zyTH+KWHfbBU97pkAAAAAAAAAAAAAAAAAAPZiP95PjHuNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABs9ysAAP///ptXbg==")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)

44.091263837s ago: executing program 3 (id=1345):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2}}, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
ioctl$USBDEVFS_RELEASE_PORT(r1, 0x8008550e, &(0x7f0000000080)=0x6)

43.807261436s ago: executing program 3 (id=1346):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
ppoll(&(0x7f0000000000)=[{r1, 0x40b}], 0x1, 0x0, 0x0, 0x0)
close(r0)

42.911378512s ago: executing program 3 (id=1376):
syz_mount_image$erofs(&(0x7f0000000340), &(0x7f0000000180)='./file2\x00', 0x200008, &(0x7f0000000080)=ANY=[], 0x1, 0x238, &(0x7f0000003280)="$eJzsmDGLE0EUx/8z2WwSEdHmChsFD4zoJZc9lGvCeYJgZXMnaqXBW48zexdJVjABwcPGRjsLwcbCL2BxxdV2fgFBCxUEC1NY2Igw8nZndyducln27O79iuE/897MvPd29xULhmEOLF+//Pr87NLi6jkAhzGLkl7/XgCECLU0/D+9fHD2RfPyq7cf37zbOvJo99/zaItSf5S5UN7jfgtAdbkAP75JRXt/k5jVk1WUYn0NEme0vg6Bmta3IYvRuS4Ebmp9z9Ad8q/V7m54bu1Ox1sjMU9DgwaHhpF8Kb7htsCaniullDDsvf6g3fI8t2sIS9vGmHKJ+LL2TKp+RdgYLks0dbQUH8V/4+mTbVqJajMPGdevAYmGTmIBAit6fRGlqDZhSYz8j1tJ/oXkenq07ZY3NltyJcO0JMue5xZ6/ebP/1IsUxyby7e9SulcTJuOIk8YSHYtwe0WkZiokqPOJzOfXAGQ4dUJhGU8HYx3XtJPNEeCV1NZTBDPM8W8f5Eri0jMDHffp03fpm1XYvoVYuT9sfdyLmeNOfoS81esgkFb7qdikwL7sBP2D/Va4LTRPy2jf9X9zfv1Xn8wt7HZWnfX3S3HWbgggMfnnXrQiMIx1feS/lwJ+tMh4/ziBF9b2njY8v1uIxxtYaMC3+86wdwxPpuVnc6PW3qbjysAToUTapt2fGIhdYewQx8Z+JKqpp0YhmEYhmEYhmEYhmEYhmGyMvLD8wRE8Bd0Ck7o/TcAAP//KaZe1w==")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000280)='./file0/file0\x00', 0x0, 0x100)
getdents(r0, 0x0, 0x58)

42.660264962s ago: executing program 3 (id=1384):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000a50000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r0}, 0x10)
personality(0x410000e)

42.496019161s ago: executing program 3 (id=1387):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f00000003c0)='kmem_cache_free\x00', r0}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
nanosleep(&(0x7f0000000000)={0x0, 0x3938700}, 0x0)

42.495962581s ago: executing program 33 (id=1387):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f00000003c0)='kmem_cache_free\x00', r0}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
nanosleep(&(0x7f0000000000)={0x0, 0x3938700}, 0x0)

11.780046955s ago: executing program 0 (id=2290):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x200000, &(0x7f0000000200)={[{@minixdf}, {}, {@barrier_val={'barrier', 0x3d, 0x1ff}}, {@dioread_lock}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@noblock_validity}, {@nobh}, {@noquota}, {@delalloc}]}, 0xfc, 0x57c, &(0x7f0000000b00)="$eJzs3V1rHNUbAPBnNknf//+mUIp6IYFeGKndNIkvFQQrgiBaLOh9XZJpKNl0S3ZTmlhoe2FvvJEiiFgQP4D3Xha/gJ/Bi4IWipSgF95EZjObbpvdvGw3zdr9/WCSc3ZmcubZM8/JmZ1dNoC+NZL9KES8GBFfJxGHm9YNRr5yZHW75YfXprIliZWVT/9MIskfa2yf5L8P5pUXIuKXLyNOFNa3W11cmt3TVB+rzV0eqy4unbw4V5pJZ9JLE5OTp9+YnHj7rTe7Fuur5/7+7pO7H57+6vjytz/dP3I7iTNxKF/XHMdTuNFcGYmR/DkZijNPbDjehcZ6SbLbB0BHBvI8H4psDDgcA3nWA8+/6xGxAvSpRP5Dn2rMAxrX9l26Dv7PePDe6gXQ+vgHV18biX31a6MDy8ljV0bZ9e5wF9rP2vj5jzu3syU2eR3iehfaA2i4cTMiTg0Orh//knz869yp+ovHG3uyjX77/wO76W42/3mt1fynsDb/iRbzn4MtcrcTm+d/4X4Xmmkrm/+903L+uzZ0DQ/ktf/V53xDyYWL5fRURPw/IkZjaG9W3+h+zunleyvt1jXP/7Ila78xF8yP4/7g3sf3mS7VSk8Tc7MHNyNeajn/Tdb6P2nR/9nzcW6LbRxL77wcsbflus3j31krP0a80rL/H93RSja+PzlWPx/GGmfFen/dOvZru/ZHP9jd+LP+P7Bx/MNJfr+2VC6n89Xtt/HDvn/Sdus6Pf/3JJ/Vy417yFdLtdr8eMSe5OP1j0882rdRb2yfxT96fOPxr9X5vz8iPt9i/LeO/vZ+5/HvrCz+6W31//YL9z764vt27W8U/0B9i6z/X6+XRvN9tjL+bfUAn/b5AwAAAAAAgF5SiIhDkRSKa+VCoVhcfX/H0ThQKFeqtRMXKguXpqP+WdnhGCo07nQfbno/xHj+fthGfeKJ+mREHImIbwb21+vFqUp5ereDBwAAAAAAAAAAAAAAAAAAgB5xsM3n/zO/D+z20QE7bvtf+T20I8cBPHub5n83vukJ6Elt8z95tscBPHvbn/8Dzwv5D/1L/kP/kv/Qv+Q/9C/5D/1L/gMAAAAAAAAAAAAAAAAAAAAAAAAAAEBXnTt7NltWlh9em8rq01cWF2YrV05Op9XZ4tzCVHGqMn+5OFOpzJTT4lRlbrO/V65ULo9PxMLVsVparY1VF5fOz1UWLtXOX5wrzaTnU18cDgAAAAAAAAAAAAAAAAAAAOtVF5dmS+VyOq/QtvBu9MRh7GSAqzrafbBXolBoW9jXQefu8sAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE3+DQAA//+iTDI1")
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000002c0), &(0x7f00000003c0)=ANY=[], 0x361, 0x0)
unlink(0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4242, 0x8)

11.685980474s ago: executing program 0 (id=2291):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10)
pipe(&(0x7f00000002c0)={<r1=>0xffffffffffffffff})
vmsplice(r1, 0x0, 0x0, 0x0)

11.641606354s ago: executing program 0 (id=2292):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_usb_connect(0x2, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xbc, 0x66, 0x8c, 0x20, 0x19d2, 0xff6d, 0x11e1, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x68, 0x0, 0x0, 0xff, 0xff, 0xff}}]}}]}}, 0x0)
r1 = syz_pidfd_open(r0, 0x0)
process_madvise(r1, 0x0, 0x0, 0x3, 0x0)

8.623094083s ago: executing program 0 (id=2412):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0, 0x4012011, r0, 0x0)
remap_file_pages(&(0x7f0000157000/0x2000)=nil, 0x1fffff, 0x0, 0x0, 0x0)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x0, 0x0)

8.591967213s ago: executing program 0 (id=2414):
r0 = socket(0x840000000002, 0x3, 0xfa)
connect$inet(r0, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(r0, &(0x7f0000005240), 0x4000095, 0x0)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000000)={@remote, @loopback, 0x1}, 0x10)

8.407557882s ago: executing program 0 (id=2419):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0x2)

4.433030957s ago: executing program 5 (id=2512):
r0 = socket$xdp(0x2c, 0x3, 0x0)
mmap$xdp(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x12, r0, 0x100000000)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d031, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)

4.269461096s ago: executing program 5 (id=2515):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
close(r0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000300)={{0x12, 0x1, 0x0, 0xa4, 0xf5, 0x59, 0x20, 0x1bc7, 0x1041, 0x547c, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x2, 0xe}}]}}]}}, 0x0)
ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, 0x0)

2.56524413s ago: executing program 5 (id=2565):
read$hiddev(0xffffffffffffffff, 0x0, 0x0)
write$vga_arbiter(0xffffffffffffffff, &(0x7f0000000000), 0xf)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x89f1, &(0x7f0000000040)={'ip6_vti0\x00', @random='\a\x00\x00 \x00'})

2.459852529s ago: executing program 5 (id=2571):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=@newlink={0x28, 0x10, 0x801, 0x70bd26, 0x0, {0x0, 0x0, 0x0, 0x0, 0x120, 0x301}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x46, &(0x7f00000000c0)={@local, @random="7f0a00034011", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010102, @local}, @time_exceeded={0x3, 0x0, 0x0, 0x12, 0x0, 0x2802, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2f, 0x0, @loopback, @private}, "000086ddffff0000"}}}}}, 0x0)

1.615530796s ago: executing program 5 (id=2579):
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x9, 0x0, 0x0, 0x0, 0xfffffffe)
futex(&(0x7f000000cffc), 0x9, 0x0, 0x0, 0x0, 0x4)
futex(&(0x7f000000cffc), 0xa, 0x0, 0x0, 0x0, 0x1)

1.245614525s ago: executing program 1 (id=2589):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x121c00, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000000c0)=0x1)
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000000)={0xfffffffd, 0x0, 0xffffffff, 0x0, 0xfe, "964d22c60f0865671a33b6253500"})
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000180)={0xffffffff, 0x80000000, 0x0, 0xfdfdfffe, 0xe, "4415d13025562c52202556c6b600"})

1.240557975s ago: executing program 1 (id=2591):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000180)=0x1, 0x4)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @broadcast}}, 0x1c)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x180000, @empty}, 0x1c)

1.218455455s ago: executing program 1 (id=2592):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = timerfd_create(0x8, 0x0)
timerfd_settime(r0, 0x3, &(0x7f0000000240)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
readv(r0, &(0x7f0000000000)=[{&(0x7f00000020c0)=""/4106, 0x8}], 0x8)

1.199304305s ago: executing program 1 (id=2593):
syz_mount_image$f2fs(&(0x7f0000000100), &(0x7f0000010600)='./bus\x00', 0x82, &(0x7f00000004c0)=ANY=[@ANYBLOB="646973636172645f756e69743d626c6f636b2c66617374626f6f742c746573745f64756d6d795f656e6372797074696f6e2c6673796e635f6d6f64653d7374726963742c00b40f67712edb2176a5e6d792c97ec8c7ef152bcfe4d43f51cc9510960fc3bcdb9a7c2271a5c7c5f7034399570025512258e0aa61e5a6cb0e9d7bdb8f52a0cd33f64b5ecd96fe0cf837563a14b837d8114771dadf7db3e9bdf8ef297e302998"], 0x1, 0x105a4, &(0x7f0000010640)="$eJzs3E1rI3UcB/BfWrtP1rXIPigeHBChAROatlsURKruogt2KT4cPGmapCG7SaY06YN71pO+BK+CiDdfgxffRvEgeBK8rSiZmYrVPajNNuv284Hp9z//zPzynzCXX6YkgFNrLvnl51JcjPMRMR0RsxHZuFRsmdU8no6I5yJi6k9bqZj/Y+JMRFyIiIuj4nnNUvHSyq8H97585uYrn319UK79+NUXk7tqYNJeiIjeVj7e6+WZtvO8XczXdztZ9pZ3i8xf6N0p9tM891obWYW9+uFx9SyX2vnx6dbOYJSb3XpjlO3OZja/1c/fcLDbPqyTnXC7vp3tN1sbWXYGaZbtu/m69ou8OxjmdZpFvY+z8jEcHmY+39pv5dezdSfLRn9YzOd102Zrf5S7RRZvF42028zWsfGfP+aH3tud/s5+stvaHnTSfnKtWnupWlup1LbTZmvYWq7Ue82V5WS+3R0dVhm26r3Vdpq2u61qI+2Vk/l2o1Gp1ZL5662NTr2f1GrVpepC5Vq5GL2YvHnr/aTbTOZH+XqnvzPsdAfJZrqd5GeUk8Xq0svl5Pla8u7aerL+zo0ba+vvfXj9g1uvrd18ozjob8tK5hcXFhcrtYXKYq3s+o+jdLzTOe3cQAD/mv4fmIS8/z/Ixvp//f9p7X9P+/Vr3zgWNxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKn1w8y3b2WDuXz/8WL+iWLqqYi4GhFXIuJyRPx2H9Nx5kjNSxFRKsb3O37mL2v4rhRZhdE5Z4vtQkSsFtu9Jx/0pwAAAACPrm++/+TTiOnRMPvz6qQXxEkqvrQ5N6562Vc+j42r2qWs2P6Yql0+LDkWVyJiZu6nMVW7GhFTsx+Nqdo/Mn0kzsWzs4c3QimPqZNcDQAAcDKOdgJj694AAAB46Hw+6QUwGdnz2uJ/8YtnwWfzKB4Jnz+yBwAAAPwPlSa9AAAAAOCBy/p/v/8HAAAAj7b89/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Hd27iU3jRiOA/Af6BT6UlHF4yqsqi5ZcIgeocseoL1NdpwhEuIcZJcjRBAx46AMYTdmQOT7pMH2CH6ykVjYZgwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnNNDsZzfrf/9b5qz3TWTZzQAAADAKZtiOS8rw6r9Jd3/lm79iIhpREwiYhwRp+buvfhYyxxFRCfVT72/OOrDfUSZsP9MP12fI+JXup6+n/tbAAAAgNu1Xs0WEb19tXz5eajxDqRFm0GuvHLJ50OutFEZ9jdT2vglMotJRBTDx0xp04jofv2dWq38/nq1YvCq6FRFt41eAAAA7arPBLLN3gAAALg6fy7dAS6j3K9N/8VPe8H9qkgbgp9qLQAAAOB6HT9tf9Bptx8AAADABZTz/zfn/6VVAef/AQAAwG2ozv8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgnDbFcr5ezRZNc7a7ZvKMBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAZ/bnHQVCIAzCYO/6vtPg/Y8lDZqamlSB8PE3BgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8+d1f/k9MjTPJ3Gtj6XkkWTs1tk6NvXPj6A/j69cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF/tzdwIhEARhsO/8z2kx/7CkQWMQoQoWPmaYhwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPii3/3yf2JqnEnmThtLxyPJ2lVj66qx96Bx9GC8/RsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuNiBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirswIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsL+3NsmDIRxHH7tJErcJiOkt/iYgYYKwQh8SEiWPAMDsBANFa3FIrACCDho6UzB8zT/n05X3AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO/p9PTGR0Rkn4/MIx+u/g6Xg6/I100z+L5mtjnu659bTra7UcrfGP8XEVFE1sJvAADaV943xWJZzTtpu2l7aftpy2ldzV75aAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAMzt3rNpUFAYA+CRpotXJ0QoiOOhiYxOrEbI4FLoLgm6hjaWYqqQZ2tKlTyA6ufoKdtNX8AUEBy04OHRQcBFESXKTnmCQFOHeUL8P/nv/3OHcczIE/vufGwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4FgO98LZQZ4LIczNHOVd77/urow7v332YW4QX+68uRiP2R2iGEJ4uN5qXk9xLdNuc3vnUaPVarYlEolkmGT9ywQAwElTTKJb138q7i93r+XqIfx6NVr/X4ny8Jf6//PL8xcG8XPrXSe+V1z/L6S2wulX7mw8LW9u71xb32isNdeaj6vVyuLNxRu3b1XKvWclZU9MAAAA+DelJOL6P1//s/9/JsrDhPX/vaUH9+N7FdT/Yx01/bKeCQAAwP/t3KXv33JjrudKpbDV6HTaC/3j8HOlf8xgqsd2Kom4/i/Us54VAAAAkIbDvdxI/381ysOE/f/517sH8ZiFEMJs0v+fX3nSWk1vOVMtjdeJs14jAAAA2ZpNIu7/F3v7//PDLQ/5EMLVy/08+RvAier/jy/ujry0Hu//r6a3xKmUr/W/j965FsJMLesZAQAAcJKdTqJb7B8U95fbP54vlez/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOA3O3aM0kAQhQF4s5vVSgxYqZUXEO2sAhaC2HgIURA8gQjiAcTW0jtYeofUCjYWlim8gbzZHZU0AYtdJd8Hk/cIQ+Zl0uRfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYK7p/ndfxcuo6cv2veePq5OoLzM1vN+vb8aKftDl0P/QYK/vCQAAAFgEVc73RVG81Y+HUctxyv913hOZ/2Gl6XOen839uT7dvW7k/H99vHX5ddCoOSc+9Oz84nSns2/4963O3TFMN5+evVTpBymPbtamdbrPwe1kcrCU2uUupgUAfmM717bJ/4ei7vY5GAALY9iu4kf+r8b9zgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQhc8AAAD//4D6Yxw=")
chdir(0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
fadvise64(r0, 0x100e2, 0x8, 0x4)

759.388153ms ago: executing program 5 (id=2599):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={0x0, &(0x7f00000001c0)=""/131, 0x0, 0x83, 0x1, 0x0, 0x0, @void, @value}, 0x28)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000000000040ac05624200000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000000)={0xff8d, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="002205000000a9ce56"], 0x0}, 0x0)

402.337772ms ago: executing program 1 (id=2607):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0x4e, &(0x7f0000001840)={@random="b931b2d41475", @dev, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "2e5cea", 0x18, 0x3c, 0x0, @private0, @mcast2, {[], {0x0, 0x4e21, 0x18, 0x0, @wg=@data={0x4, 0xffff, 0x2}}}}}}}, 0x0)

393.570601ms ago: executing program 4 (id=2608):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
syz_emit_ethernet(0x52, &(0x7f00000007c0)=ANY=[@ANYBLOB="ffffffd715ffaaaaaaaaaaaa86dd6019000000000000000000bbfe8000000000000000000000000000aa0000000e000000008000", @ANYRES32=0x41424344], 0x0)

359.774792ms ago: executing program 4 (id=2609):
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/mcfilter\x00')
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r1, 0x8922, &(0x7f0000000080)={'wg0\x00'})
preadv(r0, &(0x7f00000000c0)=[{&(0x7f0000002240)=""/65, 0x41}], 0x1, 0x9, 0x1)

334.759211ms ago: executing program 4 (id=2610):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
listxattr(&(0x7f0000000200)='./file1\x00', 0x0, 0x0)

327.292121ms ago: executing program 4 (id=2611):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
tee(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8)

295.846321ms ago: executing program 6 (id=2613):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002e00)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000008009500f10100000000487591731cba12c07d57d995b61e89a4530f92344f242b416ae9eeefc0e9c6f203cb1276bfdbb4ddffffff7f82dc2b938189a7ca02f732e4c2eab72bf40c0682fd0a0c4ac106b29e220dc2880072599456d4c4e6f3fe684ab8373bb4df9d72876ef3834293812e927c01c7da1322da44c7f2ed1084a12f56d1cb39df9858037458a4ca037604007600b6be484e4c9517af216bd8ed42f7dd01008e49f4a94608c9a20819e02fc22e6be45574d4ed88b37ab8d7674c644dca2f1b4d745fd95c41f9dfc1adafd1e5a3e7f2e898961cb43e438c4e41ae43ea118e14ffffffffe4b8a80366ce5401ec61921a1b529cc8b99bffffb1ac006c67767b03b95151aeb89e6d4a43c625aa228504e4afd8c1cc3eb215ba22f43115f4d39dc7beedb130d9f2be90133a4500000058b8c9370634060105baa664953514605fba3973aa021945b985a8a66e0200000057033815717b4fdbe55b37cb8d7f41aacfbd4089ea1bd22440f64909a09b5a759a703e71f358e11ac8e13db15d792e604a4f279b3bd6621bdf2c17bc0400001000000000ff8d81006200607a9a76e5d9656a7154c75773902a1bdf399df3925130312d095e9c1f973d091c198c1a11edb6b3cc425fe203d2f2655a76865c2c34e2470fcfb1248c0add5431a7fbcb0ef4f66a09af93a09fab1daae4b518d7a5d95a017864010067d6bab101446ebfe3fdeed7ee7bb0749cacf56cf27409c60fca2e0004000000000000a9cb6f4a78444986f9b1ab61f9dab53038010000004abbfc59d6d1b18fe380df4bf024f120bd755d82033f2fb7d8fc9e0de834f7646c8dd27da1297d0c77b294e097e293db7f002c0024ab2fb4d32972cba6f49051cec1ff5d16231bbb90a2d201a500000000000000007700b06fa191ebd3a0c2ef0058ffebd7cc4cf80f74a7cdac01d998c24f34a5ba9a4a2039d0416e3f8107671141ffffffe0c7d8e94a27a06a4e3d9acee835fd0571e5bbb3e6d2b5eba505000000968983811f832dc5390f83e817c602c4f1f0d0504255c22ee8674053d0e160e5255366139bbe5863e23c3dd42d21f542816edf56a93d0a7e6f08f9ffffff64875fea6ff57ba6ae25c5e8ca4f78d5a01308243b08f1caa46be5244d64f8e875857f083144c642f71cdc8e5634c1360c056430fe77ee7ed7ac1f9743786b2fb8e0fcfcc3d36c93230b7b1da97c971c8c84a427edc3492b97e73d2060acfd8145e4a5851bc4d6fdc5ad939d7795f3879baa88bd194d48e50c84892c97c800d156b059a718f6b10274b077a710f27ab8ee953de70ea860b74a0f3c3dc11177b11cc2e62a95f1ecf607a8dc38e525f415a1bd46b38845ebca04061bacbf627f7975fe599678fee48f83b5989543729e3600000000bc86cd51704f309130f534741377ea7b7bea3c46c0c4c4b7c27c5d057d95ac85a41cdcee8e6fa31f7d2137ed1fb4b21c13b9a2c5e3f7c9ef9e45a35adbf0b9312be929863f000000000000004a82bc080de1f87808d0711dd76f2977ca7f2684bfa5c14a0cd6f1f561e34e4e8e51e81d4a355a7d00d917c16a2bb0cfb2b5f59dfead7ac6e7fa84746e2e425769b9ee2c8ff10e934847604d930f62924d0562ce17f6dadf5053ed8f33092a41bb46e1878c5295fecc27f9c6d1f62da58c0002ea00000000009aa38a05e70591d5cdab1c488ef3c1984c7c0a566cfc2a080000009ec206a54fb49056a555414178ef00d8b8f3c59f01eb5d83415994efcc6ec4b3c275cd6b1b5ff82ef7d7abb1d218e7a1d0afa285706841aac9ccc89df41c39dd58dd70569dde45f8adeaad7d3328fbb6e279f745d2872f0208635e465ca443c3a64c7803760880af23fb3f430a0311fffc96dd13b951642f1433f65b4e170a62a5f7b7d0f9d5cef0d17289c43d4aee0001f7a343899434594cc23e1c864164e130754b337e560f285dc670a31241bf657babf0615b85dc200a10294b7d5885b43ac62fc7f97a85586168483427072a535f2c7481ec261c00f725de74e48d9a86f7d4a5d28da3f099ca3e6472b9d7c86d961f525f799b4517141f018af0673b8296f867eca1ec07be11bc497a6f7d2b752bcf77c2908b64630e7fa0c2261bc2d5de32ab6bbcf296d36807544aa7c3d3301fe227b713a371414c98695e559f9cbf6b046184064a5f24a4cc6f41f21fc24a3ad7d20a89e00a9dc99a40f890869d35fba3ce6f297661d3f8ba21c65badf55d1859581f9e7ef3e2693b46a8fc85be061ce79a08002c04dc04de8b6536123b24be2ef80eb06b2db900fb30596c1574b2a31f81d61ccfd58080d2330b9c7b87b5d17d48c32daffead3414b91603e250eeedc7d601000000037426f643797be3e93da96b5643d3feed0b7c885d06006b830d7cbf3152f27522f5142dcc84a9e48a07518f0142167abf5d6685d09945cbc778bcc3e7dcfaee5d9c1689a3bafc0d3b51b5a3bfd6007954c36d532960964183842601e5364ecb6ad9168040388c7640bfa2f88643de7eebf4da8d1c3e76daace5217761d933d06bbe9609fcf5971aa1e77c3123910e63daaadd8878ad468eabaf78a96012a4ada1a9cd217fb2a0da2d521454ea9e8fcd3b5badfd6f00003a73345b841d04a02bf441955b932c59608a555bc44873272812e0fb874618a0b56b4cf44990f60000000000000000000000b20000da0ca6797590ed13b0bccf71a39e05e877893646d185a77882f866785af6b0149e336c31fb177e3e85f4c60cd4de4ce6ea73a95f434328620fa493937386ad2e2a0d60eb815aa05c33e02c32276dab36d14c63af66a31409ab2a403ec3c7a4e07bd745efa2835a8c932f22aa6da40af9bcdf808b916bc8deb37d5b8c422b65c42d17e61751c561ce775a31b52703d398d52694cfbb7d2b3791b030093b321d9f16b2f06676cf94d75cbba6491ae0b5a16ce92320321314d8d2e88d1cd7e7b1216bdaecba309a38e107103e649d46958cc6ba2d660dd41b78d832beb7206ae01508377273ea96e40760410aeed1866971e04f578e9d856d01000000045aea928f5f669be0636dc3f34f90c34531735f271527412d1ae755a9243da523d713071f9370b509a34eeb46415b2f0d271a7072cbd17e293f20132e6c15756e92776c6a0d7c3a9f512ce17edf3f1ea190853bbf93e220a6ce968b79d504c057000e7d8f8249a8158e68a90bbea8bfab2bd3c067c28e185fe62ce7020f5282cf045b9c790984c6fb65fd3187bd8bfcbe663df6b7770000f58fbad41e6eee5c9595950c4172b9c925403b2f99bbf3cb1981bb0d14bded8eae35e08278020a1ec7f508628056fd3d408a02a1cf8594bcbb21a88f477673442804f714212d000045b9f563b5352fe460a30489b1b6a6d37daead86151492f7fd4b5c64007b68a1b04027eac124478a2ef7f59fe472795785de83578cb96334e0f7c1370dc397d3aa42d937b5718b7610cdcdfe104db7801ec74980b8b111a2748321f81512e4204eb2b024b9fc9e0f257f8c6037b93b2caa236d4354b32434d5a6b01e00000000ee2ea723ea2e1accb97a200609c77e0000000000000000d3a54ccd6e13a966801e9341260d6cbce5fe03999214462cbaa297448677ab659102d0f430fbeae119a7ef2e962d2829d4dd2201c4b30d491269594c88252fbd09aced90609851bd9e5c307e7e0d39e73579c1f3563eff1a6237d3699d61acdc8e36010d76093ddd237df1c4181b0a0c4543b4249e9ff2f5e8b5e0ba2048d542de40f643fda4036124b8feb2dd45d0fa52300518c8052cc09ad73f89734fce82cc627356aa2c651ed2644f34cfbc32e8b29cf29e895e43b473ddb9a43421b4b25f8bbce8e2d7cb8547d156d5972021ae4c9e30f85413276ddebde55999d2ec3c524632b74d703147ba09e0dcb26c4b89636d28428b67e955f53bfd0c9eeb7a9d17000000000096cd8ecf1c511eea07aefa1c5cae1841efa9329d80eafefe00000000000000009111274a44c722ff9f5151aa7cb99ea3e8b2c51eadbd2d0ba1a25b08cc3e67cd186c12ea62a55ff905388bb30d1a63d42593c9aea3a84f5a6fc470d8aaaafeccb373ca26c3685679e6a048af19fca3fc5315a33687"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x222, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0xe28, 0xfffffffffffffff5, &(0x7f0000000980)="b0ff04c66b0d698cb89e2fe086dd1f74ffff06000000fe80000000000000ac14140746647b7954c4c06b580febc28eb143d0f6c0bad62c67a04402ba4125c7024f63fdb0b6c8ee826b4dfe6042a2f057c66cad677d850ea9928bcfcb47e585e427746ed3b27c40060cbd030a6d675c9926af53cd3085b24f9b7a486775c4f284f8c5a572ca115bce90c0ee9d4e7a07f5f1518092cb1f156694036f6618a59196631e6303fd5307d1112601d3641c9492f7dc3503416836b14590c53b1fc1ac149b70cc1142d6bc57fc3a76839fa2f96878b520fedfb9f64d81584a2e85ab4f6ec718b02d78f2ebf04e6b3b94610a21616181629a03c3dc0bf05e0a71f887833b81db7a10bc53259cb80716f6804934a411d424c1db98d454be1adb2776fdbb92b299d3b80af6987a871b4549fdb4c8297ee31ad925c8b0fb1a9d2589b08ed52602cbc26b56df71201bc4ea8621c56f33d251c1d4589af2dcd78fbb4e34bde02cb3920a30cee9489ee72c3e19304c16c2110e1839712d484b80abe77786a7e2ba834874a4e16b93dd07297554a06c2ad2c906f8ebb1db8730df096709184728d48f0a806696bd0d4b12d0064b933d9675353dae77fe8419451f85da63be78b70ca2a84a77f572d9f289d4313e6f6039fe756ac13a5d08838315dff44cda433cc7bc6b77449f8c", 0x0, 0x2f, 0xe8034000, 0xf000, 0xfffffffffffffe2a, &(0x7f0000000000), &(0x7f00000000c0)="c6769e45b7c61302926682c7f9e9bb5ba2b3cdf023e8da0392a4cd62e2370f25ae5ba0dab896bcf5b774cd28bebbde39f796ae27d04582bb7c03e9fe830ea22c9fd03f6d2779515fdad3f5d0de07b7b70996102fdb67b1e77a34a5b7136a212fa2c0ea502588309dc3e42c55a6f93e6ba5e1b492f9db48f0fdd2f9fb937b3e8a63dcf9dd855837433998ba579da27559", 0x5dc}, 0x28)

295.465531ms ago: executing program 4 (id=2614):
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000740)='./file0\x00', 0x10040, &(0x7f0000000200)={[{@journal_dev}, {@nouid32}]}, 0xfe, 0x269, &(0x7f0000000780)="$eJzs3U9oHFUcB/Df7B/jJotEvQjiHxARDYR4E7zEi0JAQhARVIiIeJJEiAnesp68eNCzSkDwEkpvTXssvYReWgo9pW0O6aXQhh4aemgPW3Znt2ySDW33b9n5fGCYmbz35r0J832zLMxsAJk1GRGzEZGPiKmIKEZE0lrh7XSZbOxulLYXI6rVL+4m9XrpfqrZbiIiKhHxUUShWba29c3e/Z3P3vtjtfju/1tflwZ1fq3293Y/P/h3/vczcx+uXb56ez6J2Sg3ylrPo5eSNn8rJBGv9KOz50RSGPYIeBoLv56+Vsv9qxHxTj3/xcg1IvvnygsXivHBPye1/evOldcHOVag96rVYu0eWKkCmZOLiHIkuemISLdzuenp9DP89fx47qfllV+mflxeXfph2DMV0CvlSHY/PTd2duJI/m/l0/wDo6scsfvlwuaN2vZBftijAfqm9dv2N9JVLf9T362/H/IPmSP/kF3yD9kl/zACOsyu/EN2dZP/F/s0JmAw3P9hhBWbG5W2xfIP2SX/MKL+a/fU6WHyD9nVmn8AIFuqY8N+AhkYlmHPPwAAAAAAAAAAAAAAAAAAwHEbpe3F5jKoPi/+HbH/SUQU2vWfr/8ecfNt4+P3klq1x5K0WVe+favLA3TpVM+evi511Oqlm73qvzOX3uzPcX87vHviP2d9KaJSqzxTKBy//pLG9de5l59QXvy+yw6e0dG3An781WD7P+rh5nD7n9uJOF+bf2bazT+5eK2+bj//lFtfsdyhnx90eQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG5lEAAAD//4oibec=")
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x10)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}, {@nfs_export_on}], [], 0x2c})

265.598791ms ago: executing program 6 (id=2615):
r0 = socket(0x840000000002, 0x3, 0xfa)
connect$inet(r0, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(r0, &(0x7f0000005240), 0x4000095, 0x0)
setsockopt$sock_int(r0, 0x1, 0x44, &(0x7f0000000000), 0x4)

183.337191ms ago: executing program 6 (id=2616):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x8, &(0x7f0000000340)=ANY=[@ANYBLOB="620af8ff25200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fa093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415bd1966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b7845e6b607130c89f18c0c1089d8b853289d01aa27ae82e61b0f9223684198e1148f49faf2ad0000000000000026fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364145835108333719acd97cfa107d40224edc5465a932b77e74e80140d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf560fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e68242aff9fa740b5b763296b652d40229b24a96759823481cf32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc8734ff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000009731e6e8861c46495ba585a4b2d02edc3e28dd271c896249edc9981b5f240a2e57244b9fc9df0ff285b980680b000020435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da2a6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce5dfd3467decb05d1dbe5d2bc159ce262d9d10a64c1083d5e71b5565b1748ee58969c41595229df17bcad70fb4021428ce909000000b78100788f11f761036cd3f7ec4e7fb8bc6ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec57c92f7285acd324d2c91be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c55609a6e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a061887a20639b41c8c12ee86c50984042b3eac1f879b13634c31da2c25cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f233e22de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ece0ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9af04bffb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2b90d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4d58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6006e56237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b7030c1743d70e3aac9ef6c45c4c49b3bc19faa5449609b0a3dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d122a7cca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710db8f3e5c7ebfd6d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aed7a1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea500000000b4ba686fcdf240430a537a395dc73bda367bf12cb7d81643a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de553101cae9e48b0ed1254a83100e45b2569dc0d90b075225f728d44d0973171ad47d6b70ebc660309e1e245b00001743af932cd6db49a47613808bad959719c0000000000378a921c7f7f6933bee24c7e8000f2c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b606000000000000001a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e000000000000037010632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5d6d4523497e4d64f95f08493564a1df87111c9bf3194fef96ccecc467acc45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127cf72748a028daf5fc4d4e6d5265bec44219ee8fbfe84f441c724fa7b3d1ff0555e63ad00a1c7f9f72f10154f1e109dc3f7dd87ea308a1fb5a983490c6c93610864623613dabec4c0b64461d21f807515d8fadec636c99aa95ff895c25aad5ac0993a65c7668ca2b6d46edbad410df7390d27e4ddc8f47d5a918b14da4ec07c8199259b8e3dd36de9b35ce25d39686f2470afb1b1db18221841cee6e5531280d65f1d28886e0f06856a5ca37a91ea6e19977c517b10fb66858a05b03084d1f3bd5542d2796a33cfe545be3dc03d302e48301b9f97f694142e48f23271787d3a2360996ca3c9b18000000000700000000000000000000004882ce2e7a68512b23b0ab1f7a6c960bd002984955dc620614f97a234c8e1df96d5e7a67c8d26cd7a4bbacc4a08600000000f5fab1f01e2b7cf653f9d25f942b1cff6d738e17df64464fbc9d89911829458645ef2d2d23f55eb1b09855cc74d29cbca2aeff07a9bf56c3fa68a7d71aad094d5d968ad88fdda027c65e434e9a6bc68ec751d6d21fa471c38646d714ce68f1f46f6ec4c1e87d720385be6f3a70fe730ccad42a9051cd07f356023e855e5acd5ec7d990cebcac66cbd3229d18511bfa1e3d2c82af72932cfd875584d0fc2daff4dfebe41c37494b8136a37f12caecba3e09a31a00410ff161089935db303df012b165663cc1f915d65f69f9d2c1d853b0150445d088da47c170155cd0cc863f4efc2bd7e2246916e0322494eb7bbc0f6c4efeac3d49b5318c410ddd8892aae7e22a558acfc4c2c08d54bd8f64469c43feaf6c9d49e701af9471f9d0cc02ed80f05f0a196bf4695cec437bea2d62515882d856c8a70f8f158da96ec472655529a4e87fc743080d59d747d4377e7e9d1d62b1d08eb1f051412b309208c8be79f66271b4ebd6800688955132ecc654d0e3bcb258b1da03b77cb17d2f4c1e557462f0a710b68056f3e272000d3bf4f49631f8d3677e5803ea1e52727c69afe25f0905a1dfaa0ffc168601e0fddaeff35269e24ba5675504f0c4f735cfa668aab6fca35eef66f9dcbabb5710f20a75e99c5bdc0f95deca2efa57ffb35dc5f555419b712cb63f8ae93fa5ccf0268617f9bb26c767cc1215d29e426aaab79f500d53e0be9cd41ad42da2d54a31e0eeab9faac817d99ec2d862074088fb8dffe3cd11d1b56d3712c2cf486f0017e013d3f80fe602501c4e4f87001eaa4e4d7f653dabfa7273598211be7f42401d0bd68f47076894dcc004bbce94423bf925a39e6a58ab08b26aca704ff47dbca3e05f6715cd9c5c40e4d02d98b0b32b9c528e235605a4baac3b"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0xffe9, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0)
fadvise64(r1, 0xe2, 0x0, 0x4)

140.49991ms ago: executing program 6 (id=2617):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x121c00, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000000c0)=0x1)
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000000)={0xfffffffd, 0x0, 0xffffffff, 0x0, 0xfe, "964d22c60f0865671a33b6253500"})
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000180)={0xffffffff, 0x80000000, 0x0, 0xfdfdfffe, 0xe, "4415d13025562c52202556c6b600"})

121.538731ms ago: executing program 4 (id=2618):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_usb_connect(0x2, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xbc, 0x66, 0x8c, 0x20, 0x19d2, 0xff6d, 0x11e1, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x68, 0x0, 0x0, 0xff, 0xff, 0xff}}]}}]}}, 0x0)
r1 = syz_pidfd_open(r0, 0x0)
process_madvise(r1, 0x0, 0x0, 0x3, 0x0)

108.165011ms ago: executing program 6 (id=2619):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x40082, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000140))
ioctl$PPPIOCSFLAGS1(r0, 0x40047459, &(0x7f00000002c0)=0x2000041)
ioctl$PPPIOCSFLAGS1(r0, 0x40047459, &(0x7f0000000300)=0x80000)

107.972691ms ago: executing program 1 (id=2620):
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0)
ioctl$MON_IOCX_MFETCH(r0, 0xc0109207, &(0x7f0000000080)={0x0, 0x6})
ioctl$MON_IOCX_GETX(r0, 0x80089203, &(0x7f0000000a40)={0x0, 0x0})

0s ago: executing program 6 (id=2621):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000240)={0x2, 0x0, [{0xc0000001, 0xa48, 0x1, 0x7f, 0x100, 0x80000000, 0x4}, {0x12, 0x8, 0x5, 0x4, 0x7, 0x1000, 0x7fffffff}]})

kernel console output (not intermixed with test programs):

nid 36.
[   72.951231][  T450] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[   72.955719][ T3486] erofs: (device loop3): erofs_map_blocks_flatmode: inline data cross block boundary @ nid 46
[   72.969809][   T30] audit: type=1326 audit(1737729355.481:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3480 comm="syz.0.1374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d9abb4d29 code=0x7ffc0000
[   72.982067][ T3486] erofs: (device loop3): erofs_readdir: fail to readdir of logical block 0 of nid 46
[   72.997245][   T30] audit: type=1326 audit(1737729355.481:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3480 comm="syz.0.1374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=91 compat=0 ip=0x7f7d9abb4d29 code=0x7ffc0000
[   73.080810][   T30] audit: type=1326 audit(1737729355.481:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3480 comm="syz.0.1374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d9abb4d29 code=0x7ffc0000
[   73.129475][  T299] erofs: (device loop3): erofs_map_blocks_flatmode: inline data cross block boundary @ nid 46
[   73.141519][ T3497] loop0: detected capacity change from 0 to 2048
[   73.154702][  T299] erofs: (device loop3): erofs_readdir: fail to readdir of logical block 0 of nid 46
[   73.167053][  T299] erofs: (device loop3): erofs_readdir: invalid de[0].nameoff 0 @ nid 89
[   73.202753][ T3497] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   73.231191][  T450] usb 5-1: Using ep0 maxpacket: 16
[   73.272508][ T3508] loop5: detected capacity change from 0 to 4096
[   73.286364][ T3511] loop0: detected capacity change from 0 to 1024
[   73.306141][ T3508] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   73.342798][ T3511] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,noblock_validity,lazytime,noblock_validity,,errors=continue. Quota mode: none.
[   73.361173][  T450] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   73.371927][   T39] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[   73.398147][  T450] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[   73.430127][ T3511] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   73.450985][ T3513] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.451331][ T3511] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 1 with error 28
[   73.458189][ T3513] bridge0: port 1(bridge_slave_0) entered disabled state
[   73.458662][ T3513] device bridge_slave_0 entered promiscuous mode
[   73.485636][ T3513] bridge0: port 2(bridge_slave_1) entered blocking state
[   73.492963][ T3513] bridge0: port 2(bridge_slave_1) entered disabled state
[   73.501530][ T3511] EXT4-fs (loop0): This should not happen!! Data will be lost
[   73.501530][ T3511] 
[   73.501950][ T3513] device bridge_slave_1 entered promiscuous mode
[   73.532242][ T3511] EXT4-fs (loop0): Total free blocks count 0
[   73.552480][ T3511] EXT4-fs (loop0): Free/Dirty block details
[   73.561201][ T3511] EXT4-fs (loop0): free_blocks=68451041280
[   73.568171][ T3511] EXT4-fs (loop0): dirty_blocks=16
[   73.574641][ T3511] EXT4-fs (loop0): Block reservation details
[   73.582266][ T3511] EXT4-fs (loop0): i_reserved_data_blocks=1
[   73.603084][  T450] usb 5-1: New USB device found, idVendor=06cd, idProduct=0131, bcdDevice=16.60
[   73.612645][  T450] usb 5-1: New USB device strings: Mfr=175, Product=2, SerialNumber=3
[   73.623113][  T450] usb 5-1: Product: syz
[   73.627116][  T450] usb 5-1: Manufacturer: syz
[   73.631831][  T450] usb 5-1: SerialNumber: syz
[   73.639689][  T450] usb 5-1: config 0 descriptor??
[   73.696182][ T3513] bridge0: port 2(bridge_slave_1) entered blocking state
[   73.704755][ T3513] bridge0: port 2(bridge_slave_1) entered forwarding state
[   73.712393][ T3513] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.721215][ T3513] bridge0: port 1(bridge_slave_0) entered forwarding state
[   73.771216][   T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   73.786153][   T39] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   73.801334][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   73.818377][   T39] usb 2-1: New USB device found, idVendor=1223, idProduct=3f07, bcdDevice= 0.00
[   73.831321][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   73.838477][   T39] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   73.838650][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   73.850041][   T39] usb 2-1: config 0 descriptor??
[   73.865691][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   73.873760][   T10] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.880824][   T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[   73.888254][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   73.898669][   T10] bridge0: port 2(bridge_slave_1) entered blocking state
[   73.905598][   T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[   73.915424][ T3548] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1403'.
[   73.929999][ T3467] netlink: 204 bytes leftover after parsing attributes in process `syz.4.1368'.
[   73.946193][  T309] usb 5-1: USB disconnect, device number 10
[   73.960375][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   73.977091][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   74.000699][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   74.019628][ T3513] device veth0_vlan entered promiscuous mode
[   74.030271][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   74.040306][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   74.048559][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   74.060737][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   74.072345][ T3513] device veth1_macvtap entered promiscuous mode
[   74.083412][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   74.095657][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   74.125088][ T3562] loop6: detected capacity change from 0 to 256
[   74.166160][ T3562] exFAT-fs (loop6): failed to load upcase table (idx : 0x0001034b, chksum : 0x6322ccb6, utbl_chksum : 0xe619d30d)
[   74.224840][ T3566] loop6: detected capacity change from 0 to 2048
[   74.292638][ T3566] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   74.332260][   T39] ortek 0003:1223:3F07.001A: unknown main item tag 0x6
[   74.339935][   T39] ortek 0003:1223:3F07.001A: report_id 29495 is invalid
[   74.347888][   T39] ortek 0003:1223:3F07.001A: item 0 2 1 8 parsing failed
[   74.355426][   T39] ortek: probe of 0003:1223:3F07.001A failed with error -22
[   74.402424][ T1276] device bridge_slave_1 left promiscuous mode
[   74.409307][ T1276] bridge0: port 2(bridge_slave_1) entered disabled state
[   74.417194][ T1276] device bridge_slave_0 left promiscuous mode
[   74.423597][ T1276] bridge0: port 1(bridge_slave_0) entered disabled state
[   74.431843][ T1276] device veth1_macvtap left promiscuous mode
[   74.439804][ T1276] device veth0_vlan left promiscuous mode
[   74.507543][ T3577] loop4: detected capacity change from 0 to 256
[   74.556519][  T322] usb 2-1: USB disconnect, device number 8
[   74.568926][ T3582] loop6: detected capacity change from 0 to 512
[   74.600347][ T3584] loop4: detected capacity change from 0 to 2048
[   74.643528][ T3582] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   74.672513][ T3584] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   74.692586][  T298] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[   74.731634][ T3591] sit: Src spoofed 0.0.224.0/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:45ba:dd28:fd7f:ffc
[   74.890871][ T3614] ip6erspan0: tun_chr_ioctl cmd 1074025677
[   74.896663][ T3614] ip6erspan0: linktype set to 805
[   74.900159][ T3612] loop4: detected capacity change from 0 to 2048
[   74.945803][ T3612] EXT4-fs (loop4): Mount option "noacl" will be removed by 3.5
[   74.945803][ T3612] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[   74.945803][ T3612] 
[   74.981132][  T309] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[   74.981928][ T3612] EXT4-fs (loop4): mounted filesystem without journal. Opts: noacl,,errors=continue. Quota mode: none.
[   75.096194][ T3634] device wireguard0 entered promiscuous mode
[   75.190566][ T3655] syz.4.1446[3655] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   75.190658][ T3655] syz.4.1446[3655] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   75.351199][  T309] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   75.352284][ T3677] netlink: 88 bytes leftover after parsing attributes in process `syz.0.1457'.
[   75.371128][  T309] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[   75.491259][  T309] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   75.515678][  T309] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   75.531226][  T322] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[   75.540160][  T309] usb 7-1: SerialNumber: syz
[   75.710165][ T3683] loop1: detected capacity change from 0 to 40427
[   75.821814][  T309] usb 7-1: 0:2 : does not exist
[   75.832373][ T3683] F2FS-fs (loop1): Found nat_bits in checkpoint
[   75.838554][  T309] usb 7-1: USB disconnect, device number 2
[   75.892927][ T3694] device wireguard0 entered promiscuous mode
[   75.919397][ T3683] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   75.931338][  T322] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   75.958164][  T322] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   75.981126][  T322] usb 5-1: New USB device found, idVendor=1223, idProduct=3f07, bcdDevice= 0.00
[   75.990486][  T322] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   75.999835][  T322] usb 5-1: config 0 descriptor??
[   76.041011][  T302] attempt to access beyond end of device
[   76.041011][  T302] loop1: rw=2049, want=45104, limit=40427
[   76.053269][  T548] udevd[548]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[   76.117241][ T3704] loop5: detected capacity change from 0 to 16
[   76.158651][ T3704] erofs: (device loop5): mounted with root inode @ nid 36.
[   76.178238][ T3704] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop5 ino=46
[   76.187223][ T3704] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop5 ino=46
[   76.207515][ T3704] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop5 ino=46
[   76.227600][ T3704] overlayfs: failed to get redirect (-117)
[   76.345166][ T3725] loop0: detected capacity change from 0 to 512
[   76.496383][ T3725] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   76.517826][ T3725] ext4 filesystem being mounted at /282/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   76.530752][  T322] ortek 0003:1223:3F07.001B: unknown main item tag 0x6
[   76.551114][  T322] ortek 0003:1223:3F07.001B: report_id 29495 is invalid
[   76.558129][  T322] ortek 0003:1223:3F07.001B: item 0 2 1 8 parsing failed
[   76.565271][  T322] ortek: probe of 0003:1223:3F07.001B failed with error -22
[   76.597707][ T3714] loop1: detected capacity change from 0 to 40427
[   76.661533][ T3714] F2FS-fs (loop1): Fix alignment : internally, start(4096) end(16896) block(12288)
[   76.694173][ T3714] F2FS-fs (loop1): invalid crc value
[   76.717843][ T3714] F2FS-fs (loop1): invalid crc value
[   76.725895][ T3714] F2FS-fs (loop1): Failed to get valid F2FS checkpoint
[   76.741978][   T39] usb 5-1: USB disconnect, device number 11
[   76.750947][ T3751] loop6: detected capacity change from 0 to 256
[   76.771914][ T3751] exfat: Unknown parameter 'nameª}t'
[   76.902060][ T3762] tap0: tun_chr_ioctl cmd 1074812118
[   76.921710][  T322] usb 6-1: new full-speed USB device number 5 using dummy_hcd
[   76.981376][  T321] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[   77.254428][ T3790] tap0: tun_chr_ioctl cmd 1074812118
[   77.332132][  T322] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   77.343681][  T322] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   77.353521][  T322] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[   77.353555][  T321] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   77.366105][  T322] usb 6-1: New USB device found, idVendor=0566, idProduct=3004, bcdDevice= 0.00
[   77.366133][  T322] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   77.369695][  T322] usb 6-1: config 0 descriptor??
[   77.376810][  T309] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[   77.410175][  T321] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[   77.433881][ T3796] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1506'.
[   77.460924][ T3798] device wireguard0 entered promiscuous mode
[   77.501480][  T321] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   77.511030][  T321] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   77.520418][  T321] usb 1-1: SerialNumber: syz
[   77.661433][  T309] usb 7-1: Using ep0 maxpacket: 16
[   77.707990][ T3809] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1512'.
[   77.779501][   T30] kauditd_printk_skb: 192 callbacks suppressed
[   77.779516][   T30] audit: type=1400 audit(1737729360.366:760): avc:  denied  { map_create } for  pid=3810 comm="syz.1.1513" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   77.804680][  T309] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   77.815879][  T309] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   77.826331][  T321] usb 1-1: 0:2 : does not exist
[   77.831871][  T309] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   77.847438][  T321] usb 1-1: USB disconnect, device number 10
[   77.853285][  T309] usb 7-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.00
[   77.862981][  T322] monterey 0003:0566:3004.001C: fixing up button/consumer in HID report descriptor
[   77.875026][  T322] monterey 0003:0566:3004.001C: unknown main item tag 0x6
[   77.891465][  T309] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   77.897188][  T322] monterey 0003:0566:3004.001C: report_id 29495 is invalid
[   77.908337][  T309] usb 7-1: config 0 descriptor??
[   77.910565][  T322] monterey 0003:0566:3004.001C: item 0 2 1 8 parsing failed
[   77.922453][   T30] audit: type=1326 audit(1737729360.516:761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3814 comm="syz.1.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f510ec50d29 code=0x7ffc0000
[   77.948647][  T322] monterey: probe of 0003:0566:3004.001C failed with error -22
[   77.968544][   T30] audit: type=1326 audit(1737729360.516:762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3814 comm="syz.1.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f510ec50d29 code=0x7ffc0000
[   77.993043][   T30] audit: type=1326 audit(1737729360.536:763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3814 comm="syz.1.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f510ec50d29 code=0x7ffc0000
[   78.016572][   T30] audit: type=1326 audit(1737729360.546:764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3814 comm="syz.1.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f510ec50d29 code=0x7ffc0000
[   78.040467][   T30] audit: type=1326 audit(1737729360.566:765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3814 comm="syz.1.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f510ec50d29 code=0x7ffc0000
[   78.065335][   T30] audit: type=1326 audit(1737729360.606:766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3814 comm="syz.1.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f510ec50d29 code=0x7ffc0000
[   78.073329][  T355] udevd[355]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[   78.106808][   T30] audit: type=1326 audit(1737729360.616:767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3814 comm="syz.1.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f510ec50d29 code=0x7ffc0000
[   78.132186][  T322] usb 6-1: USB disconnect, device number 5
[   78.134340][   T30] audit: type=1326 audit(1737729360.636:768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3814 comm="syz.1.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=4 compat=0 ip=0x7f510ec50d29 code=0x7ffc0000
[   78.164351][   T30] audit: type=1326 audit(1737729360.636:769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3814 comm="syz.1.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f510ec50d29 code=0x7ffc0000
[   78.347873][ T3822] netlink: 'syz.1.1517': attribute type 1 has an invalid length.
[   78.404493][  T309] input: HID 054c:03d5 as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/0003:054C:03D5.001D/input/input18
[   78.422383][  T309] sony 0003:054C:03D5.001D: input,hidraw0: USB HID v0.00 Joystick [HID 054c:03d5] on usb-dummy_hcd.6-1/input0
[   78.614947][  T309] usb 7-1: USB disconnect, device number 3
[   79.161395][ T3835] device wireguard0 entered promiscuous mode
[   79.369652][ T3869] loop0: detected capacity change from 0 to 1024
[   79.413224][ T3869] EXT4-fs (loop0): INFO: recovery required on readonly filesystem
[   79.440332][ T3869] EXT4-fs (loop0): write access will be enabled during recovery
[   79.451801][ T3869] JBD2: no valid journal superblock found
[   79.462135][ T3869] EXT4-fs (loop0): error loading journal
[   79.578157][ T3875] overlayfs: failed to resolve './file2': -2
[   79.599469][ T3879] syz.1.1543[3879] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   79.599544][ T3879] syz.1.1543[3879] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   79.648862][ T3888] device wireguard0 entered promiscuous mode
[   79.681873][  T322] usb 7-1: new full-speed USB device number 4 using dummy_hcd
[   79.726292][ T3901] loop4: detected capacity change from 0 to 512
[   79.775408][ T3910] loop1: detected capacity change from 0 to 256
[   79.785496][ T3901] EXT4-fs (loop4): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000004739,inode_readahead_blks=0x0000000000000800,norecovery,user_xattr,,errors=continue. Quota mode: writeback.
[   79.806505][ T3901] ext4 filesystem being mounted at /314/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   79.841409][ T3920] loop0: detected capacity change from 0 to 256
[   79.866551][ T3910] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011a39, chksum : 0xd7bdf4db, utbl_chksum : 0xe619d30d)
[   80.032532][ T3943] loop1: detected capacity change from 0 to 2048
[   80.042010][  T322] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   80.056501][  T322] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   80.061324][ T3946] loop0: detected capacity change from 0 to 512
[   80.066998][  T322] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[   80.086103][  T322] usb 7-1: New USB device found, idVendor=0566, idProduct=3004, bcdDevice= 0.00
[   80.095894][  T322] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   80.105239][  T322] usb 7-1: config 0 descriptor??
[   80.133296][ T3943] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   80.163260][ T3938] loop4: detected capacity change from 0 to 40427
[   80.173914][ T3946] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.1574: bg 0: block 209: padding at end of block bitmap is not set
[   80.188875][ T3946] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6183: Corrupt filesystem
[   80.198277][ T3946] EXT4-fs (loop0): 1 orphan inode deleted
[   80.204221][ T3946] EXT4-fs (loop0): mounted filesystem without journal. Opts: barrier,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,bsddf,dioread_lock,,errors=continue. Quota mode: writeback.
[   80.226129][ T3946] ext4 filesystem being mounted at /305/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   80.239442][ T3938] F2FS-fs (loop4): Small segment_count (9 < 1 * 24)
[   80.255561][ T3938] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   80.293436][ T3938] F2FS-fs (loop4): Found nat_bits in checkpoint
[   80.360276][ T3938] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[   80.384087][ T3938] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   80.416735][ T3972] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1581'.
[   80.461567][ T3938] attempt to access beyond end of device
[   80.461567][ T3938] loop4: rw=2049, want=53256, limit=40427
[   80.480821][  T298] attempt to access beyond end of device
[   80.480821][  T298] loop4: rw=2049, want=45104, limit=40427
[   80.556607][ T3986] loop1: detected capacity change from 0 to 128
[   80.579632][ T3988] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1592'.
[   80.582806][  T322] monterey 0003:0566:3004.001E: unknown main item tag 0x6
[   80.590369][ T3988] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1592'.
[   80.608456][ T3988] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1592'.
[   80.612495][ T3986] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   80.632231][  T322] monterey 0003:0566:3004.001E: report_id 29495 is invalid
[   80.652092][  T322] monterey 0003:0566:3004.001E: item 0 2 1 8 parsing failed
[   80.652482][ T3986] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   80.660660][  T322] monterey: probe of 0003:0566:3004.001E failed with error -22
[   80.733270][ T3992] loop4: detected capacity change from 0 to 2048
[   80.763791][ T3992] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   80.825056][  T322] usb 7-1: USB disconnect, device number 4
[   80.928864][ T4009] loop0: detected capacity change from 0 to 512
[   80.974727][ T4009] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   80.993069][ T4009] EXT4-fs (loop0): 1 truncate cleaned up
[   80.999062][ T4009] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000068,resgid=0x0000000000000000,block_validity,quota,. Quota mode: writeback.
[   81.122284][ T2985] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[   81.181825][ T4043] loop0: detected capacity change from 0 to 128
[   81.188598][ T4041] incfs: Options parsing error. -22
[   81.197529][ T4043] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   81.209812][ T4041] incfs: mount failed -22
[   81.234830][ T4047] loop4: detected capacity change from 0 to 512
[   81.237245][ T4043] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   81.272709][ T4047] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[   81.284216][ T4047] EXT4-fs (loop4): invalid journal inode
[   81.290280][ T4047] EXT4-fs (loop4): can't get journal size
[   81.310338][ T4047] EXT4-fs (loop4): 1 truncate cleaned up
[   81.316611][ T4047] EXT4-fs (loop4): mounted filesystem without journal. Opts: norecovery,,errors=continue. Quota mode: none.
[   81.444359][ T4066] loop5: detected capacity change from 0 to 1024
[   81.491959][ T2985] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   81.509366][ T2985] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[   81.561967][ T4066] EXT4-fs (loop5): mounted filesystem without journal. Opts: dioread_lock,noblock_validity,lazytime,noblock_validity,,errors=continue. Quota mode: none.
[   81.592034][ T2985] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   81.611907][ T2985] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   81.626254][ T2985] usb 2-1: SerialNumber: syz
[   81.707361][ T4096] blk_update_request: I/O error, dev loop13, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   81.720864][ T4096] FAT-fs (loop13): unable to read boot sector
[   81.813033][ T4066] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   81.829667][ T4066] EXT4-fs (loop5): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 1 with error 28
[   81.843429][ T4066] EXT4-fs (loop5): This should not happen!! Data will be lost
[   81.843429][ T4066] 
[   81.854399][ T4066] EXT4-fs (loop5): Total free blocks count 0
[   81.860464][ T4066] EXT4-fs (loop5): Free/Dirty block details
[   81.866713][ T4066] EXT4-fs (loop5): free_blocks=68451041280
[   81.873382][ T4066] EXT4-fs (loop5): dirty_blocks=16
[   81.879021][ T4066] EXT4-fs (loop5): Block reservation details
[   81.885216][ T4066] EXT4-fs (loop5): i_reserved_data_blocks=1
[   81.912581][ T2985] usb 2-1: 0:2 : does not exist
[   81.919468][ T4109] device wireguard0 entered promiscuous mode
[   81.928142][ T2985] usb 2-1: USB disconnect, device number 9
[   82.061812][ T4120] loop6: detected capacity change from 0 to 512
[   82.071942][  T321] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[   82.133875][ T4120] EXT4-fs (loop6): orphan cleanup on readonly fs
[   82.141707][ T4120] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.1651: bg 0: block 248: padding at end of block bitmap is not set
[   82.158516][  T548] udevd[548]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[   82.180438][ T4120] EXT4-fs error (device loop6): ext4_acquire_dquot:6188: comm syz.6.1651: Failed to acquire dquot type 1
[   82.193200][ T4120] EXT4-fs (loop6): 1 truncate cleaned up
[   82.199141][ T4120] EXT4-fs (loop6): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,nombcache,journal_ioprio=0x0000000000000003,noload,noload,,errors=continue. Quota mode: writeback.
[   82.342824][ T4143] incfs: Error accessing: ./file0.
[   82.348093][ T4143] incfs: mount failed -20
[   82.425880][ T4155] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check.
[   82.442241][  T321] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[   82.461470][  T321] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[   82.503575][ T4163] blk_update_request: I/O error, dev loop11, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[   82.516053][ T4163] FAT-fs (loop11): unable to read boot sector
[   82.622125][  T321] usb 5-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[   82.631184][  T321] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   82.639080][  T321] usb 5-1: Product: syz
[   82.643281][  T321] usb 5-1: Manufacturer: syz
[   82.648198][  T321] usb 5-1: SerialNumber: syz
[   82.653600][  T321] usb 5-1: config 0 descriptor??
[   82.662057][   T39] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[   82.672065][ T4107] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[   82.679198][ T4107] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[   82.822040][  T450] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[   82.894408][ T4107] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[   82.902371][ T4107] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[   82.912131][   T39] usb 7-1: Using ep0 maxpacket: 32
[   83.052206][   T39] usb 7-1: config 0 interface 0 altsetting 3 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   83.065257][   T39] usb 7-1: config 0 interface 0 altsetting 3 endpoint 0x81 has invalid wMaxPacketSize 0
[   83.075288][   T39] usb 7-1: config 0 interface 0 has no altsetting 0
[   83.082659][  T450] usb 2-1: Using ep0 maxpacket: 16
[   83.087743][   T39] usb 7-1: New USB device found, idVendor=048d, idProduct=8595, bcdDevice= 0.00
[   83.096917][   T39] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   83.109395][   T39] usb 7-1: config 0 descriptor??
[   83.202147][  T450] usb 2-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   83.213596][  T450] usb 2-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0
[   83.226012][  T450] usb 2-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   83.239346][  T450] usb 2-1: config 0 interface 0 has no altsetting 0
[   83.246442][  T450] usb 2-1: New USB device found, idVendor=045e, idProduct=05da, bcdDevice= 0.00
[   83.255759][  T450] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   83.265064][  T450] usb 2-1: config 0 descriptor??
[   83.572190][  T321] dm9601 5-1:0.0 (unnamed net_device) (uninitialized): Error reading chip ID
[   83.581805][  T321] usb 5-1: USB disconnect, device number 12
[   83.594119][   T39] itetech 0003:048D:8595.001F: hidraw0: USB HID v8.00 Device [HID 048d:8595] on usb-dummy_hcd.6-1/input0
[   83.625788][   T30] kauditd_printk_skb: 189 callbacks suppressed
[   83.625802][   T30] audit: type=1400 audit(1737729366.215:957): avc:  denied  { mounton } for  pid=4191 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[   83.665404][ T4191] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.672933][ T4191] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.680563][ T4191] device bridge_slave_0 entered promiscuous mode
[   83.689024][ T4191] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.696077][ T4191] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.703521][ T4191] device bridge_slave_1 entered promiscuous mode
[   83.712146][  T309] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[   83.744366][  T450] hid-generic 0003:045E:05DA.0020: unknown main item tag 0x0
[   83.751789][  T450] hid-generic 0003:045E:05DA.0020: ignoring exceeding usage max
[   83.760725][  T450] hid-generic 0003:045E:05DA.0020: ignoring exceeding usage max
[   83.768685][  T450] hid-generic 0003:045E:05DA.0020: unbalanced collection at end of report description
[   83.769158][ T4191] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.778583][  T450] hid-generic: probe of 0003:045E:05DA.0020 failed with error -22
[   83.784978][ T4191] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.799598][  T450] usb 7-1: USB disconnect, device number 5
[   83.799704][ T4191] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.812581][ T4191] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.832910][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   83.840384][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.848074][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.859571][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   83.868574][   T10] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.875703][   T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.885132][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   83.893251][   T10] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.900131][   T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.912956][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   83.923993][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   83.940240][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   83.953822][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   83.962897][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   83.968807][  T321] usb 2-1: USB disconnect, device number 10
[   83.971480][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   83.987468][ T4191] device veth0_vlan entered promiscuous mode
[   83.999101][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   84.010063][ T4191] device veth1_macvtap entered promiscuous mode
[   84.020219][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   84.031331][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   84.049384][   T30] audit: type=1400 audit(1737729366.635:958): avc:  denied  { mounton } for  pid=4191 comm="syz-executor" path="/root/syzkaller.GAxMfy/syz-tmp" dev="sda1" ino=1954 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[   84.072255][  T309] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   84.080692][   T30] audit: type=1400 audit(1737729366.635:959): avc:  denied  { mount } for  pid=4191 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   84.117897][  T309] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[   84.128786][   T30] audit: type=1400 audit(1737729366.635:960): avc:  denied  { mount } for  pid=4191 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[   84.156412][   T30] audit: type=1400 audit(1737729366.635:961): avc:  denied  { mounton } for  pid=4191 comm="syz-executor" path="/root/syzkaller.GAxMfy/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[   84.157127][ T1276] device bridge_slave_1 left promiscuous mode
[   84.191268][ T1276] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.198577][   T30] audit: type=1400 audit(1737729366.635:962): avc:  denied  { mounton } for  pid=4191 comm="syz-executor" path="/root/syzkaller.GAxMfy/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=28648 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[   84.226879][ T1276] device bridge_slave_0 left promiscuous mode
[   84.227832][   T30] audit: type=1400 audit(1737729366.705:963): avc:  denied  { mounton } for  pid=4191 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=514 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[   84.257006][ T1276] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.265171][  T309] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   84.265492][   T30] audit: type=1400 audit(1737729366.705:964): avc:  denied  { mounton } for  pid=4191 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[   84.301246][   T30] audit: type=1400 audit(1737729366.705:965): avc:  denied  { mount } for  pid=4191 comm="syz-executor" name="/" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[   84.305678][  T309] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   84.331683][  T309] usb 6-1: SerialNumber: syz
[   84.350225][ T4200] loop6: detected capacity change from 0 to 512
[   84.395517][ T4200] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[   84.406336][   T30] audit: type=1326 audit(1737729367.005:966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4209 comm="syz.4.1690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f960674fd29 code=0x7ffc0000
[   84.438911][ T4200] EXT4-fs (loop6): invalid journal inode
[   84.450752][ T4200] EXT4-fs (loop6): can't get journal size
[   84.452078][ T4212] loop0: detected capacity change from 0 to 256
[   84.472049][ T4200] EXT4-fs (loop6): 1 truncate cleaned up
[   84.478544][ T4200] EXT4-fs (loop6): mounted filesystem without journal. Opts: norecovery,,errors=continue. Quota mode: none.
[   84.504890][ T4212] incfs: Can't find or create .incomplete dir in ./file0
[   84.516859][ T4212] incfs: mount failed -22
[   84.554607][ T4212] incfs: Can't find or create .incomplete dir in ./file0
[   84.565329][ T4212] incfs: mount failed -22
[   84.632806][  T309] usb 6-1: 0:2 : does not exist
[   84.645065][  T309] usb 6-1: USB disconnect, device number 6
[   84.871862][ T4255] loop1: detected capacity change from 0 to 256
[   84.944158][ T4255] incfs: Can't find or create .incomplete dir in ./file0
[   84.972694][ T4255] incfs: mount failed -22
[   85.003328][ T4255] incfs: Can't find or create .incomplete dir in ./file0
[   85.014391][ T4236] loop0: detected capacity change from 0 to 40427
[   85.022803][ T4255] incfs: mount failed -22
[   85.044972][ T4236] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[   85.074311][ T4236] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   85.112416][ T4236] F2FS-fs (loop0): invalid crc value
[   85.148703][ T4236] F2FS-fs (loop0): Found nat_bits in checkpoint
[   85.252588][ T4236] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[   85.259631][ T4236] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   85.354764][ T4285] devpts: called with bogus options
[   85.498835][ T4291] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1726'.
[   85.517798][ T4291] device bridge_slave_1 left promiscuous mode
[   85.524538][ T4291] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.542467][ T4291] device bridge_slave_0 left promiscuous mode
[   85.548454][ T4291] bridge0: port 1(bridge_slave_0) entered disabled state
[   85.729916][ T4295] loop5: detected capacity change from 0 to 2048
[   85.802590][ T4300] syz.1.1728 (4300): /proc/4299/oom_adj is deprecated, please use /proc/4299/oom_score_adj instead.
[   85.876790][ T4295] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   85.914280][ T4309] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   86.092000][ T4321] overlayfs: missing 'lowerdir'
[   86.177761][ T4334] loop5: detected capacity change from 0 to 1024
[   86.188845][ T4331] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1740'.
[   86.233417][ T4342] loop6: detected capacity change from 0 to 128
[   86.269014][ T4334] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   86.309054][ T4334] ext4 filesystem being mounted at /391/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   86.338243][ T4342] 9pnet_virtio: no channels available for device syz
[   86.378604][ T4334] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.1743: bg 0: block 393: padding at end of block bitmap is not set
[   86.398861][ T4354] blk_update_request: I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   86.409668][ T4354] FAT-fs (loop1): unable to read boot sector
[   86.409744][ T4334] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 65 with error 117
[   86.428914][ T4334] EXT4-fs (loop5): This should not happen!! Data will be lost
[   86.428914][ T4334] 
[   86.801795][ T4392] syz.1.1768 (4392) used greatest stack depth: 19200 bytes left
[   86.922797][ T4373] loop5: detected capacity change from 0 to 40427
[   87.012807][ T4373] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[   87.029322][ T4373] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[   87.049029][ T4373] F2FS-fs (loop5): invalid crc value
[   87.066483][ T4394] loop1: detected capacity change from 0 to 40427
[   87.083887][ T4373] F2FS-fs (loop5): Found nat_bits in checkpoint
[   87.153290][ T4394] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504)
[   87.166889][ T4373] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[   87.173903][ T4394] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   87.182289][ T4373] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[   87.193769][ T4394] F2FS-fs (loop1): invalid crc value
[   87.243711][ T4394] F2FS-fs (loop1): Found nat_bits in checkpoint
[   87.336289][ T4394] F2FS-fs (loop1): Start checkpoint disabled!
[   87.361075][ T4394] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   87.370379][ T4394] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[   87.428395][ T4405] loop0: detected capacity change from 0 to 256
[   87.512888][   T10] attempt to access beyond end of device
[   87.512888][   T10] loop1: rw=2049, want=41008, limit=40427
[   87.545173][ T4405] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[   87.852839][ T4429] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 0
[   87.925994][ T4437] loop4: detected capacity change from 0 to 256
[   87.983716][ T4442] netlink: 120 bytes leftover after parsing attributes in process `syz.5.1788'.
[   88.045887][ T4437] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 198)
[   88.062762][ T4437] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 198)
[   88.074036][ T4427] loop0: detected capacity change from 0 to 40427
[   88.081325][ T4437] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 198)
[   88.110870][ T4437] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 198)
[   88.160443][ T4427] F2FS-fs (loop0): fault_injection options not supported
[   88.178689][ T4427] F2FS-fs (loop0): fault_type options not supported
[   88.186539][ T4427] F2FS-fs (loop0): invalid crc value
[   88.222983][ T4427] F2FS-fs (loop0): Found nat_bits in checkpoint
[   88.251169][ T4456] loop4: detected capacity change from 0 to 128
[   88.274965][ T4462] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1797'.
[   88.303421][ T4456] EXT4-fs (loop4): Test dummy encryption mode enabled
[   88.321363][ T4427] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   88.329192][ T4456] EXT4-fs (loop4): mounted filesystem without journal. Opts: test_dummy_encryption,,errors=continue. Quota mode: none.
[   88.347222][ T4456] ext4 filesystem being mounted at /350/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   88.367047][ T4456] EXT4-fs (loop4): Online defrag not supported for encrypted files
[   88.440041][ T4191] attempt to access beyond end of device
[   88.440041][ T4191] loop0: rw=2049, want=45104, limit=40427
[   88.497090][ T4486] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1808'.
[   88.647510][ T4506] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[   88.655863][   T30] kauditd_printk_skb: 80 callbacks suppressed
[   88.655868][ T4510] netlink: 'syz.0.1819': attribute type 32 has an invalid length.
[   88.655877][   T30] audit: type=1400 audit(1737729371.255:1047): avc:  denied  { nlmsg_write } for  pid=4509 comm="syz.0.1819" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   88.718498][ T4519] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1824'.
[   88.750914][   T30] audit: type=1400 audit(1737729371.345:1048): avc:  denied  { mount } for  pid=4522 comm="syz.1.1826" name="/" dev="ramfs" ino=31426 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[   88.818377][ T4529] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1828'.
[   88.903467][   T30] audit: type=1400 audit(1737729371.505:1049): avc:  denied  { ioctl } for  pid=4540 comm="syz.0.1832" path="socket:[31462]" dev="sockfs" ino=31462 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   88.940067][ T4541] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.947465][ T4541] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.991059][ T4546] futex_wake_op: syz.4.1834 tries to shift op by -1; fix this program
[   89.076402][ T4554] loop4: detected capacity change from 0 to 512
[   89.145136][   T30] audit: type=1400 audit(1737729371.744:1050): avc:  denied  { remount } for  pid=4557 comm="syz.0.1841" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[   89.190825][   T30] audit: type=1400 audit(1737729371.774:1051): avc:  denied  { read } for  pid=4560 comm="syz.0.1842" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   89.223068][ T4554] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   89.250879][ T4554] ext4 filesystem being mounted at /360/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   89.378263][ T4569] loop4: detected capacity change from 0 to 512
[   89.484661][ T4569] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   89.503398][ T4569] ext4 filesystem being mounted at /361/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   89.541622][ T4569] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[   89.643341][ T4535] loop6: detected capacity change from 0 to 131072
[   89.658752][ T4575] syz.5.1847[4575] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   89.658827][ T4575] syz.5.1847[4575] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   89.673650][   T30] audit: type=1400 audit(1737729372.274:1052): avc:  denied  { write } for  pid=4574 comm="syz.5.1847" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[   89.712173][ T4535] F2FS-fs (loop6): Wrong CP boundary, start(512) end(198144) blocks(1024)
[   89.731225][ T4535] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock
[   89.764600][ T4535] F2FS-fs (loop6): invalid crc value
[   89.780412][   T30] audit: type=1400 audit(1737729372.374:1053): avc:  denied  { read } for  pid=4580 comm="syz.1.1850" name="usbmon7" dev="devtmpfs" ino=172 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   89.808500][ T4535] F2FS-fs (loop6): Found nat_bits in checkpoint
[   89.836788][   T30] audit: type=1400 audit(1737729372.374:1054): avc:  denied  { open } for  pid=4580 comm="syz.1.1850" path="/dev/usbmon7" dev="devtmpfs" ino=172 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   89.890448][ T4535] F2FS-fs (loop6): Try to recover 2th superblock, ret: 0
[   89.900067][ T4535] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e4
[   89.972102][   T30] audit: type=1326 audit(1737729372.564:1055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4599 comm="syz.5.1856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f949fb59d29 code=0x7ffc0000
[   89.985378][ T4535] F2FS-fs (loop6): sanity_check_inode: corrupted inode i_blocks i_ino=8 iblocks=0, run fsck to fix.
[   90.026300][   T30] audit: type=1326 audit(1737729372.564:1056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4599 comm="syz.5.1856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f949fb59d29 code=0x7ffc0000
[   90.201963][ T4628] loop0: detected capacity change from 0 to 128
[   90.213711][  T321] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[   90.250602][ T4634] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1874'.
[   90.264934][ T4636] rose0: tun_chr_ioctl cmd 1074025677
[   90.279657][ T4636] rose0: linktype set to 1
[   90.466326][ T4664] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1887'.
[   90.481774][ T4666] loop4: detected capacity change from 0 to 512
[   90.528755][ T4673] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.536004][ T4673] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.576837][ T4666] EXT4-fs (loop4): error: journal path ./bus is not a block device
[   90.597899][ T4682] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1896'.
[   90.603263][  T321] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[   90.632788][  T321] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   90.653048][ T4682] device bridge_slave_1 left promiscuous mode
[   90.657129][  T321] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   90.668980][ T4682] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.681957][  T321] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[   91.548340][ T4682] device bridge_slave_0 left promiscuous mode
[   91.564569][ T4682] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.615480][ T4696] loop6: detected capacity change from 0 to 512
[   91.623366][  T321] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[   91.635056][  T321] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[   91.667326][ T4696] EXT4-fs (loop6): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback.
[   91.681561][  T321] usb 2-1: Manufacturer: syz
[   91.681996][ T4696] ext4 filesystem being mounted at /98/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   91.713544][  T321] usb 2-1: config 0 descriptor??
[   91.798340][ T4715] netlink: 'syz.4.1910': attribute type 11 has an invalid length.
[   91.915585][ T4733] loop6: detected capacity change from 0 to 512
[   91.944480][ T4733] EXT4-fs (loop6): Quota format mount options ignored when QUOTA feature is enabled
[   91.975013][ T4733] EXT4-fs (loop6): Quota format mount options ignored when QUOTA feature is enabled
[   91.999824][ T4733] EXT4-fs (loop6): revision level too high, forcing read-only mode
[   92.008373][ T4747] netlink: 'syz.0.1924': attribute type 3 has an invalid length.
[   92.020221][ T4733] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[   92.053403][ T4733] System zones: 0-1, 15-15, 18-18, 34-34
[   92.059471][ T4733] EXT4-fs (loop6): orphan cleanup on readonly fs
[   92.067257][ T4733] EXT4-fs warning (device loop6): ext4_enable_quotas:6423: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[   92.082739][ T4733] EXT4-fs (loop6): Cannot turn on quotas: error -22
[   92.095318][ T4733] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.1917: bg 0: block 40: padding at end of block bitmap is not set
[   92.123179][ T4733] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6183: Corrupt filesystem
[   92.133438][ T4733] EXT4-fs (loop6): 1 truncate cleaned up
[   92.153609][ T4733] EXT4-fs (loop6): mounted filesystem without journal. Opts: jqfmt=vfsv1,nouid32,jqfmt=vfsv0,norecovery,norecovery,dioread_lock,,errors=continue. Quota mode: writeback.
[   92.194008][  T321] appleir 0003:05AC:8243.0021: unknown main item tag 0x0
[   92.201133][  T321] appleir 0003:05AC:8243.0021: No inputs registered, leaving
[   92.224851][  T321] appleir 0003:05AC:8243.0021: hiddev96,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[   92.256805][ T4759] incfs: Options parsing error. -22
[   92.262173][ T4759] incfs: mount failed -22
[   92.286634][ T4761] loop4: detected capacity change from 0 to 256
[   92.303828][ T4733] fscrypt (loop6, inode 16): Error -61 getting encryption context
[   92.384011][ T4761] FAT-fs (loop4): Directory bread(block 64) failed
[   92.400560][ T4761] FAT-fs (loop4): Directory bread(block 65) failed
[   92.408283][ T4761] FAT-fs (loop4): Directory bread(block 66) failed
[   92.415884][ T4761] FAT-fs (loop4): Directory bread(block 67) failed
[   92.443668][ T4761] FAT-fs (loop4): Directory bread(block 68) failed
[   92.450027][ T4761] FAT-fs (loop4): Directory bread(block 69) failed
[   92.456771][ T4761] FAT-fs (loop4): Directory bread(block 70) failed
[   92.463271][ T4761] FAT-fs (loop4): Directory bread(block 71) failed
[   92.470265][ T4761] FAT-fs (loop4): Directory bread(block 72) failed
[   92.477217][ T4761] FAT-fs (loop4): Directory bread(block 73) failed
[   92.494436][  T309] usb 2-1: USB disconnect, device number 11
[   92.529615][    T8] attempt to access beyond end of device
[   92.529615][    T8] loop4: rw=1, want=1832, limit=256
[   92.542158][    T8] attempt to access beyond end of device
[   92.542158][    T8] loop4: rw=1, want=3308, limit=256
[   92.565444][ T4772] loop0: detected capacity change from 0 to 1024
[   92.592242][ T4776] loop5: detected capacity change from 0 to 128
[   92.604292][ T4772] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[   92.618458][ T4772] EXT4-fs (loop0): barriers disabled
[   92.631362][ T4772] JBD2: no valid journal superblock found
[   92.643399][ T4772] EXT4-fs (loop0): error loading journal
[   92.680196][ T4782] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[   92.790621][ T4794] loop5: detected capacity change from 0 to 256
[   92.859803][ T4788] loop0: detected capacity change from 0 to 40427
[   92.943807][ T4788] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[   92.953274][ T4788] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   92.964911][ T4788] F2FS-fs (loop0): Found nat_bits in checkpoint
[   92.988613][ T4788] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[   92.995661][ T4788] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   93.240020][ T4813] loop6: detected capacity change from 0 to 128
[   93.341667][ T4822] loop5: detected capacity change from 0 to 512
[   93.460300][ T4822] EXT4-fs (loop5): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback.
[   93.482768][ T4822] ext4 filesystem being mounted at /453/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   93.600342][ T4841] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1963'.
[   93.635262][ T4843] bridge: RTM_NEWNEIGH with unconfigured vlan 251 on bridge_slave_0
[   93.661784][ T4847] loop1: detected capacity change from 0 to 128
[   93.724158][ T4847] EXT4-fs (loop1): Mount option "noacl" will be removed by 3.5
[   93.724158][ T4847] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[   93.724158][ T4847] 
[   93.767016][ T4847] EXT4-fs (loop1): mounted filesystem without journal. Opts: noacl,,errors=continue. Quota mode: none.
[   93.799703][ T4845] loop5: detected capacity change from 0 to 40427
[   93.800711][ T4847] ext4 filesystem being mounted at /342/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   93.831194][   T30] kauditd_printk_skb: 77 callbacks suppressed
[   93.831209][   T30] audit: type=1400 audit(1737729376.424:1133): avc:  denied  { mounton } for  pid=4846 comm="syz.1.1968" path="/342/mnt/file0" dev="loop1" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   93.878076][ T4845] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[   93.889806][ T4845] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[   93.900528][   T30] audit: type=1400 audit(1737729376.454:1134): avc:  denied  { write } for  pid=4846 comm="syz.1.1968" name="file0" dev="loop1" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   93.924471][   T30] audit: type=1400 audit(1737729376.454:1135): avc:  denied  { add_name } for  pid=4846 comm="syz.1.1968" name="work" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   93.933551][ T4845] F2FS-fs (loop5): invalid crc value
[   93.945422][   T30] audit: type=1400 audit(1737729376.454:1136): avc:  denied  { setattr } for  pid=4846 comm="syz.1.1968" name="work" dev="loop1" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   93.972455][ T4828] loop6: detected capacity change from 0 to 131072
[   93.973611][   T30] audit: type=1400 audit(1737729376.454:1137): avc:  denied  { remove_name } for  pid=4846 comm="syz.1.1968" name="#7" dev="loop1" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   94.001836][ T4828] F2FS-fs (loop6): QUOTA feature is enabled, so ignore qf_name
[   94.022357][ T4828] F2FS-fs (loop6): invalid crc value
[   94.031996][   T30] audit: type=1400 audit(1737729376.454:1138): avc:  denied  { rename } for  pid=4846 comm="syz.1.1968" name="#7" dev="loop1" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   94.033818][ T4845] F2FS-fs (loop5): Found nat_bits in checkpoint
[   94.057223][   T30] audit: type=1400 audit(1737729376.464:1139): avc:  denied  { unlink } for  pid=4846 comm="syz.1.1968" name="#7" dev="loop1" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=chr_file permissive=1
[   94.085724][   T30] audit: type=1400 audit(1737729376.484:1140): avc:  denied  { rmdir } for  pid=302 comm="syz-executor" name="work" dev="loop1" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   94.092117][ T4845] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[   94.108232][   T30] audit: type=1400 audit(1737729376.484:1141): avc:  denied  { rmdir } for  pid=302 comm="syz-executor" name="lost+found" dev="loop1" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   94.115287][ T4845] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[   94.146869][ T4828] F2FS-fs (loop6): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387)
[   94.178395][ T4864] loop1: detected capacity change from 0 to 512
[   94.208615][ T4864] EXT4-fs (loop1): 1 truncate cleaned up
[   94.213507][ T4828] F2FS-fs (loop6): Mounted with checkpoint version = 753bd00b
[   94.214202][ T4864] EXT4-fs (loop1): mounted filesystem without journal. Opts: prjquota,grpquota,debug_want_extra_isize=0x000000000000005c,sysvgroups,lazytime,errors=continue,grpjquota=,,errors=continue. Quota mode: writeback.
[   94.321474][ T4870] loop1: detected capacity change from 0 to 512
[   94.407587][ T4870] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback.
[   94.407665][ T4874] loop4: detected capacity change from 0 to 2048
[   94.421339][ T4870] ext4 filesystem being mounted at /347/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   94.459266][   T30] audit: type=1400 audit(1737729377.054:1142): avc:  denied  { map } for  pid=4877 comm="syz.5.1977" path="/dev/ashmem" dev="devtmpfs" ino=261 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   94.550320][ T4874] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   94.567668][ T4874] ext4 filesystem being mounted at /385/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   94.706365][ T4904] loop4: detected capacity change from 0 to 256
[   94.764194][ T4904] exfat: Deprecated parameter 'namecase'
[   94.769770][ T4904] exfat: Deprecated parameter 'namecase'
[   94.777627][ T4904] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[   95.004248][ T4913] loop4: detected capacity change from 0 to 40427
[   95.059408][ T4913] F2FS-fs (loop4): invalid crc value
[   95.070682][ T4913] F2FS-fs (loop4): Found nat_bits in checkpoint
[   95.073758][ T4891] loop6: detected capacity change from 0 to 131072
[   95.098349][ T4891] F2FS-fs (loop6): Test dummy encryption mode enabled
[   95.108274][ T4891] F2FS-fs (loop6): invalid crc value
[   95.114451][ T4913] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[   95.115080][ T4891] F2FS-fs (loop6): Found nat_bits in checkpoint
[   95.159120][  T298] attempt to access beyond end of device
[   95.159120][  T298] loop4: rw=2049, want=45104, limit=40427
[   95.165576][ T4891] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[   95.170348][  T321] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[   95.281370][ T4924] loop4: detected capacity change from 0 to 512
[   95.305580][ T4924] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   95.317288][ T4924] ext4 filesystem being mounted at /391/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   95.333034][ T4924] EXT4-fs error (device loop4): ext4_acquire_dquot:6188: comm syz.4.1992: Failed to acquire dquot type 0
[   95.420380][ T4931] loop4: detected capacity change from 0 to 512
[   95.487625][ T4931] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[   95.500548][ T4931] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[   95.510979][ T4931] EXT4-fs (loop4): warning: checktime reached, running e2fsck is recommended
[   95.521289][ T4931] EXT4-fs error (device loop4): ext4_orphan_get:1401: inode #15: comm syz.4.1995: iget: bad extended attribute block 19
[   95.534669][ T4931] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.1995: couldn't read orphan inode 15 (err -117)
[   95.547214][ T4931] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   95.558108][  T321] usb 2-1: config 0 has no interfaces?
[   95.609536][ T4942] loop5: detected capacity change from 0 to 512
[   95.638375][ T4950] loop4: detected capacity change from 0 to 256
[   95.656939][ T4942] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   95.668138][ T4942] ext4 filesystem being mounted at /463/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   95.713798][  T321] usb 2-1: New USB device found, idVendor=dd3d, idProduct=0321, bcdDevice=a1.c9
[   95.722853][  T321] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   95.731214][  T321] usb 2-1: Product: syz
[   95.735283][  T321] usb 2-1: Manufacturer: syz
[   95.740120][  T321] usb 2-1: SerialNumber: syz
[   95.746188][  T321] usb 2-1: config 0 descriptor??
[   95.762079][ T4956] loop5: detected capacity change from 0 to 256
[   95.766525][ T4958] SELinux:  Context #! ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[   95.862251][ T4958] loop4: detected capacity change from 0 to 40427
[   95.867216][ T4956] FAT-fs (loop5): Directory bread(block 64) failed
[   95.969492][ T4956] FAT-fs (loop5): Directory bread(block 65) failed
[   95.976441][ T4956] FAT-fs (loop5): Directory bread(block 66) failed
[   95.983015][ T4956] FAT-fs (loop5): Directory bread(block 67) failed
[   95.987012][ T2985] usb 2-1: USB disconnect, device number 12
[   95.989766][ T4956] FAT-fs (loop5): Directory bread(block 68) failed
[   95.999411][ T4958] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504)
[   96.002550][ T4956] FAT-fs (loop5): Directory bread(block 69) failed
[   96.015041][ T4958] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   96.015564][ T4956] FAT-fs (loop5): Directory bread(block 70) failed
[   96.027088][ T4958] F2FS-fs (loop4): invalid crc value
[   96.030181][ T4956] FAT-fs (loop5): Directory bread(block 71) failed
[   96.037954][ T4958] F2FS-fs (loop4): Found nat_bits in checkpoint
[   96.042297][ T4956] FAT-fs (loop5): Directory bread(block 72) failed
[   96.054891][ T4956] FAT-fs (loop5): Directory bread(block 73) failed
[   96.077881][ T4958] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[   96.085185][ T4958] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   96.131016][  T298] attempt to access beyond end of device
[   96.131016][  T298] loop4: rw=2049, want=40976, limit=40427
[   96.143394][   T45] attempt to access beyond end of device
[   96.143394][   T45] loop5: rw=1, want=1832, limit=256
[   96.156259][   T45] attempt to access beyond end of device
[   96.156259][   T45] loop5: rw=1, want=3308, limit=256
[   96.261156][ T4969] loop4: detected capacity change from 0 to 1024
[   96.294601][ T4969] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[   96.308464][ T4969] EXT4-fs (loop4): barriers disabled
[   96.314463][ T4969] JBD2: no valid journal superblock found
[   96.321754][ T4969] EXT4-fs (loop4): error loading journal
[   96.565419][ T5003] syz.1.2024[5003] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   96.565493][ T5003] syz.1.2024[5003] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   96.712487][ T5012] kvm [5011]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc0010007 data 0x0
[   96.770910][ T5019] loop6: detected capacity change from 0 to 256
[   96.810101][ T5019] FAT-fs (loop6): Directory bread(block 64) failed
[   96.824419][ T5019] FAT-fs (loop6): Directory bread(block 65) failed
[   96.843253][ T5019] FAT-fs (loop6): Directory bread(block 66) failed
[   96.855584][ T5019] FAT-fs (loop6): Directory bread(block 67) failed
[   96.869103][ T5019] FAT-fs (loop6): Directory bread(block 68) failed
[   96.881066][ T5019] FAT-fs (loop6): Directory bread(block 69) failed
[   96.893153][ T5019] FAT-fs (loop6): Directory bread(block 70) failed
[   96.905257][ T5019] FAT-fs (loop6): Directory bread(block 71) failed
[   96.911318][ T5024] loop0: detected capacity change from 0 to 1024
[   96.912998][ T5019] FAT-fs (loop6): Directory bread(block 72) failed
[   96.925501][ T5019] FAT-fs (loop6): Directory bread(block 73) failed
[   96.954451][ T5024] EXT4-fs (loop0): Quota format mount options ignored when QUOTA feature is enabled
[   96.995342][ T5024] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsold,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[   97.012891][ T5033] loop4: detected capacity change from 0 to 128
[   97.049846][ T5035] loop6: detected capacity change from 0 to 256
[   97.065778][ T5033] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   97.076931][ T5033] ext4 filesystem being mounted at /404/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   97.097195][ T5040] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2039'.
[   97.104199][ T5033] fscrypt (loop4, inode 12): Unsupported encryption flags (0xe0)
[   97.160782][ T5049] loop6: detected capacity change from 0 to 128
[   97.177289][ T5051] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2044'.
[   97.194247][ T5049] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   97.232185][ T5049] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   97.280907][    T8] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   97.302488][ T5057] loop0: detected capacity change from 0 to 512
[   97.405062][ T5057] EXT4-fs (loop0): mounted filesystem without journal. Opts: nodelalloc,grpid,auto_da_alloc,,errors=continue. Quota mode: writeback.
[   97.445970][ T5071] loop5: detected capacity change from 0 to 256
[   97.464378][ T5057] ext4 filesystem being mounted at /75/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   97.473148][ T5059] loop4: detected capacity change from 0 to 40427
[   97.550924][ T5059] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[   97.573253][ T5059] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   97.617119][ T5059] F2FS-fs (loop4): Found nat_bits in checkpoint
[   97.637340][  T309] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[   97.664764][ T5087] IPv6: NLM_F_REPLACE set, but no existing node found!
[   97.711320][ T5059] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[   97.718750][ T5059] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   97.737454][ T5097] loop5: detected capacity change from 0 to 128
[   97.787134][ T5097] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   97.801990][ T5097] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   97.831019][   T45] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   97.851880][ T5046] loop1: detected capacity change from 0 to 131072
[   97.918480][ T5046] F2FS-fs (loop1): Test dummy encryption mode enabled
[   97.927384][ T5046] F2FS-fs (loop1): invalid crc value
[   97.934988][ T5046] F2FS-fs (loop1): Found nat_bits in checkpoint
[   97.959987][ T5046] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   98.013488][ T5108] loop4: detected capacity change from 0 to 128
[   98.021208][  T309] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   98.034501][  T309] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   98.044647][  T309] usb 7-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00
[   98.053604][  T309] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   98.063715][ T5108] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   98.075204][ T5108] ext4 filesystem being mounted at /409/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   98.095998][ T5113] loop5: detected capacity change from 0 to 16
[   98.116795][  T309] usb 7-1: config 0 descriptor??
[   98.129926][ T5113] erofs: (device loop5): mounted with root inode @ nid 36.
[   98.198881][ T5120] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2073'.
[   98.216416][ T5120] device bridge_slave_1 left promiscuous mode
[   98.223461][ T5120] bridge0: port 2(bridge_slave_1) entered disabled state
[   98.231177][ T5120] device bridge_slave_0 left promiscuous mode
[   98.237839][ T5120] bridge0: port 1(bridge_slave_0) entered disabled state
[   98.291230][ T5127] loop1: detected capacity change from 0 to 256
[   98.349364][ T5135] loop5: detected capacity change from 0 to 512
[   98.392523][ T5135] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   98.403732][ T5135] ext4 filesystem being mounted at /485/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   98.471101][ T5153] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2086'.
[   98.497184][ T5153] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2086'.
[   98.549522][ T5165] loop1: detected capacity change from 0 to 16
[   98.603547][ T5165] erofs: (device loop1): mounted with root inode @ nid 36.
[   98.625173][ T5165] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=46
[   98.745498][ T5194] loop0: detected capacity change from 0 to 1024
[   98.754689][ T5193] loop1: detected capacity change from 0 to 512
[   98.774974][ T5193] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   98.787033][ T5194] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[   98.803542][ T5194] EXT4-fs (loop0): Ignoring removed bh option
[   98.810973][ T5193] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2219: inode #15: comm syz.1.2102: corrupted in-inode xattr
[   98.814086][  T309] hid-led: probe of 0003:1D34:000A.0022 failed with error -71
[   98.823522][ T5193] EXT4-fs (loop1): Remounting filesystem read-only
[   98.840259][ T5193] EXT4-fs (loop1): 1 truncate cleaned up
[   98.852632][  T309] usb 7-1: USB disconnect, device number 6
[   98.863620][ T5194] EXT4-fs (loop0): mounted filesystem without journal. Opts: user_xattr,grpquota,mblk_io_submit,abort,nodelalloc,usrquota,delalloc,bh,nodelalloc,,errors=continue. Quota mode: writeback.
[   98.865875][ T5201] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   98.883328][ T5193] EXT4-fs (loop1): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,quota,errors=remount-ro,barrier,. Quota mode: writeback.
[   98.924661][ T5194] ext4 filesystem being mounted at /87/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   99.017477][ T5208] loop5: detected capacity change from 0 to 1024
[   99.048944][   T30] kauditd_printk_skb: 32 callbacks suppressed
[   99.048962][   T30] audit: type=1326 audit(1737729381.643:1173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5209 comm="syz.0.2110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f766fa15d29 code=0x7ffc0000
[   99.078986][   T30] audit: type=1326 audit(1737729381.643:1174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5209 comm="syz.0.2110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=297 compat=0 ip=0x7f766fa15d29 code=0x7ffc0000
[   99.108050][ T5208] EXT4-fs (loop5): Ignoring removed nobh option
[   99.115105][   T30] audit: type=1326 audit(1737729381.643:1175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5209 comm="syz.0.2110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f766fa15d29 code=0x7ffc0000
[   99.175409][ T5208] EXT4-fs (loop5): mounted filesystem without journal. Opts: minixdf,bsddf,barrier=0x00000000000001ff,dioread_lock,debug_want_extra_isize=0x0000000000000080,lazytime,nodelalloc,noblock_validity,nobh,noquota,delalloc,,errors=continue. Quota mode: none.
[   99.295474][   T30] audit: type=1400 audit(1737729381.893:1176): avc:  denied  { read write } for  pid=5226 comm="syz.5.2117" name="vga_arbiter" dev="devtmpfs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[   99.320880][   T30] audit: type=1400 audit(1737729381.893:1177): avc:  denied  { open } for  pid=5226 comm="syz.5.2117" path="/dev/vga_arbiter" dev="devtmpfs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[   99.355580][ T5229] loop5: detected capacity change from 0 to 512
[   99.403641][ T5229] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   99.468666][ T5247] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2126'.
[   99.478992][ T5229] EXT4-fs (loop5): 1 truncate cleaned up
[   99.488022][ T5229] EXT4-fs (loop5): mounted filesystem without journal. Opts: i_version,data=journal,noinit_itable,inlinecrypt,nogrpid,init_itable,,errors=continue. Quota mode: none.
[   99.536893][ T5229] EXT4-fs error (device loop5): ext4_find_extent:893: inode #15: comm syz.5.2118: inode has invalid extent depth: 25964
[   99.550780][ T5229] fs-verity (loop5, inode 15): Error -117 getting verity descriptor size
[   99.607680][ T5256] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2130'.
[   99.655064][ T5260] loop5: detected capacity change from 0 to 16
[   99.663897][ T5262] bridge0: port 1(bridge_slave_0) entered blocking state
[   99.671147][ T5262] bridge0: port 1(bridge_slave_0) entered forwarding state
[   99.729989][ T5260] erofs: (device loop5): mounted with root inode @ nid 36.
[   99.748494][   T30] audit: type=1400 audit(1737729382.343:1178): avc:  denied  { mounton } for  pid=5258 comm="syz.5.2132" path="/499/file0" dev="loop5" ino=36 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   99.803127][ T5241] loop4: detected capacity change from 0 to 40427
[   99.903117][ T5241] F2FS-fs (loop4): fault_injection options not supported
[   99.925682][ T5241] F2FS-fs (loop4): invalid crc value
[   99.959195][ T5264] loop0: detected capacity change from 0 to 40427
[   99.975218][ T5241] F2FS-fs (loop4): Found nat_bits in checkpoint
[  100.004186][  T309] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  100.041676][ T5264] F2FS-fs (loop0): Found nat_bits in checkpoint
[  100.073321][ T5241] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  100.081002][ T5264] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  100.157967][ T5264] attempt to access beyond end of device
[  100.157967][ T5264] loop0: rw=16812033, want=79896, limit=40427
[  100.174370][ T5235] loop6: detected capacity change from 0 to 131072
[  100.184609][  T298] attempt to access beyond end of device
[  100.184609][  T298] loop4: rw=2049, want=45104, limit=40427
[  100.196550][ T5235] F2FS-fs (loop6): Test dummy encryption mode enabled
[  100.215024][ T5235] F2FS-fs (loop6): invalid crc value
[  100.221887][ T4191] attempt to access beyond end of device
[  100.221887][ T4191] loop0: rw=2049, want=45104, limit=40427
[  100.244215][  T309] usb 2-1: Using ep0 maxpacket: 16
[  100.255443][ T5235] F2FS-fs (loop6): Found nat_bits in checkpoint
[  100.322605][ T5235] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  100.364238][  T309] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  100.375471][  T309] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  100.388449][  T309] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  100.397639][   T30] audit: type=1400 audit(1737729382.983:1179): avc:  denied  { rename } for  pid=5233 comm="syz.6.2122" name="bus" dev="loop6" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  100.420281][  T309] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  100.437585][  T309] usb 2-1: config 0 descriptor??
[  100.618411][ T5301] loop6: detected capacity change from 0 to 1024
[  100.644182][   T60] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  100.658161][ T5301] EXT4-fs (loop6): Quota format mount options ignored when QUOTA feature is enabled
[  100.670775][ T5301] EXT4-fs (loop6): mounted filesystem without journal. Opts: jqfmt=vfsold,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[  100.715201][   T30] audit: type=1400 audit(1737729383.313:1180): avc:  denied  { mount } for  pid=5311 comm="syz.0.2149" name="/" dev="configfs" ino=13790 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  100.738751][   T30] audit: type=1400 audit(1737729383.333:1181): avc:  denied  { read } for  pid=5311 comm="syz.0.2149" name="/" dev="configfs" ino=13790 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  100.761303][   T30] audit: type=1400 audit(1737729383.333:1182): avc:  denied  { open } for  pid=5311 comm="syz.0.2149" path="/110/file0" dev="configfs" ino=13790 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  100.881376][ T5330] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  100.891502][ T5330] SELinux: failed to load policy
[  100.920722][ T5334] user requested TSC rate below hardware speed
[  100.928077][  T309] microsoft 0003:045E:07DA.0023: unknown main item tag 0x0
[  100.937747][  T309] microsoft 0003:045E:07DA.0023: unknown main item tag 0x0
[  100.951657][  T309] microsoft 0003:045E:07DA.0023: unknown main item tag 0x0
[  100.965836][  T309] microsoft 0003:045E:07DA.0023: unknown main item tag 0x0
[  100.974064][  T309] microsoft 0003:045E:07DA.0023: unknown main item tag 0x0
[  100.983405][  T309] microsoft 0003:045E:07DA.0023: unknown main item tag 0x0
[  100.999379][  T309] microsoft 0003:045E:07DA.0023: unknown main item tag 0x0
[  101.006567][  T309] microsoft 0003:045E:07DA.0023: unknown main item tag 0x0
[  101.013578][  T309] microsoft 0003:045E:07DA.0023: unknown main item tag 0x0
[  101.021033][  T309] microsoft 0003:045E:07DA.0023: unknown main item tag 0x0
[  101.033820][  T309] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.0023/input/input21
[  101.074454][   T60] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  101.085457][   T60] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  101.100925][   T60] usb 5-1: New USB device found, idVendor=05ac, idProduct=4262, bcdDevice= 0.00
[  101.115760][   T60] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  101.124163][  T309] microsoft 0003:045E:07DA.0023: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0
[  101.125967][ T5347] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2166'.
[  101.149767][   T60] usb 5-1: config 0 descriptor??
[  101.392482][  T309] usb 2-1: USB disconnect, device number 13
[  101.567501][ T5389] loop0: detected capacity change from 0 to 512
[  101.615553][   T60] hid-generic 0003:05AC:4262.0024: unbalanced delimiter at end of report description
[  101.633314][ T5389] EXT4-fs (loop0): Ignoring removed oldalloc option
[  101.648659][   T60] hid-generic: probe of 0003:05AC:4262.0024 failed with error -22
[  101.664609][ T5389] EXT4-fs error (device loop0): ext4_xattr_inode_iget:400: comm syz.0.2186: Parent and EA inode have the same ino 15
[  101.684466][ T5389] EXT4-fs error (device loop0): ext4_xattr_inode_iget:400: comm syz.0.2186: Parent and EA inode have the same ino 15
[  101.698977][ T5389] EXT4-fs (loop0): 1 orphan inode deleted
[  101.704962][ T5389] EXT4-fs (loop0): mounted filesystem without journal. Opts: nojournal_checksum,nodioread_nolock,debug_want_extra_isize=0x000000000000005c,quota,usrjquota=,oldalloc,resuid=0x000000000000ee01,,errors=continue. Quota mode: writeback.
[  101.730386][ T5403] loop6: detected capacity change from 0 to 512
[  101.753678][ T5405] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  101.791527][ T5403] EXT4-fs (loop6): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000000,minixdf,,errors=continue. Quota mode: writeback.
[  101.807993][ T5403] ext4 filesystem being mounted at /148/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  101.808577][ T5411] SELinux: security_context_str_to_sid(root) failed for (dev ?, type ?) errno=-22
[  101.822989][   T60] usb 5-1: USB disconnect, device number 13
[  101.835924][ T5411] SELinux: security_context_str_to_sid(root) failed for (dev tmpfs, type tmpfs) errno=-22
[  101.953136][ T5429] loop6: detected capacity change from 0 to 512
[  101.970024][ T5433] loop5: detected capacity change from 0 to 16
[  101.994992][ T5433] erofs: (device loop5): mounted with root inode @ nid 36.
[  102.011330][ T5429] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #11: comm syz.6.2198: invalid indirect mapped block 256 (level 2)
[  102.037531][ T5433] erofs: (device loop5): erofs_map_blocks_flatmode: inline data cross block boundary @ nid 46
[  102.038219][ T5429] EXT4-fs (loop6): 2 truncates cleaned up
[  102.053478][ T5429] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  102.114035][ T5441] loop1: detected capacity change from 0 to 256
[  102.172968][ T5441] FAT-fs (loop1): Directory bread(block 64) failed
[  102.225322][ T5441] FAT-fs (loop1): Directory bread(block 65) failed
[  102.232473][ T5441] FAT-fs (loop1): Directory bread(block 66) failed
[  102.240068][ T5441] FAT-fs (loop1): Directory bread(block 67) failed
[  102.252249][ T5441] FAT-fs (loop1): Directory bread(block 68) failed
[  102.277279][ T5441] FAT-fs (loop1): Directory bread(block 69) failed
[  102.283842][ T5441] FAT-fs (loop1): Directory bread(block 70) failed
[  102.300192][ T5441] FAT-fs (loop1): Directory bread(block 71) failed
[  102.309747][ T5441] FAT-fs (loop1): Directory bread(block 72) failed
[  102.321955][ T5441] FAT-fs (loop1): Directory bread(block 73) failed
[  102.472165][ T5490] loop1: detected capacity change from 0 to 512
[  102.515232][ T5497] loop4: detected capacity change from 0 to 256
[  102.536862][ T5490] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  102.548119][ T5490] ext4 filesystem being mounted at /374/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  102.581379][ T5497] FAT-fs (loop4): Directory bread(block 64) failed
[  102.587894][ T5497] FAT-fs (loop4): Directory bread(block 65) failed
[  102.594345][ T5497] FAT-fs (loop4): Directory bread(block 66) failed
[  102.601032][ T5497] FAT-fs (loop4): Directory bread(block 67) failed
[  102.608331][ T5497] FAT-fs (loop4): Directory bread(block 68) failed
[  102.618382][ T5497] FAT-fs (loop4): Directory bread(block 69) failed
[  102.624826][ T5497] FAT-fs (loop4): Directory bread(block 70) failed
[  102.631361][ T5497] FAT-fs (loop4): Directory bread(block 71) failed
[  102.638217][ T5497] FAT-fs (loop4): Directory bread(block 72) failed
[  102.644833][ T5497] FAT-fs (loop4): Directory bread(block 73) failed
[  102.766635][ T5515] loop4: detected capacity change from 0 to 256
[  102.784477][   T60] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  102.809278][ T5515] exfat: Deprecated parameter 'utf8'
[  102.814534][ T5515] exfat: Deprecated parameter 'namecase'
[  102.820026][ T5515] exfat: Deprecated parameter 'namecase'
[  102.827857][ T5515] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[  102.943761][ T5525] netlink: 180 bytes leftover after parsing attributes in process `syz.4.2247'.
[  103.011666][ T5535] syz.4.2252[5535] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  103.011742][ T5535] syz.4.2252[5535] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  103.095798][ T5547] 9p: Unknown uid 18446744073709551615
[  103.145283][   T60] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  103.182741][   T60] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  103.199967][   T60] usb 7-1: New USB device found, idVendor=05ac, idProduct=4262, bcdDevice= 0.00
[  103.209442][   T60] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  103.242986][   T60] usb 7-1: config 0 descriptor??
[  103.325727][ T5575] loop0: detected capacity change from 0 to 256
[  103.369482][ T5582] loop4: detected capacity change from 0 to 512
[  103.455097][ T5582] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  103.480214][ T5584] loop0: detected capacity change from 0 to 2048
[  103.481229][ T5582] EXT4-fs (loop4): 1 truncate cleaned up
[  103.492541][ T5582] EXT4-fs (loop4): mounted filesystem without journal. Opts: resuid=0x0000000000000000,init_itable,stripe=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none.
[  103.504520][ T2985] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  103.571260][ T5588] netlink: 'syz.4.2276': attribute type 16 has an invalid length.
[  103.579254][ T5588] netlink: 64138 bytes leftover after parsing attributes in process `syz.4.2276'.
[  103.595455][ T5584] EXT4-fs (loop0): mounted filesystem without journal. Opts: min_batch_time=0x000000000000000d,mb_optimize_scan=0x0000000000000001,noblock_validity,,errors=continue. Quota mode: none.
[  103.622902][ T5545] loop1: detected capacity change from 0 to 131072
[  103.631540][ T4191] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  103.671140][ T5545] F2FS-fs (loop1): Test dummy encryption mode enabled
[  103.691453][ T5545] F2FS-fs (loop1): invalid crc value
[  103.711302][ T5545] F2FS-fs (loop1): Found nat_bits in checkpoint
[  103.726514][   T60] hid-generic 0003:05AC:4262.0025: unbalanced delimiter at end of report description
[  103.751849][   T60] hid-generic: probe of 0003:05AC:4262.0025 failed with error -22
[  103.789957][ T5545] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  103.884643][ T2985] usb 6-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  103.903855][ T2985] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  103.916508][ T2985] usb 6-1: config 0 descriptor??
[  103.934802][   T60] usb 7-1: USB disconnect, device number 7
[  103.977517][ T5622] loop0: detected capacity change from 0 to 1024
[  104.025927][ T5622] EXT4-fs (loop0): Ignoring removed nobh option
[  104.055451][ T5622] EXT4-fs (loop0): mounted filesystem without journal. Opts: minixdf,bsddf,barrier=0x00000000000001ff,dioread_lock,debug_want_extra_isize=0x0000000000000080,lazytime,nodelalloc,noblock_validity,nobh,noquota,delalloc,,errors=continue. Quota mode: none.
[  104.090750][ T5616] loop4: detected capacity change from 0 to 40427
[  104.131443][ T5616] F2FS-fs (loop4): invalid crc value
[  104.151111][ T5616] F2FS-fs (loop4): Found nat_bits in checkpoint
[  104.191599][ T5616] F2FS-fs (loop4): Start checkpoint disabled!
[  104.198479][ T5616] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  104.228020][ T5636] loop1: detected capacity change from 0 to 256
[  104.256377][ T5636] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  104.348694][   T30] kauditd_printk_skb: 86 callbacks suppressed
[  104.348707][   T30] audit: type=1326 audit(1737729386.943:1269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5644 comm="syz.1.2297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f510ec50d29 code=0x7ffc0000
[  104.379599][   T30] audit: type=1326 audit(1737729386.943:1270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5644 comm="syz.1.2297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=443 compat=0 ip=0x7f510ec50d29 code=0x7ffc0000
[  104.403547][   T30] audit: type=1326 audit(1737729386.943:1271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5644 comm="syz.1.2297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f510ec50d29 code=0x7ffc0000
[  104.428370][   T30] audit: type=1326 audit(1737729386.953:1272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5644 comm="syz.1.2297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f510ec50d29 code=0x7ffc0000
[  104.502803][ T5652] loop4: detected capacity change from 0 to 1024
[  104.513425][   T30] audit: type=1326 audit(1737729387.073:1273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5647 comm="syz.1.2298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f510ec50d29 code=0x7ffc0000
[  104.538281][   T30] audit: type=1326 audit(1737729387.073:1274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5647 comm="syz.1.2298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f510ec50d29 code=0x7ffc0000
[  104.564355][   T30] audit: type=1326 audit(1737729387.073:1275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5647 comm="syz.1.2298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=18 compat=0 ip=0x7f510ec50d29 code=0x7ffc0000
[  104.598171][   T30] audit: type=1326 audit(1737729387.073:1276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5647 comm="syz.1.2298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f510ec50d29 code=0x7ffc0000
[  104.624893][ T5652] EXT4-fs (loop4): Ignoring removed bh option
[  104.630802][ T5652] EXT4-fs (loop4): Ignoring removed orlov option
[  104.646471][   T30] audit: type=1326 audit(1737729387.073:1277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5647 comm="syz.1.2298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f510ec50d29 code=0x7ffc0000
[  104.647925][ T5652] EXT4-fs (loop4): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000008000,debug_want_extra_isize=0x0000000000000084,noinit_itable,bh,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  104.698322][   T30] audit: type=1400 audit(1737729387.293:1278): avc:  denied  { create } for  pid=5663 comm="syz.6.2306" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  104.743411][ T5670] loop1: detected capacity change from 0 to 1024
[  104.757013][ T5670] EXT4-fs (loop1): Ignoring removed nobh option
[  104.798170][ T5670] EXT4-fs (loop1): mounted filesystem without journal. Opts: minixdf,bsddf,barrier=0x00000000000001ff,dioread_lock,debug_want_extra_isize=0x0000000000000080,lazytime,nodelalloc,noblock_validity,nobh,noquota,delalloc,,errors=continue. Quota mode: none.
[  104.840039][ T5681] loop6: detected capacity change from 0 to 16
[  104.844845][ T2985] usb 6-1: Cannot set autoneg
[  104.850595][ T2985] MOSCHIP usb-ethernet driver: probe of 6-1:0.0 failed with error -71
[  104.860444][ T2985] usb 6-1: USB disconnect, device number 7
[  104.871244][ T5681] erofs: (device loop6): mounted with root inode @ nid 36.
[  104.882521][ T5683] SELinux:  policydb version 0 does not match my version range 15-33
[  104.886137][ T5681] erofs: (device loop6): erofs_map_blocks_flatmode: inline data cross block boundary @ nid 46
[  104.894374][ T5683] SELinux: failed to load policy
[  105.003199][ T5700] loop1: detected capacity change from 0 to 512
[  105.037384][ T5700] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,auto_da_alloc,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: writeback.
[  105.058536][ T5700] ext4 filesystem being mounted at /399/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  105.124070][ T5719] loop4: detected capacity change from 0 to 512
[  105.180024][ T5719] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  105.205104][ T5719] ext4 filesystem being mounted at /464/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  105.298320][ T5745] netlink: 104 bytes leftover after parsing attributes in process `syz.4.2338'.
[  105.315281][ T5747] futex_wake_op: syz.6.2342 tries to shift op by 32; fix this program
[  105.507870][ T5771] loop6: detected capacity change from 0 to 512
[  105.590098][ T5771] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  105.615160][ T5787] loop4: detected capacity change from 0 to 256
[  105.615658][ T5771] ext4 filesystem being mounted at /185/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  105.655412][ T5791] SELinux: failed to load policy
[  105.704171][ T5799] syz_tun: refused to change device tx_queue_len
[  105.728662][ T5799] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  105.789740][ T5811] loop4: detected capacity change from 0 to 512
[  105.821075][ T5816] loop5: detected capacity change from 0 to 512
[  105.859279][ T5811] EXT4-fs error (device loop4): ext4_get_branch:178: inode #11: block 4294967295: comm syz.4.2371: invalid block
[  105.870805][ T5816] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  105.882651][ T5811] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.2371: invalid indirect mapped block 4294967295 (level 1)
[  105.882770][ T5816] ext4 filesystem being mounted at /526/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  105.907085][ T5811] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.2371: invalid indirect mapped block 4294967295 (level 1)
[  105.923193][ T5811] EXT4-fs (loop4): 2 truncates cleaned up
[  105.929733][ T5811] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpjquota=,nodelalloc,noblock_validity,,errors=continue. Quota mode: writeback.
[  105.949300][ T5811] EXT4-fs error (device loop4): ext4_validate_block_bitmap:429: comm syz.4.2371: bg 0: block 5: invalid block bitmap
[  105.963136][ T5811] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6183: Corrupt filesystem
[  106.104936][ T2985] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  106.250741][ T5861] loop5: detected capacity change from 0 to 256
[  106.320911][ T5861] exFAT-fs (loop5): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d16cac, utbl_chksum : 0xe619d30d)
[  106.336876][ T5861] exFAT-fs (loop5): error, invalid access to FAT free cluster (entry 0x00000008)
[  106.346514][ T2985] usb 7-1: Using ep0 maxpacket: 32
[  106.351791][ T5861] exFAT-fs (loop5): Filesystem has been set read-only
[  106.358685][ T5861] exFAT-fs (loop5): error, failed to bmap (inode : ffff88812841e350 iblock : 8, err : -5)
[  106.368853][ T5861] exFAT-fs (loop5): error, invalid access to FAT free cluster (entry 0x00000008)
[  106.464929][ T2985] usb 7-1: config 0 has an invalid interface number: 70 but max is 0
[  106.473325][ T2985] usb 7-1: config 0 has no interface number 0
[  106.596064][ T5886] loop1: detected capacity change from 0 to 512
[  106.644986][ T2985] usb 7-1: New USB device found, idVendor=1b3d, idProduct=01f0, bcdDevice= 3.3d
[  106.654452][ T2985] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  106.662429][ T2985] usb 7-1: Product: syz
[  106.666725][ T2985] usb 7-1: Manufacturer: syz
[  106.671186][ T5886] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities
[  106.680143][ T2985] usb 7-1: SerialNumber: syz
[  106.686000][ T2985] usb 7-1: config 0 descriptor??
[  106.725743][ T2985] ftdi_sio 7-1:0.70: FTDI USB Serial Device converter detected
[  106.734297][ T2985] usb 7-1: Detected FT8U232AM
[  106.739414][ T2985] usb 7-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  106.755059][   T60] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  106.873038][ T5890] loop1: detected capacity change from 0 to 40427
[  106.926264][  T322] usb 7-1: USB disconnect, device number 8
[  106.932860][  T322] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  106.942419][  T322] ftdi_sio 7-1:0.70: device disconnected
[  106.965291][ T5890] F2FS-fs (loop1): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  106.973162][ T5890] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  106.981767][ T5890] F2FS-fs (loop1): fault_injection options not supported
[  106.989705][ T5890] F2FS-fs (loop1): invalid crc value
[  106.996538][ T5890] F2FS-fs (loop1): Found nat_bits in checkpoint
[  107.018928][ T5890] F2FS-fs (loop1): recover fsync data on readonly fs
[  107.026123][ T5890] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0
[  107.032611][ T5890] F2FS-fs (loop1): Try to recover 1th superblock, ret: -30
[  107.039702][ T5890] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  107.125514][   T60] usb 6-1: config 0 has an invalid interface number: 156 but max is 0
[  107.144578][   T60] usb 6-1: config 0 has no interface number 0
[  107.160636][   T60] usb 6-1: config 0 interface 156 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  107.188410][   T60] usb 6-1: config 0 interface 156 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  107.221041][   T60] usb 6-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  107.234168][   T60] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  107.256085][   T60] usb 6-1: config 0 descriptor??
[  107.295684][   T60] usb 6-1: MIDIStreaming interface descriptor not found
[  107.418994][ T5901] loop1: detected capacity change from 0 to 40427
[  107.461281][ T5923] loop6: detected capacity change from 0 to 256
[  107.471706][ T5901] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  107.486340][ T5901] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  107.496964][  T322] usb 6-1: USB disconnect, device number 8
[  107.502839][ T5923] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  107.530852][ T5901] F2FS-fs (loop1): Found nat_bits in checkpoint
[  107.572253][ T5901] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  107.579258][ T5901] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  108.023311][ T5971] loop5: detected capacity change from 0 to 16
[  108.038312][ T5950] loop1: detected capacity change from 0 to 40427
[  108.052276][ T5971] erofs: (device loop5): mounted with root inode @ nid 36.
[  108.060616][ T5971] attempt to access beyond end of device
[  108.060616][ T5971] loop5: rw=0, want=24, limit=16
[  108.116488][ T5950] F2FS-fs (loop1): Found nat_bits in checkpoint
[  108.157726][ T5950] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  108.173535][ T5985] loop5: detected capacity change from 0 to 512
[  108.195188][  T322] usb 5-1: new full-speed USB device number 14 using dummy_hcd
[  108.208066][  T302] attempt to access beyond end of device
[  108.208066][  T302] loop1: rw=2049, want=40976, limit=40427
[  108.237639][ T5985] EXT4-fs (loop5): error: journal path ./bus is not a block device
[  108.395492][ T6000] cgroup: No subsys list or none specified
[  108.555257][  T322] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  108.566906][  T322] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  108.576741][  T322] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  108.585691][  T322] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  108.594415][  T322] usb 5-1: config 0 descriptor??
[  108.635846][  T322] hub 5-1:0.0: USB hub found
[  108.695219][   T60] usb 6-1: new full-speed USB device number 9 using dummy_hcd
[  108.855689][  T322] hub 5-1:0.0: 1 port detected
[  109.055282][   T60] usb 6-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  109.064141][   T60] usb 6-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  109.074904][   T60] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  109.115677][   T39] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  109.245361][   T60] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  109.254569][   T60] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  109.262944][   T60] usb 6-1: Product: syz
[  109.267067][   T60] usb 6-1: Manufacturer: syz
[  109.271626][   T60] usb 6-1: SerialNumber: syz
[  109.326374][  T322] usb 5-1: USB disconnect, device number 14
[  109.536149][   T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  109.548190][   T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  109.557919][   T39] usb 2-1: New USB device found, idVendor=0c12, idProduct=0030, bcdDevice= 0.00
[  109.566717][   T39] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  109.575030][   T39] usb 2-1: config 0 descriptor??
[  109.708304][ T6026] pim6reg0: tun_chr_ioctl cmd 1074025677
[  109.714106][ T6026] pim6reg0: linktype set to 804
[  109.755133][ T6028] loop6: detected capacity change from 0 to 256
[  109.832083][ T6028] exFAT-fs (loop6): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d16cac, utbl_chksum : 0xe619d30d)
[  109.848602][ T6028] exFAT-fs (loop6): error, invalid access to FAT free cluster (entry 0x00000008)
[  109.857916][ T6028] exFAT-fs (loop6): Filesystem has been set read-only
[  109.864586][ T6028] exFAT-fs (loop6): error, failed to bmap (inode : ffff88812841df00 iblock : 8, err : -5)
[  109.875177][ T6028] exFAT-fs (loop6): error, invalid access to FAT free cluster (entry 0x00000008)
[  109.965422][   T60] usb 6-1: 0:2 : does not exist
[  109.983147][   T30] kauditd_printk_skb: 154 callbacks suppressed
[  109.983162][   T30] audit: type=1326 audit(1737729392.572:1433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6035 comm="syz.6.2469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f534c3b3d29 code=0x7ffc0000
[  110.014451][   T30] audit: type=1326 audit(1737729392.572:1434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6035 comm="syz.6.2469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=125 compat=0 ip=0x7f534c3b3d29 code=0x7ffc0000
[  110.041159][   T30] audit: type=1326 audit(1737729392.572:1435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6035 comm="syz.6.2469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f534c3b3d29 code=0x7ffc0000
[  110.067884][   T39] zeroplus 0003:0C12:0030.0026: hidraw0: USB HID v0.00 Device [HID 0c12:0030] on usb-dummy_hcd.1-1/input0
[  110.079812][   T30] audit: type=1326 audit(1737729392.612:1436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6035 comm="syz.6.2469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f534c3b3d29 code=0x7ffc0000
[  110.104152][   T30] audit: type=1400 audit(1737729392.632:1437): avc:  denied  { mount } for  pid=6037 comm="syz.6.2470" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  110.105441][  T322] usb 5-1: new full-speed USB device number 15 using dummy_hcd
[  110.134184][   T39] zeroplus 0003:0C12:0030.0026: no inputs found
[  110.170548][    T6] usb 6-1: USB disconnect, device number 9
[  110.189593][   T30] audit: type=1326 audit(1737729392.782:1438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6045 comm="syz.6.2474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f534c3b3d29 code=0x7ffc0000
[  110.213709][   T30] audit: type=1326 audit(1737729392.782:1439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6045 comm="syz.6.2474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f534c3b3d29 code=0x7ffc0000
[  110.237123][   T30] audit: type=1326 audit(1737729392.782:1440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6045 comm="syz.6.2474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=284 compat=0 ip=0x7f534c3b3d29 code=0x7ffc0000
[  110.263929][   T30] audit: type=1326 audit(1737729392.782:1441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6045 comm="syz.6.2474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f534c3b3d29 code=0x7ffc0000
[  110.288259][   T30] audit: type=1326 audit(1737729392.782:1442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6045 comm="syz.6.2474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f534c3b3d29 code=0x7ffc0000
[  110.295021][   T39] usb 2-1: USB disconnect, device number 14
[  110.437554][ T6072] sch_tbf: burst 6 is lower than device lo mtu (65550) !
[  110.455927][ T6074] loop6: detected capacity change from 0 to 512
[  110.495443][  T322] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  110.507634][  T322] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  110.518813][  T322] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  110.528384][  T322] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  110.537380][  T322] usb 5-1: config 0 descriptor??
[  110.543497][ T6074] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  110.553300][ T6074] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  110.561986][ T6074] EXT4-fs error (device loop6): ext4_xattr_ibody_find:2219: inode #15: comm syz.6.2487: corrupted in-inode xattr
[  110.574399][ T6074] EXT4-fs error (device loop6): ext4_orphan_get:1406: comm syz.6.2487: couldn't read orphan inode 15 (err -117)
[  110.575963][  T322] hub 5-1:0.0: USB hub found
[  110.587260][ T6074] EXT4-fs (loop6): mounted filesystem without journal. Opts: jqfmt=vfsold,max_batch_time=0x0000000000000001,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[  110.733534][ T6085] loop6: detected capacity change from 0 to 1024
[  110.746104][ T6087] loop5: detected capacity change from 0 to 1024
[  110.753763][ T6085] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[  110.787030][ T6087] EXT4-fs (loop5): mounted filesystem without journal. Opts: jqfmt=vfsv1,bsddf,barrier=0x0000000000000000,norecovery,debug_want_extra_isize=0x0000000000000080,resuid=0x0000000000000000,nodelalloc,acl,noinit_itable,,errors=continue. Quota mode: none.
[  110.805469][  T322] hub 5-1:0.0: 1 port detected
[  110.821157][ T6085] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  110.831859][ T6085] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev loop6, type ext4) errno=-22
[  110.857256][ T6093] loop5: detected capacity change from 0 to 512
[  110.895069][ T6103] loop6: detected capacity change from 0 to 128
[  110.905849][ T6105] input: syz0 as /devices/virtual/input/input23
[  110.917611][ T6093] EXT4-fs (loop5): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  110.934778][ T6093] ext4 filesystem being mounted at /552/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  110.939063][ T6103] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  110.955583][ T6110] loop1: detected capacity change from 0 to 512
[  110.969669][ T6103] ext4 filesystem being mounted at /232/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  111.019864][ T6110] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=e803c018, mo2=0002]
[  111.029165][ T6110] System zones: 0-2, 18-18, 34-35
[  111.034925][ T6110] EXT4-fs (loop1): mounted filesystem without journal. Opts: debug,discard,noauto_da_alloc,,errors=continue. Quota mode: writeback.
[  111.049807][ T6110] ext4 filesystem being mounted at /434/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  111.064908][ T6110] EXT4-fs error (device loop1): ext4_ext_check_inode:501: inode #2: comm syz.1.2500: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  111.095530][  T322] hub 5-1:0.0: hub_hub_status failed (err = -71)
[  111.101801][  T322] hub 5-1:0.0: config failed, can't get hub status (err -71)
[  111.183464][ T6125] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2506'.
[  111.205595][  T322] usbhid 5-1:0.0: can't add hid device: -71
[  111.215771][  T322] usbhid: probe of 5-1:0.0 failed with error -71
[  111.217355][ T6130] loop1: detected capacity change from 0 to 512
[  111.243109][ T6132] loop5: detected capacity change from 0 to 128
[  111.246138][ T6130] EXT4-fs (loop1): mounted filesystem without journal. Opts: nouid32,,errors=continue. Quota mode: none.
[  111.263598][  T322] usb 5-1: USB disconnect, device number 15
[  111.265272][ T6132] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  111.288192][ T6130] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.2510: bg 0: block 321: padding at end of block bitmap is not set
[  111.304807][ T6132] ext4 filesystem being mounted at /556/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  111.417290][ T6141] loop1: detected capacity change from 0 to 512
[  111.427014][ T6141] EXT4-fs error (device loop1): ext4_read_inode_bitmap:140: comm syz.1.2513: Invalid inode bitmap blk 4 in block_group 0
[  111.439903][ T6141] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,resuid=0x0000000000000000,data_err=abort,noload,nobarrier,lazytime,,errors=continue. Quota mode: none.
[  111.479661][ T6141] EXT4-fs error (device loop1): ext4_read_inode_bitmap:140: comm syz.1.2513: Invalid inode bitmap blk 4 in block_group 0
[  111.493455][ T6141] EXT4-fs error (device loop1) in ext4_free_inode:362: Corrupt filesystem
[  111.555923][ T6148] loop1: detected capacity change from 0 to 2048
[  111.615920][ T6148] EXT4-fs (loop1): Ignoring removed mblk_io_submit option
[  111.637003][ T6148] EXT4-fs (loop1): mounted filesystem without journal. Opts: nojournal_checksum,usrjquota=,errors=remount-ro,discard,auto_da_alloc,mblk_io_submit,nouid32,barrier=0x0000000000000000,grpjquota=,bsddf,. Quota mode: none.
[  111.701958][ T6156] loop4: detected capacity change from 0 to 4096
[  111.744384][ T6166] loop1: detected capacity change from 0 to 256
[  111.756510][ T6156] EXT4-fs (loop4): Test dummy encryption mode enabled
[  111.764263][ T6156] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a042c018, mo2=0003]
[  111.784447][ T6156] System zones: 0-5
[  111.790542][ T6156] EXT4-fs (loop4): mounted filesystem without journal. Opts: debug,delalloc,journal_ioprio=0x0000000000000000,test_dummy_encryption,nodiscard,nodelalloc,acl,debug_want_extra_isize=0x0000000000000040,,errors=continue. Quota mode: writeback.
[  111.795538][   T39] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  111.815679][    T6] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  111.838570][ T6156] fs-verity (loop4, inode 13): Unknown hash algorithm number: 3
[  112.037941][ T6189] loop1: detected capacity change from 0 to 40427
[  112.075634][   T39] usb 6-1: Using ep0 maxpacket: 32
[  112.094691][ T6192] loop6: detected capacity change from 0 to 8192
[  112.106192][ T6189] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504)
[  112.113107][ T6189] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  112.122739][ T6189] F2FS-fs (loop1): fault_injection options not supported
[  112.129760][ T6189] F2FS-fs (loop1): fault_type options not supported
[  112.136392][    T6] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  112.145448][ T6189] F2FS-fs (loop1): invalid crc value
[  112.152329][ T6189] F2FS-fs (loop1): Found nat_bits in checkpoint
[  112.184512][ T6189] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  112.191406][ T6189] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  112.215661][    T6] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  112.245872][  T302] attempt to access beyond end of device
[  112.245872][  T302] loop1: rw=2049, want=45104, limit=40427
[  112.395720][   T39] usb 6-1: New USB device found, idVendor=1bc7, idProduct=1041, bcdDevice=54.7c
[  112.405004][   T39] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  112.413468][   T39] usb 6-1: Product: syz
[  112.417495][   T39] usb 6-1: Manufacturer: syz
[  112.421954][   T39] usb 6-1: SerialNumber: syz
[  112.427597][   T39] usb 6-1: config 0 descriptor??
[  112.466335][   T39] cdc_mbim 6-1:0.0: CDC Union missing and no IAD found
[  112.473152][   T39] cdc_mbim 6-1:0.0: bind() failure
[  112.515135][ T6215] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  112.686314][  T322] usb 6-1: USB disconnect, device number 10
[  112.783415][ T6224] loop4: detected capacity change from 0 to 128
[  112.820855][ T6224] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  112.831780][ T6224] ext4 filesystem being mounted at /513/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  112.919177][ T6243] loop6: detected capacity change from 0 to 512
[  113.013193][ T6243] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #11: comm syz.6.2555: invalid indirect mapped block 4294967295 (level 1)
[  113.027562][ T6243] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #11: comm syz.6.2555: invalid indirect mapped block 4294967295 (level 1)
[  113.045429][ T6243] EXT4-fs (loop6): 2 truncates cleaned up
[  113.056496][ T6243] EXT4-fs (loop6): mounted filesystem without journal. Opts: grpjquota=,nodelalloc,noblock_validity,,errors=continue. Quota mode: writeback.
[  113.077281][ T6243] EXT4-fs error (device loop6): ext4_validate_block_bitmap:429: comm syz.6.2555: bg 0: block 5: invalid block bitmap
[  113.090041][ T6243] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6183: Corrupt filesystem
[  113.144312][ T6253] loop6: detected capacity change from 0 to 128
[  113.169042][ T6253] EXT4-fs (loop6): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none.
[  113.184602][ T6260] tipc: New replicast peer: 0.0.0.0
[  113.189816][ T6260] tipc: Enabled bearer <udp:syz2>, priority 10
[  113.198912][ T6253] ext4 filesystem being mounted at /255/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  113.232740][ T6253] overlayfs: upper fs needs to support d_type.
[  113.242620][ T2985] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  113.250752][ T2985] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  113.301081][ T6272] device lo entered promiscuous mode
[  113.312771][ T6272] device tunl0 entered promiscuous mode
[  113.331677][ T6272] device gre0 entered promiscuous mode
[  113.339856][    T6] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  113.351350][ T6272] device gretap0 entered promiscuous mode
[  113.371990][ T6272] device erspan0 entered promiscuous mode
[  113.388229][ T6272] device ip_vti0 entered promiscuous mode
[  113.402605][ T6272] device ip6_vti0 entered promiscuous mode
[  113.417104][ T6272] device sit0 entered promiscuous mode
[  113.431432][ T6272] device ip6tnl0 entered promiscuous mode
[  113.447499][ T6272] device ip6gre0 entered promiscuous mode
[  113.465002][ T6272] device syz_tun entered promiscuous mode
[  113.491199][ T6272] device ip6gretap0 entered promiscuous mode
[  113.512487][ T6272] device dummy0 entered promiscuous mode
[  113.531585][ T6272] device veth0 entered promiscuous mode
[  113.538260][ T6272] device veth1 entered promiscuous mode
[  113.555400][ T6272] device wg0 entered promiscuous mode
[  113.574403][ T6272] device wg1 entered promiscuous mode
[  113.584575][ T6272] device wg2 entered promiscuous mode
[  113.595778][ T6272] device veth0_to_bridge entered promiscuous mode
[  113.615650][ T6272] device bridge_slave_0 entered promiscuous mode
[  113.638454][ T6272] device veth1_to_bridge entered promiscuous mode
[  113.657999][ T6272] device bridge_slave_1 entered promiscuous mode
[  113.702657][ T6272] device veth0_to_bond entered promiscuous mode
[  113.713805][ T6272] device bond_slave_0 entered promiscuous mode
[  113.724601][ T6272] device veth1_to_bond entered promiscuous mode
[  113.740145][ T6272] device bond_slave_1 entered promiscuous mode
[  113.746532][ T6272] device veth0_to_team entered promiscuous mode
[  113.762622][ T6272] device team_slave_0 entered promiscuous mode
[  113.768927][ T6272] device veth1_to_team entered promiscuous mode
[  113.784190][ T6272] device team_slave_1 entered promiscuous mode
[  113.790551][ T6272] device veth0_to_batadv entered promiscuous mode
[  113.806502][ T6272] device batadv_slave_0 entered promiscuous mode
[  113.825789][ T6272] device veth1_to_batadv entered promiscuous mode
[  113.835783][ T6272] device batadv_slave_1 entered promiscuous mode
[  113.849244][ T6277] loop4: detected capacity change from 0 to 131072
[  113.855774][ T6272] device xfrm0 entered promiscuous mode
[  113.866052][ T6272] device veth0_to_hsr entered promiscuous mode
[  113.876622][ T6277] F2FS-fs (loop4): QUOTA feature is enabled, so ignore qf_name
[  113.884094][ T6272] device hsr_slave_0 entered promiscuous mode
[  113.895580][ T6277] F2FS-fs (loop4): invalid crc value
[  113.906120][ T6272] device veth1_to_hsr entered promiscuous mode
[  113.919969][ T6277] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387)
[  113.931535][ T6272] device hsr_slave_1 entered promiscuous mode
[  113.942613][ T6272] device veth1_virt_wifi entered promiscuous mode
[  113.954153][ T6272] device veth0_virt_wifi entered promiscuous mode
[  113.967072][ T6272] device veth1_vlan entered promiscuous mode
[  113.971552][ T6277] F2FS-fs (loop4): Mounted with checkpoint version = 753bd00b
[  113.982996][ T6272] device vlan0 entered promiscuous mode
[  113.988790][ T6272] device vlan1 entered promiscuous mode
[  113.995660][ T6272] device veth0_macvtap entered promiscuous mode
[  114.003192][ T6272] device macsec0 entered promiscuous mode
[  114.027254][ T6272] device syztnl1 entered promiscuous mode
[  114.036668][ T6273] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2569'.
[  114.066004][ T6273] bridge0: port 2(bridge_slave_1) entered disabled state
[  114.073304][ T6273] bridge0: port 1(bridge_slave_0) entered disabled state
[  114.178172][ T6301] loop1: detected capacity change from 0 to 1024
[  114.197128][  T450] tipc: Node number set to 771763557
[  114.207584][ T6301] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  114.218458][ T6301] ext4 filesystem being mounted at /457/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  114.486912][ T6324] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  114.565686][ T6338] loop4: detected capacity change from 0 to 1024
[  114.617070][ T6338] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsv1,bsddf,barrier=0x0000000000000000,norecovery,debug_want_extra_isize=0x0000000000000080,resuid=0x0000000000000000,nodelalloc,acl,noinit_itable,,errors=continue. Quota mode: none.
[  114.749196][ T6336] loop6: detected capacity change from 0 to 40427
[  114.790106][ T6336] F2FS-fs (loop6): fault_injection options not supported
[  114.806833][ T6336] F2FS-fs (loop6): invalid crc value
[  114.836780][ T6336] F2FS-fs (loop6): Found nat_bits in checkpoint
[  114.880763][ T6336] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  114.967727][ T6349] attempt to access beyond end of device
[  114.967727][ T6349] loop6: rw=2049, want=40976, limit=40427
[  115.079634][ T6357] loop4: detected capacity change from 0 to 40427
[  115.130506][ T6357] F2FS-fs (loop4): fault_injection options not supported
[  115.146860][ T6357] F2FS-fs (loop4): invalid crc value
[  115.163103][ T6357] F2FS-fs (loop4): Found nat_bits in checkpoint
[  115.199279][ T6357] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  115.221754][ T6342] loop1: detected capacity change from 0 to 131072
[  115.228449][  T298] attempt to access beyond end of device
[  115.228449][  T298] loop4: rw=2049, want=45104, limit=40427
[  115.239980][ T6342] F2FS-fs (loop1): Test dummy encryption mode enabled
[  115.250826][ T6342] F2FS-fs (loop1): invalid crc value
[  115.257693][ T6342] F2FS-fs (loop1): Found nat_bits in checkpoint
[  115.298176][ T6342] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  115.325993][  T450] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  115.385813][ T6383] syzkaller0: tun_chr_ioctl cmd 1074025692
[  115.419755][   T30] kauditd_printk_skb: 104 callbacks suppressed
[  115.419769][   T30] audit: type=1400 audit(1737729398.011:1547): avc:  denied  { ioctl } for  pid=6388 comm="syz.4.2609" path="socket:[38031]" dev="sockfs" ino=38031 ioctlcmd=0x8922 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  115.507103][ T6397] loop4: detected capacity change from 0 to 128
[  115.565698][ T6397] EXT4-fs (loop4): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none.
[  115.589989][ T6397] ext4 filesystem being mounted at /540/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  115.620038][ T6397] overlayfs: upper fs needs to support d_type.
[  115.726608][  T450] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  115.746425][  T450] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  115.756451][  T450] usb 6-1: New USB device found, idVendor=05ac, idProduct=4262, bcdDevice= 0.00
[  115.765401][  T450] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  115.774259][  T450] usb 6-1: config 0 descriptor??
[  115.780695][    C1] ==================================================================
[  115.788594][    C1] BUG: KASAN: use-after-free in cpu_map_generic_redirect+0x1a8/0x6d0
[  115.796581][    C1] Read of size 8 at addr ffff88810f01e418 by task kworker/1:2/60
[  115.804186][    C1] 
[  115.806307][    C1] CPU: 1 PID: 60 Comm: kworker/1:2 Not tainted 5.15.176-syzkaller-00972-g829d9f138569 #0
[  115.815946][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  115.826373][    C1] Workqueue: wg-crypt-wg0 wg_packet_tx_worker
[  115.832271][    C1] Call Trace:
[  115.835389][    C1]  <IRQ>
[  115.838081][    C1]  dump_stack_lvl+0x151/0x1c0
[  115.842610][    C1]  ? io_uring_drop_tctx_refs+0x190/0x190
[  115.848070][    C1]  ? panic+0x760/0x760
[  115.852156][    C1]  print_address_description+0x87/0x3b0
[  115.857550][    C1]  kasan_report+0x179/0x1c0
[  115.861971][    C1]  ? kfree+0xcc/0x270
[  115.865775][    C1]  ? cpu_map_generic_redirect+0x1a8/0x6d0
[  115.871359][    C1]  ? cpu_map_generic_redirect+0x1a8/0x6d0
[  115.876984][    C1]  __asan_report_load8_noabort+0x14/0x20
[  115.882440][    C1]  cpu_map_generic_redirect+0x1a8/0x6d0
[  115.887911][    C1]  ? bpf_prog_run_generic_xdp+0x965/0x1070
[  115.893746][    C1]  ? cpu_map_enqueue+0x370/0x370
[  115.898847][    C1]  xdp_do_generic_redirect+0x3df/0xb40
[  115.904526][    C1]  do_xdp_generic+0x50b/0x7c0
[  115.909042][    C1]  ? kasan_set_track+0x4b/0x70
[  115.913631][    C1]  ? kasan_set_free_info+0x23/0x40
[  115.918578][    C1]  ? ____kasan_slab_free+0x126/0x160
[  115.923703][    C1]  ? generic_xdp_tx+0x490/0x490
[  115.928430][    C1]  ? __irq_exit_rcu+0x52/0xf0
[  115.932991][    C1]  ? __dev_printk+0x17d/0x1b0
[  115.937700][    C1]  ? migrate_disable+0xd9/0x190
[  115.942474][    C1]  __netif_receive_skb_core+0x1706/0x3640
[  115.948127][    C1]  ? update_load_avg+0x43a/0x1150
[  115.953059][    C1]  ? set_rps_cpu+0x5e0/0x5e0
[  115.957637][    C1]  ? enqueue_task_fair+0xd31/0x2650
[  115.962696][    C1]  __netif_receive_skb+0x11c/0x530
[  115.967728][    C1]  ? sched_group_set_idle+0x640/0x640
[  115.972938][    C1]  ? deliver_ptype_list_skb+0x3b0/0x3b0
[  115.978326][    C1]  ? __kasan_check_write+0x14/0x20
[  115.983434][    C1]  ? _raw_spin_lock+0xa4/0x1b0
[  115.988208][    C1]  ? _raw_spin_trylock_bh+0x190/0x190
[  115.993611][    C1]  ? __kasan_check_read+0x11/0x20
[  115.998537][    C1]  ? check_preempt_wakeup+0x16a/0xbe0
[  116.003746][    C1]  process_backlog+0x31c/0x650
[  116.008348][    C1]  __napi_poll+0xc4/0x5a0
[  116.012510][    C1]  net_rx_action+0x47d/0xc50
[  116.017035][    C1]  ? net_tx_action+0x550/0x550
[  116.021721][    C1]  ? __sched_clock_gtod_offset+0xb0/0x100
[  116.027268][    C1]  handle_softirqs+0x25e/0x5c0
[  116.031866][    C1]  __do_softirq+0xb/0xd
[  116.036205][    C1]  do_softirq+0xf6/0x150
[  116.040384][    C1]  </IRQ>
[  116.043155][    C1]  <TASK>
[  116.046108][    C1]  ? __local_bh_enable_ip+0x80/0x80
[  116.051147][    C1]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[  116.056775][    C1]  __local_bh_enable_ip+0x75/0x80
[  116.061980][    C1]  _raw_read_unlock_bh+0x29/0x30
[  116.066737][    C1]  wg_socket_send_skb_to_peer+0x178/0x1d0
[  116.072459][    C1]  wg_packet_tx_worker+0x1e6/0x530
[  116.077676][    C1]  process_one_work+0x6bb/0xc10
[  116.082453][    C1]  worker_thread+0xad5/0x12a0
[  116.087135][    C1]  ? _raw_spin_lock+0x1b0/0x1b0
[  116.091820][    C1]  kthread+0x421/0x510
[  116.095723][    C1]  ? worker_clr_flags+0x180/0x180
[  116.100695][    C1]  ? kthread_blkcg+0xd0/0xd0
[  116.105096][    C1]  ret_from_fork+0x1f/0x30
[  116.109374][    C1]  </TASK>
[  116.112341][    C1] 
[  116.114525][    C1] Allocated by task 6377:
[  116.118662][    C1]  ____kasan_kmalloc+0xdb/0x110
[  116.123603][    C1]  __kasan_kmalloc+0x9/0x10
[  116.127943][    C1]  __kmalloc+0x13f/0x2c0
[  116.132034][    C1]  bpf_map_kmalloc_node+0xdb/0x160
[  116.136971][    C1]  cpu_map_update_elem+0x26c/0xea0
[  116.142404][    C1]  bpf_map_update_value+0x1a3/0x3c0
[  116.147517][    C1]  map_update_elem+0x644/0x770
[  116.152427][    C1]  __sys_bpf+0x405/0x760
[  116.156489][    C1]  __x64_sys_bpf+0x7c/0x90
[  116.160916][    C1]  x64_sys_call+0x87f/0x9a0
[  116.165267][    C1]  do_syscall_64+0x3b/0xb0
[  116.169509][    C1]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  116.175323][    C1] 
[  116.177592][    C1] Freed by task 6378:
[  116.181414][    C1]  kasan_set_track+0x4b/0x70
[  116.185934][    C1]  kasan_set_free_info+0x23/0x40
[  116.190715][    C1]  ____kasan_slab_free+0x126/0x160
[  116.195675][    C1]  __kasan_slab_free+0x11/0x20
[  116.200264][    C1]  slab_free_freelist_hook+0xbd/0x190
[  116.205458][    C1]  kfree+0xcc/0x270
[  116.209297][    C1]  put_cpu_map_entry+0x6dd/0x750
[  116.214062][    C1]  cpu_map_kthread_run+0x22d0/0x2390
[  116.219174][    C1]  kthread+0x421/0x510
[  116.223082][    C1]  ret_from_fork+0x1f/0x30
[  116.227462][    C1] 
[  116.229656][    C1] Last potentially related work creation:
[  116.235180][    C1]  kasan_save_stack+0x3b/0x60
[  116.239690][    C1]  __kasan_record_aux_stack+0xd3/0xf0
[  116.244900][    C1]  kasan_record_aux_stack_noalloc+0xb/0x10
[  116.250538][    C1]  insert_work+0x56/0x320
[  116.255052][    C1]  __queue_work+0x92a/0xcd0
[  116.259487][    C1]  queue_work_on+0x105/0x170
[  116.263914][    C1]  cpu_map_free+0x1e7/0x2c0
[  116.268253][    C1]  bpf_map_free_deferred+0x10d/0x1e0
[  116.273364][    C1]  process_one_work+0x6bb/0xc10
[  116.278064][    C1]  worker_thread+0xad5/0x12a0
[  116.282567][    C1]  kthread+0x421/0x510
[  116.286471][    C1]  ret_from_fork+0x1f/0x30
[  116.290832][    C1] 
[  116.293000][    C1] Second to last potentially related work creation:
[  116.299417][    C1]  kasan_save_stack+0x3b/0x60
[  116.303940][    C1]  __kasan_record_aux_stack+0xd3/0xf0
[  116.309246][    C1]  kasan_record_aux_stack_noalloc+0xb/0x10
[  116.314973][    C1]  call_rcu+0x123/0x10b0
[  116.319289][    C1]  cpu_map_free+0x109/0x2c0
[  116.323899][    C1]  bpf_map_free_deferred+0x10d/0x1e0
[  116.329702][    C1]  process_one_work+0x6bb/0xc10
[  116.334975][    C1]  worker_thread+0xad5/0x12a0
[  116.339497][    C1]  kthread+0x421/0x510
[  116.343686][    C1]  ret_from_fork+0x1f/0x30
[  116.348020][    C1] 
[  116.350275][    C1] The buggy address belongs to the object at ffff88810f01e400
[  116.350275][    C1]  which belongs to the cache kmalloc-192 of size 192
[  116.364836][    C1] The buggy address is located 24 bytes inside of
[  116.364836][    C1]  192-byte region [ffff88810f01e400, ffff88810f01e4c0)
[  116.378038][    C1] The buggy address belongs to the page:
[  116.383667][    C1] page:ffffea00043c0780 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10f01e
[  116.393749][    C1] flags: 0x4000000000000200(slab|zone=1)
[  116.399376][    C1] raw: 4000000000000200 dead000000000100 dead000000000122 ffff888100042c00
[  116.407796][    C1] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[  116.416419][    C1] page dumped because: kasan: bad access detected
[  116.422684][    C1] page_owner tracks the page as allocated
[  116.428214][    C1] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 102, ts 4678293752, free_ts 4678267477
[  116.443935][    C1]  post_alloc_hook+0x1a3/0x1b0
[  116.448580][    C1]  prep_new_page+0x1b/0x110
[  116.453327][    C1]  get_page_from_freelist+0x3550/0x35d0
[  116.458710][    C1]  __alloc_pages+0x27e/0x8f0
[  116.463224][    C1]  new_slab+0x9a/0x4e0
[  116.467149][    C1]  ___slab_alloc+0x39e/0x830
[  116.471560][    C1]  __slab_alloc+0x4a/0x90
[  116.475723][    C1]  kmem_cache_alloc_trace+0x147/0x270
[  116.480948][    C1]  kernfs_fop_open+0x324/0xab0
[  116.485540][    C1]  do_dentry_open+0x81c/0xfd0
[  116.490143][    C1]  vfs_open+0x73/0x80
[  116.494130][    C1]  path_openat+0x26f0/0x2f40
[  116.498548][    C1]  do_filp_open+0x21c/0x460
[  116.502977][    C1]  do_sys_openat2+0x13f/0x820
[  116.507494][    C1]  __x64_sys_openat+0x243/0x290
[  116.512274][    C1]  x64_sys_call+0x6bf/0x9a0
[  116.517209][    C1] page last free stack trace:
[  116.521733][    C1]  free_unref_page_prepare+0x7c8/0x7d0
[  116.527015][    C1]  free_unref_page+0xe8/0x750
[  116.531538][    C1]  __free_pages+0x61/0xf0
[  116.535700][    C1]  free_pages+0x7c/0x90
[  116.540161][    C1]  selinux_genfs_get_sid+0x24d/0x2a0
[  116.545382][    C1]  inode_doinit_with_dentry+0x8d2/0x1070
[  116.550830][    C1]  selinux_d_instantiate+0x27/0x40
[  116.555777][    C1]  security_d_instantiate+0x9f/0x100
[  116.560894][    C1]  d_splice_alias+0x6d/0x390
[  116.565334][    C1]  kernfs_iop_lookup+0x29e/0x2f0
[  116.570414][    C1]  path_openat+0x1194/0x2f40
[  116.574931][    C1]  do_filp_open+0x21c/0x460
[  116.579270][    C1]  do_sys_openat2+0x13f/0x820
[  116.583900][    C1]  __x64_sys_openat+0x243/0x290
[  116.588595][    C1]  x64_sys_call+0x6bf/0x9a0
[  116.593021][    C1]  do_syscall_64+0x3b/0xb0
[  116.597357][    C1] 
[  116.599601][    C1] Memory state around the buggy address:
[  116.605167][    C1]  ffff88810f01e300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  116.613335][    C1]  ffff88810f01e380: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc
[  116.621462][    C1] >ffff88810f01e400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  116.629462][    C1]                             ^
[  116.634604][    C1]  ffff88810f01e480: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  116.642787][    C1]  ffff88810f01e500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  116.650769][    C1] ==================================================================
[  116.658837][    C1] Disabling lock debugging due to kernel taint
[  116.664867][    C1] ================================================================================
[  116.674135][    C1] UBSAN: array-index-out-of-bounds in kernel/locking/qspinlock.c:130:9
[  116.682562][    C1] index 16382 is out of range for type 'unsigned long[8]'
[  116.689585][    C1] CPU: 1 PID: 60 Comm: kworker/1:2 Tainted: G    B             5.15.176-syzkaller-00972-g829d9f138569 #0
[  116.700691][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  116.710569][    C1] Workqueue: wg-crypt-wg0 wg_packet_tx_worker
[  116.716460][    C1] Call Trace:
[  116.719590][    C1]  <IRQ>
[  116.722280][    C1]  dump_stack_lvl+0x151/0x1c0
[  116.726795][    C1]  ? io_uring_drop_tctx_refs+0x190/0x190
[  116.732261][    C1]  ? kvm_sched_clock_read+0x18/0x40
[  116.737300][    C1]  ? sched_clock+0x9/0x10
[  116.741508][    C1]  dump_stack+0x15/0x20
[  116.745452][    C1]  __ubsan_handle_out_of_bounds+0x118/0x140
[  116.751275][    C1]  __pv_queued_spin_lock_slowpath+0xb9d/0xc40
[  116.757360][    C1]  ? sysvec_apic_timer_interrupt+0x64/0xc0
[  116.763013][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  116.768977][    C1]  ? __pv_queued_spin_unlock_slowpath+0x310/0x310
[  116.775309][    C1]  ? kasan_check_range+0x293/0x2a0
[  116.780605][    C1]  _raw_spin_lock+0x139/0x1b0
[  116.785129][    C1]  ? _raw_spin_trylock_bh+0x190/0x190
[  116.790334][    C1]  ? cpu_map_generic_redirect+0x1a8/0x6d0
[  116.795878][    C1]  ? cpu_map_generic_redirect+0x1a8/0x6d0
[  116.801441][    C1]  cpu_map_generic_redirect+0x1d5/0x6d0
[  116.806903][    C1]  ? bpf_prog_run_generic_xdp+0x965/0x1070
[  116.812554][    C1]  ? cpu_map_enqueue+0x370/0x370
[  116.817333][    C1]  xdp_do_generic_redirect+0x3df/0xb40
[  116.822619][    C1]  do_xdp_generic+0x50b/0x7c0
[  116.827124][    C1]  ? kasan_set_track+0x4b/0x70
[  116.831896][    C1]  ? kasan_set_free_info+0x23/0x40
[  116.836927][    C1]  ? ____kasan_slab_free+0x126/0x160
[  116.842051][    C1]  ? generic_xdp_tx+0x490/0x490
[  116.846738][    C1]  ? __irq_exit_rcu+0x52/0xf0
[  116.851258][    C1]  ? __dev_printk+0x17d/0x1b0
[  116.855774][    C1]  ? migrate_disable+0xd9/0x190
[  116.860449][    C1]  __netif_receive_skb_core+0x1706/0x3640
[  116.866031][    C1]  ? update_load_avg+0x43a/0x1150
[  116.870869][    C1]  ? set_rps_cpu+0x5e0/0x5e0
[  116.875317][    C1]  ? enqueue_task_fair+0xd31/0x2650
[  116.880415][    C1]  __netif_receive_skb+0x11c/0x530
[  116.885549][    C1]  ? sched_group_set_idle+0x640/0x640
[  116.890747][    C1]  ? deliver_ptype_list_skb+0x3b0/0x3b0
[  116.896302][    C1]  ? __kasan_check_write+0x14/0x20
[  116.901334][    C1]  ? _raw_spin_lock+0xa4/0x1b0
[  116.905933][    C1]  ? _raw_spin_trylock_bh+0x190/0x190
[  116.911143][    C1]  ? __kasan_check_read+0x11/0x20
[  116.916219][    C1]  ? check_preempt_wakeup+0x16a/0xbe0
[  116.921775][    C1]  process_backlog+0x31c/0x650
[  116.926646][    C1]  __napi_poll+0xc4/0x5a0
[  116.931273][    C1]  net_rx_action+0x47d/0xc50
[  116.935697][    C1]  ? net_tx_action+0x550/0x550
[  116.940845][    C1]  ? __sched_clock_gtod_offset+0xb0/0x100
[  116.946403][    C1]  handle_softirqs+0x25e/0x5c0
[  116.951041][    C1]  __do_softirq+0xb/0xd
[  116.955137][    C1]  do_softirq+0xf6/0x150
[  116.959394][    C1]  </IRQ>
[  116.962173][    C1]  <TASK>
[  116.964946][    C1]  ? __local_bh_enable_ip+0x80/0x80
[  116.970071][    C1]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[  116.975701][    C1]  __local_bh_enable_ip+0x75/0x80
[  116.980729][    C1]  _raw_read_unlock_bh+0x29/0x30
[  116.985420][    C1]  wg_socket_send_skb_to_peer+0x178/0x1d0
[  116.990976][    C1]  wg_packet_tx_worker+0x1e6/0x530
[  116.996056][    C1]  process_one_work+0x6bb/0xc10
[  117.000788][    C1]  worker_thread+0xad5/0x12a0
[  117.005498][    C1]  ? _raw_spin_lock+0x1b0/0x1b0
[  117.010345][    C1]  kthread+0x421/0x510
[  117.014240][    C1]  ? worker_clr_flags+0x180/0x180
[  117.019304][    C1]  ? kthread_blkcg+0xd0/0xd0
[  117.023828][    C1]  ret_from_fork+0x1f/0x30
[  117.028249][    C1]  </TASK>
[  117.031211][    C1] ================================================================================
[  117.040786][    C1] general protection fault, probably for non-canonical address 0xe010f4fb9f81ff65: 0000 [#1] PREEMPT SMP KASAN
[  117.053141][    C1] KASAN: maybe wild-memory-access in range [0x0087c7dcfc0ffb28-0x0087c7dcfc0ffb2f]
[  117.062946][    C1] CPU: 1 PID: 60 Comm: kworker/1:2 Tainted: G    B             5.15.176-syzkaller-00972-g829d9f138569 #0
[  117.074501][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  117.084496][    C1] Workqueue: wg-crypt-wg0 wg_packet_tx_worker
[  117.090376][    C1] RIP: 0010:__pv_queued_spin_lock_slowpath+0x2f3/0xc40
[  117.097159][    C1] Code: 74 1e 48 89 4c 24 10 48 8b 7c 24 10 e8 86 98 5d 00 48 8b 4c 24 10 48 ba 00 00 00 00 00 fc ff df 4c 03 21 4c 89 e0 48 c1 e8 03 <80> 3c 10 00 74 12 4c 89 e7 e8 ff 98 5d 00 48 ba 00 00 00 00 00 fc
[  117.116944][    C1] RSP: 0018:ffffc900001d05c0 EFLAGS: 00010206
[  117.122850][    C1] RAX: 0010f8fb9f81ff65 RBX: ffff8881f7138ad4 RCX: ffffffff86285820
[  117.130916][    C1] RDX: dffffc0000000000 RSI: 0000000000000002 RDI: 00000000ffffffff
[  117.138997][    C1] RBP: ffffc900001d06b0 R08: ffffffff8141a99b R09: 0000000000000003
[  117.146899][    C1] R10: fffffbfff0e9a84c R11: dffffc0000000001 R12: 0087c7dcfc0ffb29
[  117.154798][    C1] R13: 1ffff11021e03ca0 R14: 1ffff1103ee27159 R15: ffff88810f01e504
[  117.162959][    C1] FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  117.171718][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  117.178355][    C1] CR2: 00007f510d299f98 CR3: 000000010d03d000 CR4: 00000000003526a0
[  117.186163][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  117.193966][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  117.201786][    C1] Call Trace:
[  117.204958][    C1]  <IRQ>
[  117.207599][    C1]  ? __die_body+0x62/0xb0
[  117.211767][    C1]  ? die_addr+0x9f/0xd0
[  117.215839][    C1]  ? exc_general_protection+0x311/0x4b0
[  117.221513][    C1]  ? asm_exc_general_protection+0x27/0x30
[  117.227116][    C1]  ? check_panic_on_warn+0x5b/0xb0
[  117.232093][    C1]  ? __pv_queued_spin_lock_slowpath+0x2f3/0xc40
[  117.238163][    C1]  ? sysvec_apic_timer_interrupt+0x64/0xc0
[  117.243868][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  117.249969][    C1]  ? __pv_queued_spin_unlock_slowpath+0x310/0x310
[  117.256927][    C1]  ? kasan_check_range+0x293/0x2a0
[  117.263142][    C1]  _raw_spin_lock+0x139/0x1b0
[  117.268153][    C1]  ? _raw_spin_trylock_bh+0x190/0x190
[  117.274057][    C1]  ? cpu_map_generic_redirect+0x1a8/0x6d0
[  117.279593][    C1]  ? cpu_map_generic_redirect+0x1a8/0x6d0
[  117.285318][    C1]  cpu_map_generic_redirect+0x1d5/0x6d0
[  117.290807][    C1]  ? bpf_prog_run_generic_xdp+0x965/0x1070
[  117.296611][    C1]  ? cpu_map_enqueue+0x370/0x370
[  117.301387][    C1]  xdp_do_generic_redirect+0x3df/0xb40
[  117.307092][    C1]  do_xdp_generic+0x50b/0x7c0
[  117.311691][    C1]  ? kasan_set_track+0x4b/0x70
[  117.316275][    C0] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  117.317187][    C1]  ? kasan_set_free_info+0x23/0x40
[  117.329861][    C1]  ? ____kasan_slab_free+0x126/0x160
[  117.334988][    C1]  ? generic_xdp_tx+0x490/0x490
[  117.339779][    C1]  ? __irq_exit_rcu+0x52/0xf0
[  117.344380][    C1]  ? __dev_printk+0x17d/0x1b0
[  117.349256][    C1]  ? migrate_disable+0xd9/0x190
[  117.354027][    C1]  __netif_receive_skb_core+0x1706/0x3640
[  117.359590][    C1]  ? update_load_avg+0x43a/0x1150
[  117.364440][    C1]  ? set_rps_cpu+0x5e0/0x5e0
[  117.368967][    C1]  ? enqueue_task_fair+0xd31/0x2650
[  117.374159][    C1]  __netif_receive_skb+0x11c/0x530
[  117.379103][    C1]  ? sched_group_set_idle+0x640/0x640
[  117.384581][    C1]  ? deliver_ptype_list_skb+0x3b0/0x3b0
[  117.390041][    C1]  ? __kasan_check_write+0x14/0x20
[  117.395082][    C1]  ? _raw_spin_lock+0xa4/0x1b0
[  117.399768][    C1]  ? _raw_spin_trylock_bh+0x190/0x190
[  117.404977][    C1]  ? __kasan_check_read+0x11/0x20
[  117.409834][    C1]  ? check_preempt_wakeup+0x16a/0xbe0
[  117.415040][    C1]  process_backlog+0x31c/0x650
[  117.419663][    C1]  __napi_poll+0xc4/0x5a0
[  117.423809][    C1]  net_rx_action+0x47d/0xc50
[  117.428235][    C1]  ? net_tx_action+0x550/0x550
[  117.432844][    C1]  ? __sched_clock_gtod_offset+0xb0/0x100
[  117.438609][    C1]  handle_softirqs+0x25e/0x5c0
[  117.443174][    C1]  __do_softirq+0xb/0xd
[  117.447166][    C1]  do_softirq+0xf6/0x150
[  117.451245][    C1]  </IRQ>
[  117.454025][    C1]  <TASK>
[  117.456806][    C1]  ? __local_bh_enable_ip+0x80/0x80
[  117.462135][    C1]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[  117.468138][    C1]  __local_bh_enable_ip+0x75/0x80
[  117.472993][    C1]  _raw_read_unlock_bh+0x29/0x30
[  117.477759][    C1]  wg_socket_send_skb_to_peer+0x178/0x1d0
[  117.483400][    C1]  wg_packet_tx_worker+0x1e6/0x530
[  117.488450][    C1]  process_one_work+0x6bb/0xc10
[  117.493211][    C1]  worker_thread+0xad5/0x12a0
[  117.497902][    C1]  ? _raw_spin_lock+0x1b0/0x1b0
[  117.502679][    C1]  kthread+0x421/0x510
[  117.506695][    C1]  ? worker_clr_flags+0x180/0x180
[  117.511553][    C1]  ? kthread_blkcg+0xd0/0xd0
[  117.516241][    C1]  ret_from_fork+0x1f/0x30
[  117.520493][    C1]  </TASK>
[  117.523378][    C1] Modules linked in:
[  117.527124][    C1] ---[ end trace ec094fc8bba31acb ]---
[  117.527194][ T6285] usb 5-1: new full-speed USB device number 16 using dummy_hcd
[  117.532514][    C1] RIP: 0010:__pv_queued_spin_lock_slowpath+0x2f3/0xc40
[  117.532551][    C1] Code: 74 1e 48 89 4c 24 10 48 8b 7c 24 10 e8 86 98 5d 00 48 8b 4c 24 10 48 ba 00 00 00 00 00 fc ff df 4c 03 21 4c 89 e0 48 c1 e8 03 <80> 3c 10 00 74 12 4c 89 e7 e8 ff 98 5d 00 48 ba 00 00 00 00 00 fc
[  117.566389][    C1] RSP: 0018:ffffc900001d05c0 EFLAGS: 00010206
[  117.572264][    C1] RAX: 0010f8fb9f81ff65 RBX: ffff8881f7138ad4 RCX: ffffffff86285820
[  117.580275][    C1] RDX: dffffc0000000000 RSI: 0000000000000002 RDI: 00000000ffffffff
[  117.588070][    C1] RBP: ffffc900001d06b0 R08: ffffffff8141a99b R09: 0000000000000003
[  117.596056][    C1] R10: fffffbfff0e9a84c R11: dffffc0000000001 R12: 0087c7dcfc0ffb29
[  117.603868][    C1] R13: 1ffff11021e03ca0 R14: 1ffff1103ee27159 R15: ffff88810f01e504
[  117.611763][    C1] FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  117.620616][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  117.627589][    C1] CR2: 00007f510d299f98 CR3: 000000010d03d000 CR4: 00000000003526a0
[  117.635363][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  117.643714][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  117.651972][    C1] Kernel panic - not syncing: Fatal exception in interrupt
[  117.659371][    C1] Kernel Offset: disabled
[  117.663612][    C1] Rebooting in 86400 seconds..