last executing test programs:

4.871457488s ago: executing program 1 (id=4323):
r0 = socket$inet(0x2, 0x2, 0x1)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000240)='kfree\x00', r1}, 0x10)
sendmsg$inet(r0, &(0x7f0000000100)={&(0x7f0000000000), 0x10, &(0x7f0000000700)=[{&(0x7f0000000080)="080064d02a780996", 0x8}], 0x1, &(0x7f0000000680)=[@ip_retopts={{0x10}}], 0x10}, 0x0)

4.764844391s ago: executing program 1 (id=4324):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000090000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
close(r1)

4.721448165s ago: executing program 1 (id=4325):
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10, &(0x7f0000000680), 0xfe, 0x247, &(0x7f0000000c00)="$eJzs3T1oLFUYBuB3ZneNuXeRqzaC+AMiooFw7QSba6MQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFjZnURishp1484l8zwwmZ+cM98Zdt6z28xugMa6kuRaklaSqSSdJMXxBndXy5XD3fXJ7fmk13vip2LQrtqvHPW7nGQtyUNJtsoiL7WTlc1n9n7Zeey+N5c7976/+fTkWC/y0P7e7uMH782+8dHMgytffPXDbJFr6f7pus5fMeRYu0hu+T+KXSeKdt0j4J+Ye+3Dr/u5vzXJPYP8d1KmevHeWrphq5MH3v2rvm//+OXt4xwrcP56vU7/PXCtBzROmaSbopxOUm2X5fR09Rn+m9al8uXFpVenXlxcXnih7pkKOC/dZPfRTyY+vnwi/9+3qvwDF1c//0/ObXzb3z5o1T0aYCzuqFb9/E89t3p/5B8aR/6hueQfmkv+obnkH5pL/qG55B8ujIlTRzp/30H+obnkH5pL/qG5jucfAGiW3kTdTyADdal7/gEAAAAAAAAAAAAAAAAAAE5bn9yeP1rGVfOzd5L9R5K0h9VvDX6POLlx8PfSz0W/2R+KqttInr1rxBOM6IOan76+6bt6639+Z731VxeStdeTXG23T99/xeH999/dfMb/O8+PWOBfKk7sP/zUeOuf9NtGvfVndpJP+/PP1WHzT5nbBuvh80/37K9YPtMrv454AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMbm9wAAAP//dCltUw==")
mkdir(&(0x7f0000000380)='./file0\x00', 0x0)
r0 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x4}, 0x18)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000600)=@v2={0x2, @aes256, 0x9a7d7ccc88c59336, '\x00', @auto="f5c281071167b68cb05dc7d99da82c08"})

4.408887961s ago: executing program 1 (id=4326):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@bridge_setlink={0x30, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@IFLA_AF_SPEC={0x8, 0xc, 0x0, 0x0, [@AF_BRIDGE={0x4}]}, @IFLA_AF_SPEC={0x8, 0x1a, 0x0, 0x1, [@AF_INET6={0x4, 0x4}]}]}, 0x30}}, 0x0)

4.408452991s ago: executing program 3 (id=4327):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000880)='net_dev_xmit\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e01f3440cee51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cad32b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337602d3e5a815232f5e16c1b30c3a6abc85018e5ff2c91018afc9ffc2cc788bee1b47683db012469398685211dfbbae3e2ed0a50e7393bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d300006aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7af22e30d46a9d26d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977fb536a9caab37d9ac4cfc1c7b400000000000007ffc826b956ba859ac8e3c177b91bd7d5e41ff83ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d000069a16203a967c1bbe09315c29877a308bcc87dc3addb08142bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8240000e3428d2129369ee1b85af9ffffff0d0df414b315f651c8412392191fa83ee830548f11be359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92000000000f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb74d4ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905de328c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a978ee56c83a3466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342e0eaf6f330e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea95ec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf81700cd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be3827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f969369de47422604e2fc5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293b6c833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b612272d40f522d8c98c879aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbe71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd46dbd61627a2e0a74b5e6aefb7eee403502734137ff47a57f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a125e3af1130d66a7b66837ae7e7123dde7404a067ad0a6a2d6bec9411b61cad4121be3c72ff3a04713042253d438e7becf8120de3895b8ce974958bde39cb8da3427a2e9e2de936431e67fed5ab5684db07de39083d8948cc4c8a2608100000000000000000000aecb8b0b7941088f971ce17427eec32a012295cc0cdd32955176b6ad5a4bb953e58ccfa9428f452cfb5a48a9fda26db3985c8be3c2f99827da074825b01c4a3a71fb59d5798100000000000000c76b05a45d2dd8c20d971e2f3e4369168f5cb83d6ff3a18733fec726034fbfa95624135bee374414b2c8c61f52357a520efd6a10aff244bc8a62ed367981fb4d5d77f7bc093958ff46527499957da4934cd4b370cf76f72dd05fa80cdfb68c836fd81be7a58532e041a87f9222f157610a4bcdc05b2a55308c8e7568b90f7a338557e816a16972aea79dff5becefa6f9c5ce6c58fb38da9e7532dc53cfdc2e789b76f7d32aca1bfea2aa62621b78dded30fc07171866bf3d552900000000a32dda61eeda1750e157c2d569b9d08f583c0ee28daec2e8bb85f3c8e91c4448096ee953def18dc73e55cb30f9cd069d8780b00eaba382f0c3ae391c30a5f1b0f36dd0c2193b791995d2890327a10d7abac76d1202f72e97f0105184d7aaaab8d3e29c9a8d263f076b55cf53c5bb9c0662a3d19a6722d7f83ae4331d3256f90af0857788b380ccc3b266c418e66d1d756d5df6423dd0cea67bc235d3776d22270fc19301ead09f156893e9"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03316844268cb89e14f0080047e0ffff00124000632f77fbac14fe16e000030a07080403fe80000020006558845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x24, 0x60000000}, 0x2c)

4.237495221s ago: executing program 1 (id=4328):
syz_mount_image$f2fs(&(0x7f0000010600), &(0x7f0000010640)='./file0\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="00add821dea478c008e5c2cee2c62442bdfb2c3b387492982dbd3bc10bff08e47b9f8fa46aae46c81799af2877db439a136248124cecd3c1b6a5bb456b8a3f3cd39be96babc684f3934152a375b2e820541fdcbb7e613b7ddbe72066c3ad004dce9c97970bc3a0eeac6c928fff943d55ec6526701eaa44af9e0700d20e6389747546fc47cb9418c6b7a7daa4c5cb0c296e67a64849a53d820a453d6014f3dd310f6699613e5677e7c28ee5368e9b777af56b76ed83032b78e5852211b255b56fbdfb188a47cedd6b5de523ccc05ef82d3c1368f13d0bdb23c7e2e07b4a9e97fe7c48385b89a6e6ee3f0311b47a1d96a6b18b1063976cac79e916fe5f5ef0297dbcbb53158bbcdd1afaabc85588d403183c66f9fad5cd9ce1cf64cd9a06d83229c04dad708611b40d711e812f67dfa7b92bd21f3ebc2708c49e33dfa4509f851d602d349203d43df966043e0029a1cd588d3a05251243a1b5a7c32a65c0ca2cddaf560145244a7977099b0794b516dd7bb0a6437d183fa09176f37b2f77e42215ca79658309798efa4ee5023d5e77fa6728d6182eff8b2a5663312c8278588b24970324804023366557778f284c87b9e3da2dfcb1368453f9fe94c86b00"/457], 0x1, 0x105df, &(0x7f00000106c0)="$eJzs3L9vG+UfB/CPm29/fkuJUH8wgDgJISUStuIkrWBBAVoBUlNFFAYmcOyL5db2RbGTmC4sMCAxsfBPMMHfwAI7KyxsLCCxVYB8d0ENdADixqV5vaTL+7nHz338PJaXxxddAEfWbPLLz5U4F6cjYiYizkbk7Up55FaKeDIinomIY/cclbL/j44TEXEmIs6Nixc1K+VLT/169/svvrn+9MffffrtB5/9dHN6qwam7bmI6G0W7d1ekVm7yFtlf2Onk2dveafM4oXe7fI8K3I3Xc8r7Db2xjXyXGoX47PN7cE4N7qN5jjbnY28f7NfvOFgp71XJ7/gVmMrP2+l63l2Blme7TvFvEZl3hkMizqtst77efkYDvey6E9HabGezdt5NvvDsr+om7XS0Th3yizfLppZt5XPY/1ff8wPveud/vYo2Um3Bp2sn1yu1V+o1a9U61tZKx2my9VGr3VlOZlrd8fDqsO00VtpZ1m7m9aaWW8+mWs3m9V6PZm7mq53Gv2kXq8t1Raql+fL1vPJazfeTrqtZG6cr3T628NOd5BsZFtJccV8slhbenE+ebae3FxdS9bevHZtde2td6++c+Pl1TdeLQf9ZVrJ3OLC4mK1vlBdrM9b/0GMKge7niPO9wfgH7P/B6bB/t/+P+x/j/z67f85EN8fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAj64fjX76eN2aL8/+X/Y+VXU9ExKWIuBgRFyLit/uYiRP7ap6PiErZvt/443+aw1eVyCuMrzlZHmciYqU87j7+oD8FAAAAeHR9/vWHH0XMjJv5n5emPSEOU/mjzalJ1ct/8vnfpKqdz4uNJlTtwl7JibgYEcdnf5xQtUsRcezsexOq9rfM7ItT90SliGOHORsAAOBw7N8JTGz3BgAAwEPnk2lPgOnI79eW/4tf3gs+WUR5Q/D0vjMAAADgP6gy7QkAAAAAD1y+//f8PwAAAHi0Fc//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA39m5m9vEgSgO4A9YL+yXFq34aIXTao8cKGJLyDEFJN3kRg2REHWQW0qIIMKeSHHEIZLHOEG/n2RmbMFfz9yexxoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgTQ/Fenm3vbltmrM/NJPnbgAAAIBTdsV6WU7G1fmPdP1XuvQnIuYRMYuIaUSc6t0H8bWWOYmIXpqf+n7xpob7iDLh+JthOr5HxL90PP1u+18AAACAy7XdLFYRg+O0/PjbdUGcU3poM8qVVz7y+ZIrbVKGXWdKm75EZjGLiGL8mCltHhH9n/8zpb3LoDaMXg29auifsxoAAOA86p1Atu4NAACAD+eq6wLoRrlem97FT2vBw2pIC4LfamcAAADAJ9TrugAAAACgdWX/b/8/AAAAuGzV/n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC0aVesl9vNYtU0Z39oJs/dAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDM/ryjQAiEQRjsXd93Grz/saRBU1OTKhA+/sZgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBif+5OIASCIAz2nf85LeYfljRoDCJUwcLHDPOwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF/0u1/+T0yNM8ncaWPpeCRZu2psXTX2HjSOHoy3fwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirswIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2J9724SBMI7Dry+JErfJCOmtBGagoUIwAh8SkiXPwAAsRENFa7EIrAASnGs6U/A8zf9XXHEvAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8JouD1+8RUQRqcsUabz5Ob1HxEekbduOPm9Z7M7H5uues/1hkvM7pr9lRJRR9HEOAEDvqm5zrNb18i/vf95B3mHeat7Ui2d+GgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4MrO/bxE8cZxAH92dff7tVuXDlFQFiRErT8QV/FSFFjQP+Bt0U2ktUQ9pARhF+kSdOnepUvdPHXqP+jUJaKg7hsURBCEsbsz9pga62VnpdcLnpmPwzDzPHMQ3vMZBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOpL4ezqd1LoRwvPd33fD2y72Zvfb1+8dG0/Ho5PPF+JqNSxRCCDfna9XBDq6lm50Nw839h88PB+Jn+Od5y6trtyq1WnVJoVAotosMfmkBAHBoFZLRyPUfC5tTjWO5yRC2nu7M/+eiOrSZ/7eeDLyO7xXn/6GOrbC7pfl/+vrGxN/yf2llYbG0vLp2YX6hMledq94eGhsfGxwpjw6PlZrvU0reqgAAALC/YjLi/J+f3N3/PxLVoc38/+rlten4Xj3y/y5p/r/c3/+svf5/BpMEAAD4Rxw99e1rbo/juWIx3K2srCwNtbbbPw+3thlM9cD+S0ac/3sms54VAAAA0An19dyO/v9sVIc2+//vv185EV+zJ4TQl/T/L87cqc12bjldK+3/T1yq3Mj67/8zWD4AAAAd0peMuP9faH7/nz+dnpMPIQycadXJvwFsK///fDD+Jr5X/P3/SOeW2JXy5dbzSPP/xrsX8/vl/+a55RB6yxlNFgAAgEPv/2Q08v+nwubU0o/HV4u+/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4xY4dozQTRHEAn2ST72sUA4JYWmhjISoIVgELQeIhLERB8AgB8QAKnsXCO4ikTkoPkMIbyEx2JGyjguxq+P1g8n+ETfbtTJMXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgE9Nj8JGrov40pvV7fK98dvwPOakkumzN2sHccW6VW/bf856mc+T06fx3B62DpvrCQAAgMVT5Pk+hPDafTyJ2e6n+X8rXxNn/uHyrM7zfHXuz5ln/7iWHoqzjxv1ZvfphhAur64vdmt7wt9tM+ynHLxs38/vYfW6lS98VyedT/qHpkjH1h7crk67addbd6PR8b9U/v/5pwAAvmsnZ1nk30cx95psDICF1SlXmJv/i36zPQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADU4T0AAP//XHWQwg==")
unlink(&(0x7f0000000100)='./file1\x00')
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
rename(&(0x7f0000000e00)='./file0\x00', &(0x7f0000001080)='./file1\x00')

4.130951683s ago: executing program 3 (id=4330):
r0 = socket$inet6(0xa, 0x3, 0x7)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x380000, @loopback}, 0x1c)
sendmsg$inet6(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[], 0xf}, 0x6b87bd76ddbcbbe)

4.040480774s ago: executing program 3 (id=4331):
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000014da2108ab1204000000000000010902240001b30000040904410017ff5d810009050f1f0504000000090583"], 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000340), 0x3f, 0x0)
ioctl$EVIOCGABS3F(r0, 0x8018457f, &(0x7f00000000c0)=""/52)

3.98782087s ago: executing program 0 (id=4332):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0x0, &(0x7f00000001c0)={[{}, {@minixdf}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x9}}, {@data_err_abort}, {@grpquota}, {@noinit_itable}, {@quota}, {@errors_remount}, {@acl}]}, 0xff, 0x46b, &(0x7f0000000800)="$eJzs289rHFUcAPDvzG762ybW+qO11WgVgz+SJq3agxdF0YOCoId6jElaareNNBFsKRpF6lEK3sWj4F/gyZOoJ8Gr4sWDFIoWoVUEV2Z3Js1ud9P82GRj9/OBad/beTvvfXnzZt7OywTQswazf5KIHRHxU0T017ONBQbr/127cn7iryvnJ5KoVl/7PamVu3rl/ERRtPje9jwzlEakHyV5JY1mzp47OV6pTJ3J8yOzp94emTl77okTp8aPTx2fOj125Mivh0affmrsyY7EmbXp6t73pvfteemNi69MHL345ndfZu29a399/8I4OmUwC/yPak3zvoc7XVmX/Vu9HmdS7nZrWKpSRGTd1Vcb//1Riuud1x8vfNjVxgFrKrtmb26/e64K3MKS6HYLgO4obvTZ799iW6epx4Zw+dn6D6As7mv5Vt9TjjQv07eG9Q9GxNG5vz/Ltmh6DlFt8dwAAGC1vs7mP4/fOP+rrY0sKJfka0MDEXF7ROyKiDsiYndE3JmXvTsi7llm/c1LQzfOP9NLKwxtSbL53zP52lbj/K+Y/cVAKc/dVou/Lzl2ojJ1MCJ2RsRQ9G3O8qOtDl4c4vkfP2lX/8L5X7Zl9Rdzwfwgl8rzD+iqWVNicnx2vFOT0ssfROwtt4o/mV8JyPp+T0TsXd6hdxaJE49+sa9doZvHv4gOrDNVP494pN7/c9EUfyFpsz55uL4+ObIlKlMHR4qz4kbf/3Dh1Xb1ryr+Dsj6f1vj+d9Uov/PZOF67czy67jw88dtf1OWl3X+12Xn/6bk9dqa9ab8s3fHZ2fPjEZsSl6u5Rs+H7v+3SJflM/iHzrQevzvyr+TxX9vRGQn8f6IuC8i7s/77oGIeDAiDiwS/7fPPfRWu30bof8nW17/5s//gcb+X36idPKbr9rVv7Tr3+Faaij/pHb9u4n2zdmSl1jp2QwAAAD/P2lE7IgkHZ5Pp+nwcP3v5XfHtrQyPTP72LHpd05P1t8RGIi+tHjS1b/geehoMpcfsZ4fy58VF/sP5c+NPy1treWHJ6Yrk12OHXrd9jbjP/NbqdutA9ac97WgdzWP/7RL7QDWn/s/9C7jH3qX8Q+9q9X4f78pby0Abk3u/9C7jH/oXcX4/6fL7QDWn/s/9KTVvNe/VonyIm/vb9TE1o3RjHVMRLohmiHRIlHc0F/8ZeXH6fKFCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoEP+CwAA//87LfR5")
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB='\x00'/15, @ANYRES32=0x0, @ANYRES32], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000340)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000100)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
syz_emit_ethernet(0xe, &(0x7f0000000580)={@local, @empty, @void, {@generic={0x16}}}, 0x0)
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file1\x00', 0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="00ea2eb34e7ea51c9446c55a2d1e0be39af9faf44ad59cb6ad1c94490d970e811439edddc71c9b18946b559ce53bee0a1abe562fc3f3898e5826eda1962cf6e3c4c0ade52151923a70b46eacfc1aaaebcf156e549e884bcabc1333f344f31cd30cd93cb2814e0dbc24a7a107e295e86e09283c825fe177c89c6385f68f2c843cffffffff15539bab6142ceed9265ba989d1a283fc4ffc83f3a7a6c746823e656ad78f3b5a336cdbd83dad59e0debb36b4ea5e658e253f01637cc03f704a08019f95b92fffffffff8dd21552d6967ab1b01e5d52a5793eb179deee4572770a5197127b090287bca2a4eaa1705b42c16968d0201d3ba3cc8000000657ea095f152b1b6a1e6ad8d24ad17f649ccc23d4ecbcdb5620cc48f95f563c2230f859d196e6c4f00b8e3a7b01fcb1d79dcc09b7a854ec8c31dd27ff9b4a2864e1dcaf719d20b56769d51228ecc1915fb8c8b598c11b3c296b05f9c5355fc6f19a7b28f5ae9a0d0804ccc5716cfac0246ddffa2f12077a02a959aa1b74373c38b2bcc90743b80666eae25dea73e127263b8fdbc64fe862b994ca8473d0000000000000000"], 0x2, 0x17d, &(0x7f00000004c0)="$eJzsmD9P6lAYxp/TciH35iY6u2giCTBY2qJGBgdmB038FzeJVIIWMdBB2PwUzn4CZ+JC4sfQQZ1ccHNyqGl7gAP+HdTE+PyG9zzv6dvTc94mT5OCEPJrub15uD5LJS90AP+RRELO3+mDGk2pb489Zi4ry+cn5v1Vu7OUH11PAPD9jz8/BqBT0OHJ3PeH707KcQ1aX69DQ0bqTQgYUm9Dw4bUDgS2pN5TdC2oN4zdiusYOzW3FAgzCFYQ7CDkRvfXPRYoKfsTyvVGs7VfdF2n/oXivf51CxoWlf2p76vXG1PpnwUNltQ5CKxKvYBErzdRS5TzT8QG6+vffH4KCoqfJgb+5J8KpBR/iin+kfWqh9lGszVTqRbLTtk5sO3cvDlrmnN2NjSiKL7hf39Df/qnrP/nldq4iOOo6Hl1K4r93I7iS44bD/1PQ3o6yoWcUwm/B+NiKhjSuswJIYQQQgghhBBCCCHk05mECP+CDpF/NmWvhNVPAQAA//94vnZt")
r5 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
open(&(0x7f0000000200)='./bus\x00', 0x141042, 0x0)
fchownat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x400)
pwritev2(r5, &(0x7f0000000100)=[{&(0x7f0000000240)="c1", 0x1}], 0x1, 0x0, 0x0, 0x0)

2.394000324s ago: executing program 3 (id=4339):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x5, 0x401d031, 0xffffffffffffffff, 0x0)
mlock(&(0x7f0000a74000/0x1000)=nil, 0x1000)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
r1 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x0)
fadvise64(r1, 0x2, 0x10001, 0x3)
syz_usb_disconnect(r1)
r2 = syz_usb_connect$cdc_ecm(0x0, 0x56, &(0x7f0000000200)=ANY=[@ANYBLOB="12010000020000082505a1a4400000000101090244000101000000090400000002060000052406000005240000000d240f010000000000000000000905810340000000000905820200000000000905030200040000000d01a8e9d1bcdc72fff26a62281a4aa7f9d40bcaa69a74dcd70920911554b7bd21118a9c11f1a0c0bad53fa9e8daf11aba01a89741cde4e3dedf388553e7f2a3fd51000000000000001484cddb0fb94fa26dc978b02f0eb4611de088b39a5db31e02c4e1dcd5a38670"], 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
close_range(r1, r0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
getpid()
socketpair$unix(0x1, 0x3, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x2000000000000320, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
close(r3)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x19, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000380)=ANY=[@ANYRES32=r3, @ANYRES64=r2, @ANYBLOB="160000006aac44ee04000000", @ANYRES32=0x0, @ANYBLOB="e927f2a73b7f9519e79c1cc5c7810f02b2f7c5822070c481731454c7aee669a389", @ANYRES64=0x0], 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000070000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r5 = getpid()
process_vm_readv(r5, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
ioctl$EVIOCRMFF(r1, 0x4004550d, 0x0)

2.091713148s ago: executing program 1 (id=4340):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000340)=ANY=[@ANYBLOB="120100009e173610ef171e7206de010203010902"], 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000000000008500000050000000850000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000007c0)={0x1c, &(0x7f0000000840)={0x40, 0x16, 0x4, "0fc11fe3"}, 0x0, 0x0})

1.811469521s ago: executing program 2 (id=4342):
r0 = syz_io_uring_setup(0x27f3, &(0x7f0000000340), &(0x7f00000000c0), &(0x7f0000000100))
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000640000000f000000c5000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r1}, 0x10)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x3, 0x20000000, 0x0)

1.73076475s ago: executing program 2 (id=4343):
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
r0 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
write$selinux_attr(r0, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)
socketpair(0xf, 0x3, 0x2, &(0x7f00000001c0))

1.616273853s ago: executing program 2 (id=4344):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@delchain={0x740, 0x65, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x4}, {0xffe0}}, [@filter_kind_options=@f_u32={{0x8}, {0x6dc, 0x2, [@TCA_U32_LINK={0x8, 0x3, 0x3f5}, @TCA_U32_FLAGS={0x8, 0xb, 0x5}, @TCA_U32_INDEV={0x14, 0x8, 'veth1_to_bridge\x00'}, @TCA_U32_ACT={0x6b4, 0x7, [@m_mpls={0xa0, 0x16, 0x0, 0x0, {{0x9}, {0x3c, 0x2, 0x0, 0x1, [@TCA_MPLS_PROTO={0x6, 0x4, 0x6005}, @TCA_MPLS_LABEL={0x8, 0x5, 0x38993}, @TCA_MPLS_TC={0x5, 0x6, 0x4}, @TCA_MPLS_LABEL={0x8, 0x5, 0xbc27b}, @TCA_MPLS_TC={0x5, 0x6, 0x2}, @TCA_MPLS_TTL={0x5, 0x7, 0x1}, @TCA_MPLS_LABEL={0x8, 0x5, 0xf80e6}]}, {0x39, 0x6, "612d3699db034f8f08430151bfb3f0819c1d44301a821ce1a7e2fcd26a93322f414a08eb783ba01be15256ed15fc2fa03568c8552b"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x3}}}}, @m_mirred={0x160, 0x1e, 0x0, 0x0, {{0xb}, {0x64, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x8, 0x7, 0x20000000, 0xffff, 0x6}, 0x1}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x3, 0x7, 0x8, 0x8, 0x401}, 0x2}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x3a61, 0x5a68ce02, 0x0, 0x2eca, 0x5}, 0x3}}]}, {0xd1, 0x6, "71558f82c797ed40aa96cae0561caac80e37421fbe6b5847795e9152419bd6e36082801f37e53ccbea50d8b4e7d6d4cd06cec76ec462499bdf122811144a51b56146738d4d25cbd285f2e729dbbe3c6137f7cd123b784cfddefd732ecc306f6cd0dc9c82fffc866125185fd50c16a59b8228811ffa42a3fc06ae6c491841f2d3b022b410d20071f23972ad211e8d088570180a0b72ec30b207b439e9499530f5ed3add294c6979c4716758179993cb396d1a9e8371981dc62a436962aa697442d2123e008f091efa1ef638699b"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x2}}}}, @m_bpf={0xb8, 0xb, 0x0, 0x0, {{0x8}, {0x14, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x5}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x6}]}, {0x7d, 0x6, "41aded84741ae0ad62644bf1bcd133afd532ca829ac6bda1bb5ef9fa93873a30f5d3e7c176e9df8b4cd9294006f3b071f6f02d14812ffa5cddbb03a1310a0ea81c2fcf52aedcdea451b78b010e5bcb69df46195784d5f23b7684f1f9cb0d1990615f2a605f5835cc5c16bc790a705509f99537287825cfde87"}, {0xc}, {0xc, 0x8, {0x3, 0x3}}}}, @m_xt={0xb4, 0x15, 0x0, 0x0, {{0x7}, {0x64, 0x2, 0x0, 0x1, [@TCA_IPT_HOOK={0x8}, @TCA_IPT_HOOK={0x8, 0x2, 0x7}, @TCA_IPT_INDEX={0x8}, @TCA_IPT_TABLE={0x24, 0x1, 'raw\x00'}, @TCA_IPT_TABLE={0x24, 0x1, 'mangle\x00'}]}, {0x29, 0x6, "7cc4d4d8913023393152cf1483893cb72022204afc5a3c78451fb35e595b70d04ef5495ca4"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x2}}}}, @m_ct={0x70, 0xb, 0x0, 0x0, {{0x7}, {0x30, 0x2, 0x0, 0x1, [@TCA_CT_MARK={0x8, 0x5, 0x400}, @TCA_CT_ZONE={0x6, 0x4, 0x4}, @TCA_CT_NAT_PORT_MAX={0x6, 0xe, 0x4e24}, @TCA_CT_LABELS_MASK={0x14, 0x8, "097b3d39beb12e12ca7970f0c2b46dae"}]}, {0x19, 0x6, "3b8dd99ff628f0e136ea03ee3bb7e4eb97a588c1fa"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_ct={0x90, 0x1f, 0x0, 0x0, {{0x7}, {0x68, 0x2, 0x0, 0x1, [@TCA_CT_ACTION={0x6, 0x3, 0x7}, @TCA_CT_NAT_IPV4_MIN={0x8, 0x9, @initdev={0xac, 0x1e, 0x0, 0x0}}, @TCA_CT_ACTION={0x6, 0x3, 0x21}, @TCA_CT_LABELS_MASK={0x14, 0x8, "0600be9e48e760ba6779831df0129d79"}, @TCA_CT_NAT_IPV4_MAX={0x8, 0xa, @local}, @TCA_CT_LABELS_MASK={0x14, 0x8, "e7011bcc7a6b8ee870edb3e1d4364f94"}, @TCA_CT_ACTION={0x6, 0x3, 0x34}, @TCA_CT_LABELS={0x14, 0x7, "d84f053b22a32e873e2676b45f4a0ad9"}]}, {0x4}, {0xc}, {0xc}}}, @m_ctinfo={0x6c, 0xf, 0x0, 0x0, {{0xb}, {0x14, 0x2, 0x0, 0x1, [@TCA_CTINFO_PARMS_CPMARK_MASK={0x8, 0x7, 0x8}, @TCA_CTINFO_PARMS_DSCP_MASK={0x8, 0x5, 0x9}]}, {0x2d, 0x6, "871e4a3093c0e8019f3e85d16b62fbd06858927c4759e03eb68fe380f18d158dfeeec5a54f2e4d1b78"}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}, @m_pedit={0xd8, 0x13, 0x0, 0x0, {{0xa}, {0x4}, {0xa9, 0x6, "13095aa19e3ff97ff1475cc7f6d44e64023e0f07f5503ec93c537ec467da66e10c0670c5424185a4211b985fbb71c90e943fd5ba6989123f51adc29f4d098a5853a725f727bd15293ea587519524ef80fd8af80f756cfebcef3980870a5ae562474c9ec51aaff99d80483e5889203fa14a5bdb050b4f8c23a709ea648f0083bafcaefd2dfdc6e9fd21bd1230b100d95fdedd566e96c84f3a440023eb3e68c8f4ce4718278e"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2}}}}, @m_ct={0x100, 0x2, 0x0, 0x0, {{0x7}, {0x68, 0x2, 0x0, 0x1, [@TCA_CT_NAT_IPV6_MAX={0x14, 0xc, @empty}, @TCA_CT_NAT_PORT_MIN={0x6, 0xd, 0x4e21}, @TCA_CT_NAT_PORT_MAX={0x6, 0xe, 0x4e20}, @TCA_CT_MARK_MASK={0x8, 0x6, 0x3}, @TCA_CT_NAT_IPV6_MIN={0x14, 0xb, @loopback}, @TCA_CT_MARK={0x8, 0x5, 0x1}, @TCA_CT_LABELS_MASK={0x14, 0x8, "0e16c0fbcfd4e59e5f04cfa3cef75f58"}, @TCA_CT_ZONE={0x6, 0x4, 0x40}]}, {0x72, 0x6, "a1f2a4ce007ddd8790543600a2420ec559f8c649a2a9f3d420934096de08ac63d9c315e8dded6fb2508c68041b7a0aaceed27574893969cda1525b9c8934a0e1e629652c69b92b0c6af575f0df47a043720f08c20d25a11fd3d0a1a33bb49821dd083349fa0d176cd4a307e71c04"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3, 0x1}}}}]}]}}, @TCA_RATE={0x6}, @TCA_CHAIN={0x8}, @filter_kind_options=@f_route={{0xa}, {0x1c, 0x2, [@TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_FROM={0x8, 0x3, 0x60}, @TCA_ROUTE4_IIF={0x8}]}}]}, 0x740}, 0x1, 0x0, 0x0, 0x1}, 0x20000810)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x8}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

1.615726934s ago: executing program 2 (id=4345):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0xb, &(0x7f0000000000)=0x40b, 0x4)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)={0x18, r1, 0x1, 0x0, 0x0, {0x23}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x4}]}, 0x18}}, 0x0)

1.571613758s ago: executing program 2 (id=4346):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=@newneigh={0x30, 0x1c, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x18}, [@NDA_DST_IPV6={0x14, 0x1, @rand_addr=' \x01\x00'}]}, 0x30}}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="240000004a00010000000000000000000a000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\b'], 0x24}}, 0x0)

1.549131881s ago: executing program 2 (id=4347):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0x0, &(0x7f00000001c0)={[{}, {@minixdf}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x9}}, {@data_err_abort}, {@grpquota}, {@noinit_itable}, {@quota}, {@errors_remount}, {@acl}]}, 0xff, 0x46b, &(0x7f0000000800)="$eJzs289rHFUcAPDvzG762ybW+qO11WgVgz+SJq3agxdF0YOCoId6jElaareNNBFsKRpF6lEK3sWj4F/gyZOoJ8Gr4sWDFIoWoVUEV2Z3Js1ud9P82GRj9/OBad/beTvvfXnzZt7OywTQswazf5KIHRHxU0T017ONBQbr/127cn7iryvnJ5KoVl/7PamVu3rl/ERRtPje9jwzlEakHyV5JY1mzp47OV6pTJ3J8yOzp94emTl77okTp8aPTx2fOj125Mivh0affmrsyY7EmbXp6t73pvfteemNi69MHL345ndfZu29a399/8I4OmUwC/yPak3zvoc7XVmX/Vu9HmdS7nZrWKpSRGTd1Vcb//1Riuud1x8vfNjVxgFrKrtmb26/e64K3MKS6HYLgO4obvTZ799iW6epx4Zw+dn6D6As7mv5Vt9TjjQv07eG9Q9GxNG5vz/Ltmh6DlFt8dwAAGC1vs7mP4/fOP+rrY0sKJfka0MDEXF7ROyKiDsiYndE3JmXvTsi7llm/c1LQzfOP9NLKwxtSbL53zP52lbj/K+Y/cVAKc/dVou/Lzl2ojJ1MCJ2RsRQ9G3O8qOtDl4c4vkfP2lX/8L5X7Zl9Rdzwfwgl8rzD+iqWVNicnx2vFOT0ssfROwtt4o/mV8JyPp+T0TsXd6hdxaJE49+sa9doZvHv4gOrDNVP494pN7/c9EUfyFpsz55uL4+ObIlKlMHR4qz4kbf/3Dh1Xb1ryr+Dsj6f1vj+d9Uov/PZOF67czy67jw88dtf1OWl3X+12Xn/6bk9dqa9ab8s3fHZ2fPjEZsSl6u5Rs+H7v+3SJflM/iHzrQevzvyr+TxX9vRGQn8f6IuC8i7s/77oGIeDAiDiwS/7fPPfRWu30bof8nW17/5s//gcb+X36idPKbr9rVv7Tr3+Faaij/pHb9u4n2zdmSl1jp2QwAAAD/P2lE7IgkHZ5Pp+nwcP3v5XfHtrQyPTP72LHpd05P1t8RGIi+tHjS1b/geehoMpcfsZ4fy58VF/sP5c+NPy1treWHJ6Yrk12OHXrd9jbjP/NbqdutA9ac97WgdzWP/7RL7QDWn/s/9C7jH3qX8Q+9q9X4f78pby0Abk3u/9C7jH/oXcX4/6fL7QDWn/s/9KTVvNe/VonyIm/vb9TE1o3RjHVMRLohmiHRIlHc0F/8ZeXH6fKFCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoEP+CwAA//87LfR5")
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="020000000400000008000000010000008000", @ANYRES32=0x0, @ANYBLOB='\x00'/15, @ANYRES32=0x0, @ANYRES32], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000100)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
syz_emit_ethernet(0xe, &(0x7f0000000580)={@local, @empty, @void, {@generic={0x16}}}, 0x0)
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file1\x00', 0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="00ea2eb34e7ea51c9446c55a2d1e0be39af9faf44ad59cb6ad1c94490d970e811439edddc71c9b18946b559ce53bee0a1abe562fc3f3898e5826eda1962cf6e3c4c0ade52151923a70b46eacfc1aaaebcf156e549e884bcabc1333f344f31cd30cd93cb2814e0dbc24a7a107e295e86e09283c825fe177c89c6385f68f2c843cffffffff15539bab6142ceed9265ba989d1a283fc4ffc83f3a7a6c746823e656ad78f3b5a336cdbd83dad59e0debb36b4ea5e658e253f01637cc03f704a08019f95b92fffffffff8dd21552d6967ab1b01e5d52a5793eb179deee4572770a5197127b090287bca2a4eaa1705b42c16968d0201d3ba3cc8000000657ea095f152b1b6a1e6ad8d24ad17f649ccc23d4ecbcdb5620cc48f95f563c2230f859d196e6c4f00b8e3a7b01fcb1d79dcc09b7a854ec8c31dd27ff9b4a2864e1dcaf719d20b56769d51228ecc1915fb8c8b598c11b3c296b05f9c5355fc6f19a7b28f5ae9a0d0804ccc5716cfac0246ddffa2f12077a02a959aa1b74373c38b2bcc90743b80666eae25dea73e127263b8fdbc64fe862b994ca8473d0000000000000000"], 0x2, 0x17d, &(0x7f00000004c0)="$eJzsmD9P6lAYxp/TciH35iY6u2giCTBY2qJGBgdmB038FzeJVIIWMdBB2PwUzn4CZ+JC4sfQQZ1ccHNyqGl7gAP+HdTE+PyG9zzv6dvTc94mT5OCEPJrub15uD5LJS90AP+RRELO3+mDGk2pb489Zi4ry+cn5v1Vu7OUH11PAPD9jz8/BqBT0OHJ3PeH707KcQ1aX69DQ0bqTQgYUm9Dw4bUDgS2pN5TdC2oN4zdiusYOzW3FAgzCFYQ7CDkRvfXPRYoKfsTyvVGs7VfdF2n/oXivf51CxoWlf2p76vXG1PpnwUNltQ5CKxKvYBErzdRS5TzT8QG6+vffH4KCoqfJgb+5J8KpBR/iin+kfWqh9lGszVTqRbLTtk5sO3cvDlrmnN2NjSiKL7hf39Df/qnrP/nldq4iOOo6Hl1K4r93I7iS44bD/1PQ3o6yoWcUwm/B+NiKhjSuswJIYQQQgghhBBCCCHk05mECP+CDpF/NmWvhNVPAQAA//94vnZt")
r5 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
open(&(0x7f0000000200)='./bus\x00', 0x141042, 0x0)
fchownat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x400)
pwritev2(r5, &(0x7f0000000100)=[{&(0x7f0000000240)="c1", 0x1}], 0x1, 0x0, 0x0, 0x0)

1.420676966s ago: executing program 4 (id=4348):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r0}, 0x4)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x11, &(0x7f0000000140)=ANY=[@ANYBLOB="180200000200000000000000000000008500000087000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

1.420265956s ago: executing program 4 (id=4349):
r0 = syz_open_procfs$namespace(0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', 0xa08886, &(0x7f0000000040)=ANY=[@ANYRES32=0x0], 0x9, 0x2a8, &(0x7f0000000500)="$eJzs3F9IU38Yx/HHPz/1Z+hGRFBQPeVNRRzcrgMdoRENjHJhCcExz2rstI2dsZqEWxB400U3/buuIEIQoosgELvoKpTwrovuvPMiu0oiOjGnudnUMnWS79fF9rDn+zl8z58dtu9g08fvXouGHSNspqS6oUqq2yUns1XilWpZkJMj10fe7zt34eLpQDDYcVa1M9Dt86tq84HR3pvDh8ZSO86/bH5dL+PeS9Mz/qnx3eN7pr93X404GnE0Fk+pqX3xeMrssy3tv+9EDdUztmU6lkZijpUs6YfteCKRUTPW39SYSFqOo2Yso1Ero6m4ppIZNa+YkZgahqFNjYKVDacfBZbvhp7Puq7MpN65bn1OXNfNv9iwidNDhc2df9ctOv93Kj0lbKKim3qDiD2UDqVDhedCPxCWiNhiSat45JvkrxH38Yg7d6nkH2/4R4KTR9++UVWvDNrZ+Xw2HaopzfvEI95CpqBQd54Kdvi0oDT/nzQW5/3ikV3l8/6y+To53FKUN8Qjk5clLrZMjB78MtU19GAhP+hTPdEVXJL/X/oXD9OzzxU6PwAAAAAAAAAArIWhP5VdvzfyA24PqGrTkn4hX+73gaXr861l1+drZW9tZfcdAAAAAIDtwskMRE3btpJ/WeS/yq/Hdv694smt3x+8v3PlMS1tNRPtH3KJrbBff1B87dkS0ygtZH71abXBNev8TlksPq3Ldqrm57f8mJO9H1+sup26X47PcsY2/q4EAAAAYCMsfuhvk2z4VTrbc+xepecEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMB2s4a/HJt4WK6l+WLn03KtSu8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADASn4EAAD//xAR0Ao=")
ioctl$AUTOFS_IOC_READY(r0, 0x9360, 0x6)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000240)='sched_switch\x00', r1}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x400}, [@call={0x85, 0x0, 0x0, 0x2f}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
memfd_create(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
socket$netlink(0x10, 0x3, 0x4)
r6 = socket$inet(0xa, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f0000004300)=@mangle={'mangle\x00', 0x44, 0x6, 0x420, 0x2b8, 0x0, 0x138, 0x0, 0x0, 0x388, 0x388, 0x388, 0x388, 0x388, 0x6, 0x0, {[{{@ip={@broadcast, @multicast1=0xe0007600, 0x0, 0x0, 'gre0\x00', 'ip6gre0\x00'}, 0x7a00, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x0, 'batadv_slave_1\x00', 'nicvf0\x00', {}, {}, 0x11}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @local}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00'}, 0x0, 0xb8, 0xe0, 0x0, {}, [@common=@unspec=@limit={{0x48}, {0x0, 0x28, 0x0, 0x0, 0x0, 0x1}}]}, @ECN={0x28}}, {{@ip={@rand_addr, @private, 0x0, 0x0, 'syzkaller0\x00', 'veth1_to_team\x00'}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @empty}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0xa0, 0xd0, 0x0, {}, [@common=@unspec=@mac={{0x30}, {@multicast}}]}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x480)
getpgid(r2)
getgid()
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/schedstat\x00', 0x0, 0x0)

939.235972ms ago: executing program 0 (id=4350):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000008c0)='sys_enter\x00', r1}, 0x10)
quotactl_fd$Q_GETQUOTA(0xffffffffffffffff, 0xffffffff80000700, 0x0, 0x0)

879.100258ms ago: executing program 0 (id=4351):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.time\x00', 0x26e1, 0x0)
close(r0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="180200000400000000000000000000008500000041000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000011c0)={r0, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0x4068, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x4c)

828.888454ms ago: executing program 0 (id=4352):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f0000000480)='mm_page_alloc\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x1a, 0x3, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x203f, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r1}, 0x10)

799.774277ms ago: executing program 0 (id=4353):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
socket$key(0xf, 0x3, 0x2)
close_range(r1, 0xffffffffffffffff, 0x0)

758.461302ms ago: executing program 0 (id=4354):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f00000006c0)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@nombcache}, {@noload}]}, 0x3, 0x440, &(0x7f0000000280)="$eJzs28tvG8UfAPDv2kn66+uXUJVHH0CgIMoradJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSJy6IIxJ/ASe4IOCExBXuqFKFcmnhZLT2bmI7thunTlzqz0dad2Z33Jmvd8ee2ckG0LdG05ckYk9E/B4Rw9VsfYHR6j83V5am/15Zmk6iXH7zr6RS7sbK0nReNH/f7jwzEFH4NIlDTepduHT53FSpNHsxy48vnn9vfOHS5Wfnzk+dnT07e2Hy1KkTxyeePzn5XFfiTOO6cfDD+cMHXn376uvTp6++8/O3SR5/QxxdMtru4OPlcper6629NelkoIcNoSPFajeNwUr/H45irJ284Xjlk542DthS5XK5fF/rw8tl4C6WRK9bAPRG/kOfzn/zbZuGHneE6y9WJ0Bp3DezrXpkIApZmcGG+W03jUbE6eV/vkq32Jr7EAAAdb5Pxz/PNBv/FaL2vtD/szWUkYi4JyL2RcTJiNgfEfdGVMreHxEPdFh/4yLJ+vFP4dqmAtugdPz3Qra2VT/+y0d/MVLMcnsr8Q8mZ+ZKs8eyz+RoDO5I8xNt6vjh5d8+b3WsdvyXbmn9+Vgwa8e1gR3175mZWpy6nZhrXf844uBAs/iT1ZWAJCIORMTBTdYx99Q3h1sdu3X8bXRhnan8dcQT1fO/HA3x55L265Pj/4vS7LHx/KpY75dfr7zRqv7bir8L0vO/q+n1vxr/SFK7XrvQyf/+5ZPp65U/Pms5p9ns9T+UvFW374OpxcWLExFDyWvVRtfun2woN7lWPo3/6JHm/X9frH0ShyIivYgfjIiHIuLhrO2PRMSjEXGkzafw00uPvbv5+LdWGv9MR+d/LTEUjXuaJ4rnfvyurtKRTuJPz/+JSupotmcj338baVenVzMAAAD8VxUiYk8khbHVdKEwNlb9G/79satQml9YfPrM/PsXZqrPCIzEYCG/0zVccz90IpvW5/nJhvzx7L7xF8WdlfzY9HxpptfBQ5/b3aL/p/4s9rp1wJbzvBb0L/0f+pf+D/1L/4f+1aT/7+xFO4Dt1+z3/6MetAPYfg3937If9BHzf+hfm+n/vjPg7tC2Lw9tXzuAbbWwM279kLyExLpEFO6IZkhsUaLX30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADd8W8AAAD//58P56I=")
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000440), 0x2401, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0xfffffffffffffeb1, &(0x7f00000001c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0600000004000000ff0f", @ANYBLOB='\x00\x00', @ANYRES32=0x0], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000fcffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETSW(r5, 0x5403, &(0x7f0000000740)={0xfffffffc, 0x0, 0x0, 0x5f7, 0xff, "10120dfe0ef7f0200000ff490a0080002a00"})

452.117777ms ago: executing program 4 (id=4355):
r0 = openat$selinux_user(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
write$selinux_user(r0, &(0x7f0000000240)={'system_u:object_r:initctl_t:s0', 0x20, 'unconfined_u\x00'}, 0x2c)

268.718829ms ago: executing program 4 (id=4356):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000380)={[{@nogrpid}, {@resuid={'resuid', 0x3d, 0xee01}}, {@resgid}, {@data_journal}, {@nombcache}, {@block_validity}]}, 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
chdir(&(0x7f00000001c0)='./file0\x00')
r0 = open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0)
lseek(r0, 0x2, 0x0)
getdents(r0, 0x0, 0x22)

195.363217ms ago: executing program 4 (id=4357):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f0000002e00)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@oldalloc}, {@stripe={'stripe', 0x3d, 0x1}}, {@resgid}, {@sysvgroups}, {@delalloc}, {@usrquota}]}, 0x10, 0x4d9, &(0x7f0000002e80)="$eJzs3c9rHG0dAPDvTLJvf+U1edVDLdgWW0mLdjdpbBs81ApiTwVrvdeYbELIJhuym7YJRVK8K4io4MmTF8E/QJD+CSIU9eZBqiiirR48qCs7O1vbuNtEut2pyecD03meeXb3+30admaemYedAA6tsxFxIyJGIuJiRIzn29N8udluv9153fNnD+fbSxKt1p0/J5Hk27qfleTrExGxExFHI+LLNyO+lvx33MbW9spcrVbdyOuV5up6pbG1fWl5dW6pulRdm5mZvjp7bfbK7NRA+jkREde/8PvvfutHX7z+s0/f/+3dP174ejutsbz95X4MUqfrpez/oms0IjbeRrACjOTrUp/2b44MMRkAAPbUPsf/cER8Ijv/H4+R7OwUAAAAOEhanxuLfyQRLQAAAODASrM5sElazucCjEWalsudObwfjeNprd5ofmqxvrm20JkrOxGldHG5Vp3K5wpPRClp16fzObbd+uVd9ZmI+CAivjN+LKuX5+u1haIvfgAAAMAhcWLX+P9v49n4/0jReQEAAAADNlF0AgAAAMBbZ/wPAAAAB5/xPwAAABxoX7p1q720us+/Xri3tblSv3dpodpYKa9uzpfn6xvr5aV6fSn7zb7VvT6vVq+vfybWNh9UmtVGs9LY2r67Wt9ca95dfuUR2AAAAMAQfXDm8a+TiNj57LFsaXuv6KSAoUj2aM8eEvI0r/xuCAkBQzNSdAJAYUaLTgAoTKnoBIDC7XUdoO/knZ8PPhcAAODtmPxY//v/rg3AwZYWnQAAMHTu/8PhVXp1BuCV4jIBivKhPdrf/P5/q/U/JQQAAAzcWLYkaTm/FzgWaVouR7yfPRaglCwu16pT+fjgV+OlI+36dPbOZM85wwAAAAAAAAAAAAAAAAAAAAAAAABAR6uVRKvV+s0vWwAAAMBBFZH+Icl+zT9icvz82O7rA+8lfx/P1hFx/wd3vvdgrtncmG5v/8uL7c3v59svF3EFAwAAANitO07vjuMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYJCeP3s4312GGfdPn4+IiZ7xzxzNVkejFBHH/5rE6EvvSyJiZADxdx5FxMle8ZN2WjERnSx6xT9WYPw0Ik4MID4cZo/b+58bvb5/aZzN1r2/f6P58qb67//S6O7/Rvrsf97fZ4xTT35S6Rv/UcSp0d77n278pE/8c/uM/9WvbG/3a2v9MGKy5/EneSVWpbm6XmlsbV9aXp1bqi5V12Zmpq/OXpu9MjtVWVyuVfN/e8b49sd/+q/X9f94n/gTe/T//D77/88nD559pFMs9Yp/4Vzv4+/JPvHT/Nj3ybzcbp/slnc65Zed/vEvTr+u/wt9+v/i79/jQNuOeWGf/b94+xtP9/lSAGAIGlvbK3O1WnXj/7GQxjuRhsJACkfejTQUOoWi90wAAMCg/eekv+hMAAAAAAAAAAAAAAAAAAAA4PAaxs+J7QqZFNRVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDX+ncAAAD//zaO2LQ=")
mount$incfs(&(0x7f0000000240)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140), 0x0, 0x0)
setxattr$incfs_id(&(0x7f0000000140)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000000200), 0x20, 0x0)
rmdir(&(0x7f0000000100)='./file2\x00')
unlink(&(0x7f0000000080)='./file0/file0\x00')

73.502341ms ago: executing program 3 (id=4358):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

564.56µs ago: executing program 3 (id=4359):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000a40)={[{@stripe={'stripe', 0x3d, 0x3}}, {@noauto_da_alloc}, {@jqfmt_vfsold}, {@data_err_ignore}, {@noauto_da_alloc}, {@delalloc}, {@resuid}, {@oldalloc}, {@jqfmt_vfsv1}]}, 0xfc, 0x550, &(0x7f0000000b00)="$eJzs3d9rW1UcAPDvTdv91nUwhvoghT04mUvX1h8TfJiPosOBvs/Q3pXRZBlNOtY6cHtwL77IEEQciH+A7z4O/wH/ioEOhoyiD75EbnrTZWvSZm22Zubzgduec89Nzz0593t6bk5CAhhaE9mPQsSrEfFtEnG4rWw08sKJteNWH16fzbYkGo3P/koiyfe1jk/y3wfzzCsR8dvXEScLG+utLa8slMrldDHPT9YrVyZryyunLlVK8+l8enl6ZubMOzPT77/3bt/a+ub5f3749O5HZ745vvr9L/eP3E7ibBzKy9rbsQM32jMTMZE/J2Nx9okDp/pQ2SBJdvsE2JaRPM7HIhsDDsdIHvXA/99XEdEAhlQi/mFIteYBrXv7Pt0HvzAefLh2A7Sx/aNrr43Evua90YHV5LE7o+x+d7wP9Wd1/PrnndvZFv17HQJgSzduRsTp0dGN41+Sj3/bd7qHY56sw/gHz8/dbP7zVqf5T2F9/hMd5j8HO8Tudmwd/4X7faimq2z+90HH+e/6otX4SJ57qTnnG0suXiqn2dj2ckSciLG9WX6z9Zwzq/ca3cra53/ZltXfmgvm53F/dO/jj5kr1Us7aXO7BzcjXus4/03W+z/p0P/Z83G+xzqOpXde71a2dfufrcbPEW907P9HK1rJ5uuTk83rYbJ1VWz0961jv3erf7fbn/X/gc3bP560r9fWnr6On/b9m3Yr2+71vyf5vJnek++7VqrXF6ci9iSfbNw//eixrXzr+Kz9J45vPv51uv73R8QXPbb/1tFbXQ8dhP6fe6r+f/rEvY+//LFb/b31/9vN1Il8Ty/jX68nuJPnDgAAAAAAAAZNISIORVIorqcLhWJx7f0dR+NAoVyt1U9erC5dnovmZ2XHY6zQWuk+3PZ+iKn8/bCt/PQT+ZmIOBIR343sb+aLs9Xy3G43HgAAAAAAAAAAAAAAAAAAAAbEwYh9nT7/n/ljZLfPDnjmfOU3DK/u8Z+X9OObnoCB5P8/DC/xD8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8AAAAAAAAAAAAAAAAAAAAAAAAAAADQV+fPncu2xurD67NZfu7q8tJC9eqpubS2UKwszRZnq4tXivPV6nw5Lc5WK1v9vXK1emVqOpauTdbTWn2ytrxyoVJduly/cKlSmk8vpGPPpVUAAAAAAAAAAAAAAAAAAADwYqktryyUyuV0UUJiW4nRwTgNiT4ndntkAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBH/gsAAP//sQI4ww==")
r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x42, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r1, &(0x7f0000003a80)='\t', 0x1, 0x8000c61)
pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000200)="df", 0xf4240}], 0x1, 0x800001, 0x0, 0x0)

0s ago: executing program 4 (id=4360):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = openat$selinux_member(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
write$selinux_access(r1, &(0x7f0000000580)={'system_u:object_r:apt_exec_t:s0', 0x20, '/usr/sbin/ntpd', 0x20, 0x7}, 0x44)

kernel console output (not intermixed with test programs):

.
[ 1470.655918][T20307] overlayfs: failed to create directory ./bus/work (errno: 22); mounting read-only
[ 1470.665372][T20307] overlayfs: failed to resolve './file0': -2
[ 1470.685195][T20307] overlayfs: failed to create directory ./bus/work (errno: 22); mounting read-only
[ 1470.694606][T20307] overlayfs: failed to resolve './file0': -2
[ 1471.206928][T18780] EXT4-fs (loop1): unmounting filesystem.
[ 1471.348655][ T1988] usb 1-1: new high-speed USB device number 61 using dummy_hcd
[ 1471.613242][T20319] loop1: detected capacity change from 0 to 1024
[ 1473.625454][T20326] loop3: detected capacity change from 0 to 1024
[ 1473.653225][T20319] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 1473.661571][T20319] ext4 filesystem being mounted at /61/file1 supports timestamps until 2038 (0x7fffffff)
[ 1473.677359][ T1988] usb 1-1: Using ep0 maxpacket: 8
[ 1473.719322][T20326] EXT4-fs: Ignoring removed orlov option
[ 1473.737803][ T1988] usb 1-1: device descriptor read/all, error -71
[ 1473.748227][T20326] EXT4-fs (loop3): Test dummy encryption mode enabled
[ 1473.781387][T20326] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1473.830204][T18780] EXT4-fs (loop1): unmounting filesystem.
[ 1473.837558][T20330] loop0: detected capacity change from 0 to 128
[ 1473.876260][   T28] audit: type=1400 audit(2000004903.369:4367): avc:  denied  { mounton } for  pid=20329 comm="syz.0.3920" path="/9/file0" dev="loop0" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=dir permissive=1
[ 1474.088768][T20332] incfs: ino conflict with backing FS 1
[ 1474.835853][T20335] fscrypt: AES-256-XTS using blk-crypto-fallback
[ 1474.939575][T20335] fscrypt (loop3): error -12 starting to use blk-crypto
[ 1474.977597][   T19] usb 5-1: new high-speed USB device number 59 using dummy_hcd
[ 1474.991098][T19726] EXT4-fs (loop3): unmounting filesystem.
[ 1475.030535][T20343] loop1: detected capacity change from 0 to 512
[ 1475.116778][T20343] EXT4-fs error (device loop1): __ext4_iget:5046: inode #11: block 1: comm syz.1.3921: invalid block
[ 1475.142592][T20343] EXT4-fs (loop1): Remounting filesystem read-only
[ 1475.159117][T20343] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.3921: couldn't read orphan inode 11 (err -117)
[ 1475.161037][T20346] kvm: pic: non byte read
[ 1475.177559][T20343] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1475.657946][T20346] kvm: pic: non byte read
[ 1475.662779][T20346] kvm: pic: non byte read
[ 1475.667172][T20346] kvm: pic: level sensitive irq not supported
[ 1475.667221][T20346] kvm: pic: non byte read
[ 1475.689792][T20346] kvm: pic: non byte read
[ 1475.700313][T20346] kvm: pic: non byte read
[ 1476.143271][T20372] loop4: detected capacity change from 0 to 1024
[ 1477.716596][T20376] loop3: detected capacity change from 0 to 16
[ 1477.728712][T20376] erofs: (device loop3): mounted with root inode @ nid 36.
[ 1477.846792][T20372] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1477.855497][T20372] ext4 filesystem being mounted at /9/file1 supports timestamps until 2038 (0x7fffffff)
[ 1478.013325][T20080] EXT4-fs (loop4): unmounting filesystem.
[ 1478.118215][T20385] overlayfs: failed to create directory ./bus/work (errno: 22); mounting read-only
[ 1478.127778][T20385] overlayfs: failed to resolve './file0': -2
[ 1478.150695][T20385] overlayfs: failed to create directory ./bus/work (errno: 22); mounting read-only
[ 1478.160132][T20385] overlayfs: failed to resolve './file0': -2
[ 1478.473897][   T28] audit: type=1400 audit(2000004907.939:4368): avc:  denied  { setopt } for  pid=20386 comm="syz.4.3930" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 1478.738320][T18780] EXT4-fs (loop1): unmounting filesystem.
[ 1479.042250][   T28] audit: type=1400 audit(2000004908.519:4369): avc:  denied  { bind } for  pid=20391 comm="syz.0.3932" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1479.105281][T20399] loop1: detected capacity change from 0 to 1024
[ 1479.206108][   T28] audit: type=1400 audit(2000004908.519:4370): avc:  denied  { node_bind } for  pid=20391 comm="syz.0.3932" saddr=fe80::bb scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[ 1479.248104][T20399] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 1479.256549][T20399] ext4 filesystem being mounted at /63/file1 supports timestamps until 2038 (0x7fffffff)
[ 1479.394359][T20407] loop3: detected capacity change from 0 to 1024
[ 1479.513889][T20407] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1479.522757][T20407] ext4 filesystem being mounted at /27/file1 supports timestamps until 2038 (0x7fffffff)
[ 1479.910547][T20411] loop0: detected capacity change from 0 to 512
[ 1480.077863][T20411] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1480.126272][T20411] EXT4-fs error (device loop0): __ext4_iget:5046: inode #11: block 1: comm syz.0.3935: invalid block
[ 1480.148820][T18780] EXT4-fs (loop1): unmounting filesystem.
[ 1480.158454][T20411] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.3935: couldn't read orphan inode 11 (err -117)
[ 1480.196083][T20411] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1480.308602][T19726] EXT4-fs (loop3): unmounting filesystem.
[ 1480.341795][T20417] loop1: detected capacity change from 0 to 512
[ 1480.438960][   T28] audit: type=1400 audit(2000004909.929:4371): avc:  denied  { map } for  pid=20410 comm="syz.0.3935" path="/14/file0/hugetlb.2MB.rsvd.usage_in_bytes" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[ 1480.464008][T20417] EXT4-fs (loop1): Test dummy encryption mode enabled
[ 1480.473300][   T28] audit: type=1400 audit(2000004909.929:4372): avc:  denied  { execute } for  pid=20410 comm="syz.0.3935" path="/14/file0/hugetlb.2MB.rsvd.usage_in_bytes" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[ 1480.539022][T20417] EXT4-fs error (device loop1): __ext4_iget:5046: inode #11: block 1: comm syz.1.3936: invalid block
[ 1480.560058][T20417] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.3936: couldn't read orphan inode 11 (err -117)
[ 1480.563338][T20405] loop4: detected capacity change from 0 to 40427
[ 1480.572083][T20417] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 1480.587344][T20405] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[ 1480.596074][T20405] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1480.604321][   T28] audit: type=1400 audit(2000004910.099:4373): avc:  denied  { write } for  pid=85 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1480.626024][   T28] audit: type=1400 audit(2000004910.099:4374): avc:  denied  { remove_name } for  pid=85 comm="syslogd" name="messages" dev="tmpfs" ino=19 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1480.682181][T20405] F2FS-fs (loop4): invalid crc value
[ 1480.683306][T20062] EXT4-fs (loop0): unmounting filesystem.
[ 1480.695846][   T28] audit: type=1400 audit(2000004910.099:4375): avc:  denied  { rename } for  pid=85 comm="syslogd" name="messages" dev="tmpfs" ino=19 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 1480.720566][T20405] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1481.153943][T20429] fuse: Unknown parameter 'ro›ò^ù�\ÉotmoY¹ú!šäer-�8®de'
[ 1481.167672][   T28] audit: type=1400 audit(2000004910.099:4376): avc:  denied  { add_name } for  pid=85 comm="syslogd" name="messages.0" dev="tmpfs" ino=18 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1481.190154][   T28] audit: type=1400 audit(2000004910.099:4377): avc:  denied  { unlink } for  pid=85 comm="syslogd" name="messages.0" dev="tmpfs" ino=18 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 1481.667912][T20405] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 1481.682655][T18780] EXT4-fs (loop1): unmounting filesystem.
[ 1481.693418][T20405] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1482.257919][T20445] loop1: detected capacity change from 0 to 256
[ 1482.269442][T20445] exfat: Bad value for 'gid'
[ 1482.754837][T20451] loop0: detected capacity change from 0 to 512
[ 1482.791107][T20450] loop4: detected capacity change from 0 to 512
[ 1483.650776][T20450] EXT4-fs error (device loop4): __ext4_iget:5046: inode #11: block 1: comm syz.4.3942: invalid block
[ 1483.662396][T20451] EXT4-fs error (device loop0): __ext4_iget:5046: inode #11: block 1: comm syz.0.3951: invalid block
[ 1483.683460][T20451] EXT4-fs (loop0): Remounting filesystem read-only
[ 1483.690221][T20450] EXT4-fs (loop4): Remounting filesystem read-only
[ 1484.297774][T20464] EXT4-fs warning (device sda1): ext4_resize_fs:2028: can't read last block, resize aborted
[ 1484.311076][T20467] loop1: detected capacity change from 0 to 16
[ 1484.319120][T20451] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.3951: couldn't read orphan inode 11 (err -117)
[ 1484.319184][T20450] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.3942: couldn't read orphan inode 11 (err -117)
[ 1484.413316][T20467] erofs: (device loop1): mounted with root inode @ nid 36.
[ 1484.425493][T20450] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 1484.559576][T20451] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 1485.310762][T20474] loop3: detected capacity change from 0 to 256
[ 1485.426144][T20474] exfat: Deprecated parameter 'namecase'
[ 1485.544967][T20474] exfat: Unknown parameter 'uma­¨'
[ 1485.805407][T20478] netlink: 'syz.3.3946': attribute type 4 has an invalid length.
[ 1486.138246][T20062] EXT4-fs (loop0): unmounting filesystem.
[ 1486.146292][T20080] EXT4-fs (loop4): unmounting filesystem.
[ 1486.209292][T20485] loop4: detected capacity change from 0 to 1024
[ 1486.216886][T20487] loop0: detected capacity change from 0 to 512
[ 1486.232449][   T28] kauditd_printk_skb: 3 callbacks suppressed
[ 1486.232463][   T28] audit: type=1400 audit(2000004915.729:4381): avc:  denied  { remount } for  pid=20486 comm="syz.0.3949" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[ 1486.272938][T20485] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 1486.373723][   T28] audit: type=1400 audit(2000004915.869:4382): avc:  denied  { write } for  pid=20486 comm="syz.0.3949" path="socket:[113309]" dev="sockfs" ino=113309 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[ 1486.403837][   T28] audit: type=1400 audit(2000004915.869:4383): avc:  denied  { nlmsg_read } for  pid=20486 comm="syz.0.3949" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[ 1487.368317][T20080] EXT4-fs (loop4): unmounting filesystem.
[ 1487.386484][   T28] audit: type=1326 audit(2000004916.879:4384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20504 comm="syz.4.3954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea5df7dff9 code=0x7ffc0000
[ 1487.472916][T20507] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3953'.
[ 1487.482210][T20507] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3953'.
[ 1488.323031][   T28] audit: type=1326 audit(2000004916.879:4385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20504 comm="syz.4.3954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea5df7dff9 code=0x7ffc0000
[ 1488.443987][T20518] loop4: detected capacity change from 0 to 512
[ 1488.452435][T20517] loop1: detected capacity change from 0 to 256
[ 1488.470819][   T28] audit: type=1326 audit(2000004916.879:4386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20504 comm="syz.4.3954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fea5df7dff9 code=0x7ffc0000
[ 1488.518317][T20518] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1488.718933][T20518] EXT4-fs (loop4): 1 truncate cleaned up
[ 1488.727709][T20518] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1488.761403][   T28] audit: type=1326 audit(2000004916.879:4387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20504 comm="syz.4.3954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea5df7dff9 code=0x7ffc0000
[ 1488.994269][T20509] loop3: detected capacity change from 0 to 40427
[ 1489.018878][T20080] EXT4-fs (loop4): unmounting filesystem.
[ 1489.032143][T20509] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[ 1489.061467][T20525] loop4: detected capacity change from 0 to 512
[ 1489.061503][T20509] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 1489.069645][   T28] audit: type=1326 audit(2000004916.899:4388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20504 comm="syz.4.3954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea5df7dff9 code=0x7ffc0000
[ 1489.076104][T20509] F2FS-fs (loop3): Unrecognized mount option "ÿÿÿÿÿÿÿÿ" or missing value
[ 1489.104343][T20525] journal_path: Lookup failure for './bus'
[ 1489.118478][T20525] EXT4-fs: error: could not find journal device path
[ 1489.127798][T17500] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[ 1489.135216][   T28] audit: type=1326 audit(2000004916.899:4389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20504 comm="syz.4.3954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7fea5df7dff9 code=0x7ffc0000
[ 1489.173963][   T28] audit: type=1326 audit(2000004916.899:4390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20504 comm="syz.4.3954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea5df7dff9 code=0x7ffc0000
[ 1489.253360][T20527] loop0: detected capacity change from 0 to 256
[ 1489.260942][T20525] loop4: detected capacity change from 0 to 1024
[ 1489.267372][T20525] EXT4-fs: Ignoring removed bh option
[ 1489.280403][T20525] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1489.328495][T20525] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 1489.417663][T17500] usb 2-1: Using ep0 maxpacket: 16
[ 1489.837589][T20532] futex_wake_op: syz.3.3955 tries to shift op by 32; fix this program
[ 1489.869331][T20532] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=20532 comm=syz.3.3955
[ 1490.179092][T20537] loop0: detected capacity change from 0 to 512
[ 1490.196648][T20537] EXT4-fs error (device loop0): __ext4_iget:5046: inode #11: block 1: comm syz.0.3961: invalid block
[ 1490.208509][T20537] EXT4-fs (loop0): Remounting filesystem read-only
[ 1490.215059][T20537] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.3961: couldn't read orphan inode 11 (err -117)
[ 1490.228039][T20537] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 1490.314532][T17500] usb 2-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90
[ 1490.326436][T20080] EXT4-fs (loop4): unmounting filesystem.
[ 1490.343513][T17500] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1490.371747][T17500] usb 2-1: Product: syz
[ 1490.388166][T17500] usb 2-1: Manufacturer: syz
[ 1490.404637][T17500] usb 2-1: SerialNumber: syz
[ 1490.488312][T17500] usb 2-1: config 0 descriptor??
[ 1490.528123][T17500] ums-onetouch 2-1:0.0: USB Mass Storage device detected
[ 1490.729284][T20544] loop4: detected capacity change from 0 to 16
[ 1490.761413][T20544] erofs: (device loop4): mounted with root inode @ nid 36.
[ 1491.542553][   T28] kauditd_printk_skb: 29 callbacks suppressed
[ 1491.542642][   T28] audit: type=1400 audit(2000004920.979:4420): avc:  denied  { unlink } for  pid=20539 comm="syz.2.3962" name="#1e4" dev="tmpfs" ino=1205 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[ 1491.798501][   T19] usb 2-1: USB disconnect, device number 44
[ 1491.816743][T20556] loop3: detected capacity change from 0 to 256
[ 1491.883443][T20557] netlink: 64 bytes leftover after parsing attributes in process `syz.2.3964'.
[ 1491.918796][T20556] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[ 1491.968480][T20556] exFAT-fs (loop3): bogus allocation bitmap size(need : 2, cur : 17179869186)
[ 1492.004018][T20560] loop1: detected capacity change from 0 to 128
[ 1492.041988][T20560] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 1492.057804][T20560] ext4 filesystem being mounted at /69/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[ 1492.303738][T20563] overlayfs: missing 'lowerdir'
[ 1492.441601][  T522] usb 4-1: new high-speed USB device number 49 using dummy_hcd
[ 1492.796938][T20565] kvm: pic: non byte read
[ 1492.801373][T20565] kvm: pic: non byte read
[ 1492.811015][T20565] kvm: pic: non byte read
[ 1492.847996][T20565] kvm: pic: level sensitive irq not supported
[ 1492.848051][T20565] kvm: pic: non byte read
[ 1492.864048][T18780] EXT4-fs (loop1): unmounting filesystem.
[ 1492.872973][T20565] kvm: pic: non byte read
[ 1492.882883][T20565] kvm: pic: non byte read
[ 1492.947890][  T522] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1492.959141][  T522] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1492.960299][T20573] binder: 20571:20573 ioctl 4018620d 0 returned -22
[ 1492.986949][T20573] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=20573 comm=syz.1.3968
[ 1493.026234][T20573] loop1: detected capacity change from 0 to 1024
[ 1493.044981][T20573] EXT4-fs: Ignoring removed orlov option
[ 1493.052750][T20573] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1493.082176][T20573] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 1493.097811][  T522] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1493.119461][  T522] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1493.127430][  T522] usb 4-1: SerialNumber: syz
[ 1493.252306][T20062] EXT4-fs (loop0): unmounting filesystem.
[ 1493.665073][T18780] EXT4-fs (loop1): unmounting filesystem.
[ 1493.740699][T20588] loop1: detected capacity change from 0 to 512
[ 1493.773958][T20588] EXT4-fs error (device loop1): __ext4_iget:5046: inode #11: block 1: comm syz.1.3972: invalid block
[ 1493.845115][T20590] EXT4-fs (sda1): resizing filesystem from 262144 to 262144 blocks
[ 1493.890145][T20588] EXT4-fs (loop1): Remounting filesystem read-only
[ 1493.904921][T20588] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.3972: couldn't read orphan inode 11 (err -117)
[ 1493.957666][T20588] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1494.090345][T20580] loop0: detected capacity change from 0 to 40427
[ 1494.106409][T20580] F2FS-fs (loop0): Invalid SB checksum offset: 0
[ 1494.121307][   T28] audit: type=1326 audit(2000004923.619:4421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20592 comm="syz.2.3973" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f494ef7dff9 code=0x0
[ 1494.133531][T20580] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 1494.165556][T20580] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[ 1494.258789][T20580] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[ 1494.265676][T20580] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 1495.819779][T20613] loop4: detected capacity change from 0 to 512
[ 1495.906380][T20062] syz-executor: attempt to access beyond end of device
[ 1495.906380][T20062] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1495.907173][T20613] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 1495.948528][T20613] ext4 filesystem being mounted at /20/file0 supports timestamps until 2038 (0x7fffffff)
[ 1496.190312][   T28] audit: type=1400 audit(2000004925.689:4422): avc:  denied  { create } for  pid=20612 comm="syz.4.3975" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[ 1496.296011][T20622] Invalid ELF header magic: != ELF
[ 1497.027632][T20080] EXT4-fs (loop4): unmounting filesystem.
[ 1497.136861][T20625] loop0: detected capacity change from 0 to 512
[ 1497.156384][   T28] audit: type=1400 audit(2000004925.709:4423): avc:  denied  { bind } for  pid=20612 comm="syz.4.3975" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[ 1497.219689][T18780] EXT4-fs (loop1): unmounting filesystem.
[ 1497.257753][   T28] audit: type=1400 audit(2000004925.789:4424): avc:  denied  { sys_module } for  pid=20612 comm="syz.4.3975" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[ 1497.321934][T20630] loop1: detected capacity change from 0 to 512
[ 1497.328949][T20625] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 1497.376569][T20625] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.3976: bg 0: block 248: padding at end of block bitmap is not set
[ 1497.391398][   T28] audit: type=1400 audit(2000004925.789:4425): avc:  denied  { module_load } for  pid=20612 comm="syz.4.3975" path="/sys/kernel/notes" dev="sysfs" ino=1141 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=system permissive=1
[ 1497.426974][T20630] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1497.438107][T20630] ext4 filesystem being mounted at /72/file0 supports timestamps until 2038 (0x7fffffff)
[ 1497.468794][T20625] Quota error (device loop0): write_blk: dquota write failed
[ 1497.508348][  T522] usb 4-1: 0:2 : does not exist
[ 1497.513071][  T522] usb 4-1: unit 5: unexpected type 0x0c
[ 1497.535107][  T522] usb 4-1: USB disconnect, device number 49
[ 1497.555084][T20625] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[ 1497.567706][T20625] EXT4-fs error (device loop0): ext4_acquire_dquot:6764: comm syz.0.3976: Failed to acquire dquot type 1
[ 1497.587407][T20625] EXT4-fs (loop0): 1 truncate cleaned up
[ 1497.649196][T20635] Invalid ELF header magic: != ELF
[ 1497.848936][T20625] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 1497.915458][T20062] EXT4-fs (loop0): unmounting filesystem.
[ 1497.958268][T19712] udevd[19712]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 1498.114944][T20640] loop0: detected capacity change from 0 to 16
[ 1498.142964][T20640] erofs: (device loop0): mounted with root inode @ nid 36.
[ 1498.222080][T18780] EXT4-fs (loop1): unmounting filesystem.
[ 1498.403980][T20627] loop4: detected capacity change from 0 to 40427
[ 1498.424643][T20627] F2FS-fs (loop4): Invalid SB checksum offset: 0
[ 1498.432945][T20627] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[ 1498.464313][T20627] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[ 1498.625284][T20627] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[ 1498.634483][T20627] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1499.127653][   T19] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[ 1499.377683][   T19] usb 2-1: Using ep0 maxpacket: 8
[ 1499.571572][   T19] usb 2-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 0
[ 1499.708905][   T19] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1499.717888][   T19] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1499.725749][   T19] usb 2-1: SerialNumber: syz
[ 1499.747720][T20643] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1499.768146][   T19] cdc_ether: probe of 2-1:1.0 failed with error -22
[ 1499.970078][   T28] audit: type=1326 audit(2000004929.469:4426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20642 comm="syz.1.3982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f405d77dff9 code=0x7ffc0000
[ 1499.970934][  T681] usb 2-1: USB disconnect, device number 45
[ 1500.004634][   T28] audit: type=1326 audit(2000004929.469:4427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20642 comm="syz.1.3982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f405d77dff9 code=0x7ffc0000
[ 1500.042197][   T28] audit: type=1326 audit(2000004929.469:4428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20642 comm="syz.1.3982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f405d77dff9 code=0x7ffc0000
[ 1500.077651][   T28] audit: type=1326 audit(2000004929.469:4429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20642 comm="syz.1.3982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=310 compat=0 ip=0x7f405d77dff9 code=0x7ffc0000
[ 1500.101177][   T28] audit: type=1326 audit(2000004929.469:4430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20642 comm="syz.1.3982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f405d77dff9 code=0x7ffc0000
[ 1500.456345][T20662] overlayfs: missing 'workdir'
[ 1501.126128][T20671] loop4: detected capacity change from 0 to 128
[ 1501.136746][T20673] loop0: detected capacity change from 0 to 512
[ 1501.147887][T20671] ext4: Unknown parameter 'appraise'
[ 1501.238429][T20673] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 1501.257365][T20673] ext4 filesystem being mounted at /25/bus supports timestamps until 2038 (0x7fffffff)
[ 1501.359445][T20679] tipc: Failed to remove unknown binding: 66,1,1/0:4159278387/4159278389
[ 1501.367811][T20679] tipc: Failed to remove unknown binding: 66,1,1/0:4159278387/4159278389
[ 1501.617755][    T6] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[ 1502.247734][    T6] usb 2-1: Using ep0 maxpacket: 8
[ 1502.384115][    T6] usb 2-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 0
[ 1502.519107][T20691] loop4: detected capacity change from 0 to 512
[ 1502.590703][T20691] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1502.793830][T20691] EXT4-fs (loop4): 1 truncate cleaned up
[ 1502.837598][T20691] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 1503.234637][   T28] kauditd_printk_skb: 5 callbacks suppressed
[ 1503.235678][   T28] audit: type=1400 audit(2000004932.729:4436): avc:  denied  { getopt } for  pid=20687 comm="syz.4.3990" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 1503.275518][    T6] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1503.518350][    T6] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1503.527219][    T6] usb 2-1: SerialNumber: syz
[ 1503.537128][T20693] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1503.583115][T20693] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1503.590466][T20693] device bridge_slave_0 entered promiscuous mode
[ 1503.597367][T20693] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1503.604368][T20664] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1503.614481][T20693] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1503.628137][T20693] device bridge_slave_1 entered promiscuous mode
[ 1503.638234][    T6] cdc_ether: probe of 2-1:1.0 failed with error -22
[ 1503.673062][    T6] usb 2-1: USB disconnect, device number 46
[ 1503.714052][T20062] EXT4-fs (loop0): unmounting filesystem.
[ 1503.756881][T20080] EXT4-fs (loop4): unmounting filesystem.
[ 1503.881303][T20708] loop4: detected capacity change from 0 to 512
[ 1504.189973][T20713] loop1: detected capacity change from 0 to 1024
[ 1504.203627][T20708] EXT4-fs (loop4): Test dummy encryption mode enabled
[ 1504.345796][T20708] EXT4-fs error (device loop4): __ext4_iget:5046: inode #11: block 1: comm syz.4.3993: invalid block
[ 1504.356927][T17500] usb 3-1: new high-speed USB device number 65 using dummy_hcd
[ 1504.382508][T20713] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 1504.391188][T20713] ext4 filesystem being mounted at /75/file1 supports timestamps until 2038 (0x7fffffff)
[ 1504.610999][T20708] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.3993: couldn't read orphan inode 11 (err -117)
[ 1504.737959][T20708] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1504.793178][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1504.800837][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1505.089452][T15637] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1505.097980][T15637] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1505.106600][T18780] EXT4-fs (loop1): unmounting filesystem.
[ 1505.118119][T20721] loop0: detected capacity change from 0 to 512
[ 1505.135757][T15637] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1505.142667][T15637] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1505.157734][T17500] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1505.161288][T15637] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1505.177707][T17500] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1505.182772][T15637] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1505.188529][T20721] EXT4-fs error (device loop0): __ext4_iget:5046: inode #11: block 1: comm syz.0.3996: invalid block
[ 1505.201531][T15637] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1505.206389][T17500] usb 3-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[ 1505.212775][T15637] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1505.228879][T15637] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1505.250514][T15637] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1505.258432][T15637] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1505.266592][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1505.297291][T20080] EXT4-fs (loop4): unmounting filesystem.
[ 1505.304327][T20721] EXT4-fs (loop0): Remounting filesystem read-only
[ 1505.314452][T20721] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.3996: couldn't read orphan inode 11 (err -117)
[ 1505.326681][T20693] device veth0_vlan entered promiscuous mode
[ 1505.332860][T20721] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 1505.337964][T17500] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1505.368428][T17500] usb 3-1: config 0 descriptor??
[ 1505.488383][  T681] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1505.584889][  T681] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1505.619512][  T681] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1505.640685][  T681] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1505.728244][  T681] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1505.735589][  T681] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1505.802396][  T681] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1505.884829][T20734] loop4: detected capacity change from 0 to 16
[ 1505.895076][   T28] audit: type=1400 audit(2000004935.349:4437): avc:  denied  { bind } for  pid=20710 comm="syz.2.3994" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1505.917963][T20734] erofs: (device loop4): mounted with root inode @ nid 36.
[ 1505.955003][   T28] audit: type=1400 audit(2000004935.369:4438): avc:  denied  { read } for  pid=20710 comm="syz.2.3994" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1505.981983][  T681] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1506.003374][T20693] device veth1_macvtap entered promiscuous mode
[ 1506.046590][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1506.056312][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1506.101424][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1506.124195][T20739] loop1: detected capacity change from 0 to 512
[ 1506.139244][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1506.144785][T20739] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 1506.155621][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1506.193945][T20739] EXT4-fs (loop1): 1 truncate cleaned up
[ 1506.201141][  T496] device bridge_slave_1 left promiscuous mode
[ 1506.207812][  T496] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1506.213427][T20739] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 1506.226186][  T496] device bridge_slave_0 left promiscuous mode
[ 1506.251893][  T496] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1506.275127][  T496] device veth1_macvtap left promiscuous mode
[ 1506.631145][T17500] hid-led 0003:27B8:01ED.0011: hidraw0: USB HID v0.00 Device [HID 27b8:01ed] on usb-dummy_hcd.2-1/input0
[ 1506.655484][T17500] hid-led 0003:27B8:01ED.0011: ThingM blink(1) initialized
[ 1506.707702][T20745] loop3: detected capacity change from 0 to 512
[ 1506.719749][T20745] EXT4-fs (loop3): Test dummy encryption mode enabled
[ 1506.750406][T20745] EXT4-fs error (device loop3): __ext4_fill_super:5386: inode #2: comm syz.3.3989: casefold flag without casefold feature
[ 1506.784136][T20745] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[ 1506.796927][T20745] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1506.980676][T18780] EXT4-fs (loop1): unmounting filesystem.
[ 1507.241723][   T28] audit: type=1400 audit(2000004936.709:4439): avc:  denied  { read } for  pid=20750 comm="syz.1.4000" name="ptp0" dev="devtmpfs" ino=172 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[ 1507.352095][   T28] audit: type=1400 audit(2000004936.719:4440): avc:  denied  { open } for  pid=20750 comm="syz.1.4000" path="/dev/ptp0" dev="devtmpfs" ino=172 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[ 1507.381412][   T28] audit: type=1400 audit(2000004936.719:4441): avc:  denied  { ioctl } for  pid=20750 comm="syz.1.4000" path="/dev/ptp0" dev="devtmpfs" ino=172 ioctlcmd=0x3d12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[ 1508.008658][T20693] EXT4-fs (loop3): unmounting filesystem.
[ 1508.078377][T17500] usb 3-1: USB disconnect, device number 65
[ 1508.150268][T20761] loop3: detected capacity change from 0 to 512
[ 1508.181392][T20761] EXT4-fs error (device loop3): __ext4_iget:5046: inode #11: block 1: comm syz.3.4001: invalid block
[ 1508.193652][T20062] EXT4-fs (loop0): unmounting filesystem.
[ 1508.231252][T20761] EXT4-fs (loop3): Remounting filesystem read-only
[ 1508.470893][T20761] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.4001: couldn't read orphan inode 11 (err -117)
[ 1508.591429][T20766] loop1: detected capacity change from 0 to 40427
[ 1508.601363][T20761] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1508.614253][T20766] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[ 1508.621843][T20766] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 1508.630513][T20766] F2FS-fs (loop1): invalid crc value
[ 1508.737609][T20775] loop0: detected capacity change from 0 to 1024
[ 1508.841291][T20766] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1508.916088][T20775] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1508.924836][T20775] ext4 filesystem being mounted at /28/file1 supports timestamps until 2038 (0x7fffffff)
[ 1509.042466][T20766] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 1509.049576][T20766] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1509.337373][T20764] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4003'.
[ 1509.437684][   T60] usb 3-1: new high-speed USB device number 66 using dummy_hcd
[ 1509.492967][T20062] EXT4-fs (loop0): unmounting filesystem.
[ 1509.505110][T20781] loop4: detected capacity change from 0 to 1024
[ 1509.558085][T20781] EXT4-fs: Ignoring removed orlov option
[ 1509.568422][T20781] EXT4-fs (loop4): Test dummy encryption mode enabled
[ 1509.571212][   T43] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1509.615042][T20781] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 1509.622972][   T43] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1509.707851][   T60] usb 3-1: Using ep0 maxpacket: 8
[ 1509.775804][T20783] loop0: detected capacity change from 0 to 40427
[ 1509.787193][T20783] F2FS-fs (loop0): Invalid SB checksum offset: 0
[ 1509.807014][T20783] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 1509.923519][   T60] usb 3-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 0
[ 1510.095487][T20783] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[ 1510.177711][   T60] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1510.193781][   T60] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1510.216290][T20783] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[ 1510.221532][   T60] usb 3-1: SerialNumber: syz
[ 1510.226309][T20783] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 1510.297848][T20763] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1510.324914][   T60] cdc_ether: probe of 3-1:1.0 failed with error -22
[ 1510.375755][T20080] EXT4-fs (loop4): unmounting filesystem.
[ 1511.217446][   T19] usb 3-1: USB disconnect, device number 66
[ 1511.348288][T20805] loop1: detected capacity change from 0 to 2048
[ 1511.760924][T20808] loop4: detected capacity change from 0 to 1024
[ 1512.070425][T20808] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1512.079535][T20808] ext4 filesystem being mounted at /29/file1 supports timestamps until 2038 (0x7fffffff)
[ 1512.998100][T20805] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 1513.001238][T20080] EXT4-fs (loop4): unmounting filesystem.
[ 1513.012614][T20805] EXT4-fs (loop1): unmounting filesystem.
[ 1513.170956][T20693] EXT4-fs (loop3): unmounting filesystem.
[ 1513.326134][   T60] usb 1-1: new high-speed USB device number 63 using dummy_hcd
[ 1514.842793][T20834] EXT4-fs (sda1): resizing filesystem from 262144 to 262144 blocks
[ 1515.121435][T20825] loop4: detected capacity change from 0 to 40427
[ 1515.133143][T20825] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[ 1515.142879][T20825] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1515.155088][T20825] F2FS-fs (loop4): Unrecognized mount option "ÿÿÿÿÿÿÿÿ" or missing value
[ 1515.169390][T20846] loop1: detected capacity change from 0 to 1024
[ 1515.203819][T20846] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 1515.212203][T20846] ext4 filesystem being mounted at /82/file1 supports timestamps until 2038 (0x7fffffff)
[ 1515.224383][   T60] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1515.236004][   T60] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1515.248497][   T60] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1515.258235][   T60] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1515.266863][   T60] usb 1-1: config 0 descriptor??
[ 1515.436749][T20851] loop3: detected capacity change from 0 to 512
[ 1515.467514][T20851] EXT4-fs (loop3): failed to open journal device unknown-block(0,0) -6
[ 1515.478207][T20852] futex_wake_op: syz.4.4012 tries to shift op by 32; fix this program
[ 1515.511785][T20852] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=20852 comm=syz.4.4012
[ 1515.908649][T18780] EXT4-fs (loop1): unmounting filesystem.
[ 1516.280109][T20860] loop1: detected capacity change from 0 to 40427
[ 1516.367745][   T28] audit: type=1326 audit(2000004945.819:4442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20862 comm="syz.3.4024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9705b7dff9 code=0x7ffc0000
[ 1516.409784][   T60] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0012/input/input55
[ 1516.432607][   T28] audit: type=1326 audit(2000004945.819:4443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20862 comm="syz.3.4024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9705b7dff9 code=0x7ffc0000
[ 1516.457409][   T60] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0012/input/input56
[ 1516.459809][   T28] audit: type=1326 audit(2000004945.819:4444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20862 comm="syz.3.4024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9705b7dff9 code=0x7ffc0000
[ 1516.472958][T20860] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1516.492648][   T28] audit: type=1326 audit(2000004945.819:4445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20862 comm="syz.3.4024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9705b7dff9 code=0x7ffc0000
[ 1516.523004][   T60] input: HID 256c:006d Touch Strip as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0012/input/input57
[ 1516.557718][   T28] audit: type=1326 audit(2000004945.819:4446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20862 comm="syz.3.4024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9705b7dff9 code=0x7ffc0000
[ 1516.606585][   T60] input: HID 256c:006d Dial as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0012/input/input58
[ 1516.608133][T20860] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1516.627041][   T28] audit: type=1326 audit(2000004945.819:4447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20862 comm="syz.3.4024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9705b7dff9 code=0x7ffc0000
[ 1516.649026][   T60] uclogic 0003:256C:006D.0012: input,hiddev96,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.0-1/input0
[ 1516.651057][ T8878] usb 3-1: new high-speed USB device number 67 using dummy_hcd
[ 1516.682738][   T60] usb 1-1: USB disconnect, device number 63
[ 1516.784091][T20874] syz.4.4025[20874] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1516.784478][T20874] syz.4.4025[20874] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1516.892148][   T28] audit: type=1326 audit(2000004945.819:4448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20862 comm="syz.3.4024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9705b7dff9 code=0x7ffc0000
[ 1516.926866][   T28] audit: type=1326 audit(2000004945.819:4449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20862 comm="syz.3.4024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9705b7dff9 code=0x7ffc0000
[ 1516.953673][   T28] audit: type=1326 audit(2000004945.819:4450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20862 comm="syz.3.4024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f9705b7dff9 code=0x7ffc0000
[ 1516.977240][   T28] audit: type=1326 audit(2000004945.819:4451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20862 comm="syz.3.4024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9705b7dff9 code=0x7ffc0000
[ 1517.058814][T20877] loop3: detected capacity change from 0 to 1024
[ 1517.081208][T20877] SELinux: security_context_str_to_sid (root) failed with errno=-22
[ 1517.375058][ T8878] usb 3-1: Using ep0 maxpacket: 8
[ 1517.412583][T18780] syz-executor: attempt to access beyond end of device
[ 1517.412583][T18780] loop1: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[ 1517.441192][T18780] syz-executor: attempt to access beyond end of device
[ 1517.441192][T18780] loop1: rw=0, sector=45064, nr_sectors = 8 limit=40427
[ 1517.885806][T20886] loop4: detected capacity change from 0 to 1024
[ 1517.920452][  T496] kworker/u4:6: attempt to access beyond end of device
[ 1517.920452][  T496] loop1: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[ 1517.947788][ T8878] usb 3-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 0
[ 1517.991025][T20886] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1517.999454][T20886] ext4 filesystem being mounted at /32/file1 supports timestamps until 2038 (0x7fffffff)
[ 1518.870961][T20080] EXT4-fs (loop4): unmounting filesystem.
[ 1518.978329][T20904] loop3: detected capacity change from 0 to 512
[ 1519.038495][T20904] EXT4-fs error (device loop3): __ext4_iget:5046: inode #11: block 1: comm syz.3.4034: invalid block
[ 1519.068615][T20904] EXT4-fs (loop3): Remounting filesystem read-only
[ 1519.173743][T20907] loop0: detected capacity change from 0 to 512
[ 1519.181500][ T8878] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1519.242879][T20904] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.4034: couldn't read orphan inode 11 (err -117)
[ 1519.277718][ T8878] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1519.297035][T20907] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 1519.305992][T20907] ext4 filesystem being mounted at /32/file1 supports timestamps until 2038 (0x7fffffff)
[ 1519.427486][T20904] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1519.567557][T20913] loop4: detected capacity change from 0 to 1024
[ 1519.598163][T20913] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1519.606674][T20913] ext4 filesystem being mounted at /33/file1 supports timestamps until 2038 (0x7fffffff)
[ 1519.621272][ T8878] usb 3-1: can't set config #1, error -71
[ 1519.630492][ T8878] usb 3-1: USB disconnect, device number 67
[ 1519.826371][T20914] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1519.844030][T20914] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1520.337103][T20062] EXT4-fs (loop0): unmounting filesystem.
[ 1520.344501][T20080] EXT4-fs (loop4): unmounting filesystem.
[ 1520.380260][T20914] device bridge_slave_0 entered promiscuous mode
[ 1520.468240][T20933] loop4: detected capacity change from 0 to 512
[ 1520.498825][T20935] syz.2.4039[20935] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1520.499129][T20935] syz.2.4039[20935] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1520.579658][T20914] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1520.608666][T20914] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1520.610624][T20933] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1520.616098][T20914] device bridge_slave_1 entered promiscuous mode
[ 1520.636019][T20933] EXT4-fs (loop4): 1 truncate cleaned up
[ 1520.645144][T20933] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1520.659714][ T2503] device bridge_slave_1 left promiscuous mode
[ 1520.663073][T20938] loop0: detected capacity change from 0 to 1024
[ 1520.669891][ T2503] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1520.672410][T20938] SELinux: security_context_str_to_sid (root) failed with errno=-22
[ 1520.691315][ T2503] device bridge_slave_0 left promiscuous mode
[ 1520.772445][ T2503] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1520.784813][ T2503] device veth1_macvtap left promiscuous mode
[ 1521.423432][ T2503] device veth0_vlan left promiscuous mode
[ 1521.439602][T20080] EXT4-fs (loop4): unmounting filesystem.
[ 1521.791067][T20946] netlink: 2 bytes leftover after parsing attributes in process `syz.4.4045'.
[ 1521.856543][T20955] loop4: detected capacity change from 0 to 256
[ 1521.864652][T20956] loop0: detected capacity change from 0 to 512
[ 1521.886522][T20955] FAT-fs (loop4): Directory bread(block 64) failed
[ 1521.896992][T20955] FAT-fs (loop4): Directory bread(block 65) failed
[ 1521.911736][T20955] FAT-fs (loop4): Directory bread(block 66) failed
[ 1521.923973][T20955] FAT-fs (loop4): Directory bread(block 67) failed
[ 1521.933841][T20956] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #15: comm syz.0.4048: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0)
[ 1521.951750][T20955] FAT-fs (loop4): Directory bread(block 68) failed
[ 1521.958315][T20955] FAT-fs (loop4): Directory bread(block 69) failed
[ 1521.964683][T20955] FAT-fs (loop4): Directory bread(block 70) failed
[ 1521.971147][T20955] FAT-fs (loop4): Directory bread(block 71) failed
[ 1521.977523][T20955] FAT-fs (loop4): Directory bread(block 72) failed
[ 1521.988183][ T1988] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1521.998653][ T1988] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1522.015700][T20955] FAT-fs (loop4): Directory bread(block 73) failed
[ 1522.023044][T20693] EXT4-fs (loop3): unmounting filesystem.
[ 1522.053004][ T1988] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1522.067531][T20956] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.4048: couldn't read orphan inode 15 (err -117)
[ 1522.090029][ T1988] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1522.118123][ T1988] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1522.125025][ T1988] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1522.137778][ T1988] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1522.145925][T20956] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1522.223611][T20963] loop3: detected capacity change from 0 to 512
[ 1522.288013][T20956] ext4 filesystem being mounted at /35/file0 supports timestamps until 2038 (0x7fffffff)
[ 1522.384676][T20963] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1522.393863][T20963] ext4 filesystem being mounted at /12/file1 supports timestamps until 2038 (0x7fffffff)
[ 1522.456653][ T1988] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1522.475455][ T1988] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1522.482356][ T1988] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1522.497756][ T1988] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1522.515852][ T1988] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1522.529118][ T1988] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1522.545052][ T8878] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1522.561536][ T8878] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1522.575765][ T8878] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1522.577999][T20968] loop4: detected capacity change from 0 to 256
[ 1522.595016][ T8878] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1522.609069][T20914] device veth0_vlan entered promiscuous mode
[ 1522.626197][T20914] device veth1_macvtap entered promiscuous mode
[ 1522.662446][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1522.671696][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1522.688185][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1522.797819][ T1988] usb 1-1: new full-speed USB device number 64 using dummy_hcd
[ 1523.037728][T17500] usb 5-1: new high-speed USB device number 60 using dummy_hcd
[ 1523.058296][T20693] EXT4-fs (loop3): unmounting filesystem.
[ 1523.247682][ T1988] usb 1-1: config 0 has an invalid descriptor of length 232, skipping remainder of the config
[ 1523.257874][  T681] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[ 1523.273670][ T1988] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1523.303655][ T1988] usb 1-1: New USB device found, idVendor=17ef, idProduct=6085, bcdDevice= 0.00
[ 1523.397312][T17500] usb 5-1: Using ep0 maxpacket: 16
[ 1523.436365][ T1988] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1523.490005][ T1988] usb 1-1: config 0 descriptor??
[ 1523.537671][ T8878] usb 4-1: new high-speed USB device number 50 using dummy_hcd
[ 1523.667727][  T681] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1523.687669][  T681] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1523.696521][  T681] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1523.704430][T17500] usb 5-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90
[ 1523.713889][  T681] usb 2-1: config 0 descriptor??
[ 1523.718771][T17500] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1523.726566][T17500] usb 5-1: Product: syz
[ 1523.730613][T17500] usb 5-1: Manufacturer: syz
[ 1523.735023][T17500] usb 5-1: SerialNumber: syz
[ 1523.740116][T17500] usb 5-1: config 0 descriptor??
[ 1523.778147][T17500] ums-onetouch 5-1:0.0: USB Mass Storage device detected
[ 1523.787663][ T8878] usb 4-1: Using ep0 maxpacket: 16
[ 1523.917735][ T8878] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[ 1523.933835][ T8878] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1523.949957][ T8878] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1524.137730][ T8878] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1524.148720][ T8878] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1524.162696][ T8878] usb 4-1: Product: syz
[ 1524.169766][ T8878] usb 4-1: Manufacturer: syz
[ 1524.177030][ T8878] usb 4-1: SerialNumber: syz
[ 1524.532852][   T28] kauditd_printk_skb: 21 callbacks suppressed
[ 1524.532877][   T28] audit: type=1400 audit(2000004954.029:4473): avc:  denied  { watch } for  pid=20953 comm="syz.0.4048" path="/35/file0/file0" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[ 1524.607886][ T8878] usb 4-1: 2:1 : UAC_AS_GENERAL descriptor not found
[ 1524.632331][ T8878] usb 4-1: USB disconnect, device number 50
[ 1525.050320][T20994] loop3: detected capacity change from 0 to 512
[ 1525.065802][T20994] EXT4-fs (loop3): Test dummy encryption mode enabled
[ 1525.083936][T20994] EXT4-fs error (device loop3): __ext4_iget:5046: inode #11: block 1: comm syz.3.4057: invalid block
[ 1525.102306][T20994] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.4057: couldn't read orphan inode 11 (err -117)
[ 1525.128318][T20994] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1525.390568][T20998] fuse: Unknown parameter 'ro›ò^ù�\ÉotmoY¹ú!šäer-�8®de'
[ 1525.589507][   T60] usb 5-1: USB disconnect, device number 60
[ 1525.609940][ T8878] usb 1-1: USB disconnect, device number 64
[ 1525.624910][T20062] EXT4-fs (loop0): unmounting filesystem.
[ 1525.630234][T21001] loop4: detected capacity change from 0 to 1024
[ 1525.705479][T21001] SELinux: security_context_str_to_sid (root) failed with errno=-22
[ 1525.759002][T20746] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1526.458463][T21004] tipc: Started in network mode
[ 1526.463170][T21004] tipc: Node identity ac14140f, cluster identity 4711
[ 1526.469900][T21004] tipc: New replicast peer: 255.255.255.255
[ 1526.475839][T21004] tipc: Enabled bearer <udp:syz2>, priority 10
[ 1526.521226][T20693] EXT4-fs (loop3): unmounting filesystem.
[ 1526.562515][T21008] loop1: detected capacity change from 0 to 512
[ 1526.577881][  T681] usbhid 2-1:0.0: can't add hid device: -71
[ 1526.583831][  T681] usbhid: probe of 2-1:0.0 failed with error -71
[ 1526.696387][  T681] usb 2-1: USB disconnect, device number 47
[ 1526.853488][   T28] audit: type=1326 audit(2000004956.349:4474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21012 comm="syz.0.4062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3b977dff9 code=0x7ffc0000
[ 1526.884421][T21016] loop3: detected capacity change from 0 to 512
[ 1526.909942][T21022] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4064'.
[ 1526.916033][   T28] audit: type=1326 audit(2000004956.349:4475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21012 comm="syz.0.4062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3b977dff9 code=0x7ffc0000
[ 1526.920175][T21008] EXT4-fs error (device loop1): __ext4_iget:5046: inode #11: block 1: comm syz.1.4061: invalid block
[ 1526.942826][   T28] audit: type=1326 audit(2000004956.349:4476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21012 comm="syz.0.4062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff3b977dff9 code=0x7ffc0000
[ 1526.954689][T21016] EXT4-fs error (device loop3): __ext4_iget:5046: inode #11: block 1: comm syz.3.4060: invalid block
[ 1526.986901][   T28] audit: type=1326 audit(2000004956.349:4477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21012 comm="syz.0.4062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3b977dff9 code=0x7ffc0000
[ 1527.202658][   T28] audit: type=1326 audit(2000004956.349:4478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21012 comm="syz.0.4062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3b977dff9 code=0x7ffc0000
[ 1527.226056][T21016] EXT4-fs (loop3): Remounting filesystem read-only
[ 1527.236390][T21008] EXT4-fs (loop1): Remounting filesystem read-only
[ 1527.255428][T21016] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.4060: couldn't read orphan inode 11 (err -117)
[ 1527.267378][T21008] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.4061: couldn't read orphan inode 11 (err -117)
[ 1527.291133][T21028] loop4: detected capacity change from 0 to 512
[ 1527.297927][T21016] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1527.303884][T21028] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1527.310820][T21008] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1527.316884][   T28] audit: type=1326 audit(2000004956.379:4479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21012 comm="syz.0.4062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7ff3b977dff9 code=0x7ffc0000
[ 1527.363292][T21028] EXT4-fs (loop4): 1 truncate cleaned up
[ 1527.372943][T21028] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1527.387451][   T28] audit: type=1326 audit(2000004956.379:4480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21012 comm="syz.0.4062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3b977dff9 code=0x7ffc0000
[ 1527.411172][   T28] audit: type=1326 audit(2000004956.379:4481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21012 comm="syz.0.4062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3b977dff9 code=0x7ffc0000
[ 1527.434700][   T28] audit: type=1326 audit(2000004956.379:4482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21012 comm="syz.0.4062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7ff3b977dff9 code=0x7ffc0000
[ 1529.539342][   T28] kauditd_printk_skb: 21 callbacks suppressed
[ 1529.539361][   T28] audit: type=1326 audit(2000004958.909:4504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21012 comm="syz.0.4062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3b977dff9 code=0x7ffc0000
[ 1529.554765][    T6] tipc: Node number set to 2886997007
[ 1529.578668][T20080] EXT4-fs (loop4): unmounting filesystem.
[ 1529.604164][T21042] loop0: detected capacity change from 0 to 512
[ 1529.612017][T21044] loop4: detected capacity change from 0 to 512
[ 1529.629115][T21044] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1529.650406][T21042] EXT4-fs error (device loop0): __ext4_iget:5046: inode #11: block 1: comm syz.0.4067: invalid block
[ 1529.657730][   T28] audit: type=1326 audit(2000004958.909:4505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21012 comm="syz.0.4062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3b977dff9 code=0x7ffc0000
[ 1529.684649][T21042] EXT4-fs (loop0): Remounting filesystem read-only
[ 1529.693205][T21042] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.4067: couldn't read orphan inode 11 (err -117)
[ 1529.708286][T21044] EXT4-fs (loop4): 1 truncate cleaned up
[ 1529.718887][T21044] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1529.729316][T21042] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 1530.491388][T20080] EXT4-fs (loop4): unmounting filesystem.
[ 1530.851931][T20914] EXT4-fs (loop1): unmounting filesystem.
[ 1530.884705][T20693] EXT4-fs (loop3): unmounting filesystem.
[ 1531.092521][T21060] loop4: detected capacity change from 0 to 256
[ 1531.270730][T21060] FAT-fs (loop4): Directory bread(block 64) failed
[ 1531.365884][T21060] FAT-fs (loop4): Directory bread(block 65) failed
[ 1531.375279][   T28] audit: type=1400 audit(2000004960.869:4506): avc:  denied  { getopt } for  pid=21064 comm="syz.1.4073" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1531.376410][T21060] FAT-fs (loop4): Directory bread(block 66) failed
[ 1531.404382][T21060] FAT-fs (loop4): Directory bread(block 67) failed
[ 1531.415905][T21060] FAT-fs (loop4): Directory bread(block 68) failed
[ 1531.423343][T21060] FAT-fs (loop4): Directory bread(block 69) failed
[ 1531.634802][T21060] FAT-fs (loop4): Directory bread(block 70) failed
[ 1531.738185][T21077] netlink: 288 bytes leftover after parsing attributes in process `syz.3.4078'.
[ 1531.766116][T21060] FAT-fs (loop4): Directory bread(block 71) failed
[ 1531.789839][T21060] FAT-fs (loop4): Directory bread(block 72) failed
[ 1531.798279][T21060] FAT-fs (loop4): Directory bread(block 73) failed
[ 1531.967796][T21073] kvm: pic: non byte read
[ 1532.005805][T21073] kvm: pic: non byte read
[ 1532.010217][T21073] kvm: pic: non byte read
[ 1532.014528][T21073] kvm: pic: level sensitive irq not supported
[ 1532.014580][T21073] kvm: pic: non byte read
[ 1532.028994][T21073] kvm: pic: non byte read
[ 1532.033373][T21073] kvm: pic: non byte read
[ 1532.209198][T21090] netlink: 64 bytes leftover after parsing attributes in process `syz.3.4079'.
[ 1532.593586][T21092] loop1: detected capacity change from 0 to 512
[ 1532.628634][T20062] EXT4-fs (loop0): unmounting filesystem.
[ 1532.638700][   T28] audit: type=1326 audit(2000004962.139:4507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21093 comm="syz.2.4082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f494ef7dff9 code=0x7ffc0000
[ 1532.688544][   T28] audit: type=1326 audit(2000004962.139:4508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21093 comm="syz.2.4082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f494ef7dff9 code=0x7ffc0000
[ 1532.739020][T21092] EXT4-fs (loop1): orphan cleanup on readonly fs
[ 1532.739766][   T28] audit: type=1326 audit(2000004962.139:4509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21093 comm="syz.2.4082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f494ef7dff9 code=0x7ffc0000
[ 1532.745868][T21092] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.4083: bg 0: block 248: padding at end of block bitmap is not set
[ 1532.782198][   T28] audit: type=1326 audit(2000004962.139:4510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21093 comm="syz.2.4082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f494ef7dff9 code=0x7ffc0000
[ 1532.834268][   T28] audit: type=1326 audit(2000004962.139:4511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21093 comm="syz.2.4082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f494ef7dff9 code=0x7ffc0000
[ 1532.891803][   T28] audit: type=1326 audit(2000004962.139:4512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21093 comm="syz.2.4082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f494ef7dff9 code=0x7ffc0000
[ 1532.919892][T21092] Quota error (device loop1): write_blk: dquota write failed
[ 1532.963271][T21092] EXT4-fs error (device loop1): ext4_acquire_dquot:6764: comm syz.1.4083: Failed to acquire dquot type 1
[ 1532.985507][T21092] EXT4-fs (loop1): 1 truncate cleaned up
[ 1533.000166][T21092] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1533.009168][T17500] usb 5-1: new high-speed USB device number 61 using dummy_hcd
[ 1533.079548][T20914] EXT4-fs (loop1): unmounting filesystem.
[ 1533.247653][T17500] usb 5-1: Using ep0 maxpacket: 8
[ 1533.367735][T17500] usb 5-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 0
[ 1533.416951][T21132] loop1: detected capacity change from 0 to 512
[ 1533.432983][T21132] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 1533.462222][T21132] EXT4-fs (loop1): 1 truncate cleaned up
[ 1533.468075][T17500] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1533.487108][T17500] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1533.495366][T21132] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 1533.503836][T17500] usb 5-1: SerialNumber: syz
[ 1533.527731][T21087] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1533.660936][T17500] cdc_ether: probe of 5-1:1.0 failed with error -22
[ 1533.686165][T20914] EXT4-fs (loop1): unmounting filesystem.
[ 1533.741501][T21138] loop0: detected capacity change from 0 to 1024
[ 1533.748381][   T60] usb 3-1: new high-speed USB device number 68 using dummy_hcd
[ 1533.828539][T21138] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1533.836872][T21138] ext4 filesystem being mounted at /40/file1 supports timestamps until 2038 (0x7fffffff)
[ 1533.840923][ T4694] usb 5-1: USB disconnect, device number 61
[ 1533.869575][T21146] loop1: detected capacity change from 0 to 1024
[ 1533.877712][ T1988] usb 4-1: new high-speed USB device number 51 using dummy_hcd
[ 1533.907447][T21146] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 1533.915800][T21146] ext4 filesystem being mounted at /14/file1 supports timestamps until 2038 (0x7fffffff)
[ 1534.117652][ T1988] usb 4-1: Using ep0 maxpacket: 8
[ 1534.167763][   T60] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1534.183403][   T60] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1534.197741][   T60] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1534.208298][   T60] usb 3-1: config 0 descriptor??
[ 1534.237714][ T1988] usb 4-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 0
[ 1534.337721][ T1988] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1534.346600][ T1988] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1534.364537][ T1988] usb 4-1: SerialNumber: syz
[ 1534.387765][T21117] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[ 1534.408145][ T1988] cdc_ether: probe of 4-1:1.0 failed with error -22
[ 1534.439670][T21153] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4101'.
[ 1534.449687][T20062] EXT4-fs (loop0): unmounting filesystem.
[ 1534.473404][T21155] netlink: 'syz.4.4103': attribute type 2 has an invalid length.
[ 1534.621920][T20914] EXT4-fs (loop1): unmounting filesystem.
[ 1534.624935][ T1988] usb 4-1: USB disconnect, device number 51
[ 1534.627596][   T28] kauditd_printk_skb: 55 callbacks suppressed
[ 1534.627635][   T28] audit: type=1326 audit(2000004964.119:4567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21116 comm="syz.3.4092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9705b7dff9 code=0x7ffc0000
[ 1534.687989][   T28] audit: type=1326 audit(2000004964.119:4568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21116 comm="syz.3.4092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f9705b7dff9 code=0x7ffc0000
[ 1534.745116][   T28] audit: type=1326 audit(2000004964.119:4569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21116 comm="syz.3.4092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9705b7dff9 code=0x7ffc0000
[ 1534.816821][   T28] audit: type=1326 audit(2000004964.119:4570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21116 comm="syz.3.4092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=310 compat=0 ip=0x7f9705b7dff9 code=0x7ffc0000
[ 1535.305215][   T28] audit: type=1326 audit(2000004964.119:4571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21116 comm="syz.3.4092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9705b7dff9 code=0x7ffc0000
[ 1535.328847][   T28] audit: type=1326 audit(2000004964.119:4572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21116 comm="syz.3.4092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9705b7dff9 code=0x7ffc0000
[ 1535.352846][   T28] audit: type=1326 audit(2000004964.119:4573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21116 comm="syz.3.4092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9705b7dff9 code=0x7ffc0000
[ 1535.382558][   T28] audit: type=1326 audit(2000004964.119:4574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21116 comm="syz.3.4092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9705b7dff9 code=0x7ffc0000
[ 1535.408426][   T28] audit: type=1326 audit(2000004964.119:4575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21116 comm="syz.3.4092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9705b7dff9 code=0x7ffc0000
[ 1535.433682][   T28] audit: type=1326 audit(2000004964.129:4576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21116 comm="syz.3.4092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9705b7dff9 code=0x7ffc0000
[ 1535.578887][T21180] kvm: pic: non byte read
[ 1535.593117][T21180] kvm: pic: level sensitive irq not supported
[ 1535.593172][T21180] kvm: pic: non byte read
[ 1535.626488][T21180] kvm: pic: non byte read
[ 1535.636067][T21180] kvm: pic: non byte read
[ 1535.651953][T21180] kvm: pic: level sensitive irq not supported
[ 1535.663024][T21194] loop4: detected capacity change from 0 to 1024
[ 1535.724075][T21194] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1535.732582][T21194] ext4 filesystem being mounted at /52/file1 supports timestamps until 2038 (0x7fffffff)
[ 1535.844201][T21205] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4120'.
[ 1536.073742][T21211] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4124'.
[ 1536.241122][T21228] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4131'.
[ 1536.329656][T21233] kvm: pic: level sensitive irq not supported
[ 1536.332352][T21233] kvm: pic: level sensitive irq not supported
[ 1536.364193][T20080] EXT4-fs (loop4): unmounting filesystem.
[ 1536.487748][   T60] usbhid 3-1:0.0: can't add hid device: -71
[ 1536.493613][   T60] usbhid: probe of 3-1:0.0 failed with error -71
[ 1536.508318][T21265] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4148'.
[ 1536.526571][   T60] usb 3-1: USB disconnect, device number 68
[ 1536.739921][T21280] loop0: detected capacity change from 0 to 1024
[ 1537.218104][T21285] syz.1.4151[21285] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1537.218406][T21285] syz.1.4151[21285] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1537.319507][T21280] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1537.339030][T21280] ext4 filesystem being mounted at /58/file1 supports timestamps until 2038 (0x7fffffff)
[ 1537.387676][ T8878] usb 5-1: new high-speed USB device number 62 using dummy_hcd
[ 1538.350282][ T1747] usb 4-1: new high-speed USB device number 52 using dummy_hcd
[ 1538.381291][T20062] EXT4-fs (loop0): unmounting filesystem.
[ 1538.388235][T21293] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4156'.
[ 1538.447700][ T8878] usb 5-1: Using ep0 maxpacket: 8
[ 1538.482351][T21305] loop1: detected capacity change from 0 to 256
[ 1538.507158][T21305] FAT-fs (loop1): Directory bread(block 64) failed
[ 1538.517860][T21305] FAT-fs (loop1): Directory bread(block 65) failed
[ 1538.527934][T21305] FAT-fs (loop1): Directory bread(block 66) failed
[ 1538.534264][T21305] FAT-fs (loop1): Directory bread(block 67) failed
[ 1538.547761][T21305] FAT-fs (loop1): Directory bread(block 68) failed
[ 1538.558045][T21305] FAT-fs (loop1): Directory bread(block 69) failed
[ 1538.571655][T21305] FAT-fs (loop1): Directory bread(block 70) failed
[ 1538.578683][ T8878] usb 5-1: config 135 has an invalid interface number: 230 but max is 0
[ 1538.587203][ T8878] usb 5-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config
[ 1538.605440][ T8878] usb 5-1: config 135 has no interface number 0
[ 1538.745861][T21305] FAT-fs (loop1): Directory bread(block 71) failed
[ 1538.788553][ T8878] usb 5-1: too many endpoints for config 135 interface 230 altsetting 126: 53, using maximum allowed: 30
[ 1538.817970][T21305] FAT-fs (loop1): Directory bread(block 72) failed
[ 1538.839051][T21305] FAT-fs (loop1): Directory bread(block 73) failed
[ 1538.859926][ T8878] usb 5-1: config 135 interface 230 altsetting 126 has 0 endpoint descriptors, different from the interface descriptor's value: 53
[ 1538.886745][ T8878] usb 5-1: config 135 interface 230 has no altsetting 0
[ 1538.987683][ T1747] usb 4-1: config index 0 descriptor too short (expected 10770, got 27)
[ 1538.995857][ T1747] usb 4-1: config 48 has too many interfaces: 93, using maximum allowed: 32
[ 1539.010807][ T1747] usb 4-1: config 48 has an invalid descriptor of length 0, skipping remainder of the config
[ 1539.027641][ T1747] usb 4-1: config 48 has 0 interfaces, different from the descriptor's value: 93
[ 1539.067745][   T19] usb 1-1: new high-speed USB device number 65 using dummy_hcd
[ 1539.087778][ T8878] usb 5-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[ 1539.098736][ T8878] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1539.110641][ T8878] usb 5-1: Product: syz
[ 1539.116679][ T8878] usb 5-1: Manufacturer: syz
[ 1539.124266][ T8878] usb 5-1: SerialNumber: syz
[ 1539.187694][ T1747] usb 4-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99
[ 1539.196561][ T1747] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1539.217664][ T1747] usb 4-1: Product: syz
[ 1539.221651][ T1747] usb 4-1: Manufacturer: syz
[ 1539.226077][ T1747] usb 4-1: SerialNumber: syz
[ 1539.387727][ T8878] usb 5-1: Found UVC 0.00 device syz (18ec:3288)
[ 1539.397661][ T8878] usb 5-1: No valid video chain found.
[ 1539.467726][   T19] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1539.487679][   T19] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1539.496582][   T19] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1539.506878][   T19] usb 1-1: config 0 descriptor??
[ 1539.514236][ T1747] usb 4-1: USB disconnect, device number 52
[ 1539.588885][ T8878] usb 5-1: USB disconnect, device number 62
[ 1540.449902][T21327] loop3: detected capacity change from 0 to 512
[ 1540.458715][T21325] binder: 21320:21325 ioctl 4018620d 0 returned -22
[ 1540.469105][T21325] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=21325 comm=syz.4.4163
[ 1540.490659][T21327] EXT4-fs (loop3): orphan cleanup on readonly fs
[ 1540.555270][T21329] loop1: detected capacity change from 0 to 1024
[ 1540.660919][T21327] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.4161: bg 0: block 248: padding at end of block bitmap is not set
[ 1540.696284][T21325] loop4: detected capacity change from 0 to 1024
[ 1540.707142][T21329] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 1540.715533][T21329] ext4 filesystem being mounted at /36/file1 supports timestamps until 2038 (0x7fffffff)
[ 1540.735701][T21327] __quota_error: 51 callbacks suppressed
[ 1540.735717][T21327] Quota error (device loop3): write_blk: dquota write failed
[ 1540.756582][T21325] EXT4-fs: Ignoring removed orlov option
[ 1540.769449][T21325] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1540.776023][T21327] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[ 1540.817592][T21327] EXT4-fs error (device loop3): ext4_acquire_dquot:6764: comm syz.3.4161: Failed to acquire dquot type 1
[ 1540.868230][T21327] EXT4-fs (loop3): 1 truncate cleaned up
[ 1540.891555][T21325] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1540.992728][T20080] EXT4-fs (loop4): unmounting filesystem.
[ 1541.061332][T21327] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1541.179550][T20693] EXT4-fs (loop3): unmounting filesystem.
[ 1541.260073][T21339] loop4: detected capacity change from 0 to 1024
[ 1541.269088][T20914] EXT4-fs (loop1): unmounting filesystem.
[ 1541.298532][T21339] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1541.306902][T21339] ext4 filesystem being mounted at /57/file1 supports timestamps until 2038 (0x7fffffff)
[ 1541.507408][T21347] netlink: 36 bytes leftover after parsing attributes in process `syz.3.4170'.
[ 1541.717734][   T19] usbhid 1-1:0.0: can't add hid device: -71
[ 1541.723620][   T19] usbhid: probe of 1-1:0.0 failed with error -71
[ 1541.746303][   T19] usb 1-1: USB disconnect, device number 65
[ 1541.769585][T21366] loop1: detected capacity change from 0 to 128
[ 1541.852037][T21367] loop0: detected capacity change from 0 to 1024
[ 1542.749259][T20080] EXT4-fs (loop4): unmounting filesystem.
[ 1542.968178][T21376] loop1: detected capacity change from 0 to 1024
[ 1543.019035][T21367] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1543.027346][T21367] ext4 filesystem being mounted at /64/file1 supports timestamps until 2038 (0x7fffffff)
[ 1543.072035][T21376] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 1543.080578][T21376] ext4 filesystem being mounted at /39/file1 supports timestamps until 2038 (0x7fffffff)
[ 1543.134757][T21380] loop4: detected capacity change from 0 to 512
[ 1543.187060][T20062] EXT4-fs (loop0): unmounting filesystem.
[ 1543.218307][T21380] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1543.279822][T21380] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 1543.296872][T21380] ext4 filesystem being mounted at /58/file0 supports timestamps until 2038 (0x7fffffff)
[ 1543.405132][T21364] loop3: detected capacity change from 0 to 40427
[ 1543.434853][T21390] loop0: detected capacity change from 0 to 128
[ 1543.446525][T20080] EXT4-fs (loop4): unmounting filesystem.
[ 1543.471920][T21364] F2FS-fs (loop3): Invalid SB checksum offset: 0
[ 1543.504104][T21364] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[ 1543.721385][T20914] EXT4-fs (loop1): unmounting filesystem.
[ 1543.729041][T21364] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[ 1543.767340][   T28] audit: type=1326 audit(2000004973.259:4628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21397 comm="syz.4.4187" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fea5df7dff9 code=0x0
[ 1543.922077][T21364] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0
[ 1543.949941][T21364] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1544.648811][   T28] audit: type=1400 audit(2000004974.149:4629): avc:  denied  { bind } for  pid=21423 comm="syz.4.4193" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1544.693491][   T28] audit: type=1400 audit(2000004974.149:4630): avc:  denied  { node_bind } for  pid=21423 comm="syz.4.4193" saddr=fe88::5 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[ 1544.703168][T21426] netlink: 32 bytes leftover after parsing attributes in process `syz.4.4194'.
[ 1544.782575][T21428] loop1: detected capacity change from 0 to 512
[ 1544.898379][T21428] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1544.909665][T21439] netlink: 48 bytes leftover after parsing attributes in process `syz.0.4197'.
[ 1544.922467][T21428] ext4 filesystem being mounted at /43/file1 supports timestamps until 2038 (0x7fffffff)
[ 1544.989243][T21440] loop4: detected capacity change from 0 to 1024
[ 1545.066173][T20914] EXT4-fs (loop1): unmounting filesystem.
[ 1545.155583][T21448] loop0: detected capacity change from 0 to 1024
[ 1545.162645][T21440] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1545.171451][T21440] ext4 filesystem being mounted at /62/file1 supports timestamps until 2038 (0x7fffffff)
[ 1545.418399][T21455] loop3: detected capacity change from 0 to 1024
[ 1545.452442][T21455] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1545.460780][T21455] ext4 filesystem being mounted at /46/file1 supports timestamps until 2038 (0x7fffffff)
[ 1545.554933][T21448] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1545.837423][T21460] loop1: detected capacity change from 0 to 512
[ 1545.857717][T20080] EXT4-fs (loop4): unmounting filesystem.
[ 1545.994930][T21460] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1546.004206][T21460] ext4 filesystem being mounted at /44/file1 supports timestamps until 2038 (0x7fffffff)
[ 1546.135168][T20693] EXT4-fs (loop3): unmounting filesystem.
[ 1546.156277][T20062] EXT4-fs (loop0): unmounting filesystem.
[ 1546.177773][T21467] random: crng reseeded on system resumption
[ 1546.210468][   T28] audit: type=1326 audit(2000004975.709:4631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21470 comm="syz.3.4204" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9705b7dff9 code=0x0
[ 1546.243562][T21473] binder: 21468:21473 ioctl 4018620d 0 returned -22
[ 1546.269431][T20914] EXT4-fs (loop1): unmounting filesystem.
[ 1546.273965][T21473] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=21473 comm=syz.0.4203
[ 1546.315711][T21473] loop0: detected capacity change from 0 to 1024
[ 1546.342218][T21473] EXT4-fs: Ignoring removed orlov option
[ 1546.355403][T21473] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1546.423488][T21473] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1547.007328][T21492] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4210'.
[ 1547.259822][T20062] EXT4-fs (loop0): unmounting filesystem.
[ 1547.377099][T21500] loop0: detected capacity change from 0 to 128
[ 1547.390648][T21503] loop1: detected capacity change from 0 to 512
[ 1547.438572][T21500] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1547.454072][T21505] loop3: detected capacity change from 0 to 1024
[ 1547.527854][T21500] ext4 filesystem being mounted at /70/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[ 1547.592926][T21503] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1547.611618][T21503] ext4 filesystem being mounted at /48/file0 supports timestamps until 2038 (0x7fffffff)
[ 1547.682287][   T28] audit: type=1400 audit(2000004977.179:4632): avc:  denied  { rename } for  pid=21502 comm="syz.1.4215" name="file0" dev="loop1" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[ 1547.705794][T21503] EXT4-fs error (device loop1): ext4_validate_block_bitmap:429: comm syz.1.4215: bg 0: block 18: invalid block bitmap
[ 1547.728481][T21505] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1547.736812][T21505] ext4 filesystem being mounted at /48/file1 supports timestamps until 2038 (0x7fffffff)
[ 1547.888175][T21503] Quota error (device loop1): write_blk: dquota write failed
[ 1547.901690][T21503] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[ 1547.924913][T21503] EXT4-fs error (device loop1): ext4_acquire_dquot:6764: comm syz.1.4215: Failed to acquire dquot type 1
[ 1547.940880][T21494] loop4: detected capacity change from 0 to 40427
[ 1547.991554][T21494] F2FS-fs (loop4): invalid crc value
[ 1548.001383][T21512] overlayfs: missing 'lowerdir'
[ 1548.096306][T21494] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1548.235009][T20693] EXT4-fs (loop3): unmounting filesystem.
[ 1548.244159][T20062] EXT4-fs (loop0): unmounting filesystem.
[ 1548.250988][T20914] EXT4-fs (loop1): unmounting filesystem.
[ 1548.298572][ T1988] usb 3-1: new high-speed USB device number 69 using dummy_hcd
[ 1548.308710][T21494] F2FS-fs (loop4): Start checkpoint disabled!
[ 1548.317695][T21494] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[ 1548.319763][T21521] tipc: Started in network mode
[ 1548.352608][T21521] tipc: Node identity 3a000000000000000000000000000001, cluster identity 4711
[ 1548.361387][   T28] audit: type=1400 audit(2000004977.849:4633): avc:  denied  { nlmsg_read } for  pid=21522 comm="syz.1.4219" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1548.400734][T21521] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[ 1548.417254][   T43] kworker/u4:2: attempt to access beyond end of device
[ 1548.417254][   T43] loop4: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[ 1548.440112][   T43] kworker/u4:2: attempt to access beyond end of device
[ 1548.440112][   T43] loop4: rw=2049, sector=41000, nr_sectors = 8 limit=40427
[ 1548.519962][T21531] loop3: detected capacity change from 0 to 1024
[ 1548.592313][T21531] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1548.600693][T21531] ext4 filesystem being mounted at /50/file1 supports timestamps until 2038 (0x7fffffff)
[ 1548.610568][   T28] audit: type=1326 audit(2000004978.089:4634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21538 comm="syz.0.4225" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff3b977dff9 code=0x0
[ 1548.657656][ T1988] usb 3-1: Using ep0 maxpacket: 8
[ 1548.675097][T20693] EXT4-fs (loop3): unmounting filesystem.
[ 1548.733422][T21543] netlink: 'syz.3.4226': attribute type 2 has an invalid length.
[ 1548.777688][ T1988] usb 3-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 0
[ 1548.798779][T21548] xt_hashlimit: size too large, truncated to 1048576
[ 1548.867708][T21527] loop1: detected capacity change from 0 to 40427
[ 1548.894248][T21550] loop4: detected capacity change from 0 to 1024
[ 1548.917733][ T1988] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1548.926787][ T1988] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1548.927735][T21527] F2FS-fs (loop1): Wrong SSA boundary, start(3584) end(4096) blocks(0)
[ 1548.934942][ T1988] usb 3-1: SerialNumber: syz
[ 1548.948734][T21550] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1548.957034][T21550] ext4 filesystem being mounted at /67/file1 supports timestamps until 2038 (0x7fffffff)
[ 1548.966753][T21527] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[ 1548.989481][T21527] F2FS-fs (loop1): invalid crc_offset: 5705724
[ 1549.031395][T20080] EXT4-fs (loop4): unmounting filesystem.
[ 1549.048475][T21527] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1549.074118][T21557] loop4: detected capacity change from 0 to 512
[ 1549.080446][T21496] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1549.098140][ T1988] cdc_ether: probe of 3-1:1.0 failed with error -22
[ 1549.110962][T21557] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1549.139037][T21527] F2FS-fs (loop1): Try to recover 2th superblock, ret: -30
[ 1549.153537][T21557] EXT4-fs (loop4): 1 truncate cleaned up
[ 1549.154762][T21527] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1549.166739][T21557] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1549.625763][   T28] audit: type=1326 audit(2000004979.099:4635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21495 comm="syz.2.4212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f494ef7dff9 code=0x7ffc0000
[ 1549.659016][ T1988] usb 3-1: USB disconnect, device number 69
[ 1549.747657][   T28] audit: type=1326 audit(2000004979.149:4636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21495 comm="syz.2.4212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f494ef7dff9 code=0x7ffc0000
[ 1549.807868][   T28] audit: type=1326 audit(2000004979.159:4637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21495 comm="syz.2.4212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f494ef7dff9 code=0x7ffc0000
[ 1549.848073][T21567] loop3: detected capacity change from 0 to 128
[ 1549.869920][   T28] audit: type=1326 audit(2000004979.159:4638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21495 comm="syz.2.4212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f494ef7dff9 code=0x7ffc0000
[ 1549.912894][T21567] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1549.926725][T21574] loop1: detected capacity change from 0 to 512
[ 1549.992548][T21567] ext4 filesystem being mounted at /53/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[ 1550.059389][T21574] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2926: inode #16: comm syz.1.4234: corrupted xattr block 8
[ 1550.108651][T21574] EXT4-fs (loop1): Remounting filesystem read-only
[ 1550.128683][T21574] EXT4-fs warning (device loop1): ext4_evict_inode:299: xattr delete (err -117)
[ 1550.155361][T21581] syz.0.4233[21581] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1550.155738][T21581] syz.0.4233[21581] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1550.278160][T21574] EXT4-fs (loop1): 1 orphan inode deleted
[ 1550.337773][T21574] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1550.350821][T21574] ext4 filesystem being mounted at /54/bus supports timestamps until 2038 (0x7fffffff)
[ 1550.389530][T21574] EXT4-fs error (device loop1): ext4_get_first_dir_block:3562: inode #12: comm syz.1.4234: directory missing '..'
[ 1550.404530][T21574] EXT4-fs (loop1): Remounting filesystem read-only
[ 1550.422655][T20914] EXT4-fs (loop1): unmounting filesystem.
[ 1550.482411][T21584] overlayfs: missing 'lowerdir'
[ 1550.742088][T20693] EXT4-fs (loop3): unmounting filesystem.
[ 1550.771457][T21590] loop3: detected capacity change from 0 to 512
[ 1550.783951][T21590] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #17: comm syz.3.4237: iget: bogus i_mode (0)
[ 1550.802472][T21590] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.4237: couldn't read orphan inode 17 (err -117)
[ 1550.878819][T21593] loop0: detected capacity change from 0 to 1024
[ 1550.882627][T21595] loop1: detected capacity change from 0 to 2048
[ 1550.892400][T21590] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1550.928191][T21593] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1550.936512][T21593] ext4 filesystem being mounted at /77/file1 supports timestamps until 2038 (0x7fffffff)
[ 1550.952295][T21595] Alternate GPT is invalid, using primary GPT.
[ 1550.953466][T20693] EXT4-fs (loop3): unmounting filesystem.
[ 1550.963959][ T1988] usb 3-1: new high-speed USB device number 70 using dummy_hcd
[ 1550.977907][T21595]  loop1: p1 p2 p3
[ 1550.991460][T20062] EXT4-fs (loop0): unmounting filesystem.
[ 1551.031240][T21600] loop3: detected capacity change from 0 to 256
[ 1551.085641][T21605] loop0: detected capacity change from 0 to 512
[ 1551.092910][T19712] I/O error, dev loop1, sector 108 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1551.093664][T20748] I/O error, dev loop1, sector 1008 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1551.102473][T20746] I/O error, dev loop1, sector 58 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1551.124694][T19712] I/O error, dev loop1, sector 108 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1551.133931][T19712] Buffer I/O error on dev loop1p1, logical block 8, async page read
[ 1551.141949][T20746] I/O error, dev loop1, sector 58 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1551.151089][T19712] I/O error, dev loop1, sector 109 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1551.163472][T20914] __loop_clr_fd: partition scan of loop1 failed (rc=-16)
[ 1551.166426][T20746] Buffer I/O error on dev loop1p2, logical block 8, async page read
[ 1551.175599][T21605] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[ 1551.187271][T20746] I/O error, dev loop1, sector 59 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1551.197894][T20746] Buffer I/O error on dev loop1p2, logical block 9, async page read
[ 1551.205863][T20746] I/O error, dev loop1, sector 60 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1551.209399][T20748] I/O error, dev loop1, sector 1008 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1551.219684][T21608] loop3: detected capacity change from 0 to 1024
[ 1551.236555][T20746] Buffer I/O error on dev loop1p2, logical block 10, async page read
[ 1551.246625][T19712] Buffer I/O error on dev loop1p1, logical block 9, async page read
[ 1551.254625][T20746] I/O error, dev loop1, sector 61 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1551.263198][T19712] Buffer I/O error on dev loop1p1, logical block 10, async page read
[ 1551.265061][T20746] Buffer I/O error on dev loop1p2, logical block 11, async page read
[ 1551.273368][T21605] EXT4-fs (loop0): 1 truncate cleaned up
[ 1551.280063][T21608] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1551.290159][T20748] Buffer I/O error on dev loop1p3, logical block 8, async page read
[ 1551.293336][T21608] ext4 filesystem being mounted at /57/file1 supports timestamps until 2038 (0x7fffffff)
[ 1551.310328][T19712] Buffer I/O error on dev loop1p1, logical block 11, async page read
[ 1551.311261][ T1988] usb 3-1: Using ep0 maxpacket: 8
[ 1551.324090][T21605] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1551.334911][T20748] Buffer I/O error on dev loop1p3, logical block 9, async page read
[ 1551.372109][T20693] EXT4-fs (loop3): unmounting filesystem.
[ 1551.429672][T21619] syz.3.4248[21619] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1551.429749][T21619] syz.3.4248[21619] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1551.444271][T19729] udevd[19729]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[ 1551.466809][T20748] udevd[20748]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[ 1551.507819][ T1988] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1551.573678][ T1988] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 1551.693113][T19712] udevd[19712]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[ 1551.719417][ T1988] usb 3-1: config 1 has no interface number 1
[ 1551.730497][ T1988] usb 3-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1551.749390][T19729] udevd[19729]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[ 1551.759895][T20746] udevd[20746]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[ 1551.770734][T19712] udevd[19712]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[ 1551.937703][ T1988] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1551.948744][T20062] EXT4-fs (loop0): unmounting filesystem.
[ 1551.956603][ T1988] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1551.967691][ T1988] usb 3-1: Product: syz
[ 1551.971673][ T1988] usb 3-1: Manufacturer: syz
[ 1551.986238][ T1988] usb 3-1: SerialNumber: syz
[ 1552.197650][   T60] usb 2-1: new high-speed USB device number 48 using dummy_hcd
[ 1552.307768][ T1988] usb 3-1: MIDIStreaming interface descriptor not found
[ 1552.322690][ T1988] usb 3-1: USB disconnect, device number 70
[ 1552.437664][   T60] usb 2-1: Using ep0 maxpacket: 8
[ 1552.557760][   T60] usb 2-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 0
[ 1552.647787][   T60] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1552.666787][   T60] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1552.674696][   T60] usb 2-1: SerialNumber: syz
[ 1552.697725][T21615] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 1552.718090][   T60] cdc_ether: probe of 2-1:1.0 failed with error -22
[ 1552.793458][T21630] loop0: detected capacity change from 0 to 512
[ 1552.837906][T21630] EXT4-fs error (device loop0): __ext4_iget:5046: inode #11: block 1: comm syz.0.4251: invalid block
[ 1552.857403][T21630] EXT4-fs (loop0): Remounting filesystem read-only
[ 1552.864122][T21630] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.4251: couldn't read orphan inode 11 (err -117)
[ 1552.899276][T21630] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 1552.920702][   T28] kauditd_printk_skb: 11 callbacks suppressed
[ 1552.920717][   T28] audit: type=1326 audit(2000004982.419:4650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21614 comm="syz.1.4247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60a2b7dff9 code=0x7ffc0000
[ 1552.957431][   T60] usb 2-1: USB disconnect, device number 48
[ 1553.157842][T21635] overlayfs: missing 'lowerdir'
[ 1553.557175][   T28] audit: type=1326 audit(2000004982.419:4651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21614 comm="syz.1.4247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f60a2b7dff9 code=0x7ffc0000
[ 1553.587473][   T28] audit: type=1326 audit(2000004982.419:4652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21614 comm="syz.1.4247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60a2b7dff9 code=0x7ffc0000
[ 1553.635501][   T28] audit: type=1326 audit(2000004982.419:4653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21614 comm="syz.1.4247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=310 compat=0 ip=0x7f60a2b7dff9 code=0x7ffc0000
[ 1553.662805][   T28] audit: type=1326 audit(2000004982.419:4654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21614 comm="syz.1.4247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60a2b7dff9 code=0x7ffc0000
[ 1553.948107][   T28] audit: type=1326 audit(2000004982.419:4655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21614 comm="syz.1.4247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f60a2b7dff9 code=0x7ffc0000
[ 1553.971616][   T28] audit: type=1326 audit(2000004982.419:4656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21614 comm="syz.1.4247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60a2b7dff9 code=0x7ffc0000
[ 1553.995153][   T28] audit: type=1326 audit(2000004982.419:4657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21614 comm="syz.1.4247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f60a2b7dff9 code=0x7ffc0000
[ 1554.018600][   T28] audit: type=1326 audit(2000004982.419:4658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21614 comm="syz.1.4247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60a2b7dff9 code=0x7ffc0000
[ 1554.042040][   T28] audit: type=1326 audit(2000004982.419:4659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21614 comm="syz.1.4247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60a2b7dff9 code=0x7ffc0000
[ 1554.072705][T21645] loop1: detected capacity change from 0 to 256
[ 1554.109303][T21645] exfat: Deprecated parameter 'utf8'
[ 1554.199273][T21626] loop3: detected capacity change from 0 to 40427
[ 1554.211985][T21626] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504)
[ 1554.219078][T21626] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 1554.234645][T21626] F2FS-fs (loop3): invalid crc value
[ 1554.267186][T21626] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1554.331442][T21626] F2FS-fs (loop3): Start checkpoint disabled!
[ 1554.350802][T21626] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[ 1554.357698][T21626] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[ 1554.447944][ T4694] usb 2-1: new high-speed USB device number 49 using dummy_hcd
[ 1554.666345][T21675] loop3: detected capacity change from 0 to 1024
[ 1554.698318][T21675] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1554.707660][ T4694] usb 2-1: Using ep0 maxpacket: 32
[ 1554.735162][T21675] ext4 filesystem being mounted at /60/file1 supports timestamps until 2038 (0x7fffffff)
[ 1554.847703][ T4694] usb 2-1: config 0 has an invalid interface number: 154 but max is 0
[ 1554.860839][ T4694] usb 2-1: config 0 has no interface number 0
[ 1555.037705][ T4694] usb 2-1: New USB device found, idVendor=0b95, idProduct=7e2b, bcdDevice=c4.04
[ 1555.048670][ T4694] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1555.068725][ T4694] usb 2-1: Product: syz
[ 1555.074772][ T4694] usb 2-1: Manufacturer: syz
[ 1555.081817][ T4694] usb 2-1: SerialNumber: syz
[ 1555.093786][ T4694] usb 2-1: config 0 descriptor??
[ 1555.587728][ T4694] asix 2-1:0.154 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[ 1555.602919][ T4694] asix: probe of 2-1:0.154 failed with error -71
[ 1555.620298][ T4694] usb 2-1: USB disconnect, device number 49
[ 1555.768890][T20693] EXT4-fs (loop3): unmounting filesystem.
[ 1555.822906][T20062] EXT4-fs (loop0): unmounting filesystem.
[ 1559.178507][T20080] EXT4-fs (loop4): unmounting filesystem.
[ 1559.416336][T21684] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1559.423290][T21684] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1559.438104][T21684] device bridge_slave_0 entered promiscuous mode
[ 1559.445025][T21684] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1559.467641][T21684] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1559.475409][T21684] device bridge_slave_1 entered promiscuous mode
[ 1559.608606][T21684] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1559.615516][T21684] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1559.622680][T21684] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1559.629546][T21684] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1559.689268][ T4694] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1559.699066][ T4694] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1559.716935][ T4694] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1559.732006][ T4694] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1559.774647][ T4694] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1559.842551][T21705] loop3: detected capacity change from 0 to 16
[ 1559.858749][T21705] erofs: (device loop3): mounted with root inode @ nid 36.
[ 1560.022782][ T4694] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1560.029677][ T4694] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1560.036871][ T4694] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1560.057885][ T4694] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1560.064757][ T4694] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1560.108489][ T4694] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1560.129163][ T4694] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1560.137053][ T4694] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1560.168698][T21684] device veth0_vlan entered promiscuous mode
[ 1560.179109][T17500] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1560.192814][T17500] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1560.213499][T17500] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1560.241176][T21684] device veth1_macvtap entered promiscuous mode
[ 1560.256092][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1560.278387][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1560.307965][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1560.384191][T21700] loop1: detected capacity change from 0 to 40427
[ 1560.405125][T21700] F2FS-fs (loop1): Invalid SB checksum offset: 0
[ 1560.420920][T21700] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[ 1560.477539][T21712] loop4: detected capacity change from 0 to 512
[ 1560.629469][T21700] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[ 1560.643737][T18346] device bridge_slave_1 left promiscuous mode
[ 1560.655708][T18346] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1560.674138][T21712] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 1560.683970][T21712] ext4 filesystem being mounted at /0/file1 supports timestamps until 2038 (0x7fffffff)
[ 1560.693828][T18346] device bridge_slave_0 left promiscuous mode
[ 1560.703014][T18346] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1560.714098][T18346] device veth1_macvtap left promiscuous mode
[ 1560.721791][T18346] device veth0_vlan left promiscuous mode
[ 1560.727369][T21700] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[ 1560.734334][T21700] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1561.289938][T21684] EXT4-fs (loop4): unmounting filesystem.
[ 1561.377755][T17500] usb 1-1: new high-speed USB device number 66 using dummy_hcd
[ 1561.410514][T21738] loop4: detected capacity change from 0 to 512
[ 1561.416619][   T28] kauditd_printk_skb: 11 callbacks suppressed
[ 1561.416637][   T28] audit: type=1400 audit(2000004990.909:4671): avc:  denied  { setopt } for  pid=21736 comm="syz.2.4282" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1561.454748][T21738] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.4280: invalid indirect mapped block 10 (level 1)
[ 1561.470043][T21738] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.4280: invalid indirect mapped block 8 (level 1)
[ 1561.493785][T21738] EXT4-fs (loop4): 1 truncate cleaned up
[ 1561.769237][T21758] loop4: detected capacity change from 0 to 1024
[ 1561.815548][T21758] ext4 filesystem being mounted at /3/file1 supports timestamps until 2038 (0x7fffffff)
[ 1561.911879][   T28] audit: type=1400 audit(2000004991.409:4672): avc:  denied  { mount } for  pid=21764 comm="syz.1.4290" name="/" dev="configfs" ino=13859 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[ 1561.947758][T17500] usb 1-1: New USB device found, idVendor=0408, idProduct=4030, bcdDevice=fa.f1
[ 1561.957928][T17500] usb 1-1: New USB device strings: Mfr=29, Product=2, SerialNumber=3
[ 1561.969103][T17500] usb 1-1: Product: syz
[ 1561.974181][T17500] usb 1-1: Manufacturer: syz
[ 1561.980825][T17500] usb 1-1: SerialNumber: syz
[ 1561.987797][T17500] usb 1-1: config 0 descriptor??
[ 1561.993600][   T28] audit: type=1400 audit(2000004991.429:4673): avc:  denied  { read } for  pid=21764 comm="syz.1.4290" name="/" dev="configfs" ino=13859 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[ 1562.028241][T17500] usb 1-1: Found UVC 0.00 device syz (0408:4030)
[ 1562.035541][T17500] usb 1-1: No valid video chain found.
[ 1562.052834][   T28] audit: type=1400 audit(2000004991.429:4674): avc:  denied  { open } for  pid=21764 comm="syz.1.4290" path="/66/file0" dev="configfs" ino=13859 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[ 1562.094183][   T28] audit: type=1400 audit(2000004991.449:4675): avc:  denied  { unmount } for  pid=20914 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[ 1562.231843][T17500] usb 1-1: USB disconnect, device number 66
[ 1562.404709][T21767] loop1: detected capacity change from 0 to 40427
[ 1562.417761][T21767] F2FS-fs (loop1): Invalid SB checksum offset: 0
[ 1562.430135][T21767] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[ 1562.462568][T21767] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[ 1562.517904][T21767] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[ 1562.524862][T21767] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1563.268300][   T28] audit: type=1400 audit(2000004992.769:4676): avc:  denied  { nlmsg_write } for  pid=21776 comm="syz.3.4292" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[ 1563.350373][   T28] audit: type=1400 audit(2000004992.789:4677): avc:  denied  { nlmsg_read } for  pid=21776 comm="syz.3.4292" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[ 1563.364372][T21780] loop3: detected capacity change from 0 to 1024
[ 1563.383416][T21777] loop0: detected capacity change from 0 to 1024
[ 1563.411347][T21777] ext4 filesystem being mounted at /87/file1 supports timestamps until 2038 (0x7fffffff)
[ 1563.464500][T21780] EXT4-fs: Ignoring removed orlov option
[ 1563.476906][T21780] EXT4-fs (loop3): Test dummy encryption mode enabled
[ 1563.565979][T21788] loop3: detected capacity change from 0 to 128
[ 1563.631828][T21790] loop0: detected capacity change from 0 to 1024
[ 1563.664591][T21790] ext4 filesystem being mounted at /88/file1 supports timestamps until 2038 (0x7fffffff)
[ 1564.126983][T21803] loop3: detected capacity change from 0 to 512
[ 1564.164611][T21803] EXT4-fs mount: 8 callbacks suppressed
[ 1564.164658][T21803] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1564.227753][T21803] ext4 filesystem being mounted at /68/file1 supports timestamps until 2038 (0x7fffffff)
[ 1564.263883][   T28] audit: type=1400 audit(2000004993.759:4678): avc:  denied  { reparent } for  pid=21802 comm="syz.3.4301" name="file0" dev="loop3" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 1564.287224][T21803] EXT4-fs error (device loop3): ext4_get_first_dir_block:3540: inode #12: comm syz.3.4301: Attempting to read directory block (0) that is past i_size (3)
[ 1564.300923][T21807] netlink: 76 bytes leftover after parsing attributes in process `syz.2.4302'.
[ 1564.418108][T21803] EXT4-fs (loop3): Remounting filesystem read-only
[ 1564.445305][T20693] EXT4-fs (loop3): unmounting filesystem.
[ 1564.452958][T21684] EXT4-fs (loop4): unmounting filesystem.
[ 1564.746575][   T28] audit: type=1400 audit(2000004994.239:4679): avc:  denied  { listen } for  pid=21814 comm="syz.2.4308" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1564.765639][   T19] usb 2-1: new high-speed USB device number 50 using dummy_hcd
[ 1564.774255][ T5964] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[ 1564.788449][T20062] EXT4-fs (loop0): unmounting filesystem.
[ 1564.813132][T21818] loop4: detected capacity change from 0 to 128
[ 1564.820941][ T5964] Quota error (device loop3): write_blk: dquota write failed
[ 1564.855444][T21824] loop4: detected capacity change from 0 to 256
[ 1564.877783][T21824] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d16cac, utbl_chksum : 0xe619d30d)
[ 1564.900161][T21824] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000008)
[ 1564.913420][T21824] exFAT-fs (loop4): Filesystem has been set read-only
[ 1564.921031][T21824] exFAT-fs (loop4): error, failed to bmap (inode : ffff888134c83250 iblock : 8, err : -5)
[ 1564.937773][T21824] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000008)
[ 1564.946783][T21824] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000008)
[ 1564.966492][T21831] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000008)
[ 1565.017922][T21831] exFAT-fs (loop4): error, failed to bmap (inode : ffff888134c83250 iblock : 8, err : -5)
[ 1565.055078][T21833] loop3: detected capacity change from 0 to 512
[ 1565.099179][T21831] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000008)
[ 1565.157768][   T19] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1565.238357][   T19] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1565.249341][T21833] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1565.258282][T21833] ext4 filesystem being mounted at /69/file1 supports timestamps until 2038 (0x7fffffff)
[ 1565.274710][T21837] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4313'.
[ 1565.318345][   T19] usb 2-1: New USB device found, idVendor=046d, idProduct=c532, bcdDevice= 0.00
[ 1565.329302][T21837] device macsec1 entered promiscuous mode
[ 1565.341301][T21837] device vlan1 entered promiscuous mode
[ 1565.346703][   T19] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1565.368653][T21837] device vlan1 left promiscuous mode
[ 1565.381202][   T19] usb 2-1: config 0 descriptor??
[ 1565.546269][T21847] loop4: detected capacity change from 0 to 1024
[ 1565.668367][T21847] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1565.676836][T21847] ext4 filesystem being mounted at /7/file1 supports timestamps until 2038 (0x7fffffff)
[ 1566.237817][T20693] EXT4-fs (loop3): unmounting filesystem.
[ 1566.326392][T17500] usb 2-1: USB disconnect, device number 50
[ 1566.387740][ T1747] usb 1-1: new high-speed USB device number 67 using dummy_hcd
[ 1566.440001][T21861] loop3: detected capacity change from 0 to 1024
[ 1566.491751][T21861] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1566.500191][T21861] ext4 filesystem being mounted at /70/file1 supports timestamps until 2038 (0x7fffffff)
[ 1566.647693][ T1747] usb 1-1: Using ep0 maxpacket: 8
[ 1566.767853][ T1747] usb 1-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 0
[ 1566.867914][ T1747] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1566.895539][ T1747] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1566.928119][ T1747] usb 1-1: SerialNumber: syz
[ 1566.967828][T21849] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[ 1566.989180][ T1747] cdc_ether: probe of 1-1:1.0 failed with error -22
[ 1567.204351][ T1747] usb 1-1: USB disconnect, device number 67
[ 1567.227732][   T28] kauditd_printk_skb: 1 callbacks suppressed
[ 1567.227751][   T28] audit: type=1326 audit(2000004996.699:4680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21848 comm="syz.0.4319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3b977dff9 code=0x7ffc0000
[ 1567.273506][T21875] loop1: detected capacity change from 0 to 128
[ 1567.306117][T21875] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 1567.330930][T21875] ext4 filesystem being mounted at /73/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[ 1567.367528][   T28] audit: type=1326 audit(2000004996.699:4681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21848 comm="syz.0.4319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ff3b977dff9 code=0x7ffc0000
[ 1567.439917][   T28] audit: type=1326 audit(2000004996.699:4682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21848 comm="syz.0.4319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3b977dff9 code=0x7ffc0000
[ 1567.487400][T21875] fscrypt (loop1, inode 12): Unsupported encryption flags (0x36)
[ 1567.526856][T20914] EXT4-fs (loop1): unmounting filesystem.
[ 1567.534728][   T28] audit: type=1326 audit(2000004996.699:4683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21848 comm="syz.0.4319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=310 compat=0 ip=0x7ff3b977dff9 code=0x7ffc0000
[ 1567.536059][T20693] EXT4-fs (loop3): unmounting filesystem.
[ 1567.558103][   T28] audit: type=1326 audit(2000004996.699:4684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21848 comm="syz.0.4319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3b977dff9 code=0x7ffc0000
[ 1567.587138][   T28] audit: type=1326 audit(2000004996.699:4685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21848 comm="syz.0.4319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff3b977dff9 code=0x7ffc0000
[ 1567.611936][   T28] audit: type=1326 audit(2000004996.699:4686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21848 comm="syz.0.4319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3b977dff9 code=0x7ffc0000
[ 1567.636299][T21878] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1567.643178][T21878] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1567.677720][   T28] audit: type=1326 audit(2000004996.699:4687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21848 comm="syz.0.4319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff3b977dff9 code=0x7ffc0000
[ 1567.745101][   T28] audit: type=1326 audit(2000004996.699:4688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21848 comm="syz.0.4319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3b977dff9 code=0x7ffc0000
[ 1567.817738][   T28] audit: type=1326 audit(2000004996.709:4689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21848 comm="syz.0.4319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3b977dff9 code=0x7ffc0000
[ 1567.971855][T21890] loop0: detected capacity change from 0 to 512
[ 1568.014662][T21890] EXT4-fs error (device loop0): __ext4_iget:5046: inode #11: block 1: comm syz.0.4332: invalid block
[ 1568.053407][T21684] EXT4-fs (loop4): unmounting filesystem.
[ 1568.053982][T21890] EXT4-fs (loop0): Remounting filesystem read-only
[ 1568.071588][T21890] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.4332: couldn't read orphan inode 11 (err -117)
[ 1568.118105][T21890] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 1568.193716][T17500] usb 4-1: new high-speed USB device number 53 using dummy_hcd
[ 1568.437741][T17500] usb 4-1: Using ep0 maxpacket: 8
[ 1568.557732][T17500] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[ 1568.569985][T17500] usb 4-1: config 179 has no interface number 0
[ 1568.582277][T17500] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[ 1568.613500][T17500] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1029, setting to 1024
[ 1568.648125][T17500] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 255, changing to 11
[ 1568.668026][T17500] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 59391, setting to 1024
[ 1568.687776][T17500] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 1568.707665][T17500] usb 4-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[ 1568.726723][T17500] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1568.757736][T21888] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1568.764814][T21888] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1568.799794][T17500] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:179.65/input/input61
[ 1569.007809][ T1747] usb 5-1: new high-speed USB device number 63 using dummy_hcd
[ 1569.018565][    T6] usb 4-1: USB disconnect, device number 53
[ 1569.037685][    T6] xpad 4-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[ 1569.377833][ T1747] usb 5-1: config 67 has an invalid descriptor of length 0, skipping remainder of the config
[ 1569.397468][ T1747] usb 5-1: config 67 has 0 interfaces, different from the descriptor's value: 1
[ 1569.427882][ T1747] usb 5-1: New USB device found, idVendor=0002, idProduct=0000, bcdDevice= 0.00
[ 1569.458884][ T1747] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1569.535080][T21882] loop1: detected capacity change from 0 to 131072
[ 1569.689365][T21882] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1569.775708][T21882] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1569.997688][ T1747] usb 5-1: string descriptor 0 read error: -71
[ 1570.007524][ T1747] usb 5-1: USB disconnect, device number 63
[ 1570.177791][T17500] usb 4-1: new high-speed USB device number 54 using dummy_hcd
[ 1570.348082][T21929] netlink: 'syz.2.4345': attribute type 2 has an invalid length.
[ 1570.472233][T17500] usb 4-1: Using ep0 maxpacket: 8
[ 1570.510697][T21940] loop4: detected capacity change from 0 to 128
[ 1570.858856][ T1747] usb 2-1: new high-speed USB device number 51 using dummy_hcd
[ 1570.918375][T17500] usb 4-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 0
[ 1571.004494][T20062] EXT4-fs (loop0): unmounting filesystem.
[ 1571.010276][T17500] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1571.040648][T17500] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1571.051159][T17500] usb 4-1: SerialNumber: syz
[ 1571.077724][T21914] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1571.098575][T17500] cdc_ether: probe of 4-1:1.0 failed with error -22
[ 1571.137666][ T1747] usb 2-1: Using ep0 maxpacket: 16
[ 1571.177295][T21954] loop0: detected capacity change from 0 to 512
[ 1571.192282][T21954] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[ 1571.221829][T21954] EXT4-fs (loop0): 1 truncate cleaned up
[ 1571.231455][T21954] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1571.257930][ T1747] usb 2-1: config 0 has no interfaces?
[ 1571.322949][  T681] usb 4-1: USB disconnect, device number 54
[ 1571.478488][ T1747] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[ 1571.572286][ T1747] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1571.630748][ T1747] usb 2-1: Product: syz
[ 1571.643022][ T1747] usb 2-1: Manufacturer: syz
[ 1571.650457][T21962] loop4: detected capacity change from 0 to 512
[ 1571.656678][ T1747] usb 2-1: SerialNumber: syz
[ 1571.665175][ T1747] r8152-cfgselector 2-1: config 0 descriptor??
[ 1571.684884][T21962] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1571.701125][T21962] EXT4-fs (loop4): 1 truncate cleaned up
[ 1571.716813][T21962] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1571.748670][T21684] EXT4-fs (loop4): unmounting filesystem.
[ 1571.783220][T21965] loop4: detected capacity change from 0 to 512
[ 1571.797998][T21965] EXT4-fs: Ignoring removed oldalloc option
[ 1571.825496][T21965] EXT4-fs (loop4): 1 orphan inode deleted
[ 1571.834271][T21965] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 1571.850333][T21965] ext4 filesystem being mounted at /16/file1 supports timestamps until 2038 (0x7fffffff)
[ 1571.888632][T21965] incfs_lookup_dentry err:-2
[ 1571.923154][T21684] ------------[ cut here ]------------
[ 1571.928631][T21684] kernel BUG at fs/namei.c:2956!
[ 1571.938789][T21971] loop3: detected capacity change from 0 to 1024
[ 1571.946068][T21684] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[ 1571.951950][T21684] CPU: 0 PID: 21684 Comm: syz-executor Tainted: G        W          6.1.99-syzkaller-00053-g5e1f4bb11f0d #0
[ 1571.963231][T21684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1571.973125][T21684] RIP: 0010:may_delete+0x6eb/0x6f0
[ 1571.978073][T21684] Code: 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c 7f fe ff ff 4c 89 e7 e8 a6 6e f3 ff e9 72 fe ff ff e8 ac 2a ac ff 0f 0b e8 a5 2a ac ff <0f> 0b 0f 1f 00 55 48 89 e5 41 56 53 48 89 fb e8 91 2a ac ff 4c 8d
[ 1571.997600][T21684] RSP: 0018:ffffc90004b07bd8 EFLAGS: 00010293
[ 1572.003502][T21684] RAX: ffffffff81c9789b RBX: ffff888134e779c0 RCX: ffff88811640e540
[ 1572.011312][T21684] RDX: 0000000000000000 RSI: 0000000000200000 RDI: 0000000000000000
[ 1572.019210][T21684] RBP: ffffc90004b07c40 R08: ffffffff81c9722f R09: 0000000000000003
[ 1572.027019][T21684] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff88811cad7330
[ 1572.034848][T21684] R13: 1ffff1102395ae66 R14: ffff888134e32f28 R15: dffffc0000000000
[ 1572.042644][T21684] FS:  00005555556a4500(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 1572.051409][T21684] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1572.057831][T21684] CR2: 00007f96fc277000 CR3: 0000000109136000 CR4: 00000000003506b0
[ 1572.065647][T21684] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1572.073457][T21684] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1572.081264][T21684] Call Trace:
[ 1572.084390][T21684]  <TASK>
[ 1572.087171][T21684]  ? __die_body+0x62/0xb0
[ 1572.091336][T21684]  ? die+0x88/0xb0
[ 1572.094901][T21684]  ? do_trap+0x103/0x330
[ 1572.098974][T21684]  ? may_delete+0x6eb/0x6f0
[ 1572.103313][T21684]  ? handle_invalid_op+0x95/0xc0
[ 1572.108173][T21684]  ? may_delete+0x6eb/0x6f0
[ 1572.112511][T21684]  ? exc_invalid_op+0x32/0x50
[ 1572.117024][T21684]  ? asm_exc_invalid_op+0x1b/0x20
[ 1572.121889][T21684]  ? may_delete+0x7f/0x6f0
[ 1572.126136][T21684]  ? may_delete+0x6eb/0x6f0
[ 1572.130478][T21684]  ? may_delete+0x6eb/0x6f0
[ 1572.134820][T21684]  ? may_delete+0x6eb/0x6f0
[ 1572.139160][T21684]  vfs_rmdir+0x32/0x500
[ 1572.143149][T21684]  ? generic_shutdown_super+0x2b8/0x370
[ 1572.148530][T21684]  incfs_kill_sb+0x113/0x230
[ 1572.152960][T21684]  deactivate_locked_super+0xad/0x110
[ 1572.158166][T21684]  deactivate_super+0xbe/0xf0
[ 1572.162682][T21684]  cleanup_mnt+0x485/0x510
[ 1572.167020][T21684]  ? user_path_at_empty+0x14e/0x1a0
[ 1572.172055][T21684]  __cleanup_mnt+0x19/0x20
[ 1572.176481][T21684]  task_work_run+0x24d/0x2e0
[ 1572.180995][T21684]  ? task_work_cancel+0x2b0/0x2b0
[ 1572.185855][T21684]  ? __x64_sys_umount+0x122/0x170
[ 1572.190713][T21684]  exit_to_user_mode_loop+0x94/0xa0
[ 1572.195746][T21684]  exit_to_user_mode_prepare+0x5a/0xa0
[ 1572.201044][T21684]  syscall_exit_to_user_mode+0x26/0x130
[ 1572.206683][T21684]  do_syscall_64+0x47/0xb0
[ 1572.210939][T21684]  ? clear_bhb_loop+0x55/0xb0
[ 1572.215451][T21684]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1572.221183][T21684] RIP: 0033:0x7fa07f37f327
[ 1572.225433][T21684] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[ 1572.245223][T21684] RSP: 002b:00007ffff8921eb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 1572.253826][T21684] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fa07f37f327
[ 1572.261624][T21684] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffff8921f70
[ 1572.269436][T21684] RBP: 00007ffff8921f70 R08: 0000000000000000 R09: 0000000000000000
[ 1572.277339][T21684] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffff8923060
[ 1572.285145][T21684] R13: 00007fa07f3f0134 R14: 000000000017fbb1 R15: 00007ffff8924120
[ 1572.292968][T21684]  </TASK>
[ 1572.295821][T21684] Modules linked in:
[ 1572.301189][T21971] EXT4-fs: Ignoring removed oldalloc option
[ 1572.318170][T21684] ---[ end trace 0000000000000000 ]---
[ 1572.327691][T21684] RIP: 0010:may_delete+0x6eb/0x6f0
[ 1572.335950][T20062] EXT4-fs (loop0): unmounting filesystem.
[ 1572.347103][T21684] Code: 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c 7f fe ff ff 4c 89 e7 e8 a6 6e f3 ff e9 72 fe ff ff e8 ac 2a ac ff 0f 0b e8 a5 2a ac ff <0f> 0b 0f 1f 00 55 48 89 e5 41 56 53 48 89 fb e8 91 2a ac ff 4c 8d
[ 1572.369731][T21971] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1572.417510][T21684] RSP: 0018:ffffc90004b07bd8 EFLAGS: 00010293
[ 1572.428827][T20693] EXT4-fs (loop3): unmounting filesystem.
[ 1572.437812][T21684] RAX: ffffffff81c9789b RBX: ffff888134e779c0 RCX: ffff88811640e540
[ 1572.456242][ T1747] usb 2-1: USB disconnect, device number 51
[ 1572.464652][T21684] RDX: 0000000000000000 RSI: 0000000000200000 RDI: 0000000000000000
[ 1572.485107][T21684] RBP: ffffc90004b07c40 R08: ffffffff81c9722f R09: 0000000000000003
[ 1572.503726][T21684] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff88811cad7330
[ 1572.512061][T21684] R13: 1ffff1102395ae66 R14: ffff888134e32f28 R15: dffffc0000000000
[ 1572.520053][T21684] FS:  00005555556a4500(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 1572.529441][T21684] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1572.535869][T21684] CR2: 00007f9705d08178 CR3: 0000000109136000 CR4: 00000000003506a0
[ 1572.543940][T21684] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1572.551915][T21684] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1572.560053][T21684] Kernel panic - not syncing: Fatal exception
[ 1572.566136][T21684] Kernel Offset: disabled
[ 1572.570259][T21684] Rebooting in 86400 seconds..