last executing test programs:

8.18283546s ago: executing program 0 (id=5496):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000041436120410e5150e8d5000000010902f98a5c01000000090401001186eee2000905821704"], 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xfffffffffffffea8, &(0x7f00000000c0)=ANY=[])

4.791376986s ago: executing program 4 (id=5520):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="38000000100001040000efff0300000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000001800128009000100626f6e640000000008000280040008"], 0x38}}, 0x0)

4.702763608s ago: executing program 4 (id=5521):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00'}, 0x18)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r0 = io_uring_setup(0x4, 0x0)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000040)=<r2=>0x0)
setpgid(r2, r1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$TIOCGETD(0xffffffffffffffff, 0x5424, &(0x7f0000000080))
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000200)={@in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x24, 0x0, "43cad7244bde5bbd8035d89034a56bad61a87c614899a37c5d0d7da4d7fc948375f3593dbd21eb7618ffb4ff4984e01eedc37998dd16526edb40eaadabe6cd2bd9f9dfeade7787ea64309c01ae05fb70"}, 0xd8)
setsockopt$inet_tcp_int(r3, 0x6, 0x20, &(0x7f0000000040)=0x2, 0xf6)

4.657753039s ago: executing program 4 (id=5522):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000580)=@ipv4_newroute={0x1c, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}}, 0x1c}}, 0x0)

4.645222039s ago: executing program 4 (id=5523):
socket(0x2, 0xa, 0x300)
syz_usb_connect(0x0, 0x24, &(0x7f00000002c0)=ANY=[@ANYBLOB="1201000009003940422c021664da010203010902120001000000040904"], 0x0)

4.430794703s ago: executing program 0 (id=5525):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newnexthop={0x24, 0x68, 0x1, 0x100003, 0x7ffffffd, {}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x15, 0x0, 0xa00}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x4008018}, 0x4000080)

4.430461243s ago: executing program 0 (id=5526):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@nfs_export_on}]})

3.849323404s ago: executing program 3 (id=5527):
r0 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=@newqdisc={0x24, 0x24, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0xf, 0xfff1}}}, 0x24}}, 0x44884)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000680)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd2d, 0x25dfdffd, {0x0, 0x0, 0x0, r1, {0x6}, {}, {0x8, 0xffe0}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_IPV4_DST={0x8, 0xc, @multicast1}, @TCA_FLOWER_KEY_IPV4_DST_MASK={0x8, 0xd, 0xffffffff}]}}]}, 0x44}}, 0x2000c800)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

3.835507384s ago: executing program 3 (id=5528):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0)
syz_mount_image$erofs(&(0x7f00000002c0), &(0x7f0000000380)='./file1\x00', 0x4002, &(0x7f0000000f80)=ANY=[@ANYRES16=0x0], 0x1, 0x215, &(0x7f0000000080)="$eJzslb9rFEEUx79vd2/vEiVioYXNWQSMYPZ291TSWMReEBJRy8OMIbrJhcsVSUBIsLGxFv8Ri1QWdlrZ2FioIFiY0kpwZH4sN3e3m7DmtPF9iuH7Zue9eTPz7h0Yhvlv+fL5x6fnNxeWrwA4jVnU7fw334oPp+A56z++9GtWvtmYeXIwGo8ASDmwg2P2DwG8XvSBPRNWStcbmLUxl+FprbgDD5etvgtClOcqB94ChPt2+tGmzFegO2VFJuhBN1t5uJaJWA2JGlI1tAE5lP/hPmEFQMNuQU5+Wzu7jzsZ0DMiE7moyXyfsU9VRdG9kZvfoocbzhWo97r37Om+siM7Hzv3l8BDYnUbhCWrF1BHFEVNa4rEOf+FYBDfN89m2KtyksbJLqKqODtf8ElV+NHuU5lQp51YGr/k0WvUe/1B5HCoBAvWjBflXxMqj+peXnPcKzwmjjh5zjQ6Q25JnD88eDvu9fWfFe3khW5cIzX2QpXN++ksu1XodW5o5mLJTyavwNKSMP2DAuCS058C51+h1V/fbG3t7M6vrXdWxarYSNP29fhqHF9LW7o3m7GoBdr4Dd2fpp34tZK1IYX+dqff7yXbQL+XhBRC26kZnY679Kr7Xft4uv95mPspZf73oo9dH2nEjknWj7Sa80uTZxiGYRiGYRiGYRiGYRiGqUQThHczgDxjbFlIkN7WX38HAAD//8r0WU8=")
write$binfmt_script(r0, &(0x7f0000000040), 0x55af)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r0, 0x0)
open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)

3.730386307s ago: executing program 3 (id=5529):
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x8, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_misc(r1, 0x0, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x4000000, {0x2a00, 0x80010000, 0x0, 0x8ea, 0xcb, 0x0, 0x4, 0xb, 0x1c, "fee00d51a72000001ea89de2b7fb0000000080b8785d96000100", "2809e8dbe108170f00404ad54afac11d875397bd082d0000b420a1a93c3700f45f819e01177d3d458dd4992861ac000080000000000000000000000000000400", "f4bd000000801900", [0x2, 0x4]}})

3.606778829s ago: executing program 3 (id=5530):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000a00)={&(0x7f0000000780)={0x2, 0x4e21, @multicast1}, 0x10, 0x0}, 0x24004090)

3.595477519s ago: executing program 3 (id=5532):
syz_mount_image$f2fs(&(0x7f0000010580), &(0x7f00000105c0)='./file0\x00', 0x400, &(0x7f0000000140)={[{@discard_unit_segment}, {@fsync_mode_strict}, {@nocheckpoint_merge}, {@noacl}, {@jqfmt_vfsv1}]}, 0x1, 0x1057d, &(0x7f0000010600)="$eJzs3E9rI2UcB/Anbbf7x3Ut4kFQcECFVkxo+mfRW3ftIi7bpah78KRpkobsJpnSpG3sSfDiwTew4Cvx7osRPQkigqBknqeyXRSsLYluPh+Y/c48M/Ob3yxzeSZpAjC1FrKffyqFG+FqCGE2hHA9hGK9lJbCRoyXQwivhRBmnlhKafzPgfkQwrUQwo1R8VizlHa9tTl/9+7j27989fjetz8MX31jcncNTNqbIYTuXlw/6sbMWzEfpvHaYbvI7tphyrij+yht5zGPmjtFhaPayXG1Ildb8fh876A/yt1OrT7KVnu3GN/rxQv2D1sndYoTHtb2i+1Gc6fIdj8vsnUc+xqmPO4PYp1GqndclA+DwUnG8eawGe9n71GR9d4gjce6eaM5HOVhynS5UM87jaKPnX/93/yfd6/dOxhmh839fjvvZeuV6juV6s1ydT9vNAfNtXKt27i5li22OqPDyoNmrbvRyvNWp1mp592lbLFVr5er1Wxxs7nTrvWyarWyWlkury+ltbez9+8/yDqNbHGUt9u9g0G708928/0snrGUrVRW313KXq9mH21tZ9sf3rmztf3xp5uf3L+19cF76aBsfTacaitbXFleWSlXl8sr1aVpuP+n2rrA+/+1dL7zmXKeH4AzM/8HJmGM8/+5sc3/Pzf/P6tpn/9O+/2bvnEuHiAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKn14PtbrxQrC3H7uTT+fBp6MW2XQggzIYTf/8JsmD9VczbVufQ3x196qofvSqGoMLrG5bRcCyFspOW3F+I+AAAA4Ozmvvnyizhbj/8sTLohxim+tJm5/tkF1SuFEC4t/HgBVUJ62RReOn9X0ej5ngvDc1Y56a14gXXl/F1FxSu3uYuq9o/MnoorT0QpxsxY2wEAAMbi9ExgvLMQAAAAxunrSTfAZBSfZqbv4qcv8F+OkT4QvHpqCwAAAPgf8if1AAAA8Owr5v9+/w8AAACebfH3/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5g525WkonCOIA/fr36vm+RRDsvxly6t314BS1bBt1GeDddjNAlhIZzTtCEQXHGkeT3g/F4Rvn7DLh5znwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwSDfr2aT/9PhQmrPZlmnmaAAAAIB9FuvZpHozTvP/ef953nWZ552I6EbEvt69F39qmb2cM/ji+4NPNTxHVAm73xjm7V9EXOft9SJ9BgAAAPzccjWdp249vYyPXRBtSos23bPbhvI6ETEYvzSQEnmxKa7Kq0p2/+9+3BemvNdWLWCNyqtKqiW3flNp39KrDaMPQycN3VbLAQAAWlHvBNrtQgAAAGjT3bEL4Diqs5n5Wvx8Af8wDfmE4N/aDAAAAPiF3FIPAAAAp6/q/z3/DwAAAE5bev4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAh7RYzybL1XRemrPZlmnmaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4Y3/eUSAEwiAM9q7vTOb+h5UGTU1NqkD4+BuDAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADe/O4v/yemxplk7rWx9DySrJ0aW6fG3rlx9Ifx9WsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICL/XlJgRAIgiiYM/530vc/rCToGUSIgIZHFbVoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC/63S//J6bGmWTutLF0PJKsXTW2rhp7DxpHD8bbvwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICLnfvnbaMMAwD+nv+VghCHkTyQBcQAA9Q17mBGS2VhC98gSt0S4WKURKitypCxAwuMlVAZWekn4At0Azx07ZDBQxHMQe/5zr2WqASQ7tzk95Oee56crLv3vUhRnnvfBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACovxk7oZD+mybuTnfnt8ezvm+TM5mj2apzFinVQ56BdQ0qt7BAAAAJwFzaK/DyFsHo43Ym6kWf/fLj4Te/57ry7rop9/tu8v8uWHd9MiZt0bv65ulC7vEy96dWc6uVjZDNffa//4iVb25LN3L83sG9L45OCNRTt7nsk3Dx583MnKc1WMFgD4Ly4UOS+K34diHtQ5MADOjFYeodT/N9N6xwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQhcVBeKWokxDCm60ndTR/fHv7uHz54d20iF9+fvtO+ZrxEu0QwtWd6eRihXNZd3s3b32+NZ1OdhUKhWJV1P2TCQCA06adR+zrNw/HG/Fc0g3h6Ien+/93S3U4Yf//9b3xT+V7lfv/QWUzXH/9/etf9vdu3vpg5/rWtcm1yReD0aXRpeHoo+Gon70r6XtjAgAAwP/TyaPc/ze6f1//f7lUhxP2/607Rz+W79XU/x/jKM/Tye5ezUMBAAA4415/68/fk2POJ51OuLG1v787WB5XX3+4PNYw1H/tXB7l/r/ZrXtUAAAAQBUWB8lT6/9XSnV4zvr/7NE8LeL+Z8N2+ZrNEML5fP3/wvZseqW66ay1Kv6cuO45AgAAUK/zeZTX/9vZ/v/GastDI4Tw3jvLOv83gM/d/x97/5j/2Pz2q/K9yvv/h9VNcS01esvnkeVeCK1e3SMCAADgNHspj9jsf3o43rj//fvfdez/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4C/25942YSCM4/DrS6LEbTJCeiuBGWioEIzAh4RkyTMwAAvRUNFaLAIrgATnms5QPE/z/xVX3AsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALy8y8MXbxFRROoyRRpvfk7vEfERadu2o89bFrvzsfm652x/mOT8julvGRFlFH2cAwDQu6rbHKt1vfzL+593kHeYt5o39eKZnwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4sgMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04FgAAAAAQ5m+dRscGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMFYAAAD//yQuUNQ=")
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x104)
io_setup(0x3, &(0x7f0000000280)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x1f, 0x1, 0x0, r0, 0x0, 0x0, 0xa00}])

3.495068791s ago: executing program 0 (id=5535):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x14, &(0x7f0000000040)=0x6)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
getsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x10, 0x0, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000001180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f0000006380)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000100)={0x50, 0x0, r2, {0x7, 0x1f, 0x1000001, 0x5069f481, 0xfffe, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f00000041c0)="412e450a2a7b9586d1e6e9de257afc4fd60c8de430c0d6348b2cf1db8d070a539de9c1e91a178f9240dbcfe303566018f6c20c55d643a2ed46aaacf49ca491ee2f06184bdb548778a2c56e56f6b40b994419428bbbb9dfa5f9593511ca8ae1c088fb0ee5da72f505000000000000002c04754204f194ae6ceff4570d44496eeffe619998eafc7167d22e1c6aa73e89ad19224e35130a37cf68d5c41ccafe59b4b753a26e06c4306d31d78de6cede97c06e3ca2cc4af66b7548268efa91621ffca2655d2c8f1a9bb019b88fa729cb3d32f72c098c44898d42c42f39feb4faead93980726c236129acdf31c01f1cabb5ca3ec4e45eb5e6e59912792b4976e3f2b560c861d49b539d8e1870040a8cf190a8a767ec067a8048aac53336b44669d3d425843ae80681a7c02a5d5a3d90f355fd4a6ac277e75230d558f0df20cb323cc65e9b5a258cdd669c8a9534e4aff09a8fe89b124748c9e756c28789c2152a5142bc0bb205e339d43bb980b3f04a3c1a424a2a093966b20600a5410e0528fb35937c998eea19f01eaf2f39e16d85563a6737ddab3213ca1832f0afdf891e34a582f6a4ac81fda70ebc3fedac2fb3a492fdb40b91021e5d371d990064cd1f7c2c1a6472dec7505f9a4940057a3e57fd53aa3cd2eb914e073a19b6e925f8553e6875c093c7d19de25861fd9640f0eca4cda0467f12126daa2e0c6df7d4e4babe5a6e59e8391be7700790315b6b8a8aa74cd6d3f054aceaeda79430676b67fe25c9029e0894b413377fc4d8300d9f9338fadd07e4c80cac08113df8971a868458c47c06fff0c1c4bfd48ea583e9e76ef103d42c233b6de10b30612cdbeb6b60a6a4dbbe2da63cc2dd4fb93cac65af3c1279274f4af0e2c5b96e6068aa5b41f7548fb72b0c142351f64446db7425115b89132b5589ee642ebbde655adb2d7d1117456a6e4f2886879b42baf85e05d53e2aceea9c3830673bdc4d081675fe76b994651af9c3f16b7513834fce4654f84558a8308fa677d05bffcc893d9813bf87c5ec520cd66ad58dc06f0c47d253cd36dfec82980fc8dbdcd4b1c037c2b30bef455984f3e8ed19d69e185fe4fbdda2c2517ec9abfbb4841252e650b6bf56fdeca9a4ee3c311de3c6859ec14cc00e95323c57c02fa894d83ea17944f3112fc19a7e11335d7951ec6dd5b4f06fb9b637313a230341ea5da6a7a959e707d0cd5fca60a6649c8df8d6c17e9a49d230e5775df14e4b43aa3420bd0b8814ec7360ab1910e69fab8932f7646d7998bdc2e8ec354c52da21ed83fb7582cb9d37bb95f144974f72c7b0ae7b42945768fa8ec0dd6daba72d05809670506ef10542a2201b00906c8af64e3e13a10f180688c96549b2d3d6b04403fd571e7b132891dd4b7cf37aec25ca1e9190c17aaefbc31e059915c12c232fb7097e9fa6f35fbb265c7102db62e2264590c583ea90f1aee3f166af81430d9084eb0c760ebbb16049c9fd1fee6ce33c8ac205e3ac9c275531feadfa4054e0c027c26beb009f54aa72b864d39bb11753f77931bb960276db33021c65671e57b3708bbf979be222e8439d71f58ca87cec7a054517af398a42731b580717377a54f139e2c46813cbb03d98e49c26f4ed54d75e48573cd06145f913f4e313eeee837496dfff75aa722fd8486c45f9c959da12ae48ba4a10712120a203e2476c7b96031d8f8773f68344e6fa21831287655aabbd594e9f272eb1a7315d2d79b8bcd5e63004cd106f80b1e40a5d9e428a01bc58264f4d63c2ee9db6efa70607a642aeb883bf4b9fe009d7f09c16b05a2c9b73573e9019e161ebbdc1fc9b9cd0c5fe1b57adcba2d0f3a767ad59aafa159b3dd181f0601ff95e8af8b5410e56c81ffb8ab35b1e04af35dabf69f08572e69260b72bfd502c5a0de627fd3fee44bf1d4a261bd356056c5739398e3ff161beec1240a089625daffbc61dc5e660c274565477a0ff1797fefff04a98704802ab0674ab72d400686229608cbfd2ca20f4e62495e8b09de9d180c47375bbad72f4474b67d56104b4b466192be60f7aa668fd0a4338b856f114311842ee806d6488ab09098ed9de0e21bcc8b42a5d5713d15eca108fcc7a65d6b414a112524a6e1418644508dd957147a92d4399d13faaf01cacef40549cd11900f9aa32a8333f55796ef25d33c554a308da9797cd0ac25888311b0ac88eff0be7a36ddedcfc2b095abb4d5a6a4edbbad67b70cdf60c7ed0c5e040ced90edb3322ef684332358942ede9191b431c99b3abf8f9c50206479f0ac118c0a99df61fb9c90d846f41caa6a2448fb7e15640965e051c2af4ee72a5cc7c962bacff7019615c10e6c3054e2e5792df3aa6e2c33425552148466a88568cc79b6edebf0107b7d3d24423a665d20c3a1c0f1a6b34eb475bf875912115914cfabcf394f8a096d64e5dc95705074fe5e985497dcf052b9f748b9d4688859c0200fa43719e4722ed6c064c0efa7e07beb2a26fd724b63537fa0eb506365d5c029cd8dce7dd0a1cb9d9058c061739734af6be9e880fe7e28a211a4c368a7babd1107110ecbb384b274cc092b9511c4abde2ddd863162e2739984a9f3c0a76e3c530a27d5e385f4a3b87607b2a944e09d28239661d27719e22c0a657ea383c30859ca29cdb8fbc79bc83e995dcb361743a7e195650c37e570b768a0a1f0b118fa5be9b3c838326343ec5b376d5ee040ee29dfd868cccf9cfa4591151f519cd6e2ae1453a58aa92f90ee5be11ceb8511ab743f399be0a190eeddfd112336866831c3255ef6520d88b2581ea3767f3df01a38d9b4656f2a89c5df41443291a795da45c8a846015cd041bea0dfbe648348b10ae73ce43d9017182792cd9172eee642c549a530cc1f537f9aa70ca63792ba4a86a713ae09b917136e5bf1506ad7f367d8d2f77f47a2318facd109bba9b1327b5db9e4aeffbdcf414db761eeacc227a15cd72aa52c8ede33bdbab9de9aa1e8f470a388013d07f08777e2131bbd4856ab5c1c38d03ef407197ccf24e8b2a8db69e78f9d6623033c453541bb79f9e0be9a55588e2e54fce65fb785467064a146c4bf218068b5e3efdafaf93a98253becaef226cd79468ff1bbe0c9d43877f5cbb5844fd8957f15d3ef208aac11816585cdccf039c36b429d3d7fb634054fd0f09c8abea3746a6b7379142abde26d998ac7e39b94746c60c09f86ddbd7497849d1ef839730672449f35a3c3253666e9fc053ac1c518e44e0b84555be507f7c00fa9e4864b4bf40ac3d93f12001eb780a779e655d0633803268c094ae161a0efd652003d6ac47f9a6c28d866b56233f371627b01e0fe9361dca611a28841968d4e12cb73d49ce08fe25de4a90b2d34607202b20e71f5e1eed38e17d0a2748f548cf61735f4c9cead1cb93b11929d906d65fc60f88e6919b7b5a1014e6d408bce9c8cc832eecf9147708fe451891717d2ed99dee70773feaa97985102abd3dd05c904c28898afe060621db6564887bc4afe158fbe1d819136a1ac1dc9d8674798a93daf5255460b50c34496205834c668db4c764e76ebb6cdaf5fc44b881cc2ae87b4a7cc045143f96b1620abfd0f116e673b335beefdafa1e58d9194e010cb78956044646da5ba853ce981667f2b8e5001c2df437c9d597ccd2be7d2887f5cb7aad0539abb3f9db1c8f5cd4d7d831946ba1c1aa8737c114fec1ac9a82519f57cb48c49b7f62e9eaa89f448df33fb307cd0036c70b490ac340f7d04e14f32bfeebb08a9d5bc7bbef8f231ea09311d4c82cc55c90eb53c6c003cc98a34dd3c4ec2d8b3a655a78e16e908f368733d0a02b36fe963e2d80b5e6f7b2e3aae3013c900c76e4d56e8348bef221f8a642e692c23b12520fb68c793e789eeeceb4efb2097a4d5952d144094cd7be6edc933d257f6230e962d70ba42e1b07ad9eca0ccd60d3d9a6e06b73ccf96a8aa490ed3bd58bf4d79db65355ae145b54be004e464f4dd23fb8b1bf15e13838116083da67186513652608e37c8f847b2bcafb57bcefc7efc8c8182c7d708cce5d14695b4e618e77f8e7be81f27a05e415fd37ac21507a665b2558daee5c0b0859fedfede8c03f181ef5e0ec0da6caa3edf402dd73bcb4026c489a7cca8ab700d3e9f050006c32768a16e8a48e48ed5750b8cdb7ad1fd12d4cc8333d324d6c83905303fa7013fc02553b587544affe38f1a95e0c4c39740d63b6d387fc89b30bd5fd745cb64844b13897ccf5cca135f7d39e03ce8adcda919d86b25b52764b0a0c4f07f88df68868415de13863df84a7e8d355b09cf90e482eb4174fd01f1b371a4dc52f3c89fc3a70c71657aa5d7573ef9acf4d2b0b321c41ff2640515bb43637ba2288ca0bff2e2a3a998ad8294c52f9edfe0a4ee0a3f8ed5b4b5c43319bb9c58dd07ea3237d7bb62cb086e7ea4a81cba2cdeb28794a09c275a704963110b64720bd089e3737ee1a91e348b5e97b63e1724de1fa9f49961d653bbb47b6fa993b035cf59659bcd0306180645162568abf51127845cbe6c19b9d69657db4258fa5e8428a73eff6506bff474c2e302ad5559ac8de44c6f0baba5e2e579e7d7f9d9ebf540674432ac11d92bfc9abdc24126888b533f43bd6f293b0bc315915743114a35308a0ee2e710522137918a2b09ddbbc7a2313a2a6b85a1ad26f14dd70072651c8300ddf6de29704b716ce1bc431c66ccc96731f46359a9f6850976c96dcb5e0ee47446f50b6b3ba90d45224066e123ad3854d877c0cdd9325000ac0d6813c30cd43d3e150335601724ca3666458dc4c04f6562296982353e155d5255c9008c0b46d21a678c8fcb3aa8d6574476e0458eb0a76a6cb50f929ed218cc4654cb4f95fb3afbc2548b74acc312563375a19e55d488599488dfed4dd31b39f29ad61dad343dfca3b45b316a34e7a7bebd2b0f562a9e69848d13fc80a4fa52d0f17bd15d9e1fd39a7dcc86128d14493805d105a745673bddea68ca74ac09d95cc7412d5be2cbd0a247a81dc9e148111e22cdf3375805469226ca3538f960a6ba6aa0eeeb87c784ffb1bfc09180a61be3c7c535fc6d593c3b3f4de21b8c3eccc9021e80fb07dce0aeb3b023bd55f24356f646791ba80e5ca21ac092a069ae0a22cfefc08c23cc7aa69b570bd17cce9de15871d363f167288f99f04761caa67f12c949466493f661d39ee4280c955446ff5a9bb14f2d1ae21cdb91a5868e0c52097cf380f571935b140562922763f1b79c3709b949c57a00b08828ce9e685f6b234b5fe3c62d9feb249ce75e81f5efd556c14d5da24dc0554723fdbe52659969a39f470e82c50c4777c908628436e31177af1125d5f70ff627462247e5bc20c47ef75f369174586d43d42f7eefdd47fefa745badebca2a881ccc018ea411cc8a7a0881422bee8704bb98e6bea9fbec63441fb45d7ccfd436909b57a2b60b788e15bda3ca7663b19bd84d0879deb639f10def9a99d42a4b9a4fd7fecbf6d2e7598678307ba9a5b6f143c27cf1ca41e3c904007bb762cd5df6e63c4cf422c2ba959e53bd8e5664cf5df6a91a4bc8cebc52b22f30060fcbc5ead53d38eabd160c1da4cab8aa95c3640ffd78074aa2cbb05cb8ea90a0c95a4a1b2be1ee94f238000f1faffa069d87039f13f5f84ff368aec5a0b10020232b9fc954a6c22573ef48459e574d48a4845837e1d6ef386738ccedd093d4d5bf3a3f790c875ba7449d03397642feb71100f2c25ab2cadf0b0802544a2095a51b19cdece623b17d420b173a99c081f8e229b6de3c680d6bb39bb98b479517d77cca581b81cf856753a44ebd64cff111fb8ca37ea45d217a3fca44a083e6c35b0fed9f8f7631178d15e88f86c85f1ce68c900afdd1f7e5b8bd4ef3f58c447b77d3befc49180df7a5eb2ae8ae33b4ef573f3a425da8a60cde84d8eeae6d6399b9fbbfa0fa8d448b25c7f79b7554d0b02b0decbc74ae8560f630af596313fb33d442a410061ace0aa7a440d5e31ca8bb2cc495c4f0b672edb011b0c5f16781836df7f4af8329143d5a1a99d7b18ef9f774c4199d635848cedebac82637a03a189c65bf667503737c75b6639ac65ad424ca475285437e6f19830b36549f607ffc387c8b11a34a838159376a6335afaa045bd2bb04e279dd72436331d07dfbd72e2436b27f0df23a266fd15cf56d1a9e93aaac8901cfe49a3219ae36c5c65c75e5c708fb82cac4d6a50726509ec3a7d32d54cf584ae353a5bff75a6de77a0b240cf8a0a72817c9d37699ca89c96e0e0d96a7665ac3a7d1febca1a1d79e2cbde8025c271360e2f90048b2d9fd56f45c013e001dad4b7785be69dc01f8a954ef7a84455986fc5c9d5167d91808efdb4476ed79f99563d887cfd4e99809d9e388501dea228cbb3cf3770082dc566455251fd9c2c742963c33500618c6ec99e0bef007408a0462a081237be4c6e5db0258d4be5fc9cf63fd1ace1f4166c053b0fb84fe24917da1255cf40bbb1b45644f6a7699cf802a35a932c374b1d62013e6afca3787627469994c02f622ab877ed5491fc2a89eea60e4e1628da89e3ad600ff6442e4ebf20e47304176b6a1703c094b3cf6d7fbbddd8d8fa5a00f28b4d8f43d88487e9d4531071512f2027198714a8d1cef126775547fc74f2a35840510f325e50361be76557767560055e084f2ecaefa0dd8ca8215301a7a887d2eaddaeb1f5c3dfdbd2cc1ba5f02d4426b98c0f861c5f724405758f442560ea6cd1d953456cc4aac6642ad61c03dbaffc2364d8ec2ef9f483c70355139d1fbd9617ab3c7eedf0b8963c1cfdab769180db43c416a90d9fdf3fd0eb2f81187642b4e2a09d6462d27527fdfda31f7b262501749dcfc6c184983f9923424131d05cc811cacf5c2c87e8e6f135349e68cde0e8997bf1dde248e5124d5dca2681abdbe58d327a8edd585821f03fdd4515728f1336495ba25c9bba56a3f706d60c35cbd0b40d0ac0583a981f9af08510ed8ed0a726e5472f8995af3837fbf1e89587633d2ef944868a153919165778e963710872af12faf96c0919c638e5affa97104471ba6e178d27602f96b9546ebe52190d91be245be08742b96389080676a566d3229e593e4f56a76ae4c58113c6adc1088703b1b92dafe32a5600e14ac1e71df829dfef425911f16a2b91f693599ecabf93065c6c4f5fefca8d4ed095599113529f65d9120d5252f577af95b404979508c343df54e4d239720e7d3a861f1dcabfa69e12d655c8a026c10a4df279b139fd222e561d205ac9b45c1054f8699eca594fb23886e0de565186597766dd5e40f74a423d5708dac254f4172f1089270988fb18715813f13ee4d131b64dd517c7e77f27f804b229f5339ac2f483b14739ac33a9645044d3010bd77ed18fb117f7b11bb51c4ed683b59e28bf25a58f123dfbeb1f0f21f03d9b57d8e61d59b311037a5b757b03ca5c95e0eb73922c6918530c99de4d6733640f2b8d13bebce31d4f5e27aab201101e48cde23a0d7e87b9511949d812e3187ee5ff11bc5858c022ed7b00790eba32f9ef7e134ce5f73a01269ca971b40e62133eca9d596a768686d6390b2c74602f6dc597faec3ed9d9658102d99c9624c1a97d00d63853578afaccc7e30a77fe054ebc23eec45f608f996fd015cd6bd50a111360f0790eff6ffb1ea59d13c8e29480bd96217188f97e53a1f5d9eae0a2badb4fea52f2bb4f8cb04d0afd99e7371a978a7d7ef473f77ea6738ff84af655313a12db24cff692ec7e282245ae9a42338db814593448f7115df3dc3f4e2faa2c2fdbd68f679d6aba01a15031347bb17d8bf8f1fad0ecf365e9dcd32e69803c5c05f4b47adbf8a21af7e9fb327f267df1c914486389a9820edf0a03bde6ef388c255761e439b2f7e1f9c1c3c95bd30c502197ab37f76b52f0d0675f366e919be19329853767bba34a540fb75bcdcc9596a4cda254a660e11bed5af9d8646ac4b7d6d7aa5d7c0005879b6d08058a56c3d3a4d3d401b883153fa7f2f6a6d34dd010f6b9e7b4e457b9ff5a5802d7723abb35f9dca0afc10f6791824dbe0a7725d534e7753445b7268d90145b6438b93fc475f44d5d678d79da6c5770f3a9106f3cffbabe4b88cbe7eda9b8a495be4f6717b0fbee6fec78c86031b6d878d47e357b2089de3e6dd19a265552553d1f7da53884ef84d0eebe782791c48a9c68a28d8ea3bb70c922b01dc20b2cd05cfb276e326651398f766f5faaea54a41da597cf6b50f3d5ebc634185b99069126b8d935c6bc42c47f2109de42091ef4ade3d87cc44aeb78709255501e64f34ac2d4b2725cf7777315f8ca9424bc9d61a896a93500faa6cf5a5aee1fb888e17b47a38a667be2ffa3bae46afa88bfd8b5b6e1186d6e41b9a4e490591043372c23f36fb48d80caff74cc349adc92bb25f701738c809ccf74c47afa193795ee67bc58ea7fd85542fa7e70218490fff212163401cfde016df2f42496bae403d5391e53fe200f758bbcdead0fe72c77861889b9632a257229c35bdfe8fa78375b4f5c768b9c60cafbde1f00aff6ca1879f6472f28001f5f13d4d9d6c3a90e04d8df09873550daa8262d39efbe96a79c697fbcc9a7f27c9f6d782d5d5f6d024b291376e9cc40d902f809072e1f0f2c2ab88ce3d074e88461f5971853e7be749943ab6e25e25e8afa5042dd73407f49b50841c7782c54eece62ec2beef1f16caf1ca5989427bd2726ca0fee33e303702e9892e4382e92c3f3a03a6188f39762db81819c7e12b424be8fd964dcdbfbac00139e8c5a6200506f13f484ac34ef3d26e7cadd53cf402117419c1618205bfa5382486094bd55448f2b1aa4dbec2289189b601b1bbf5792b2a641c6f5dd19cf24abc72fc5264cf11f6b44a4929267a02cd1de1b602b9de65a6c06640aa0f76109baa90d66eeb17295b1711365b7d6835a2dd55b7fe868c59453613240643c847a5b48d27897a58dda63e579c1bba58350550e147b190f0a2c9a5ce719d627ce3302028b4b6801bbfa8cd74874ffba35817c0eca034d19210950796807125fe6065dcd47d7c870ed2db5c00cff235e4154e2d89ec2a09a87551f9b7ca25d519b5603c0c33d2cf72878199ffab567fc5e093529b89d1163587f3564ba8291d2d96cf9762e7f568e786ea90849f6312c1a10f45d61600cd45c48e6870a7d76c913f9c4497374fc04401cbd11f7710740148234fe8f041f24d0278fcfd48846e6aa49f05016fc332dc5d46b4a26574fed5c0751cebb9f7ab4cdbc1ee011d82d6ef95c52c9df8eedac3ab5cf30805f23d88d4f707601f8e6c606b58f2fe234e948d6756d430a5c4ec76a33874886c8fb484059b47a9bd198a61a1896419288a9e81d0969dec778a53e8233f0f63bd0134e5f29825e7817e7c8ccb7d9acd8f86ac9d3af78c43df3036d7934dd294f2bb12063bee52c547d27a218145befb0ca96cbfaabd39fa245b51c39f4cd4cf8db105f9dc46a7aaa8f7d06fa208120ce1ac49326179618fa2c8596c44e174eb7a141056b1d17689c10dee089c8b0867b8a757ae12251bbd68db5fba2be341275fb6ee379309f5cde9b31242b0b2bac44da74776fac141936bd96e3177161f057c820a8c22cca8cce29b158eb55aed0260253fbee70a6dd281d9fca23e0b0a38d46c76a95e1262f1cafcf0fc37b52e649a1ba1e2c0f97d10bbf4d2b5632cf340bce56736071d5885ec9b4e179100a0000000000000021e43fc21e89c6865d3ad424ef4a14efe8843ff3168c99ee395400dcc8755719d290c567c95a5e7d28ec1190ceee240084d444265cc801cd960f69b368359bbf06b8a4ec23b47c7bf9d4b16c701a1c4fb9e81abb55bf49d450b566ce03de939fc6f5c51291380086f8c995cdd4fa15a325601c4846a69f15c77f55c900270bc9ea5f406480cb0e3e89bc869fe8b7cec4fbef7e76283d50c25ab1b4d34d093a7df062990a925a9c44aa2661abd7d381a4d6cdb64821ef624dd51b72e99af914bca2f80c25b82ac6945df7c7582e6d0ce2cd073e35f1fc120a68ba210410db64592a9aa319b30f2b818c495750e1cea0610e27d52be31e52e501a3bd51b501bc51c2ec8592f679b6e55b9aa58d513fd2bebadc83ba76eb45e5676f130193e9a666b8c8132c9f5141681fbab324b555c5c890d488ac2dd00feead0a20fbd8a46391438e3193edc6fb89161cd864fca98f4f39a2893c933dcd13bc8c5d5a548d24862e8161c0fad7f33aca8c86791d620815fe3f0daddb5defd933d0c10097a7a98e67625420b6c0db7c3e17ab07ea64e6f0f53fdc670799e06a2e3a871d6be363a2639e35339361311e0f528cc433eacea4f79bf217108c7b1d657840253ffdea18bdd1f93cdee63e7a9b8dbcb4ee06162b253e09ea0641f2771bd9823dd210905e9ea495f43194bb471cdeb690e8890b03b50835d53dde1b572dd123ccc8507bb57a45e46c0efb8fb3d5596bddf9782d86dd911636eae2cf64b5829cf8893faf789be3fa22859accf688f5b5da6c29cacc96d477e23b63cc934f685b6e42e1655c9a9b94d6d78402de22b8d9776e3915391aa258e57467d770d65480ba2f6a94b0337965a8c659c42b4e90a14da4697d0c0a6d74774c94c52d8ecb694eee747bdaa6c3a6d60739db18c6446090eebba72e62ab88b0e8b88e728ba8cb133d8524eda89a2bff1c8414da3edfa6f83788331c8a7e5a8af2dd3682d4752190a3c689949abdad8350111373e7fb46151f54a10f79d91940e37efb05f9f157bddcfacf018b65a38ab614807c34a2786af4a1d48c4d1c1abd31815715f9d1b103992207fc664f12c82fd923c57d8e7cfb9f4af55182318d055c704865cf484206d60e34cf7fe9b6ce60b1772c5c7cdacb6695227d80da18ec1f98a434b1aaf9edb6d082f5663aed2bf267e559dca6b93d3ce34273846fc677f529690482df0a8f782b8ad7269f344f5f2b4d320a7ce2d2fa02284f8db634dc930c3e2b9a629245364acf35d41e9a14c88efde4e742ef1ea4b43d0caf2e70d4a617278823e6403934524debbd933e7676e441a48f630dc83cccd55d9032d6bf3dea97d1669c39fb865b0e619eeb3f5461e517000f5aee3ef2abdb87d3a76b88e140eb4644a9fbddbdc9e20972cdfacf00bffa3a1ca5f84122c2ebc54067cdaa23967eaeb7bbbfe44e5843382b834fae1f62a066688595e4ee67c7ff9858672355abf7893ebeb4bcf88a62b2237c6e6cec9aebe3f28bfc310ced3a590e88d4bd0f53289206deb9addbf6f3c02115ce4980dadfc112683ae250c2d438fd9c0f2a090dbf122a0072828db798bdb868dcd47384dd3f5eeebc0307a5b268683cd51f312e8f02b5a7746b11a97ac43287d9b9765f03c720503cfe6e0117660a4c00d67895224c4d42b032000a10d7a743054758a8f54941fd5eaf72498b678d1579b3de4e5518f90f1e3d32517d09d7f5da9d180215e66218e9dd64036819cf12638ce82712a6cc79a9ddb36e86814b797d72c2bc58b18ba439e99965f745b4fb7de2878e3186e3e7b835c746b0935f6c67e92e3770bd8d5eb4f66d8175ceb7850e418c55e574db891639aa77fc62bc45dcb734681ede8484d4d4109a9adb8c3d00", 0x2000, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20, 0x0, 0x0, {0x0, 0x9}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x24c01, 0x0)
io_setup(0x202, &(0x7f0000000200)=<r4=>0x0)
io_submit(r4, 0x1, &(0x7f0000000780)=[&(0x7f0000000440)={0xfffffffe, 0x20011004, 0x4, 0x1, 0x0, r3, &(0x7f00000000c0), 0x0, 0x407f0b00}])

2.940052532s ago: executing program 4 (id=5536):
syz_usb_connect$uac1(0x0, 0xac, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000000000106b1d010140000102030109029a0003010000000904000000010100000a24010000000201020c24020800000000000800000524050000082407000000009ef6230700000000a3a82f07070d240701060000fd800000001a4824030000000001"], 0x0)
mount$cgroup2(0x0, 0x0, 0x0, 0x18000, 0x0)
socket$packet(0x11, 0x3, 0x300)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x8000)

2.611509678s ago: executing program 3 (id=5542):
r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000000030020f003176c400000000001090224725100000000090400001207010300090501020000000000090582020002"], 0x0)
syz_usb_disconnect(r0)
r1 = syz_usb_connect(0x0, 0x4a, &(0x7f0000000080)=ANY=[], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r1, 0x82, 0x4, &(0x7f0000000040)=ANY=[])
syz_open_dev$char_usb(0xc, 0xb4, 0x0)

2.350287964s ago: executing program 1 (id=5545):
timer_create(0x7, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x47f2, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040), 0x0)
finit_module(0xffffffffffffffff, 0x0, 0x0)

2.323372004s ago: executing program 1 (id=5546):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x101801, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0x9}, 0x18)
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed000e, &(0x7f0000000540)={[{@data_err_abort}, {@data_err_abort}, {@dax}, {@noload}, {@mblk_io_submit}, {@commit={'commit', 0x3d, 0x5}}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@debug}]}, 0xf6, 0x47a, &(0x7f0000000680)="$eJzs3M1vFOUfAPDvzLbl7cevFfEFBKmikfjS0vIiBy8aTThoYqIHjKfaFlJZqKE1EUK0esCjIfFu/C+MJ70Y9aKJV70bEmK4gHpZMzszpSy7ZVu2Xeh+Psl0n2fn6T7Pd2ae2Wfm2d0AetZw9ieJ+F9E/B4Rg3n21gLD+cONaxcn/752cTKJWu2tv5J6uevXLk6WRcv/25ZnarUiv6lJvZfejZioVqfPFfnR+TMfjM6dv/DCzJmJU9Onps+OHzt2+NDegaPjRzoSZxbX9d0fz+7Zdfydy29Mnrj83k9JX+RxR0McnTKcb92mnu50ZV22fUm6vmEX7fvlZrrZkUA3VSIi21399f4/GJXYsrhuMF77rKuNA9ZUrVarLXNWXqgBG1gS3W4B0B3lG312/Vsu6zT0uCdcfTm/AMrivlEs+Zq+SPPEvv6G69tOGo6IEwv/fJUtsUb3IQAAlvouG/8832z8l8bDeWIg+/P/Yg5lKCIeiIgdEfFgROyMiIci6mUfiYhHV1h/4wzJ7eOf9Mqqg2tDNv57qZjbunX8l5ZFhipFbns9/v5YOr1xIPo3nZxJpseWqeP7V3/7otW6peO/bMnqL8eCRTuu9DXcoJuamJ9YTazNXP00Yndfs/iTxTiTiNgVEbtXWcfMs30t1905/mW0ftm21b6OeCbf/wvREH8paTk/Ofbi0fEjo5ujOn1w9ORMdfpg0zp+/vXSm63qX3X8HZpKy/b/1qbH/2L8Q8nmiLnzF07X52vnVl7HpT8+b3lNs8Lj//j24vgfSN6un48GihUfTczPnxuLGEher+dveX785quV+bJ8Fv+B/c37/464uSUei4g9EbE3Ih7PLgqLtj8REU9GxP5l4v/xlafeX3n86zNXmsU/daf9H0v3/8oTldM/fNtQbeX2+DdHRKv9f7ieOlA80875r90G3u32AwAAgPtBWv8MfJKOLKbTdGQk/wz/ztiaVmfn5p87Ofvh2an8s/JD0Z+Wd7ry+8H9SZYfK+4Nl/nxhvyh4r7xl5Ut9fzI5Gx1qtvBQ4/b1qL/Z/6sdLt1wJrrwDwacJ/S/6F36f/QmxL9H3qa/g+9q1n//6Rl6ZFv1rQxwLry/g+9q43+v5A/tB4VAPcn7//Qu/R/6Ektvxuf3tVX/tc98W/xe4b3Sns2fiLSe6IZGz/R1/aPWZy/cLrs13cqXBvMy2XPbGpaposnJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgA76LwAA///J9uCF")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f076bbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'\x00', 0x2})
ioctl$TUNSETDEBUG(r0, 0x400454c9, 0xffffffffffffffff)
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0xfffffffffffffffe)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="11000000040000000400000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000600)={r4, &(0x7f0000000400), 0x0}, 0x20)

1.448282981s ago: executing program 1 (id=5547):
syz_io_uring_setup(0xcad, 0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000180)='./bus\x00', 0x804, &(0x7f0000000a00)=ANY=[@ANYBLOB="726f6469722c73686f72746e616d653d6c6f7765722c756e695f786c6174653d302c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e6e742c757466383d302c73686f72746e616d653d6d697865642c757466383d302c747a3d5554432c636f6465706167653d3836362c73686f72746e616d653d6d697865642c636865636b3d72656c617865642c73686f72746e616d653d6c6f7765722c696f636861727365743d6b6f69382d72752c696f636861727365743d63703837342c73686f72746e616d653d77696e39352c005d6aeb995240ef6fbe509e93c7a286ae929df75dd2d0eb30055a0269523afe7baa2881019808ec"], 0xfd, 0x27b, &(0x7f0000000640)="$eJzs3cFqK1UYAOB/mqRJdJEsXInQAV24Kq1P0CIVxIKgZKEutNgUpAmFFgJVMXblE/gEPo8b8QV8AC93d7u43LmkM0nTyyQlvWlT7v2+TQ//+f85/5kZ2tWc/vBB//jw5Ozo4tf/otFIYm0nduIyiXasxdjvUerfJ+VxAOCRu8yyeJrl6nno/GZGbUZlde3emwMA7sX03/9V9wIAPIyvv/n2i939/b2v0rQR0f9j0Eki/5nP7x7FT9GLbmxFK55HZBP5+LPP9/eimo6046P+cNAZVfa//7u4/u7/EVf129GKdnn9dpqbqh8OOrV4p1h/pxfdL/+KVrxXXv9JSX101uPjD6f634xW/PNjnEQvDovexvW/bafpp9mfz375bhQd1SfDQac+ySuyKw/6YAAAAAAAAAAAAAAAAAAAAAAAeKNtphPtm+fvjA/+nzM/53yg4dT5PFtpmmZJnn9dX433q1Fd5d4BAAAAAAAAAAAAAAAAAADgsTg7//n4oNfrni51MP6sv2QqXtyM1CPi7mttLFoVlaK1XhKx2Fq1qF9V3p5cWXAXzVE/3dOkGst7BMkk0pye2oh8rVGkmQ+mIq+9eiOuBuO36/ggue3hNspekiUMspLXrzKzav3VSLPYQUlyc87q6+/eqeesNWMqiYja5GbOv05tuffw4X4HAQAAAAAAAAAAAAAAAAAAueuPfksmL1bQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACswPX//19gMCyKZ+VkldGgGkVkxVsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgLfAyAAD//0MUZ+o=")
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000001080)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x21408, 0x0, 0x3, 0x0, &(0x7f0000006380))

1.306762824s ago: executing program 1 (id=5548):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='netlink_extack\x00', r0}, 0x10)
sendmsg$NFT_MSG_GETRULE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000540)=ANY=[@ANYBLOB="78000000070a010200000000000000000a0000080900010073797a31000000005800048054000180090001006d6e74610000000044000280080001400000000c080003400000000008000340000000170800014000000003080002400000002308000140000000120800024000000018080002"], 0x78}, 0x1, 0x0, 0x0, 0x80}, 0x44000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r1)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r1, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000580)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01000000040200f2c8dc1b000000180001801400020073797a5f74756e0000000000000000000c000280"], 0x38}, 0x1, 0x0, 0x0, 0x20000844}, 0x0)

1.294794454s ago: executing program 1 (id=5549):
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, 0x0)
syz_io_uring_setup(0x10f, &(0x7f00000000c0)={0x0, 0x211a, 0x4, 0x4, 0x308}, &(0x7f0000000300), &(0x7f0000000280))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
r1 = socket$netlink(0x10, 0x3, 0x9)
fcntl$setstatus(r1, 0x4, 0x2000)
sendmsg$NFT_BATCH(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1400000010"], 0x28}, 0x1, 0x0, 0x0, 0x8084}, 0x40000)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x1c, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000020000007b8a00fe00000000bfa200000000000007020000f8ffffffb703000008000000b704000002ec0000850000008200000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7020000000000008500000008000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

1.246509555s ago: executing program 4 (id=5550):
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a82300000904000002ca744d00090503034d00ff99090805", @ANYRES32], &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0})
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r0, 0x0, 0x0)

454.735601ms ago: executing program 2 (id=5551):
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000013bc0)=[{{0x0, 0x0, &(0x7f0000001b00)=[{&(0x7f0000000700)="61120d30412baa425595ecdb2fab1551094e0a612820aef5c2058110671fdc6a330c21518fd5e1b5a12dfecc1020f000b038a6c60eccaaa7acb39ddc6022f30c9ce52415488705d117672b428a93b97288be4fcb5fa6859017669b9e8ee11564a9d8e3cf400c514c9ddc3d872d8e6fe96b1fb78ec44631c2fda7dd4e7aff7af4c1752518881b5a18d54187b1f2c4e46fb035febd3676990d0cc3a62d6098d65648bcb46ad1ff936868852e42b8dbe4c342088c327a2288b12325734293c609ef19c0a383f0dd3cc3add60d53c9b1678cad19fcf49420acdcd5f326bf89822b7b43b70d77e752c35af1949d489decd48aa9a37e895237a7bf897939dd0ae885cab13fc9dc3b42a6cb3bf44c980664325e937f49900442d5df7f131829542e7def95cd5c678155a3f8097419575f6742e783a8e9ce3172180f7205ff8808cfcb08b481929438510a7fed929a04e449b59920b508c491ba4271ddb35c2054df39c0734e96f2f38d41a0bdae815e0c2b1412cf2bd89be68640f7c7e8e89e5b4ee19b11581cf802475775b82714676eeefa98a2a480e953d4f639e417a06123c5764d5c68475fb03eae63360b7da8f6d64c4021e5d4cf52472d822f083aa9be4741e48cd4ee55ef91923544c6ae032143302589c28f4fedb7f95decbe7acb6a4092fd6963b27660955cba6d470ea64f2993b4ada9e956cf3d7d56bf271e68a876ce0f28071393d1b08d9b97f5de6ea8bf5867e2b147700b5647dd5a6ba345cd5fcaf256e045d1c23a297203b9f984178a08892cd6d69c6d2675ba54a0ddfd7c0c09825e2c65ac634accefba756afe8711c0de7b25ecbc54b3301e3376e4d6e44ced17ac2de64aef3cfc9806c98e8bcb6a31430e7eb0bf12a18303a63fbee97de895471ef17d6870c83ce125c5b5f9be4c4f92d3b71e2bc5adee04295603748a62fb967dc6bac87059a60da0105a2af4dd38fe0bac34a60535cec6c9d2aa0b890c3af61905b515dba493cb5e6d8f67372d31ad034362b29c21548fdc221528029b38f19baeda176a47cfcf9f74706d904eaf42336821e8ecf9a3687e14756e3e257fdb706214bb5662a5e6dbee69d7438d391117b53a8db65961b1c00b377235b2af71278635374d481af4b367bf6cf734eb770b53d4daf26e17fe662a78830743064b41394ebeee3080674ef1e97ae95097b226ddb5b8e40b095668f45375e70ddc721d450127fefb7e6b12800eeb3a16aa8196f6bdea8cc51b7cac1ff3e2ba4859c6106be53215b69a8c78bf961e50bfd019ef08c0aedb88d7aee7244dbdc889540313664b567cd02ddc97c35ae8bd3ffb1b4c868a4b82b3ca83c1fc30ae0a2e9dac4da29e273347d68c744b30b7369e1f0a22f2a09c9c1c9c5ab3470beab618c94205203c65faf4960db6f08a8417fc34da961b972eec6080b4e73fd69333069c0cab7ac7d1279a5cd974fbbd6c448b66a1c04432660283e4d5ee1598271f8571c6e5060b291f488ea6786f0e59b566d73833b7d522ee47a607b32e3329ad893255dbbec9346f4f29854674d0c7ac9af7b3f52a901efb6c86408e6d5992f1b860bfba3971866872a6a14c4762fb353f74be2364b60d7e46d9d9d7b6c5db4a04090062dcc88025b6371f35a6a30a6dc2d2859de70752588a71ee2d55bd122b59422f4555b424f9a87791235223d5cf8967d029ff22a009acee61527b993f34ab56a84932d079887f4bd14d5088fc183b72ac2bfd62b0c9b64a7ccc3234ad9fcce53dfca05a1164d8fec1206940c93605aa9cf9244b0213e9f8bf63b96514e61292b1a050e40887936e21c5416aca706b05a8b8e021cc07f56026ab1f0746797f817fa6765a0e0b964e43437e7dcf555032750a48b8a74a74d76bc88d9710f4ed5773e60ece4069be16457b239bc4785dcc66bdfca7b52e12b7a899bce20eed2c7568150ae5e680a152622ff7459d1f2bca7875f5c727e0ca2367ad84b997ade4b09c45599c0356983b8d419623bc10367c145436b6baee3cb59d49ad2aaa4e730e13bfeba6f682d8f1c0df16d0a763c20c680cfa0d992f02fee08577c70ae2abfb85162b26219c881801e16067d456de2ced9e071d5d3fa4fbf8f04032434572028317102f77676343c23c6251846d70e5d545bc4e359a3b86e6e66e2609538b09be02457bc8d240c58f83bda22254e22edf382a9c66bb52162f1ef6f075f90e18534a56085413dd82d572dcd63ee59889a4724712f62aa7f0028a4e6833e81e92389547aeb39be1818e5c5312af0c28c7ee8f7e3dbba0ea72fe8551b7ceca146978e184cece508bec2ca35628279a53ce36ac4770e76a65764078c71e642390f1af7e801ee7706f709bd6bbdd6efd851de4531a7b8a4bfca0eebb75bfd046438b57d21d6b260917c1fc121975d6454526033d500aa16209197f2d39a8c15fc482c7a27d81760bd6a44b28e772fc49576a1fe9cc39a5677562efb7a73cb1d85fdf8ec96687431477c3309e944ba00617f89f6b1f638802d8517017fa757cdeaf9f2a2bfae147dd12ccaa380a43f592ba5b32bd25e58574c0a1170b1cfcd6cdab8a781109a424e60724647fa7f209b06bbb4350ac07d10b5e5a4e07a689760acad58644cc5876ce2968116bcb189f3993bb8c5de149c19c94a0e448c268f8c29fda683f7386c44e0f0c373fef1c283ad0bc21580251d5c3b1b1984bab9da1a71bd274ac07557c7eb9a8b9bef59773b45606fbf83727695c48db39296eccd15c55f903f3225ae44861421c125639372d12a9495479d39939c1c05bb8f5286203baad3c0d23368a43b56c487772d7c8ec293cf7bc6aa561402f3d51cfe27f20e1faf3af7885d08f3ea202a386da634ce8557334c58021757fc9140cdec83f9913142ab78b1116e661f3983187e8a1d93eeb18ac253993104adcf35221001426a18e3f725ee446810d8dc2837872f052b5fa98287f2f66e4c8e2ff14a5b2eb377bb3efd35480246e354e2097b1592bf7e6efa01a439202f2b2550f4f7f92d56b2b4252bdd1d8a91c01612323a2eae4bcdaf07e1392dbda4217653f2b2e3064163752230778605765b24686237421e9823931c044bcbffd80236fbb330827298092478f9b42a6eac34addd6388c3b1dd8fa2344888230ddfbcfbb60c76eca25044c968a8bcd2247", 0x8c3}], 0x1, 0x0, 0x0, 0x40000}}], 0x1, 0x0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$peeksig(0x4212, r0, &(0x7f0000000140)={0x0, 0x0, 0x4e}, &(0x7f0000000fc0))

421.517051ms ago: executing program 2 (id=5552):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x7}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000004b80)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000000)="82", 0x1}, {0x0}], 0x2}}], 0x1, 0x4400c800)

415.132331ms ago: executing program 2 (id=5553):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x4048aec9, 0x0)

296.945833ms ago: executing program 2 (id=5554):
mknod$loop(0x0, 0x0, 0x1)
creat(0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x4008, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0/file1\x00', 0x20400, 0x20)
fdatasync(r0)

296.706574ms ago: executing program 1 (id=5555):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000640)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x2, [@const={0x0, 0x0, 0x0, 0xd}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x10, 0x0, 0x0, 0x2}]}}, &(0x7f0000000000)=""/144, 0x36, 0x90, 0x1}, 0x28)

289.667634ms ago: executing program 2 (id=5556):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000580)='./file0\x00', 0x4, &(0x7f0000000980)=ANY=[], 0x1, 0x122d, &(0x7f0000003540)="$eJzs3cFrHFUcB/Bf2qSNqclGrdUWpA+96GVscvDkJUgK0gWlbQqtIEzNRpfd7IbMEtgiNjev/h3i0Zsg4j0XL54Fb7l4kh7EEXdi2yxbaELraPl8LvvY977z5rFvF2Z4b2f/3a82OxtFtpEP4sTUVExvRaR7KVKciJNR2Y23bvz8y2vXbt66stJsrl5N6fLK9aV3UkoLF7//6PNvXv9hcObGtwvfnY69xY/3f1v+de/c3vn9P69/1i5Su0i9/iDl6Xa/P8hvd1tpvV10spQ+7LbyopXavaK1fah+o9vf2hqmvLc+P7e13SqKlPeGqdMapkE/DbaHKf80b/dSlmVpfi44vlOx9vW9siwjynImTkVZluVzMRdn4vmYj4VoxGK8EC/GS3E2Xo5z8Uq8GudHreo+cwAAAAAAAAAAAAAAAAAAAHi22P8PAAAAAAAAAAAAAAAAAAAA9bP/HwAAAAAAAAAAAAAAAAAAAOpn/z8AAAAAAAAAAAAAAAAAAADU79rNW1dWms3VqynNRmx+ubO2s1a9VvUrG9GObrTiUjTijxjt/q9U5cvvN1cvpZHFeHvz7kH+7s7aycP5pdHfCUzML1X5dDh/OuYezi9HI85Ozi9PzM/Gm288lM+iET99Ev3oxnr8nX2Q/2Ippfc+aI7lL4zaAQAAwLMgS/dNvH7PsjQ1VTUdq6/efPT9gbIxdn9g7Pp6Oi5M1zhwRorhnU7e7ba2n0hh9uCoT+yAjyocTMm408kvPnbqn+l2nE5nIuLpDee/UPjx/px4/NTMsebPQTe7tQ/5/1LYnVg183S/aP/qzxA1efCh130mAAAAAAAAAAAAHMURFgZOV+ttj76ccGLHv3uIPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Bc7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWVAAAA//9b8dzN")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0x40305829, &(0x7f00000000c0)={0x17c04, 0xffffffffffffffff, 0x9, 0xfff, 0x9})

236.551635ms ago: executing program 0 (id=5557):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r0 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, <r1=>0x0}, &(0x7f0000000200)=0xc)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@ipv4_delrule={0x28, 0x21, 0x105, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001}, [@FRA_GENERIC_POLICY=@FRA_UID_RANGE={0xc, 0x14, {0x0, r1}}]}, 0x28}}, 0x0)

170.675566ms ago: executing program 0 (id=5558):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00001f0000), 0x1000002, 0x0)
r1 = dup(r0)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x40542, 0x0)
ftruncate(r2, 0xee72)
sendfile(r1, r2, 0x0, 0x8040fffffffe)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000180)=0x19)

0s ago: executing program 2 (id=5559):
sched_setscheduler(0x0, 0x1, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x84, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r3, {0x0, 0x4}, {}, {0x8}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x0, 0x0, 0x1, 0x7f, 0x2002}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x30008014}, 0x4004810)

kernel console output (not intermixed with test programs):

3] EXT4-fs (loop0): Ignoring removed orlov option
[ 1506.632533][T17393] EXT4-fs (loop0): 1 orphan inode deleted
[ 1506.638434][T17393] EXT4-fs (loop0): mounted filesystem without journal. Opts: nolazytime,orlov,acl,norecovery,nojournal_checksum,quota,,errors=continue. Quota mode: writeback.
[ 1506.655147][T17393] ext4 filesystem being mounted at /307/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1506.898249][T17393] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4829'.
[ 1507.332027][  T508] Bluetooth: hci0: command 0x1003 tx timeout
[ 1507.338133][T17201] Bluetooth: hci0: sending frame failed (-49)
[ 1508.148157][T17397] loop4: detected capacity change from 0 to 40427
[ 1508.189997][T17397] F2FS-fs (loop4): Small segment_count (9 < 1 * 24)
[ 1508.197502][T17397] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1508.224530][T17397] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1508.283106][T17397] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 1508.326632][T17397] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1508.412769][T12051] attempt to access beyond end of device
[ 1508.412769][T12051] loop4: rw=2049, want=45104, limit=40427
[ 1508.521737][T17420] 9pnet: Insufficient options for proto=fd
[ 1508.572348][T17422] loop3: detected capacity change from 0 to 2048
[ 1508.708705][T17422] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1508.719472][T17422] ext4 filesystem being mounted at /435/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1509.460516][  T508] Bluetooth: hci0: command 0x1001 tx timeout
[ 1509.467101][T17201] Bluetooth: hci0: sending frame failed (-49)
[ 1510.044178][T17451] usb usb8: usbfs: process 17451 (syz.2.4845) did not claim interface 0 before use
[ 1510.291523][T12304] usb 5-1: new full-speed USB device number 51 using dummy_hcd
[ 1511.248368][T12304] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1511.268298][T12304] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1511.340398][T17460] loop0: detected capacity change from 0 to 256
[ 1511.348342][T12304] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[ 1511.357484][T12304] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1511.365708][T12304] usb 5-1: SerialNumber: syz
[ 1511.408819][T12304] usb 5-1: 0:2 : does not exist
[ 1511.431304][T17460] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb5f96684, utbl_chksum : 0xe619d30d)
[ 1511.478357][  T508] Bluetooth: hci0: command 0x1009 tx timeout
[ 1511.505067][  T371] usb 4-1: new high-speed USB device number 55 using dummy_hcd
[ 1511.805028][T17462] xt_TCPMSS: Only works on TCP SYN packets
[ 1512.299204][T17466] 9pnet: Insufficient options for proto=fd
[ 1512.310031][T12304] usb 5-1: USB disconnect, device number 51
[ 1512.328269][  T371] usb 4-1: Using ep0 maxpacket: 16
[ 1512.339625][T17470] syz.2.4852 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[ 1512.498522][  T371] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1512.509825][  T371] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1512.519738][  T371] usb 4-1: config 0 interface 0 has no altsetting 0
[ 1512.526475][  T371] usb 4-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[ 1512.553915][  T371] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1512.604048][  T363] udevd[363]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 1512.621402][  T371] usb 4-1: config 0 descriptor??
[ 1512.797735][T17478] loop4: detected capacity change from 0 to 2048
[ 1512.839820][T17478] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1512.850462][T17478] ext4 filesystem being mounted at /304/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1513.311244][T17486] loop2: detected capacity change from 0 to 2048
[ 1513.331985][T17488] loop0: detected capacity change from 0 to 512
[ 1513.342982][T17486] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1513.354616][T17488] EXT4-fs error (device loop0): ext4_orphan_get:1401: inode #15: comm syz.0.4857: iget: bad extended attribute block 1
[ 1513.354762][T17486] ext4 filesystem being mounted at /408/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1513.367612][T17488] EXT4-fs error (device loop0): ext4_orphan_get:1406: comm syz.0.4857: couldn't read orphan inode 15 (err -117)
[ 1513.458061][T17488] EXT4-fs (loop0): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[ 1514.478476][  T371] usbhid 4-1:0.0: can't add hid device: -71
[ 1514.484714][  T371] usbhid: probe of 4-1:0.0 failed with error -71
[ 1514.501018][T17495] EXT4-fs (loop0): re-mounted. Opts: . Quota mode: none.
[ 1514.674753][  T371] usb 4-1: USB disconnect, device number 55
[ 1514.961564][T17503] loop4: detected capacity change from 0 to 256
[ 1515.023599][T17503] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[ 1515.034263][T17503] exfat: Unknown parameter 'fsmagic'
[ 1515.659934][T17518] loop4: detected capacity change from 0 to 512
[ 1515.688489][T17522] 9pnet: Insufficient options for proto=fd
[ 1515.735839][T17518] EXT4-fs warning (device loop4): ext4_enable_quotas:6450: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1515.759460][T17528] loop3: detected capacity change from 0 to 256
[ 1515.771164][T17529] loop2: detected capacity change from 0 to 256
[ 1515.778650][T17528] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[ 1515.788613][T17528] exfat: Unknown parameter 'fsmagic'
[ 1515.804443][T17518] EXT4-fs (loop4): mount failed
[ 1515.831957][T17528] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4867'.
[ 1515.848830][T17529] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[ 1516.016354][T17529] exfat: Unknown parameter 'fsmagic'
[ 1516.915871][T17544] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4870'.
[ 1517.082296][   T30] audit: type=1400 audit(1756889409.554:908): avc:  denied  { read } for  pid=17547 comm="syz.1.4873" name="ppp" dev="devtmpfs" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[ 1517.110979][T17549] loop0: detected capacity change from 0 to 512
[ 1517.158317][   T30] audit: type=1400 audit(1756889409.554:909): avc:  denied  { open } for  pid=17547 comm="syz.1.4873" path="/dev/ppp" dev="devtmpfs" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[ 1517.250035][T17549] EXT4-fs warning (device loop0): ext4_enable_quotas:6450: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1517.265218][T17549] EXT4-fs (loop0): mount failed
[ 1518.600810][T17567] loop4: detected capacity change from 0 to 256
[ 1518.716978][T17567] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[ 1518.726941][T17567] exfat: Unknown parameter 'fsmagic'
[ 1518.746406][T17570] 9pnet: Insufficient options for proto=fd
[ 1519.149327][T17576] loop2: detected capacity change from 0 to 512
[ 1519.220105][T17576] EXT4-fs warning (device loop2): ext4_enable_quotas:6450: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1519.265451][T17580] loop4: detected capacity change from 0 to 4096
[ 1519.328791][T17576] EXT4-fs (loop2): mount failed
[ 1519.348873][T17580] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1519.686383][T17589] futex_wake_op: syz.1.4885 tries to shift op by -1; fix this program
[ 1521.803454][T17606] 9pnet: Insufficient options for proto=fd
[ 1521.947159][T17614] loop2: detected capacity change from 0 to 256
[ 1522.128851][T17614] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[ 1522.551849][T17614] exfat: Unknown parameter 'fsmagic'
[ 1525.157641][T17658] loop0: detected capacity change from 0 to 256
[ 1525.321015][T17658] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[ 1525.331579][T17658] exfat: Unknown parameter 'fsmagic'
[ 1525.361217][T17658] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4903'.
[ 1526.413907][T17674] loop3: detected capacity change from 0 to 256
[ 1526.561438][T17674] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb5f96684, utbl_chksum : 0xe619d30d)
[ 1528.628397][T17684] xt_TCPMSS: Only works on TCP SYN packets
[ 1529.158452][T17686] loop0: detected capacity change from 0 to 256
[ 1529.218601][   T30] audit: type=1400 audit(1756889421.694:910): avc:  denied  { map } for  pid=17691 comm="syz.3.4913" path="/dev/ashmem" dev="devtmpfs" ino=265 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1529.248893][T17686] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[ 1529.309140][T17686] exfat: Unknown parameter 'fsmagic'
[ 1531.339167][   T20] usb 5-1: new high-speed USB device number 52 using dummy_hcd
[ 1532.178264][   T20] usb 5-1: Using ep0 maxpacket: 16
[ 1532.273216][T17722] loop3: detected capacity change from 0 to 256
[ 1532.398450][   T20] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1532.505096][T17729] loop1: detected capacity change from 0 to 512
[ 1533.270563][T17729] EXT4-fs (loop1): Ignoring removed orlov option
[ 1533.354363][   T20] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1533.364213][   T20] usb 5-1: config 0 interface 0 has no altsetting 0
[ 1533.393901][T17722] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb5f96684, utbl_chksum : 0xe619d30d)
[ 1533.425327][   T20] usb 5-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[ 1533.454658][   T20] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1533.509783][   T20] usb 5-1: config 0 descriptor??
[ 1533.528372][   T20] usb 5-1: can't set config #0, error -71
[ 1533.544380][   T20] usb 5-1: USB disconnect, device number 52
[ 1535.422441][T17729] EXT4-fs: error -4 creating inode table initialization thread
[ 1535.430184][T17729] EXT4-fs (loop1): mount failed
[ 1536.283147][T17750] xt_TCPMSS: Only works on TCP SYN packets
[ 1537.552280][T17768] loop1: detected capacity change from 0 to 512
[ 1537.640032][T17768] EXT4-fs error (device loop1): ext4_orphan_get:1401: inode #15: comm syz.1.4935: iget: bad extended attribute block 1
[ 1537.767767][T17768] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.4935: couldn't read orphan inode 15 (err -117)
[ 1537.950445][T17768] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[ 1538.313809][T17768] EXT4-fs (loop1): re-mounted. Opts: . Quota mode: none.
[ 1538.592144][T17791] loop1: detected capacity change from 0 to 256
[ 1538.658651][T17791] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[ 1538.668716][T17791] exfat: Unknown parameter 'fsmagic'
[ 1539.324492][T17792] loop4: detected capacity change from 0 to 512
[ 1539.401974][T17792] EXT4-fs (loop4): Ignoring removed orlov option
[ 1540.158894][T17792] EXT4-fs (loop4): 1 orphan inode deleted
[ 1540.164662][T17792] EXT4-fs (loop4): mounted filesystem without journal. Opts: nolazytime,orlov,acl,norecovery,nojournal_checksum,quota,,errors=continue. Quota mode: writeback.
[ 1540.180722][T17792] ext4 filesystem being mounted at /322/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1540.196688][T17792] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4941'.
[ 1543.397301][T17818] loop0: detected capacity change from 0 to 1024
[ 1545.798557][T17818] EXT4-fs (loop0): Ignoring removed nobh option
[ 1545.826709][T17822] loop1: detected capacity change from 0 to 512
[ 1545.835359][T17824] futex_wake_op: syz.3.4950 tries to shift op by -1; fix this program
[ 1545.857745][T17818] EXT4-fs error (device loop0): ext4_ext_check_inode:501: inode #11: comm syz.0.4942: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[ 1545.876858][T17818] EXT4-fs error (device loop0): ext4_orphan_get:1406: comm syz.0.4942: couldn't read orphan inode 11 (err -117)
[ 1545.889394][T17818] EXT4-fs (loop0): mounted filesystem without journal. Opts: sysvgroups,noload,nobh,norecovery,journal_dev=0x0000000000000004,norecovery,errors=continue,quota,,errors=continue. Quota mode: writeback.
[ 1545.918864][T17829] loop4: detected capacity change from 0 to 512
[ 1545.944711][T17817] xt_TCPMSS: Only works on TCP SYN packets
[ 1545.957809][T17822] EXT4-fs error (device loop1): ext4_orphan_get:1401: inode #15: comm syz.1.4949: iget: bad extended attribute block 1
[ 1545.980907][T17822] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.4949: couldn't read orphan inode 15 (err -117)
[ 1545.999368][T17822] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[ 1546.018798][T17829] EXT4-fs error (device loop4): ext4_orphan_get:1401: inode #15: comm syz.4.4945: iget: bad extended attribute block 1
[ 1546.050942][T17829] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.4945: couldn't read orphan inode 15 (err -117)
[ 1546.210919][T17829] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[ 1546.347733][T17839] loop0: detected capacity change from 0 to 512
[ 1547.020385][T17841] EXT4-fs (loop1): re-mounted. Opts: . Quota mode: none.
[ 1547.028953][T17842] EXT4-fs (loop4): re-mounted. Opts: . Quota mode: none.
[ 1547.160703][T17839] EXT4-fs warning (device loop0): ext4_enable_quotas:6450: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1547.267144][T17839] EXT4-fs (loop0): mount failed
[ 1549.177950][T17856] loop0: detected capacity change from 0 to 512
[ 1549.925187][T17870] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1549.940559][T17856] EXT4-fs error (device loop0): ext4_orphan_get:1401: inode #15: comm syz.0.4958: iget: bad extended attribute block 1
[ 1549.955930][T17856] EXT4-fs error (device loop0): ext4_orphan_get:1406: comm syz.0.4958: couldn't read orphan inode 15 (err -117)
[ 1549.956173][T17867] tipc: Disabling bearer <eth:syzkaller0>
[ 1549.975453][T17856] EXT4-fs (loop0): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[ 1550.072423][T17873] loop4: detected capacity change from 0 to 256
[ 1550.148683][T17856] EXT4-fs (loop0): re-mounted. Opts: . Quota mode: none.
[ 1550.229350][T17873] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[ 1550.239379][T17873] exfat: Unknown parameter 'fsmagic'
[ 1551.724159][T17893] futex_wake_op: syz.3.4967 tries to shift op by -1; fix this program
[ 1551.812431][T17898] loop3: detected capacity change from 0 to 512
[ 1552.522042][T17902] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4969'.
[ 1552.556600][T17898] EXT4-fs error (device loop3): ext4_orphan_get:1401: inode #15: comm syz.3.4968: iget: bad extended attribute block 1
[ 1552.574014][T17898] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.4968: couldn't read orphan inode 15 (err -117)
[ 1552.586540][T17898] EXT4-fs (loop3): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[ 1552.674173][T17906] loop1: detected capacity change from 0 to 1024
[ 1552.799102][T17906] EXT4-fs (loop1): Ignoring removed nobh option
[ 1552.992590][T17906] EXT4-fs error (device loop1): ext4_ext_check_inode:501: inode #11: comm syz.1.4970: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[ 1553.011923][T17906] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.4970: couldn't read orphan inode 11 (err -117)
[ 1553.025020][T17906] EXT4-fs (loop1): mounted filesystem without journal. Opts: sysvgroups,noload,nobh,norecovery,journal_dev=0x0000000000000004,norecovery,errors=continue,quota,,errors=continue. Quota mode: writeback.
[ 1553.108869][T17906] xt_TCPMSS: Only works on TCP SYN packets
[ 1553.640232][   T30] audit: type=1326 audit(1756889446.114:911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17913 comm="syz.4.4972" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5995700be9 code=0x7ffc0000
[ 1553.756836][T17911] EXT4-fs (loop3): re-mounted. Opts: . Quota mode: none.
[ 1553.772012][   T30] audit: type=1326 audit(1756889446.114:912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17913 comm="syz.4.4972" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5995700be9 code=0x7ffc0000
[ 1553.808264][  T898] usb 1-1: new full-speed USB device number 66 using dummy_hcd
[ 1553.859508][T17920] syz.4.4972[17920] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1553.859791][T17920] syz.4.4972[17920] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1553.945093][T17920] loop4: detected capacity change from 0 to 256
[ 1554.038528][T17920] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1554.049471][T17920] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[ 1554.067576][T17920] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1554.258573][  T898] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1554.327529][  T898] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1554.366771][   T30] audit: type=1326 audit(1756889446.134:913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17913 comm="syz.4.4972" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7f5995700be9 code=0x7ffc0000
[ 1554.928972][  T898] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[ 1554.938054][  T898] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1554.968352][   T30] audit: type=1326 audit(1756889446.134:914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17913 comm="syz.4.4972" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5995700be9 code=0x7ffc0000
[ 1554.991954][   T30] audit: type=1326 audit(1756889446.134:915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17913 comm="syz.4.4972" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5995700be9 code=0x7ffc0000
[ 1555.015394][  T898] usb 1-1: SerialNumber: syz
[ 1555.048260][   T30] audit: type=1326 audit(1756889446.134:916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17913 comm="syz.4.4972" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f5995700be9 code=0x7ffc0000
[ 1555.059019][  T898] usb 1-1: 0:2 : does not exist
[ 1555.071741][   T30] audit: type=1326 audit(1756889446.134:917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17913 comm="syz.4.4972" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5995700be9 code=0x7ffc0000
[ 1555.152484][T17927] syz.1.4976[17927] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1555.152852][T17927] syz.1.4976[17927] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1555.189451][T17927] loop1: detected capacity change from 0 to 256
[ 1555.250775][T17927] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1555.261451][T17927] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[ 1555.286729][T17927] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1555.511816][  T898] usb 1-1: USB disconnect, device number 66
[ 1556.161061][   T30] audit: type=1326 audit(1756889446.134:918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17913 comm="syz.4.4972" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5995700be9 code=0x7ffc0000
[ 1556.184516][   T30] audit: type=1326 audit(1756889446.134:919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17913 comm="syz.4.4972" exe="/root/syz-executor" sig=0 arch=c000003e syscall=26 compat=0 ip=0x7f5995700be9 code=0x7ffc0000
[ 1556.271633][   T30] audit: type=1326 audit(1756889446.134:920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17913 comm="syz.4.4972" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5995700be9 code=0x7ffc0000
[ 1556.296628][T17933] futex_wake_op: syz.4.4979 tries to shift op by -1; fix this program
[ 1556.305446][  T363] udevd[363]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 1556.331227][T17922] loop2: detected capacity change from 0 to 40427
[ 1556.400801][T17939] loop1: detected capacity change from 0 to 256
[ 1556.407757][T17922] F2FS-fs (loop2): Small segment_count (9 < 1 * 24)
[ 1556.417382][T17922] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 1556.438486][T17939] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[ 1556.448570][T17939] exfat: Unknown parameter 'fsmagic'
[ 1556.459006][T17922] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1556.603557][T17922] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[ 1556.626293][T17922] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1556.805465][T17938] loop4: detected capacity change from 0 to 40427
[ 1556.842684][ T9938] attempt to access beyond end of device
[ 1556.842684][ T9938] loop2: rw=2049, want=45104, limit=40427
[ 1556.933537][T17938] F2FS-fs (loop4): Small segment_count (9 < 1 * 24)
[ 1556.955776][T17938] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1556.975505][T17935] syz.3.4978[17935] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1556.975585][T17935] syz.3.4978[17935] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1556.999070][T17938] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1557.214973][T17935] loop3: detected capacity change from 0 to 256
[ 1557.253025][T17938] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 1557.297577][T17938] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1557.339257][T17935] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1557.350007][T17935] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[ 1557.360524][T17935] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1557.416515][T12051] attempt to access beyond end of device
[ 1557.416515][T12051] loop4: rw=2049, want=45104, limit=40427
[ 1559.761918][T17983] futex_wake_op: syz.1.4992 tries to shift op by -1; fix this program
[ 1560.741691][T17994] loop0: detected capacity change from 0 to 256
[ 1563.048497][T17994] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[ 1563.058512][T17994] exfat: Unknown parameter 'fsmagic'
[ 1563.162741][   T30] kauditd_printk_skb: 74 callbacks suppressed
[ 1563.162779][   T30] audit: type=1326 audit(1756889455.634:995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18000 comm="syz.2.4998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2615014be9 code=0x7ffc0000
[ 1563.335372][   T30] audit: type=1326 audit(1756889455.634:996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18000 comm="syz.2.4998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2615014be9 code=0x7ffc0000
[ 1563.738264][   T30] audit: type=1326 audit(1756889455.794:997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18000 comm="syz.2.4998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7f2615014be9 code=0x7ffc0000
[ 1564.324491][   T30] audit: type=1326 audit(1756889455.794:998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18000 comm="syz.2.4998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2615014be9 code=0x7ffc0000
[ 1564.505948][T18021] futex_wake_op: syz.2.5004 tries to shift op by -1; fix this program
[ 1565.475753][T18019] usb usb8: usbfs: process 18019 (syz.1.5002) did not claim interface 0 before use
[ 1565.927511][T18032] futex_wake_op: syz.1.5006 tries to shift op by -1; fix this program
[ 1565.942994][   T30] audit: type=1326 audit(1756889455.794:999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18000 comm="syz.2.4998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2615014be9 code=0x7ffc0000
[ 1566.038232][   T30] audit: type=1326 audit(1756889455.834:1000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18000 comm="syz.2.4998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f2615014be9 code=0x7ffc0000
[ 1566.068498][T18040] loop1: detected capacity change from 0 to 512
[ 1566.118724][   T30] audit: type=1326 audit(1756889455.834:1001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18000 comm="syz.2.4998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2615014be9 code=0x7ffc0000
[ 1566.176227][T18040] EXT4-fs error (device loop1): ext4_orphan_get:1401: inode #15: comm syz.1.5010: iget: bad extended attribute block 1
[ 1566.188782][   T30] audit: type=1326 audit(1756889455.834:1002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18000 comm="syz.2.4998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2615014be9 code=0x7ffc0000
[ 1566.212908][T18040] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.5010: couldn't read orphan inode 15 (err -117)
[ 1566.213152][   T30] audit: type=1326 audit(1756889456.114:1003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18000 comm="syz.2.4998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=26 compat=0 ip=0x7f2615014be9 code=0x7ffc0000
[ 1566.248261][T18040] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[ 1566.273666][   T30] audit: type=1326 audit(1756889456.114:1004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18000 comm="syz.2.4998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2615014be9 code=0x7ffc0000
[ 1566.458234][T17998] usb 4-1: new full-speed USB device number 56 using dummy_hcd
[ 1566.589927][T18049] EXT4-fs (loop1): re-mounted. Opts: . Quota mode: none.
[ 1566.828324][T17998] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1566.848254][T17998] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1566.964393][T17998] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[ 1566.975379][T17998] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1566.987998][T18051] loop4: detected capacity change from 0 to 512
[ 1566.998616][T17998] usb 4-1: SerialNumber: syz
[ 1567.040853][T17998] usb 4-1: 0:2 : does not exist
[ 1567.172974][T18061] loop0: detected capacity change from 0 to 256
[ 1567.200894][T18051] EXT4-fs warning (device loop4): ext4_enable_quotas:6450: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1567.217527][T18051] EXT4-fs (loop4): mount failed
[ 1567.218535][T18061] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[ 1567.232845][T18061] exfat: Unknown parameter 'fsmagic'
[ 1568.243216][T17998] usb 4-1: USB disconnect, device number 56
[ 1571.615285][  T362] udevd[362]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 1571.647374][T18093] futex_wake_op: syz.4.5024 tries to shift op by -1; fix this program
[ 1573.143775][T18114] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[ 1573.281663][T18122] loop4: detected capacity change from 0 to 256
[ 1573.319438][T18122] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[ 1573.329512][T18122] exfat: Unknown parameter 'fsmagic'
[ 1574.526031][T18135] loop2: detected capacity change from 0 to 512
[ 1575.708338][T18135] EXT4-fs (loop2): Ignoring removed orlov option
[ 1575.795610][   T30] kauditd_printk_skb: 17 callbacks suppressed
[ 1575.795625][   T30] audit: type=1326 audit(1756889468.264:1022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18140 comm="syz.0.5036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94c095cbe9 code=0x7ffc0000
[ 1575.837195][T18135] EXT4-fs (loop2): 1 orphan inode deleted
[ 1575.843124][T18135] EXT4-fs (loop2): mounted filesystem without journal. Opts: nolazytime,orlov,acl,norecovery,nojournal_checksum,quota,,errors=continue. Quota mode: writeback.
[ 1576.152563][T18135] ext4 filesystem being mounted at /442/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1576.806296][T18134] loop3: detected capacity change from 0 to 40427
[ 1576.829295][T18147] futex_wake_op: syz.4.5037 tries to shift op by -1; fix this program
[ 1576.837018][   T30] audit: type=1326 audit(1756889468.264:1023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18140 comm="syz.0.5036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94c095cbe9 code=0x7ffc0000
[ 1576.862799][   T30] audit: type=1326 audit(1756889468.304:1024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18140 comm="syz.0.5036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7f94c095cbe9 code=0x7ffc0000
[ 1576.887096][   T30] audit: type=1326 audit(1756889468.304:1025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18140 comm="syz.0.5036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94c095cbe9 code=0x7ffc0000
[ 1576.914803][T18149] syz.0.5036[18149] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1576.915200][T18149] syz.0.5036[18149] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1577.249146][T18149] loop0: detected capacity change from 0 to 256
[ 1577.630930][T18149] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1577.641732][T18149] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[ 1577.661883][T18149] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1577.815165][   T30] audit: type=1326 audit(1756889468.304:1026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18140 comm="syz.0.5036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94c095cbe9 code=0x7ffc0000
[ 1578.115586][   T30] audit: type=1326 audit(1756889468.304:1027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18140 comm="syz.0.5036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f94c095cbe9 code=0x7ffc0000
[ 1578.139505][   T30] audit: type=1326 audit(1756889468.304:1028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18140 comm="syz.0.5036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94c095cbe9 code=0x7ffc0000
[ 1578.163611][   T30] audit: type=1326 audit(1756889468.304:1029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18140 comm="syz.0.5036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94c095cbe9 code=0x7ffc0000
[ 1578.307736][   T30] audit: type=1326 audit(1756889468.304:1030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18140 comm="syz.0.5036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=26 compat=0 ip=0x7f94c095cbe9 code=0x7ffc0000
[ 1578.402245][T18162] usb usb8: usbfs: process 18162 (syz.4.5040) did not claim interface 0 before use
[ 1578.714882][T18169] incfs: Can't find or create .index dir in ./file0
[ 1578.735153][T18169] incfs: mount failed -14
[ 1578.744804][   T30] audit: type=1326 audit(1756889468.304:1031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18140 comm="syz.0.5036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94c095cbe9 code=0x7ffc0000
[ 1578.857547][T18170] loop2: detected capacity change from 0 to 1024
[ 1578.909807][T18170] EXT4-fs (loop2): Ignoring removed nobh option
[ 1579.047008][T18170] EXT4-fs error (device loop2): ext4_ext_check_inode:501: inode #11: comm syz.2.5044: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[ 1579.066559][T18170] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.5044: couldn't read orphan inode 11 (err -117)
[ 1579.078674][T18170] EXT4-fs (loop2): mounted filesystem without journal. Opts: sysvgroups,noload,nobh,norecovery,journal_dev=0x0000000000000004,norecovery,errors=continue,quota,,errors=continue. Quota mode: writeback.
[ 1579.103436][T18170] xt_TCPMSS: Only works on TCP SYN packets
[ 1579.153642][T18178] loop3: detected capacity change from 0 to 256
[ 1579.247098][T18178] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[ 1579.386403][T18178] exfat: Unknown parameter 'fsmagic'
[ 1579.519533][T18179] syz.4.5047[18179] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1579.519626][T18179] syz.4.5047[18179] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1579.534571][T18179] loop4: detected capacity change from 0 to 256
[ 1579.592113][T18179] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1579.602863][T18179] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[ 1579.613728][T18179] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1580.172714][T18189] futex_wake_op: syz.1.5051 tries to shift op by -1; fix this program
[ 1580.805715][T18194] loop1: detected capacity change from 0 to 40427
[ 1580.815465][T18194] F2FS-fs (loop1): Small segment_count (9 < 1 * 24)
[ 1580.822281][T18194] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 1580.833357][T18194] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1580.870115][T18194] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 1580.877201][T18194] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1580.901551][T10943] attempt to access beyond end of device
[ 1580.901551][T10943] loop1: rw=2049, want=45104, limit=40427
[ 1581.388075][T18209] loop1: detected capacity change from 0 to 512
[ 1581.468973][T18209] EXT4-fs (loop1): Ignoring removed orlov option
[ 1581.714795][T18209] EXT4-fs (loop1): 1 orphan inode deleted
[ 1581.720641][T18209] EXT4-fs (loop1): mounted filesystem without journal. Opts: nolazytime,orlov,acl,norecovery,nojournal_checksum,quota,,errors=continue. Quota mode: writeback.
[ 1581.737008][T18209] ext4 filesystem being mounted at /428/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1582.456807][T18217] loop1: detected capacity change from 0 to 512
[ 1582.553943][T18223] loop0: detected capacity change from 0 to 512
[ 1582.571657][T18217] EXT4-fs error (device loop1): ext4_orphan_get:1401: inode #15: comm syz.1.5057: iget: bad extended attribute block 1
[ 1582.589455][T18217] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.5057: couldn't read orphan inode 15 (err -117)
[ 1582.615228][T18223] EXT4-fs error (device loop0): ext4_orphan_get:1401: inode #15: comm syz.0.5059: iget: bad extended attribute block 1
[ 1582.628156][T18217] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[ 1582.649044][T18223] EXT4-fs error (device loop0): ext4_orphan_get:1406: comm syz.0.5059: couldn't read orphan inode 15 (err -117)
[ 1582.730171][T18223] EXT4-fs (loop0): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[ 1582.817224][T18228] EXT4-fs (loop1): re-mounted. Opts: . Quota mode: none.
[ 1584.010339][T18235] loop1: detected capacity change from 0 to 256
[ 1584.134849][T18239] EXT4-fs (loop0): re-mounted. Opts: . Quota mode: none.
[ 1584.156973][T18235] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xb5f96684, utbl_chksum : 0xe619d30d)
[ 1584.341295][T18241] loop4: detected capacity change from 0 to 1024
[ 1584.418656][   T30] kauditd_printk_skb: 43 callbacks suppressed
[ 1584.418673][   T30] audit: type=1326 audit(1756889476.894:1075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18243 comm="syz.3.5065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ba15b0be9 code=0x7ffc0000
[ 1584.540663][   T30] audit: type=1326 audit(1756889476.994:1076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18243 comm="syz.3.5065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7f1ba15b0be9 code=0x7ffc0000
[ 1584.649788][   T30] audit: type=1326 audit(1756889476.994:1077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18243 comm="syz.3.5065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ba15b0be9 code=0x7ffc0000
[ 1584.709009][T18241] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:476: comm syz.4.5062: Invalid block bitmap block 0 in block_group 0
[ 1584.742912][T18241] Quota error (device loop4): write_blk: dquota write failed
[ 1584.770446][T18241] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[ 1584.803108][T18241] EXT4-fs error (device loop4): ext4_acquire_dquot:6198: comm syz.4.5062: Failed to acquire dquot type 0
[ 1584.831451][T18241] EXT4-fs error (device loop4): ext4_free_blocks:6223: comm syz.4.5062: Freeing blocks not in datazone - block = 0, count = 4096
[ 1584.935110][T18241] EXT4-fs error (device loop4): ext4_read_inode_bitmap:140: comm syz.4.5062: Invalid inode bitmap blk 0 in block_group 0
[ 1584.948272][ T6366] Quota error (device loop4): remove_tree: Getting block too big (0 >= 9)
[ 1584.963384][ T6366] EXT4-fs error (device loop4): ext4_release_dquot:6234: comm kworker/u4:10: Failed to release dquot type 0
[ 1585.007646][T18241] EXT4-fs error (device loop4) in ext4_free_inode:362: Corrupt filesystem
[ 1585.043535][T18241] EXT4-fs (loop4): 1 orphan inode deleted
[ 1585.067615][T18241] EXT4-fs (loop4): mounted filesystem without journal. Opts: €�; ,errors=continue. Quota mode: writeback.
[ 1585.180014][   T30] audit: type=1326 audit(1756889477.654:1078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18256 comm="syz.0.5067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94c095cbe9 code=0x7ffc0000
[ 1585.203780][   T30] audit: type=1326 audit(1756889477.654:1079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18256 comm="syz.0.5067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94c095cbe9 code=0x7ffc0000
[ 1585.228172][   T30] audit: type=1326 audit(1756889477.654:1080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18256 comm="syz.0.5067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7f94c095cbe9 code=0x7ffc0000
[ 1585.259818][   T30] audit: type=1326 audit(1756889477.654:1081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18256 comm="syz.0.5067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94c095cbe9 code=0x7ffc0000
[ 1585.412250][T18265] syz.0.5067[18265] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1585.412606][T18265] syz.0.5067[18265] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1585.446308][T18265] loop0: detected capacity change from 0 to 256
[ 1585.490697][T18265] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1585.501462][T18265] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[ 1585.522131][T18265] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1586.656647][T18273] loop4: detected capacity change from 0 to 512
[ 1586.936614][T18273] EXT4-fs error (device loop4): ext4_orphan_get:1401: inode #15: comm syz.4.5072: iget: bad extended attribute block 1
[ 1586.968475][T18273] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.5072: couldn't read orphan inode 15 (err -117)
[ 1586.998600][T18273] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[ 1587.242184][T18280] EXT4-fs (loop4): re-mounted. Opts: . Quota mode: none.
[ 1589.488273][ T1055] usb 5-1: new full-speed USB device number 53 using dummy_hcd
[ 1589.561043][T18312] loop0: detected capacity change from 0 to 256
[ 1589.670350][T18312] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[ 1589.828782][T18312] exfat: Unknown parameter 'fsmagic'
[ 1590.099539][T18312] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5079'.
[ 1590.288416][ T1055] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1590.305374][ T1055] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1590.421142][ T1055] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[ 1590.436906][ T1055] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1590.445241][ T1055] usb 5-1: SerialNumber: syz
[ 1591.149603][T18326] loop4: detected capacity change from 0 to 512
[ 1591.589352][ T1055] usb 5-1: 0:2 : does not exist
[ 1591.594263][ T1055] usb 5-1: unit 4 not found!
[ 1591.600883][ T1055] usb 5-1: USB disconnect, device number 53
[ 1591.665159][T18326] EXT4-fs error (device loop4): ext4_orphan_get:1401: inode #15: comm syz.4.5085: iget: bad extended attribute block 1
[ 1591.696272][T18326] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.5085: couldn't read orphan inode 15 (err -117)
[ 1591.728479][T18326] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[ 1591.848911][  T363] udevd[363]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 1591.911684][T18339] futex_wake_op: syz.1.5089 tries to shift op by -1; fix this program
[ 1592.046109][T18344] EXT4-fs (loop4): re-mounted. Opts: . Quota mode: none.
[ 1592.482113][ T1055] usb 2-1: new full-speed USB device number 45 using dummy_hcd
[ 1592.595031][T18351] futex_wake_op: syz.2.5093 tries to shift op by -1; fix this program
[ 1592.792079][T18361] loop4: detected capacity change from 0 to 256
[ 1592.838493][T18361] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[ 1592.848611][T18361] exfat: Unknown parameter 'fsmagic'
[ 1592.858256][T17998] usb 1-1: new high-speed USB device number 67 using dummy_hcd
[ 1592.868437][ T1055] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1592.879334][ T1055] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1593.018291][ T1055] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[ 1593.031408][ T1055] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1593.041210][T18363] loop3: detected capacity change from 0 to 256
[ 1593.047580][ T1055] usb 2-1: SerialNumber: syz
[ 1593.070331][T18363] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb5f96684, utbl_chksum : 0xe619d30d)
[ 1593.091566][ T1055] usb 2-1: 0:2 : does not exist
[ 1593.108211][T17998] usb 1-1: Using ep0 maxpacket: 32
[ 1593.335766][ T1055] usb 2-1: USB disconnect, device number 45
[ 1593.691966][T18365] xt_TCPMSS: Only works on TCP SYN packets
[ 1594.438318][T17998] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1594.449301][T17998] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1594.459477][T17998] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00
[ 1594.477862][T17998] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1594.495582][T17998] usb 1-1: config 0 descriptor??
[ 1594.621558][T18371] loop3: detected capacity change from 0 to 2048
[ 1594.630862][T18373] futex_wake_op: syz.2.5102 tries to shift op by -1; fix this program
[ 1594.656862][T18375] loop2: detected capacity change from 0 to 512
[ 1594.709905][T18371] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1594.737489][T18371] ext4 filesystem being mounted at /485/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1594.799377][T18375] EXT4-fs error (device loop2): ext4_orphan_get:1401: inode #15: comm syz.2.5103: iget: bad extended attribute block 1
[ 1594.818441][T18375] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.5103: couldn't read orphan inode 15 (err -117)
[ 1594.861436][T18375] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[ 1594.976179][T18389] loop4: detected capacity change from 0 to 256
[ 1594.998870][  T363] udevd[363]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 1595.038438][T17998] usbhid 1-1:0.0: can't add hid device: -71
[ 1595.044813][T17998] usbhid: probe of 1-1:0.0 failed with error -71
[ 1595.589434][T18388] EXT4-fs (loop2): re-mounted. Opts: . Quota mode: none.
[ 1595.628726][T17998] usb 1-1: USB disconnect, device number 67
[ 1595.648808][T18389] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[ 1595.672967][T18389] exfat: Unknown parameter 'fsmagic'
[ 1595.695987][T18395] loop1: detected capacity change from 0 to 512
[ 1595.999135][T18389] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5105'.
[ 1596.040547][T18395] EXT4-fs error (device loop1): ext4_orphan_get:1401: inode #15: comm syz.1.5107: iget: bad extended attribute block 1
[ 1596.068442][T18395] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.5107: couldn't read orphan inode 15 (err -117)
[ 1596.089194][T18402] loop0: detected capacity change from 0 to 512
[ 1596.115917][   T30] kauditd_printk_skb: 23 callbacks suppressed
[ 1596.115931][   T30] audit: type=1326 audit(1756889488.584:1105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18403 comm="syz.2.5108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2615014be9 code=0x7ffc0000
[ 1596.146074][   T30] audit: type=1326 audit(1756889488.584:1106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18403 comm="syz.2.5108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7f2615014be9 code=0x7ffc0000
[ 1596.150459][T18395] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[ 1596.171105][   T30] audit: type=1326 audit(1756889488.584:1107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18403 comm="syz.2.5108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2615014be9 code=0x7ffc0000
[ 1596.229305][T18402] EXT4-fs error (device loop0): ext4_orphan_get:1401: inode #15: comm syz.0.5109: iget: bad extended attribute block 1
[ 1596.242084][T18402] EXT4-fs error (device loop0): ext4_orphan_get:1406: comm syz.0.5109: couldn't read orphan inode 15 (err -117)
[ 1596.254752][T18402] EXT4-fs (loop0): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[ 1596.541598][T18399] EXT4-fs error (device loop1): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 13: invalid block bitmap
[ 1596.555045][T18417] EXT4-fs (loop0): re-mounted. Opts: . Quota mode: none.
[ 1597.724937][T18427] EXT4-fs (loop1): re-mounted. Opts: . Quota mode: none.
[ 1597.836408][T18429] loop2: detected capacity change from 0 to 512
[ 1597.871030][T18429] EXT4-fs (loop2): Ignoring removed orlov option
[ 1598.095194][T18429] EXT4-fs (loop2): 1 orphan inode deleted
[ 1598.101197][T18429] EXT4-fs (loop2): mounted filesystem without journal. Opts: nolazytime,orlov,acl,norecovery,nojournal_checksum,quota,,errors=continue. Quota mode: writeback.
[ 1598.117603][T18429] ext4 filesystem being mounted at /465/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1598.921288][   T30] audit: type=1326 audit(1756889491.394:1108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18435 comm="syz.2.5117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2615014be9 code=0x7ffc0000
[ 1599.008329][T18439] loop3: detected capacity change from 0 to 256
[ 1599.068475][T18439] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[ 1599.078447][T18439] exfat: Unknown parameter 'fsmagic'
[ 1599.142077][T18440] syz.2.5117[18440] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1599.142534][T18440] syz.2.5117[18440] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1599.188104][T18440] loop2: detected capacity change from 0 to 256
[ 1600.592445][   T30] audit: type=1326 audit(1756889491.394:1109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18435 comm="syz.2.5117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2615014be9 code=0x7ffc0000
[ 1600.616894][   T30] audit: type=1326 audit(1756889491.414:1110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18435 comm="syz.2.5117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7f2615014be9 code=0x7ffc0000
[ 1600.901470][   T30] audit: type=1326 audit(1756889491.414:1111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18435 comm="syz.2.5117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2615014be9 code=0x7ffc0000
[ 1601.018369][T18440] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1601.029216][T18440] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[ 1601.042355][T18440] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1601.276035][T18442] loop0: detected capacity change from 0 to 8192
[ 1601.299467][T18444] loop2: detected capacity change from 0 to 512
[ 1601.302607][   T30] audit: type=1326 audit(1756889491.414:1112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18435 comm="syz.2.5117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2615014be9 code=0x7ffc0000
[ 1601.377295][T18444] EXT4-fs error (device loop2): ext4_orphan_get:1401: inode #15: comm syz.2.5119: iget: bad extended attribute block 1
[ 1601.408424][T18444] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.5119: couldn't read orphan inode 15 (err -117)
[ 1601.448841][T18444] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[ 1601.472501][   T30] audit: type=1326 audit(1756889491.414:1113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18435 comm="syz.2.5117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f2615014be9 code=0x7ffc0000
[ 1601.561630][   T30] audit: type=1326 audit(1756889491.414:1114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18435 comm="syz.2.5117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2615014be9 code=0x7ffc0000
[ 1601.669917][   T30] audit: type=1326 audit(1756889491.414:1115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18435 comm="syz.2.5117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2615014be9 code=0x7ffc0000
[ 1601.694532][   T30] audit: type=1326 audit(1756889491.414:1116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18435 comm="syz.2.5117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=26 compat=0 ip=0x7f2615014be9 code=0x7ffc0000
[ 1602.309391][T18459] EXT4-fs (loop2): re-mounted. Opts: . Quota mode: none.
[ 1602.669159][T18463] loop3: detected capacity change from 0 to 1024
[ 1602.675580][   T30] audit: type=1326 audit(1756889491.414:1117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18435 comm="syz.2.5117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2615014be9 code=0x7ffc0000
[ 1602.700542][   T30] audit: type=1326 audit(1756889491.414:1118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18435 comm="syz.2.5117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2615014be9 code=0x7ffc0000
[ 1602.724548][   T30] audit: type=1326 audit(1756889491.414:1119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18435 comm="syz.2.5117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2615014be9 code=0x7ffc0000
[ 1602.748097][   T30] audit: type=1326 audit(1756889491.414:1120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18435 comm="syz.2.5117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2615014be9 code=0x7ffc0000
[ 1602.821929][T18463] EXT4-fs (loop3): Ignoring removed nobh option
[ 1602.838449][T18463] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1602.858316][   T30] audit: type=1326 audit(1756889491.414:1121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18435 comm="syz.2.5117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2615014be9 code=0x7ffc0000
[ 1602.917037][T18467] loop1: detected capacity change from 0 to 512
[ 1602.933760][T18467] EXT4-fs error (device loop1): ext4_orphan_get:1401: inode #15: comm syz.1.5125: iget: bad extended attribute block 1
[ 1602.947993][T18467] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.5125: couldn't read orphan inode 15 (err -117)
[ 1602.960498][T18463] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=continue,data_err=abort,init_itable,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b0,noblock_validity,grpquota,nobh,user_xattr,inode_readahead_blks=0x0000000000000004,dioread_nolock,,errors=continue. Quota mode: writeback.
[ 1602.991659][  T508] usb 1-1: new high-speed USB device number 68 using dummy_hcd
[ 1603.003740][T18467] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[ 1603.988844][T18477] EXT4-fs (loop1): re-mounted. Opts: . Quota mode: none.
[ 1604.664190][T18492] loop4: detected capacity change from 0 to 256
[ 1604.738688][T18492] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[ 1604.748765][T18492] exfat: Unknown parameter 'fsmagic'
[ 1605.498741][  T508] usb 1-1: device not accepting address 68, error -71
[ 1605.558258][T18503] loop2: detected capacity change from 0 to 512
[ 1605.775037][T18508] futex_wake_op: syz.3.5136 tries to shift op by -1; fix this program
[ 1605.793969][T18503] EXT4-fs error (device loop2): ext4_orphan_get:1401: inode #15: comm syz.2.5135: iget: bad extended attribute block 1
[ 1605.877474][T18503] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.5135: couldn't read orphan inode 15 (err -117)
[ 1605.898552][T18512] loop4: detected capacity change from 0 to 512
[ 1605.919660][T18512] EXT4-fs error (device loop4): ext4_orphan_get:1401: inode #15: comm syz.4.5138: iget: bad extended attribute block 1
[ 1605.932887][T18503] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[ 1605.979186][T18512] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.5138: couldn't read orphan inode 15 (err -117)
[ 1605.994024][T18512] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[ 1607.578664][T18507] EXT4-fs error (device loop2): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 13: invalid block bitmap
[ 1607.591828][T18520] EXT4-fs (loop4): re-mounted. Opts: . Quota mode: none.
[ 1607.678770][T18522] EXT4-fs (loop2): re-mounted. Opts: . Quota mode: none.
[ 1609.730363][T18541] loop4: detected capacity change from 0 to 2048
[ 1609.986043][T18541] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1609.997360][T18541] ext4 filesystem being mounted at /360/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1610.129043][T18551] futex_wake_op: syz.4.5148 tries to shift op by -1; fix this program
[ 1610.466768][T18558] loop4: detected capacity change from 0 to 256
[ 1610.518897][T18558] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[ 1610.528959][T18558] exfat: Unknown parameter 'fsmagic'
[ 1611.109155][T18564] loop2: detected capacity change from 0 to 256
[ 1611.148506][T18564] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[ 1611.158675][T18564] exfat: Unknown parameter 'fsmagic'
[ 1611.190310][   T30] kauditd_printk_skb: 27 callbacks suppressed
[ 1611.190351][   T30] audit: type=1326 audit(1756889503.664:1149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18566 comm="syz.1.5152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf533e6be9 code=0x7ffc0000
[ 1611.489742][T18572] syz.1.5152[18572] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1611.491017][T18572] syz.1.5152[18572] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1613.983726][   T30] audit: type=1326 audit(1756889503.664:1150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18566 comm="syz.1.5152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf533e6be9 code=0x7ffc0000
[ 1614.007020][T18574] incfs: Can't find or create .index dir in ./file0
[ 1614.049631][T18574] incfs: mount failed -14
[ 1614.095454][   T30] audit: type=1326 audit(1756889503.694:1151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18566 comm="syz.1.5152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7faf533e6be9 code=0x7ffc0000
[ 1614.137933][   T30] audit: type=1326 audit(1756889503.694:1152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18566 comm="syz.1.5152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf533e6be9 code=0x7ffc0000
[ 1614.168957][   T30] audit: type=1326 audit(1756889503.694:1153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18566 comm="syz.1.5152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf533e6be9 code=0x7ffc0000
[ 1614.201725][T18585] futex_wake_op: syz.4.5160 tries to shift op by -1; fix this program
[ 1614.228281][   T30] audit: type=1326 audit(1756889503.694:1154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18566 comm="syz.1.5152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7faf533e6be9 code=0x7ffc0000
[ 1614.251845][   T30] audit: type=1326 audit(1756889503.694:1155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18566 comm="syz.1.5152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf533e6be9 code=0x7ffc0000
[ 1614.275652][   T30] audit: type=1326 audit(1756889503.694:1156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18566 comm="syz.1.5152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf533e6be9 code=0x7ffc0000
[ 1614.320793][   T30] audit: type=1326 audit(1756889503.724:1157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18566 comm="syz.1.5152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=26 compat=0 ip=0x7faf533e6be9 code=0x7ffc0000
[ 1614.440247][   T30] audit: type=1326 audit(1756889503.724:1158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18566 comm="syz.1.5152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf533e6be9 code=0x7ffc0000
[ 1616.127870][T18614] loop3: detected capacity change from 0 to 256
[ 1616.136278][T18615] loop1: detected capacity change from 0 to 256
[ 1616.158778][T18614] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[ 1616.169060][T18614] exfat: Unknown parameter 'fsmagic'
[ 1616.175021][T18615] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[ 1616.185039][T18615] exfat: Unknown parameter 'fsmagic'
[ 1616.207285][T18618] loop0: detected capacity change from 0 to 256
[ 1616.214724][T18615] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5165'.
[ 1616.290888][T18618] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[ 1616.899136][T18618] exfat: Unknown parameter 'fsmagic'
[ 1617.111929][T18624] incfs: Can't find or create .index dir in ./file0
[ 1617.131009][T18624] incfs: mount failed -14
[ 1618.739878][T18650] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5179'.
[ 1622.396492][T18666] loop4: detected capacity change from 0 to 2048
[ 1622.403758][T18661] incfs: Can't find or create .index dir in ./file0
[ 1622.448289][T18661] incfs: mount failed -14
[ 1622.505685][T18672] loop1: detected capacity change from 0 to 512
[ 1623.745746][T18666] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1623.766785][T18666] ext4 filesystem being mounted at /373/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1623.807823][T18672] EXT4-fs error (device loop1): ext4_orphan_get:1401: inode #15: comm syz.1.5186: iget: bad extended attribute block 1
[ 1623.868051][T18672] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.5186: couldn't read orphan inode 15 (err -117)
[ 1623.908512][T18672] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[ 1625.341714][T18692] EXT4-fs (loop1): re-mounted. Opts: . Quota mode: none.
[ 1626.218338][T18711] incfs: Can't find or create .index dir in ./file0
[ 1626.235723][T18711] incfs: mount failed -14
[ 1626.363861][T18716] loop3: detected capacity change from 0 to 512
[ 1626.374129][T18716] EXT4-fs error (device loop3): ext4_orphan_get:1401: inode #15: comm syz.3.5198: iget: bad extended attribute block 1
[ 1626.452304][T18716] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.5198: couldn't read orphan inode 15 (err -117)
[ 1626.484542][T18716] EXT4-fs (loop3): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[ 1626.906088][T18731] loop1: detected capacity change from 0 to 256
[ 1626.919518][T18730] EXT4-fs (loop3): re-mounted. Opts: . Quota mode: none.
[ 1626.927181][T18731] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[ 1626.937181][T18731] exfat: Unknown parameter 'fsmagic'
[ 1627.354326][   T30] kauditd_printk_skb: 17 callbacks suppressed
[ 1627.354340][   T30] audit: type=1326 audit(1756889519.824:1176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18736 comm="syz.0.5205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94c095cbe9 code=0x7ffc0000
[ 1627.535299][T18740] loop1: detected capacity change from 0 to 1024
[ 1627.594685][T18741] syz.0.5205[18741] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1627.595057][T18741] syz.0.5205[18741] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1627.638421][T18741] loop0: detected capacity change from 0 to 256
[ 1627.791007][   T30] audit: type=1326 audit(1756889519.824:1177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18736 comm="syz.0.5205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94c095cbe9 code=0x7ffc0000
[ 1627.870912][T18741] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1627.881662][T18741] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[ 1627.904546][T18741] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1627.999580][T18740] EXT4-fs (loop1): Ignoring removed nobh option
[ 1628.053002][T18740] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1628.106416][T18743] loop3: detected capacity change from 0 to 512
[ 1628.597728][T18735] loop2: detected capacity change from 0 to 40427
[ 1628.604302][   T30] audit: type=1326 audit(1756889519.854:1178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18736 comm="syz.0.5205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7f94c095cbe9 code=0x7ffc0000
[ 1628.628069][   T30] audit: type=1326 audit(1756889519.854:1179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18736 comm="syz.0.5205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94c095cbe9 code=0x7ffc0000
[ 1628.679329][   T30] audit: type=1326 audit(1756889519.854:1180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18736 comm="syz.0.5205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94c095cbe9 code=0x7ffc0000
[ 1628.703711][   T30] audit: type=1326 audit(1756889519.874:1181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18736 comm="syz.0.5205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f94c095cbe9 code=0x7ffc0000
[ 1628.733329][T18735] F2FS-fs (loop2): Small segment_count (9 < 1 * 24)
[ 1628.770797][T18735] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 1628.797471][T18743] EXT4-fs error (device loop3): ext4_orphan_get:1401: inode #15: comm syz.3.5206: iget: bad extended attribute block 1
[ 1628.806953][T18740] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=continue,data_err=abort,init_itable,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b0,noblock_validity,grpquota,nobh,user_xattr,inode_readahead_blks=0x0000000000000004,dioread_nolock,,errors=continue. Quota mode: writeback.
[ 1628.839021][T18743] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.5206: couldn't read orphan inode 15 (err -117)
[ 1628.844964][   T30] audit: type=1326 audit(1756889519.874:1182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18736 comm="syz.0.5205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94c095cbe9 code=0x7ffc0000
[ 1628.875166][T18743] EXT4-fs (loop3): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[ 1628.901736][   T30] audit: type=1326 audit(1756889519.874:1183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18736 comm="syz.0.5205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94c095cbe9 code=0x7ffc0000
[ 1628.927523][T18735] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1628.954475][   T30] audit: type=1326 audit(1756889519.874:1184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18736 comm="syz.0.5205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=26 compat=0 ip=0x7f94c095cbe9 code=0x7ffc0000
[ 1629.021040][T18735] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[ 1629.028856][T18735] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1629.036378][   T30] audit: type=1326 audit(1756889519.874:1185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18736 comm="syz.0.5205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94c095cbe9 code=0x7ffc0000
[ 1629.147067][ T9938] attempt to access beyond end of device
[ 1629.147067][ T9938] loop2: rw=2049, want=45104, limit=40427
[ 1629.411826][T18765] EXT4-fs (loop3): re-mounted. Opts: . Quota mode: none.
[ 1630.151594][T18779] loop3: detected capacity change from 0 to 512
[ 1630.190698][T18779] EXT4-fs error (device loop3): ext4_orphan_get:1401: inode #15: comm syz.3.5216: iget: bad extended attribute block 1
[ 1630.380860][T18779] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.5216: couldn't read orphan inode 15 (err -117)
[ 1630.514546][T18779] EXT4-fs (loop3): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[ 1630.718660][T18792] EXT4-fs (loop3): re-mounted. Opts: . Quota mode: none.
[ 1630.769256][  T413] usb 2-1: new full-speed USB device number 46 using dummy_hcd
[ 1631.188315][  T413] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1631.198912][  T413] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1631.410119][T10345] usb 1-1: new full-speed USB device number 70 using dummy_hcd
[ 1631.421914][  T413] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[ 1631.433245][  T413] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1631.441874][  T413] usb 2-1: SerialNumber: syz
[ 1631.454349][T18809] loop4: detected capacity change from 0 to 512
[ 1631.478743][  T413] usb 2-1: 0:2 : does not exist
[ 1631.494811][T18809] EXT4-fs error (device loop4): ext4_orphan_get:1401: inode #15: comm syz.4.5227: iget: bad extended attribute block 1
[ 1631.524879][T18809] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.5227: couldn't read orphan inode 15 (err -117)
[ 1631.537167][T18809] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[ 1631.618006][T18811] loop2: detected capacity change from 0 to 40427
[ 1631.634430][T18811] F2FS-fs (loop2): Small segment_count (9 < 1 * 24)
[ 1631.649422][T18811] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 1631.659881][T18811] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1631.687242][T18811] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[ 1631.694310][T18811] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1631.761602][T18816] EXT4-fs (loop4): re-mounted. Opts: . Quota mode: none.
[ 1631.818399][T10345] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1631.845190][T10345] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1631.984481][ T9938] attempt to access beyond end of device
[ 1631.984481][ T9938] loop2: rw=2049, want=45104, limit=40427
[ 1632.098297][T10345] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[ 1632.107376][T10345] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1632.133050][T10345] usb 1-1: SerialNumber: syz
[ 1632.398820][T10345] usb 1-1: 0:2 : does not exist
[ 1632.842620][T10345] usb 1-1: USB disconnect, device number 70
[ 1633.079592][T18679] udevd[18679]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card1/controlC1/../uevent} for writing: No such file or directory
[ 1633.236864][T10345] usb 2-1: USB disconnect, device number 46
[ 1633.360853][T18839] loop2: detected capacity change from 0 to 512
[ 1633.713000][T18839] EXT4-fs error (device loop2): ext4_orphan_get:1401: inode #15: comm syz.2.5235: iget: bad extended attribute block 1
[ 1633.738681][T18839] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.5235: couldn't read orphan inode 15 (err -117)
[ 1633.757059][T18839] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[ 1633.839496][T18853] loop4: detected capacity change from 0 to 512
[ 1633.909392][T18853] EXT4-fs error (device loop4): ext4_orphan_get:1401: inode #15: comm syz.4.5241: iget: bad extended attribute block 1
[ 1633.925996][T18853] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.5241: couldn't read orphan inode 15 (err -117)
[ 1633.938054][T18853] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[ 1635.051261][T18858] EXT4-fs (loop2): re-mounted. Opts: . Quota mode: none.
[ 1635.058930][T18860] EXT4-fs (loop4): re-mounted. Opts: . Quota mode: none.
[ 1636.403744][T18872] loop1: detected capacity change from 0 to 256
[ 1636.410255][T18876] futex_wake_op: syz.3.5247 tries to shift op by -1; fix this program
[ 1636.453256][T18872] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[ 1636.487483][T18872] exfat: Unknown parameter 'fsmagic'
[ 1636.515462][T18885] loop4: detected capacity change from 0 to 256
[ 1636.821601][T18885] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[ 1636.831707][T18885] exfat: Unknown parameter 'fsmagic'
[ 1636.854732][T18872] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5244'.
[ 1638.428265][T18910] loop2: detected capacity change from 0 to 512
[ 1638.581529][T18910] EXT4-fs error (device loop2): ext4_orphan_get:1401: inode #15: comm syz.2.5256: iget: bad extended attribute block 1
[ 1638.605627][T18910] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.5256: couldn't read orphan inode 15 (err -117)
[ 1638.622240][T18917] xt_bpf: check failed: parse error
[ 1638.739139][T18910] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[ 1638.974047][T18922] loop0: detected capacity change from 0 to 2048
[ 1639.009624][T18922] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1639.020765][T18922] ext4 filesystem being mounted at /382/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1639.084676][T18925] EXT4-fs (loop2): re-mounted. Opts: . Quota mode: none.
[ 1639.298088][T18927] loop3: detected capacity change from 0 to 512
[ 1639.436400][T18927] EXT4-fs error (device loop3): ext4_orphan_get:1401: inode #15: comm syz.3.5259: iget: bad extended attribute block 1
[ 1639.449860][T18927] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.5259: couldn't read orphan inode 15 (err -117)
[ 1639.475634][T18927] EXT4-fs (loop3): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[ 1639.503141][T18932] incfs: Can't find or create .index dir in ./file0
[ 1639.529364][T18932] incfs: mount failed -14
[ 1639.570690][T18937] loop4: detected capacity change from 0 to 256
[ 1639.589316][T18937] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[ 1639.638595][T18937] exfat: Unknown parameter 'fsmagic'
[ 1639.930205][T18941] EXT4-fs (loop3): re-mounted. Opts: . Quota mode: none.
[ 1639.938646][T18937] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5261'.
[ 1640.553914][T18954] loop0: detected capacity change from 0 to 512
[ 1640.575713][T18954] EXT4-fs error (device loop0): ext4_orphan_get:1401: inode #15: comm syz.0.5265: iget: bad extended attribute block 1
[ 1640.588521][T18954] EXT4-fs error (device loop0): ext4_orphan_get:1406: comm syz.0.5265: couldn't read orphan inode 15 (err -117)
[ 1640.601091][T18954] EXT4-fs (loop0): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[ 1641.725720][  T413] usb 3-1: new full-speed USB device number 66 using dummy_hcd
[ 1641.733723][T18960] EXT4-fs (loop0): re-mounted. Opts: . Quota mode: none.
[ 1642.067939][T18971] loop0: detected capacity change from 0 to 512
[ 1642.085035][T18973] loop4: detected capacity change from 0 to 1024
[ 1642.129370][T18973] EXT4-fs (loop4): Ignoring removed nobh option
[ 1642.147807][T18973] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1642.184111][T18971] EXT4-fs error (device loop0): ext4_orphan_get:1401: inode #15: comm syz.0.5271: iget: bad extended attribute block 1
[ 1642.187451][T18973] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=continue,data_err=abort,init_itable,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b0,noblock_validity,grpquota,nobh,user_xattr,inode_readahead_blks=0x0000000000000004,dioread_nolock,,errors=continue. Quota mode: writeback.
[ 1642.227159][T18971] EXT4-fs error (device loop0): ext4_orphan_get:1406: comm syz.0.5271: couldn't read orphan inode 15 (err -117)
[ 1642.243175][T18971] EXT4-fs (loop0): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[ 1642.278419][  T413] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1642.348467][  T413] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1642.448413][  T413] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[ 1642.490136][  T413] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1642.520944][T18979] EXT4-fs (loop0): re-mounted. Opts: . Quota mode: none.
[ 1642.590559][  T413] usb 3-1: SerialNumber: syz
[ 1642.707399][T18981] loop4: detected capacity change from 0 to 2048
[ 1642.741279][  T413] usb 3-1: 0:2 : does not exist
[ 1642.763686][T18981] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1642.778731][T18981] ext4 filesystem being mounted at /394/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1643.008219][  T337] usb 4-1: new high-speed USB device number 57 using dummy_hcd
[ 1643.249109][  T413] usb 3-1: USB disconnect, device number 66
[ 1643.438235][  T337] usb 4-1: Using ep0 maxpacket: 32
[ 1643.558296][  T337] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1643.598218][  T337] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1643.607996][  T337] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00
[ 1643.638224][  T337] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1643.651611][  T337] usb 4-1: config 0 descriptor??
[ 1643.791931][T19003] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5280'.
[ 1643.845361][T19005] futex_wake_op: syz.4.5282 tries to shift op by -1; fix this program
[ 1643.964979][T19012] incfs: Backing dir is not set, filesystem can't be mounted.
[ 1643.978294][T19012] incfs: mount failed -2
[ 1644.060950][T19015] futex_wake_op: syz.4.5285 tries to shift op by -1; fix this program
[ 1644.188222][  T337] usbhid 4-1:0.0: can't add hid device: -71
[ 1644.194357][  T337] usbhid: probe of 4-1:0.0 failed with error -71
[ 1644.241393][  T337] usb 4-1: USB disconnect, device number 57
[ 1644.594459][T19023] loop2: detected capacity change from 0 to 512
[ 1644.645758][T19023] EXT4-fs error (device loop2): ext4_orphan_get:1401: inode #15: comm syz.2.5288: iget: bad extended attribute block 1
[ 1644.708490][T19023] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.5288: couldn't read orphan inode 15 (err -117)
[ 1644.738356][T19023] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[ 1645.262541][T19033] EXT4-fs (loop2): re-mounted. Opts: . Quota mode: none.
[ 1645.969991][  T413] usb 3-1: new full-speed USB device number 67 using dummy_hcd
[ 1646.253957][T19042] loop0: detected capacity change from 0 to 40427
[ 1646.265114][T19042] F2FS-fs (loop0): Small segment_count (9 < 1 * 24)
[ 1646.272515][T19042] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[ 1646.308132][T19042] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 1646.364790][T19042] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[ 1646.372083][T19042] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 1646.403699][T12117] attempt to access beyond end of device
[ 1646.403699][T12117] loop0: rw=2049, want=45104, limit=40427
[ 1646.497711][  T413] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1646.511760][  T413] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1647.508285][  T413] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[ 1647.517425][  T413] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1647.525627][  T413] usb 3-1: SerialNumber: syz
[ 1648.052060][  T413] usb 3-1: 0:2 : does not exist
[ 1648.400621][T19082] loop0: detected capacity change from 0 to 256
[ 1648.443536][T19082] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[ 1648.458270][T19082] exfat: Unknown parameter 'fsmagic'
[ 1648.523932][  T413] usb 3-1: USB disconnect, device number 67
[ 1648.818792][T19084] futex_wake_op: syz.1.5306 tries to shift op by -1; fix this program
[ 1649.176449][T19093] loop4: detected capacity change from 0 to 256
[ 1649.245984][T19093] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xb5f96684, utbl_chksum : 0xe619d30d)
[ 1649.278958][T19091] loop2: detected capacity change from 0 to 40427
[ 1649.358571][T19091] F2FS-fs (loop2): Small segment_count (9 < 1 * 24)
[ 1649.369519][T19091] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 1649.499037][T19100] xt_TCPMSS: Only works on TCP SYN packets
[ 1649.609032][T19091] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1649.943880][T19091] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[ 1650.101924][T19091] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1650.242006][ T9938] attempt to access beyond end of device
[ 1650.242006][ T9938] loop2: rw=2049, want=45104, limit=40427
[ 1650.710748][T19117] loop3: detected capacity change from 0 to 512
[ 1650.748152][T19117] EXT4-fs error (device loop3): ext4_orphan_get:1401: inode #15: comm syz.3.5315: iget: bad extended attribute block 1
[ 1650.760899][T19117] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.5315: couldn't read orphan inode 15 (err -117)
[ 1650.772988][T19117] EXT4-fs (loop3): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[ 1651.209827][T19122] EXT4-fs (loop3): re-mounted. Opts: . Quota mode: none.
[ 1651.420329][T19124] futex_wake_op: syz.1.5318 tries to shift op by -1; fix this program
[ 1652.579507][  T436] usb 2-1: new full-speed USB device number 47 using dummy_hcd
[ 1653.712612][  T436] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1653.733601][T19149] futex_wake_op: syz.4.5326 tries to shift op by -1; fix this program
[ 1653.753933][  T436] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1653.760689][T19151] loop0: detected capacity change from 0 to 2048
[ 1653.884418][T19151] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1653.898300][T19151] ext4 filesystem being mounted at /392/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1653.918921][  T436] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[ 1653.934281][  T436] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1653.942757][  T436] usb 2-1: SerialNumber: syz
[ 1654.017032][  T436] usb 2-1: 0:2 : does not exist
[ 1654.514154][  T436] usb 2-1: USB disconnect, device number 47
[ 1654.598104][T19170] loop2: detected capacity change from 0 to 256
[ 1654.606586][T19172] loop0: detected capacity change from 0 to 2048
[ 1654.630469][T19170] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[ 1654.648277][T19170] exfat: Unknown parameter 'fsmagic'
[ 1654.691138][T19172] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1654.701831][T19172] ext4 filesystem being mounted at /393/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1654.818927][T18679] udevd[18679]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 1654.930230][   T30] kauditd_printk_skb: 18 callbacks suppressed
[ 1654.930245][   T30] audit: type=1326 audit(1756889547.404:1204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19185 comm="syz.4.5338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5995700be9 code=0x7ffc0000
[ 1654.931942][T19188] futex_wake_op: syz.0.5337 tries to shift op by -1; fix this program
[ 1654.936466][   T30] audit: type=1326 audit(1756889547.404:1205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19185 comm="syz.4.5338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5995700be9 code=0x7ffc0000
[ 1655.045731][   T30] audit: type=1326 audit(1756889547.404:1206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19185 comm="syz.4.5338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7f5995700be9 code=0x7ffc0000
[ 1655.084415][   T30] audit: type=1326 audit(1756889547.404:1207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19185 comm="syz.4.5338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5995700be9 code=0x7ffc0000
[ 1655.177112][T19195] syz.4.5338[19195] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1655.177184][T19195] syz.4.5338[19195] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1655.213297][T19195] loop4: detected capacity change from 0 to 256
[ 1655.236011][   T30] audit: type=1326 audit(1756889547.404:1208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19185 comm="syz.4.5338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5995700be9 code=0x7ffc0000
[ 1655.552484][T19195] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1655.563186][T19195] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[ 1655.582852][T19195] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1655.872476][   T30] audit: type=1326 audit(1756889547.404:1209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19185 comm="syz.4.5338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f5995700be9 code=0x7ffc0000
[ 1656.024117][   T30] audit: type=1326 audit(1756889547.404:1210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19185 comm="syz.4.5338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5995700be9 code=0x7ffc0000
[ 1656.168203][   T30] audit: type=1326 audit(1756889547.404:1211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19185 comm="syz.4.5338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5995700be9 code=0x7ffc0000
[ 1656.350940][   T30] audit: type=1326 audit(1756889547.404:1212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19185 comm="syz.4.5338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=26 compat=0 ip=0x7f5995700be9 code=0x7ffc0000
[ 1656.383439][T19210] loop1: detected capacity change from 0 to 256
[ 1656.696603][   T30] audit: type=1326 audit(1756889547.404:1213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19185 comm="syz.4.5338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5995700be9 code=0x7ffc0000
[ 1656.729058][T19210] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[ 1656.778245][T19210] exfat: Unknown parameter 'fsmagic'
[ 1656.789903][T19210] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5352'.
[ 1658.072800][T19224] loop4: detected capacity change from 0 to 256
[ 1658.169926][T19224] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[ 1658.211215][T19224] exfat: Unknown parameter 'fsmagic'
[ 1658.589794][T19224] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5346'.
[ 1658.869676][T19233] loop2: detected capacity change from 0 to 40427
[ 1658.896129][T19233] F2FS-fs (loop2): Small segment_count (9 < 1 * 24)
[ 1658.913350][T19233] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 1659.075428][T19233] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1659.325597][T19233] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[ 1659.381991][T19233] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1659.452112][ T9938] attempt to access beyond end of device
[ 1659.452112][ T9938] loop2: rw=2049, want=45104, limit=40427
[ 1659.568187][  T508] usb 4-1: new full-speed USB device number 58 using dummy_hcd
[ 1659.614521][T19245] loop1: detected capacity change from 0 to 512
[ 1659.664325][T19245] EXT4-fs warning (device loop1): ext4_enable_quotas:6450: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1659.679964][T19245] EXT4-fs (loop1): mount failed
[ 1660.288242][  T508] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1660.305632][  T508] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1661.545674][T19264] loop2: detected capacity change from 0 to 512
[ 1661.881577][T19264] EXT4-fs (loop2): Ignoring removed orlov option
[ 1661.928606][  T508] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[ 1661.938774][  T508] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1662.075310][T19264] EXT4-fs (loop2): 1 orphan inode deleted
[ 1662.081227][T19264] EXT4-fs (loop2): mounted filesystem without journal. Opts: nolazytime,orlov,acl,norecovery,nojournal_checksum,quota,,errors=continue. Quota mode: writeback.
[ 1662.097651][T19264] ext4 filesystem being mounted at /512/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1662.627560][  T508] usb 4-1: SerialNumber: syz
[ 1662.828315][  T508] usb 4-1: can't set config #1, error -71
[ 1662.839340][  T508] usb 4-1: USB disconnect, device number 58
[ 1663.405922][T19283] loop2: detected capacity change from 0 to 256
[ 1663.496283][T19283] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[ 1663.538222][T19283] exfat: Unknown parameter 'fsmagic'
[ 1663.947158][T19296] loop0: detected capacity change from 0 to 256
[ 1664.028554][T19296] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[ 1664.038727][T19296] exfat: Unknown parameter 'fsmagic'
[ 1664.117662][T19296] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5366'.
[ 1664.801199][ T1055] usb 2-1: new full-speed USB device number 48 using dummy_hcd
[ 1665.678341][ T1055] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1665.697151][ T1055] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1666.118273][ T1055] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[ 1666.133630][ T1055] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1666.149989][ T1055] usb 2-1: SerialNumber: syz
[ 1666.218753][ T1055] usb 2-1: 0:2 : does not exist
[ 1666.228351][T10345] usb 3-1: new full-speed USB device number 68 using dummy_hcd
[ 1666.618275][T10345] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1666.628612][T10345] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1666.715315][ T1055] usb 2-1: USB disconnect, device number 48
[ 1666.738244][T10345] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[ 1666.747434][T10345] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1666.755471][T10345] usb 3-1: SerialNumber: syz
[ 1666.798374][T16901] usb 5-1: new full-speed USB device number 54 using dummy_hcd
[ 1666.848464][T10345] usb 3-1: 0:2 : does not exist
[ 1667.178337][T16901] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1667.188555][T16901] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1667.222568][T19337] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1667.229661][T19336] tipc: Resetting bearer <eth:syzkaller0>
[ 1667.242664][T19336] tipc: Disabling bearer <eth:syzkaller0>
[ 1667.268244][T16901] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[ 1667.277311][T16901] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1667.294056][T10345] usb 3-1: USB disconnect, device number 68
[ 1667.314434][T19339] loop1: detected capacity change from 0 to 512
[ 1667.321875][T16901] usb 5-1: SerialNumber: syz
[ 1667.353183][T19339] EXT4-fs error (device loop1): ext4_orphan_get:1401: inode #15: comm syz.1.5382: iget: bad extended attribute block 1
[ 1667.368925][T16901] usb 5-1: 0:2 : does not exist
[ 1667.385432][T19339] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.5382: couldn't read orphan inode 15 (err -117)
[ 1667.397589][T19339] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[ 1667.608087][T19348] EXT4-fs (loop1): re-mounted. Opts: . Quota mode: none.
[ 1667.718136][   T30] kauditd_printk_skb: 20 callbacks suppressed
[ 1667.731531][   T30] audit: type=1326 audit(1756889560.184:1234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19349 comm="syz.0.5385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94c095cbe9 code=0x7ffc0000
[ 1667.800734][T19353] loop2: detected capacity change from 0 to 512
[ 1667.830373][T16901] usb 5-1: USB disconnect, device number 54
[ 1667.836490][   T30] audit: type=1326 audit(1756889560.184:1235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19349 comm="syz.0.5385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94c095cbe9 code=0x7ffc0000
[ 1667.920817][T19354] syz.0.5385[19354] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1667.921152][T19354] syz.0.5385[19354] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1667.955822][T19354] loop0: detected capacity change from 0 to 256
[ 1668.000293][T19354] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1668.010991][T19354] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[ 1668.034359][T19354] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1668.227107][T19353] EXT4-fs error (device loop2): ext4_orphan_get:1401: inode #15: comm syz.2.5386: iget: bad extended attribute block 1
[ 1668.402278][T19353] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.5386: couldn't read orphan inode 15 (err -117)
[ 1668.431096][T18679] udevd[18679]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 1668.452961][   T30] audit: type=1326 audit(1756889560.194:1236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19349 comm="syz.0.5385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7f94c095cbe9 code=0x7ffc0000
[ 1668.986734][T19353] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[ 1669.046306][   T30] audit: type=1326 audit(1756889560.194:1237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19349 comm="syz.0.5385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94c095cbe9 code=0x7ffc0000
[ 1669.188279][   T30] audit: type=1326 audit(1756889560.194:1238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19349 comm="syz.0.5385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94c095cbe9 code=0x7ffc0000
[ 1669.471486][T19360] EXT4-fs (loop2): re-mounted. Opts: . Quota mode: none.
[ 1669.503818][T19361] loop0: detected capacity change from 0 to 256
[ 1669.548751][T19361] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[ 1669.558931][T19361] exfat: Unknown parameter 'fsmagic'
[ 1669.565459][   T30] audit: type=1326 audit(1756889560.194:1239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19349 comm="syz.0.5385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f94c095cbe9 code=0x7ffc0000
[ 1670.065097][   T30] audit: type=1326 audit(1756889560.194:1240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19349 comm="syz.0.5385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94c095cbe9 code=0x7ffc0000
[ 1670.220656][   T30] audit: type=1326 audit(1756889560.194:1241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19349 comm="syz.0.5385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94c095cbe9 code=0x7ffc0000
[ 1670.314467][   T30] audit: type=1326 audit(1756889560.194:1242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19349 comm="syz.0.5385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=26 compat=0 ip=0x7f94c095cbe9 code=0x7ffc0000
[ 1670.346977][T19372] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1670.362483][T19371] tipc: Resetting bearer <eth:syzkaller0>
[ 1670.382015][   T30] audit: type=1326 audit(1756889560.194:1243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19349 comm="syz.0.5385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94c095cbe9 code=0x7ffc0000
[ 1670.414342][T19371] tipc: Disabling bearer <eth:syzkaller0>
[ 1670.588214][  T337] usb 3-1: new full-speed USB device number 69 using dummy_hcd
[ 1671.018191][ T1055] usb 5-1: new high-speed USB device number 55 using dummy_hcd
[ 1671.108246][  T337] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1671.118471][  T337] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1671.198235][  T337] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[ 1671.209477][  T337] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1671.228239][  T337] usb 3-1: SerialNumber: syz
[ 1671.258197][ T1055] usb 5-1: Using ep0 maxpacket: 16
[ 1671.269055][  T337] usb 3-1: 0:2 : does not exist
[ 1671.416063][T19399] loop0: detected capacity change from 0 to 512
[ 1672.480171][T19401] loop1: detected capacity change from 0 to 256
[ 1672.487731][ T1055] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1672.499078][T19401] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[ 1672.509105][T19401] exfat: Unknown parameter 'fsmagic'
[ 1672.531450][ T1055] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1672.544906][T19399] EXT4-fs (loop0): Ignoring removed orlov option
[ 1672.567857][T19399] EXT4-fs (loop0): 1 orphan inode deleted
[ 1672.573852][T19399] EXT4-fs (loop0): mounted filesystem without journal. Opts: nolazytime,orlov,acl,norecovery,nojournal_checksum,quota,,errors=continue. Quota mode: writeback.
[ 1672.590018][T19399] ext4 filesystem being mounted at /413/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1672.601060][ T1055] usb 5-1: New USB device found, idVendor=05ac, idProduct=024b, bcdDevice= 0.00
[ 1672.612803][ T1055] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1672.627353][ T1055] usb 5-1: config 0 descriptor??
[ 1672.685550][T19408] loop3: detected capacity change from 0 to 512
[ 1672.744945][T19408] EXT4-fs error (device loop3): ext4_orphan_get:1401: inode #15: comm syz.3.5402: iget: bad extended attribute block 1
[ 1672.759027][T19408] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.5402: couldn't read orphan inode 15 (err -117)
[ 1672.860922][T19408] EXT4-fs (loop3): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[ 1672.880570][ T1055] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[ 1672.891499][  T337] usb 3-1: USB disconnect, device number 69
[ 1674.551917][T19419] loop1: detected capacity change from 0 to 256
[ 1674.586994][T19417] EXT4-fs (loop3): re-mounted. Opts: . Quota mode: none.
[ 1674.595291][T10345] usb 5-1: USB disconnect, device number 55
[ 1674.601540][T19419] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22
[ 1674.611754][T19419] exfat: Unknown parameter 'fsmagic'
[ 1674.672838][T19419] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5404'.
[ 1674.724970][T19424] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1674.735971][T19423] tipc: Resetting bearer <eth:syzkaller0>
[ 1674.755872][T19423] tipc: Disabling bearer <eth:syzkaller0>
[ 1674.758526][T18679] udevd[18679]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 1675.084019][T19436] loop2: detected capacity change from 0 to 512
[ 1675.154436][T19436] EXT4-fs error (device loop2): ext4_orphan_get:1401: inode #15: comm syz.2.5410: iget: bad extended attribute block 1
[ 1675.184882][T19436] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.5410: couldn't read orphan inode 15 (err -117)
[ 1675.197946][T19436] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[ 1675.557561][T19452] EXT4-fs (loop2): re-mounted. Opts: . Quota mode: none.
[ 1675.562143][T19455] futex_wake_op: syz.0.5416 tries to shift op by -1; fix this program
[ 1676.793862][T19468] loop1: detected capacity change from 0 to 512
[ 1676.805518][T19470] loop0: detected capacity change from 0 to 1024
[ 1676.850357][T19466] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1676.915196][T19470] EXT4-fs (loop0): Ignoring removed nobh option
[ 1676.923995][T19468] EXT4-fs error (device loop1): ext4_orphan_get:1401: inode #15: comm syz.1.5418: iget: bad extended attribute block 1
[ 1676.939763][T19470] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1676.952711][T19468] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.5418: couldn't read orphan inode 15 (err -117)
[ 1676.964913][T19468] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[ 1677.117993][T19470] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=continue,data_err=abort,init_itable,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b0,noblock_validity,grpquota,nobh,user_xattr,inode_readahead_blks=0x0000000000000004,dioread_nolock,,errors=continue. Quota mode: writeback.
[ 1677.333230][T19488] EXT4-fs (loop1): re-mounted. Opts: . Quota mode: none.
[ 1677.470665][T19496] loop3: detected capacity change from 0 to 512
[ 1677.869226][T19496] EXT4-fs error (device loop3): ext4_orphan_get:1401: inode #15: comm syz.3.5429: iget: bad extended attribute block 1
[ 1677.881970][T19496] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.5429: couldn't read orphan inode 15 (err -117)
[ 1677.924468][T19496] EXT4-fs (loop3): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[ 1678.207478][T19513] EXT4-fs (loop3): re-mounted. Opts: . Quota mode: none.
[ 1679.521081][T19532] loop2: detected capacity change from 0 to 1024
[ 1679.568220][T19532] EXT4-fs (loop2): Ignoring removed nobh option
[ 1679.580944][T19532] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1679.651211][T19532] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=continue,data_err=abort,init_itable,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b0,noblock_validity,grpquota,nobh,user_xattr,inode_readahead_blks=0x0000000000000004,dioread_nolock,,errors=continue. Quota mode: writeback.
[ 1684.901018][T19566] futex_wake_op: syz.0.5448 tries to shift op by -1; fix this program
[ 1685.401222][  T371] usb 4-1: new full-speed USB device number 59 using dummy_hcd
[ 1685.828295][  T371] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1685.918181][  T371] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1687.028573][  T371] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[ 1687.050270][  T371] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1687.278783][  T371] usb 4-1: SerialNumber: syz
[ 1687.285326][T19591] loop0: detected capacity change from 0 to 1024
[ 1687.318883][  T371] usb 4-1: 0:2 : does not exist
[ 1687.332150][T19591] EXT4-fs (loop0): Ignoring removed nobh option
[ 1687.381221][T19591] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1687.410012][T19591] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=continue,data_err=abort,init_itable,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b0,noblock_validity,grpquota,nobh,user_xattr,inode_readahead_blks=0x0000000000000004,dioread_nolock,,errors=continue. Quota mode: writeback.
[ 1687.411683][T19597] loop1: detected capacity change from 0 to 512
[ 1687.460389][T19601] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5458'.
[ 1687.570016][T19597] EXT4-fs warning (device loop1): ext4_enable_quotas:6450: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1687.587322][T19597] EXT4-fs (loop1): mount failed
[ 1687.789974][  T371] usb 4-1: USB disconnect, device number 59
[ 1688.108520][T18679] udevd[18679]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 1689.313407][T19628] loop0: detected capacity change from 0 to 256
[ 1689.399283][T19632] loop3: detected capacity change from 0 to 2048
[ 1689.413655][T19628] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb5f96684, utbl_chksum : 0xe619d30d)
[ 1689.427084][T19636] futex_wake_op: syz.1.5470 tries to shift op by -1; fix this program
[ 1689.545849][T19632] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1689.570482][T19632] ext4 filesystem being mounted at /563/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1689.672081][T19644] xt_TCPMSS: Only works on TCP SYN packets
[ 1692.724047][T19672] xt_bpf: check failed: parse error
[ 1693.036303][T19685] loop1: detected capacity change from 0 to 256
[ 1693.210976][T19692] loop1: detected capacity change from 0 to 4096
[ 1693.249287][T19692] EXT4-fs (loop1): Ignoring removed mblk_io_submit option
[ 1693.272846][T19692] EXT4-fs (loop1): Test dummy encryption mode enabled
[ 1693.329096][T19692] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpid,mblk_io_submit,nodioread_nolock,test_dummy_encryption,inode_readahead_blks=0x0000000000000000,nodelalloc,minixdf,debug_want_extra_isize=0x0000000000000040,,errors=continue. Quota mode: writeback.
[ 1693.358944][T19692] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[ 1694.018229][   T30] kauditd_printk_skb: 17 callbacks suppressed
[ 1694.018245][   T30] audit: type=1400 audit(1756889586.484:1261): avc:  denied  { execute } for  pid=19699 comm="syz.0.5492" path="/436/bus" dev="tmpfs" ino=2411 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[ 1694.113941][T19702] loop0: detected capacity change from 0 to 256
[ 1694.188641][   T30] audit: type=1400 audit(1756889586.654:1262): avc:  denied  { bind } for  pid=19704 comm="syz.3.5490" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1694.248424][T19702] exfat: Unknown parameter 'keep_last_dots'
[ 1694.329233][   T30] audit: type=1400 audit(1756889586.654:1263): avc:  denied  { listen } for  pid=19704 comm="syz.3.5490" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1694.367139][   T30] audit: type=1400 audit(1756889586.654:1264): avc:  denied  { accept } for  pid=19704 comm="syz.3.5490" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1694.391661][T19714] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5494'.
[ 1695.217020][T19721] IPv6: ADDRCONF(NETDEV_CHANGE): wg2: link becomes ready
[ 1695.225715][T19721] device bridge_slave_0 left promiscuous mode
[ 1695.232683][T19721] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1695.242441][T19721] device bridge_slave_1 left promiscuous mode
[ 1695.248224][   T30] audit: type=1400 audit(1756889587.714:1265): avc:  denied  { name_bind } for  pid=19722 comm="syz.4.5500" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[ 1695.251974][T19721] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1695.416022][T19727] device vlan0 entered promiscuous mode
[ 1695.428417][  T371] usb 1-1: new high-speed USB device number 71 using dummy_hcd
[ 1695.593507][   T30] audit: type=1326 audit(1756889588.064:1266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19724 comm="syz.1.5497" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7faf533e6be9 code=0x0
[ 1695.641740][T19736] loop4: detected capacity change from 0 to 2048
[ 1695.698199][  T371] usb 1-1: Using ep0 maxpacket: 32
[ 1695.704816][T19736] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1695.715495][T19736] ext4 filesystem being mounted at /448/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1695.832702][  T371] usb 1-1: config index 0 descriptor too short (expected 35577, got 27)
[ 1695.844677][  T371] usb 1-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[ 1695.853398][  T371] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 92
[ 1695.862636][  T371] usb 1-1: config 1 has no interface number 0
[ 1695.869020][  T371] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1695.880139][  T371] usb 1-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[ 1695.893033][  T371] usb 1-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[ 1695.902103][  T371] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1695.928208][T10345] usb 3-1: new high-speed USB device number 70 using dummy_hcd
[ 1695.970613][   T30] audit: type=1400 audit(1756889588.434:1267): avc:  denied  { read } for  pid=19744 comm="syz.4.5506" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1696.247409][   T30] audit: type=1400 audit(1756889588.714:1268): avc:  denied  { unmount } for  pid=10943 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[ 1696.288208][T10345] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1696.303239][T10345] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1696.316534][T10345] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1696.338195][T10345] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1696.438435][T10345] usb 3-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1696.458266][T10345] usb 3-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1696.471248][T10345] usb 3-1: Manufacturer: syz
[ 1696.598748][T10345] usb 3-1: config 0 descriptor??
[ 1697.258669][T19765] loop1: detected capacity change from 0 to 512
[ 1697.270813][T19767] loop3: detected capacity change from 0 to 512
[ 1697.295282][T19765] EXT4-fs (loop1): dax option not supported
[ 1697.349658][T19767] EXT4-fs (loop3): Ignoring removed nobh option
[ 1697.361334][T19767] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1697.375219][T19767] EXT4-fs error (device loop3): ext4_orphan_get:1401: inode #15: comm syz.3.5514: iget: bad i_size value: 38620345925642
[ 1697.388567][T19767] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.5514: couldn't read orphan inode 15 (err -117)
[ 1697.401281][T19767] EXT4-fs (loop3): mounted filesystem without journal. Opts: nobh,auto_da_alloc,grpid,nojournal_checksum,dioread_nolock,bsdgroups,,errors=continue. Quota mode: writeback.
[ 1697.433820][T19767] EXT4-fs error (device loop3): ext4_validate_block_bitmap:429: comm syz.3.5514: bg 0: block 5: invalid block bitmap
[ 1697.478214][   T30] audit: type=1400 audit(1756889589.904:1269): avc:  denied  { map } for  pid=19766 comm="syz.3.5514" path="/571/file1/cpuacct.usage_percpu_user" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[ 1697.555622][T19771] loop4: detected capacity change from 0 to 128
[ 1697.578989][T10345] appleir 0003:05AC:8243.0025: unknown main item tag 0x0
[ 1697.588347][T10345] appleir 0003:05AC:8243.0025: No inputs registered, leaving
[ 1697.597327][T10345] appleir 0003:05AC:8243.0025: hiddev96,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0
[ 1697.678767][T19771] EXT4-fs (loop4): mounted filesystem without journal. Opts: quota,,errors=continue. Quota mode: writeback.
[ 1697.699042][T19771] ext4 filesystem being mounted at /451/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1697.775563][T19780] device batadv_slave_1 entered promiscuous mode
[ 1697.782335][T19779] device batadv_slave_1 left promiscuous mode
[ 1697.814551][T19781] tap0: tun_chr_ioctl cmd 1074025675
[ 1697.819971][T19781] tap0: persist enabled
[ 1697.858195][   T30] audit: type=1400 audit(1756889590.294:1270): avc:  denied  { bind } for  pid=19764 comm="syz.1.5513" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 1697.968208][ T1055] usb 4-1: new high-speed USB device number 60 using dummy_hcd
[ 1697.993879][T19791] syz.4.5523 uses obsolete (PF_INET,SOCK_PACKET)
[ 1698.155763][T10345] usb 1-1: USB disconnect, device number 71
[ 1698.218186][ T1055] usb 4-1: Using ep0 maxpacket: 32
[ 1698.272796][  T371] usb 5-1: new high-speed USB device number 56 using dummy_hcd
[ 1698.383868][T19801] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1698.392713][T19801] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[ 1698.404284][T19801] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1698.500799][ T1055] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1698.508544][ T1055] usb 4-1: no configurations
[ 1698.509965][T10345] usb 3-1: USB disconnect, device number 70
[ 1698.513170][ T1055] usb 4-1: can't read configurations, error -22
[ 1698.806109][T19805] loop3: detected capacity change from 0 to 16
[ 1698.816504][T19805] erofs: (device loop3): mounted with root inode @ nid 36.
[ 1698.829011][T19805] erofs: (device loop3): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[ 1698.839660][T19805] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -44 in[46, 4050] out[1851]
[ 1698.860092][T19805] erofs: (device loop3): z_erofs_readpage: failed to read, err [-117]
[ 1698.868494][  T371] usb 5-1: New USB device found, idVendor=2c42, idProduct=1602, bcdDevice=da.64
[ 1698.881718][  T371] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1698.898211][  T371] usb 5-1: Product: syz
[ 1698.904357][  T371] usb 5-1: Manufacturer: syz
[ 1698.909268][  T371] usb 5-1: SerialNumber: syz
[ 1698.915227][  T371] usb 5-1: config 0 descriptor??
[ 1698.968717][  T371] hub 5-1:0.0: bad descriptor, ignoring hub
[ 1698.975750][  T371] hub: probe of 5-1:0.0 failed with error -5
[ 1699.110529][   T30] kauditd_printk_skb: 2 callbacks suppressed
[ 1699.110544][   T30] audit: type=1400 audit(1756889591.584:1273): avc:  denied  { read } for  pid=19819 comm="syz.0.5535" name="msr" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[ 1699.158253][   T30] audit: type=1400 audit(1756889591.584:1274): avc:  denied  { open } for  pid=19819 comm="syz.0.5535" path="/dev/cpu/0/msr" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[ 1699.298291][  T337] usb 5-1: USB disconnect, device number 56
[ 1699.358201][T17997] usb 3-1: new high-speed USB device number 71 using dummy_hcd
[ 1699.573684][T19812] loop3: detected capacity change from 0 to 131072
[ 1699.621218][T19812] F2FS-fs (loop3): QUOTA feature is enabled, so ignore jquota_fmt
[ 1699.644633][T19812] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1699.673528][T19812] F2FS-fs (loop3): sanity_check_inode: corrupted inode ino=3, run fsck to fix.
[ 1699.682974][T19812] F2FS-fs (loop3): Failed to read root inode
[ 1699.738261][T17997] usb 3-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[ 1699.748658][T17997] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[ 1699.761747][T17997] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1699.770827][T17997] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1699.780142][T17997] usb 3-1: config 0 descriptor??
[ 1699.818875][T17997] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[ 1699.968264][  T371] usb 5-1: new high-speed USB device number 57 using dummy_hcd
[ 1700.208261][  T371] usb 5-1: Using ep0 maxpacket: 16
[ 1700.277434][   T30] audit: type=1400 audit(1756889592.744:1275): avc:  denied  { sys_module } for  pid=19848 comm="syz.1.5545" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[ 1700.299989][T10345] usb 4-1: new high-speed USB device number 62 using dummy_hcd
[ 1700.319063][T19851] loop1: detected capacity change from 0 to 512
[ 1700.338337][  T371] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 1700.347156][  T371] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1700.357640][  T371] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1700.368951][T19851] EXT4-fs (loop1): dax option not supported
[ 1700.525499][T19854] tap1: tun_chr_ioctl cmd 1074025675
[ 1700.531003][T19854] tap1: persist enabled
[ 1700.598716][  T371] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1700.607848][  T371] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1700.616400][T10345] usb 4-1: Using ep0 maxpacket: 32
[ 1700.621586][  T371] usb 5-1: Product: syz
[ 1700.625740][  T371] usb 5-1: Manufacturer: syz
[ 1700.630346][  T371] usb 5-1: SerialNumber: syz
[ 1700.738058][T19855] loop2: detected capacity change from 0 to 512
[ 1700.738249][T10345] usb 4-1: config index 0 descriptor too short (expected 29220, got 36)
[ 1700.752883][T10345] usb 4-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[ 1700.760089][T19855] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[ 1700.761562][T10345] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 81
[ 1700.761610][T10345] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1700.761635][T10345] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1700.761660][T10345] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 1700.799337][T19855] EXT4-fs (loop2): Journaled quota options ignored when QUOTA feature is enabled
[ 1700.812507][T10345] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[ 1700.812543][T10345] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1700.839798][T19855] EXT4-fs (loop2): error: could not find journal device path: error -2
[ 1700.840144][T10345] usb 4-1: config 0 descriptor??
[ 1700.948259][  T371] usb 5-1: 0:2 : does not exist
[ 1701.109103][T10345] usblp 4-1:0.0: usblp0: USB Bidirectional printer dev 62 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[ 1701.122414][T10345] usb 4-1: USB disconnect, device number 62
[ 1701.130099][T10345] usblp0: removed
[ 1701.148206][  T371] usb 5-1: 1:0: cannot get min/max values for control 2 (id 1)
[ 1701.192164][T19861] loop1: detected capacity change from 0 to 256
[ 1701.345447][T19865] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=19865 comm=syz.1.5549
[ 1701.407941][  T371] usb 5-1: USB disconnect, device number 57
[ 1701.678200][T10345] usb 4-1: new high-speed USB device number 63 using dummy_hcd
[ 1701.768187][  T371] usb 5-1: new high-speed USB device number 58 using dummy_hcd
[ 1701.918189][T10345] usb 4-1: Using ep0 maxpacket: 32
[ 1702.018166][  T371] usb 5-1: Using ep0 maxpacket: 8
[ 1702.048242][T10345] usb 4-1: config index 0 descriptor too short (expected 29220, got 36)
[ 1702.057443][T10345] usb 4-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[ 1702.066477][T10345] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 81
[ 1702.075629][T10345] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1702.085377][T10345] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1702.095119][T10345] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 1702.108485][T10345] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[ 1702.117203][T17997] usb 3-1: USB disconnect, device number 71
[ 1702.117776][T10345] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1702.148322][  T371] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[ 1702.172782][T10345] usb 4-1: config 0 descriptor??
[ 1702.228224][   T30] audit: type=1400 audit(1756889594.684:1276): avc:  denied  { connect } for  pid=19873 comm="syz.2.5552" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1702.287897][  T371] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 1702.299256][  T371] usb 5-1: config 168 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[ 1702.313088][   T30] audit: type=1400 audit(1756889594.684:1277): avc:  denied  { write } for  pid=19873 comm="syz.2.5552" laddr=fe80::2476:f3ff:fe0a:f39c lport=58 faddr=ff02::1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1702.386462][T19883] loop2: detected capacity change from 0 to 8192
[ 1702.448281][  T371] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[ 1702.456160][  T371] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 1702.469338][  T371] usb 5-1: config 168 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[ 1702.558404][  T371] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[ 1702.566414][  T371] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 1702.585495][T10345] usblp 4-1:0.0: usblp0: USB Bidirectional printer dev 63 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[ 1702.645997][  T371] usb 5-1: config 168 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[ 1702.699858][T19892] ==================================================================
[ 1702.707974][T19892] BUG: KASAN: slab-out-of-bounds in tc_setup_flow_action+0x870/0x3240
[ 1702.716154][T19892] Read of size 8 at addr ffff88810f08cfc0 by task syz.2.5559/19892
[ 1702.724061][T19892] 
[ 1702.726403][T19892] CPU: 0 PID: 19892 Comm: syz.2.5559 Not tainted syzkaller #0
[ 1702.733868][T19892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1702.743944][T19892] Call Trace:
[ 1702.747232][T19892]  <TASK>
[ 1702.750175][T19892]  __dump_stack+0x21/0x30
[ 1702.754530][T19892]  dump_stack_lvl+0xee/0x150
[ 1702.759138][T19892]  ? show_regs_print_info+0x20/0x20
[ 1702.764351][T19892]  ? load_image+0x3a0/0x3a0
[ 1702.768866][T19892]  print_address_description+0x7f/0x2c0
[ 1702.774423][T19892]  ? tc_setup_flow_action+0x870/0x3240
[ 1702.779889][T19892]  kasan_report+0xf1/0x140
[ 1702.784320][T19892]  ? tc_setup_flow_action+0x870/0x3240
[ 1702.788249][   T30] audit: type=1400 audit(1756889595.244:1278): avc:  denied  { read write } for  pid=19839 comm="syz.3.5542" name="lp0" dev="devtmpfs" ino=6152 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1
[ 1702.789787][T19892]  __asan_report_load8_noabort+0x14/0x20
[ 1702.816469][T10345] usb 4-1: USB disconnect, device number 63
[ 1702.819406][T19892]  tc_setup_flow_action+0x870/0x3240
[ 1702.819466][T19892]  mall_replace_hw_filter+0x293/0x820
[ 1702.836033][T19892]  ? pcpu_block_update_hint_alloc+0x8c1/0xc50
[ 1702.836120][T10345] usblp0: removed
[ 1702.842127][T19892]  ? mall_set_parms+0x520/0x520
[ 1702.842157][T19892]  ? tcf_exts_destroy+0xb0/0xb0
[ 1702.848294][  T371] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[ 1702.850658][T19892]  ? mall_set_parms+0x1e8/0x520
[ 1702.855499][  T371] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1702.864555][T19892]  mall_change+0x526/0x740
[ 1702.864583][T19892]  ? __kasan_check_write+0x14/0x20
[ 1702.887151][T19892]  ? mall_get+0xa0/0xa0
[ 1702.891323][T19892]  ? tcf_chain_tp_insert_unique+0xac1/0xc10
[ 1702.897220][T19892]  tc_new_tfilter+0x12a2/0x1870
[ 1702.902076][T19892]  ? tcf_gate_entry_destructor+0x20/0x20
[ 1702.907714][T19892]  ? security_capable+0x87/0xb0
[ 1702.912569][T19892]  ? ns_capable+0x8c/0xf0
[ 1702.916908][T19892]  ? netlink_net_capable+0x125/0x160
[ 1702.922214][T19892]  ? tcf_gate_entry_destructor+0x20/0x20
[ 1702.927848][T19892]  rtnetlink_rcv_msg+0x81b/0xb90
[ 1702.932787][T19892]  ? rtnetlink_bind+0x80/0x80
[ 1702.937465][T19892]  ? memcpy+0x56/0x70
[ 1702.941448][T19892]  ? avc_has_perm_noaudit+0x2f4/0x460
[ 1702.946817][T19892]  ? arch_stack_walk+0xee/0x140
[ 1702.951670][T19892]  ? avc_denied+0x1b0/0x1b0
[ 1702.956168][T19892]  ? stack_trace_save+0x98/0xe0
[ 1702.961026][T19892]  ? avc_has_perm+0x158/0x240
[ 1702.965701][T19892]  ? avc_has_perm_noaudit+0x460/0x460
[ 1702.971067][T19892]  ? x64_sys_call+0x4b/0x9a0
[ 1702.975660][T19892]  ? selinux_nlmsg_lookup+0x416/0x4c0
[ 1702.981043][T19892]  netlink_rcv_skb+0x1e0/0x430
[ 1702.985811][T19892]  ? rtnetlink_bind+0x80/0x80
[ 1702.990494][T19892]  ? netlink_ack+0xb60/0xb60
[ 1702.995086][T19892]  ? __netlink_lookup+0x387/0x3b0
[ 1703.000112][T19892]  rtnetlink_rcv+0x1c/0x20
[ 1703.004528][T19892]  netlink_unicast+0x876/0xa40
[ 1703.009292][T19892]  netlink_sendmsg+0x86a/0xb70
[ 1703.014054][T19892]  ? netlink_getsockopt+0x530/0x530
[ 1703.019771][T19892]  ? security_socket_sendmsg+0x82/0xa0
[ 1703.025228][T19892]  ? netlink_getsockopt+0x530/0x530
[ 1703.030423][T19892]  ____sys_sendmsg+0x5a2/0x8c0
[ 1703.035187][T19892]  ? __sys_sendmsg_sock+0x40/0x40
[ 1703.040205][T19892]  ? import_iovec+0x7c/0xb0
[ 1703.044703][T19892]  ___sys_sendmsg+0x1f0/0x260
[ 1703.049381][T19892]  ? __sys_sendmsg+0x250/0x250
[ 1703.054142][T19892]  ? sock_show_fdinfo+0xa0/0xa0
[ 1703.058996][T19892]  ? __fdget+0x1a1/0x230
[ 1703.063238][T19892]  __x64_sys_sendmsg+0x1e2/0x2a0
[ 1703.068181][T19892]  ? ___sys_sendmsg+0x260/0x260
[ 1703.073033][T19892]  ? __kasan_check_write+0x14/0x20
[ 1703.078144][T19892]  ? switch_fpu_return+0x15d/0x2c0
[ 1703.083259][T19892]  x64_sys_call+0x4b/0x9a0
[ 1703.087675][T19892]  do_syscall_64+0x4c/0xa0
[ 1703.092087][T19892]  ? clear_bhb_loop+0x50/0xa0
[ 1703.096773][T19892]  ? clear_bhb_loop+0x50/0xa0
[ 1703.101562][T19892]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1703.107463][T19892] RIP: 0033:0x7f2615014be9
[ 1703.111875][T19892] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1703.131475][T19892] RSP: 002b:00007f2613a7d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1703.139881][T19892] RAX: ffffffffffffffda RBX: 00007f261524bfa0 RCX: 00007f2615014be9
[ 1703.147843][T19892] RDX: 0000000004004810 RSI: 0000200000000580 RDI: 0000000000000004
[ 1703.155806][T19892] RBP: 00007f2615097e19 R08: 0000000000000000 R09: 0000000000000000
[ 1703.163776][T19892] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1703.171740][T19892] R13: 00007f261524c038 R14: 00007f261524bfa0 R15: 00007ffd613b42a8
[ 1703.179703][T19892]  </TASK>
[ 1703.182719][T19892] 
[ 1703.185041][T19892] Allocated by task 19892:
[ 1703.189455][T19892]  __kasan_kmalloc+0xda/0x110
[ 1703.194128][T19892]  __kmalloc+0x13d/0x2c0
[ 1703.198360][T19892]  tcf_idr_create+0x5f/0x790
[ 1703.202943][T19892]  tcf_idr_create_from_flags+0x61/0x70
[ 1703.208396][T19892]  tcf_gact_init+0x346/0x580
[ 1703.212979][T19892]  tcf_action_init_1+0x3f7/0x6a0
[ 1703.217913][T19892]  tcf_action_init+0x1e9/0x710
[ 1703.222689][T19892]  tcf_exts_validate+0x217/0x520
[ 1703.227630][T19892]  mall_set_parms+0x48/0x520
[ 1703.232222][T19892]  mall_change+0x45a/0x740
[ 1703.236651][T19892]  tc_new_tfilter+0x12a2/0x1870
[ 1703.241515][T19892]  rtnetlink_rcv_msg+0x81b/0xb90
[ 1703.246453][T19892]  netlink_rcv_skb+0x1e0/0x430
[ 1703.251298][T19892]  rtnetlink_rcv+0x1c/0x20
[ 1703.255715][T19892]  netlink_unicast+0x876/0xa40
[ 1703.260575][T19892]  netlink_sendmsg+0x86a/0xb70
[ 1703.265329][T19892]  ____sys_sendmsg+0x5a2/0x8c0
[ 1703.270087][T19892]  ___sys_sendmsg+0x1f0/0x260
[ 1703.274755][T19892]  __x64_sys_sendmsg+0x1e2/0x2a0
[ 1703.279703][T19892]  x64_sys_call+0x4b/0x9a0
[ 1703.284121][T19892]  do_syscall_64+0x4c/0xa0
[ 1703.288557][T19892]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1703.294447][T19892] 
[ 1703.296761][T19892] Last potentially related work creation:
[ 1703.302467][T19892]  kasan_save_stack+0x3a/0x60
[ 1703.307143][T19892]  __kasan_record_aux_stack+0xd2/0x100
[ 1703.312598][T19892]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 1703.318400][T19892]  call_rcu+0x105/0xfe0
[ 1703.322566][T19892]  neigh_parms_release+0x1e0/0x220
[ 1703.327673][T19892]  inetdev_event+0x81c/0x10a0
[ 1703.332352][T19892]  raw_notifier_call_chain+0x90/0x100
[ 1703.337728][T19892]  unregister_netdevice_many+0xfb8/0x1990
[ 1703.343443][T19892]  ip_tunnel_delete_nets+0x343/0x390
[ 1703.348721][T19892]  ipip_exit_batch_net+0x22/0x30
[ 1703.353650][T19892]  cleanup_net+0x602/0xad0
[ 1703.358063][T19892]  process_one_work+0x6be/0xba0
[ 1703.362908][T19892]  worker_thread+0xa59/0x1200
[ 1703.367582][T19892]  kthread+0x411/0x500
[ 1703.371644][T19892]  ret_from_fork+0x1f/0x30
[ 1703.376053][T19892] 
[ 1703.378370][T19892] The buggy address belongs to the object at ffff88810f08cf00
[ 1703.378370][T19892]  which belongs to the cache kmalloc-192 of size 192
[ 1703.392416][T19892] The buggy address is located 0 bytes to the right of
[ 1703.392416][T19892]  192-byte region [ffff88810f08cf00, ffff88810f08cfc0)
[ 1703.406034][T19892] The buggy address belongs to the page:
[ 1703.411659][T19892] page:ffffea00043c2300 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10f08c
[ 1703.422153][T19892] flags: 0x4000000000000200(slab|zone=1)
[ 1703.427810][T19892] raw: 4000000000000200 dead000000000100 dead000000000122 ffff888100042c00
[ 1703.436392][T19892] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 1703.444972][T19892] page dumped because: kasan: bad access detected
[ 1703.451373][T19892] page_owner tracks the page as allocated
[ 1703.457071][T19892] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 199, ts 11831279150, free_ts 8333369718
[ 1703.472946][T19892]  post_alloc_hook+0x192/0x1b0
[ 1703.477719][T19892]  prep_new_page+0x1c/0x110
[ 1703.482229][T19892]  get_page_from_freelist+0x2cc5/0x2d50
[ 1703.487777][T19892]  __alloc_pages+0x18f/0x440
[ 1703.492361][T19892]  new_slab+0xa1/0x4d0
[ 1703.496430][T19892]  ___slab_alloc+0x381/0x810
[ 1703.501017][T19892]  __slab_alloc+0x49/0x90
[ 1703.505340][T19892]  kmem_cache_alloc_trace+0x146/0x270
[ 1703.510705][T19892]  alloc_pipe_info+0xe7/0x4b0
[ 1703.515389][T19892]  create_pipe_files+0x8d/0x6c0
[ 1703.520323][T19892]  __do_pipe_flags+0x4f/0x200
[ 1703.525077][T19892]  do_pipe2+0x99/0x170
[ 1703.529140][T19892]  __x64_sys_pipe2+0x5a/0x70
[ 1703.533721][T19892]  x64_sys_call+0x354/0x9a0
[ 1703.538221][T19892]  do_syscall_64+0x4c/0xa0
[ 1703.542631][T19892]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1703.548521][T19892] page last free stack trace:
[ 1703.553180][T19892]  free_unref_page_prepare+0x542/0x550
[ 1703.558647][T19892]  free_unref_page_list+0x134/0x9d0
[ 1703.563846][T19892]  release_pages+0xfda/0x1030
[ 1703.568515][T19892]  free_pages_and_swap_cache+0x86/0xa0
[ 1703.573978][T19892]  tlb_finish_mmu+0x175/0x300
[ 1703.578658][T19892]  exit_mmap+0x40f/0x860
[ 1703.582908][T19892]  __mmput+0x93/0x320
[ 1703.586899][T19892]  mmput+0x50/0x150
[ 1703.590719][T19892]  do_exit+0x9d2/0x27a0
[ 1703.594870][T19892]  do_group_exit+0x141/0x310
[ 1703.599460][T19892]  __x64_sys_exit_group+0x3f/0x40
[ 1703.604484][T19892]  x64_sys_call+0x832/0x9a0
[ 1703.608986][T19892]  do_syscall_64+0x4c/0xa0
[ 1703.613415][T19892]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1703.619319][T19892] 
[ 1703.621640][T19892] Memory state around the buggy address:
[ 1703.627275][T19892]  ffff88810f08ce80: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1703.635427][T19892]  ffff88810f08cf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1703.643492][T19892] >ffff88810f08cf80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[ 1703.651537][T19892]                                            ^
[ 1703.657677][T19892]  ffff88810f08d000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1703.665730][T19892]  ffff88810f08d080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1703.673778][T19892] ==================================================================
[ 1703.682098][T19892] Disabling lock debugging due to kernel taint
[ 1703.693566][  T371] usb 5-1: Product: syz
[ 1703.712563][   T30] audit: type=1400 audit(1756889595.244:1279): avc:  denied  { open } for  pid=19839 comm="syz.3.5542" path="/dev/usb/lp0" dev="devtmpfs" ino=6152 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1
[ 1703.741889][  T371] usb 5-1: Manufacturer: syz
[ 1703.746754][  T371] usb 5-1: SerialNumber: syz
[ 1703.758598][   T30] audit: type=1400 audit(1756889596.224:1280): avc:  denied  { read } for  pid=83 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[ 1703.783078][   T30] audit: type=1400 audit(1756889596.224:1281): avc:  denied  { search } for  pid=83 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1703.818219][   T30] audit: type=1400 audit(1756889596.224:1282): avc:  denied  { write } for  pid=83 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1704.039820][  T371] usb 5-1: USB disconnect, device number 58