last executing test programs:

2m11.805185005s ago: executing program 0 (id=57):
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000000100)=@file={0x1, './file0\x00'}, 0x6e)
r1 = socket$netlink(0x10, 0x3, 0x4)
write(r1, &(0x7f00000000c0)="29000000140005b7ff000051915f95eb01010003a606a40e07fff024bb000000000000000040000000", 0x29)

2m11.699259153s ago: executing program 0 (id=58):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)

2m10.778812571s ago: executing program 0 (id=66):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a300000000040000000030a01080000000000000000010000000900030073797a320000000014000480080002400000000008000140000000000900010073797a300000000050000000060a010400000000000000000100000008000b40000000000900010073797a30000000002800048024000180090001006d65746100000000140002800800014000000012080002400000002114000000110001"], 0xd8}}, 0x0)

2m10.67634377s ago: executing program 0 (id=67):
syz_usb_connect$hid(0x4, 0x0, 0x0, &(0x7f00000007c0)={0xa, &(0x7f0000000280)={0xa, 0x6, 0x110, 0xf7, 0x0, 0xd2, 0xe9150fff66bda987, 0x7}, 0x0, 0x0})
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0xc048)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a78000000060a0b0400000000000000000200000038000480340001800b00010074617267657400002400028010000100434f4e4e5345434d41524b0005000300ef00000008000240000000000900010073797a30000000000900020073797a3200000000140005800800024000000000080001"], 0xa0}}, 0x0)

2m10.064365612s ago: executing program 0 (id=71):
sendmsg$GTP_CMD_DELPDP(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4040090}, 0x2400c8c1)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x83)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40086602, &(0x7f0000000000))
syz_read_part_table(0x1057, &(0x7f0000001080)="$eJzsz72JQkEUBeBz387APjbZWhY2sgkT+9F2rMLIVgQzK3jy/EuMRYTvY2AOw9wDN7zVYj8mX8/vy2qnVOonqUqmJN+ZpjHrMf1//tFadvPdD+mV5Pc2ucm9sB5tbT7tmnv+jpcwZFhtX74gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHyAcwAAAP//n28Ksw==")

2m9.72522087s ago: executing program 0 (id=76):
openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r0 = syz_io_uring_setup(0x231, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x0, 0x1}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0})
io_uring_enter(r0, 0x7a98, 0x0, 0x0, 0x0, 0x0)

1m54.660130474s ago: executing program 32 (id=76):
openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r0 = syz_io_uring_setup(0x231, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x0, 0x1}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0})
io_uring_enter(r0, 0x7a98, 0x0, 0x0, 0x0, 0x0)

1m8.432334831s ago: executing program 2 (id=625):
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000580)={0x1ff, 0x8, 0x2, {0x4, @vbi={0xae2, 0x8, 0x80, 0x3131354f, [0x1, 0x9], [0x1, 0x1000]}}, 0x8})

1m8.340485509s ago: executing program 2 (id=627):
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000000)={0x18, 0x0, {0x7, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x35}, 'macvlan1\x00'}}, 0x1e)
ioctl$PPPIOCGCHAN(r0, 0x80047437, &(0x7f0000000040))
syz_genetlink_get_family_id$ipvs(&(0x7f0000000200), r0)

1m8.19829531s ago: executing program 2 (id=629):
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
shutdown(r1, 0x0)

1m8.044588514s ago: executing program 2 (id=632):
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x800002, &(0x7f0000000000)={[{@noblock_validity}, {@dioread_nolock}, {@errors_remount}, {@minixdf}, {@jqfmt_vfsv0}, {@usrjquota, 0x2e}], [], 0x22}, 0x84, 0x464, &(0x7f0000000ac0)="$eJzs3EtvG0UcAPD/bpq+S0Ipjz6AQEFEPJImLdADFxBIvSAhwaEcQ5pWpWmDmiDRKqIpQuWI+gmAIxKfgBNcEHACcYU7QqpQLgQOaNHau6lx7GAncZ3g30/aeGZ31jt/7449O2MngJ41lP9JIvZGxM8RMRARffUFhqoPS4vzk38uzk8mkWWv/57ku8Ufi/OTZdGkeNxTZIbTiPTDJA43OO7slasXJqanpy4X+dG5i++Mzl65+sz5ixPnps5NXRo/efLE8bHnnxt/dkPi3JfX9dD7M0cOnnrz5quTp2++9d0XeX33Fttr46gaXPcxh2Jo+TWp9/i6n31z2VeTTrZ1sSK0JW/r+enqr7T/geiL2ydvIF75oKuVAzoqy7Jsx4q1yz2AhQz4H0ui2zUAuqP8oM/vf8vlDnY/uu7Wi9UboDzupWKpbtkWaVGmv+7+diMNRcTphb8+yZdoOA4BALCxvsr7P0836v+lcV9NubuKuaHBiLg7IvZHxD0RcSAi7o2olL0/Ih5o8/hDdfmV/Z8fd60psBbl/b8Xirmtf/f/yt5fDPYVuX2V+PuTs+enp44Vr8lw9O/I82OrHOPrl3/6uNm22v5fviz1x2TZFyzq8du2ugG6MxNzE+uJudat65UxwGsr40+WZwKSiDgYEYfW8Pw7I+L8k58fabZ9RfyL83Xxr2ID5pmyzyKeqJ7/haiLv5SsPj85ujOmp46NllfFSt//cOO1ZsdfV/wbID//uxte/8vxDya187Wz7R/jxi8fNb2n+e/4G1//25M3Kuntxbr3JubmLo9FbE8WVq4fv71vmS/L5/EPH23c/vdH/P1psd/hiMgv4gcj4qGIeLio+yMR8WhEHF0l/m9feuzttcffWXn8Z9o6/+0n+i5882Wz47d2/k9UUsPFmlbe/1qt4HpeOwAAANgq0sp34JN0ZDmdpiMj1e/wH4jd6fTM7NxTZ2fevXSm+l35wehPy5GugZrx0LFibLjMj9flj1fGjbMsy3ZV8iOTM9OdmlMHWrOnSfvP/drX7doBHdfWPFqzX7QBW5Lfa0Lv0v6hd2n/0Lu0f+hdjdr/tYilVXe63rHqAHeQz3/oXdo/9C7tH3qX9g89aT2/618tsf9Ua4XLf0DYoWpsgUTf5qhG24lIN0U11pZIN0c1qokdEdFq4Wt3rKV0+Y0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/wTAAD//7YA6Ok=")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000240)='./file0\x00')
creat(&(0x7f0000000300)='./file0\x00', 0x0)

1m7.645462787s ago: executing program 2 (id=637):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
sendmmsg$unix(r1, 0x0, 0x0, 0x8000)
write$UHID_INPUT(r1, &(0x7f0000002080)={0xfd, {"a2e3ad0e090d07f91b5e1a1887f70706d038e7ff7fc6e5539b0d3c0a6e089b3f32356c030890e0879b0a4cc6e70a9b334a959b669a240d0a0af3988f7ef319520100ffe8d178708c523c921b1b3d31070d07732f0acd3b78130daa61d8e8041800005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c580933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc50d003cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a873ecf313c7dddaa284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043a33007c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe0ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281010054fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee810060034c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)

1m7.119801922s ago: executing program 2 (id=642):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002640)=@delchain={0xf4, 0x65, 0x2, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x1}, {0x0, 0xb}}, [@TCA_CHAIN={0x8, 0xb, 0x6}, @TCA_CHAIN={0x8, 0xb, 0x6}, @filter_kind_options=@f_bpf={{0x8}, {0xb8, 0x2, [@TCA_BPF_FD={0x8}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}, @TCA_BPF_ACT={0x90, 0x1, [@m_simple={0x8c, 0x1e, 0x0, 0x0, {{0xb}, {0xc, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0x8, 0x3, 'bpf\x00'}]}, {0x56, 0x6, "9787c29d6ac649e7ec160dfef7c4cea330102e688fe12213d2bf7dae04880a34e7bf775010128401ec7b2a9ceab9c40c5f9bd00ceff17d69ca7a27324ef7a1ad28d4b3c6a826826e9c291c16ab3d13e1f337"}, {0xc, 0x7, {0x0, 0x79d0f023c2b305dd}}, {0xc, 0x8, {0x3, 0x2}}}}]}, @TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x3}, @TCA_BPF_FD={0x8}]}}]}, 0xf4}, 0x1, 0x0, 0x0, 0x81}, 0x20000080)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})

1m6.699524167s ago: executing program 33 (id=642):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002640)=@delchain={0xf4, 0x65, 0x2, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x1}, {0x0, 0xb}}, [@TCA_CHAIN={0x8, 0xb, 0x6}, @TCA_CHAIN={0x8, 0xb, 0x6}, @filter_kind_options=@f_bpf={{0x8}, {0xb8, 0x2, [@TCA_BPF_FD={0x8}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}, @TCA_BPF_ACT={0x90, 0x1, [@m_simple={0x8c, 0x1e, 0x0, 0x0, {{0xb}, {0xc, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0x8, 0x3, 'bpf\x00'}]}, {0x56, 0x6, "9787c29d6ac649e7ec160dfef7c4cea330102e688fe12213d2bf7dae04880a34e7bf775010128401ec7b2a9ceab9c40c5f9bd00ceff17d69ca7a27324ef7a1ad28d4b3c6a826826e9c291c16ab3d13e1f337"}, {0xc, 0x7, {0x0, 0x79d0f023c2b305dd}}, {0xc, 0x8, {0x3, 0x2}}}}]}, @TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x3}, @TCA_BPF_FD={0x8}]}}]}, 0xf4}, 0x1, 0x0, 0x0, 0x81}, 0x20000080)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})

52.657695844s ago: executing program 3 (id=746):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000004c0)=""/249, 0xf9}], 0x1}, 0x0)
close(r0)
sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x810100, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1, 0x0, 0x0, 0x3}, 0x0)

52.47181153s ago: executing program 3 (id=748):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x9, 0x17, 0x8, 0x40, 0x42, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000580), 0x1000, r0}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000001600)={r0, &(0x7f0000000580), &(0x7f0000001580)=""/92}, 0x20)

52.323957422s ago: executing program 3 (id=750):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000000000)={0x10, 0x0, 0x2ddfdbff, 0x2ffffffff}, 0xc)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000000000)={0x10, 0x0, 0x2ddfdbff, 0x2ffffffff}, 0xc)

52.203955122s ago: executing program 3 (id=752):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_AUTHENTICATE(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000580)={0x4c, r1, 0x1, 0x20000002, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x14b4}], @key_params=[@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_KEY_DEFAULT={0x4}, @NL80211_ATTR_KEY_DEFAULT_MGMT={0x4}], @NL80211_ATTR_AUTH_TYPE={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

52.150930577s ago: executing program 3 (id=754):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x83)
sendmsg$nl_route_sched_retired(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newtaction={0xf0, 0x32, 0x205, 0x70bd2d, 0x25dfdbfc, {}, [{0xc9}]}, 0xf0}, 0x1, 0x0, 0x0, 0x85}, 0x8000)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40086602, &(0x7f0000000000))
fstat(r0, &(0x7f0000000340))

52.049181645s ago: executing program 3 (id=755):
r0 = socket$netlink(0x10, 0x3, 0x15)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'adiantum(xts-twofish-avx,camellia-asm,cbcmac(aes))\x00'}, 0x58)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="04010000100053"], 0x104}, 0x1, 0x0, 0x0, 0x20040890}, 0x200080c0)

36.799634144s ago: executing program 34 (id=755):
r0 = socket$netlink(0x10, 0x3, 0x15)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'adiantum(xts-twofish-avx,camellia-asm,cbcmac(aes))\x00'}, 0x58)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="04010000100053"], 0x104}, 0x1, 0x0, 0x0, 0x20040890}, 0x200080c0)

5.102813539s ago: executing program 5 (id=1083):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_mount_image$f2fs(&(0x7f0000010600), &(0x7f0000000100)='./file2\x00', 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="002afdae3565781009f76e97b48ab97bfb17214266c0e5b703257a3d77ba65f617bee62a9d1612402e69cc86c8fce5989be545ce26a9c4f5f2165f08000000b40d94de59edbb0507bf01e357e13bef384234e823d8137beac1c0afb4464b4d16006b7691ea638989f6f567a2817567b9c1606c0a15f5a0dbce62f673cd22ef303bcddff402dacf8c1372a5e8ff5bc596a5375037cf99b4ee7eb6f41587c2904d5cc071c32bc429a286bddc094a"], 0x1, 0x10600, &(0x7f0000020cc0)="$eJzs3D1vW1UYB/DHCX2llAr1hQHElRBSItVWnb4IFlSgFSDaqqIwMIFju5Zb2zeK3cR0YYEBiYmFL8EEn4EFdlZY2FhAYqso8r0niEAlIHHjQH4/6eZ/7vG5j8+xvBzf6AawZx3Lfvm5EkfjUETMR8SRiKJdSUfhYhlPRsQzqWsuHZXU/3vH/og4HBFHJ8XLmpX00lO/3vv+i2+uPP3xd59++8FnP92YzYqB3eC5iOivlO31fpl5p8xbqb+x1i2yf24tZflC/3Y6z8tcby8XFdYbG+MaRZ7tlOPzlTvDSd7sNZqT7HRvFv0rg/INh2udjTrFBbcaq8V5q71cZHeYF9m5W85rnPLucFTWaaV67xflYzTayLK/PW6X61m5XWRzMEr9Zd281R5Pci1lerto5r1WMY/lLX/Mu96V7uDOOFtrrw67+SA7X6s/X6tfqNZX81Z71D5XbfRbF85lC53eZFh11G70L3byvNNr15p5fzFb6DSb1Xo9W7jUXu42Blm9XjtbO1M9v5hap7NXr72d9VrZwiRf7g7ujLq9YXYzX83KKxazpdrZFxazZ+vZjavXs+tvXr589fpb715659pLV19/JQ36y7SyhaUzS0vV+pnqUn1xqys/fb+0V9dfGle2dz17nO8PwL+2lf3/nP0/sE32//b/saf3/9Yf9v9sl+8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCe9cO+L18rGsfK80dT/2Op64mIOBURJyPiRETcf4D52L+p5vGIqKT2g8bv+9McvqpEUWFyzYF0HI6Ii+m49/jD/hQAAADg/+vzrz/8KGJ+0iz+vDjrCbGT0o82B6dVr/jJ55FpVTteFBtPqdqJjZJTcTIi9h37cUrVTkXE3JH3plTtH5nfFAf/EJUy5nZyNgAAwM7YvBOY2u4NAACAXeeTWU+A2Sju16b/xU/3gg+UkW4IHto4e2MGswMAAACmoTLrCQAAAAAPXbH///vn/817/h8AAAD8h5XP/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOA3du7mNnEgigP4A9YL+6VFKz5a4bTaIweK2BJyTAFJN7lRQyREHeSWEiKIsCdSHHGI5DFO0O8nmRlb8Nczt+exBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoE0PxXp5t725bZqzPzST524AAACAU3bFellOxtX5j3T9V7r0JyLmETGLiGlEnOrdB/G1ljmJiF6an/p+8aaG+4gy4fibYTq+R8S/dDz9bvtfAAAAgMu13SxWEYPjtPz423VBnFN6aDPKlVc+8vmSK21Shl1nSpu+RGYxi4hi/JgpbR4R/Z//M6W9y6A2jF4NvWron7MaAADgPOqdQLbuDQAAgA/nqusC6Ea5XpvexU9rwcNqSAuC32pnAAAAwCfU67oAAAAAoHVl/2//PwAAALhs1f5/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtGlXrJfbzWLVNGd/aCbP3QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLM/LykYwkAQBvt/qncK3v9WSoNudeWuCgIfM4QQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCuv4+R9xqexJvl22vh1PJL8u2pMXTXmrhtLL4zb57bnfwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALCzPy8nAAIxGAbjW3ta7L8mL8oPevYmCDMgfCQEWQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBvuvur/okhsVfVmGliyrhV1ZxVYskqseYgseWgvf3tOD94EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMUOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrADBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRX2590mYiCMwuj1AAInBFACucWjBhIiBCXwkJAsuQYKoCESIlKLRtgWdiXvON7MG+w5yf2CCeYHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4OCsd744StKkzFlSHj4v/4+TnKR8jeP96ZTN9+pvONvm88/vY82LPF21Sdo0S5wDALC4bt4pzvP+0b9dJ9Pe1L2te1e3exn61/1+GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA27NzPSxRvHAfwZ1d3v1+7dekQBWVBQtT6A3EVL0WBBf0D3hbdRFpL1ENKEHaRLkGX7l261M1Tp/6DTl0iCuq+QUEEQRi7O2OPqbFedlZ6veCZ+TgMM88zB+E9n1EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOoL4ezqd1LoRwvPd33fD2y72Zvfb1+8dG0/Ho5PPF+JqNSxRCCDfna9XBDq6lm50Nw839h88PB+Jn+Od5y6trtyq1WnVJoVAotosMfmkBAHBoFZLRyPUfC5tTjWO5yRC2nu7M/+eiOrSZ/7eeDLyO7xXn/6GOrbC7pfl/+vrGxN/yf2llYbG0vLp2YX6hMledq94eGhsfGxwpjw6PlZrvU0reqgAAALC/YjLi/J+f3N3/PxLVoc38/+rlten4Xj3y/y5p/r/c3/+svf5/BpMEAAD4Rxw99e1rbo/juWIx3K2srCwNtbbbPw+3thlM9cD+S0ac/3sms54VAAAA0An19dyO/v9sVIc2+//vv185EV+zJ4TQl/T/L87cqc12bjldK+3/T1yq3Mj67/8zWD4AAAAd0peMuP9faH7/nz+dnpMPIQycadXJvwFsK///fDD+Jr5X/P3/SOeW2JXy5dbzSPP/xrsX8/vl/+a55RB6yxlNFgAAgEPv/2Q08v+nwubU0o/HV4u+/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgF/s2DFKM0EUB/BJNvm+RjEgiKWFNhaigmAVsBAkHsJCFASPEBAPoOBZLLyDSOqk9AApvIHMZEfCNirIrobfDyb/R9hk3840eQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgE9Nj8JGrov40pvV7fK98dvwPOakkumzN2sHccW6VW/bf856mc+T06fx3B62DpvrCQAAgMVT5Pk+hPDafTyJ2e6n+X8rXxNn/uHyrM7zfHXuz5ln/7iWHoqzjxv1ZvfphhAur64vdmt7wt9tM+ynHLxs38/vYfW6lS98VyedT/qHpkjH1h7crk67addbd6PR8b9U/v/5pwAAvmsnZ1nk30cx95psDICF1SlXmJv/i36zPQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADU4T0AAP//F6aahA==")
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file0/file0\x00', 0xffffffffffffff9c, &(0x7f0000001240)='./file1\x00', 0x2)

3.448047009s ago: executing program 5 (id=1090):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000013c0)="d0", 0x1}], 0x1}, 0x20000801)
sendmsg(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000003040)='#', 0x1}], 0x1}, 0x4)
recvmsg(r1, &(0x7f0000000800)={0x0, 0x0, 0x0}, 0x0)

2.727750579s ago: executing program 1 (id=1099):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000180)='cpuset.cpu_exclusive\x00', 0x2, 0x0)
read(r1, &(0x7f0000000580)=""/247, 0xf7)

2.529959306s ago: executing program 1 (id=1102):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x40282, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000140)=0x2)
ioctl$PPPIOCSFLAGS1(r0, 0x40047459, &(0x7f00000000c0)=0x41)
pwritev(r0, &(0x7f0000000040)=[{&(0x7f0000000080)="80fd020000e8", 0x6}], 0x1, 0x0, 0x0)

2.502610329s ago: executing program 6 (id=1103):
r0 = syz_usbip_server_init(0x1)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000040260933334000000000010902"], 0x0)
openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$usbip_server(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="0000000300000001"], 0x35)

2.283959907s ago: executing program 1 (id=1105):
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @local}, 0xc)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000300)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x5ac, 0x262, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="002205000000"], 0x0}, 0x0)

2.114973981s ago: executing program 5 (id=1107):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000002c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f00000000c0)={0x28, 0x7, r1, 0x0, &(0x7f0000ffb000/0x4000)=nil, 0x4000})
ioctl$IOMMU_IOAS_COPY$syz(r0, 0x3b83, &(0x7f0000000080)={0x28, 0x10000, r1, r1, 0x3a7f36, 0x0, 0x3, 0x2f98d2})

1.959924255s ago: executing program 5 (id=1108):
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000140)={0x5, "abacd211119c89f099de9b26aeb58b2c7b9ca5fa0755810804000004230ee042"})
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000480)={0x400, "f66840796d526401512b9b06979dbbd64d21ad840ea77a8901e984775f6519fc"})
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000f40)={0x8, "b546baa5cc590d3033de259c2996817bb959ebab028deda525e19bdeffafde25"})

1.925104047s ago: executing program 5 (id=1109):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000140)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000000)='R', 0x1}, {&(0x7f0000000480)='&', 0x1}], 0x2, 0x0, 0x0, 0x40000}, 0x4040881)

1.863799663s ago: executing program 5 (id=1110):
r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x54c, 0x5c4, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000200)={0x24, 0x0, 0x0, &(0x7f0000000140)={0x0, 0x22, 0x5, {[@global=@item_4={0x3, 0x1, 0x4, "7738e21f"}]}}, 0x0}, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000880)={0x84, &(0x7f00000003c0)={0x0, 0x6, 0x10, "711900797b56846b16efc33779dd8380"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

988.011177ms ago: executing program 6 (id=1112):
socket(0x2, 0xa, 0x0)
syz_mount_image$minix(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000000100)=ANY=[], 0xa, 0x234, &(0x7f0000000900)="$eJzs279rE2Ecx/HPXS7pNdpWrDqIQlGsLjb+mBxE3Tr1H+hU2qjFE6tVsEWwWdRB6OTm4iQIDo4idRMn/wAHwU0pdgg4OfTkzvvR5JLmB5ecpO/X0ueez/Pkee7oJd82iQDsWVc1IUOGCt7BMfvA+riR9ZYA9Ikb/Ny23JgZhgAG282RrHcAIBtb16SXp6Rf1UfzyhXCssCrAL5tStqYfKo1Bbk5JOn1F8mK6oetinTUCnLD1nB9ffFKOh3ON4q14UNbqkjFKN+3IxyWKq7/+GdOhuvv14hGNZb38oMaD9ZfiOYfaVnvWJ2XSAAADBxDU63yXQeYur7olM81zfN+fr5pXvDzCy3yi9HxUNSafTHz4IN7edvLp+bvOAu7bRNAA2YX9//X43E71+L+t5rc//V/JwDov+WV1VtzjuM+lvxG+V7QEzTC/wjEPbnEmFQa4XsObQwO36FMRN5j7OjJJaevTybPPb2zMOONjUnqzYX6jxtqEH2f/ndNoh6zF1e+pnHi558nS8/fvW9n8NsOlzCj37rZjXK1boxMqYfnNZG4C+Ycu73pxprrdrhow6eL+MMBdtrPRAD6rXT/9lJpeWX17GJO0o1yPnzBn/6x6Vf2pZr6Pp/dTgGkLX7Rb5RWEj1u7eHMp8+/q5fePOti5SuSPha7mAgAAAAAAAAAAAAAAOoc0uGstwAAAACgT5Lf/rk7mvZXl7I+RwAAAAAAAAAAAAAAAAAABs3fAAAA///PtQqI")
sync()
truncate(&(0x7f00000003c0)='./file2\x00', 0x1bfc)

703.384521ms ago: executing program 6 (id=1114):
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000000)='./bus\x00', 0x0, &(0x7f0000000040)=ANY=[], 0xfd, 0x386, &(0x7f00000007c0)="$eJzs3c9rI2UYwPFn0jQ/WrbJQRQF6YNe3MvQVs9qkS4IBZfuRtwVFma3Uw0dkzITKhGx8eRVvPkPCC578LDgoaD+A714Wy9ePG0vC4IuIo7MryTTnSZNmqXp9vuB3bzJ+z6Z950f5XkD887hB19/sr3lmVtWS3Klh2KIiDwWqUpOEkb0UpAMnb3L838+ePnajZtFEVnbUL2yev31FVVdWPzp08/LcbP9ohxUbx0+Wvnj4PmDFw//u/5x3dO6p41mSy293fy9Zd12bN2se9um6lXHtjxb6w3PdqP6ZlS/5TR3dtpqNTYvze24tuep1Wjrtt3WVlNbblutj6x6Q03T1EtzWd2NFQfUnVelMWJqdzc2rNUxN3hnzDhM2j++7w+odt1Va0bEDC7GTqqmdvep9w0AAEyddP6v3yYJe1Vy3YTSiOcChbCcngZ05PJ8Ul5fX9vQYLLQy//vvfJLa/79+wv7QcZ963C/kJX/v/FbFJ/K/4OtTzz///7I+/LkduS02Bul8anyf0yHxfQV+bA3Y48F+X9wNXRn9F9+eG8pLJD/AwAAAAAAAAAAAAAAAAAAAABwHjz2/Yrv+5XkNfnXu4Ugfh8yOgNvNMa5k5Ps41+MVxTong94Jl27cVNK4Y17+QUR56vd2m4teo3rk4ZLUpF/w/MhFi04Ea0noIGq/Ozs7dZm44CZ8P/Vgqg4YsuyVKSaig/LV95dX1vWSBQfbn9vt2bk54L4LamH8StSkeey41cy4wvy2qt98aZU5Nc70hRHNsPzuhf/xbLqO++tH4kvh+2yvPV0DwkAAAAAABNnqpbi6XM1Pf+N5u+mqZpVL9VoDc3u/PrJ3we68+ulzPl5vvJS/owHDwAAAADABeEVPtu2HMd2vfaxhbIMa5M8T2Pw92QX8qM0DgoPwsLsoDYzfSM86TcX4idojNB5GW2kluP8VZTMnZks4ZqqKp1ir1pOMv4TNC6NeghcLzf62G3XWwz6o2MNp6+Q/GwUfTLzxK6Tq8eF/2AkUaNtNFk5d1jjF7757u/xxmXEq/b2V715v5Qa6THhxpFPOkNO2ke+P7Q/s9l/LX4c5yEzAAAAAKZEkvSXveSTt8+2QwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXECnW4ntZIWzHiMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwLf4PAAD//5QI8Zs=")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f00000000c0)=""/85, 0x55)
getdents(r0, 0xfffffffffffffffd, 0x58)

638.039226ms ago: executing program 4 (id=1115):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_CQM(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_CQM={0x8, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_THOLD={0x4}]}]}, 0x24}}, 0x0)

590.41524ms ago: executing program 6 (id=1116):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0)
fsetxattr$system_posix_acl(r0, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f00000000c0)={{}, {}, [], {0x4, 0x1}, [{0x8, 0x6}], {0x10, 0x3}, {0x20, 0x7}}, 0x2c, 0x1)
setreuid(0xffffffffffffffff, 0xee01)
mount$tmpfs(0x0, &(0x7f0000000540)='./cgroup\x00', 0x0, 0x0, 0x0)

471.17262ms ago: executing program 4 (id=1117):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendto$inet6(r0, &(0x7f0000000080)="b3019c28", 0x4, 0x4, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000140)=0x6, 0x4)
recvmmsg(r0, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)=""/239, 0xef}, 0x2}], 0xa, 0x10162, 0x0)

463.426801ms ago: executing program 6 (id=1118):
r0 = syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000280)={[{@noload}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1}}, {@bh}, {@noload}, {@data_err_ignore}, {@usrjquota}]}, 0xfe, 0x44d, &(0x7f0000000900)="$eJzs3MtvG8UfAPDvrp30/Ut+UB4tLQQKouKRNOnzwKUIJA4gIcGhiFNI0qrUbaAJEq0qKBzKEVXijjgi8RdwggsCTkhc4Y4qVaiXFiQko13vpsa107hx6rb+fKRNZrzjzHx3d+zZGTsBDKyx7EcSsTkifouIkUb2vwXGGr+uXTk389eVczNJ1Otv/Jnk5a5eOTdTFi2ft6mRqdeL/Lo29V54O2K6Vps7XeQnFk++N7Fw5uzzx09OH5s7Nndq6tChfXt3Dh+Y2t+TOLO4rm7/aH7HtlfeuvjazJGL7/z0TdbezcX+5jh6ZaxxdNt6qteV9dmWpnRS7WND6EolIrLTNZT3/5GoxIalfSPx8qd9bRywpur1er3d+3PhfB24hyXR7xYA/VG+0Wf3v+V2m4Yed4TLhyPeP9iI/1qxNfZUIy3KDLXc3/bSWEQcOf/3l9kWazQPAQDQ7LvDEfFcu/FfGg82lftfsYYyGhH/j4j7IuL+iNgaEQ9E5GUfioiHu6y/dYXkxvFPeumWAluhbPz3QrG2tTT++6eex18YrRS5LXn8Q8nR47W5PcUx2R1D67L85DJ1fP/Sr5932tc8/su2rP5yLNiQXqq2TNDNTi9OrzLsJZc/idhebYk/l0S5jJNExLaI2N7VX75+h3H8ma93dCp18/iX0YN1pvpXEU83zv/5aIm/lHRcn5w8eGBq/8T6qM3tmSivihv9/MuF1zvVv6r4eyA7/xtbr//cUvyjyfqIhTNnT+TrtQvd13Hh98863tPc6vU/nLyZp4eLxz6cXlw8PRkxnLx64+NT159b5svyWfy7d7WLP81f48oj8UhEZBfxzoh4NCIeK9r+eEQ8ERG7lon/xxeffLf7+JeZle+hLP7Zm53/aD7/3ScqJ374tvv4S9n535endhePrOT1b6UNXM2xAwAAgLtFmn8GPknHl9JpOj7e+Az/1tiY1uYXFp89Ov/BqdnGZ+VHYygtZ7pGmuZDJ4u54TI/1ZLfW8wbf1HZkOfHZ+Zrs/0OHgbcpg79P/NHpd+tA9ac72vB4NL/YXDp/zC49H8YXPo/DK52/f/jPrQDuP28/8Pg0v9hcOn/MLj0fxhIHb8bn67qK/8S93wi0u6fVY07pPF3U6K64n9mcYuJdW139fuVCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDf+DQAA//9X4u4v")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
truncate(&(0x7f0000000000)='./file1\x00', 0x100003)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0x40305829, &(0x7f000001f580)={0x17c04, r0, 0x9, 0x9457b83, 0x8})

456.905821ms ago: executing program 1 (id=1119):
syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f0000000200)='./file0\x00', 0x3200014, &(0x7f00000000c0)=ANY=[], 0x1, 0x625, &(0x7f0000002c40)="$eJzs3U9oHNcdB/DvrFay5IKjJHZiSqAihrRU1NYflFa92C2l6BBKSA+9VthyLLxWgqQUJYdW/X/tIddCetCtp0Lvhvbc3HLVMVDoJSdBDyozO7ta2autLNvSKvl8zNv33r437735zcyudhczAb6ylqbTfJgiS9NvbZX1n+/Mt3Z35i/Uza0kZbmRNNtZirWk+efkVtopoz3DFUfN8/Hq4juffbH7ebvWrFPVv3F4iJPYrlOmkozUebJ/4XC3AdPs7x853u3ueCdVdCNTBuxamW8/1YDwbOw/pnNm/vc4mx95vQPnR9F+33zMZHIxyXj9d0DqV4fG6a7u2fP+CwAAwFfBC3vZy1YunfU6AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Dyp7/9f1KnRKU+l6Nz/f6x+LnX5nCkO1R6e2ToAAAAAAAAA4Nn5xl72spVLnfp+Uf3m/3pVuVw9fi0fZCMrWc/1bGU5m9nMemaTTPYMNLa1vLm5PnuMLef6bjl3OvsLAAAAAAAAAOfHzSfp/JssHfz+DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAw6BIRtpZlS53ypNpNJOMJxkr+20nn3bK59nDs14AAAAAnIIX9rKXrVzq1PeL6jP/K9Xn/vF8kLVsZjWbaWUld6rvAtqf+hu7O/Ot3Z35B2V6fNwf/OeJllGNmPZ3D/1nvlr1mMjdrFbPXM/tvJdW7qRRbVm62llP/3X9ulxTcbOtOObK7tR52f9PdT4cJquIjHYjMlOvrYzGi4Mj8YRH59GZZtPofvNz+dGZRg5teijmN48538U6L/fnD0Md87n67Pu0vGYGxzz55t//+rN7rbX79+5uTA/PLp1QHYntZh2J+Z7r8NVzGonRE201U0XiSre+lB/np5nOVN7e/1WSX2Q5m1nJVH5UlZZTdM/oycGRunWo9vb/W8lYfVzal+ARa8p6Vvus6fVq20tZzU/yXu5kJW9W/+Yym+9mIQtZ7DnCV47xStt4sqv+2rfqwkSSP9b5MBit4vpiT1x7X3Mnq7beZw6i9NLRUSpO+NrY/HpdKOf4bZ0Ph0cjMdsTiZcHny9/2S8fN1pr99fvLb9/zPneqPMylL8fqneJ8nx5qTxYVe3w2VG2vdy3bbZqu9xtazzWdqXb1vdKXe/Mv1j1fqXvSHNV26t92+artqs9bf3+3gJg6F389sWxiX9P/Gvik4nfTdybeGv8hxe+d+G1sYz+c/T7zZmRNxqvFX/LJ/nlwed/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg5DY+/Oj+cqu1sj6g0LnBzqA+T1so6hv5PMcpFIaskPGhWMbzLDQzFMs40dEBvuRubD54/8bGhx99Z/XB8rsr766sjS4sLM4sLrw5f+Puamtlpv141qsEnoeDN/2zXgkAAAAAAAAAAABwXKfx3wnOeh8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA821pOs2HKTI7c32mrO/uzLfK1Ckf9GwmaSTjZbn4R3Ir7ZTJnuGKo+b5eHXxnc++2P38YKxmp39j0HZ9jT76xHadMpVkpM6fwqHxbj/1eEV3D8uAXesEDs7a/wIAAP//XHoJeA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
lseek(r0, 0x3, 0x0)
getdents64(r0, 0x0, 0x22)

358.82333ms ago: executing program 4 (id=1121):
r0 = mq_open(&(0x7f0000000340)=':\x00', 0x40, 0x1a, 0x0)
r1 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000500)={0xe000200c})
ppoll(&(0x7f0000000100)=[{r1, 0x100}], 0x1, &(0x7f0000000140), 0x0, 0x0)

277.281466ms ago: executing program 1 (id=1122):
syz_mount_image$minix(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="00bf85753904087c9896c2aa3ec19388fbeb9d068cacc5c62aca9d0f39d19ec4325b7c8a83afe2a15388d9683ee5fd8cfb5b79816be65476148ac53452f0a9ba744cec4403e5b077835071dc4b79"], 0x1, 0x17c, &(0x7f00000003c0)="$eJzs20tOKkEUxvGvm9e93PdrckcmGnUijaCGKUsh0BJio0YcCDFRl+LKdAGQ6AZskwKjEPoRDHSE/y8hVeFwOKcGBYcBArCyfkqyZCkjyff9q4sNS2tJNwVgIXw9+QBWVeoh6Q4AJGNQTZk54F7S3eNlvT96ZGLOD4OqbdZrSf03+dm4+TeWWf+nx/Nzkj7FmV9uh/lbE/U/m2ej3+Glfn4iPx+7/+H5t9fH879I+irpm6Tvkn6Mfmv9kvR7Sv3GRP1/MesD72GpYNZccLwQlm/rsOW5xcB4xsR3A+NZEy9FxMuB8ZyJF+onXiOsTQBT2Aq53nb0/U9F3P90xP0HkJxOt3dU8zz3jA0bNsu22Zw9PelPJgDz5py3T51Ot7fTateabtM9LpUq5fJ+8WCv4pjJ3gmf7wF8XK9f+kl3AgAAAAAAAAAAAAAAZvVH0t/IV1kL6QUAAADAfC3iT0hJnxEAAAAAAAAAAAAAAAAAAABYFs8BAAD//xyGUQ8=")
mount$bind(&(0x7f0000000c40)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2901099, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
umount2(&(0x7f0000000480)='./file0\x00', 0x1)

268.951227ms ago: executing program 4 (id=1123):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000100)={0x4, <r2=>r0})
ioctl$sock_inet_udp_SIOCINQ(r2, 0x541b, 0x0)

124.821349ms ago: executing program 1 (id=1124):
socket(0x2, 0xa, 0x0)
syz_mount_image$minix(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000000100)=ANY=[], 0xa, 0x234, &(0x7f0000000900)="$eJzs279rE2Ecx/HPXS7pNdpWrDqIQlGsLjb+mBxE3Tr1H+hU2qjFE6tVsEWwWdRB6OTm4iQIDo4idRMn/wAHwU0pdgg4OfTkzvvR5JLmB5ecpO/X0ueez/Pkee7oJd82iQDsWVc1IUOGCt7BMfvA+riR9ZYA9Ikb/Ny23JgZhgAG282RrHcAIBtb16SXp6Rf1UfzyhXCssCrAL5tStqYfKo1Bbk5JOn1F8mK6oetinTUCnLD1nB9ffFKOh3ON4q14UNbqkjFKN+3IxyWKq7/+GdOhuvv14hGNZb38oMaD9ZfiOYfaVnvWJ2XSAAADBxDU63yXQeYur7olM81zfN+fr5pXvDzCy3yi9HxUNSafTHz4IN7edvLp+bvOAu7bRNAA2YX9//X43E71+L+t5rc//V/JwDov+WV1VtzjuM+lvxG+V7QEzTC/wjEPbnEmFQa4XsObQwO36FMRN5j7OjJJaevTybPPb2zMOONjUnqzYX6jxtqEH2f/ndNoh6zF1e+pnHi558nS8/fvW9n8NsOlzCj37rZjXK1boxMqYfnNZG4C+Ycu73pxprrdrhow6eL+MMBdtrPRAD6rXT/9lJpeWX17GJO0o1yPnzBn/6x6Vf2pZr6Pp/dTgGkLX7Rb5RWEj1u7eHMp8+/q5fePOti5SuSPha7mAgAAAAAAAAAAAAAAOoc0uGstwAAAACgT5Lf/rk7mvZXl7I+RwAAAAAAAAAAAAAAAAAABs3fAAAA///PtQqI")
sync()
truncate(&(0x7f00000003c0)='./file2\x00', 0x1bfc)

124.03881ms ago: executing program 4 (id=1132):
r0 = socket$inet_sctp(0x2, 0x800000000000001, 0x84)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sync_sock_size\x00', 0x2, 0x0)
write$cgroup_int(r1, &(0x7f0000000340)=0x4, 0x12)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x48b, &(0x7f0000000000)={0x2, 'hsr0\x00', 0x4}, 0x18)

39.480777ms ago: executing program 6 (id=1125):
writev(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f00000001c0)="390000fa461ad7e48489bffa56020013001118680907071200000f0000ff3f21000000170a00170000000004001407100003000131d7b2d0370a00f302415af0083f52b3ac322264dd24", 0xa2}], 0x1)
r0 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x0)
setreuid(0x0, 0xee00)
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f00000000c0)=ANY=[@ANYRES64=r0])

0s ago: executing program 4 (id=1126):
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000240)=@newlink={0x68, 0x10, 0x503, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, 0x1c635, 0xef}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x34, 0x2, 0x0, 0x1, [@IFLA_GRE_LOCAL={0x14, 0x6, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @IFLA_GRE_REMOTE={0x14, 0x7, @remote}, @IFLA_GRE_LINK={0x8, 0x1, r2}]}}}]}, 0x68}, 0x1, 0x0, 0x0, 0x200488c0}, 0x0)

kernel console output (not intermixed with test programs):

966] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  139.341664][ T6966] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  139.660504][ T6973] loop2: detected capacity change from 0 to 512
[  139.883949][ T6986] loop3: detected capacity change from 0 to 512
[  139.893524][ T6986] EXT4-fs: Ignoring removed nobh option
[  139.921780][ T6986] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.402: iget: bad i_size value: 38620345925642
[  139.960329][ T6986] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.402: couldn't read orphan inode 15 (err -117)
[  139.998176][ T6986] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  140.140004][ T5793] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.183013][ T6995] loop2: detected capacity change from 0 to 8192
[  140.207222][ T6995] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  140.236374][ T6995] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal
[  140.260888][ T6995] REISERFS (device loop2): using ordered data mode
[  140.276332][ T6995] reiserfs: using flush barriers
[  140.293473][ T6995] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  140.310762][ T6995] REISERFS (device loop2): checking transaction log (loop2)
[  140.329979][ T7002] netlink: 16 bytes leftover after parsing attributes in process `syz.4.410'.
[  140.332331][ T6995] REISERFS (device loop2): Using r5 hash to sort names
[  140.347396][ T6995] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage.
[  140.755713][ T7014] loop2: detected capacity change from 0 to 64
[  140.819111][ T7004] loop3: detected capacity change from 0 to 32768
[  141.423558][ T7027] loop3: detected capacity change from 0 to 512
[  141.436289][ T7027] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  141.454342][ T7027] EXT4-fs (loop3): 1 truncate cleaned up
[  141.461763][ T7027] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  141.496943][ T7027] fscrypt (loop3, inode 18): Direct key flag not allowed with different contents and filenames modes
[  141.582574][ T5793] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.712610][ T7025] loop2: detected capacity change from 0 to 32768
[  141.721157][ T7025] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.421 (7025)
[  141.744269][ T7025] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  141.754888][ T7025] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  141.766543][ T7025] BTRFS info (device loop2): force clearing of disk cache
[  141.775776][ T7025] BTRFS info (device loop2): metadata ratio 0
[  141.782480][ T7025] BTRFS info (device loop2): enabling ssd optimizations
[  141.792123][ T7030] loop3: detected capacity change from 0 to 8192
[  141.796368][ T7025] BTRFS info (device loop2): using spread ssd allocation scheme
[  141.813745][ T7030] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  141.826865][ T7025] BTRFS info (device loop2): using free space tree
[  141.838090][ T7030] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal
[  141.852943][ T7030] REISERFS (device loop3): using ordered data mode
[  141.859685][ T7030] reiserfs: using flush barriers
[  141.867267][ T7030] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  141.881514][ T7025] BTRFS info (device loop2): auto enabling async discard
[  141.886001][ T7030] REISERFS (device loop3): checking transaction log (loop3)
[  141.897006][ T7025] BTRFS info (device loop2): rebuilding free space tree
[  141.901874][ T7030] REISERFS (device loop3): Using rupasov hash to sort names
[  141.914475][ T7030] REISERFS (device loop3): using 3.5.x disk format
[  141.994091][ T5791] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  142.272382][ T7055] loop4: detected capacity change from 0 to 2048
[  142.288898][   T27] audit: type=1326 audit(1753827774.481:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7056 comm="syz.3.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd0ab8e9a9 code=0x7ffc0000
[  142.305904][ T7055] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  142.350715][   T27] audit: type=1326 audit(1753827774.481:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7056 comm="syz.3.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd0ab8e9a9 code=0x7ffc0000
[  142.396696][   T27] audit: type=1326 audit(1753827774.491:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7056 comm="syz.3.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcd0ab8e9a9 code=0x7ffc0000
[  142.445087][   T27] audit: type=1326 audit(1753827774.491:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7056 comm="syz.3.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd0ab8e9a9 code=0x7ffc0000
[  142.474890][   T27] audit: type=1326 audit(1753827774.491:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7056 comm="syz.3.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd0ab8e9a9 code=0x7ffc0000
[  142.536483][   T27] audit: type=1326 audit(1753827774.491:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7056 comm="syz.3.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcd0ab8e9a9 code=0x7ffc0000
[  142.588610][   T27] audit: type=1326 audit(1753827774.531:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7056 comm="syz.3.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd0ab8e9a9 code=0x7ffc0000
[  142.650313][   T27] audit: type=1326 audit(1753827774.531:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7056 comm="syz.3.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fcd0ab85967 code=0x7ffc0000
[  142.679893][   T27] audit: type=1326 audit(1753827774.531:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7056 comm="syz.3.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcd0ab2ab89 code=0x7ffc0000
[  142.900869][ T7074] loop2: detected capacity change from 0 to 512
[  142.965928][ T7074] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.006477][ T7074] ext4 filesystem being mounted at /134/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  143.175084][ T5791] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.273814][ T7088] loop1: detected capacity change from 0 to 128
[  143.751824][ T7075] loop3: detected capacity change from 0 to 32768
[  143.782587][ T7075] XFS: ikeep mount option is deprecated.
[  143.808656][ T7097] loop4: detected capacity change from 0 to 4096
[  143.870628][ T7105] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  143.933064][ T7075] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  144.102774][ T7118] loop2: detected capacity change from 0 to 64
[  144.169081][ T7075] XFS (loop3): Ending clean mount
[  144.198363][ T7075] XFS (loop3): Quotacheck needed: Please wait.
[  144.281293][ T7075] XFS (loop3): Quotacheck: Done.
[  144.444402][ T7124] loop2: detected capacity change from 0 to 64
[  144.489296][ T5793] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  144.489991][ T7124] hfs: small file entry
[  144.795790][ T7128] loop1: detected capacity change from 0 to 8192
[  145.091894][ T7123] loop4: detected capacity change from 0 to 32768
[  145.118867][ T7123] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.453 (7123)
[  145.159173][ T7123] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  145.180026][ T7123] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  145.193097][ T7123] BTRFS info (device loop4): disabling tree log
[  145.199839][ T7123] BTRFS info (device loop4): using free space tree
[  145.335521][ T7123] BTRFS info (device loop4): auto enabling async discard
[  145.372164][ T7123] BTRFS info (device loop4): checking UUID tree
[  145.420758][ T7130] loop2: detected capacity change from 0 to 32768
[  145.462186][ T7130] find_entry called with index >= next_index
[  145.472928][ T7130] find_entry called with index >= next_index
[  145.481141][ T7130] find_entry called with index >= next_index
[  145.504108][ T7130] find_entry called with index >= next_index
[  145.516357][ T7130] find_entry called with index >= next_index
[  145.528906][ T7130] add_index: next_index = 0.  Resetting!
[  145.545333][ T7130] find_entry called with index >= next_index
[  145.553903][ T7130] find_entry called with index >= next_index
[  145.560287][ T5774] usb 4-1: new full-speed USB device number 6 using dummy_hcd
[  145.577003][ T7130] find_entry called with index >= next_index
[  145.577807][ T6382] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  145.583146][ T7130] find_entry called with index >= next_index
[  145.595772][ T7135] loop1: detected capacity change from 0 to 40427
[  145.609939][ T7135] F2FS-fs (loop1): Fix alignment : done, start(4096) end(16896) block(12288)
[  145.630436][ T7135] F2FS-fs (loop1): invalid crc value
[  145.687606][ T7135] F2FS-fs (loop1): Found nat_bits in checkpoint
[  145.754180][ T5774] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  145.778501][ T5774] usb 4-1: New USB device found, idVendor=057e, idProduct=200e, bcdDevice= 0.00
[  145.825241][ T5774] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  145.836828][ T7135] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  145.867254][ T5774] usb 4-1: config 0 descriptor??
[  145.971581][ T7159] misc userio: The device must be registered before sending interrupts
[  146.053451][ T5786] syz-executor: attempt to access beyond end of device
[  146.053451][ T5786] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  146.075911][ T5786] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  146.150823][ T7164] loop4: detected capacity change from 0 to 128
[  146.297602][ T5774] nintendo 0003:057E:200E.0008: unbalanced delimiter at end of report description
[  146.329521][ T5774] nintendo 0003:057E:200E.0008: HID parse failed
[  146.376370][ T5774] nintendo 0003:057E:200E.0008: probe - fail = -22
[  146.396525][ T5774] nintendo: probe of 0003:057E:200E.0008 failed with error -22
[  146.524122][ T5774] usb 4-1: USB disconnect, device number 6
[  146.619809][ T7175] netlink: 44 bytes leftover after parsing attributes in process `syz.4.469'.
[  146.711516][ T7178] netlink: 108 bytes leftover after parsing attributes in process `syz.1.463'.
[  146.988533][ T7190] TCP: TCP_TX_DELAY enabled
[  147.167275][ T7199] IPv6: NLM_F_CREATE should be specified when creating new route
[  147.556440][ T5774] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  147.656904][ T7218] loop2: detected capacity change from 0 to 256
[  147.677086][ T7218] exFAT-fs (loop2): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[  147.771530][ T5774] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  147.792544][ T5774] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  147.820761][ T5774] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  147.841286][ T5774] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  147.865171][ T7202] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  147.889737][ T5774] usb 2-1: Quirk or no altest; falling back to MIDI 1.0
[  147.964026][ T7228] loop3: detected capacity change from 0 to 512
[  147.986423][ T7228] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  148.028481][ T7228] EXT4-fs (loop3): 1 truncate cleaned up
[  148.036030][ T7228] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  148.121259][ T7228] fscrypt (loop3, inode 18): Unsupported encryption flags (0xc6)
[  148.173259][ T7236] loop4: detected capacity change from 0 to 4096
[  148.212222][ T5793] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.224377][ T5774] usb 2-1: USB disconnect, device number 7
[  148.278024][ T7238] erspan0: entered promiscuous mode
[  148.425948][   T27] kauditd_printk_skb: 4 callbacks suppressed
[  148.425963][   T27] audit: type=1326 audit(1753827780.621:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7241 comm="syz.2.498" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7efd6d38e9a9 code=0x0
[  148.910254][ T7263] loop4: detected capacity change from 0 to 16
[  148.950911][ T7263] erofs: (device loop4): mounted with root inode @ nid 36.
[  149.178093][ T7257] loop3: detected capacity change from 0 to 32768
[  149.188134][ T7257] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.505 (7257)
[  149.214765][ T7257] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  149.239823][ T7257] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  149.280143][ T7257] BTRFS info (device loop3): enabling auto defrag
[  149.306477][ T7257] BTRFS info (device loop3): doing ref verification
[  149.337196][ T7257] BTRFS warning (device loop3): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  149.348353][ T7257] BTRFS info (device loop3): trying to use backup root at mount time
[  149.374766][ T7257] BTRFS info (device loop3): max_inline at 4096
[  149.381190][ T7257] BTRFS info (device loop3): enabling ssd optimizations
[  149.396285][ T7257] BTRFS info (device loop3): using spread ssd allocation scheme
[  149.404059][ T7257] BTRFS info (device loop3): using free space tree
[  149.566989][ T7257] BTRFS info (device loop3): auto enabling async discard
[  149.686710][ T7261] loop1: detected capacity change from 0 to 40427
[  149.716050][ T7261] F2FS-fs (loop1): build fault injection attr: rate: 690, type: 0x7ffff
[  149.735314][ T7261] F2FS-fs (loop1): Image doesn't support compression
[  149.745278][ T7261] F2FS-fs (loop1): heap/no_heap options were deprecated
[  149.766320][ T7261] F2FS-fs (loop1): Image doesn't support compression
[  149.798121][ T7261] F2FS-fs (loop1): invalid crc value
[  149.840651][ T7261] F2FS-fs (loop1): Found nat_bits in checkpoint
[  149.872565][ T5793] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  149.898239][ T7269] loop2: detected capacity change from 0 to 32768
[  149.958401][ T7261] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  150.167234][ T5786] syz-executor: attempt to access beyond end of device
[  150.167234][ T5786] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  150.194161][ T5786] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  150.365280][ T7293] loop3: detected capacity change from 0 to 128
[  150.380060][ T7288] loop4: detected capacity change from 0 to 32768
[  150.398305][   T27] audit: type=1800 audit(1753827782.601:19): pid=7293 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.515" name="file1" dev="loop3" ino=1048632 res=0 errno=0
[  150.398923][ T7288] (syz.4.513,7288,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  150.438929][ T7288] (syz.4.513,7288,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  150.469439][ T7288] JBD2: Ignoring recovery information on journal
[  150.509540][ T7288] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  150.708120][ T7295] syz.3.515: attempt to access beyond end of device
[  150.708120][ T7295] loop3: rw=0, sector=121, nr_sectors = 8 limit=128
[  150.783620][ T6382] ocfs2: Unmounting device (7,4) on (node local)
[  150.909442][   T12] kworker/u4:1: attempt to access beyond end of device
[  150.909442][   T12] loop3: rw=1, sector=129, nr_sectors = 912 limit=128
[  151.146017][ T7304] loop4: detected capacity change from 0 to 1024
[  151.232851][ T7306] loop9: detected capacity change from 0 to 7
[  151.267896][ T7304] hfsplus: xattr search failed
[  151.285349][ T7306] Dev loop9: unable to read RDB block 7
[  151.306309][ T7306]  loop9: unable to read partition table
[  151.333422][ T7306] loop9: partition table beyond EOD, truncated
[  151.366259][ T7306] loop_reread_partitions: partition scan of loop9 (þ被xüŸÑø éÚ¬§½dG¤´à–ƒÝ¡¯ �â·û
[  151.366259][ T7306] 
) failed (rc=-5)
[  151.424861][ T7307] Dev loop9: unable to read RDB block 7
[  151.430577][ T7307]  loop9: unable to read partition table
[  151.448731][ T7307] loop9: partition table beyond EOD, truncated
[  151.520573][ T7298] loop2: detected capacity change from 0 to 32768
[  151.545270][ T7298] JBD2: Ignoring recovery information on journal
[  151.621387][ T7298] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  151.750796][ T7313] loop1: detected capacity change from 0 to 4096
[  151.775819][ T5791] ocfs2: Unmounting device (7,2) on (node local)
[  151.794474][ T7313] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  152.055038][ T7322] loop2: detected capacity change from 0 to 16
[  152.065234][ T7322] erofs: (device loop2): mounted with root inode @ nid 36.
[  152.086407][ T5834] usb 5-1: new full-speed USB device number 5 using dummy_hcd
[  152.280281][ T5834] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  152.291960][ T7327] loop1: detected capacity change from 0 to 4096
[  152.307922][ T5834] usb 5-1: New USB device found, idVendor=057e, idProduct=200e, bcdDevice= 0.00
[  152.319379][ T7327] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512).
[  152.332886][ T5834] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  152.347291][ T5834] usb 5-1: config 0 descriptor??
[  152.387089][ T7327] ntfs3: loop1: Failed to initialize $Extend/$ObjId.
[  152.710808][ T7341] loop2: detected capacity change from 0 to 4096
[  152.738898][ T7341] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  152.800815][ T5834] nintendo 0003:057E:200E.0009: unknown main item tag 0x0
[  152.809108][ T5834] nintendo 0003:057E:200E.0009: unknown main item tag 0x0
[  152.816483][ T5834] nintendo 0003:057E:200E.0009: unknown main item tag 0x0
[  152.823861][ T5834] nintendo 0003:057E:200E.0009: unknown main item tag 0x0
[  152.831177][ T5834] nintendo 0003:057E:200E.0009: unknown main item tag 0x0
[  152.838845][ T5834] nintendo 0003:057E:200E.0009: unknown main item tag 0x0
[  152.846048][ T5834] nintendo 0003:057E:200E.0009: unknown main item tag 0x0
[  152.856358][ T5834] nintendo 0003:057E:200E.0009: hidraw0: USB HID v80.00 Device [HID 057e:200e] on usb-dummy_hcd.4-1/input0
[  152.919368][ T7345] loop3: detected capacity change from 0 to 16
[  152.938720][ T5834] nintendo 0003:057E:200E.0009: Failed charging grip handshake
[  152.941764][ T7345] erofs: (device loop3): mounted with root inode @ nid 36.
[  152.957061][ T5834] nintendo 0003:057E:200E.0009: Failed to initialize controller; ret=-110
[  152.983746][ T5834] nintendo 0003:057E:200E.0009: probe - fail = -110
[  152.990834][ T5834] nintendo: probe of 0003:057E:200E.0009 failed with error -110
[  153.031554][ T5834] usb 5-1: USB disconnect, device number 5
[  153.178313][ T7342] loop1: detected capacity change from 0 to 32768
[  153.210829][ T7342] JBD2: Ignoring recovery information on journal
[  153.258821][ T7342] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  153.409795][ T5786] ocfs2: Unmounting device (7,1) on (node local)
[  153.515051][ T7347] loop2: detected capacity change from 0 to 32768
[  153.525583][ T7347] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.536 (7347)
[  153.568908][ T7347] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  153.587592][ T7347] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  153.604346][ T7347] BTRFS info (device loop2): setting nodatacow, compression disabled
[  153.616062][ T7347] BTRFS info (device loop2): max_inline at 0
[  153.631731][ T7347] BTRFS info (device loop2): enabling disk space caching
[  153.646289][ T7347] BTRFS info (device loop2): turning off barriers
[  153.662985][ T7347] BTRFS info (device loop2): turning on flush-on-commit
[  153.677619][ T7347] BTRFS info (device loop2): doing ref verification
[  153.691834][ T7347] BTRFS info (device loop2): force clearing of disk cache
[  153.699462][ T7347] BTRFS info (device loop2): enabling ssd optimizations
[  153.716527][ T7347] BTRFS info (device loop2): max_inline at 4096
[  153.724239][ T7347] BTRFS info (device loop2): disk space caching is enabled
[  153.840232][ T7361] loop1: detected capacity change from 0 to 8192
[  153.850180][ T7361] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  153.874947][ T7361] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal
[  153.876322][ T7347] BTRFS info (device loop2): auto enabling async discard
[  153.884710][ T7361] REISERFS (device loop1): using ordered data mode
[  153.898333][ T7361] reiserfs: using flush barriers
[  153.908245][ T7361] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  153.925342][ T7347] BTRFS info (device loop2): rebuilding free space tree
[  153.933350][ T7361] REISERFS (device loop1): checking transaction log (loop1)
[  153.953889][ T7347] BTRFS info (device loop2): disabling free space tree
[  153.961683][ T7381] netlink: 8 bytes leftover after parsing attributes in process `syz.4.542'.
[  153.964040][ T7361] REISERFS (device loop1): Using rupasov hash to sort names
[  153.990105][ T7347] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  153.990813][ T7361] REISERFS (device loop1): using 3.5.x disk format
[  154.009966][ T7347] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  154.026751][ T7361] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  154.061307][ T7361] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  154.106401][ T7361] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  154.127913][ T7361] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage.
[  154.176640][ T7361] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  154.212992][ T7361] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[  154.281017][ T5791] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  154.556297][ T5871] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  154.754094][ T7399] loop2: detected capacity change from 0 to 2048
[  154.766322][ T5871] usb 4-1: Using ep0 maxpacket: 16
[  154.789523][ T5871] usb 4-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  154.806266][ T5871] usb 4-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  154.814405][ T5871] usb 4-1: Product: syz
[  154.826806][ T5871] usb 4-1: Manufacturer: syz
[  154.836267][ T5871] usb 4-1: SerialNumber: syz
[  154.847805][ T5871] usb 4-1: config 0 descriptor??
[  154.887676][ T7399] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  154.934156][ T7399] overlayfs: failed to resolve './file0': -2
[  154.974797][ T7393] loop4: detected capacity change from 0 to 32768
[  154.997868][ T7393] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  155.011485][ T5791] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.044005][ T7416] loop1: detected capacity change from 0 to 256
[  155.076880][  T786] usb 4-1: USB disconnect, device number 7
[  155.145899][ T7416] FAT-fs (loop1): Directory bread(block 64) failed
[  155.167736][ T7393] XFS (loop4): Ending clean mount
[  155.175509][ T7416] FAT-fs (loop1): Directory bread(block 65) failed
[  155.192516][ T7393] XFS (loop4): Quotacheck needed: Please wait.
[  155.201488][ T7416] FAT-fs (loop1): Directory bread(block 66) failed
[  155.223399][ T7416] FAT-fs (loop1): Directory bread(block 67) failed
[  155.249940][ T7416] FAT-fs (loop1): Directory bread(block 68) failed
[  155.257550][ T7416] FAT-fs (loop1): Directory bread(block 69) failed
[  155.275212][ T7393] XFS (loop4): Quotacheck: Done.
[  155.275358][ T7416] FAT-fs (loop1): Directory bread(block 70) failed
[  155.299420][ T7416] FAT-fs (loop1): Directory bread(block 71) failed
[  155.313195][ T7416] FAT-fs (loop1): Directory bread(block 72) failed
[  155.323021][ T7416] FAT-fs (loop1): Directory bread(block 73) failed
[  155.505974][ T6382] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  155.540669][ T7428] loop1: detected capacity change from 0 to 256
[  155.920860][ T7435] loop4: detected capacity change from 0 to 64
[  156.278836][ T7458] loop4: detected capacity change from 0 to 512
[  156.323961][ T7458] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  156.338020][ T7458] ext4 filesystem being mounted at /95/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  156.378395][ T7458] EXT4-fs error (device loop4): ext4_readdir:263: inode #2: block 3: comm syz.4.575: path /95/file1: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[  156.411800][ T7458] EXT4-fs error (device loop4): ext4_readdir:263: inode #2: block 12: comm syz.4.575: path /95/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[  156.440524][ T7458] EXT4-fs error (device loop4): ext4_readdir:263: inode #2: block 13: comm syz.4.575: path /95/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[  156.465736][ T7458] EXT4-fs error (device loop4): ext4_readdir:263: inode #2: block 14: comm syz.4.575: path /95/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  156.495377][ T7458] EXT4-fs error (device loop4): ext4_readdir:263: inode #2: block 15: comm syz.4.575: path /95/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  156.522109][ T7458] EXT4-fs error (device loop4): ext4_readdir:263: inode #2: block 16: comm syz.4.575: path /95/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[  156.552143][ T7458] EXT4-fs error (device loop4): ext4_readdir:263: inode #2: block 17: comm syz.4.575: path /95/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  156.577767][ T7458] EXT4-fs error (device loop4): ext4_map_blocks:608: inode #2: block 18: comm syz.4.575: lblock 23 mapped to illegal pblock 18 (length 1)
[  156.604133][ T7456] loop1: detected capacity change from 0 to 32768
[  156.605334][ T7458] EXT4-fs error (device loop4): ext4_readdir:263: inode #2: block 19: comm syz.4.575: path /95/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  156.634964][ T7458] EXT4-fs error (device loop4): ext4_readdir:263: inode #2: block 20: comm syz.4.575: path /95/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=2048 fake=0
[  156.903546][ T7463] loop2: detected capacity change from 0 to 512
[  156.931659][ T7463] EXT4-fs (loop2): Test dummy encryption mode enabled
[  156.949743][ T7463] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  156.984574][ T7463] EXT4-fs error (device loop2): ext4_orphan_get:1425: comm syz.2.577: bad orphan inode 131083
[  157.022216][ T7463] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  157.225573][ T6382] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.402622][ T7476] loop4: detected capacity change from 0 to 512
[  157.415252][ T7463] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  157.427321][ T5871] IPVS: starting estimator thread 0...
[  157.477898][ T7476] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  157.501006][ T7476] ext4 filesystem being mounted at /96/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  157.520647][ T5791] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.536389][ T7480] IPVS: using max 19 ests per chain, 45600 per kthread
[  157.655805][ T6382] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.672971][ T7491] netlink: 52 bytes leftover after parsing attributes in process `syz.3.586'.
[  157.997765][  T786] kernel read not supported for file /dsp (pid: 786 comm: kworker/0:2)
[  158.196561][ T5798] Bluetooth: hci3: command tx timeout
[  158.285223][ T7520] loop3: detected capacity change from 0 to 512
[  158.300032][ T7520] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  158.332269][ T7520] EXT4-fs (loop3): 1 truncate cleaned up
[  158.347121][ T7520] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  158.402870][ T5793] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.548304][ T5774] usb 3-1: new full-speed USB device number 6 using dummy_hcd
[  158.758357][ T5774] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  158.774952][ T5774] usb 3-1: New USB device found, idVendor=057e, idProduct=200e, bcdDevice= 0.00
[  158.784290][ T5774] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  158.801605][ T5774] usb 3-1: config 0 descriptor??
[  159.076996][  T786] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  159.091877][   T27] audit: type=1326 audit(1753827791.291:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7543 comm="syz.3.609" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcd0ab8e9a9 code=0x0
[  159.235403][ T5774] nintendo 0003:057E:200E.000A: unbalanced delimiter at end of report description
[  159.246362][ T5774] nintendo 0003:057E:200E.000A: HID parse failed
[  159.255007][ T5774] nintendo 0003:057E:200E.000A: probe - fail = -22
[  159.261772][ T5774] nintendo: probe of 0003:057E:200E.000A failed with error -22
[  159.271494][  T786] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  159.284825][  T786] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  159.294861][  T786] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  159.304681][  T786] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  159.315598][ T7539] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  159.327954][  T786] usb 5-1: Quirk or no altest; falling back to MIDI 1.0
[  159.450261][  T786] usb 3-1: USB disconnect, device number 6
[  159.579124][    T9] usb 5-1: USB disconnect, device number 6
[  159.684361][ T7550] syzkaller1: tun_chr_ioctl cmd 1074025677
[  159.690618][ T7550] syzkaller1: linktype set to 32
[  159.826055][ T7552] loop1: detected capacity change from 0 to 64
[  159.974441][ T7556] loop3: detected capacity change from 0 to 16
[  159.983438][ T7556] erofs: (device loop3): mounted with root inode @ nid 36.
[  160.005314][ T7558] loop1: detected capacity change from 0 to 128
[  160.078529][   T27] audit: type=1800 audit(1753827792.281:21): pid=7558 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.614" name="file1" dev="loop1" ino=1048635 res=0 errno=0
[  160.336233][ T7563] syz.1.614: attempt to access beyond end of device
[  160.336233][ T7563] loop1: rw=0, sector=121, nr_sectors = 8 limit=128
[  160.402475][ T7566] loop4: detected capacity change from 0 to 8192
[  160.422661][ T7566] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  160.497333][   T12] kworker/u4:1: attempt to access beyond end of device
[  160.497333][   T12] loop1: rw=1, sector=129, nr_sectors = 912 limit=128
[  161.024886][ T7597] loop2: detected capacity change from 0 to 512
[  161.039284][ T7598] loop3: detected capacity change from 0 to 512
[  161.049124][ T7597] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  161.055740][ T7600] program syz.1.633 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  161.066512][ T7598] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  161.104535][ T7598] EXT4-fs (loop3): 1 truncate cleaned up
[  161.106856][ T7597] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  161.127215][ T7598] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  161.158272][ T7597] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.632: invalid indirect mapped block 2683928664 (level 1)
[  161.201204][ T7597] EXT4-fs (loop2): Remounting filesystem read-only
[  161.204010][ T5793] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.216901][ T7597] EXT4-fs (loop2): 1 truncate cleaned up
[  161.218520][ T7597] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  161.272438][   T27] audit: type=1326 audit(1753827793.471:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7604 comm="syz.1.635" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcbabb8e9a9 code=0x0
[  161.281734][ T7597] overlayfs: failed to get redirect (-5)
[  161.418240][ T7588] loop4: detected capacity change from 0 to 32768
[  161.428894][ T7588] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.626 (7588)
[  161.475566][ T7588] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  161.486279][ T7588] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  161.495186][ T7588] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_LZO (0x8)
[  161.509857][ T7588] BTRFS info (device loop4): force lzo compression, level 0
[  161.526925][ T7588] BTRFS info (device loop4): turning on sync discard
[  161.551919][ T7588] BTRFS info (device loop4): force clearing of disk cache
[  161.569755][ T7588] BTRFS info (device loop4): enabling disk space caching
[  161.581706][ T7588] BTRFS info (device loop4): turning off discard
[  161.599018][ T7588] BTRFS info (device loop4): disk space caching is enabled
[  161.649447][ T7588] BTRFS info (device loop4): enabling ssd optimizations
[  161.661909][ T7588] BTRFS info (device loop4): rebuilding free space tree
[  161.682887][ T7588] BTRFS info (device loop4): disabling free space tree
[  161.691061][ T7588] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  161.700922][ T7588] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  161.762819][ T7504] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.865122][ T6382] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  161.911679][ T1130] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  162.220874][ T1130] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  162.422293][ T1130] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  162.528739][ T1130] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  162.686834][ T7641] mmap: syz.3.646 (7641) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  163.104070][ T5789] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  163.121180][ T5789] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  163.137121][ T5789] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  163.151908][ T5789] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  163.161648][ T5789] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  163.177192][ T5789] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  163.224501][ T7636] loop1: detected capacity change from 0 to 32768
[  163.232815][ T7636] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.644 (7636)
[  163.252035][ T7636] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  163.262987][ T7636] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  163.271915][ T7636] BTRFS info (device loop1): enabling auto defrag
[  163.278430][ T7636] BTRFS info (device loop1): doing ref verification
[  163.285063][ T7636] BTRFS info (device loop1): use no compression
[  163.291575][ T7636] BTRFS info (device loop1): force clearing of disk cache
[  163.298786][ T7636] BTRFS info (device loop1): setting nodatacow, compression disabled
[  163.307423][ T7636] BTRFS info (device loop1): disabling free space tree
[  163.346009][ T7636] BTRFS info (device loop1): enabling ssd optimizations
[  163.365357][ T7636] BTRFS info (device loop1): auto enabling async discard
[  163.389360][ T7636] BTRFS info (device loop1): rebuilding free space tree
[  163.423360][ T7636] BTRFS info (device loop1): disabling free space tree
[  163.430792][ T7636] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  163.449778][ T7636] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  163.587255][ T7650] chnl_net:caif_netlink_parms(): no params data found
[  163.632979][ T5786] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  163.792263][ T7675] loop4: detected capacity change from 0 to 1024
[  163.912439][ T7675] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  163.950905][ T7675] EXT4-fs error (device loop4): ext4_generic_delete_entry:2729: inode #12: block 7: comm syz.4.652: bad entry in directory: inode out of bounds - offset=0, inode=150994957, rec_len=16, size=56 fake=0
[  163.998688][ T7675] EXT4-fs (loop4): Remounting filesystem read-only
[  164.147751][ T7650] bridge0: port 1(bridge_slave_0) entered blocking state
[  164.155028][ T7650] bridge0: port 1(bridge_slave_0) entered disabled state
[  164.162437][ T7650] bridge_slave_0: entered allmulticast mode
[  164.172774][ T7650] bridge_slave_0: entered promiscuous mode
[  164.181923][ T7650] bridge0: port 2(bridge_slave_1) entered blocking state
[  164.189271][ T7650] bridge0: port 2(bridge_slave_1) entered disabled state
[  164.196578][ T7650] bridge_slave_1: entered allmulticast mode
[  164.203882][ T7650] bridge_slave_1: entered promiscuous mode
[  164.206655][  T787] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  164.269894][ T7650] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  164.285600][ T7650] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  164.376564][ T7650] team0: Port device team_slave_0 added
[  164.392078][ T7650] team0: Port device team_slave_1 added
[  164.416102][  T787] usb 4-1: Using ep0 maxpacket: 32
[  164.445199][  T787] usb 4-1: config 0 has an invalid interface number: 51 but max is 0
[  164.472631][  T787] usb 4-1: config 0 has no interface number 0
[  164.484496][  T787] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  164.494799][  T787] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  164.504021][ T7650] batman_adv: batadv0: Adding interface: batadv_slave_0
[  164.504247][  T787] usb 4-1: Product: syz
[  164.521047][  T787] usb 4-1: Manufacturer: syz
[  164.522069][ T7650] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  164.525811][  T787] usb 4-1: SerialNumber: syz
[  164.584112][ T7650] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  164.606052][  T787] usb 4-1: config 0 descriptor??
[  164.608968][ T7650] batman_adv: batadv0: Adding interface: batadv_slave_1
[  164.623597][ T6382] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.626803][ T7650] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  164.640600][  T787] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  164.659310][ T7685] loop1: detected capacity change from 0 to 32768
[  164.675806][ T7650] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  164.698552][ T7685] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.650 (7685)
[  164.763359][ T7685] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  164.776532][ T7685] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  164.788274][ T7685] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_LZO (0x8)
[  164.797805][ T7685] BTRFS info (device loop1): force lzo compression, level 0
[  164.805227][ T7685] BTRFS info (device loop1): turning on sync discard
[  164.812638][ T7685] BTRFS info (device loop1): force clearing of disk cache
[  164.819862][ T7685] BTRFS info (device loop1): enabling disk space caching
[  164.827639][ T7685] BTRFS info (device loop1): turning off discard
[  164.834061][ T7685] BTRFS info (device loop1): disk space caching is enabled
[  164.843263][ T1130] hsr_slave_0: left promiscuous mode
[  164.853888][ T1130] hsr_slave_1: left promiscuous mode
[  164.862065][ T1130] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  164.881971][ T1130] batman_adv: batadv0: Removing interface: batadv_slave_0
[  164.899692][  T787] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  164.910834][ T1130] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  164.924069][  T787] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  164.931691][ T1130] batman_adv: batadv0: Removing interface: batadv_slave_1
[  164.951181][ T1130] bridge_slave_1: left allmulticast mode
[  164.961601][ T1130] bridge_slave_1: left promiscuous mode
[  164.962007][ T7685] BTRFS info (device loop1): enabling ssd optimizations
[  164.977095][ T1130] bridge0: port 2(bridge_slave_1) entered disabled state
[  164.990192][ T7685] BTRFS info (device loop1): rebuilding free space tree
[  165.000645][ T1130] bridge_slave_0: left allmulticast mode
[  165.009183][ T7685] BTRFS info (device loop1): disabling free space tree
[  165.016277][ T7685] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  165.017708][ T1130] bridge_slave_0: left promiscuous mode
[  165.025984][ T7685] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  165.046505][ T1130] bridge0: port 1(bridge_slave_0) entered disabled state
[  165.140485][ T1130] veth1_macvtap: left promiscuous mode
[  165.153664][ T1130] veth0_macvtap: left promiscuous mode
[  165.162849][ T1130] veth1_vlan: left promiscuous mode
[  165.172105][ T7706] loop4: detected capacity change from 0 to 512
[  165.178757][ T1130] veth0_vlan: left promiscuous mode
[  165.199054][ T7706] EXT4-fs (loop4): Test dummy encryption mode enabled
[  165.212790][    C1] quatech-serial ttyUSB0: qt2_process_read_urb - xmit_empty message too short
[  165.213530][ T7706] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  165.236433][ T5798] Bluetooth: hci1: command tx timeout
[  165.254148][ T5786] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  165.280662][ T7706] EXT4-fs error (device loop4): ext4_orphan_get:1425: comm syz.4.656: bad orphan inode 131083
[  165.315310][ T7706] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  165.418871][    C1] usb 4-1: qt2_read_bulk_callback - non-zero urb status: -71
[  165.436329][  T787] usb 4-1: USB disconnect, device number 8
[  165.482054][  T787] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  165.532012][ T6382] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.568999][  T787] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  165.600568][  T787] quatech2 4-1:0.51: device disconnected
[  166.305250][ T1130] team0 (unregistering): Port device team_slave_1 removed
[  166.364770][ T1130] team0 (unregistering): Port device team_slave_0 removed
[  166.424399][ T1130] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  166.478985][ T1130] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  167.087564][ T1130] bond0 (unregistering): Released all slaves
[  167.176933][ T7650] hsr_slave_0: entered promiscuous mode
[  167.183422][ T7650] hsr_slave_1: entered promiscuous mode
[  167.189949][ T7650] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  167.199079][ T7650] Cannot create hsr debugfs directory
[  167.316457][ T5798] Bluetooth: hci1: command tx timeout
[  167.497513][ T7650] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  167.507428][ T7650] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  167.519928][ T7650] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  167.540549][ T7650] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  167.650359][ T7650] 8021q: adding VLAN 0 to HW filter on device bond0
[  167.673070][ T7650] 8021q: adding VLAN 0 to HW filter on device team0
[  167.686079][ T1130] bridge0: port 1(bridge_slave_0) entered blocking state
[  167.693319][ T1130] bridge0: port 1(bridge_slave_0) entered forwarding state
[  167.713890][ T1125] bridge0: port 2(bridge_slave_1) entered blocking state
[  167.721098][ T1125] bridge0: port 2(bridge_slave_1) entered forwarding state
[  167.935167][ T7650] 8021q: adding VLAN 0 to HW filter on device batadv0
[  168.186961][ T7650] veth0_vlan: entered promiscuous mode
[  168.201109][ T7650] veth1_vlan: entered promiscuous mode
[  168.231745][ T7650] veth0_macvtap: entered promiscuous mode
[  168.242434][ T7650] veth1_macvtap: entered promiscuous mode
[  168.262154][ T7650] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  168.273911][ T7650] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  168.284418][ T7650] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  168.296865][ T7650] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  168.307237][ T7650] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  168.317913][ T7650] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  168.330314][ T7650] batman_adv: batadv0: Interface activated: batadv_slave_0
[  168.346903][ T7650] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  168.357743][ T7650] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  168.368539][ T7650] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  168.379128][ T7650] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  168.389055][ T7650] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  168.399553][ T7650] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  168.410963][ T7650] batman_adv: batadv0: Interface activated: batadv_slave_1
[  168.426299][ T7650] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  168.435050][ T7650] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  168.444672][ T7650] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  168.453505][ T7650] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  168.537646][   T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  168.545513][   T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  168.578406][ T1125] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  168.586718][ T1125] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  169.396615][ T5798] Bluetooth: hci1: command tx timeout
[  169.540088][ T7755] loop5: detected capacity change from 0 to 32768
[  169.578221][ T7755] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 scanned by syz.5.665 (7755)
[  169.603299][ T7755] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  169.620839][ T7776] loop3: detected capacity change from 0 to 512
[  169.627386][ T7755] BTRFS info (device loop5): using crc32c (crc32c-intel) checksum algorithm
[  169.636130][ T7755] BTRFS info (device loop5): setting incompat feature flag for COMPRESS_LZO (0x8)
[  169.645965][ T7755] BTRFS info (device loop5): force lzo compression, level 0
[  169.653511][ T7755] BTRFS info (device loop5): turning on sync discard
[  169.660532][ T7755] BTRFS info (device loop5): force clearing of disk cache
[  169.668020][ T7755] BTRFS info (device loop5): enabling disk space caching
[  169.675421][ T7755] BTRFS info (device loop5): turning off discard
[  169.695797][ T7755] BTRFS info (device loop5): disk space caching is enabled
[  169.725364][ T7776] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  169.762485][ T7776] ext4 filesystem being mounted at /190/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  169.813317][ T7792] loop1: detected capacity change from 0 to 1764
[  169.855461][ T7755] BTRFS info (device loop5): enabling ssd optimizations
[  169.884602][ T7776] EXT4-fs error (device loop3): ext4_generic_delete_entry:2729: inode #12: block 32: comm syz.3.678: bad entry in directory: rec_len is too small for name_len - offset=0, inode=12, rec_len=12, size=2048 fake=0
[  169.885130][ T7755] BTRFS info (device loop5): rebuilding free space tree
[  169.920757][ T7776] EXT4-fs (loop3): Remounting filesystem read-only
[  169.965766][ T7755] BTRFS info (device loop5): disabling free space tree
[  169.993542][ T7755] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  170.018208][ T5793] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.019471][ T7755] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  170.263534][ T7650] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  170.371443][ T7812] netlink: 124 bytes leftover after parsing attributes in process `syz.3.686'.
[  171.366659][    T9] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  171.476678][ T5798] Bluetooth: hci1: command tx timeout
[  171.546480][    T9] usb 4-1: Using ep0 maxpacket: 32
[  171.564537][    T9] usb 4-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  171.574297][ T5872] usb 6-1: new low-speed USB device number 2 using dummy_hcd
[  171.584202][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  171.614881][    T9] usb 4-1: config 0 descriptor??
[  171.644663][ T7840] netlink: 4 bytes leftover after parsing attributes in process `syz.1.697'.
[  171.789017][ T5872] usb 6-1: config index 0 descriptor too short (expected 1307, got 27)
[  171.804903][ T5872] usb 6-1: config 0 has an invalid interface number: 0 but max is -1
[  171.813346][ T5872] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 0
[  171.822672][ T5872] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30
[  171.835263][    T9] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  171.843463][ T5872] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[  171.858663][ T5872] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 39, setting to 8
[  171.870749][    T9] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  171.891509][ T5872] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246
[  171.905301][    T9] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  171.912839][    T8] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  171.920934][    T9] usb 4-1: media controller created
[  171.931460][ T5872] usb 6-1: string descriptor 0 read error: -22
[  171.941577][ T5872] usb 6-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[  171.973708][ T5872] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  171.991072][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  172.002197][ T5872] usb 6-1: config 0 descriptor??
[  172.008873][ T7829] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  172.018207][ T5872] hub 6-1:0.0: bad descriptor, ignoring hub
[  172.026268][ T5872] hub: probe of 6-1:0.0 failed with error -5
[  172.038568][ T5872] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input8
[  172.061541][    T9] az6027: usb out operation failed. (-71)
[  172.081103][    T9] az6027: usb out operation failed. (-71)
[  172.096345][    T9] stb0899_attach: Driver disabled by Kconfig
[  172.106925][    T9] az6027: no front-end attached
[  172.106925][    T9] 
[  172.117294][    T8] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  172.129020][    T9] az6027: usb out operation failed. (-71)
[  172.134921][    T9] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  172.142708][    T8] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  172.157629][    T9] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input9
[  172.169317][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  172.184982][    T8] usb 5-1: config 0 descriptor??
[  172.197690][    T9] dvb-usb: schedule remote query interval to 400 msecs.
[  172.204740][    T9] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  172.221175][    T8] pwc: Askey VC010 type 2 USB webcam detected.
[  172.246715][    T9] usb 4-1: USB disconnect, device number 9
[  172.297961][    T9] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  172.370575][ T5827] usb 6-1: USB disconnect, device number 2
[  172.614235][ T7852] loop1: detected capacity change from 0 to 32768
[  172.639701][ T7852] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  172.671020][ T7852] (syz.1.702,7852,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=16, inode=65, rec_len=12, name_len=0
[  172.731380][ T5786] ocfs2: Unmounting device (7,1) on (node local)
[  172.856028][    T8] pwc: recv_control_msg error -71 req 02 val 2700
[  172.867907][    T8] pwc: recv_control_msg error -71 req 02 val 2c00
[  172.886443][    T8] pwc: recv_control_msg error -71 req 04 val 1000
[  172.893568][    T8] pwc: recv_control_msg error -71 req 04 val 1300
[  172.913483][    T8] pwc: recv_control_msg error -71 req 04 val 1400
[  172.946963][    T8] pwc: recv_control_msg error -71 req 02 val 2000
[  172.966370][    T8] pwc: recv_control_msg error -71 req 02 val 2100
[  172.973363][    T8] pwc: recv_control_msg error -71 req 04 val 1500
[  172.992510][    T8] pwc: recv_control_msg error -71 req 02 val 2500
[  173.010826][    T8] pwc: recv_control_msg error -71 req 02 val 2400
[  173.024856][    T8] pwc: recv_control_msg error -71 req 02 val 2600
[  173.036681][    T8] pwc: recv_control_msg error -71 req 02 val 2900
[  173.046870][    T8] pwc: recv_control_msg error -71 req 02 val 2800
[  173.083981][    T8] pwc: recv_control_msg error -71 req 04 val 1100
[  173.097747][    T8] pwc: recv_control_msg error -71 req 04 val 1200
[  173.129719][    T8] pwc: Registered as video103.
[  173.142442][    T8] input: PWC snapshot button as /devices/platform/dummy_hcd.4/usb5/5-1/input/input10
[  173.152864][ T7864] loop3: detected capacity change from 0 to 256
[  173.182057][    T8] usb 5-1: USB disconnect, device number 7
[  173.195690][ T7864] FAT-fs (loop3): Directory bread(block 1285) failed
[  173.229622][ T7864] FAT-fs (loop3): FAT read failed (blocknr 1281)
[  173.363950][   T27] audit: type=1326 audit(1753827805.561:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7872 comm="syz.5.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2612d8e9a9 code=0x7ffc0000
[  173.367935][ T7871] loop3: detected capacity change from 0 to 2048
[  173.407791][   T27] audit: type=1326 audit(1753827805.591:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7872 comm="syz.5.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2612d8e9a9 code=0x7ffc0000
[  173.442874][ T7871] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  173.466332][   T27] audit: type=1326 audit(1753827805.591:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7872 comm="syz.5.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2612d8e9a9 code=0x7ffc0000
[  173.467825][ T7871] ext4 filesystem being mounted at /197/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  173.500984][ T5774] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  173.517113][   T27] audit: type=1326 audit(1753827805.591:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7872 comm="syz.5.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=292 compat=0 ip=0x7f2612d8e9a9 code=0x7ffc0000
[  173.539358][   T27] audit: type=1326 audit(1753827805.591:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7872 comm="syz.5.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2612d8e9a9 code=0x7ffc0000
[  173.606249][   T27] audit: type=1800 audit(1753827805.801:28): pid=7871 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.710" name="file0" dev="loop3" ino=13 res=0 errno=0
[  173.625663][ T7871] fs-verity: sha512 using implementation "sha512-avx2"
[  173.656328][ T7871] fs-verity (loop3, inode 13): Error -22 reading file data
[  173.664410][ T7871] fs-verity (loop3, inode 13): Error -22 building Merkle tree
[  173.692036][ T7879] loop4: detected capacity change from 0 to 4096
[  173.714324][ T7879] NILFS (loop4): invalid segment: Checksum error in segment payload
[  173.716914][ T5774] usb 2-1: Using ep0 maxpacket: 32
[  173.724894][ T7879] NILFS (loop4): trying rollback from an earlier position
[  173.750850][ T5774] usb 2-1: config 0 has an invalid interface number: 196 but max is 0
[  173.767797][ T7879] NILFS (loop4): recovery complete
[  173.769459][ T5774] usb 2-1: config 0 has no interface number 0
[  173.783820][ T7882] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  173.806655][ T5774] usb 2-1: config 0 interface 196 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 528
[  173.817094][ T5774] usb 2-1: config 0 interface 196 has no altsetting 0
[  173.821279][ T5793] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.842851][ T5774] usb 2-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a
[  173.856326][ T5774] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  173.888568][ T5774] usb 2-1: Product: syz
[  173.892813][ T5774] usb 2-1: Manufacturer: syz
[  173.916235][ T5774] usb 2-1: SerialNumber: syz
[  173.929060][ T5774] usb 2-1: config 0 descriptor??
[  173.947795][ T7865] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  174.078019][ T7888] Bluetooth: MGMT ver 1.22
[  174.167943][ T7890] loop3: detected capacity change from 0 to 2048
[  174.213425][ T7890] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  174.351518][ T5793] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.403580][ T5774] ipheth 2-1:0.196: ipheth_get_macaddr: usb_control_msg: short packet: 2 bytes
[  174.441458][ T5774] ipheth: probe of 2-1:0.196 failed with error -22
[  174.642245][ T7913] loop4: detected capacity change from 0 to 128
[  174.652714][ T7913] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  174.668260][ T7913] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  174.887464][ T7918] loop5: detected capacity change from 0 to 2048
[  174.913517][ T7918] UDF-fs: error (device loop5): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  174.929205][ T7918] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  175.285444][ T7929] loop5: detected capacity change from 0 to 256
[  175.341083][ T7929] FAT-fs (loop5): Directory bread(block 64) failed
[  175.353856][ T7929] FAT-fs (loop5): Directory bread(block 65) failed
[  175.365312][ T7929] FAT-fs (loop5): Directory bread(block 66) failed
[  175.372610][ T7929] FAT-fs (loop5): Directory bread(block 67) failed
[  175.384049][ T7929] FAT-fs (loop5): Directory bread(block 68) failed
[  175.391883][ T7929] FAT-fs (loop5): Directory bread(block 69) failed
[  175.399992][ T7929] FAT-fs (loop5): Directory bread(block 70) failed
[  175.408730][ T7929] FAT-fs (loop5): Directory bread(block 71) failed
[  175.416151][ T7929] FAT-fs (loop5): Directory bread(block 72) failed
[  175.423283][ T7929] FAT-fs (loop5): Directory bread(block 73) failed
[  175.520411][   T27] audit: type=1326 audit(1753827807.721:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7937 comm="syz.4.739" exe="/root/syz-executor" sig=31 arch=c000003e syscall=39 compat=0 ip=0x7fa106785967 code=0x0
[  176.096302][ T5827] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  176.155389][ T5834] usb 2-1: USB disconnect, device number 8
[  176.239777][ T7949] loop1: detected capacity change from 0 to 512
[  176.247906][ T7949] EXT4-fs: Ignoring removed oldalloc option
[  176.286508][ T5827] usb 6-1: Using ep0 maxpacket: 16
[  176.301997][ T7949] EXT4-fs error (device loop1): ext4_xattr_inode_iget:436: comm syz.1.744: Parent and EA inode have the same ino 15
[  176.327889][ T5827] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  176.331527][ T7949] EXT4-fs (loop1): 1 orphan inode deleted
[  176.348025][ T5827] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  176.368557][ T7949] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  176.384821][ T5827] usb 6-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  176.409838][ T5827] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  176.410103][   T27] audit: type=1800 audit(1753827808.611:30): pid=7949 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.744" name="file0" dev="loop1" ino=13 res=0 errno=0
[  176.452895][ T5827] usb 6-1: config 0 descriptor??
[  176.469522][ T7949] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.744: invalid indirect mapped block 234881024 (level 0)
[  176.581989][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.897864][ T5827] hid-multitouch 0003:1FD2:6007.000B: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.5-1/input0
[  177.136342][ T5774] usb 6-1: USB disconnect, device number 3
[  177.156346][  T786] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  177.347864][  T786] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  177.376399][  T786] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  177.396361][  T786] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  177.405392][  T786] usb 2-1: config 1 has no interface number 1
[  177.426819][  T786] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  177.468403][  T786] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  177.486231][  T786] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  177.494297][  T786] usb 2-1: Product: syz
[  177.516252][  T786] usb 2-1: Manufacturer: syz
[  177.520929][  T786] usb 2-1: SerialNumber: syz
[  177.761875][  T786] usb 2-1: No MIDI 2.0 at altset 1, falling back to MIDI 1.0
[  177.789659][  T786] usb 2-1: MIDIStreaming interface descriptor not found
[  177.842271][  T786] usb 2-1: USB disconnect, device number 9
[  178.017500][ T5827] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  178.227143][ T5827] usb 5-1: Using ep0 maxpacket: 32
[  178.251443][ T5827] usb 5-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  178.273191][ T5827] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  178.292416][ T5827] usb 5-1: Product: syz
[  178.302538][ T5827] usb 5-1: Manufacturer: syz
[  178.307237][ T5827] usb 5-1: SerialNumber: syz
[  178.328812][ T5827] usb 5-1: config 0 descriptor??
[  178.339231][ T5827] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  178.342996][ T7990] loop5: detected capacity change from 0 to 1024
[  178.362929][ T7990] EXT4-fs: inline encryption not supported
[  178.372591][ T7990] EXT4-fs: Ignoring removed bh option
[  178.423700][ T7990] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  178.687837][ T7650] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.809802][ T7998] netlink: 24 bytes leftover after parsing attributes in process `syz.5.765'.
[  178.950191][ T7998] netlink: 24 bytes leftover after parsing attributes in process `syz.5.765'.
[  179.159854][ T5827] gspca_ov534_9: reg_w failed -71
[  179.443994][ T8002] loop1: detected capacity change from 0 to 32768
[  179.469116][ T8002] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[  179.556782][ T5827] gspca_ov534_9: Unknown sensor 0000
[  179.556876][ T5827] ov534_9: probe of 5-1:0.0 failed with error -22
[  179.578494][ T5827] usb 5-1: USB disconnect, device number 8
[  179.631844][ T5786] ocfs2: Unmounting device (7,1) on (node local)
[  180.498184][ T8029] loop5: detected capacity change from 0 to 8192
[  180.922271][ T8044] loop5: detected capacity change from 0 to 4096
[  180.935916][ T8044] ntfs3: loop5: Different NTFS sector size (4096) and media sector size (512).
[  180.999499][ T8044] ntfs3: loop5: Failed to initialize $Extend/$Reparse.
[  181.072046][ T8044] ntfs3: loop5: ino=5, "/" directory corrupted
[  181.153768][ T7650] ntfs3: loop5: ino=1a, ntfs_sync_fs failed, -22.
[  181.700082][ T8062] capability: warning: `syz.5.790' uses 32-bit capabilities (legacy support in use)
[  181.790271][ T8049] loop4: detected capacity change from 0 to 40427
[  181.837824][ T8049] F2FS-fs (loop4): heap/no_heap options were deprecated
[  181.884323][ T8049] F2FS-fs (loop4): invalid crc value
[  181.906101][ T8049] F2FS-fs (loop4): Found nat_bits in checkpoint
[  182.019350][ T8049] F2FS-fs (loop4): Start checkpoint disabled!
[  182.056119][ T8049] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  182.506002][ T3455] kworker/u4:8: attempt to access beyond end of device
[  182.506002][ T3455] loop4: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  182.536313][ T3455] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  182.543533][ T3455] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  182.544235][ T8079] loop5: detected capacity change from 0 to 4096
[  183.791897][ T8099] bridge0: port 3(batadv1) entered blocking state
[  183.814637][ T8099] bridge0: port 3(batadv1) entered disabled state
[  183.826651][ T8099] batadv1: entered allmulticast mode
[  183.852138][ T8099] batadv1: entered promiscuous mode
[  184.153525][ T8105] loop1: detected capacity change from 0 to 512
[  184.238650][ T8105] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  184.289819][ T8105] ext4 filesystem being mounted at /193/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  184.307630][ T1130] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[  184.317976][ T1130] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[  184.487758][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  184.571942][ T8123] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  184.731608][ T8127] loop5: detected capacity change from 0 to 128
[  184.748111][ T8127] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  184.780554][ T8127] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  185.219593][   T27] audit: type=1326 audit(1753827817.421:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8138 comm="syz.1.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbabb8e9a9 code=0x7ffc0000
[  185.277754][   T27] audit: type=1326 audit(1753827817.421:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8138 comm="syz.1.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbabb8e9a9 code=0x7ffc0000
[  185.347670][   T27] audit: type=1326 audit(1753827817.421:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8138 comm="syz.1.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=271 compat=0 ip=0x7fcbabb8e9a9 code=0x7ffc0000
[  185.390414][   T27] audit: type=1326 audit(1753827817.431:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8138 comm="syz.1.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbabb8e9a9 code=0x7ffc0000
[  185.463616][   T27] audit: type=1326 audit(1753827817.431:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8138 comm="syz.1.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbabb8e9a9 code=0x7ffc0000
[  185.604733][ T8146] loop5: detected capacity change from 0 to 4096
[  185.615607][ T8146] ntfs3: loop5: Different NTFS sector size (4096) and media sector size (512).
[  185.659359][ T8146] ntfs3: loop5: Mark volume as dirty due to NTFS errors
[  185.676353][ T8146] ntfs3: loop5: Failed to initialize $Extend/$Reparse.
[  186.537690][ T5834] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  186.740754][ T5834] usb 6-1: Using ep0 maxpacket: 32
[  186.758444][ T5834] usb 6-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  186.786269][ T5834] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  186.811116][ T5834] usb 6-1: config 0 descriptor??
[  186.886037][ T8165] loop1: detected capacity change from 0 to 32768
[  187.083588][ T5834] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  187.113997][ T5834] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  187.144709][ T5834] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  187.165853][ T5834] usb 6-1: media controller created
[  187.232493][ T5834] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  187.283745][ T8174] loop4: detected capacity change from 0 to 32768
[  187.290590][ T5834] az6027: usb out operation failed. (-71)
[  187.296911][ T5834] az6027: usb out operation failed. (-71)
[  187.308807][ T5834] stb0899_attach: Driver disabled by Kconfig
[  187.338480][ T5834] az6027: no front-end attached
[  187.338480][ T5834] 
[  187.346909][ T5834] az6027: usb out operation failed. (-71)
[  187.355791][ T5834] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  187.373257][ T8174] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  187.387873][ T5834] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb6/6-1/input/input11
[  187.409925][ T5834] dvb-usb: schedule remote query interval to 400 msecs.
[  187.418312][ T5834] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  187.431351][ T5834] usb 6-1: USB disconnect, device number 4
[  187.561409][ T5834] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  187.615435][ T8186] loop1: detected capacity change from 0 to 4096
[  187.645508][ T8174] XFS (loop4): Ending clean mount
[  187.661386][ T8186] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512).
[  187.718563][ T8186] ntfs3: loop1: Failed to initialize $Extend/$ObjId.
[  187.736074][ T6382] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  188.216465][ T8195] netlink: 'syz.4.843': attribute type 2 has an invalid length.
[  188.224398][ T8195] netlink: 84 bytes leftover after parsing attributes in process `syz.4.843'.
[  188.417859][  T786] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  188.624554][  T786] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  188.661745][  T786] usb 2-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[  188.682115][  T786] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  188.704754][  T786] usb 2-1: config 0 descriptor??
[  188.713798][ T8207] loop5: detected capacity change from 0 to 1764
[  189.152403][  T786] lenovo 0003:17EF:6047.000C: hidraw0: USB HID v0.00 Device [HID 17ef:6047] on usb-dummy_hcd.1-1/input0
[  189.559575][  T786] lenovo 0003:17EF:6047.000C: Failed to switch middle button: -71
[  189.586762][  T786] lenovo 0003:17EF:6047.000C: Fn-lock setting failed: -71
[  189.596715][  T786] lenovo 0003:17EF:6047.000C: Sensitivity setting failed: -71
[  189.624858][  T786] usb 2-1: USB disconnect, device number 10
[  189.640859][ T8213] loop5: detected capacity change from 0 to 32768
[  189.665105][ T8213] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 scanned by syz.5.855 (8213)
[  189.699912][ T8213] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  189.726332][ T8213] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm
[  189.744046][ T8213] BTRFS info (device loop5): using free space tree
[  189.832675][ T8213] BTRFS info (device loop5): enabling ssd optimizations
[  189.843292][ T8213] BTRFS info (device loop5): auto enabling async discard
[  190.018261][ T7650] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  190.329048][ T8242] loop1: detected capacity change from 0 to 64
[  190.400677][ T8242] MINIX-fs: mounting unchecked file system, running fsck is recommended
[  190.622031][ T5786] minix_free_inode: bit 3 already cleared
[  190.638555][ T5786] minix_free_inode: bit 4 already cleared
[  190.667523][ T5786] minix_free_inode: bit 2 already cleared
[  190.689033][ T5786] minix_free_inode: bit 5 already cleared
[  191.817549][ T8252] loop4: detected capacity change from 0 to 40427
[  191.859725][ T8252] F2FS-fs (loop4): invalid crc value
[  192.038541][ T8252] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  192.062109][ T8263] loop1: detected capacity change from 0 to 32768
[  192.124466][ T8263] ERROR: (device loop1): dbAlloc: the hint is outside the map
[  192.124466][ T8263] 
[  192.151094][ T8252] F2FS-fs (loop4): Stopped filesystem due to reason: 0
[  192.169652][ T8263] ERROR: (device loop1): remounting filesystem as read-only
[  192.283755][  T112] blkno = 5002c, nblocks = 1
[  192.288581][  T112] ERROR: (device loop1): dbUpdatePMap: blocks are outside the map
[  192.288581][  T112] 
[  192.409681][ T8279] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  192.911757][ T8281] loop4: detected capacity change from 0 to 256
[  192.979019][ T5789] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  192.989978][ T5789] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  193.001173][ T5789] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  193.021798][ T5789] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  193.029918][ T5789] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  193.037408][ T5789] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  193.105067][ T1130] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  193.225973][ T1130] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  193.366453][ T1130] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  193.476488][ T8284] loop1: detected capacity change from 0 to 32768
[  193.503539][ T8284] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.879 (8284)
[  193.518917][ T1130] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  193.521864][ T8284] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  193.541330][ T8284] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  193.550245][ T8284] BTRFS info (device loop1): using free space tree
[  193.697352][ T8284] BTRFS info (device loop1): enabling ssd optimizations
[  193.704388][ T8284] BTRFS info (device loop1): auto enabling async discard
[  193.863059][ T8282] chnl_net:caif_netlink_parms(): no params data found
[  193.963903][ T8293] loop4: detected capacity change from 0 to 32768
[  194.078172][ T8293] JBD2: Ignoring recovery information on journal
[  194.100650][ T8317] loop5: detected capacity change from 0 to 4096
[  194.125560][ T5786] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  194.159180][ T8317] ntfs: (device loop5): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  194.174758][ T8293] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  194.247752][ T8317] ntfs: (device loop5): ntfs_read_locked_inode(): Corrupt standard information attribute in inode.
[  194.275192][ T8317] ntfs: (device loop5): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  194.289167][ T8317] ntfs: (device loop5): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  194.325448][ T8317] ntfs: volume version 3.1.
[  194.374410][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  194.381793][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  194.476549][ T6382] ocfs2: Unmounting device (7,4) on (node local)
[  194.527524][ T8282] bridge0: port 1(bridge_slave_0) entered blocking state
[  194.534764][ T8282] bridge0: port 1(bridge_slave_0) entered disabled state
[  194.576539][ T8282] bridge_slave_0: entered allmulticast mode
[  194.584065][ T8282] bridge_slave_0: entered promiscuous mode
[  194.719175][ T8282] bridge0: port 2(bridge_slave_1) entered blocking state
[  194.752978][ T8282] bridge0: port 2(bridge_slave_1) entered disabled state
[  194.773216][ T8282] bridge_slave_1: entered allmulticast mode
[  194.775771][ T7650] ntfs: (device loop5): ntfs_put_super(): Volume has errors.  Leaving volume marked dirty.  Run chkdsk.
[  194.781166][ T8282] bridge_slave_1: entered promiscuous mode
[  195.050629][ T8282] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  195.091376][ T8336] program syz.4.892 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  195.157461][ T5789] Bluetooth: hci2: command tx timeout
[  195.174065][ T8282] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  195.231217][ T8338] loop5: detected capacity change from 0 to 2048
[  195.287662][ T8338] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  195.325006][ T8338] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  195.347542][ T8338] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 14 with max blocks 1 with error 28
[  195.363792][ T8338] EXT4-fs (loop5): This should not happen!! Data will be lost
[  195.363792][ T8338] 
[  195.373736][ T8338] EXT4-fs (loop5): Total free blocks count 0
[  195.381289][ T8338] EXT4-fs (loop5): Free/Dirty block details
[  195.387544][ T8338] EXT4-fs (loop5): free_blocks=2415919104
[  195.393563][ T8338] EXT4-fs (loop5): dirty_blocks=16
[  195.398865][ T8338] EXT4-fs (loop5): Block reservation details
[  195.405006][ T8338] EXT4-fs (loop5): i_reserved_data_blocks=1
[  195.453216][   T12] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  195.473116][ T8282] team0: Port device team_slave_0 added
[  195.528254][ T8282] team0: Port device team_slave_1 added
[  195.685522][ T8355] io-wq is not configured for unbound workers
[  195.696747][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  195.816779][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  195.846073][ T8282] batman_adv: batadv0: Adding interface: batadv_slave_0
[  195.878933][ T8282] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  195.915035][ T8282] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  195.944762][ T8282] batman_adv: batadv0: Adding interface: batadv_slave_1
[  195.956529][ T8282] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  195.983127][ T8282] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  196.112284][ T8361] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.901'.
[  196.164321][ T8359] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.901'.
[  196.265639][ T8282] hsr_slave_0: entered promiscuous mode
[  196.312592][ T8282] hsr_slave_1: entered promiscuous mode
[  196.319169][ T8282] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  196.343140][ T8282] Cannot create hsr debugfs directory
[  196.384585][ T1130] hsr_slave_0: left promiscuous mode
[  196.407345][ T1130] hsr_slave_1: left promiscuous mode
[  196.441422][ T1130] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  196.461329][ T1130] batman_adv: batadv0: Removing interface: batadv_slave_0
[  196.488817][ T1130] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  196.516413][ T1130] batman_adv: batadv0: Removing interface: batadv_slave_1
[  196.539881][ T1130] bridge_slave_1: left allmulticast mode
[  196.555865][ T1130] bridge_slave_1: left promiscuous mode
[  196.566502][ T1130] bridge0: port 2(bridge_slave_1) entered disabled state
[  196.607390][ T1130] bridge_slave_0: left allmulticast mode
[  196.613209][ T1130] bridge_slave_0: left promiscuous mode
[  196.627780][ T1130] bridge0: port 1(bridge_slave_0) entered disabled state
[  196.745116][ T1130] veth1_macvtap: left promiscuous mode
[  196.753954][ T1130] veth0_macvtap: left promiscuous mode
[  196.776922][ T1130] veth1_vlan: left promiscuous mode
[  196.782344][ T1130] veth0_vlan: left promiscuous mode
[  197.112399][ T8367] loop1: detected capacity change from 0 to 32768
[  197.126705][ T8367] XFS: ikeep mount option is deprecated.
[  197.139209][ T8367] XFS: ikeep mount option is deprecated.
[  197.147366][ T8366] loop4: detected capacity change from 0 to 32768
[  197.215501][ T8367] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  197.228809][ T8366] ocfs2: Slot 0 on device (7,4) was already allocated to this node!
[  197.247585][ T5789] Bluetooth: hci2: command tx timeout
[  197.270718][ T8366] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  197.369556][ T8367] XFS (loop1): Ending clean mount
[  197.481140][ T6382] ocfs2: Unmounting device (7,4) on (node local)
[  197.562565][ T8367] XFS (loop1): User initiated shutdown received.
[  197.586091][ T8367] XFS (loop1): Metadata I/O Error (0x4) detected at xfs_fs_goingdown+0x105/0x150 (fs/xfs/xfs_fsops.c:491).  Shutting down filesystem.
[  197.615040][ T8367] XFS (loop1): Please unmount the filesystem and rectify the problem(s)
[  197.731184][ T5786] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  197.746576][ T8385] loop4: detected capacity change from 0 to 1024
[  197.943764][   T12] hfsplus: b-tree write err: -5, ino 4
[  198.200395][ T1130] team0 (unregistering): Port device team_slave_1 removed
[  198.282502][ T1130] team0 (unregistering): Port device team_slave_0 removed
[  198.334169][ T1130] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  198.392790][ T1130] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  199.001475][ T1130] bond0 (unregistering): Released all slaves
[  199.321600][ T5789] Bluetooth: hci2: command tx timeout
[  199.507322][ T8282] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  199.519186][ T5834] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  199.556490][ T8282] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  199.577881][ T8282] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  199.595207][ T8282] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  199.629005][ T1130] IPVS: stop unused estimator thread 0...
[  199.717266][ T5834] usb 6-1: Using ep0 maxpacket: 32
[  199.730387][ T5834] usb 6-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  199.748310][ T5834] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  199.777245][ T5834] usb 6-1: config 0 descriptor??
[  199.794011][ T8282] 8021q: adding VLAN 0 to HW filter on device bond0
[  199.834786][ T8282] 8021q: adding VLAN 0 to HW filter on device team0
[  199.853630][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[  199.860869][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[  199.882534][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[  199.889848][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[  199.970193][ T8399] loop1: detected capacity change from 0 to 40427
[  199.978619][ T8399] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  199.993041][ T8399] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  200.000962][ T5834] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  200.004508][ T8399] F2FS-fs (loop1): invalid crc_offset: 33558524
[  200.027291][ T5834] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  200.043523][ T5834] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  200.045889][ T8399] F2FS-fs (loop1): Found nat_bits in checkpoint
[  200.064793][ T5834] usb 6-1: media controller created
[  200.115276][ T5834] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  200.132698][ T8399] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  200.156274][ T8399] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  200.202625][ T8395] az6027: more than 2 i2c messages at a time is not handled yet. TODO.
[  200.246485][ T5834] az6027: usb out operation failed. (-71)
[  200.256778][ T5834] az6027: usb out operation failed. (-71)
[  200.262577][ T5834] stb0899_attach: Driver disabled by Kconfig
[  200.286690][ T5834] az6027: no front-end attached
[  200.286690][ T5834] 
[  200.313632][ T5834] az6027: usb out operation failed. (-71)
[  200.332255][ T5834] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  200.352084][ T5834] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb6/6-1/input/input12
[  200.389108][ T5834] dvb-usb: schedule remote query interval to 400 msecs.
[  200.396135][ T5834] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  200.430996][ T5834] usb 6-1: USB disconnect, device number 5
[  200.451923][ T8282] 8021q: adding VLAN 0 to HW filter on device batadv0
[  200.513454][ T5834] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  201.069017][ T8282] veth0_vlan: entered promiscuous mode
[  201.077016][ T8413] loop4: detected capacity change from 0 to 32768
[  201.101226][ T8282] veth1_vlan: entered promiscuous mode
[  201.157217][ T8413] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  201.227594][ T8282] veth0_macvtap: entered promiscuous mode
[  201.270671][ T8282] veth1_macvtap: entered promiscuous mode
[  201.326104][ T8413] XFS (loop4): Ending clean mount
[  201.354299][ T8282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  201.388259][ T8282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  201.391480][ T8413] XFS (loop4): Quotacheck needed: Please wait.
[  201.405579][ T5789] Bluetooth: hci2: command tx timeout
[  201.411765][ T8282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  201.422564][ T8282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  201.434555][ T8282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  201.445172][ T8282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  201.458798][ T8282] batman_adv: batadv0: Interface activated: batadv_slave_0
[  201.470184][ T8282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  201.481513][ T8282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  201.492774][ T8282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  201.503655][ T8282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  201.513721][ T8282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  201.524302][ T8282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  201.536936][ T8282] batman_adv: batadv0: Interface activated: batadv_slave_1
[  201.552862][ T8282] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  201.576526][ T8282] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  201.585341][ T8413] XFS (loop4): Quotacheck: Done.
[  201.596310][ T8282] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  201.616874][ T8282] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  201.754497][ T6382] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  201.795287][   T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  201.805761][   T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  201.900819][   T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  201.918069][   T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  202.365398][ T8448] loop4: detected capacity change from 0 to 2048
[  202.390858][ T8448] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  202.568912][ T8439] loop5: detected capacity change from 0 to 40427
[  202.629870][ T8443] loop1: detected capacity change from 0 to 32768
[  202.638638][ T8439] F2FS-fs (loop5): Found nat_bits in checkpoint
[  202.743685][ T8439] F2FS-fs (loop5): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  202.796502][ T8439] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  202.898916][ T7650] syz-executor: attempt to access beyond end of device
[  202.898916][ T7650] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  202.950736][ T7650] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  203.282414][ T8451] loop6: detected capacity change from 0 to 32768
[  203.924866][ T8456] loop4: detected capacity change from 0 to 65536
[  203.963270][ T8459] loop1: detected capacity change from 0 to 40427
[  203.978578][ T8459] F2FS-fs (loop1): build fault injection attr: rate: 4, type: 0x7ffff
[  203.989538][ T8459] F2FS-fs (loop1): Image doesn't support compression
[  203.997169][ T8456] XFS (loop4): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  204.000171][ T8459] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0x2ac
[  204.023188][ T8459] F2FS-fs (loop1): invalid crc value
[  204.057422][ T8459] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_page of __get_meta_page+0x156/0x580
[  204.079864][ T8459] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_page of f2fs_ra_meta_pages+0x644/0x920
[  204.102350][ T8459] F2FS-fs (loop1): Found nat_bits in checkpoint
[  204.150918][ T8456] XFS (loop4): Ending clean mount
[  204.160700][ T8456] XFS (loop4): Quotacheck needed: Please wait.
[  204.211427][ T8459] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_page of f2fs_ra_meta_pages+0x644/0x920
[  204.257396][ T8459] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_page of f2fs_ra_meta_pages+0x644/0x920
[  204.272569][ T8456] XFS (loop4): Quotacheck: Done.
[  204.295512][ T8459] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_page of __get_meta_page+0x156/0x580
[  204.345013][ T8459] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  204.422448][ T6382] XFS (loop4): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  204.482142][ T8459] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_page of f2fs_get_read_data_page+0xc0/0x5c0
[  204.526922][ T8459] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_page of f2fs_new_node_page+0x13a/0x910
[  204.562955][ T8470] loop5: detected capacity change from 0 to 32768
[  204.611380][ T8480] F2FS-fs (loop1): inject alloc nid in f2fs_alloc_nid of f2fs_new_inode+0xff/0x1020
[  204.807141][ T5786] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_page of f2fs_grab_meta_page+0x67/0x210
[  205.340044][ T8491] loop4: detected capacity change from 0 to 256
[  205.430755][ T8495] loop1: detected capacity change from 0 to 47
[  205.597015][ T5834] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  205.812583][ T5834] usb 7-1: Using ep0 maxpacket: 8
[  205.830813][ T5834] usb 7-1: New USB device found, idVendor=12d1, idProduct=fae2, bcdDevice=70.8b
[  205.844886][ T5834] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  205.873595][ T5834] usb 7-1: Product: syz
[  205.893857][ T5834] usb 7-1: Manufacturer: syz
[  205.904000][ T5834] usb 7-1: SerialNumber: syz
[  205.916704][ T5834] usb 7-1: config 0 descriptor??
[  205.934849][ T5834] option 7-1:0.0: GSM modem (1-port) converter detected
[  206.149827][ T8499] loop4: detected capacity change from 0 to 32768
[  206.155954][ T8497] loop5: detected capacity change from 0 to 32768
[  206.164623][ T5834] usb 7-1: USB disconnect, device number 2
[  206.167064][ T8499] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.947 (8499)
[  206.172124][ T5834] option 7-1:0.0: device disconnected
[  206.195020][ T8499] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  206.199499][ T8497] ocfs2: Slot 0 on device (7,5) was already allocated to this node!
[  206.206459][ T8499] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  206.222231][ T8499] BTRFS info (device loop4): enabling disk space caching
[  206.229907][ T8499] BTRFS info (device loop4): enabling auto defrag
[  206.236818][ T8499] BTRFS info (device loop4): doing ref verification
[  206.243463][ T8499] BTRFS info (device loop4): use no compression
[  206.250086][ T8499] BTRFS info (device loop4): force clearing of disk cache
[  206.253191][ T8497] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  206.258638][ T8499] BTRFS info (device loop4): turning on sync discard
[  206.273913][ T8499] BTRFS info (device loop4): disabling disk space caching
[  206.297168][    T8] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  206.335524][ T8499] BTRFS info (device loop4): enabling ssd optimizations
[  206.345950][ T8499] BTRFS info (device loop4): rebuilding free space tree
[  206.370933][ T7650] ocfs2: Unmounting device (7,5) on (node local)
[  206.397156][ T8499] BTRFS info (device loop4): disabling free space tree
[  206.404175][ T8499] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  206.414525][ T8499] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  206.488797][    T8] usb 2-1: Using ep0 maxpacket: 16
[  206.498209][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xD has an invalid bInterval 0, changing to 7
[  206.539787][    T8] usb 2-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice=32.4f
[  206.569513][    T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  206.585407][    T8] usb 2-1: Product: syz
[  206.591068][    T8] usb 2-1: Manufacturer: syz
[  206.595720][    T8] usb 2-1: SerialNumber: syz
[  206.610066][    T8] usb 2-1: config 0 descriptor??
[  206.627947][    T8] hub 2-1:0.0: bad descriptor, ignoring hub
[  206.633930][    T8] hub: probe of 2-1:0.0 failed with error -5
[  206.651050][    T8] usb 2-1: Quirk or no altest; falling back to MIDI 1.0
[  206.733920][ T6382] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  207.002157][ T8532] loop5: detected capacity change from 0 to 2048
[  207.014579][ T8532] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[  207.045424][ T8533] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  207.242589][ T8532] NILFS (loop5): DAT doesn't have a block to manage vblocknr = 3044605952
[  207.277811][ T8532] NILFS error (device loop5): nilfs_bmap_truncate: broken bmap (inode number=15)
[  207.343002][ T8532] Remounting filesystem read-only
[  207.348365][ T8532] NILFS (loop5): error -5 truncating bmap (ino=15)
[  207.384589][    T8] usb 2-1: USB disconnect, device number 11
[  207.506915][ T7650] NILFS (loop5): discard dirty page: offset=0, ino=6
[  207.526553][ T7650] NILFS (loop5): discard dirty block: blocknr=0, size=1024
[  207.533835][ T7650] NILFS (loop5): discard dirty block: blocknr=36, size=1024
[  207.550098][ T7650] NILFS (loop5): discard dirty block: blocknr=37, size=1024
[  207.558204][ T7650] NILFS (loop5): discard dirty block: blocknr=38, size=1024
[  207.567605][ T7650] NILFS (loop5): discard dirty page: offset=0, ino=5
[  207.574342][ T7650] NILFS (loop5): discard dirty block: blocknr=41, size=1024
[  207.599776][ T7650] NILFS (loop5): discard dirty block: blocknr=18446744073709551615, size=1024
[  207.610946][ T7650] NILFS (loop5): discard dirty block: blocknr=18446744073709551615, size=1024
[  207.621200][ T7650] NILFS (loop5): discard dirty block: blocknr=18446744073709551615, size=1024
[  207.630880][ T7650] NILFS (loop5): discard dirty page: offset=0, ino=3
[  207.643941][ T7650] NILFS (loop5): discard dirty block: blocknr=42, size=1024
[  207.653583][ T7650] NILFS (loop5): discard dirty block: blocknr=43, size=1024
[  207.662764][ T7650] NILFS (loop5): discard dirty block: blocknr=44, size=1024
[  207.670930][ T7650] NILFS (loop5): discard dirty block: blocknr=18446744073709551615, size=1024
[  207.680352][ T7650] NILFS (loop5): discard dirty page: offset=196608, ino=3
[  207.706295][ T7650] NILFS (loop5): discard dirty block: blocknr=18446744073709551615, size=1024
[  207.737592][ T7650] NILFS (loop5): discard dirty block: blocknr=18446744073709551615, size=1024
[  207.756653][ T7650] NILFS (loop5): discard dirty block: blocknr=49, size=1024
[  207.768599][ T7650] NILFS (loop5): discard dirty block: blocknr=18446744073709551615, size=1024
[  207.900797][ T8539] loop6: detected capacity change from 0 to 40427
[  207.909369][ T8539] F2FS-fs (loop6): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  207.926299][ T8539] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  207.946509][ T8539] F2FS-fs (loop6): build fault injection attr: rate: 18446, type: 0x7ffff
[  207.971419][ T8539] F2FS-fs (loop6): invalid crc value
[  207.984529][ T8539] F2FS-fs (loop6): Found nat_bits in checkpoint
[  208.048801][ T8539] F2FS-fs (loop6): Start checkpoint disabled!
[  208.069867][ T8556] loop5: detected capacity change from 0 to 1024
[  208.081718][ T8539] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  208.091119][ T8539] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  208.114914][ T8556] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  208.344155][ T7650] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  208.477642][ T1130] kworker/u4:7: attempt to access beyond end of device
[  208.477642][ T1130] loop6: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  208.512762][ T1130] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  208.538627][ T1130] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  208.722777][ T8558] loop1: detected capacity change from 0 to 32768
[  208.749911][ T8558] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.958 (8558)
[  208.780652][ T8558] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  208.801339][ T8558] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  208.820331][ T8558] BTRFS info (device loop1): enabling auto defrag
[  208.846477][ T8558] BTRFS info (device loop1): max_inline at 0
[  208.852545][ T8558] BTRFS info (device loop1): enabling ssd optimizations
[  208.886299][ T8558] BTRFS warning (device loop1): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  208.916286][ T8558] BTRFS info (device loop1): trying to use backup root at mount time
[  208.945739][ T8558] BTRFS info (device loop1): using free space tree
[  209.131428][ T8563] loop4: detected capacity change from 0 to 32768
[  209.172597][ T8563] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  209.217933][ T5786] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  209.294134][ T8563] XFS (loop4): Ending clean mount
[  209.488597][ T6382] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  209.537909][ T5871] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  209.736906][ T5871] usb 6-1: Using ep0 maxpacket: 8
[  209.752040][ T5871] usb 6-1: New USB device found, idVendor=0458, idProduct=7003, bcdDevice=7a.1a
[  209.764031][ T8602] netlink: 'syz.1.968': attribute type 5 has an invalid length.
[  209.769745][ T5871] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  209.790797][ T5871] usb 6-1: Product: syz
[  209.800293][ T5871] usb 6-1: Manufacturer: syz
[  209.809951][ T5871] usb 6-1: SerialNumber: syz
[  209.825932][ T5871] usb 6-1: config 0 descriptor??
[  209.862968][ T5871] gspca_main: sn9c2028-2.14.0 probing 0458:7003
[  210.008821][ T8610] loop4: detected capacity change from 0 to 256
[  210.047422][ T8610] exfat: Deprecated parameter 'utf8'
[  210.053085][ T8610] exfat: Deprecated parameter 'namecase'
[  210.083562][ T5871] gspca_sn9c2028: read1 error -32
[  210.096539][ T8610] exfat: Deprecated parameter 'namecase'
[  210.103213][ T5871] gspca_sn9c2028: read1 error -32
[  210.142080][ T8610] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  210.322823][ T5871] usb 6-1: USB disconnect, device number 6
[  210.371605][ T8613] netlink: 104 bytes leftover after parsing attributes in process `syz.4.972'.
[  210.672464][ T8608] loop6: detected capacity change from 0 to 40427
[  210.690323][ T8608] F2FS-fs (loop6): Insane cp_payload (553648128 >= 504)
[  210.700488][ T8608] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  210.719199][ T8608] F2FS-fs (loop6): heap/no_heap options were deprecated
[  210.740401][ T8608] F2FS-fs (loop6): invalid crc value
[  210.750273][ T8608] F2FS-fs (loop6): Found nat_bits in checkpoint
[  210.801623][ T8608] F2FS-fs (loop6): Start checkpoint disabled!
[  210.819460][ T8608] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  210.826960][ T8608] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  211.068860][   T11] kworker/u4:0: attempt to access beyond end of device
[  211.068860][   T11] loop6: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  211.083687][   T11] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  211.091008][   T11] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  211.099936][   T11] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  211.286847][ T8638] loop5: detected capacity change from 0 to 128
[  211.385581][ T8640] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  211.385581][ T8640] The task syz.1.983 (8640) triggered the difference, watch for misbehavior.
[  211.412875][ T8638] FAT-fs (loop5): error, corrupted directory (invalid i_start)
[  211.427664][ T8638] FAT-fs (loop5): Filesystem has been set read-only
[  211.620566][ T8646] loop6: detected capacity change from 0 to 64
[  211.798586][ T5789] Bluetooth: hci0: command 0x0406 tx timeout
[  211.850193][ T8653] loop5: detected capacity change from 0 to 4096
[  211.866236][ T8653] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512).
[  211.905328][ T8653] ntfs3: loop5: Failed to load $Extend (-22).
[  211.911873][ T8653] ntfs3: loop5: Failed to initialize $Extend.
[  211.929434][   T27] audit: type=1800 audit(1753827844.131:36): pid=8653 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.989" name="file1" dev="loop5" ino=30 res=0 errno=0
[  212.066624][ T5871] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  212.268744][ T5871] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  212.310018][ T5871] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  212.334103][ T5871] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  212.354080][ T5871] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  212.366210][ T5871] usb 7-1: SerialNumber: syz
[  212.381617][ T8668] loop1: detected capacity change from 0 to 4096
[  212.389510][ T8668] ntfs: (device loop1): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  212.414657][ T8668] ntfs: (device loop1): ntfs_read_locked_inode(): Corrupt standard information attribute in inode.
[  212.425508][ T8668] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  212.439195][ T8668] ntfs: (device loop1): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  212.451971][ T8668] ntfs: volume version 3.1.
[  212.533393][ T1130] ntfs: (device loop1): ntfs_write_block(): Writing beyond initialized size is not supported yet. Sorry.
[  212.546254][ T5786] ntfs: (device loop1): ntfs_put_super(): Volume has errors.  Leaving volume marked dirty.  Run chkdsk.
[  212.583797][ T5871] usb 7-1: 0:2 : does not exist
[  212.596694][    T9] usb 6-1: new full-speed USB device number 7 using dummy_hcd
[  212.612427][ T5871] usb 7-1: USB disconnect, device number 3
[  212.810375][    T9] usb 6-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  212.831811][    T9] usb 6-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[  212.846294][    T9] usb 6-1: config 0 interface 0 has no altsetting 0
[  212.856844][    T9] usb 6-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00
[  212.876977][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  212.896492][    T9] usb 6-1: config 0 descriptor??
[  213.206683][ T8685] syz.4.1003 uses obsolete (PF_INET,SOCK_PACKET)
[  213.232920][ T8685] loop4: detected capacity change from 0 to 64
[  213.353986][    T9] hid-steam 0003:28DE:1102.000D: unknown main item tag 0x0
[  213.383427][ T8687] minix_free_block (loop4:21): bit already cleared
[  213.390697][    T9] hid-steam 0003:28DE:1102.000D: unknown main item tag 0x0
[  213.409480][    T9] hid-steam 0003:28DE:1102.000D: : USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.5-1/input0
[  213.411118][ T8676] loop1: detected capacity change from 0 to 40427
[  213.433490][ T8676] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  213.445500][ T8676] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  213.457434][ T8676] F2FS-fs (loop1): invalid crc value
[  213.495368][ T8676] F2FS-fs (loop1): Found nat_bits in checkpoint
[  213.507055][    T9] hid-steam 0003:28DE:1102.000D: Steam Controller 'XXXXXXXXXX' connected
[  213.552956][    T9] input: Steam Controller as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:28DE:1102.000D/input/input13
[  213.603311][ T8676] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  213.618562][    T9] hid-steam 0003:28DE:1102.000E: unknown main item tag 0x0
[  213.635569][ T8676] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  213.651410][    T9] hid-steam 0003:28DE:1102.000E: unknown main item tag 0x0
[  213.673780][    T9] hid-steam 0003:28DE:1102.000E: hidraw0: USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.5-1/input0
[  213.693098][    T9] usb 6-1: USB disconnect, device number 7
[  213.778258][    T9] hid-steam 0003:28DE:1102.000D: Steam Controller 'XXXXXXXXXX' disconnected
[  213.814970][ T8686] loop6: detected capacity change from 0 to 32768
[  213.841493][ T8686] XFS: ikeep mount option is deprecated.
[  213.859043][ T8686] XFS: ikeep mount option is deprecated.
[  213.891941][ T8686] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  214.054263][ T8686] XFS (loop6): Ending clean mount
[  214.138648][ T8686] XFS (loop6): User initiated shutdown received.
[  214.151769][ T8686] XFS (loop6): Metadata I/O Error (0x4) detected at xfs_fs_goingdown+0x105/0x150 (fs/xfs/xfs_fsops.c:491).  Shutting down filesystem.
[  214.171911][ T8686] XFS (loop6): Please unmount the filesystem and rectify the problem(s)
[  214.217201][ T8282] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  215.036629][ T8711] loop5: detected capacity change from 0 to 32768
[  215.050557][ T8711] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 scanned by syz.5.1010 (8711)
[  215.070564][ T8711] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  215.081336][ T8711] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm
[  215.091804][ T8711] BTRFS info (device loop5): using free space tree
[  215.102680][ T8712] loop4: detected capacity change from 0 to 32768
[  215.143563][ T8711] BTRFS info (device loop5): enabling ssd optimizations
[  215.156774][ T8711] BTRFS info (device loop5): auto enabling async discard
[  215.214408][ T8737] loop6: detected capacity change from 0 to 1024
[  215.229855][    T9] kernel read not supported for file /dsp (pid: 9 comm: kworker/0:1)
[  215.271609][ T8737] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  215.299258][ T8737] ext4 filesystem being mounted at /18/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  215.492727][ T8282] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.538377][   T11] BTRFS info (device loop5): qgroup scan completed (inconsistency flag cleared)
[  215.762995][ T7650] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  215.768755][ T8753] input: syz0 as /devices/virtual/input/input14
[  216.205907][ T8762] mac80211_hwsim hwsim14 wlan0: entered promiscuous mode
[  216.246656][ T8762] macsec1: entered allmulticast mode
[  216.252298][ T8762] mac80211_hwsim hwsim14 wlan0: entered allmulticast mode
[  216.267538][ T8762] mac80211_hwsim hwsim14 wlan0: left allmulticast mode
[  216.274934][ T8762] mac80211_hwsim hwsim14 wlan0: left promiscuous mode
[  216.644658][ T8764] loop5: detected capacity change from 0 to 32768
[  216.652414][ T8764] XFS: ikeep mount option is deprecated.
[  216.666296][ T8764] XFS: ikeep mount option is deprecated.
[  216.696678][ T8764] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  216.847709][ T8764] XFS (loop5): Ending clean mount
[  216.878690][ T8785] pimreg: tun_chr_ioctl cmd 1074812117
[  216.924030][ T8787] netlink: 360 bytes leftover after parsing attributes in process `syz.6.1031'.
[  217.122082][ T8790] loop4: detected capacity change from 0 to 4096
[  217.908369][ T8800] loop6: detected capacity change from 0 to 32768
[  217.967755][ T8764] XFS (loop5): User initiated shutdown received.
[  217.976857][ T8764] XFS (loop5): Metadata I/O Error (0x4) detected at xfs_fs_goingdown+0x105/0x150 (fs/xfs/xfs_fsops.c:491).  Shutting down filesystem.
[  218.015014][ T8764] XFS (loop5): Please unmount the filesystem and rectify the problem(s)
[  218.093625][ T7650] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  218.222277][ T8802] loop1: detected capacity change from 0 to 40427
[  218.296451][ T8802] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  218.304270][ T8802] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  218.336042][ T8802] F2FS-fs (loop1): invalid crc value
[  218.386500][ T8802] F2FS-fs (loop1): Found nat_bits in checkpoint
[  218.476584][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  218.494476][ T8802] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  218.503399][ T8802] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  218.714192][   T58] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  218.733451][ T8812] loop5: detected capacity change from 0 to 764
[  218.758428][   T58] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  219.166414][ T5789] Bluetooth: hci2: command tx timeout
[  219.752427][ T8817] loop6: detected capacity change from 0 to 40427
[  219.782650][ T8841] kvm: user requested TSC rate below hardware speed
[  219.803989][ T8817] F2FS-fs (loop6): Found nat_bits in checkpoint
[  219.884286][ T8817] F2FS-fs (loop6): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  219.955744][ T8817] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  220.127115][ T8282] syz-executor: attempt to access beyond end of device
[  220.127115][ T8282] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  220.166568][ T8282] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  220.360135][ T8837] loop5: detected capacity change from 0 to 40427
[  220.372510][ T8837] F2FS-fs (loop5): Small segment_count (9 < 1 * 24)
[  220.381252][ T8837] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  220.403135][ T8837] F2FS-fs (loop5): Found nat_bits in checkpoint
[  220.466501][ T8837] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  220.481860][ T8837] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  220.676847][ T7650] syz-executor: attempt to access beyond end of device
[  220.676847][ T7650] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  220.698958][ T7650] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  221.794071][ T8878] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1068'.
[  222.092671][ T8884] loop5: detected capacity change from 0 to 4096
[  222.112682][ T8884] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512).
[  222.237867][ T8884] ntfs3: loop5: ino=1e, "file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ntfs3_write_inode failed, -22.
[  222.447841][ T8892] netlink: 68 bytes leftover after parsing attributes in process `syz.5.1075'.
[  222.468723][ T8874] loop1: detected capacity change from 0 to 32768
[  222.519266][ T8874] gfs2: fsid=statfs_quantum: Trying to join cluster "lock_nolock", "statfs_quantum"
[  222.550832][ T8874] gfs2: fsid=statfs_quantum: Now mounting FS (format 1801)...
[  222.694803][ T8874] gfs2: fsid=statfs_quantum.s: journal 0 mapped with 16 extents in 0ms
[  222.929034][ T8890] loop4: detected capacity change from 0 to 32768
[  222.953880][ T8874] gfs2: fsid=statfs_quantum.s: first mount done, others may mount
[  222.997620][ T8890] ocfs2: Slot 0 on device (7,4) was already allocated to this node!
[  223.049560][ T8890] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  223.295085][ T8895] loop6: detected capacity change from 0 to 32768
[  223.318783][ T8895] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 scanned by syz.6.1076 (8895)
[  223.356560][ T8895] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  223.376411][ T8895] BTRFS info (device loop6): using sha256 (sha256-avx2) checksum algorithm
[  223.396341][ T8895] BTRFS info (device loop6): using free space tree
[  223.404672][ T6382] ocfs2: Unmounting device (7,4) on (node local)
[  223.527284][ T8895] BTRFS info (device loop6): enabling ssd optimizations
[  223.555408][ T8895] BTRFS info (device loop6): auto enabling async discard
[  223.734685][ T8923] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1081'.
[  223.823470][   T58] BTRFS info (device loop6): qgroup scan completed (inconsistency flag cleared)
[  223.963802][ T8928] loop1: detected capacity change from 0 to 1024
[  223.973282][ T8928] EXT4-fs: Ignoring removed orlov option
[  223.974099][ T8282] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  224.152061][ T8928] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  224.359126][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.861030][ T8925] loop4: detected capacity change from 0 to 32768
[  224.870327][ T8925] XFS: attr2 mount option is deprecated.
[  224.890121][ T8925] XFS (loop4): DAX unsupported by block device. Turning off DAX.
[  224.905015][ T8925] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  224.953871][ T8925] XFS (loop4): Ending clean mount
[  224.969956][ T8925] XFS (loop4): Quotacheck needed: Please wait.
[  225.211147][ T8929] loop5: detected capacity change from 0 to 131072
[  225.221014][ T8929] F2FS-fs (loop5): Wrong CP boundary, start(512) end(1536) blocks(0)
[  225.229225][ T8929] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  225.248909][ T8929] F2FS-fs (loop5): invalid crc value
[  225.262326][ T8929] F2FS-fs (loop5): Found nat_bits in checkpoint
[  225.338897][ T8929] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  225.347158][ T8929] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[  225.379775][ T8925] XFS (loop4): Quotacheck: Done.
[  225.431560][ T8953] loop6: detected capacity change from 0 to 47
[  225.516339][ T6382] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  225.531681][   T27] audit: type=1804 audit(1753827857.731:37): pid=8953 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.1084" name="/newroot/36/file1/file1" dev="loop6" ino=8 res=1 errno=0
[  225.960553][ T8964] netlink: 284 bytes leftover after parsing attributes in process `syz.4.1089'.
[  226.152328][ T8970] autofs4:pid:8970:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(1.4), cmd(0xc018937e)
[  226.195950][ T8970] autofs4:pid:8970:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc018937e)
[  226.407924][ T8978] loop4: detected capacity change from 0 to 16
[  226.421756][ T8978] erofs: (device loop4): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 16700)
[  226.575760][ T8982] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(3)
[  226.582877][ T8982] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  226.597238][ T8982] vhci_hcd vhci_hcd.0: Device attached
[  226.700723][ T8986] loop4: detected capacity change from 0 to 1024
[  226.715816][ T8986] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  226.760176][ T8986] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  226.825523][ T6382] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.886955][ T5834] usb 45-1: new low-speed USB device number 2 using vhci_hcd
[  226.926335][   T28] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  226.963935][ T8994] loop4: detected capacity change from 0 to 4096
[  227.016285][ T5871] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  227.128829][   T28] usb 7-1: config 0 has no interfaces?
[  227.134406][   T28] usb 7-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  227.159384][   T28] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  227.175587][   T28] usb 7-1: config 0 descriptor??
[  227.218719][ T5871] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  227.229942][ T5871] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  227.239836][ T5871] usb 2-1: New USB device found, idVendor=05ac, idProduct=0262, bcdDevice= 0.00
[  227.249593][ T5871] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  227.260127][ T5871] usb 2-1: config 0 descriptor??
[  227.387112][ T8983] usb 45-1: recv xbuf, 0
[  227.411824][   T11] vhci_hcd: stop threads
[  227.418299][   T11] vhci_hcd: release socket
[  227.439805][   T11] vhci_hcd: disconnect device
[  227.446455][  T786] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  227.488315][ T5834] vhci_hcd: vhci_device speed not set
[  227.494821][   T28] usb 7-1: USB disconnect, device number 4
[  227.648707][  T786] usb 6-1: Using ep0 maxpacket: 16
[  227.673436][  T786] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  227.685961][ T5871] apple 0003:05AC:0262.000F: unbalanced delimiter at end of report description
[  227.696397][  T786] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  227.703740][ T5871] apple 0003:05AC:0262.000F: parse failed
[  227.713590][ T5871] apple: probe of 0003:05AC:0262.000F failed with error -22
[  227.714292][  T786] usb 6-1: New USB device found, idVendor=054c, idProduct=05c4, bcdDevice= 0.00
[  227.730396][  T786] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  227.760487][  T786] usb 6-1: config 0 descriptor??
[  227.805903][ T9004] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1111'.
[  227.904275][ T5871] usb 2-1: USB disconnect, device number 12
[  227.982256][ T9006] loop6: detected capacity change from 0 to 64
[  228.059673][ T9009] minix_free_block (loop6:21): bit already cleared
[  228.186029][  T786] playstation 0003:054C:05C4.0010: hidraw0: USB HID v0.00 Device [HID 054c:05c4] on usb-dummy_hcd.5-1/input0
[  228.314561][ T9014] loop6: detected capacity change from 0 to 128
[  228.325419][ T9014] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  228.399765][  T786] playstation 0003:054C:05C4.0010: Invalid reportID received, expected 18 got 113
[  228.419504][  T786] playstation 0003:054C:05C4.0010: Failed to retrieve DualShock4 pairing info: -22
[  228.439457][  T786] playstation 0003:054C:05C4.0010: Failed to get MAC address from DualShock4
[  228.462714][  T786] playstation 0003:054C:05C4.0010: Failed to create dualshock4.
[  228.484470][  T786] playstation: probe of 0003:054C:05C4.0010 failed with error -22
[  228.589060][ T9022] loop1: detected capacity change from 0 to 1024
[  228.621324][ T9024] loop6: detected capacity change from 0 to 512
[  228.643511][ T9024] EXT4-fs: Ignoring removed bh option
[  228.658793][ T5834] usb 6-1: USB disconnect, device number 8
[  228.670479][ T9024] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  228.739304][ T9024] EXT4-fs (loop6): 1 truncate cleaned up
[  228.751945][ T9024] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  228.757754][ T9031] loop1: detected capacity change from 0 to 64
[  228.903010][ T9035] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 4, id = 0
[  228.959666][ T9037] loop1: detected capacity change from 0 to 64
[  228.959671][ T8282] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  229.008914][ T1130] wlan1: Trigger new scan to find an IBSS to join
[  229.049764][ T9039] minix_free_block (loop1:21): bit already cleared
[  229.058092][   T58] ------------[ cut here ]------------
[  229.064421][   T58] no supported rates for sta (null) (0xffffffff, band 0) in rate_mask 0xffffffff with flags 0x20
[  229.064863][ T9042] program syz.6.1125 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  229.076072][   T58] WARNING: CPU: 0 PID: 58 at net/mac80211/rate.c:385 __rate_control_send_low+0x635/0x880
[  229.094622][   T58] Modules linked in:
[  229.098623][   T58] CPU: 0 PID: 58 Comm: kworker/u4:4 Not tainted 6.6.100-syzkaller #0
[  229.106778][   T58] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  229.116920][   T58] Workqueue: events_unbound cfg80211_wiphy_work
[  229.123237][   T58] RIP: 0010:__rate_control_send_low+0x635/0x880
[  229.129576][   T58] Code: 30 42 0f b6 04 28 84 c0 0f 85 e6 01 00 00 41 8b 0e 48 c7 c7 60 7b be 8b 48 8b 74 24 10 44 8b 44 24 1c 45 89 e1 e8 5b ef 6a f7 <0f> 0b e9 78 fe ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 03 fa ff
[  229.149316][   T58] RSP: 0018:ffffc90001597380 EFLAGS: 00010246
[  229.155440][   T58] RAX: 0b0d9688a385d600 RBX: 000000000000000c RCX: ffff88801ee80000
[  229.157321][ T5834] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  229.163582][   T58] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[  229.179908][   T58] RBP: 0000000000000084 R08: ffffffff90da3617 R09: 1ffffffff21b46c2
[  229.187971][   T58] R10: dffffc0000000000 R11: fffffbfff21b46c3 R12: 0000000000000020
[  229.196093][   T58] R13: dffffc0000000000 R14: ffff88807c993358 R15: ffff88807dd552a8
[  229.204168][   T58] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  229.213283][   T58] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  229.219982][   T58] CR2: 00007fcbac9d6f98 CR3: 0000000024820000 CR4: 00000000003506f0
[  229.228050][   T58] Call Trace:
[  229.231369][   T58]  <TASK>
[  229.234374][   T58]  rate_control_send_low+0x194/0x790
[  229.239771][   T58]  rate_control_get_rate+0x20b/0x5c0
[  229.245140][   T58]  ieee80211_tx_h_rate_ctrl+0xb2d/0x1770
[  229.250923][   T58]  ? ieee80211_tx_h_select_key+0x18f0/0x18f0
[  229.257011][   T58]  ? __lock_acquire+0x1260/0x7c80
[  229.262105][   T58]  ? ieee80211_is_bufferable_mmpdu+0xfb/0x1f0
[  229.268285][   T58]  invoke_tx_handlers_late+0xb6/0x1810
[  229.273806][   T58]  ? ieee80211_tx_h_select_key+0x13cc/0x18f0
[  229.279910][   T58]  ? invoke_tx_handlers_early+0xa11/0x1cf0
[  229.285797][   T58]  ieee80211_tx+0x2ad/0x420
[  229.290404][   T58]  ? ieee80211_skb_resize+0x630/0x630
[  229.295859][   T58]  ? ieee80211_set_qos_hdr+0x1ca/0x510
[  229.301418][   T58]  ? __bpf_trace_tasklet+0x140/0x140
[  229.306799][   T58]  ? ieee80211_xmit+0x310/0x3f0
[  229.311752][   T58]  ? __ieee80211_tx_skb_tid_band+0x490/0x610
[  229.317845][   T58]  __ieee80211_tx_skb_tid_band+0x4d5/0x610
[  229.323839][   T58]  ? ieee80211_scan_state_send_probe+0x4b4/0x930
[  229.330272][   T58]  ieee80211_scan_state_send_probe+0x560/0x930
[  229.336540][   T58]  ieee80211_scan_work+0x4e8/0x1c30
[  229.342149][   T58]  cfg80211_wiphy_work+0x225/0x260
[  229.347377][   T58]  ? process_scheduled_works+0x957/0x15b0
[  229.353169][   T58]  process_scheduled_works+0xa45/0x15b0
[  229.358851][   T58]  ? assign_work+0x400/0x400
[  229.363552][   T58]  ? assign_work+0x39e/0x400
[  229.368252][   T58]  worker_thread+0xa55/0xfc0
[  229.372912][   T58]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[  229.378916][   T58]  ? _raw_spin_unlock+0x40/0x40
[  229.383827][   T58]  ? _raw_spin_unlock_irqrestore+0x86/0x110
[  229.389856][   T58]  kthread+0x2fa/0x390
[  229.393985][   T58]  ? pr_cont_work+0x560/0x560
[  229.398762][   T58]  ? kthread_blkcg+0xd0/0xd0
[  229.403409][   T58]  ret_from_fork+0x48/0x80
[  229.407920][   T58]  ? kthread_blkcg+0xd0/0xd0
[  229.412579][   T58]  ret_from_fork_asm+0x11/0x20
[  229.417475][   T58]  </TASK>
[  229.420535][   T58] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  229.427850][   T58] CPU: 0 PID: 58 Comm: kworker/u4:4 Not tainted 6.6.100-syzkaller #0
[  229.435951][   T58] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  229.446148][   T58] Workqueue: events_unbound cfg80211_wiphy_work
[  229.452451][   T58] Call Trace:
[  229.455778][   T58]  <TASK>
[  229.458750][   T58]  dump_stack_lvl+0x16c/0x230
[  229.463480][   T58]  ? show_regs_print_info+0x20/0x20
[  229.468726][   T58]  ? load_image+0x3b0/0x3b0
[  229.473306][   T58]  panic+0x2c0/0x710
[  229.477262][   T58]  ? bpf_jit_dump+0xd0/0xd0
[  229.481829][   T58]  ? ret_from_fork_asm+0x11/0x20
[  229.486823][   T58]  __warn+0x2e0/0x470
[  229.490856][   T58]  ? __rate_control_send_low+0x635/0x880
[  229.496536][   T58]  ? __rate_control_send_low+0x635/0x880
[  229.496892][ T5834] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  229.509961][   T58]  report_bug+0x2be/0x4f0
[  229.514440][   T58]  ? __rate_control_send_low+0x635/0x880
[  229.520127][   T58]  ? __rate_control_send_low+0x635/0x880
[  229.525822][   T58]  ? __rate_control_send_low+0x637/0x880
[  229.531507][   T58]  handle_bug+0xcf/0x120
[  229.535811][   T58]  exc_invalid_op+0x1a/0x50
[  229.540363][   T58]  asm_exc_invalid_op+0x1a/0x20
[  229.545266][   T58] RIP: 0010:__rate_control_send_low+0x635/0x880
[  229.551556][   T58] Code: 30 42 0f b6 04 28 84 c0 0f 85 e6 01 00 00 41 8b 0e 48 c7 c7 60 7b be 8b 48 8b 74 24 10 44 8b 44 24 1c 45 89 e1 e8 5b ef 6a f7 <0f> 0b e9 78 fe ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 03 fa ff
[  229.571223][   T58] RSP: 0018:ffffc90001597380 EFLAGS: 00010246
[  229.577355][   T58] RAX: 0b0d9688a385d600 RBX: 000000000000000c RCX: ffff88801ee80000
[  229.585377][   T58] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[  229.591976][ T9050] loop5: detected capacity change from 0 to 256
[  229.599638][   T58] RBP: 0000000000000084 R08: ffffffff90da3617 R09: 1ffffffff21b46c2
[  229.607641][   T58] R10: dffffc0000000000 R11: fffffbfff21b46c3 R12: 0000000000000020
[  229.615646][   T58] R13: dffffc0000000000 R14: ffff88807c993358 R15: ffff88807dd552a8
[  229.623683][   T58]  rate_control_send_low+0x194/0x790
[  229.629139][   T58]  rate_control_get_rate+0x20b/0x5c0
[  229.634473][   T58]  ieee80211_tx_h_rate_ctrl+0xb2d/0x1770
[  229.640169][   T58]  ? ieee80211_tx_h_select_key+0x18f0/0x18f0
[  229.646178][   T58]  ? __lock_acquire+0x1260/0x7c80
[  229.651238][   T58]  ? ieee80211_is_bufferable_mmpdu+0xfb/0x1f0
[  229.657338][   T58]  invoke_tx_handlers_late+0xb6/0x1810
[  229.662822][   T58]  ? ieee80211_tx_h_select_key+0x13cc/0x18f0
[  229.669028][   T58]  ? invoke_tx_handlers_early+0xa11/0x1cf0
[  229.674973][   T58]  ieee80211_tx+0x2ad/0x420
[  229.679515][   T58]  ? ieee80211_skb_resize+0x630/0x630
[  229.684929][   T58]  ? ieee80211_set_qos_hdr+0x1ca/0x510
[  229.690411][   T58]  ? __bpf_trace_tasklet+0x140/0x140
[  229.695723][   T58]  ? ieee80211_xmit+0x310/0x3f0
[  229.700597][   T58]  ? __ieee80211_tx_skb_tid_band+0x490/0x610
[  229.706605][   T58]  __ieee80211_tx_skb_tid_band+0x4d5/0x610
[  229.712453][   T58]  ? ieee80211_scan_state_send_probe+0x4b4/0x930
[  229.718804][   T58]  ieee80211_scan_state_send_probe+0x560/0x930
[  229.725008][   T58]  ieee80211_scan_work+0x4e8/0x1c30
[  229.730267][   T58]  cfg80211_wiphy_work+0x225/0x260
[  229.735411][   T58]  ? process_scheduled_works+0x957/0x15b0
[  229.741156][   T58]  process_scheduled_works+0xa45/0x15b0
[  229.746755][   T58]  ? assign_work+0x400/0x400
[  229.751370][   T58]  ? assign_work+0x39e/0x400
[  229.755991][   T58]  worker_thread+0xa55/0xfc0
[  229.760601][   T58]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[  229.766520][   T58]  ? _raw_spin_unlock+0x40/0x40
[  229.771395][   T58]  ? _raw_spin_unlock_irqrestore+0x86/0x110
[  229.777330][   T58]  kthread+0x2fa/0x390
[  229.781414][   T58]  ? pr_cont_work+0x560/0x560
[  229.786105][   T58]  ? kthread_blkcg+0xd0/0xd0
[  229.790709][   T58]  ret_from_fork+0x48/0x80
[  229.795169][   T58]  ? kthread_blkcg+0xd0/0xd0
[  229.799774][   T58]  ret_from_fork_asm+0x11/0x20
[  229.804572][   T58]  </TASK>
[  229.807931][   T58] Kernel Offset: disabled
[  229.812378][   T58] Rebooting in 86400 seconds..