last executing test programs:

50.237676296s ago: executing program 1 (id=2176):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='mm_page_alloc\x00', r0}, 0x10)
syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0)

50.159597166s ago: executing program 1 (id=2178):
r0 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e1f, @empty}, 0x10)
sendmmsg$inet(r0, &(0x7f0000005240), 0x4000095, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, 0x0, 0x0)

49.954836346s ago: executing program 1 (id=2179):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400ea00b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0)

49.757048916s ago: executing program 1 (id=2184):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000e00)={[{@data_err_abort}, {@stripe={'stripe', 0x3d, 0x2}}, {@noblock_validity}, {@errors_remount}, {@noblock_validity}, {@jqfmt_vfsold}, {@sysvgroups}, {@nojournal_checksum}, {@nodelalloc}]}, 0xfc, 0x550, &(0x7f0000000340)="$eJzs3d9rW1UcAPDvTdv91nUwhvoghT04mUvX1h8TfJiPosOBvs/Q3pXRZBlNOtY6cHtwL77IEEQciH+A7z4O/wH/ioEOhoyiD75EbnrTZWvSZm22Zubzgduec89Nzz0593t6bk5CAhhaE9mPQsSrEfFtEnG4rWw08sKJteNWH16fzbYkGo3P/koiyfe1jk/y3wfzzCsR8dvXEScLG+utLa8slMrldDHPT9YrVyZryyunLlVK8+l8enl6ZubMOzPT77/3bt/a+ub5f3749O5HZ745vvr9L/eP3E7ibBzKy9rbsQM32jMTMZE/J2Nx9okDp/pQ2SBJdvsE2JaRPM7HIhsDDsdIHvXA/99XEdEAhlQi/mFIteYBrXv7Pt0HvzAefLh2A7Sx/aNrr43Evua90YHV5LE7o+x+d7wP9Wd1/PrnndvZFv17HQJgSzduRsTp0dGN41+Sj3/bd7qHY56sw/gHz8/dbP7zVqf5T2F9/hMd5j8HO8Tudmwd/4X7faimq2z+90HH+e/6otX4SJ57qTnnG0suXiqn2dj2ckSciLG9WX6z9Zwzq/ca3cra53/ZltXfmgvm53F/dO/jj5kr1Us7aXO7BzcjXus4/03W+z/p0P/Z83G+xzqOpXde71a2dfufrcbPEW907P9HK1rJ5uuTk83rYbJ1VWz0961jv3erf7fbn/X/gc3bP560r9fWnr6On/b9m3Yr2+71vyf5vJnek++7VqrXF6ci9iSfbNw//eixrXzr+Kz9J45vPv51uv73R8QXPbb/1tFbXQ8dhP6fe6r+f/rEvY+//LFb/b31/9vN1Il8Ty/jX68nuJPnDgAAAAAAAAZNISIORVIorqcLhWJx7f0dR+NAoVyt1U9erC5dnovmZ2XHY6zQWuk+3PZ+iKn8/bCt/PQT+ZmIOBIR343sb+aLs9Xy3G43HgAAAAAAAAAAAAAAAAAAAAbEwYh9nT7/n/ljZLfPDnjmfOU3DK/u8Z+X9OObnoCB5P8/DC/xD8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8AAAAAAAAAAAAAAAAAAAAAAAAAAADQV+fPncu2xurD67NZfu7q8tJC9eqpubS2UKwszRZnq4tXivPV6nw5Lc5WK1v9vXK1emVqOpauTdbTWn2ytrxyoVJduly/cKlSmk8vpGPPpVUAAAAAAAAAAAAAAAAAAADwYqktryyUyuV0UUJiW4nRwTgNiT4ndntkAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBH/gsAAP//sQI4ww==")
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x0, &(0x7f0000000540)={[{@journal_checksum}, {@noload}, {@nomblk_io_submit}, {@block_validity}, {@noquota}, {@usrquota}, {@nodiscard}, {@sysvgroups}]}, 0x5, 0x263, &(0x7f0000000600)="$eJzs3T+IHGUYBvBnZmcTN1kkaiMIKoiIHhyxE2zWRiEgRxARVIiI2CiJEBPscp2NhdYqqWyCpDNaSiyCjSJYRU1xNoIeCh4WWqzsn4O7vVXvbm935Ob3g92Zuftm3neYeb6phg3QWCeS9JK0kiwlaScptg64f/Q5Md683LlxJun3n/m1GI4bbY9s7nc8yWqSx5JcL4u8ViUXr72w9sfNpx5650L7wY+uPd9Z6EmOra/denrjw5W3Pzn16MWvv/15pUgv3W3ndfCKKX+riuTOeRT7nyiqujtgN06/dfW7Qe7vSvLAMP/tlBldvHfPH7neziMf/NO+7/3yzT2L7BU4eP1+e/AMXO0DjVMm6aYol5OM1sv25tzwfetY+fq5828uvXruwtlX6p2ngIPTTW49+dnRT49P5P+nVlkuL9fdHTBPg/w/e/rKD4P1jVbd3QCLNMj/0kuXHo78Q+PIPxwOK/vYp9uTf2gqz384ZHq7Hyr/0FzyD80l/9Bc/5b/L2rqCVgMz39ort3l/8hCewIWY2v+AYBm6R+t+w1koC51zz8AAAAAAAAAAAAAAAAAAMBOlzs3zmx+5l+tGH5/+X6y/kSSqphSvzX8PeLktuH3sd+LVBNHqPZadnX75ov37f8Mpvptb8M/rvnt69t/rLf+V/fOuUBrYjnh0tlcHa6crKqd918xvv/2747/+H/75RkLzOjx5+qt/9eVGotXyambyeeD+efk1vmvMx5Q5u7hcvr80x1cvxlbeOPPGQ8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAwvwdAAD//yidbmk=")
mount$bind(&(0x7f0000000040)='./file1\x00', &(0x7f00000000c0)='./file1\x00', 0x0, 0x3002, 0x0)
syz_mount_image$fuse(&(0x7f0000002040), &(0x7f0000002080)='./file1\x00', 0x80b0, &(0x7f0000000540)=ANY=[], 0x0, 0x0, 0x0)

49.457561965s ago: executing program 1 (id=2187):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r1}, 0x10)
rt_sigsuspend(0x0, 0x0)

48.657316173s ago: executing program 1 (id=2208):
r0 = openat$selinux_policy(0xffffff9c, &(0x7f0000001400), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r0, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r1, 0x6, 0x1, &(0x7f0000000000)={0x0, 0x747, 0x0, 0x3}, 0xc)

48.657255354s ago: executing program 32 (id=2208):
r0 = openat$selinux_policy(0xffffff9c, &(0x7f0000001400), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r0, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r1, 0x6, 0x1, &(0x7f0000000000)={0x0, 0x747, 0x0, 0x3}, 0xc)

4.038954227s ago: executing program 4 (id=3648):
r0 = io_uring_setup(0x1b91, &(0x7f0000000000)={0x0, 0x5710})
close_range(r0, 0xffffffffffffffff, 0x0)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
pread64(r1, &(0x7f0000000300)=""/150, 0x96, 0x0)

3.194935996s ago: executing program 4 (id=3692):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@allow_other}]}})
chown(&(0x7f00000004c0)='./file0\x00', 0x0, 0xffffffffffffffff)

2.406694804s ago: executing program 5 (id=3715):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
unshare(0x24060400)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)

2.346405845s ago: executing program 4 (id=3717):
r0 = syz_open_dev$usbfs(&(0x7f0000000040), 0x80000000003, 0x101301)
ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f00000002c0)=ANY=[@ANYBLOB="0200a006002a17006000000002000020d3"])
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioctl$USBDEVFS_REAPURBNDELAY(r0, 0x4008550d, 0x0)

2.319792775s ago: executing program 5 (id=3718):
syz_mount_image$f2fs(&(0x7f0000000100), &(0x7f0000010600)='./bus\x00', 0x82, &(0x7f00000004c0)=ANY=[@ANYBLOB="646973636172645f756e69743d626c6f636b2c66617374626f6f742c746573745f64756d6d795f656e6372797074696f6e2c6673796e635f6d6f64653d7374726963742c00b40f67712edb2176a5e6d792c97ec8c7ef152bcfe4d43f51cc9510960fc3bcdb9a7c2271a5c7c5f7034399570025512258e0aa61e5a6cb0e9d7bdb8f52a0cd33f64b5ecd96fe0cf837563a14b837d8114771dadf7db3e9bdf8ef297e302998"], 0x1, 0x105a4, &(0x7f0000010640)="$eJzs3E1rI3UcB/BfWrtP1rXIPigeHBChAROatlsURKruogt2KT4cPGmapCG7SaY06YN71pO+BK+CiDdfgxffRvEgeBK8rSiZmYrVPajNNuv284Hp9z//zPzynzCXX6YkgFNrLvnl51JcjPMRMR0RsxHZuFRsmdU8no6I5yJi6k9bqZj/Y+JMRFyIiIuj4nnNUvHSyq8H97585uYrn319UK79+NUXk7tqYNJeiIjeVj7e6+WZtvO8XczXdztZ9pZ3i8xf6N0p9tM891obWYW9+uFx9SyX2vnx6dbOYJSb3XpjlO3OZja/1c/fcLDbPqyTnXC7vp3tN1sbWXYGaZbtu/m69ou8OxjmdZpFvY+z8jEcHmY+39pv5dezdSfLRn9YzOd102Zrf5S7RRZvF42028zWsfGfP+aH3tud/s5+stvaHnTSfnKtWnupWlup1LbTZmvYWq7Ue82V5WS+3R0dVhm26r3Vdpq2u61qI+2Vk/l2o1Gp1ZL5662NTr2f1GrVpepC5Vq5GL2YvHnr/aTbTOZH+XqnvzPsdAfJZrqd5GeUk8Xq0svl5Pla8u7aerL+zo0ba+vvfXj9g1uvrd18ozjob8tK5hcXFhcrtYXKYq3s+o+jdLzTOe3cQAD/mv4fmIS8/z/Ixvp//f9p7X9P+/Vr3zgWNxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKn1w8y3b2WDuXz/8WL+iWLqqYi4GhFXIuJyRPx2H9Nx5kjNSxFRKsb3O37mL2v4rhRZhdE5Z4vtQkSsFtu9Jx/0pwAAAACPrm++/+TTiOnRMPvz6qQXxEkqvrQ5N6562Vc+j42r2qWs2P6Yql0+LDkWVyJiZu6nMVW7GhFTsx+Nqdo/Mn0kzsWzs4c3QimPqZNcDQAAcDKOdgJj694AAAB46Hw+6QUwGdnz2uJ/8YtnwWfzKB4Jnz+yBwAAAPwPlSa9AAAAAOCBy/p/v/8HAAAAj7b89/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Hd27iU3jRiOA/Af6BT6UlHF4yqsqi5ZcIgeocseoL1NdpwhEuIcZJcjRBAx46AMYTdmQOT7pMH2CH6ykVjYZgwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnNNDsZzfrf/9b5qz3TWTZzQAAADAKZtiOS8rw6r9Jd3/lm79iIhpREwiYhwRp+buvfhYyxxFRCfVT72/OOrDfUSZsP9MP12fI+JXup6+n/tbAAAAgNu1Xs0WEb19tXz5eajxDqRFm0GuvHLJ50OutFEZ9jdT2vglMotJRBTDx0xp04jofv2dWq38/nq1YvCq6FRFt41eAAAA7arPBLLN3gAAALg6fy7dAS6j3K9N/8VPe8H9qkgbgp9qLQAAAOB6HT9tf9Bptx8AAADABZTz/zfn/6VVAef/AQAAwG2ozv8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgnDbFcr5ezRZNc7a7ZvKMBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAZ/bnHQVCIAzCYO/6vtPg/Y8lDZqamlSB8PE3BgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8+d1f/k9MjTPJ3Gtj6XkkWTs1tk6NvXPj6A/j69cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF/tzdwIhEARhsO/8z2kx/7CkQWMQoQoWPmaYhwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPii3/3yf2JqnEnmThtLxyPJ2lVj66qx96Bx9GC8/RsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuNiBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirswIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsL+3NsmDIRxHH7tJErcJiOkt/iYgYYKwQh8SEiWPAMDsBANFa3FIrACCDho6UzB8zT/n05X3AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO/p9PTGR0Rkn4/MIx+u/g6Xg6/I100z+L5mtjnu659bTra7UcrfGP8XEVFE1sJvAADaV943xWJZzTtpu2l7aftpy2ldzV75aAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAMzt3rNpUFAYA+CRpotXJ0QoiOOhiYxOrEbI4FLoLgm6hjaWYqqQZ2tKlTyA6ufoKdtNX8AUEBy04OHRQcBFESXKTnmCQFOHeUL8P/nv/3OHcczIE/vufGwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4FgO98LZQZ4LIczNHOVd77/urow7v332YW4QX+68uRiP2R2iGEJ4uN5qXk9xLdNuc3vnUaPVarYlEolkmGT9ywQAwElTTKJb138q7i93r+XqIfx6NVr/X4ny8Jf6//PL8xcG8XPrXSe+V1z/L6S2wulX7mw8LW9u71xb32isNdeaj6vVyuLNxRu3b1XKvWclZU9MAAAA+DelJOL6P1//s/9/JsrDhPX/vaUH9+N7FdT/Yx01/bKeCQAAwP/t3KXv33JjrudKpbDV6HTaC/3j8HOlf8xgqsd2Kom4/i/Us54VAAAAkIbDvdxI/381ysOE/f/517sH8ZiFEMJs0v+fX3nSWk1vOVMtjdeJs14jAAAA2ZpNIu7/F3v7//PDLQ/5EMLVy/08+RvAier/jy/ujry0Hu//r6a3xKmUr/W/j965FsJMLesZAQAAcJKdTqJb7B8U95fbP54vlez/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOA3O3aM0kAQhQF4s5vVSgxYqZUXEO2sAhaC2HgIURA8gQjiAcTW0jtYeofUCjYWlim8gbzZHZU0AYtdJd8Hk/cIQ+Zl0uRfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYK7p/ndfxcuo6cv2veePq5OoLzM1vN+vb8aKftDl0P/QYK/vCQAAAFgEVc73RVG81Y+HUctxyv913hOZ/2Gl6XOen839uT7dvW7k/H99vHX5ddCoOSc+9Oz84nSns2/4963O3TFMN5+evVTpBymPbtamdbrPwe1kcrCU2uUupgUAfmM717bJ/4ei7vY5GAALY9iu4kf+r8b9zgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQhc8AAAD//4D6Yxw=")
chdir(0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
fadvise64(r0, 0x100e2, 0x8, 0x4)

1.905621114s ago: executing program 5 (id=3719):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=@RTM_NEWMDB={0x38, 0x54, 0x1e5, 0x0, 0x200000, {0x7, r2}, [@MDBA_SET_ENTRY={0x20, 0x1, {r2, 0x1, 0x3, 0x0, {@ip4=@dev={0xac, 0x14, 0x14, 0x37}, 0x800}}}]}, 0x38}}, 0x0)

1.720111583s ago: executing program 5 (id=3720):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000fc0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r0, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000000080)="3bfdd75fa5717852d59a9367444a2130e72cd4dabc8854532cca0c32a5b9f844a4610c7525650ce3d3b76b15026d93e6dee896115e9364066aa3d14e33ef732b4681335c576902153114bdb9c74b538a71115fb1d1a63d1b04129661b29aab89d0be999a6b7c9bea755adedbf305a79f70b71d3d4c98577b49db4963ce89b0def5e840f459659cb6f86d56b069a5de11d601d348ff88ca6e5e2cfe40176880b33e9e8dbc32ba2e6a99b1b50276dc4f06166000d7069a3cc76f", 0xb9}, {&(0x7f0000000180)="892950e2405ee8629d9384a91c16d1706a3e61f305119f95cac0f1927f4c205b971eb41147cb1f86883d6910e68ac3996551800b3ec64b77f8444b18345a2c8b178eeeba0cde7319a5a46bfe7f5770e019efd9d52069edcced33a758c4e657f3a792dc193a1911b4e82ea800ad7afe03c851a8", 0x73}, {&(0x7f0000000200)="a68cde0d56b170df7710b54f17d9a39c4f98f3547190", 0x20000216}, {&(0x7f0000000240)="45e04400f2b383517a08c397dd0a76e67ecfc8e74573c24dedd3a48fb62418c1412fdcd15e888cb0f5d02e77bfecefda6b064c0bb2b66a9a522e63873dde02330510255eec7dfa1af708cdab59fb71eca786a359a2c3b0cbad35144ec5b069c53f90e43339845dc7fd140c55b0149ab38eb27c140f374bcc2c95b0b121d1a9302f3a01b888243b3fc0d46f0de0", 0x8d}, {&(0x7f0000000300)="87fb74cf4d67adbbd062637f514c1f5eb18d7b442e6457a356c6cb1f71a43dfae773c8489cce5145f92615d4bdb13ef54d6ae90ec7733180fcf5adf3e13fdb05b57b748bd14eda042a97fdd84498304a504a0a159b972e8200c2d0f536a3465ec498ed12b924bd134057df36129d3ebe3dd3ce9f0671e5278143e4afa3d43f444681de1b5f9725fca34fa357fe2154981666fb9dc202fc17a0199eb1c25bdd1005e590e84783ee9894c888998dc25a83c14aeee31d114acfa0bcd235d571cd765f4b9259ba43e6fc30291d8a642146c4771898030b736aeee6b247abb0784b154e104e7dcda401f9b1736fea30a41a4153fe6a9a525bd0a3487571f914f05b590e242341ade289d8f5b842c6be4a93c2755dfd47174def782a2f8f61c068b5a012f02c0801601e860def788121e8808c01fed4c920a3698d0d684920918c95b17f76bbcb4f265c931d8f79560ff8114b70f4dd6791e2ed70cfeb89905791b88be26efe1c5c66b7b50b3d2be0dbc066dfc31618f9507f6f340b85a2f76a6dcac9d6ccc289ace5e5fecd25afe22ffa451f5e365ab33cc985f2e9d7f7fb1be4794740a94215d7db14b0ffcec19e5e3c5ae0d8578ef3b65d2a7a77a11e390a6c3a6b391061c886b961e3c2f42d62047bfe1356a44b840d3d956105f4c0fa95db08c4933f00de77cdc057c28b41fecfc8398c442be1ad065954f6c9dfeb2fd7207e8548a00a1d50bdf522d2abfdafd71723616a34830fbfa8fc81e0c2639cc12f363a4919b7a00ac8189dad3e7e54122a2ef430f623658d5e281c9a19442995bb9b0e3f7d13e3016b6f9523be196bf23bbcc5ec802f43ef8b651d688d9d5a44f35c9847e4c32bce3e9ebed2326adadc76f06a195db32c80b3090d7cd65c9d8518ba4e528c5eb5c7a1c5695b21595fa8a8621734bfda8afddd65e1f37a1990220a00fa9bd2c22b0117ceb08ae6af3c944c2eca924abfddad065d1472d0c3f742a49b1e78c669471873706ad157d831d7482b773f07b0673a6ce1e227a7a4d13744bf459434c0ab1c323a38b1a84cbf1ce9741f2b8fdcc2e073e56171603d035aacd83e71d5132831f4f1e8bf517979f132a33fd03783272e9b8c96dfa4e1d320a58d82acfc8d3d53a5a52daafe4dc8be08f4ad53e11cc21374b6ff4ff5ea2ecc5d3f7c057f74f0098e57d990090475cdaffdef0da917653ed10fb70b94b72e5b4d95cbea0fc1dd2579635ad6ab545ba4d7b6d2f5442bdb78beb6c8ed62942a439117025b4566b48d9f3a17fdf4577e8606a4bc4c26557e58312fd2d1a541ebec3e5ae28eef8b2ab0597083716dd12889335570ee7839530eee879d9b137606cd4dd7103991671b4464bb68529eb19fb7a8845e3491bfbac688a87cf0744f429ea112014402915c4c1f6bae08d689d3cb7d641d7befe8fc74a2242310a9a367a39531b4c86da5b39df524e52f33ff9c40b48cb196ffc9ca855b6e698ade8a83e52b9ddc5031ff09e1907e4f8b0d07e64e1fb8e427f8819a7be907aa216bf8e2a4c7cc87ed53bf9490d4cc788b91f3b9f705e984a7e62c7a495e8421b97c39dc954b35468f17c6682334f4e16308448f457faeffff6d1f818522fa441d3a48168bdb12ffebace436a3915b63076cb6a655718647f87eaaf313b5bbd430421eed3a2215e439600a56eac8c65291eb103326a8034662bd337ab51577d9110ec7151be5cc9c54b2a30891acac5ad006ed537dbeb8f16eecbde7cf4e71373faf3c36b772f6d7ea9346875c8cf1049d49d4f8eb01b946c11e8c8e3ab2015f282167acddcc77fff03e1be9134252af0abfe538b4d25fc4ff874b52b9fb0996b5f32b4141dbd30578ff46e13ef6c63fc1620f62cb11a3dce401993976c272a5f62fde3f2a0e654d19e7a39dcdb622b9526d2a15cc18e6f817c916a00775353dd9c8954e66d0445b59bb0f5e6e3b46447232f52a0e398b057d123ef503afcbd48544db6434d2025bfc8dab72262a4fa5426a03061e7f8966e0086ff8ab5a91ab59f19b830394ee8bc76d6fb4816b8f4cde35b7eb9d3811228d51c54828f97fd1e648196c81bc73ed56249a59f318704e84656a6cedd2b8c1e1808d1cc648749abc643131e494c01336d4a14b8609656f2c972dc23c5c2e43fe40119fb88b5ec2aade35c03646e347354c493de8ab3672ccf94af0df333c6678299129d79be0eec281c5b3858ce3995566a390b674635b356692e3e9c53a089638ba0d69e772b7b410a5ae03de12e7de755ee559e1707b7b8003aabc8e2ce03c01e3183ff2d93262f6d5ceaafecdae66bc7cb3952c5a6571d864d502f281db5a228695badca5d022fdb6da56ab15dc377d1c1f8581ff56e28c2b2a84edb629547d28275c2ed571103b4ca7cdeb0776ba9f9dffcd78d21c3d4caa9289ed199672f4e7b912068c49c817114c37d37ea03954bae87d1ddae3da2ad85feb2fbb735b75a51f7bee5c8d88cc7bf64700d1a46ec6b631ae22ac7b06730a86a26bdcb992e1c7b50142de96b14a8468e4514068a30896fc677fddefaebb125c693a8d460469c7fe535f844781940f66d6abd091191c3122d584f5b0f5b0d443713d7d5186124d73de28aca30b719d4a55e09d259bddbf16995aeb1000880890afbd24d4066b0398985a40999de22ce176348e1c1f57eaf75b92a1e4f1482e89a00ac2cc36b20e36af9ec310599c19a5b1d6f8fadba104c58c801c6633315f82ebfa88faddd0b693e2f827f586c1cc5538e93bcf10f81af6dd7ee727df3b5018c0b4e31e40d040a47503b6ace4d29a1162ce487351825255f5584aff7cbd421f85c3d9fbb3784abd9848f16028b68f0d32ed8bb80106e8cc4acb939ff88bd39976d166b2addebf628b3fcd056da2f60e1b90f7a32702954921908ebccb683622a1f574ceba6951bef5e751c338c8279318dc28e36b9fc2bb17c3ad08aceb00fc388e6db112a738f86a4a1eb11526e1b9d73250b326285ed47c4398d93a3933d9a784249b65ad7d78a1f81d96ef36493ed693045a2150a8eb43cecc0c93e7d20b15b39a0646b081c2923b816365b7fbb41683a41732d942c5aa12faf876ec7f036becde8f3295af6dacff38d076d8e06260fee167703bb610745374a2758a6b88e465ca77d1f3105ae8b6b04a1eb509fb178d6249dbbc84d5d1d069278449a89d03e4a9a395d8170c329a296cfc329798cb9b9f1078d098cf3f989fd4ec53e013fbe917df35292d44fb1f3da4da4432a1847d4721514ade8cda5e5c0b51183580fc35266a970ebba74faeda56d4dcb56df51f96ad237452cedbd0cb2bee112713c3d450835811bf3da9745136d428e148fd0932dc77c8d8e61a16c625241fad8425b4ece394eedd5f165bd94923bfa1172be8edc8a4fcaae5f77ee8cc510192b27964da09c3e84efb4bc7154da1a24da8b7e544b42278d2574687ec76143afa6cf193d52a2a7f4c20ee57b6056a1337d5e408117a6cf1ab49c8980f39597f69902085d3e8d374d44e6ab4ed1185a26be2bc7281e9cfbbeb6bed899aa1924d3faa06d95999fbeaf2337494e0c2c39eef5a73fcde84459a9ea48d4e015d9e5bb5839354967ce02f637bc8678d2595b9a918fc36b927d7501f0ac2e3471ce02b5df355689c87f191ef5390900a41deec29984e45a878ece964b0009aad561316fc3b30ce1b49266d32eb17cd30f3e17e1f59014e8c518940dd0a093d1349c1a7c2581963bbe0ba372b6426e81c33c71b2ec8141c5713e52a37fff0a417a5b259e1420d9fb6a731f5baa0cc494221947895aa8fa14745a986a366bff9d0c239a19f85372497565b5b703da16439019df5f3d29f4247fb528854c9648630f03e9dedde5a08a47728ea6a4d42e62eff6fa3bd402325e0f4387b60171c37c180f958ad80955779c899517e7ea76eed00598e01552eaaf08b723daf9d466e8c57af43a15a46528b1119f5074aa3c51f77357ebe158275bc06b89640d7ce3c0a03af01418d7dc6ae8a1be8ab08c1722d66d1e9277480b8b178447667c024f9b78f8a878a2d7cf8e83e5104f6964b2907a989abafc7d7d0df941abf3d7283b6a11d46c2911a42182ec27ab785d92946e1ee8ef44846d561850d2a98c305c382f36d4cfc9b2bfd3b86ef21a0d187adcafbec8268c7d662a34dda1c83c4967097743133bc8c587edf249f5668c34ddb112fa4eb1bea9c8f6a000f1f34428b54688a5e214a7919868b25dbe930e86a243ecf54afe0b518c647d04873d2cf62cb2ab27f00015537a4fd2ea3dc8777abdf3284622347016566da0b9c406ca8c40694e4013a53fbf2e803d51b0bbe5e9df5fc74f66be618856357ccf803c53ed0e3b3fe79f69f0ede9b565d8f7a8ce5aa8cbb4e8fa61be3fd00ffb07e45065498925c14c0b311942d4ed951ad6237aadb5405bc7b2d79e1fd295b7c2ed8efa883e44c86a5053e2f421c6d4dc0c47d3a05d911db37d6efdb8e50fb3f06139ac147bc7162c21aece79eaf72e9779f19eb5395cec3d15a7594ea70a6b373d98651d2215b210f037ea3f8a57ded74474f6fdb64a08b56af52168da70b30aee03472cd8bee5af04cad7303004a4aba464b99", 0xcb3}], 0x5, &(0x7f0000001480)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private, @multicast1}}}], 0x20}, 0x0)
recvmsg$unix(r1, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000001040)=[{&(0x7f00000015c0)=""/4096, 0x7ffff000}], 0x1, 0x0, 0x2}, 0x40000100)
recvmsg$unix(r1, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x30}, 0x181)

929.525532ms ago: executing program 4 (id=3735):
capset(&(0x7f0000000080)={0x20080522}, &(0x7f00000000c0)={0x200000, 0x200000})
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='veth1_to_batadv\x00', 0x10)
setsockopt$sock_int(r0, 0x1, 0x3e, &(0x7f0000fee000)=0x3fa, 0x4)

886.150652ms ago: executing program 4 (id=3737):
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @none}, 0xe)

832.834322ms ago: executing program 4 (id=3740):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000002280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0)
write$FUSE_NOTIFY_INVAL_ENTRY(r0, &(0x7f0000002240)=ANY=[@ANYBLOB="2300000004"], 0x23)

706.253331ms ago: executing program 5 (id=3744):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)={0x44, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2, 0x0, 0x4}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_SEQ_ADJ_ORIG={0xc, 0xf, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x2}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x0)

683.318041ms ago: executing program 5 (id=3747):
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x9, 0x0, 0x0, 0x0, 0xfffffffe)
futex(&(0x7f000000cffc), 0x9, 0x0, 0x0, 0x0, 0x4)
futex(&(0x7f000000cffc), 0xa, 0x0, 0x0, 0x0, 0x1)

612.974721ms ago: executing program 3 (id=3756):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0)
read$rfkill(r0, &(0x7f0000000040), 0x8)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)

601.891811ms ago: executing program 3 (id=3757):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x40, 0x10, 0x44b, 0x0, 0x0, {0x7a}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BR_GROUP_ADDR={0xa, 0x14, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}]}}}]}, 0x40}}, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_NAME_TYPE_CMD(r1, 0x8982, &(0x7f0000000180)={0x6, 'pim6reg\x00', {0x101}, 0x4})

478.882411ms ago: executing program 3 (id=3759):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="0100000000000000070001c0"])

476.202701ms ago: executing program 0 (id=3760):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0)
write$binfmt_aout(r0, &(0x7f0000000380)=ANY=[], 0xff2e)
write$binfmt_script(r0, 0x0, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

403.135401ms ago: executing program 3 (id=3761):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'bond_slave_1\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001b80)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=@getchain={0x24, 0x66, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2}}, 0x24}}, 0x0)

395.424901ms ago: executing program 3 (id=3762):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x20000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
pipe(&(0x7f0000000080))

360.457341ms ago: executing program 0 (id=3763):
r0 = socket$pptp(0x18, 0x1, 0x2)
io_setup(0x6, &(0x7f00000000c0)=<r1=>0x0)
r2 = eventfd2(0x0, 0x0)
io_submit(r1, 0x2, &(0x7f0000000380)=[&(0x7f0000000000)={0x0, 0x0, 0x2, 0x0, 0x0, r0, 0x0}, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x3, r2}])

309.119151ms ago: executing program 2 (id=3764):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000100)=@newlink={0x44, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r1, 0x0, 0x4000}, [@IFLA_VFINFO_LIST={0x1c, 0x16, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, [@IFLA_VF_IB_PORT_GUID={0x14, 0xb, {0x6a12, 0x2}}]}]}, @IFLA_MTU={0x8}]}, 0x44}, 0x1, 0x0, 0x0, 0x20042000}, 0x0)

229.22826ms ago: executing program 2 (id=3765):
r0 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=@RTM_DELMDB={0x18, 0x55, 0x1, 0x70bd26, 0x25dfdbfe, {0x7, r2}}, 0x18}, 0x1, 0x0, 0x0, 0x8000}, 0x4000004)

223.06105ms ago: executing program 0 (id=3766):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000140)={@empty}, 0x14)
setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f0000000040), 0x4)

220.29598ms ago: executing program 3 (id=3767):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
syz_usb_connect(0x0, 0x24, &(0x7f0000000480)={{0x12, 0x1, 0x0, 0x92, 0xdd, 0xee, 0x10, 0x403, 0x6010, 0x6639, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x6e, 0x0, 0x0, 0x53, 0xd0, 0xdc}}]}}]}}, 0x0)

212.74648ms ago: executing program 0 (id=3768):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newqdisc={0x148, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x3c, 0x2, [@TCA_FQ_INITIAL_QUANTUM={0x8}, @TCA_FQ_LOW_RATE_THRESHOLD={0x8, 0xb, 0xffffffff}, @TCA_FQ_FLOW_DEFAULT_RATE={0x8}, @TCA_FQ_FLOW_MAX_RATE={0x8}, @TCA_FQ_LOW_RATE_THRESHOLD={0xfffffcfd}, @TCA_FQ_FLOW_DEFAULT_RATE={0x8}, @TCA_FQ_FLOW_MAX_RATE={0x8, 0x7, 0x2}]}}, @TCA_STAB={0xe0, 0x8, 0x0, 0x1, [{{0x1c}, {0x4}}, {{0x1c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}}, {0x10, 0x2, [0x0, 0x0, 0xffff, 0x0, 0x0, 0x0]}}, {{0x1c, 0x1, {0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}}, {0xe}}, {{0x1c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x2, [0x0, 0x0]}}, {{0x1c}, {0x4}}, {{0x1c}, {0x4}}]}]}, 0x148}}, 0x0)

174.83414ms ago: executing program 2 (id=3769):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)=r1}, 0x20)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000240)={r1}, 0x57)

174.42532ms ago: executing program 0 (id=3770):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x40, 0x10, 0x44b, 0x0, 0x0, {0x7a}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BR_GROUP_ADDR={0xa, 0x14, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}]}}}]}, 0x40}}, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_NAME_TYPE_CMD(r1, 0x8982, &(0x7f0000000180)={0x6, 'pim6reg\x00', {0x101}, 0x4})

169.80519ms ago: executing program 2 (id=3771):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff})
r1 = syz_io_uring_setup(0x25a8, &(0x7f00000000c0), &(0x7f0000ffd000), &(0x7f0000ffb000))
io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000180)=[0xffffffffffffffff], 0x1)
io_uring_register$IORING_REGISTER_FILES_UPDATE(r1, 0x6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)=[r0]}, 0x1)

159.64503ms ago: executing program 2 (id=3772):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="0100000000000000070001c0"])

123.9455ms ago: executing program 2 (id=3773):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000007c0)={[{@noblock_validity}, {@minixdf}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nomblk_io_submit}, {@noauto_da_alloc}, {@noinit_itable}]}, 0x3, 0x57f, &(0x7f000000a300)="$eJzs3d9rU1ccAPDvTVutPzYriGx7GAUf5nCm2u6Hg8Hc49hkwvbuQnst0tRIk4rtBPVhvuxlyGCMCWN/wN73KPsH9lcImyBDyvawl46b3tjYNP0Ro4nL5wNXz7n3Nud+c+735NzchAQwsMazfwoRr0bEt0nEoaZtw5FvHF/bb+XR9elsSWJ19fO/kkjydY39k/z/A3nllYj47euIE4XWdqtLy3OlcjldyOsTtfkrE9Wl5ZOX5kuz6Wx6eXJq6sw7U5Pvv/du12J98/w/P3x27+Mz3xxb+f6XB4fvJHE2DubbmuN4CjebK+Mxnj8nI3F2w46nu9BYP0l6fQB0ZCjP85HIxoBDMZRnPfD/dyMiVoEBlch/GFCNeUDj2r5L18EvjIcfrV0AtcY/vPbeSIzWr432ryRPXBll17tjXWg/a+PXP+/eyZbY5n2IG11oD6Dh5q2IODU83Dr+Jfn417lT9TePt7axjUF7/YFeupfNf96KWBmNDflfeDz/iU3mPwc2yd1ObJ//hQddaKatbP73wabz38dD19hQXnupPucbSS5eKqenIuLliDgeI3uz+lb3c86s3F9tt615/pctWfuNuWB+HA+G9z75NzOlWulpYm728FbEa+vz3yRaxv/R+lx3Y/9nz8f5HbZxNL37ertt28ffrPsz4NWfI97YtP/X72glW9+fnKifDxONs6LV37eP/t6u/d3F331Z/+/fOv6xpPl+bXX3bfw0+m/ablun5/+e5It6eU++7lqpVls4HbEn+bR1/eT63zbqjf2z+I8f2zz/tzr/90XElzuM//aR22137Yf+n9lV/+++cP+Tr35s1/7O+v/teul4vmYn499OD/BpnjsAAAAAAADoN4WIOBhJofi4XCgUi2uf7zgS+wvlSrV24mJl8fJM1L8rOxYjhcad7kNNn4d4lD9eoz6Zfz62UZ+KiMMR8d3Qvnq9OF0pz/Q4dgAAAAAAAAAAAAAAAAAAAOgXB9p8/z/zx1Cvjw545vzkNwyubfO/G7/0BPQlr/8wuOQ/DC75D4Or8/xPunocwPPn9R8Gl/yHwSX/YXDJfwAAAAAAAAAAAAAAAAAAAAAAAAAAAOiq8+fOZcvqyqPr01l95urS4lzl6smZtDpXnF+cLk5XFq4UZyuV2XJanK7Mb/d45UrlyunJWLw2UUurtYnq0vKF+cri5dqFS/Ol2fRCOvJcogIAAAAAAAAAAAAAAAAAAIAXS3Vpea5ULqcLCm0LH0ZfHEbHhWRjL8foWuevB7hm7uzBiN02Mdz7ABWeQaGXoxIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPOm/AAAA///9RS5U")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x8004587d, &(0x7f0000000080)={@desc={0x1, 0x0, @desc2}})
unlink(&(0x7f0000000100)='./file0/file0\x00')

0s ago: executing program 0 (id=3774):
syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000240)='./file0\x00', 0x8801, 0x0, 0x10, 0x0, &(0x7f0000000000))
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
chmod(&(0x7f00000002c0)='./file0\x00', 0x40)

kernel console output (not intermixed with test programs):

 97.152234][ T5606] loop3: detected capacity change from 0 to 512
[   97.231201][ T5606] EXT4-fs (loop3): mounted filesystem without journal. Opts: nodelalloc,grpid,auto_da_alloc,,errors=continue. Quota mode: writeback.
[   97.275182][ T5606] ext4 filesystem being mounted at /420/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   97.512607][ T5604] loop0: detected capacity change from 0 to 40427
[   97.560868][ T5604] F2FS-fs (loop0): fault_type options not supported
[   97.571950][ T5604] F2FS-fs (loop0): invalid crc value
[   97.586725][ T5604] F2FS-fs (loop0): Found nat_bits in checkpoint
[   97.653441][ T5590] loop4: detected capacity change from 0 to 131072
[   97.689440][ T5604] F2FS-fs (loop0): Start checkpoint disabled!
[   97.716565][ T5604] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[   97.754821][ T5638] loop2: detected capacity change from 0 to 512
[   97.763454][ T5590] F2FS-fs (loop4): Found nat_bits in checkpoint
[   97.823061][ T5590] F2FS-fs (loop4): Mounted with checkpoint version = 753bd00b
[   97.871546][ T5638] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   97.897012][ T5638] ext4 filesystem being mounted at /498/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   97.927623][   T10] attempt to access beyond end of device
[   97.927623][   T10] loop0: rw=2049, want=45104, limit=40427
[   98.264531][ T5656] loop0: detected capacity change from 0 to 512
[   98.351757][ T5656] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 234 vs 220 free clusters
[   98.386924][ T5656] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz.0.2290: inode #1: comm syz.0.2290: iget: illegal inode #
[   98.410484][ T5656] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.2290: error while reading EA inode 1 err=-117
[   98.442345][ T5656] EXT4-fs (loop0): 1 orphan inode deleted
[   98.457152][ T5656] EXT4-fs (loop0): mounted filesystem without journal. Opts: usrjquota=,journal_dev=0x0000000000008000,debug_want_extra_isize=0x000000000000005c,minixdf,resgid=0x0000000000000000,grpquota,usrjquota=,journal_dev=0x0000000000000dcc,,errors=continue. Quota mode: writeback.
[   98.473407][ T5665] loop3: detected capacity change from 0 to 1024
[   98.526765][ T5665] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_lock,noblock_validity,lazytime,noblock_validity,,errors=continue. Quota mode: none.
[   98.530936][ T5680] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2304'.
[   98.592239][ T5686] loop4: detected capacity change from 0 to 16
[   98.647589][ T5665] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   98.663244][ T5686] erofs: (device loop4): mounted with root inode @ nid 36.
[   98.675735][ T5665] EXT4-fs (loop3): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 1 with error 28
[   98.691017][ T5686] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=86
[   98.700812][ T5686] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=86
[   98.714780][ T5665] EXT4-fs (loop3): This should not happen!! Data will be lost
[   98.714780][ T5665] 
[   98.733481][ T5665] EXT4-fs (loop3): Total free blocks count 0
[   98.742616][ T5686] overlayfs: failed to get metacopy (-117)
[   98.750484][ T5665] EXT4-fs (loop3): Free/Dirty block details
[   98.764005][ T5665] EXT4-fs (loop3): free_blocks=68451041280
[   98.774929][ T5665] EXT4-fs (loop3): dirty_blocks=16
[   98.786501][ T5665] EXT4-fs (loop3): Block reservation details
[   98.797583][ T5665] EXT4-fs (loop3): i_reserved_data_blocks=1
[   98.903059][ T5717] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   98.926189][ T5719] device batadv_slave_1 entered promiscuous mode
[   98.929522][ T5717] syz.4.2323 (5717) used greatest stack depth: 19520 bytes left
[   98.961439][ T5723] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   99.037404][ T5739] loop4: detected capacity change from 0 to 1024
[   99.103659][ T5739] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_lock,noblock_validity,lazytime,noblock_validity,,errors=continue. Quota mode: none.
[   99.256398][ T5759] loop3: detected capacity change from 0 to 40427
[   99.313375][ T5759] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[   99.327170][ T5759] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[   99.337663][ T5739] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   99.350996][ T5759] F2FS-fs (loop3): invalid crc value
[   99.364932][ T5739] EXT4-fs (loop4): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 1 with error 28
[   99.383302][ T5759] F2FS-fs (loop3): Found nat_bits in checkpoint
[   99.390193][ T5739] EXT4-fs (loop4): This should not happen!! Data will be lost
[   99.390193][ T5739] 
[   99.409484][ T5739] EXT4-fs (loop4): Total free blocks count 0
[   99.421979][ T5739] EXT4-fs (loop4): Free/Dirty block details
[   99.434236][ T5739] EXT4-fs (loop4): free_blocks=68451041280
[   99.440458][ T5759] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[   99.447314][ T5759] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   99.456910][ T5775] loop0: detected capacity change from 0 to 16
[   99.463104][ T5739] EXT4-fs (loop4): dirty_blocks=16
[   99.478229][ T5739] EXT4-fs (loop4): Block reservation details
[   99.488363][ T5739] EXT4-fs (loop4): i_reserved_data_blocks=1
[   99.510719][ T5775] erofs: (device loop0): mounted with root inode @ nid 36.
[   99.562439][   T10] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[   99.580565][   T10] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[   99.649880][ T5772] loop5: detected capacity change from 0 to 40427
[   99.720339][ T5772] F2FS-fs (loop5): Invalid SB checksum offset: 0
[   99.726693][ T5772] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock
[   99.791986][ T5789] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[   99.809772][ T5772] F2FS-fs (loop5): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[   99.880408][ T5772] F2FS-fs (loop5): Try to recover 2th superblock, ret: 0
[   99.890889][ T5772] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[   99.925033][ T5803] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2359'.
[   99.935837][ T5440] attempt to access beyond end of device
[   99.935837][ T5440] loop5: rw=2049, want=40992, limit=40427
[   99.960882][ T5803] bridge0: port 2(bridge_slave_1) entered disabled state
[   99.968030][ T5803] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.111332][ T5770] loop2: detected capacity change from 0 to 131072
[  100.138029][ T5812] ip_tunnel: non-ECT from 0.0.0.224 with TOS=0x3
[  100.159203][ T5815] loop5: detected capacity change from 0 to 1024
[  100.180898][ T5770] F2FS-fs (loop2): Found nat_bits in checkpoint
[  100.191225][ T5815] EXT4-fs (loop5): mounted filesystem without journal. Opts: dioread_lock,noblock_validity,lazytime,noblock_validity,,errors=continue. Quota mode: none.
[  100.230959][ T5770] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  100.351989][ T5815] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  100.410676][ T5815] EXT4-fs (loop5): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 1 with error 28
[  100.414475][ T5846] device gretap1 entered promiscuous mode
[  100.428543][ T5815] EXT4-fs (loop5): This should not happen!! Data will be lost
[  100.428543][ T5815] 
[  100.438075][ T5815] EXT4-fs (loop5): Total free blocks count 0
[  100.443975][ T5815] EXT4-fs (loop5): Free/Dirty block details
[  100.449657][ T5815] EXT4-fs (loop5): free_blocks=68451041280
[  100.455402][ T5815] EXT4-fs (loop5): dirty_blocks=16
[  100.460403][ T5815] EXT4-fs (loop5): Block reservation details
[  100.466197][ T5815] EXT4-fs (loop5): i_reserved_data_blocks=1
[  100.628030][ T5855] device wireguard0 entered promiscuous mode
[  100.666920][   T30] kauditd_printk_skb: 80 callbacks suppressed
[  100.666957][   T30] audit: type=1400 audit(1738156294.010:1801): avc:  denied  { create } for  pid=5862 comm="syz.2.2383" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  100.676759][ T5861] loop0: detected capacity change from 0 to 4096
[  100.726122][   T30] audit: type=1400 audit(1738156294.040:1802): avc:  denied  { connect } for  pid=5862 comm="syz.2.2383" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  100.750982][ T5865] syz.2.2384: vmalloc error: size 8593047552, exceeds total pages, mode:0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null),cpuset=syz2,mems_allowed=0
[  100.751462][ T5861] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  100.808810][ T5865] CPU: 1 PID: 5865 Comm: syz.2.2384 Not tainted 5.15.176-syzkaller-00066-gd1a25a6a4b3b #0
[  100.818528][ T5865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  100.828428][ T5865] Call Trace:
[  100.831543][ T5865]  <TASK>
[  100.834331][ T5865]  dump_stack_lvl+0x151/0x1c0
[  100.838842][ T5865]  ? io_uring_drop_tctx_refs+0x190/0x190
[  100.844314][ T5865]  ? pr_cont_kernfs_name+0xf0/0x100
[  100.846953][ T5853] loop3: detected capacity change from 0 to 40427
[  100.849334][ T5865]  dump_stack+0x15/0x20
[  100.855789][   T30] audit: type=1400 audit(1738156294.040:1803): avc:  denied  { write } for  pid=5862 comm="syz.2.2383" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  100.859578][ T5865]  warn_alloc+0x21a/0x390
[  100.883046][ T5865]  ? finish_task_switch+0x167/0x7b0
[  100.888066][ T5865]  ? __vmalloc_node_range+0x95/0x8d0
[  100.893185][ T5865]  ? zone_watermark_ok_safe+0x270/0x270
[  100.898742][ T5865]  __vmalloc_node_range+0xb6/0x8d0
[  100.903703][ T5865]  ? kasan_poison+0x5d/0x70
[  100.908193][ T5865]  ? __kasan_kmalloc_large+0xad/0xc0
[  100.913250][ T5865]  ? kmalloc_order+0xb7/0x160
[  100.917747][ T5865]  ? __vcalloc+0x36/0x50
[  100.921942][ T5865]  __vmalloc+0x7a/0x90
[  100.925912][ T5865]  ? __vcalloc+0x36/0x50
[  100.933552][ T5865]  __vcalloc+0x36/0x50
[  100.937477][ T5865]  memslot_rmap_alloc+0x6b/0x2a0
[  100.942230][ T5865]  kvm_arch_prepare_memory_region+0xc5/0xd20
[  100.948180][ T5865]  ? kvm_set_memslot+0x4fe/0x1780
[  100.953041][ T5865]  ? memcpy+0x56/0x70
[  100.956938][ T5865]  kvm_set_memslot+0x513/0x1780
[  100.961688][ T5865]  ? id_to_memslot+0x110/0x110
[  100.966400][ T5865]  ? id_to_memslot+0xaa/0x110
[  100.970995][ T5865]  __kvm_set_memory_region+0xdf8/0x1060
[  100.976381][ T5865]  ? kvm_put_kvm_no_destroy+0x80/0x80
[  100.981595][ T5865]  ? pcpu_memcg_post_alloc_hook+0x1b1/0x260
[  100.987497][ T5865]  ? trace_raw_output_percpu_destroy_chunk+0xc0/0xc0
[  100.994140][ T5865]  ? _find_next_bit+0x1f3/0x200
[  100.998799][ T5865]  ? do_vfs_ioctl+0xbc1/0x2a80
[  101.003402][ T5865]  kvm_vm_ioctl_set_memory_region+0x73/0xa0
[  101.009123][ T5865]  kvm_vm_ioctl+0x91f/0xb60
[  101.013465][ T5865]  ? kvm_device_release+0x210/0x210
[  101.019255][ T5865]  ? __kasan_check_read+0x11/0x20
[  101.024109][ T5865]  ? ioctl_has_perm+0x1f8/0x560
[  101.028782][ T5865]  ? memcpy+0x56/0x70
[  101.032603][ T5865]  ? ioctl_has_perm+0x452/0x560
[  101.037285][ T5865]  ? __kasan_check_write+0x14/0x20
[  101.042248][ T5865]  ? has_cap_mac_admin+0x3c0/0x3c0
[  101.047184][ T5865]  ? __kasan_check_write+0x14/0x20
[  101.052129][ T5865]  ? __kasan_check_write+0x14/0x20
[  101.057078][ T5865]  ? selinux_file_ioctl+0x3cc/0x540
[  101.062110][ T5865]  ? selinux_file_alloc_security+0x120/0x120
[  101.067935][ T5865]  ? __se_sys_futex+0x37b/0x3e0
[  101.072616][ T5865]  ? security_file_ioctl+0x84/0xb0
[  101.077647][ T5865]  ? kvm_device_release+0x210/0x210
[  101.082689][ T5865]  __se_sys_ioctl+0x114/0x190
[  101.087206][ T5865]  __x64_sys_ioctl+0x7b/0x90
[  101.091619][ T5865]  x64_sys_call+0x98/0x9a0
[  101.095881][ T5865]  do_syscall_64+0x3b/0xb0
[  101.100211][ T5865]  ? clear_bhb_loop+0x35/0x90
[  101.104726][ T5865]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  101.110814][ T5865] RIP: 0033:0x7f74eed17da9
[  101.115140][ T5865] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.134772][ T5865] RSP: 002b:00007f74ed382038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  101.143015][ T5865] RAX: ffffffffffffffda RBX: 00007f74eef30fa0 RCX: 00007f74eed17da9
[  101.150824][ T5865] RDX: 0000000020003340 RSI: 000000004020ae46 RDI: 0000000000000004
[  101.158642][ T5865] RBP: 00007f74eed992a0 R08: 0000000000000000 R09: 0000000000000000
[  101.166556][ T5865] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  101.174551][ T5865] R13: 0000000000000000 R14: 00007f74eef30fa0 R15: 00007ffe7f50b708
[  101.182359][ T5865]  </TASK>
[  101.190837][ T5865] Mem-Info:
[  101.193868][ T5865] active_anon:105 inactive_anon:8961 isolated_anon:0
[  101.193868][ T5865]  active_file:19358 inactive_file:4527 isolated_file:0
[  101.193868][ T5865]  unevictable:0 dirty:291 writeback:0
[  101.193868][ T5865]  slab_reclaimable:10285 slab_unreclaimable:73181
[  101.193868][ T5865]  mapped:28249 shmem:5790 pagetables:607 bounce:0
[  101.193868][ T5865]  kernel_misc_reclaimable:0
[  101.193868][ T5865]  free:1541435 free_pcp:21349 free_cma:0
[  101.197824][   T30] audit: type=1400 audit(1738156294.540:1804): avc:  denied  { wake_alarm } for  pid=5871 comm="syz.5.2388" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  101.235669][ T5865] Node 0 active_anon:420kB inactive_anon:35844kB active_file:77432kB inactive_file:18108kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:112996kB dirty:1164kB writeback:0kB shmem:23160kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:4256kB pagetables:2528kB all_unreclaimable? no
[  101.287698][ T5853] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504)
[  101.299595][ T5853] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  101.324653][ T5865] DMA32 free:2974676kB min:62568kB low:78208kB high:93848kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:2978952kB mlocked:0kB bounce:0kB free_pcp:4276kB local_pcp:4220kB free_cma:0kB
[  101.356770][ T5853] F2FS-fs (loop3): fault_injection options not supported
[  101.363858][ T5853] F2FS-fs (loop3): fault_type options not supported
[  101.378879][ T5853] F2FS-fs (loop3): invalid crc value
[  101.385535][ T5865] lowmem_reserve[]: 0 3941 3941
[  101.390376][ T5865] Normal free:3190588kB min:84884kB low:106104kB high:127324kB reserved_highatomic:0KB active_anon:420kB inactive_anon:33444kB active_file:77432kB inactive_file:20108kB unevictable:0kB writepending:1164kB present:5242880kB managed:4035584kB mlocked:0kB bounce:0kB free_pcp:81540kB local_pcp:48692kB free_cma:0kB
[  101.419899][ T5853] F2FS-fs (loop3): Found nat_bits in checkpoint
[  101.420101][ T5865] lowmem_reserve[]: 0 0 0
[  101.430484][ T5865] DMA32: 3*4kB (M) 1*8kB (M) 2*16kB (M) 3*32kB (M) 3*64kB (M) 3*128kB (M) 3*256kB (M) 3*512kB (M) 4*1024kB (UM) 3*2048kB (UM) 723*4096kB (M) = 2974676kB
[  101.446707][ T5865] Normal: 1309*4kB (UME) 641*8kB (UM) 468*16kB (ME) 534*32kB (UME) 451*64kB (UME) 172*128kB (UME) 132*256kB (UME) 82*512kB (UME) 60*1024kB (UME) 29*2048kB (UM) 710*4096kB (UM) = 3190588kB
[  101.461830][ T5853] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  101.466277][ T5865] 29775 total pagecache pages
[  101.476870][ T5853] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  101.486340][ T5865] 75 pages in swap cache
[  101.491871][ T5865] Swap cache stats: add 7691, delete 7615, find 522/522
[  101.498890][ T5865] Free swap  = 124124kB
[  101.504441][ T5853] attempt to access beyond end of device
[  101.504441][ T5853] loop3: rw=2049, want=53256, limit=40427
[  101.510851][ T5894] loop0: detected capacity change from 0 to 1024
[  101.515710][ T5865] Total swap = 124996kB
[  101.534297][ T5865] 2097051 pages RAM
[  101.540684][  T290] attempt to access beyond end of device
[  101.540684][  T290] loop3: rw=2049, want=45104, limit=40427
[  101.561072][   T30] audit: type=1326 audit(1738156294.910:1805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5895 comm="syz.4.2396" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5f82375da9 code=0x0
[  101.585203][ T5865] 0 pages HighMem/MovableOnly
[  101.590828][ T5865] 343417 pages reserved
[  101.595423][ T5865] 0 pages cma reserved
[  101.647699][ T5894] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,noblock_validity,lazytime,noblock_validity,,errors=continue. Quota mode: none.
[  101.723781][ T5894] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  101.739485][ T5894] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 1 with error 28
[  101.751729][ T5894] EXT4-fs (loop0): This should not happen!! Data will be lost
[  101.751729][ T5894] 
[  101.761347][ T5894] EXT4-fs (loop0): Total free blocks count 0
[  101.767145][ T5894] EXT4-fs (loop0): Free/Dirty block details
[  101.773385][ T5894] EXT4-fs (loop0): free_blocks=68451041280
[  101.780739][ T5894] EXT4-fs (loop0): dirty_blocks=16
[  101.785729][ T5894] EXT4-fs (loop0): Block reservation details
[  101.791652][ T5894] EXT4-fs (loop0): i_reserved_data_blocks=1
[  101.802654][ T5905] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5905 comm=syz.3.2397
[  101.815205][   T30] audit: type=1400 audit(1738156295.160:1806): avc:  denied  { audit_write } for  pid=5904 comm="syz.3.2397" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  101.836667][   T30] audit: type=1107 audit(1738156295.160:1807): pid=5904 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='
[  101.836667][   T30] '
[  101.913202][   T30] audit: type=1400 audit(1738156295.260:1808): avc:  denied  { setopt } for  pid=5910 comm="syz.2.2401" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  101.965246][   T30] audit: type=1400 audit(1738156295.260:1809): avc:  denied  { read } for  pid=5910 comm="syz.2.2401" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  101.988692][   T30] audit: type=1326 audit(1738156295.290:1810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5914 comm="syz.2.2404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74eed17da9 code=0x7ffc0000
[  102.118576][ T5938] loop5: detected capacity change from 0 to 1024
[  102.170262][ T5938] EXT4-fs (loop5): mounted filesystem without journal. Opts: dioread_lock,noblock_validity,lazytime,noblock_validity,,errors=continue. Quota mode: none.
[  102.231994][ T5952] pim6reg0: tun_chr_ioctl cmd 2147767520
[  102.274306][ T5938] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  102.276166][ T5955] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2419'.
[  102.289358][ T5938] EXT4-fs (loop5): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 1 with error 28
[  102.310432][ T5938] EXT4-fs (loop5): This should not happen!! Data will be lost
[  102.310432][ T5938] 
[  102.319919][ T5938] EXT4-fs (loop5): Total free blocks count 0
[  102.326004][ T5938] EXT4-fs (loop5): Free/Dirty block details
[  102.332016][ T5938] EXT4-fs (loop5): free_blocks=68451041280
[  102.338029][ T5938] EXT4-fs (loop5): dirty_blocks=16
[  102.343164][ T5938] EXT4-fs (loop5): Block reservation details
[  102.349009][ T5938] EXT4-fs (loop5): i_reserved_data_blocks=1
[  102.422523][ T5969] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  102.501931][ T5988] overlayfs: failed to resolve './file2': -2
[  102.748019][ T5983] loop2: detected capacity change from 0 to 40427
[  102.810798][ T5983] F2FS-fs (loop2): fault_type options not supported
[  102.821717][ T5983] F2FS-fs (loop2): invalid crc value
[  102.835439][ T5983] F2FS-fs (loop2): Found nat_bits in checkpoint
[  102.903872][ T5983] F2FS-fs (loop2): Start checkpoint disabled!
[  102.927946][ T5983] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  102.941922][ T6015] loop5: detected capacity change from 0 to 40427
[  102.948953][ T6018] loop0: detected capacity change from 0 to 40427
[  102.990879][ T6018] F2FS-fs (loop0): fault_injection options not supported
[  102.991630][ T6015] F2FS-fs (loop5): invalid crc value
[  103.008326][ T6018] F2FS-fs (loop0): invalid crc value
[  103.023408][ T6015] F2FS-fs (loop5): Found nat_bits in checkpoint
[  103.031054][ T6018] F2FS-fs (loop0): Found nat_bits in checkpoint
[  103.093789][ T6015] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[  103.102391][   T45] attempt to access beyond end of device
[  103.102391][   T45] loop2: rw=2049, want=45104, limit=40427
[  103.115653][ T6018] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  103.133297][ T5440] attempt to access beyond end of device
[  103.133297][ T5440] loop5: rw=2049, want=45104, limit=40427
[  103.159274][  T292] attempt to access beyond end of device
[  103.159274][  T292] loop0: rw=2049, want=45104, limit=40427
[  103.341788][ T6046] loop2: detected capacity change from 0 to 128
[  103.395545][ T6046] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  103.406594][ T6046] ext4 filesystem being mounted at /531/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  103.428151][ T6046] netlink: 'syz.2.2458': attribute type 16 has an invalid length.
[  103.440181][ T6046] netlink: 'syz.2.2458': attribute type 3 has an invalid length.
[  103.447844][ T6046] netlink: 29478 bytes leftover after parsing attributes in process `syz.2.2458'.
[  103.527399][ T6072] loop0: detected capacity change from 0 to 128
[  103.738340][ T6105] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2486'.
[  103.866300][ T6130] netlink: 52 bytes leftover after parsing attributes in process `syz.0.2498'.
[  103.989094][ T6145] overlayfs: missing 'lowerdir'
[  104.110707][ T6164] x_tables: unsorted underflow at hook 2
[  104.140522][ T6166] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  104.217124][ T6149] loop4: detected capacity change from 0 to 40427
[  104.271137][ T6149] F2FS-fs (loop4): fault_type options not supported
[  104.288779][ T6149] F2FS-fs (loop4): invalid crc value
[  104.305283][ T6149] F2FS-fs (loop4): Found nat_bits in checkpoint
[  104.348537][ T6190] loop2: detected capacity change from 0 to 256
[  104.383721][ T6149] F2FS-fs (loop4): Start checkpoint disabled!
[  104.394058][ T6149] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  104.414225][ T6190] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  104.551378][    T8] attempt to access beyond end of device
[  104.551378][    T8] loop4: rw=2049, want=45104, limit=40427
[  104.607228][    T8] Bluetooth: hci0: Frame reassembly failed (-84)
[  104.613994][ T6235] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  104.719367][ T6251] syz.5.2553[6251] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  104.719445][ T6251] syz.5.2553[6251] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  104.733165][ T6251] blk_update_request: I/O error, dev loop11, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  104.755728][ T6251] FAT-fs (loop11): unable to read boot sector
[  104.839480][ T6249] loop4: detected capacity change from 0 to 40427
[  104.881838][ T6249] F2FS-fs (loop4): invalid crc value
[  104.887664][ T6255] loop5: detected capacity change from 0 to 40427
[  104.895105][ T6249] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[  104.915908][ T6249] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  104.926656][ T6255] F2FS-fs (loop5): fault_type options not supported
[  104.934644][ T6255] F2FS-fs (loop5): invalid crc value
[  104.941032][ T6255] F2FS-fs (loop5): Found nat_bits in checkpoint
[  104.966227][ T6255] F2FS-fs (loop5): Start checkpoint disabled!
[  104.979610][ T6255] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  105.020786][ T6263] loop4: detected capacity change from 0 to 512
[  105.040730][ T6263] EXT4-fs (loop4): Ignoring removed bh option
[  105.048452][ T6263] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -13
[  105.056875][ T6263] EXT4-fs error (device loop4): __ext4_iget:4903: inode #15: block 1803188595: comm syz.4.2556: invalid block
[  105.068858][ T6263] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.2556: couldn't read orphan inode 15 (err -117)
[  105.081002][ T6263] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsold,resgid=0x000000000000ee00,bh,noload,data_err=ignore,usrjquota=.,errors=continue. Quota mode: writeback.
[  105.100231][   T45] attempt to access beyond end of device
[  105.100231][   T45] loop5: rw=2049, want=45104, limit=40427
[  105.344750][ T6274] loop5: detected capacity change from 0 to 40427
[  105.369376][ T6295] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2572'.
[  105.384585][ T6298] loop3: detected capacity change from 0 to 512
[  105.391574][ T6274] F2FS-fs (loop5): fault_type options not supported
[  105.402359][ T6274] F2FS-fs (loop5): invalid crc value
[  105.411209][ T6274] F2FS-fs (loop5): Found nat_bits in checkpoint
[  105.447421][ T6274] F2FS-fs (loop5): Start checkpoint disabled!
[  105.460721][ T6298] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  105.474834][ T6274] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  105.510417][ T6298] EXT4-fs error (device loop3): ext4_orphan_get:1401: inode #17: comm syz.3.2573: iget: bad i_size value: -6917529027641081756
[  105.532301][ T6298] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.2573: couldn't read orphan inode 17 (err -117)
[  105.546442][ T6298] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  105.608748][   T10] attempt to access beyond end of device
[  105.608748][   T10] loop5: rw=2049, want=45104, limit=40427
[  105.698261][   T30] kauditd_printk_skb: 166 callbacks suppressed
[  105.698274][   T30] audit: type=1400 audit(1738156299.040:1977): avc:  denied  { execute } for  pid=6349 comm="syz.0.2596" name="file0" dev="tmpfs" ino=3007 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  105.731784][   T30] audit: type=1400 audit(1738156299.070:1978): avc:  denied  { execute_no_trans } for  pid=6349 comm="syz.0.2596" path="/580/file0" dev="tmpfs" ino=3007 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  105.744050][ T6353] IPv6: ADDRCONF(NETDEV_CHANGE): wg0: link becomes ready
[  105.762784][ T6353] device bridge_slave_0 left promiscuous mode
[  105.769042][ T6353] bridge0: port 1(bridge_slave_0) entered disabled state
[  105.782261][ T6353] device bridge_slave_1 left promiscuous mode
[  105.788227][ T6353] bridge0: port 2(bridge_slave_1) entered disabled state
[  105.799410][ T6353] device vlan3 left promiscuous mode
[  105.805043][ T6353] device gretap0 left promiscuous mode
[  105.810967][ T6353] bridge0: port 3(vlan3) entered disabled state
[  105.843349][   T30] audit: type=1326 audit(1738156299.190:1979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6360 comm="syz.5.2600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f900328ada9 code=0x7ffc0000
[  105.882469][   T30] audit: type=1326 audit(1738156299.190:1980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6360 comm="syz.5.2600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=98 compat=0 ip=0x7f900328ada9 code=0x7ffc0000
[  105.924366][   T30] audit: type=1326 audit(1738156299.190:1981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6360 comm="syz.5.2600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f900328ada9 code=0x7ffc0000
[  105.948547][   T30] audit: type=1326 audit(1738156299.210:1982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6360 comm="syz.5.2600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f900328ada9 code=0x7ffc0000
[  105.972220][   T30] audit: type=1400 audit(1738156299.210:1983): avc:  denied  { read write } for  pid=6336 comm="syz.3.2589" name="raw-gadget" dev="devtmpfs" ino=250 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  105.997197][ T6356] loop4: detected capacity change from 0 to 40427
[  106.003851][   T30] audit: type=1400 audit(1738156299.210:1984): avc:  denied  { open } for  pid=6336 comm="syz.3.2589" path="/dev/raw-gadget" dev="devtmpfs" ino=250 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  106.027619][   T30] audit: type=1400 audit(1738156299.210:1985): avc:  denied  { ioctl } for  pid=6336 comm="syz.3.2589" path="/dev/raw-gadget" dev="devtmpfs" ino=250 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  106.041399][ T6374] netlink: 277 bytes leftover after parsing attributes in process `syz.0.2606'.
[  106.052916][   T30] audit: type=1326 audit(1738156299.230:1986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6363 comm="syz.0.2602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b40ccfda9 code=0x7ffc0000
[  106.071061][ T6356] F2FS-fs (loop4): fault_type options not supported
[  106.092225][ T6356] F2FS-fs (loop4): invalid crc value
[  106.098685][ T6356] F2FS-fs (loop4): Found nat_bits in checkpoint
[  106.131686][ T6384] loop0: detected capacity change from 0 to 1024
[  106.136403][ T6356] F2FS-fs (loop4): Start checkpoint disabled!
[  106.144546][ T6356] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  106.160171][  T313] usb 4-1: new full-speed USB device number 4 using dummy_hcd
[  106.174152][ T6384] EXT4-fs (loop0): Quota format mount options ignored when QUOTA feature is enabled
[  106.183557][ T6384] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option
[  106.193075][ T6384] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,block_validity,resuid=0x0000000000000000,nombcache,noauto_da_alloc,jqfmt=vfsold,nomblk_io_submit,noauto_da_alloc,,errors=continue. Quota mode: writeback.
[  106.218202][ T6384] EXT4-fs (loop0): shut down requested (2)
[  106.244219][   T10] attempt to access beyond end of device
[  106.244219][   T10] loop4: rw=2049, want=45104, limit=40427
[  106.415021][ T6392] loop0: detected capacity change from 0 to 40427
[  106.459608][ T6392] F2FS-fs (loop0): Found nat_bits in checkpoint
[  106.491391][ T6392] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  106.512077][  T292] attempt to access beyond end of device
[  106.512077][  T292] loop0: rw=2049, want=45104, limit=40427
[  106.550571][  T313] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  106.560726][  T313] usb 4-1: config 0 has no interfaces?
[  106.592829][ T6410] loop0: detected capacity change from 0 to 256
[  106.640564][  T313] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  106.649798][  T313] usb 4-1: New USB device strings: Mfr=0, Product=4, SerialNumber=0
[  106.650444][  T322] Bluetooth: hci0: command 0x1003 tx timeout
[  106.663849][  T819] Bluetooth: hci0: sending frame failed (-49)
[  106.664438][  T313] usb 4-1: Product: syz
[  106.674976][  T313] usb 4-1: config 0 descriptor??
[  106.767698][ T6428] loop5: detected capacity change from 0 to 2048
[  106.777381][ T6430] futex_wake_op: syz.0.2629 tries to shift op by -1; fix this program
[  106.793620][ T6432] syz.0.2630[6432] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  106.793692][ T6432] syz.0.2630[6432] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  106.811711][ T6428] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  106.837900][ T6428] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  106.852769][ T6428] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 33 with error 28
[  106.865024][ T6428] EXT4-fs (loop5): This should not happen!! Data will be lost
[  106.865024][ T6428] 
[  106.874878][ T6428] EXT4-fs (loop5): Total free blocks count 0
[  106.880792][ T6428] EXT4-fs (loop5): Free/Dirty block details
[  106.886614][ T6428] EXT4-fs (loop5): free_blocks=2415919104
[  106.892771][ T6428] EXT4-fs (loop5): dirty_blocks=48
[  106.897792][ T6428] EXT4-fs (loop5): Block reservation details
[  106.903736][ T6428] EXT4-fs (loop5): i_reserved_data_blocks=3
[  106.935019][    T6] usb 4-1: USB disconnect, device number 4
[  107.021509][ T6457] loop0: detected capacity change from 0 to 1024
[  107.038371][ T6459] netlink: 108 bytes leftover after parsing attributes in process `syz.5.2642'.
[  107.061813][ T6457] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  107.081618][ T6457] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_nolock,norecovery,min_batch_time=0x0000000000000001,nojournal_checksum,debug_want_extra_isize=0x0000000000000080,nodelalloc,errors=remount-ro,acl,auto_da_alloc=0x0000000000000343,jqfmt=vfsold,barrier=0x00000000000000. Quota mode: none.
[  107.129198][ T6465] loop5: detected capacity change from 0 to 1024
[  107.151225][ T6465] EXT4-fs (loop5): Ignoring removed nomblk_io_submit option
[  107.158498][ T6465] EXT4-fs (loop5): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  107.164006][ T6467] loop0: detected capacity change from 0 to 2048
[  107.181952][ T6465] EXT4-fs (loop5): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,dioread_nolock,nogrpid,noload,nomblk_io_submit,,errors=continue. Quota mode: none.
[  107.222530][ T6467] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  107.238300][ T6467] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  107.253820][ T6467] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 33 with error 28
[  107.265929][ T6467] EXT4-fs (loop0): This should not happen!! Data will be lost
[  107.265929][ T6467] 
[  107.275461][ T6467] EXT4-fs (loop0): Total free blocks count 0
[  107.281357][ T6467] EXT4-fs (loop0): Free/Dirty block details
[  107.287122][ T6467] EXT4-fs (loop0): free_blocks=2415919104
[  107.292880][ T6467] EXT4-fs (loop0): dirty_blocks=48
[  107.297800][ T6467] EXT4-fs (loop0): Block reservation details
[  107.303659][ T6467] EXT4-fs (loop0): i_reserved_data_blocks=3
[  107.420307][ T6487] loop0: detected capacity change from 0 to 128
[  107.441853][ T6487] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  107.452461][ T6487] ext4 filesystem being mounted at /614/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  107.710183][  T322] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  108.070245][  T322] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  108.080190][  T322] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  108.160188][  T322] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  108.169105][  T322] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  108.177532][  T322] usb 5-1: SerialNumber: syz
[  108.178538][ T6518] loop3: detected capacity change from 0 to 256
[  108.200693][ T6518] exfat: Deprecated parameter 'namecase'
[  108.206210][ T6518] exfat: Deprecated parameter 'utf8'
[  108.211539][ T6518] exfat: Deprecated parameter 'namecase'
[  108.219434][ T6518] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011f41, chksum : 0xe1a8932d, utbl_chksum : 0xe619d30d)
[  108.470593][  T322] usb 5-1: 0:2 : does not exist
[  108.476218][  T322] usb 5-1: USB disconnect, device number 5
[  108.641051][ T6536] loop0: detected capacity change from 0 to 8192
[  108.730124][  T322] Bluetooth: hci0: command 0x1001 tx timeout
[  108.736130][  T819] Bluetooth: hci0: sending frame failed (-49)
[  108.887326][ T6560] loop3: detected capacity change from 0 to 128
[  108.920986][ T6560] EXT4-fs (loop3): Test dummy encryption mode enabled
[  108.929258][ T6560] EXT4-fs (loop3): mounted filesystem without journal. Opts: test_dummy_encryption,,errors=continue. Quota mode: none.
[  108.941877][ T6560] ext4 filesystem being mounted at /513/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  108.955938][ T6560] EXT4-fs (loop3): re-mounted. Opts: (null). Quota mode: none.
[  108.971350][ T6560] EXT4-fs (loop3): re-mounted. Opts: (null). Quota mode: none.
[  109.011038][ T6569] netlink: 56 bytes leftover after parsing attributes in process `syz.0.2687'.
[  109.156916][ T6604] netlink: 'syz.5.2702': attribute type 2 has an invalid length.
[  109.336126][ T6606] loop5: detected capacity change from 0 to 40427
[  109.380711][ T6606] F2FS-fs (loop5): Small segment_count (9 < 1 * 24)
[  109.387273][ T6606] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  109.398008][ T6606] F2FS-fs (loop5): Found nat_bits in checkpoint
[  109.435421][ T6606] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  109.442487][ T6606] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  109.482712][ T6606] attempt to access beyond end of device
[  109.482712][ T6606] loop5: rw=2049, want=53256, limit=40427
[  109.498697][ T5440] attempt to access beyond end of device
[  109.498697][ T5440] loop5: rw=2049, want=45104, limit=40427
[  109.747301][ T6633] loop4: detected capacity change from 0 to 40427
[  109.800788][ T6633] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504)
[  109.807971][ T6633] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  109.817401][ T6633] F2FS-fs (loop4): invalid crc value
[  109.824333][ T6633] F2FS-fs (loop4): Found nat_bits in checkpoint
[  109.835634][ T6646] loop5: detected capacity change from 0 to 512
[  109.852471][ T6633] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  109.859413][ T6633] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  109.872708][ T6646] EXT4-fs error (device loop5): ext4_xattr_inode_iget:404: comm syz.5.2720: inode #1: comm syz.5.2720: iget: illegal inode #
[  109.885927][ T6646] EXT4-fs error (device loop5): ext4_xattr_inode_iget:409: comm syz.5.2720: error while reading EA inode 1 err=-117
[  109.898357][ T6646] EXT4-fs error (device loop5): ext4_xattr_inode_iget:404: comm syz.5.2720: inode #1: comm syz.5.2720: iget: illegal inode #
[  109.911963][  T294] attempt to access beyond end of device
[  109.911963][  T294] loop4: rw=2049, want=45104, limit=40427
[  109.918099][ T6646] EXT4-fs error (device loop5): ext4_xattr_inode_iget:409: comm syz.5.2720: error while reading EA inode 1 err=-117
[  109.935399][ T6646] EXT4-fs (loop5): 1 orphan inode deleted
[  109.942253][ T6646] EXT4-fs (loop5): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,nogrpid,debug_want_extra_isize=0x000000000000005c,minixdf,resgid=0x0000000000000000,sysvgroups,usrjquota=,,errors=continue. Quota mode: none.
[  110.084939][ T6668] netlink: 47 bytes leftover after parsing attributes in process `syz.4.2729'.
[  110.100563][ T6662] loop5: detected capacity change from 0 to 8192
[  110.302198][ T6692] netlink: 71 bytes leftover after parsing attributes in process `syz.5.2740'.
[  110.324656][ T6698] ip_tunnel: non-ECT from 0.0.0.224 with TOS=0x3
[  110.334520][ T6700] IPv6: Can't replace route, no match found
[  110.553278][ T6742] sch_tbf: burst 6 is lower than device lo mtu (65550) !
[  110.589832][ T6746] loop0: detected capacity change from 0 to 512
[  110.651076][ T6746] EXT4-fs (loop0): dax option not supported
[  110.810146][   T26] Bluetooth: hci0: command 0x1009 tx timeout
[  110.930733][   T30] kauditd_printk_skb: 114 callbacks suppressed
[  110.930747][   T30] audit: type=1326 audit(1738156304.280:2101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6762 comm="syz.3.2772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa73ea4eda9 code=0x7ffc0000
[  110.966714][   T30] audit: type=1326 audit(1738156304.280:2102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6762 comm="syz.3.2772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa73ea4eda9 code=0x7ffc0000
[  110.992092][   T30] audit: type=1326 audit(1738156304.280:2103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6762 comm="syz.3.2772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=151 compat=0 ip=0x7fa73ea4eda9 code=0x7ffc0000
[  111.016365][   T39] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  111.024235][   T30] audit: type=1326 audit(1738156304.280:2104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6762 comm="syz.3.2772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa73ea4eda9 code=0x7ffc0000
[  111.052189][   T30] audit: type=1326 audit(1738156304.280:2105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6762 comm="syz.3.2772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa73ea4eda9 code=0x7ffc0000
[  111.171430][ T6781] loop3: detected capacity change from 0 to 4096
[  111.212500][ T6781] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  111.226854][ T6781] EXT4-fs error (device loop3): ext4_do_update_inode:5205: inode #15: comm syz.3.2780: corrupted inode contents
[  111.238801][ T6781] EXT4-fs error (device loop3): ext4_dirty_inode:6041: inode #15: comm syz.3.2780: mark_inode_dirty error
[  111.250356][ T6781] EXT4-fs error (device loop3): ext4_do_update_inode:5205: inode #15: comm syz.3.2780: corrupted inode contents
[  111.262233][ T6781] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #15: comm syz.3.2780: mark_inode_dirty error
[  111.273740][ T6781] EXT4-fs error (device loop3): ext4_do_update_inode:5205: inode #15: comm syz.3.2780: corrupted inode contents
[  111.285775][ T6781] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #15: comm syz.3.2780: mark_inode_dirty error
[  111.295643][   T30] audit: type=1400 audit(1738156304.630:2106): avc:  denied  { remove_name } for  pid=6780 comm="syz.3.2780" name="file2" dev="loop3" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  111.297505][ T6781] EXT4-fs error (device loop3): ext4_do_update_inode:5205: inode #15: comm syz.3.2780: corrupted inode contents
[  111.320423][   T30] audit: type=1400 audit(1738156304.630:2107): avc:  denied  { rename } for  pid=6780 comm="syz.3.2780" name="file2" dev="loop3" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  111.353684][   T30] audit: type=1400 audit(1738156304.630:2108): avc:  denied  { unlink } for  pid=6780 comm="syz.3.2780" name="file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  111.358701][ T6781] EXT4-fs error (device loop3): ext4_truncate:4303: inode #15: comm syz.3.2780: mark_inode_dirty error
[  111.387317][ T6781] EXT4-fs error (device loop3) in ext4_setattr:5609: Corrupt filesystem
[  111.396119][ T6783] EXT4-fs error (device loop3): ext4_do_update_inode:5205: inode #15: comm syz.3.2780: corrupted inode contents
[  111.420207][   T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xB has an invalid bInterval 229, changing to 11
[  111.431543][   T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 17323, setting to 1024
[  111.443111][  T290] EXT4-fs warning (device loop3): ext4_evict_inode:286: couldn't mark inode dirty (err -117)
[  111.556601][ T6786] loop3: detected capacity change from 0 to 40427
[  111.585858][ T6788] loop5: detected capacity change from 0 to 4096
[  111.600319][   T39] usb 1-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99
[  111.609266][   T39] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  111.611030][ T6786] F2FS-fs (loop3): Invalid SB checksum offset: 0
[  111.623804][ T6786] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[  111.623870][   T39] usb 1-1: Product: syz
[  111.634584][ T6788] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  111.636061][   T39] usb 1-1: Manufacturer: syz
[  111.651371][   T39] usb 1-1: SerialNumber: syz
[  111.657227][   T39] usb 1-1: config 0 descriptor??
[  111.660708][ T6786] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  111.684471][ T6786] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0
[  111.691383][ T6786] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  111.718708][   T30] audit: type=1400 audit(1738156305.060:2109): avc:  denied  { lock } for  pid=6785 comm="syz.3.2781" path="/529/file1/file1" dev="loop3" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  111.742396][   T30] audit: type=1400 audit(1738156305.060:2110): avc:  denied  { unlink } for  pid=6785 comm="syz.3.2781" name="file1" dev="loop3" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  111.742417][  T290] attempt to access beyond end of device
[  111.742417][  T290] loop3: rw=2049, want=40992, limit=40427
[  111.842686][ T6804] binfmt_misc: register: failed to install interpreter file ./file0
[  111.929594][   T39] usb 1-1: USB disconnect, device number 6
[  111.980242][ T6821] tap0: tun_chr_ioctl cmd 1074025677
[  111.985439][ T6821] tap0: linktype set to 270
[  112.471200][ T6852] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  112.620349][ T6882] binder: 6881:6882 ioctl c0306201 20000100 returned -14
[  112.699846][ T6880] loop3: detected capacity change from 0 to 40427
[  112.751088][ T6880] F2FS-fs (loop3): fault_injection options not supported
[  112.759050][ T6880] F2FS-fs (loop3): invalid crc value
[  112.765556][ T6880] F2FS-fs (loop3): Found nat_bits in checkpoint
[  112.788848][ T6880] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  112.810248][  T290] attempt to access beyond end of device
[  112.810248][  T290] loop3: rw=2049, want=45104, limit=40427
[  112.948050][ T6907] device wireguard0 entered promiscuous mode
[  113.018280][ T6897] loop5: detected capacity change from 0 to 40427
[  113.038664][ T6918] loop4: detected capacity change from 0 to 128
[  113.055597][ T6920] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2837'.
[  113.063071][ T6897] F2FS-fs (loop5): Found nat_bits in checkpoint
[  113.111834][ T6897] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  113.135459][ T5440] attempt to access beyond end of device
[  113.135459][ T5440] loop5: rw=2049, want=45104, limit=40427
[  113.364828][ T6958] loop4: detected capacity change from 0 to 40427
[  113.400679][ T6958] F2FS-fs (loop4): Small segment_count (9 < 1 * 24)
[  113.407110][ T6958] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  113.417987][ T6958] F2FS-fs (loop4): Found nat_bits in checkpoint
[  113.428314][ T6966] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev ?, type ?) errno=-22
[  113.438140][ T6966] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev bpf, type bpf) errno=-22
[  113.454796][ T6958] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  113.461799][ T6958] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  113.500958][ T6958] attempt to access beyond end of device
[  113.500958][ T6958] loop4: rw=2049, want=53256, limit=40427
[  113.518915][  T294] attempt to access beyond end of device
[  113.518915][  T294] loop4: rw=2049, want=45104, limit=40427
[  113.581469][ T6968] loop0: detected capacity change from 0 to 40427
[  113.610739][ T6968] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  113.618303][ T6968] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  113.627777][ T6968] F2FS-fs (loop0): invalid crc value
[  113.634988][ T6968] F2FS-fs (loop0): Found nat_bits in checkpoint
[  113.658912][ T6968] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  113.666012][ T6968] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  113.749651][ T6979] netlink: 372 bytes leftover after parsing attributes in process `syz.4.2862'.
[  113.750159][ T6968] attempt to access beyond end of device
[  113.750159][ T6968] loop0: rw=10241, want=45104, limit=40427
[  113.770489][ T6968] attempt to access beyond end of device
[  113.770489][ T6968] loop0: rw=2049, want=45104, limit=40427
[  113.920165][ T6996] syz.4.2871 (6996) used greatest stack depth: 19200 bytes left
[  113.989975][ T7006] loop0: detected capacity change from 0 to 256
[  114.033288][ T7006] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  114.042316][ T7010] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2876'.
[  114.110944][ T7020] syz.5.2880[7020] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  114.111032][ T7020] syz.5.2880[7020] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  114.132321][ T7019] futex_wake_op: syz.4.2879 tries to shift op by -1; fix this program
[  114.303867][ T7047] loop0: detected capacity change from 0 to 1024
[  114.341536][ T7047] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option
[  114.355968][ T7047] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  114.390161][ T7068] syz.4.2901[7068] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  114.390249][ T7068] syz.4.2901[7068] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  114.400711][ T7047] EXT4-fs (loop0): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,dioread_nolock,nogrpid,noload,nomblk_io_submit,,errors=continue. Quota mode: none.
[  114.447655][ T7058] futex_wake_op: syz.3.2895 tries to shift op by -1; fix this program
[  115.500257][ T7111] loop5: detected capacity change from 0 to 512
[  115.519240][ T7103] loop2: detected capacity change from 0 to 40427
[  115.550989][ T7105] loop3: detected capacity change from 0 to 40427
[  115.558097][ T7111] EXT4-fs (loop5): dax option not supported
[  115.564606][ T7103] F2FS-fs (loop2): fault_injection options not supported
[  115.572571][ T7103] F2FS-fs (loop2): invalid crc value
[  115.578823][ T7103] F2FS-fs (loop2): Found nat_bits in checkpoint
[  115.591960][ T7105] F2FS-fs (loop3): invalid crc value
[  115.608716][ T7105] F2FS-fs (loop3): Found nat_bits in checkpoint
[  115.630179][ T7103] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  115.638439][ T7105] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  115.702621][  T291] attempt to access beyond end of device
[  115.702621][  T291] loop2: rw=2049, want=45104, limit=40427
[  115.714486][  T290] attempt to access beyond end of device
[  115.714486][  T290] loop3: rw=2049, want=45104, limit=40427
[  115.846326][ T7125] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2921'.
[  115.892265][ T7133] loop3: detected capacity change from 0 to 256
[  115.898789][ T7132] netlink: 277 bytes leftover after parsing attributes in process `syz.2.2925'.
[  115.913019][ T7133] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  115.925182][  T313] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  115.946070][ T7137] syz.2.2928[7137] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  115.946147][ T7137] syz.2.2928[7137] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  115.959489][   T30] kauditd_printk_skb: 94 callbacks suppressed
[  115.959501][   T30] audit: type=1400 audit(1738156309.300:2205): avc:  denied  { create } for  pid=7136 comm="syz.2.2928" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  115.999214][ T7137] blk_update_request: I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  116.010033][ T7137] FAT-fs (loop5): unable to read boot sector
[  116.030751][   T30] audit: type=1400 audit(1738156309.340:2206): avc:  denied  { mount } for  pid=7131 comm="syz.3.2926" name="/" dev="loop3" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  116.056136][   T30] audit: type=1400 audit(1738156309.340:2207): avc:  denied  { mounton } for  pid=7136 comm="syz.2.2928" path="/562/file0" dev="tmpfs" ino=2924 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  116.056162][   T30] audit: type=1400 audit(1738156309.350:2208): avc:  denied  { write } for  pid=7131 comm="syz.3.2926" name="/" dev="loop3" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  116.056181][   T30] audit: type=1400 audit(1738156309.350:2209): avc:  denied  { add_name } for  pid=7131 comm="syz.3.2926" name="<" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  116.056199][   T30] audit: type=1400 audit(1738156309.350:2210): avc:  denied  { create } for  pid=7131 comm="syz.3.2926" name="<" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  116.056219][   T30] audit: type=1400 audit(1738156309.350:2211): avc:  denied  { associate } for  pid=7131 comm="syz.3.2926" name="<" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  116.056237][   T30] audit: type=1400 audit(1738156309.360:2212): avc:  denied  { unmount } for  pid=290 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  116.188162][   T30] audit: type=1400 audit(1738156309.370:2213): avc:  denied  { unlink } for  pid=291 comm="syz-executor" name="file0" dev="tmpfs" ino=2924 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  116.188192][   T30] audit: type=1400 audit(1738156309.400:2214): avc:  denied  { read } for  pid=7142 comm="syz.4.2932" name="kvm" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  116.360164][  T313] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0xB has an invalid bInterval 229, changing to 11
[  116.379628][  T313] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 17323, setting to 1024
[  116.428275][ T7166] loop3: detected capacity change from 0 to 1024
[  116.472095][ T7166] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option
[  116.479217][ T7166] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  116.501706][ T7166] EXT4-fs (loop3): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,dioread_nolock,nogrpid,noload,nomblk_io_submit,,errors=continue. Quota mode: none.
[  116.550249][  T313] usb 6-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99
[  116.564304][  T313] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  116.574918][  T313] usb 6-1: Product: syz
[  116.580278][  T313] usb 6-1: Manufacturer: syz
[  116.590308][  T313] usb 6-1: SerialNumber: syz
[  116.601510][  T313] usb 6-1: config 0 descriptor??
[  116.861789][  T313] usb 6-1: USB disconnect, device number 2
[  117.140630][ T7173] syz.3.2941[7173] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  117.140686][ T7173] syz.3.2941[7173] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  117.159690][ T7175] loop4: detected capacity change from 0 to 256
[  117.221309][ T7173] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  117.234869][ T7175] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  117.242419][ T7173] FAT-fs (loop7): unable to read boot sector
[  117.306033][ T7188] device wireguard0 entered promiscuous mode
[  117.420769][ T7213] loop5: detected capacity change from 0 to 256
[  117.442226][ T7217] syz.0.2960[7217] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  117.442306][ T7217] syz.0.2960[7217] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  117.456878][ T7213] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  117.484540][ T7217] blk_update_request: I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  117.504890][ T7217] FAT-fs (loop1): unable to read boot sector
[  117.562471][ T7231] netlink: 56 bytes leftover after parsing attributes in process `syz.5.2965'.
[  117.715443][ T7248] device wireguard0 entered promiscuous mode
[  117.766482][ T7253] netlink: 47 bytes leftover after parsing attributes in process `syz.3.2976'.
[  117.908380][ T7268] loop4: detected capacity change from 0 to 512
[  117.927802][ T7243] loop0: detected capacity change from 0 to 40427
[  117.960728][ T7268] EXT4-fs (loop4): error: journal path ./bus is not a block device
[  117.966935][ T7277] loop5: detected capacity change from 0 to 1024
[  117.975965][ T7243] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  117.984687][ T7243] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  117.998265][ T7243] F2FS-fs (loop0): Found nat_bits in checkpoint
[  118.019572][ T7277] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  118.030507][ T7277] ext4 filesystem being mounted at /151/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  118.044760][ T7243] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  118.052160][ T7243] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  118.297728][ T7301] netlink: 47 bytes leftover after parsing attributes in process `syz.0.2990'.
[  118.352851][ T7296] loop2: detected capacity change from 0 to 40427
[  118.410219][    T6] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  118.421423][ T7296] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  118.429155][ T7296] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  118.438599][ T7296] F2FS-fs (loop2): invalid crc value
[  118.445176][ T7296] F2FS-fs (loop2): Found nat_bits in checkpoint
[  118.468428][ T7296] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  118.475566][ T7296] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  118.563339][ T7296] attempt to access beyond end of device
[  118.563339][ T7296] loop2: rw=10241, want=45104, limit=40427
[  118.574977][ T7296] attempt to access beyond end of device
[  118.574977][ T7296] loop2: rw=2049, want=45104, limit=40427
[  118.763850][ T7323] device wireguard0 entered promiscuous mode
[  118.770313][    T6] usb 4-1: config 0 has an invalid interface number: 104 but max is 0
[  118.778456][    T6] usb 4-1: config 0 has no interface number 0
[  118.786994][ T7326] loop4: detected capacity change from 0 to 512
[  118.794816][    T6] usb 4-1: config 0 interface 104 has no altsetting 0
[  118.838842][ T7326] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  118.918957][ T7328] loop0: detected capacity change from 0 to 40427
[  118.960277][    T6] usb 4-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=a1.c9
[  118.960903][ T7328] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504)
[  118.969293][    T6] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  118.976461][ T7328] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  118.984424][    T6] usb 4-1: Product: syz
[  118.993240][ T7328] F2FS-fs (loop0): invalid crc value
[  118.996154][    T6] usb 4-1: Manufacturer: syz
[  119.002656][ T7328] F2FS-fs (loop0): Found nat_bits in checkpoint
[  119.006601][    T6] usb 4-1: SerialNumber: syz
[  119.027845][    T6] usb 4-1: config 0 descriptor??
[  119.031039][ T7328] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  119.039638][ T7328] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  119.071004][  T292] attempt to access beyond end of device
[  119.071004][  T292] loop0: rw=2049, want=45104, limit=40427
[  119.120199][  T322] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  119.295897][ T5545] usb 4-1: USB disconnect, device number 5
[  119.490252][  T322] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  119.500241][  T322] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  119.580234][  T322] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  119.589136][  T322] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  119.597006][  T322] usb 6-1: SerialNumber: syz
[  119.870701][  T322] usb 6-1: 0:2 : does not exist
[  119.876181][  T322] usb 6-1: USB disconnect, device number 3
[  120.367091][ T7346] loop4: detected capacity change from 0 to 512
[  120.374161][ T7350] blk_update_request: I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  120.399432][ T7350] FAT-fs (loop1): unable to read boot sector
[  120.432019][ T7346] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  120.444225][ T7346] ext4 filesystem being mounted at /482/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  120.581368][ T7371] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3019'.
[  120.602873][ T7357] loop3: detected capacity change from 0 to 40427
[  120.660901][ T7357] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  120.668477][ T7357] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  120.691668][ T7357] F2FS-fs (loop3): invalid crc value
[  120.858643][ T7357] F2FS-fs (loop3): Found nat_bits in checkpoint
[  120.963238][   T30] kauditd_printk_skb: 83 callbacks suppressed
[  120.963255][   T30] audit: type=1326 audit(1738156314.310:2298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7396 comm="syz.0.3028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b40ccfda9 code=0x7ffc0000
[  121.000636][ T7357] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  121.017639][ T7357] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  121.020528][   T30] audit: type=1326 audit(1738156314.340:2299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7396 comm="syz.0.3028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=162 compat=0 ip=0x7f9b40ccfda9 code=0x7ffc0000
[  121.091795][   T30] audit: type=1326 audit(1738156314.400:2300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7396 comm="syz.0.3028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b40ccfda9 code=0x7ffc0000
[  121.137583][ T7404] overlayfs: missing 'lowerdir'
[  121.154289][   T30] audit: type=1326 audit(1738156314.400:2301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7396 comm="syz.0.3028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b40ccfda9 code=0x7ffc0000
[  121.236407][   T30] audit: type=1326 audit(1738156314.580:2302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7410 comm="syz.4.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f82375da9 code=0x7ffc0000
[  121.237176][ T7393] loop2: detected capacity change from 0 to 40427
[  121.305606][   T30] audit: type=1326 audit(1738156314.580:2303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7410 comm="syz.4.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f82375da9 code=0x7ffc0000
[  121.372562][   T30] audit: type=1326 audit(1738156314.580:2304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7410 comm="syz.4.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5f82375da9 code=0x7ffc0000
[  121.398582][   T30] audit: type=1326 audit(1738156314.580:2305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7410 comm="syz.4.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f82375da9 code=0x7ffc0000
[  121.440288][   T30] audit: type=1326 audit(1738156314.610:2306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7410 comm="syz.4.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f82375da9 code=0x7ffc0000
[  121.490942][ T7393] F2FS-fs (loop2): Found nat_bits in checkpoint
[  121.512675][   T30] audit: type=1326 audit(1738156314.610:2307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7410 comm="syz.4.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5f82375da9 code=0x7ffc0000
[  121.556220][ T7393] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  121.630785][ T7393] attempt to access beyond end of device
[  121.630785][ T7393] loop2: rw=2049, want=45104, limit=40427
[  121.721885][    T8] attempt to access beyond end of device
[  121.721885][    T8] loop2: rw=2049, want=45112, limit=40427
[  121.845702][ T7426] loop4: detected capacity change from 0 to 40427
[  121.881313][ T7426] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  121.892931][ T7426] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  121.917956][ T7424] loop0: detected capacity change from 0 to 40427
[  121.925758][ T7426] F2FS-fs (loop4): Found nat_bits in checkpoint
[  121.960798][ T7424] F2FS-fs (loop0): Invalid SB checksum offset: 0
[  121.968376][ T7424] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[  121.981356][ T7426] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  121.988363][ T7426] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  121.996567][ T7424] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  122.050392][ T7424] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[  122.058034][ T7424] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  122.110579][  T292] attempt to access beyond end of device
[  122.110579][  T292] loop0: rw=2049, want=40992, limit=40427
[  122.406652][ T7469] loop5: detected capacity change from 0 to 512
[  122.558090][ T7469] EXT4-fs (loop5): 1 orphan inode deleted
[  122.565682][ T7469] EXT4-fs (loop5): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[  122.640257][ T7469] ext4 filesystem being mounted at /167/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  122.717187][ T7481] loop3: detected capacity change from 0 to 256
[  122.818638][ T7472] loop0: detected capacity change from 0 to 131072
[  122.849314][ T7483] loop3: detected capacity change from 0 to 1024
[  122.861602][ T7472] F2FS-fs (loop0): invalid crc value
[  122.874946][ T7472] F2FS-fs (loop0): Found nat_bits in checkpoint
[  122.917903][ T7472] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  122.945932][ T7483] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  122.958751][ T7483] ext4 filesystem being mounted at /596/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  123.038280][ T7502] loop5: detected capacity change from 0 to 256
[  123.071210][ T7502] exfat: Deprecated parameter 'namecase'
[  123.087712][ T7502] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  123.195742][ T7498] loop2: detected capacity change from 0 to 40427
[  123.241050][ T7498] F2FS-fs (loop2): Invalid SB checksum offset: 0
[  123.247222][ T7498] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  123.286411][ T7498] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  123.358214][ T7498] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0
[  123.369786][ T7498] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  123.383777][ T7530] loop5: detected capacity change from 0 to 512
[  123.457263][  T291] attempt to access beyond end of device
[  123.457263][  T291] loop2: rw=2049, want=40992, limit=40427
[  123.458985][ T7530] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  123.479750][ T7530] ext4 filesystem being mounted at /176/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  123.601471][ T7541] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3082'.
[  123.630186][ T7541] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3082'.
[  123.838880][ T7568] loop4: detected capacity change from 0 to 1024
[  123.894404][ T7568] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  123.905483][ T7568] ext4 filesystem being mounted at /495/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  124.000234][    T6] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  124.270129][    T6] usb 3-1: Using ep0 maxpacket: 8
[  124.400228][    T6] usb 3-1: config 179 has an invalid interface number: 65 but max is 0
[  124.429274][    T6] usb 3-1: config 179 has no interface number 0
[  124.438514][    T6] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  124.490252][    T6] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1029, setting to 1024
[  124.520161][    T6] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  124.550134][    T6] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  124.559977][    T6] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  124.580361][    T6] usb 3-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  124.600117][    T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  124.630245][ T7555] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  124.651824][    T6] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:179.65/input/input9
[  124.868069][    T6] usb 3-1: USB disconnect, device number 2
[  124.873821][    C0] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  124.884799][    T6] xpad 3-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  124.992394][ T7632] syz.0.3129: vmalloc error: size 8593047552, exceeds total pages, mode:0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0
[  125.009126][ T7632] CPU: 0 PID: 7632 Comm: syz.0.3129 Not tainted 5.15.176-syzkaller-00066-gd1a25a6a4b3b #0
[  125.018962][ T7632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  125.028864][ T7632] Call Trace:
[  125.031979][ T7632]  <TASK>
[  125.034758][ T7632]  dump_stack_lvl+0x151/0x1c0
[  125.039270][ T7632]  ? io_uring_drop_tctx_refs+0x190/0x190
[  125.044741][ T7632]  ? pr_cont_kernfs_name+0xf0/0x100
[  125.049768][ T7632]  dump_stack+0x15/0x20
[  125.053760][ T7632]  warn_alloc+0x21a/0x390
[  125.057921][ T7632]  ? finish_task_switch+0x167/0x7b0
[  125.062965][ T7632]  ? __vmalloc_node_range+0x95/0x8d0
[  125.068210][ T7632]  ? zone_watermark_ok_safe+0x270/0x270
[  125.073549][ T7632]  ? prep_new_page+0x110/0x110
[  125.078233][ T7632]  __vmalloc_node_range+0xb6/0x8d0
[  125.083180][ T7632]  ? kasan_poison+0x5d/0x70
[  125.087526][ T7632]  ? __kasan_kmalloc_large+0xad/0xc0
[  125.092667][ T7632]  ? kmalloc_order+0xb7/0x160
[  125.097241][ T7632]  ? __vcalloc+0x36/0x50
[  125.101320][ T7632]  __vmalloc+0x7a/0x90
[  125.105334][ T7632]  ? __vcalloc+0x36/0x50
[  125.109391][ T7632]  __vcalloc+0x36/0x50
[  125.113298][ T7632]  memslot_rmap_alloc+0x6b/0x2a0
[  125.118070][ T7632]  kvm_arch_prepare_memory_region+0xc5/0xd20
[  125.123971][ T7632]  ? kvm_set_memslot+0x4fe/0x1780
[  125.128835][ T7632]  ? memcpy+0x56/0x70
[  125.132654][ T7632]  kvm_set_memslot+0x513/0x1780
[  125.137352][ T7632]  ? id_to_memslot+0x110/0x110
[  125.141942][ T7632]  ? id_to_memslot+0xaa/0x110
[  125.146546][ T7632]  __kvm_set_memory_region+0xdf8/0x1060
[  125.151923][ T7632]  ? kvm_put_kvm_no_destroy+0x80/0x80
[  125.157123][ T7632]  ? pcpu_memcg_post_alloc_hook+0x1b1/0x260
[  125.162859][ T7632]  ? trace_raw_output_percpu_destroy_chunk+0xc0/0xc0
[  125.169374][ T7632]  ? _find_next_bit+0x1f3/0x200
[  125.174055][ T7632]  ? do_vfs_ioctl+0xbc1/0x2a80
[  125.178652][ T7632]  kvm_vm_ioctl_set_memory_region+0x73/0xa0
[  125.184385][ T7632]  kvm_vm_ioctl+0x91f/0xb60
[  125.188767][ T7632]  ? kvm_device_release+0x210/0x210
[  125.193758][ T7632]  ? __kasan_check_read+0x11/0x20
[  125.198612][ T7632]  ? ioctl_has_perm+0x1f8/0x560
[  125.203298][ T7632]  ? memcpy+0x56/0x70
[  125.207117][ T7632]  ? ioctl_has_perm+0x452/0x560
[  125.211806][ T7632]  ? __kasan_check_write+0x14/0x20
[  125.216844][ T7632]  ? has_cap_mac_admin+0x3c0/0x3c0
[  125.221962][ T7632]  ? __kasan_check_write+0x14/0x20
[  125.226910][ T7632]  ? __kasan_check_write+0x14/0x20
[  125.231901][ T7632]  ? selinux_file_ioctl+0x3cc/0x540
[  125.236900][ T7632]  ? selinux_file_alloc_security+0x120/0x120
[  125.242706][ T7632]  ? __se_sys_futex+0x37b/0x3e0
[  125.247483][ T7632]  ? security_file_ioctl+0x84/0xb0
[  125.252997][ T7632]  ? kvm_device_release+0x210/0x210
[  125.258021][ T7632]  __se_sys_ioctl+0x114/0x190
[  125.262546][ T7632]  __x64_sys_ioctl+0x7b/0x90
[  125.266962][ T7632]  x64_sys_call+0x98/0x9a0
[  125.271212][ T7632]  do_syscall_64+0x3b/0xb0
[  125.275461][ T7632]  ? clear_bhb_loop+0x35/0x90
[  125.279977][ T7632]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  125.285716][ T7632] RIP: 0033:0x7f9b40ccfda9
[  125.289960][ T7632] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  125.309410][ T7632] RSP: 002b:00007f9b3f33a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  125.317646][ T7632] RAX: ffffffffffffffda RBX: 00007f9b40ee8fa0 RCX: 00007f9b40ccfda9
[  125.325464][ T7632] RDX: 0000000020003340 RSI: 000000004020ae46 RDI: 0000000000000004
[  125.333267][ T7632] RBP: 00007f9b40d512a0 R08: 0000000000000000 R09: 0000000000000000
[  125.341078][ T7632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  125.348888][ T7632] R13: 0000000000000000 R14: 00007f9b40ee8fa0 R15: 00007ffe30232008
[  125.356799][ T7632]  </TASK>
[  125.370207][ T7632] Mem-Info:
[  125.373194][ T7632] active_anon:119 inactive_anon:20000 isolated_anon:0
[  125.373194][ T7632]  active_file:21394 inactive_file:2493 isolated_file:0
[  125.373194][ T7632]  unevictable:0 dirty:228 writeback:0
[  125.373194][ T7632]  slab_reclaimable:10364 slab_unreclaimable:73101
[  125.373194][ T7632]  mapped:28255 shmem:16578 pagetables:654 bounce:0
[  125.373194][ T7632]  kernel_misc_reclaimable:0
[  125.373194][ T7632]  free:1527962 free_pcp:22978 free_cma:0
[  125.421157][ T7632] Node 0 active_anon:476kB inactive_anon:88000kB active_file:85576kB inactive_file:9972kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:120420kB dirty:912kB writeback:0kB shmem:73712kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:4384kB pagetables:2616kB all_unreclaimable? no
[  125.471825][ T7632] DMA32 free:2974676kB min:62568kB low:78208kB high:93848kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:2978952kB mlocked:0kB bounce:0kB free_pcp:4276kB local_pcp:4220kB free_cma:0kB
[  125.473037][ T7651] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3126'.
[  125.504640][ T7632] lowmem_reserve[]: 0 3941 3941
[  125.513361][ T7632] Normal free:3138324kB min:84884kB low:106104kB high:127324kB reserved_highatomic:0KB active_anon:5776kB inactive_anon:92300kB active_file:85576kB inactive_file:9972kB unevictable:0kB writepending:912kB present:5242880kB managed:4035584kB mlocked:0kB bounce:0kB free_pcp:70228kB local_pcp:42932kB free_cma:0kB
[  125.578641][ T7632] lowmem_reserve[]: 0 0 0
[  125.583318][ T7632] DMA32: 3*4kB (M) 1*8kB (M) 2*16kB (M) 3*32kB (M) 3*64kB (M) 3*128kB (M) 3*256kB (M) 3*512kB (M) 4*1024kB (UM) 3*2048kB (UM) 723*4096kB (M) = 2974676kB
[  125.606850][ T7632] Normal: 1212*4kB (UME) 903*8kB (UME) 722*16kB (UME) 920*32kB (UME) 200*64kB (UME) 99*128kB (UM) 122*256kB (UME) 84*512kB (UME) 62*1024kB (UM) 34*2048kB (UM) 697*4096kB (UM) = 3140808kB
[  125.636665][ T7632] 40813 total pagecache pages
[  125.642877][ T7632] 348 pages in swap cache
[  125.648527][ T7632] Swap cache stats: add 13839, delete 13491, find 532/532
[  125.657081][ T7632] Free swap  = 122804kB
[  125.661403][ T7632] Total swap = 124996kB
[  125.665762][ T7632] 2097051 pages RAM
[  125.670730][ T7632] 0 pages HighMem/MovableOnly
[  125.676608][ T7632] 343417 pages reserved
[  125.688008][ T7632] 0 pages cma reserved
[  125.706107][ T7674] binder: 7673:7674 ioctl c0046209 0 returned -22
[  125.934998][ T7708] loop0: detected capacity change from 0 to 1024
[  125.996878][ T7692] loop2: detected capacity change from 0 to 40427
[  126.004081][ T7708] EXT4-fs (loop0): Ignoring removed nobh option
[  126.010498][ T7708] EXT4-fs (loop0): Ignoring removed bh option
[  126.016589][ T7708] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  126.050875][ T7692] F2FS-fs (loop2): fault_injection options not supported
[  126.062361][   T30] kauditd_printk_skb: 89 callbacks suppressed
[  126.062374][   T30] audit: type=1326 audit(1738156319.410:2397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7717 comm="syz.5.3158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f900328ada9 code=0x7ffc0000
[  126.069631][ T7692] F2FS-fs (loop2): invalid crc value
[  126.094941][   T30] audit: type=1400 audit(1738156319.410:2398): avc:  denied  { write } for  pid=7719 comm="syz.4.3159" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  126.118328][    T6] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  126.134862][ T7708] EXT4-fs (loop0): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  126.136945][   T30] audit: type=1326 audit(1738156319.410:2399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7717 comm="syz.5.3158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f900328ada9 code=0x7ffc0000
[  126.172710][ T7708] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:3876: comm syz.0.3154: Allocating blocks 497-513 which overlap fs metadata
[  126.200757][ T7708] EXT4-fs (loop0): pa ffff8881115b5930: logic 128, phys. 385, len 8
[  126.208677][ T7708] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:4893: group 0, free 0, pa_free 1
[  126.221274][ T7692] F2FS-fs (loop2): Found nat_bits in checkpoint
[  126.252103][   T30] audit: type=1326 audit(1738156319.460:2400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7717 comm="syz.5.3158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=441 compat=0 ip=0x7f900328ada9 code=0x7ffc0000
[  126.252394][ T7732] EXT4-fs error (device loop0): mb_free_blocks:1865: group 0, inode 15: block 369:freeing already freed block (bit 23); block bitmap corrupt.
[  126.296819][ T7692] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  126.304556][   T30] audit: type=1326 audit(1738156319.460:2401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7717 comm="syz.5.3158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f900328ada9 code=0x7ffc0000
[  126.327972][   T30] audit: type=1326 audit(1738156319.460:2402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7717 comm="syz.5.3158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f900328ada9 code=0x7ffc0000
[  126.351461][   T30] audit: type=1400 audit(1738156319.480:2403): avc:  denied  { mount } for  pid=7723 comm="syz.4.3162" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  126.374269][   T30] audit: type=1400 audit(1738156319.510:2404): avc:  denied  { read } for  pid=7707 comm="syz.0.3154" name="file1" dev="loop0" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  126.397391][    T6] usb 4-1: Using ep0 maxpacket: 8
[  126.417257][ T7740] loop4: detected capacity change from 0 to 512
[  126.423994][  T291] attempt to access beyond end of device
[  126.423994][  T291] loop2: rw=2049, want=45104, limit=40427
[  126.467959][ T7744] syz.5.3171[7744] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  126.468040][ T7744] syz.5.3171[7744] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  126.488365][   T30] audit: type=1400 audit(1738156319.830:2405): avc:  denied  { read write } for  pid=5440 comm="syz-executor" name="loop5" dev="devtmpfs" ino=117 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  126.513515][ T7748] loop0: detected capacity change from 0 to 512
[  126.530451][    T6] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[  126.530837][   T30] audit: type=1400 audit(1738156319.830:2406): avc:  denied  { open } for  pid=5440 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=117 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  126.538524][    T6] usb 4-1: config 179 has no interface number 0
[  126.577817][ T7740] EXT4-fs (loop4): 1 orphan inode deleted
[  126.583639][ T7740] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[  126.605013][ T7751] netlink: 88 bytes leftover after parsing attributes in process `syz.5.3173'.
[  126.610546][    T6] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  126.615508][ T7740] ext4 filesystem being mounted at /506/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  126.630401][ T7751] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3173'.
[  126.645629][    T6] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1029, setting to 1024
[  126.670505][    T6] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  126.682262][    T6] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  126.705812][ T7748] EXT4-fs error (device loop0): ext4_do_update_inode:5205: inode #16: comm syz.0.3169: corrupted inode contents
[  126.718963][    T6] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  126.724322][ T7748] EXT4-fs error (device loop0): ext4_dirty_inode:6041: inode #16: comm syz.0.3169: mark_inode_dirty error
[  126.760347][ T7748] EXT4-fs error (device loop0): ext4_do_update_inode:5205: inode #16: comm syz.0.3169: corrupted inode contents
[  126.778297][    T6] usb 4-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  126.794201][ T7748] EXT4-fs error (device loop0): __ext4_ext_dirty:183: inode #16: comm syz.0.3169: mark_inode_dirty error
[  126.809492][    T6] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  126.831871][ T7748] EXT4-fs error (device loop0): ext4_do_update_inode:5205: inode #16: comm syz.0.3169: corrupted inode contents
[  126.852112][ T7748] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  126.866039][ T7748] EXT4-fs error (device loop0): ext4_do_update_inode:5205: inode #16: comm syz.0.3169: corrupted inode contents
[  126.870216][ T7700] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  126.884952][ T7748] EXT4-fs error (device loop0): ext4_truncate:4303: inode #16: comm syz.0.3169: mark_inode_dirty error
[  126.900225][ T7748] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  126.900388][ T7770] netlink: 120 bytes leftover after parsing attributes in process `syz.5.3179'.
[  126.911449][    T6] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:179.65/input/input11
[  126.918660][ T7748] EXT4-fs (loop0): 1 truncate cleaned up
[  126.934620][ T7748] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  126.947053][ T7748] ext4 filesystem being mounted at /726/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  126.992661][ T7776] loop4: detected capacity change from 0 to 1024
[  127.005060][ T7748] devtmpfs: Unknown parameter 'ÖLN3'
[  127.020416][ T7779] loop5: detected capacity change from 0 to 512
[  127.027356][ T7776] EXT4-fs (loop4): Ignoring removed nobh option
[  127.033742][ T7776] EXT4-fs (loop4): Ignoring removed bh option
[  127.039743][ T7776] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  127.060757][ T7779] EXT4-fs (loop5): Unrecognized mount option "pcr=00000000000000000053" or missing value
[  127.082014][ T7776] EXT4-fs (loop4): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  127.120597][ T7776] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3876: comm syz.4.3181: Allocating blocks 497-513 which overlap fs metadata
[  127.142766][ T7776] EXT4-fs (loop4): pa ffff8881115b5e70: logic 128, phys. 385, len 8
[  127.150705][ T7776] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:4893: group 0, free 0, pa_free 1
[  127.190032][ T7793] loop5: detected capacity change from 0 to 256
[  127.211874][ T7794] EXT4-fs error (device loop4): mb_free_blocks:1865: group 0, inode 15: block 369:freeing already freed block (bit 23); block bitmap corrupt.
[  127.228946][   T26] usb 4-1: USB disconnect, device number 6
[  127.230116][    C0] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  127.242883][   T26] xpad 4-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  127.269332][ T7793] exFAT-fs (loop5): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  127.272510][ T7802] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3194'.
[  127.288242][ T7793] exFAT-fs (loop5): error, exfat_alloc_cluster: invalid used clusters(t:15,u:4294967295)
[  127.288242][ T7793] 
[  127.291187][ T7802] netlink: 152 bytes leftover after parsing attributes in process `syz.0.3194'.
[  127.350172][ T7793] exFAT-fs (loop5): Filesystem has been set read-only
[  127.362080][ T7793] exFAT-fs (loop5): error, failed to bmap (inode : ffff88812d2debf0 iblock : 0, err : -5)
[  127.436436][ T7825] tap0: tun_chr_ioctl cmd 1074025681
[  127.448552][ T7827] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3202'.
[  127.460029][ T7827] netlink: 'syz.5.3202': attribute type 15 has an invalid length.
[  127.468035][ T7827] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3202'.
[  127.629591][ T7843] netlink: 'syz.4.3213': attribute type 16 has an invalid length.
[  127.642838][ T7843] netlink: 'syz.4.3213': attribute type 3 has an invalid length.
[  127.650717][ T7843] netlink: 'syz.4.3213': attribute type 1 has an invalid length.
[  127.658343][ T7843] netlink: 'syz.4.3213': attribute type 1 has an invalid length.
[  127.670214][ T7843] netlink: 'syz.4.3213': attribute type 2 has an invalid length.
[  127.678537][ T7843] netlink: 64006 bytes leftover after parsing attributes in process `syz.4.3213'.
[  127.791145][ T7859] tap0: tun_chr_ioctl cmd 1074025681
[  127.803500][ T7839] loop5: detected capacity change from 0 to 40427
[  127.850786][ T7839] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  127.869943][ T7839] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  127.910896][ T7839] F2FS-fs (loop5): Found nat_bits in checkpoint
[  127.968292][ T7839] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  127.975567][ T7839] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  127.997085][ T7897] loop0: detected capacity change from 0 to 128
[  128.024092][ T7897] FAT-fs (loop0): error, corrupted file size (i_pos 548, 512)
[  128.031596][ T7897] FAT-fs (loop0): Filesystem has been set read-only
[  128.038431][ T7897] FAT-fs (loop0): error, corrupted file size (i_pos 548, 512)
[  128.080524][ T7903] tap0: tun_chr_ioctl cmd 1074025681
[  128.207315][ T7925] loop0: detected capacity change from 0 to 512
[  128.208673][ T7927] loop5: detected capacity change from 0 to 256
[  128.221720][ T7925] EXT4-fs (loop0): Test dummy encryption mode enabled
[  128.228545][ T7925] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  128.239285][ T7925] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002]
[  128.247457][ T7925] System zones: 1-12
[  128.251939][ T7925] EXT4-fs (loop0): 1 truncate cleaned up
[  128.257921][ T7925] EXT4-fs (loop0): mounted filesystem without journal. Opts: nogrpid,jqfmt=vfsv0,test_dummy_encryption,debug,nobarrier,quota,,errors=continue. Quota mode: writeback.
[  128.392409][ T7943] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3257'.
[  128.401436][ T7943] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3257'.
[  128.440118][ T5545] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  128.547908][ T7974] syz.5.3272[7974] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  128.547983][ T7974] syz.5.3272[7974] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  128.577369][ T7979] input: syz0 as /devices/virtual/input/input13
[  128.632205][ T7983] loop4: detected capacity change from 0 to 256
[  128.647950][ T7983] FAT-fs (loop4): Directory bread(block 64) failed
[  128.655837][ T7983] FAT-fs (loop4): Directory bread(block 65) failed
[  128.662861][ T7983] FAT-fs (loop4): Directory bread(block 66) failed
[  128.669740][ T7983] FAT-fs (loop4): Directory bread(block 67) failed
[  128.677620][ T7983] FAT-fs (loop4): Directory bread(block 68) failed
[  128.684708][ T7983] FAT-fs (loop4): Directory bread(block 69) failed
[  128.694959][ T7983] FAT-fs (loop4): Directory bread(block 70) failed
[  128.701881][ T7983] FAT-fs (loop4): Directory bread(block 71) failed
[  128.711201][ T7983] FAT-fs (loop4): Directory bread(block 72) failed
[  128.720142][ T7983] FAT-fs (loop4): Directory bread(block 73) failed
[  128.752668][  T319] Bluetooth: hci0: Frame reassembly failed (-84)
[  128.760892][ T7989] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  128.768894][  T319] Bluetooth: hci0: Frame reassembly failed (-84)
[  128.810214][ T5545] usb 3-1: config 0 has an invalid interface number: 104 but max is 0
[  128.818942][    T6] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  128.830140][ T5545] usb 3-1: config 0 has no interface number 0
[  128.836503][ T5545] usb 3-1: config 0 interface 104 has no altsetting 0
[  128.899384][ T8001] loop3: detected capacity change from 0 to 512
[  128.943545][ T8001] EXT4-fs error (device loop3): ext4_do_update_inode:5205: inode #16: comm syz.3.3285: corrupted inode contents
[  128.955921][ T8001] EXT4-fs error (device loop3): ext4_dirty_inode:6041: inode #16: comm syz.3.3285: mark_inode_dirty error
[  128.970342][ T8001] EXT4-fs error (device loop3): ext4_do_update_inode:5205: inode #16: comm syz.3.3285: corrupted inode contents
[  128.987116][ T8001] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #16: comm syz.3.3285: mark_inode_dirty error
[  128.988250][ T7999] loop4: detected capacity change from 0 to 40427
[  129.001987][ T8001] EXT4-fs error (device loop3): ext4_do_update_inode:5205: inode #16: comm syz.3.3285: corrupted inode contents
[  129.009609][ T5545] usb 3-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=a1.c9
[  129.026045][ T8001] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  129.035529][ T5545] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  129.044406][ T8001] EXT4-fs error (device loop3): ext4_do_update_inode:5205: inode #16: comm syz.3.3285: corrupted inode contents
[  129.052336][ T5545] usb 3-1: Product: syz
[  129.065213][ T8001] EXT4-fs error (device loop3): ext4_truncate:4303: inode #16: comm syz.3.3285: mark_inode_dirty error
[  129.068714][ T5545] usb 3-1: Manufacturer: syz
[  129.081554][ T8001] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  129.085472][    T6] usb 1-1: Using ep0 maxpacket: 16
[  129.095113][ T8001] EXT4-fs (loop3): 1 truncate cleaned up
[  129.099255][ T5545] usb 3-1: SerialNumber: syz
[  129.106033][ T8001] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  129.111829][ T5545] usb 3-1: config 0 descriptor??
[  129.123289][ T8001] ext4 filesystem being mounted at /623/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  129.157541][ T8001] devtmpfs: Unknown parameter 'ÖLN3'
[  129.158198][ T7999] F2FS-fs (loop4): Found nat_bits in checkpoint
[  129.190595][ T7999] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  129.204374][ T7999] attempt to access beyond end of device
[  129.204374][ T7999] loop4: rw=2049, want=45104, limit=40427
[  129.220230][  T294] attempt to access beyond end of device
[  129.220230][  T294] loop4: rw=2049, want=45112, limit=40427
[  129.232168][    T6] usb 1-1: config 0 has an invalid interface number: 110 but max is 0
[  129.251744][    T6] usb 1-1: config 0 has no interface number 0
[  129.430265][    T6] usb 1-1: New USB device found, idVendor=0403, idProduct=6010, bcdDevice=66.39
[  129.439224][ T7643] usb 3-1: USB disconnect, device number 3
[  129.447018][    T6] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  129.455439][    T6] usb 1-1: Product: syz
[  129.459746][    T6] usb 1-1: Manufacturer: syz
[  129.467437][    T6] usb 1-1: SerialNumber: syz
[  129.480375][    T6] usb 1-1: config 0 descriptor??
[  129.520719][    T6] ftdi_sio 1-1:0.110: FTDI USB Serial Device converter detected
[  129.528521][    T6] usb 1-1: Detected FT-X
[  129.740203][    T6] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  129.760241][    T6] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  129.780261][    T6] ftdi_sio 1-1:0.110: GPIO initialisation failed: -71
[  129.798651][    T6] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  129.810765][    T6] usb 1-1: USB disconnect, device number 7
[  129.817323][    T6] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  129.826716][    T6] ftdi_sio 1-1:0.110: device disconnected
[  129.963524][ T8053] xt_NFQUEUE: number of total queues is 0
[  130.292770][ T8080] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  130.464797][ T8074] loop2: detected capacity change from 0 to 131072
[  130.527999][ T8103] loop4: detected capacity change from 0 to 512
[  130.531366][ T8074] F2FS-fs (loop2): QUOTA feature is enabled, so ignore qf_name
[  130.555285][ T8074] F2FS-fs (loop2): invalid crc value
[  130.563610][ T8103] EXT4-fs (loop4): Test dummy encryption mode enabled
[  130.574631][ T8103] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  130.587667][ T8103] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002]
[  130.587703][ T8074] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387)
[  130.597553][ T8103] System zones: 1-12
[  130.614039][ T8103] EXT4-fs (loop4): 1 truncate cleaned up
[  130.620661][ T8103] EXT4-fs (loop4): mounted filesystem without journal. Opts: nogrpid,jqfmt=vfsv0,test_dummy_encryption,debug,nobarrier,quota,,errors=continue. Quota mode: writeback.
[  130.638924][ T8112] binder: 8111:8112 ioctl c018620b 0 returned -14
[  130.672218][ T8074] F2FS-fs (loop2): Mounted with checkpoint version = 753bd00b
[  130.809569][ T8115] loop3: detected capacity change from 0 to 40427
[  130.816486][ T7643] Bluetooth: hci0: command 0x1003 tx timeout
[  130.822439][  T819] Bluetooth: hci0: sending frame failed (-49)
[  130.850936][ T8115] F2FS-fs (loop3): fault_injection options not supported
[  130.870577][ T8115] F2FS-fs (loop3): invalid crc value
[  130.892130][ T8115] F2FS-fs (loop3): Found nat_bits in checkpoint
[  130.915228][ T8131] loop4: detected capacity change from 0 to 256
[  130.952617][ T8115] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  131.074381][   T30] kauditd_printk_skb: 294 callbacks suppressed
[  131.074396][   T30] audit: type=1400 audit(1738156324.420:2701): avc:  denied  { read } for  pid=8149 comm="syz.3.3342" name="loop-control" dev="devtmpfs" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  131.114370][   T30] audit: type=1400 audit(1738156324.460:2702): avc:  denied  { open } for  pid=8149 comm="syz.3.3342" path="/dev/loop-control" dev="devtmpfs" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  131.204135][   T30] audit: type=1400 audit(1738156324.460:2703): avc:  denied  { ioctl } for  pid=8149 comm="syz.3.3342" path="/dev/loop-control" dev="devtmpfs" ino=111 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  131.218448][ T8171] loop0: detected capacity change from 0 to 512
[  131.253558][   T30] audit: type=1400 audit(1738156324.590:2704): avc:  denied  { read } for  pid=8166 comm="syz.3.3355" dev="nsfs" ino=4026532288 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  131.288191][   T30] audit: type=1400 audit(1738156324.590:2705): avc:  denied  { open } for  pid=8166 comm="syz.3.3355" path="net:[4026532288]" dev="nsfs" ino=4026532288 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  131.315313][   T30] audit: type=1400 audit(1738156324.590:2706): avc:  denied  { create } for  pid=8166 comm="syz.3.3355" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  131.337235][ T8171] EXT4-fs (loop0): Test dummy encryption mode enabled
[  131.341147][ T8181] loop4: detected capacity change from 0 to 256
[  131.356608][ T8171] EXT4-fs error (device loop0): ext4_fill_super:4832: inode #2: comm syz.0.3357: casefold flag without casefold feature
[  131.376644][ T8181] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  131.389927][   T30] audit: type=1400 audit(1738156324.590:2707): avc:  denied  { shutdown } for  pid=8166 comm="syz.3.3355" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  131.392265][ T8171] EXT4-fs (loop0): get root inode failed
[  131.413478][ T8187] loop2: detected capacity change from 0 to 512
[  131.423513][ T8171] EXT4-fs (loop0): mount failed
[  131.432451][   T30] audit: type=1400 audit(1738156324.590:2708): avc:  denied  { connect } for  pid=8166 comm="syz.3.3355" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  131.452879][   T30] audit: type=1326 audit(1738156324.720:2709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8184 comm="syz.3.3363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa73ea4eda9 code=0x7ffc0000
[  131.493371][   T30] audit: type=1400 audit(1738156324.760:2710): avc:  denied  { lock } for  pid=8180 comm="syz.4.3362" path="/565/file0/file1" dev="loop4" ino=1048675 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  131.518228][ T8189] binder: 8188:8189 ioctl 40046205 0 returned -22
[  131.546813][ T8187] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback.
[  131.579362][ T8187] ext4 filesystem being mounted at /624/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  131.605938][ T8199] loop0: detected capacity change from 0 to 256
[  131.647793][ T8199] FAT-fs (loop0): Directory bread(block 64) failed
[  131.655337][ T8199] FAT-fs (loop0): Directory bread(block 65) failed
[  131.663389][ T8199] FAT-fs (loop0): Directory bread(block 66) failed
[  131.670282][ T8199] FAT-fs (loop0): Directory bread(block 67) failed
[  131.687278][ T8199] FAT-fs (loop0): Directory bread(block 68) failed
[  131.704708][ T8199] FAT-fs (loop0): Directory bread(block 69) failed
[  131.717786][ T8199] FAT-fs (loop0): Directory bread(block 70) failed
[  131.729317][ T8199] FAT-fs (loop0): Directory bread(block 71) failed
[  131.738235][ T8199] FAT-fs (loop0): Directory bread(block 72) failed
[  131.773124][ T8199] FAT-fs (loop0): Directory bread(block 73) failed
[  131.774330][ T8218] __nla_validate_parse: 3 callbacks suppressed
[  131.774345][ T8218] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3376'.
[  131.800871][ T8219] loop2: detected capacity change from 0 to 256
[  131.814713][ T8212] loop4: detected capacity change from 0 to 8192
[  131.854343][ T8212] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  132.106351][ T8252] loop4: detected capacity change from 0 to 256
[  132.123475][ T8252] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x0e5ad3fb, utbl_chksum : 0xe619d30d)
[  132.193005][ T8256] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3392'.
[  132.771323][ T8264] binder: 8263:8264 ioctl 40046205 0 returned -22
[  132.828847][ T8282] netpci0: tun_chr_ioctl cmd 1074025676
[  132.835767][ T8282] netpci0: owner set to 0
[  132.842547][  T322] kernel write not supported for file /1231/attr/sockcreate (pid: 322 comm: kworker/1:3)
[  132.890194][  T313] Bluetooth: hci0: command 0x1001 tx timeout
[  132.896387][  T819] Bluetooth: hci0: sending frame failed (-49)
[  132.945175][ T8306] device sit0 entered promiscuous mode
[  132.997956][ T8316] loop2: detected capacity change from 0 to 2048
[  133.001948][ T8314] loop0: detected capacity change from 0 to 256
[  133.048335][ T8316] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  133.074348][ T8314] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x0e5ad3fb, utbl_chksum : 0xe619d30d)
[  133.098848][ T8316] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  133.123750][ T8316] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  133.152035][ T8316] EXT4-fs (loop2): This should not happen!! Data will be lost
[  133.152035][ T8316] 
[  133.162140][ T8316] EXT4-fs (loop2): Total free blocks count 0
[  133.168526][ T8316] EXT4-fs (loop2): Free/Dirty block details
[  133.174472][ T8316] EXT4-fs (loop2): free_blocks=66060288
[  133.180190][ T8316] EXT4-fs (loop2): dirty_blocks=16
[  133.185906][ T8316] EXT4-fs (loop2): Block reservation details
[  133.216404][ T8316] EXT4-fs (loop2): i_reserved_data_blocks=1
[  133.231964][ T8339] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 15 with max blocks 1 with error 28
[  133.254634][ T8339] EXT4-fs (loop2): This should not happen!! Data will be lost
[  133.254634][ T8339] 
[  133.317544][ T8355] loop3: detected capacity change from 0 to 1024
[  133.352601][ T8355] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  133.376788][ T8360] loop0: detected capacity change from 0 to 8192
[  133.421401][ T8360] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  133.590672][  T322] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  133.636083][ T8400] loop3: detected capacity change from 0 to 8192
[  133.701395][ T8400] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  133.705347][ T8393] loop0: detected capacity change from 0 to 40427
[  133.750930][ T8393] F2FS-fs (loop0): fault_injection options not supported
[  133.759665][ T8393] F2FS-fs (loop0): invalid crc value
[  133.770569][ T8393] F2FS-fs (loop0): Found nat_bits in checkpoint
[  133.818830][ T8393] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  133.960614][  T322] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  133.971781][ T8423] device sit0 entered promiscuous mode
[  133.980758][  T322] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  133.998372][  T322] usb 5-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00
[  134.020166][  T322] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.029858][  T322] usb 5-1: config 0 descriptor??
[  134.173470][ T8440] loop3: detected capacity change from 0 to 256
[  134.204122][ T8407] loop2: detected capacity change from 0 to 131072
[  134.213552][ T8440] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  134.226569][ T8434] loop0: detected capacity change from 0 to 40427
[  134.242167][ T8407] F2FS-fs (loop2): Test dummy encryption mode enabled
[  134.254068][ T8407] F2FS-fs (loop2): invalid crc value
[  134.260985][ T8434] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504)
[  134.268841][ T8434] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  134.278378][ T8407] F2FS-fs (loop2): Found nat_bits in checkpoint
[  134.279722][ T8434] F2FS-fs (loop0): invalid crc value
[  134.298143][ T8434] F2FS-fs (loop0): Found nat_bits in checkpoint
[  134.335102][ T8407] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  134.343250][ T8434] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  134.352064][ T8434] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  134.416540][  T292] attempt to access beyond end of device
[  134.416540][  T292] loop0: rw=2049, want=45104, limit=40427
[  134.511775][  T322] hid-led 0003:1D34:000A.0007: unknown main item tag 0x0
[  134.518967][  T322] hid-led 0003:1D34:000A.0007: unknown main item tag 0x0
[  134.566568][  T322] hid-led 0003:1D34:000A.0007: unknown main item tag 0x0
[  134.590253][  T322] hid-led 0003:1D34:000A.0007: unknown main item tag 0x0
[  134.597323][  T322] hid-led 0003:1D34:000A.0007: unknown main item tag 0x0
[  134.604003][ T8475] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[  134.731357][  T322] hid-led 0003:1D34:000A.0007: hidraw0: USB HID v0.00 Device [HID 1d34:000a] on usb-dummy_hcd.4-1/input0
[  134.756630][  T322] hid-led 0003:1D34:000A.0007: Dream Cheeky Webmail Notifier initialized
[  134.795139][ T8505] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3501'.
[  134.861458][ T8517] blk_update_request: I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  134.880612][ T8517] FAT-fs (loop5): unable to read boot sector
[  134.937120][ T5545] usb 5-1: USB disconnect, device number 6
[  134.946024][ T8523] loop2: detected capacity change from 0 to 512
[  134.970248][  T313] Bluetooth: hci0: command 0x1009 tx timeout
[  134.991331][ T8523] EXT4-fs (loop2): Ignoring removed mblk_io_submit option
[  134.999644][ T8523] EXT4-fs (loop2): Ignoring removed bh option
[  135.020360][ T8523] EXT4-fs (loop2): Mount option "noload" incompatible with ext2
[  135.123395][ T8549] loop2: detected capacity change from 0 to 1024
[  135.142870][ T8551] input: syz1 as /devices/virtual/input/input14
[  135.151078][ T8549] EXT4-fs (loop2): Ignoring removed oldalloc option
[  135.180508][ T8549] EXT4-fs (loop2): mounted filesystem without journal. Opts: stripe=0x0000000000000003,noauto_da_alloc,jqfmt=vfsold,data_err=ignore,noauto_da_alloc,delalloc,resuid=0x0000000000000000,oldalloc,jqfmt=vfsv1,,errors=continue. Quota mode: none.
[  135.233988][ T8543] loop0: detected capacity change from 0 to 40427
[  135.280870][ T8564] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  135.280925][ T8543] F2FS-fs (loop0): Found nat_bits in checkpoint
[  135.302503][ T8564] FAT-fs (loop7): unable to read boot sector
[  135.328876][ T8543] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  135.384776][ T8543] attempt to access beyond end of device
[  135.384776][ T8543] loop0: rw=10241, want=45104, limit=40427
[  135.418603][  T292] attempt to access beyond end of device
[  135.418603][  T292] loop0: rw=2049, want=45112, limit=40427
[  135.450599][ T8580] netlink: 80 bytes leftover after parsing attributes in process `syz.3.3533'.
[  135.542863][ T8590] loop4: detected capacity change from 0 to 512
[  135.592239][ T8590] EXT4-fs (loop4): mounted filesystem without journal. Opts: auto_da_alloc=0x0000000000000007,inode_readahead_blks=0x0000000000000800,norecovery,user_xattr,,errors=continue. Quota mode: writeback.
[  135.613035][ T8590] ext4 filesystem being mounted at /602/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  135.652099][ T8604] loop2: detected capacity change from 0 to 256
[  135.674719][ T8609] bridge0: port 1(syz_tun) entered blocking state
[  135.681953][ T8609] bridge0: port 1(syz_tun) entered disabled state
[  135.689300][ T8609] device syz_tun entered promiscuous mode
[  135.700680][ T8609] bridge0: port 1(syz_tun) entered blocking state
[  135.707268][ T8609] bridge0: port 1(syz_tun) entered forwarding state
[  135.717591][ T8604] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d16cac, utbl_chksum : 0xe619d30d)
[  135.739716][ T8604] exFAT-fs (loop2): error, invalid access to FAT free cluster (entry 0x00000008)
[  135.757811][ T8604] exFAT-fs (loop2): Filesystem has been set read-only
[  135.769217][ T8618] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3549'.
[  135.770863][ T8604] exFAT-fs (loop2): error, failed to bmap (inode : ffff888128719660 iblock : 8, err : -5)
[  135.778928][ T8618] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3549'.
[  135.789393][ T8604] exFAT-fs (loop2): error, invalid access to FAT free cluster (entry 0x00000008)
[  135.810475][ T8604] exFAT-fs (loop2): Filesystem has been set read-only
[  135.866768][ T8630] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3554'.
[  136.039044][ T8649] syzkaller0: tun_chr_ioctl cmd 1074025677
[  136.055686][ T8649] syzkaller0: linktype set to 821
[  136.147566][ T8638] loop3: detected capacity change from 0 to 40427
[  136.161630][ T8638] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504)
[  136.168814][ T8638] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  136.190752][ T8638] F2FS-fs (loop3): invalid crc value
[  136.211166][ T8638] F2FS-fs (loop3): Found nat_bits in checkpoint
[  136.254978][ T8675] loop4: detected capacity change from 0 to 256
[  136.280432][ T8638] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  136.287558][ T8638] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  136.346954][  T290] attempt to access beyond end of device
[  136.346954][  T290] loop3: rw=2049, want=45104, limit=40427
[  136.495255][   T30] kauditd_printk_skb: 234 callbacks suppressed
[  136.495270][   T30] audit: type=1400 audit(2000000003.683:2945): avc:  denied  { create } for  pid=8679 comm="syz.4.3577" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  136.560319][   T30] audit: type=1400 audit(2000000003.693:2946): avc:  denied  { connect } for  pid=8679 comm="syz.4.3577" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  136.600207][   T30] audit: type=1400 audit(2000000003.693:2947): avc:  denied  { bind } for  pid=8679 comm="syz.4.3577" lport=8 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  136.650125][   T30] audit: type=1400 audit(2000000003.693:2948): avc:  denied  { name_bind } for  pid=8679 comm="syz.4.3577" src=512 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1
[  136.680096][ T8663] loop0: detected capacity change from 0 to 131072
[  136.687103][   T30] audit: type=1400 audit(2000000003.693:2949): avc:  denied  { node_bind } for  pid=8679 comm="syz.4.3577" src=512 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[  136.722505][ T8663] F2FS-fs (loop0): Test dummy encryption mode enabled
[  136.736152][ T8663] F2FS-fs (loop0): invalid crc value
[  136.744175][ T8663] F2FS-fs (loop0): Found nat_bits in checkpoint
[  136.793542][ T8663] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  136.955182][ T8720] device sit0 entered promiscuous mode
[  137.024009][ T8732] loop3: detected capacity change from 0 to 512
[  137.058966][   T30] audit: type=1400 audit(2000000004.243:2950): avc:  denied  { append } for  pid=8736 comm="syz.0.3599" name="kvm" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  137.100950][ T8732] EXT4-fs (loop3): Ignoring removed oldalloc option
[  137.107513][ T8732] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option
[  137.117285][ T8732] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.3597: inode #1: comm syz.3.3597: iget: illegal inode #
[  137.130868][ T8732] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.3597: error while reading EA inode 1 err=-117
[  137.143841][ T8732] EXT4-fs (loop3): 1 orphan inode deleted
[  137.149427][ T8732] EXT4-fs (loop3): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_dev=0x0000000000008000,debug_want_extra_isize=0x0000000000000008,oldalloc,resgid=0x0000000000000000,nomblk_io_submit,usrjquota=,,errors=continue. Quota mode: none.
[  137.179658][   T30] audit: type=1400 audit(2000000004.363:2951): avc:  denied  { setattr } for  pid=8731 comm="syz.3.3597" name="file0" dev="loop3" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  137.230777][ T8742] incfs: Options parsing error. -22
[  137.236591][ T8742] incfs: mount failed -22
[  137.242076][   T30] audit: type=1400 audit(2000000004.433:2952): avc:  denied  { write } for  pid=83 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  137.285601][   T30] audit: type=1400 audit(2000000004.433:2953): avc:  denied  { remove_name } for  pid=83 comm="syslogd" name="messages" dev="tmpfs" ino=7 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  137.319224][ T8748] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3602'.
[  137.331424][   T30] audit: type=1400 audit(2000000004.433:2954): avc:  denied  { rename } for  pid=83 comm="syslogd" name="messages" dev="tmpfs" ino=7 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  137.455838][ T8760] loop4: detected capacity change from 0 to 256
[  137.503778][ T8760] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d16cac, utbl_chksum : 0xe619d30d)
[  137.520263][ T8760] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000008)
[  137.529700][ T8760] exFAT-fs (loop4): Filesystem has been set read-only
[  137.536749][ T8760] exFAT-fs (loop4): error, failed to bmap (inode : ffff88812d2de7a0 iblock : 8, err : -5)
[  137.546836][ T8760] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000008)
[  138.502447][ T8815] syz.3.3633[8815] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  138.502526][ T8815] syz.3.3633[8815] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  138.517545][ T8815] netlink: 64 bytes leftover after parsing attributes in process `syz.3.3633'.
[  138.646009][ T8831] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3640'.
[  138.707203][ T8840] loop0: detected capacity change from 0 to 256
[  138.724012][ T8840] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x421408f7, utbl_chksum : 0xe619d30d)
[  138.726151][ T8847] incfs: iterate_incfs_dir / -22
[  138.744631][ T8840] exFAT-fs (loop0): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  138.841251][ T8867] netlink: 68 bytes leftover after parsing attributes in process `syz.3.3656'.
[  138.850035][ T8867] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3656'.
[  138.861245][ T8869] loop2: detected capacity change from 0 to 128
[  138.870554][ T8867] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3656'.
[  138.880115][ T8867] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3656'.
[  138.909910][ T8872] loop5: detected capacity change from 0 to 2048
[  138.921350][ T8869] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  138.932009][ T8869] ext4 filesystem being mounted at /678/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  138.950601][ T8881] syzkaller0: tun_chr_ioctl cmd 1074025673
[  138.979938][ T8872] Alternate GPT is invalid, using primary GPT.
[  138.994087][ T8872]  loop5: p2 p3 p7
[  139.220135][ T8910] tun1: tun_chr_ioctl cmd 1074025675
[  139.225348][ T8910] tun1: persist disabled
[  139.357670][ T8893] loop0: detected capacity change from 0 to 40427
[  139.400726][ T8893] F2FS-fs (loop0): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  139.408223][ T8893] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  139.429060][ T8893] F2FS-fs (loop0): invalid crc value
[  139.445510][ T8893] F2FS-fs (loop0): Found nat_bits in checkpoint
[  139.520388][ T8893] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  139.532529][ T8893] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  139.621135][  T292] attempt to access beyond end of device
[  139.621135][  T292] loop0: rw=2049, want=45104, limit=40427
[  139.643952][ T8948] loop3: detected capacity change from 0 to 1024
[  139.731913][ T8948] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  139.817534][ T8905] loop2: detected capacity change from 0 to 131072
[  139.882205][ T8905] F2FS-fs (loop2): Test dummy encryption mode enabled
[  139.892691][ T8905] F2FS-fs (loop2): invalid crc value
[  139.906393][ T8905] F2FS-fs (loop2): Found nat_bits in checkpoint
[  139.946362][ T8905] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  140.079725][ T8991] loop5: detected capacity change from 0 to 2048
[  140.131853][ T8991] EXT4-fs (loop5): mounted filesystem without journal. Opts: lazytime,usrjquota=,errors=remount-ro,bsdgroups,auto_da_alloc,jqfmt=vfsv1,nouid32,journal_dev=0x0000000000000007,grpjquota=,bsddf,. Quota mode: none.
[  140.306876][ T8991] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.3710: bg 0: block 234: padding at end of block bitmap is not set
[  140.325520][ T8991] EXT4-fs (loop5): Remounting filesystem read-only
[  140.326375][ T9004] loop2: detected capacity change from 0 to 128
[  140.354861][ T9004] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  140.363199][ T9004] FAT-fs (loop2): Filesystem has been set read-only
[  140.369831][ T9004] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  140.378716][ T9004] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  140.430123][  T313] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  140.520236][  T322] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  140.680137][  T313] usb 4-1: Using ep0 maxpacket: 8
[  140.757340][ T9012] loop5: detected capacity change from 0 to 131072
[  140.811085][ T9012] F2FS-fs (loop5): Test dummy encryption mode enabled
[  140.818853][ T9012] F2FS-fs (loop5): invalid crc value
[  140.825554][ T9012] F2FS-fs (loop5): Found nat_bits in checkpoint
[  140.848356][ T9012] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  140.880199][  T322] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  140.891511][  T322] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  140.901892][  T322] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  140.911329][  T322] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.921334][  T322] usb 1-1: config 0 descriptor??
[  141.000187][  T313] usb 4-1: New USB device found, idVendor=12d1, idProduct=fae2, bcdDevice=70.8b
[  141.009145][  T313] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  141.030263][  T313] usb 4-1: Product: syz
[  141.035134][  T313] usb 4-1: Manufacturer: syz
[  141.039490][  T313] usb 4-1: SerialNumber: syz
[  141.060647][  T313] usb 4-1: config 0 descriptor??
[  141.313101][  T313] usb 4-1: USB disconnect, device number 7
[  141.401461][  T322] pyra 0003:1E7D:2CF6.0008: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.0-1/input0
[  141.477624][ T9037] loop2: detected capacity change from 0 to 512
[  141.522623][ T9037] EXT4-fs error (device loop2): ext4_orphan_get:1401: inode #15: comm syz.2.3725: casefold flag without casefold feature
[  141.535788][ T9037] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.3725: couldn't read orphan inode 15 (err -117)
[  141.548506][ T9037] EXT4-fs (loop2): mounted filesystem without journal. Opts: debug_want_extra_isize=0x0000000000000040,dioread_lock,,errors=continue. Quota mode: none.
[  141.697107][ T9049] loop2: detected capacity change from 0 to 256
[  141.720547][ T9049] FAT-fs (loop2): Unrecognized mount option "18446744073709551615" or missing value
[  141.830170][  T322] pyra 0003:1E7D:2CF6.0008: couldn't init struct pyra_device
[  141.837550][  T322] pyra 0003:1E7D:2CF6.0008: couldn't install mouse
[  141.852721][  T322] pyra: probe of 0003:1E7D:2CF6.0008 failed with error -71
[  141.868783][  T322] usb 1-1: USB disconnect, device number 8
[  141.882091][   T30] kauditd_printk_skb: 52 callbacks suppressed
[  141.882108][   T30] audit: type=1400 audit(2000000009.073:3007): avc:  denied  { relabelfrom } for  pid=9056 comm="syz.3.3734" name="" dev="pipefs" ino=48006 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  141.933820][   T30] audit: type=1400 audit(2000000009.123:3008): avc:  denied  { connect } for  pid=9062 comm="syz.4.3737" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  142.065801][   T30] audit: type=1400 audit(2000000009.253:3009): avc:  denied  { write } for  pid=9076 comm="syz.3.3743" path="socket:[48171]" dev="sockfs" ino=48171 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  142.139348][ T9091] input: syz0 as /devices/virtual/input/input17
[  142.349926][ T9116] loop2: detected capacity change from 0 to 2048
[  142.371605][ T9115] kvm [9113]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc0010007 data 0x0
[  142.422271][ T9116] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  142.440441][   T30] audit: type=1400 audit(2000000009.633:3010): avc:  denied  { write } for  pid=9111 comm="syz.2.3758" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  142.465898][   T30] audit: type=1400 audit(2000000009.633:3011): avc:  denied  { append } for  pid=9111 comm="syz.2.3758" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  142.488814][   T30] audit: type=1400 audit(2000000009.663:3012): avc:  denied  { read } for  pid=9126 comm="syz.0.3763" path="socket:[48309]" dev="sockfs" ino=48309 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  142.549657][ T9129] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  142.595694][ T9137] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3768'.
[  142.604842][ T9137] sch_fq: defrate 0 ignored.
[  142.609336][ T9137] netlink: 100 bytes leftover after parsing attributes in process `syz.0.3768'.
[  142.646714][ T9146] kvm [9145]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc0010007 data 0x0
[  142.681043][ T9149] loop2: detected capacity change from 0 to 1024
[  142.701143][ T9149] EXT4-fs (loop2): Ignoring removed orlov option
[  142.707666][ T9149] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option
[  142.722344][ T9149] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,minixdf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nomblk_io_submit,noauto_da_alloc,noinit_itable,,errors=continue. Quota mode: none.
[  142.730425][    C1] ==================================================================
[  142.749207][ T9149] EXT4-fs (loop2): shut down requested (1)
[  142.753420][    C1] BUG: KASAN: use-after-free in cpu_map_generic_redirect+0x1a8/0x6d0
[  142.753455][    C1] Read of size 8 at addr ffff888115d31818 by task kworker/1:2/60
[  142.753470][    C1] 
[  142.753475][    C1] CPU: 1 PID: 60 Comm: kworker/1:2 Not tainted 5.15.176-syzkaller-00066-gd1a25a6a4b3b #0
[  142.753492][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  142.782682][ T9149] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  142.786700][    C1] Workqueue: wg-crypt-wg1 wg_packet_tx_worker
[  142.786733][    C1] Call Trace:
[  142.786741][    C1]  <IRQ>
[  142.798354][ T9149] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  142.807503][    C1]  dump_stack_lvl+0x151/0x1c0
[  142.807536][    C1]  ? io_uring_drop_tctx_refs+0x190/0x190
[  142.807552][    C1]  ? panic+0x760/0x760
[  142.807566][    C1]  print_address_description+0x87/0x3b0
[  142.815664][ T9149] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=13
[  142.817087][    C1]  kasan_report+0x179/0x1c0
[  142.817116][    C1]  ? kfree+0xcc/0x270
[  142.819857][ T9149] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  142.828361][    C1]  ? cpu_map_generic_redirect+0x1a8/0x6d0
[  142.828392][    C1]  ? cpu_map_generic_redirect+0x1a8/0x6d0
[  142.828408][    C1]  __asan_report_load8_noabort+0x14/0x20
[  142.828428][    C1]  cpu_map_generic_redirect+0x1a8/0x6d0
[  142.833512][ T9149] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  142.838516][    C1]  ? bpf_prog_run_generic_xdp+0x965/0x1070
[  142.838544][    C1]  ? cpu_map_enqueue+0x370/0x370
[  142.842959][ T9149] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=13
[  142.847809][    C1]  xdp_do_generic_redirect+0x3df/0xb40
[  142.847843][    C1]  do_xdp_generic+0x50b/0x7c0
[  142.847861][    C1]  ? generic_xdp_tx+0x490/0x490
[  142.847880][    C1]  ? migrate_disable+0xd9/0x190
[  142.857049][   T30] audit: type=1400 audit(2000000010.033:3013): avc:  denied  { remove_name } for  pid=9148 comm="syz.2.3773" name="file0" dev="loop2" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  142.861267][    C1]  __netif_receive_skb_core+0x1706/0x3640
[  142.861298][    C1]  ? set_rps_cpu+0x5e0/0x5e0
[  142.865801][   T30] audit: type=1400 audit(2000000010.033:3014): avc:  denied  { unlink } for  pid=9148 comm="syz.2.3773" name="file0" dev="loop2" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  142.874679][    C1]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[  142.874716][    C1]  __netif_receive_skb+0x11c/0x530
[  142.874736][    C1]  ? deliver_ptype_list_skb+0x3b0/0x3b0
[  142.874754][    C1]  ? __kasan_check_write+0x14/0x20
[  143.023624][    C1]  ? _raw_spin_lock+0xa4/0x1b0
[  143.028219][    C1]  ? _raw_spin_trylock_bh+0x190/0x190
[  143.033429][    C1]  process_backlog+0x31c/0x650
[  143.038027][    C1]  __napi_poll+0xc4/0x5a0
[  143.042194][    C1]  net_rx_action+0x47d/0xc50
[  143.046629][    C1]  ? net_tx_action+0x550/0x550
[  143.051576][    C1]  ? __sched_clock_gtod_offset+0xb0/0x100
[  143.057125][    C1]  handle_softirqs+0x25e/0x5c0
[  143.061723][    C1]  __do_softirq+0xb/0xd
[  143.065718][    C1]  do_softirq+0xf6/0x150
[  143.069792][    C1]  </IRQ>
[  143.072567][    C1]  <TASK>
[  143.075368][    C1]  ? __local_bh_enable_ip+0x80/0x80
[  143.080488][    C1]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[  143.086112][    C1]  __local_bh_enable_ip+0x75/0x80
[  143.091026][    C1]  _raw_read_unlock_bh+0x29/0x30
[  143.095752][    C1]  wg_socket_send_skb_to_peer+0x178/0x1d0
[  143.101570][    C1]  wg_packet_tx_worker+0x1e6/0x530
[  143.106511][    C1]  process_one_work+0x6bb/0xc10
[  143.111224][    C1]  worker_thread+0xad5/0x12a0
[  143.115716][    C1]  kthread+0x421/0x510
[  143.119611][    C1]  ? worker_clr_flags+0x180/0x180
[  143.124738][    C1]  ? kthread_blkcg+0xd0/0xd0
[  143.129159][    C1]  ret_from_fork+0x1f/0x30
[  143.133416][    C1]  </TASK>
[  143.136278][    C1] 
[  143.138445][    C1] Allocated by task 9139:
[  143.142613][    C1]  ____kasan_kmalloc+0xdb/0x110
[  143.147294][    C1]  __kasan_kmalloc+0x9/0x10
[  143.151636][    C1]  __kmalloc+0x13f/0x2c0
[  143.155714][    C1]  bpf_map_kmalloc_node+0xdb/0x160
[  143.160662][    C1]  cpu_map_update_elem+0x26c/0xea0
[  143.165609][    C1]  bpf_map_update_value+0x1a3/0x3c0
[  143.170643][    C1]  map_update_elem+0x644/0x770
[  143.175245][    C1]  __sys_bpf+0x405/0x760
[  143.179324][    C1]  __x64_sys_bpf+0x7c/0x90
[  143.183681][    C1]  x64_sys_call+0x87f/0x9a0
[  143.188007][    C1]  do_syscall_64+0x3b/0xb0
[  143.192262][    C1]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  143.198008][    C1] 
[  143.200160][    C1] Freed by task 9140:
[  143.203983][    C1]  kasan_set_track+0x4b/0x70
[  143.208401][    C1]  kasan_set_free_info+0x23/0x40
[  143.213177][    C1]  ____kasan_slab_free+0x126/0x160
[  143.218124][    C1]  __kasan_slab_free+0x11/0x20
[  143.222733][    C1]  slab_free_freelist_hook+0xbd/0x190
[  143.228156][    C1]  kfree+0xcc/0x270
[  143.231791][    C1]  put_cpu_map_entry+0x6dd/0x750
[  143.236581][    C1]  cpu_map_kthread_run+0x22d0/0x2390
[  143.241687][    C1]  kthread+0x421/0x510
[  143.245590][    C1]  ret_from_fork+0x1f/0x30
[  143.249943][    C1] 
[  143.252119][    C1] Last potentially related work creation:
[  143.257794][    C1]  kasan_save_stack+0x3b/0x60
[  143.262378][    C1]  __kasan_record_aux_stack+0xd3/0xf0
[  143.267669][    C1]  kasan_record_aux_stack_noalloc+0xb/0x10
[  143.273309][    C1]  insert_work+0x56/0x320
[  143.277476][    C1]  __queue_work+0x92a/0xcd0
[  143.282128][    C1]  queue_work_on+0x105/0x170
[  143.286544][    C1]  cpu_map_free+0x1e7/0x2c0
[  143.290892][    C1]  bpf_map_free_deferred+0x10d/0x1e0
[  143.296004][    C1]  process_one_work+0x6bb/0xc10
[  143.300690][    C1]  worker_thread+0xad5/0x12a0
[  143.305201][    C1]  kthread+0x421/0x510
[  143.309119][    C1]  ret_from_fork+0x1f/0x30
[  143.313744][    C1] 
[  143.316422][    C1] Second to last potentially related work creation:
[  143.322888][    C1]  kasan_save_stack+0x3b/0x60
[  143.327362][    C1]  __kasan_record_aux_stack+0xd3/0xf0
[  143.332591][    C1]  kasan_record_aux_stack_noalloc+0xb/0x10
[  143.338473][    C1]  call_rcu+0x123/0x10b0
[  143.342634][    C1]  cpu_map_free+0x109/0x2c0
[  143.346976][    C1]  bpf_map_free_deferred+0x10d/0x1e0
[  143.352889][    C1]  process_one_work+0x6bb/0xc10
[  143.357562][    C1]  worker_thread+0xad5/0x12a0
[  143.362083][    C1]  kthread+0x421/0x510
[  143.365994][    C1]  ret_from_fork+0x1f/0x30
[  143.370236][    C1] 
[  143.372417][    C1] The buggy address belongs to the object at ffff888115d31800
[  143.372417][    C1]  which belongs to the cache kmalloc-192 of size 192
[  143.386291][    C1] The buggy address is located 24 bytes inside of
[  143.386291][    C1]  192-byte region [ffff888115d31800, ffff888115d318c0)
[  143.399313][    C1] The buggy address belongs to the page:
[  143.404797][    C1] page:ffffea0004574c40 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x115d31
[  143.415793][    C1] flags: 0x4000000000000200(slab|zone=1)
[  143.421461][    C1] raw: 4000000000000200 0000000000000000 0000000100000001 ffff888100042c00
[  143.429970][    C1] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[  143.438551][    C1] page dumped because: kasan: bad access detected
[  143.444912][    C1] page_owner tracks the page as allocated
[  143.450451][    C1] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_HARDWALL), pid 10, ts 107278525660, free_ts 107266552840
[  143.467752][    C1]  post_alloc_hook+0x1a3/0x1b0
[  143.472372][    C1]  prep_new_page+0x1b/0x110
[  143.476687][    C1]  get_page_from_freelist+0x3550/0x35d0
[  143.482168][    C1]  __alloc_pages+0x27e/0x8f0
[  143.486582][    C1]  new_slab+0x9a/0x4e0
[  143.490486][    C1]  ___slab_alloc+0x39e/0x830
[  143.495008][    C1]  __slab_alloc+0x4a/0x90
[  143.499165][    C1]  __kmalloc+0x172/0x2c0
[  143.503271][    C1]  ext4_find_extent+0x375/0xe30
[  143.507943][    C1]  ext4_ext_map_blocks+0x269/0x7450
[  143.513104][    C1]  ext4_map_blocks+0xa60/0x1c70
[  143.517877][    C1]  ext4_convert_unwritten_extents+0x2e0/0x6c0
[  143.523878][    C1]  ext4_convert_unwritten_io_end_vec+0x104/0x180
[  143.530113][    C1]  ext4_end_io_rsv_work+0x358/0x690
[  143.535190][    C1]  process_one_work+0x6bb/0xc10
[  143.539831][    C1]  worker_thread+0xad5/0x12a0
[  143.544349][    C1] page last free stack trace:
[  143.548870][    C1]  free_unref_page_prepare+0x7c8/0x7d0
[  143.554242][    C1]  free_unref_page+0xe8/0x750
[  143.558954][    C1]  __free_pages+0x61/0xf0
[  143.563129][    C1]  free_pages+0x7c/0x90
[  143.567112][    C1]  tlb_finish_mmu+0x253/0x320
[  143.571722][    C1]  exit_mmap+0x484/0x990
[  143.575829][    C1]  __mmput+0x95/0x310
[  143.579697][    C1]  mmput+0x5b/0x170
[  143.583342][    C1]  do_exit+0xb9c/0x2ca0
[  143.587333][    C1]  do_group_exit+0x141/0x310
[  143.591768][    C1]  __x64_sys_exit_group+0x3f/0x40
[  143.596633][    C1]  x64_sys_call+0x610/0x9a0
[  143.600960][    C1]  do_syscall_64+0x3b/0xb0
[  143.605242][    C1]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  143.610943][    C1] 
[  143.613111][    C1] Memory state around the buggy address:
[  143.618673][    C1]  ffff888115d31700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  143.626657][    C1]  ffff888115d31780: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  143.634552][    C1] >ffff888115d31800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  143.642534][    C1]                             ^
[  143.647226][    C1]  ffff888115d31880: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  143.655161][    C1]  ffff888115d31900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  143.663019][    C1] ==================================================================
[  143.670917][    C1] Disabling lock debugging due to kernel taint
[  143.676985][    C1] ================================================================================
[  143.686151][    C1] UBSAN: array-index-out-of-bounds in kernel/locking/qspinlock.c:130:9
[  143.694213][    C1] index 16382 is out of range for type 'unsigned long[8]'
[  143.701140][    C1] CPU: 1 PID: 60 Comm: kworker/1:2 Tainted: G    B             5.15.176-syzkaller-00066-gd1a25a6a4b3b #0
[  143.712265][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  143.722249][    C1] Workqueue: wg-crypt-wg1 wg_packet_tx_worker
[  143.728147][    C1] Call Trace:
[  143.731269][    C1]  <IRQ>
[  143.733961][    C1]  dump_stack_lvl+0x151/0x1c0
[  143.738582][    C1]  ? io_uring_drop_tctx_refs+0x190/0x190
[  143.744040][    C1]  ? kvm_sched_clock_read+0x18/0x40
[  143.749159][    C1]  ? sched_clock+0x9/0x10
[  143.753332][    C1]  ? sched_clock_cpu+0x18/0x3b0
[  143.758059][    C1]  dump_stack+0x15/0x20
[  143.762011][    C1]  __ubsan_handle_out_of_bounds+0x118/0x140
[  143.767940][    C1]  __pv_queued_spin_lock_slowpath+0xb9d/0xc40
[  143.773830][    C1]  ? asm_common_interrupt+0x27/0x40
[  143.779053][    C1]  ? __pv_queued_spin_unlock_slowpath+0x310/0x310
[  143.785284][    C1]  ? kasan_check_range+0x293/0x2a0
[  143.790245][    C1]  _raw_spin_lock+0x139/0x1b0
[  143.794810][    C1]  ? _raw_spin_trylock_bh+0x190/0x190
[  143.799955][    C1]  ? cpu_map_generic_redirect+0x1a8/0x6d0
[  143.805507][    C1]  ? cpu_map_generic_redirect+0x1a8/0x6d0
[  143.811063][    C1]  cpu_map_generic_redirect+0x1d5/0x6d0
[  143.816459][    C1]  ? bpf_prog_run_generic_xdp+0x965/0x1070
[  143.822098][    C1]  ? cpu_map_enqueue+0x370/0x370
[  143.826964][    C1]  xdp_do_generic_redirect+0x3df/0xb40
[  143.832271][    C1]  do_xdp_generic+0x50b/0x7c0
[  143.836859][    C1]  ? generic_xdp_tx+0x490/0x490
[  143.841547][    C1]  ? migrate_disable+0xd9/0x190
[  143.846231][    C1]  __netif_receive_skb_core+0x1706/0x3640
[  143.851792][    C1]  ? set_rps_cpu+0x5e0/0x5e0
[  143.856211][    C1]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[  143.861856][    C1]  __netif_receive_skb+0x11c/0x530
[  143.866889][    C1]  ? deliver_ptype_list_skb+0x3b0/0x3b0
[  143.872274][    C1]  ? __kasan_check_write+0x14/0x20
[  143.877214][    C1]  ? _raw_spin_lock+0xa4/0x1b0
[  143.881816][    C1]  ? _raw_spin_trylock_bh+0x190/0x190
[  143.887027][    C1]  process_backlog+0x31c/0x650
[  143.891624][    C1]  __napi_poll+0xc4/0x5a0
[  143.895791][    C1]  net_rx_action+0x47d/0xc50
[  143.900215][    C1]  ? net_tx_action+0x550/0x550
[  143.904851][    C1]  ? __sched_clock_gtod_offset+0xb0/0x100
[  143.910732][    C1]  handle_softirqs+0x25e/0x5c0
[  143.915515][    C1]  __do_softirq+0xb/0xd
[  143.919578][    C1]  do_softirq+0xf6/0x150
[  143.923661][    C1]  </IRQ>
[  143.926514][    C1]  <TASK>
[  143.929297][    C1]  ? __local_bh_enable_ip+0x80/0x80
[  143.934429][    C1]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[  143.940325][    C1]  __local_bh_enable_ip+0x75/0x80
[  143.945185][    C1]  _raw_read_unlock_bh+0x29/0x30
[  143.949966][    C1]  wg_socket_send_skb_to_peer+0x178/0x1d0
[  143.955511][    C1]  wg_packet_tx_worker+0x1e6/0x530
[  143.960457][    C1]  process_one_work+0x6bb/0xc10
[  143.965143][    C1]  worker_thread+0xad5/0x12a0
[  143.969905][    C1]  kthread+0x421/0x510
[  143.973844][    C1]  ? worker_clr_flags+0x180/0x180
[  143.979483][    C1]  ? kthread_blkcg+0xd0/0xd0
[  143.983937][    C1]  ret_from_fork+0x1f/0x30
[  143.988157][    C1]  </TASK>
[  143.991130][    C1] ================================================================================
[  144.000305][    C1] general protection fault, probably for non-canonical address 0xe010f4fb9f81ff59: 0000 [#1] PREEMPT SMP KASAN
[  144.011769][    C1] KASAN: maybe wild-memory-access in range [0x0087c7dcfc0ffac8-0x0087c7dcfc0ffacf]
[  144.020881][    C1] CPU: 1 PID: 60 Comm: kworker/1:2 Tainted: G    B             5.15.176-syzkaller-00066-gd1a25a6a4b3b #0
[  144.031984][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  144.041881][    C1] Workqueue: wg-crypt-wg1 wg_packet_tx_worker
[  144.047789][    C1] RIP: 0010:__pv_queued_spin_lock_slowpath+0x2f3/0xc40
[  144.054465][    C1] Code: 74 1e 48 89 4c 24 10 48 8b 7c 24 10 e8 26 98 5d 00 48 8b 4c 24 10 48 ba 00 00 00 00 00 fc ff df 4c 03 21 4c 89 e0 48 c1 e8 03 <80> 3c 10 00 74 12 4c 89 e7 e8 9f 98 5d 00 48 ba 00 00 00 00 00 fc
[  144.073912][    C1] RSP: 0018:ffffc900001d05c0 EFLAGS: 00010206
[  144.079808][    C1] RAX: 0010f8fb9f81ff59 RBX: ffff8881f7138ad4 RCX: ffffffff86285820
[  144.088149][    C1] RDX: dffffc0000000000 RSI: 0000000000000002 RDI: 00000000ffffffff
[  144.095954][    C1] RBP: ffffc900001d06b0 R08: ffffffff8141a99b R09: 0000000000000003
[  144.104373][    C1] R10: fffffbfff0e9a84c R11: dffffc0000000001 R12: 0087c7dcfc0ffac9
[  144.112267][    C1] R13: 1ffff11022ba6200 R14: 1ffff1103ee27159 R15: ffff888115d31004
[  144.120088][    C1] FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  144.129089][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  144.135595][    C1] CR2: 00007ffe30230ff8 CR3: 0000000124619000 CR4: 00000000003506a0
[  144.143409][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  144.151347][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  144.159956][    C1] Call Trace:
[  144.163051][    C1]  <IRQ>
[  144.165744][    C1]  ? __die_body+0x62/0xb0
[  144.169912][    C1]  ? die_addr+0x9f/0xd0
[  144.173934][    C1]  ? exc_general_protection+0x311/0x4b0
[  144.179284][    C1]  ? asm_exc_general_protection+0x27/0x30
[  144.184836][    C1]  ? check_panic_on_warn+0x5b/0xb0
[  144.189793][    C1]  ? __pv_queued_spin_lock_slowpath+0x2f3/0xc40
[  144.195861][    C1]  ? asm_common_interrupt+0x27/0x40
[  144.201011][    C1]  ? __pv_queued_spin_unlock_slowpath+0x310/0x310
[  144.207227][    C1]  ? kasan_check_range+0x293/0x2a0
[  144.212176][    C1]  _raw_spin_lock+0x139/0x1b0
[  144.216686][    C1]  ? _raw_spin_trylock_bh+0x190/0x190
[  144.221896][    C1]  ? cpu_map_generic_redirect+0x1a8/0x6d0
[  144.227447][    C1]  ? cpu_map_generic_redirect+0x1a8/0x6d0
[  144.233526][    C1]  cpu_map_generic_redirect+0x1d5/0x6d0
[  144.238907][    C1]  ? bpf_prog_run_generic_xdp+0x965/0x1070
[  144.244550][    C1]  ? cpu_map_enqueue+0x370/0x370
[  144.249414][    C1]  xdp_do_generic_redirect+0x3df/0xb40
[  144.254704][    C1]  do_xdp_generic+0x50b/0x7c0
[  144.259216][    C1]  ? generic_xdp_tx+0x490/0x490
[  144.264011][    C1]  ? migrate_disable+0xd9/0x190
[  144.268686][    C1]  __netif_receive_skb_core+0x1706/0x3640
[  144.274248][    C1]  ? set_rps_cpu+0x5e0/0x5e0
[  144.278939][    C1]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[  144.284594][    C1]  __netif_receive_skb+0x11c/0x530
[  144.289599][    C1]  ? deliver_ptype_list_skb+0x3b0/0x3b0
[  144.296350][    C1]  ? __kasan_check_write+0x14/0x20
[  144.303352][    C1]  ? _raw_spin_lock+0xa4/0x1b0
[  144.308813][    C1]  ? _raw_spin_trylock_bh+0x190/0x190
[  144.314739][    C1]  process_backlog+0x31c/0x650
[  144.320903][    C1]  __napi_poll+0xc4/0x5a0
[  144.326078][    C1]  net_rx_action+0x47d/0xc50
[  144.330481][    C1]  ? net_tx_action+0x550/0x550
[  144.335078][    C1]  ? __sched_clock_gtod_offset+0xb0/0x100
[  144.340639][    C1]  handle_softirqs+0x25e/0x5c0
[  144.345331][    C1]  __do_softirq+0xb/0xd
[  144.349947][    C1]  do_softirq+0xf6/0x150
[  144.354863][    C1]  </IRQ>
[  144.357869][    C1]  <TASK>
[  144.360563][    C1]  ? __local_bh_enable_ip+0x80/0x80
[  144.365595][    C1]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[  144.371417][    C1]  __local_bh_enable_ip+0x75/0x80
[  144.376448][    C1]  _raw_read_unlock_bh+0x29/0x30
[  144.381239][    C1]  wg_socket_send_skb_to_peer+0x178/0x1d0
[  144.386779][    C1]  wg_packet_tx_worker+0x1e6/0x530
[  144.391749][    C1]  process_one_work+0x6bb/0xc10
[  144.396781][    C1]  worker_thread+0xad5/0x12a0
[  144.402913][    C1]  kthread+0x421/0x510
[  144.406804][    C1]  ? worker_clr_flags+0x180/0x180
[  144.411744][    C1]  ? kthread_blkcg+0xd0/0xd0
[  144.417068][    C1]  ret_from_fork+0x1f/0x30
[  144.421302][    C1]  </TASK>
[  144.424557][    C1] Modules linked in:
[  144.428458][    C1] ---[ end trace 2ecb828003406d55 ]---
[  144.433832][    C1] RIP: 0010:__pv_queued_spin_lock_slowpath+0x2f3/0xc40
[  144.440918][    C1] Code: 74 1e 48 89 4c 24 10 48 8b 7c 24 10 e8 26 98 5d 00 48 8b 4c 24 10 48 ba 00 00 00 00 00 fc ff df 4c 03 21 4c 89 e0 48 c1 e8 03 <80> 3c 10 00 74 12 4c 89 e7 e8 9f 98 5d 00 48 ba 00 00 00 00 00 fc
[  144.462258][    C1] RSP: 0018:ffffc900001d05c0 EFLAGS: 00010206
[  144.468927][    C1] RAX: 0010f8fb9f81ff59 RBX: ffff8881f7138ad4 RCX: ffffffff86285820
[  144.477177][    C1] RDX: dffffc0000000000 RSI: 0000000000000002 RDI: 00000000ffffffff
[  144.484959][    C1] RBP: ffffc900001d06b0 R08: ffffffff8141a99b R09: 0000000000000003
[  144.492855][    C1] R10: fffffbfff0e9a84c R11: dffffc0000000001 R12: 0087c7dcfc0ffac9
[  144.500660][    C1] R13: 1ffff11022ba6200 R14: 1ffff1103ee27159 R15: ffff888115d31004
[  144.509439][    C1] FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  144.518222][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  144.524792][    C1] CR2: 00007ffe30230ff8 CR3: 0000000124619000 CR4: 00000000003506a0
[  144.532733][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  144.540664][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  144.548466][    C1] Kernel panic - not syncing: Fatal exception in interrupt
[  144.556194][    C1] Kernel Offset: disabled
[  144.560683][    C1] Rebooting in 86400 seconds..