last executing test programs:

20.151809531s ago: executing program 0 (id=440):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
syz_mount_image$hfsplus(&(0x7f0000000240), &(0x7f00000004c0)='./file1\x00', 0x102c080, &(0x7f0000001200)=ANY=[@ANYBLOB="756d61736be775303030303030303030303031373737373737373737372c6e6c733d63703934392c63726561746f723d7af940e22c63726561746f723d0aee18b02c666f7263652c6769643db66cd9e35c541a790920ffbbf654ef70717f119e74cd421aa750ca1d9c30c72dc8824097e89b440e2c1e5349394d611b38242fc70b942623479161ba0ca062f830e29613ad05f08e34b7cd785a952d45bd04684174f0f296c1caf3e90ca015263f025d4dd2518adc6ade870054f764e521f02b96360752fc5508eca2cbe2cbb99f1821da523d482cc82e252cdae27799c8b6c0d1a4ee18fc862e4d677404722738339aa851acd052c0cdb750eed01b780313426b262c10d2f3a115067e90c2c0d4e938ee8fd5b62ab6586d80c5b713b54560fa108c35429a21f9cfac7122f0f12762829bb60025fb3fb2584b32556e6f7ed97de18df8885fd4badd8b31cfe56408bc08fd13bf1030d9cb467869511136141d774dd9c19a24c0ae3ca1d2bf70ee701fb8043e05fece6e9172b46776fc44102c997cd7b74443c714f122801be4966b7f01624aff5b06eb7c22a8b59928722a1d889260a47d4803f7013e88e663cd5690774f166c7dc0d7bc64615a7f9e507e8a41d03f93b8f4b10b8134854870f576ce2d0055d18641c097699d2dbf7cd3abc70a995f2887f2ac12f56c1949bd78e3887d5f15f8c9c406e0b4ea91c8517e609700191044971b9be626e2cc71707585af4b19465c9e60bb26ee25353be51859e04c38b8210263084335d38944f8", @ANYRES64, @ANYRESHEX, @ANYRESDEC, @ANYRESHEX=0x0, @ANYRES8=0x0], 0x0, 0x6f4, &(0x7f0000000680)="$eJzs3U1sHGcZAOB3dtdrbyq52zZpC0KK1YgIGkhsLyVBQiIghHyoUCQuvZrEaays3ch2kBMhsgUKRzihHHooQubQE+oBqYgDopyRkLii3CNxjziwaGZn1rtre72b+CcJzyON55uZ7+ed1zOfd2cTbQD/txbeiYlWOWLh3Nub6faDrUbzwVZjpShHxGRElCIqnVUkqxHJZxGXo7PE59KdeXfJXuO89fDTD8/e/7jR2arkS1a/NKzdtvaQEVr5EjMRUc7XY6rs1d/VXfq7N1bXSTfuNGFnisTBcWvv0Bqn+Qj3LfC0uxdRnthlfz3iRERM5a8DIp8dSkcc3oEba5YDAACAp1N5vwovPopHsRnTRxMOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPB+SzncGJvlSKsozkRTf/1/N96Wq1WOOd7iv7HP8g+tHFAgAAAAAAAAAHIpP8g/uTz+KR7EZ08X+dpJ95v9GtnEy+/lC3I71WIq1OB+bsRgbsRFrMRcxMd3TYXVzcWNjbW5ny99E2rLdbt/LW85HRH1Hy/kjOGkAAAAAAAAAeH79NBZi+riDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAXklEubPKlpNFuR6lSkRMRUQ1rdeK+HNRfpb95bgDAAAAgMNXy9fTyX87hXaSved/NXvfPxW3YzU2Yjk2ohlLcS17FtB511/6R6vRfLDVWEmXnR1/+99jxZH1GBHleH+PkWezGqe6LRbie/GDOBczcSXWYjl+FIuxEUsxE7X0JGIxkqjXOk8v6kWcu8d7uW/rymBspwe2X88iqcX1WM5iOx9Xq9F5bJKdQzrm6z2j/bEaMTDi+2l2km/lRszRtZ7f16/z5zK59osj9nE46tmZT3QzMpvmPs/GS8NzP+Z1MjjSXJS6z6BObo+Sbg6OVOT8h+Pk/ES+TnP9i/6cH7QxH6UNZmI+SvnVF/Fqf85vffH+y/2Nv/zPv165UVq9eeP6+rlDPKVDNVEUBjPR6MnEa8OvvjwTzTQTrdEzMTG4Y+oJzuMAVfNsZFPRiLPld7PSYrzRcwm+F9diKS7GbMzFpZiNb8R8NPqusFN9ea00Vvpzkt1rpZ3zW21I8Ge+1FPpl/tU3jY7Uq0nk+blpZ689s509exYvufyr2K2J0svD7/6xv4rkI7/+bycjvGz7l+cp0FfJvK5uYjule0sTO0yN/+2nf5cb67eXLuxeGvE8c7m6/S2/aB/bv7dQZzP40uvl3TGrWRbWU5qxfWSHnulG21/vqr5Jy6ddqUdx051j9VjOpbj+3veqdX8NdzOnjrHXus99q/tmbOav74pjvW9yon3opm9ChkwczRZBWBkJ948Ua09rP299lHt57UbtbenvjN5afIL1Zj4W+VP5T+Ufl/6ZvJmfBQ/ienjjhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4H63fu3lxsNpfWuoWYGtzzpIXqnmMNL0Rp3zpbL4zWYdQjho+V5IXqwZ77s1ioxSH1/ElEDKlTfeIhkrGvsbEL6YV8IB0WX5yW7WmXx2heKVrtXqcS61N7/QYnt++CqN9cbP6n3VenFj23DPCcu7CxcuvC+p27X11eWXx36d2l1flLFy9dbHx97msXri83l2Y7P487SuAwrN+5Wz7uGAAAAAAAAAAAAIDx5P/6f+Ox/zNDZZ861bX13Uc+fdSnCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyjFt6JiVYkMTd7fjbdfrDVaKZLUd6uWYmIUkQkP45IPou4HJ0l6j3dJXuN89bDTz88e//jxnZflaJ+aVi70VQjopUWZiKinK/3Nzmw3eotdPu72tNfq7f67dKI4SXdM0wTdqZIHBy3/wUAAP//AZj3og==")
rseq(&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x3}, 0x20, 0x1, 0x0)
r0 = syz_mount_image$fuse(&(0x7f00000001c0), 0x0, 0x40000, 0x0, 0x1, 0x0, 0x0)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$SIOCAX25OPTRT(0xffffffffffffffff, 0x89e7, &(0x7f0000000100)={@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x2, 0x56})
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, 0x0, 0x0)
r3 = getpid()
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
execve(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x55)
listen(r4, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000300)={0x73622a85, 0x0, 0x2})
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
listen(0xffffffffffffffff, 0x0)
kcmp(r1, r3, 0x6, 0xffffffffffffffff, 0xffffffffffffffff)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)

14.335940352s ago: executing program 3 (id=448):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)={0x60, r2, 0xb7a006d1969b963b, 0x1, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME={0x42, 0x33, @probe_request={{{}, {}, @device_a, @device_b}, @void, @val, @void, @val={0x2d, 0x1a, {0x8802, 0x3, 0x6, 0x0, {0x6, 0xd, 0x0, 0xc0, 0x0, 0x0, 0x0, 0x3, 0x1}, 0x1, 0x95ce, 0x9}}, @val={0x72, 0x6}}}]}, 0x60}, 0x1, 0x0, 0x0, 0x8011}, 0x10)
socket$inet(0x2, 0x5, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)

13.900437825s ago: executing program 3 (id=450):
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
r1 = socket$pppoe(0x18, 0x1, 0x0)
socketpair(0x27, 0x80000, 0xb4c, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_ABORT_SCAN(r2, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x28, 0x0, 0x200, 0x70bd2d, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x7, 0x64}}}}, [""]}, 0x28}, 0x1, 0x0, 0x0, 0x40000c0}, 0x4008440)
connect$pppoe(r1, &(0x7f0000000300)={0x18, 0x0, {0x15, @remote, 'gre0\x00'}}, 0x1e)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$PPPIOCATTCHAN(r4, 0x40047438, &(0x7f0000000040)=0x2)
ioctl$PPPIOCBRIDGECHAN(r4, 0x40047435, &(0x7f0000000200)=0x1)
close(0x4)

13.639801201s ago: executing program 3 (id=451):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./file2\x00', 0x10, &(0x7f0000000080)={[{@block_mode}, {@nocheckpoint_merge}, {@fastboot}, {}, {@age_extent_cache}, {@memory_low}, {@nogc_merge}, {@discard_unit_segment}, {@noextent_cache}, {@gc_merge}, {@background_gc_on}, {@fastboot}, {@noquota}]}, 0x4, 0x5515, &(0x7f0000003280)="$eJzs3E1rY+UXAPCTdjrv//kXceFuLgxCK5PQ9GXQXdUZfMEOZdSFK02TNGQmyS1NmtZudOFSXPhNRMGVSz+DC9fuxIXiTlBy740z9QUGmjbO9PeDm3OfJ09OzhNK6bm3JIAzaz759edSXItLETEbEVcjsvNScWTW8/BcRFyPiJlHjlIx/+fE+Yi4HBHXRsnznKXiqc9vDm+s/fTmL998d+HclS++/n56uwam7fmI6O7k5/vdPKatPN4v5mvDdha7q8Mi5k90HxTjNI/7za0sw35tvK6WxZVWvj7d2euP4nanVh/FVns7m9/p5W/YH7bGebIX3K/tZuNGcyuL7X6axdZhXtfBYf677bA/yPM0inwfZuljMBjHfL550Mz3s/Mgi/XeoJjP86aN5sEoDotYvF3U004jq2PrOJ/0f9tb7d7eQTJs7vbbaS9Zq1RfrFRvlau7aaM5aK6Wa93GrdVkodUZLSsPmrXueitNW51mpZ52F5OFVr1erlaThdvNrXatl1SrlZXKUnltsTi7mbx2992k00gWRvGVdm9v0O70k+10N8lfsZgsV1ZeWkxuVJO3NzaTzXt37mxsvvP+7ffuvrzxxqvFor+V9UIsLy0vl6tL5eXq4hna/ydF0cnCxPYPx/DRwz9UAXhc+n9gGk6u/9+9F3Hy/X/o/yfiiep/x2VNsP896/uHY9H/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcWT/Mffl6djKfj68U8/8rpp4pxqWImImI3//BbJw/knO2yDP3L+vn/lLDt6XIMoze40JxXI6I9eL47f8n/SkAAADA0+urj69/lnfr+cP8tAviNOUXbWaufjChfKWImJv/cULZZkYPz04oWfbzfS4OJpQtu4B1cULJ8ktu5yaV7bHMHgkXHwmlPMycajkAAMCpONoJnG4XAgAAwGn6dNoFMB2lGN/KHN8Lzv7z/uENwUtHRgAAAMATqDTtAgAAAIATl/X/vv8PAAAAnm759/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAf7NzPbeJAFAfgscEL+0+LVnvfVvYGZWwJOeYYUUCaoIAcSAtpgBrILSVEEOGZEEAconhsK8n3SWawZX5+RnB4Y2kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACANt1Xy9nt1d/rpjmbbTNvu+qXpmUDAADAp7CulrP6zSTuf0/Hf6ZDv9N+EUIoQwjnevfBSR8+SDnVy/k3h+dXJzXcpU5+d41R2r6FEP6l7fFX298CAAAAfFyr+WIau/X4Mum7ILoUJ23KH/8z5RUhhGrykCmt3OX9yRRW/76H4TJTWj2BNc4UFqfchrnSXqX+u+9n7cYHQxGH8uzH9kVmu3cAAKBDg6Oh2y4EAACALl30XQD9KMLzo8z9o8BRHNLjva9HewAAAMA7VPRdAAAAANC6uv/vaP2/rfX/AAAAoB9x/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADatK6Ws9V8MW2as9k2k+duAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeGJ/3lEgBMIgDPau70zm/oeVBk1NTapA+PgbgwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN787i//J6bGmWTutbH0PJKsnRpbp8beuXH0h/H1awAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAi/15SYEQCIIomDP+d9L3P6wk6BlEiICGRxW1aAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAL/rdL/8npsaZZO60sXQ8kqxdNbauGnsPGkcPxtu/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAi537eY2jigMA/mZnZ2Or4hplDxFR8KAXu93W1t7EgxI8+CcIId3W2K0/2hxsKWIu3iTnXkSPIoISb/0fck4gl3jLYQ8RPEdmdmZ38gNc/DGzST4fePO+Owzzvm8WQr7zXgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACF4buTOE4P7VHcyM9t7T9aTvvtI33qyfrOQtrSOKoy6dPh5fKHqDMO9+tIBgAAgPMhLur7EMJusrGY9o12Vv8nxTVpzf/9s6O4qOeP1v1FX9T+afvt170XxwO1R+OkN721MuhfPp5K8/+b5Wx77m+vaGZPPnv3EmdfSOODtReGSfY8o283N99rZeFcFdkCAP/EpaLPg+L3obTv1ZkYAOdGs1R4F/V/3K43JwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAqDNfC00UchRAWmpM4tb3/aPmk/sn6zkLRrj9+vB6+ntwzvUUSQri1MuhfrnQ2s+3+g4d3lgaD/r3qg1dCCHWN/k4+/TsfTXFxCLU8H8F/ExzM5V/2jORzSoIafygBAHAmJXlL6/rdZGMxPRfNh3Dww+H6//VSHKas//c+vr5VHqtc//cqm+Hs667e/bx7/8HDN1fuLt3u3+5/+taV3tu9qzeuXbvRzd6VdL0xAQAA4N9p5a1c/zfmj6//XyzFYcr6/4vvel+Vx4rV/yeaLPrVnQkAAMD59vyrf/4RnXA+arXCl0urq/d6o+P485XR8cjVobwXflbM5a1c/8fzdWcFAAAAVGG4Fh1a/79ZisOU6//P/PjSz+V7xiGEC/n6/6XlzwY3q5vOTKviz4nrniMAAAD1upC38vp/ku3/b4y3PDRCCG+8NorzfwM4Vf0fv//NT+Wxyvv/r1Y3xZnU6IyeR9Z3Qmh26s4IAACAs+ypvKXF/u/JxuInv1z8sGX/PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDV/goAAP//ya5A9g==")

13.0347324s ago: executing program 0 (id=452):
r0 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r0, &(0x7f0000000080)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000440)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
write(0xffffffffffffffff, &(0x7f0000000340), 0x11000)
setsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(0xffffffffffffffff, 0x84, 0x7, &(0x7f00000001c0)={0xcc2}, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_usb_connect(0x0, 0x5f, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket(0x2a, 0x2, 0x0)
r4 = syz_io_uring_setup(0x49a, &(0x7f00000000c0)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000340)=<r5=>0x0, &(0x7f0000000040)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_MSG_RING={0x28, 0x40, 0x0, r4, 0x0, 0x0, 0x0, 0x2})
io_uring_enter(r4, 0x627, 0x4c1, 0x43, 0x0, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x29a83a768e447add)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd2d, 0x20000000, {0x0, 0x0, 0x0, r1, {0x5, 0x2}, {}, {0x5, 0xffe0}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_CLASSID={0x8, 0x1, {0x0, 0x1}}, @TCA_FLOWER_FLAGS={0x8, 0x16, 0x2}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)

9.195103077s ago: executing program 2 (id=454):
r0 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_DEL_MFC(r0, 0x29, 0xcd, &(0x7f0000000100)={{0xa, 0x4e21, 0xd, @loopback, 0xab2}, {0xa, 0x4e22, 0x0, @rand_addr=' \x01\x00', 0x7}, 0x1, {[0x9, 0x3, 0x6, 0x1, 0x8000, 0xb56, 0x401]}}, 0x5c)

9.019894825s ago: executing program 3 (id=455):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_mount_image$f2fs(&(0x7f00000000c0), &(0x7f00000105c0)='./file1\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='active_logs=4,jqfmt=vfsv0,prjjquota=f2fs\x00,mode=adaptive,heap,norecovery,fsync_mode=posix,user_xattr,disable_roll_forward,\x00\x00\x00'], 0x1, 0x105da, &(0x7f0000032680)="$eJzs3E1vG1UXAODrpGk+3r4lQizYdSSElEi1FSdpBbsAqQCJVBEfC1bg2I7l1vZEsZOYIkRgjVj2j8CKPXv+BDvEAoldEchzJ1WTFhES4yTN80jjM/d65vhcK1J05koOwKU1m/z+WyFcD9MhhPEQwrUQsvNCfmRWYng5hHAjhDD2xFHI5x9PXA0hzIQQrg+Sx5yF/K0vHu6vPeqvzeRZb57NioHz4NUQQnsrnu+1Y0wbMd7L5yu7zSy2l3fzGN9o38/HaYx79Y0sw17l4LpKFpca8fp0a6c7iJutSnUQG83NbH6rEz+wu9s4yJPdcK+ynY1r9Y2Dcvez+x7EQT+PD7q9mKeW5/ssSx96vYMY5+v9ybierftZrHZ6+Xwa66vV+4O4m8dunA7VtFXL6tg44Zd8AbzX7Oz0k936dreZdpJbpfJrpfLtYnk7rdV79eVipV27vZzMNVqDy4q9eqW90kjTRqteqqbt+WSuUa0Wy+VkbrW+0ax0knK5tFRaKN6az89uJm/f/Shp1ZK5QXyz2dnpNVvdZDPdTuId88liaen1+eSVcvLB2nqy/v6dO2vrH36y+vHdN9befSu/6KmykrnFhcXFYnmhuFie/5cL/uNcrn/wL3o06z9i6nS3c9kVzroAgIsn6/+nwyj7/89/ePjr6teVn/T/cIldpP6/mTfkJ+//63E9+v+nnJP+d3T9/zHW/9UlWr/+n1PR/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXFo/T3z3TnYyG8f/y+f/n0+9mI8LIYSxEMKfzzAerh7KOZ7nmfib6yeO1PBjIWQZBp8xmR8zIYSV/Hj0wrNrvzLUbwIAAACeT9/v3/g2duvxZfasC2KU4kObsWufDilfIYQwMfvLkLKNDV5eGlKy7O/7Suif7OarRyeyB1hTp68qkz8U+3JI6Y5l/FCYeiIUYhgbZTUAAMBoHO4E7KgDAAA8v7456wIYvuPs3xXCwVbm4y3OyRjyDcHpQyMAAADgAiqcdQEAAADAfy7r/y/y7/8BAAAA/yz+/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/sXM3uWkDURzAnw1u6ZeKqi4r9SrdwTF6hC67RBygl+AI9Aq5AGcguxwhwhEeo+CISFEYGwX9fpI/xoI/z4jNm0EGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADo0221nv9f/Px3bs6uPk+euwEAAABO2VbreXMyTeNP7fUv7aVv7biIiDIiTvXuo3jXyRy1OdUzr6+e1HAT0STsP+N9u32MiF/tdv+1728BAAAArtdmuZqlbj3tppcuiCGlSZvy8+9MeUVEVNO7TGnlfvc9U1jz+x7H30xpzQTWJFNYmnIb50p7kVHnMDk6FOlQDloOAAAwiG4nMGwXAgAAwJD+HJ0vLlgHAyvisJR5WAtu/nn/uCD4oTMCAAAA3qDi0gUAAAAAvWv6f8//AwAAgOuWnv8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAn7bVer5Zrmbn5uzqV/gxSW+u6zrDrQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDA/ryjQAiEQRjsXd+ZzP0PKw0aG5pUgfDxNwYDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8+N1f/k9MjTPJ3Gtj6XkkWTs1tk6NvXPj6A/j69cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc785ICIRAEUTBn/O+k739YSdCVJxAioOFRRTUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBf97pf/E1PjTDJ32lg6HknWrhpbV429B42jB+P1NQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzcz2scVRwA8Dc7O9sfIF2jBOrFipWKYpOtvxC89CAED4In8biku2V1q9LmYEsO5uJB8D/wotdehIAg9eBf0IMne6yXCrKHCh48KfOrTrtBJ2pmdtPPB968byYv875vAiHfeZMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAS2bnw6kyjtNDP487xbkf725vpv2tB/rUneH1k2lL46jZtJdON71Hq21nAQAAwGEXl/V9COF2sruR9p1+Vv8/U45Ja/7tR/K4rOcfrPvLvqz903bju6/evjdRP58nCSF805+O1htb4WI7XXPciRpjsmcJ+ROaOPu2dd7ceWyWZHc9+vzmzTd6WXjkv2UMAPwfzpZ9EYyjT7Lfj8aT6WjQZmIALK/uP3+6HFLW/3G/gbwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWjbbCc+XcRRCeKL7V5y6dXd7c6/+zvD6ybKdePfxT6vXTC+RhBDGk+noaINrWWSna467cvXa+8PpdHR5X8GT/+qrBEsSxIuRhqDN4IB/QAEAcKgkRUvr+tvJ7kZ6LloJ4Y8v76//z1TiULP+/35y40x1rmr9P2hshYutbv2/tnXpo7UrV6+9MLk0vDi6OPrg3OClwavrr708eGUtvZ/r+fGAswUAAGBZ9YpWrf87K/P7/8crcahZ///w8zu/VOeK1f9z9r//f8AJAQAAPMQePfXbr9Ee56NeL3w83Nq6PMiP9z4+lx9bSPXvHZs/daRo1fo/XmkhNwAAAKBxs53ovv3/C5U41Nz///a537+oXjMuHkGMJ9PR2c0PpxeaW87Cmt//7+85rok/J25guQAAALTkWNGq+/9J9v5/56lyTCeE8OzTeVz8G8Ba9f/r3c/OV+eqvv//YnNLXEid1fx+1Hn/Pxu7GkJ3tYHEAAAAOJSOFi2t/39Kdjfe+/r4Wz3v/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/Mn+3NsmDIRxHH59SZS4TUZIb/ExAw0VghUACcmSZ2AAFqKhorVYBFYACc41naF4nub/K664FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODtXZ+++IiIIlKXKdJ0+3f+jIivSLu2nXzfs9hfTs3PIxeH4yznb8z/y4goo+jjHACA3lXd5lhv6tUg7zDvKO84b1U29fKVnwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG7swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrADBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhB44FAAAAAIT5W6fRsQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMFYAAAD//4pSWOM=")
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
socket$inet6(0xa, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
pipe(0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x10000000013, 0x0, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x14, &(0x7f00000000c0)=0x681b, 0x4)
setitimer(0x0, &(0x7f0000000440)={{0x0, 0xea60}, {0x0, 0x2710}}, 0x0)
mkdir(&(0x7f0000000140)='./control\x00', 0x5)
r2 = inotify_init1(0x800)
fcntl$getownex(r1, 0x10, 0x0)
gettid()
fcntl$setsig(r2, 0xa, 0xc)
rmdir(&(0x7f0000000100)='./control\x00')

7.911684113s ago: executing program 2 (id=457):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x3, 0x3, &(0x7f0000000480)=@framed, &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000140)={@map=0x1, r0, 0x2f, 0x0, 0xffffffffffffffff, @void, @value=0x0}, 0x20)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000140)={@fallback, 0xffffffffffffffff, 0x7}, 0x20)

7.715349302s ago: executing program 2 (id=458):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x80, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r0, 0x400455c8, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000180)=0x3)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000440)=0x3)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000400)=0x7)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000200)=0xa)

6.983799584s ago: executing program 3 (id=460):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x18, 0x4, &(0x7f0000000200)=ANY=[], 0x0, 0x4, 0x9c, &(0x7f0000000000)=""/156}, 0x94)
syz_open_dev$tty1(0xc, 0x4, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', r3}, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000180), r4)
sendmsg$IEEE802154_ADD_IFACE(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x2c, r5, 0x201, 0x70bd2d, 0x25dfdbff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0201}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24008800}, 0x40d0)
syz_genetlink_get_family_id$ieee802154(0x0, r4)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f000000d379)={&(0x7f0000000380)={0x18, 0x14, 0x609, 0x0, 0x0, {0x1e}, [@generic="c1"]}, 0x18}}, 0x8040)
r7 = socket(0x11, 0x3, 0x0)
setsockopt$SO_TIMESTAMPING(r7, 0x1, 0x25, &(0x7f0000000100)=0x1d1f, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
bind$packet(r7, &(0x7f0000000180), 0x14)
setsockopt$packet_int(r7, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)

5.684035222s ago: executing program 0 (id=462):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x24040084)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)=@newqdisc={0x34, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r4, {0xffff}, {0xffff, 0xffff}, {0x2, 0xa}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x400dc}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)=@newqdisc={0x30, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x400dc}, 0x0)

5.661944384s ago: executing program 1 (id=463):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x141001, 0x0)
ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000000))
r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0xb3d)
ioctl$TCXONC(r1, 0x540a, 0x2)

5.505691969s ago: executing program 1 (id=464):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
connect$pppl2tp(r0, &(0x7f0000000300)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x8, 0x0, 0x5, 0x0, {0xa, 0x0, 0xf9d, @private2}}}, 0x32)
writev(r0, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x34000}], 0x1)

5.432046026s ago: executing program 0 (id=465):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000006c0)={[{@dioread_nolock}, {@noauto_da_alloc}, {@inlinecrypt}, {@i_version}, {@data_err_ignore}, {@barrier_val={'barrier', 0x3d, 0x9}}, {@data_err_ignore}, {@grpquota}, {@orlov}, {@user_xattr}, {@resuid}, {@quota}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
fallocate(r0, 0x0, 0xeffb, 0x9)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x107842, 0x0)
sendfile(r1, r1, 0x0, 0x80000000)

5.330859056s ago: executing program 1 (id=466):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b703000008000040850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000002c0)='sys_enter\x00', r1}, 0x10)
ioperm(0x3c, 0x1, 0x8)

5.175128562s ago: executing program 1 (id=467):
syz_usb_connect(0x5, 0x27, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xb7, 0x5c, 0x7f, 0x40, 0x547, 0x201, 0x1164, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xa2, 0xcd, 0xd2}}]}}]}}, 0x0)
r0 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000240)={&(0x7f00000000c0)=[{0xf, 0x1200, 0x1, &(0x7f0000000080)='4'}, {0x0, 0x1001, 0x2, &(0x7f0000000400)="14a9"}], 0x2})

4.998939189s ago: executing program 0 (id=468):
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4)
r0 = socket(0x2, 0x3, 0xfc)
setsockopt$inet_int(r0, 0x0, 0x6, 0x0, 0x0)

4.860289942s ago: executing program 0 (id=469):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000740)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x0)
timer_create(0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = syz_io_uring_setup(0x14f, &(0x7f0000000140)={0x0, 0x8206, 0x400, 0x43, 0x26}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000000)=<r4=>0x0)
r5 = landlock_create_ruleset(&(0x7f00000000c0)={0x501b, 0x2, 0x1}, 0x18, 0x0)
landlock_restrict_self(r5, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000040)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000300)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x80})
io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)

4.748184924s ago: executing program 2 (id=470):
r0 = syz_open_dev$vim2m(&(0x7f0000000280), 0x1719, 0x2)
openat$dlm_control(0xffffffffffffff9c, 0x0, 0x40, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x20000, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mkdirat(0xffffffffffffff9c, 0x0, 0xe21cf3ba3ba10086)
r2 = fanotify_init(0x200, 0x0)
fanotify_mark(r2, 0x1, 0x4800003e, 0xffffffffffffffff, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1})
r3 = openat$vsock(0xffffffffffffff9c, 0x0, 0x200900, 0x0)
ioctl$USBDEVFS_FORBID_SUSPEND(r3, 0x5521)
ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000000)=0x1)
close(r0)

3.420643994s ago: executing program 3 (id=471):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000004c0)={[{@dioread_nolock}, {@data_err_abort}, {@inlinecrypt}, {@noauto_da_alloc}, {@data_err_ignore}, {@delalloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@grpquota}, {@noblock_validity}, {@user_xattr}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@errors_remount}]}, 0x11, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
setxattr$incfs_metadata(&(0x7f0000000240)='./file1\x00', &(0x7f0000000280), &(0x7f00000002c0)="30573472b621739991c336124406e8a5c812ca847e3bf9b837c91d46ab", 0x1d, 0x1)
lsetxattr$trusted_overlay_upper(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000180), &(0x7f0000000800)=ANY=[], 0x361, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000000)=ANY=[], 0xfe37, 0x0)

2.655952179s ago: executing program 1 (id=472):
r0 = socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000380)='sched_switch\x00', r4}, 0x18)
unshare(0x20000400)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, 0x0, 0x0)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r6, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r6, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r6, &(0x7f0000007fc0), 0x800001d, 0x1c)
sendmsg$nl_route(r0, 0x0, 0x0)

2.003067683s ago: executing program 2 (id=473):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_freezer_state(r3, &(0x7f0000000080), 0x2, 0x0)
write$cgroup_freezer_state(r4, &(0x7f00000000c0)='FROZEN\x00', 0x7)

1.023725449s ago: executing program 1 (id=474):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000240)=0x100000001, 0x59)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0xffff, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000040), 0x1e)
io_pgetevents(0x0, 0x1, 0x0, 0x0, &(0x7f00000004c0), 0x0)
r4 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x139382, 0x0)
io_submit(0x0, 0x1, &(0x7f0000000140)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x3, r0, &(0x7f0000000300), 0x0, 0x3, 0x0, 0x1, r4}])
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, 0x0, 0x0)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000080)=@gcm_128={{0x303}, "ba28597967d1b54c", "9712b0d86846b5ecc522bc6f13a6e30c", "ea0292da", "9e87dc79f4c04982"}, 0x28)
close(r0)

0s ago: executing program 2 (id=475):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000680), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000003540)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000003740)={0x0, 0x0, &(0x7f0000003700)={&(0x7f0000000a40)={0x48, r1, 0x1, 0x470bd2a, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME={0x2a, 0x33, @assoc_req={{{0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1}, {0x6}, @broadcast, @device_a, @initial, {0x2, 0xfff}}, 0x600, 0x8b1, {0x0, 0x6, @default_ibss_ssid}, @val, @void}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20040040}, 0x8800)

kernel console output (not intermixed with test programs):

6599]  ? __might_fault+0xaa/0x120
[  190.415694][ T6599]  ? __might_fault+0xc6/0x120
[  190.420433][ T6599]  ? __might_fault+0xaa/0x120
[  190.425644][ T6599]  ucma_write+0x24c/0x2e0
[  190.430186][ T6599]  ? ucma_get_global_nl_info+0x70/0x70
[  190.435668][ T6599]  ? fsnotify_perm+0x5d/0x5e0
[  190.440362][ T6599]  ? security_file_permission+0x79/0xa0
[  190.446017][ T6599]  ? ucma_get_global_nl_info+0x70/0x70
[  190.451522][ T6599]  vfs_write+0x288/0x940
[  190.455825][ T6599]  ? file_end_write+0x250/0x250
[  190.460806][ T6599]  ? __fget_files+0x28/0x4d0
[  190.465603][ T6599]  ? __fget_files+0x44a/0x4d0
[  190.470436][ T6599]  ? __fdget_pos+0x1d8/0x330
[  190.475390][ T6599]  ? ksys_write+0x75/0x250
[  190.479933][ T6599]  ksys_write+0x147/0x250
[  190.484877][ T6599]  ? __ia32_sys_read+0x90/0x90
[  190.489936][ T6599]  ? lockdep_hardirqs_on+0x98/0x150
[  190.495171][ T6599]  do_syscall_64+0x55/0xb0
[  190.499844][ T6599]  ? clear_bhb_loop+0x40/0x90
[  190.504652][ T6599]  ? clear_bhb_loop+0x40/0x90
[  190.509471][ T6599]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  190.515535][ T6599] RIP: 0033:0x7fc138b8efc9
[  190.520320][ T6599] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  190.541373][ T6599] RSP: 002b:00007fc13996f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  190.550473][ T6599] RAX: ffffffffffffffda RBX: 00007fc138de5fa0 RCX: 00007fc138b8efc9
[  190.559201][ T6599] RDX: 0000000000000018 RSI: 0000200000000080 RDI: 0000000000000003
[  190.567511][ T6599] RBP: 00007fc13996f090 R08: 0000000000000000 R09: 0000000000000000
[  190.576284][ T6599] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  190.584846][ T6599] R13: 00007fc138de6038 R14: 00007fc138de5fa0 R15: 00007ffdfce87448
[  190.593206][ T6599]  </TASK>
[  190.686249][   T12] ntfs3: loop0: ino=3, ntfs3_write_inode failed, -22.
[  190.704056][ T5789] ntfs3: loop0: ino=3, ntfs_set_state failed, -22.
[  190.711277][ T5789] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  190.723477][ T5789] ntfs3: loop0: ino=3, ntfs_set_state failed, -22.
[  190.734808][   T42] ntfs3: loop0: ino=3, ntfs3_write_inode failed, -22.
[  190.925218][ T6603] loop1: detected capacity change from 0 to 8192
[  190.979637][ T6603] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  191.035967][ T6605] loop3: detected capacity change from 0 to 4096
[  191.053789][ T6603] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal
[  191.072888][ T6607] loop0: detected capacity change from 0 to 4096
[  191.088573][ T6603] REISERFS (device loop1): using ordered data mode
[  191.095999][ T6603] reiserfs: using flush barriers
[  191.106315][ T6603] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  191.135355][ T6607] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512).
[  191.165807][ T6603] REISERFS (device loop1): checking transaction log (loop1)
[  191.191942][ T6603] REISERFS (device loop1): Using r5 hash to sort names
[  191.222778][ T6605] ntfs3: loop3: ino=3, ntfs_set_state failed, -22.
[  191.228127][ T6603] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage.
[  191.266647][ T6605] ntfs3: loop3: Failed to initialize $Extend/$ObjId.
[  191.983291][ T6607] program syz.0.165 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  192.098857][ T6614] loop2: detected capacity change from 0 to 1024
[  192.117418][ T6614] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[  192.479331][ T6617] ALSA: seq fatal error: cannot create timer (-22)
[  193.364641][   T12] ntfs3: loop3: ino=3, ntfs3_write_inode failed, -22.
[  193.373079][ T5787] ntfs3: loop3: ino=3, ntfs_set_state failed, -22.
[  193.396820][ T5787] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  193.421813][ T5787] ntfs3: loop3: ino=3, ntfs_set_state failed, -22.
[  193.433840][ T1331] ntfs3: loop3: ino=3, ntfs3_write_inode failed, -22.
[  193.601493][ T6626] loop2: detected capacity change from 0 to 64
[  193.662719][ T6628] loop3: detected capacity change from 0 to 1024
[  193.699330][ T6628] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[  193.772161][   T28] kauditd_printk_skb: 31 callbacks suppressed
[  193.772183][   T28] audit: type=1800 audit(1761537176.919:49): pid=6626 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.171" name="file1" dev="loop2" ino=21 res=0 errno=0
[  193.851156][ T6626] FAULT_INJECTION: forcing a failure.
[  193.851156][ T6626] name failslab, interval 1, probability 0, space 0, times 0
[  193.966648][   T28] audit: type=1800 audit(1761537176.969:50): pid=6626 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.171" name="file1" dev="loop2" ino=21 res=0 errno=0
[  193.993307][ T6633] overlayfs: missing 'workdir'
[  194.086834][ T6626] CPU: 0 PID: 6626 Comm: syz.2.171 Not tainted syzkaller #0
[  194.095466][ T6626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  194.106633][ T6626] Call Trace:
[  194.111049][ T6626]  <TASK>
[  194.114480][ T6626]  dump_stack_lvl+0x16c/0x230
[  194.120097][ T6626]  ? show_regs_print_info+0x20/0x20
[  194.127030][ T6626]  ? load_image+0x3b0/0x3b0
[  194.131773][ T6626]  ? __might_sleep+0xe0/0xe0
[  194.136681][ T6626]  ? __lock_acquire+0x7c80/0x7c80
[  194.143622][ T6626]  should_fail_ex+0x39d/0x4d0
[  194.148806][ T6626]  should_failslab+0x9/0x20
[  194.155172][ T6626]  slab_pre_alloc_hook+0x59/0x310
[  194.161380][ T6626]  ? alloc_pipe_info+0x1fc/0x4c0
[  194.166861][ T6626]  ? alloc_pipe_info+0x1fc/0x4c0
[  194.173875][ T6626]  __kmem_cache_alloc_node+0x53/0x260
[  194.180816][ T6626]  ? alloc_pipe_info+0x1fc/0x4c0
[  194.186464][ T6626]  __kmalloc+0xa4/0x240
[  194.191364][ T6626]  alloc_pipe_info+0x1fc/0x4c0
[  194.198036][ T6626]  splice_direct_to_actor+0x6d2/0x870
[  194.204422][ T6626]  ? aa_file_perm+0x120/0xec0
[  194.210464][ T6626]  ? aa_file_perm+0x3e8/0xec0
[  194.216601][ T6626]  ? direct_file_splice_eof+0xb0/0xb0
[  194.223352][ T6626]  ? end_current_label_crit_section+0x149/0x170
[  194.233322][ T6626]  ? warn_unsupported+0xc0/0xc0
[  194.238692][ T6626]  ? common_file_perm+0x198/0x1f0
[  194.245348][ T6626]  ? fsnotify_perm+0x5d/0x5e0
[  194.250381][ T6626]  ? security_file_permission+0x79/0xa0
[  194.257424][ T6626]  do_splice_direct+0x1b7/0x2c0
[  194.263569][ T6626]  ? splice_direct_to_actor+0x870/0x870
[  194.269569][ T6626]  ? rcu_read_lock_any_held+0xb4/0x120
[  194.275090][ T6626]  ? do_splice_direct+0x2c0/0x2c0
[  194.280830][ T6626]  do_sendfile+0x5dc/0xf70
[  194.285582][ T6626]  ? do_pwritev+0x340/0x340
[  194.290359][ T6626]  __se_sys_sendfile64+0x13f/0x190
[  194.295717][ T6626]  ? lock_chain_count+0x20/0x20
[  194.301044][ T6626]  ? __x64_sys_sendfile64+0xb0/0xb0
[  194.306845][ T6626]  ? lockdep_hardirqs_on+0x98/0x150
[  194.314162][ T6626]  do_syscall_64+0x55/0xb0
[  194.319159][ T6626]  ? clear_bhb_loop+0x40/0x90
[  194.324413][ T6626]  ? clear_bhb_loop+0x40/0x90
[  194.329868][ T6626]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  194.336145][ T6626] RIP: 0033:0x7fbd9618efc9
[  194.341049][ T6626] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  194.362768][ T6626] RSP: 002b:00007fbd97013038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  194.371794][ T6626] RAX: ffffffffffffffda RBX: 00007fbd963e5fa0 RCX: 00007fbd9618efc9
[  194.379985][ T6626] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  194.388978][ T6626] RBP: 00007fbd97013090 R08: 0000000000000000 R09: 0000000000000000
[  194.398449][ T6626] R10: 0001000000201001 R11: 0000000000000246 R12: 0000000000000001
[  194.407273][ T6626] R13: 00007fbd963e6038 R14: 00007fbd963e5fa0 R15: 00007fffcb13a638
[  194.416264][ T6626]  </TASK>
[  194.883949][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[  194.890334][ T1286] ieee802154 phy1 wpan1: encryption failed: -22
[  194.924843][ T6635] loop0: detected capacity change from 0 to 64
[  194.985426][   T28] audit: type=1800 audit(1761537178.149:51): pid=6635 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.173" name="file1" dev="loop0" ino=21 res=0 errno=0
[  195.033741][   T28] audit: type=1800 audit(1761537178.179:52): pid=6635 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.173" name="file1" dev="loop0" ino=21 res=0 errno=0
[  196.001670][ T6639] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  196.218164][ T6642] loop0: detected capacity change from 0 to 256
[  198.126553][ T6648] loop1: detected capacity change from 0 to 1024
[  198.218809][ T6648] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities
[  198.556222][ T6650] ALSA: seq fatal error: cannot create timer (-22)
[  200.361219][ T6665] FAULT_INJECTION: forcing a failure.
[  200.361219][ T6665] name failslab, interval 1, probability 0, space 0, times 0
[  200.410850][ T6665] CPU: 1 PID: 6665 Comm: syz.1.182 Not tainted syzkaller #0
[  200.418655][ T6665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  200.430302][ T6665] Call Trace:
[  200.433747][ T6665]  <TASK>
[  200.437083][ T6665]  dump_stack_lvl+0x16c/0x230
[  200.441823][ T6665]  ? show_regs_print_info+0x20/0x20
[  200.447602][ T6665]  ? load_image+0x3b0/0x3b0
[  200.453310][ T6665]  ? __might_sleep+0xe0/0xe0
[  200.458069][ T6665]  ? __lock_acquire+0x7c80/0x7c80
[  200.464464][ T6665]  ? prepend_path+0x4b/0x960
[  200.470566][ T6665]  should_fail_ex+0x39d/0x4d0
[  200.476813][ T6665]  should_failslab+0x9/0x20
[  200.482897][ T6665]  slab_pre_alloc_hook+0x59/0x310
[  200.489675][ T6665]  ? __asan_memcpy+0x40/0x70
[  200.495259][ T6665]  ? tomoyo_encode+0x28b/0x540
[  200.500357][ T6665]  ? tomoyo_encode+0x28b/0x540
[  200.506484][ T6665]  __kmem_cache_alloc_node+0x53/0x260
[  200.512408][ T6665]  ? prepend_path+0x4b/0x960
[  200.518898][ T6665]  ? tomoyo_encode+0x28b/0x540
[  200.525277][ T6665]  __kmalloc+0xa4/0x240
[  200.529781][ T6665]  tomoyo_encode+0x28b/0x540
[  200.535217][ T6665]  tomoyo_realpath_from_path+0x592/0x5d0
[  200.542286][ T6665]  tomoyo_path_number_perm+0x1ea/0x590
[  200.548064][ T6665]  ? tomoyo_path_number_perm+0x1ba/0x590
[  200.554061][ T6665]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  200.560608][ T6665]  ? ksys_write+0x1c1/0x250
[  200.566706][ T6665]  ? __fget_files+0x28/0x4d0
[  200.571470][ T6665]  security_file_ioctl+0x70/0xa0
[  200.577203][ T6665]  __se_sys_ioctl+0x48/0x170
[  200.582548][ T6665]  do_syscall_64+0x55/0xb0
[  200.587304][ T6665]  ? clear_bhb_loop+0x40/0x90
[  200.593288][ T6665]  ? clear_bhb_loop+0x40/0x90
[  200.598265][ T6665]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  200.604489][ T6665] RIP: 0033:0x7f148eb8efc9
[  200.610363][ T6665] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  200.634754][ T6665] RSP: 002b:00007f148fa82038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  200.646041][ T6665] RAX: ffffffffffffffda RBX: 00007f148ede5fa0 RCX: 00007f148eb8efc9
[  200.655901][ T6665] RDX: 0000200000000280 RSI: 00000000c01064c7 RDI: 0000000000000005
[  200.664035][ T6665] RBP: 00007f148fa82090 R08: 0000000000000000 R09: 0000000000000000
[  200.672232][ T6665] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  200.680631][ T6665] R13: 00007f148ede6038 R14: 00007f148ede5fa0 R15: 00007ffdd390c758
[  200.689224][ T6665]  </TASK>
[  200.711352][ T6665] ERROR: Out of memory at tomoyo_realpath_from_path.
[  200.772694][ T6667] loop3: detected capacity change from 0 to 256
[  200.787752][ T6667] FAT-fs (loop3): "posix" option is obsolete, not supported now
[  201.206547][ T6676] loop2: detected capacity change from 0 to 256
[  201.271296][ T6678] FAULT_INJECTION: forcing a failure.
[  201.271296][ T6678] name failslab, interval 1, probability 0, space 0, times 0
[  201.316571][ T6678] CPU: 0 PID: 6678 Comm: syz.3.186 Not tainted syzkaller #0
[  201.324201][ T6678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  201.334752][ T6678] Call Trace:
[  201.338273][ T6678]  <TASK>
[  201.341266][ T6678]  dump_stack_lvl+0x16c/0x230
[  201.346179][ T6678]  ? show_regs_print_info+0x20/0x20
[  201.351446][ T6678]  ? load_image+0x3b0/0x3b0
[  201.356018][ T6678]  ? __might_sleep+0xe0/0xe0
[  201.360698][ T6678]  ? __lock_acquire+0x7c80/0x7c80
[  201.365802][ T6678]  should_fail_ex+0x39d/0x4d0
[  201.370607][ T6678]  should_failslab+0x9/0x20
[  201.375179][ T6678]  slab_pre_alloc_hook+0x59/0x310
[  201.380331][ T6678]  ? slab_post_alloc_hook+0x8a/0x4d0
[  201.385689][ T6678]  kmem_cache_alloc_bulk+0x52/0x5b0
[  201.391037][ T6678]  ? rcu_is_watching+0x15/0xb0
[  201.395864][ T6678]  ? kmem_cache_alloc+0x14d/0x2e0
[  201.400945][ T6678]  ? mas_alloc_nodes+0x2f8/0x8c0
[  201.405942][ T6678]  mas_alloc_nodes+0x471/0x8c0
[  201.410775][ T6678]  mas_preallocate+0xa44/0x1190
[  201.415686][ T6678]  ? mas_destroy+0x1fc0/0x1fc0
[  201.420608][ T6678]  ? vma_iter_config+0xe6/0x270
[  201.425511][ T6678]  vma_merge+0x1685/0x2110
[  201.429977][ T6678]  ? process_vma_walk_lock+0x2e2/0x450
[  201.435623][ T6678]  ? init_vma_prep+0x160/0x160
[  201.440645][ T6678]  mbind_range+0x50d/0x730
[  201.445301][ T6678]  __se_sys_mbind+0x536/0x720
[  201.450075][ T6678]  ? __x64_sys_mbind+0xf0/0xf0
[  201.454947][ T6678]  ? lock_chain_count+0x20/0x20
[  201.459870][ T6678]  ? __x64_sys_mbind+0x21/0xf0
[  201.464788][ T6678]  do_syscall_64+0x55/0xb0
[  201.469253][ T6678]  ? clear_bhb_loop+0x40/0x90
[  201.474135][ T6678]  ? clear_bhb_loop+0x40/0x90
[  201.478862][ T6678]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  201.484868][ T6678] RIP: 0033:0x7fc138b8efc9
[  201.489330][ T6678] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  201.508982][ T6678] RSP: 002b:00007fc13996f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[  201.518480][ T6678] RAX: ffffffffffffffda RBX: 00007fc138de5fa0 RCX: 00007fc138b8efc9
[  201.526594][ T6678] RDX: 0000000000000000 RSI: 0000000000800000 RDI: 0000200000001000
[  201.534866][ T6678] RBP: 00007fc13996f090 R08: 0000000000000000 R09: 0000000000000000
[  201.542865][ T6678] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  201.550861][ T6678] R13: 00007fc138de6038 R14: 00007fc138de5fa0 R15: 00007ffdfce87448
[  201.558887][ T6678]  </TASK>
[  203.332882][ T6684] loop2: detected capacity change from 0 to 8
[  203.383703][ T6684] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  203.413345][ T5800] udevd[5800]: incorrect cramfs checksum on /dev/loop2
[  203.432090][ T6684] overlayfs: failed to resolve 'hash': -2
[  203.508897][ T5800] udevd[5800]: incorrect cramfs checksum on /dev/loop2
[  203.546259][ T6686] loop1: detected capacity change from 0 to 1024
[  203.577894][ T6686] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities
[  203.731743][ T5800] udevd[5800]: incorrect cramfs checksum on /dev/loop2
[  204.027005][ T6693] ALSA: seq fatal error: cannot create timer (-22)
[  204.792121][ T5800] udevd[5800]: incorrect cramfs checksum on /dev/loop2
[  205.541484][ T6698] loop3: detected capacity change from 0 to 32768
[  205.580553][ T6698] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.192 (6698)
[  205.666438][ T6698] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  205.714097][ T6698] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  205.723061][ T6698] BTRFS info (device loop3): using free space tree
[  205.912159][ T6700] loop2: detected capacity change from 0 to 32768
[  205.924428][ T6700] BTRFS warning: duplicate device /dev/loop2 devid 1 generation 8 scanned by syz.2.193 (6700)
[  205.976932][ T6702] loop1: detected capacity change from 0 to 32768
[  205.990612][ T6702] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.194 (6702)
[  205.996942][ T6698] BTRFS info (device loop3): enabling ssd optimizations
[  206.022893][ T5792] I/O error, dev loop2, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  206.069286][ T6698] BTRFS info (device loop3): auto enabling async discard
[  206.078882][ T6702] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  206.119426][ T6720] loop0: detected capacity change from 0 to 1024
[  206.137822][ T6702] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  206.178527][ T6702] BTRFS info (device loop1): using free space tree
[  206.201442][ T6720] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities
[  206.324790][ T6698] FAULT_INJECTION: forcing a failure.
[  206.324790][ T6698] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  206.339371][ T6698] CPU: 1 PID: 6698 Comm: syz.3.192 Not tainted syzkaller #0
[  206.346825][ T6698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  206.357199][ T6698] Call Trace:
[  206.360645][ T6698]  <TASK>
[  206.363723][ T6698]  dump_stack_lvl+0x16c/0x230
[  206.370562][ T6698]  ? show_regs_print_info+0x20/0x20
[  206.375841][ T6698]  ? load_image+0x3b0/0x3b0
[  206.380394][ T6698]  ? __lock_acquire+0x7c80/0x7c80
[  206.385456][ T6698]  ? snprintf+0xdb/0x120
[  206.389878][ T6698]  should_fail_ex+0x39d/0x4d0
[  206.394788][ T6698]  _copy_to_user+0x2f/0xa0
[  206.399233][ T6698]  simple_read_from_buffer+0xe7/0x150
[  206.404781][ T6698]  proc_fail_nth_read+0x1e3/0x250
[  206.410197][ T6698]  ? proc_fault_inject_write+0x340/0x340
[  206.416567][ T6698]  ? fsnotify_perm+0x271/0x5e0
[  206.421546][ T6698]  ? proc_fault_inject_write+0x340/0x340
[  206.427569][ T6698]  vfs_read+0x27e/0x920
[  206.431935][ T6698]  ? kernel_read+0x1e0/0x1e0
[  206.436838][ T6698]  ? __fget_files+0x28/0x4d0
[  206.442077][ T6698]  ? __fget_files+0x44a/0x4d0
[  206.446979][ T6698]  ? __fdget_pos+0x2a3/0x330
[  206.451723][ T6698]  ? ksys_read+0x75/0x250
[  206.456200][ T6698]  ksys_read+0x147/0x250
[  206.460483][ T6698]  ? vfs_write+0x940/0x940
[  206.465361][ T6698]  ? lockdep_hardirqs_on+0x98/0x150
[  206.470620][ T6698]  do_syscall_64+0x55/0xb0
[  206.475066][ T6698]  ? clear_bhb_loop+0x40/0x90
[  206.479776][ T6698]  ? clear_bhb_loop+0x40/0x90
[  206.484508][ T6698]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  206.490463][ T6698] RIP: 0033:0x7fc138b8d9dc
[  206.494910][ T6698] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  206.514676][ T6698] RSP: 002b:00007fc13996f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  206.523381][ T6698] RAX: ffffffffffffffda RBX: 00007fc138de5fa0 RCX: 00007fc138b8d9dc
[  206.533123][ T6698] RDX: 000000000000000f RSI: 00007fc13996f0a0 RDI: 0000000000000006
[  206.541392][ T6698] RBP: 00007fc13996f090 R08: 0000000000000000 R09: 0000000000000000
[  206.549818][ T6698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  206.558105][ T6698] R13: 00007fc138de6038 R14: 00007fc138de5fa0 R15: 00007ffdfce87448
[  206.566126][ T6698]  </TASK>
[  206.569340][    C1] vkms_vblank_simulate: vblank timer overrun
[  206.763627][ T6702] BTRFS info (device loop1): enabling ssd optimizations
[  206.770931][ T6702] BTRFS info (device loop1): auto enabling async discard
[  207.563889][ T5787] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  208.146254][ T6750] FAULT_INJECTION: forcing a failure.
[  208.146254][ T6750] name failslab, interval 1, probability 0, space 0, times 0
[  208.203975][ T6750] CPU: 0 PID: 6750 Comm: syz.2.196 Not tainted syzkaller #0
[  208.211361][ T6750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  208.221901][ T6750] Call Trace:
[  208.225290][ T6750]  <TASK>
[  208.228243][ T6750]  dump_stack_lvl+0x16c/0x230
[  208.232965][ T6750]  ? show_regs_print_info+0x20/0x20
[  208.238208][ T6750]  ? load_image+0x3b0/0x3b0
[  208.242740][ T6750]  ? __might_sleep+0xe0/0xe0
[  208.247367][ T6750]  ? __lock_acquire+0x7c80/0x7c80
[  208.252422][ T6750]  ? prepend_path+0x4b/0x960
[  208.257048][ T6750]  should_fail_ex+0x39d/0x4d0
[  208.261776][ T6750]  should_failslab+0x9/0x20
[  208.266329][ T6750]  slab_pre_alloc_hook+0x59/0x310
[  208.271416][ T6750]  ? __asan_memcpy+0x40/0x70
[  208.276053][ T6750]  ? tomoyo_encode+0x28b/0x540
[  208.280858][ T6750]  ? tomoyo_encode+0x28b/0x540
[  208.285657][ T6750]  __kmem_cache_alloc_node+0x53/0x260
[  208.291070][ T6750]  ? prepend_path+0x4b/0x960
[  208.295686][ T6750]  ? tomoyo_encode+0x28b/0x540
[  208.300484][ T6750]  __kmalloc+0xa4/0x240
[  208.304675][ T6750]  tomoyo_encode+0x28b/0x540
[  208.309315][ T6750]  tomoyo_realpath_from_path+0x592/0x5d0
[  208.315018][ T6750]  tomoyo_path_number_perm+0x1ea/0x590
[  208.320953][ T6750]  ? tomoyo_path_number_perm+0x1ba/0x590
[  208.326627][ T6750]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  208.332128][ T6750]  ? ksys_write+0x1c1/0x250
[  208.336786][ T6750]  ? __fget_files+0x28/0x4d0
[  208.341419][ T6750]  security_file_ioctl+0x70/0xa0
[  208.346394][ T6750]  __se_sys_ioctl+0x48/0x170
[  208.351018][ T6750]  do_syscall_64+0x55/0xb0
[  208.355466][ T6750]  ? clear_bhb_loop+0x40/0x90
[  208.360203][ T6750]  ? clear_bhb_loop+0x40/0x90
[  208.364966][ T6750]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  208.370889][ T6750] RIP: 0033:0x7fbd9618efc9
[  208.375328][ T6750] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  208.394974][ T6750] RSP: 002b:00007fbd96ff2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  208.403456][ T6750] RAX: ffffffffffffffda RBX: 00007fbd963e6090 RCX: 00007fbd9618efc9
[  208.411504][ T6750] RDX: 0000200000000440 RSI: 00000000806c4120 RDI: 0000000000000006
[  208.419509][ T6750] RBP: 00007fbd96ff2090 R08: 0000000000000000 R09: 0000000000000000
[  208.427533][ T6750] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  208.435629][ T6750] R13: 00007fbd963e6128 R14: 00007fbd963e6090 R15: 00007fffcb13a638
[  208.443651][ T6750]  </TASK>
[  208.472863][ T6750] ERROR: Out of memory at tomoyo_realpath_from_path.
[  208.809627][ T5786] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  209.011248][ T6755] capability: warning: `syz.2.197' uses deprecated v2 capabilities in a way that may be insecure
[  210.922568][ T5859] IPVS: starting estimator thread 0...
[  210.934710][ T6761] IPVS: set_ctl: invalid protocol: 59 10.1.1.0:19999
[  211.043681][ T6762] IPVS: using max 19 ests per chain, 45600 per kthread
[  211.117537][ T6764] FAULT_INJECTION: forcing a failure.
[  211.117537][ T6764] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  211.176277][ T6764] CPU: 1 PID: 6764 Comm: syz.2.201 Not tainted syzkaller #0
[  211.183833][ T6764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  211.194191][ T6764] Call Trace:
[  211.197508][ T6764]  <TASK>
[  211.200480][ T6764]  dump_stack_lvl+0x16c/0x230
[  211.205201][ T6764]  ? show_regs_print_info+0x20/0x20
[  211.210542][ T6764]  ? load_image+0x3b0/0x3b0
[  211.215710][ T6764]  ? __lock_acquire+0x7c80/0x7c80
[  211.220763][ T6764]  ? snprintf+0xdb/0x120
[  211.225053][ T6764]  should_fail_ex+0x39d/0x4d0
[  211.229833][ T6764]  _copy_to_user+0x2f/0xa0
[  211.234338][ T6764]  simple_read_from_buffer+0xe7/0x150
[  211.240011][ T6764]  proc_fail_nth_read+0x1e3/0x250
[  211.245156][ T6764]  ? proc_fault_inject_write+0x340/0x340
[  211.250833][ T6764]  ? fsnotify_perm+0x271/0x5e0
[  211.256067][ T6764]  ? proc_fault_inject_write+0x340/0x340
[  211.261940][ T6764]  vfs_read+0x27e/0x920
[  211.266187][ T6764]  ? kernel_read+0x1e0/0x1e0
[  211.270805][ T6764]  ? __fget_files+0x28/0x4d0
[  211.275710][ T6764]  ? __fget_files+0x44a/0x4d0
[  211.280614][ T6764]  ? __fdget_pos+0x2a3/0x330
[  211.285268][ T6764]  ? ksys_read+0x75/0x250
[  211.289820][ T6764]  ksys_read+0x147/0x250
[  211.294188][ T6764]  ? vfs_write+0x940/0x940
[  211.298643][ T6764]  ? lockdep_hardirqs_on+0x98/0x150
[  211.303889][ T6764]  do_syscall_64+0x55/0xb0
[  211.308360][ T6764]  ? clear_bhb_loop+0x40/0x90
[  211.313057][ T6764]  ? clear_bhb_loop+0x40/0x90
[  211.317756][ T6764]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  211.324371][ T6764] RIP: 0033:0x7fbd9618d9dc
[  211.329912][ T6764] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  211.350088][ T6764] RSP: 002b:00007fbd97013030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  211.358974][ T6764] RAX: ffffffffffffffda RBX: 00007fbd963e5fa0 RCX: 00007fbd9618d9dc
[  211.367173][ T6764] RDX: 000000000000000f RSI: 00007fbd970130a0 RDI: 0000000000000004
[  211.375362][ T6764] RBP: 00007fbd97013090 R08: 0000000000000000 R09: 0000000000000000
[  211.383443][ T6764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  211.392429][ T6764] R13: 00007fbd963e6038 R14: 00007fbd963e5fa0 R15: 00007fffcb13a638
[  211.400696][ T6764]  </TASK>
[  211.861283][ T6767] loop2: detected capacity change from 0 to 1024
[  211.972364][ T6767] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[  212.365653][ T6772] ALSA: seq fatal error: cannot create timer (-22)
[  213.590381][   T51] Bluetooth: hci3: command 0x0406 tx timeout
[  213.596721][ T5803] Bluetooth: hci1: command 0x0406 tx timeout
[  213.603030][   T51] Bluetooth: hci2: command 0x0406 tx timeout
[  213.613158][ T5803] Bluetooth: hci0: command 0x0406 tx timeout
[  214.272635][ T6778] overlayfs: conflicting options: metacopy=on,redirect_dir=follow
[  214.306671][ T6780] FAULT_INJECTION: forcing a failure.
[  214.306671][ T6780] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  214.327572][ T6780] CPU: 1 PID: 6780 Comm: syz.2.205 Not tainted syzkaller #0
[  214.335034][ T6780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  214.345183][ T6780] Call Trace:
[  214.348497][ T6780]  <TASK>
[  214.351460][ T6780]  dump_stack_lvl+0x16c/0x230
[  214.356215][ T6780]  ? show_regs_print_info+0x20/0x20
[  214.361569][ T6780]  ? load_image+0x3b0/0x3b0
[  214.366127][ T6780]  ? __might_fault+0xaa/0x120
[  214.370842][ T6780]  ? __lock_acquire+0x7c80/0x7c80
[  214.376016][ T6780]  should_fail_ex+0x39d/0x4d0
[  214.380840][ T6780]  _copy_from_user+0x2f/0xe0
[  214.385490][ T6780]  strndup_user+0xb7/0x150
[  214.389968][ T6780]  __se_sys_mount+0x9f/0x3c0
[  214.394610][ T6780]  ? __x64_sys_mount+0xc0/0xc0
[  214.399423][ T6780]  ? lockdep_hardirqs_on+0x98/0x150
[  214.404664][ T6780]  ? __x64_sys_mount+0x20/0xc0
[  214.409487][ T6780]  do_syscall_64+0x55/0xb0
[  214.413951][ T6780]  ? clear_bhb_loop+0x40/0x90
[  214.418674][ T6780]  ? clear_bhb_loop+0x40/0x90
[  214.423399][ T6780]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  214.429342][ T6780] RIP: 0033:0x7fbd9618efc9
[  214.433799][ T6780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  214.453568][ T6780] RSP: 002b:00007fbd97013038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  214.462042][ T6780] RAX: ffffffffffffffda RBX: 00007fbd963e5fa0 RCX: 00007fbd9618efc9
[  214.470068][ T6780] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000
[  214.478090][ T6780] RBP: 00007fbd97013090 R08: 0000200000000440 R09: 0000000000000000
[  214.486113][ T6780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  214.494179][ T6780] R13: 00007fbd963e6038 R14: 00007fbd963e5fa0 R15: 00007fffcb13a638
[  214.502212][ T6780]  </TASK>
[  214.724620][ T6787] syz.2.207 uses obsolete (PF_INET,SOCK_PACKET)
[  214.767429][ T6790] loop0: detected capacity change from 0 to 1024
[  214.796767][ T6790] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  216.892339][   T28] audit: type=1326 audit(1761537200.049:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6784 comm="syz.2.207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd9618efc9 code=0x7fc00000
[  217.158158][   T28] audit: type=1326 audit(1761537200.319:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6784 comm="syz.2.207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd9618efc9 code=0x7fc00000
[  217.408560][ T6803] loop1: detected capacity change from 0 to 32768
[  217.435705][ T6805] loop2: detected capacity change from 0 to 8
[  217.473750][ T6803] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.211 (6803)
[  217.567434][ T6803] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  217.601798][ T6803] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  217.622411][ T6803] BTRFS warning (device loop1): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  217.667470][ T6803] BTRFS info (device loop1): trying to use backup root at mount time
[  217.697159][ T6803] BTRFS info (device loop1): use zlib compression, level 3
[  217.723553][ T6803] BTRFS info (device loop1): enabling ssd optimizations
[  217.742302][ T6803] BTRFS info (device loop1): disabling tree log
[  217.765050][ T6803] BTRFS info (device loop1): using free space tree
[  217.899861][   T59] BTRFS warning (device loop1): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0x26333c6f level 0
[  217.927403][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  217.986412][ T6803] BTRFS warning (device loop1): couldn't read tree root
[  218.003565][ T6803] BTRFS warning (device loop1): try to load backup roots slot 1
[  218.011766][ T1331] BTRFS warning (device loop1): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x78ca8373 level 0
[  218.047947][ T6803] BTRFS warning (device loop1): couldn't read tree root
[  218.082164][ T6803] BTRFS warning (device loop1): try to load backup roots slot 2
[  218.112697][ T1331] BTRFS error (device loop1): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  218.134642][ T6803] BTRFS warning (device loop1): couldn't read tree root
[  218.141698][ T6803] BTRFS warning (device loop1): try to load backup roots slot 3
[  218.182684][ T6805] SQUASHFS error: Failed to read block 0x2d7: -5
[  218.206240][ T6803] BTRFS info (device loop1): auto enabling async discard
[  218.224999][ T6805] SQUASHFS error: Unable to read metadata cache entry [2d5]
[  218.233166][ T6824] netlink: 20 bytes leftover after parsing attributes in process `syz.0.213'.
[  218.235793][ T6803] BTRFS info (device loop1): rebuilding free space tree
[  218.376493][ T6803] BTRFS info (device loop1): checking UUID tree
[  218.593531][  T789] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  218.808812][ T6803] process 'syz.1.211' launched './file0' with NULL argv: empty string added
[  218.826390][  T789] usb 4-1: config index 0 descriptor too short (expected 23569, got 27)
[  218.835852][  T789] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  218.857011][  T789] usb 4-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  218.876703][  T789] usb 4-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  218.894835][  T789] usb 4-1: Manufacturer: syz
[  218.931749][  T789] usb 4-1: config 0 descriptor??
[  219.022445][ T5786] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  219.081585][  T970] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  219.134333][  T789] rc_core: IR keymap rc-hauppauge not found
[  219.140342][  T789] Registered IR keymap rc-empty
[  219.179592][  T789] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[  219.254287][  T789] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input9
[  219.293503][  T970] usb 1-1: Using ep0 maxpacket: 32
[  219.314484][  T970] usb 1-1: no configurations
[  219.319679][  T970] usb 1-1: can't read configurations, error -22
[  219.348748][    C0] igorplugusb 4-1:0.0: Error: urb status = -32
[  219.374021][ T6830] netlink: 20 bytes leftover after parsing attributes in process `syz.3.214'.
[  219.461119][   T23] usb 4-1: USB disconnect, device number 2
[  219.496507][  T970] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  221.345329][ T6854] 9pnet_fd: Insufficient options for proto=fd
[  221.373557][  T970] usb 1-1: Using ep0 maxpacket: 32
[  221.403579][  T970] usb 1-1: no configurations
[  221.408304][  T970] usb 1-1: can't read configurations, error -22
[  221.444262][  T970] usb usb1-port1: attempt power cycle
[  221.444614][ T6856] sch_tbf: burst 21990 is lower than device lo mtu (65550) !
[  221.519372][ T6856] FAULT_INJECTION: forcing a failure.
[  221.519372][ T6856] name failslab, interval 1, probability 0, space 0, times 0
[  221.542836][ T6856] CPU: 1 PID: 6856 Comm: syz.3.221 Not tainted syzkaller #0
[  221.550240][ T6856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  221.560435][ T6856] Call Trace:
[  221.563759][ T6856]  <TASK>
[  221.566727][ T6856]  dump_stack_lvl+0x16c/0x230
[  221.571552][ T6856]  ? show_regs_print_info+0x20/0x20
[  221.576809][ T6856]  ? load_image+0x3b0/0x3b0
[  221.581805][ T6856]  ? __might_sleep+0xe0/0xe0
[  221.586892][ T6856]  ? __lock_acquire+0x7c80/0x7c80
[  221.592515][ T6856]  should_fail_ex+0x39d/0x4d0
[  221.597389][ T6856]  should_failslab+0x9/0x20
[  221.601965][ T6856]  slab_pre_alloc_hook+0x59/0x310
[  221.607310][ T6856]  ? __lock_acquire+0x1334/0x7c80
[  221.612397][ T6856]  kmem_cache_alloc_node+0x60/0x330
[  221.617829][ T6856]  ? __alloc_skb+0x108/0x2c0
[  221.623190][ T6856]  __alloc_skb+0x108/0x2c0
[  221.627778][ T6856]  tcp_stream_alloc_skb+0x3d/0x330
[  221.633037][ T6856]  tcp_sendmsg_locked+0xed2/0x4af0
[  221.636938][ T6860] loop2: detected capacity change from 0 to 128
[  221.638177][ T6856]  ? verify_lock_unused+0x140/0x140
[  221.649757][ T6856]  ? tcp_set_state+0x650/0x650
[  221.654593][ T6856]  tcp_sendmsg+0x2f/0x50
[  221.658928][ T6856]  ? inet_send_prepare+0x260/0x260
[  221.664063][ T6856]  ____sys_sendmsg+0x5bf/0x950
[  221.668869][ T6856]  ? __asan_memset+0x22/0x40
[  221.673518][ T6856]  ? __sys_sendmsg_sock+0x30/0x30
[  221.678610][ T6856]  ? __import_iovec+0x5f2/0x860
[  221.684338][ T6856]  ? import_iovec+0x73/0xa0
[  221.688981][ T6856]  ___sys_sendmsg+0x220/0x290
[  221.693688][ T6856]  ? __sys_sendmsg+0x270/0x270
[  221.698585][ T6856]  ? __lock_acquire+0x7c80/0x7c80
[  221.703738][ T6856]  __se_sys_sendmsg+0x1a5/0x270
[  221.708633][ T6856]  ? __x64_sys_sendmsg+0x80/0x80
[  221.713706][ T6856]  ? lockdep_hardirqs_on+0x98/0x150
[  221.718928][ T6856]  do_syscall_64+0x55/0xb0
[  221.723377][ T6856]  ? clear_bhb_loop+0x40/0x90
[  221.728103][ T6856]  ? clear_bhb_loop+0x40/0x90
[  221.732804][ T6856]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  221.738743][ T6856] RIP: 0033:0x7fc138b8efc9
[  221.743448][ T6856] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  221.763283][ T6856] RSP: 002b:00007fc13996f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  221.771901][ T6856] RAX: ffffffffffffffda RBX: 00007fc138de5fa0 RCX: 00007fc138b8efc9
[  221.780420][ T6856] RDX: 0000000000000000 RSI: 00002000000015c0 RDI: 0000000000000003
[  221.788432][ T6856] RBP: 00007fc13996f090 R08: 0000000000000000 R09: 0000000000000000
[  221.796515][ T6856] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  221.804801][ T6856] R13: 00007fc138de6038 R14: 00007fc138de5fa0 R15: 00007ffdfce87448
[  221.813022][ T6856]  </TASK>
[  221.899006][   T28] audit: type=1800 audit(1761537205.059:55): pid=6859 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.222" name="bus" dev="loop2" ino=1048595 res=0 errno=0
[  221.900580][ T6859] x_tables: duplicate entry at hook 2
[  221.926319][  T970] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  222.024242][ T6860] syz.2.222: attempt to access beyond end of device
[  222.024242][ T6860] loop2: rw=2049, sector=737, nr_sectors = 304 limit=128
[  222.053917][ T6862] sch_tbf: burst 21990 is lower than device lo mtu (65550) !
[  222.153906][  T970] usb 1-1: device not accepting address 5, error -71
[  222.381753][ T6864] sch_tbf: burst 21990 is lower than device lo mtu (65550) !
[  222.486172][ T6869] FAULT_INJECTION: forcing a failure.
[  222.486172][ T6869] name failslab, interval 1, probability 0, space 0, times 0
[  222.517417][ T6869] CPU: 1 PID: 6869 Comm: syz.1.220 Not tainted syzkaller #0
[  222.524818][ T6869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  222.534964][ T6869] Call Trace:
[  222.538293][ T6869]  <TASK>
[  222.541360][ T6869]  dump_stack_lvl+0x16c/0x230
[  222.546083][ T6869]  ? show_regs_print_info+0x20/0x20
[  222.551313][ T6869]  ? load_image+0x3b0/0x3b0
[  222.555888][ T6869]  ? __might_sleep+0xe0/0xe0
[  222.560516][ T6869]  ? __lock_acquire+0x7c80/0x7c80
[  222.565604][ T6869]  should_fail_ex+0x39d/0x4d0
[  222.570852][ T6869]  should_failslab+0x9/0x20
[  222.575403][ T6869]  slab_pre_alloc_hook+0x59/0x310
[  222.580498][ T6869]  ? tomoyo_encode+0x28b/0x540
[  222.585733][ T6869]  ? tomoyo_encode+0x28b/0x540
[  222.590535][ T6869]  __kmem_cache_alloc_node+0x53/0x260
[  222.595966][ T6869]  ? tomoyo_encode+0x28b/0x540
[  222.600768][ T6869]  __kmalloc+0xa4/0x240
[  222.605393][ T6869]  tomoyo_encode+0x28b/0x540
[  222.610022][ T6869]  tomoyo_realpath_from_path+0x592/0x5d0
[  222.615702][ T6869]  tomoyo_path_number_perm+0x1ea/0x590
[  222.621231][ T6869]  ? tomoyo_path_number_perm+0x1ba/0x590
[  222.626913][ T6869]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  222.632414][ T6869]  ? ksys_write+0x1c1/0x250
[  222.636976][ T6869]  ? __fget_files+0x28/0x4d0
[  222.641610][ T6869]  security_file_ioctl+0x70/0xa0
[  222.646590][ T6869]  __se_sys_ioctl+0x48/0x170
[  222.651211][ T6869]  do_syscall_64+0x55/0xb0
[  222.655656][ T6869]  ? clear_bhb_loop+0x40/0x90
[  222.660367][ T6869]  ? clear_bhb_loop+0x40/0x90
[  222.665507][ T6869]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  222.671547][ T6869] RIP: 0033:0x7f148eb8efc9
[  222.676010][ T6869] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  222.695744][ T6869] RSP: 002b:00007f148fa82038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  222.704185][ T6869] RAX: ffffffffffffffda RBX: 00007f148ede5fa0 RCX: 00007f148eb8efc9
[  222.712206][ T6869] RDX: 0000200000000000 RSI: 0000000000008946 RDI: 0000000000000003
[  222.720228][ T6869] RBP: 00007f148fa82090 R08: 0000000000000000 R09: 0000000000000000
[  222.728302][ T6869] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  222.736426][ T6869] R13: 00007f148ede6038 R14: 00007f148ede5fa0 R15: 00007ffdd390c758
[  222.744462][ T6869]  </TASK>
[  222.753975][ T6869] ERROR: Out of memory at tomoyo_realpath_from_path.
[  224.708616][ T6877] loop1: detected capacity change from 0 to 1024
[  224.769891][ T6879] loop0: detected capacity change from 0 to 1024
[  225.359502][ T6884] hfsplus: inconsistency in B*Tree (0,1,255,1,0)
[  226.197372][ T6897] FAULT_INJECTION: forcing a failure.
[  226.197372][ T6897] name failslab, interval 1, probability 0, space 0, times 0
[  226.243579][ T6897] CPU: 0 PID: 6897 Comm: syz.1.235 Not tainted syzkaller #0
[  226.250979][ T6897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  226.261183][ T6897] Call Trace:
[  226.265133][ T6897]  <TASK>
[  226.268110][ T6897]  dump_stack_lvl+0x16c/0x230
[  226.272855][ T6897]  ? show_regs_print_info+0x20/0x20
[  226.278115][ T6897]  ? load_image+0x3b0/0x3b0
[  226.282677][ T6897]  ? __might_sleep+0xe0/0xe0
[  226.287322][ T6897]  ? __lock_acquire+0x7c80/0x7c80
[  226.292495][ T6897]  should_fail_ex+0x39d/0x4d0
[  226.297234][ T6897]  should_failslab+0x9/0x20
[  226.301793][ T6897]  slab_pre_alloc_hook+0x59/0x310
[  226.306880][ T6897]  ? sock_kmalloc+0x96/0xf0
[  226.311428][ T6897]  ? sock_kmalloc+0x96/0xf0
[  226.315994][ T6897]  __kmem_cache_alloc_node+0x53/0x260
[  226.321438][ T6897]  ? sock_kmalloc+0x96/0xf0
[  226.325996][ T6897]  __kmalloc+0xa4/0x240
[  226.330288][ T6897]  sock_kmalloc+0x96/0xf0
[  226.334954][ T6897]  hash_sendmsg+0x6d7/0x1160
[  226.339596][ T6897]  ? hash_accept+0x3a0/0x3a0
[  226.344215][ T6897]  ____sys_sendmsg+0x5bf/0x950
[  226.349020][ T6897]  ? __asan_memset+0x22/0x40
[  226.353649][ T6897]  ? __sys_sendmsg_sock+0x30/0x30
[  226.358704][ T6897]  ? __import_iovec+0x5f2/0x860
[  226.363614][ T6897]  ? import_iovec+0x73/0xa0
[  226.368192][ T6897]  ___sys_sendmsg+0x220/0x290
[  226.372998][ T6897]  ? __sys_sendmsg+0x270/0x270
[  226.377811][ T6897]  ? __lock_acquire+0x7c80/0x7c80
[  226.382889][ T6897]  __se_sys_sendmsg+0x1a5/0x270
[  226.387780][ T6897]  ? __x64_sys_sendmsg+0x80/0x80
[  226.392795][ T6897]  ? lockdep_hardirqs_on+0x98/0x150
[  226.398032][ T6897]  do_syscall_64+0x55/0xb0
[  226.402483][ T6897]  ? clear_bhb_loop+0x40/0x90
[  226.407187][ T6897]  ? clear_bhb_loop+0x40/0x90
[  226.411892][ T6897]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  226.417811][ T6897] RIP: 0033:0x7f148eb8efc9
[  226.422612][ T6897] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  226.442442][ T6897] RSP: 002b:00007f148fa82038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  226.450890][ T6897] RAX: ffffffffffffffda RBX: 00007f148ede5fa0 RCX: 00007f148eb8efc9
[  226.458888][ T6897] RDX: 0000000004040044 RSI: 00002000000001c0 RDI: 0000000000000004
[  226.467057][ T6897] RBP: 00007f148fa82090 R08: 0000000000000000 R09: 0000000000000000
[  226.475307][ T6897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  226.483306][ T6897] R13: 00007f148ede6038 R14: 00007f148ede5fa0 R15: 00007ffdd390c758
[  226.491513][ T6897]  </TASK>
[  226.632839][ T6901] FAULT_INJECTION: forcing a failure.
[  226.632839][ T6901] name failslab, interval 1, probability 0, space 0, times 0
[  226.650832][ T6901] CPU: 1 PID: 6901 Comm: syz.0.238 Not tainted syzkaller #0
[  226.658316][ T6901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  226.668523][ T6901] Call Trace:
[  226.671855][ T6901]  <TASK>
[  226.674837][ T6901]  dump_stack_lvl+0x16c/0x230
[  226.679608][ T6901]  ? show_regs_print_info+0x20/0x20
[  226.684885][ T6901]  ? load_image+0x3b0/0x3b0
[  226.689494][ T6901]  ? __might_sleep+0xe0/0xe0
[  226.694144][ T6901]  ? __lock_acquire+0x7c80/0x7c80
[  226.699220][ T6901]  ? prepend_path+0x4b/0x960
[  226.703857][ T6901]  should_fail_ex+0x39d/0x4d0
[  226.708597][ T6901]  should_failslab+0x9/0x20
[  226.713168][ T6901]  slab_pre_alloc_hook+0x59/0x310
[  226.718435][ T6901]  ? __asan_memcpy+0x40/0x70
[  226.723178][ T6901]  ? tomoyo_encode+0x28b/0x540
[  226.727997][ T6901]  ? tomoyo_encode+0x28b/0x540
[  226.732809][ T6901]  __kmem_cache_alloc_node+0x53/0x260
[  226.738239][ T6901]  ? prepend_path+0x4b/0x960
[  226.743005][ T6901]  ? tomoyo_encode+0x28b/0x540
[  226.748264][ T6901]  __kmalloc+0xa4/0x240
[  226.752475][ T6901]  tomoyo_encode+0x28b/0x540
[  226.757233][ T6901]  tomoyo_realpath_from_path+0x592/0x5d0
[  226.763658][ T6901]  tomoyo_path_number_perm+0x1ea/0x590
[  226.769291][ T6901]  ? tomoyo_path_number_perm+0x1ba/0x590
[  226.775060][ T6901]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  226.780598][ T6901]  ? ksys_write+0x1c1/0x250
[  226.785191][ T6901]  ? __fget_files+0x28/0x4d0
[  226.789843][ T6901]  security_file_ioctl+0x70/0xa0
[  226.794840][ T6901]  __se_sys_ioctl+0x48/0x170
[  226.799574][ T6901]  do_syscall_64+0x55/0xb0
[  226.804052][ T6901]  ? clear_bhb_loop+0x40/0x90
[  226.808779][ T6901]  ? clear_bhb_loop+0x40/0x90
[  226.813506][ T6901]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  226.819448][ T6901] RIP: 0033:0x7f097e98efc9
[  226.823908][ T6901] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  226.843650][ T6901] RSP: 002b:00007f097f757038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  226.852112][ T6901] RAX: ffffffffffffffda RBX: 00007f097ebe5fa0 RCX: 00007f097e98efc9
[  226.860235][ T6901] RDX: 0000200000000040 RSI: 00000000c02c564a RDI: 0000000000000003
[  226.868868][ T6901] RBP: 00007f097f757090 R08: 0000000000000000 R09: 0000000000000000
[  226.877182][ T6901] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  226.882340][ T6888] loop2: detected capacity change from 0 to 32768
[  226.885315][ T6901] R13: 00007f097ebe6038 R14: 00007f097ebe5fa0 R15: 00007ffd8663f3b8
[  226.885360][ T6901]  </TASK>
[  226.973755][ T6901] ERROR: Out of memory at tomoyo_realpath_from_path.
[  227.021138][ T6888] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  227.193706][ T6888] XFS (loop2): Ending clean mount
[  228.882974][ T5105] Bluetooth: hci2: command 0x0406 tx timeout
[  228.997370][ T6928] batadv_slave_1: entered promiscuous mode
[  229.015395][ T6888] XFS (loop2): Quotacheck needed: Please wait.
[  229.179942][ T6931] loop3: detected capacity change from 0 to 512
[  229.190046][ T6928] netlink: 16 bytes leftover after parsing attributes in process `syz.1.240'.
[  229.203823][ T6888] XFS (loop2): Quotacheck: Done.
[  229.207614][ T6931] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  229.287656][ T6931] EXT4-fs (loop3): 1 truncate cleaned up
[  229.334956][ T6931] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  229.398677][ T5788] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  229.834253][ T6921] batadv_slave_1: left promiscuous mode
[  230.180589][ T6944] loop1: detected capacity change from 0 to 512
[  230.197710][ T6944] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  230.250111][ T6944] EXT4-fs (loop1): 1 truncate cleaned up
[  230.265982][ T6944] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  230.297900][   T28] audit: type=1800 audit(1761537213.459:56): pid=6944 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.245" name="file1" dev="loop1" ino=15 res=0 errno=0
[  230.395841][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.517940][ T6947] loop2: detected capacity change from 0 to 512
[  230.600665][ T6947] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  230.645699][ T6947] EXT4-fs (loop2): 1 truncate cleaned up
[  230.654604][ T6947] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  230.728185][   T28] audit: type=1800 audit(1761537213.889:57): pid=6947 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.246" name="file1" dev="loop2" ino=15 res=0 errno=0
[  230.749681][ T6947] FAULT_INJECTION: forcing a failure.
[  230.749681][ T6947] name failslab, interval 1, probability 0, space 0, times 0
[  230.799542][ T6955] netlink: 40 bytes leftover after parsing attributes in process `syz.1.247'.
[  230.801354][ T6947] CPU: 1 PID: 6947 Comm: syz.2.246 Not tainted syzkaller #0
[  230.816210][ T6947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  230.826399][ T6947] Call Trace:
[  230.829902][ T6947]  <TASK>
[  230.832875][ T6947]  dump_stack_lvl+0x16c/0x230
[  230.838138][ T6947]  ? show_regs_print_info+0x20/0x20
[  230.843438][ T6947]  ? load_image+0x3b0/0x3b0
[  230.843573][ T6955] netlink: 40 bytes leftover after parsing attributes in process `syz.1.247'.
[  230.847977][ T6947]  ? __might_sleep+0xe0/0xe0
[  230.848007][ T6947]  ? __lock_acquire+0x7c80/0x7c80
[  230.848036][ T6947]  should_fail_ex+0x39d/0x4d0
[  230.848070][ T6947]  should_failslab+0x9/0x20
[  230.877048][ T6947]  slab_pre_alloc_hook+0x59/0x310
[  230.882127][ T6947]  kmem_cache_alloc+0x5a/0x2e0
[  230.887093][ T6947]  ? ext4_mb_new_blocks+0x55a/0x4520
[  230.892492][ T6947]  ext4_mb_new_blocks+0x55a/0x4520
[  230.897648][ T6947]  ? ext4_get_branch+0x5c2/0x730
[  230.902788][ T6947]  ? ext4_mb_release_inode_pa+0xa10/0xa10
[  230.908642][ T6947]  ext4_ind_map_blocks+0xdf6/0x20d0
[  230.913911][ T6947]  ? get_orlov_stats+0x4c0/0x4c0
[  230.919260][ T6947]  ? down_read_killable+0x340/0x340
[  230.924578][ T6947]  ext4_map_blocks+0x974/0x1b70
[  230.929497][ T6947]  ? ext4_issue_zeroout+0x250/0x250
[  230.934738][ T6947]  ? folio_create_empty_buffers+0x540/0x730
[  230.940693][ T6947]  _ext4_get_block+0x200/0x4c0
[  230.945762][ T6947]  ? ext4_get_block+0x40/0x40
[  230.950474][ T6947]  ? folio_create_empty_buffers+0x540/0x730
[  230.956427][ T6947]  __block_write_begin_int+0x566/0x1ad0
[  230.962035][ T6947]  ? __brelse+0x59/0x90
[  230.966257][ T6947]  ? ext4_es_is_delayed+0x40/0x40
[  230.971311][ T6947]  ? folio_zero_new_buffers+0x550/0x550
[  230.976926][ T6947]  ? __block_write_begin+0x64/0x150
[  230.982254][ T6947]  ext4_try_to_write_inline_data+0x7f4/0x12e0
[  230.988380][ T6947]  ? folio_zero_segment+0x2c0/0x2c0
[  230.993627][ T6947]  ? ext4_inode_journal_mode+0x193/0x470
[  230.999308][ T6947]  ? ext4_writepage_trans_blocks+0x29b/0x310
[  231.005604][ T6947]  ext4_write_begin+0x254/0x1060
[  231.010858][ T6947]  ? print_unlock_imbalance_bug+0x160/0x160
[  231.017153][ T6947]  ? ext4_readahead+0x110/0x110
[  231.022033][ T6947]  ? fault_in_readable+0xef/0x160
[  231.027085][ T6947]  ? fault_in_iov_iter_readable+0xbf/0x2e0
[  231.033019][ T6947]  generic_perform_write+0x2fb/0x5b0
[  231.038968][ T6947]  ? generic_file_direct_write+0x3e0/0x3e0
[  231.045249][ T6947]  ? file_modified_flags+0x277/0x2b0
[  231.050575][ T6947]  ? ext4_write_checks+0x24d/0x2c0
[  231.055717][ T6947]  ext4_buffered_write_iter+0xcc/0x350
[  231.061248][ T6947]  ext4_file_write_iter+0x1d9/0x1870
[  231.066777][ T6947]  ? ext4_file_read_iter+0x670/0x670
[  231.072124][ T6947]  vfs_write+0x43b/0x940
[  231.076413][ T6947]  ? file_end_write+0x250/0x250
[  231.081307][ T6947]  ? __fget_files+0x44a/0x4d0
[  231.086118][ T6947]  ? __fdget+0x180/0x210
[  231.090445][ T6947]  ? __x64_sys_pwrite64+0xf0/0x220
[  231.095605][ T6947]  __x64_sys_pwrite64+0x195/0x220
[  231.100850][ T6947]  ? ksys_pwrite64+0x1c0/0x1c0
[  231.105696][ T6947]  ? lockdep_hardirqs_on+0x98/0x150
[  231.110931][ T6947]  do_syscall_64+0x55/0xb0
[  231.115376][ T6947]  ? clear_bhb_loop+0x40/0x90
[  231.120190][ T6947]  ? clear_bhb_loop+0x40/0x90
[  231.125349][ T6947]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  231.131272][ T6947] RIP: 0033:0x7fbd9618efc9
[  231.135715][ T6947] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  231.155759][ T6947] RSP: 002b:00007fbd97013038 EFLAGS: 00000246 ORIG_RAX: 0000000000000012
[  231.164207][ T6947] RAX: ffffffffffffffda RBX: 00007fbd963e5fa0 RCX: 00007fbd9618efc9
[  231.172284][ T6947] RDX: 0000000000000005 RSI: 0000200000000000 RDI: 0000000000000004
[  231.180276][ T6947] RBP: 00007fbd97013090 R08: 0000000000000000 R09: 0000000000000000
[  231.188551][ T6947] R10: 0000000404042ffc R11: 0000000000000246 R12: 0000000000000001
[  231.196583][ T6947] R13: 00007fbd963e6038 R14: 00007fbd963e5fa0 R15: 00007fffcb13a638
[  231.204832][ T6947]  </TASK>
[  231.243949][ T6955] netlink: 40 bytes leftover after parsing attributes in process `syz.1.247'.
[  231.300060][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  231.321905][ T5788] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  233.383567][   T27] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  233.456918][ T6964] FAULT_INJECTION: forcing a failure.
[  233.456918][ T6964] name failslab, interval 1, probability 0, space 0, times 0
[  233.470178][ T6964] CPU: 0 PID: 6964 Comm: syz.0.249 Not tainted syzkaller #0
[  233.477538][ T6964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  233.488869][ T6964] Call Trace:
[  233.492275][ T6964]  <TASK>
[  233.495260][ T6964]  dump_stack_lvl+0x16c/0x230
[  233.500085][ T6964]  ? show_regs_print_info+0x20/0x20
[  233.505525][ T6964]  ? load_image+0x3b0/0x3b0
[  233.510165][ T6964]  ? __might_sleep+0xe0/0xe0
[  233.514815][ T6964]  ? __lock_acquire+0x7c80/0x7c80
[  233.519898][ T6964]  should_fail_ex+0x39d/0x4d0
[  233.525787][ T6964]  should_failslab+0x9/0x20
[  233.530534][ T6964]  slab_pre_alloc_hook+0x59/0x310
[  233.535632][ T6964]  ? tomoyo_encode+0x28b/0x540
[  233.540457][ T6964]  ? tomoyo_encode+0x28b/0x540
[  233.545308][ T6964]  __kmem_cache_alloc_node+0x53/0x260
[  233.551568][ T6964]  ? tomoyo_encode+0x28b/0x540
[  233.556395][ T6964]  __kmalloc+0xa4/0x240
[  233.560751][ T6964]  tomoyo_encode+0x28b/0x540
[  233.565695][ T6964]  tomoyo_realpath_from_path+0x592/0x5d0
[  233.571507][ T6964]  tomoyo_path_number_perm+0x1ea/0x590
[  233.577903][ T6964]  ? tomoyo_path_number_perm+0x1ba/0x590
[  233.583683][ T6964]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  233.589414][ T6964]  ? ksys_write+0x1c1/0x250
[  233.594113][ T6964]  ? __fget_files+0x28/0x4d0
[  233.598779][ T6964]  security_file_ioctl+0x70/0xa0
[  233.603830][ T6964]  __se_sys_ioctl+0x48/0x170
[  233.609032][ T6964]  do_syscall_64+0x55/0xb0
[  233.613520][ T6964]  ? clear_bhb_loop+0x40/0x90
[  233.618258][ T6964]  ? clear_bhb_loop+0x40/0x90
[  233.623967][ T6964]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  233.629924][ T6964] RIP: 0033:0x7f097e98efc9
[  233.630826][   T27] usb 3-1: Using ep0 maxpacket: 32
[  233.635055][ T6964] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  233.635077][ T6964] RSP: 002b:00007f097cbf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  233.635107][ T6964] RAX: ffffffffffffffda RBX: 00007f097ebe6090 RCX: 00007f097e98efc9
[  233.635122][ T6964] RDX: 0000200000000080 RSI: 00000000c020aa07 RDI: 0000000000000007
[  233.635134][ T6964] RBP: 00007f097cbf6090 R08: 0000000000000000 R09: 0000000000000000
[  233.635146][ T6964] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  233.635158][ T6964] R13: 00007f097ebe6128 R14: 00007f097ebe6090 R15: 00007ffd8663f3b8
[  233.635192][ T6964]  </TASK>
[  233.720098][ T6964] ERROR: Out of memory at tomoyo_realpath_from_path.
[  233.862416][ T6969] loop1: detected capacity change from 0 to 1024
[  233.867815][   T27] usb 3-1: New USB device found, idVendor=0557, idProduct=7820, bcdDevice=a6.2f
[  233.883720][ T6969] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities
[  233.893506][   T27] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  233.902993][   T27] usb 3-1: Product: syz
[  233.948746][   T27] usb 3-1: Manufacturer: syz
[  233.953982][   T27] usb 3-1: SerialNumber: syz
[  234.139395][   T27] mos7840 3-1:128.0: required endpoints missing
[  234.261674][ T6971] ALSA: seq fatal error: cannot create timer (-22)
[  235.820979][    T9] usb 3-1: USB disconnect, device number 7
[  235.954648][ T6976] loop0: detected capacity change from 0 to 512
[  236.044151][ T6976] EXT4-fs: Ignoring removed oldalloc option
[  236.131911][ T6976] EXT4-fs error (device loop0): ext4_xattr_inode_iget:440: comm syz.0.254: Parent and EA inode have the same ino 15
[  237.407870][ T6976] EXT4-fs error (device loop0): ext4_xattr_inode_iget:440: comm syz.0.254: Parent and EA inode have the same ino 15
[  237.454007][ T6976] EXT4-fs (loop0): 1 orphan inode deleted
[  237.461213][ T6976] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  237.631814][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.644132][    T9] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  237.789619][ T6990] FAULT_INJECTION: forcing a failure.
[  237.789619][ T6990] name failslab, interval 1, probability 0, space 0, times 0
[  237.811839][ T6990] CPU: 0 PID: 6990 Comm: syz.1.258 Not tainted syzkaller #0
[  237.819235][ T6990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  237.829358][ T6990] Call Trace:
[  237.832687][ T6990]  <TASK>
[  237.835663][ T6990]  dump_stack_lvl+0x16c/0x230
[  237.840406][ T6990]  ? show_regs_print_info+0x20/0x20
[  237.845704][ T6990]  ? load_image+0x3b0/0x3b0
[  237.850262][ T6990]  ? __might_sleep+0xe0/0xe0
[  237.854905][ T6990]  ? __lock_acquire+0x7c80/0x7c80
[  237.859984][ T6990]  ? prepend_path+0x4b/0x960
[  237.864788][ T6990]  should_fail_ex+0x39d/0x4d0
[  237.869637][ T6990]  should_failslab+0x9/0x20
[  237.874489][ T6990]  slab_pre_alloc_hook+0x59/0x310
[  237.879790][ T6990]  ? __asan_memcpy+0x40/0x70
[  237.884459][ T6990]  ? tomoyo_encode+0x28b/0x540
[  237.890161][ T6990]  ? tomoyo_encode+0x28b/0x540
[  237.895012][ T6990]  __kmem_cache_alloc_node+0x53/0x260
[  237.900455][ T6990]  ? prepend_path+0x4b/0x960
[  237.905203][ T6990]  ? tomoyo_encode+0x28b/0x540
[  237.910046][ T6990]  __kmalloc+0xa4/0x240
[  237.914279][ T6990]  tomoyo_encode+0x28b/0x540
[  237.919158][ T6990]  tomoyo_realpath_from_path+0x592/0x5d0
[  237.924888][ T6990]  tomoyo_path_number_perm+0x1ea/0x590
[  237.930429][ T6990]  ? tomoyo_path_number_perm+0x1ba/0x590
[  237.936141][ T6990]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  237.941685][ T6990]  ? ksys_write+0x1c1/0x250
[  237.946746][ T6990]  ? __fget_files+0x28/0x4d0
[  237.951408][ T6990]  security_file_ioctl+0x70/0xa0
[  237.956593][ T6990]  __se_sys_ioctl+0x48/0x170
[  237.961242][ T6990]  do_syscall_64+0x55/0xb0
[  237.965717][ T6990]  ? clear_bhb_loop+0x40/0x90
[  237.970599][ T6990]  ? clear_bhb_loop+0x40/0x90
[  237.975351][ T6990]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  237.981491][ T6990] RIP: 0033:0x7f148eb8efc9
[  237.985963][ T6990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  238.005637][ T6990] RSP: 002b:00007f148fa82038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  238.014138][ T6990] RAX: ffffffffffffffda RBX: 00007f148ede5fa0 RCX: 00007f148eb8efc9
[  238.022180][ T6990] RDX: 0000200000000300 RSI: 000000004004743a RDI: 0000000000000005
[  238.030211][ T6990] RBP: 00007f148fa82090 R08: 0000000000000000 R09: 0000000000000000
[  238.038294][ T6990] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  238.046317][ T6990] R13: 00007f148ede6038 R14: 00007f148ede5fa0 R15: 00007ffdd390c758
[  238.054629][ T6990]  </TASK>
[  238.064888][ T6990] ERROR: Out of memory at tomoyo_realpath_from_path.
[  238.083526][    T9] usb 3-1: Using ep0 maxpacket: 16
[  238.091082][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  238.102986][    T9] usb 3-1: New USB device found, idVendor=04d8, idProduct=00df, bcdDevice= 0.00
[  238.131697][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  238.163036][    T9] usb 3-1: config 0 descriptor??
[  238.416984][    T9] usbhid 3-1:0.0: can't add hid device: -71
[  238.429006][    T9] usbhid: probe of 3-1:0.0 failed with error -71
[  238.453188][    T9] usb 3-1: USB disconnect, device number 8
[  238.643861][ T7009] loop2: detected capacity change from 0 to 64
[  238.710197][ T7009] FAULT_INJECTION: forcing a failure.
[  238.710197][ T7009] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  238.747881][ T7009] CPU: 1 PID: 7009 Comm: syz.2.261 Not tainted syzkaller #0
[  238.755276][ T7009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  238.765396][ T7009] Call Trace:
[  238.768753][ T7009]  <TASK>
[  238.771817][ T7009]  dump_stack_lvl+0x16c/0x230
[  238.776568][ T7009]  ? show_regs_print_info+0x20/0x20
[  238.781927][ T7009]  ? load_image+0x3b0/0x3b0
[  238.786614][ T7009]  ? __might_fault+0xaa/0x120
[  238.791351][ T7009]  ? __lock_acquire+0x7c80/0x7c80
[  238.796449][ T7009]  should_fail_ex+0x39d/0x4d0
[  238.801207][ T7009]  strncpy_from_user+0x36/0x2e0
[  238.806139][ T7009]  getname_flags+0xf6/0x500
[  238.810719][ T7009]  __x64_sys_rename+0x5f/0x90
[  238.815494][ T7009]  do_syscall_64+0x55/0xb0
[  238.819962][ T7009]  ? clear_bhb_loop+0x40/0x90
[  238.825300][ T7009]  ? clear_bhb_loop+0x40/0x90
[  238.830716][ T7009]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  238.836849][ T7009] RIP: 0033:0x7fbd9618efc9
[  238.841826][ T7009] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  238.861807][ T7009] RSP: 002b:00007fbd97013038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[  238.870799][ T7009] RAX: ffffffffffffffda RBX: 00007fbd963e5fa0 RCX: 00007fbd9618efc9
[  238.878832][ T7009] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000200000000100
[  238.887903][ T7009] RBP: 00007fbd97013090 R08: 0000000000000000 R09: 0000000000000000
[  238.896101][ T7009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  238.904410][ T7009] R13: 00007fbd963e6038 R14: 00007fbd963e5fa0 R15: 00007fffcb13a638
[  238.912535][ T7009]  </TASK>
[  240.670522][ T7020] loop0: detected capacity change from 0 to 1024
[  240.822657][ T7020] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  241.040233][ T7027] fuse: Bad value for 'fd'
[  241.691502][ T7034] FAULT_INJECTION: forcing a failure.
[  241.691502][ T7034] name failslab, interval 1, probability 0, space 0, times 0
[  241.769594][ T7034] CPU: 0 PID: 7034 Comm: syz.2.269 Not tainted syzkaller #0
[  241.776991][ T7034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  241.787445][ T7034] Call Trace:
[  241.790764][ T7034]  <TASK>
[  241.793744][ T7034]  dump_stack_lvl+0x16c/0x230
[  241.798506][ T7034]  ? show_regs_print_info+0x20/0x20
[  241.803757][ T7034]  ? load_image+0x3b0/0x3b0
[  241.808312][ T7034]  ? __lock_acquire+0x7c80/0x7c80
[  241.813392][ T7034]  should_fail_ex+0x39d/0x4d0
[  241.818160][ T7034]  should_failslab+0x9/0x20
[  241.822738][ T7034]  slab_pre_alloc_hook+0x59/0x310
[  241.827862][ T7034]  ? vmemdup_user+0x49/0x1e0
[  241.832622][ T7034]  ? vmemdup_user+0x49/0x1e0
[  241.837489][ T7034]  __kmem_cache_alloc_node+0x53/0x260
[  241.843051][ T7034]  ? vmemdup_user+0x49/0x1e0
[  241.847725][ T7034]  __kmalloc_node+0xa4/0x230
[  241.852392][ T7034]  vmemdup_user+0x49/0x1e0
[  241.856874][ T7034]  map_lookup_elem+0x276/0x7c0
[  241.861739][ T7034]  ? __might_fault+0xaa/0x120
[  241.866517][ T7034]  ? security_bpf+0x7e/0xa0
[  241.871088][ T7034]  __sys_bpf+0x3dc/0x800
[  241.875383][ T7034]  ? bpf_link_show_fdinfo+0x350/0x350
[  241.880822][ T7034]  ? lock_chain_count+0x20/0x20
[  241.885729][ T7034]  __x64_sys_bpf+0x7c/0x90
[  241.890206][ T7034]  do_syscall_64+0x55/0xb0
[  241.894739][ T7034]  ? clear_bhb_loop+0x40/0x90
[  241.899482][ T7034]  ? clear_bhb_loop+0x40/0x90
[  241.904218][ T7034]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  241.910268][ T7034] RIP: 0033:0x7fbd9618efc9
[  241.914729][ T7034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  241.934470][ T7034] RSP: 002b:00007fbd97013038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  241.942936][ T7034] RAX: ffffffffffffffda RBX: 00007fbd963e5fa0 RCX: 00007fbd9618efc9
[  241.951104][ T7034] RDX: 0000000000000020 RSI: 0000200000000640 RDI: 0000000000000001
[  241.959224][ T7034] RBP: 00007fbd97013090 R08: 0000000000000000 R09: 0000000000000000
[  241.967249][ T7034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  241.975996][ T7034] R13: 00007fbd963e6038 R14: 00007fbd963e5fa0 R15: 00007fffcb13a638
[  241.984391][ T7034]  </TASK>
[  241.987501][    C0] vkms_vblank_simulate: vblank timer overrun
[  242.455569][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  242.842857][ T7044] FAULT_INJECTION: forcing a failure.
[  242.842857][ T7044] name failslab, interval 1, probability 0, space 0, times 0
[  242.856536][ T7044] CPU: 1 PID: 7044 Comm: syz.1.273 Not tainted syzkaller #0
[  242.864155][ T7044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  242.874523][ T7044] Call Trace:
[  242.877845][ T7044]  <TASK>
[  242.880908][ T7044]  dump_stack_lvl+0x16c/0x230
[  242.885906][ T7044]  ? show_regs_print_info+0x20/0x20
[  242.891148][ T7044]  ? load_image+0x3b0/0x3b0
[  242.895783][ T7044]  ? __might_sleep+0xe0/0xe0
[  242.900413][ T7044]  ? __lock_acquire+0x7c80/0x7c80
[  242.905476][ T7044]  ? percpu_counter_add_batch+0x1d9/0x280
[  242.911471][ T7044]  should_fail_ex+0x39d/0x4d0
[  242.916244][ T7044]  should_failslab+0x9/0x20
[  242.921093][ T7044]  slab_pre_alloc_hook+0x59/0x310
[  242.926207][ T7044]  ? mark_lock+0x94/0x320
[  242.930645][ T7044]  kmem_cache_alloc+0x5a/0x2e0
[  242.935491][ T7044]  ? ep_insert+0x263/0x1a90
[  242.940145][ T7044]  ep_insert+0x263/0x1a90
[  242.944639][ T7044]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  242.950669][ T7044]  ? trace_irq_disable+0x37/0xe0
[  242.955688][ T7044]  ? lock_chain_count+0x20/0x20
[  242.960577][ T7044]  ? lockdep_hardirqs_on+0x98/0x150
[  242.965826][ T7044]  ? ep_loop_check+0x1b0/0x1b0
[  242.970640][ T7044]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  242.976315][ T7044]  ? lockdep_hardirqs_on+0x98/0x150
[  242.981646][ T7044]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  242.987334][ T7044]  do_epoll_ctl+0x8ab/0xf60
[  242.991907][ T7044]  __x64_sys_epoll_ctl+0x164/0x1a0
[  242.997084][ T7044]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  243.002765][ T7044]  ? ep_modify+0xa20/0xa20
[  243.007240][ T7044]  do_syscall_64+0x55/0xb0
[  243.011701][ T7044]  ? clear_bhb_loop+0x40/0x90
[  243.016417][ T7044]  ? clear_bhb_loop+0x40/0x90
[  243.021143][ T7044]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  243.027079][ T7044] RIP: 0033:0x7f148eb8efc9
[  243.031530][ T7044] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  243.051268][ T7044] RSP: 002b:00007f148fa40038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  243.059727][ T7044] RAX: ffffffffffffffda RBX: 00007f148ede6180 RCX: 00007f148eb8efc9
[  243.067742][ T7044] RDX: 0000000000000009 RSI: 0000000000000001 RDI: 000000000000000b
[  243.075757][ T7044] RBP: 00007f148fa40090 R08: 0000000000000000 R09: 0000000000000000
[  243.083768][ T7044] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  243.091779][ T7044] R13: 00007f148ede6218 R14: 00007f148ede6180 R15: 00007ffdd390c758
[  243.099816][ T7044]  </TASK>
[  243.363818][ T7046] loop3: detected capacity change from 0 to 1024
[  243.457794][ T7046] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  243.557763][ T7040] loop2: detected capacity change from 0 to 32768
[  243.593842][ T7040] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.271 (7040)
[  243.919180][ T7040] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  245.758908][ T7040] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  245.896296][ T7040] BTRFS info (device loop2): turning off barriers
[  246.015927][ T7040] BTRFS info (device loop2): setting nodatasum
[  246.022215][ T7040] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  246.063634][ T7040] BTRFS info (device loop2): use zstd compression, level 3
[  246.346443][ T7040] BTRFS info (device loop2): using free space tree
[  246.494145][ T7040] workqueue: Failed to create a rescuer kthread for wq "btrfs-worker": -EINTR
[  246.504154][ T7040] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR
[  246.571974][ T7040] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR
[  246.651155][ T7040] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR
[  246.660917][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  246.713500][ T7040] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  246.714218][ T7040] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[  246.774243][ T7040] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  246.800753][ T7040] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  246.855377][ T7040] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  246.911888][ T7040] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  246.954150][ T7040] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  247.035441][ T7040] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  247.084827][ T7040] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  247.241988][ T7040] BTRFS error (device loop2): open_ctree failed: -12
[  247.304607][ T5800] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by udevd (5800)
[  248.272388][ T7090] FAULT_INJECTION: forcing a failure.
[  248.272388][ T7090] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  248.343753][ T7090] CPU: 1 PID: 7090 Comm: syz.0.280 Not tainted syzkaller #0
[  248.351835][ T7090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  248.362428][ T7090] Call Trace:
[  248.365789][ T7090]  <TASK>
[  248.368859][ T7090]  dump_stack_lvl+0x16c/0x230
[  248.373682][ T7090]  ? show_regs_print_info+0x20/0x20
[  248.379288][ T7090]  ? load_image+0x3b0/0x3b0
[  248.384548][ T7090]  ? __lock_acquire+0x7c80/0x7c80
[  248.389630][ T7090]  should_fail_ex+0x39d/0x4d0
[  248.394468][ T7090]  _copy_from_user+0x2f/0xe0
[  248.399232][ T7090]  __copy_msghdr+0x3bb/0x580
[  248.404536][ T7090]  ___sys_sendmsg+0x1a6/0x290
[  248.409571][ T7090]  ? __sys_sendmsg+0x270/0x270
[  248.414448][ T7090]  ? __lock_acquire+0x7c80/0x7c80
[  248.420354][ T7090]  __se_sys_sendmsg+0x1a5/0x270
[  248.425297][ T7090]  ? __x64_sys_sendmsg+0x80/0x80
[  248.430385][ T7090]  ? lockdep_hardirqs_on+0x98/0x150
[  248.435636][ T7090]  do_syscall_64+0x55/0xb0
[  248.440287][ T7090]  ? clear_bhb_loop+0x40/0x90
[  248.445025][ T7090]  ? clear_bhb_loop+0x40/0x90
[  248.449776][ T7090]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  248.455813][ T7090] RIP: 0033:0x7f097e98efc9
[  248.460278][ T7090] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  248.481001][ T7090] RSP: 002b:00007f097f757038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  248.490167][ T7090] RAX: ffffffffffffffda RBX: 00007f097ebe5fa0 RCX: 00007f097e98efc9
[  248.498421][ T7090] RDX: 0000000000000800 RSI: 00002000000000c0 RDI: 0000000000000003
[  248.507061][ T7090] RBP: 00007f097f757090 R08: 0000000000000000 R09: 0000000000000000
[  248.515691][ T7090] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  248.523974][ T7090] R13: 00007f097ebe6038 R14: 00007f097ebe5fa0 R15: 00007ffd8663f3b8
[  248.532019][ T7090]  </TASK>
[  248.615475][ T7093] loop3: detected capacity change from 0 to 1024
[  248.746825][ T5792] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  248.983549][ T7095] binder: 7094:7095 ioctl c0306201 2000000001c0 returned -14
[  249.819838][  T789] usb 3-1: new full-speed USB device number 9 using dummy_hcd
[  250.055765][ T7115] FAULT_INJECTION: forcing a failure.
[  250.055765][ T7115] name failslab, interval 1, probability 0, space 0, times 0
[  250.059559][ T7110] loop0: detected capacity change from 0 to 1024
[  250.084766][ T7115] CPU: 1 PID: 7115 Comm: syz.3.288 Not tainted syzkaller #0
[  250.085202][  T789] usb 3-1: config 1 has an invalid interface number: 105 but max is 0
[  250.092309][ T7115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  250.092330][ T7115] Call Trace:
[  250.092341][ T7115]  <TASK>
[  250.092351][ T7115]  dump_stack_lvl+0x16c/0x230
[  250.092387][ T7115]  ? show_regs_print_info+0x20/0x20
[  250.092413][ T7115]  ? load_image+0x3b0/0x3b0
[  250.092441][ T7115]  ? __might_sleep+0xe0/0xe0
[  250.092466][ T7115]  ? __lock_acquire+0x7c80/0x7c80
[  250.092487][ T7115]  ? mark_lock+0x94/0x320
[  250.092513][ T7115]  should_fail_ex+0x39d/0x4d0
[  250.092546][ T7115]  should_failslab+0x9/0x20
[  250.092574][ T7115]  slab_pre_alloc_hook+0x59/0x310
[  250.092604][ T7115]  ? __get_vm_area_node+0x125/0x370
[  250.092630][ T7115]  __kmem_cache_alloc_node+0x53/0x260
[  250.092661][ T7115]  ? __get_vm_area_node+0x125/0x370
[  250.092687][ T7115]  kmalloc_node_trace+0x26/0xe0
[  250.092718][ T7115]  __get_vm_area_node+0x125/0x370
[  250.092750][ T7115]  __vmalloc_node_range+0x36e/0x1320
[  250.092777][ T7115]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  250.114601][ T7110] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities
[  250.114644][ T7115]  ? mark_lock+0x94/0x320
[  250.212358][ T7115]  ? __lock_acquire+0x1334/0x7c80
[  250.217413][ T7115]  ? verify_lock_unused+0x140/0x140
[  250.222641][ T7115]  ? free_vm_area+0x50/0x50
[  250.227256][ T7115]  ? end_current_label_crit_section+0x170/0x170
[  250.233613][ T7115]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  250.239294][ T7115]  __vmalloc+0x7a/0x90
[  250.243399][ T7115]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  250.248975][ T7115]  bpf_prog_alloc_no_stats+0x47/0x440
[  250.254395][ T7115]  ? bpf_prog_alloc+0x2b/0x1b0
[  250.259221][ T7115]  bpf_prog_alloc+0x3d/0x1b0
[  250.263879][ T7115]  bpf_prog_load+0x6b8/0x16d0
[  250.268614][ T7115]  ? map_freeze+0x420/0x420
[  250.273226][ T7115]  ? __might_fault+0xaa/0x120
[  250.277925][ T7115]  ? __lock_acquire+0x7c80/0x7c80
[  250.282991][ T7115]  ? file_end_write+0x159/0x250
[  250.287868][ T7115]  ? __might_fault+0xaa/0x120
[  250.292584][ T7115]  ? __might_fault+0xc6/0x120
[  250.297320][ T7115]  ? __might_fault+0xaa/0x120
[  250.302018][ T7115]  ? bpf_lsm_bpf+0x9/0x10
[  250.306379][ T7115]  ? security_bpf+0x7e/0xa0
[  250.310904][ T7115]  __sys_bpf+0x55a/0x800
[  250.315168][ T7115]  ? bpf_link_show_fdinfo+0x350/0x350
[  250.320571][ T7115]  ? lock_chain_count+0x20/0x20
[  250.325804][ T7115]  __x64_sys_bpf+0x7c/0x90
[  250.330241][ T7115]  do_syscall_64+0x55/0xb0
[  250.334689][ T7115]  ? clear_bhb_loop+0x40/0x90
[  250.339394][ T7115]  ? clear_bhb_loop+0x40/0x90
[  250.344106][ T7115]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  250.350071][ T7115] RIP: 0033:0x7fc138b8efc9
[  250.354516][ T7115] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  250.374256][ T7115] RSP: 002b:00007fc13996f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  250.382691][ T7115] RAX: ffffffffffffffda RBX: 00007fc138de5fa0 RCX: 00007fc138b8efc9
[  250.390686][ T7115] RDX: 0000000000000094 RSI: 0000200000000140 RDI: 0000000000000005
[  250.398684][ T7115] RBP: 00007fc13996f090 R08: 0000000000000000 R09: 0000000000000000
[  250.406686][ T7115] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  250.414782][ T7115] R13: 00007fc138de6038 R14: 00007fc138de5fa0 R15: 00007ffdfce87448
[  250.423019][ T7115]  </TASK>
[  250.427152][  T789] usb 3-1: config 1 has no interface number 0
[  250.444123][  T789] usb 3-1: config 1 interface 105 has no altsetting 0
[  250.481556][  T789] usb 3-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=31.6d
[  250.514952][ T7115] syz.3.288: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=syz3,mems_allowed=0-1
[  250.532907][  T789] usb 3-1: New USB device strings: Mfr=107, Product=102, SerialNumber=146
[  250.547473][  T789] usb 3-1: Product: syz
[  250.551755][  T789] usb 3-1: Manufacturer: syz
[  250.707783][ T7115] CPU: 1 PID: 7115 Comm: syz.3.288 Not tainted syzkaller #0
[  250.715269][ T7115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  250.725377][ T7115] Call Trace:
[  250.728722][ T7115]  <TASK>
[  250.731765][ T7115]  dump_stack_lvl+0x16c/0x230
[  250.736585][ T7115]  ? show_regs_print_info+0x20/0x20
[  250.741860][ T7115]  ? load_image+0x3b0/0x3b0
[  250.746394][ T7115]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  250.753052][ T7115]  ? cpuset_print_current_mems_allowed+0x2e3/0x360
[  250.759603][ T7115]  warn_alloc+0x210/0x300
[  250.763979][ T7115]  ? __get_vm_area_node+0x125/0x370
[  250.769313][ T7115]  ? zone_watermark_ok_safe+0x230/0x230
[  250.774903][ T7115]  ? rcu_is_watching+0x15/0xb0
[  250.779860][ T7115]  ? __get_vm_area_node+0x356/0x370
[  250.785279][ T7115]  __vmalloc_node_range+0x393/0x1320
[  250.790601][ T7115]  ? mark_lock+0x94/0x320
[  250.795070][ T7115]  ? __lock_acquire+0x1334/0x7c80
[  250.800521][ T7115]  ? verify_lock_unused+0x140/0x140
[  250.805795][ T7115]  ? free_vm_area+0x50/0x50
[  250.810346][ T7115]  ? end_current_label_crit_section+0x170/0x170
[  250.816621][ T7115]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  250.822209][ T7115]  __vmalloc+0x7a/0x90
[  250.826312][ T7115]  ? bpf_prog_alloc_no_stats+0x47/0x440
[  250.831891][ T7115]  bpf_prog_alloc_no_stats+0x47/0x440
[  250.837286][ T7115]  ? bpf_prog_alloc+0x2b/0x1b0
[  250.842079][ T7115]  bpf_prog_alloc+0x3d/0x1b0
[  250.846807][ T7115]  bpf_prog_load+0x6b8/0x16d0
[  250.851517][ T7115]  ? map_freeze+0x420/0x420
[  250.856054][ T7115]  ? __might_fault+0xaa/0x120
[  250.860762][ T7115]  ? __lock_acquire+0x7c80/0x7c80
[  250.865916][ T7115]  ? file_end_write+0x159/0x250
[  250.870825][ T7115]  ? __might_fault+0xaa/0x120
[  250.875561][ T7115]  ? __might_fault+0xc6/0x120
[  250.880283][ T7115]  ? __might_fault+0xaa/0x120
[  250.885037][ T7115]  ? bpf_lsm_bpf+0x9/0x10
[  250.889402][ T7115]  ? security_bpf+0x7e/0xa0
[  250.893934][ T7115]  __sys_bpf+0x55a/0x800
[  250.898212][ T7115]  ? bpf_link_show_fdinfo+0x350/0x350
[  250.903694][ T7115]  ? lock_chain_count+0x20/0x20
[  250.909019][ T7115]  __x64_sys_bpf+0x7c/0x90
[  250.913502][ T7115]  do_syscall_64+0x55/0xb0
[  250.917959][ T7115]  ? clear_bhb_loop+0x40/0x90
[  250.922651][ T7115]  ? clear_bhb_loop+0x40/0x90
[  250.927452][ T7115]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  250.933409][ T7115] RIP: 0033:0x7fc138b8efc9
[  250.937883][ T7115] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  250.957533][ T7115] RSP: 002b:00007fc13996f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  250.965982][ T7115] RAX: ffffffffffffffda RBX: 00007fc138de5fa0 RCX: 00007fc138b8efc9
[  250.974233][ T7115] RDX: 0000000000000094 RSI: 0000200000000140 RDI: 0000000000000005
[  250.982220][ T7115] RBP: 00007fc13996f090 R08: 0000000000000000 R09: 0000000000000000
[  250.990226][ T7115] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  250.998320][ T7115] R13: 00007fc138de6038 R14: 00007fc138de5fa0 R15: 00007ffdfce87448
[  251.006326][ T7115]  </TASK>
[  251.012035][  T789] usb 3-1: SerialNumber: syz
[  251.061188][ T7115] Mem-Info:
[  251.088217][ T7115] active_anon:8676 inactive_anon:0 isolated_anon:0
[  251.088217][ T7115]  active_file:19140 inactive_file:40193 isolated_file:0
[  251.088217][ T7115]  unevictable:768 dirty:474 writeback:0
[  251.088217][ T7115]  slab_reclaimable:10899 slab_unreclaimable:91312
[  251.088217][ T7115]  mapped:28602 shmem:4214 pagetables:603
[  251.088217][ T7115]  sec_pagetables:0 bounce:0
[  251.088217][ T7115]  kernel_misc_reclaimable:0
[  251.088217][ T7115]  free:1347823 free_pcp:6332 free_cma:0
[  251.146348][ T7115] Node 0 active_anon:34704kB inactive_anon:0kB active_file:76560kB inactive_file:160572kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:114408kB dirty:1892kB writeback:0kB shmem:15320kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11456kB pagetables:2412kB sec_pagetables:0kB all_unreclaimable? no
[  251.179112][    C0] vkms_vblank_simulate: vblank timer overrun
[  251.328296][ T7115] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  251.360065][ T7115] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  251.433520][ T7115] lowmem_reserve[]: 0 2525 2526 2526 2526
[  251.439628][ T7115] Node 0 DMA32 free:1481304kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:23856kB inactive_anon:0kB active_file:76560kB inactive_file:159256kB unevictable:1536kB writepending:292kB present:3129332kB managed:2589600kB mlocked:0kB bounce:0kB free_pcp:19316kB local_pcp:16896kB free_cma:0kB
[  251.470358][    C0] vkms_vblank_simulate: vblank timer overrun
[  251.516702][ T7115] lowmem_reserve[]: 0 0 1 1 1
[  251.521651][ T7115] Node 0 Normal free:8kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1324kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  251.548889][    C0] vkms_vblank_simulate: vblank timer overrun
[  251.596640][ T7115] lowmem_reserve[]: 0 0 0 0 0
[  251.601920][ T7131] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  251.622464][ T7115] Node 1 Normal free:3894396kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:4kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:17472kB local_pcp:8256kB free_cma:0kB
[  251.652357][    C0] vkms_vblank_simulate: vblank timer overrun
[  251.684204][ T7115] lowmem_reserve[]: 0 0 0 0 0
[  251.689092][ T7115] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  251.722240][ T7115] Node 0 DMA32: 717*4kB (UME) 1653*8kB (UME) 620*16kB (UME) 610*32kB (UME) 366*64kB (UME) 45*128kB (UME) 34*256kB (UME) 45*512kB (UME) 22*1024kB (UM) 10*2048kB (UM) 324*4096kB (M) = 1476572kB
[  251.772968][ T7115] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
[  251.790033][ T7115] Node 1 Normal: 237*4kB (U) 47*8kB (UE) 37*16kB (UE) 94*32kB (UE) 31*64kB (UME) 7*128kB (UM) 2*256kB (UE) 2*512kB (UM) 2*1024kB (UE) 2*2048kB (UE) 947*4096kB (M) = 3894396kB
[  251.824940][ T7115] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  251.845571][ T7115] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  251.863023][ T7115] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  251.890493][ T7115] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  251.913492][ T7115] 64252 total pagecache pages
[  251.924188][ T7115] 0 pages in swap cache
[  251.934246][ T7115] Free swap  = 124472kB
[  251.938578][ T7115] Total swap = 124996kB
[  251.942797][ T7115] 2097051 pages RAM
[  251.951559][  T789] aqc111 3-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -32
[  251.969420][ T7115] 0 pages HighMem/MovableOnly
[  251.978324][ T7115] 416137 pages reserved
[  251.986976][ T7115] 0 pages cma reserved
[  252.173416][ T7134] Driver unsupported XDP return value 0 on prog  (id 32) dev N/A, expect packet loss!
[  252.187382][  T789] aqc111 3-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[  252.239251][  T789] aqc111 3-1:1.105 eth1: register 'aqc111' at usb-dummy_hcd.2-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter, ee:75:87:9a:4c:ab
[  252.283727][  T789] usb 3-1: USB disconnect, device number 9
[  252.310371][  T789] aqc111 3-1:1.105 eth1: unregister 'aqc111' usb-dummy_hcd.2-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter
[  252.474093][ T7138] FAULT_INJECTION: forcing a failure.
[  252.474093][ T7138] name failslab, interval 1, probability 0, space 0, times 0
[  252.488532][ T7138] CPU: 0 PID: 7138 Comm: syz.1.293 Not tainted syzkaller #0
[  252.495965][ T7138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  252.506402][ T7138] Call Trace:
[  252.509710][ T7138]  <TASK>
[  252.512671][ T7138]  dump_stack_lvl+0x16c/0x230
[  252.517389][ T7138]  ? show_regs_print_info+0x20/0x20
[  252.522620][ T7138]  ? load_image+0x3b0/0x3b0
[  252.527236][ T7138]  ? __lock_acquire+0x7c80/0x7c80
[  252.532375][ T7138]  should_fail_ex+0x39d/0x4d0
[  252.537083][ T7138]  should_failslab+0x9/0x20
[  252.541617][ T7138]  slab_pre_alloc_hook+0x59/0x310
[  252.546680][ T7138]  ? bpf_test_init+0xc0/0x150
[  252.551375][ T7138]  ? bpf_test_init+0xc0/0x150
[  252.556110][ T7138]  __kmem_cache_alloc_node+0x53/0x260
[  252.561607][ T7138]  ? bpf_test_init+0xc0/0x150
[  252.566827][ T7138]  __kmalloc+0xa4/0x240
[  252.571097][ T7138]  bpf_test_init+0xc0/0x150
[  252.575677][ T7138]  bpf_prog_test_run_xdp+0x382/0xfa0
[  252.580991][ T7138]  ? dev_put+0x80/0x80
[  252.585091][ T7138]  ? dev_put+0x80/0x80
[  252.589302][ T7138]  bpf_prog_test_run+0x321/0x390
[  252.594372][ T7138]  __sys_bpf+0x440/0x800
[  252.599108][ T7138]  ? bpf_link_show_fdinfo+0x350/0x350
[  252.604526][ T7138]  ? lock_chain_count+0x20/0x20
[  252.609489][ T7138]  __x64_sys_bpf+0x7c/0x90
[  252.614021][ T7138]  do_syscall_64+0x55/0xb0
[  252.618462][ T7138]  ? clear_bhb_loop+0x40/0x90
[  252.623171][ T7138]  ? clear_bhb_loop+0x40/0x90
[  252.627874][ T7138]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  252.633807][ T7138] RIP: 0033:0x7f148eb8efc9
[  252.638246][ T7138] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  252.658155][ T7138] RSP: 002b:00007f148fa82038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  252.666614][ T7138] RAX: ffffffffffffffda RBX: 00007f148ede5fa0 RCX: 00007f148eb8efc9
[  252.674631][ T7138] RDX: 0000000000000028 RSI: 0000200000000440 RDI: 000000000000000a
[  252.682660][ T7138] RBP: 00007f148fa82090 R08: 0000000000000000 R09: 0000000000000000
[  252.690904][ T7138] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  252.699086][ T7138] R13: 00007f148ede6038 R14: 00007f148ede5fa0 R15: 00007ffdd390c758
[  252.707107][ T7138]  </TASK>
[  252.710161][    C0] vkms_vblank_simulate: vblank timer overrun
[  252.742092][  T789] aqc111 3-1:1.105 eth1 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  252.763104][  T789] aqc111 3-1:1.105 eth1 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  252.783154][  T789] aqc111 3-1:1.105 eth1 (unregistered): Failed to write(0x61) reg index 0x0000: -19
[  253.047768][ T7146] loop1: detected capacity change from 0 to 1024
[  253.236948][ T7153] loop0: detected capacity change from 0 to 1024
[  253.238506][ T7150] loop2: detected capacity change from 0 to 1024
[  253.277558][ T7153] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities
[  253.298738][ T7150] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[  253.373489][ T5792] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  253.765063][ T7159] ALSA: seq fatal error: cannot create timer (-22)
[  253.911563][ T1331] hfsplus: b-tree write err: -5, ino 4
[  254.245374][ T7157] loop3: detected capacity change from 0 to 1024
[  254.338992][ T7157] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[  255.559703][ T7175] loop1: detected capacity change from 0 to 1024
[  255.640185][ T7175] hfsplus: unable to parse mount options
[  255.680888][ T7176] loop0: detected capacity change from 0 to 512
[  255.713828][ T7176] EXT4-fs: Ignoring removed oldalloc option
[  256.224145][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[  256.243593][ T1286] ieee802154 phy1 wpan1: encryption failed: -22
[  256.260918][ T7176] EXT4-fs (loop0): 1 truncate cleaned up
[  256.335319][ T7176] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  256.622685][ T7191] loop2: detected capacity change from 0 to 4096
[  256.706932][ T7191] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512).
[  256.852682][ T7191] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  256.889495][ T7191] ntfs3: loop2: Failed to initialize $Extend/$Reparse.
[  256.906534][ T7190] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.302: invalid indirect mapped block 234881024 (level 0)
[  256.954095][ T7195] loop3: detected capacity change from 0 to 4096
[  256.983763][ T7195] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[  257.010077][ T7190] EXT4-fs (loop0): Remounting filesystem read-only
[  257.120056][ T7195] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  257.224252][ T7195] ntfs3: loop3: Failed to initialize $Extend/$Reparse.
[  257.289508][ T7195] FAULT_INJECTION: forcing a failure.
[  257.289508][ T7195] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  257.387478][ T7201] FAULT_INJECTION: forcing a failure.
[  257.387478][ T7201] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  257.401446][ T7201] CPU: 1 PID: 7201 Comm: syz.1.307 Not tainted syzkaller #0
[  257.409467][ T7201] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  257.420175][ T7201] Call Trace:
[  257.423503][ T7201]  <TASK>
[  257.426479][ T7201]  dump_stack_lvl+0x16c/0x230
[  257.431354][ T7201]  ? show_regs_print_info+0x20/0x20
[  257.436698][ T7201]  ? load_image+0x3b0/0x3b0
[  257.441543][ T7201]  ? __might_fault+0xaa/0x120
[  257.446808][ T7201]  ? __lock_acquire+0x7c80/0x7c80
[  257.451967][ T7201]  should_fail_ex+0x39d/0x4d0
[  257.456720][ T7201]  _copy_from_user+0x2f/0xe0
[  257.461393][ T7201]  sctp_setsockopt+0x19e/0x11e0
[  257.466466][ T7201]  ? sock_common_recvmsg+0x1b0/0x1b0
[  257.471809][ T7201]  do_sock_setsockopt+0x175/0x1a0
[  257.476879][ T7201]  ? __fdget+0x180/0x210
[  257.481167][ T7201]  __x64_sys_setsockopt+0x184/0x200
[  257.486510][ T7201]  do_syscall_64+0x55/0xb0
[  257.491069][ T7201]  ? clear_bhb_loop+0x40/0x90
[  257.495791][ T7201]  ? clear_bhb_loop+0x40/0x90
[  257.500517][ T7201]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  257.506517][ T7201] RIP: 0033:0x7f148eb8efc9
[  257.510987][ T7201] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  257.530643][ T7201] RSP: 002b:00007f148fa82038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  257.539096][ T7201] RAX: ffffffffffffffda RBX: 00007f148ede5fa0 RCX: 00007f148eb8efc9
[  257.547108][ T7201] RDX: 0000000000000083 RSI: 0000000000000084 RDI: 0000000000000009
[  257.555123][ T7201] RBP: 00007f148fa82090 R08: 0000000000000008 R09: 0000000000000000
[  257.563231][ T7201] R10: 0000200000000480 R11: 0000000000000246 R12: 0000000000000001
[  257.571246][ T7201] R13: 00007f148ede6038 R14: 00007f148ede5fa0 R15: 00007ffdd390c758
[  257.579275][ T7201]  </TASK>
[  257.588469][ T7195] CPU: 1 PID: 7195 Comm: syz.3.305 Not tainted syzkaller #0
[  257.595931][ T7195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  257.606118][ T7195] Call Trace:
[  257.609432][ T7195]  <TASK>
[  257.612409][ T7195]  dump_stack_lvl+0x16c/0x230
[  257.617159][ T7195]  ? show_regs_print_info+0x20/0x20
[  257.622421][ T7195]  ? load_image+0x3b0/0x3b0
[  257.626984][ T7195]  ? __might_fault+0xaa/0x120
[  257.631703][ T7195]  ? __lock_acquire+0x7c80/0x7c80
[  257.636782][ T7195]  should_fail_ex+0x39d/0x4d0
[  257.641514][ T7195]  strncpy_from_user+0x36/0x2e0
[  257.646424][ T7195]  getname_flags+0xf6/0x500
[  257.650984][ T7195]  __x64_sys_symlink+0x5f/0x90
[  257.655795][ T7195]  do_syscall_64+0x55/0xb0
[  257.660365][ T7195]  ? clear_bhb_loop+0x40/0x90
[  257.665126][ T7195]  ? clear_bhb_loop+0x40/0x90
[  257.669859][ T7195]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  257.675803][ T7195] RIP: 0033:0x7fc138b8efc9
[  257.680266][ T7195] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  257.700090][ T7195] RSP: 002b:00007fc13996f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058
[  257.708590][ T7195] RAX: ffffffffffffffda RBX: 00007fc138de5fa0 RCX: 00007fc138b8efc9
[  257.716766][ T7195] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000200000000100
[  257.724806][ T7195] RBP: 00007fc13996f090 R08: 0000000000000000 R09: 0000000000000000
[  257.732822][ T7195] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  257.740835][ T7195] R13: 00007fc138de6038 R14: 00007fc138de5fa0 R15: 00007ffdfce87448
[  257.748962][ T7195]  </TASK>
[  257.759600][ T7176] syz.0.302 (7176) used greatest stack depth: 17960 bytes left
[  257.810634][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.181601][ T7210] loop0: detected capacity change from 0 to 1024
[  258.224518][ T7210] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities
[  258.559936][ T7216] loop2: detected capacity change from 0 to 1024
[  258.632027][ T7216] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[  262.965775][ T7248] FAULT_INJECTION: forcing a failure.
[  262.965775][ T7248] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  263.023619][ T7248] CPU: 1 PID: 7248 Comm: syz.3.316 Not tainted syzkaller #0
[  263.031022][ T7248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  263.041234][ T7248] Call Trace:
[  263.044566][ T7248]  <TASK>
[  263.047539][ T7248]  dump_stack_lvl+0x16c/0x230
[  263.052283][ T7248]  ? show_regs_print_info+0x20/0x20
[  263.057542][ T7248]  ? load_image+0x3b0/0x3b0
[  263.062191][ T7248]  ? __lock_acquire+0x7c80/0x7c80
[  263.067303][ T7248]  ? snprintf+0xdb/0x120
[  263.071684][ T7248]  should_fail_ex+0x39d/0x4d0
[  263.076429][ T7248]  _copy_to_user+0x2f/0xa0
[  263.080904][ T7248]  simple_read_from_buffer+0xe7/0x150
[  263.086356][ T7248]  proc_fail_nth_read+0x1e3/0x250
[  263.091466][ T7248]  ? proc_fault_inject_write+0x340/0x340
[  263.097180][ T7248]  ? fsnotify_perm+0x271/0x5e0
[  263.102150][ T7248]  ? proc_fault_inject_write+0x340/0x340
[  263.107853][ T7248]  vfs_read+0x27e/0x920
[  263.112365][ T7248]  ? kernel_read+0x1e0/0x1e0
[  263.117194][ T7248]  ? __fget_files+0x28/0x4d0
[  263.123238][ T7248]  ? __fget_files+0x44a/0x4d0
[  263.128008][ T7248]  ? __fdget_pos+0x2a3/0x330
[  263.132669][ T7248]  ? ksys_read+0x75/0x250
[  263.137313][ T7248]  ksys_read+0x147/0x250
[  263.142538][ T7248]  ? vfs_write+0x940/0x940
[  263.147119][ T7248]  ? lockdep_hardirqs_on+0x98/0x150
[  263.152522][ T7248]  do_syscall_64+0x55/0xb0
[  263.157775][ T7248]  ? clear_bhb_loop+0x40/0x90
[  263.162800][ T7248]  ? clear_bhb_loop+0x40/0x90
[  263.167504][ T7248]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  263.173422][ T7248] RIP: 0033:0x7fc138b8d9dc
[  263.177873][ T7248] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  263.197977][ T7248] RSP: 002b:00007fc13996f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  263.206797][ T7248] RAX: ffffffffffffffda RBX: 00007fc138de5fa0 RCX: 00007fc138b8d9dc
[  263.214849][ T7248] RDX: 000000000000000f RSI: 00007fc13996f0a0 RDI: 0000000000000005
[  263.223131][ T7248] RBP: 00007fc13996f090 R08: 0000000000000000 R09: 0000000000000000
[  263.231324][ T7248] R10: 0000040000000009 R11: 0000000000000246 R12: 0000000000000001
[  263.239413][ T7248] R13: 00007fc138de6038 R14: 00007fc138de5fa0 R15: 00007ffdfce87448
[  263.247426][ T7248]  </TASK>
[  263.356404][ T7256] loop0: detected capacity change from 0 to 2048
[  263.369954][ T7256] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  263.410570][ T5800] udevd[5800]: incorrect nilfs2 checksum on /dev/loop0
[  265.125639][ T7262] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  265.353984][ T7265] loop3: detected capacity change from 0 to 1024
[  265.383849][ T7265] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[  265.738032][ T7269] loop2: detected capacity change from 0 to 1024
[  265.778316][ T7269] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[  267.223125][ T7279] FAULT_INJECTION: forcing a failure.
[  267.223125][ T7279] name failslab, interval 1, probability 0, space 0, times 0
[  267.260063][ T7279] CPU: 0 PID: 7279 Comm: syz.2.325 Not tainted syzkaller #0
[  267.267977][ T7279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  267.278181][ T7279] Call Trace:
[  267.281494][ T7279]  <TASK>
[  267.284482][ T7279]  dump_stack_lvl+0x16c/0x230
[  267.289256][ T7279]  ? show_regs_print_info+0x20/0x20
[  267.294499][ T7279]  ? load_image+0x3b0/0x3b0
[  267.299063][ T7279]  ? __might_sleep+0xe0/0xe0
[  267.303697][ T7279]  ? __lock_acquire+0x7c80/0x7c80
[  267.308778][ T7279]  should_fail_ex+0x39d/0x4d0
[  267.313587][ T7279]  should_failslab+0x9/0x20
[  267.318131][ T7279]  slab_pre_alloc_hook+0x59/0x310
[  267.323186][ T7279]  ? __lock_acquire+0x7c80/0x7c80
[  267.328252][ T7279]  kmem_cache_alloc_node+0x60/0x330
[  267.333689][ T7279]  ? __alloc_skb+0x108/0x2c0
[  267.338350][ T7279]  __alloc_skb+0x108/0x2c0
[  267.342988][ T7279]  netlink_sendmsg+0x65b/0xbe0
[  267.348029][ T7279]  ? netlink_getsockopt+0x580/0x580
[  267.353397][ T7279]  ? aa_sock_msg_perm+0x94/0x150
[  267.358404][ T7279]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  267.363886][ T7279]  ? security_socket_sendmsg+0x80/0xa0
[  267.369417][ T7279]  ? netlink_getsockopt+0x580/0x580
[  267.374941][ T7279]  ____sys_sendmsg+0x5bf/0x950
[  267.379794][ T7279]  ? __asan_memset+0x22/0x40
[  267.384415][ T7279]  ? __sys_sendmsg_sock+0x30/0x30
[  267.389471][ T7279]  ? __import_iovec+0x5f2/0x860
[  267.394402][ T7279]  ? import_iovec+0x73/0xa0
[  267.398948][ T7279]  ___sys_sendmsg+0x220/0x290
[  267.403766][ T7279]  ? __sys_sendmsg+0x270/0x270
[  267.408860][ T7279]  ? __lock_acquire+0x7c80/0x7c80
[  267.414056][ T7279]  __se_sys_sendmsg+0x1a5/0x270
[  267.419056][ T7279]  ? __x64_sys_sendmsg+0x80/0x80
[  267.424040][ T7279]  ? lockdep_hardirqs_on+0x98/0x150
[  267.429395][ T7279]  do_syscall_64+0x55/0xb0
[  267.433978][ T7279]  ? clear_bhb_loop+0x40/0x90
[  267.438683][ T7279]  ? clear_bhb_loop+0x40/0x90
[  267.443643][ T7279]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  267.449606][ T7279] RIP: 0033:0x7fbd9618efc9
[  267.454076][ T7279] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  267.473733][ T7279] RSP: 002b:00007fbd97013038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  267.482532][ T7279] RAX: ffffffffffffffda RBX: 00007fbd963e5fa0 RCX: 00007fbd9618efc9
[  267.490578][ T7279] RDX: 0000000000000080 RSI: 0000200000000200 RDI: 0000000000000004
[  267.498588][ T7279] RBP: 00007fbd97013090 R08: 0000000000000000 R09: 0000000000000000
[  267.506595][ T7279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  267.514872][ T7279] R13: 00007fbd963e6038 R14: 00007fbd963e5fa0 R15: 00007fffcb13a638
[  267.523605][ T7279]  </TASK>
[  267.567656][ T7277] loop3: detected capacity change from 0 to 8192
[  267.673522][ T5859] usb 3-1: new full-speed USB device number 10 using dummy_hcd
[  267.779214][ T7277] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  267.862496][ T7277] FAT-fs (loop3): Filesystem has been set read-only
[  267.893028][ T5859] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  267.921102][ T5859] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xBA, skipping
[  267.987951][ T5859] usb 3-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  268.028610][ T5859] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  268.093705][ T5859] usb 3-1: Product: syz
[  268.097961][ T5859] usb 3-1: Manufacturer: syz
[  268.102711][ T5859] usb 3-1: SerialNumber: syz
[  268.123531][  T788] usb 1-1: new full-speed USB device number 7 using dummy_hcd
[  268.189838][ T5859] usb 3-1: config 0 descriptor??
[  268.221955][ T7282] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  268.240787][ T5859] usb 3-1: ucan: probing device on interface #0
[  268.283711][ T5859] usb 3-1: ucan: invalid EP count (1)
[  268.289294][ T5859] usb 3-1: ucan: probe failed; try to update the device firmware
[  268.354702][  T788] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  268.402790][  T788] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xBA, skipping
[  268.456996][ T5859] usb 3-1: USB disconnect, device number 10
[  268.529583][  T788] usb 1-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  268.581539][  T788] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  268.632703][  T788] usb 1-1: Product: syz
[  268.656575][  T788] usb 1-1: Manufacturer: syz
[  268.666632][ T7292] loop3: detected capacity change from 0 to 2048
[  268.696384][  T788] usb 1-1: SerialNumber: syz
[  268.717735][ T7292] UDF-fs: bad mount option "" or missing value
[  268.748346][  T788] usb 1-1: config 0 descriptor??
[  268.794680][ T7289] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  268.818260][  T788] usb 1-1: ucan: probing device on interface #0
[  268.874059][  T788] usb 1-1: ucan: invalid EP count (1)
[  268.900152][ T7284] loop1: detected capacity change from 0 to 131072
[  268.918875][  T788] usb 1-1: ucan: probe failed; try to update the device firmware
[  268.936097][ T7284] F2FS-fs (loop1): Unrecognized mount option "01777777777777777777777" or missing value
[  269.287132][ T7302] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  269.294509][  T789] usb 1-1: USB disconnect, device number 7
[  269.361899][ T7304] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  269.375757][ T7304] Cannot find add_set index 0 as target
[  269.559882][ T7306] netlink: 'syz.2.330': attribute type 2 has an invalid length.
[  269.621812][ T7308] loop3: detected capacity change from 0 to 1024
[  269.653965][ T7308] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[  270.520467][ T7320] loop2: detected capacity change from 0 to 1024
[  270.620049][ T7320] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[  271.426228][ T7331] FAULT_INJECTION: forcing a failure.
[  271.426228][ T7331] name failslab, interval 1, probability 0, space 0, times 0
[  271.535796][ T7331] CPU: 0 PID: 7331 Comm: syz.0.336 Not tainted syzkaller #0
[  271.543252][ T7331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  271.553368][ T7331] Call Trace:
[  271.556684][ T7331]  <TASK>
[  271.559656][ T7331]  dump_stack_lvl+0x16c/0x230
[  271.564484][ T7331]  ? show_regs_print_info+0x20/0x20
[  271.569910][ T7331]  ? load_image+0x3b0/0x3b0
[  271.574463][ T7331]  ? __might_sleep+0xe0/0xe0
[  271.579099][ T7331]  ? __lock_acquire+0x7c80/0x7c80
[  271.584188][ T7331]  should_fail_ex+0x39d/0x4d0
[  271.588924][ T7331]  should_failslab+0x9/0x20
[  271.593598][ T7331]  slab_pre_alloc_hook+0x59/0x310
[  271.598712][ T7331]  ? sock_kmalloc+0x96/0xf0
[  271.603279][ T7331]  ? sock_kmalloc+0x96/0xf0
[  271.607831][ T7331]  __kmem_cache_alloc_node+0x53/0x260
[  271.613269][ T7331]  ? sock_kmalloc+0x96/0xf0
[  271.617824][ T7331]  __kmalloc+0xa4/0x240
[  271.622040][ T7331]  sock_kmalloc+0x96/0xf0
[  271.626425][ T7331]  alg_setkey+0x54/0x170
[  271.630717][ T7331]  ? alg_setsockopt+0x3b0/0x480
[  271.635622][ T7331]  alg_setsockopt+0x3c5/0x480
[  271.640371][ T7331]  ? alg_accept+0x50/0x50
[  271.644754][ T7331]  do_sock_setsockopt+0x175/0x1a0
[  271.649843][ T7331]  ? __fdget+0x180/0x210
[  271.654235][ T7331]  __x64_sys_setsockopt+0x184/0x200
[  271.659595][ T7331]  do_syscall_64+0x55/0xb0
[  271.664149][ T7331]  ? clear_bhb_loop+0x40/0x90
[  271.668881][ T7331]  ? clear_bhb_loop+0x40/0x90
[  271.673602][ T7331]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  271.679643][ T7331] RIP: 0033:0x7f097e98efc9
[  271.684289][ T7331] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  271.704478][ T7331] RSP: 002b:00007f097f757038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  271.713176][ T7331] RAX: ffffffffffffffda RBX: 00007f097ebe5fa0 RCX: 00007f097e98efc9
[  271.721195][ T7331] RDX: 0000000000000001 RSI: 0000000000000117 RDI: 0000000000000003
[  271.729254][ T7331] RBP: 00007f097f757090 R08: 0000000000000440 R09: 0000000000000000
[  271.737431][ T7331] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  271.745472][ T7331] R13: 00007f097ebe6038 R14: 00007f097ebe5fa0 R15: 00007ffd8663f3b8
[  271.753531][ T7331]  </TASK>
[  272.379163][ T7347] netlink: 32 bytes leftover after parsing attributes in process `syz.2.340'.
[  272.481176][ T7350] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  272.514911][ T7350] FAULT_INJECTION: forcing a failure.
[  272.514911][ T7350] name failslab, interval 1, probability 0, space 0, times 0
[  272.553807][ T7350] CPU: 0 PID: 7350 Comm: syz.0.341 Not tainted syzkaller #0
[  272.561393][ T7350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  272.571685][ T7350] Call Trace:
[  272.575029][ T7350]  <TASK>
[  272.578106][ T7350]  dump_stack_lvl+0x16c/0x230
[  272.582931][ T7350]  ? show_regs_print_info+0x20/0x20
[  272.588298][ T7350]  ? load_image+0x3b0/0x3b0
[  272.593283][ T7350]  ? __might_sleep+0xe0/0xe0
[  272.598916][ T7350]  ? __lock_acquire+0x7c80/0x7c80
[  272.605201][ T7350]  ? prepend_path+0x4b/0x960
[  272.609949][ T7350]  should_fail_ex+0x39d/0x4d0
[  272.614700][ T7350]  should_failslab+0x9/0x20
[  272.619648][ T7350]  slab_pre_alloc_hook+0x59/0x310
[  272.624753][ T7350]  ? __asan_memcpy+0x40/0x70
[  272.629415][ T7350]  ? tomoyo_encode+0x28b/0x540
[  272.634248][ T7350]  ? tomoyo_encode+0x28b/0x540
[  272.639082][ T7350]  __kmem_cache_alloc_node+0x53/0x260
[  272.644523][ T7350]  ? prepend_path+0x4b/0x960
[  272.649172][ T7350]  ? tomoyo_encode+0x28b/0x540
[  272.654011][ T7350]  __kmalloc+0xa4/0x240
[  272.658241][ T7350]  tomoyo_encode+0x28b/0x540
[  272.662904][ T7350]  tomoyo_realpath_from_path+0x592/0x5d0
[  272.668711][ T7350]  tomoyo_path_number_perm+0x1ea/0x590
[  272.674255][ T7350]  ? tomoyo_path_number_perm+0x1ba/0x590
[  272.680014][ T7350]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  272.685629][ T7350]  ? ksys_write+0x1c1/0x250
[  272.690345][ T7350]  ? __fget_files+0x28/0x4d0
[  272.695619][ T7350]  security_file_ioctl+0x70/0xa0
[  272.701187][ T7350]  __se_sys_ioctl+0x48/0x170
[  272.705873][ T7350]  do_syscall_64+0x55/0xb0
[  272.710426][ T7350]  ? clear_bhb_loop+0x40/0x90
[  272.715192][ T7350]  ? clear_bhb_loop+0x40/0x90
[  272.720175][ T7350]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  272.726440][ T7350] RIP: 0033:0x7f097e98efc9
[  272.731165][ T7350] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  272.751474][ T7350] RSP: 002b:00007f097f757038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  272.760125][ T7350] RAX: ffffffffffffffda RBX: 00007f097ebe5fa0 RCX: 00007f097e98efc9
[  272.768356][ T7350] RDX: 0000200000000540 RSI: 00000000c0045516 RDI: 0000000000000003
[  272.776668][ T7350] RBP: 00007f097f757090 R08: 0000000000000000 R09: 0000000000000000
[  272.785570][ T7350] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  272.793597][ T7350] R13: 00007f097ebe6038 R14: 00007f097ebe5fa0 R15: 00007ffd8663f3b8
[  272.801761][ T7350]  </TASK>
[  272.872085][ T7323] loop3: detected capacity change from 0 to 32768
[  272.883343][ T7350] ERROR: Out of memory at tomoyo_realpath_from_path.
[  272.947904][ T7323] 
[  272.947904][ T7323]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  272.947904][ T7323] 
[  272.999533][   T28] audit: type=1800 audit(1761537256.159:58): pid=7323 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.335" name="file1" dev="loop3" ino=4 res=0 errno=0
[  273.121697][ T7328] ERROR: (device loop3): diWrite: ixpxd invalid
[  273.121697][ T7328] 
[  273.235585][ T7328] ERROR: (device loop3): txCommit: 
[  273.235585][ T7328] 
[  273.259797][ T7356] loop0: detected capacity change from 0 to 1024
[  273.318507][ T7356] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities
[  273.335353][ T7328] ERROR: (device loop3): diFree: invalid inoext
[  273.335353][ T7328] 
[  273.638001][ T7323] JFS: metapage_get_blocks failed
[  273.738120][ T7323] 
[  273.738120][ T7323]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  273.738120][ T7323] 
[  273.827423][ T7323] 
[  273.827423][ T7323]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  273.827423][ T7323] 
[  273.922717][ T7323] 
[  273.922717][ T7323]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  273.922717][ T7323] 
[  273.987486][ T7367] loop2: detected capacity change from 0 to 1024
[  273.998403][ T7323] 
[  273.998403][ T7323]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  273.998403][ T7323] 
[  274.132990][ T7323] 
[  274.132990][ T7323]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  274.132990][ T7323] 
[  274.150481][ T7367] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[  274.190146][ T7370] loop1: detected capacity change from 0 to 1024
[  274.373100][ T7370] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities
[  274.500348][ T7373] ALSA: seq fatal error: cannot create timer (-22)
[  274.723032][ T5792] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  276.458318][   T42] ERROR: (device loop3): diWrite: ixpxd invalid
[  276.458318][   T42] 
[  276.488988][   T42] ERROR: (device loop3): txCommit: 
[  276.488988][   T42] 
[  276.581661][   T42] jfs_write_inode: jfs_commit_inode failed!
[  276.717251][ T5787] 
[  276.717251][ T5787]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  276.717251][ T5787] 
[  276.780721][ T5787] 
[  276.780721][ T5787]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  276.780721][ T5787] 
[  279.053601][ T7401] warning: `syz.1.353' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  281.111609][   T28] audit: type=1326 audit(1761537264.269:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7416 comm="syz.2.358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd9618efc9 code=0x7ffc0000
[  281.134438][   T28] audit: type=1326 audit(1761537264.299:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7416 comm="syz.2.358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd9618efc9 code=0x7ffc0000
[  281.201172][   T28] audit: type=1326 audit(1761537264.299:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7416 comm="syz.2.358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=281 compat=0 ip=0x7fbd9618efc9 code=0x7ffc0000
[  281.241099][   T28] audit: type=1326 audit(1761537264.309:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7416 comm="syz.2.358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd9618efc9 code=0x7ffc0000
[  281.264933][   T28] audit: type=1326 audit(1761537264.309:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7416 comm="syz.2.358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd9618efc9 code=0x7ffc0000
[  282.336873][  T789] IPVS: starting estimator thread 0...
[  282.693623][ T7431] IPVS: using max 16 ests per chain, 38400 per kthread
[  283.871199][ T7449] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  283.943643][  T788] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  284.103682][  T789] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  284.133878][  T788] usb 1-1: Using ep0 maxpacket: 16
[  284.150246][  T788] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  284.193771][  T788] usb 1-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  284.233426][  T788] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  284.297060][  T789] usb 3-1: Using ep0 maxpacket: 16
[  284.316811][  T789] usb 3-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15
[  284.317174][  T788] usb 1-1: config 0 descriptor??
[  284.339063][  T789] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  284.378408][  T789] usb 3-1: Product: syz
[  284.396579][  T789] usb 3-1: Manufacturer: syz
[  284.427061][  T789] usb 3-1: SerialNumber: syz
[  284.465734][  T789] usb 3-1: config 0 descriptor??
[  284.545216][  T789] ssu100 3-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected
[  284.760611][  T788] mcp2221 0003:04D8:00DD.0002: unknown main item tag 0x0
[  284.783571][  T788] mcp2221 0003:04D8:00DD.0002: unknown main item tag 0x0
[  284.808975][  T788] mcp2221 0003:04D8:00DD.0002: unknown main item tag 0x0
[  284.823592][  T788] mcp2221 0003:04D8:00DD.0002: unknown main item tag 0x0
[  284.853489][  T788] mcp2221 0003:04D8:00DD.0002: unknown main item tag 0x0
[  284.871253][  T788] mcp2221 0003:04D8:00DD.0002: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.0-1/input0
[  285.103884][  T788] usb 1-1: USB disconnect, device number 8
[  286.422994][ T7462] loop1: detected capacity change from 0 to 64
[  286.497333][  T789] ssu100: probe of 3-1:0.0 failed with error -71
[  286.511312][  T789] usb 3-1: USB disconnect, device number 11
[  287.722768][ T7468] syz.3.373: attempt to access beyond end of device
[  287.722768][ T7468] nbd0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  288.480640][ T7489] fuse: Bad value for 'user_id'
[  289.255634][ T7503] tipc: Started in network mode
[  289.260633][ T7503] tipc: Node identity 4, cluster identity 4711
[  289.266941][ T7503] tipc: Node number set to 4
[  290.225895][ T7517] loop0: detected capacity change from 0 to 64
[  290.290059][ T7517] BFS-fs: bfs_fill_super(): loop0 is unclean, continuing
[  294.060046][ T7542] veth0: entered promiscuous mode
[  294.187840][ T7538] comedi comedi0: reset error (fatal)
[  294.558454][ T7540] veth0: left promiscuous mode
[  294.786592][ T7547] loop3: detected capacity change from 0 to 8
[  296.112757][ T7554] netlink: 4 bytes leftover after parsing attributes in process `syz.2.400'.
[  296.227723][ T7555] gre1: entered promiscuous mode
[  296.232778][ T7555] gre1: entered allmulticast mode
[  296.283945][ T5791] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  296.377328][ T7557] loop3: detected capacity change from 0 to 8192
[  296.421743][ T7557]  loop3: p1 p2 < > p3 p4 < p5 >
[  296.433837][ T7557] loop3: partition table partially beyond EOD, truncated
[  296.453207][ T7557] loop3: p1 size 100663296 extends beyond EOD, truncated
[  296.483237][ T7557] loop3: p2 start 591104 is beyond EOD, truncated
[  296.494215][ T7557] loop3: p3 start 33572980 is beyond EOD, truncated
[  296.499941][ T5791] usb 2-1: too many configurations: 137, using maximum allowed: 8
[  296.511395][ T7557] loop3: p5 size 100663296 extends beyond EOD, truncated
[  296.549856][ T5791] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  296.749118][ T5791] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  296.788084][ T5791] usb 2-1: Product: syz
[  296.970488][ T5791] usb 2-1: Manufacturer: syz
[  297.134475][ T5791] usb 2-1: SerialNumber: syz
[  297.214035][ T7567] overlayfs: failed to resolve './file0': -2
[  297.256429][ T5791] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  297.259049][ T7572] overlayfs: missing 'lowerdir'
[  297.989490][    T9] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  298.077461][ T5792] udevd[5792]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  298.079104][ T5964] udevd[5964]: inotify_add_watch(7, /dev/loop3p5, 10) failed: No such file or directory
[  298.107271][ T5800] udevd[5800]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  298.406987][ T7582] loop2: detected capacity change from 0 to 4096
[  298.601798][ T7590] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  299.058179][ T7593] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  299.067916][ T7593] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  299.153753][    T9] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive
[  299.177949][    T9] ath9k_htc: Failed to initialize the device
[  299.819013][    T9] usb 2-1: ath9k_htc: USB layer deinitialized
[  300.735288][ T7606] loop3: detected capacity change from 0 to 47
[  301.227904][   T28] audit: type=1800 audit(1761537284.389:64): pid=7606 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.415" name="bus" dev="loop3" ino=8 res=0 errno=0
[  301.252977][    C1] vkms_vblank_simulate: vblank timer overrun
[  301.728412][    T9] usb 2-1: USB disconnect, device number 2
[  301.928274][ T7612] netlink: 'syz.3.418': attribute type 4 has an invalid length.
[  303.910789][   T27] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  304.123120][   T27] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  304.134892][   T27] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  304.148699][   T27] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  304.161753][   T27] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  304.229158][   T27] usb 1-1: config 0 descriptor??
[  304.776286][  T789] usb 1-1: USB disconnect, device number 9
[  305.943615][  T789] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  306.288657][  T789] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  306.300409][  T789] usb 3-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  306.330079][  T789] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[  306.500265][  T789] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  306.515620][  T789] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  306.564591][  T789] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  307.298551][  T789] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  307.307844][  T789] usb 3-1: Product: syz
[  307.312989][  T789] usb 3-1: Manufacturer: syz
[  307.337973][  T789] cdc_wdm 3-1:1.0: skipping garbage
[  307.381584][  T789] cdc_wdm 3-1:1.0: skipping garbage
[  307.433183][  T789] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[  307.442394][  T789] cdc_wdm 3-1:1.0: Unknown control protocol
[  307.825733][    C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  307.832660][    C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  307.839201][    C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  307.845958][    C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  307.852511][    C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  307.859207][    C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  307.865808][    C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  307.872490][    C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  307.878996][    C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  307.885841][    C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  307.893840][    C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  307.900758][    C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  307.907224][    C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  307.913848][    C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  307.920226][    C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  307.926884][    C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  307.933307][    C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  307.935280][ T7662] o2cb: This node has not been configured.
[  307.939944][    C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  307.940213][    C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  307.946528][ T7662] o2cb: Cluster check failed. Fix errors before retrying.
[  307.952481][    C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  307.972835][ T7662] (syz.3.431,7662,1):user_dlm_register:674 ERROR: status = -22
[  307.980535][ T7662] (syz.3.431,7662,1):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "file1"
[  309.299474][  T789] usb 3-1: USB disconnect, device number 12
[  309.299566][    C0] cdc_wdm 3-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  309.832661][ T7666] loop2: detected capacity change from 0 to 1024
[  309.867218][ T7666] EXT4-fs: inline encryption not supported
[  309.873209][ T7666] EXT4-fs: Ignoring removed i_version option
[  309.880552][ T7666] EXT4-fs: Ignoring removed orlov option
[  309.983680][  T788] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  310.590528][ T7666] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  310.679170][ T7666] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  310.835429][  T788] usb 4-1: Using ep0 maxpacket: 8
[  310.931008][  T788] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  310.978547][  T788] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  311.033830][  T788] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  311.093625][  T788] usb 4-1: config 0 descriptor??
[  311.165213][ T5788] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  311.414614][  T788] iowarrior 4-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  312.285164][  T789] usb 4-1: USB disconnect, device number 3
[  312.484661][ T7682] syz.2.436: attempt to access beyond end of device
[  312.484661][ T7682] nbd0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  312.853774][ T7683] overlayfs: failed to resolve './file0': -2
[  314.486575][ T7695] loop0: detected capacity change from 0 to 1024
[  314.593112][ T5792] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  317.730061][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[  317.753898][ T1286] ieee802154 phy1 wpan1: encryption failed: -22
[  325.596517][ T7799] loop3: detected capacity change from 0 to 131072
[  325.716290][ T7799] F2FS-fs (loop3): invalid crc value
[  325.753666][ T7799] F2FS-fs (loop3): Found nat_bits in checkpoint
[  325.853510][ T7799] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  326.796101][ T7753] Bluetooth: hci4: Frame reassembly failed (-84)
[  326.813949][ T3499] Bluetooth: hci4: Frame reassembly failed (-84)
[  328.004171][ T5105] Bluetooth: hci3: ACL packet too small
[  328.347828][ T7829] loop0: detected capacity change from 0 to 1024
[  328.369534][ T7829] EXT4-fs: inline encryption not supported
[  328.393629][ T7829] EXT4-fs: Ignoring removed i_version option
[  328.400007][ T7829] EXT4-fs: Ignoring removed orlov option
[  328.423725][ T7829] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  328.486641][ T7829] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  328.689414][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  328.833488][ T5797] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  328.833613][ T5105] Bluetooth: hci4: command 0x1003 tx timeout
[  328.848150][    T9] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  329.040937][    T9] usb 2-1: New USB device found, idVendor=0547, idProduct=0201, bcdDevice=11.64
[  329.051248][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  329.066607][    T9] usb 2-1: Product: syz
[  329.070835][    T9] usb 2-1: Manufacturer: syz
[  329.078450][    T9] usb 2-1: SerialNumber: syz
[  329.091620][    T9] usb 2-1: config 0 descriptor??
[  329.222744][    T9] dvb-usb: found a 'Nebula Electronics uDigiTV DVB-T USB2.0)' in warm state.
[  331.518294][ T7851] loop3: detected capacity change from 0 to 1024
[  331.545552][ T7851] EXT4-fs: inline encryption not supported
[  331.585316][    T9] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  331.607348][    T9] dvbdev: DVB: registering new adapter (Nebula Electronics uDigiTV DVB-T USB2.0))
[  331.623657][    T9] usb 2-1: media controller created
[  331.633588][ T7851] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  331.657814][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  332.773666][    T9] DVB: Unable to find symbol mt352_attach()
[  332.948145][ T7851] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  333.904013][    T9] DVB: Unable to find symbol nxt6000_attach()
[  333.910635][    T9] dvb-usb: no frontend was attached by 'Nebula Electronics uDigiTV DVB-T USB2.0)'
[  333.940481][ T7851] ==================================================================
[  333.946710][    T9] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input10
[  333.948594][ T7851] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x94b/0x1e90
[  333.967480][ T7851] Read of size 18446744073709551588 at addr ffff88805a90b840 by task syz.3.471/7851
[  333.976972][ T7851] 
[  333.977277][    T9] dvb-usb: schedule remote query interval to 1000 msecs.
[  333.979310][ T7851] CPU: 1 PID: 7851 Comm: syz.3.471 Not tainted syzkaller #0
[  333.993699][ T7851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  334.003857][ T7851] Call Trace:
[  334.007160][ T7851]  <TASK>
[  334.010103][ T7851]  dump_stack_lvl+0x16c/0x230
[  334.014805][ T7851]  ? read_lock_is_recursive+0x20/0x20
[  334.020194][ T7851]  ? show_regs_print_info+0x20/0x20
[  334.025414][ T7851]  ? load_image+0x3b0/0x3b0
[  334.029929][ T7851]  ? _raw_spin_lock_irqsave+0xb4/0xf0
[  334.035334][ T7851]  ? __virt_addr_valid+0x18c/0x540
[  334.040465][ T7851]  ? __virt_addr_valid+0x469/0x540
[  334.045597][ T7851]  print_report+0xac/0x220
[  334.050034][ T7851]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  334.055555][ T7851]  kasan_report+0x117/0x150
[  334.060081][ T7851]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  334.065561][ T7851]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  334.071042][ T7851]  kasan_check_range+0x288/0x290
[  334.076021][ T7851]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  334.081539][ T7851]  __asan_memmove+0x29/0x70
[  334.086068][ T7851]  ext4_xattr_set_entry+0x94b/0x1e90
[  334.091396][ T7851]  ext4_xattr_block_set+0xae3/0x32a0
[  334.096722][ T7851]  ? ext4_destroy_inode+0x200/0x200
[  334.102288][ T7851]  ? proc_nr_inodes+0x230/0x230
[  334.107192][ T7851]  ? do_raw_spin_unlock+0x121/0x230
[  334.112413][ T7851]  ? _raw_spin_unlock+0x28/0x40
[  334.117315][ T7851]  ? ext4_xattr_block_find+0x350/0x350
[  334.122816][ T7851]  ? ext4_xattr_ibody_set+0x50d/0x6a0
[  334.128237][ T7851]  ext4_xattr_set_handle+0x10a1/0x1290
[  334.133821][ T7851]  ? ext4_xattr_inode_free_quota+0x1b0/0x1b0
[  334.139833][ T7851]  ? __ext4_journal_start_sb+0x259/0x570
[  334.145487][ T7851]  ext4_xattr_set+0x22d/0x320
[  334.150187][ T7851]  ? end_current_label_crit_section+0x170/0x170
[  334.156453][ T7851]  ? ext4_xattr_set_credits+0x2f0/0x2f0
[  334.162020][ T7851]  ? posix_xattr_acl+0x93/0xb0
[  334.166804][ T7851]  ? evm_protect_xattr+0x36d/0x7a0
[  334.171977][ T7851]  ? ext4_xattr_trusted_get+0x40/0x40
[  334.177381][ T7851]  __vfs_setxattr+0x431/0x470
[  334.182173][ T7851]  __vfs_setxattr_noperm+0x12d/0x5e0
[  334.187588][ T7851]  vfs_setxattr+0x16c/0x2f0
[  334.192124][ T7851]  ? xattr_permission+0x470/0x470
[  334.197165][ T7851]  ? __mnt_want_write+0x223/0x2a0
[  334.202241][ T7851]  ? path_setxattr+0x314/0x550
[  334.207032][ T7851]  path_setxattr+0x362/0x550
[  334.211652][ T7851]  ? simple_xattrs_free+0x150/0x150
[  334.216884][ T7851]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  334.222893][ T7851]  ? lock_chain_count+0x20/0x20
[  334.227789][ T7851]  __x64_sys_lsetxattr+0xb8/0xd0
[  334.232782][ T7851]  do_syscall_64+0x55/0xb0
[  334.237223][ T7851]  ? clear_bhb_loop+0x40/0x90
[  334.241919][ T7851]  ? clear_bhb_loop+0x40/0x90
[  334.246616][ T7851]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  334.252530][ T7851] RIP: 0033:0x7fc138b8efc9
[  334.256967][ T7851] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  334.276686][ T7851] RSP: 002b:00007fc13996f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[  334.285121][ T7851] RAX: ffffffffffffffda RBX: 00007fc138de5fa0 RCX: 00007fc138b8efc9
[  334.293113][ T7851] RDX: 0000200000000800 RSI: 0000200000000180 RDI: 00002000000001c0
[  334.301125][ T7851] RBP: 00007fc138c11f91 R08: 0000000000000000 R09: 0000000000000000
[  334.309115][ T7851] R10: 0000000000000361 R11: 0000000000000246 R12: 0000000000000000
[  334.317116][ T7851] R13: 00007fc138de6038 R14: 00007fc138de5fa0 R15: 00007ffdfce87448
[  334.325375][ T7851]  </TASK>
[  334.328405][ T7851] 
[  334.330746][ T7851] Allocated by task 7851:
[  334.335083][ T7851]  kasan_set_track+0x4e/0x70
[  334.339708][ T7851]  __kasan_kmalloc+0x8f/0xa0
[  334.344338][ T7851]  __kmalloc_node_track_caller+0xb2/0x230
[  334.350080][ T7851]  kmemdup+0x2b/0x70
[  334.353988][ T7851]  ext4_xattr_block_set+0x9e5/0x32a0
[  334.359302][ T7851]  ext4_xattr_set_handle+0x10a1/0x1290
[  334.364781][ T7851]  ext4_xattr_set+0x22d/0x320
[  334.369519][ T7851]  __vfs_setxattr+0x431/0x470
[  334.374212][ T7851]  __vfs_setxattr_noperm+0x12d/0x5e0
[  334.379512][ T7851]  vfs_setxattr+0x16c/0x2f0
[  334.384040][ T7851]  path_setxattr+0x362/0x550
[  334.388670][ T7851]  __x64_sys_lsetxattr+0xb8/0xd0
[  334.393629][ T7851]  do_syscall_64+0x55/0xb0
[  334.398090][ T7851]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  334.403997][ T7851] 
[  334.406329][ T7851] The buggy address belongs to the object at ffff88805a90b800
[  334.406329][ T7851]  which belongs to the cache kmalloc-1k of size 1024
[  334.420409][ T7851] The buggy address is located 64 bytes inside of
[  334.420409][ T7851]  1024-byte region [ffff88805a90b800, ffff88805a90bc00)
[  334.433703][ T7851] 
[  334.436037][ T7851] The buggy address belongs to the physical page:
[  334.442553][ T7851] page:ffffea00016a4200 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5a908
[  334.452721][ T7851] head:ffffea00016a4200 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  334.461667][ T7851] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  334.469654][ T7851] page_type: 0xffffffff()
[  334.473995][ T7851] raw: 00fff00000000840 ffff888017841dc0 dead000000000122 0000000000000000
[  334.482617][ T7851] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[  334.491207][ T7851] page dumped because: kasan: bad access detected
[  334.497722][ T7851] page_owner tracks the page as allocated
[  334.503445][ T7851] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x152820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 1311, tgid 1311 (kworker/u4:6), ts 333929565115, free_ts 333862517667
[  334.524392][ T7851]  post_alloc_hook+0x1cd/0x210
[  334.529180][ T7851]  get_page_from_freelist+0x195c/0x19f0
[  334.534749][ T7851]  __alloc_pages+0x1e3/0x460
[  334.539368][ T7851]  alloc_slab_page+0x5d/0x170
[  334.544066][ T7851]  new_slab+0x87/0x2e0
[  334.548184][ T7851]  ___slab_alloc+0xc6d/0x1300
[  334.552879][ T7851]  __kmem_cache_alloc_node+0x1a2/0x260
[  334.558356][ T7851]  __kmalloc+0xa4/0x240
[  334.562530][ T7851]  ieee802_11_parse_elems_full+0xb9/0x2080
[  334.568365][ T7851]  ieee80211_inform_bss+0x107/0x1060
[  334.573665][ T7851]  rdev_inform_bss+0x106/0x410
[  334.578443][ T7851]  cfg80211_inform_bss_frame_data+0xb33/0x12b0
[  334.584616][ T7851]  ieee80211_bss_info_update+0x70b/0x930
[  334.590268][ T7851]  ieee80211_ibss_rx_queued_mgmt+0x17c9/0x2ac0
[  334.596552][ T7851]  ieee80211_iface_work+0x717/0xc70
[  334.601774][ T7851]  cfg80211_wiphy_work+0x225/0x260
[  334.606907][ T7851] page last free stack trace:
[  334.611582][ T7851]  free_unref_page_prepare+0x7ce/0x8e0
[  334.617070][ T7851]  free_unref_page+0x32/0x2e0
[  334.621767][ T7851]  __unfreeze_partials+0x1cf/0x210
[  334.626922][ T7851]  put_cpu_partial+0x17c/0x250
[  334.631704][ T7851]  __slab_free+0x31d/0x410
[  334.636138][ T7851]  qlist_free_all+0x75/0xe0
[  334.640660][ T7851]  kasan_quarantine_reduce+0x143/0x160
[  334.646138][ T7851]  __kasan_slab_alloc+0x22/0x80
[  334.651004][ T7851]  slab_post_alloc_hook+0x6e/0x4d0
[  334.656150][ T7851]  kmem_cache_alloc+0x11e/0x2e0
[  334.661107][ T7851]  getname_flags+0xbb/0x500
[  334.665656][ T7851]  vfs_fstatat+0x111/0x1b0
[  334.670110][ T7851]  __x64_sys_newfstatat+0x117/0x190
[  334.675469][ T7851]  do_syscall_64+0x55/0xb0
[  334.679921][ T7851]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  334.685836][ T7851] 
[  334.688167][ T7851] Memory state around the buggy address:
[  334.693804][ T7851]  ffff88805a90b700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  334.701891][ T7851]  ffff88805a90b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  334.709982][ T7851] >ffff88805a90b800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  334.718076][ T7851]                                            ^
[  334.724245][ T7851]  ffff88805a90b880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  334.732324][ T7851]  ffff88805a90b900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  334.740399][ T7851] ==================================================================
[  335.273523][    T9] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0) successfully initialized and connected.
[  335.303942][    T9] dvb-usb: bulk message failed: -22 (7/0)
[  335.310461][    T9] dvb-usb: bulk message failed: -22 (7/0)
[  335.348484][ T7851] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  335.355755][ T7851] CPU: 0 PID: 7851 Comm: syz.3.471 Not tainted syzkaller #0
[  335.363053][ T7851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  335.373119][ T7851] Call Trace:
[  335.376403][ T7851]  <TASK>
[  335.379339][ T7851]  dump_stack_lvl+0x16c/0x230
[  335.384031][ T7851]  ? show_regs_print_info+0x20/0x20
[  335.389273][ T7851]  ? load_image+0x3b0/0x3b0
[  335.393793][ T7851]  panic+0x2c0/0x710
[  335.397714][ T7851]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  335.403901][ T7851]  ? bpf_jit_dump+0xd0/0xd0
[  335.408416][ T7851]  ? _raw_spin_unlock_irqrestore+0xfa/0x110
[  335.414316][ T7851]  ? _raw_spin_unlock+0x40/0x40
[  335.419175][ T7851]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  335.424651][ T7851]  check_panic_on_warn+0x84/0xa0
[  335.429618][ T7851]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  335.435155][ T7851]  end_report+0x6f/0x140
[  335.439434][ T7851]  kasan_report+0x128/0x150
[  335.444035][ T7851]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  335.449516][ T7851]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  335.454991][ T7851]  kasan_check_range+0x288/0x290
[  335.459972][ T7851]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  335.465451][ T7851]  __asan_memmove+0x29/0x70
[  335.469975][ T7851]  ext4_xattr_set_entry+0x94b/0x1e90
[  335.475299][ T7851]  ext4_xattr_block_set+0xae3/0x32a0
[  335.480625][ T7851]  ? ext4_destroy_inode+0x200/0x200
[  335.485846][ T7851]  ? proc_nr_inodes+0x230/0x230
[  335.490708][ T7851]  ? do_raw_spin_unlock+0x121/0x230
[  335.496203][ T7851]  ? _raw_spin_unlock+0x28/0x40
[  335.501085][ T7851]  ? ext4_xattr_block_find+0x350/0x350
[  335.506573][ T7851]  ? ext4_xattr_ibody_set+0x50d/0x6a0
[  335.511985][ T7851]  ext4_xattr_set_handle+0x10a1/0x1290
[  335.517471][ T7851]  ? ext4_xattr_inode_free_quota+0x1b0/0x1b0
[  335.523489][ T7851]  ? __ext4_journal_start_sb+0x259/0x570
[  335.529192][ T7851]  ext4_xattr_set+0x22d/0x320
[  335.533892][ T7851]  ? end_current_label_crit_section+0x170/0x170
[  335.540157][ T7851]  ? ext4_xattr_set_credits+0x2f0/0x2f0
[  335.545736][ T7851]  ? posix_xattr_acl+0x93/0xb0
[  335.550538][ T7851]  ? evm_protect_xattr+0x36d/0x7a0
[  335.555671][ T7851]  ? ext4_xattr_trusted_get+0x40/0x40
[  335.561061][ T7851]  __vfs_setxattr+0x431/0x470
[  335.565777][ T7851]  __vfs_setxattr_noperm+0x12d/0x5e0
[  335.571102][ T7851]  vfs_setxattr+0x16c/0x2f0
[  335.575651][ T7851]  ? xattr_permission+0x470/0x470
[  335.580826][ T7851]  ? __mnt_want_write+0x223/0x2a0
[  335.585895][ T7851]  ? path_setxattr+0x314/0x550
[  335.590704][ T7851]  path_setxattr+0x362/0x550
[  335.595313][ T7851]  ? simple_xattrs_free+0x150/0x150
[  335.600537][ T7851]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  335.606535][ T7851]  ? lock_chain_count+0x20/0x20
[  335.611414][ T7851]  __x64_sys_lsetxattr+0xb8/0xd0
[  335.616370][ T7851]  do_syscall_64+0x55/0xb0
[  335.620798][ T7851]  ? clear_bhb_loop+0x40/0x90
[  335.625485][ T7851]  ? clear_bhb_loop+0x40/0x90
[  335.630178][ T7851]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  335.636091][ T7851] RIP: 0033:0x7fc138b8efc9
[  335.640559][ T7851] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  335.660201][ T7851] RSP: 002b:00007fc13996f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[  335.668675][ T7851] RAX: ffffffffffffffda RBX: 00007fc138de5fa0 RCX: 00007fc138b8efc9
[  335.676658][ T7851] RDX: 0000200000000800 RSI: 0000200000000180 RDI: 00002000000001c0
[  335.684636][ T7851] RBP: 00007fc138c11f91 R08: 0000000000000000 R09: 0000000000000000
[  335.692636][ T7851] R10: 0000000000000361 R11: 0000000000000246 R12: 0000000000000000
[  335.700644][ T7851] R13: 00007fc138de6038 R14: 00007fc138de5fa0 R15: 00007ffdfce87448
[  335.708642][ T7851]  </TASK>
[  335.711963][ T7851] Kernel Offset: disabled
[  335.716295][ T7851] Rebooting in 86400 seconds..