last executing test programs:

2.395716489s ago: executing program 0:
r0 = socket(0x1e, 0x4, 0x0)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}, 0x101d0}], 0x400000000000181, 0x9200000000000000)
r2 = dup3(r1, r0, 0x0)
recvmmsg$unix(r2, &(0x7f00000082c0)=[{{0x0, 0x3, &(0x7f0000000200)=[{&(0x7f0000000480)=""/4096, 0x1000}], 0x1}}, {{0x0, 0x0, &(0x7f0000002b40)=[{&(0x7f0000006100)=""/4096, 0x1000}], 0x1}}], 0x2, 0x0, 0x0)

2.187443736s ago: executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000010c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000040))
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x8, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r3, &(0x7f0000000040), &(0x7f0000001540)=""/152}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000d00)='sched_switch\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r6, r5, 0x26}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r6}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)
recvmsg(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000002c40)=""/4096, 0x1000}], 0x1}, 0x0)
sendmsg$inet(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x22fe0}], 0x1}, 0x0)

2.177741266s ago: executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x90)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @random="0106002010ff"})

2.096848417s ago: executing program 3:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x5412, &(0x7f0000000400)=0x13)
poll(&(0x7f0000000180)=[{r0, 0x400f}, {r0, 0x6}], 0x2, 0xe7f5)
ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000040)={0x3d17, 0x0, 0x0, 0x0, 0x0, "7e12105588e633bbb1df022dace17a32d211ee"})
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10, 0xffffffffffffffff, 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x5412, &(0x7f00000006c0)=0xa)

2.083200559s ago: executing program 0:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b7080000011100007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x5, 0x12}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000004c0), &(0x7f0000000380), 0x5, r0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r2}, 0x10)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @broadcast})
close(r3)

2.009433158s ago: executing program 3:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$VHOST_SET_VRING_KICK(0xffffffffffffffff, 0x4008af04, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x8000000, 0x20, 0x190a, r0, 0xadc, '\x00', 0x0, 0xffffffffffffffff, 0x3}, 0x48)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='block_plug\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1700000200006f000000181100deff0000f6ff0000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
kcmp(0x0, 0x0, 0x2, r2, r4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r5 = getpid()
sched_setscheduler(r5, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1000)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@index_on}]})

1.91191265s ago: executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="0100000000000000b4000040"])

1.551280955s ago: executing program 0:
mkdir(&(0x7f0000002880)='./file0\x00', 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
chroot(&(0x7f0000000000)='./file0\x00')
chroot(&(0x7f00000001c0)='./file0/../file0/../file0\x00')
umount2(&(0x7f0000000240)='./file0/../file0/../file0\x00', 0x3)
unshare(0x22020400)

1.529709118s ago: executing program 0:
socket(0x1, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000cc0)=ANY=[@ANYBLOB="120100004f92b90857152077ebb7000000010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000f80)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)={0x40, 0x13, 0x6, @local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f00000005c0)={0x36d12f2c052e8a2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001600)={0x40, 0x19, 0x2, "0004"}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000d00)={0x44, &(0x7f0000000300)=ANY=[@ANYBLOB="000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)

1.184500342s ago: executing program 4:
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0xe1, &(0x7f00000003c0)='\xc7i\x8b\xd5\xf5\xb0\xf1\xd5\xbc\xc0\x12\x175~\x17\xdb\xce\x94\x88\v{|i\xe1\xd0\x02\x17#\xd4uK\t\"\x98Q\x93\x14&#\x92\x0eV\x82}\xc6.\xdf\xf6\xd2\xde5\xa3\xc5\xe0\xd8\xd6\b\xdf\x7f\xfcFN\xa2iS\xe8x\x89.\xb9\x9d\xeb*;<\xc3\xd3#\f\x9bq\xef\xc8\xaa\x18mb\xf7\xb5\xc8\xceo\r\xc0\xc5\xa4zz\x96Whe\xe7$\x96\xbd\xeex\xa1\xec\xe2$\xf0\x17\xff\xed\xcf\xb1\x1f\xbe\xdcjJ\x14\xd8\x11\xa4\xac\xb1e>m\xe0\xb6\x18\xee9&\xa3W\xd5\x92\xcfd?\x9drz=!\x80P\x9b\xa1V\x95\xa2\xc8f>\xaa\xad\x87\xafg\x04?eI\xf6\xbc\x1b\xd0Lk\xa4\t\x01\xcd\x02\x8c\x18\xc5\xd0\x8c~\xf9f\xd0\xe0\xea\x11\x06\xca\f\xf9\x99Y8\x1b/\x15w\x93\xe8\v{\xb8\xae\x00'/225}, 0x30)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x8, 0x6}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000540))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c0000001a0000000000000000000000800000010000000000"], 0x1c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xb, 0xe, &(0x7f0000003fc0)=ANY=[@ANYBLOB="b70200000f0e1d07bfa300000000000024020000fffeff7f7a03f0fff8ffffff79a4f0ff00000000b7060000d0b68af1de640300000000007502faff07cd10020404000003007d60b70700000d1000006a0a00fe000000188500000008000000b70000000604002995000000000000001da5ad3548ebb63d18db6a1c72821c9b767ac8328fbcd5c5e4a5ad1059b5725ac60c2ceaea4c0ec908abb6e7325ec1956bd8660bf3664148a2c96752fe2bb328dff1aa503b8de7ab9a780001000000000000d4bf20c2bd152d814f01f2cd539e030b0000000000007f4133b08e6e497640000000aea5cac0ceafdb9a2eeb02a1f5104d16ddb64963d84d91004cd5817e0b7f005e6ee7a39e2f0b5a18ed786b783ab1321ea5e82ae5ba2c42a5e23ea6253d5df768d0cb9f35e4f41a62d79b4c03e53466fa4f22d8c19f958e8b34de3535e7dacf1b13f7e875d1843c2288e7ff949a7a48ce18799ee53de177a81ea67a8f84538a9a311c754e5ab59a43f56d2085786e7ec07d78917f7169f006f3f5c95177fbd0b14b36259e2905ef911785c88a16aae46084d676d8ef8aa6ecc2d34a442bc098f4fcc96623b7c373b0ef04d55b846b094b0d6c7a75a76d445e0dcdf72c7ef97e08200000007b6e09a6a7caffff0000141f65e7d9ebe3be70c4364333af9a9d91c3e41ac37a63f85ad8254479c12f7c84fa5df32b70a80cce69cf30d3d67d84ccf3f9db9b690111de2ddc4b153c989ef100bbf76063d3f6ffffb73d70e9c3d7b90aecf48eb19767e00b75041739952fe87fde27ce0172f497e251f5b102893f54ec0ea8e792414f639bc9ce1fea3f6ac0d7686bc2e1b45577c205c70631e8ad585951950e851250540593e61860b69a521f4e210b6494e3ab2d927195737945cc03d5668483151710de246420a1b6c55b73876a6ed7f58bde38b44ab13d980c894e00009338923789a1edcd8043fe83919088383268324a25df14010c8ea79c0d93ca77fd6c7ee30ea3aad2c6d6b8c97c00eaa00ff9bc46e1cfecbdc0e4ffac53e8f76c8b556306b409d04544d3a7edd4d447d2fb431e226ae182b8dcc86fe09b404a0b7c723d3b19c3dc382fa91fb0fb8f9f3f13296bb1758b24aad0922091d49e2bc408a5a37d2fe7a60b903d2d9fe9c151c2fcc8dc389671c2d08b6e2641500568445b00cee4585af04fa69e0380be0d66649dcf3bf8a9066e5961197332c5c9da52b573109ea8b308ff070000aab1c95bb22cedd913b22dcaa197ccc34586dc50bd9f4628ebe757bae30b356521df06f995cb57f97052fc4158250ccecfb47ea8faf509593fadc76e5d3c6840ad05a57af1ede94d87590ce90a0a7579766f847ec4fcd3cb0b1a8c531724d5ef6b334803cedaa9cedf16dc3af6c9eb0dcca5303eed6689ea910900785f61278dde47e6672e93a314a5f60e7b682bf0cacde21f6090f4fb311afd7f8b48f3f0d8c66449d8687dcf2d0f76668b2b9bf8b32b518e01ffb985f8054d37959c529e99b7daf32acfed749d516d014cef5f98126324e202badc1e5c20d69e576a770000000000005addc0103756b894418e4591c624a9b2ccabbfb85ad413d923b0c901973cd7c9d197d6d8e64787c4d397f57a15b6e0b4212b6cb55b9c207bbe84f483b15f45b9a1d3af087047c568aef1d8659c6146a793026ebfc0bb5ec10b6290dc757a4903a88fb2c035f9349b6d2f0c051b8b775152786118a1020000fc19928ccb713ff09e179c308fbe9bc543dcf43f731074d96ef2447a2a4af5ca0c39e7ca2e801e57560a55e9cfa095cf3f74398219ad10e5e9d26631c2f1db3a2882f6e130a79517a88de7596429a20793e12616aa32b3e720c6521fbe933321adde8ca7dd99c0a0125ff8c18119a6926083f4a2c008a9f2a29e30823bf0ec3639cadaf9be9605a504bca38627df469cebb7db08358e1e5ab17eea477b1754f78f45468c9568471647f8bc03d11811ac6eec1741ceb39a3ecd043c325fcabbab3d12f6a759f7ce11dafa387a8077db8a2230d2014a57bc8dd47741270000008000000000b2eebd5e1626cab98499328ff024a240199993433ceb5be20427a32df7047d63010dfc6a461517ad48ff64042e84c85c899fd11c6320a8d8fc0e78c15a5a4dd567f91dd943f6c2b32d094a461a990000000000000000000000000000000000000000000200000000000000000000b385c644a4a170e6dc9e9e546bfa049d025b319abd87fd85481743db5d6c2cb6a204d4d888dd4140c8edb598a36e21ad132bf6b88c99c5a5ed047d6589c10a5f6633b01813fc5cd7d048469a966bbfb300fd772cbadf2cf26899bfd15e7d9408026a92f13f11d1c9832259b2f97227f84a3bb96253717a1f7ac091d0f4632f638b09a0307ff31729857f9e6fe9f19e481a3f77cead663f42456e080952636515c758f1047b2148944133a492ef20a1778088c42094903d6ece2497b99fc745c420b035ff7961484a0f62a2d957ae2e47ff1ea8a059f2d03bf9c3e8d2b16ab409de762522f6008de48bb70b698c5c9867437ac3127fad4bd699acaad78a5f66c7fc7d46e048082a0af61e6b052e473ed26b0309080ea10e985703b292c7336112b1f35c3b069363869dce725d8da75dcec76dcfa0c052feecee18c64c4600a0bc3d4945d4b918865bb7a8a726a500689cbd9a84d07846417796f2a85e7a41d27d64b10f8e970469cf495b4a1b4ea8b5322f78e9f3048351b550c59a634b47981420081ea4da18b9d318fa001ce660b28bbcf3c1a8893d130b26d25e491f478ae4f95f71ea8897b32858f78d6e25537b959b69a04c5507008b8453f08a5ae1b3b4d8c83053c57637a98ef57e5fa51971eba5e287e9d10cba734336703def181022cb9f1e62079c48c13fe1659b157e5d9de7bfb929e715ed1a9a505a04a8d8474482295afbb9de90de2e918522cac2d5b5ac09d1fdc4147d6393a684ad7234ecb65d0008000000000000560ad146e8b9e9cd9b050edb1f6735c90a76b1ba4dbdee34d0b6750f25ba7251944ada7766c301c65e56351d009a568c782f4438ecba9bee47f25286300e83bd1853076ad52eac84029335b86e7f21e39a1af3d070abef94bc0827db0046dcb7d63bf64bf801c836a40b0100d0961533737c57e9b7337b981a99f63f600f90647703f0640f6594dd9f26436024a1f90f174769bad5a283271e6d7f49dec90a05bd771dd0502dc2170ccf98ade27e858eb5686ac900000000ae1bc4246ae316c6af10bf02088b4bb2ac89c96e58578dc50eddbf01ece3cb8a363ecbeb8198997115d7151f691a2a755d8233e006dd38ed5ba350bd6aad3bf6f5108083f0100f8a20be455d16134d65ce69c4b906b76427224b69750b779d81eb6e37e1db62b1788ff918433787f8026ef5c518113d48419a14a2bd8d4afff527513a2efc8403be48e494b3de33b1deefd9d902e8dc868f30161c2cd13b21b0a20362181186ff8cf4c8d58d74822f92554287ee157e9f1597c3e2e238f382a91bf48b4de88363c841bd7a8cddae3344295bd3d434d9ecf74634ffc9539010f0d36e672b9d668cc6762c0b25e4a22afb4d184ba84498b1367e4b31faf75f1b3dcecfd80c57015d8cd16171507add30833865fc1a42780e9d57bb14a6ebea4018d26e18747546fc7a4a619753fd9ba9c18e746aa9ea132058eb90f9b80549473eea2fb9bc43d38d8719a1cca094bd933ceef87a3ec0c2ac70d5f843425100950000009e000000000008000018779600e4283095c203b1f2ae5ed34f5b7e77278f7ded9f030000002e050000009f95a59418f612dfa87c654043da1a59c3c43c7884ab65d4b34984afe30c67179c4f5a3ba0e491f2b942b754a3c0d5b878c4ad63591c3fc7d3a4d4296d4bab0a88e55ff9c2536654bb2f83e8015fac216119e8ce582698938c9a331a974087b71f07e50300f7ff00d03bf057b408c86a1165bd9a1bdbf3dff88c9b2173a75d5fc82dce6d8a3f297231e33588d7cf183109c1118d94a41d48f8efcf193ff2699a76973f3f1ec1cff64a1b912ededeb080f9a241e07709e6dd6a3a7e18200c9e80b9634e6f0c4d000000000000000000000000000000005e50e77d04fcf8931ad07b38a39957e6b3a3c909000000e9d694e483e848fe0d00ee7c7d6cc30932a9575aa8808d10a4963560250bb4e60e88c726f63662cb143daf4b9ebd0774998a59fbb42dc35f12452cca456a12b7d15cf3ce7ea350e9510e96527cde622998e83e65b235c284542d48052eb15e6600733ca32436f9e705dff00f08df1115175628a327876dea291480c2dde8a59d1856eed2b502965038af0d56e49e0e2e9cb0e25104805f386d460e212c27ac7bafe6a0078f8648ff9f1e0257338ae58457fb27b29430cc9ac6a33ea11b88ae8bc95dffa293aa69d6d47f89b28a25a7ec2fce6691549990f93d1f02e1b619813699303b6b1260d5537e85315551adabe00c98282795dc5547aab3dcbd82a06e7f00c8160af19f1fc456b5fc4f099814631024b734c0cd8843c5cb124a21092e6cdd8aa2f4d3f93e92c6d850898890d9449e3f499af92be74ba8ba7928feabbd99d6288dece7513c50b973bab87214415078857d18032ab5adb8d4bf32405cc5f63eba7e60bcd0098fd7957943b3c4cf13de4e049e06ad7ebc236d1088c99d35f40555364ff86cab4542261999bccd3269e51d10900a1c05696b47ff33a159abce6bb1d69193bd01f59f1d3f431b4e0868db623cb8375baa50785b8fcd37ce4c52abe43c1e3368735022e7cc7a9b397b494d0183cbd8dae2ba19b32adc91444f519ad33f7f2680e3cf7ecd3cfc67816eb66b1faa78dd8e3f7e233b6048c53813e6b508dfc713583d8ef8f9cfff5cdae59aa7aca654b1740c90eb75ca000000000000000000000000000000000000000000faa13c07b5f590ee4c8bfbd828e912b150dde95dafe80ee043a107bde9c0bb87155691d640fd000000e4a2d2aa0607b026f78417471e6ea0d10000309b29d0dae2d2c9c730ac21040000000000000009775f86a9e6d5b6c7b3c5d10177a873edb630fdf9b1e11005a1ce41d04a2ad3f5d25a1595e7609849033d2e86ac682f2f0cde376f50a88a3ab5e83f56e43a07641b82c077fa1479b79e85c71a9c00000000000000078ce7c4ab383dac0325fa7f4ffb201c479265ff572dd061679c0000000000000f4f6b4ef8eb757ac80dc44711ae17816e32e38d7c894ab51238b2d7051ee26121404c0ade6faea7e72449cf38be7173b066f3a7835a31f1516c4cb1fda57ec8c19bc2800e246c1b64cf278c7afb3c9a5e346bdb259ac6788eefd5086e45554c8e2bdde8a3ac990dd929277a6af1876940c7c012f4b7d3d7aa68f2f07d83e925b326b05f130000000000000000000000000000000003572023092306e73a16f4b362f725b22b32be04e53a2219e3b08d75537c158ea4c4821d17d3b844dbe87408c34bb0f26ba43bd4530000769d45b93b8f2b6c194afc197f77bfb136dfd38c265479bd4f74b9d0b5c2f37eaacb2894370ab02abe06b823a2753ca82ea8888f2a5063212212772dcc541de26c97c1312fc247b56a9cd3e05bcb8bc93363edfa05f9c76e94190f917c3af6884c8742371f25eb0000000000000000000000004ae9afd11c62a57a29a163acc55ca9fe6da9ce6d59bdd87adec5ba4052a5edcd9999720e8b2a08b69f79f78c78b9f720bcf6a2ab411d420db8231780cdf52d44985768353ce1bc587700adf3a307ff11be0ca772f1bcc565070ef9345c2d55f0506d9059fff65ca75c9809c8e5e423f6f210a195e9b59a08c43dab5b025b1dc33cfdafe62aa8f13c38341267a920fc0be4e61fe9d8bed61524ad62896e3dfba3091cf028cdb3fabb530f1d0d4bdf391c5dda4b8b248ea58cb56aed4d968d506a108626e2423c506cc11bc2ec9de3b793fec489d08085e8c582cf6fc06c20eb57f7a1ba7315c67bd0e50f529a01211f8add5f28fd65fcd373982ae902e67966990cf34be5ed5dcf39b9e44fb0165fa40fcc5643678bab244a3a76f43dd267db562efe5156b85f6e909066b8f37b81b756eeeeee4598195e70d74bd1e221c5e0cf111b816f8bd5c2ac451fabd160815b9e81b9c4abffef4b12d82e401a0cce36fbfedaec4ab6a89e128ef71e63f2239792338e87e4c7d571d6e4bc165ea1d476531b4ddfbb698101e8563f7c25b4d527240dafb074437aa96f66e293df5e132fa95aa09c08ee57f089afc0522b438480aa3dc9f41330dcd3b25703feb85777de8fd5ac57464a31ae5924745f797a0c852ddf67e01dd5736b4826e16f885afb91b6a7f226e0d0aaabd0c01a8262cb35e501ddb3c191797560c91717a2215012da9e717ec8d65887138e3bc3886e5b6f3058e58fb4320338d6413ce94012c293e0042a2f5dd86b78d05efd9e44bbbccfae8b9361072af38c1aa3c030196d72d01a160a19c0060900e8bb2f3613a7ddacf2b878aa6b2952556d79bd183ae195e14d32ffd398ae01dbd20b034da17f5a78ceb03a16e39181a07b14e54f4e2061049569046877b9f5478106f6ac76e56213ec2e85a4dcd5960ad486e7c05a21e52e5c688c1f315169452b1b6a795dd837867899c64a04ec08a4b2d5455d93f6d5baf14ffced8576bfde19de2903835607505b4af824a0a69aee28fe65683dc83c19f6d253a5824442530c85d354c05c8b95030e629fb817697f746b9dd02fb40edf4f9886a758e0741ca2711e425f2f5be70a7fa600718fa7af2eb416a2b774f5d36f5632d791e0ba01f58f2165e6d5e564aef11dbc558170cf47c5934d41f558b02dc04d3ae4aee08aa5ad7d1e5ad92cdb90db79e73524d97ca3ce0828513c74fb0a1543eba7d17d37cc1f1f2d937bfd5fafeb23f691b326554b92d8b97e76e2cbbcb858a16287c2090727334096e574b6bb937ec9f048e041f178e8d3a3543c6862fc8b63f968501fabd17cbc81db1ad47d37d3fe02190fde2af3ac5c9a2d64ec4db0c8b211dbdf4d7b7c01248de7269c0b8d4c374d9fecb9fdff846c4e57d7d976c3f571474e4f65a87954e31e67c8cf6ac7823451b448ec90ca0b36405f6d2eef4055b5d2f4dad1aa89216f6d89bd43c4de92d8f61781a9349626fb65952dfa3c68aada76c3105d65bde2bddb981f753407c7696b767aeb3707606d0d9930b79f449557d6c3088c740f2a08c68b67f8dbbf93da08544ca26db1b58baae17c091f9bc28042630d76248e4d9d326ee62fd6e5d9bedee38b0e8da3cff3ba22e92e800b28c26901cd1a32b7aae2d762e776d66f08d78666364a2fc154fadfd105b28495e8702400a53f5191908b98a4d109a9d44107369cdf864fa8be46f52d88b01bcd795025a90669e55fc634692e554fe3a73ae6db0a5aa706c83061ba3b99aa992947346327a2521d3d4294115d9c4b44f949ae465d5aa24e3911520658e542e85023552e91dd39d98065dabfec69691c868bfc45f5830de8089ae1074b6ff56b7dd8e9029b7e5ab8e500b970cb391b14302315f99ab3bc102fbcc8d911c931c662c2a53c7a7bce275bb76b4096ee6d21acb49b088c7b7e05f70e6ed4cade99d907717b43b958390caec36fdb71fb1a5f374e86d3181ae12d12ff6a279e2047d26803cf7b1684c561ee8ff8250230e5de4171803ec2f03615f231d51f8a005a1487fb51b657a7b7f352adbd86fe56bd9bd02063b2bad542ca2ca3b61b8946abb3012c87cfa11e6df516ae4f29577dfda12068197eafdf0e343738778335ea5491cdcd7fe699a075425c9a35a731d63c2f7d3260ca187e2959223dc1a70f55ce9d02ff56e0410e3bf5"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x90)
sendmsg$IPCTNL_MSG_CT_DELETE(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB="e40000000201010800000000000000000a000000d00001800c000280050001000000000014000180080001000000000008000200000000002c00018014000300ff01000000000000000000000000000114000400ff0100000000000000000000000000010c00028005000100000000004700028005000100010000000600034000000000060005"], 0xe4}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r5, 0x8933, &(0x7f0000000080)={'wg1\x00', <r8=>0x0})
sendmsg$WG_CMD_SET_DEVICE(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000140)={0xa8, r6, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_PEERS={0x84, 0x8, 0x0, 0x1, [{0x80, 0x0, 0x0, 0x1, [@WGPEER_A_ALLOWEDIPS={0x58, 0x9, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @local}, {0x5}}]}, {0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x2}}]}, {0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x3}}]}]}, @WGPEER_A_PUBLIC_KEY={0x24}]}]}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r8}, @WGDEVICE_A_FLAGS={0x8, 0x5, 0x1}]}, 0xa8}}, 0x0)
ioctl$sock_bt_hci(r0, 0x400448e4, &(0x7f00000004c0)="15eeaa73110e4513b500ced7f63d70b09a4256cc8f2f99e3003f68963348875566c12402c22776e1c6cd8a8a196373ef75dbe09a1738d7989d9cd801a93d5acacbd042106741c7b549883637a5f7e13b64ca445d75d853d7812f01ce416313baf5d9954efb5769d8e219374a6c7d7081fe46e25fdeaecadbc50b7d65978ea0b3960c29050177020ff5c08460619074c05a445d214a97b003f420145bb53960910000f032c42662e19481bb7c5ec210eba13649faf89011ba025d8deb09002a09d0e25dede4f700000000000000000000000000000000ce3d87498062683de8fa5df80255c684376ff6459da1000000fda4c2765d7732f86b175f1955f9f6ae540f7d1b28a183576434de2307d9b5b24e0e2a9791b23a88a96e25963a88a28de882a1a131c104967aa1831d9940a301e3bb54dcba1600eccb348f28e9c0e17536342fc8fd00e7ec4af8f36a09a64650107029efac8093bb90d718914e0a1f5b5779a13ec7b61c00d38fec2cffed2426a2c13b42c05af2fe93386d7157c4326e43bf461b01cc7cc842b8b772cd069ad1dfb9a76cb0197adb3462a9872ba3185b165ce82405358b53ed07462c5d7560e839a55f779d00000000000000000000001baa017700"/465)

1.139288187s ago: executing program 2:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000080000085000000d0000000a50000009700000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r1 = dup2(r0, r0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
getxattr(0x0, 0x0, 0x0, 0x0)

1.137993367s ago: executing program 4:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, 0x0, 0x55)

1.130087418s ago: executing program 2:
syz_mount_image$f2fs(&(0x7f00000001c0), &(0x7f00000105c0)='./file1\x00', 0x121805a, &(0x7f0000000340)=ANY=[], 0x21, 0x10617, &(0x7f0000010600)="$eJzs3E2PU9UfB/BfGWCAP38khgd33sSYzCR2QoeBSEwMKkRNgBAfFm7UTntpCm3vOC1lZK2JC98GO+PGhRu3btz5IkyMcaOJO42m954hjGEhTKFVPp/kzvfc09Nfz2lm0dM7cwN4Yh3Nfvu1FkfiYEQsRMThiLJdS0fpfBXPRMSzEbHnnqOW+u927I+IQxFxZFK8qllLD3350dd/jG9f+uzOSz+9f+7OL7XZrRqYtecjor9RtW/1qyw6VV5P/c1xt8z+2jhl9UD/RjovqryVr5cVbjW3xzXLPN2pxhcbN4eTvNZrtibZ6V4r+zcG1QsOx53tOuUTrjc3y/N2vl5md1iU2bldzWsr5e3hqKrTTvU+LsvHaLSdVX++lVfr2bhRZmswSv1V3aKdb01ynDK9XLSKXrucx/pDv81z71J3cHMrG+ebw24xyM6sNF5caZytNzaLdj7K1+rNfvvsWrbU6U2G1Ud5s3++UxSdXr7SKvrL2VKn1ao3GtnShXy92xxkjcbK6ZVT9TPLqfVC9vqVd7NeO1ua5Kvdwc1RtzfMrhWbWfWM5Wx15fS55ey5Rvb25avZ1bcuXrx89Z0PLrx35ZXLb76WBm1Pa7H8nRjla9nS6qnV1XrjVH21sfw41v/9N/Ow/rvTmuL6YVd8kgR4YPb/wCzY/+/c/y/a/8/9/v9R7H+f9PXDrvgkCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwxPph31dvlI2j1fn/Uv//U9fTEXEyIk5ExPGI+PM+FmL/jprHIqKW2vcbv+9vc/i2FmWFyXMW03EoIs6n4/enHvW7AAAAAP9dX3z3yacRC5Nm+ePlWU+Ixyl9aXNgWvXKr3z2TqvasYjFvbE1pWrHU8npOBER+47+PKVqJyNiz+EPd1nl4IMMXtgRB+6JWhV7djkbAABgDu3cCUxt9wYAAMDc+XzWE2A2yuu16W/x07XgxSrSBcGDO84AAACAf6HarCcAAAAA/GMP+7+65f5/2vf/+zFNx/3/AAAAYD5U9/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+Iude0lRIwjjAP5pp2OeRIKPq7gKWbrwEDlCljlAcpvsPENAPIfZzREGHayuYWgRRuju6VF+P2jrQfv3U1fVBQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJf+l+vl3+3vP01z9odm2vk2AAAAwDm7cr1MnXE1/pjnP+eprxExj4hZREwj4tzavYi3tcxJRAxy/9z95UkN/yJSwvE9o3x9iIjv+br/0vWvAAAAALdru1msIopjN71867sgXlJ+aPOurbz0yOdNW2mTFParpbTpY2QrZhFRju9aSptHxPDTj5bSLlLkpvbfp8GgaobPZ1xwCwAA8KoUteZp9Xa6Rw8AAMC1+9l3AfQj7dfmdX7eCx5VTd4WfF8bAQAAAFdo0HcBAAAAQOfS+t/5fwAAAHDbqvP/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NKuXC+3m8Wqac7+0Mwln1GcTgybVg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwwP68nEAIhEEY7F3fOQ3mH5Y0aAwerALh4288DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwLb/7y/+JqXEmmXttLD2PJGunxtapsXduHP1hvP0aAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgYn/uTiAEgiAM9p3/OS3mH5Y0aAwiVMHCxwzzsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABf9Ltf/k9MjTPJ3Glj6XgkWbtqbF019h40jh6Mt38DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdite9uEgTCOw68vsRK3yQjprXzMkCZVBCPwISFZ8gwMwEI0VLQWi8AKIOFzTWcKnqf5/QtbuusOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeEznm188RUQRaZgp0t/6/fgcEWWkTdf9vlxnsT0d2td+Tnf7/zzfYvJRRUQVxRjXAQAYXT207p9Ly1Wz+Mz9yv3O/cmtZ20zz/+Vdzw7AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdu7fNYolDgD4XO5HLi/V48Er3rOIKCSNnhd/XSCWQkQQGwvLkFxCyEXDXQQTBIn/gWBlZ69VWv8GewsLrQQJoiKCTWTv9ryNnBij2T3i5wNz851JZncmxcL3ZjYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALA325thtBvnQgj/FXpx5Pm7O3P96jcfnv3bLdefFlaT14wuUQwhLCw16qdSXMuga61vLM82GvXmgQTFUK43W8Op3Ov3zbnjZ4f/c2EAJp9xEMI+hz88kv3kD18QPfSWQ35/w/s8LAopPpgAADh0inGJ8vqXxa2ZqC83HcLOo935/3giDnvM/z89vncpea9k/l9NbYWDr7K2slpprW+cWFqZXawv1m9Up6bOnK2dPzdZrbS/K6n4xgQAAIBfU4pLMv8fmm7v/+e7vxP97K9EHPaY/9+6fPX/qK8cjxmJ6z88/3/7bUdv06/bU059UgAAAITw99jH97k+/blSKdyeXVtrVjufX9uTnc8Mpvpj13Y3h9tlLG518v/8dAbzAgAAAFK3vZkbDSFsddvzcd13/3+iNy65///iQeFK8pr5+AzAwlKjfnLuZmM+lZUMvtbO3RAO+G3krNcIAABANkpxPRKX5Pn/Yvv8f+8fTQ2FECaOdeJubyL/Pxq+c/5//PiT18l75hPv/59OZZWDa6jW+Xu061oIhVrWMwIAAOAwK8clyv9fFbdmmp/vXyw5/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAXduweJWIgCgBwsrPRSlwQbGw8gWhntWAheA9REDyCV/AO3sF7pBQtrWULsbCVN8noss2CReLP98HkvYQh8zJV3gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAay1OvvIUl1mXT/pnj6835xGfVmJ4eWt3Y0ReD1n0L1Qfj10BAAAA/0Eq/X1VVc/N/VnEyTz3/02ZEz3/3VaXl35+te8vsfT+MfbSw/vnQrNunXjp5dX1xeFgX/jzba+dMc07n89eUjmE2Vk0eT/r27Y93cjp5gDFAgDfclBin5T/oYhHYxYGwF+2v3wz7Ue11P+n+Sh1AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzqIwAA///ZPWVS")
openat(0xffffffffffffff9c, &(0x7f0000002540)='./file1\x00', 0x42, 0x0)

1.129582759s ago: executing program 4:
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000540)={0x0, 0x0, 0x0, &(0x7f00000002c0)=""/138, 0x0})
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000140)={0x1, r1})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000940))
r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$uinput_user_dev(r2, &(0x7f0000000080)={'syz1\x00'}, 0x45c)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
ioctl$UI_SET_PROPBIT(r2, 0x5501, 0x0)
write$input_event(r2, &(0x7f00000005c0), 0x200005d8)
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x20000)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000008b40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x90, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0xffffffffffffffff}}}, 0x0, 0x0, 0x0, 0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000079000000090000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000"], 0x0}, 0x90)

1.061014317s ago: executing program 3:
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc)=0x4, 0x0, 0x4, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, &(0x7f0000000000), &(0x7f0000048000), 0x0)

973.362078ms ago: executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@ipv6_delrule={0x30, 0x18, 0x1, 0x0, 0x0, {0xa, 0x80, 0x0, 0x0, 0xff, 0x3, 0x0, 0x6}, [@FRA_DST={0x14, 0x1, @mcast2}]}, 0x30}}, 0x0)

903.997747ms ago: executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x4, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000050000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000002c7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='ext4_ext_remove_space\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700)

877.97469ms ago: executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x6}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r4 = dup(r3)
write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r4, &(0x7f00000012c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_BMAP(r4, &(0x7f0000000280)={0x18}, 0x18)
getresuid(&(0x7f0000000440), &(0x7f0000000480), &(0x7f00000004c0)=<r5=>0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4, @ANYBLOB=',privport,access=', @ANYRESDEC=r5])
lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)=@known='trusted.overlay.redirect\x00', 0x0, 0x2)

842.258995ms ago: executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xd, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x6, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040), &(0x7f00000004c0), 0xce, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000940)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='sched_kthread_work_queue_work\x00', r1}, 0x10)
socketpair(0x11, 0xa, 0x0, &(0x7f0000001080))

796.3856ms ago: executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x90)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @random="0106002010ff"})

732.266378ms ago: executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='kfree_skb\x00', r2}, 0x10)
r3 = syz_usb_connect(0x0, 0x24, &(0x7f0000004200)={{0x12, 0x1, 0x0, 0xe2, 0x79, 0x3b, 0x10, 0x5d1, 0x2001, 0x900, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x4d, 0x2f, 0x9c}}]}}]}}, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000022d900060000000077f2ab26850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r4}, 0x10)
syz_usb_control_io(r3, 0x0, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r5, 0x0)
ftruncate(r5, 0xc17a)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r8 = socket$unix(0x1, 0x1, 0x0)
getsockopt$sock_buf(r8, 0x1, 0x1c, 0x0, &(0x7f0000000100))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r7}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000700)={{r6}, &(0x7f0000000680)=0x2, &(0x7f00000006c0)}, 0x20)
r9 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r9, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20)
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r3, 0x0, &(0x7f0000000340)={0x1c, &(0x7f0000000240)={0x0, 0x0, 0x2, "0fdc"}, 0x0, 0x0})
socket$inet6_tcp(0xa, 0x1, 0x0)

376.922063ms ago: executing program 2:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x5412, &(0x7f0000000400)=0x13)
poll(&(0x7f0000000180)=[{r0, 0x400f}, {r0, 0x6}], 0x2, 0xe7f5)
ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000040)={0x3d17, 0x0, 0x0, 0x0, 0x0, "7e12105588e633bbb1df022dace17a32d211ee"})
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10, 0xffffffffffffffff, 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x5412, &(0x7f00000006c0)=0xa)

229.576002ms ago: executing program 4:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000080000085000000d0000000a50000009700000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r1 = dup2(r0, r0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
getxattr(0x0, 0x0, 0x0, 0x0)

219.729373ms ago: executing program 4:
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0xe1, &(0x7f00000003c0)='\xc7i\x8b\xd5\xf5\xb0\xf1\xd5\xbc\xc0\x12\x175~\x17\xdb\xce\x94\x88\v{|i\xe1\xd0\x02\x17#\xd4uK\t\"\x98Q\x93\x14&#\x92\x0eV\x82}\xc6.\xdf\xf6\xd2\xde5\xa3\xc5\xe0\xd8\xd6\b\xdf\x7f\xfcFN\xa2iS\xe8x\x89.\xb9\x9d\xeb*;<\xc3\xd3#\f\x9bq\xef\xc8\xaa\x18mb\xf7\xb5\xc8\xceo\r\xc0\xc5\xa4zz\x96Whe\xe7$\x96\xbd\xeex\xa1\xec\xe2$\xf0\x17\xff\xed\xcf\xb1\x1f\xbe\xdcjJ\x14\xd8\x11\xa4\xac\xb1e>m\xe0\xb6\x18\xee9&\xa3W\xd5\x92\xcfd?\x9drz=!\x80P\x9b\xa1V\x95\xa2\xc8f>\xaa\xad\x87\xafg\x04?eI\xf6\xbc\x1b\xd0Lk\xa4\t\x01\xcd\x02\x8c\x18\xc5\xd0\x8c~\xf9f\xd0\xe0\xea\x11\x06\xca\f\xf9\x99Y8\x1b/\x15w\x93\xe8\v{\xb8\xae\x00'/225}, 0x30)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x8, 0x6}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000540))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c0000001a0000000000000000000000800000010000000000"], 0x1c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xb, 0xe, &(0x7f0000003fc0)=ANY=[@ANYBLOB="b70200000f0e1d07bfa300000000000024020000fffeff7f7a03f0fff8ffffff79a4f0ff00000000b7060000d0b68af1de640300000000007502faff07cd10020404000003007d60b70700000d1000006a0a00fe000000188500000008000000b70000000604002995000000000000001da5ad3548ebb63d18db6a1c72821c9b767ac8328fbcd5c5e4a5ad1059b5725ac60c2ceaea4c0ec908abb6e7325ec1956bd8660bf3664148a2c96752fe2bb328dff1aa503b8de7ab9a780001000000000000d4bf20c2bd152d814f01f2cd539e030b0000000000007f4133b08e6e497640000000aea5cac0ceafdb9a2eeb02a1f5104d16ddb64963d84d91004cd5817e0b7f005e6ee7a39e2f0b5a18ed786b783ab1321ea5e82ae5ba2c42a5e23ea6253d5df768d0cb9f35e4f41a62d79b4c03e53466fa4f22d8c19f958e8b34de3535e7dacf1b13f7e875d1843c2288e7ff949a7a48ce18799ee53de177a81ea67a8f84538a9a311c754e5ab59a43f56d2085786e7ec07d78917f7169f006f3f5c95177fbd0b14b36259e2905ef911785c88a16aae46084d676d8ef8aa6ecc2d34a442bc098f4fcc96623b7c373b0ef04d55b846b094b0d6c7a75a76d445e0dcdf72c7ef97e08200000007b6e09a6a7caffff0000141f65e7d9ebe3be70c4364333af9a9d91c3e41ac37a63f85ad8254479c12f7c84fa5df32b70a80cce69cf30d3d67d84ccf3f9db9b690111de2ddc4b153c989ef100bbf76063d3f6ffffb73d70e9c3d7b90aecf48eb19767e00b75041739952fe87fde27ce0172f497e251f5b102893f54ec0ea8e792414f639bc9ce1fea3f6ac0d7686bc2e1b45577c205c70631e8ad585951950e851250540593e61860b69a521f4e210b6494e3ab2d927195737945cc03d5668483151710de246420a1b6c55b73876a6ed7f58bde38b44ab13d980c894e00009338923789a1edcd8043fe83919088383268324a25df14010c8ea79c0d93ca77fd6c7ee30ea3aad2c6d6b8c97c00eaa00ff9bc46e1cfecbdc0e4ffac53e8f76c8b556306b409d04544d3a7edd4d447d2fb431e226ae182b8dcc86fe09b404a0b7c723d3b19c3dc382fa91fb0fb8f9f3f13296bb1758b24aad0922091d49e2bc408a5a37d2fe7a60b903d2d9fe9c151c2fcc8dc389671c2d08b6e2641500568445b00cee4585af04fa69e0380be0d66649dcf3bf8a9066e5961197332c5c9da52b573109ea8b308ff070000aab1c95bb22cedd913b22dcaa197ccc34586dc50bd9f4628ebe757bae30b356521df06f995cb57f97052fc4158250ccecfb47ea8faf509593fadc76e5d3c6840ad05a57af1ede94d87590ce90a0a7579766f847ec4fcd3cb0b1a8c531724d5ef6b334803cedaa9cedf16dc3af6c9eb0dcca5303eed6689ea910900785f61278dde47e6672e93a314a5f60e7b682bf0cacde21f6090f4fb311afd7f8b48f3f0d8c66449d8687dcf2d0f76668b2b9bf8b32b518e01ffb985f8054d37959c529e99b7daf32acfed749d516d014cef5f98126324e202badc1e5c20d69e576a770000000000005addc0103756b894418e4591c624a9b2ccabbfb85ad413d923b0c901973cd7c9d197d6d8e64787c4d397f57a15b6e0b4212b6cb55b9c207bbe84f483b15f45b9a1d3af087047c568aef1d8659c6146a793026ebfc0bb5ec10b6290dc757a4903a88fb2c035f9349b6d2f0c051b8b775152786118a1020000fc19928ccb713ff09e179c308fbe9bc543dcf43f731074d96ef2447a2a4af5ca0c39e7ca2e801e57560a55e9cfa095cf3f74398219ad10e5e9d26631c2f1db3a2882f6e130a79517a88de7596429a20793e12616aa32b3e720c6521fbe933321adde8ca7dd99c0a0125ff8c18119a6926083f4a2c008a9f2a29e30823bf0ec3639cadaf9be9605a504bca38627df469cebb7db08358e1e5ab17eea477b1754f78f45468c9568471647f8bc03d11811ac6eec1741ceb39a3ecd043c325fcabbab3d12f6a759f7ce11dafa387a8077db8a2230d2014a57bc8dd47741270000008000000000b2eebd5e1626cab98499328ff024a240199993433ceb5be20427a32df7047d63010dfc6a461517ad48ff64042e84c85c899fd11c6320a8d8fc0e78c15a5a4dd567f91dd943f6c2b32d094a461a990000000000000000000000000000000000000000000200000000000000000000b385c644a4a170e6dc9e9e546bfa049d025b319abd87fd85481743db5d6c2cb6a204d4d888dd4140c8edb598a36e21ad132bf6b88c99c5a5ed047d6589c10a5f6633b01813fc5cd7d048469a966bbfb300fd772cbadf2cf26899bfd15e7d9408026a92f13f11d1c9832259b2f97227f84a3bb96253717a1f7ac091d0f4632f638b09a0307ff31729857f9e6fe9f19e481a3f77cead663f42456e080952636515c758f1047b2148944133a492ef20a1778088c42094903d6ece2497b99fc745c420b035ff7961484a0f62a2d957ae2e47ff1ea8a059f2d03bf9c3e8d2b16ab409de762522f6008de48bb70b698c5c9867437ac3127fad4bd699acaad78a5f66c7fc7d46e048082a0af61e6b052e473ed26b0309080ea10e985703b292c7336112b1f35c3b069363869dce725d8da75dcec76dcfa0c052feecee18c64c4600a0bc3d4945d4b918865bb7a8a726a500689cbd9a84d07846417796f2a85e7a41d27d64b10f8e970469cf495b4a1b4ea8b5322f78e9f3048351b550c59a634b47981420081ea4da18b9d318fa001ce660b28bbcf3c1a8893d130b26d25e491f478ae4f95f71ea8897b32858f78d6e25537b959b69a04c5507008b8453f08a5ae1b3b4d8c83053c57637a98ef57e5fa51971eba5e287e9d10cba734336703def181022cb9f1e62079c48c13fe1659b157e5d9de7bfb929e715ed1a9a505a04a8d8474482295afbb9de90de2e918522cac2d5b5ac09d1fdc4147d6393a684ad7234ecb65d0008000000000000560ad146e8b9e9cd9b050edb1f6735c90a76b1ba4dbdee34d0b6750f25ba7251944ada7766c301c65e56351d009a568c782f4438ecba9bee47f25286300e83bd1853076ad52eac84029335b86e7f21e39a1af3d070abef94bc0827db0046dcb7d63bf64bf801c836a40b0100d0961533737c57e9b7337b981a99f63f600f90647703f0640f6594dd9f26436024a1f90f174769bad5a283271e6d7f49dec90a05bd771dd0502dc2170ccf98ade27e858eb5686ac900000000ae1bc4246ae316c6af10bf02088b4bb2ac89c96e58578dc50eddbf01ece3cb8a363ecbeb8198997115d7151f691a2a755d8233e006dd38ed5ba350bd6aad3bf6f5108083f0100f8a20be455d16134d65ce69c4b906b76427224b69750b779d81eb6e37e1db62b1788ff918433787f8026ef5c518113d48419a14a2bd8d4afff527513a2efc8403be48e494b3de33b1deefd9d902e8dc868f30161c2cd13b21b0a20362181186ff8cf4c8d58d74822f92554287ee157e9f1597c3e2e238f382a91bf48b4de88363c841bd7a8cddae3344295bd3d434d9ecf74634ffc9539010f0d36e672b9d668cc6762c0b25e4a22afb4d184ba84498b1367e4b31faf75f1b3dcecfd80c57015d8cd16171507add30833865fc1a42780e9d57bb14a6ebea4018d26e18747546fc7a4a619753fd9ba9c18e746aa9ea132058eb90f9b80549473eea2fb9bc43d38d8719a1cca094bd933ceef87a3ec0c2ac70d5f843425100950000009e000000000008000018779600e4283095c203b1f2ae5ed34f5b7e77278f7ded9f030000002e050000009f95a59418f612dfa87c654043da1a59c3c43c7884ab65d4b34984afe30c67179c4f5a3ba0e491f2b942b754a3c0d5b878c4ad63591c3fc7d3a4d4296d4bab0a88e55ff9c2536654bb2f83e8015fac216119e8ce582698938c9a331a974087b71f07e50300f7ff00d03bf057b408c86a1165bd9a1bdbf3dff88c9b2173a75d5fc82dce6d8a3f297231e33588d7cf183109c1118d94a41d48f8efcf193ff2699a76973f3f1ec1cff64a1b912ededeb080f9a241e07709e6dd6a3a7e18200c9e80b9634e6f0c4d000000000000000000000000000000005e50e77d04fcf8931ad07b38a39957e6b3a3c909000000e9d694e483e848fe0d00ee7c7d6cc30932a9575aa8808d10a4963560250bb4e60e88c726f63662cb143daf4b9ebd0774998a59fbb42dc35f12452cca456a12b7d15cf3ce7ea350e9510e96527cde622998e83e65b235c284542d48052eb15e6600733ca32436f9e705dff00f08df1115175628a327876dea291480c2dde8a59d1856eed2b502965038af0d56e49e0e2e9cb0e25104805f386d460e212c27ac7bafe6a0078f8648ff9f1e0257338ae58457fb27b29430cc9ac6a33ea11b88ae8bc95dffa293aa69d6d47f89b28a25a7ec2fce6691549990f93d1f02e1b619813699303b6b1260d5537e85315551adabe00c98282795dc5547aab3dcbd82a06e7f00c8160af19f1fc456b5fc4f099814631024b734c0cd8843c5cb124a21092e6cdd8aa2f4d3f93e92c6d850898890d9449e3f499af92be74ba8ba7928feabbd99d6288dece7513c50b973bab87214415078857d18032ab5adb8d4bf32405cc5f63eba7e60bcd0098fd7957943b3c4cf13de4e049e06ad7ebc236d1088c99d35f40555364ff86cab4542261999bccd3269e51d10900a1c05696b47ff33a159abce6bb1d69193bd01f59f1d3f431b4e0868db623cb8375baa50785b8fcd37ce4c52abe43c1e3368735022e7cc7a9b397b494d0183cbd8dae2ba19b32adc91444f519ad33f7f2680e3cf7ecd3cfc67816eb66b1faa78dd8e3f7e233b6048c53813e6b508dfc713583d8ef8f9cfff5cdae59aa7aca654b1740c90eb75ca000000000000000000000000000000000000000000faa13c07b5f590ee4c8bfbd828e912b150dde95dafe80ee043a107bde9c0bb87155691d640fd000000e4a2d2aa0607b026f78417471e6ea0d10000309b29d0dae2d2c9c730ac21040000000000000009775f86a9e6d5b6c7b3c5d10177a873edb630fdf9b1e11005a1ce41d04a2ad3f5d25a1595e7609849033d2e86ac682f2f0cde376f50a88a3ab5e83f56e43a07641b82c077fa1479b79e85c71a9c00000000000000078ce7c4ab383dac0325fa7f4ffb201c479265ff572dd061679c0000000000000f4f6b4ef8eb757ac80dc44711ae17816e32e38d7c894ab51238b2d7051ee26121404c0ade6faea7e72449cf38be7173b066f3a7835a31f1516c4cb1fda57ec8c19bc2800e246c1b64cf278c7afb3c9a5e346bdb259ac6788eefd5086e45554c8e2bdde8a3ac990dd929277a6af1876940c7c012f4b7d3d7aa68f2f07d83e925b326b05f130000000000000000000000000000000003572023092306e73a16f4b362f725b22b32be04e53a2219e3b08d75537c158ea4c4821d17d3b844dbe87408c34bb0f26ba43bd4530000769d45b93b8f2b6c194afc197f77bfb136dfd38c265479bd4f74b9d0b5c2f37eaacb2894370ab02abe06b823a2753ca82ea8888f2a5063212212772dcc541de26c97c1312fc247b56a9cd3e05bcb8bc93363edfa05f9c76e94190f917c3af6884c8742371f25eb0000000000000000000000004ae9afd11c62a57a29a163acc55ca9fe6da9ce6d59bdd87adec5ba4052a5edcd9999720e8b2a08b69f79f78c78b9f720bcf6a2ab411d420db8231780cdf52d44985768353ce1bc587700adf3a307ff11be0ca772f1bcc565070ef9345c2d55f0506d9059fff65ca75c9809c8e5e423f6f210a195e9b59a08c43dab5b025b1dc33cfdafe62aa8f13c38341267a920fc0be4e61fe9d8bed61524ad62896e3dfba3091cf028cdb3fabb530f1d0d4bdf391c5dda4b8b248ea58cb56aed4d968d506a108626e2423c506cc11bc2ec9de3b793fec489d08085e8c582cf6fc06c20eb57f7a1ba7315c67bd0e50f529a01211f8add5f28fd65fcd373982ae902e67966990cf34be5ed5dcf39b9e44fb0165fa40fcc5643678bab244a3a76f43dd267db562efe5156b85f6e909066b8f37b81b756eeeeee4598195e70d74bd1e221c5e0cf111b816f8bd5c2ac451fabd160815b9e81b9c4abffef4b12d82e401a0cce36fbfedaec4ab6a89e128ef71e63f2239792338e87e4c7d571d6e4bc165ea1d476531b4ddfbb698101e8563f7c25b4d527240dafb074437aa96f66e293df5e132fa95aa09c08ee57f089afc0522b438480aa3dc9f41330dcd3b25703feb85777de8fd5ac57464a31ae5924745f797a0c852ddf67e01dd5736b4826e16f885afb91b6a7f226e0d0aaabd0c01a8262cb35e501ddb3c191797560c91717a2215012da9e717ec8d65887138e3bc3886e5b6f3058e58fb4320338d6413ce94012c293e0042a2f5dd86b78d05efd9e44bbbccfae8b9361072af38c1aa3c030196d72d01a160a19c0060900e8bb2f3613a7ddacf2b878aa6b2952556d79bd183ae195e14d32ffd398ae01dbd20b034da17f5a78ceb03a16e39181a07b14e54f4e2061049569046877b9f5478106f6ac76e56213ec2e85a4dcd5960ad486e7c05a21e52e5c688c1f315169452b1b6a795dd837867899c64a04ec08a4b2d5455d93f6d5baf14ffced8576bfde19de2903835607505b4af824a0a69aee28fe65683dc83c19f6d253a5824442530c85d354c05c8b95030e629fb817697f746b9dd02fb40edf4f9886a758e0741ca2711e425f2f5be70a7fa600718fa7af2eb416a2b774f5d36f5632d791e0ba01f58f2165e6d5e564aef11dbc558170cf47c5934d41f558b02dc04d3ae4aee08aa5ad7d1e5ad92cdb90db79e73524d97ca3ce0828513c74fb0a1543eba7d17d37cc1f1f2d937bfd5fafeb23f691b326554b92d8b97e76e2cbbcb858a16287c2090727334096e574b6bb937ec9f048e041f178e8d3a3543c6862fc8b63f968501fabd17cbc81db1ad47d37d3fe02190fde2af3ac5c9a2d64ec4db0c8b211dbdf4d7b7c01248de7269c0b8d4c374d9fecb9fdff846c4e57d7d976c3f571474e4f65a87954e31e67c8cf6ac7823451b448ec90ca0b36405f6d2eef4055b5d2f4dad1aa89216f6d89bd43c4de92d8f61781a9349626fb65952dfa3c68aada76c3105d65bde2bddb981f753407c7696b767aeb3707606d0d9930b79f449557d6c3088c740f2a08c68b67f8dbbf93da08544ca26db1b58baae17c091f9bc28042630d76248e4d9d326ee62fd6e5d9bedee38b0e8da3cff3ba22e92e800b28c26901cd1a32b7aae2d762e776d66f08d78666364a2fc154fadfd105b28495e8702400a53f5191908b98a4d109a9d44107369cdf864fa8be46f52d88b01bcd795025a90669e55fc634692e554fe3a73ae6db0a5aa706c83061ba3b99aa992947346327a2521d3d4294115d9c4b44f949ae465d5aa24e3911520658e542e85023552e91dd39d98065dabfec69691c868bfc45f5830de8089ae1074b6ff56b7dd8e9029b7e5ab8e500b970cb391b14302315f99ab3bc102fbcc8d911c931c662c2a53c7a7bce275bb76b4096ee6d21acb49b088c7b7e05f70e6ed4cade99d907717b43b958390caec36fdb71fb1a5f374e86d3181ae12d12ff6a279e2047d26803cf7b1684c561ee8ff8250230e5de4171803ec2f03615f231d51f8a005a1487fb51b657a7b7f352adbd86fe56bd9bd02063b2bad542ca2ca3b61b8946abb3012c87cfa11e6df516ae4f29577dfda12068197eafdf0e343738778335ea5491cdcd7fe699a075425c9a35a731d63c2f7d3260ca187e2959223dc1a70f55ce9d02ff56e0410e3bf5"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x90)
sendmsg$IPCTNL_MSG_CT_DELETE(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB="e40000000201010800000000000000000a000000d00001800c000280050001000000000014000180080001000000000008000200000000002c00018014000300ff01000000000000000000000000000114000400ff0100000000000000000000000000010c00028005000100000000004700028005000100010000000600034000000000060005"], 0xe4}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r5, 0x8933, &(0x7f0000000080)={'wg1\x00', <r8=>0x0})
sendmsg$WG_CMD_SET_DEVICE(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000140)={0xa8, r6, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_PEERS={0x84, 0x8, 0x0, 0x1, [{0x80, 0x0, 0x0, 0x1, [@WGPEER_A_ALLOWEDIPS={0x58, 0x9, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @local}, {0x5}}]}, {0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x2}}]}, {0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x3}}]}]}, @WGPEER_A_PUBLIC_KEY={0x24}]}]}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r8}, @WGDEVICE_A_FLAGS={0x8, 0x5, 0x1}]}, 0xa8}}, 0x0)
ioctl$sock_bt_hci(r0, 0x400448e4, &(0x7f00000004c0)="15eeaa73110e4513b500ced7f63d70b09a4256cc8f2f99e3003f68963348875566c12402c22776e1c6cd8a8a196373ef75dbe09a1738d7989d9cd801a93d5acacbd042106741c7b549883637a5f7e13b64ca445d75d853d7812f01ce416313baf5d9954efb5769d8e219374a6c7d7081fe46e25fdeaecadbc50b7d65978ea0b3960c29050177020ff5c08460619074c05a445d214a97b003f420145bb53960910000f032c42662e19481bb7c5ec210eba13649faf89011ba025d8deb09002a09d0e25dede4f700000000000000000000000000000000ce3d87498062683de8fa5df80255c684376ff6459da1000000fda4c2765d7732f86b175f1955f9f6ae540f7d1b28a183576434de2307d9b5b24e0e2a9791b23a88a96e25963a88a28de882a1a131c104967aa1831d9940a301e3bb54dcba1600eccb348f28e9c0e17536342fc8fd00e7ec4af8f36a09a64650107029efac8093bb90d718914e0a1f5b5779a13ec7b61c00d38fec2cffed2426a2c13b42c05af2fe93386d7157c4326e43bf461b01cc7cc842b8b772cd069ad1dfb9a76cb0197adb3462a9872ba3185b165ce82405358b53ed07462c5d7560e839a55f779d00000000000000000000001baa017700"/465)

158.98504ms ago: executing program 4:
syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./file2\x00', 0x3000cd0, &(0x7f0000000440)=ANY=[], 0x1, 0x1509, &(0x7f0000002d40)="$eJzs3Am4TmX3MPC17vveHDI8Sea97rV5kuEmSUJJMiRJEpI5IUmSJEkcMiUhCRlPkjlkTicd8zxkTjp5JUkSkinc33VUn7f3fft6p//n/b9n/a5rX+deZ++1nrXPup7z7L2v65xvuwyt1rB65XrMDP8M/esCf/6SCAAJADAAALIDQAAAZXKUyZG2P5PGxH/qRcT/kPrTr3YH4mqS+advMv/0Teafvsn80zeZf/om80/fZP7pm8xfiHRtZt5rZUu/mzz//19O/SvJ8vmfLuDv7ZD5/7fR/9DRMv/0Teafvsn80zeZf/pz5RYsuKp9iKtP3v/pm8xfiHTt3/5Mef3Zq/1MW7Z/YBNCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIf4/OOuvMADw6/pq9yWEEEIIIYQQQoh/H//+1e5ACCGEEEIIIYQQ//MQFGgwEEAGyAgJkAkywzWQBbJCNsgOMbgWcsB1kBOuh1yQG/JAXsgH+aEAhEBggSGCglAI4nADFIYboQgUhWJQHByUgJJwE5SCm6E03AJl4FYoC7dBOSh/+TXT3AmV4C6oDHdDFagK1aA63AM14F6oCfdBLbgfasMDUAcehLrwENSD+tAAHoaG8Ag0gsbQBJpCM2gOLf4gPyn738p/EbrDS9ADekIi9ILe8DL0gb7QD/rDAHgFBsKrMAheg8EwBIbC6zAM3oDh8CaMgJEwCt6C0TAGxsI4GA8TIAnehonwDkyCdx/JClNgKkyD6TADZsJ7MAtmwxx4H+bCPJgPSZkWwiJYDB/AEvgQkuEjWAofQwosg+WwAlbCKlgNa2AtrIP1sAE2wibYDFtgK3wC22A77ICdsAt2wx74FPbCZ7APPodU/OIfzD/z23zoioCAChUaNJgBM2ACJmBmzIxZMAtmw2wYwxjmwByYE3NiLsyFeTAPJmI+LIAFkJCQkbEgFsQ4xrEwFsYiWASLYTF06LAklsRSeNF7XxrLYBksi2WxHJbH8ng73o4VsSJWwkpYGStjFayC1bAa3oP34L1YE2tiLayFtbE21sE6WBfrYj2shw2wATbEhtgIG2ETbILNsBm2wBbYEltiK2yFbbANtsW22A7bYXtsjx2wA3bEjtgJO2Fn7IxdsAt2xRfwBXwRX8SX8CXsiVVUL+yNvbEP9sF+2B/74ys4EF/FV/E1HIxDcCi+jq/jGzgcT+MIHImjcBRWVGNwLI5DVhMwCZMwI0zESTgJJ+MUnILTcDrOwJk4E2fhbJyN7+NcnIfzcAEuwEW4GBfjEvwQkzEZl+IZTMFluBxX4EpchStxDa7FNbgeN+B63ISbcAtuwU/wE9yO23En7sTduBs/xU/xM/wMB2MqpuJ+3I8H8AAexIN4CA/hYTyMR/AIHsWjeAyP4XE8gSfxBJ7CU3gaz+BZADiP5/ECXsBLeCntza/SGGVUBpVBJagElVllVllUFpVNZVMxFVM5VA6VU+VUuVQulUflUflUPlVAFVCkSLGKVEFVUMVVXBVWhVURVUQVU8WUU06VVCVVKVVKlValVRl1qyqrblPlVHnV2t2ublcVVRtXSd2lKqvKqoqqqqqp6qq6qqFqqJqqpqqlaqnaqraqox5UdVUv7If1VdpkGqoh2EgNxSaqqWqmmqs38FHVUg3HVqq1aqMeVyNxBLZTLV179ZTqoMZiR/WMGofPqs5qAnZRz6uu6gXVTb2ouqtWrofqqSZjL9VbTcM+qq/qp/qrWVhVpU2smnpNvZhxiBqqXleL8A01XL2pRqiRapR6S41WY9RYNU6NVxNUknpbTVTvqEnqXTVZTVFT1TQ1Xc1QM9V7apaareao99VcNU+DWqAWqkVqsfpALVEfqmT1kVqqPlYpaplarlaolWqVWq3WqLVqnVqvNqiNapParLaoreoTtU1tVzvUTrVL7VZ71Kdqr/pM7VOfq1T1hdqv/qQOqC/VQfWVOqS+VofVN+qI+lYdVd+pY+p7dVydUCfVD+qU+lGdVmfUWXVOnVc/qQvqorqkvAKNWmmtjQ50Bp1RJ+hMOrO+RmfRWXU2nV3H9LU6h75O59TX61w6t85j8up8Or8uoENN2mrWkS6oC+m4vkEX1jfqIrqoLqaLa6dL6JL6Jl1K36xL61t0GX2rLqtv0+V0eV3Bg75DV9R36kr6Ll1Z362r6Kq6mq6u79E19L26pr5P19L369r6AV1HP6jr6od0PV1fN9AP64b6Ed1IN9ZNdFPdTDfXLfSjuqV+TLfSrXUb/bhuq5/Q7fSTur1+SnfQT+uO+hndST+rO+vndBf9vO6qX9Dd9EV9SXvdQ/fUibqX7q1f1n10X91P99cD9Ct6oH5VD9Kv6cF6iB6qX9fD9Bt6uH5Tj9Aj9Sj9lh6tx+ixepweryfoJP22nqjf0ZP0u3qynqKn6ml6up6h+/1Sac7fkf/O38gfdPnVt+it+hO9TW/XO/ROvUvv1nv0Hr1X79X79D6dqlP1fr1fH9AH9EF9UB/Sh/RhfVgf0Uf0UX1UH9PH9HF9Qp/TP+hT+kd9Wp/RZ/Q5fV6f1xd++RmAQaOMNsYEJoPJaBJMJpPZXGOymKwmm8luYuZak8NcZ3Ka600uk9vkMXlNPpPfFDChIWMNm8gUNIVM3NxgCpsbTRFT1BQzxY0zJUxJc9O/nP9H/bUwLUxL09K0Mq1MG9PGtDVtTTvTzrQ37U0H08F0NB1NJ9PJdDadTRfTxXQ1XU030810N91ND9PDJJpE09u8bPqYvqaf6W8GmFfMQDPQDDKDzGAz2Aw1Q80wM8wMN8PNCDPCjDKjzGgz2ow1Y814M94k+exmoploJplJZrKZbKYOyG6mm+lmpplpZplZZo6ZY+aauWa+mW8WmoVmsVlslpglJtkkm6VmqUkxy8wys8KsMKvMKrPGrDHrzDqzwWwwm8wmk2K2mq1mm9lmdpgdZpfZZfaYPWav2Wv2mX0m1aSa/Wa/OWAOmIPmoDlkDpnD5rA5Yo6Yo+aoOWaOmePmuDlpTppT5pQ5bU6bs+asOW/OmwvmgrlkLqVd9gUqUIEJTJAhyBAkBAlB5iBzkCXIEmQLsgWxIBbkCHIEOYPrg1xB7iBPkDfIF+QPCgRhQIENOIiCgkGhIB7cEBQObgyKBEWDYkHxwAUlgpLBTUGp4OagdHBLUCa4NSgb3BaUC8oHFYLbgzuCisGdQaXgrqBycHdQJagaVAuqB/cENYJ7g5rBfUGt4P6gdvBAUCd4MKgbPBTUC+oHDYKHg4bBI0GjoHHQJGgaNAuaBy3+rfW9P537Mdcj7Bkmhr3C3uHLYZ+wb9gv7B8OCF8JB4avhoPC18LB4ZBwaPh6OCx8IxwevhmOCEeGo8K3wtHhmHBsOC4cH04Ik8K3w4nhO+Gk8N1wcjglnBpMC6eHM8KZ4XvhrHB2OCd8P5wbzgvnhwvCheGiEH++JIbk8KNwafhxmBIuC5eHK8KV4apwdbgmXBuuC9eHG8KN4aYyA38+NNwWbg93hDvDXeHucE/4abg3/CzcF34epoZfhPvDP4UHwi/Dg+FX4aHw6/Bw+E14JPw2PBp+Fx4Lvw+PhyfCk+EP4anwx/B0eCY8G54Lz4c/hRfCi+Gl0Kdd3Kd9vJMhQxkoAyVQAmWmzJSFslA2ykYxilEOykE5KSflolyUh/JQPspHBagApWFiKkgFKU5xKkyFqQgVoWJUjBw5KkklqRSVotJUmspQGSpLZakclaMKVIHuoDvoTrqT7qK76G66m6pSVapO1akG1aCaVJNqUS2qTbWpDtWhulSX6lE9akANqCE1pEbUiJpQE2pGzagFtaCW1JJaUStqQ22oLbWldtSO2lN76kAdqCN1pE7UiTpTZ+pCXagrdaVu1I26U3fqQT0okRKpN/WmPtSH+lE/GkADaCANpEE0iAbTYBpKQ2kYDaPhNJxG0EgaRW/RaBpDY2kcjacJlERJNJEm0iSaRJNpMk2lqTSdptNMmkmzaBbNoTk0l+bSfJpPC2khLabFtISWUDIl01JaSimUQstpOa2klbSaVtNaWkvraT1tpI20mTbTVtpK22gb7aAdtIt20R7aQ3tpL+2jfZRKqbSf9tMBOkAH6SAdokN0mA7TETpCR+koHaNjdJyO00k6SafoFJ2m03SWztJ5+oku0EW6RJ4SbCab2V5js9isNpvNbv8yzmPz2nw2vy1gQ5vL5v5NTNbaIraoLWaLW2dL2JL2pr+Ky9nytoK93d5hK9o7bSVbzmaCP49r2HttTXufrWXvt9XtPb+Ja9sHbB37iK1rG9t6tqltYJvbhvYR28g2tk1sU9vMNrdt7RO2nX3StrdPJXSwT/95bNPiJfZDu9aus+vtBrvXfmbP2nP2iP3Wnrc/2R62px1gX7ED7at2kH3NDrZDfhsD2FH2LTvajrFj7Tg73k74q3iqnWan2xl2pn3PzrKz/ypebD+wc22ynW8X2IV20eU4radk+5Fdaj+2KXaZXW5X2JV2lV1t1/zfXlfYTXaz3WL32E/tNrvd7rA77S67+3Kcdh777Oc21X5hD9tv7AH7pT1oj9pD9uvLcdr5HbXf2WP2e3vcnrAn7Q/2lP3RnrZnLp9/2rn/YC/aS9ZbYGTFmg0HnIEzcgJn4sx8DWfhrJyNs3OMr+UcfB3n5Os5F+fmPJyX83F+LsAhE1tmjrggF+I438CF+UYuwkW5GBdnxyW4JN/EpfhmLs23cBm+lcvybVyOy3MFvp3v4Ip8J1fiu7gy381VuCpX4+p8D9fge7km38e1+H6uzQ9wHX6Q6/JDXI/rcwN+mBvyI9yIG3MTbsrNuDm34Ee5JT/Grbg1t+HHuS0/we34SW7PT3EHfpo78jPciZ/lzvwcd+HnuSu/wN34Re7OL3EP7smJ3It788vch/tyP+7PA/gVHsiv8iB+jQfzEB7Kr/MwfoOH85s8gkfyKH6LR/MYHsvjeDxP4CR+myfyOzyJ3+XJPIWn8jSezjN4Jr/Hs3g2z+H3eS7P4/m8gBfyIl7MH/AS/pCT+SNeyh9zCi/j5byCV/IqXs1reC2v4/W8gTfyJt7MW3grf8LbeDvv4J28i3fzHv6U9/JnvI8/51T+gvfzn/gAf8kH+Ss+xF/zYf6Gj/C3fJS/42P8PR/nE3ySf+BT/COf5jN8ls/xef6JL/BFvsSeIcJIRToyURBliDJGCVGmKHN0TZQlyhpli7JHsejaKEd0XZQzuj7KFeWO8kR5o3xR/qhAFEYU2YijKCoYFYri0Q1R4ejGqEhUNCoWFY9cVCIqGd0UlYpujkpHt0RlolujstFtUbmofFQhuj26I6oY3RlViu6KKkd3R1WiqlG1qHp0T1QjujeqGd0X1Yruj0pHD0R1ogejutFDUb2oftQgejhqGD0SNYoaR02iplGzqHnUIno0ahk9FrWKWkdtosejttETUbvoyah99FTUIXr6yv6iwc+fpn+xPzHqFelfnpDdpxfGF8UXxz+IL4l/GE+OfxRfGv84nhJfFl8eXxFfGV8VXx1fE18bXxdfH98Q3xjfFN8c3xL3vnpGcJh2IwzGBS6Dy+gSXCaX2V3jsrisLpvL7mLuWpfDXedyuutdLpfb5XF5XT6X3xVwoSNnHbvIFXSFXNzd4Aq7G10RV9QVc8WdcyVcSdfctXAtXEv3mGvlWrs27nH3uHvCPeGeTPilcdfRPeM6uWddZ/ece84977q6F1w396Lr7l5yPVxPl+gSXW/X2/VxfVw/188NcAPcQDfQDXKD3GA32A11Q90wN8wNd8PdCDfCjXKj3Gg32o11Y914N94luSQ30U10k9wkN9lNdlPdVDfdTXcz3Uw3y81yc9wcN9fNdfPdfLfQLXSL3WK3xC1xyS7ZLXVLXYpLccvdcrfSrXSr3Wq31q116916t9FtdJvdZrfVbXXb3Da3w+1wu9wut8ftcXvdXrfP7XOpLtXtd/vdAXfAHXRfuUPua3fYfeOOuG/dUfedO+a+d8fdCXfSeX3K/ehOuzPurDvnzruf3AV30V1y3iXF3o5NjL0TmxR7NzY5NiU2NTYtNj02IzYz9l5sVmx2bE7s/djc2LzY/NiC2MLYotji2AexJbEPY8mxj2JLYx/HUmLLYstjK2IrY6ti3uffFvmCvpCP+xt8YX+jL+KL+mK+uHe+hC/pb/Kl/M2+tL/Fl/G3+rL+Nl/Ol/cVfGPfxDf1zXxz38I/6lv6x3wr39q38Y/7tv4J384/6dv7p3wH/7Tv6J/xnfyzvrN/znfxz8/7Zcq+u3/J9/A9faLv5Xv7l30f39f38/39AP+KH+hf9YP8a36wH+KH+tf9MP+GH+7f9CP8SD/Kv+VH+zF+rB/nx/sJPsm/7Sf6d/wk/66f7Kf4qX6an+5n+Jn+PT/Lz/Zz/Pt+rp/n5/sFfqFf5Bf7D/wS/6FP9h/5pf5jn+KX+eV+hV/pV/nVfo1f69f59X6D3+g3+c1+i9/qP/Hb/Ha/w+/0u/xuv8d/6vf6z/w+/7lP9V/4/f5P/oD/0h/0X/lD/mt/2H/jj/hv/VH/nT/mv/fH/Ql/0v/gT/kf/Wl/xp/15/x5/5O/4C/6S/I3a0IIIYQQfxf9B/t7/Y3vqV+2NL0BIOv2vIf+subGXD+v+6q9HWIA8FTPLvV/3erXT0xM/OXYFA1BoQUAELuSnwGuxMugDTwB7aE1lPqb/fVVFS5f9/2/6sdvBcgMkOnXnLTbo1/jK/Vv/p36jT/g362/7Of6CwCKFLqSk1b41/hK/dK/U39329+vf7n/TF8mAbT6s5wscCW+Ur8kPAZPQ/vfHCmEEEIIIYQQQvysrzrf9Q/uPy/fn+czv837Nf6j+/M/UOlf7V8IIYQQQgghhBB/7NkXuj35aPv2rTv9Ny8y/me08R+wQAD4D2hDFv/5i6v9m0kIIYQQQgjx73blov9qdyKEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQqRf//x/CFN/98FX+xyFEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEKIq+3/BAAA//+0FVXr")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
signalfd(0xffffffffffffffff, 0x0, 0x0)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
ioctl$sock_SIOCADDDLCI(r4, 0x8980, &(0x7f0000000a00)={'lo\x00', 0x101})
fsopen(0x0, 0x0)
truncate(&(0x7f0000000000)='./file1\x00', 0xd7fe)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x0, 0x7, 0x8, 0x8, 0x5}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000700)={{r5}, &(0x7f0000000680)=0x2, &(0x7f00000006c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18001000ff010000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="e115000000000000b7080000000000007b8af8fffb47cbe6664b05fa9dc9d84f9f00000000bfa200000000000007020000f8ffffffb7031b4c4d7aae34b368fc254a70785bad000008000000b704000000000000850000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='mm_page_alloc\x00', r6}, 0x10)
syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000001000000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='sys_enter\x00', r7}, 0x10)

155.649391ms ago: executing program 2:
r0 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000080)={0x80000043, 0x0, 0x0, 0x3}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x43}}}, 0x10)

146.638982ms ago: executing program 2:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000280)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@errors_continue}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f0000000680)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
chdir(&(0x7f0000000000)='./file0\x00')
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r0, 0x0)
readv(0xffffffffffffffff, &(0x7f0000001f80)=[{0x0}, {0x0}, {0xffffffffffffffff}], 0x3)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)

108.504737ms ago: executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@ipv6_delrule={0x30, 0x18, 0x1, 0x0, 0x0, {0xa, 0x80, 0x0, 0x0, 0xff, 0x3, 0x0, 0x6}, [@FRA_DST={0x14, 0x1, @mcast2}]}, 0x30}}, 0x0)

64.363122ms ago: executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff})
splice(r3, 0x0, r2, 0x0, 0x1, 0x0)
vmsplice(r2, &(0x7f0000000900)=[{&(0x7f00000005c0)="cb", 0x1}], 0x1, 0x0)
ioctl$sock_SIOCINQ(r2, 0x541b, &(0x7f0000000000))
close_range(r2, 0xffffffffffffffff, 0x0)

0s ago: executing program 2:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000ac0)='./file0\x00', 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="6c617a7974696d652c6e6f696e6c696e655f78617474722c6c617a7974696d652c6e6f626172726965722c6163746976655f6c6f67733d342c757365725f78617474722c6d6f64653d6c66732c616c6c6f635f6d6f64653d64656661756c742c00be9ee044c45511e65887f6fac9eba6d787c3684a836f23dbf8ad3dd5931c08b4d8bde7e8acbbf3bf3326f2faa5952a332ad2ced40c98a2affa2dad4d623f9ff3ffa81e45095548ab6200f069d0f63d20fd71d3043b0dd5c4cf9785f3f531abc19bc1548f5e0b33006bd1049ca45bd8500d67a5aa6e1c23d900000000007867738729e703bb122283fb2fae9813a0cfefcdf3dc96eb384dbb4268c50943198a96d9b1af9c91506b30922be8537f54e65cf60c6b6a5798955796aea325770d6ccc93a95fad93b2c7bad114fcbc55036a301c23b07073c71555791db8919235022bb0ee4294211ab9b43f3fbedecd223722d937aa22b31e2e9c97e5ea94e4ab83d4e5811c7556813c334aec856af0a0c12b3c93ba5aa906bde2268a0c6cbbb13f496d87c608604eb02b2c031d5ae40c75"], 0x1, 0x5511, &(0x7f0000015b80)="$eJzs3E1rY9UfB/CTdjqdp//8i7hwNxcGoYVJmPRh0F3VGXzADsWHhStNkzRkJsktTZrWrly4FBe+Djei4Mql+BIEXbsTF4o7Qck9pzIdFdRmkqn9fOD2e+/JzS+/E0rLuQk3AGfWQvbzj6VwNVwMIcyGEK6EUOyX0lZYj/FUCOFaCGHmga2Uxn8fOB9CuBRCuDoqHmuW0kMf3RheX/vhlZ+++Hr+3OVPPv92erMGpu3pEEJ3J+7vd2PmrZj30nht2C6yuzpMGR/o3k/Hecz95lZRYb92dF6tyJVWPD/f2euPcrtTq4+y1d4uxnd68QX7w9ZRneIJ92q7xXGjuVVku58X2TqMfR0cxr9th/1BrNNI9d4tyofB4CjjePOgGeczf7/Iem+QxmPdvNE8GOUwZXq5UM87jaKPrZO804+3V9u9vYNs2Nztt/NetlapPlOp3ipXd/NGc9BcLde6jVur2WKrMzqtPGjWuuutPG91mpV63l3KFlv1erlazRZvN7fatV5WrVZWKjfLa0tp70b24t03s04jWxzl8+3e3qDd6Wfb+W4Wn7GULVdWnl3Krlez1zc2s83X7tzZ2Hzj7dtv3X1u4+UX0kl/aCtbXL65vFyu3iwvV5dO7/xH/+v/0fzfT02Pcf5wIqVpNwBw+lj/A5P28VcxT/P6P/yb9f+O9f/DrP/P9vzhRKz/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADOrO/mPn2p2FmIx5fT+P/S0BPpuBRCmAkh/PonZsP5YzVnU525vzh/7qEeviyFosLoNebTdimEsJ62X/7/qN8FAAAA+O/67L1rH8bVevyxMO2GmKR40WbmyjtjqlcKIcwtfD+GKiFdbApPnryraPT7fS4cjKlacQHrwpiKxUtu58ZV7W+ZPRYXHohSjJmJtgMAAEzE8ZXAZFchAAAATNIH026A6Sg+aU3fxU9f4J+PkT4QvHjsCAAAADiFStNuAAAAAHjkivX/43P/v2+Kfff/AwAAgPGK9/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiNnfvJSR2K4gB8Wuh7vD9GYpy7FWewDFdgHDo0LMBNsATcghtgDThzCQYMbYnWYKLhto3k+5K23Bvy45QwOfeSAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANCmp2Ixfbi7uD80Z705TJq7AQAAAPZZFYtp+WJcjf/V8yf11Fk9ziIij4h9vfsgfjUyB3VO8cn7iw81PEaUCdvP+F0ffyPisj5eTtv+FgAAAOB4LWfzSdWtV6dx3wXRpWrRJv9/lSgvi4hi/JwoLd+ezhOFlb/vYdwmSisXsEaJwqolt2GqtC8ZNC6jd5esuuSdlgMAAHSi2Ql024UAAADQpZu+C6AfWey2Mnd7weU/7982BP80RgAAAMAPlPVdAAAAANC6sv/3/D8AAAA4btXz/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGjTqlhMl7P5pDF5/f2c9eYw6e4IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXtmfdxQIgTAIg73rO5O5/2GlQUNjkyoQPv7GYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4M3v/vJ/YmqcSeZeG0vPI8naqbF1auydG0d/GF+/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgYn9eUiAEgiAK5oz/nfT9DysJegYRIqDhUUUtGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4ot/98n9iapxJ5k4bS8cjydpVY+uqsfegcfRgvP0bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgYud+XuOo4gCAf3dnZ2urYoySQ0QUPOjFptva2qsHJXjwTxBCuq3RrT/aHGwpQi7eJOdeRI8ighJv/R96bqGXeuthDxU89VCZ2ZnkdS24WjqzST4fePO+Mwzzvm8SQr7zZhcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDa+L29OCs2C5O4Wx27df/aetHfnuoLN7bvLBetiDtNJr0PPHgYr6b7naX2cgEAAODwyOr6PiLu5jurRd9dKOv/vD6nqPl/eH4S1/X8dN1f93XtX7Tff7v38u5AC5Nxioue3xgNT/wzld7Tm+V8e+Ffz+iVd7589pKVP5Duh1svjfPyfna+u3nz/X4ZHmkiWwDg/zhe91VQ/z9U9IM2EwPg0OglhXdd/2cL7eYEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0IT+Vjxbx52IWO7txYXb96+tl/3U/o3tO8t1O3P9+nZ6zeISeUSc3xgNTzQ1kX3g8pWrn62NRsNLzQevRUR7o1fBxzOcE9FmhoInDbrV7/q85LM/gpb/MAEAcODkVSvq+rv5zmpxrLMY8fDHR+v/N5M40vp/qk/r/3ufnLmVjpXW/4PGZjj/VjYvfrly+crVtzcurl0YXhh+/s7JwbuDU2dPnz67Uj4rWfHEBAAAgCfTr1pa/3cXI8ZT6//HkjhmrP+/+n7wTTpWpv5/rL1Fv7YzAQAAONxefP2vPzuPOd7p9+Prtc3NS4PJdnf/5GTbQqr/2ZGqpfV/tth2VgAAAEATxludR9b/zyVxzLj+/9xPr/ySXjOLiKPV+v/x9S9G55qbTksezHRWEx8nfupTBQAAYK4drVq6/p+X7/93d1956EbEW29M4uprAGeq/7MPvv05HSt9//9Uc1OcS92lyf0o+6WI3lLbGQEAAHCQPVO1otj/I99Z/fTXYx/1vf8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0LS/AwAA//+xhkJ5")
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x4a37e, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x46342, 0x0)
ftruncate(r2, 0x2008002)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8088e3ad122bc192, 0x4002011, r1, 0x0)
fadvise64(r2, 0x0, 0x0, 0x4)

kernel console output (not intermixed with test programs):

9][T17236] bridge0: port 3(gretap0) entered disabled state
[  573.737758][T17236] device gretap0 left promiscuous mode
[  573.743132][T17236] bridge0: port 3(gretap0) entered disabled state
[  573.755463][  T360] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  573.775873][ T1724] hid-multitouch 0003:0EEF:72D0.0055: unbalanced delimiter at end of report description
[  573.800797][ T1724] hid-multitouch: probe of 0003:0EEF:72D0.0055 failed with error -22
[  573.816769][T20607] loop1: detected capacity change from 0 to 512
[  573.830296][T20607] EXT4-fs (loop1): 1 orphan inode deleted
[  573.835927][T20607] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  573.844781][T20607] ext4 filesystem being mounted at /root/syzkaller-testdir719304903/syzkaller.X02fOC/0/bus supports timestamps until 2038 (0x7fffffff)
[  573.859796][T20607] EXT4-fs (loop1): unmounting filesystem.
[  573.882018][T17236] device bridge_slave_1 left promiscuous mode
[  573.888073][T17236] bridge0: port 2(bridge_slave_1) entered disabled state
[  573.896316][T17236] device bridge_slave_0 left promiscuous mode
[  573.902412][T17236] bridge0: port 1(bridge_slave_0) entered disabled state
[  573.911051][T17236] device veth1_macvtap left promiscuous mode
[  573.917206][T17236] device veth0_vlan left promiscuous mode
[  573.956631][T20613] loop2: detected capacity change from 0 to 256
[  573.968460][T20613] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  574.011898][   T40] usb 4-1: USB disconnect, device number 45
[  574.160574][T20615] overlayfs: failed to resolve './file0': -2
[  574.360552][T20620] netlink: 'syz-executor.2': attribute type 11 has an invalid length.
[  574.411974][T20622] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  574.556408][   T28] kauditd_printk_skb: 129 callbacks suppressed
[  574.556423][   T28] audit: type=1326 audit(1852353031.922:4707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20631 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe4f747cea9 code=0x0
[  574.857108][T20642] loop3: detected capacity change from 0 to 512
[  574.878682][T20642] EXT4-fs (loop3): 1 orphan inode deleted
[  574.884757][T20642] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  574.893960][T20642] ext4 filesystem being mounted at /root/syzkaller-testdir3600037992/syzkaller.e65uve/70/bus supports timestamps until 2038 (0x7fffffff)
[  574.909269][T20642] EXT4-fs (loop3): unmounting filesystem.
[  575.547505][T20670] loop4: detected capacity change from 0 to 16
[  575.591572][T20670] erofs: (device loop4): mounted with root inode @ nid 36.
[  576.052435][   T28] audit: type=1326 audit(1852353033.316:4708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20687 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4f747cea9 code=0x7ffc0000
[  576.076912][   T28] audit: type=1326 audit(1852353033.316:4709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20687 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4f747cea9 code=0x7ffc0000
[  576.100989][   T28] audit: type=1326 audit(1852353033.316:4710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20687 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe4f747cea9 code=0x7ffc0000
[  576.125704][   T28] audit: type=1326 audit(1852353033.316:4711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20687 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4f747cea9 code=0x7ffc0000
[  576.149773][   T28] audit: type=1326 audit(1852353033.316:4712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20687 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4f747cea9 code=0x7ffc0000
[  576.174144][   T28] audit: type=1326 audit(1852353033.316:4713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20687 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe4f747cea9 code=0x7ffc0000
[  576.198062][   T28] audit: type=1326 audit(1852353033.344:4714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20687 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4f747cea9 code=0x7ffc0000
[  576.221928][   T28] audit: type=1326 audit(1852353033.344:4715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20687 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe4f747a627 code=0x7ffc0000
[  576.246111][   T28] audit: type=1326 audit(1852353033.344:4716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20687 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe4f74402e9 code=0x7ffc0000
[  576.309113][T20692] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'.
[  576.341462][T20695] netlink: 'syz-executor.3': attribute type 11 has an invalid length.
[  576.541139][T20710] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.1'.
[  576.863769][T20719] loop2: detected capacity change from 0 to 256
[  577.125158][T20731] netlink: 'syz-executor.2': attribute type 11 has an invalid length.
[  577.487994][T20744] loop3: detected capacity change from 0 to 512
[  577.507923][T20744] EXT4-fs (loop3): 1 orphan inode deleted
[  577.513894][T20744] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  577.523106][T20744] ext4 filesystem being mounted at /root/syzkaller-testdir3600037992/syzkaller.e65uve/78/bus supports timestamps until 2038 (0x7fffffff)
[  577.538417][T20744] EXT4-fs (loop3): unmounting filesystem.
[  577.654957][T20755] serio: Serial port pts0
[  577.818692][T20769] loop3: detected capacity change from 0 to 512
[  577.867883][T20769] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  577.876808][T20769] ext4 filesystem being mounted at /root/syzkaller-testdir3600037992/syzkaller.e65uve/80/bus supports timestamps until 2038 (0x7fffffff)
[  577.911761][   T40] usb 5-1: new high-speed USB device number 48 using dummy_hcd
[  577.921221][T19699] EXT4-fs (loop3): unmounting filesystem.
[  578.179101][   T40] usb 5-1: Using ep0 maxpacket: 16
[  578.206321][T20780] incfs_lookup_dentry err:-5
[  578.211617][T20780] incfs: Can't find or create .index dir in ./file0
[  578.222079][T20780] incfs: mount failed -5
[  578.521302][   T40] usb 5-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice=29.82
[  578.532905][T20794] syz-executor.3[20794] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  578.533273][T20794] syz-executor.3[20794] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  578.578543][   T40] usb 5-1: New USB device strings: Mfr=83, Product=5, SerialNumber=10
[  578.673553][   T40] usb 5-1: Product: syz
[  578.677634][   T40] usb 5-1: Manufacturer: syz
[  578.682121][   T40] usb 5-1: SerialNumber: syz
[  578.688933][   T40] usb 5-1: config 0 descriptor??
[  578.735343][   T40] usb 5-1: selecting invalid altsetting 1
[  578.742006][   T40] snd-usb-audio: probe of 5-1:0.0 failed with error -22
[  578.847343][T20801] serio: Serial port pts0
[  578.952558][ T4737] usb 5-1: USB disconnect, device number 48
[  578.963138][T20808] loop2: detected capacity change from 0 to 512
[  578.983038][T20808] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  578.991894][T20808] ext4 filesystem being mounted at /root/syzkaller-testdir3066071213/syzkaller.skO1SX/49/bus supports timestamps until 2038 (0x7fffffff)
[  579.019820][T20293] EXT4-fs (loop2): unmounting filesystem.
[  579.124803][   T10] Bluetooth: hci0: Frame reassembly failed (-84)
[  579.124805][T20817] incfs_lookup_dentry err:-5
[  579.124822][T20817] incfs: Can't find or create .index dir in ./file0
[  579.124855][T20817] incfs: mount failed -5
[  579.579501][   T40] usb 1-1: new high-speed USB device number 51 using dummy_hcd
[  579.836057][   T40] usb 1-1: Using ep0 maxpacket: 16
[  579.943366][   T28] kauditd_printk_skb: 178 callbacks suppressed
[  579.943382][   T28] audit: type=1326 audit(1852353036.955:4895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20827 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12cf27cea9 code=0x7ffc0000
[  579.973424][   T40] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  579.975161][   T28] audit: type=1326 audit(1852353036.955:4896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20827 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12cf27cea9 code=0x7ffc0000
[  579.984239][   T40] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  580.008589][   T28] audit: type=1326 audit(1852353036.955:4897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20827 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f12cf27cea9 code=0x7ffc0000
[  580.017864][   T40] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  580.041689][   T28] audit: type=1326 audit(1852353036.955:4898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20827 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12cf27cea9 code=0x7ffc0000
[  580.050766][   T40] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  580.075453][   T28] audit: type=1326 audit(1852353036.955:4899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20827 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12cf27cea9 code=0x7ffc0000
[  580.082812][   T40] usb 1-1: config 0 descriptor??
[  580.107443][   T28] audit: type=1326 audit(1852353036.955:4900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20827 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f12cf27cea9 code=0x7ffc0000
[  580.136616][   T28] audit: type=1326 audit(1852353036.955:4901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20827 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12cf27cea9 code=0x7ffc0000
[  580.160629][   T28] audit: type=1326 audit(1852353036.955:4902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20827 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f12cf27a627 code=0x7ffc0000
[  580.184584][   T28] audit: type=1326 audit(1852353036.955:4903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20827 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f12cf2402e9 code=0x7ffc0000
[  580.208867][   T28] audit: type=1326 audit(1852353036.955:4904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20827 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f12cf27a627 code=0x7ffc0000
[  580.851786][   T40] usbhid 1-1:0.0: can't add hid device: -71
[  580.860229][   T40] usbhid: probe of 1-1:0.0 failed with error -71
[  580.867562][   T40] usb 1-1: USB disconnect, device number 51
[  580.945447][T20856] syz-executor.1[20856] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  580.945802][T20856] syz-executor.1[20856] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  581.279344][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  581.279378][ T9452] Bluetooth: hci0: command 0x1003 tx timeout
[  581.302405][T20861] loop3: detected capacity change from 0 to 256
[  581.314609][T20861] exfat: Deprecated parameter 'utf8'
[  581.319942][T20861] exfat: Deprecated parameter 'utf8'
[  581.327884][T20861] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  583.096693][   T40] usb 5-1: new high-speed USB device number 49 using dummy_hcd
[  583.257067][  T360] usb 1-1: new high-speed USB device number 52 using dummy_hcd
[  583.353277][   T40] usb 5-1: Using ep0 maxpacket: 16
[  583.481712][   T40] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  583.492594][   T40] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  583.502728][   T40] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  583.511751][   T40] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  583.520285][   T40] usb 5-1: config 0 descriptor??
[  583.524325][  T360] usb 1-1: Using ep0 maxpacket: 16
[  583.877225][  T360] usb 1-1: config 0 has an invalid interface number: 2 but max is 0
[  583.885207][  T360] usb 1-1: config 0 has no interface number 0
[  583.891139][  T360] usb 1-1: config 0 interface 2 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1024
[  584.149005][  T360] usb 1-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= f.88
[  584.293414][T20953] loop1: detected capacity change from 0 to 1024
[  584.304016][   T40] usbhid 5-1:0.0: can't add hid device: -71
[  584.324770][  T360] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  584.332647][  T360] usb 1-1: Product: syz
[  584.336635][  T360] usb 1-1: Manufacturer: syz
[  584.341035][  T360] usb 1-1: SerialNumber: syz
[  584.346089][  T360] usb 1-1: config 0 descriptor??
[  584.350263][   T40] usbhid: probe of 5-1:0.0 failed with error -71
[  584.359011][T20953] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  584.368205][   T40] usb 5-1: USB disconnect, device number 49
[  584.379728][T20914] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  584.656888][T20964] loop2: detected capacity change from 0 to 256
[  584.666900][T20964] exfat: Deprecated parameter 'utf8'
[  584.672558][  T360] usb 1-1: invalid MIDI in EP 0
[  584.675350][T20964] exfat: Deprecated parameter 'utf8'
[  584.680579][  T360] snd-usb-audio: probe of 1-1:0.2 failed with error -22
[  584.684705][T20964] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  584.690048][  T360] usb 1-1: USB disconnect, device number 52
[  584.922397][T20593] EXT4-fs (loop1): unmounting filesystem.
[  585.306832][T20988] loop4: detected capacity change from 0 to 256
[  585.648813][T20996] loop1: detected capacity change from 0 to 256
[  585.660260][T20996] exfat: Deprecated parameter 'utf8'
[  585.665567][T20996] exfat: Deprecated parameter 'utf8'
[  585.673482][T20996] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  586.275450][   T40] usb 1-1: new high-speed USB device number 53 using dummy_hcd
[  586.298834][T21008] loop1: detected capacity change from 0 to 1024
[  586.307166][T21008] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  586.539146][   T40] usb 1-1: Using ep0 maxpacket: 16
[  586.667476][   T40] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  586.678419][   T40] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  586.688066][   T40] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  586.697081][   T40] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  586.734699][   T40] usb 1-1: config 0 descriptor??
[  586.749765][T21030] loop4: detected capacity change from 0 to 256
[  586.757316][T20593] EXT4-fs (loop1): unmounting filesystem.
[  586.805592][T21030] exfat: Deprecated parameter 'utf8'
[  586.811025][T21030] exfat: Deprecated parameter 'utf8'
[  586.818698][T21030] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  587.191360][  T360] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[  587.289436][T21041] EXT4-fs (sda1): re-mounted. Quota mode: none.
[  587.334668][T21047] loop1: detected capacity change from 0 to 2048
[  587.354258][T21047] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  587.415758][ T4737] usb 5-1: new high-speed USB device number 50 using dummy_hcd
[  587.479899][  T360] usb 3-1: Using ep0 maxpacket: 16
[  587.512223][   T40] usbhid 1-1:0.0: can't add hid device: -71
[  587.521080][   T40] usbhid: probe of 1-1:0.0 failed with error -71
[  587.530501][   T40] usb 1-1: USB disconnect, device number 53
[  587.832746][  T360] usb 3-1: config 0 has an invalid interface number: 2 but max is 0
[  587.840727][  T360] usb 3-1: config 0 has no interface number 0
[  587.846874][  T360] usb 3-1: config 0 interface 2 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1024
[  587.876291][ T4737] usb 5-1: Using ep0 maxpacket: 16
[  588.046721][  T360] usb 3-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= f.88
[  588.055880][  T360] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  588.063831][  T360] usb 3-1: Product: syz
[  588.067751][  T360] usb 3-1: Manufacturer: syz
[  588.072361][  T360] usb 3-1: SerialNumber: syz
[  588.077312][  T360] usb 3-1: config 0 descriptor??
[  588.110682][T21026] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  588.231317][ T4737] usb 5-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice=29.82
[  588.240610][ T4737] usb 5-1: New USB device strings: Mfr=83, Product=5, SerialNumber=10
[  588.248951][ T4737] usb 5-1: Product: syz
[  588.252985][ T4737] usb 5-1: Manufacturer: syz
[  588.257443][ T4737] usb 5-1: SerialNumber: syz
[  588.262810][ T4737] usb 5-1: config 0 descriptor??
[  588.271863][T20593] EXT4-fs (loop1): unmounting filesystem.
[  588.303571][ T4737] usb 5-1: selecting invalid altsetting 1
[  588.310949][ T4737] snd-usb-audio: probe of 5-1:0.0 failed with error -22
[  588.389087][  T360] usb 3-1: invalid MIDI in EP 0
[  588.394347][T21071] loop1: detected capacity change from 0 to 40427
[  588.395872][  T360] snd-usb-audio: probe of 3-1:0.2 failed with error -22
[  588.403270][T21071] F2FS-fs (loop1): invalid crc value
[  588.408622][  T360] usb 3-1: USB disconnect, device number 44
[  588.415179][T21071] F2FS-fs (loop1): Found nat_bits in checkpoint
[  588.444645][T21071] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  588.467763][T21071] syz-executor.1: attempt to access beyond end of device
[  588.467763][T21071] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  588.521825][ T4737] usb 5-1: USB disconnect, device number 50
[  588.643701][T21077] loop1: detected capacity change from 0 to 40427
[  588.651856][T21077] F2FS-fs (loop1): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  588.659443][T21077] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  588.668531][T21077] F2FS-fs (loop1): invalid crc value
[  588.674984][T21077] F2FS-fs (loop1): Found nat_bits in checkpoint
[  588.705443][T21077] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  588.712462][T21077] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  588.784866][T21083] EXT4-fs (sda1): re-mounted. Quota mode: none.
[  588.910073][T21087] syz-executor.1: attempt to access beyond end of device
[  588.910073][T21087] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  589.295569][T21104] loop0: detected capacity change from 0 to 512
[  589.302639][T21104] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  589.314560][T21104] EXT4-fs (loop0): 1 truncate cleaned up
[  589.320177][T21104] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  589.333174][T21104] EXT4-fs (loop0): unmounting filesystem.
[  589.350722][  T360] usb 4-1: new high-speed USB device number 46 using dummy_hcd
[  589.437980][T21113] syz-executor.4[21113] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  589.438032][T21113] syz-executor.4[21113] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  589.449742][ T4737] usb 3-1: new high-speed USB device number 45 using dummy_hcd
[  589.485033][T20593] syz-executor.1: attempt to access beyond end of device
[  589.485033][T20593] loop1: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  589.735653][  T360] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  589.746587][ T4737] usb 3-1: Using ep0 maxpacket: 16
[  589.751769][  T360] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  589.761526][  T360] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  589.770646][  T360] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  589.779250][  T360] usb 4-1: config 0 descriptor??
[  589.885281][ T4737] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  589.896023][ T4737] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  589.905512][ T4737] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  589.914389][ T4737] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  589.922797][ T4737] usb 3-1: config 0 descriptor??
[  590.002876][T15881] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[  590.074703][   T28] kauditd_printk_skb: 77 callbacks suppressed
[  590.074717][   T28] audit: type=1326 audit(1852353046.430:4982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21100 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fe447cea9 code=0x7fc00000
[  590.090593][T21129] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  590.220678][T21135] loop0: detected capacity change from 0 to 256
[  590.231142][T21134] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000001)
[  590.238976][T21134] FAT-fs (loop0): Filesystem has been set read-only
[  590.278795][T21139] loop4: detected capacity change from 0 to 2048
[  590.293151][T21139] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  590.684150][T21147] overlayfs: failed to resolve './file0': -2
[  590.727765][T15881] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  590.745405][T15881] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  590.932963][T15881] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  590.942338][T15881] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  590.950273][T15881] usb 2-1: SerialNumber: syz
[  591.103990][ T4737] usbhid 3-1:0.0: can't add hid device: -71
[  591.109814][ T4737] usbhid: probe of 3-1:0.0 failed with error -71
[  591.116375][ T4737] usb 3-1: USB disconnect, device number 45
[  591.211747][T18420] EXT4-fs (loop4): unmounting filesystem.
[  591.236728][T21158] overlayfs: bad index found (index=index/00fb210001fef82ea27d104f0ca664b7480d948ec00e5ed7320200000000000000, ftype=2000, origin ftype=a000).
[  591.253710][  T360] uclogic 0003:256C:006D.0056: interface is invalid, ignoring
[  591.296989][T15881] usb 2-1: 0:2 : does not exist
[  591.301790][T15881] usb 2-1: unit 5: unexpected type 0x0b
[  591.308362][T15881] usb 2-1: USB disconnect, device number 47
[  591.355750][T21160] loop4: detected capacity change from 0 to 40427
[  591.364488][T21160] F2FS-fs (loop4): Found nat_bits in checkpoint
[  591.398479][T21160] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  591.409903][   T28] audit: type=1400 audit(1852353047.674:4983): avc:  denied  { ioctl } for  pid=21159 comm="syz-executor.4" path="/root/syzkaller-testdir3263125129/syzkaller.Qot4cx/207/file0/memory.events.local" dev="loop4" ino=10 ioctlcmd=0xf510 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  591.445237][T18420] syz-executor.4: attempt to access beyond end of device
[  591.445237][T18420] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  591.472486][ T4737] usb 4-1: USB disconnect, device number 46
[  591.577997][T21178] loop2: detected capacity change from 0 to 512
[  591.586238][T21178] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz-executor.2: bg 0: block 393: padding at end of block bitmap is not set
[  591.601059][T21178] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6157: Corrupt filesystem
[  591.609878][T21178] EXT4-fs (loop2): 2 truncates cleaned up
[  591.615408][T21178] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  591.628387][T20293] EXT4-fs (loop2): unmounting filesystem.
[  591.884415][  T316] usb 5-1: new high-speed USB device number 51 using dummy_hcd
[  591.924145][T21197] loop1: detected capacity change from 0 to 2048
[  591.966352][T21198] loop2: detected capacity change from 0 to 512
[  591.973801][T21198] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  591.983925][T21197]  loop1: p1 < > p3
[  591.985440][T21198] EXT4-fs (loop2): 1 truncate cleaned up
[  591.988116][T21197] loop1: p3 size 134217728 extends beyond EOD, truncated
[  591.993201][T21198] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  592.025518][T21198] EXT4-fs (loop2): unmounting filesystem.
[  592.269274][  T316] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  592.280038][  T316] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  592.292648][  T316] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  592.301478][  T316] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  592.309761][  T316] usb 5-1: config 0 descriptor??
[  592.397547][   T40] usb 4-1: new high-speed USB device number 47 using dummy_hcd
[  592.445568][   T28] audit: type=1400 audit(1852353048.647:4984): avc:  denied  { bind } for  pid=21208 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  592.445925][T21209] xt_CT: You must specify a L4 protocol and not use inversions on it
[  592.675520][   T40] usb 4-1: Using ep0 maxpacket: 16
[  592.682845][T21217] syz-executor.0[21217] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  592.683134][T21217] syz-executor.0[21217] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  592.808046][   T28] audit: type=1326 audit(1852353048.928:4985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21190 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4f747cea9 code=0x7fc00000
[  592.835921][   T40] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  592.843711][   T28] audit: type=1326 audit(1852353048.928:4986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21190 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe4f747cea9 code=0x7fc00000
[  592.855378][  T316] plantronics 0003:047F:FFFF.0057: No inputs registered, leaving
[  592.878120][   T28] audit: type=1326 audit(1852353048.928:4987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21190 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4f747cea9 code=0x7fc00000
[  592.886621][   T40] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  592.909319][   T28] audit: type=1326 audit(1852353048.937:4988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21190 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4f747cea9 code=0x7fc00000
[  592.942916][   T28] audit: type=1326 audit(1852353048.937:4989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21190 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4f747cea9 code=0x7fc00000
[  592.966972][   T40] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  592.975925][   T28] audit: type=1326 audit(1852353048.937:4990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21190 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4f747cea9 code=0x7fc00000
[  592.976622][   T40] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  593.000125][   T28] audit: type=1326 audit(1852353048.937:4991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21190 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4f747cea9 code=0x7fc00000
[  593.007842][  T316] plantronics 0003:047F:FFFF.0057: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  593.077211][   T40] usb 4-1: config 0 descriptor??
[  593.563020][  T316] usb 5-1: USB disconnect, device number 51
[  593.744564][   T40] usbhid 4-1:0.0: can't add hid device: -71
[  593.750365][   T40] usbhid: probe of 4-1:0.0 failed with error -71
[  593.757271][   T40] usb 4-1: USB disconnect, device number 47
[  594.108025][ T4737] usb 3-1: new high-speed USB device number 46 using dummy_hcd
[  594.210754][T21238] loop3: detected capacity change from 0 to 256
[  594.222678][T21237] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000001)
[  594.230536][T21237] FAT-fs (loop3): Filesystem has been set read-only
[  594.245121][T21240] xt_CT: You must specify a L4 protocol and not use inversions on it
[  594.546401][ T4737] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  594.557320][ T4737] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  594.566936][ T4737] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  594.590074][ T4737] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  594.598667][ T4737] usb 3-1: config 0 descriptor??
[  595.524042][T21268] loop0: detected capacity change from 0 to 256
[  595.537201][T21267] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000001)
[  595.538656][T21266] loop3: detected capacity change from 0 to 2048
[  595.545293][T21267] FAT-fs (loop0): Filesystem has been set read-only
[  595.558790][T21266] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  595.572272][T21266] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  595.588451][T21272] xt_CT: You must specify a L4 protocol and not use inversions on it
[  595.661208][T19699] EXT4-fs (loop3): unmounting filesystem.
[  595.869048][T21287] loop3: detected capacity change from 0 to 40427
[  595.878080][T21287] F2FS-fs (loop3): Found nat_bits in checkpoint
[  595.901647][T21287] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  595.909451][ T4737] uclogic 0003:256C:006D.0058: interface is invalid, ignoring
[  595.925632][T19699] syz-executor.3: attempt to access beyond end of device
[  595.925632][T19699] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  596.067869][T21299] netlink: 192 bytes leftover after parsing attributes in process `syz-executor.4'.
[  596.101511][   T28] kauditd_printk_skb: 32 callbacks suppressed
[  596.101527][   T28] audit: type=1326 audit(1852353052.071:5024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21304 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f12cc07cea9 code=0x0
[  596.135545][   T24] usb 3-1: USB disconnect, device number 46
[  596.456625][T21317] loop0: detected capacity change from 0 to 40427
[  596.465808][T21317] F2FS-fs (loop0): Found nat_bits in checkpoint
[  596.504043][T21317] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  596.531347][T19989] syz-executor.0: attempt to access beyond end of device
[  596.531347][T19989] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  596.611067][   T28] audit: type=1326 audit(1852353052.548:5025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21322 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5fe447cea9 code=0x0
[  596.728025][   T28] audit: type=1326 audit(1852353052.660:5026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21322 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5fe447cea9 code=0x0
[  597.052722][T21334] netlink: 192 bytes leftover after parsing attributes in process `syz-executor.4'.
[  597.158772][T21350] device pim6reg1 entered promiscuous mode
[  597.197917][T21354] loop4: detected capacity change from 0 to 256
[  597.210569][T21354] FAT-fs (loop4): Directory bread(block 64) failed
[  597.216911][T21354] FAT-fs (loop4): Directory bread(block 65) failed
[  597.223371][T21354] FAT-fs (loop4): Directory bread(block 66) failed
[  597.229824][T21354] FAT-fs (loop4): Directory bread(block 67) failed
[  597.236238][T21354] FAT-fs (loop4): Directory bread(block 68) failed
[  597.243057][T21354] FAT-fs (loop4): Directory bread(block 69) failed
[  597.249408][T21354] FAT-fs (loop4): Directory bread(block 70) failed
[  597.255738][T21354] FAT-fs (loop4): Directory bread(block 71) failed
[  597.262152][T21354] FAT-fs (loop4): Directory bread(block 72) failed
[  597.268407][T21354] FAT-fs (loop4): Directory bread(block 73) failed
[  597.302270][T21358] netlink: 192 bytes leftover after parsing attributes in process `syz-executor.4'.
[  597.320544][T21360] loop4: detected capacity change from 0 to 512
[  597.326990][T21360] EXT4-fs: quotafile must be on filesystem root
[  597.427042][T21365] tipc: Failed to remove unknown binding: 66,1,1/0:2757701005/2757701007
[  597.435347][T21365] tipc: Failed to remove unknown binding: 66,1,1/0:2757701005/2757701007
[  597.443932][   T24] usb 4-1: new high-speed USB device number 48 using dummy_hcd
[  597.532052][T21381] device pim6reg1 entered promiscuous mode
[  597.640692][T21386] netlink: 192 bytes leftover after parsing attributes in process `syz-executor.4'.
[  597.664843][T21392] loop2: detected capacity change from 0 to 512
[  597.671772][T21392] EXT4-fs: quotafile must be on filesystem root
[  597.679231][T21390] tipc: Failed to remove unknown binding: 66,1,1/0:101554911/101554913
[  597.687437][T21390] tipc: Failed to remove unknown binding: 66,1,1/0:101554911/101554913
[  597.842307][T21408] device pim6reg1 entered promiscuous mode
[  597.860536][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  597.871395][   T24] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  597.884067][   T24] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  597.894340][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  597.940506][   T24] usb 4-1: config 0 descriptor??
[  598.545248][   T24] plantronics 0003:047F:FFFF.0059: unknown main item tag 0x0
[  598.552535][   T24] plantronics 0003:047F:FFFF.0059: unknown main item tag 0x0
[  598.559989][   T24] plantronics 0003:047F:FFFF.0059: No inputs registered, leaving
[  598.568240][   T24] plantronics 0003:047F:FFFF.0059: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  598.788654][T21425] loop4: detected capacity change from 0 to 40427
[  598.800512][T21425] F2FS-fs (loop4): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  598.808184][T21425] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  598.841295][T21425] F2FS-fs (loop4): invalid crc value
[  598.862240][T21425] F2FS-fs (loop4): Found nat_bits in checkpoint
[  598.868298][T21434] loop0: detected capacity change from 0 to 512
[  598.868790][T21434] EXT4-fs: quotafile must be on filesystem root
[  598.914475][T21425] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  598.921920][T21425] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  599.143206][T21456] syz-executor.4: attempt to access beyond end of device
[  599.143206][T21456] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  599.628904][T18420] syz-executor.4: attempt to access beyond end of device
[  599.628904][T18420] loop4: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  599.944271][T21480] netlink: 'syz-executor.0': attribute type 30 has an invalid length.
[  599.956434][T21476] device pim6reg1 entered promiscuous mode
[  600.277431][T21510] loop0: detected capacity change from 0 to 1024
[  600.300023][T21510] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  600.336654][T21510] EXT4-fs error (device loop0): ext4_read_inode_bitmap:140: comm syz-executor.0: Invalid inode bitmap blk 18435710331736723584 in block_group 0
[  600.354904][T19989] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 16: comm syz-executor.0: path /root/syzkaller-testdir565436632/syzkaller.xPOJRP/130/bus: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  600.380624][T19989] EXT4-fs error (device loop0): __ext4_get_inode_loc:4497: comm syz-executor.0: Invalid inode table block 7485954548343485821 in block_group 0
[  600.395535][T19989] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5870: Corrupt filesystem
[  600.395851][T20098] usb 4-1: USB disconnect, device number 48
[  600.411794][T19989] EXT4-fs error (device loop0): ext4_dirty_inode:6074: inode #2: comm syz-executor.0: mark_inode_dirty error
[  600.426512][  T226] EXT4-fs error (device loop0): __ext4_get_inode_loc:4497: comm kworker/u4:3: Invalid inode table block 7485954548343485821 in block_group 0
[  600.441529][T19989] EXT4-fs (loop0): unmounting filesystem.
[  600.596306][T21520] bridge0: port 1(bridge_slave_0) entered blocking state
[  600.603189][T21520] bridge0: port 1(bridge_slave_0) entered disabled state
[  600.610644][T21520] device bridge_slave_0 entered promiscuous mode
[  600.618367][T21520] bridge0: port 2(bridge_slave_1) entered blocking state
[  600.625247][T21520] bridge0: port 2(bridge_slave_1) entered disabled state
[  600.633435][T21520] device bridge_slave_1 entered promiscuous mode
[  600.707626][T21521] bridge0: port 1(bridge_slave_0) entered blocking state
[  600.714522][T21521] bridge0: port 1(bridge_slave_0) entered disabled state
[  600.721796][T21521] device bridge_slave_0 entered promiscuous mode
[  600.732481][T21521] bridge0: port 2(bridge_slave_1) entered blocking state
[  600.739433][T21521] bridge0: port 2(bridge_slave_1) entered disabled state
[  600.746492][T21521] device bridge_slave_1 entered promiscuous mode
[  600.801031][T21520] bridge0: port 2(bridge_slave_1) entered blocking state
[  600.807894][T21520] bridge0: port 2(bridge_slave_1) entered forwarding state
[  600.815117][T21520] bridge0: port 1(bridge_slave_0) entered blocking state
[  600.821914][T21520] bridge0: port 1(bridge_slave_0) entered forwarding state
[  600.840758][T21521] bridge0: port 2(bridge_slave_1) entered blocking state
[  600.847640][T21521] bridge0: port 2(bridge_slave_1) entered forwarding state
[  600.854684][T21521] bridge0: port 1(bridge_slave_0) entered blocking state
[  600.861574][T21521] bridge0: port 1(bridge_slave_0) entered forwarding state
[  600.885596][ T4737] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  600.893102][ T4737] bridge0: port 1(bridge_slave_0) entered disabled state
[  600.900325][ T4737] bridge0: port 2(bridge_slave_1) entered disabled state
[  600.907700][ T4737] bridge0: port 1(bridge_slave_0) entered disabled state
[  600.914986][ T4737] bridge0: port 2(bridge_slave_1) entered disabled state
[  600.928518][  T360] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  600.936824][  T360] bridge0: port 1(bridge_slave_0) entered blocking state
[  600.943707][  T360] bridge0: port 1(bridge_slave_0) entered forwarding state
[  600.960413][  T468] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  600.968317][  T468] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  600.976735][  T468] bridge0: port 1(bridge_slave_0) entered blocking state
[  600.983958][  T468] bridge0: port 1(bridge_slave_0) entered forwarding state
[  600.991483][  T468] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  601.000607][  T468] bridge0: port 2(bridge_slave_1) entered blocking state
[  601.007758][  T468] bridge0: port 2(bridge_slave_1) entered forwarding state
[  601.014965][  T468] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  601.023014][  T468] bridge0: port 2(bridge_slave_1) entered blocking state
[  601.029910][  T468] bridge0: port 2(bridge_slave_1) entered forwarding state
[  601.057013][ T4737] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  601.065576][ T4737] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  601.073565][ T4737] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  601.085203][ T4737] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  601.109904][  T360] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  601.117975][  T360] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  601.125903][  T360] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  601.134271][  T360] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  601.142906][  T360] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  601.151555][  T360] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  601.161249][T21520] device veth0_vlan entered promiscuous mode
[  601.168931][  T226] device bridge_slave_0 left promiscuous mode
[  601.174940][  T226] bridge0: port 1(bridge_slave_0) entered disabled state
[  601.183257][  T226] device veth1_macvtap left promiscuous mode
[  601.189225][  T226] device veth0_vlan left promiscuous mode
[  601.274490][ T4737] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  601.282259][ T4737] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  601.296961][T21520] device veth1_macvtap entered promiscuous mode
[  601.304292][  T360] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  601.312057][  T360] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  601.319327][  T360] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  601.327458][  T360] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  601.336071][  T360] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  601.346732][  T360] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  601.354909][  T360] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  601.366972][T20098] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  601.375407][T20098] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  601.383767][T20098] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  601.391960][T20098] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  601.400050][T20098] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  601.408588][T20098] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  601.416270][  T316] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[  601.424030][T21521] device veth0_vlan entered promiscuous mode
[  601.431334][T20098] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  601.438712][T20098] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  601.456088][  T360] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  601.464270][  T360] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  601.473747][T21521] device veth1_macvtap entered promiscuous mode
[  601.492245][  T468] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  601.500145][  T468] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  601.508857][  T468] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  601.517271][  T468] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  601.525852][  T468] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  601.554207][T21547] loop0: detected capacity change from 0 to 512
[  601.560806][T21547] EXT4-fs: quotafile must be on filesystem root
[  601.901883][  T316] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  601.919665][  T316] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  601.935135][   T28] audit: type=1326 audit(1852353057.534:5027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21561 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f11d847cea9 code=0x0
[  601.970091][T21564] loop4: detected capacity change from 0 to 256
[  602.025585][   T28] audit: type=1400 audit(1852353057.608:5028): avc:  denied  { append } for  pid=21569 comm="syz-executor.4" name="ppp" dev="devtmpfs" ino=138 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  602.050209][   T28] audit: type=1326 audit(1852353057.608:5029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21561 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f11d847cea9 code=0x0
[  602.091757][  T316] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  602.113514][  T316] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  602.121686][  T316] usb 3-1: SerialNumber: syz
[  602.298944][  T226] device bridge_slave_0 left promiscuous mode
[  602.305321][  T226] bridge0: port 1(bridge_slave_0) entered disabled state
[  602.315887][  T226] device veth1_macvtap left promiscuous mode
[  602.322276][  T226] device veth0_vlan left promiscuous mode
[  602.565890][  T316] usb 3-1: 0:2 : does not exist
[  602.570877][  T316] usb 3-1: unit 5: unexpected type 0x0c
[  602.600982][  T316] usb 3-1: USB disconnect, device number 47
[  603.055462][T21597] loop3: detected capacity change from 0 to 256
[  603.111086][   T28] audit: type=1326 audit(1852353058.628:5030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21605 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f12cc07cea9 code=0x0
[  603.164237][   T28] audit: type=1400 audit(1852353058.675:5031): avc:  denied  { watch watch_reads } for  pid=21618 comm="syz-executor.3" path="/root/syzkaller-testdir1788367978/syzkaller.irXebf/12/file0" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=dir permissive=1
[  603.211738][T21623] loop3: detected capacity change from 0 to 256
[  603.224378][   T28] audit: type=1326 audit(1852353058.731:5032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21605 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f12cc07cea9 code=0x0
[  603.553838][T21654] loop3: detected capacity change from 0 to 40427
[  603.561412][T21654] F2FS-fs (loop3): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  603.569768][T21654] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  603.578395][T21654] F2FS-fs (loop3): invalid crc value
[  603.585103][T21654] F2FS-fs (loop3): Found nat_bits in checkpoint
[  603.609301][T21654] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  603.616281][T21654] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  603.626087][T21654] syz-executor.3: attempt to access beyond end of device
[  603.626087][T21654] loop3: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  603.688444][T21661] tmpfs: Unknown parameter '"'
[  603.761708][ T4737] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[  604.136236][   T28] audit: type=1326 audit(1852353059.591:5033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21697 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba67c7cea9 code=0x7fc00000
[  604.146561][ T4737] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  604.160145][   T28] audit: type=1326 audit(1852353059.591:5034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21697 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fba67c7cea9 code=0x7fc00000
[  604.170301][ T4737] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  604.285979][ T4737] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  604.295015][ T4737] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  604.302855][ T4737] usb 3-1: SerialNumber: syz
[  604.311180][T21713] overlayfs: statfs failed on './file0'
[  604.408120][   T28] audit: type=1326 audit(1852353059.835:5035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21716 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11d847cea9 code=0x7ffc0000
[  604.432903][   T28] audit: type=1326 audit(1852353059.835:5036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21716 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11d847cea9 code=0x7ffc0000
[  604.606746][ T4737] usb 3-1: 0:2 : does not exist
[  604.611644][ T4737] usb 3-1: unit 5: unexpected type 0x0c
[  604.620484][ T4737] usb 3-1: USB disconnect, device number 48
[  604.828161][T21729] xt_l2tp: v2 doesn't support IP mode
[  605.228285][T21756] kvm: pic: non byte read
[  605.232611][T21756] kvm: pic: non byte read
[  605.237158][T21756] kvm: pic: level sensitive irq not supported
[  605.237235][T21756] kvm: pic: non byte read
[  605.266479][T21756] kvm: pic: non byte read
[  605.271616][T21756] kvm: pic: non byte read
[  605.275939][T21756] kvm: pic: level sensitive irq not supported
[  605.276035][T21756] kvm: pic: non byte read
[  605.826456][T21784] loop2: detected capacity change from 0 to 512
[  605.833338][T21784] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  605.846641][T21784] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #15: comm syz-executor.2: casefold flag without casefold feature
[  605.859961][T21784] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: inode #12: comm syz-executor.2: missing EA_INODE flag
[  605.872882][T21784] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz-executor.2: error while reading EA inode 12 err=-117
[  605.908349][T21784] EXT4-fs (loop2): 1 orphan inode deleted
[  605.958945][T21784] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  606.114373][T20293] EXT4-fs (loop2): unmounting filesystem.
[  606.189700][T21798] loop2: detected capacity change from 0 to 2048
[  606.200357][T21798] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  606.208799][T21798] ext4 filesystem being mounted at /root/syzkaller-testdir3066071213/syzkaller.skO1SX/120/bus supports timestamps until 2038 (0x7fffffff)
[  606.233348][T20293] EXT4-fs (loop2): unmounting filesystem.
[  606.462743][T21813] input: syz1 as /devices/virtual/input/input75
[  607.649416][   T28] kauditd_printk_skb: 8248 callbacks suppressed
[  607.649433][   T28] audit: type=1326 audit(1852353062.398:13285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21802 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe4f74402e9 code=0x7ffc0000
[  607.739178][T21866] syz-executor.2[21866] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  607.739264][T21866] syz-executor.2[21866] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  607.930998][T15881] usb 4-1: new high-speed USB device number 49 using dummy_hcd
[  607.954786][T21906] Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored.
[  608.218555][T21925] loop0: detected capacity change from 0 to 2048
[  608.225786][T21925] EXT4-fs (loop0): unsupported inode size: 0
[  608.231813][T21925] EXT4-fs (loop0): blocksize: 4096
[  608.326596][T15881] usb 4-1: config 0 has an invalid interface number: 169 but max is 1
[  608.337456][T15881] usb 4-1: config 0 has no interface number 1
[  608.508313][T15881] usb 4-1: New USB device found, idVendor=0dba, idProduct=1000, bcdDevice=e9.34
[  608.527960][T15881] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  608.535783][T15881] usb 4-1: Product: syz
[  608.539785][T15881] usb 4-1: Manufacturer: syz
[  608.544207][T15881] usb 4-1: SerialNumber: syz
[  608.549256][T15881] usb 4-1: config 0 descriptor??
[  608.822679][T15881] usb 4-1: USB disconnect, device number 49
[  608.844155][T21933] syz-executor.2[21933] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  608.844202][T21933] syz-executor.2[21933] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  608.946629][   T24] usb 5-1: new high-speed USB device number 52 using dummy_hcd
[  609.384966][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  609.395747][   T24] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  609.408940][   T24] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  609.417816][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  609.426074][   T24] usb 5-1: config 0 descriptor??
[  609.963116][   T24] plantronics 0003:047F:FFFF.005A: unknown main item tag 0x0
[  609.972556][   T24] plantronics 0003:047F:FFFF.005A: unknown main item tag 0x0
[  609.985022][   T24] plantronics 0003:047F:FFFF.005A: No inputs registered, leaving
[  610.029807][   T24] plantronics 0003:047F:FFFF.005A: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  610.042967][T21964] syz-executor.2[21964] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  610.043050][T21964] syz-executor.2[21964] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  611.162138][T21994] netem: change failed
[  611.865559][  T316] usb 5-1: USB disconnect, device number 52
[  611.969733][T22023] netem: change failed
[  612.164149][T22030] loop4: detected capacity change from 0 to 40427
[  612.171376][T22030] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  612.179043][T22030] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  612.187915][T22030] F2FS-fs (loop4): invalid crc value
[  612.194772][T22030] F2FS-fs (loop4): Found nat_bits in checkpoint
[  612.232755][T22030] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  612.239966][T22030] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  612.252555][   T10] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  612.261852][   T10] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  612.279408][T22030] F2FS-fs (loop4): skip recovering inline_dots inode (ino:3, pino:3) in readonly mountpoint
[  612.381167][T22078] loop4: detected capacity change from 0 to 512
[  612.391736][T22078] EXT4-fs (loop4): 1 truncate cleaned up
[  612.397782][T22078] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  612.417185][T22078] EXT4-fs error (device loop4): __ext4_get_inode_loc:4497: comm syz-executor.4: Invalid inode table block 0 in block_group 0
[  612.419354][T22084] netlink: 488 bytes leftover after parsing attributes in process `syz-executor.2'.
[  612.430324][T22078] EXT4-fs error (device loop4): __ext4_get_inode_loc:4497: comm syz-executor.4: Invalid inode table block 0 in block_group 0
[  612.452416][T22078] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5870: Corrupt filesystem
[  612.462126][T22078] EXT4-fs error (device loop4): ext4_dirty_inode:6074: inode #12: comm syz-executor.4: mark_inode_dirty error
[  612.476796][T22078] EXT4-fs error (device loop4): __ext4_get_inode_loc:4497: comm syz-executor.4: Invalid inode table block 0 in block_group 0
[  612.494026][T18420] EXT4-fs error (device loop4): ext4_map_blocks:607: inode #2: block 13: comm syz-executor.4: lblock 0 mapped to illegal pblock 13 (length 1)
[  612.508970][T18420] EXT4-fs warning (device loop4): htree_dirblock_to_tree:1082: inode #2: lblock 0: comm syz-executor.4: error -117 reading directory block
[  612.523387][T18420] EXT4-fs error (device loop4): __ext4_get_inode_loc:4497: comm syz-executor.4: Invalid inode table block 0 in block_group 0
[  612.536482][T18420] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5870: Corrupt filesystem
[  612.545770][T22093] loop2: detected capacity change from 0 to 256
[  612.546161][T18420] EXT4-fs error (device loop4): ext4_dirty_inode:6074: inode #2: comm syz-executor.4: mark_inode_dirty error
[  612.554253][T22093] exFAT-fs (loop2): failed to load upcase table (idx : 0x0001e4a3, chksum : 0x009ea0b8, utbl_chksum : 0x7319d30d)
[  612.575191][   T10] EXT4-fs error (device loop4): __ext4_get_inode_loc:4497: comm kworker/u4:1: Invalid inode table block 0 in block_group 0
[  612.589169][T18420] EXT4-fs (loop4): unmounting filesystem.
[  612.619835][T22099] device pim6reg1 entered promiscuous mode
[  612.770163][T22115] loop2: detected capacity change from 0 to 256
[  612.779187][T22115] exFAT-fs (loop2): failed to load upcase table (idx : 0x0001e4a3, chksum : 0x009ea0b8, utbl_chksum : 0x7319d30d)
[  612.811340][T22109] bridge0: port 1(bridge_slave_0) entered blocking state
[  612.818443][T22109] bridge0: port 1(bridge_slave_0) entered disabled state
[  612.825771][T22109] device bridge_slave_0 entered promiscuous mode
[  612.835563][T22109] bridge0: port 2(bridge_slave_1) entered blocking state
[  612.845906][T22109] bridge0: port 2(bridge_slave_1) entered disabled state
[  612.853332][T22109] device bridge_slave_1 entered promiscuous mode
[  612.929823][T22109] bridge0: port 2(bridge_slave_1) entered blocking state
[  612.936727][T22109] bridge0: port 2(bridge_slave_1) entered forwarding state
[  612.943804][T22109] bridge0: port 1(bridge_slave_0) entered blocking state
[  612.950609][T22109] bridge0: port 1(bridge_slave_0) entered forwarding state
[  612.985228][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  612.993353][   T24] bridge0: port 1(bridge_slave_0) entered disabled state
[  613.001567][   T24] bridge0: port 2(bridge_slave_1) entered disabled state
[  613.033297][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  613.059215][  T316] bridge0: port 1(bridge_slave_0) entered blocking state
[  613.066093][  T316] bridge0: port 1(bridge_slave_0) entered forwarding state
[  613.074244][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  613.082341][  T316] bridge0: port 2(bridge_slave_1) entered blocking state
[  613.089339][  T316] bridge0: port 2(bridge_slave_1) entered forwarding state
[  613.097016][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  613.104915][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  613.133637][T22109] device veth0_vlan entered promiscuous mode
[  613.148652][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  613.156968][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  613.171102][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  613.178924][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  613.204201][T22109] device veth1_macvtap entered promiscuous mode
[  613.216584][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  613.224153][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  613.231443][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  613.256038][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  613.264143][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  613.277867][  T226] device bridge_slave_1 left promiscuous mode
[  613.283827][  T226] bridge0: port 2(bridge_slave_1) entered disabled state
[  613.296422][  T226] device bridge_slave_0 left promiscuous mode
[  613.308392][  T226] bridge0: port 1(bridge_slave_0) entered disabled state
[  613.317583][  T226] device veth1_macvtap left promiscuous mode
[  613.327061][  T226] device veth0_vlan left promiscuous mode
[  613.473645][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  613.490381][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  613.498595][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  613.515466][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  613.595844][T22137] EXT4-fs warning (device sda1): ext4_group_extend:1869: can't shrink FS - resize aborted
[  613.777011][T22151] loop2: detected capacity change from 0 to 2048
[  613.790837][T22151] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  613.811604][T20293] EXT4-fs (loop2): unmounting filesystem.
[  613.847297][T22157] loop2: detected capacity change from 0 to 2048
[  613.854480][T22157] EXT4-fs (loop2): unsupported inode size: 0
[  613.860286][T22157] EXT4-fs (loop2): blocksize: 4096
[  613.888793][T22153] loop3: detected capacity change from 0 to 40427
[  613.895484][T22153] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  613.903106][T22153] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  613.911917][T22153] F2FS-fs (loop3): invalid crc value
[  613.918417][T22153] F2FS-fs (loop3): Found nat_bits in checkpoint
[  613.955724][T22153] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  613.962762][T22153] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  613.988958][   T10] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  613.999241][   T10] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  614.023720][T22153] F2FS-fs (loop3): skip recovering inline_dots inode (ino:3, pino:3) in readonly mountpoint
[  615.359556][T22191] loop4: detected capacity change from 0 to 2048
[  615.392665][T22191] EXT4-fs (loop4): unsupported inode size: 0
[  615.398650][T22191] EXT4-fs (loop4): blocksize: 4096
[  615.427601][T22199] device syzkaller0 entered promiscuous mode
[  615.434623][T22199] PF_CAN: dropped non conform CAN skbuff: dev type 65534, len 65487
[  615.552432][T22219] loop3: detected capacity change from 0 to 256
[  615.978835][T22230] loop3: detected capacity change from 0 to 2048
[  616.009986][T22230] EXT4-fs (loop3): unsupported inode size: 0
[  616.021027][T22230] EXT4-fs (loop3): blocksize: 4096
[  616.781092][T22281] loop4: detected capacity change from 0 to 1024
[  616.789294][T22281] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  616.820535][T22109] EXT4-fs (loop4): unmounting filesystem.
[  616.861546][T22287] device pim6reg1 entered promiscuous mode
[  616.920574][T22289] loop4: detected capacity change from 0 to 512
[  616.927526][T22289] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  616.938787][T22289] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  616.953208][T22289] EXT4-fs (loop4): 1 orphan inode deleted
[  616.959056][T22289] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  616.975111][T22109] EXT4-fs (loop4): unmounting filesystem.
[  617.001547][T20098] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[  617.054311][T22299] loop3: detected capacity change from 0 to 256
[  617.127892][T22305] overlayfs: statfs failed on './file0'
[  617.171217][T22309] loop3: detected capacity change from 0 to 1024
[  617.191397][T22309] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  617.287738][T21520] EXT4-fs (loop3): unmounting filesystem.
[  617.350131][T22319] loop3: detected capacity change from 0 to 512
[  617.356771][T22319] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  617.368092][T22319] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  617.383378][T22319] EXT4-fs (loop3): 1 orphan inode deleted
[  617.388932][T22319] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  617.392383][T20098] usb 3-1: config 0 has an invalid interface number: 169 but max is 1
[  617.408770][T22317] device pim6reg1 entered promiscuous mode
[  617.417092][T20098] usb 3-1: config 0 has no interface number 1
[  617.424405][T21520] EXT4-fs (loop3): unmounting filesystem.
[  617.595432][T20098] usb 3-1: New USB device found, idVendor=0dba, idProduct=1000, bcdDevice=e9.34
[  617.612498][T20098] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  617.620538][T20098] usb 3-1: Product: syz
[  617.624726][T20098] usb 3-1: Manufacturer: syz
[  617.629268][T20098] usb 3-1: SerialNumber: syz
[  617.636859][T20098] usb 3-1: config 0 descriptor??
[  617.781477][T22331] loop4: detected capacity change from 0 to 256
[  617.903982][T15881] usb 3-1: USB disconnect, device number 49
[  619.085587][T22365] loop4: detected capacity change from 0 to 256
[  619.283248][   T10] device bridge_slave_1 left promiscuous mode
[  619.289333][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  619.297041][   T28] audit: type=1400 audit(1852353073.772:13286): avc:  denied  { create } for  pid=22386 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  619.340281][   T10] device bridge_slave_0 left promiscuous mode
[  619.360437][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  619.381312][   T10] device veth1_macvtap left promiscuous mode
[  619.387161][   T10] device veth0_vlan left promiscuous mode
[  619.578371][T22381] bridge0: port 1(bridge_slave_0) entered blocking state
[  619.585457][T22381] bridge0: port 1(bridge_slave_0) entered disabled state
[  619.592753][T22381] device bridge_slave_0 entered promiscuous mode
[  619.599857][T22381] bridge0: port 2(bridge_slave_1) entered blocking state
[  619.606745][T22381] bridge0: port 2(bridge_slave_1) entered disabled state
[  619.613911][T22381] device bridge_slave_1 entered promiscuous mode
[  619.673889][T22381] bridge0: port 2(bridge_slave_1) entered blocking state
[  619.680788][T22381] bridge0: port 2(bridge_slave_1) entered forwarding state
[  619.687859][T22381] bridge0: port 1(bridge_slave_0) entered blocking state
[  619.694768][T22381] bridge0: port 1(bridge_slave_0) entered forwarding state
[  619.735318][T15881] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  619.748265][T15881] bridge0: port 1(bridge_slave_0) entered disabled state
[  619.756684][T15881] bridge0: port 2(bridge_slave_1) entered disabled state
[  619.794497][  T360] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  619.802653][  T360] bridge0: port 1(bridge_slave_0) entered blocking state
[  619.809515][  T360] bridge0: port 1(bridge_slave_0) entered forwarding state
[  619.816799][  T360] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  619.824938][  T360] bridge0: port 2(bridge_slave_1) entered blocking state
[  619.831813][  T360] bridge0: port 2(bridge_slave_1) entered forwarding state
[  619.840544][T22439] loop3: detected capacity change from 0 to 256
[  619.847131][T22439] FAT-fs (loop3): Unrecognized mount option "./binderfs/binder0" or missing value
[  619.851095][  T360] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  619.870682][  T360] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  619.883942][T22381] device veth0_vlan entered promiscuous mode
[  619.904781][  T360] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  619.912593][  T360] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  619.920295][  T360] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  619.938583][  T360] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  619.949769][T22381] device veth1_macvtap entered promiscuous mode
[  619.958461][T15881] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  619.983188][T15881] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  619.996982][T15881] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  620.169799][T22450] overlayfs: statfs failed on './file0'
[  620.197550][T22455] loop2: detected capacity change from 0 to 256
[  620.208916][T22455] FAT-fs (loop2): Directory bread(block 64) failed
[  620.216339][T22455] FAT-fs (loop2): Directory bread(block 65) failed
[  620.222819][T22455] FAT-fs (loop2): Directory bread(block 66) failed
[  620.230186][T22455] FAT-fs (loop2): Directory bread(block 67) failed
[  620.237091][T22455] FAT-fs (loop2): Directory bread(block 68) failed
[  620.243792][T22455] FAT-fs (loop2): Directory bread(block 69) failed
[  620.250293][T22455] FAT-fs (loop2): Directory bread(block 70) failed
[  620.256721][T22455] FAT-fs (loop2): Directory bread(block 71) failed
[  620.263119][T22455] FAT-fs (loop2): Directory bread(block 72) failed
[  620.269870][T22455] FAT-fs (loop2): Directory bread(block 73) failed
[  620.716821][T22482] overlayfs: statfs failed on './file0'
[  621.035958][T22501] loop4: detected capacity change from 0 to 256
[  621.047199][T22501] FAT-fs (loop4): Directory bread(block 64) failed
[  621.053784][T22501] FAT-fs (loop4): Directory bread(block 65) failed
[  621.060790][T22501] FAT-fs (loop4): Directory bread(block 66) failed
[  621.067344][T22501] FAT-fs (loop4): Directory bread(block 67) failed
[  621.080839][T22501] FAT-fs (loop4): Directory bread(block 68) failed
[  621.087279][T22501] FAT-fs (loop4): Directory bread(block 69) failed
[  621.093867][T22501] FAT-fs (loop4): Directory bread(block 70) failed
[  621.100289][T22501] FAT-fs (loop4): Directory bread(block 71) failed
[  621.106634][T22501] FAT-fs (loop4): Directory bread(block 72) failed
[  621.113057][T22501] FAT-fs (loop4): Directory bread(block 73) failed
[  621.209584][T22515] loop4: detected capacity change from 0 to 2048
[  621.220817][T22515] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  621.229283][T22515] ext4 filesystem being mounted at /root/syzkaller-testdir2091319928/syzkaller.NtL6JC/63/file0 supports timestamps until 2038 (0x7fffffff)
[  621.284974][T22109] EXT4-fs (loop4): unmounting filesystem.
[  622.113483][T22545] device pim6reg1 entered promiscuous mode
[  622.382368][T22556] loop4: detected capacity change from 0 to 2048
[  622.396745][T22556] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  622.405264][T22556] ext4 filesystem being mounted at /root/syzkaller-testdir2091319928/syzkaller.NtL6JC/65/file0 supports timestamps until 2038 (0x7fffffff)
[  622.419481][   T28] audit: type=1400 audit(1852353076.681:13287): avc:  denied  { create } for  pid=22560 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  622.442280][T22109] EXT4-fs (loop4): unmounting filesystem.
[  622.483651][T22561] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=22561 comm=syz-executor.1
[  622.635400][T22577] device pim6reg1 entered promiscuous mode
[  622.641278][T20098] usb 4-1: new high-speed USB device number 50 using dummy_hcd
[  622.759424][  T360] usb 5-1: new high-speed USB device number 53 using dummy_hcd
[  622.831903][T22589] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  622.895692][T22594] loop2: detected capacity change from 0 to 512
[  622.917827][T22594] EXT4-fs error (device loop2): __ext4_iget:5046: inode #14: block 1886221359: comm syz-executor.2: invalid block
[  622.930257][T22594] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz-executor.2: couldn't read orphan inode 14 (err -117)
[  622.949473][T22594] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  622.963960][T22594] ext4 filesystem being mounted at /root/syzkaller-testdir3066071213/syzkaller.skO1SX/224/file1 supports timestamps until 2038 (0x7fffffff)
[  623.026169][T20098] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  623.040897][T20098] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  623.055250][T20098] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  623.064728][T20293] EXT4-fs (loop2): unmounting filesystem.
[  623.070524][T20098] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  623.083668][T20098] usb 4-1: config 0 descriptor??
[  623.207958][  T360] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  623.218858][  T360] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  623.228583][  T360] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  623.237674][  T360] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  623.247951][  T360] usb 5-1: config 0 descriptor??
[  623.614940][T20098] hid (null): bogus close delimiter
[  623.824915][T22608] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  623.871030][T20098] usb 4-1: language id specifier not provided by device, defaulting to English
[  624.138046][  T360] usb 5-1: string descriptor 0 read error: -71
[  624.159372][  T360] uclogic 0003:256C:006D.005C: failed retrieving string descriptor #200: -71
[  624.168118][  T360] uclogic 0003:256C:006D.005C: failed retrieving pen parameters: -71
[  624.176601][  T360] uclogic 0003:256C:006D.005C: failed probing pen v2 parameters: -71
[  624.186301][  T360] uclogic 0003:256C:006D.005C: failed probing parameters: -71
[  624.193725][  T360] uclogic: probe of 0003:256C:006D.005C failed with error -71
[  624.201863][  T360] usb 5-1: USB disconnect, device number 53
[  624.220999][T22623] loop1: detected capacity change from 0 to 512
[  624.235504][T22623] EXT4-fs error (device loop1): __ext4_iget:5046: inode #14: block 1886221359: comm syz-executor.1: invalid block
[  624.247631][T22623] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz-executor.1: couldn't read orphan inode 14 (err -117)
[  624.259873][T22623] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  624.268728][T22623] ext4 filesystem being mounted at /root/syzkaller-testdir2030483270/syzkaller.Cs7pcj/21/file1 supports timestamps until 2038 (0x7fffffff)
[  624.343063][T20098] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.005B/input/input77
[  624.355160][T22381] EXT4-fs (loop1): unmounting filesystem.
[  624.355737][T20098] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.005B/input/input78
[  624.373057][T20098] input: HID 256c:006d Touch Strip as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.005B/input/input79
[  624.385964][T20098] input: HID 256c:006d Dial as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.005B/input/input80
[  624.398468][T20098] uclogic 0003:256C:006D.005B: input,hiddev96,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.3-1/input0
[  624.501508][T15881] usb 3-1: new high-speed USB device number 50 using dummy_hcd
[  624.521271][T22635] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  624.570637][ T4737] usb 4-1: USB disconnect, device number 50
[  624.667163][T22641] netlink: 'syz-executor.4': attribute type 27 has an invalid length.
[  624.683052][T22641] bridge0: port 2(bridge_slave_1) entered disabled state
[  624.690069][T22641] bridge0: port 1(bridge_slave_0) entered disabled state
[  624.929232][T15881] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  624.940447][T15881] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  624.953613][T15881] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  624.962612][T15881] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  624.972590][T15881] usb 3-1: config 0 descriptor??
[  625.466963][T15881] plantronics 0003:047F:FFFF.005D: unknown main item tag 0x0
[  625.476399][T15881] plantronics 0003:047F:FFFF.005D: unknown main item tag 0x0
[  625.484554][T15881] plantronics 0003:047F:FFFF.005D: No inputs registered, leaving
[  625.495334][T15881] plantronics 0003:047F:FFFF.005D: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  627.257535][T22670] netlink: 'syz-executor.4': attribute type 27 has an invalid length.
[  627.321855][T22685] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  627.356266][T22692] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'.
[  627.367396][T22692] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'.
[  627.379816][T22690] loop1: detected capacity change from 0 to 512
[  627.397624][T22690] EXT4-fs error (device loop1): __ext4_iget:5046: inode #14: block 1886221359: comm syz-executor.1: invalid block
[  627.409862][T22690] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz-executor.1: couldn't read orphan inode 14 (err -117)
[  627.422534][T22690] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  627.431345][T22690] ext4 filesystem being mounted at /root/syzkaller-testdir2030483270/syzkaller.Cs7pcj/28/file1 supports timestamps until 2038 (0x7fffffff)
[  627.462012][T22712] loop3: detected capacity change from 0 to 128
[  627.470336][T22712] FAT-fs (loop3): error, corrupted directory (invalid entries)
[  627.477998][T22712] FAT-fs (loop3): Filesystem has been set read-only
[  627.495584][T22716] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  627.505196][T22381] EXT4-fs (loop1): unmounting filesystem.
[  627.538405][T22728] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'.
[  627.547591][T22728] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'.
[  627.569479][T22730] loop1: detected capacity change from 0 to 1024
[  627.577566][T22730] EXT4-fs: Ignoring removed orlov option
[  627.583409][T22730] EXT4-fs (loop1): Test dummy encryption mode enabled
[  627.591992][T22730] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  627.616328][T22381] EXT4-fs (loop1): unmounting filesystem.
[  627.618328][T22737] loop3: detected capacity change from 0 to 2048
[  627.629722][T22737] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  627.640431][T22737] xt_bpf: check failed: parse error
[  627.650642][T21520] EXT4-fs (loop3): unmounting filesystem.
[  627.666072][T22743] loop1: detected capacity change from 0 to 128
[  627.674965][T22743] FAT-fs (loop1): error, corrupted directory (invalid entries)
[  627.686504][T22743] FAT-fs (loop1): Filesystem has been set read-only
[  627.724221][T22758] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  628.020897][   T28] audit: type=1401 audit(1852353081.929:13288): op=setxattr invalid_context=40000720000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
[  628.039820][T22789] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  628.290239][T20098] usb 3-1: USB disconnect, device number 50
[  628.301571][   T28] audit: type=1401 audit(1852353082.191:13289): op=setxattr invalid_context=40000720000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
[  628.478338][T15881] usb 5-1: new high-speed USB device number 54 using dummy_hcd
[  628.542087][T22813] loop1: detected capacity change from 0 to 40427
[  628.588823][T22813] F2FS-fs (loop1): invalid crc value
[  628.596192][T22813] F2FS-fs (loop1): Found nat_bits in checkpoint
[  628.692199][T22813] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  628.723060][T22842] loop2: detected capacity change from 0 to 512
[  628.767798][T22844] syz-executor.1: attempt to access beyond end of device
[  628.767798][T22844] loop1: rw=1, sector=53248, nr_sectors = 288 limit=40427
[  628.782683][T22842] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  628.802480][T22842] ext4 filesystem being mounted at /root/syzkaller-testdir3066071213/syzkaller.skO1SX/238/file0 supports timestamps until 2038 (0x7fffffff)
[  628.837529][T22842] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #2: comm syz-executor.2: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  628.881687][T20293] EXT4-fs (loop2): unmounting filesystem.
[  628.948523][   T28] audit: type=1401 audit(1852353082.789:13290): op=setxattr invalid_context=40000720000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
[  629.012945][T15881] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  629.135925][T15881] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  629.141369][T22381] syz-executor.1: attempt to access beyond end of device
[  629.141369][T22381] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  629.145724][T15881] usb 5-1: New USB device found, idVendor=06cb, idProduct=73f5, bcdDevice= 0.00
[  629.168495][T15881] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  629.177353][T15881] usb 5-1: config 0 descriptor??
[  629.281628][T22868] loop2: detected capacity change from 0 to 1024
[  629.288404][T22868] EXT4-fs: Ignoring removed orlov option
[  629.298484][T22868] EXT4-fs (loop2): Test dummy encryption mode enabled
[  629.317801][T22868] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  629.338792][T20293] EXT4-fs (loop2): unmounting filesystem.
[  629.407433][T22878] loop2: detected capacity change from 0 to 256
[  629.414633][T22878] FAT-fs (loop2): Unrecognized mount option "./binderfs/binder0" or missing value
[  629.666277][T15881] itetech 0003:06CB:73F5.005E: unknown main item tag 0x0
[  629.673162][T15881] itetech 0003:06CB:73F5.005E: unknown main item tag 0x0
[  629.692240][T15881] itetech 0003:06CB:73F5.005E: unbalanced collection at end of report description
[  629.723240][T15881] itetech: probe of 0003:06CB:73F5.005E failed with error -22
[  629.903838][T15881] usb 5-1: USB disconnect, device number 54
[  630.221741][   T28] audit: type=1326 audit(1852353083.987:13291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22904 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4f747cea9 code=0x7ffc0000
[  630.267657][   T28] audit: type=1326 audit(1852353083.987:13292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22904 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4f747cea9 code=0x7ffc0000
[  630.299896][   T28] audit: type=1326 audit(1852353084.015:13293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22904 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe4f747cea9 code=0x7ffc0000
[  630.323999][   T28] audit: type=1326 audit(1852353084.015:13294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22904 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4f747cea9 code=0x7ffc0000
[  630.362585][   T28] audit: type=1326 audit(1852353084.015:13295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22904 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4f747cea9 code=0x7ffc0000
[  630.399596][   T28] audit: type=1326 audit(1852353084.015:13296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22904 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe4f747cea9 code=0x7ffc0000
[  630.423931][   T28] audit: type=1326 audit(1852353084.015:13297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22904 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4f747cea9 code=0x7ffc0000
[  630.480906][T22913] loop2: detected capacity change from 0 to 256
[  631.696304][T22973] input: syz1 as /devices/virtual/input/input81
[  631.760384][  T335] usb 4-1: new high-speed USB device number 51 using dummy_hcd
[  631.787331][T22979] loop2: detected capacity change from 0 to 256
[  631.797871][T22979] FAT-fs (loop2): Directory bread(block 64) failed
[  631.804320][T22979] FAT-fs (loop2): Directory bread(block 65) failed
[  631.810847][T22979] FAT-fs (loop2): Directory bread(block 66) failed
[  631.817467][T22979] FAT-fs (loop2): Directory bread(block 67) failed
[  631.823866][T22979] FAT-fs (loop2): Directory bread(block 68) failed
[  631.830550][T22979] FAT-fs (loop2): Directory bread(block 69) failed
[  631.837185][T22979] FAT-fs (loop2): Directory bread(block 70) failed
[  631.843626][T22979] FAT-fs (loop2): Directory bread(block 71) failed
[  631.850403][T22979] FAT-fs (loop2): Directory bread(block 72) failed
[  631.856989][T22979] FAT-fs (loop2): Directory bread(block 73) failed
[  631.866165][T22983] SELinux: security_context_str_to_sid (sysadm_u:uid>00000000000000000000@:50
[  631.866165][T22983] refcnt       : 1
[  631.866165][T22983] selftest     : passed
[  631.866165][T22983] internal     : yes
[  631.866165][T22983] type         : skcipher
[  631.866165][T22983] async        : yes
[  631.866165][T22983] blocksize    : 16
[  631.866165][T22983] min keysize  : 16
[  631.866165][T22983] max keysize  : 32
[  631.866165][T22983] ivsize       : 16
[  631.866165][T22983] chunksize    : 16
[  631.866165][T22983] walksize     : 16
[  631.866165][T22983] 
[  631.866165][T22983] name         : essiv(cbc(aes)) failed with errno=-22
[  632.198713][  T335] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  632.212988][  T335] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  632.227252][  T335] usb 4-1: New USB device found, idVendor=06cb, idProduct=73f5, bcdDevice= 0.00
[  632.240792][  T335] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  632.253449][  T335] usb 4-1: config 0 descriptor??
[  632.444773][T23012] loop1: detected capacity change from 0 to 256
[  632.471752][T23012] FAT-fs (loop1): Directory bread(block 64) failed
[  632.487325][T23012] FAT-fs (loop1): Directory bread(block 65) failed
[  632.504577][T23012] FAT-fs (loop1): Directory bread(block 66) failed
[  632.511826][T23012] FAT-fs (loop1): Directory bread(block 67) failed
[  632.518266][T23012] FAT-fs (loop1): Directory bread(block 68) failed
[  632.524650][T23012] FAT-fs (loop1): Directory bread(block 69) failed
[  632.531272][T23012] FAT-fs (loop1): Directory bread(block 70) failed
[  632.537645][T23012] FAT-fs (loop1): Directory bread(block 71) failed
[  632.544046][T23012] FAT-fs (loop1): Directory bread(block 72) failed
[  632.550414][T23012] FAT-fs (loop1): Directory bread(block 73) failed
[  632.620987][T23014] SELinux: security_context_str_to_sid (sysadm_u:uid>00000000000000000000@:50
[  632.620987][T23014] refcnt       : 1
[  632.620987][T23014] selftest     : passed
[  632.620987][T23014] internal     : yes
[  632.620987][T23014] type         : skcipher
[  632.620987][T23014] async        : yes
[  632.620987][T23014] blocksize    : 16
[  632.620987][T23014] min keysize  : 16
[  632.620987][T23014] max keysize  : 32
[  632.620987][T23014] ivsize       : 16
[  632.620987][T23014] chunksize    : 16
[  632.620987][T23014] walksize     : 16
[  632.620987][T23014] 
[  632.620987][T23014] name         : essiv(cbc(aes)) failed with errno=-22
[  632.701144][  T360] usb 3-1: new high-speed USB device number 51 using dummy_hcd
[  632.744695][  T335] itetech 0003:06CB:73F5.005F: unknown main item tag 0x0
[  632.751673][  T335] itetech 0003:06CB:73F5.005F: unknown main item tag 0x0
[  632.758705][  T335] itetech 0003:06CB:73F5.005F: unbalanced collection at end of report description
[  632.767842][  T335] itetech: probe of 0003:06CB:73F5.005F failed with error -22
[  632.961534][  T335] usb 4-1: USB disconnect, device number 51
[  632.968380][  T360] usb 3-1: Using ep0 maxpacket: 32
[  633.022251][T15881] usb 2-1: new high-speed USB device number 48 using dummy_hcd
[  633.203605][  T447] usb 5-1: new high-speed USB device number 55 using dummy_hcd
[  633.289171][  T360] usb 3-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  633.298477][  T360] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  633.306296][  T360] usb 3-1: Product: syz
[  633.310307][  T360] usb 3-1: Manufacturer: syz
[  633.314760][  T360] usb 3-1: SerialNumber: syz
[  633.319587][  T360] usb 3-1: config 0 descriptor??
[  633.374966][  T360] hub 3-1:0.0: bad descriptor, ignoring hub
[  633.380770][  T360] hub: probe of 3-1:0.0 failed with error -5
[  633.438838][T15881] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  633.449531][T15881] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  633.459169][T15881] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  633.460153][  T447] usb 5-1: Using ep0 maxpacket: 32
[  633.468110][T15881] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  633.481360][T15881] usb 2-1: config 0 descriptor??
[  633.541023][T23030] device bridge_slave_0 left promiscuous mode
[  633.547058][T23030] bridge0: port 1(bridge_slave_0) entered disabled state
[  633.599209][  T447] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  633.620509][  T447] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  633.667704][T23034] loop3: detected capacity change from 0 to 40427
[  633.675163][T23034] F2FS-fs (loop3): invalid crc value
[  633.681107][T23034] F2FS-fs (loop3): Found nat_bits in checkpoint
[  633.704095][T23034] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  633.749085][  T360] usb 3-1: USB disconnect, device number 51
[  633.751391][  T447] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  633.764551][  T447] usb 5-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  633.772754][  T447] usb 5-1: Product: syz
[  633.776884][  T447] usb 5-1: Manufacturer: syz
[  633.823918][  T447] hub 5-1:4.0: USB hub found
[  634.058912][  T447] hub 5-1:4.0: 2 ports detected
[  634.059090][T15881] hid (null): bogus close delimiter
[  634.275500][T23040] loop2: detected capacity change from 0 to 256
[  634.287011][T23040] FAT-fs (loop2): Directory bread(block 64) failed
[  634.293367][T23040] FAT-fs (loop2): Directory bread(block 65) failed
[  634.299904][T15881] usb 2-1: string descriptor 0 read error: -22
[  634.300560][T23040] FAT-fs (loop2): Directory bread(block 66) failed
[  634.312307][T23040] FAT-fs (loop2): Directory bread(block 67) failed
[  634.318707][T23040] FAT-fs (loop2): Directory bread(block 68) failed
[  634.325053][T23040] FAT-fs (loop2): Directory bread(block 69) failed
[  634.331481][T23040] FAT-fs (loop2): Directory bread(block 70) failed
[  634.337794][T23040] FAT-fs (loop2): Directory bread(block 71) failed
[  634.344101][T23040] FAT-fs (loop2): Directory bread(block 72) failed
[  634.350411][T23040] FAT-fs (loop2): Directory bread(block 73) failed
[  634.384129][T23042] SELinux: security_context_str_to_sid (sysadm_u:uid>00000000000000000000@:50
[  634.384129][T23042] refcnt       : 1
[  634.384129][T23042] selftest     : passed
[  634.384129][T23042] internal     : yes
[  634.384129][T23042] type         : skcipher
[  634.384129][T23042] async        : yes
[  634.384129][T23042] blocksize    : 16
[  634.384129][T23042] min keysize  : 16
[  634.384129][T23042] max keysize  : 32
[  634.384129][T23042] ivsize       : 16
[  634.384129][T23042] chunksize    : 16
[  634.384129][T23042] walksize     : 16
[  634.384129][T23042] 
[  634.384129][T23042] name         : essiv(cbc(aes)) failed with errno=-22
[  634.502120][T21520] syz-executor.3: attempt to access beyond end of device
[  634.502120][T21520] loop3: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  634.520069][T21520] syz-executor.3: attempt to access beyond end of device
[  634.520069][T21520] loop3: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  634.552069][  T226] kworker/u4:3: attempt to access beyond end of device
[  634.552069][  T226] loop3: rw=2049, sector=45096, nr_sectors = 24 limit=40427
[  634.583966][T15881] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0060/input/input82
[  634.597006][T15881] uclogic 0003:256C:006D.0060: input,hiddev96,hidraw0: USB HID v0.00 Device [HID 256c:006d] on usb-dummy_hcd.1-1/input0
[  634.617987][T23050] loop2: detected capacity change from 0 to 40427
[  634.624997][T23050] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  634.632801][T23050] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  634.673892][T23050] F2FS-fs (loop2): invalid crc value
[  634.680208][T23050] F2FS-fs (loop2): Found nat_bits in checkpoint
[  634.717476][T23050] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  634.724395][T23050] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  634.771929][  T343] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  634.781008][  T343] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  634.811364][T20098] usb 2-1: USB disconnect, device number 48
[  634.881839][T23056] bridge0: port 1(bridge_slave_0) entered blocking state
[  634.888769][T23056] bridge0: port 1(bridge_slave_0) entered disabled state
[  634.895948][T23056] device bridge_slave_0 entered promiscuous mode
[  634.902718][T23056] bridge0: port 2(bridge_slave_1) entered blocking state
[  634.909919][T23056] bridge0: port 2(bridge_slave_1) entered disabled state
[  634.917169][T23056] device bridge_slave_1 entered promiscuous mode
[  634.958392][T23056] bridge0: port 2(bridge_slave_1) entered blocking state
[  634.965257][T23056] bridge0: port 2(bridge_slave_1) entered forwarding state
[  634.972336][T23056] bridge0: port 1(bridge_slave_0) entered blocking state
[  634.979175][T23056] bridge0: port 1(bridge_slave_0) entered forwarding state
[  634.996869][  T447] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  635.004485][  T447] bridge0: port 1(bridge_slave_0) entered disabled state
[  635.011541][  T447] bridge0: port 2(bridge_slave_1) entered disabled state
[  635.032925][  T447] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  635.042080][  T447] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  635.050167][  T447] bridge0: port 1(bridge_slave_0) entered blocking state
[  635.057021][  T447] bridge0: port 1(bridge_slave_0) entered forwarding state
[  635.065668][  T447] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  635.073580][  T447] bridge0: port 2(bridge_slave_1) entered blocking state
[  635.080329][  T447] bridge0: port 2(bridge_slave_1) entered forwarding state
[  635.087881][  T447] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  635.095607][  T447] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  635.105298][T23056] device veth0_vlan entered promiscuous mode
[  635.115418][  T360] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  635.123467][  T360] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  635.131456][  T360] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  635.143024][T23056] device veth1_macvtap entered promiscuous mode
[  635.154928][  T335] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  635.162991][T15881] usb 3-1: new high-speed USB device number 52 using dummy_hcd
[  635.171288][  T335] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  635.179731][  T335] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  635.249532][T23071] device syzkaller0 entered promiscuous mode
[  635.259135][  T226] device bridge_slave_1 left promiscuous mode
[  635.265078][  T226] bridge0: port 2(bridge_slave_1) entered disabled state
[  635.272693][  T226] device veth1_macvtap left promiscuous mode
[  635.278551][  T226] device veth0_vlan left promiscuous mode
[  635.385582][T23069] bridge0: port 1(bridge_slave_0) entered blocking state
[  635.392436][T23069] bridge0: port 1(bridge_slave_0) entered disabled state
[  635.400119][T23069] device bridge_slave_0 entered promiscuous mode
[  635.408486][T23069] bridge0: port 2(bridge_slave_1) entered blocking state
[  635.415379][T23069] bridge0: port 2(bridge_slave_1) entered disabled state
[  635.422924][T23069] device bridge_slave_1 entered promiscuous mode
[  635.427570][  T447] hub 5-1:4.0: activate --> -90
[  635.470492][T23082] input: syz1 as /devices/virtual/input/input83
[  635.484772][T23069] bridge0: port 2(bridge_slave_1) entered blocking state
[  635.491730][T23069] bridge0: port 2(bridge_slave_1) entered forwarding state
[  635.498783][T23069] bridge0: port 1(bridge_slave_0) entered blocking state
[  635.505621][T23069] bridge0: port 1(bridge_slave_0) entered forwarding state
[  635.530297][ T1043] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  635.538498][ T1043] bridge0: port 1(bridge_slave_0) entered disabled state
[  635.546132][ T1043] bridge0: port 2(bridge_slave_1) entered disabled state
[  635.566317][T15881] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  635.578522][T15881] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  635.589129][T15881] usb 3-1: New USB device found, idVendor=06cb, idProduct=73f5, bcdDevice= 0.00
[  635.599993][T15881] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  635.600173][   T28] kauditd_printk_skb: 52 callbacks suppressed
[  635.600186][   T28] audit: type=1326 audit(1852353089.019:13350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23085 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fa4e7cea9 code=0x7ffc0000
[  635.638430][T15881] usb 3-1: config 0 descriptor??
[  635.639902][   T28] audit: type=1326 audit(1852353089.019:13351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23085 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fa4e7cea9 code=0x7ffc0000
[  635.667428][   T28] audit: type=1326 audit(1852353089.019:13352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23085 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4fa4e7cea9 code=0x7ffc0000
[  636.320291][T21152] usb 5-1: USB disconnect, device number 55
[  636.326266][   T28] audit: type=1326 audit(1852353089.019:13353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23085 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fa4e7cea9 code=0x7ffc0000
[  636.350364][   T28] audit: type=1326 audit(1852353089.019:13354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23085 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fa4e7cea9 code=0x7ffc0000
[  636.375019][   T28] audit: type=1326 audit(1852353089.028:13355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23085 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4fa4e7cea9 code=0x7ffc0000
[  636.399126][   T28] audit: type=1326 audit(1852353089.047:13356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23085 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fa4e7cea9 code=0x7ffc0000
[  636.423302][   T28] audit: type=1326 audit(1852353089.066:13357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23085 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f4fa4e7a627 code=0x7ffc0000
[  636.447463][   T28] audit: type=1326 audit(1852353089.066:13358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23085 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4fa4e402e9 code=0x7ffc0000
[  636.448343][T20098] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  636.471571][   T28] audit: type=1326 audit(1852353089.066:13359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23085 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f4fa4e7a627 code=0x7ffc0000
[  636.479925][T20098] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  636.514239][T20098] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  636.521572][T20098] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  636.521843][T23090] SELinux: security_context_str_to_sid (sysadm_u:uid>00000000000000000000@:50
[  636.521843][T23090] refcnt       : 1
[  636.521843][T23090] selftest     : passed
[  636.521843][T23090] internal     : yes
[  636.521843][T23090] type         : skcipher
[  636.521843][T23090] async        : yes
[  636.521843][T23090] blocksize    : 16
[  636.521843][T23090] min keysize  : 16
[  636.521843][T23090] max keysize  : 32
[  636.521843][T23090] ivsize       : 16
[  636.521843][T23090] chunksize    : 16
[  636.521843][T23090] walksize     : 16
[  636.521843][T23090] 
[  636.521843][T23090] name         : essiv(cbc(aes)) failed with errno=-22
[  636.528907][T20098] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  636.597888][T20098] bridge0: port 1(bridge_slave_0) entered blocking state
[  636.604757][T20098] bridge0: port 1(bridge_slave_0) entered forwarding state
[  636.611954][  T447] usb 5-1-port2: config error
[  636.616772][T20098] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  636.624828][T20098] bridge0: port 2(bridge_slave_1) entered blocking state
[  636.631645][T20098] bridge0: port 2(bridge_slave_1) entered forwarding state
[  636.638799][T20098] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  636.646604][T20098] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  636.654648][T23069] device veth0_vlan entered promiscuous mode
[  636.674918][ T1043] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  636.682899][ T1043] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  636.692140][T23069] device veth1_macvtap entered promiscuous mode
[  636.700849][T20098] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  636.708202][T20098] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  636.731803][T20098] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  636.745170][T20098] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  636.753471][T20098] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  636.769547][T23098] syz-executor.3[23098] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  636.769620][T23098] syz-executor.3[23098] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  636.841497][T15881] itetech 0003:06CB:73F5.0061: unknown main item tag 0x0
[  636.860541][T15881] itetech 0003:06CB:73F5.0061: unknown main item tag 0x0
[  636.867411][T15881] itetech 0003:06CB:73F5.0061: unbalanced collection at end of report description
[  636.877943][T23100] device bridge_slave_0 left promiscuous mode
[  636.883927][T23100] bridge0: port 1(bridge_slave_0) entered disabled state
[  636.890861][T15881] itetech: probe of 0003:06CB:73F5.0061 failed with error -22
[  636.990524][T23110] device syzkaller0 entered promiscuous mode
[  637.030890][   T24] usb 2-1: new high-speed USB device number 49 using dummy_hcd
[  637.083482][T20098] usb 3-1: USB disconnect, device number 52
[  637.555111][   T24] usb 2-1: Using ep0 maxpacket: 8
[  637.680332][T23130] loop4: detected capacity change from 0 to 256
[  637.694445][T23130] FAT-fs (loop4): Directory bread(block 64) failed
[  637.700832][T23130] FAT-fs (loop4): Directory bread(block 65) failed
[  637.707688][T23130] FAT-fs (loop4): Directory bread(block 66) failed
[  637.714062][T23130] FAT-fs (loop4): Directory bread(block 67) failed
[  637.720462][T23130] FAT-fs (loop4): Directory bread(block 68) failed
[  637.726854][T23130] FAT-fs (loop4): Directory bread(block 69) failed
[  637.733317][T23130] FAT-fs (loop4): Directory bread(block 70) failed
[  637.740033][T23130] FAT-fs (loop4): Directory bread(block 71) failed
[  637.746497][T23130] FAT-fs (loop4): Directory bread(block 72) failed
[  637.752876][T23130] FAT-fs (loop4): Directory bread(block 73) failed
[  637.790519][  T226] device bridge_slave_1 left promiscuous mode
[  637.796573][  T226] bridge0: port 2(bridge_slave_1) entered disabled state
[  637.804115][  T226] device bridge_slave_0 left promiscuous mode
[  637.810179][  T226] bridge0: port 1(bridge_slave_0) entered disabled state
[  637.828111][  T226] device veth1_macvtap left promiscuous mode
[  637.843458][  T226] device veth0_vlan left promiscuous mode
[  637.854121][T23136] overlayfs: statfs failed on './file0'
[  637.922552][   T24] usb 2-1: New USB device found, idVendor=061c, idProduct=c084, bcdDevice=91.db
[  637.940599][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  637.949313][   T24] usb 2-1: Product: syz
[  637.956208][   T24] usb 2-1: Manufacturer: syz
[  637.957199][T23138] loop3: detected capacity change from 0 to 40427
[  637.961371][   T24] usb 2-1: SerialNumber: syz
[  637.968477][T23138] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  637.973715][   T24] usb 2-1: config 0 descriptor??
[  637.979906][T23138] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  638.007168][T23138] F2FS-fs (loop3): invalid crc value
[  638.072947][   T24] usb-storage 2-1:0.0: USB Mass Storage device detected
[  638.208523][T23138] F2FS-fs (loop3): Found nat_bits in checkpoint
[  638.250239][   T24] usb 2-1: USB disconnect, device number 49
[  638.287731][T23138] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  638.295202][T23138] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  638.332472][  T343] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  638.341576][  T343] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  638.630914][T23174] loop3: detected capacity change from 0 to 256
[  638.642973][T23174] FAT-fs (loop3): Directory bread(block 64) failed
[  638.649446][T23174] FAT-fs (loop3): Directory bread(block 65) failed
[  638.655881][T23174] FAT-fs (loop3): Directory bread(block 66) failed
[  638.662146][T23174] FAT-fs (loop3): Directory bread(block 67) failed
[  638.668577][T23174] FAT-fs (loop3): Directory bread(block 68) failed
[  638.675000][T23174] FAT-fs (loop3): Directory bread(block 69) failed
[  638.681475][T23174] FAT-fs (loop3): Directory bread(block 70) failed
[  638.687938][T23174] FAT-fs (loop3): Directory bread(block 71) failed
[  638.694326][T23174] FAT-fs (loop3): Directory bread(block 72) failed
[  638.700665][ T1043] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[  638.700690][T23174] FAT-fs (loop3): Directory bread(block 73) failed
[  638.760764][T23178] overlayfs: statfs failed on './file0'
[  638.851923][T23188] syz-executor.0[23188] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  638.852024][T23188] syz-executor.0[23188] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  638.953432][T23199] loop3: detected capacity change from 0 to 256
[  638.977581][T23199] FAT-fs (loop3): Directory bread(block 64) failed
[  638.984111][T23199] FAT-fs (loop3): Directory bread(block 65) failed
[  638.993035][T23197] syz-executor.0[23197] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  638.993105][T23197] syz-executor.0[23197] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  639.008597][ T1043] usb 3-1: Using ep0 maxpacket: 8
[  639.009890][T23199] FAT-fs (loop3): Directory bread(block 66) failed
[  639.031730][T23199] FAT-fs (loop3): Directory bread(block 67) failed
[  639.038365][T23199] FAT-fs (loop3): Directory bread(block 68) failed
[  639.044750][T23199] FAT-fs (loop3): Directory bread(block 69) failed
[  639.051561][T23199] FAT-fs (loop3): Directory bread(block 70) failed
[  639.058107][T23199] FAT-fs (loop3): Directory bread(block 71) failed
[  639.064536][T23199] FAT-fs (loop3): Directory bread(block 72) failed
[  639.070795][T23199] FAT-fs (loop3): Directory bread(block 73) failed
[  640.265229][ T1043] usb 3-1: config 1 has an invalid descriptor of length 102, skipping remainder of the config
[  640.360261][ T1043] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  640.369061][ T1043] usb 3-1: config 1 has no interface number 1
[  640.374934][ T1043] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  640.420570][T23215] loop0: detected capacity change from 0 to 256
[  640.429211][T23215] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  640.441451][T23215] exFAT-fs (loop0): IO charset iso8859d=���A���$땖�Y��.c̜*ww���H/W�Z7�s�4���	�W��.k0x00000000ffffffff not found
[  640.569904][T23234] __nla_validate_parse: 1 callbacks suppressed
[  640.569925][T23234] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  640.588595][T23236] syz-executor.3[23236] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  640.588668][T23236] syz-executor.3[23236] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  640.594491][T23238] loop1: detected capacity change from 0 to 256
[  640.623010][ T1043] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  640.632134][ T1043] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  640.640369][T23238] FAT-fs (loop1): Directory bread(block 64) failed
[  640.640534][ T1043] usb 3-1: Product: syz
[  640.650808][ T1043] usb 3-1: Manufacturer: syz
[  640.655661][ T1043] usb 3-1: SerialNumber: syz
[  640.663953][T23238] FAT-fs (loop1): Directory bread(block 65) failed
[  640.677076][T23238] FAT-fs (loop1): Directory bread(block 66) failed
[  640.683673][T23238] FAT-fs (loop1): Directory bread(block 67) failed
[  640.690271][T23238] FAT-fs (loop1): Directory bread(block 68) failed
[  640.750210][T23238] FAT-fs (loop1): Directory bread(block 69) failed
[  640.756843][T23238] FAT-fs (loop1): Directory bread(block 70) failed
[  640.763653][T23238] FAT-fs (loop1): Directory bread(block 71) failed
[  640.770217][T23238] FAT-fs (loop1): Directory bread(block 72) failed
[  640.776988][T23238] FAT-fs (loop1): Directory bread(block 73) failed
[  640.915023][T23252] loop1: detected capacity change from 0 to 256
[  640.923727][T23252] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  640.936091][T23252] exFAT-fs (loop1): IO charset iso8859d=���A���$땖�Y��.c̜*ww���H/W�Z7�s�4���	�W��.k0x00000000ffffffff not found
[  641.039941][ T1043] usb 3-1: 2:1 : no or invalid class specific endpoint descriptor
[  641.047756][ T1043] usb 3-1: 2:1 : format type 0 is detected, processed as PCM
[  641.120101][ T1043] usb 3-1: USB disconnect, device number 53
[  641.124353][T23268] loop1: detected capacity change from 0 to 256
[  641.142726][T23268] FAT-fs (loop1): Directory bread(block 64) failed
[  641.152513][T23268] FAT-fs (loop1): Directory bread(block 65) failed
[  641.162253][T23268] FAT-fs (loop1): Directory bread(block 66) failed
[  641.173040][T23268] FAT-fs (loop1): Directory bread(block 67) failed
[  641.180534][T23268] FAT-fs (loop1): Directory bread(block 68) failed
[  641.192356][T23268] FAT-fs (loop1): Directory bread(block 69) failed
[  641.202095][T23268] FAT-fs (loop1): Directory bread(block 70) failed
[  641.210848][T23268] FAT-fs (loop1): Directory bread(block 71) failed
[  641.221545][T23268] FAT-fs (loop1): Directory bread(block 72) failed
[  641.227875][T23268] FAT-fs (loop1): Directory bread(block 73) failed
[  641.344005][T23269] loop3: detected capacity change from 0 to 40427
[  641.379931][T23269] F2FS-fs (loop3): invalid crc value
[  641.400848][T23269] F2FS-fs (loop3): Found nat_bits in checkpoint
[  641.490187][T23269] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  641.524774][T23284] loop4: detected capacity change from 0 to 256
[  641.533163][T23284] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  641.545984][T23284] exFAT-fs (loop4): IO charset iso8859d=���A���$땖�Y��.c̜*ww���H/W�Z7�s�4���	�W��.k0x00000000ffffffff not found
[  641.634111][T23269] syz-executor.3: attempt to access beyond end of device
[  641.634111][T23269] loop3: rw=1, sector=53248, nr_sectors = 496 limit=40427
[  641.769326][T23306] bridge0: port 1(bridge_slave_0) entered blocking state
[  641.776177][T23306] bridge0: port 1(bridge_slave_0) entered disabled state
[  641.783578][T23306] device bridge_slave_0 entered promiscuous mode
[  641.790695][T23306] bridge0: port 2(bridge_slave_1) entered blocking state
[  641.797621][T23306] bridge0: port 2(bridge_slave_1) entered disabled state
[  641.805003][T23306] device bridge_slave_1 entered promiscuous mode
[  641.852288][   T24] usb 1-1: new high-speed USB device number 54 using dummy_hcd
[  641.883464][T23306] bridge0: port 2(bridge_slave_1) entered blocking state
[  641.890345][T23306] bridge0: port 2(bridge_slave_1) entered forwarding state
[  641.897994][T23306] bridge0: port 1(bridge_slave_0) entered blocking state
[  641.904845][T23306] bridge0: port 1(bridge_slave_0) entered forwarding state
[  641.936495][ T1043] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  641.944159][ T1043] bridge0: port 1(bridge_slave_0) entered disabled state
[  641.951967][ T1043] bridge0: port 2(bridge_slave_1) entered disabled state
[  641.962096][T15881] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  641.970961][T15881] bridge0: port 1(bridge_slave_0) entered blocking state
[  641.977826][T15881] bridge0: port 1(bridge_slave_0) entered forwarding state
[  641.987755][T23056] syz-executor.3: attempt to access beyond end of device
[  641.987755][T23056] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  642.002531][T21152] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  642.010670][T21152] bridge0: port 2(bridge_slave_1) entered blocking state
[  642.017543][T21152] bridge0: port 2(bridge_slave_1) entered forwarding state
[  642.027935][T15881] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  642.045714][T15881] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  642.064259][T15881] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  642.079492][T23306] device veth0_vlan entered promiscuous mode
[  642.086136][T15881] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  642.096263][T15881] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  642.103605][T15881] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  642.118049][T23306] device veth1_macvtap entered promiscuous mode
[  642.126311][T21152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  642.138727][ T1043] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  642.150332][ T1043] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  642.259905][T23317] device bridge1 entered promiscuous mode
[  642.309699][T23320] loop4: detected capacity change from 0 to 40427
[  642.317119][T23320] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  642.325101][T23320] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  642.983088][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  643.003064][T23320] F2FS-fs (loop4): invalid crc value
[  643.008938][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  643.018558][   T24] usb 1-1: New USB device found, idVendor=06cb, idProduct=73f5, bcdDevice= 0.00
[  643.029656][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  643.031560][T23320] F2FS-fs (loop4): Found nat_bits in checkpoint
[  643.038142][   T24] usb 1-1: config 0 descriptor??
[  643.244751][  T226] device bridge_slave_1 left promiscuous mode
[  643.296393][  T226] bridge0: port 2(bridge_slave_1) entered disabled state
[  643.353770][  T226] device bridge_slave_0 left promiscuous mode
[  643.359797][  T226] bridge0: port 1(bridge_slave_0) entered disabled state
[  643.373090][T23320] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  643.379961][T23320] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  643.782301][   T24] itetech 0003:06CB:73F5.0062: unknown main item tag 0x0
[  643.800245][   T24] itetech 0003:06CB:73F5.0062: unknown main item tag 0x0
[  643.810260][  T343] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  643.820166][  T343] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  643.834771][   T24] itetech 0003:06CB:73F5.0062: unbalanced collection at end of report description
[  643.880580][   T24] itetech: probe of 0003:06CB:73F5.0062 failed with error -22
[  643.906644][T23354] overlayfs: failed to resolve './file0': -2
[  644.129362][   T24] usb 1-1: USB disconnect, device number 54
[  644.228654][T23361] loop4: detected capacity change from 0 to 1024
[  644.235329][T23361] EXT4-fs: Ignoring removed orlov option
[  644.241050][T23361] EXT4-fs: Ignoring removed nomblk_io_submit option
[  644.259610][T23361] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  644.278451][T23361] EXT4-fs error (device loop4): get_max_inline_xattr_value_size:69: inode #12: comm syz-executor.4: corrupt xattr in inline inode
[  644.292028][T23361] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2213: inode #12: comm syz-executor.4: corrupted in-inode xattr
[  644.313569][T23306] EXT4-fs (loop4): unmounting filesystem.
[  644.352714][T23370] syz-executor.4[23370] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  644.352786][T23370] syz-executor.4[23370] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  644.450817][T23378] syz-executor.4[23378] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  644.464007][T23378] syz-executor.4[23378] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  644.479688][T23380] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  644.480138][T23345] loop1: detected capacity change from 0 to 131072
[  644.508477][T23380] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.2'.
[  644.509957][T23345] F2FS-fs (loop1): invalid crc value
[  644.517865][T23380] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.2'.
[  644.524187][T23345] F2FS-fs (loop1): Found nat_bits in checkpoint
[  644.569946][T23345] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  644.591311][T23345] F2FS-fs (loop1): sanity_check_inode: corrupted inode footer i_ino=7, ino,nid: [2097159, 7] run fsck to fix.
[  644.684746][T23399] device pim6reg1 entered promiscuous mode
[  644.781254][T23413] input: syz1 as /devices/virtual/input/input84
[  644.789197][T23416] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  644.798428][T23416] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.2'.
[  644.807554][T23416] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.2'.
[  644.932407][T23429] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  644.939435][T23429] IPv6: NLM_F_CREATE should be set when creating new route
[  644.946608][T23429] IPv6: NLM_F_CREATE should be set when creating new route
[  645.094196][T23437] device veth0_vlan left promiscuous mode
[  645.121417][T23437] device veth0_vlan entered promiscuous mode
[  645.192551][T23444] device pim6reg1 entered promiscuous mode
[  645.807741][T23426] loop1: detected capacity change from 0 to 131072
[  645.815478][T23426] F2FS-fs (loop1): invalid crc value
[  645.822122][T23426] F2FS-fs (loop1): Found nat_bits in checkpoint
[  645.863042][T23426] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  645.886703][T23426] F2FS-fs (loop1): sanity_check_inode: corrupted inode footer i_ino=7, ino,nid: [2097159, 7] run fsck to fix.
[  645.927277][T23462] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  645.934333][T23462] IPv6: NLM_F_CREATE should be set when creating new route
[  645.941384][T23462] IPv6: NLM_F_CREATE should be set when creating new route
[  646.000243][   T24] usb 1-1: new high-speed USB device number 55 using dummy_hcd
[  646.054237][T23479] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.4'.
[  646.063388][T23479] netlink: 43 bytes leftover after parsing attributes in process `syz-executor.4'.
[  646.072900][T23479] netlink: 'syz-executor.4': attribute type 5 has an invalid length.
[  646.080861][T23479] netlink: 43 bytes leftover after parsing attributes in process `syz-executor.4'.
[  646.112105][T23487] input: syz1 as /devices/virtual/input/input85
[  646.271419][T23495] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  646.278499][T23495] IPv6: NLM_F_CREATE should be set when creating new route
[  646.285585][T23495] IPv6: NLM_F_CREATE should be set when creating new route
[  646.288867][   T24] usb 1-1: Using ep0 maxpacket: 8
[  646.417221][   T24] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  646.426086][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  646.443591][   T24] usb 1-1: config 0 descriptor??
[  646.471105][T23505] device veth0_vlan left promiscuous mode
[  646.477267][T23505] device veth0_vlan entered promiscuous mode
[  646.702907][T23490] loop2: detected capacity change from 0 to 131072
[  646.711369][T23490] F2FS-fs (loop2): invalid crc value
[  646.728009][T23490] F2FS-fs (loop2): Found nat_bits in checkpoint
[  646.791369][T20098] usb 2-1: new high-speed USB device number 50 using dummy_hcd
[  646.798824][T23490] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  646.831748][T23490] F2FS-fs (loop2): sanity_check_inode: corrupted inode footer i_ino=7, ino,nid: [2097159, 7] run fsck to fix.
[  647.022026][T23516] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.4'.
[  647.031619][T23516] netlink: 43 bytes leftover after parsing attributes in process `syz-executor.4'.
[  647.041437][T23516] netlink: 'syz-executor.4': attribute type 5 has an invalid length.
[  647.048000][T20098] usb 2-1: Using ep0 maxpacket: 16
[  647.050585][T23516] netlink: 43 bytes leftover after parsing attributes in process `syz-executor.4'.
[  647.080882][T23520] loop4: detected capacity change from 0 to 256
[  647.089880][T23520] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  647.096639][T23524] loop2: detected capacity change from 0 to 1024
[  647.108604][T23524] EXT4-fs: Ignoring removed orlov option
[  647.114297][T23524] EXT4-fs: Ignoring removed nomblk_io_submit option
[  647.134723][T23524] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  647.143992][T23528] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  647.151063][T23528] IPv6: NLM_F_CREATE should be set when creating new route
[  647.158105][T23528] IPv6: NLM_F_CREATE should be set when creating new route
[  647.175328][T23530] syz-executor.3[23530] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  647.175399][T23530] syz-executor.3[23530] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  647.191207][T23524] EXT4-fs error (device loop2): get_max_inline_xattr_value_size:69: inode #12: comm syz-executor.2: corrupt xattr in inline inode
[  647.216925][T23524] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2213: inode #12: comm syz-executor.2: corrupted in-inode xattr
[  647.234174][T20293] ==================================================================
[  647.242147][T20293] BUG: KASAN: use-after-free in ext4_xattr_delete_inode+0xcd0/0xce0
[  647.250034][T20293] Read of size 4 at addr ffff888153c34000 by task syz-executor.2/20293
[  647.258191][T20293] 
[  647.260448][T20293] CPU: 0 PID: 20293 Comm: syz-executor.2 Tainted: G        W          6.1.78-syzkaller-00002-g65aed0e2f758 #0
[  647.271908][T20293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  647.281847][T20293] Call Trace:
[  647.284922][T20293]  <TASK>
[  647.287699][T20293]  dump_stack_lvl+0x151/0x1b7
[  647.292219][T20293]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  647.297966][T20293]  ? _printk+0xd1/0x111
[  647.302065][T20293]  ? __virt_addr_valid+0x242/0x2f0
[  647.307074][T20293]  print_report+0x158/0x4e0
[  647.311413][T20293]  ? __virt_addr_valid+0x242/0x2f0
[  647.316387][T20293]  ? kasan_addr_to_slab+0xd/0x80
[  647.321218][T20293]  ? ext4_xattr_delete_inode+0xcd0/0xce0
[  647.326695][T20293]  kasan_report+0x13c/0x170
[  647.331030][T20293]  ? ext4_xattr_delete_inode+0xcd0/0xce0
[  647.336675][T20293]  __asan_report_load4_noabort+0x14/0x20
[  647.342316][T20293]  ext4_xattr_delete_inode+0xcd0/0xce0
[  647.347703][T20293]  ? sb_end_intwrite+0x130/0x130
[  647.352899][T20293]  ? ext4_expand_extra_isize_ea+0x1c40/0x1c40
[  647.358803][T20293]  ? __kasan_check_read+0x11/0x20
[  647.363834][T20293]  ? ext4_inode_is_fast_symlink+0x295/0x3d0
[  647.369552][T20293]  ? ext4_evict_inode+0xbc2/0x1550
[  647.374502][T20293]  ext4_evict_inode+0xef9/0x1550
[  647.379272][T20293]  ? _raw_spin_unlock+0x4c/0x70
[  647.384137][T20293]  ? ext4_inode_is_fast_symlink+0x3d0/0x3d0
[  647.389861][T20293]  ? _raw_spin_unlock+0x4c/0x70
[  647.394822][T20293]  ? inode_io_list_del+0x18b/0x1a0
[  647.399930][T20293]  ? ext4_inode_is_fast_symlink+0x3d0/0x3d0
[  647.405657][T20293]  evict+0x2a3/0x630
[  647.409476][T20293]  iput+0x642/0x870
[  647.413120][T20293]  vfs_rmdir+0x3c2/0x500
[  647.417198][T20293]  do_rmdir+0x3ab/0x630
[  647.421210][T20293]  ? d_delete_notify+0x160/0x160
[  647.425991][T20293]  __x64_sys_unlinkat+0xdf/0xf0
[  647.430651][T20293]  do_syscall_64+0x3d/0xb0
[  647.434911][T20293]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  647.440631][T20293] RIP: 0033:0x7fe4f747c687
[  647.444887][T20293] Code: 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 07 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  647.464326][T20293] RSP: 002b:00007ffc84488818 EFLAGS: 00000207 ORIG_RAX: 0000000000000107
[  647.472568][T20293] RAX: ffffffffffffffda RBX: 0000000000000065 RCX: 00007fe4f747c687
[  647.480390][T20293] RDX: 0000000000000200 RSI: 00007ffc844899c0 RDI: 00000000ffffff9c
[  647.488372][T20293] RBP: 00007fe4f74d9636 R08: 0000000000000000 R09: 0000000000000000
[  647.496177][T20293] R10: 0000000000000100 R11: 0000000000000207 R12: 00007ffc844899c0
[  647.503996][T20293] R13: 00007fe4f74d9636 R14: 000000000009aede R15: 0000000000000007
[  647.511814][T20293]  </TASK>
[  647.514664][T20293] 
[  647.516978][T20293] The buggy address belongs to the physical page:
[  647.523184][T20293] page:ffffea00054f0d00 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x153c34
[  647.533326][T20293] flags: 0x4000000000000000(zone=1)
[  647.538459][T20293] raw: 4000000000000000 ffffea0004eba948 ffffea00049506c8 0000000000000000
[  647.546882][T20293] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[  647.555283][T20293] page dumped because: kasan: bad access detected
[  647.561541][T20293] page_owner tracks the page as freed
[  647.566763][T20293] page last allocated via order 0, migratetype Movable, gfp_mask 0x8140dca(GFP_HIGHUSER_MOVABLE|__GFP_COMP|__GFP_ZERO|__GFP_CMA), pid 23488, tgid 23488 (syz-executor.2), ts 646807747569, free_ts 646856122612
[  647.587400][T20293]  post_alloc_hook+0x213/0x220
[  647.591994][T20293]  prep_new_page+0x1b/0x110
[  647.596334][T20293]  get_page_from_freelist+0x27ea/0x2870
[  647.601799][T20293]  __alloc_pages+0x3a1/0x780
[  647.606227][T20293]  __folio_alloc+0x15/0x40
[  647.610480][T20293]  wp_page_copy+0x23b/0x1690
[  647.614907][T20293]  do_wp_page+0xc25/0xdf0
[  647.619073][T20293]  handle_mm_fault+0x15a2/0x2f40
[  647.623847][T20293]  exc_page_fault+0x3b3/0x700
[  647.628533][T20293]  asm_exc_page_fault+0x27/0x30
[  647.633221][T20293] page last free stack trace:
[  647.637747][T20293]  free_unref_page_prepare+0x83d/0x850
[  647.643119][T20293]  free_unref_page_list+0xf1/0x7b0
[  647.648061][T20293]  release_pages+0xf7f/0xfe0
[  647.652488][T20293]  free_pages_and_swap_cache+0x8a/0xa0
[  647.657782][T20293]  tlb_finish_mmu+0x1e0/0x3f0
[  647.662294][T20293]  exit_mmap+0x421/0x940
[  647.666374][T20293]  __mmput+0x95/0x310
[  647.670194][T20293]  mmput+0x56/0x170
[  647.673838][T20293]  do_exit+0xb29/0x2b80
[  647.677832][T20293]  do_group_exit+0x21a/0x2d0
[  647.682344][T20293]  get_signal+0x169d/0x1820
[  647.686682][T20293]  arch_do_signal_or_restart+0xb0/0x16f0
[  647.692150][T20293]  exit_to_user_mode_loop+0x74/0xa0
[  647.697191][T20293]  exit_to_user_mode_prepare+0x5a/0xa0
[  647.702479][T20293]  syscall_exit_to_user_mode+0x26/0x140
[  647.707862][T20293]  do_syscall_64+0x49/0xb0
[  647.712114][T20293] 
[  647.714280][T20293] Memory state around the buggy address:
[  647.719842][T20293]  ffff888153c33f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  647.727867][T20293]  ffff888153c33f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  647.735766][T20293] >ffff888153c34000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  647.743658][T20293]                    ^
[  647.747575][T20293]  ffff888153c34080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  647.755472][T20293]  ffff888153c34100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  647.763367][T20293] ==================================================================
[  647.771360][T20098] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[  647.780258][T20293] Disabling lock debugging due to kernel taint
[  647.791314][T20098] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  647.799687][T20098] usb 2-1: Product: syz
[  647.803767][T20098] usb 2-1: Manufacturer: syz
[  647.808300][T20098] usb 2-1: SerialNumber: syz
[  647.829720][T23537] syz-executor.4: attempt to access beyond end of device
[  647.829720][T23537] loop4: rw=0, sector=291, nr_sectors = 1 limit=256
2028/09/12 06:31:40 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF
[  647.876699][T20293] EXT4-fs (loop2): unmounting filesystem.
[  647.885064][T20098] usb 2-1: config 0 descriptor??
[  647.927520][T20098] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[  648.001282][T20098] usb 2-1: Detected FT232H
[  648.127702][T20098] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  648.149088][T20098] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  648.170539][T20098] ftdi_sio 2-1:0.0: GPIO initialisation failed: -71
[  648.181550][   T24] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  648.191404][   T24] asix: probe of 1-1:0.0 failed with error -71
[  648.200452][T20098] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  648.212774][T20098] usb 2-1: USB disconnect, device number 50
[  648.222650][   T24] usb 1-1: USB disconnect, device number 55
[  648.229360][T20098] ftdi_si