last executing test programs:

17.715087604s ago: executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2688474c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

17.559678058s ago: executing program 4:
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2008002, &(0x7f0000000080), 0x1, 0x53d, &(0x7f0000000a80)="$eJzs3c9vHFcdAPDvjH82TesEeoAKSIBCQFF2400bVb20uYBQVQlRcUAcUmNvLJNdr/GuS20s4f4NIIHECf4EDkgckHriwI0jEgeEVA5IASxQjATSopkdO1t7TZbsepd6Px9pMvPmzcz3vWxm39u3m3kBTKyrEbEXEbMR8VZELBT7k2KJ1zpLdtzD/d3lg/3d5STa7Tf/muT52b7oOifzdHHN+Yj42pcjvpWcjNvc3rm/VKtVN4t0uVXfKDe3d26s1ZdWq6vV9Url9uLtmy/feqkytLpeqf/8wZfWXv/6r375yfd/u/fF72XFuljkdddjmDpVnzmKk5mOiNfPItgYTBXr2TGXgyeTRsRHIuIz+f2/EFP5v04A4DxrtxeivdCdBgDOuzQfA0vSUkSkadEJKHXG8J6LC2mt0Wxdv9fYWl/pjJVdipn03lqtevPy3O+/kx88k2TpxTwvz8/TlWPpWxFxOSJ+OPdUni4tN2or4+nyAMDEe7q7/Y+If8ylaanU16k9vtUDAD405sddAABg5LT/ADB5tP8AMHn6aP+LL/v3zrwsAMBo+PwPAJNH+w8Ak0f7DwAT5atvvJEt7YPi+dcrb29v3W+8fWOl2rxfqm8tl5Ybmxul1UZjNX9mT/1x16s1GhuLL8bWO+VWtdkqN7d37tYbW+utu/lzve9WZ0ZSKwDgv7l85b3fJRGx98pT+RJdczloq+F8S8ddAGBspgY5WQcBPtTM9gWTq68mPO8k/ObMywKMR8+Hec/33PygH/8PQfzOCP6vXPt4/+P/5niG88X4P0yuJxv/f3Xo5QBGz/g/TK52Ozk+5//sURYAcC4N8BO+9veH1QkBxupxk3kP5ft/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOGcuRsS3I0lL+VzgafZnWipFPBMRl2ImubdWq96MiGfjSkTMzGXpxXEXGgAYUPrnpJj/69rCCxeP584m/5zL1xHx3Z+8+aN3llqtzcVs/9+O9s8dTh9WeXTeAPMKAgBDlrfflWLd9UH+4f7u8uEyyvI8uBP/LqYiXj7Y382XTs50ZDsj5vO+xIW/JzFdnDMfEc9HxNQQ4u+9GxEf61X/JB8buVTMfNodP4rYz4w0fvqB+Gme11lnna+PDqEsMGneuxMRr/W6/9K4mq973//z+TvU4B7c6Vzs8L3voCv+dBFpqkf87J6/2m+MF3/9lRM72wudvHcjnp/uFT85ip+cEv+FPuP/4ROf+sGrp+S1fxpxLXrH745VbtU3ys3tnRtr9aXV6mp1vVK5vXj75su3XqqU8zHq8uFI9Ul/eeX6s6eVLav/hVPiz/es/+zRuZ/rs/4/+9db3/z0o+Tc8fhf+Gzv1/+5nvE7sjbx833GX7rwi1On787ir5xS/8e9/tf7jP/+n3ZW+jwUABiB5vbO/aVarbo50Eb2KXQY1zmxkRWxv4MPu4uDBf1jnEUtnnBj5qz+Vs98Y/qorzjcK38ju+KIq5MOvRYDbTwcVazxvScBo/Hoph93SQAAAAAAAAAAAAAAgNOM4r8ujbuOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CQAA//+zi8zo")
creat(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
lsetxattr$system_posix_acl(&(0x7f00000003c0)='./bus\x00', &(0x7f0000000540)='system.posix_acl_access\x00', &(0x7f0000000280), 0x24, 0x0)
lchown(&(0x7f0000000340)='./bus\x00', r1, 0x0)

17.376854196s ago: executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r1}, 0x10)
pipe2$9p(&(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
r4 = dup(r3)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
write$FUSE_DIRENTPLUS(r4, &(0x7f00000005c0)=ANY=[@ANYBLOB="b8"], 0xb8)
write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f00000002c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})
r5 = open_tree(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0)
symlinkat(&(0x7f0000000040)='./file0\x00', r5, &(0x7f0000000080)='./file0\x00')
llistxattr(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)

17.316018425s ago: executing program 4:
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000140)={0x2003})
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000006680))
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000080)=0x200000000)
r2 = dup2(r0, r0)
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000040)=0x1)
read$FUSE(r2, &(0x7f0000000180)={0x2020}, 0x2020)
epoll_wait(r1, &(0x7f0000004280)=[{}], 0x1, 0x0)

17.281452201s ago: executing program 4:
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000005c0)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x11, &(0x7f0000000100)=ANY=[@ANYBLOB="180200000000400000000000000000008500000041000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000807000085000000b600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)

17.241327777s ago: executing program 4:
r0 = socket$inet(0x2, 0x802, 0x1)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
write(r0, &(0x7f0000000080)="08009edf773c8000", 0x8)
r1 = socket$netlink(0x10, 0x3, 0xa)
ioctl$sock_inet_SIOCGIFADDR(r1, 0x8915, &(0x7f0000000240)={'wg1\x00', {0x2, 0x0, @initdev}})
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mountinfo\x00')
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='io\x00')
read$char_usb(r2, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000300)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x80801, 0x0)
setsockopt$inet6_mreq(r3, 0x29, 0x14, &(0x7f0000000100)={@ipv4={'\x00', '\xff\xff', @local}}, 0x14)
mount(&(0x7f0000000040)=@filename='\x00', &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='sysfs\x00', 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180))
getsockopt$sock_timeval(r2, 0x1, 0x42, &(0x7f00000001c0), &(0x7f0000000280)=0x10)
mount$9p_unix(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x100000, 0x0)
mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1000, 0x0)
mount$9p_unix(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x80097, 0x0)
chroot(&(0x7f0000000000)='./file0\x00')
r4 = socket$inet6(0xa, 0x1, 0x0)
connect$inet6(r4, &(0x7f0000000040)={0xa, 0x0, 0x0, @remote}, 0x1c)
gettid()
timer_create(0x0, &(0x7f0000000000)={0x0, 0x12, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000340))
ptrace(0x10, 0x1)
r5 = inotify_init1(0x0)
fcntl$setown(r5, 0x8, 0xffffffffffffffff)
fcntl$getownex(r5, 0x10, &(0x7f0000000040)={0x0, <r6=>0x0})
ptrace$getenv(0x5, r6, 0x0, 0x0)

4.697204849s ago: executing program 3:
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, 0x0)
io_setup(0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
clock_gettime(0xfffffffffffffffd, &(0x7f0000000040))

4.643530248s ago: executing program 3:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0}, 0x10)
pipe(&(0x7f0000000000))
open(0x0, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x20, 0x0, 0x0, 0xeffff034}]}, 0x10)
r3 = fcntl$dupfd(r1, 0x0, 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000980)={0x14}, 0x14}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r4 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000140), 0x1010c2, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
lseek(r5, 0x2, 0x2)
mknod(&(0x7f0000000040)='./file1\x00', 0x0, 0x0)
chmod(&(0x7f0000000080)='./file1\x00', 0x1258bab1c8332e9a)
r6 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000a40)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)
read$FUSE(r6, &(0x7f00000024c0)={0x2020, 0x0, 0x0, 0x0, <r7=>0x0}, 0x2020)
newfstatat(0xffffffffffffff9c, &(0x7f00000008c0)='./file0\x00', &(0x7f0000000900), 0x100)
fsetxattr$system_posix_acl(r5, &(0x7f0000000880)='system.posix_acl_access\x00', &(0x7f0000000980)={{}, {0x1, 0xa}, [{0x2, 0x6, 0xee00}], {0x4, 0x4}, [{0x8, 0x0, r7}, {0x8, 0x1, r7}, {0x8, 0x4}, {0x8, 0x3, r7}, {0x8, 0x5, r7}, {}], {}, {0x20, 0x1}}, 0x5c, 0x2)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
keyctl$session_to_parent(0x12)

3.268035539s ago: executing program 3:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0}, 0x10)
pipe(&(0x7f0000000000))
open(0x0, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x20, 0x0, 0x0, 0xeffff034}]}, 0x10)
r3 = fcntl$dupfd(r1, 0x0, 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000980)={0x14}, 0x14}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r4 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000140), 0x1010c2, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
lseek(r5, 0x2, 0x2)
mknod(&(0x7f0000000040)='./file1\x00', 0x0, 0x0)
chmod(&(0x7f0000000080)='./file1\x00', 0x1258bab1c8332e9a)
r6 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000a40)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)
read$FUSE(r6, &(0x7f00000024c0)={0x2020, 0x0, 0x0, 0x0, <r7=>0x0}, 0x2020)
newfstatat(0xffffffffffffff9c, &(0x7f00000008c0)='./file0\x00', &(0x7f0000000900), 0x100)
fsetxattr$system_posix_acl(r5, &(0x7f0000000880)='system.posix_acl_access\x00', &(0x7f0000000980)={{}, {0x1, 0xa}, [{0x2, 0x6, 0xee00}], {0x4, 0x4}, [{0x8, 0x0, r7}, {0x8, 0x1, r7}, {0x8, 0x4}, {0x8, 0x3, r7}, {0x8, 0x5, r7}, {}], {}, {0x20, 0x1}}, 0x5c, 0x2)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
keyctl$session_to_parent(0x12)

3.164656245s ago: executing program 2:
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff010}, {0x80000006, 0x0, 0x0, 0xffffff3d}]}, 0x10)
r1 = socket(0x11, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r3=>0x0})
bind$packet(r1, &(0x7f0000000180)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @dev}, 0x14)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000000)=0x4, 0x4)
sendmsg$netlink(r1, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001340)=ANY=[@ANYBLOB="03011400ff1e430000000800ad0001140000002f2500ac14141fe000e502808a8972bd0f72e401010c520f068c3f1fe4fdfe4b449430ebb52997e36e039b1c598825f80100a3c06376c3304176a167d50261a67a34a09e5fe2bb07b6f158f918a54bf8"], 0xdd12}], 0x1}, 0x0)

2.509429245s ago: executing program 3:
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="200000001600010a0000005d86eeaa00000000000c000080060008"], 0x20}}, 0x0)

2.494512337s ago: executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000080)='net/anycast6\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413e850000000f00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000007fc0), 0x800001d, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x8000000004)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r6, 0x0, 0x0)
mkdir(0x0, 0x0)
chdir(0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x70}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x10)
pivot_root(&(0x7f00000004c0)='./file0\x00', 0x0)
listen(r6, 0x9)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r8, 0x0, 0x0, 0x24000004, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x1c)
writev(r5, &(0x7f0000000000)=[{&(0x7f0000000400)="580000001400192340834b80040d8c560a067fbc45ff810500000000070058000b480400945f640094272d7061d328b92d0000000000008000f0fffeffe809000000fff5dd000000100001000c0808004149004001040800", 0x58}], 0x1)

1.572816349s ago: executing program 3:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000402f17320000000000000109022400010000b415090400000103000000092100000001220b00090581030000"], 0x0)
sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x70)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
close(r2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
syz_usb_control_io(r0, 0x0, 0x0)
recvmsg(0xffffffffffffffff, 0x0, 0x40000040)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file1\x00', 0x800, &(0x7f0000000440)={[{@test_dummy_encryption}, {@usrquota}]}, 0x1, 0xb80, &(0x7f0000000c40)="$eJzs3MtrXFUYAPDv3jyaNrGTiqgtggGpFcVp2hSFrlrXooIuuuyYTErI9GEmggldpHWvLkRcFKR/guDeunAluKgLrX9BEYsU3bQuInce6dBkktjO9PTx+8GZe86c6XzfN5fOPQfmJoAn1kTxkEfsjYiTWUSp9XweEcON3kjESvN1t2+eny5aFqur7/+VRRYRt26en26/V9Y6jrYGIxFx9a0snv50fdz60vJ8pVarLrTGBxdPnztYX1p+fe505VT1VPXMkak3j0y9MTXVw1qvn/vw6xd+eefli5c/m3z3q90/ZXEsxlpznXX0ykRMrH0mnQYjotLrYIkMtOrprDMbTJgQAACbyjvWcM9GKQbizuKtFD/+mjQ5AAAAoCdWByJWAQAAgMdcZv8PAAAAj7n27wBu3Tw/3W5pf5HwYN04HhHjzfrb9zc3ZwZjpXEciaGI2PV3Fp23tWbNf3bfJopI3/1cLVr06T7kzaxciIjnNzr/WaP+8cZd3OvrzyNisgfxJ+4aP0r1H+tB/NT1A/BkunK8eSFbf/3L19Y/scH1b3CDa9e9SH39a6//bq9b/92pf6DL+u+9bcbY9++rV7vNda7/Tnz++0wRvzjeV1H/w40LEfsGN6o/W6s/61L/yW3GGJ2+fqnbXFF/UW+7Pej6Vy9H7I+N62/LNvv7RAdn52rVyeZjlxj7fzhxoFv8zvNftCJ+ey/wIBTnf1eX+rc6/+e2GWP8uT/3dpvbuv78j+Hsg0ZvuPXMJ5XFxYVDEcPZ2+ufP7x5Lu3XtN+jqP+Vlzb//79R/cV3wkrrcyj2Ahdax2J88a6Yo/sPf3vv9fdXUf/MPZ7/L7YZ45vvL33UbS51/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GvKIGIssL6/187xcjhiNiGdiV147W198bfbsx2dmirmI8RjKZ+dq1cmIKDXHWTE+1OjfGR++azwVEXsi4svSzsa4PH22NpO6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaMRsRYZHk5IvKI+KeU5+Vy6qwAAACAnhtPnQAAAADQd/b/AAAA8Piz/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDP9rx45VoWEStHdzZaYbg1N5Q0M6Df8tQJAMkMpE4ASGYwdQJAMvb4QLbF/EjXmR09zwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh9eBvVeuZRGxcnRnoxWGW3NDSTMD+i1PnQCQzEDqBIBkBlMnACRjjw9kW8yPdJ3Z0fNcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh4jTValpcjIm/087xcjngqIsZjKJudq1UnI2J3RPxWGtpRjA+lThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICeqy8tz1dqteqCjo6Ozlon9TcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1JeW5yu1WnWhnjoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAILX60vJ8pVarLvSxk7pGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS+S8AAP//szUGGQ==")
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
syz_usb_control_io(r0, &(0x7f0000000540)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="0000820000008200b7cb8a63a2db76d800c0745a04a9216c94675db1447ad1a6e333e5ac8fcd49d93581b263f44439f553d32f40ae5e580a3d53a5f91493f9766ad0077b22708a6912146bf11b558c5c9ba1beecb4a50b6bfc45a66a36bb64dafcdc570da81e4fe54f5c1ac48fbb95fe3e9b23276ca7dd87d7abdf6db1ebbee1808d"], 0x0, 0x0, 0x0, 0x0}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x13, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x28}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x2a}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x90)
accept4$inet6(0xffffffffffffffff, &(0x7f0000000240), &(0x7f0000000280)=0x1c, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0))
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='memory.events\x00', 0x7a05, 0x1700)
pwritev(r6, &(0x7f00000004c0)=[{0x0}, {0x0}, {&(0x7f0000000200)="db", 0xfffff000}], 0x3, 0x8040000, 0x0)

1.353734832s ago: executing program 1:
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0xc8d8, &(0x7f0000000180)={[{@sb={'sb', 0x3d, 0x9}}, {@block_validity}, {@errors_remount}, {@grpjquota}, {@grpquota}]}, 0x2, 0x500, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=")
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r2, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r3, {0x2, 0x0, @broadcast}, 0x2}}, 0x2e)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r4, &(0x7f0000000000)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x2, 0x98, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x32)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r5, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}, 0x0, 0x9800}}, 0x26)
connect$pppl2tp(r1, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x2, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x32)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
r7 = dup(r6)
r8 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r8, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r9=>0x0})
bind$can_raw(0xffffffffffffffff, &(0x7f00000005c0), 0x10)
read(r8, &(0x7f00000007c0)=""/4096, 0x1000)
setsockopt$SO_TIMESTAMP(r8, 0x1, 0x23, &(0x7f00000000c0), 0x4)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r8, 0x65, 0x4, &(0x7f0000000580)=0x1, 0x4)
sendmsg$can_raw(r8, &(0x7f0000000240)={&(0x7f0000000780)={0x1d, r9}, 0x10, &(0x7f0000000200)={&(0x7f0000000140)=@can={{}, 0x0, 0x0, 0x0, 0x0, "5b7ba3698f28aaf0"}, 0x10}}, 0x0)
r10 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r10, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r10, 0x107, 0x16, &(0x7f0000000100)={0x0, &(0x7f0000000080)}, 0x10)
dup3(r7, r10, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRESHEX=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000"], 0x0, 0x800, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, r7}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000b00)={0xf3f, {{0x2, 0x4e20, @multicast1}}}, 0x88)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)

989.200208ms ago: executing program 2:
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff010}, {0x80000006, 0x0, 0x0, 0xffffff3d}]}, 0x10)
r1 = socket(0x11, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r3=>0x0})
bind$packet(r1, &(0x7f0000000180)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @dev}, 0x14)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000000)=0x4, 0x4)
sendmsg$netlink(r1, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001340)=ANY=[@ANYBLOB="03011400ff1e430000000800ad0001140000002f2500ac14141fe000e502808a8972bd0f72e401010c520f068c3f1fe4fdfe4b449430ebb52997e36e039b1c598825f80100a3c06376c3304176a167d50261a67a34a09e5fe2bb07b6f158f918a54bf8"], 0xdd12}], 0x1}, 0x0)

976.08929ms ago: executing program 2:
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="200000001600010a0000005d86eeaa00000000000c000080060008"], 0x20}}, 0x0)

961.263283ms ago: executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r1}, 0x10)
syz_mount_image$f2fs(&(0x7f0000000100), &(0x7f0000010600)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="6163746976655f6c6f67733d342c66617374626f6f742c746573745f64756d6d795f656e6372797074696f6e2c6673796e635f6d6f64653d7374726963742c00200da779e57c52e33a83fdbd563a5b7c6b958cb6e49387a5ba5a89b0887c0292eb888cc8efa81040100dc3ba748033542625bc334eaf793332891541000f3c63c0a5f0af254a5bd1f4b81d0c5188ddcadf07eff7b49004e0b243a8a4d93632fbe9ab868d88310829d8e04a3c0572143a3d3d1472cc5da6f72bb097f5f7b95a09e442c0a1463aaa90db7dcbc542dc5bced278eda11583f810469b706968e793db3230"], 0x1, 0x1059a, &(0x7f0000020c40)="$eJzs3M1rI2UcB/Bftu6r61pkX/TkgAgNmNC03aIgUnUXXbBL8eXgSdNkGrKbZEqTvrhnPemf4FUQ8ebf4MV/Y/EgeBK8rSiZmcpW96A226zbzwem32eePPPL84RcnkyZAI6t2eTXXypxIc5GxExEnI/I25XyyK0U8WxEPB8RJ+47KmX/nx2nIuJcRFwYFy9qVsqXln+7e++r5268+vk3d6uNn77+cnqrBqbtxYjobxbt3X6RWafIW2V/c6ebZ39pp8zihf7t8jwrcjddzyvsNvfHNfNc7BTjs83t4Tg3es3WODvdjbx/c1C84XCns18nv+BWcys/b6freXaHWZ6dO8W89sq8MxwVddplvU/y8jEa7WfRn+6lxXo2b+fZGozK/qJu1k73xrlTZvl20cp67Xwe6//5Y37kvdMdbO8lO+nWsJsNkqv1xsv1xnKtsZW101G6VGv228tLyVynNx5WG6XN/konyzq9tN7K+tVkrtNq1RqNZO5aut5tDpJGo75Yn69drZatl5K3bn6Q9NrJ3Djf6A62R93eMNnItpLiimqyUF98pZq80EjeW11L1t69fn117f2Prn148/XVG2+Wg/42rWRuYX5hodaYry00qtZ/GJXDXc5x5wsE8K/Z/wPTYP9v/x/2v8d+/bZvHIovEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAsfXjye/ezhuzxfmTZf9TZdczEXElIi5HxKWI+P0BZuLUgZoXI6JSth80/uRf5vB9JfIK42tOl8e5iFgpj3tPP+xPAQAAAB5f3/7w6WcRM+Nm/ue1aU+Io1T+aHNmUvXyn3yemFS1i3mxvQlVu7RfciIuR8TJ2Z8nVO1KRJw4//GEqv0jMwfizH1RKeLEUc4GAAA4Ggd3AhPbvQEAAPDI+WLaE2A68vu15f/il/eCTxdR3hA8e+AMAAAA+B+qTHsCAAAAwEOX7/89/w8AAAAeb8Xz/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD/YuZfcNGI4DsB/oFPoS0UVj6uwqrpkwSF6hC57gPY22XGGSIhzkF2OEEHEjIMyhN2YAZHvkwbbI/jJRmJhmzEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACc00OxnN+t//1vmrPdNZNnNAAAAMApm2I5LyvDqv0l3f+Wbv2IiGlETCJiHBGn5u69+FjLHEVEJ9VPvb846sN9RJmw/0w/XZ8j4le6nr6f+1sAAACA27VezRYRvX21fPl5qPEOpEWbQa68csnnQ660URn2N1Pa+CUyi0lEFMPHTGnTiOh+/Z1arfz+erVi8KroVEW3jV4AAADtqs8Ess3eAAAAuDp/Lt0BLqPcr03/xU97wf2qSBuCn2otAAAA4HodP21/0Gm3HwAAAMAFlPP/N+f/pVUB5/8BAADAbajO/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCcNsVyvl7NFk1ztrtm8owGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAntmfdxQIgTAIg73r+06D9z+WNGhqalIFwsffGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALz53V/+T0yNM8nca2PpeSRZOzW2To29c+PoD+Pr1wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzP3QmEQBCEwb7zP6fF/MOSBo1BhCpY+JhhHhYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+KLf/fJ/YmqcSeZOG0vHI8naVWPrqrH3oHH0YLz9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4GIHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirswIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgr7c2+bMBDGcfi1kyhxm4yQ3uJjBhoqBCPwISFZ8gwMwEI0VLQWi8AKIOCgpTMFz9P8fzpdcQcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7+n09MZHRGSfj8wjH67+DpeDr8jXTTP4vma2Oe7rn1tOtrtRyt8Y/xcRUUTWwm8AANpX3jfFYlnNO2m7aXtp+2nLaV3NXvloAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzuzcsWpTURgA4JOkiVYnRyuI4KCLjU2sRsjiUOguCLqFNpZiqpJmaEuXPoHo5Oor2E1fwRcQHLTg4NBBwUUQJclNeoJBUoR7Q/0++O/9c4dzz8kQ+O9/bgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgWA73wtlBngshzM0c5V3vv+6ujDu/ffZhbhBf7ry5GI/ZHaIYQni43mpeT3Et025ze+dRo9VqtiUSiWSYZP3LBADASVNMolvXfyruL3ev5eoh/Ho1Wv9fifLwl/r/88vzFwbxc+tdJ75XXP8vpLbC6VfubDwtb27vXFvfaKw115qPq9XK4s3FG7dvVcq9ZyVlT0wAAAD4N6Uk4vo/X/+z/38mysOE9f+9pQf343sV1P9jHTX9sp4JAADA/+3cpe/fcmOu50qlsNXodNoL/ePwc6V/zGCqx3Yqibj+L9SznhUAAACQhsO93Ej/fzXKw4T9//nXuwfxmIUQwmzS/59fedJaTW85Uy2N14mzXiMAAADZmk0i7v8Xe/v/88MtD/kQwtXL/Tz5G8CJ6v+PL+6OvLQe7/+vprfEqZSv9b+P3rkWwkwt6xkBAABwkp1OolvsHxT3l9s/ni+V7P8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDf7NgxSgNBFAbgzW5WKzFgpVZeQLSzClgIYuMhREHwBCKIBxBbS+9g6R1SK9hYWKbwBvJmd1TSBCx2lXwfTN4jDJmXSZN/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgrun+d1/Fy6jpy/a954+rk6gvMzW8369vxop+0OXQ/9Bgr+8JAAAAWARVzvdFUbzVj4dRy3HK/3XeE5n/YaXpc56fzf25Pt29buT8f328dfl10Kg5Jz707PzidKezb/j3rc7dMUw3n569VOkHKY9u1qZ1us/B7WRysJTa5S6mBQB+YzvXtsn/h6Lu9jkYAAtj2K7iR/6vxv3OBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANCFzwAAAP//OCtiEg==")

641.389661ms ago: executing program 0:
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000004000000000000000000190095"], &(0x7f00000001c0)='syzkaller\x00'}, 0x90)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r0, r2}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
syz_emit_ethernet(0xfdef, &(0x7f0000000780)=ANY=[@ANYBLOB], 0x0)

630.942823ms ago: executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x23, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r2, 0x40505412, &(0x7f0000000e40)={0x0, 0x4b, 0x20})

604.990867ms ago: executing program 0:
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000002c7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='ext4_request_inode\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='ext4_request_inode\x00', r2}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0)

587.23672ms ago: executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000500), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001d00)=ANY=[@ANYBLOB="bf16000000000000b707000001009fa35070000000000000280000000000c00095000000000000002ba728041598d6fbd30cb599e83d24a3aa81d36bb3010100bd2321afb56fa54f26fb0b71d0e6adff07f1d8f7faf75e0f226bd99eea7960707142fa2dc79b9723741c4a0e168c1886d0d4d94f2f4e345c652fbc16ee988ee99fbfbf9b0a4def23d410f6296b32a834388107200759cda9036b4e369a9e152ddcc7b1b85f3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c3b35967dec6e802f5ab3eea57b09a2ed4048d3b867ddd58211d6ececb0cd2b6d357b85a0218ce740068725837079e468ee207d2f73902fbcfcf49822775985bf31b715f4388b24efa000000000000ffffffdf0000000000000000000000000000020000000000000000000000000000b27cf3d1848a54d7132be1ffb0adf9deab29ea3323aa9fdfb52faf449c3bfd09000000b9349e31aa3701c38c527d3237c197d61ab219efdebb7b3de8f67581cf796a1d4223b90b80fcad3f6c962b9f292324b7ab7f7da31cf41ab12012fb1e0a494034127de745409e35a30b23bcee46762c2093bcc9eae5ee3e980026c96f80ee1a74e04bde740750fa4d9aaa705989b8e673d0499104dcfe7c0f694bd5fc9e66d058b75fa4c81e5c9f42d9383e41d277b10392a96286744f049c3f128f8f92ef992239eafce5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637598f37ad380a447483cac394c7bbdcd0e3b1c39b2e00916de48a4e70f03cc415ba77af02c1d4cef5379da860aed8477dfa8ceefb405005c6977c78cdbf37704ec73755539280b064bda144910fe050038ec9e47de89298b7bf4d769ccc18eede00e8ca5457870eb30d211e23ccc8e06cd58b638c234bbb55ff413c86ba9affb12ec757c7234c270246c87a901160e6c07bf6cf8809c3a0d46ff7f000000000000ad1e1f493354b2822b9837421134c0167d78e6c24ed0a2768e825972ea3b774a1467c89fa0f82e8440105051e5510a33dcda5e143fbfff161c12ca389cbe4cc302b52e2101de18a1f1f7c551b3fa00055cc1c46c5fd9c26a54d43fa050645bd6109b113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a84a4e378a9b15bc20f49e298727340e97c870800000047546103f123f661c84726e7c7c55eff231a1b033d8f841ba3442b2c7c503f3d0e7ab0e958adb862822e40009995ae166deb9856291a43a6f7eb2e32cefbf46306f2ef7be184f5e93ba5c8c2a4c04450b652b8d4c2ff030000000000000007c6bbd6cb2b240ce7d47ae636a5dbe9864a117d27326850a7c3b57086a4482c218b10af13d7be94987005088a83880ccab9c99220002af8c5e13d52c87c3a3ee6c08384865b66d2b4dcb5dd9cba16b64ebbbf8702ae12c77e6e34991a225c120a3c950942fe0bc9f2a1a7506d35e5b439edeb7088aeda890cf8a4a6f31ba6d9b8cb098f935bdcbb29fd0f1a342c9eed00000000ab6648a9dea0b6c91996d65da6c24a700a86c814459f3cdaaf99000000000000000000bf2130d1b32c826563c718d0ad23bc83ba3f3757210a057e177615c0683f000000000000006d4e0413ab52f5aaab812201d1aba3d70471fcd9b466569f3ef72f39d87fcccab514fcff030000629c9b73ce7bc4be7f8be71cb7b2d0a4acff8f6abe7dbad64dfa63966945d93c33b038ce0d890f85f8a6ab8487c383e24d4a8051f80e1811e387723a25dda119f64b35e71c5400000000000000000000000000000034c751ebdf3f207ea3df3d6c0002a41783078e56c70afe8016b3dd9dc7785b36e609f173cc747837d600283b3452c57a5d44cacd363589845637071320921d32c1663964eddec97cc33158bc306d8c3bdae8108a23d2dc96a5cdb518f58832ec0906aaec43659c79c8ad37b0f961f3beaa3e02f7762c5dd633d13b5e487e996597b2ab42c81eb7dd8390e13b395aacce4683e55bcfe8c17615257364365fd48bd77da79e52ce9adfe6dcb0c42c4d719347f3d16304fa000008ffffffffffffff003049ca923d059c0ab5d886a491adacb7e4b43b1b57586e5fe2aa611f6232a9b71882ce24fce75cf105fa57f000756755b7230e2c0c1fed5487271c4f2981cf8f4351ef5d08641dacaed000080000000000000000000000fa36bbac00bb77c933d3961556f3fe647b05643b0000000000000000000000967aef9c5706e13d5889e77dab80a2548ec31629b7355a2bb8b93e4b6323061f545b26accc4621b568ab0bfaf30aa4f60705532c4a09c0a4a5487c762167edf362be35b9c90ad7e372a66bbb1471aa21000000000000104061c66a7432f25687618e31dcef8c5d4a2457a93f3fc6d3d7131746c75ccf400fc1a7a51826832ef7f5fbc78827d937768443a1c1ca3aba93a34efd21aa1201d9225256df8de405d1f12c17cdaff3ad675aa333aa7e919459babd3cc1000000000000000000000000000000000000000000000000000000000000001a55fdc6a54a2a8b28fa7d9b92aeb58e78e3b8594a5ef6bb67e52bf43b6145f544273a8f62852706c0abef368bfc72f92fa99a7bf121019cff8001fd7d2f6c2c295a5cab383235fec4c1decbed258ee9df8963c0fc828ad2119ffefe36c78692fffb6942b9da0922b2aa8f6b66c14ee7f42d5951edcc986356b41c0de3549f851ca340d9e425e355c1decb785a1042a72c1c98a084b04b1d9be473e50a15d76b110eda3b7cc1f2501211773cf510a43888422c1328476dd6f42659c61a18618fd28d5cd342c276aa9c4cc035077fa09d672b8dcfb3ac1751628647047d07338a8619037e3449a173ddd697f541a0795a2de7ef1396d70675341ebf004be122de04b5275fe7e53d28ebdc5051cec00759d73ca97229d93b965926060b6f91d01324bd458b425ea51c5d5b69551d599188fc6040370ac9ca7ae9eea9e5ede79bd66bd3d616dd7d7dd4c3a8fd055a3585af6fe7f5046c61154598cd33c33a48ece1072afd04b1fd85eb1655d9f3f813392c9634200d892dc6810b436820a1e0f6b464855e28953eb63cd3d6fc1b7bfb588ce28a51af1658d45d759a8399da55a3ff6597bb9f47167fe55ca240623a001e5fe15d9ddefea06a3750501916163844106c4ce662f418d9fc509e5447f712048d53e7e36ee7de083c5ea1119969d858eb6785395fc5a2c551de9a086cb4583f55c47828645e3046258eeb8801da9abf948548f270556ee0c4549229ea97895313df594c237df307cbdbd90a6f36833ad04312dd181e1c1babcedb6b0af600155803619f9e967ff02acd8e827f9de74cdff92d069d6645857492efb289b43e5c3c2052fc396d407c6351704b0114c6f56972233ae33061a1a39adc54125a530f73c587d5dd39af8ebec91e50b1b440be4d0d791a0b6bb741105508051db0075cbe4d8c9b5e1c7a3b074abce7951dc90da7cf0315"], &(0x7f0000000140)='GPL\x00'}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x6, 0x4, 0x5b, 0x8a}, 0x48)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000400)={r2, r3}, 0xc)

575.523512ms ago: executing program 0:
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff010}, {0x80000006, 0x0, 0x0, 0xffffff3d}]}, 0x10)
r1 = socket(0x11, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r3=>0x0})
bind$packet(r1, &(0x7f0000000180)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @dev}, 0x14)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000000)=0x4, 0x4)
sendmsg$netlink(r1, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001340)=ANY=[@ANYBLOB="03011400ff1e430000000800ad0001140000002f2500ac14141fe000e502808a8972bd0f72e401010c520f068c3f1fe4fdfe4b449430ebb52997e36e039b1c598825f80100a3c06376c3304176a167d50261a67a34a09e5fe2bb07b6f158f918a54bf8"], 0xdd12}], 0x1}, 0x0)

560.581364ms ago: executing program 0:
bpf$PROG_LOAD(0x5, 0x0, 0x0)
recvmsg(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000010700000000000000f9000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xfed7)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sendmsg$DCCPDIAG_GETSOCK(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000280), 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x3ffffffffffffda, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f00000000c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
mount$incfs(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000340), 0x0, 0x0)

521.80378ms ago: executing program 2:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='mm_page_alloc\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)
pipe(&(0x7f0000000440)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
splice(r1, 0x0, r3, 0x0, 0x88000cc, 0x0)
fcntl$setpipe(r2, 0x407, 0x8900003)
write$eventfd(r2, &(0x7f0000000000), 0x8)

498.057223ms ago: executing program 1:
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000001c0)={@map=0x1, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
write$cgroup_subtree(r0, &(0x7f0000000180)=ANY=[@ANYBLOB="8fedcb5d07081196f37538e486dd6372ce22667f2b00dbf6e97158b33d4fec877f1b6d76745b686158bbcfe8875afdef00010000000029"], 0xfdef)

240.454983ms ago: executing program 1:
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040))
ptrace(0x10, 0x1)

151.496847ms ago: executing program 1:
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000157000/0x2000)=nil, 0x2000, &(0x7f00000000c0)='\x00')
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x10)

132.900629ms ago: executing program 1:
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x952c, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x19, 0x0, 0x34)

43.648403ms ago: executing program 2:
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_setup(0x3, &(0x7f0000000180)=<r0=>0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='fd/3\x00')
io_submit(r0, 0x1, &(0x7f0000000040)=[&(0x7f00000000c0)={0x0, 0x300, 0x0, 0x5, 0x0, r1, 0x0}])

0s ago: executing program 1:
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000004000000000000000000190095"], &(0x7f00000001c0)='syzkaller\x00'}, 0x90)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r0, r2}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
syz_emit_ethernet(0xfdef, &(0x7f0000000780)=ANY=[@ANYBLOB], 0x0)

kernel console output (not intermixed with test programs):

NF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   23.758674][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   23.766882][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   23.775422][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   23.783457][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   23.791514][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   23.799673][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   23.807363][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   23.815258][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   23.822938][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   23.830900][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   23.838186][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   23.845784][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   23.853084][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   23.863865][  T314] device veth1_macvtap entered promiscuous mode
[   23.876011][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   23.884245][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   23.891984][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   23.900162][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   23.908183][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   23.917261][  T316] device veth1_macvtap entered promiscuous mode
[   23.926659][  T312] device veth0_vlan entered promiscuous mode
[   23.932962][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   23.940241][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   23.953268][  T311] device veth1_macvtap entered promiscuous mode
[   23.965468][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   23.973529][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   23.981975][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   23.989998][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   23.997317][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   24.005405][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   24.013506][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   24.021613][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   24.040990][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   24.049164][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   24.057302][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   24.065458][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   24.073747][  T313] device veth1_macvtap entered promiscuous mode
[   24.087637][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   24.095690][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   24.111298][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   24.119561][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   24.146716][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   24.160862][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   24.169663][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   24.177798][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   24.189255][  T312] device veth1_macvtap entered promiscuous mode
[   24.199129][  T312] IPv6: macsec0: Failed to add prefix route for address fe80::3b; dropping
[   24.211998][  T339] device vlan2 entered promiscuous mode
[   24.243441][  T345] syz-executor.1 uses obsolete (PF_INET,SOCK_PACKET)
[   24.252482][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   24.261035][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   24.277159][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   24.297858][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   24.308039][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   24.507432][  T360] xt_CONNSECMARK: invalid mode: 0
[   24.778664][  T348] syz-executor.0 (348) used greatest stack depth: 20808 bytes left
[   25.444060][  T382] loop0: detected capacity change from 0 to 128
[   26.297755][   T28] kauditd_printk_skb: 35 callbacks suppressed
[   26.297775][   T28] audit: type=1400 audit(1718627122.326:111): avc:  denied  { mount } for  pid=378 comm="syz-executor.0" name="/" dev="loop0" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   26.332520][  T391] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   26.384455][   T28] audit: type=1400 audit(1718627122.386:112): avc:  denied  { read } for  pid=390 comm="syz-executor.2" name="kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   26.433769][   T28] audit: type=1400 audit(1718627122.386:113): avc:  denied  { open } for  pid=390 comm="syz-executor.2" path="/dev/kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   26.473078][   T28] audit: type=1400 audit(1718627122.386:114): avc:  denied  { ioctl } for  pid=390 comm="syz-executor.2" path="/dev/kvm" dev="devtmpfs" ino=83 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   26.531249][  T410] IPv6: sit1: Disabled Multicast RS
[   26.536238][   T28] audit: type=1400 audit(1718627122.476:115): avc:  denied  { unmount } for  pid=313 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[   26.566457][   T28] audit: type=1400 audit(1718627122.476:116): avc:  denied  { unmount } for  pid=316 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   26.598594][   T28] audit: type=1400 audit(1718627122.526:117): avc:  denied  { write } for  pid=402 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   26.645222][   T28] audit: type=1400 audit(1718627122.526:118): avc:  denied  { setopt } for  pid=403 comm="syz-executor.0" lport=73 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   27.200290][  T421] xt_CONNSECMARK: invalid mode: 0
[   27.402820][   T28] audit: type=1400 audit(1718627122.616:119): avc:  denied  { create } for  pid=403 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   27.467451][   T28] audit: type=1400 audit(1718627123.266:120): avc:  denied  { read } for  pid=84 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[   27.957248][  T406] syz-executor.3 (406) used greatest stack depth: 20552 bytes left
[   28.031130][  T451] IPv6: sit1: Disabled Multicast RS
[   28.040300][  T449] loop0: detected capacity change from 0 to 512
[   28.042074][  T453] syz-executor.3[453] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   28.046787][  T453] syz-executor.3[453] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   28.056147][  T449] =======================================================
[   28.056147][  T449] WARNING: The mand mount option has been deprecated and
[   28.056147][  T449]          and is ignored by this kernel. Remove the mand
[   28.056147][  T449]          option from the mount to silence this warning.
[   28.056147][  T449] =======================================================
[   28.116640][  T455] device vlan1 entered promiscuous mode
[   28.129421][  T449] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #17: comm syz-executor.0: iget: bogus i_mode (0)
[   28.131142][  T457] loop2: detected capacity change from 0 to 512
[   28.141561][  T449] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz-executor.0: couldn't read orphan inode 17 (err -117)
[   28.161130][  T449] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   28.194960][  T449] capability: warning: `syz-executor.0' uses deprecated v2 capabilities in a way that may be insecure
[   28.227290][  T468] loop4: detected capacity change from 0 to 256
[   28.236953][  T316] EXT4-fs (loop0): unmounting filesystem.
[   28.243734][  T468] exFAT-fs (loop4): failed to read sector(0x800000078)
[   28.250786][  T468] exFAT-fs (loop4): failed to load upcase table
[   28.256851][  T468] exFAT-fs (loop4): failed to recognize exfat type
[   28.276394][  T457] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   28.299000][  T457] ext4 filesystem being mounted at /root/syzkaller-testdir1516083704/syzkaller.T6ViHk/9/bus supports timestamps until 2038 (0x7fffffff)
[   28.522773][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   28.724937][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   28.742514][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   28.751191][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   28.766515][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   28.773869][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   28.781181][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   28.789105][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   28.796377][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   28.803776][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   28.818926][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   28.830921][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   28.850518][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   28.857908][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   28.864978][  T497] device vlan2 entered promiscuous mode
[   28.865437][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   28.877909][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   28.885578][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   28.893077][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   28.916499][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   28.928538][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   28.945985][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   28.953542][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   28.960982][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   29.031498][  T502] loop3: detected capacity change from 0 to 512
[   29.040955][  T314] EXT4-fs (loop2): unmounting filesystem.
[   29.049787][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   29.057022][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   29.064470][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   29.070734][  T502] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #17: comm syz-executor.3: iget: bogus i_mode (0)
[   29.071783][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   29.083711][  T502] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz-executor.3: couldn't read orphan inode 17 (err -117)
[   29.090574][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   29.102739][  T502] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   29.109717][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   29.109739][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   29.133492][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   29.141992][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   29.151345][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   29.158668][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   29.165943][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   29.173228][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   29.180530][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   29.210486][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   29.217967][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   29.225294][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   29.232687][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   29.240038][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   29.247384][   T39] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   29.264711][  T312] EXT4-fs (loop3): unmounting filesystem.
[   29.273149][   T39] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   29.353602][  T523] loop3: detected capacity change from 0 to 512
[   29.365847][  T523] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #15: comm syz-executor.3: casefold flag without casefold feature
[   29.379973][  T523] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: inode #2: comm syz-executor.3: missing EA_INODE flag
[   29.392279][  T523] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz-executor.3: error while reading EA inode 2 err=-117
[   29.405724][  T523] EXT4-fs (loop3): 1 orphan inode deleted
[   29.423718][  T523] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   29.598625][  T424] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   30.018493][  T424] usb 1-1: Using ep0 maxpacket: 16
[   30.158787][  T424] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   30.169910][  T424] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   30.179775][  T424] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   30.239887][  T312] EXT4-fs (loop3): unmounting filesystem.
[   30.245770][  T424] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[   30.257168][  T424] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   30.266764][  T424] usb 1-1: config 0 descriptor??
[   30.393726][  T561] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   30.659526][  T575] loop4: detected capacity change from 0 to 256
[   30.910868][  T576] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[   30.974981][  T424] microsoft 0003:045E:07DA.0002: unexpected long global item
[   30.986614][  T575] exFAT-fs (loop4): failed to read sector(0x800000078)
[   30.993441][  T575] exFAT-fs (loop4): failed to load upcase table
[   30.999476][  T575] exFAT-fs (loop4): failed to recognize exfat type
[   31.068227][  T424] microsoft 0003:045E:07DA.0002: parse failed
[   31.252938][  T424] microsoft: probe of 0003:045E:07DA.0002 failed with error -22
[   31.269671][  T586] loop1: detected capacity change from 0 to 512
[   31.277364][  T424] usb 1-1: USB disconnect, device number 2
[   31.326297][  T586] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #15: comm syz-executor.1: casefold flag without casefold feature
[   31.339217][   T28] kauditd_printk_skb: 23 callbacks suppressed
[   31.339231][   T28] audit: type=1400 audit(1718627127.386:144): avc:  denied  { getopt } for  pid=594 comm="syz-executor.3" lport=63 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   31.346462][  T586] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #2: comm syz-executor.1: missing EA_INODE flag
[   31.377973][  T586] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz-executor.1: error while reading EA inode 2 err=-117
[   31.390794][  T586] EXT4-fs (loop1): 1 orphan inode deleted
[   31.396436][  T586] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   31.431462][  T599] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   31.489912][   T28] audit: type=1400 audit(1718627127.546:145): avc:  denied  { unmount } for  pid=312 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   31.860355][   T28] audit: type=1326 audit(1718627127.886:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=609 comm="syz-executor.4" exe="/root/syz-executor.4" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f994f67cf29 code=0x0
[   32.213997][   T28] audit: type=1400 audit(1718627128.266:147): avc:  denied  { create } for  pid=623 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   32.234822][   T28] audit: type=1400 audit(1718627128.266:148): avc:  denied  { read } for  pid=623 comm="syz-executor.0" path="socket:[15571]" dev="sockfs" ino=15571 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   32.238360][  T313] EXT4-fs (loop1): unmounting filesystem.
[   32.313362][   T28] audit: type=1400 audit(1718627128.366:149): avc:  denied  { write } for  pid=623 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   32.376163][   T28] audit: type=1400 audit(1718627128.416:150): avc:  denied  { read } for  pid=634 comm="syz-executor.2" name="binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   32.438955][  T630] loop1: detected capacity change from 0 to 40427
[   32.446043][  T630] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[   32.454328][   T28] audit: type=1400 audit(1718627128.416:151): avc:  denied  { open } for  pid=634 comm="syz-executor.2" path="/dev/binderfs/binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   32.478901][  T630] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   32.488040][   T28] audit: type=1400 audit(1718627128.416:152): avc:  denied  { ioctl } for  pid=634 comm="syz-executor.2" path="/dev/binderfs/binder0" dev="binder" ino=4 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   32.513998][   T28] audit: type=1400 audit(1718627128.426:153): avc:  denied  { set_context_mgr } for  pid=634 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[   32.533927][  T630] F2FS-fs (loop1): invalid crc value
[   32.554875][  T630] F2FS-fs (loop1): Found nat_bits in checkpoint
[   32.717653][  T655] loop3: detected capacity change from 0 to 1024
[   32.726867][  T655] EXT4-fs: Ignoring removed orlov option
[   32.739666][  T655] EXT4-fs: Ignoring removed nomblk_io_submit option
[   32.746551][  T630] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   32.753945][  T630] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   32.773072][  T655] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   32.906329][  T675] loop0: detected capacity change from 0 to 256
[   32.988582][   T19] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   33.182349][  T691] bridge0: port 1(bridge_slave_0) entered blocking state
[   33.189272][  T691] bridge0: port 1(bridge_slave_0) entered disabled state
[   33.196623][  T691] device bridge_slave_0 entered promiscuous mode
[   33.208366][  T691] bridge0: port 2(bridge_slave_1) entered blocking state
[   33.215438][  T691] bridge0: port 2(bridge_slave_1) entered disabled state
[   33.223042][  T691] device bridge_slave_1 entered promiscuous mode
[   33.274672][   T10] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[   33.285317][   T10] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[   33.361504][  T691] bridge0: port 2(bridge_slave_1) entered blocking state
[   33.368390][  T691] bridge0: port 2(bridge_slave_1) entered forwarding state
[   33.375601][  T691] bridge0: port 1(bridge_slave_0) entered blocking state
[   33.382447][  T691] bridge0: port 1(bridge_slave_0) entered forwarding state
[   33.389691][   T19] usb 5-1: config 1 has an invalid descriptor of length 102, skipping remainder of the config
[   33.411360][   T19] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[   33.448119][  T426] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   33.460718][  T426] bridge0: port 1(bridge_slave_0) entered disabled state
[   33.471117][  T426] bridge0: port 2(bridge_slave_1) entered disabled state
[   33.487922][  T424] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   33.496413][  T424] bridge0: port 1(bridge_slave_0) entered blocking state
[   33.498681][   T19] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   33.503276][  T424] bridge0: port 1(bridge_slave_0) entered forwarding state
[   33.512352][   T19] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   33.527224][   T19] usb 5-1: SerialNumber: syz
[   33.533984][  T424] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   33.544445][  T312] EXT4-fs (loop3): unmounting filesystem.
[   33.555223][  T424] bridge0: port 2(bridge_slave_1) entered blocking state
[   33.562102][  T424] bridge0: port 2(bridge_slave_1) entered forwarding state
[   33.570206][  T424] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   33.577965][  T424] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   33.601524][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   33.616804][  T728] loop3: detected capacity change from 0 to 512
[   33.627162][  T691] device veth0_vlan entered promiscuous mode
[   33.630894][  T728] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #15: comm syz-executor.3: casefold flag without casefold feature
[   33.634251][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   33.650119][  T728] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: inode #2: comm syz-executor.3: missing EA_INODE flag
[   33.665507][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   33.672820][  T728] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz-executor.3: error while reading EA inode 2 err=-117
[   33.672916][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   33.685785][  T728] EXT4-fs (loop3): 1 orphan inode deleted
[   33.704973][  T728] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   33.716508][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   33.766315][  T691] device veth1_macvtap entered promiscuous mode
[   33.776968][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   33.789294][   T19] usb 5-1: 0:2 : does not exist
[   33.833635][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   33.847155][  T505] device bridge_slave_1 left promiscuous mode
[   33.853317][  T505] bridge0: port 2(bridge_slave_1) entered disabled state
[   33.860734][  T505] device bridge_slave_0 left promiscuous mode
[   33.866699][  T505] bridge0: port 1(bridge_slave_0) entered disabled state
[   33.878025][  T505] device veth1_macvtap left promiscuous mode
[   34.365465][  T505] device veth0_vlan left promiscuous mode
[   34.477267][  T312] EXT4-fs (loop3): unmounting filesystem.
[   34.492591][  T746] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[   34.609587][   T39] usb 5-1: USB disconnect, device number 2
[   34.894102][  T759] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[   34.936533][  T767] loop3: detected capacity change from 0 to 256
[   34.955317][  T767] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x600cbf0d, utbl_chksum : 0xe619d30d)
[   34.974129][  T767] exFAT-fs (loop3): failed to load alloc-bitmap
[   34.982391][  T767] exFAT-fs (loop3): failed to recognize exfat type
[   34.999657][  T771] ------------[ cut here ]------------
[   35.004404][  T774] loop1: detected capacity change from 0 to 256
[   35.004983][  T771] WARNING: CPU: 1 PID: 771 at arch/x86/kvm/x86.c:11195 kvm_arch_vcpu_ioctl_run+0x2094/0x2270
[   35.021210][  T771] Modules linked in:
[   35.024913][  T771] CPU: 1 PID: 771 Comm: syz-executor.2 Not tainted 6.1.78-syzkaller-00010-gc0618d182a9c #0
[   35.034762][  T771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[   35.044645][  T771] RIP: 0010:kvm_arch_vcpu_ioctl_run+0x2094/0x2270
[   35.050890][  T771] Code: a4 e9 ff ff e8 5d 17 ac 00 e9 9a e9 ff ff 89 f9 80 e1 07 38 c1 0f 8c b0 e9 ff ff e8 46 17 ac 00 e9 a6 e9 ff ff e8 9c 19 65 00 <0f> 0b e9 6b f9 ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c a7 f8 ff
[   35.070411][  T771] RSP: 0018:ffffc90000d17be0 EFLAGS: 00010287
[   35.076280][  T771] RAX: ffffffff81105a64 RBX: 0000000000000000 RCX: 0000000000040000
[   35.084123][  T771] RDX: ffffc9000a189000 RSI: 0000000000000040 RDI: 0000000000000041
[   35.091920][  T771] RBP: ffffc90000d17cf0 R08: ffffffff81178516 R09: ffffed102505b001
[   35.099761][  T771] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff888131cd6000
[   35.107879][  T771] R13: ffff88811bb04980 R14: dffffc0000000000 R15: ffff88811bb04a08
[   35.115731][  T771] FS:  00007fcdad7a16c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[   35.124601][  T771] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   35.131109][  T771] CR2: 0000001b2e72d000 CR3: 00000001312ec000 CR4: 00000000003526a0
[   35.139001][  T771] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   35.146971][  T771] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   35.154839][  T771] Call Trace:
[   35.158086][  T771]  <TASK>
[   35.160909][  T771]  ? show_regs+0x58/0x60
[   35.164939][  T771]  ? __warn+0x160/0x3d0
[   35.168956][  T771]  ? kvm_arch_vcpu_ioctl_run+0x2094/0x2270
[   35.174571][  T771]  ? report_bug+0x4d5/0x7d0
[   35.178951][  T771]  ? kvm_arch_vcpu_ioctl_run+0x2094/0x2270
[   35.184839][  T771]  ? handle_bug+0x41/0x70
[   35.189396][  T771]  ? exc_invalid_op+0x1b/0x50
[   35.193902][  T771]  ? asm_exc_invalid_op+0x1b/0x20
[   35.198882][  T771]  ? kvm_lapic_hv_timer_in_use+0x66/0xc0
[   35.204439][  T771]  ? kvm_arch_vcpu_ioctl_run+0x2094/0x2270
[   35.210105][  T771]  ? kvm_arch_vcpu_ioctl_run+0x2094/0x2270
[   35.215714][  T771]  ? memcpy+0x56/0x70
[   35.219679][  T771]  ? mutex_lock_killable+0xb1/0x1e0
[   35.224749][  T771]  ? __kvm_request_immediate_exit+0x70/0x70
[   35.230499][  T771]  kvm_vcpu_ioctl+0x7eb/0xcf0
[   35.234984][  T771]  ? xa_release+0x40/0x40
[   35.239191][  T771]  ? selinux_file_ioctl+0x3cc/0x540
[   35.244179][  T771]  ? selinux_file_alloc_security+0x120/0x120
[   35.250093][  T771]  ? __fget_files+0x2cb/0x330
[   35.254638][  T771]  ? security_file_ioctl+0x84/0xb0
[   35.259599][  T771]  ? xa_release+0x40/0x40
[   35.263731][  T771]  __se_sys_ioctl+0x114/0x190
[   35.268242][  T771]  __x64_sys_ioctl+0x7b/0x90
[   35.272723][  T771]  do_syscall_64+0x3d/0xb0
[   35.276934][  T771]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   35.282704][  T771] RIP: 0033:0x7fcdaca7cf29
[   35.286904][  T771] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   35.306397][  T771] RSP: 002b:00007fcdad7a10c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   35.314607][  T771] RAX: ffffffffffffffda RBX: 00007fcdacbb3f80 RCX: 00007fcdaca7cf29
[   35.322729][  T771] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[   35.330500][  T771] RBP: 00007fcdacaec074 R08: 0000000000000000 R09: 0000000000000000
[   35.338376][  T771] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   35.346324][  T771] R13: 000000000000000b R14: 00007fcdacbb3f80 R15: 00007ffefc1f3638
[   35.354123][  T771]  </TASK>
[   35.356956][  T771] ---[ end trace 0000000000000000 ]---
[   35.417056][  T784] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[   35.499354][  T794] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[   35.575448][  T803] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[   36.159045][  T813] loop3: detected capacity change from 0 to 1024
[   36.166420][  T813] EXT4-fs: Ignoring removed orlov option
[   36.172593][  T813] EXT4-fs (loop3): Test dummy encryption mode enabled
[   36.182742][  T813] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   36.195086][  T813] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[   36.207706][  T813] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[   36.227348][  T822] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[   36.238926][  T824] loop2: detected capacity change from 0 to 256
[   36.251775][  T312] EXT4-fs (loop3): unmounting filesystem.
[   36.255058][  T824] FAT-fs (loop2): Directory bread(block 64) failed
[   36.264181][  T824] FAT-fs (loop2): Directory bread(block 65) failed
[   36.270838][  T824] FAT-fs (loop2): Directory bread(block 66) failed
[   36.277525][  T824] FAT-fs (loop2): Directory bread(block 67) failed
[   36.284434][  T824] FAT-fs (loop2): Directory bread(block 68) failed
[   36.291328][  T824] FAT-fs (loop2): Directory bread(block 69) failed
[   36.297765][  T824] FAT-fs (loop2): Directory bread(block 70) failed
[   36.304589][  T824] FAT-fs (loop2): Directory bread(block 71) failed
[   36.311205][  T824] FAT-fs (loop2): Directory bread(block 72) failed
[   36.317653][  T824] FAT-fs (loop2): Directory bread(block 73) failed
[   36.357711][  T824] syz-executor.2: attempt to access beyond end of device
[   36.357711][  T824] loop2: rw=0, sector=1768, nr_sectors = 4 limit=256
[   36.372085][  T824] process 'syz-executor.2' launched '/dev/fd/6/./file1' with NULL argv: empty string added
[   36.388768][  T824] syz-executor.2: attempt to access beyond end of device
[   36.388768][  T824] loop2: rw=0, sector=1768, nr_sectors = 4 limit=256
[   36.402561][   T28] kauditd_printk_skb: 210 callbacks suppressed
[   36.402914][   T28] audit: type=1400 audit(1718627132.446:364): avc:  denied  { create } for  pid=829 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   36.439100][  T824] Buffer I/O error on dev loop2, logical block 442, async page read
[   36.645381][   T28] audit: type=1400 audit(1718627132.446:365): avc:  denied  { read } for  pid=829 comm="syz-executor.0" dev="sockfs" ino=16058 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   36.669027][  T834] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[   36.680012][  T838] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[   36.729680][  T845] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[   36.754850][  T855] loop3: detected capacity change from 0 to 512
[   36.773945][  T855] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   36.775005][  T867] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[   36.782956][  T855] ext4 filesystem being mounted at /root/syzkaller-testdir2489868763/syzkaller.ONNc7G/35/bus supports timestamps until 2038 (0x7fffffff)
[   36.816466][  T863] loop2: detected capacity change from 0 to 256
[   36.827683][  T863] FAT-fs (loop2): Directory bread(block 64) failed
[   36.834155][  T863] FAT-fs (loop2): Directory bread(block 65) failed
[   36.840631][  T863] FAT-fs (loop2): Directory bread(block 66) failed
[   36.847034][  T863] FAT-fs (loop2): Directory bread(block 67) failed
[   36.853397][  T863] FAT-fs (loop2): Directory bread(block 68) failed
[   36.860062][  T863] FAT-fs (loop2): Directory bread(block 69) failed
[   36.866451][  T863] FAT-fs (loop2): Directory bread(block 70) failed
[   36.872972][  T863] FAT-fs (loop2): Directory bread(block 71) failed
[   36.879704][  T863] FAT-fs (loop2): Directory bread(block 72) failed
[   36.886127][  T863] FAT-fs (loop2): Directory bread(block 73) failed
[   36.907589][  T863] syz-executor.2: attempt to access beyond end of device
[   36.907589][  T863] loop2: rw=0, sector=1768, nr_sectors = 4 limit=256
[   36.921812][  T863] syz-executor.2: attempt to access beyond end of device
[   36.921812][  T863] loop2: rw=0, sector=1768, nr_sectors = 4 limit=256
[   36.935380][  T863] Buffer I/O error on dev loop2, logical block 442, async page read
[   37.432152][  T905] loop1: detected capacity change from 0 to 512
[   37.469428][  T905] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   37.488515][  T905] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[   37.503681][  T905] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[   37.790684][  T905] EXT4-fs error (device loop1): __ext4_get_inode_loc:4497: comm syz-executor.1: Invalid inode table block 0 in block_group 0
[   37.804042][  T312] EXT4-fs (loop3): unmounting filesystem.
[   37.804899][  T905] EXT4-fs (loop1): get root inode failed
[   37.816287][  T905] EXT4-fs (loop1): mount failed
[   37.826005][  T907] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.833454][  T907] bridge0: port 1(bridge_slave_0) entered disabled state
[   37.834760][   T28] audit: type=1400 audit(1718627133.886:366): avc:  denied  { read } for  pid=913 comm="syz-executor.3" name="event0" dev="devtmpfs" ino=168 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   37.841017][  T907] device bridge_slave_0 entered promiscuous mode
[   37.894099][  T919] loop1: detected capacity change from 0 to 256
[   37.901376][   T28] audit: type=1400 audit(1718627133.926:367): avc:  denied  { open } for  pid=913 comm="syz-executor.3" path="/dev/input/event0" dev="devtmpfs" ino=168 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   37.911360][  T919] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x600cbf0d, utbl_chksum : 0xe619d30d)
[   37.926254][   T28] audit: type=1400 audit(1718627133.926:368): avc:  denied  { ioctl } for  pid=913 comm="syz-executor.3" path="/dev/input/event0" dev="devtmpfs" ino=168 ioctlcmd=0x4519 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   37.956584][  T919] exFAT-fs (loop1): failed to load alloc-bitmap
[   37.972969][  T907] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.980708][  T919] exFAT-fs (loop1): failed to recognize exfat type
[   37.985741][  T907] bridge0: port 2(bridge_slave_1) entered disabled state
[   37.994722][  T907] device bridge_slave_1 entered promiscuous mode
[   38.046848][   T28] audit: type=1326 audit(1718627134.096:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=925 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe47907cf29 code=0x7ffc0000
[   38.086322][   T28] audit: type=1326 audit(1718627134.126:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=925 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe47907cf29 code=0x7ffc0000
[   38.123302][   T28] audit: type=1326 audit(1718627134.126:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=925 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe47907cf29 code=0x7ffc0000
[   38.147211][   T28] audit: type=1326 audit(1718627134.126:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=925 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe47907cf29 code=0x7ffc0000
[   38.171013][   T28] audit: type=1326 audit(1718627134.126:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=925 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe47907cf29 code=0x7ffc0000
[   38.226364][  T907] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.233258][  T907] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.240367][  T907] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.247219][  T907] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.301876][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   38.310047][   T24] bridge0: port 1(bridge_slave_0) entered disabled state
[   38.328039][   T24] bridge0: port 2(bridge_slave_1) entered disabled state
[   38.361215][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   38.369826][   T24] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.377239][   T24] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.509780][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   38.548925][   T24] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.555816][   T24] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.574690][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   38.583714][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   38.598427][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   38.609744][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   38.624723][  T907] device veth0_vlan entered promiscuous mode
[   38.631594][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   38.639818][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   38.660575][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   38.670115][  T940] loop3: detected capacity change from 0 to 40427
[   38.672830][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   38.677885][  T940] F2FS-fs (loop3): invalid crc value
[   38.684174][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   38.691327][  T940] F2FS-fs (loop3): Found nat_bits in checkpoint
[   38.696751][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   38.711555][  T907] device veth1_macvtap entered promiscuous mode
[   38.734601][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   38.736379][  T940] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[   38.742293][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   38.757718][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   38.766449][  T312] syz-executor.3: attempt to access beyond end of device
[   38.766449][  T312] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   38.784440][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   38.793085][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   38.808837][    T8] device bridge_slave_1 left promiscuous mode
[   38.815727][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   38.823334][    T8] device bridge_slave_0 left promiscuous mode
[   38.829441][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   38.837373][    T8] device veth1_macvtap left promiscuous mode
[   38.843647][    T8] device veth0_vlan left promiscuous mode
[   39.063503][  T981] device pim6reg1 entered promiscuous mode
[   39.173740][  T988] loop1: detected capacity change from 0 to 512
[   39.198895][  T988] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   39.225415][  T313] EXT4-fs (loop1): unmounting filesystem.
[   39.259521][  T993] loop1: detected capacity change from 0 to 512
[   39.291456][  T993] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   39.304589][  T993] ext4 filesystem being mounted at /root/syzkaller-testdir854693184/syzkaller.U7QeL1/46/bus supports timestamps until 2038 (0x7fffffff)
[   40.052728][ T1017] device pim6reg1 entered promiscuous mode
[   40.122831][  T313] EXT4-fs (loop1): unmounting filesystem.
[   40.148569][  T333] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   40.186262][  T990] loop4: detected capacity change from 0 to 131072
[   40.198902][  T990] F2FS-fs (loop4): Found nat_bits in checkpoint
[   40.234503][  T990] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   40.355956][ T1036] loop1: detected capacity change from 0 to 512
[   40.362920][ T1036] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[   40.499438][ T1036] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[   40.545682][ T1036] EXT4-fs error (device loop1): __ext4_get_inode_loc:4497: comm syz-executor.1: Invalid inode table block 0 in block_group 0
[   40.590859][ T1036] EXT4-fs (loop1): get root inode failed
[   40.596420][ T1036] EXT4-fs (loop1): mount failed
[   40.658518][  T426] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   40.708877][  T333] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   40.719856][  T333] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   40.729450][  T333] usb 4-1: New USB device found, idVendor=172f, idProduct=0032, bcdDevice= 0.00
[   40.738328][  T333] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   40.746828][  T333] usb 4-1: config 0 descriptor??
[   40.769128][ T1052] loop1: detected capacity change from 0 to 512
[   40.780454][ T1052] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   40.789480][ T1052] ext4 filesystem being mounted at /root/syzkaller-testdir854693184/syzkaller.U7QeL1/52/bus supports timestamps until 2038 (0x7fffffff)
[   41.208796][  T426] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   41.219739][  T426] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   41.229447][  T426] usb 3-1: New USB device found, idVendor=172f, idProduct=0032, bcdDevice= 0.00
[   41.238721][  T426] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   41.247081][  T426] usb 3-1: config 0 descriptor??
[   41.397358][ T1007] loop3: detected capacity change from 0 to 4096
[   41.404436][ T1007] EXT4-fs (loop3): Test dummy encryption mode enabled
[   41.412747][ T1007] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   41.429935][  T333] waltop 0003:172F:0032.0003: hidraw0: USB HID v0.00 Device [HID 172f:0032] on usb-dummy_hcd.3-1/input0
[   41.479230][   T28] kauditd_printk_skb: 140 callbacks suppressed
[   41.479245][   T28] audit: type=1400 audit(1718627137.536:514): avc:  denied  { mounton } for  pid=1066 comm="syz-executor.4" path="/root/syzkaller-testdir2558643071/syzkaller.y18Dw7/10/file0" dev="sda1" ino=1964 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=file permissive=1
[   41.561941][   T28] audit: type=1400 audit(1718627137.616:515): avc:  denied  { mount } for  pid=1070 comm="syz-executor.4" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[   41.584225][   T28] audit: type=1326 audit(1718627137.616:516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1070 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb8187cf29 code=0x7ffc0000
[   41.608310][   T28] audit: type=1326 audit(1718627137.616:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1070 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb8187cf29 code=0x7ffc0000
[   41.635246][   T28] audit: type=1326 audit(1718627137.616:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1070 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffb8187cf29 code=0x7ffc0000
[   41.661974][  T313] EXT4-fs (loop1): unmounting filesystem.
[   41.664545][   T28] audit: type=1326 audit(1718627137.616:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1070 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb8187cf29 code=0x7ffc0000
[   41.691733][   T28] audit: type=1326 audit(1718627137.616:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1070 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb8187cf29 code=0x7ffc0000
[   41.715777][   T28] audit: type=1326 audit(1718627137.616:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1070 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffb8187cf29 code=0x7ffc0000
[   41.740458][   T28] audit: type=1326 audit(1718627137.716:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1070 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb8187cf29 code=0x7ffc0000
[   41.769724][  T426] waltop 0003:172F:0032.0004: hidraw1: USB HID v0.00 Device [HID 172f:0032] on usb-dummy_hcd.2-1/input0
[   41.781665][   T28] audit: type=1326 audit(1718627137.736:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1070 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=78 compat=0 ip=0x7ffb8187cf29 code=0x7ffc0000
[   42.258260][  T333] usb 3-1: USB disconnect, device number 2
[   42.292624][  T426] usb 4-1: USB disconnect, device number 2
[   43.233579][  T312] EXT4-fs (loop3): unmounting filesystem.
[   43.419650][ T1114] loop1: detected capacity change from 0 to 256
[   43.448531][  T426] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   43.719139][ T1135] syz-executor.3 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   43.808576][  T426] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   43.819523][  T426] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   43.829250][  T426] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[   43.838346][  T426] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   43.846879][  T426] usb 5-1: config 0 descriptor??
[   44.628535][  T333] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   45.045845][ T1197] xt_CONNSECMARK: invalid mode: 0
[   45.396987][  T426] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:256C:006D.0005/input/input4
[   45.408549][  T333] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   45.419266][  T333] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   45.429253][  T333] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[   45.438570][  T426] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:256C:006D.0005/input/input5
[   45.450214][  T333] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   45.459160][  T426] input: HID 256c:006d Touch Strip as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:256C:006D.0005/input/input6
[   45.471608][  T333] usb 2-1: config 0 descriptor??
[   45.489140][  T426] input: HID 256c:006d Dial as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:256C:006D.0005/input/input7
[   45.515559][  T426] uclogic 0003:256C:006D.0005: input,hiddev96,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.4-1/input0
[   45.528652][  T426] usb 5-1: USB disconnect, device number 3
[   46.288345][  T333] hid (null): bogus close delimiter
[   46.310688][ T1220] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.317780][ T1220] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.325018][ T1220] device bridge_slave_0 entered promiscuous mode
[   46.333365][ T1220] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.340305][ T1220] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.347522][ T1220] device bridge_slave_1 entered promiscuous mode
[   46.396241][ T1220] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.403133][ T1220] bridge0: port 2(bridge_slave_1) entered forwarding state
[   46.410257][ T1220] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.417126][ T1220] bridge0: port 1(bridge_slave_0) entered forwarding state
[   46.428547][  T333] usb 2-1: language id specifier not provided by device, defaulting to English
[   46.456163][  T809] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   46.463858][  T809] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.472587][  T809] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.485814][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   46.494922][   T60] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.501839][   T60] bridge0: port 1(bridge_slave_0) entered forwarding state
[   46.509164][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   46.517127][   T60] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.523977][   T60] bridge0: port 2(bridge_slave_1) entered forwarding state
[   46.541659][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   46.549440][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   46.560859][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   46.572381][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   46.580262][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   46.587558][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   46.597045][ T1220] device veth0_vlan entered promiscuous mode
[   46.607017][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   46.616210][ T1220] device veth1_macvtap entered promiscuous mode
[   46.625650][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   46.636860][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   46.849558][  T505] device bridge_slave_1 left promiscuous mode
[   46.855680][  T505] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.863012][  T505] device bridge_slave_0 left promiscuous mode
[   46.869116][  T505] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.876804][  T505] device veth1_macvtap left promiscuous mode
[   46.882861][  T505] device veth0_vlan left promiscuous mode
[   46.966655][ T1253] xt_CONNSECMARK: invalid mode: 0
[   47.132218][  T333] uclogic 0003:256C:006D.0006: interface is invalid, ignoring
[   47.191470][ T1058] usb 2-1: USB disconnect, device number 2
[   47.498278][  T333] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[   47.517375][   T28] kauditd_printk_skb: 281 callbacks suppressed
[   47.517389][   T28] audit: type=1400 audit(2000000003.799:805): avc:  denied  { write } for  pid=1262 comm="syz-executor.2" name="ip6_flowlabel" dev="proc" ino=4026533022 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[   47.719052][   T28] audit: type=1400 audit(2000000004.009:806): avc:  denied  { create } for  pid=1277 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   47.738913][   T28] audit: type=1400 audit(2000000004.009:807): avc:  denied  { setopt } for  pid=1277 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   48.108582][  T333] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   48.119380][  T333] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   48.129211][  T333] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[   48.138313][  T333] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   48.146968][  T333] usb 4-1: config 0 descriptor??
[   48.347072][   T28] audit: type=1400 audit(2000000004.629:808): avc:  denied  { ioctl } for  pid=1312 comm="syz-executor.4" path="socket:[17284]" dev="sockfs" ino=17284 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   48.403307][ T1315] geneve1: tun_chr_ioctl cmd 1074025681
[   48.407775][   T28] audit: type=1400 audit(2000000004.659:809): avc:  denied  { bind } for  pid=1312 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   48.821023][   T28] audit: type=1400 audit(2000000005.109:810): avc:  denied  { write } for  pid=1327 comm="syz-executor.4" name="kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   48.878027][ T1328] kvm: emulating exchange as write
[   49.102726][   T28] audit: type=1400 audit(2000000005.389:811): avc:  denied  { read } for  pid=1340 comm="syz-executor.0" name="ppp" dev="devtmpfs" ino=138 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   49.157959][   T28] audit: type=1400 audit(2000000005.419:812): avc:  denied  { open } for  pid=1340 comm="syz-executor.0" path="/dev/ppp" dev="devtmpfs" ino=138 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   49.188576][   T28] audit: type=1400 audit(2000000005.419:813): avc:  denied  { ioctl } for  pid=1340 comm="syz-executor.0" path="/dev/ppp" dev="devtmpfs" ino=138 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   49.285357][ T1347] 9pnet: Unknown protocol version 9p2000.ڴ>;1��gˏӟ?�u
[   49.294881][ T1347] cgroup: Bad value for 'name'
[   49.331267][   T28] audit: type=1400 audit(2000000005.439:814): avc:  denied  { remount } for  pid=1343 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   49.362211][ T1347] loop2: detected capacity change from 0 to 512
[   49.571533][ T1347] EXT4-fs (loop2): orphan cleanup on readonly fs
[   49.601794][ T1347] EXT4-fs (loop2): 1 orphan inode deleted
[   49.644689][  T333] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0007/input/input8
[   49.657166][  T333] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0007/input/input9
[   49.669649][  T333] input: HID 256c:006d Touch Strip as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0007/input/input10
[   49.682977][  T333] input: HID 256c:006d Dial as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0007/input/input11
[   49.709738][  T333] uclogic 0003:256C:006D.0007: input,hiddev96,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.3-1/input0
[   49.739962][  T333] usb 4-1: USB disconnect, device number 3
[   49.746534][ T1347] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   49.861489][ T1351] loop0: detected capacity change from 0 to 40427
[   49.869023][ T1351] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[   49.877379][ T1351] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   49.974094][ T1351] F2FS-fs (loop0): Found nat_bits in checkpoint
[   50.023087][  T691] EXT4-fs (loop2): unmounting filesystem.
[   50.094478][ T1363] xt_CONNSECMARK: invalid mode: 0
[   50.249314][ T1351] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[   50.267110][ T1351] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   50.297480][ T1371] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[   50.576596][ T1388] device veth0_vlan left promiscuous mode
[   50.585017][ T1388] device veth0_vlan entered promiscuous mode
[   50.946052][ T1406] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[   51.044612][ T1414] Illegal XDP return value 4294967274 on prog  (id 307) dev N/A, expect packet loss!
[   51.047839][ T1404] loop2: detected capacity change from 0 to 40427
[   51.062271][ T1404] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[   51.074360][ T1404] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   51.088817][ T1404] F2FS-fs (loop2): Found nat_bits in checkpoint
[   51.226295][ T1427] loop0: detected capacity change from 0 to 256
[   51.235623][ T1426] EXT4-fs (sda1): re-mounted. Quota mode: none.
[   51.247065][ T1404] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   51.254150][ T1404] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   51.264487][ T1427] exfat: Deprecated parameter 'utf8'
[   51.300247][ T1427] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x5040162d, utbl_chksum : 0xe619d30d)
[   51.345542][ T1434] geneve1: tun_chr_ioctl cmd 1074025681
[   52.193253][ T1479] loop1: detected capacity change from 0 to 512
[   52.215528][ T1486] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   52.217331][ T1462] loop0: detected capacity change from 0 to 40427
[   52.224677][ T1486] FAT-fs (loop5): unable to read boot sector
[   52.232014][ T1479] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   52.246710][ T1462] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[   52.255838][ T1479] ext4 filesystem being mounted at /root/syzkaller-testdir854693184/syzkaller.U7QeL1/79/file0 supports timestamps until 2038 (0x7fffffff)
[   52.260442][   T60] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   52.277013][ T1462] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   52.292302][   T60] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   52.296360][ T1479] EXT4-fs error (device loop1): ext4_do_update_inode:5212: inode #2: comm syz-executor.1: corrupted inode contents
[   52.302970][   T60] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   52.311947][ T1479] EXT4-fs error (device loop1): ext4_dirty_inode:6074: inode #2: comm syz-executor.1: mark_inode_dirty error
[   52.331152][ T1479] EXT4-fs error (device loop1): ext4_do_update_inode:5212: inode #2: comm syz-executor.1: corrupted inode contents
[   52.335568][   T60] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   52.343391][ T1479] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #2: comm syz-executor.1: mark_inode_dirty error
[   52.362760][ T1462] F2FS-fs (loop0): Found nat_bits in checkpoint
[   52.376659][   T60] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   52.403491][  T313] EXT4-fs (loop1): unmounting filesystem.
[   52.409450][ T1462] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[   52.409500][   T60] hid-generic 0000:0000:0000.0008: hidraw0: <UNKNOWN> HID v0.00 Device [] on 
[   52.417403][ T1462] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   52.593768][ T1519] loop2: detected capacity change from 0 to 256
[   52.625917][   T28] kauditd_printk_skb: 397 callbacks suppressed
[   52.625932][   T28] audit: type=1326 audit(2000000008.909:1212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1520 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddbac7cf29 code=0x7ffc0000
[   52.682342][   T28] audit: type=1326 audit(2000000008.909:1213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1520 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fddbac7cf29 code=0x7ffc0000
[   52.688070][ T1523] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   52.727696][   T28] audit: type=1326 audit(2000000008.909:1214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1520 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddbac7cf29 code=0x7ffc0000
[   52.730366][ T1523] FAT-fs (loop3): unable to read boot sector
[   52.759299][   T28] audit: type=1326 audit(2000000008.909:1215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1520 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fddbac7cf29 code=0x7ffc0000
[   52.799003][   T28] audit: type=1326 audit(2000000008.949:1216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1520 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddbac7cf29 code=0x7ffc0000
[   52.898521][   T28] audit: type=1326 audit(2000000008.949:1217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1520 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fddbac7a6a7 code=0x7ffc0000
[   52.948300][   T28] audit: type=1326 audit(2000000008.949:1218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1520 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fddbac40379 code=0x7ffc0000
[   53.005936][   T28] audit: type=1326 audit(2000000008.949:1219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1520 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fddbac7a6a7 code=0x7ffc0000
[   53.088955][   T28] audit: type=1326 audit(2000000008.949:1220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1520 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fddbac40379 code=0x7ffc0000
[   53.164770][   T28] audit: type=1326 audit(2000000008.949:1221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1520 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fddbac7a6a7 code=0x7ffc0000
[   53.409547][ T1553] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[   53.751173][ T1571] device veth0_vlan left promiscuous mode
[   53.759461][ T1571] device veth0_vlan entered promiscuous mode
[   53.854456][ T1573] loop3: detected capacity change from 0 to 128
[   53.861809][ T1573] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   53.873861][ T1573] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   53.915221][ T1579] loop3: detected capacity change from 0 to 512
[   53.930768][ T1579] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   53.939739][ T1579] ext4 filesystem being mounted at /root/syzkaller-testdir2489868763/syzkaller.ONNc7G/87/file0 supports timestamps until 2038 (0x7fffffff)
[   53.957339][ T1579] EXT4-fs error (device loop3): ext4_do_update_inode:5212: inode #2: comm syz-executor.3: corrupted inode contents
[   53.969714][ T1579] EXT4-fs error (device loop3): ext4_dirty_inode:6074: inode #2: comm syz-executor.3: mark_inode_dirty error
[   53.981476][ T1579] EXT4-fs error (device loop3): ext4_do_update_inode:5212: inode #2: comm syz-executor.3: corrupted inode contents
[   53.993691][ T1579] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #2: comm syz-executor.3: mark_inode_dirty error
[   54.015611][  T312] EXT4-fs (loop3): unmounting filesystem.
[   54.343038][ T1600] overlayfs: missing 'lowerdir'
[   54.858503][   T39] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   54.964673][ T1617] syz-executor.3 (pid 1617) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[   55.324174][ T1627] device veth0_vlan left promiscuous mode
[   55.332265][ T1627] device veth0_vlan entered promiscuous mode
[   55.462797][ T1628] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.469833][ T1628] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.476988][ T1628] device bridge_slave_0 entered promiscuous mode
[   55.478548][   T39] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   55.483938][ T1628] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.495231][   T39] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   55.500909][ T1628] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.510409][   T39] usb 3-1: New USB device found, idVendor=172f, idProduct=0032, bcdDevice= 0.00
[   55.517685][ T1628] device bridge_slave_1 entered promiscuous mode
[   55.526133][   T39] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   55.540791][   T39] usb 3-1: config 0 descriptor??
[   55.628846][ T1628] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.635730][ T1628] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.642838][ T1628] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.649622][ T1628] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.740631][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   55.748415][   T60] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.755635][   T60] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.774185][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   55.845150][ T1655] overlayfs: missing 'lowerdir'
[   56.039414][   T60] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.046371][   T60] bridge0: port 1(bridge_slave_0) entered forwarding state
[   56.068097][ T1610] loop2: detected capacity change from 0 to 4096
[   56.075561][ T1610] EXT4-fs (loop2): Test dummy encryption mode enabled
[   56.090032][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   56.091945][ T1610] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   56.098062][   T60] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.113402][   T60] bridge0: port 2(bridge_slave_1) entered forwarding state
[   56.120618][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   56.128764][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   56.130309][   T39] waltop 0003:172F:0032.0009: hidraw0: USB HID v0.00 Device [HID 172f:0032] on usb-dummy_hcd.2-1/input0
[   56.137349][ T1653] loop4: detected capacity change from 0 to 40427
[   56.154318][ T1653] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[   56.162352][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   56.170494][ T1653] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   56.170813][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   56.181335][ T1653] F2FS-fs (loop4): Found nat_bits in checkpoint
[   56.199299][ T1628] device veth0_vlan entered promiscuous mode
[   56.206159][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   56.214002][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   56.222019][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   56.229362][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   56.230383][ T1653] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[   56.249403][ T1653] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[   56.255233][ T1628] device veth1_macvtap entered promiscuous mode
[   56.256252][ T1653] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   56.270762][  T809] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   56.278802][  T809] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   56.288154][  T809] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   56.302897][  T809] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   56.311409][  T809] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   56.320989][ T1058] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   56.329687][ T1058] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   56.349471][  T505] device bridge_slave_1 left promiscuous mode
[   56.355420][  T505] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.402053][  T505] device bridge_slave_0 left promiscuous mode
[   56.408629][  T505] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.416633][  T505] device veth1_macvtap left promiscuous mode
[   56.422564][  T505] device veth0_vlan left promiscuous mode
[   57.404085][ T1709] loop4: detected capacity change from 0 to 512
[   57.423460][ T1709] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   57.433040][ T1709] ext4 filesystem being mounted at /root/syzkaller-testdir2558643071/syzkaller.y18Dw7/58/file0 supports timestamps until 2038 (0x7fffffff)
[   57.461498][ T1709] EXT4-fs error (device loop4): ext4_do_update_inode:5212: inode #2: comm syz-executor.4: corrupted inode contents
[   57.474116][ T1709] EXT4-fs error (device loop4): ext4_dirty_inode:6074: inode #2: comm syz-executor.4: mark_inode_dirty error
[   57.480093][ T1707] loop0: detected capacity change from 0 to 40427
[   57.492591][ T1709] EXT4-fs error (device loop4): ext4_do_update_inode:5212: inode #2: comm syz-executor.4: corrupted inode contents
[   57.493174][ T1707] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[   57.513574][ T1709] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #2: comm syz-executor.4: mark_inode_dirty error
[   57.514353][ T1707] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   57.551816][ T1707] F2FS-fs (loop0): Found nat_bits in checkpoint
[   57.562170][  T907] EXT4-fs (loop4): unmounting filesystem.
[   57.623838][ T1707] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[   57.630987][ T1707] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   57.715578][  T424] usb 3-1: USB disconnect, device number 3
[   57.721415][   T28] kauditd_printk_skb: 138 callbacks suppressed
[   57.721428][   T28] audit: type=1400 audit(2000000014.009:1360): avc:  denied  { create } for  pid=1724 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   57.747696][   T28] audit: type=1400 audit(2000000014.009:1361): avc:  denied  { connect } for  pid=1724 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   57.768252][  T691] EXT4-fs (loop2): unmounting filesystem.
[   57.768418][   T28] audit: type=1400 audit(2000000014.009:1362): avc:  denied  { write } for  pid=1724 comm="syz-executor.4" path="socket:[20065]" dev="sockfs" ino=20065 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   57.797468][   T28] audit: type=1400 audit(2000000014.009:1363): avc:  denied  { create } for  pid=1724 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[   57.818501][   T28] audit: type=1400 audit(2000000014.009:1364): avc:  denied  { ioctl } for  pid=1724 comm="syz-executor.4" path="socket:[19439]" dev="sockfs" ino=19439 ioctlcmd=0x8915 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[   57.844762][   T28] audit: type=1400 audit(2000000014.009:1365): avc:  denied  { mounton } for  pid=1724 comm="syz-executor.4" path="/root/syzkaller-testdir2558643071/syzkaller.y18Dw7/62/file0" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=dir permissive=1
[   57.883513][   T28] audit: type=1400 audit(2000000014.169:1366): avc:  denied  { setopt } for  pid=1728 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   58.170787][ T1745] loop2: detected capacity change from 0 to 40427
[   58.177751][ T1745] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[   58.185425][ T1745] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   58.188507][  T332] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   58.195430][ T1745] F2FS-fs (loop2): Found nat_bits in checkpoint
[   58.223406][ T1745] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   58.230437][ T1745] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   58.289218][   T28] audit: type=1400 audit(2000000014.579:1367): avc:  denied  { write } for  pid=1750 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   58.608703][  T332] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   58.619452][  T332] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   58.628949][  T332] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[   58.637852][  T332] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   58.646075][  T332] usb 1-1: config 0 descriptor??
[   59.128771][  T332] hid (null): bogus close delimiter
[   59.210615][ T1759] tun0: tun_chr_ioctl cmd 1074812118
[   59.278054][ T1774] syz-executor.3[1774] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   59.278124][ T1774] syz-executor.3[1774] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   59.290465][ T1774] bridge: RTM_NEWNEIGH with invalid ether address
[   59.323911][ T1782] loop3: detected capacity change from 0 to 512
[   59.331763][ T1782] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2802e028, mo2=0002]
[   59.339603][ T1782] System zones: 1-12
[   59.344844][ T1782] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz-executor.3: invalid indirect mapped block 8 (level 2)
[   59.348628][  T332] usb 1-1: language id specifier not provided by device, defaulting to English
[   59.360686][ T1782] EXT4-fs (loop3): Remounting filesystem read-only
[   59.373646][ T1782] EXT4-fs (loop3): 1 truncate cleaned up
[   59.379273][ T1782] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   59.392802][   T28] audit: type=1400 audit(2000000015.679:1368): avc:  denied  { mounton } for  pid=1781 comm="syz-executor.3" path="/root/syzkaller-testdir2489868763/syzkaller.ONNc7G/99/file0" dev="loop3" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   59.498905][  T312] EXT4-fs (loop3): unmounting filesystem.
[   59.511199][ T1789] loop2: detected capacity change from 0 to 40427
[   59.520788][ T1789] F2FS-fs (loop2): Found nat_bits in checkpoint
[   59.553478][ T1789] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   59.568872][  T691] syz-executor.2: attempt to access beyond end of device
[   59.568872][  T691] loop2: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[   59.583706][  T691] syz-executor.2: attempt to access beyond end of device
[   59.583706][  T691] loop2: rw=0, sector=45064, nr_sectors = 8 limit=40427
[   59.609623][   T10] kworker/u4:1: attempt to access beyond end of device
[   59.609623][   T10] loop2: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[   59.664087][ T1804] loop3: detected capacity change from 0 to 256
[   59.712342][ T1808] syz-executor.3[1808] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   59.712400][ T1808] syz-executor.3[1808] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   59.725093][ T1808] bridge: RTM_NEWNEIGH with invalid ether address
[   59.828547][  T332] uclogic 0003:256C:006D.000A: interface is invalid, ignoring
[   59.934729][ T1822] bridge0: port 1(bridge_slave_0) entered blocking state
[   59.941680][ T1822] bridge0: port 1(bridge_slave_0) entered disabled state
[   59.948734][ T1820] loop3: detected capacity change from 0 to 40427
[   59.948991][ T1822] device bridge_slave_0 entered promiscuous mode
[   59.957632][ T1820] F2FS-fs (loop3): Found nat_bits in checkpoint
[   59.962022][ T1822] bridge0: port 2(bridge_slave_1) entered blocking state
[   59.974570][ T1822] bridge0: port 2(bridge_slave_1) entered disabled state
[   59.981925][ T1822] device bridge_slave_1 entered promiscuous mode
[   59.997833][ T1820] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   60.025318][  T312] syz-executor.3: attempt to access beyond end of device
[   60.025318][  T312] loop3: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[   60.040068][  T312] syz-executor.3: attempt to access beyond end of device
[   60.040068][  T312] loop3: rw=0, sector=45064, nr_sectors = 8 limit=40427
[   60.057178][  T332] usb 1-1: USB disconnect, device number 3
[   60.072993][  T505] kworker/u4:6: attempt to access beyond end of device
[   60.072993][  T505] loop3: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[   60.100476][ T1822] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.107312][ T1822] bridge0: port 2(bridge_slave_1) entered forwarding state
[   60.114789][ T1822] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.121748][ T1822] bridge0: port 1(bridge_slave_0) entered forwarding state
[   60.139561][ T1831] loop1: detected capacity change from 0 to 256
[   60.146381][ T1058] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   60.154160][ T1058] bridge0: port 1(bridge_slave_0) entered disabled state
[   60.162688][ T1058] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.180413][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   60.188732][   T60] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.195575][   T60] bridge0: port 1(bridge_slave_0) entered forwarding state
[   60.202843][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   60.210869][   T60] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.217701][   T60] bridge0: port 2(bridge_slave_1) entered forwarding state
[   60.227084][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   60.237272][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   60.246318][   T10] device bridge_slave_1 left promiscuous mode
[   60.252501][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.260278][   T10] device bridge_slave_0 left promiscuous mode
[   60.266647][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   60.274612][   T10] device veth1_macvtap left promiscuous mode
[   60.280627][   T10] device veth0_vlan left promiscuous mode
[   60.407155][ T1822] device veth0_vlan entered promiscuous mode
[   60.413439][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   60.421611][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   60.429602][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   60.437071][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   60.454943][ T1839] syz-executor.1[1839] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   60.455012][ T1839] syz-executor.1[1839] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   60.462344][ T1822] device veth1_macvtap entered promiscuous mode
[   60.486592][ T1058] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   60.495357][ T1058] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   60.503661][ T1058] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   60.524430][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   60.532815][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   60.541125][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   60.549289][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   60.620685][ T1837] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.627610][ T1837] bridge0: port 1(bridge_slave_0) entered disabled state
[   60.682059][ T1837] device bridge_slave_0 entered promiscuous mode
[   61.021599][ T1853] device veth0_vlan left promiscuous mode
[   61.033399][ T1853] device veth0_vlan entered promiscuous mode
[   61.371647][ T1837] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.460760][ T1837] bridge0: port 2(bridge_slave_1) entered disabled state
[   61.468070][ T1837] device bridge_slave_1 entered promiscuous mode
[   61.517335][ T1862] loop1: detected capacity change from 0 to 256
[   61.558141][ T1867] syz-executor.1[1867] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   61.558209][ T1867] syz-executor.1[1867] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   61.580997][ T1867] bridge: RTM_NEWNEIGH with invalid ether address
[   61.623654][   T28] audit: type=1400 audit(2000000017.909:1369): avc:  denied  { sqpoll } for  pid=1864 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[   61.643071][ T1865] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[   61.652176][ T1865] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[   61.664059][ T1873] syz-executor.1[1873] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   61.664131][ T1873] syz-executor.1[1873] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   61.694495][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   61.713794][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   61.722795][  T809] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   61.731490][  T809] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   61.745774][  T809] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.752693][  T809] bridge0: port 1(bridge_slave_0) entered forwarding state
[   61.760081][  T809] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   61.792683][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   61.801286][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   61.809461][  T333] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.816421][  T333] bridge0: port 2(bridge_slave_1) entered forwarding state
[   61.823766][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   61.861018][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   61.874661][ T1837] device veth0_vlan entered promiscuous mode
[   61.875747][ T1888] input: syz1 as /devices/virtual/input/input12
[   61.881404][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   61.895337][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   61.902665][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   62.167678][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   62.186028][ T1837] device veth1_macvtap entered promiscuous mode
[   62.193318][ T1058] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   62.201508][ T1895] bridge: RTM_NEWNEIGH with invalid ether address
[   62.214094][  T809] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   62.218203][ T1897] loop2: detected capacity change from 0 to 256
[   62.235351][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   62.497728][ T1916] loop2: detected capacity change from 0 to 40427
[   62.505040][   T10] device bridge_slave_1 left promiscuous mode
[   62.511292][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.518902][   T10] device bridge_slave_0 left promiscuous mode
[   62.520033][ T1916] F2FS-fs (loop2): invalid crc value
[   62.530496][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   62.538981][   T10] device veth1_macvtap left promiscuous mode
[   62.539141][ T1916] F2FS-fs (loop2): Found nat_bits in checkpoint
[   62.548937][   T10] device veth0_vlan left promiscuous mode
[   62.582082][ T1916] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[   62.679755][ T1822] syz-executor.2: attempt to access beyond end of device
[   62.679755][ T1822] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   62.694214][ T1932] loop1: detected capacity change from 0 to 256
[   62.714126][ T1925] loop0: detected capacity change from 0 to 40427
[   62.723041][ T1925] F2FS-fs (loop0): Small segment_count (9 < 1 * 24)
[   62.729600][ T1925] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   62.750272][ T1925] F2FS-fs (loop0): Found nat_bits in checkpoint
[   62.791923][ T1925] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[   62.798857][ T1925] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   62.838670][   T28] kauditd_printk_skb: 5 callbacks suppressed
[   62.838684][   T28] audit: type=1400 audit(2000000019.129:1375): avc:  denied  { write } for  pid=1922 comm="syz-executor.0" name="urandom" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1
[   62.879188][ T1946] serio: Serial port ptm0
[   62.935157][ T1947] overlayfs: "xino" feature enabled using 32 upper inode bits.
[   62.942753][   T28] audit: type=1400 audit(2000000019.219:1376): avc:  denied  { mounton } for  pid=1922 comm="syz-executor.0" path="/root/syzkaller-testdir1562770391/syzkaller.aWYI4a/17/file2/bus" dev="loop0" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   62.964107][ T1942] loop2: detected capacity change from 0 to 40427
[   62.978988][ T1942] F2FS-fs (loop2): Found nat_bits in checkpoint
[   62.995713][ T1628] syz-executor.0: attempt to access beyond end of device
[   62.995713][ T1628] loop0: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[   63.015485][ T1942] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   63.044691][ T1822] syz-executor.2: attempt to access beyond end of device
[   63.044691][ T1822] loop2: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[   63.058985][ T1822] syz-executor.2: attempt to access beyond end of device
[   63.058985][ T1822] loop2: rw=0, sector=45064, nr_sectors = 8 limit=40427
[   63.131551][   T28] audit: type=1400 audit(2000000019.419:1377): avc:  denied  { setattr } for  pid=1954 comm="syz-executor.0" name="file0" dev="sda1" ino=1954 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=chr_file permissive=1
[   63.393006][ T1969] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.400132][ T1969] bridge0: port 1(bridge_slave_0) entered disabled state
[   63.407240][ T1969] device bridge_slave_0 entered promiscuous mode
[   63.414134][ T1969] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.421076][ T1969] bridge0: port 2(bridge_slave_1) entered disabled state
[   63.428234][ T1969] device bridge_slave_1 entered promiscuous mode
[   63.492552][ T1969] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.499452][ T1969] bridge0: port 2(bridge_slave_1) entered forwarding state
[   63.506586][ T1969] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.513459][ T1969] bridge0: port 1(bridge_slave_0) entered forwarding state
[   63.544966][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   63.553159][   T39] bridge0: port 1(bridge_slave_0) entered disabled state
[   63.560419][   T39] bridge0: port 2(bridge_slave_1) entered disabled state
[   63.570633][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   63.583209][   T60] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.590073][   T60] bridge0: port 1(bridge_slave_0) entered forwarding state
[   63.598659][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   63.606787][   T39] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.613649][   T39] bridge0: port 2(bridge_slave_1) entered forwarding state
[   63.631715][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   63.640900][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   63.658289][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   63.664745][   T28] audit: type=1400 audit(2000000019.949:1378): avc:  denied  { getopt } for  pid=1985 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[   63.671065][ T1969] device veth0_vlan entered promiscuous mode
[   63.695315][  T809] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   63.704155][  T809] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   63.719959][  T809] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   63.735816][ T1969] device veth1_macvtap entered promiscuous mode
[   63.754266][  T809] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   63.766845][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   63.783005][   T28] audit: type=1400 audit(2000000020.069:1379): avc:  denied  { setattr } for  pid=1989 comm="syz-executor.0" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   63.807611][  T809] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   63.868338][ T1996] loop2: detected capacity change from 0 to 8192
[   63.919556][   T10] device bridge_slave_1 left promiscuous mode
[   63.925586][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   63.938836][   T10] device bridge_slave_0 left promiscuous mode
[   63.944846][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   63.952768][   T10] device veth1_macvtap left promiscuous mode
[   63.958716][   T10] device veth0_vlan left promiscuous mode
[   64.038500][ T1058] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   64.213128][ T2009] loop2: detected capacity change from 0 to 512
[   64.252597][   T28] audit: type=1400 audit(2000000020.539:1380): avc:  denied  { setopt } for  pid=2007 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   64.253018][ T2009] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[   64.273232][   T28] audit: type=1400 audit(2000000020.539:1381): avc:  denied  { nlmsg_read } for  pid=2007 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   64.302827][ T1058] usb 2-1: Using ep0 maxpacket: 32
[   64.307994][   T28] audit: type=1400 audit(2000000020.599:1382): avc:  denied  { connect } for  pid=2007 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   64.327896][   T28] audit: type=1400 audit(2000000020.599:1383): avc:  denied  { getopt } for  pid=2007 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   64.418535][ T1058] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   64.429276][ T1058] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   64.438790][ T1058] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[   64.451434][ T1058] usb 2-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00
[   64.460241][ T1058] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   64.468723][ T1058] usb 2-1: config 0 descriptor??
[   64.710993][ T1992] loop1: detected capacity change from 0 to 512
[   64.719434][ T1992] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #15: comm syz-executor.1: casefold flag without casefold feature
[   64.732892][ T1992] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #2: comm syz-executor.1: missing EA_INODE flag
[   64.744771][ T1992] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz-executor.1: error while reading EA inode 2 err=-117
[   64.757789][ T1992] EXT4-fs (loop1): 1 orphan inode deleted
[   64.764039][ T1992] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   64.773410][ T2019] serio: Serial port ptm0
[   64.775836][   T28] audit: type=1400 audit(2000000021.059:1384): avc:  denied  { link } for  pid=1991 comm="syz-executor.1" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   64.780100][ T1992] overlayfs: unrecognized mount option "appraise_type=imasig" or missing value
[   65.086434][ T2029] loop2: detected capacity change from 0 to 8192
[   65.386496][ T1992] 9pnet_fd: Insufficient options for proto=fd
[   65.478558][ T1058] usbhid 2-1:0.0: can't add hid device: -71
[   65.484301][ T1058] usbhid: probe of 2-1:0.0 failed with error -71
[   65.491052][ T1058] usb 2-1: USB disconnect, device number 3
[   65.652504][ T2035] loop3: detected capacity change from 0 to 40427
[   65.661065][ T2035] F2FS-fs (loop3): Small segment_count (9 < 1 * 24)
[   65.667511][ T2035] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[   65.678052][ T2035] F2FS-fs (loop3): Found nat_bits in checkpoint
[   65.716087][ T2035] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[   65.723112][ T2035] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   65.770597][ T2049] loop0: detected capacity change from 0 to 512
[   65.800281][ T2035] overlayfs: "xino" feature enabled using 32 upper inode bits.
[   65.811668][ T1837] bio_check_eod: 1 callbacks suppressed
[   65.811713][ T1837] syz-executor.3: attempt to access beyond end of device
[   65.811713][ T1837] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[   65.842677][ T2049] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[   65.913213][  T313] EXT4-fs (loop1): unmounting filesystem.
[   65.978736][ T1969] ------------[ cut here ]------------
[   65.984383][ T1969] WARNING: CPU: 0 PID: 1969 at fs/overlayfs/util.c:484 ovl_dir_modified+0x1a5/0x1e0
[   65.993820][ T1969] Modules linked in:
[   65.997684][ T1969] CPU: 0 PID: 1969 Comm: syz-executor.2 Tainted: G        W          6.1.78-syzkaller-00010-gc0618d182a9c #0
[   66.009093][ T1969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[   66.019072][ T1969] RIP: 0010:ovl_dir_modified+0x1a5/0x1e0
[   66.024494][ T1969] Code: 00 00 fc ff df 80 3c 08 00 74 08 4c 89 ff e8 42 44 9d ff 49 ff 07 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 cb 46 56 ff <0f> 0b e9 06 ff ff ff e8 bf 46 56 ff 0f 0b e9 3d ff ff ff 44 89 e1
[   66.043967][ T1969] RSP: 0018:ffffc900058bfae0 EFLAGS: 00010293
[   66.049882][ T1969] RAX: ffffffff821f2d35 RBX: 0000000000000000 RCX: ffff888111f65100
[   66.057657][ T1969] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   66.065513][ T1969] RBP: ffffc900058bfb10 R08: ffffffff821f2c34 R09: ffffed1021da934c
[   66.073419][ T1969] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff888112ce3660
[   66.081191][ T1969] R13: ffff888112ce3690 R14: 1ffff1102259c6d2 R15: ffff88810ed499b8
[   66.089086][ T1969] FS:  000055555627c480(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[   66.097842][ T1969] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   66.104487][ T1969] CR2: 0000001b2ee21000 CR3: 0000000117023000 CR4: 00000000003506b0
[   66.112275][ T1969] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   66.120073][ T1969] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   66.127880][ T1969] Call Trace:
[   66.131015][ T1969]  <TASK>
[   66.133771][ T1969]  ? show_regs+0x58/0x60
[   66.137860][ T1969]  ? __warn+0x160/0x3d0
[   66.141872][ T1969]  ? ovl_dir_modified+0x1a5/0x1e0
[   66.146786][ T1969]  ? report_bug+0x4d5/0x7d0
[   66.151146][ T1969]  ? ovl_dir_modified+0x1a5/0x1e0
[   66.155997][ T1969]  ? handle_bug+0x41/0x70
[   66.160189][ T1969]  ? exc_invalid_op+0x1b/0x50
[   66.164776][ T1969]  ? asm_exc_invalid_op+0x1b/0x20
[   66.169648][ T1969]  ? ovl_dir_modified+0xa4/0x1e0
[   66.174404][ T1969]  ? ovl_dir_modified+0x1a5/0x1e0
[   66.179286][ T1969]  ? ovl_dir_modified+0x1a5/0x1e0
[   66.184224][ T1969]  ovl_do_remove+0x7fc/0xbf0
[   66.188674][ T1969]  ? ovl_set_redirect+0x670/0x670
[   66.193514][ T1969]  ? selinux_inode_rmdir+0x22/0x30
[   66.198481][ T1969]  ovl_rmdir+0x1a/0x20
[   66.202362][ T1969]  vfs_rmdir+0x398/0x500
[   66.206443][ T1969]  incfs_kill_sb+0x113/0x230
[   66.210976][ T1969]  deactivate_locked_super+0xad/0x110
[   66.216178][ T1969]  deactivate_super+0xbe/0xf0
[   66.220715][ T1969]  cleanup_mnt+0x485/0x510
[   66.224929][ T1969]  ? user_path_at_empty+0x14e/0x1a0
[   66.229996][ T1969]  __cleanup_mnt+0x19/0x20
[   66.234305][ T1969]  task_work_run+0x24d/0x2e0
[   66.238743][ T1969]  ? task_work_cancel+0x2b0/0x2b0
[   66.243593][ T1969]  ? __x64_sys_umount+0x122/0x170
[   66.248476][ T1969]  exit_to_user_mode_loop+0x94/0xa0
[   66.253485][ T1969]  exit_to_user_mode_prepare+0x5a/0xa0
[   66.258812][ T1969]  syscall_exit_to_user_mode+0x26/0x140
[   66.264160][ T1969]  do_syscall_64+0x49/0xb0
[   66.268426][ T1969]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   66.274169][ T1969] RIP: 0033:0x7f0dc447e257
[   66.278398][ T1969] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[   66.283563][ T2072] loop0: detected capacity change from 0 to 256
[   66.297952][ T1969] RSP: 002b:00007fff0f2e9358 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   66.312478][ T1969] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f0dc447e257
[   66.320665][ T1969] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff0f2e9410
[   66.328531][ T1969] RBP: 00007fff0f2e9410 R08: 0000000000000000 R09: 0000000000000000
[   66.336326][ T1969] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff0f2ea4c0
[   66.344160][ T1969] R13: 00007f0dc44d96c6 R14: 000000000000fe46 R15: 0000000000000017
[   66.351976][ T1969]  </TASK>
[   66.354809][ T1969] ---[ end trace 0000000000000000 ]---
[   66.360645][ T1969] ------------[ cut here ]------------
[   66.365953][ T1969] WARNING: CPU: 1 PID: 1969 at fs/overlayfs/util.c:484 ovl_dir_modified+0x1a5/0x1e0
[   66.375545][ T1969] Modules linked in:
[   66.379329][ T1969] CPU: 1 PID: 1969 Comm: syz-executor.2 Tainted: G        W          6.1.78-syzkaller-00010-gc0618d182a9c #0
[   66.390761][ T1969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[   66.401037][ T1969] RIP: 0010:ovl_dir_modified+0x1a5/0x1e0
[   66.406950][ T1969] Code: 00 00 fc ff df 80 3c 08 00 74 08 4c 89 ff e8 42 44 9d ff 49 ff 07 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 cb 46 56 ff <0f> 0b e9 06 ff ff ff e8 bf 46 56 ff 0f 0b e9 3d ff ff ff 44 89 e1
[   66.426533][ T1969] RSP: 0018:ffffc900058bfae0 EFLAGS: 00010293
[   66.432761][ T1969] RAX: ffffffff821f2d35 RBX: 0000000000000000 RCX: ffff888111f65100
[   66.440627][ T1969] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   66.448358][ T1969] RBP: ffffc900058bfb10 R08: ffffffff821f2c34 R09: ffffed1021da934c
[   66.456206][ T1969] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff888112ce3660
[   66.463995][ T1969] R13: ffff888112ce3690 R14: 1ffff1102259c6d2 R15: ffff88810ed499b8
[   66.471973][ T1969] FS:  000055555627c480(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[   66.480675][ T1969] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   66.487152][ T1969] CR2: 0000001b3152f000 CR3: 0000000117023000 CR4: 00000000003506a0
[   66.494985][ T1969] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   66.502788][ T1969] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   66.510704][ T1969] Call Trace:
[   66.513800][ T1969]  <TASK>
[   66.516580][ T1969]  ? show_regs+0x58/0x60
[   66.520687][ T1969]  ? __warn+0x160/0x3d0
[   66.524649][ T1969]  ? ovl_dir_modified+0x1a5/0x1e0
[   66.529525][ T1969]  ? report_bug+0x4d5/0x7d0
[   66.533847][ T1969]  ? ovl_dir_modified+0x1a5/0x1e0
[   66.538728][ T1969]  ? handle_bug+0x41/0x70
[   66.542879][ T1969]  ? exc_invalid_op+0x1b/0x50
[   66.547480][ T1969]  ? asm_exc_invalid_op+0x1b/0x20
[   66.552583][ T1969]  ? ovl_dir_modified+0xa4/0x1e0
[   66.557424][ T1969]  ? ovl_dir_modified+0x1a5/0x1e0
[   66.562367][ T1969]  ? ovl_dir_modified+0x1a5/0x1e0
[   66.567146][ T1969]  ovl_do_remove+0x7fc/0xbf0
[   66.571593][ T1969]  ? ovl_set_redirect+0x670/0x670
[   66.576431][ T1969]  ? selinux_inode_rmdir+0x22/0x30
[   66.581409][ T1969]  ovl_rmdir+0x1a/0x20
[   66.585288][ T1969]  vfs_rmdir+0x398/0x500
[   66.589381][ T1969]  incfs_kill_sb+0x1b4/0x230
[   66.593789][ T1969]  deactivate_locked_super+0xad/0x110
[   66.599011][ T1969]  deactivate_super+0xbe/0xf0
[   66.603510][ T1969]  cleanup_mnt+0x485/0x510
[   66.607849][ T1969]  ? user_path_at_empty+0x14e/0x1a0
[   66.612897][ T1969]  __cleanup_mnt+0x19/0x20
[   66.617138][ T1969]  task_work_run+0x24d/0x2e0
[   66.621596][ T1969]  ? task_work_cancel+0x2b0/0x2b0
[   66.626423][ T1969]  ? __x64_sys_umount+0x122/0x170
[   66.631459][ T1969]  exit_to_user_mode_loop+0x94/0xa0
[   66.636477][ T1969]  exit_to_user_mode_prepare+0x5a/0xa0
[   66.641890][ T1969]  syscall_exit_to_user_mode+0x26/0x140
[   66.647239][ T1969]  do_syscall_64+0x49/0xb0
[   66.651595][ T1969]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   66.657313][ T1969] RIP: 0033:0x7f0dc447e257
[   66.661753][ T1969] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[   66.681192][ T1969] RSP: 002b:00007fff0f2e9358 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   66.689442][ T1969] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f0dc447e257
[   66.697312][ T1969] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff0f2e9410
[   66.705065][ T1969] RBP: 00007fff0f2e9410 R08: 0000000000000000 R09: 0000000000000000
[   66.712951][ T1969] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff0f2ea4c0
[   66.720763][ T1969] R13: 00007f0dc44d96c6 R14: 000000000000fe46 R15: 0000000000000017
[   66.728597][ T1969]  </TASK>
[   66.731438][ T1969] ---[ end trace 0000000000000000 ]---
[   66.788256][ T2093] bpf_get_probe_write_proto: 6 callbacks suppressed
[   66.788276][ T2093] syz-executor.0[2093] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   66.796365][ T2093] syz-executor.0[2093] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   66.843889][ T2098] loop0: detected capacity change from 0 to 2048
[   66.891322][ T2100] loop2: detected capacity change from 0 to 256
[   66.908948][ T2098]  loop0: p1 < > p4
[   66.917058][ T2098] loop0: p4 size 8388608 extends beyond EOD, truncated
[   66.971620][ T2102] loop2: detected capacity change from 0 to 1024
[   66.991298][ T2102] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   67.018183][ T1969] EXT4-fs (loop2): unmounting filesystem.
[   67.460032][ T2083] loop3: detected capacity change from 0 to 131072
[   67.488575][  T424] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   67.511149][ T2083] F2FS-fs (loop3): Test dummy encryption mode enabled
[   67.549170][ T2083] F2FS-fs (loop3): invalid crc value
[   67.732492][ T2083] F2FS-fs (loop3): Found nat_bits in checkpoint
[   67.755827][ T2083] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   67.818497][  T424] usb 2-1: Using ep0 maxpacket: 16
[   67.920516][ T1628] ------------[ cut here ]------------
[   67.925867][ T1628] WARNING: CPU: 0 PID: 1628 at fs/overlayfs/util.c:484 ovl_dir_modified+0x1a5/0x1e0
[   67.935226][ T1628] Modules linked in:
[   67.939033][ T1628] CPU: 0 PID: 1628 Comm: syz-executor.0 Tainted: G        W          6.1.78-syzkaller-00010-gc0618d182a9c #0
[   67.950506][ T1628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[   67.958538][  T424] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   67.960401][ T1628] RIP: 0010:ovl_dir_modified+0x1a5/0x1e0
[   67.976759][ T1628] Code: 00 00 fc ff df 80 3c 08 00 74 08 4c 89 ff e8 42 44 9d ff 49 ff 07 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 cb 46 56 ff <0f> 0b e9 06 ff ff ff e8 bf 46 56 ff 0f 0b e9 3d ff ff ff 44 89 e1
[   67.983960][  T424] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   67.996349][ T1628] RSP: 0018:ffffc900011a7ae0 EFLAGS: 00010293
[   68.011788][ T1628] RAX: ffffffff821f2d35 RBX: 0000000000000000 RCX: ffff88811a2c3cc0
[   68.019704][ T1628] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   68.027475][ T1628] RBP: ffffc900011a7b10 R08: ffffffff821f2c34 R09: ffffed1021da39ed
[   68.035406][ T1628] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88810ef8b880
[   68.043324][ T1628] R13: ffff88810ef8b8b0 R14: 1ffff11021df1716 R15: ffff88810ed1cec0
[   68.046908][  T424] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2c2e, bcdDevice= 0.00
[   68.051142][ T1628] FS:  000055555560a480(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[   68.068839][ T1628] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   68.075238][ T1628] CR2: 00007ffec11dafd8 CR3: 0000000119fb0000 CR4: 00000000003506b0
[   68.082183][  T424] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   68.083167][ T1628] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   68.098698][ T1628] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   68.102858][  T424] usb 2-1: config 0 descriptor??
[   68.106739][ T1628] Call Trace:
[   68.106747][ T1628]  <TASK>
[   68.117681][ T1628]  ? show_regs+0x58/0x60
[   68.121781][ T1628]  ? __warn+0x160/0x3d0
[   68.125754][ T1628]  ? ovl_dir_modified+0x1a5/0x1e0
[   68.130643][ T1628]  ? report_bug+0x4d5/0x7d0
[   68.134952][ T1628]  ? ovl_dir_modified+0x1a5/0x1e0
[   68.139849][ T1628]  ? handle_bug+0x41/0x70
[   68.143978][ T1628]  ? exc_invalid_op+0x1b/0x50
[   68.148675][ T1628]  ? asm_exc_invalid_op+0x1b/0x20
[   68.153518][ T1628]  ? ovl_dir_modified+0xa4/0x1e0
[   68.158287][ T1628]  ? ovl_dir_modified+0x1a5/0x1e0
[   68.163323][ T1628]  ? ovl_dir_modified+0x1a5/0x1e0
[   68.168100][ T1628]  ovl_do_remove+0x7fc/0xbf0
[   68.172646][ T1628]  ? ovl_set_redirect+0x670/0x670
[   68.177471][ T1628]  ? selinux_inode_rmdir+0x22/0x30
[   68.182442][ T1628]  ovl_rmdir+0x1a/0x20
[   68.186418][ T1628]  vfs_rmdir+0x398/0x500
[   68.190550][ T1628]  incfs_kill_sb+0x113/0x230
[   68.195221][ T1628]  deactivate_locked_super+0xad/0x110
[   68.200489][ T1628]  deactivate_super+0xbe/0xf0
[   68.205028][ T1628]  cleanup_mnt+0x485/0x510
[   68.209297][ T1628]  ? user_path_at_empty+0x14e/0x1a0
[   68.214329][ T1628]  __cleanup_mnt+0x19/0x20
[   68.218609][ T1628]  task_work_run+0x24d/0x2e0
[   68.223002][ T1628]  ? task_work_cancel+0x2b0/0x2b0
[   68.227867][ T1628]  ? __x64_sys_umount+0x122/0x170
[   68.232766][ T1628]  exit_to_user_mode_loop+0x94/0xa0
[   68.237751][ T1628]  exit_to_user_mode_prepare+0x5a/0xa0
[   68.243074][ T1628]  syscall_exit_to_user_mode+0x26/0x140
[   68.248453][ T1628]  do_syscall_64+0x49/0xb0
[   68.252687][ T1628]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[   68.258343][ T1628]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   68.264122][ T1628] RIP: 0033:0x7f413587e257
[   68.268801][ T1628] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[   68.288275][ T1628] RSP: 002b:00007ffec11db788 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   68.296515][ T1628] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f413587e257
[   68.304390][ T1628] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffec11db840
[   68.312281][ T1628] RBP: 00007ffec11db840 R08: 0000000000000000 R09: 0000000000000000
[   68.320173][ T1628] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffec11dc8f0
[   68.327929][ T1628] R13: 00007f41358d96c6 R14: 00000000000105d9 R15: 0000000000000018
[   68.335802][ T1628]  </TASK>
[   68.338623][ T1628] ---[ end trace 0000000000000000 ]---
[   68.344652][ T1628] ------------[ cut here ]------------
[   68.350049][ T1628] WARNING: CPU: 0 PID: 1628 at fs/overlayfs/util.c:484 ovl_dir_modified+0x1a5/0x1e0
[   68.359533][ T1628] Modules linked in:
[   68.363168][ T1628] CPU: 0 PID: 1628 Comm: syz-executor.0 Tainted: G        W          6.1.78-syzkaller-00010-gc0618d182a9c #0
[   68.374635][ T1628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[   68.384514][ T1628] RIP: 0010:ovl_dir_modified+0x1a5/0x1e0
[   68.390075][ T1628] Code: 00 00 fc ff df 80 3c 08 00 74 08 4c 89 ff e8 42 44 9d ff 49 ff 07 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 cb 46 56 ff <0f> 0b e9 06 ff ff ff e8 bf 46 56 ff 0f 0b e9 3d ff ff ff 44 89 e1
[   68.409505][ T1628] RSP: 0018:ffffc900011a7ae0 EFLAGS: 00010293
[   68.415351][ T1628] RAX: ffffffff821f2d35 RBX: 0000000000000000 RCX: ffff88811a2c3cc0
[   68.423306][ T1628] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   68.431138][ T1628] RBP: ffffc900011a7b10 R08: ffffffff821f2c34 R09: ffffed1021da39ed
[   68.439062][ T1628] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88810ef8b880
[   68.446998][ T1628] R13: ffff88810ef8b8b0 R14: 1ffff11021df1716 R15: ffff88810ed1cec0
[   68.454818][ T1628] FS:  000055555560a480(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[   68.463712][ T1628] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   68.471002][ T1628] CR2: 00007ffec11dafd8 CR3: 0000000119fb0000 CR4: 00000000003506b0
[   68.479271][ T1628] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   68.487329][ T1628] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   68.495602][ T1628] Call Trace:
[   68.498770][ T1628]  <TASK>
[   68.501628][ T1628]  ? show_regs+0x58/0x60
[   68.505792][ T1628]  ? __warn+0x160/0x3d0
[   68.509831][ T1628]  ? ovl_dir_modified+0x1a5/0x1e0
[   68.514729][ T1628]  ? report_bug+0x4d5/0x7d0
[   68.519162][ T1628]  ? ovl_dir_modified+0x1a5/0x1e0
[   68.524087][ T1628]  ? handle_bug+0x41/0x70
[   68.528262][ T1628]  ? exc_invalid_op+0x1b/0x50
[   68.532769][ T1628]  ? asm_exc_invalid_op+0x1b/0x20
[   68.537595][ T1628]  ? ovl_dir_modified+0xa4/0x1e0
[   68.542590][ T1628]  ? ovl_dir_modified+0x1a5/0x1e0
[   68.547405][ T1628]  ? ovl_dir_modified+0x1a5/0x1e0
[   68.552304][ T1628]  ovl_do_remove+0x7fc/0xbf0
[   68.556720][ T1628]  ? ovl_set_redirect+0x670/0x670
[   68.561727][ T1628]  ? selinux_inode_rmdir+0x22/0x30
[   68.566697][ T1628]  ovl_rmdir+0x1a/0x20
[   68.570635][ T1628]  vfs_rmdir+0x398/0x500
[   68.574683][ T1628]  incfs_kill_sb+0x1b4/0x230
[   68.579156][ T1628]  deactivate_locked_super+0xad/0x110
[   68.584326][ T1628]  deactivate_super+0xbe/0xf0
[   68.588912][ T1628]  cleanup_mnt+0x485/0x510
[   68.593195][ T1628]  ? user_path_at_empty+0x14e/0x1a0
[   68.598244][ T1628]  __cleanup_mnt+0x19/0x20
[   68.602521][ T1628]  task_work_run+0x24d/0x2e0
[   68.606896][ T1628]  ? task_work_cancel+0x2b0/0x2b0
[   68.611788][ T1628]  ? __x64_sys_umount+0x122/0x170
[   68.616623][ T1628]  exit_to_user_mode_loop+0x94/0xa0
[   68.621747][ T1628]  exit_to_user_mode_prepare+0x5a/0xa0
[   68.627098][ T1628]  syscall_exit_to_user_mode+0x26/0x140
[   68.632505][ T1628]  do_syscall_64+0x49/0xb0
[   68.636699][ T1628]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[   68.639451][  T424] lua 0003:1E7D:2C2E.000B: unknown main item tag 0x0
[   68.642365][ T1628]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   68.642388][ T1628] RIP: 0033:0x7f413587e257
[   68.642401][ T1628] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[   68.642416][ T1628] RSP: 002b:00007ffec11db788 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   68.642435][ T1628] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f413587e257
[   68.642448][ T1628] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffec11db840
[   68.642459][ T1628] RBP: 00007ffec11db840 R08: 0000000000000000 R09: 0000000000000000
[   68.659995][  T424] lua 0003:1E7D:2C2E.000B: unknown main item tag 0x0
[   68.679258][ T1628] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffec11dc8f0
[   68.679277][ T1628] R13: 00007f41358d96c6 R14: 00000000000105d9 R15: 0000000000000018
[   68.724556][  T424] lua 0003:1E7D:2C2E.000B: unknown main item tag 0x0
[   68.725248][ T1628]  </TASK>
[   68.742518][ T1628] ---[ end trace 0000000000000000 ]---
[   68.753354][  T424] lua 0003:1E7D:2C2E.000B: unknown main item tag 0x0
[   68.760910][  T424] lua 0003:1E7D:2C2E.000B: unknown main item tag 0x0
[   68.767979][  T424] lua 0003:1E7D:2C2E.000B: unknown main item tag 0x0
[   68.775271][  T424] lua 0003:1E7D:2C2E.000B: unknown main item tag 0x0
[   68.783040][  T424] lua 0003:1E7D:2C2E.000B: hidraw0: USB HID v0.00 Device [HID 1e7d:2c2e] on usb-dummy_hcd.1-1/input0
[   68.801596][ T2131] syz-executor.2[2131] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   68.801672][ T2131] syz-executor.2[2131] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   69.943520][ T2139] option changes via remount are deprecated (pid=2134 comm=syz-executor.2)
[   69.993745][  T424] usb 2-1: USB disconnect, device number 4
[   70.000864][   T28] kauditd_printk_skb: 18 callbacks suppressed
[   70.000879][   T28] audit: type=1400 audit(2000000026.219:1403): avc:  denied  { remount } for  pid=2134 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   70.206554][   T28] audit: type=1400 audit(2000000026.489:1404): avc:  denied  { mounton } for  pid=2155 comm="syz-executor.3" path="/root/syzkaller-testdir3707955410/syzkaller.IAnbgO/8/file0" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   70.433310][ T2162] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.440382][ T2162] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.447683][ T2162] device bridge_slave_0 entered promiscuous mode
[   70.456396][ T2162] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.463437][ T2162] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.470676][ T2162] device bridge_slave_1 entered promiscuous mode
[   70.508488][   T60] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   70.638022][ T2162] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.644923][ T2162] bridge0: port 2(bridge_slave_1) entered forwarding state
[   70.652025][ T2162] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.658917][ T2162] bridge0: port 1(bridge_slave_0) entered forwarding state
[   70.808557][   T60] usb 1-1: Using ep0 maxpacket: 32
[   70.912582][   T10] device bridge_slave_1 left promiscuous mode
[   70.919005][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.927514][   T10] device bridge_slave_0 left promiscuous mode
[   70.929152][   T60] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   70.944605][   T60] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   70.944682][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.961648][   T60] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[   70.974504][   T60] usb 1-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00
[   70.983497][   T60] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   70.983633][   T10] device veth1_macvtap left promiscuous mode
[   70.997451][   T10] device veth0_vlan left promiscuous mode
[   70.998056][   T60] usb 1-1: config 0 descriptor??
[   71.248621][ T2158] loop0: detected capacity change from 0 to 512
[   71.259454][  T426] bridge0: port 1(bridge_slave_0) entered disabled state
[   71.269424][  T426] bridge0: port 2(bridge_slave_1) entered disabled state
[   71.282614][ T2158] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #15: comm syz-executor.0: casefold flag without casefold feature
[   71.295746][ T2172] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   71.303909][ T2172] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   71.309233][ T2158] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #2: comm syz-executor.0: missing EA_INODE flag
[   71.325917][ T2172] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   71.328653][ T2158] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz-executor.0: error while reading EA inode 2 err=-117
[   71.347583][ T2158] EXT4-fs (loop0): 1 orphan inode deleted
[   71.347689][ T2172] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   71.390233][ T2172] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.397089][ T2172] bridge0: port 1(bridge_slave_0) entered forwarding state
[   71.404834][ T2172] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   71.413035][ T2172] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   71.421051][ T2172] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.427969][ T2172] bridge0: port 2(bridge_slave_1) entered forwarding state
[   71.449224][ T2162] device veth0_vlan entered promiscuous mode
[   71.459228][  T424] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   71.465261][ T2158] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   71.474531][  T424] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   71.484042][  T424] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   71.493620][  T424] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   71.503286][ T2158] overlayfs: unrecognized mount option "appraise_type=imasig" or missing value
[   71.512371][  T424] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   71.520770][  T424] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   71.529050][  T424] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   71.536858][  T424] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   71.548980][ T2162] device veth1_macvtap entered promiscuous mode
[   71.555796][ T2178] netlink: 'syz-executor.2': attribute type 8 has an invalid length.
[   71.566526][  T424] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   71.576764][  T424] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   71.584457][  T424] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   71.592646][  T424] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   71.601009][  T424] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   71.612413][ T1058] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   71.624482][ T1058] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   71.632851][ T1058] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   71.641096][ T1058] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   71.673377][   T28] audit: type=1326 audit(2000000027.959:1405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2199 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14b427cf29 code=0x7ffc0000
[   71.706019][   T28] audit: type=1326 audit(2000000027.959:1406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2199 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14b427cf29 code=0x7ffc0000
[   71.730363][   T28] audit: type=1326 audit(2000000027.959:1407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2199 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f14b427cc8b code=0x7ffc0000
[   71.770542][   T28] audit: type=1326 audit(2000000027.959:1408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2199 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14b427cf29 code=0x7ffc0000
[   71.794759][   T28] audit: type=1326 audit(2000000027.959:1409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2199 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f14b427cf29 code=0x7ffc0000
[   71.818989][   T28] audit: type=1326 audit(2000000027.959:1410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2199 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14b427cf29 code=0x7ffc0000
[   71.843079][   T28] audit: type=1326 audit(2000000027.959:1411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2199 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f14b427cf29 code=0x7ffc0000
[   71.867309][   T28] audit: type=1326 audit(2000000027.989:1412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2199 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f14b427a6a7 code=0x7ffc0000
[   72.349724][ T2201] option changes via remount are deprecated (pid=2200 comm=syz-executor.1)
[   72.385250][ T2158] 9pnet_fd: Insufficient options for proto=fd
[   72.429477][ T2216] netlink: 'syz-executor.3': attribute type 8 has an invalid length.
[   72.458583][   T60] usbhid 1-1:0.0: can't add hid device: -71
[   72.464321][   T60] usbhid: probe of 1-1:0.0 failed with error -71
[   72.472847][   T60] usb 1-1: USB disconnect, device number 4
[   72.988567][ T2225] 9pnet: Unknown protocol version 9p2000.ڴ>;1��gˏӟ?�u
[   73.011522][ T2225] cgroup: Bad value for 'name'
[   73.241443][ T2226] loop1: detected capacity change from 0 to 512
[   73.387287][ T2226] EXT4-fs (loop1): orphan cleanup on readonly fs
[   73.396381][ T2226] EXT4-fs (loop1): 1 orphan inode deleted
[   73.404114][ T2226] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   73.473666][ T2230] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.480561][ T2230] bridge0: port 1(bridge_slave_0) entered disabled state
[   73.487829][ T2230] device bridge_slave_0 entered promiscuous mode
[   73.496452][ T2230] bridge0: port 2(bridge_slave_1) entered blocking state
[   73.503415][ T2230] bridge0: port 2(bridge_slave_1) entered disabled state
[   73.510723][ T2230] device bridge_slave_1 entered promiscuous mode
[   73.556564][  T313] EXT4-fs (loop1): unmounting filesystem.
[   73.570549][ T2230] bridge0: port 2(bridge_slave_1) entered blocking state
[   73.577426][ T2230] bridge0: port 2(bridge_slave_1) entered forwarding state
[   73.584549][ T2230] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.587519][ T2239] loop1: detected capacity change from 0 to 512
[   73.591504][ T2230] bridge0: port 1(bridge_slave_0) entered forwarding state
[   73.621006][  T424] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   73.628350][  T424] bridge0: port 1(bridge_slave_0) entered disabled state
[   73.635871][  T424] bridge0: port 2(bridge_slave_1) entered disabled state
[   73.644846][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   73.653331][   T60] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.660184][   T60] bridge0: port 1(bridge_slave_0) entered forwarding state
[   73.679830][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   73.688083][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   73.696057][   T60] bridge0: port 2(bridge_slave_1) entered blocking state
[   73.698483][  T303] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[   73.702905][   T60] bridge0: port 2(bridge_slave_1) entered forwarding state
[   73.717352][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   73.725125][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   73.734580][   T10] device bridge_slave_1 left promiscuous mode
[   73.740795][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   73.748085][   T10] device bridge_slave_0 left promiscuous mode
[   73.754224][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   73.761970][   T10] device veth1_macvtap left promiscuous mode
[   73.767942][   T10] device veth0_vlan left promiscuous mode
[   73.822730][ T1628] EXT4-fs (loop0): unmounting filesystem.
[   73.853533][ T2230] device veth0_vlan entered promiscuous mode
[   73.860725][  T426] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   73.868623][  T426] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   73.876257][  T426] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   73.893745][ T2230] device veth1_macvtap entered promiscuous mode
[   73.904441][  T424] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   73.919978][  T426] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   73.928218][  T426] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   73.953706][ T2251] loop0: detected capacity change from 0 to 1024
[   73.961789][ T2254] netlink: 'syz-executor.2': attribute type 8 has an invalid length.
[   73.962834][ T2251] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   73.999833][ T1628] EXT4-fs (loop0): unmounting filesystem.
[   74.119311][  T303] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   74.130312][  T303] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   74.147550][  T303] usb 4-1: New USB device found, idVendor=172f, idProduct=0032, bcdDevice= 0.00
[   74.156712][  T303] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   74.171952][  T303] usb 4-1: config 0 descriptor??
[   74.309556][ T2257] loop2: detected capacity change from 0 to 131072
[   74.316844][ T2257] F2FS-fs (loop2): Test dummy encryption mode enabled
[   74.324453][ T2257] F2FS-fs (loop2): invalid crc value
[   74.331408][ T2257] F2FS-fs (loop2): Found nat_bits in checkpoint
[   74.368491][ T2257] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   74.766381][ T2229] loop3: detected capacity change from 0 to 4096
[   74.773560][ T2229] EXT4-fs (loop3): Test dummy encryption mode enabled
[   74.788023][ T2229] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   74.831010][  T303] waltop 0003:172F:0032.000C: hidraw0: USB HID v0.00 Device [HID 172f:0032] on usb-dummy_hcd.3-1/input0
[   74.939078][ T2303] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[   74.950694][ T2303] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[   74.958939][ T2303] CPU: 1 PID: 2303 Comm: syz-executor.1 Tainted: G        W          6.1.78-syzkaller-00010-gc0618d182a9c #0
[   74.970309][ T2303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[   74.980202][ T2303] RIP: 0010:dev_map_generic_redirect+0x90/0x7d0
[   74.986719][ T2303] Code: f1 f1 00 f2 f2 f2 4b 89 04 26 43 c7 44 26 0f f3 f3 f3 f3 43 c6 44 26 13 f3 e8 ac 07 de ff 48 89 d8 48 c1 e8 03 48 89 44 24 48 <42> 80 3c 20 00 74 08 48 89 df e8 f1 04 25 00 48 89 5c 24 18 4c 8b
[   75.006461][ T2303] RSP: 0018:ffffc90000a676c0 EFLAGS: 00010246
[   75.012367][ T2303] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000040000
[   75.020371][ T2303] RDX: ffffc90001fbd000 RSI: 000000000000041a RDI: 000000000000041b
[   75.028183][ T2303] RBP: ffffc90000a67818 R08: 0000000000000005 R09: ffffffff8411e3d3
[   75.035989][ T2303] R10: 0000000000000004 R11: ffff88810eb82880 R12: dffffc0000000000
[   75.043800][ T2303] R13: ffff88812fd9b8c0 R14: 1ffff9200014cee4 R15: 0000000000000000
[   75.051611][ T2303] FS:  00007fe479e726c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[   75.060377][ T2303] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   75.066796][ T2303] CR2: 0000000020010000 CR3: 00000001130c5000 CR4: 00000000003506a0
[   75.074668][ T2303] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   75.082422][ T2303] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   75.090231][ T2303] Call Trace:
[   75.093357][ T2303]  <TASK>
[   75.096137][ T2303]  ? __die_body+0x62/0xb0
[   75.100299][ T2303]  ? die_addr+0x9f/0xd0
[   75.104292][ T2303]  ? exc_general_protection+0x317/0x4c0
[   75.109681][ T2303]  ? asm_exc_general_protection+0x27/0x30
[   75.115231][ T2303]  ? xdp_do_generic_redirect+0x303/0xad0
[   75.120700][ T2303]  ? dev_map_generic_redirect+0x90/0x7d0
[   75.126167][ T2303]  ? __free_pages_core+0x180/0x180
[   75.131113][ T2303]  ? __this_cpu_preempt_check+0x13/0x20
[   75.136493][ T2303]  ? bq_enqueue+0x3e0/0x3e0
[   75.140836][ T2303]  ? bpf_prog_run_generic_xdp+0x9aa/0x1110
[   75.146592][ T2303]  xdp_do_generic_redirect+0x411/0xad0
[   75.151858][ T2303]  do_xdp_generic+0x53e/0x800
[   75.156371][ T2303]  ? generic_xdp_tx+0x560/0x560
[   75.161056][ T2303]  ? __schedule+0xcaf/0x1550
[   75.165485][ T2303]  ? tun_get_user+0x2340/0x3a90
[   75.170175][ T2303]  tun_get_user+0x238a/0x3a90
[   75.174689][ T2303]  ? futex_q_unlock+0x30/0x30
[   75.179197][ T2303]  ? tun_do_read+0x1ee0/0x1ee0
[   75.183802][ T2303]  ? ref_tracker_alloc+0x31d/0x450
[   75.188750][ T2303]  ? ref_tracker_dir_print+0x160/0x160
[   75.194037][ T2303]  ? futex_wait+0x4b7/0x7e0
[   75.198381][ T2303]  ? avc_policy_seqno+0x1b/0x70
[   75.203066][ T2303]  ? tun_get+0xe9/0x120
[   75.207055][ T2303]  tun_chr_write_iter+0x129/0x210
[   75.211925][ T2303]  vfs_write+0x902/0xeb0
[   75.216016][ T2303]  ? __x64_sys_prctl+0xd0/0xd0
[   75.220646][ T2303]  ? file_end_write+0x1c0/0x1c0
[   75.225287][ T2303]  ? __fget_files+0x2cb/0x330
[   75.229803][ T2303]  ? __fdget_pos+0x204/0x390
[   75.234309][ T2303]  ? ksys_write+0x77/0x2c0
[   75.238564][ T2303]  ksys_write+0x199/0x2c0
[   75.242730][ T2303]  ? __x64_sys_futex+0x100/0x100
[   75.247697][ T2303]  ? __ia32_sys_read+0x90/0x90
[   75.252296][ T2303]  ? fpregs_restore_userregs+0x130/0x290
[   75.257767][ T2303]  __x64_sys_write+0x7b/0x90
[   75.262209][ T2303]  do_syscall_64+0x3d/0xb0
[   75.266443][ T2303]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   75.272177][ T2303] RIP: 0033:0x7fe47907bc6f
[   75.276422][ T2303] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 b9 80 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 0c 81 02 00 48
[   75.295952][ T2303] RSP: 002b:00007fe479e72090 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   75.304196][ T2303] RAX: ffffffffffffffda RBX: 00007fe4791b3f80 RCX: 00007fe47907bc6f
[   75.312097][ T2303] RDX: 000000000000fdef RSI: 0000000020000780 RDI: 00000000000000c8
[   75.319909][ T2303] RBP: 00007fe4790ec074 R08: 0000000000000000 R09: 0000000000000000
[   75.327731][ T2303] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[   75.335541][ T2303] R13: 000000000000000b R14: 00007fe4791b3f80 R15: 00007ffcad830938
[   75.343441][ T2303]  </TASK>
[   75.346293][ T2303] Modules linked in:
[   75.350103][ T2303] ---[ end trace 0000000000000000 ]---
[   75.355345][ T2303] RIP: 0010:dev_map_generic_redirect+0x90/0x7d0
[   75.361425][ T2303] Code: f1 f1 00 f2 f2 f2 4b 89 04 26 43 c7 44 26 0f f3 f3 f3 f3 43 c6 44 26 13 f3 e8 ac 07 de ff 48 89 d8 48 c1 e8 03 48 89 44 24 48 <42> 80 3c 20 00 74 08 48 89 df e8 f1 04 25 00 48 89 5c 24 18 4c 8b
[   75.380861][ T2303] RSP: 0018:ffffc90000a676c0 EFLAGS: 00010246
[   75.386763][ T2303] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000040000
[   75.394594][ T2303] RDX: ffffc90001fbd000 RSI: 000000000000041a RDI: 000000000000041b
[   75.402601][ T2303] RBP: ffffc90000a67818 R08: 0000000000000005 R09: ffffffff8411e3d3
[   75.410392][ T2303] R10: 0000000000000004 R11: ffff88810eb82880 R12: dffffc0000000000
[   75.418266][ T2303] R13: ffff88812fd9b8c0 R14: 1ffff9200014cee4 R15: 0000000000000000
[   75.426120][ T2303] FS:  00007fe479e726c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[   75.435133][ T2303] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   75.441558][ T2303] CR2: 0000000020010000 CR3: 00000001130c5000 CR4: 00000000003506a0
[   75.449353][ T2303] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   75.457274][ T2303] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   75.465100][ T2303] Kernel panic - not syncing: Fatal exception in interrupt
[   75.472340][ T2303] Kernel Offset: disabled
[   75.476467][ T2303] Rebooting in 86400 seconds..