last executing test programs:

17m31.187233678s ago: executing program 32 (id=615):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000009c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x4}]}, @NFT_MSG_NEWSETELEM={0x4c, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x20, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}]}, {0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}]}]}, @NFT_MSG_DELSETELEM={0x14, 0xe, 0xa, 0x201, 0x0, 0x0, {0xa}}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xcc}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

15m18.191119957s ago: executing program 33 (id=1883):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x14, &(0x7f00000003c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}, @printk={@llu, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x9b}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r1, 0x0, 0xe, 0x0, &(0x7f0000000900)="928e04b416cac951c35f7f4586e6", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

6m44.94782024s ago: executing program 6 (id=6264):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)

6m44.415165066s ago: executing program 6 (id=6271):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
sendto$inet(r0, &(0x7f0000000300)="ab", 0x1, 0x0, &(0x7f0000000380)={0x2, 0x4e22, @local}, 0x10)
sendmsg$inet_sctp(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f00000003c0)='\x00', 0x19fff}], 0x1, &(0x7f0000000200)=[@sndinfo={0x20, 0x84, 0x2, {0x2, 0x41, 0xffffff7f}}, @sndrcv={0x30, 0x84, 0x1, {0x101, 0x2, 0x8, 0x8, 0x0, 0x1e5, 0x820, 0x2}}], 0x50, 0x4048800}, 0x0)

6m43.847582142s ago: executing program 6 (id=6275):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'})
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x89a1, &(0x7f0000000040)={'syzkaller0\x00'})

6m42.344209604s ago: executing program 6 (id=6290):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x800, &(0x7f0000000840)={[{@iocharset={'iocharset', 0x3d, 'cp874'}}, {@umask={'umask', 0x3d, 0x2}}, {@gid}, {@errors_continue}, {@iocharset={'iocharset', 0x3d, 'default'}}, {@namecase}, {@fmask={'fmask', 0x3d, 0x106}}, {@fmask={'fmask', 0x3d, 0x9}}, {@fmask={'fmask', 0x3d, 0x6}}, {@fmask={'fmask', 0x3d, 0x3}}]}, 0x1, 0x1524, &(0x7f00000037c0)="$eJzs3AuYjtXaOPD7Xms9Y0h6m+QwrLXuhzc5LJMkOSTJIUmSJMkpIWmSLQmJIaekIQnJYUgOQ0gOE5PG+Xw+JCRJkyQhOSXrf0342+3a3977233bd31z/67ruaz7Xc+9nvW89/u8z8HMfNdlaM3Gtao1JCL4t+DFf5IAIBYABgLAdQAQAEC5uHJxWf05JSb9exthf65HUq/2DNjVxPXP3rj+2RvXP3vj+mdvXP/sjeufvXH9szeuP2PZ2ebpBa/nJfsu/Pw/O+Pz//8hmaXHfrW29I1dAWL+2RSuf/bG9f8/K/hnVuL6Z29c/+wq9mpPgP0vwMd/dpDj7/Zw/bM3rj9j2dnVfv58tReIZO/34Gp//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMZQ9n/BUKAC63r/a8GGOMMcYYY4wx9ufxOa72DBhjjDHGGGOMMfY/D0GABAUBxEAOiIWckAsEAFwLeeA6iMD1EAc3QF64EfJBfigABSEeCkFh0GAgBghCKAJFIQo3QTG4GYpDCSgJpcBBaUiAW6AM3Apl4TYoB7dDebgDKkBFqASV4U6oAndBVbgbqsE9UB1qQE2oBfdCbbgP6sD9UBcegHrwINSHh6ABPAwN4RFoBI9CY3gMmsDj0BSaQXNoAS3/W/kvQQ94GXpCL0iC3tAHXoG+0A/6wwAYCK/CIHgNBsPrkAxDYCi8AcPgTRgOb8EIGAmj4G0YDe/AGBgL42A8pMAEmAjvwiR4DybDFJgK0yAVpsMMeB9mwiyYDR/AHPgQ5sI8mA8LIA0+goWwCNLhY1gMn0AGLIGlsAyWwwpYCatgNayBtbAO1sMG2AibYDNsga2wDbbDDtgJn8Iu+Ax2wx7YC5/DPvjiX8w//Tf5XREQUKBAhQpjMAZjMRZzYS7MjbkxD+bBCEYwDuMwL+bFfJgPC2ABjMd4LIyF0aBBQsIiWASjGMViWAyLY3EsiSXRocMETMAyeCuWxbJYDstheSyPFbAiVsTKWBmrYBWsilWxGlbD6lgda2JNvBfvxd5YB+tgXayL9bDe5cdT2BAbYiNshI2xMTbBJtgUm2JzbI4tsSW2wlbYGltjW2yL7bAdtsf2mIiJ2AE7YEfsiJ2wE3bGztgFu2BX7IbdMl/KAfgyvoy9sLrojX2wD/bF5Bz9cQAOwFdxEL6Gr+HrmIxDcCi+gW/gmzgcT+EIHImjcBRWEe/gGByLJMZjCqbgRJyIk3ASTsYpOAWnYSpOxxk4A2fiLJyFH+Ac/BA/xHk4DxdgGqbhQlyE6ZiOi/E0ZuASXIrLcDmuwOW4ClfjKlyL63AtbsANuAk34RbcgttwG+7AHfgpKgD8DPfgHkzGfbgP9+N+PIAH8CAexEzMxEN4CA/jYTyCR/AoHsVjeBxP4HE8iSfxFJ7GM3gGz+E5PI8vxH/T6NMSa5JBZFFCiRgRI2JFrMglconcIrfII/KIiIiIOBEn8oq8Ip/IJwqIAiJexIvCorAwwggSYQwAiKiIimKimCguiouSoqRwwokEkSDKiDKirCgryonbRXlxh6ggKoo2rrKoLKqItq6quFtUE9VEdVFD1BS1RC1RW9QWdUQdUVfUFfVEPVFfPCQaiN7YHx8RWZVpLIZgEzEUm4pmQl76BmslhmNr0Ua0FU+JkTgC24tWLlE8KzqIMdhR/EWMxedFZzEeu4gXRVfRTXQXL4keorXrKXqJydhb9BHTsK/oJ/qLAWIm1hAf4JycNcXrIlkMEUPFG2IBvimGi7fECDFSjBJvi9HiHTFGjBXjxHiRIiaIieJdMUm8JyaLKWKqmCZSxXQxQ7wvZopZYrb4QMwRH4q5Yp6YLxaINPGRWCgWiXTxsVgsPhEZYolYKpaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Cq2ie1ih9gpPhW7xGdit9gj9orPxT7xhdgvvhQHxFfioPhaZIpvxCHxrTgsvhNHxPfiqPhBHBPHxQnxozgpfhKnxGlxRpwV58TP4rz4RVwQXoBEKaSUSgYyRuaQsTKnzCWvkbllcOndvV7GyRtkXnmjzCfzywKyoIyXhWRhqaWRVpIMZRFZVEblTbKYvFkWlyVkSVlKOllaJshbZBl5qywrb5Pl5O2yvLxDVpAVZSVZWd4pq8i7JEQubqO6rCFrylryXpkE98k68n5ZVz4g68kHZX35kGwgH5YN5SOykXxUNpaPySbycdlUNpPNZQvZUj4hW8knZWvZRraVT8l28mnZXj4jE+WzsoP0lz4iz8vO8gXZRb4ou8pusrv8RV6QXvaUvST0BtlHviL7yn6yvxwgB8pX5SD5mhwsX5fJcogcKt+Qw+Sbcrh8S46QI+Uo+bYcLd+RY+RYOU6Olylygpwo35WT5Htyspwip8ppMlVOl/0vjTRbyn+Y/+4f5A/+deub5Ga5RW6V2+R2uUPulJ/KXXKX3C13y71yr9wn98n9cr88IA/Ig/KgzJSZ8pA8JA/Lw/KIPCKPyqPymDwuz8of5Un5kzwlT8vT8qw8J8/J85feA1CohJJKqUDFqBwqVuVUudQ1Kre6VuVR16mIul7FqRtUXnWjyqfyqwKqoIpXhVRhpZVRVpEKVRFVVEXVTXjpA6NKqlLKqdIqQd3yr+SrYupmVVyV+E3+5fkl/Z35tVQtVSvVSrVWrVVb1Va1U+1Ue9VeJapE1UF1UB1VR9VJdVKdVWfVRXVRXVVX1V11Vz1UD9VT9VRJKkn1Ua+ovqqf6q8GqIHqVTVIDVKD1WCVrJLVUDVUDVPD1HA1XI1QI9QoNUqNVqPVGDVGjVPjVIpKURPVRDVJTVKT1WQ1VU1VqSpVzVAz1Ew1U81Ws9UcNUfNVXPVfDVfpak0tVAtVOkqXS1Wi1WGWqKWqGVqmVqhVqhVapVao9aodWqd2qA2qAy1WW1WW9VWtV1tVzvVTrVL7VK71W61V+1V+9Q+tV/tVwfUAXVQHVSZKlMdUofUYXVYHVFH1FF1VB1Tx9QJdUKdVCfVKXVKnVFn1Dl1Tp1X59UFdSHrsi8QgQhUkHWmjQlig9ggV5AryB3kDvIEeYJIEAnigrggb3BjkC/IHxQICgbxQaGgcKADE9hAXCp6NLgpKBbcHBQPSgQlg1KBC0oHCcEtQZng1qBscFtQLrg9KB/cEVQIKgaVgsrBnUGV4K6ganB3UC24J6ge1AhqBrWCe4PawX1BneD+oG7wQFAveDCoHzwUNAgeDhoGjwSNgkeDxsFjQZPg8aBp0CxoHrQIWv6p43t/Kv+TrqfupZN0b91Hv6L76n66vx6gB+pX9SD9mh6sX9fJeogeqt/Qw/Sberh+S4/QI/Uo/bYerd/RY/RYPU6P1yl6gp6o39WT9Ht6sp6ip+ppOlVP1zP0+3qmnqVn6w/0HP2hnqvn6fl6gU7TH+mFepFO1x/rxfoTnaGX6KV6mV6uV+iVepVerdfotXqdXq836I16k96st+itepvernfonfpTvUt/pnfrPXqv/lzv01/o/fpLfUB/pQ/qr3Wm/kYf0t/qw/o7fUR/r4/qH/QxfVyf0D/qk/onfUqf1mf0WX1O/6zP61/0Be2zLu6zTu9GGWViTIyJNbEml8llcpvcJo/JYyImYuJMnMlr8pp8Jp8pYAqYeBNvCpvCJgsZMkVMERM1UVPMFDPFTXFT0pQ0zjiTYBJMGVPGlDVlTTlTzpQ35U0FU8FUMpXMneZOc5e5y9xt7jb3mHtMDVPD1DK1TG1T29QxdUxdU9fUM/VMfVPfNDANTEPT0DQyjUxj09g0MU1MU9PUNDfNTUvT0rQyrUxr09q0NW1NO9POtDftTaJJNB1MB9PRdDSdTCfT2XQ2XUwX09V0Nd1Nd9PD9DA9TU+TZJJMH9PH9DV9TX/T3ww0A80gM8gMNoNNskk2Q81QM8wMM8PNcDPCjDSjsg4f844ZY8aacWa8STEpZqKZaCaZSWaymWymmqkm1aSaGWaGmWlmmtlmtplj5pi5Zq6Zb+abNJNmFpqFJt2km8VmsckwGWapWWqWm+VmpVlpVpvVZq1Za9bDerPRbDSbzWaz1Ww12812s9PsNLvMLrPb7DZ7zV6zz+wz+81+c8AcMAfNQZNpMs0hc8gcNofNEXPEHDVHzTFzzJwwJ8xJc9KcMqfMGXPGnDP5L50vvYm1OW0ue43Nba+1eex19m/jAragjbeFbGGrbT6b/zexsdYWtyVsSVvKOlvaJthbfhdXsBVtJVvZ3mmr2Lts1d/Fte19to6939a1D9ha9t7fxPXsg7a+fcw2QASwzWwj28I2to/ZJvZx29Q2s81tC9vOPm3b22dson3WdrDP/S5eaBfZ1XaNXWvX2d12jz1jz9rD9jt7zv5se9pedqB91Q6yr9nB9nWbbIf8Lh5l37aj7Tt2jB1rx9nxv4un2mk21U63M+z7dqad9bs4zX5k59h0O9fOs/Ptgl/jrDml24/tYvuJzbABLLXL7HK7wq60q/7/XJfZDXaj3WR32c/sVrvNbrc77M7LF8J2j91rP7f77Bf2kP3WHrBf2YP2iM203/waZ+3fEfu9PWp/sMfscXvC/mhP2p/U5eysff/R/mIvWG+BkIAkKQoohnJQLOWkXHQN5aZrKQ9dRxG6nuLoBspLN1I+yk8FqCDFUyEqTJoMWSIKqQgVpSjdRJenV5JKkaPSlEC3UBm6lcrSbVSObqfydAdVoIpUiSrTnVSF7qKqdDdVo3uoOtWgmlSL7qXadB/VofupLjxA9ehBqk8PUQN6mBrSI9SIHqXG9Bg1ocepKTWj5tSCWtIT1IqepNbUhtrSU9SOnqb29Awl0rPUgZ6jjvQX6kTPU2d6gbrQi9SVulF3eol60MvUk3pREvWmPvQK9aV+1J8G0EB6lQbRazSYXqdkGkJD6Q0aRm/ScHqLRtBIGkVv02h6h8bQWBpH4ymFJtBEepcm0Xs0mabQVJpGqTSdZtD7NJNm0Wz6gObQhzSX5tF8WkBp9BEtpEWUTh/TYvqEMmgJLaVltJxW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nXbQTvqUdtFntJv20F76nPbRF7SfvqQD9BUdpK8pk76hQ/QtHabv6Ah973vRD3SMjtMJ+pFO0k90ik7TGTpL5+hnOk+/0AXyBCGGIpShCoMwJswRxoY5w1zhNWHu8NowT3hdGAmvD+PCG8K84Y1hvjB/WCAsGMaHhcLCoQ5NaEMKw7BIWDSMhjeFxcKbw+JhibBkWCp0YekwIbwlLBPeGpYNbwvLhbeH5cM7wgphxfCxByqHd4ZVwrvCquHdYbXwnrB6WCOsGdYK7w1rh/eFdcL7w7rhA2HZ8MGwfvhQ2CB8OGwYPhI2Ch8NG4ePhU3Cx8OmYbOwedgibBk+EbYKnwxbh23CtuFTYbvw6bB9+EyYGD4bdgif+7X/wUV/vz8p7B32CV8JXwm9v1/Ojy6IpkU/ii6MLoqmRz+OLo5+Es2ILokujS6LLo+uiK6Mroqujq6Jro2ui66PbohujG6Kel8rBzh0wkmnXOBiXA4X63K6XO4al9td6/K461zEXe/i3A0ur7vR5XP5XQFX0MW7Qq6w084468iFrogr6qLuJlfM3eyKuxKupCvlnCvtElwL19K1dK3ck661a+PauqfcU+5p97R7xj3jnnUd3HOuo/uL6+Sed53dC+4F96Lr6rq57u4l18NNyHPxmExyfVwf19f1df1dfzfQDXSD3CA32A12yS7ZDXVD3TA3zA13w90IN8KNcqPcaDfajXFj3Dg3zqW4FDfRTXST3CQ32U12U91Ul+pS3Qw3w810M12VWRe3MtfNdfPdfJfm0txCl3XNmO4Wu8Uuw2W4pW6pW+6Wu5VupVvtVru1bq1b79a7jW6j2+w2u61uq9vutrudbqfb5Xa53f66i4O6fW6/2+8OuAPuoPvaZbpv3CH3rTvsvnNH3PfuqPvBHXPH3Qn3ozvpfnKn3Gl3xp1159zP7rz7xV1w3qVEJkQmRt6NTIq8F5kcmRKZGpkWSY1Mj8yIvB+ZGZkVmR35IDIn8mFkbmReZH5kQSQt8lFkYWRRJD3ycWRx5JNIRmRJZGlkWWR5ZEXE+0JbQ1/EF/VRf5Mv5m/2xX0JX9KX8s6X9gn+Fl/G3+rL+tt8OX+7L+/v8BV8RV/JP+6b+ma+uW/hW/onfCv/pG/t2/i2/infzj/t2/tnfKJ/1nfwz/mO/i++k3/ed/Yv+C7+Rd/Vd/Pd/Uu+h3/Z9/S9fJLv7fv4V3xf38/39wP8QP+qH+Rf84P96z7ZD/FD/Rt+mH/TD/dv+RF+pB8V87YfffkWGcb7FD/BT/Tv+kn+PbjbT/FT/TSf6qf7Gf59P9PP8rP9B36O/9DP9fP8fL/Ap/mP/EK/yKf7j/1i/4nP8EsuP1T2K/0qv9qv8Wv9Or/eb/Ab/Sa/2W/xW/02v93v8Dv9p36X/8zv9nv8Xv+53+e/8Pv9l/6A/8of9F/7TP+NP+S/9Yf9d/6I/94f9T/4Y/64P+F/9Cf9T/6UP+3P+LP+nP/Zn/e/+Av8O2uMMcYYY/+UCVea4rc9Fx/n9/6DHPFXK/cBgGu3Fcz86/6sK8r1+S62+4n4dhEAeLZXl0cuL9WrJyUlXVo3Q0JQdB7A5f8JyhIDV+Il0BaehkRoA2X+cP79RLdz9A/Gj94OkOuvcmLhSnxl/C8BMOkPxn/iqVELy4dn4v6L8ecBFC96JScnXImXQNtfn6+0gbJ/Z/75W/2D+ef8KgWg9V/l5IYr8ZX5J8CT8Bwk/mZNxhhjjDHGGGPson6iUqfL95+Xf+Lzj+7P49WVnBxwJf5H9+eMMcYYY4wxxhi7+p7v1v2ZJxIT23T61xtV/1tZ/3SjCfxPjcyNP2x4D3D5FQUA/+aAAFkN+Z/ciy3/kW0lXzp0/rZr+VkfwP+OUv4Zjav8xcQYY4wxxhj701256P/t6+pqTYgxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMuG/hN/Tuxq7yNjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDF2tf2/AAAA//8BsgGO")
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f00000002c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})

6m41.629592779s ago: executing program 6 (id=6296):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x20, r2, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x4040000)

6m40.900593269s ago: executing program 6 (id=6304):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'team0\x00', <r1=>0x0})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ipvlan1\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@setlink={0x28, 0x13, 0x1, 0x70bd2c, 0x25dfdbfc, {0x0, 0x0, 0x0, r2, 0x41014, 0x54c1f}, [@IFLA_MASTER={0x8, 0xa, r1}]}, 0x28}, 0x1, 0x0, 0x0, 0x8081}, 0x20040000)

6m40.380868657s ago: executing program 34 (id=6304):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'team0\x00', <r1=>0x0})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ipvlan1\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@setlink={0x28, 0x13, 0x1, 0x70bd2c, 0x25dfdbfc, {0x0, 0x0, 0x0, r2, 0x41014, 0x54c1f}, [@IFLA_MASTER={0x8, 0xa, r1}]}, 0x28}, 0x1, 0x0, 0x0, 0x8081}, 0x20040000)

4m31.566110166s ago: executing program 2 (id=7440):
r0 = memfd_create(&(0x7f0000000000)='\x103q}2\x9a\xce\xaf\x03\xdfy[\xd9\xffR8\xf4\x1c\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1d\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\x15RJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd9DC\x9fF\x9c[M=\xe0^\xa8\xed)\xe8Z\xe8\x99&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xcb\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05\xd7\xe7X\xc7/\xae5\x93wwT\x13\xbd,\xd6\x16\x84\xcd\xd1\xd8\xe1P_\xbf0\xd8\x8d%Yh\xb5\xb4\"\xf5\x93\xdeh\xce\xa5\xe8\xc8\xec\x88\x89\xf07{\x95\xc9\xd0\xee\xe1\x1d\x80\xcc]-\xc2\xa1\x02ELhI\xd9\xf5\xcfk\x8a&i\xc1\xff9T\x8e\xe2rY\xa3\xd2H9\xfe\x0e\x1e\xac\x0f\xc3\xbd{\xd9\xcc\xbe\xa9\x93\xe0\xa4W\x1cn>\xc1\xf1\x9e\"\x93\x19\x19\x1a\xcc\x7fy\xd2~\x05\x99\xe6\x00o\xca\xe0\xc6\xd4\xf5\xa0\xc8P\xd6;\xf3\xc6~E\xacI\xd4\xe9\xa1|>\x91.K\x81\xa9+\xcf\xff\xcb\xfa\x0f\xe7n\x83H\x12\xac\x80\x16\xf8\x87Q\x97Az\n`\xb6\xe13A\xec\x8d(\\D\xec\xa6\t1\xa0h\xfc\x1f\xdd1@-4\xb4:\xf8\xd5wP \x84m\xe2\xd9\xfcb\xa0\xc3\xc9\xe7W\x86\xd7$\xa4ml\xee\x97[\xb7\xfa', 0x2)
ftruncate(r0, 0x80079a0)
mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xb, 0x2012, r0, 0x0)
lseek(r0, 0x0, 0x4)

4m30.677167213s ago: executing program 2 (id=7451):
r0 = syz_open_dev$evdev(&(0x7f0000000240), 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x6, 0x24, &(0x7f0000000740)=ANY=[], 0x0)
ioctl$UI_DEV_CREATE(r0, 0x41015500)

4m29.632942011s ago: executing program 2 (id=7458):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000413f5f201d0650c16fce0102030109021b00010000100009043300011870f500090582020002"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000040)={0x0, 0x50}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xa8, &(0x7f0000000040)=ANY=[@ANYBLOB="6b0ee0b3d41b1b"])

4m27.436602846s ago: executing program 2 (id=7473):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed000e, &(0x7f00000005c0)={[{@jqfmt_vfsold}, {@orlov}, {@user_xattr}, {@noload}, {@nombcache}, {@noblock_validity}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@nodiscard}]}, 0xfa, 0x47c, &(0x7f0000000a80)="$eJzs3M1vFOUfAPDvTLulwI9fK+ILCFJFI/GlpeVFDl40mnDQxEQPGE+1LaRSqKE1EUK0esCjIfFu/C+MJ70Y9aKJV70bEmK4gHpZMzsztLS77ZZud4H9fJLZfZ6Z2X2e78w8O8/Ms7sBdK2h7CGJ+F9E/B4RA3n29hWG8qeb1y9N/H390kQS1epbfyW19W5cvzRRrlq+bnueqVaL/JY65V5+N2J8ZmbqfJEfmT/7wcjchYsvTJ8dPz11eurc2PHjRw7v6zs2drQlcWZx3djz8eze3SfeufLGxMkr7/2UpJHHHcviaJWhfOvW9XSrC+uwHUvSSW/22F/k9v+yuKTekUAn9UREtrsqtfY/ED2x9daygXjts45WDthU1Wq1usqn8kIVuI8l0ekaAJ1Rnuiz699yalPX465w7eX8AiiL+2Yx5Ut6I80T+yvLrm9baSgiTi7881U2xSbdhwAAWOq7rP/zfL3+XxoP54m+7OH/xRjKYEQ8EBE7I+LBiNgVEQ9F1NZ9JCIeXWf5y0dIVvZ/0qt3HFwTsv7fS8XY1u39v7RcZbCnyO2oxV9JTk3PTB0qtsnBqGw5NZ1Mja5Sxvev/vZFo2VL+3/ZlJVf9gWLelztXXaDbnJ8fnwjMS917dOIPb314k9q4wJRjOvtjog9d1jG9LO9DZetHf8qGr9t06pfRzyT7/+FWBZ/KWk4Pjn64rGxoyP9MTN1aKQ8Klb6+dfLbzYqf0Pxt0C2/7fVPf5vxT+Y9EfMXbh4pjZeO7f+Mi7/8XnDa5p1Hv8ndhTHf1/ydm1GX7Hgo/H5+fOjEX3J6yvnjy2+W5kv18/iP3igfvvfGYtb4rGI2BsR+yLi8eyisKj7ExHxZEQcWCX+H1956v31x9+esdIs/sm19n8s3f/rT/Sc+eHbtePvj4hG+/9ILXWwmNPM51+zFdzItgMAAIB7Rf4d+CQdXkwnw8P5d/h3xbZ0ZnZu/rlTsx+em8y/Kz8YlbS80zWw5H7oaHFvuMyPLcsfLu4bf9mztZYfnpidmex08NDltq9o/2matf/Mnz2drh2w6Vowjgbco7R/6F7aP3SnZM32X2lbXYD2c/6H7lWv/X/ScO3hbza1MkBbOf9D92qi/S/kT417BcC9yfkfupf2D12p4W/j0w395L/tiX+L/zO8W+pz/ycivSuqcf8nepv+M4tGicrKtlwdyNt/NmdL3Vd1+pMJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgNf4LAAD///R05PQ=")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f0000000000)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getdents64(r0, 0x0, 0x0)

4m26.574042575s ago: executing program 2 (id=7484):
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x2f00020b, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x7515, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="220000000400000010000000"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={r0, <r1=>0xffffffffffffffff}, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x10, &(0x7f0000000100)=@framed={{}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3268}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1, 0x0, 0x0, 0x0, 0xf00}, {}, {0x85, 0x0, 0x0, 0x76}}]}, &(0x7f0000000000)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)

4m25.782252202s ago: executing program 2 (id=7492):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x8, 0x6, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
process_madvise(0xffffffffffffffff, 0x0, 0x0, 0x14, 0x20000)

4m25.187542369s ago: executing program 35 (id=7492):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x8, 0x6, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
process_madvise(0xffffffffffffffff, 0x0, 0x0, 0x14, 0x20000)

3m53.309916431s ago: executing program 5 (id=7799):
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000200)={0x1, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x7, @ipv4={'\x00', '\xff\xff', @remote}, 0x321}}}, 0x108)
r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='net/mcfilter6\x00')
read$FUSE(r1, &(0x7f0000004000)={0x2020}, 0x2020)

3m52.861784967s ago: executing program 5 (id=7802):
msgget(0x3, 0x710)
r0 = msgget(0x2, 0x624)
msgctl$IPC_RMID(r0, 0x0)
msgctl$IPC_RMID(0x0, 0x0)

3m52.691981325s ago: executing program 5 (id=7803):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000006040), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000006080)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000006180)={0x0, 0x0, &(0x7f0000006140)={&(0x7f0000000480)={0x44, r1, 0x11, 0x70bd2b, 0x25dfdbfb, {{}, {@void, @val={0x8, 0x3, r2}, @val={0xc, 0x99, {0xfffffffd, 0x2d}}}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x8}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'pimreg\x00'}]}, 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x10)

3m51.597976345s ago: executing program 5 (id=7810):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000080)={0x7, {{0xa, 0x4e20, 0xe0, @mcast2, 0x138e}}, {{0xa, 0x4e21, 0x9, @private2, 0x4}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000002d00)={0x7, {{0xa, 0x4e23, 0x1000, @mcast1, 0x3}}, {{0xa, 0x4e26, 0x5, @private2={0xfc, 0x2, '\x00', 0x1}, 0xb0}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f00000005c0)={0x7, {{0xa, 0x4e24, 0x5, @mcast2, 0x1000005}}, {{0xa, 0x4620, 0x41, @loopback}}}, 0x108)

3m51.389441731s ago: executing program 5 (id=7812):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x1810754, &(0x7f00000024c0), 0xfe, 0x479, &(0x7f00000027c0)="$eJzs3M1rHOUfAPDvzCbp26+/xFqr1tYGqxh8SZq0ag9eFAUPCoKC9RiTtNSmjTQRbCkaRepRCt7FiyD4F3jyJOpJ8Kp3KRQtQqsIXZnZmSS73W23aeKWzOcDmzzPzLPzPN/MPDvPzDObACprOPuRRPwvIn6JiMFGtrnAcOPX1cvnpv66fG4qiXr9td8H8nJXLp+bKouW79tWZEbSiPTjpKik2fyZsycmZ2dnThf5sYWT74zNnzn75PGTk8dmjs2cmjh8+NDB8WeennhqTeLM4ruy+/25Pfe/9OaFV6aOXHjrh6+z9u7a21i/Mo61MpwF/kc917rukbWurMeu1ZfjTPp63Rq6VYuIbHf15/1/MGqxvPMG48WPeto4YF1ln9mb2iwufi/WgQ0siV63AOiN8oSfXf+Wr/9w+NFzl55rXABlcV8tXo01fZEWZfrXsf7hiDiy+Pfn2Sta7kM09k+6jrUDAFX0bTb+eaLd+C+NXSvK/b+YGxqKiLsiYkdE3B0ROyPinoi87L0Rcd8t1t86NXT9+DO9uKrAupSN/54t5raax39L466hWpHbnsffnxw9PjtzoPibjET/piw/3m7j5SZe+PnTTvWvHP9lr6z+cixYbORiX8sNuunJhcm1GpRe+jBid1+7+JNyJuCNchJgd9dbXYziz5M7/thXezqVvHn8N7AG80z1LyIebez/xWiJv5TceH5ybHPMzhwYK4+K6/340/lXO9XfNv5r228/sC5l+39r8/G/tK6W/xz8M1k5XzufLRu4pTrO//pJx2vKvlUe/wPJ6/mcbtmS9yYXFk6PRwwkL0e0Lp9Yfm+ZL8tn8Y/sb9//dxTvyeJ/ICKyg3hvRDwYEfsi4p/iGvqhiNh/g/i/f/7htzutu63jP2JLl+U6yuKfbvv5t3T8DzXv/zKRRuuSTonaie++WX382f4/lKdGiiX5599NdG7O5qLE8tEMAAAAG12aPxufpKNL6TQdHW08w78ztqazc/MLjx+de/fUdOMZ+qHoT8s7XYMr7oeOJ4vFFhv5ieJecbn+YHHf+LPaljw/OjU3O93j2KHqtjX3/31l/8/8Vut164B15/taUF2t/d8jp1Adzv9QXfo/VJf+D9XVrv9/0JI3FwAbk/M/VJf+D9Wl/0N16f9QSTf98n4PEn3tvr1f/qvCO6KFEmfORnpHNEOiJRFJ44S+qeve/WW03Q4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCG8G8AAAD//wuh9sc=")
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x10)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)

3m51.028010403s ago: executing program 5 (id=7813):
r0 = socket$kcm(0xa, 0x5, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x1})
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x93)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000))

3m35.891117277s ago: executing program 36 (id=7813):
r0 = socket$kcm(0xa, 0x5, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x1})
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x93)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000))

48.342432395s ago: executing program 7 (id=9024):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000000)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000140)={@my=0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f00000001c0)={{@host}, @host, 0x0, 0x2000000, 0x2449, 0xfffffffffffffffd})

47.980165347s ago: executing program 7 (id=9028):
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x20, 0x10012, r1, 0x0)
write$rfkill(r0, &(0x7f0000000340)={0x6, 0x0, 0x2, 0x0, 0x1}, 0x8)

47.621709092s ago: executing program 7 (id=9030):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b40)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x9, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}], {0x14}}, 0x64}}, 0x0)
sendmsg$NFT_MSG_GETOBJ(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000002240)={&(0x7f0000000580)=ANY=[@ANYBLOB="28000000150a010200000000000000000000002008000340000000060c"], 0x28}, 0x1, 0x0, 0x0, 0x8004}, 0x2404000a)

46.817687096s ago: executing program 7 (id=9032):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x2a55414, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262)

46.432548728s ago: executing program 7 (id=9036):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000b80)={[{@grpjquota}, {@nobh}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@max_batch_time={'max_batch_time', 0x3d, 0x7}}, {@dioread_lock}]}, 0x3, 0x439, &(0x7f0000002380)="$eJzs3MtvG0UYAPBv105LXyRU5dEHECiIikfSpKX0wAUEEgeQkOBQjiFJq1K3QU2QaFVBQKgcUSXuiCMSfwEnuCDghMQV7qhShXJp4WS09m5iO3aauE5c8O8nrTuzO9bM592xZ3a6CWBgjWYvScTuiPg9Iobr2eYCo/V/bi1dmf576cp0EtXqW38ltXI3l65MF0WL9+0qMuWI9LMkDrapd/7S5XNTlcrsxTw/vnD+/fH5S5efO3t+6szsmdkLkydPHj828cKJyed7EmcW180DH80d2v/aO9femD517d2fv02K+Fvi6JHRtQ4+Wa32uLr+2tOQTsp9bAgbUqp30xiq9f/hKMXKyRuOVz/ta+OATVWtVqsPdD68WAX+x5LodwuA/ih+6LP5b7Ft0dDjrnDjpfoEKIv7Vr7Vj5QjzcsMtcxve2k0Ik4t/vNVtsXm3IcAAGjyfTb+ebbd+C+NxvtC9+ZrKCMRcV9E7I2IExGxLyLuj6iVfTAiHtpg/a2LJKvHP+n1rgJbp2z892K+ttU8/itGfzFSynN7avEPJafPVmaP5p/JkRjanuUn1qjjh1d++6LTscbxX7Zl9Rdjwbwd18vbm98zM7UwdScxN7rxScSBcrv4k+WVgCQi9kfEgS7rOPv0N4c6Hbt9/GvowTpT9euIp+rnfzFa4i8ka69Pjt8Tldmj48VVsdovv159s1P9dxR/D2Tnf2fb6385/pGkcb12fuN1XP3j845zmm6v/23J2037PpxaWLg4EbEteb3e6JX9pYuTLeUmV8pn8R853L7/742VT+JgRGQX8cMR8UhEPJq3/bGIeDwiDq8R/08vP/Fe9/Fvriz+mQ2d/5XEtmjd0z5ROvfjd02Vjmwk/uz8H6+ljuR71vP9t552dXc1AwAAwH9PGhG7I0nHltNpOjZW/z/8+2JnWpmbX3jm9NwHF2bqzwiMxFBa3OkabrgfOpFP64v8ZEv+WH7f+MvSjlp+bHquMtPv4GHA7erQ/zN/lvrdOmDTdbeOlva8HcDW87wmDC79HwaX/g+Dq03/39GPdgBbr93v/8d9aAew9coNr/nfBAMGhPk/DC79HwaX/g8DaX5H3P4heQmJVYlI74pmSGxSot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL3xbwAAAP//1Xjmag==")
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x19e)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080)=0x20)
truncate(&(0x7f0000000280)='./bus\x00', 0xa1bd)

45.169950236s ago: executing program 7 (id=9041):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f00000003c0)=ANY=[@ANYBLOB="12010000413f5f201d0650c16fce0102030109021b00010000100009043300011870fd00090582020002"], 0x0)
syz_usb_connect(0x3, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="9f01000083667d64ed1040206402d14e0102"], 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x12, &(0x7f0000000000)=ANY=[@ANYBLOB="a200004ef3b11f948ef66b0ee0b3d41b1b"])

44.38592525s ago: executing program 37 (id=9041):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f00000003c0)=ANY=[@ANYBLOB="12010000413f5f201d0650c16fce0102030109021b00010000100009043300011870fd00090582020002"], 0x0)
syz_usb_connect(0x3, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="9f01000083667d64ed1040206402d14e0102"], 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x12, &(0x7f0000000000)=ANY=[@ANYBLOB="a200004ef3b11f948ef66b0ee0b3d41b1b"])

8.840795656s ago: executing program 1 (id=9268):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000f, 0x4008031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
futex_waitv(0x0, 0x0, 0x0, 0x0, 0x0)

6.275280492s ago: executing program 3 (id=9282):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f0000000540)=0x3, 0x4)
syz_emit_ethernet(0x2a, &(0x7f00000002c0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x8}}}}}, 0x0)

5.865265254s ago: executing program 3 (id=9284):
timer_create(0x1, 0x0, 0x0)
syz_clone3(&(0x7f000000dd80)={0x100000, 0x0, 0x0, 0x0, {0x13}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pause()
syz_clone3(&(0x7f000000dd80)={0xa04400, 0x0, 0x0, 0x0, {0x12}, 0x0, 0x0, 0x0, 0x0}, 0x58)

5.517497459s ago: executing program 1 (id=9286):
r0 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={'vxcan0\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f0000000080)={0x1d, r1, 0x2, {0x1}}, 0x18)
sendmsg$inet(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000780)="8af83b42e304bd", 0x7}], 0x1}, 0x0)

5.445508026s ago: executing program 4 (id=9288):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0xc}, 0x20040014)
sendmsg$NFT_BATCH(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000060a0b040000000000000000020000000900010073797a30000000000900020073797a3200000000140000001100", @ANYRES8], 0x54}, 0x1, 0x0, 0x0, 0x24068045}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000080a01010000000000000000020000000900010073797a300000000038000000060a17d50000000000000000020000000900020073797a32000000000900010073797a30000000000c0003"], 0xcdc}, 0x1, 0x0, 0x0, 0x24000890}, 0x0)

5.212955507s ago: executing program 1 (id=9289):
r0 = syz_usb_connect(0x3, 0x3c, &(0x7f0000000380)=ANY=[@ANYBLOB="120101000814c910be0632a2f333010203010902120001000000000904"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000540)={0x1c, &(0x7f00000003c0)={0x40, 0x8}, 0x0, 0x0})

5.104448886s ago: executing program 4 (id=9290):
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x4c8, 0x170, 0xffffffff, 0xffffffff, 0x170, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0x148, 0x170, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0x0, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x528)
syz_emit_ethernet(0x4a, &(0x7f0000000300)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x9, 0x6, '\x00', 0x14, 0x6, 0xff, @dev={0xfe, 0x80, '\x00', 0x39}, @local, {[], {{0x4e22, 0x4e24, 0x41424344, 0x41424344, 0x1, 0x0, 0x5, 0x10, 0x7, 0x0, 0x3}}}}}}}, 0x0)
syz_emit_ethernet(0x4e, &(0x7f00000001c0)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x9, 0x6, "9eebf9", 0x18, 0x6, 0xff, @dev={0xfe, 0x80, '\x00', 0x39}, @local, {[], {{0x4e22, 0x4e24, 0x41424344, 0x41424344, 0x1, 0x0, 0x6, 0xc2, 0xfffd, 0x0, 0xffd, {[@window={0x3, 0x3, 0x7}]}}}}}}}}, 0x0)

4.487804397s ago: executing program 3 (id=9293):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000780), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={0x1c, r1, 0x101, 0x70bd2d, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0xc0800}, 0xc050)

4.364719487s ago: executing program 4 (id=9294):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmsg$unix(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)='\x00', 0x1}], 0x1, &(0x7f00000000c0)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0x0)
prlimit64(0x0, 0x7, &(0x7f0000000300), 0x0)
sendmmsg$unix(r0, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000100)='+', 0x1}], 0x1, &(0x7f0000000880)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}}], 0x1, 0x11)

4.015807288s ago: executing program 3 (id=9296):
r0 = syz_usb_connect(0x5, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="9f01000083667d1040206402d14e0102030109021b000100000000090400000190f19c000905f3ed"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000900)={0x84, &(0x7f0000000280)={0x20, 0x1, 0x1, '#'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

3.950283083s ago: executing program 4 (id=9297):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94)
r1 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000002380)={r0, 0x0, 0x2d, 0x0, @val=@netfilter={0x2, 0x4, 0x600, 0x1}}, 0x20)
bpf$LINK_DETACH(0x22, &(0x7f0000000100)=r1, 0x4)
bpf$LINK_DETACH(0x22, &(0x7f0000000140)=r1, 0x4)

3.854128466s ago: executing program 8 (id=9298):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@local})
ioctl$IOCTL_VMCI_QUEUEPAIR_SETPF(r0, 0x7a9, &(0x7f0000000340)={{@hyper, 0x2}, 0xe147, 0x6, 0x69c9, 0x949, 0x100, 0x385a2d2f, 0x6, 0x100000000})

3.818265444s ago: executing program 0 (id=9299):
r0 = syz_io_uring_setup(0x47a7, &(0x7f00000002c0)={0x0, 0x10006f55, 0x3080, 0x80002, 0x400203}, &(0x7f0000003400), &(0x7f0000000f80), &(0x7f0000000000))
r1 = eventfd2(0xd, 0x0)
io_uring_register$IORING_REGISTER_EVENTFD(r0, 0x4, &(0x7f0000000140)=r1, 0x1)
io_uring_register$IORING_UNREGISTER_EVENTFD(r0, 0x5, 0x0, 0x0)

3.557573327s ago: executing program 4 (id=9300):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12014101f2c59620d016b8108ede0102030109022400010000100009040002020083ec0009050602000202000a09058202"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f00000005c0)={0x84, &(0x7f0000000340)=ANY=[@ANYBLOB='@\t\f'], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000002c0)={0x1c, &(0x7f00000001c0)=ANY=[@ANYBLOB="40156a0000002598ed1dd81dc09c6d0d4c9dbf02ad3c4dde6211bcbef0c1f8456421d128f611a0f0c190de19c92d42ba4185af00820bd318ff98baf7f404f469f65310642607"], 0x0, 0x0})

3.433765879s ago: executing program 9 (id=9301):
r0 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000040)=0x9d)
r1 = syz_open_dev$ptys(0xc, 0x3, 0x0)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)

3.18267994s ago: executing program 0 (id=9302):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mprotect(&(0x7f000004f000/0x800000)=nil, 0x800000, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

2.994614776s ago: executing program 9 (id=9303):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x24}}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x6, 0x7, 0x7fff0000}]})
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RTC_ALM_READ(r0, 0x40187014, &(0x7f0000000040))

2.802751465s ago: executing program 8 (id=9304):
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000100))
syz_mount_image$nilfs2(&(0x7f0000000a40), &(0x7f0000000200)='./file0\x00', 0x10010, &(0x7f0000000480)=ANY=[], 0x5, 0xa5a, &(0x7f0000001b40)="$eJzs3U1sHFcBAOA3a6/z22ZTHGrS0CYU2vJTu3FM+ImAVM2FqKm4Vaq4RElaIpyASCVI1UOSEzdaVeHK76mX8qNK5IKinrhUopG49FQ4cCAKUiUO0JC48vq99e7zbmbt2J6s9/uk2bdv3tt9b3ZnZmdn5r0XgKFVaz7OzEwUIVy+8saRfz32zy0hXBlfzNFoPo62xeohhCLGR7P3+2BkIbz14asnuoVFmG4+pnh47kbrtdtCCBfC3nA1NMLuy9def3f62WMXj17a996bh66vzdIDAMBw+c7VQzO7/v7Xh3Z+9NbDh8Om1vx0fN6I8e3xuP9wPPBPx/+10Bkv2qZ2Y1m+0TjVsnwjXfK1l1PP8o32KH8se996j3ybSsofaZvXbblhkKX1uBGK2mRHvFabnFz4Tx6a/+vHismzp2dfPFdRRYFV959HQgh7Taahny42N4jq67Gu09yOqvdAAAvy64VLXMjPLNyd1ruN9lf+jadr3V8Pq2C913/lD1b5v71oj8Pq2ahrU1qutB1tj/G26whnQpf7l/Ltby5/42z7T++XX4+o91nPXtcRBuX6Qq96jqxzPVaqV/3z9WKj+kYM0+fwzSy9ffvJv9NB+Y6B7v7r/L/JNLTTkuPbO8jvlQE2tvy+ubkopef39eXpm0rSN5ekbylJ39qRa2n6tpLXwzD748s/C68Vi//z8//0yz0fns6z3RfD+5dZn/x85HLLH7tDbD3Kd4zEIPnT8edPffXkC9cW7v8vWuv/7bi+743xRtyarsYM6Xxhfl69de9/o7OcWo98D2T1ua9L/ubz8c58xfji+4S2/cySekx0vm5Hr3x7OvM1snxb4rQ5q29+fLI1e106/kj71fR5jWbLW8+WYyyrR9qv7IxhXg9YibQ+9rr/P62fE6FevHh69tRTMZ7W07+M1DfNz99fXtTvVrvuwN3pt/3PROhs/7O9Nb9ea98v7FicX7TvFxrZ/Oke8w/EePqd+97Ilub8yRM/mD252gsPQ+7c+Ve+f3x29tSPPPHEE09aT6reMwFrberlMz+cOnf+lSdPnzn+0qmXTp09cPDggenpg187MDPVPK6faj+6BzaSxR/9qmsCAAAAAAAAAAAA9OvHR49c+9s7X3l/of3/Yvu/1P4/3fmb2v//tFho615rmx+6jAOY2gHu7JLezJN1sDqW5avH6RNZfcezcnZlr/tkDFvj+MX2/6m4vF/XVJ8Hs/l5/70pX9adwJL+UsayXkfy8QI/E8NLMfx1gAoVW7rPjmFZ/9ZpXU/9UyyjX4ruBVOJ9L2lLyX1Y5Laf/fq1ynt/3euQx1ZfevRnLDqZQS6+/cQ9//dPHZZw/f/zf3VL+Pm3mmbqq6bqfppbs4oHsC9oerxP9N5zxSe/fO3N89PKduNpzv3l3n/pXA37vXxJ5W/scb/bI1/19f+7+bS0RMaKyv3f7+4/n5bsWF3v/vffPlTP9DjeQl3PhP90Xz5NxcX5fHQX/lzv8rKzy8I9elmXP70+W/ts/wly7+nrKTzb3eb+/9YfvrYnni03/IXalzUOuuRnzdO1//y88bJrWz5T650+Vc4UOPtWD4Ms0EZZ3a5+hj/t6ls/N8lVnn8317y+zC+HONpR5juc8hHOFlm/VuR9DuwK3v/ouT3zfi/g+3rMSzbHtL4v2l9bHSJ19ri9S6f7Ubd18Cg+uDevf63+ENVfV1M/X5f1dfDtIxpbm5ubU9olai0cCr//Kv+n1B1+VV//mXy8X/zY/h8/N88PR//N0/Px//N0/Px9fL0rVl6/nnm4//m6Q9m75uPDzyR/cHO0z9V8vrdJekPlaTvKUn/dEn6vpL0h0vSHylJf6Ak/dGS9M+WpH+uJP2xkvQnStI/X5K+0aX2KMO6/DDM8vZ5tn8YHql9ba/tf7wkHRhcP39r/zMv/OG7jYX2/2Ot8yHpOt7hGK/H/84/ifH8undoi8+nvRPj/8jS7/XzHTBM8v4z8t/3x0vSgcGV7vOyfcMQKrq3k+i336pex/kMli/E8Isx/FIMn4zhZAynYrg/htPrVD/WxjO/f/vQa8Xi//0dWXq/95Pn7YHyfqIO9Fmf/PzAcu/Hz/vxW667LX+FzcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqU2s+zsxMFCFcvvLGkeePnZ6an/OtVo5G83G0LVZvvS6Ep2I4EsNfxie3Pnz1RHt4O4ZFmA5FKFrzw3M3WiVtCyFcCHvD1dAIuy9fe/3d6WePXTx6ad97bx66vnafAAAAAGx8HwcAAP//V88c0Q==")
r0 = open(&(0x7f0000000140)='.\x00', 0xa0180, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40086e8b, &(0x7f0000000100)={0x8001, 0x1000, 0x3, 0x0, 0x3, 0x0, 0x2401})

2.489553332s ago: executing program 9 (id=9305):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r1=>0x0})
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001800)={0x6, 0x3, &(0x7f00000006c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}}, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r1}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000580)={r2, r1, 0x25, 0x4, @val=@netkit={@void, @value=r2}}, 0x1c)

2.236592915s ago: executing program 0 (id=9306):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha512\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x80800)
sendmmsg$alg(r1, &(0x7f0000000640)=[{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000140)="b57523cb1a2c", 0x6}, {&(0x7f00000001c0)='f', 0x1}], 0x2}], 0x1, 0x0)

2.024572565s ago: executing program 1 (id=9307):
ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc02c5625, &(0x7f0000000180)={0x0, 0xc5fb, @name="2c56c09f52edf611dd0aeefb49e24879a0e69a772b3a5b471cbfc47ad357d5ee"})
r0 = add_key$user(&(0x7f0000000000), &(0x7f00000001c0)={'syz', 0x0}, &(0x7f0000000240)="bc30a071", 0x4, 0xfffffffffffffffe)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)

1.986535968s ago: executing program 8 (id=9308):
capset(&(0x7f0000000080)={0x20080522}, &(0x7f00000000c0)={0x200000, 0x200000, 0x7})
socket$netlink(0x10, 0x3, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZE(r0, 0x5609, 0x0)

1.959629642s ago: executing program 9 (id=9309):
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000001180)=@raw={'raw\x00', 0x8, 0x3, 0x4c8, 0x170, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0x148, 0x170, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'bond0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0x0, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x528)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x4ea3, 0x0, @mcast1, 0x3}, 0x1c)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x953a, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0xfff2}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)

1.698149379s ago: executing program 0 (id=9310):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
socket$alg(0x26, 0x5, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE_TAIL_CALL(0x9, &(0x7f0000000380), 0xc)

1.550539583s ago: executing program 1 (id=9311):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x61)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x1ff)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f00000001c0)=0x10)
copy_file_range(r0, 0x0, r0, 0x0, 0x1000000001ff, 0x0)

1.333712316s ago: executing program 8 (id=9312):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001300a7cc4a372eaf541d002007000000", @ANYRES32=r1, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYRES16=r2, @ANYRES32=r2], 0x44}}, 0x2000800)

1.274947296s ago: executing program 0 (id=9313):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000240)='./file1\x00', 0x804, &(0x7f0000000840)=ANY=[@ANYBLOB="73686f72746e616d653d77696e6e742c6e6f6e756d7461696c3d302c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e39352c73686f72746e616d653d6d697865642c696f636861727365743d6b6f69382d722c726f6469722c757466383d302c73686f72746e616d653d77696e6e742c636f6465706167653d3737352c636865636b3d7374726963742c757466383d302c6e6f6e756d7461696c3d302c696f636861727365743d69736f383835392d362c73686f72746e616d653d77696e39352c73686f72746e616d653d77696e6e742c706f73697861636c2c6673636f6e746578743d756e636f6e66696e65645f752c736d61636b6673666c6f6f723d2f2c005180f4e7b2da8c3f2fe272df26ff9ca497387fc9af57e51670999e8bc199be03b478bd734a1ad4517930c37f173275bdc3477cead3e348e86c54d3ca19a73e96d5a4291dd83fea6bbb7174e668baf7433889e34758bb3912cc9bc2a7ba3aa69a690fb8eb216f6b745f04820178e7f761ffed80089b4de7af9454bd3090b041d1f2dcc5c701e57f46d7d89b1aa4c23f1d50d917e60289798c1f369da19dc49d2561339d7d350c1f5d5aacc33f3556cf815b7daf9d797e9fc3c697f6ce491f3a74e248fded5ff32bd81ee1cd00a1d65c4e0eafef812fb1fe9a44b8821caa94e146f937602e632be3541c334742"], 0xff, 0x27c, &(0x7f0000000280)="$eJzs3c1qG1cUB/Az+rCldiEtuioFD7SLrozdJ7ApLpQaCi1atF20ppahWMJgg6AfVPWqT9An6PNkE/ICeYCE7OKFyYSxRrKSjGwUy5ZJfr+NL+fe/9xzR4O90viXT/qH+0cnB6d/PY5GI4nKVmzFWRLtqMTYP1Hq0dPyOgBwz51lWTzLRlZLV9RnJGuVW20MALg103//l90LAHA3vv/hx2+2d3d3vkvTRkT/30EnidHP0fz2QfwWvejGRrTiPCKbGI2/+np3J2pprh2f9YeDTp7s//yguP72k4iL/Ga0ol2e30xHpvLDQaceHxT7b/Wi++3/0YqPyvNflOSjsxKffzrV/3q04uGvcRS92C96G+f/3kzTL7P/nv/5U17N88lw0FmdrCtWV+/0gwEAAAAAAAAAAAAAAAAAAAAA4J22nk60X33/TvX8Yn79jflkOj/r/UDDqffzbKRpmhWpy+vX4uNa1JZzagAAAAAAAAAAAAAAAAAAALhfTn7/43Cv1+seL3Qw/lp/yVS8WORea/Omolq01ksi5turXiSvX1yd8xTNvJ/ucVKLvFKJiJvfn2RSaU5PrcVor7zSHA2mKjf+UBpxMRg/XYd7SVyTapQ9JAsYZCWPX3VmauX1SrM4Qcni5hW7r3z4Vj1nrRlTSUTUJzfz6uvUF3sP7+o3EAAAAAAAAAAAAAAAAAAAMHb5pd+SydMlNAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAS3D5///nGAyL8Kw1WTUf1KKoLPmIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvAdeBgAA//8Yu2YW")
r0 = open(&(0x7f0000000100)='./bus\x00', 0x6c140, 0x10)
truncate(&(0x7f0000000000)='./bus\x00', 0x9471)
finit_module(r0, 0x0, 0x0)

1.235128526s ago: executing program 3 (id=9314):
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000480), 0x4)
recvmmsg(r0, &(0x7f0000000180)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000001e40)=""/174, 0xae}], 0x1, &(0x7f0000001fc0)=""/65, 0x41}, 0x1}], 0x1, 0x40002122, 0x0)
sendmsg$tipc(r0, &(0x7f0000000100)={&(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x1, {0x1, 0x1, 0x2}}, 0x10, &(0x7f0000000380)=[{&(0x7f0000000000)="bf", 0x1}], 0x1, 0x0, 0x0, 0x8008001}, 0x4800)

1.221784402s ago: executing program 9 (id=9315):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101804bc9555e1affd5020000000900010001797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a300000000009000300737975320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x24040010}, 0x0)
close(r0)

1.176489163s ago: executing program 1 (id=9316):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x87}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x6)
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000010600)='./file0\x00', 0x1004500, &(0x7f0000000380)=ANY=[@ANYRES8=0x0, @ANYRESDEC=0x0], 0x1, 0x105c2, &(0x7f0000020c00)="$eJzs3E1rY1UYB/AnU+fVcRxkXnTlBREaMKFpO0VBpOoMOmCH4svClaZJGjKT5JYmfXHWutKP4FYQcedncOPXGFwIrgR3I0ruvZXp2CLYdFLb3w9u/ueenPvk3JDNuQcSwIl1Ofn9t1JcivMRMRURFyOydqk4Mot5PB8RL0bEqUeOUtH/d8eZiLgQEZdGxfOapeKthT8ePPzmhduvf/ndg3Ltl2+/ntxdA5P2ckT01vL2Vi/PtJ3n3aK/vtnJsje/WWT+Ru9ecZ7mudVaySps1XfG1bOca+fj07WNwShXu/XGKNud1ax/rZ9/4GCzvVMnu+BufT07b7ZWsuwM0izb9/N5bRd5fzDM6zSLep9l5WM43Mm8v7Xdyu9n7V6Wjf6w6M/rps3W9ig3iyw+Lhppt5nNY+U/f81H3nud/sZ2stlaH3TSfnKjWnu1Wluo1NbTZmvYmq/Ue82F+WS63R0Nqwxb9d5iO03b3Va1kfbKyXS70ajUasn0zdZKp95ParXqXHWmcqNctF5J3rnzUdJtJtOjfKvT3xh2uoNkNV1P8ivKyWx17rVy8lIt+WBpOVl+/9atpeUPP7n58Z03l26/XQz6x7SS6dmZ2dlKbaYyWyu7/4Mo7dM/dbCynBT7/YAA2Jf1PzAJx3j9fy6ezPr/WCyRTvr696Tfv+UbB+IHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwYv18+od3s8bl/Pzpov+Zouu5iLgeEdci4mpE/LmHqTizq+aViCgV7b3Gn35sDj+WIqswuuZscVyIiMXiePjsYX8LAAAAcHx9/9PnX0RMjZrZyxuTnhBPUvHQ5ty46mWPfJ4aV7UrWbHtMVW7ulNyLK5FxOnLv46p2vWIOHXx0zFVe/zh2p6mdsW5R6KUx6kxzQYAADhCdq8ExrZ6AwAA4Mj5atIT4DBc+NcR2X5tsV1Y7AWfzaPYEDy/6wwAAAD4HypNegIAAADAocvW//7/DwAAAI63/P//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgL/YuZfbRGI4DsB/YGdhX1q04tEKp9UeOVDElpBjCki6yY0aIiHqILeUEEHE4KAM4TYeQOT7pMH2aPjJRuJgGwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE16KubTh+Xdfd2c9aaePKMBAAAAjlkV82lZ6e/aP9L9X+nWn4gYR8QoIoYRcWzu3omvlcxBRLRS/djzxUEfHiPKhO17uun6HhH/0vXyu+lPAQAAAK7XcjGZRXS21fLl777GJ5AWbXq58solny+50gZl2G2mtOFbZBajiCj6z5nSxhHR/vk/tU7y/etUit67orUr2tXnu6foFAAA0LDqTCDb7A0AAICLc3PuDnAe5X5t+i1+2gtO+3xpQ/BbpQUAAABcrsN/2++1TtsPAAAA4AzK+f+H8//SqoDz/wAAAOA67M7/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoEmrYj5dLiazujnrTT15RgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAK/vzjgIhEAZhsHd932nw/seSBk1NTapA+PgbgwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3vzuL/8npsaZZO61sfQ8kqydGlunxt65cfSH8fVrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAi/25O4EQCIIw2Hf+57SYf1jSoDGIUAULHzPMwwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB80e9++T8xNc4kc6eNpeORZO2qsXXV2HvQOHow3v4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWF/7m0TBsI4Dr92EiVukxHSW3zMQEOFYAQ+JCRLnoEBWIiGitZiEVgBBBy0dKbgeZr/T6cr7gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID3dHp64yMiss9H5pEPV3+Hy8FX5OumGXxfM9sc9/XPLSfb3Sjlb4z/i4goImvhNwAA7Svvm2KxrOadtN20vbT9tOW0rmavfDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAmZ07Vm0qCgMAfJI00erkaAURHHSxsYnVCFkcCt0FQbfQxlJMVdIMbenSJxAdxMHFV7CbvoIvIDhowcGhg4KLIEqSm/YEo7YI94b6ffDf++cO556TIfDf898AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAh7K7FU4O8lwIYWpiP+96+3lzYdT59aN3U4P4dOPV2XjM7hDFEMLd5VbzcoprGXer6xv3Gq1Wsy2R/CZ5/nQspiFJNcn6lwkAgKOmmES3rv9Q3J7vXsvVQ/jxYrj+vxDl4Q/1/8dnp88M4vvam058r7j+n0ltheOv3Fl5WF5d37i0vNJYai4171erldmrs1euX6uUe89Kyp6YAAAA8G9KScT1f77+6/7/iSgPB6z/b83duR3fq6D+H2l/0y/rmQAAAPzfTp37+iU34nquVAprjU6nPdM/7n2u9I8ZTPXQjiUR1/+FetazAgAAANKwu5Ub2v9fjPLQ6xn4+/7/9MvNnXjMQghhMtn/n1540FpMbzljLY3XibNeIwAAANmaTCLe/y/2+v/zey0P+RDCxfP9PPkbwAP1/79/cnPopfW4/7+a3hLHUr7W/z5651oIE7WsZwQAAMBRdjyJbrG/U9yeb397PFfS/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwE927B+lmSCMA/Dsv++rxICVWnkB0c4qYCGIjYcQBcETiCAeQGwtvYOld0itYGNhmcIbyMzuaEiTymw0zwOT9yUMmTeTJr8FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABmGu9/91V8GbR92b33/HF1EuvLVI3e79c344p9Mc+hf6FiL9R9zwAAAMDfV+V8H0J4ax4PYy2HKf83eU/M/A8rbZ/z/HTuz/Xp7nUj5//r463Lr4MG7TnxQ8/OL053Jof4/9PfcrGtztxRp5tPz16q9IOURzdr4ybdZ3E7Gh38S+2S3yMALLLtXLsm/x+KdbfPwQBYGnW3wkT+r4b9zgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwD58BAAD//0uCYFY=")
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f00000000c0))

1.000425347s ago: executing program 8 (id=9317):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
syz_mount_image$udf(&(0x7f0000000100), &(0x7f00000000c0)='./file1\x00', 0x210048, &(0x7f0000001040)=ANY=[@ANYBLOB='uid=', @ANYRESDEC=0x0, @ANYBLOB="2c756e64656c6574652c6e6f7672732c6164696e6963622c766f6c756d653d30303030303030303030303030303030303030322c7569643d666f726765742c6769643d666f726765742c6e6f7374726963742c6e6f7672732c0000005733010312bb6086da1fd41ffabd4b47acca2b8d488be702157dd8711c31732d"], 0xff, 0xc2d, &(0x7f0000001100)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir")
fstat(r0, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, <r1=>0x0, <r2=>0x0})
lchown(&(0x7f00000001c0)='./file1\x00', r1, r2)

699.438757ms ago: executing program 4 (id=9318):
r0 = syz_usb_connect(0x0, 0x1cb, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000122f0d4071040403dfe4000000010902"], 0x0)
syz_usb_disconnect(r0)
syz_usb_connect$uac3(0x6, 0x80, &(0x7f0000000000)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x40, 0x582, 0x37, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x6e, 0x3, 0x1, 0x7f, 0x20, 0x6, {0x8, 0xb, 0x0, 0x2, 0x1, 0x20, 0x30, 0x23}, {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x30, 0x0, {{0xa, 0x24, 0x1, 0x4, 0xa, 0x9}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x20, 0x25, 0x3, 0x5, {0xa, 0x25, 0x25, 0x401, 0x5}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x200, 0x74, 0x9, 0xc0, {0xa, 0x25, 0x25, 0x7fffffff, 0x1, 0xbe1}}}}}}}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)

568.09543ms ago: executing program 3 (id=9319):
r0 = fsopen(&(0x7f0000000000)='sysfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
renameat2(r1, &(0x7f0000000340)='./bus\x00', r1, &(0x7f0000002200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1)

400.632575ms ago: executing program 0 (id=9320):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0)
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0))
ioctl$SIOCSIFHWADDR(r0, 0x8b15, &(0x7f0000000000)={'wlan1\x00', @remote})

113.861571ms ago: executing program 8 (id=9321):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)={0x2c, r1, 0x1, 0x70bd2a, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_TX_RATES={0x10, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0xc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}]}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24040887}, 0x0)

0s ago: executing program 9 (id=9322):
unshare(0x62040200)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd60"], 0x0)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff6, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0xffffffffffffff62, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe, 0x7000000}, 0x48)

kernel console output (not intermixed with test programs):

bytes leftover after parsing attributes in process `syz.4.8126'.
[ 1053.222774][T26391] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8126'.
[ 1053.558539][T26399] netlink: 'syz.3.8130': attribute type 64 has an invalid length.
[ 1053.611821][T26399] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8130'.
[ 1053.688044][T26403] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1053.695443][T26403] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1053.877524][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[ 1054.298516][T26421] Bluetooth: MGMT ver 1.23
[ 1054.409125][T26411] loop1: detected capacity change from 0 to 32768
[ 1054.451510][T26411] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 1054.461603][T26411] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 1054.493071][T26411] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms
[ 1054.515058][ T5789] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 1054.682005][ T5789] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 1055.346668][ T5789] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 664ms
[ 1055.530781][ T5789] gfs2: fsid=syz:syz.0: jid=0: Done
[ 1055.561452][T26411] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 1055.753967][T26411] gfs2: fsid=syz:syz.0: found 1 quota changes
[ 1055.824597][T26448] gfs2: fsid=syz:syz.0: gfs2_quotad: sync error -57
[ 1056.316024][T25305] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed - function = gfs2_qd_dispose, file = fs/gfs2/quota.c, line = 129
[ 1056.339839][T26427] loop8: detected capacity change from 0 to 32768
[ 1056.373729][T25305] CPU: 1 UID: 0 PID: 25305 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1056.373791][T25305] Tainted: [L]=SOFTLOCKUP
[ 1056.373806][T25305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1056.373830][T25305] Call Trace:
[ 1056.373844][T25305]  <TASK>
[ 1056.373867][T25305]  dump_stack_lvl+0x100/0x190
[ 1056.373918][T25305]  gfs2_assert_warn_i.cold+0x3a/0x118
[ 1056.373978][T25305]  ? __pfx_gfs2_assert_warn_i+0x10/0x10
[ 1056.374023][T25305]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1056.374079][T25305]  gfs2_qd_dispose+0x5dd/0x720
[ 1056.374140][T25305]  gfs2_quota_cleanup+0x361/0x770
[ 1056.374205][T25305]  ? __pfx_gfs2_quota_cleanup+0x10/0x10
[ 1056.374280][T25305]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1056.374336][T25305]  ? __pfx___might_resched+0x10/0x10
[ 1056.374392][T25305]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1056.374439][T25305]  ? up_write+0x28c/0x4f0
[ 1056.374502][T25305]  gfs2_make_fs_ro+0x11d/0x370
[ 1056.374553][T25305]  ? __pfx_gfs2_make_fs_ro+0x10/0x10
[ 1056.374607][T25305]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1056.374660][T25305]  ? __pfx___might_resched+0x10/0x10
[ 1056.374714][T25305]  ? gfs2_put_super+0x149/0x670
[ 1056.374762][T25305]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1056.374827][T25305]  gfs2_put_super+0x1a4/0x670
[ 1056.374889][T25305]  ? __pfx_gfs2_put_super+0x10/0x10
[ 1056.374941][T25305]  generic_shutdown_super+0x167/0x360
[ 1056.375004][T25305]  kill_block_super+0x3b/0xa0
[ 1056.375058][T25305]  gfs2_kill_sb+0x4a9/0x590
[ 1056.375107][T25305]  deactivate_locked_super+0xc1/0x1b0
[ 1056.375166][T25305]  deactivate_super+0xe7/0x110
[ 1056.375224][T25305]  cleanup_mnt+0x21f/0x450
[ 1056.375264][T25305]  task_work_run+0x150/0x240
[ 1056.375316][T25305]  ? __pfx_task_work_run+0x10/0x10
[ 1056.375369][T25305]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1056.375419][T25305]  ? rcu_is_watching+0x12/0xc0
[ 1056.375486][T25305]  exit_to_user_mode_loop+0x100/0x4a0
[ 1056.375536][T25305]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1056.375588][T25305]  do_syscall_64+0x706/0xf80
[ 1056.375640][T25305]  ? irqentry_exit+0x117/0x790
[ 1056.375696][T25305]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1056.375735][T25305] RIP: 0033:0x7f388b79e017
[ 1056.375765][T25305] Code: a2 c7 05 dc 06 25 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[ 1056.375803][T25305] RSP: 002b:00007ffd9aac6ae8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 1056.375838][T25305] RAX: 0000000000000000 RBX: 00007f388b832120 RCX: 00007f388b79e017
[ 1056.375870][T25305] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd9aac6ba0
[ 1056.375895][T25305] RBP: 00007ffd9aac6ba0 R08: 00007ffd9aac7ba0 R09: 00000000ffffffff
[ 1056.375921][T25305] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd9aac7c30
[ 1056.375946][T25305] R13: 00007f388b832120 R14: 00000000001014e6 R15: 00007ffd9aac7c70
[ 1056.375997][T25305]  </TASK>
[ 1056.669065][T26460] loop3: detected capacity change from 0 to 2048
[ 1056.876432][T26460]  loop3: p3 < > p4 < >
[ 1056.880669][T26460] loop3: partition table partially beyond EOD, truncated
[ 1056.888876][T26460] loop3: p3 start 4284289 is beyond EOD, truncated
[ 1057.400760][T26470] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8153'.
[ 1057.872423][T26478] netlink: 512 bytes leftover after parsing attributes in process `syz.3.8155'.
[ 1058.052990][T26483] netlink: 168 bytes leftover after parsing attributes in process `syz.4.8157'.
[ 1058.488334][T26489] loop9: detected capacity change from 0 to 4096
[ 1058.585509][T26499] netlink: 4 bytes leftover after parsing attributes in process `syz.8.8163'.
[ 1058.738192][T26502] loop1: detected capacity change from 0 to 1024
[ 1060.042374][T26531] loop3: detected capacity change from 0 to 1024
[ 1060.077702][T26531] EXT4-fs: Ignoring removed orlov option
[ 1060.111169][T26531] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled
[ 1060.211508][T26531] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1060.716398][T25529] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1061.508821][T26570] option changes via remount are deprecated (pid=26569 comm=syz.8.8188)
[ 1063.693169][T26620] loop8: detected capacity change from 0 to 8192
[ 1063.729482][T26627] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1063.751625][T26637] netlink: 'syz.4.8212': attribute type 1 has an invalid length.
[ 1063.770641][T26620] FAT-fs (loop8): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1063.798292][T26637] netlink: 40 bytes leftover after parsing attributes in process `syz.4.8212'.
[ 1064.233584][T26643] loop9: detected capacity change from 0 to 256
[ 1064.282680][T26643] exfat: Deprecated parameter 'utf8'
[ 1064.292307][T26646] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8215'.
[ 1064.384647][T26643] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0xe3908169, utbl_chksum : 0xe619d30d)
[ 1064.497468][   T30] audit: type=1800 audit(1778143406.758:211): pid=26643 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.8214" name="file1" dev="loop9" ino=1049169 res=0 errno=0
[ 1065.854622][T26679] loop3: detected capacity change from 0 to 4096
[ 1066.809982][T26703] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[ 1068.693584][T26744] loop8: detected capacity change from 0 to 2048
[ 1068.779711][T26744] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1069.672443][T26767] loop9: detected capacity change from 0 to 7
[ 1069.801584][    C0] blk_print_req_error: 138 callbacks suppressed
[ 1069.801619][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1069.817295][    C0] buffer_io_error: 138 callbacks suppressed
[ 1069.817323][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1069.836863][    C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1069.846249][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1069.868136][    C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1069.877474][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1069.906258][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1069.915658][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1069.936181][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1069.945459][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1069.954040][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1069.963308][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1069.974558][    C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1069.983819][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1069.991783][T26767] ldm_validate_partition_table(): Disk read failed.
[ 1070.012066][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1070.021394][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1070.037743][    C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1070.047028][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1070.060220][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1070.069494][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1070.083536][T26767] Dev loop9: unable to read RDB block 0
[ 1070.125909][T26767]  loop9: unable to read partition table
[ 1070.150997][T26767] loop9: partition table beyond EOD, truncated
[ 1070.182607][T26767] loop_reread_partitions: partition scan of loop9 (úùƒå¡™‰ü�¾CêjÌ–ã¢P=ý?ã}X‹ºÐ	œëÜ%õ«`ÉæÖ€ù…ˆ{í©Ö�˜Èµ4FLQkÝŠ) failed (rc=-5)
[ 1070.962734][   T29] kernel read not supported for file /media4 (pid: 29 comm: kworker/1:1)
[ 1071.195058][T26792] netlink: 1072 bytes leftover after parsing attributes in process `syz.4.8264'.
[ 1072.296233][T26825] loop9: detected capacity change from 0 to 256
[ 1072.344767][T26826] loop8: detected capacity change from 0 to 256
[ 1072.406445][T26825] exFAT-fs (loop9): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[ 1072.566906][T26826] FAT-fs (loop8): Directory bread(block 64) failed
[ 1072.600559][T26826] FAT-fs (loop8): Directory bread(block 65) failed
[ 1072.645383][T26826] FAT-fs (loop8): Directory bread(block 66) failed
[ 1072.690875][T26826] FAT-fs (loop8): Directory bread(block 67) failed
[ 1072.731899][T26826] FAT-fs (loop8): Directory bread(block 68) failed
[ 1072.794886][T26826] FAT-fs (loop8): Directory bread(block 69) failed
[ 1072.835899][T26826] FAT-fs (loop8): Directory bread(block 70) failed
[ 1072.881158][T26826] FAT-fs (loop8): Directory bread(block 71) failed
[ 1072.906082][T26826] FAT-fs (loop8): Directory bread(block 72) failed
[ 1072.951462][T26826] FAT-fs (loop8): Directory bread(block 73) failed
[ 1073.960121][T26852] loop4: detected capacity change from 0 to 8192
[ 1074.029298][T26852] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1074.096200][ T5351] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[ 1074.275781][ T5351] usb 4-1: Using ep0 maxpacket: 8
[ 1074.301858][ T5351] usb 4-1: config index 0 descriptor too short (expected 74, got 45)
[ 1074.359561][ T5351] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[ 1074.423529][ T5351] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1074.481645][ T5351] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 30768, setting to 1024
[ 1074.529946][ T5351] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[ 1074.575842][ T5351] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1074.637893][ T5351] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1074.684007][ T5351] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1074.965854][ T5351] usb 4-1: GET_CAPABILITIES returned 0
[ 1074.992352][ T5351] usbtmc 4-1:16.0: can't read capabilities
[ 1075.285944][T26857] usbtmc 4-1:16.0: send_request_dev_dep_msg_in returned -71
[ 1075.324424][ T5789] usb 4-1: USB disconnect, device number 6
[ 1076.047859][T26890] netlink: 16 bytes leftover after parsing attributes in process `syz.4.8293'.
[ 1076.397213][T20374] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[ 1076.586872][T20374] usb 10-1: Using ep0 maxpacket: 8
[ 1076.610968][T20374] usb 10-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1076.660232][T20374] usb 10-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1076.704678][T20374] usb 10-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1076.761192][T20374] usb 10-1: config 0 interface 0 has no altsetting 0
[ 1076.797412][T20374] usb 10-1: New USB device found, idVendor=17ef, idProduct=60a4, bcdDevice= 0.00
[ 1076.834706][T20374] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1076.889825][T20374] usb 10-1: config 0 descriptor??
[ 1077.374044][T20374] hid_parser_main: 460 callbacks suppressed
[ 1077.374080][T20374] lenovo 0003:17EF:60A4.0068: unknown main item tag 0x2
[ 1077.430489][T20374] lenovo 0003:17EF:60A4.0068: unknown main item tag 0x0
[ 1077.480609][T20374] lenovo 0003:17EF:60A4.0068: hidraw0: USB HID vff.fc Device [HID 17ef:60a4] on usb-dummy_hcd.9-1/input0
[ 1077.668659][ T5789] usb 10-1: USB disconnect, device number 5
[ 1077.836732][T26933] netlink: 12 bytes leftover after parsing attributes in process `syz.8.8308'.
[ 1078.204207][T26934] fido_id[26934]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.9/usb10/report_descriptor': No such file or directory
[ 1079.201191][T26967] loop7: detected capacity change from 0 to 512
[ 1079.231747][T26967] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[ 1079.273670][T26967] EXT4-fs (loop7): orphan file too big: 4294967295
[ 1079.287587][T26967] EXT4-fs (loop7): mount failed
[ 1079.511802][T26973] loop4: detected capacity change from 0 to 128
[ 1080.044372][T26976] loop9: detected capacity change from 0 to 4096
[ 1080.079952][T26976] ntfs3(loop9): Different NTFS sector size (1024) and media sector size (512).
[ 1080.708996][T26989] loop7: detected capacity change from 0 to 128
[ 1080.744955][T26989] EXT4-fs: Ignoring removed nobh option
[ 1080.840206][T26991] loop4: detected capacity change from 0 to 256
[ 1080.887690][T26989] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1080.994837][T26989] ext4 filesystem being mounted at /998/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1081.041002][T26991] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[ 1081.160141][T27000] loop3: detected capacity change from 0 to 128
[ 1081.184579][T26989] fscrypt (loop7, inode 12): Reserved bits set in encryption policy
[ 1081.197399][T27000] EXT4-fs: Ignoring removed nobh option
[ 1081.283064][T27000] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1081.343679][T27000] ext4 filesystem being mounted at /58/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1081.395059][T10585] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1081.509963][T27000] fscrypt (loop3, inode 12): Unsupported log2_data_unit_size in encryption policy: 232
[ 1081.760046][T25529] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1082.603938][T27023] loop3: detected capacity change from 0 to 1024
[ 1082.783721][   T30] audit: type=1800 audit(1778143425.038:212): pid=27023 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.8344" name="file1" dev="loop3" ino=20 res=0 errno=0
[ 1082.809474][T27025] Bluetooth: hci1: received HCILL_GO_TO_SLEEP_ACK in state 2
[ 1082.887527][   T34] Bluetooth: hci1: Frame reassembly failed (-84)
[ 1083.044091][T27019] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci6/hci6:200/input59
[ 1084.122988][T27054] netlink: 332 bytes leftover after parsing attributes in process `syz.1.8357'.
[ 1084.146900][T27054] netlink: 'syz.1.8357': attribute type 9 has an invalid length.
[ 1084.176029][T27054] netlink: 108 bytes leftover after parsing attributes in process `syz.1.8357'.
[ 1084.222718][T27054] netlink: 32 bytes leftover after parsing attributes in process `syz.1.8357'.
[ 1084.745773][T27073] Bluetooth: hci1: command 0x1003 tx timeout
[ 1084.761824][T26800] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 1085.168571][T27082] batadv_slave_1: entered promiscuous mode
[ 1085.204291][T27082] batadv_slave_1: left promiscuous mode
[ 1085.650074][T27095] tmpfs: Cannot retroactively limit size
[ 1086.457088][T20374] usb 5-1: new high-speed USB device number 63 using dummy_hcd
[ 1086.626436][T20374] usb 5-1: Using ep0 maxpacket: 8
[ 1086.653746][T20374] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1086.681450][T27073] Bluetooth: hci4: command 0x0406 tx timeout
[ 1086.701173][T20374] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1086.749815][T20374] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1086.829442][T20374] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1086.857066][ T5789] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[ 1086.903416][T20374] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1086.935421][T20374] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1086.990321][T27132] loop8: detected capacity change from 0 to 512
[ 1087.026775][ T5789] usb 4-1: Using ep0 maxpacket: 16
[ 1087.038307][T27132] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[ 1087.067472][ T5789] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1087.106436][T27132] EXT4-fs (loop8): orphan file too big: 4294967295
[ 1087.124905][ T5789] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1087.161880][T27132] EXT4-fs (loop8): mount failed
[ 1087.197358][ T5789] usb 4-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00
[ 1087.249721][ T5789] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1087.264100][T20374] usb 5-1: GET_CAPABILITIES returned 0
[ 1087.294868][T20374] usbtmc 5-1:16.0: can't read capabilities
[ 1087.323875][ T5789] usb 4-1: config 0 descriptor??
[ 1087.525457][T20374] usb 5-1: USB disconnect, device number 63
[ 1087.791703][ T5789] corsair 0003:1B1C:1B02.0069: unknown main item tag 0x0
[ 1087.813577][ T5789] corsair 0003:1B1C:1B02.0069: unknown main item tag 0x0
[ 1087.835088][ T5789] corsair 0003:1B1C:1B02.0069: item fetching failed at offset 2/5
[ 1087.858002][ T5789] corsair 0003:1B1C:1B02.0069: parse failed
[ 1087.883578][ T5789] corsair 0003:1B1C:1B02.0069: probe with driver corsair failed with error -22
[ 1088.047515][   T24] usb 4-1: USB disconnect, device number 7
[ 1088.358272][T27164] loop9: detected capacity change from 0 to 2048
[ 1088.394532][T27164] UDF-fs: error (device loop9): udf_read_tagged: read failed, block=2362, location=2362
[ 1088.444628][T27164] UDF-fs: error (device loop9): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[ 1088.507220][T27164] UDF-fs: error (device loop9): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4
[ 1088.550138][T27164] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1088.592977][T27170] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8405'.
[ 1088.698367][   T30] audit: type=1800 audit(1778143430.968:213): pid=27164 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.8403" name="file1" dev="loop9" ino=1346 res=0 errno=0
[ 1090.047311][ T5747] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[ 1090.236050][ T5747] usb 4-1: Using ep0 maxpacket: 8
[ 1090.259899][ T5747] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1090.294880][ T5747] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1090.328003][ T5747] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1090.364799][ T5747] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1090.388951][ T5789] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[ 1090.412465][ T5747] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1090.451481][ T5747] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1090.557038][ T5789] usb 9-1: Using ep0 maxpacket: 32
[ 1090.579783][ T5789] usb 9-1: config 0 has an invalid interface number: 85 but max is 0
[ 1090.610011][ T5789] usb 9-1: config 0 has no interface number 0
[ 1090.637841][ T5789] usb 9-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1090.696513][ T5789] usb 9-1: config 0 interface 85 has no altsetting 0
[ 1090.711255][ T5747] usb 4-1: GET_CAPABILITIES returned 0
[ 1090.725821][ T5789] usb 9-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[ 1090.745268][ T5747] usbtmc 4-1:16.0: can't read capabilities
[ 1090.768381][ T5789] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1090.804054][ T5789] usb 9-1: Product: syz
[ 1090.821947][ T5789] usb 9-1: Manufacturer: syz
[ 1090.843214][ T5789] usb 9-1: SerialNumber: syz
[ 1090.861007][ T5789] usb 9-1: config 0 descriptor??
[ 1090.981425][ T5747] usb 4-1: USB disconnect, device number 8
[ 1091.311784][ T5789] appletouch 9-1:0.85: Geyser mode initialized.
[ 1091.341435][ T5789] input: appletouch as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.85/input/input60
[ 1091.797435][ T5747] usb 9-1: USB disconnect, device number 11
[ 1091.894451][ T5747] appletouch 9-1:0.85: input: appletouch disconnected
[ 1092.175959][   T24] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[ 1092.377362][   T24] usb 4-1: Using ep0 maxpacket: 8
[ 1092.410329][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1092.435029][   T24] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1092.469058][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1092.523807][   T24] usb 4-1: config 0 descriptor??
[ 1092.667148][T27255] netlink: 36 bytes leftover after parsing attributes in process `syz.8.8440'.
[ 1092.691078][T27256] overlayfs: workdir and upperdir must reside under the same mount
[ 1092.781349][   T24] iowarrior 4-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[ 1093.140788][T27270] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci6/hci6:200/input61
[ 1093.210621][   T24] usb 4-1: USB disconnect, device number 9
[ 1093.435679][T27277] loop8: detected capacity change from 0 to 2048
[ 1093.490322][T27277] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1093.624099][T27286] loop4: detected capacity change from 0 to 128
[ 1093.678465][T27286] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[ 1094.013296][T27296] loop8: detected capacity change from 0 to 256
[ 1094.025442][T27286] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1094.111310][T27286] ext2 filesystem being mounted at /1466/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1094.142799][T27296] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0x142f93c7, utbl_chksum : 0xe619d30d)
[ 1094.721938][T27315] loop8: detected capacity change from 0 to 1024
[ 1094.834048][T27315] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1094.890892][ T5628] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1095.336010][T25464] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1095.734293][T27338] loop8: detected capacity change from 0 to 512
[ 1095.770758][T27338] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1095.816359][T27338] EXT4-fs (loop8): mounting ext3 file system using the ext4 subsystem
[ 1095.863220][T27338] EXT4-fs (loop8): 1 truncate cleaned up
[ 1095.902041][T27338] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1096.173327][T25464] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1096.191649][T27346] loop4: detected capacity change from 0 to 256
[ 1096.241346][T27346] exfat: Deprecated parameter 'utf8'
[ 1096.254941][T27346] exfat: Deprecated parameter 'utf8'
[ 1096.273443][T27346] exfat: Deprecated parameter 'namecase'
[ 1096.280535][T27346] exfat: Deprecated parameter 'utf8'
[ 1096.286740][T27346] exfat: Deprecated parameter 'namecase'
[ 1096.332567][T27346] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[ 1096.936439][T27358] loop8: detected capacity change from 0 to 2048
[ 1096.967071][T27358] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=2362, location=2362
[ 1097.019093][T27358] UDF-fs: error (device loop8): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[ 1097.040260][T27361] loop9: detected capacity change from 0 to 128
[ 1097.061360][T27358] UDF-fs: error (device loop8): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4
[ 1097.088564][T27361] EXT4-fs (loop9): mounting ext2 file system using the ext4 subsystem
[ 1097.115988][T27358] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1097.167767][T27361] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1097.204573][T27361] ext2 filesystem being mounted at /149/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1097.266107][   T30] audit: type=1800 audit(1778143439.538:214): pid=27358 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.8481" name="file1" dev="loop8" ino=1346 res=0 errno=0
[ 1097.670498][T24541] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1097.832474][T27377] loop1: detected capacity change from 0 to 512
[ 1097.857015][T27377] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1097.877505][T27377] ext4 filesystem being mounted at /91/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1098.454973][T25305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1098.874657][T27404] loop1: detected capacity change from 0 to 2048
[ 1098.921563][T27406] loop8: detected capacity change from 0 to 128
[ 1098.932386][T27404] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1098.959318][T27406] EXT4-fs (loop8): mounting ext2 file system using the ext4 subsystem
[ 1099.137706][T27406] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1099.235897][T27406] ext2 filesystem being mounted at /75/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1099.542070][T25464] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1099.752854][T27429] block nbd3: Unsupported socket: should be TCP or UNIX.
[ 1099.898726][   T57] Bluetooth: hci1: Frame reassembly failed (-84)
[ 1100.198923][T27435] loop9: detected capacity change from 0 to 1024
[ 1100.230568][T27435] EXT4-fs: Ignoring removed orlov option
[ 1100.371580][T27435] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1100.648327][T24541] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1100.845871][ T5351] usb 9-1: new high-speed USB device number 12 using dummy_hcd
[ 1101.035294][ T5351] usb 9-1: unable to get BOS descriptor or descriptor too short
[ 1101.068288][ T5351] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1101.097453][ T5351] usb 9-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 1101.127397][ T5351] usb 9-1: too many endpoints for config 1 interface 1 altsetting 76: 188, using maximum allowed: 30
[ 1101.159521][T27463] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8523'.
[ 1101.167385][ T5351] usb 9-1: config 1 interface 1 altsetting 76 has 0 endpoint descriptors, different from the interface descriptor's value: 188
[ 1101.215903][ T5351] usb 9-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[ 1101.245733][ T5351] usb 9-1: config 1 interface 1 has no altsetting 0
[ 1101.261556][ T5351] usb 9-1: string descriptor 0 read error: -22
[ 1101.294075][ T5351] usb 9-1: New USB device found, idVendor=21b4, idProduct=0081, bcdDevice= 0.40
[ 1101.317278][ T5351] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1101.955923][T26808] Bluetooth: hci1: Entering manufacturer mode failed (-110)
[ 1101.968005][T26800] Bluetooth: hci1: command 0xfc11 tx timeout
[ 1101.996695][T27483] netlink: 24 bytes leftover after parsing attributes in process `syz.9.8536'.
[ 1102.163239][T27489] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8537'.
[ 1102.173782][T27489] netlink: 'syz.3.8537': attribute type 30 has an invalid length.
[ 1102.182174][T27489] netlink: 'syz.3.8537': attribute type 1 has an invalid length.
[ 1102.526404][ T5351] usb 9-1: USB disconnect, device number 12
[ 1102.806204][T27502] loop9: detected capacity change from 0 to 128
[ 1102.876467][T27508] loop1: detected capacity change from 0 to 512
[ 1102.909078][T27508] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[ 1103.005340][T27508] EXT4-fs (loop1): 1 truncate cleaned up
[ 1103.054447][T27508] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1103.109005][   T30] audit: type=1800 audit(1778143445.378:215): pid=27508 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.8546" name="file1" dev="loop1" ino=15 res=0 errno=0
[ 1103.709628][T20374] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[ 1103.876374][T26808] Bluetooth: hci7: command 0x1003 tx timeout
[ 1103.886639][T27073] Bluetooth: hci7: Opcode 0x1003 failed: -110
[ 1103.894210][T25305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1103.987216][T20374] usb 10-1: Using ep0 maxpacket: 32
[ 1104.001590][T20374] usb 10-1: config index 0 descriptor too short (expected 164, got 36)
[ 1104.010078][T20374] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1104.021725][T20374] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1104.032028][T20374] usb 10-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00
[ 1104.043754][T20374] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1104.055359][T20374] usb 10-1: config 0 descriptor??
[ 1104.492607][T20374] logitech 0003:046D:C29C.006A: unknown main item tag 0x0
[ 1104.527302][T20374] logitech 0003:046D:C29C.006A: unknown main item tag 0x0
[ 1104.561693][T20374] logitech 0003:046D:C29C.006A: unknown main item tag 0x0
[ 1104.593769][T20374] logitech 0003:046D:C29C.006A: unknown main item tag 0x0
[ 1104.616925][T20374] logitech 0003:046D:C29C.006A: unknown main item tag 0x0
[ 1104.654997][T20374] logitech 0003:046D:C29C.006A: hidraw0: USB HID v0.00 Device [HID 046d:c29c] on usb-dummy_hcd.9-1/input0
[ 1104.680829][T27523] loop8: detected capacity change from 0 to 32768
[ 1104.716819][T27523] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.8552 (27523)
[ 1104.818646][T27523] BTRFS info (device loop8): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1104.873407][T27523] BTRFS info (device loop8): using sha256 checksum algorithm
[ 1104.947409][T20374] logitech 0003:046D:C29C.006A: no inputs found
[ 1104.983649][T20374] usb 10-1: USB disconnect, device number 6
[ 1105.132506][T27523] BTRFS info (device loop8): enabling ssd optimizations
[ 1105.167434][T27523] BTRFS info (device loop8): turning on async discard
[ 1105.202213][T27523] BTRFS info (device loop8): enabling free space tree
[ 1105.662846][T25464] BTRFS info (device loop8): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1105.745753][T20374] usb 2-1: new high-speed USB device number 55 using dummy_hcd
[ 1105.965770][T20374] usb 2-1: Using ep0 maxpacket: 32
[ 1105.992546][T20374] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1106.053646][T20374] usb 2-1: config 0 interface 0 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 0
[ 1106.102216][T20374] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1106.141941][T20374] usb 2-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[ 1106.205656][T20374] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1106.227892][T20374] usb 2-1: Product: syz
[ 1106.247519][T20374] usb 2-1: Manufacturer: syz
[ 1106.252654][T20374] usb 2-1: SerialNumber: syz
[ 1106.253236][T27567] loop7: detected capacity change from 0 to 2048
[ 1106.276368][T20374] usb 2-1: config 0 descriptor??
[ 1106.329592][T27567] UDF-fs: error (device loop7): udf_process_sequence: Primary Volume Descriptor not found!
[ 1106.443296][T27567] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1106.629878][   T30] audit: type=1800 audit(1778143448.888:216): pid=27567 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.8565" name="file1" dev="loop7" ino=1367 res=0 errno=0
[ 1106.743683][   T30] audit: type=1800 audit(1778143448.918:217): pid=27567 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.8565" name="file1" dev="loop7" ino=1367 res=0 errno=0
[ 1106.766237][T20374] gs_usb 2-1:0.0: Configuring for 25 interfaces
[ 1107.162411][T20374] gs_usb 2-1:0.0: Disabling termination support for channel 0 (-EPROTO)
[ 1107.194482][T20374] gs_usb 2-1:0.0: Couldn't get extended bit timing const for channel 0 (-EPROTO)
[ 1107.236264][T20374] gs_usb 2-1:0.0: probe with driver gs_usb failed with error -71
[ 1107.311608][T20374] usb 2-1: USB disconnect, device number 55
[ 1107.571902][T27585] loop3: detected capacity change from 0 to 512
[ 1107.654589][T27585] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1107.751053][T27585] ext4 filesystem being mounted at /92/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1107.862729][T27585] EXT4-fs warning (device loop3): ext4_group_add:1715: Can't resize non-sparse filesystem further
[ 1108.043215][T25529] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1108.290786][T27575] loop8: detected capacity change from 0 to 32768
[ 1108.381637][T27575] XFS (loop8): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1108.437565][T27605] netlink: 16 bytes leftover after parsing attributes in process `syz.3.8576'.
[ 1108.585556][T27575] XFS (loop8): Ending clean mount
[ 1108.713469][T25464] XFS (loop8): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1109.007953][T27616] loop9: detected capacity change from 0 to 4096
[ 1109.421448][T27627] loop3: detected capacity change from 0 to 256
[ 1109.439552][T27627] exfat: Deprecated parameter 'utf8'
[ 1109.597138][T27627] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x72bddf51, utbl_chksum : 0xe619d30d)
[ 1110.101973][T27637] loop9: detected capacity change from 0 to 512
[ 1110.244405][T27637] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1110.307597][T27637] ext4 filesystem being mounted at /170/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1110.398333][T27637] EXT4-fs warning (device loop9): ext4_group_add:1715: Can't resize non-sparse filesystem further
[ 1110.586731][T24541] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1110.655770][ T5747] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[ 1110.852710][T27644] netlink: 36 bytes leftover after parsing attributes in process `syz.3.8594'.
[ 1110.922602][ T5747] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1110.956892][ T5747] usb 4-1: unable to read config index 0 descriptor/start: -71
[ 1110.978189][ T5747] usb 4-1: can't read configurations, error -71
[ 1111.587784][T27657] loop7: detected capacity change from 0 to 128
[ 1111.649732][T27657] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1111.761695][T27657] ext4 filesystem being mounted at /1050/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1112.143945][T27668] loop1: detected capacity change from 0 to 256
[ 1112.200113][T27668] exfat: Deprecated parameter 'utf8'
[ 1112.259585][T27668] exfat: Deprecated parameter 'utf8'
[ 1112.311717][T27668] exfat: Deprecated parameter 'utf8'
[ 1112.456437][T27668] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[ 1112.481216][T27671] loop8: detected capacity change from 0 to 32768
[ 1112.494333][T27671] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.8607 (27671)
[ 1112.540446][T10585] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1112.553897][T27671] BTRFS info (device loop8): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1112.564248][T27671] BTRFS info (device loop8): using sha256 checksum algorithm
[ 1112.770553][T27690] loop4: detected capacity change from 0 to 8
[ 1112.777401][T27671] BTRFS info (device loop8): rebuilding free space tree
[ 1112.873049][T27674] loop9: detected capacity change from 0 to 8192
[ 1112.875858][T27671] BTRFS info (device loop8): enabling ssd optimizations
[ 1112.886638][T27671] BTRFS info (device loop8): using spread ssd allocation scheme
[ 1112.894317][T27671] BTRFS info (device loop8): turning on async discard
[ 1112.901268][T27671] BTRFS info (device loop8): enabling free space tree
[ 1112.908651][T27671] BTRFS info (device loop8): force clearing of disk cache
[ 1113.028728][   T30] audit: type=1800 audit(1778143455.298:218): pid=27674 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.8608" name="bus" dev="loop9" ino=1049182 res=0 errno=0
[ 1113.153344][   T30] audit: type=1804 audit(1778143455.408:219): pid=27674 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.9.8608" name="/newroot/173/file0/bus" dev="loop9" ino=1049182 res=1 errno=0
[ 1114.228795][T25464] BTRFS info (device loop8): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1115.314199][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[ 1115.734597][T27708] loop7: detected capacity change from 0 to 32768
[ 1115.924081][T27708] XFS (loop7): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1116.065180][T27726] loop4: detected capacity change from 0 to 2048
[ 1116.168476][T27708] XFS (loop7): Ending clean mount
[ 1116.307602][T27726] UDF-fs: error (device loop4): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[ 1116.395918][T27726] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[ 1116.424862][T27726] UDF-fs: Scanning with blocksize 512 failed
[ 1116.554357][T27726] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1116.604736][T10585] XFS (loop7): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1117.067926][ T5351] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[ 1117.250018][ T5351] usb 10-1: Using ep0 maxpacket: 16
[ 1117.279175][ T5351] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1117.321457][ T5351] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1117.387219][ T5351] usb 10-1: config 0 interface 0 has no altsetting 0
[ 1117.408408][ T5351] usb 10-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[ 1117.440130][ T5351] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1117.538274][ T5351] usb 10-1: config 0 descriptor??
[ 1117.855861][ T5747] usb 9-1: new high-speed USB device number 13 using dummy_hcd
[ 1117.978386][ T5351] hid (null): nested delimiters
[ 1118.029149][ T5747] usb 9-1: unable to get BOS descriptor or descriptor too short
[ 1118.058982][ T5747] usb 9-1: New USB device found, idVendor=04b4, idProduct=0384, bcdDevice= 0.40
[ 1118.073869][ T5747] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1118.099397][ T5747] usb 9-1: Product: syz
[ 1118.110975][ T5747] usb 9-1: Manufacturer: syz
[ 1118.124132][ T5747] usb 9-1: SerialNumber: syz
[ 1118.155146][ T5747] usb 9-1: Audio class v2/v3 interfaces need an interface association
[ 1118.240070][ T5351] usb 10-1: USB disconnect, device number 7
[ 1118.551155][T27774] loop1: detected capacity change from 0 to 512
[ 1118.580927][T27774] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1118.595306][ T5747] snd-usb-audio 9-1:1.0: probe with driver snd-usb-audio failed with error -22
[ 1118.612599][T27774] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1118.642778][T27774] EXT4-fs: Ignoring removed oldalloc option
[ 1118.662745][T27774] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1118.698096][T27774] EXT4-fs (loop1): Test dummy encryption mode enabled
[ 1118.740806][T27774] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 1118.750283][ T5747] snd-usb-hiface 9-1:1.0: probe with driver snd-usb-hiface failed with error -22
[ 1118.812694][T27774] EXT4-fs (loop1): 1 truncate cleaned up
[ 1118.887630][ T5747] usb 9-1: can't set first interface for hiFace device.
[ 1118.933553][T27774] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1118.964886][ T5747] snd-usb-hiface 9-1:1.1: probe with driver snd-usb-hiface failed with error -5
[ 1119.021209][ T5747] usb 9-1: can't set first interface for hiFace device.
[ 1119.059440][ T5747] snd-usb-hiface 9-1:1.2: probe with driver snd-usb-hiface failed with error -5
[ 1119.125418][ T5747] usb 9-1: USB disconnect, device number 13
[ 1119.289125][T13815] udevd[13815]: error opening ATTR{/sys/devices/platform/dummy_hcd.8/usb9/9-1/9-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1119.450848][T25305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1119.600225][T27795] loop3: detected capacity change from 0 to 256
[ 1119.613767][T27795] FAT-fs (loop3): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[ 1120.066195][ T5747] usb 10-1: new full-speed USB device number 8 using dummy_hcd
[ 1120.202880][T27808] netlink: 64 bytes leftover after parsing attributes in process `syz.4.8657'.
[ 1120.260136][ T5747] usb 10-1: not running at top speed; connect to a high speed hub
[ 1120.307328][ T5747] usb 10-1: config 11 has an invalid interface number: 95 but max is 0
[ 1120.343584][ T5747] usb 10-1: config 11 has no interface number 0
[ 1120.376377][ T5747] usb 10-1: config 11 interface 95 altsetting 64 has an endpoint descriptor with address 0xC6, changing to 0x86
[ 1120.448625][ T5747] usb 10-1: config 11 interface 95 altsetting 64 endpoint 0x6 has invalid maxpacket 512, setting to 64
[ 1120.488710][ T5747] usb 10-1: config 11 interface 95 altsetting 64 endpoint 0xE has an invalid bInterval 0, changing to 10
[ 1120.535021][ T5747] usb 10-1: config 11 interface 95 has no altsetting 0
[ 1120.562021][ T5747] usb 10-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=b1.4d
[ 1120.619017][ T5747] usb 10-1: New USB device strings: Mfr=1, Product=0, SerialNumber=0
[ 1120.651813][ T5747] usb 10-1: Manufacturer: syz
[ 1120.685483][T27798] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[ 1120.995781][ T5747] usbtouchscreen 10-1:11.95: probe with driver usbtouchscreen failed with error -71
[ 1121.060317][ T5747] usb 10-1: USB disconnect, device number 8
[ 1121.585836][ T5761] usb 5-1: new high-speed USB device number 64 using dummy_hcd
[ 1121.800712][ T5761] usb 5-1: unable to get BOS descriptor or descriptor too short
[ 1121.834883][ T5761] usb 5-1: New USB device found, idVendor=04b4, idProduct=0384, bcdDevice= 0.40
[ 1121.885927][ T5761] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1121.913005][T27844] loop3: detected capacity change from 0 to 512
[ 1121.918706][ T5761] usb 5-1: Product: syz
[ 1121.938230][ T5761] usb 5-1: Manufacturer: syz
[ 1121.959265][ T5761] usb 5-1: SerialNumber: syz
[ 1121.973397][T27844] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[ 1122.051934][T27844] EXT4-fs (loop3): 1 truncate cleaned up
[ 1122.056403][ T5761] usb 5-1: Audio class v2/v3 interfaces need an interface association
[ 1122.119821][T27844] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1122.169021][ T5351] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[ 1122.169736][ T5761] snd-usb-audio 5-1:1.0: probe with driver snd-usb-audio failed with error -22
[ 1122.255457][ T5761] snd-usb-hiface 5-1:1.0: probe with driver snd-usb-hiface failed with error -22
[ 1122.268156][   T30] audit: type=1800 audit(1778143464.538:220): pid=27844 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.8672" name="file1" dev="loop3" ino=15 res=0 errno=0
[ 1122.347369][ T5351] usb 10-1: Using ep0 maxpacket: 32
[ 1122.362759][ T5351] usb 10-1: config 0 has an invalid interface number: 1 but max is 0
[ 1122.395741][ T5351] usb 10-1: config 0 has no interface number 0
[ 1122.412732][T27073] block nbd3: Receive control failed (result -32)
[ 1122.424372][ T5351] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1122.446921][ T5761] usb 5-1: can't set first interface for hiFace device.
[ 1122.454300][ T5761] snd-usb-hiface 5-1:1.1: probe with driver snd-usb-hiface failed with error -5
[ 1122.470904][ T5761] usb 5-1: can't set first interface for hiFace device.
[ 1122.481511][ T5761] snd-usb-hiface 5-1:1.2: probe with driver snd-usb-hiface failed with error -5
[ 1122.498162][ T5761] usb 5-1: USB disconnect, device number 64
[ 1122.517483][ T5351] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1122.561534][T13815] udevd[13815]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1122.586265][ T5351] usb 10-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00
[ 1122.629916][ T5351] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1122.707937][ T5351] usb 10-1: config 0 descriptor??
[ 1122.848026][T27857] netlink: 'syz.8.8677': attribute type 6 has an invalid length.
[ 1122.876049][T27857] netlink: 104 bytes leftover after parsing attributes in process `syz.8.8677'.
[ 1122.978180][T25529] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1123.372122][ T5351] uclogic 0003:28BD:0094.006C: pen parameters not found
[ 1123.421744][ T5351] uclogic 0003:28BD:0094.006C: interface is invalid, ignoring
[ 1123.493250][ T5351] usb 10-1: USB disconnect, device number 9
[ 1123.817284][T27874] netlink: 8 bytes leftover after parsing attributes in process `syz.7.8686'.
[ 1124.338039][T27892] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8693'.
[ 1125.488322][T27913] loop4: detected capacity change from 0 to 512
[ 1125.603109][T27913] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1125.737655][T27911] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1125.753687][T27911] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1125.958274][ T5628] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1126.154479][T27911] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1126.193642][T27911] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1126.706109][T27916] loop1: detected capacity change from 0 to 32768
[ 1126.740595][T27911] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1126.749528][T27911] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1126.753885][T27916] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[ 1126.830789][T27911] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1126.947553][T27911] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[ 1126.994766][T27911] Bluetooth: hci6: Opcode 0x0406 failed: -4
[ 1127.041539][T27911] Bluetooth: hci6: Opcode 0x0406 failed: -4
[ 1127.187029][T27947] dvmrp1: entered allmulticast mode
[ 1127.674719][T27958] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1127.795855][T27073] Bluetooth: hci2: command 0x0406 tx timeout
[ 1127.833290][   T30] audit: type=1800 audit(1778143470.098:221): pid=27916 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.8704" name="file2" dev="loop1" ino=17059 res=0 errno=0
[ 1128.161536][T27965] sock: sock_set_timeout: `syz.7.8720' (pid 27965) tries to set negative timeout
[ 1128.187966][T27073] Bluetooth: hci4: command 0x0406 tx timeout
[ 1128.380040][T25305] ocfs2: Unmounting device (7,1) on (node local)
[ 1128.604846][T27968] binder: 27967:27968 ioctl 4018620d 0 returned -22
[ 1128.747025][T27073] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1128.996167][T27073] Bluetooth: hci6: command 0x0c1a tx timeout
[ 1129.167325][T27986] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1129.201741][T27986] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1129.208929][T27986] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1129.220371][T27986] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[ 1129.506181][ T5761] usb 2-1: new high-speed USB device number 56 using dummy_hcd
[ 1129.667433][ T5761] usb 2-1: Using ep0 maxpacket: 8
[ 1129.682215][ T5761] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[ 1129.702167][ T5761] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1129.749047][ T5761] pvrusb2: Hardware description: Terratec Grabster AV400
[ 1129.775727][ T5761] pvrusb2: **********
[ 1129.783423][ T5761] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[ 1129.813610][ T5761] pvrusb2: Important functionality might not be entirely working.
[ 1129.833876][ T5761] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[ 1129.863925][ T5761] pvrusb2: **********
[ 1129.957887][ T2357] pvrusb2: Invalid write control endpoint
[ 1130.243598][ T5761] usb 2-1: USB disconnect, device number 56
[ 1130.277399][ T2357] pvrusb2: Invalid write control endpoint
[ 1130.327815][ T2357] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[ 1130.351829][ T2357] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[ 1130.393586][ T2357] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[ 1130.419763][ T2357] pvrusb2: Device being rendered inoperable
[ 1130.426237][ T2357] cx25840 1-0044: Unable to detect h/w, assuming cx23887
[ 1130.443124][ T2357] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[ 1130.504714][ T2357] pvrusb2: Attached sub-driver cx25840
[ 1130.516226][ T2357] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[ 1130.550175][ T2357] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[ 1130.776723][T28027] loop4: detected capacity change from 0 to 1024
[ 1130.854928][T28027] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended.  mounting read-only.
[ 1131.006338][T28031] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1131.070233][T28034] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1131.077564][T28034] IPv6: NLM_F_CREATE should be set when creating new route
[ 1131.084840][T28034] IPv6: NLM_F_CREATE should be set when creating new route
[ 1131.092342][T28034] IPv6: NLM_F_CREATE should be set when creating new route
[ 1131.096600][   T30] audit: type=1326 audit(1778143473.358:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28035 comm="syz.3.8751" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fce39cdd9 code=0x7ffc0000
[ 1131.153758][T28031] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1131.191158][   T30] audit: type=1326 audit(1778143473.358:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28035 comm="syz.3.8751" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fce39cdd9 code=0x7ffc0000
[ 1131.217414][T28031] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1131.217479][T28036] loop3: detected capacity change from 0 to 512
[ 1131.236748][T27073] Bluetooth: hci6: command 0x0c1a tx timeout
[ 1131.243219][T28031] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[ 1131.249311][   T30] audit: type=1326 audit(1778143473.408:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28035 comm="syz.3.8751" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f7fce39cdd9 code=0x7ffc0000
[ 1131.275824][   T30] audit: type=1326 audit(1778143473.408:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28035 comm="syz.3.8751" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f7fce39cb42 code=0x7ffc0000
[ 1131.325658][   T30] audit: type=1326 audit(1778143473.438:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28035 comm="syz.3.8751" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f7fce35d60e code=0x7ffc0000
[ 1131.413847][T28036] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1131.435936][T28036] ext4 filesystem being mounted at /128/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1131.463541][   T30] audit: type=1326 audit(1778143473.478:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28035 comm="syz.3.8751" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f7fce39cc07 code=0x7ffc0000
[ 1131.640876][   T30] audit: type=1326 audit(1778143473.478:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28035 comm="syz.3.8751" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7fce35d60e code=0x7ffc0000
[ 1131.707977][   T30] audit: type=1326 audit(1778143473.488:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28035 comm="syz.3.8751" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7fce39ca6b code=0x7ffc0000
[ 1131.780928][   T30] audit: type=1326 audit(1778143473.598:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28035 comm="syz.3.8751" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f7fce35d60e code=0x7ffc0000
[ 1131.922684][T25529] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1132.561507][T28064] loop4: detected capacity change from 0 to 256
[ 1132.581988][T28062] netlink: 52 bytes leftover after parsing attributes in process `syz.1.8760'.
[ 1132.611284][T28064] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1132.672188][T28066] netlink: 8 bytes leftover after parsing attributes in process `syz.7.8763'.
[ 1132.802901][T28068] loop1: detected capacity change from 0 to 2048
[ 1132.840800][T28068] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1132.934316][   T30] kauditd_printk_skb: 12 callbacks suppressed
[ 1132.934344][   T30] audit: type=1800 audit(1778143475.198:243): pid=28068 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.8764" name=2E02 dev="loop1" ino=1436 res=0 errno=0
[ 1133.075716][T27073] Bluetooth: hci2: command 0x0406 tx timeout
[ 1133.146036][T27073] Bluetooth: hci4: command 0x0406 tx timeout
[ 1133.315834][T27073] Bluetooth: hci6: command 0x0c1a tx timeout
[ 1133.386576][   T30] audit: type=1326 audit(1778143475.648:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28070 comm="syz.1.8767" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f388b79cdd9 code=0x0
[ 1133.502355][T28079] loop7: detected capacity change from 0 to 512
[ 1133.541327][T28079] EXT4-fs (loop7): 1 truncate cleaned up
[ 1133.576428][T26808] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1133.591350][T26808] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1133.605539][T28079] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1133.610959][T26808] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1133.647023][T26808] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1133.658745][T26808] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1134.000611][T10585] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1134.696494][T28107] loop3: detected capacity change from 0 to 4096
[ 1134.716096][T28110] loop4: detected capacity change from 0 to 128
[ 1134.735750][T28107] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1134.769676][T28110] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1134.802146][T28110] ext4 filesystem being mounted at /1521/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1134.814644][T28107] NILFS (loop3): mounting unchecked fs
[ 1134.843349][T28107] NILFS (loop3): recovery required for readonly filesystem
[ 1134.857120][T28107] NILFS (loop3): write access will be enabled during recovery
[ 1135.015415][ T5625] udevd[5625]: incorrect nilfs2 checksum on /dev/loop3
[ 1135.019128][T28107] NILFS (loop3): recovery complete
[ 1135.047605][ T5628] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1135.162879][T28117] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1135.387810][T28121] netlink: 24 bytes leftover after parsing attributes in process `syz.1.8783'.
[ 1135.454444][T28124] netlink: 24 bytes leftover after parsing attributes in process `syz.1.8783'.
[ 1135.795981][T26808] Bluetooth: hci1: command tx timeout
[ 1136.083920][T28128] batman_adv: batadv0: Interface activated: dummy0
[ 1136.305694][T28128] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 1136.370829][T28128] batman_adv: batadv0: Interface activated: ipvlan2
[ 1136.380167][ T5768] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1136.420261][T28128] veth0_to_bond: entered promiscuous mode
[ 1136.446277][T28128] veth0_to_bond: entered allmulticast mode
[ 1136.510964][T28128] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1136.520992][ T5768] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1136.634657][T28135] loop1: detected capacity change from 0 to 32768
[ 1137.337707][ T5789] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1137.441673][  T135] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1137.448951][  T135] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1137.664294][T25471] netdevsim netdevsim7 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1137.693476][T25471] netdevsim netdevsim7 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1137.786683][T25471] netdevsim netdevsim7 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1137.823179][T25471] netdevsim netdevsim7 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1137.860839][T28153] input: syz0 as /devices/virtual/input/input65
[ 1137.876209][T26808] Bluetooth: hci1: command tx timeout
[ 1137.879661][ T5789] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1138.379960][T28167] input: syz1 as /devices/virtual/input/input66
[ 1138.526030][T28169] loop7: detected capacity change from 0 to 512
[ 1138.558554][T28169] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1138.584666][T28169] EXT4-fs (loop7): revision level too high, forcing read-only mode
[ 1138.595935][T28169] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c000e128, mo2=0002]
[ 1138.639617][T28169] EXT4-fs (loop7): orphan cleanup on readonly fs
[ 1138.664098][T28169] Quota error (device loop7): v2_read_header: Failed header read: expected=8 got=0
[ 1138.688240][T28169] EXT4-fs warning (device loop7): ext4_enable_quotas:7265: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1138.848368][T28169] EXT4-fs (loop7): Cannot turn on quotas: error -22
[ 1138.903880][T28169] EXT4-fs error (device loop7): ext4_validate_block_bitmap:440: comm syz.7.8802: bg 0: block 40: padding at end of block bitmap is not set
[ 1138.970292][T28169] loop7: lost filesystem error report for type 5 error -117
[ 1138.975359][T28169] EXT4-fs (loop7): Remounting filesystem read-only
[ 1138.982833][    C1] EXT4-fs (loop7): error count since last fsck: 1
[ 1138.982873][    C1] EXT4-fs (loop7): initial error at time 1778143481: ext4_validate_block_bitmap:440
[ 1138.982920][    C1] EXT4-fs (loop7): last error at time 1778143481: ext4_validate_block_bitmap:440
[ 1139.022983][T28169] EXT4-fs (loop7): 1 truncate cleaned up
[ 1139.096406][T28169] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1139.164129][T28147] loop3: detected capacity change from 0 to 32768
[ 1139.272516][T28169] EXT4-fs (loop7): shut down requested (2)
[ 1139.461788][T28189] ialloc: diAlloc returned -5!
[ 1139.610872][T10585] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1139.635558][T28083] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1139.691843][T28083] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1139.701274][T28083] bridge_slave_0: entered allmulticast mode
[ 1139.729940][T28083] bridge_slave_0: entered promiscuous mode
[ 1139.742312][T28083] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1139.757503][T28083] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1139.771572][T28083] bridge_slave_1: entered allmulticast mode
[ 1139.827795][T28083] bridge_slave_1: entered promiscuous mode
[ 1139.956208][T26808] Bluetooth: hci1: command tx timeout
[ 1140.188829][T28083] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1140.341118][T28205] loop3: detected capacity change from 0 to 4096
[ 1140.825363][T28083] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1141.101839][T28083] team0: Port device team_slave_0 added
[ 1141.138683][T28083] team0: Port device team_slave_1 added
[ 1141.185163][T28214] loop9: detected capacity change from 0 to 1024
[ 1141.209286][T28214] EXT4-fs: Ignoring removed orlov option
[ 1141.273125][T28219] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8821'.
[ 1141.352463][T28214] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1141.431852][T28083] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1141.477631][T28083] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1141.563819][T28083] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1141.568859][T24541] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1141.627171][T28083] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1141.670192][T28083] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1141.782975][T28228] loop3: detected capacity change from 0 to 2048
[ 1141.791221][T28083] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1141.872793][T28228] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1141.983295][T28228] ext4 filesystem being mounted at /140/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1142.026299][T26808] Bluetooth: hci1: command tx timeout
[ 1142.216691][ T5761] usb 2-1: new high-speed USB device number 57 using dummy_hcd
[ 1142.291535][T28242] cgroup: fork rejected by pids controller in /syz9
[ 1142.333508][T28228] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000.
[ 1142.395817][ T5761] usb 2-1: Using ep0 maxpacket: 32
[ 1142.416659][ T5761] usb 2-1: config 0 has an invalid interface number: 51 but max is 0
[ 1142.431001][T28083] hsr_slave_0: entered promiscuous mode
[ 1142.455684][ T5761] usb 2-1: config 0 has no interface number 0
[ 1142.463296][T28083] hsr_slave_1: entered promiscuous mode
[ 1142.480866][T28083] debugfs: 'hsr0' already exists in 'hsr'
[ 1142.490268][T28083] Cannot create hsr debugfs directory
[ 1142.498100][ T5761] usb 2-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1142.524694][ T5761] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1142.529464][T25529] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1142.598518][ T5761] usb 2-1: Product: syz
[ 1142.613577][ T5761] usb 2-1: Manufacturer: syz
[ 1142.634701][ T5761] usb 2-1: SerialNumber: syz
[ 1142.665811][ T5761] usb 2-1: config 0 descriptor??
[ 1142.689762][ T5761] quatech2 2-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1142.984858][ T5761] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[ 1143.044087][ T5761] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[ 1143.398727][    C1] usb 2-1: qt2_read_bulk_callback - non-zero urb status: -71
[ 1143.403294][ T5747] usb 2-1: USB disconnect, device number 57
[ 1143.538573][ T5747] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[ 1143.585315][ T5747] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[ 1143.618510][ T5747] quatech2 2-1:0.51: device disconnected
[ 1143.913680][   T34] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1144.378262][   T34] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1144.413986][T27073] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1144.443597][T27073] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1144.453925][T27073] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1144.467451][ T5789] usb 2-1: new high-speed USB device number 58 using dummy_hcd
[ 1144.475264][T27073] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1144.488401][T27073] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1144.638120][ T5789] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1144.683369][ T5789] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1144.738247][ T5789] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1144.805293][   T34] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1144.820322][ T5789] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[ 1144.869958][ T5789] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[ 1144.892210][ T5789] usb 2-1: Product: syz
[ 1144.913794][ T5789] usb 2-1: Manufacturer: syz
[ 1144.950790][ T5789] usb 2-1: SerialNumber: syz
[ 1145.235105][ T5789] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 58 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[ 1145.248721][T28083] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1145.517535][ T5351] usb 2-1: USB disconnect, device number 58
[ 1145.532962][ T5351] usblp0: removed
[ 1145.663242][   T34] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1145.738616][T28287] block nbd4: not configured, cannot reconfigure
[ 1145.933546][T28083] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1145.984702][T28289] netlink: 60 bytes leftover after parsing attributes in process `syz.3.8848'.
[ 1146.445887][T28301] loop1: detected capacity change from 0 to 128
[ 1146.473147][T28083] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1146.493839][T28301] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1146.584340][T28301] ext4 filesystem being mounted at /153/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1146.595773][T26808] Bluetooth: hci3: command tx timeout
[ 1146.913365][T25305] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1147.491063][ T1169] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1147.513338][ T1169] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1147.827035][T28083] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1147.943297][ T1169] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1148.005815][ T1169] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1148.665711][T26808] Bluetooth: hci3: command tx timeout
[ 1148.918028][   T34] bridge_slave_1: left promiscuous mode
[ 1148.940243][   T34] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1149.028305][   T34] bridge_slave_0: left allmulticast mode
[ 1149.057223][   T34] bridge_slave_0: left promiscuous mode
[ 1149.083432][   T34] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1149.096196][T28338] loop7: detected capacity change from 0 to 4096
[ 1149.124831][T28338] ntfs3(loop7): Different NTFS sector size (1024) and media sector size (512).
[ 1149.184735][   T34] dvmrp1: left allmulticast mode
[ 1149.447823][T28351] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8872'.
[ 1150.750336][T26808] Bluetooth: hci3: command tx timeout
[ 1151.149226][   T34] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1151.204763][   T34] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1151.222145][   T34] bond0 (unregistering): Released all slaves
[ 1151.323260][ T5280] 8021q: adding VLAN 0 to HW filter on device eth1
[ 1151.409749][T28366] loop4: detected capacity change from 0 to 32768
[ 1151.527203][T28366] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[ 1151.700715][T28385] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8879'.
[ 1151.836744][T28385] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8879'.
[ 1152.316135][   T34] tipc: Disabling bearer <udp:syz2>
[ 1152.323546][   T34] tipc: Left network mode
[ 1152.483833][T28387] netlink: 'syz.7.8881': attribute type 12 has an invalid length.
[ 1152.525278][   T30] audit: type=1800 audit(1778143494.778:245): pid=28366 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.8874" name="file2" dev="loop4" ino=17059 res=0 errno=0
[ 1152.698901][T28382] loop3: detected capacity change from 0 to 131072
[ 1152.757080][T28382] F2FS-fs (loop3): Invalid log sectorsize (67108873)
[ 1152.764797][T28382] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 1152.774379][T28382] F2FS-fs (loop3): invalid crc value
[ 1152.827310][T26808] Bluetooth: hci3: command tx timeout
[ 1152.870296][T28382] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[ 1152.905200][T28382] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[ 1152.912874][T28382] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[ 1152.944745][T28382] fscrypt (loop3, inode 8): Error -61 getting encryption context
[ 1152.987520][T28391] batman_adv: batadv0: Adding interface: macsec1
[ 1153.010805][T28391] batman_adv: batadv0: The MTU of interface macsec1 is too small (1468) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1153.046292][ T5628] ocfs2: Unmounting device (7,4) on (node local)
[ 1153.060404][T28391] batman_adv: batadv0: Interface activated: macsec1
[ 1154.165499][T28083] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1154.242451][T28083] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 1154.539246][T28083] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1154.617766][T28083] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 1154.652911][T28083] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1154.715438][T28083] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 1154.893691][T28083] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1154.964544][T28083] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 1155.183989][   T34] hsr_slave_0: left promiscuous mode
[ 1155.217839][   T34] hsr_slave_1: left promiscuous mode
[ 1155.236582][   T34] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1155.273784][   T34] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1155.312251][   T34] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1155.341948][   T34] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1155.414760][   T34] veth1_macvtap: left promiscuous mode
[ 1155.426443][   T34] veth0_macvtap: left promiscuous mode
[ 1155.437651][   T34] veth1_vlan: left promiscuous mode
[ 1155.450293][   T34] veth0_vlan: left promiscuous mode
[ 1156.289842][T28455] loop3: detected capacity change from 0 to 512
[ 1156.372207][T28455] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1156.439535][T28455] ext4 filesystem being mounted at /152/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1156.498530][T28460] skbuff: bad partial csum: csum=65535/2 headroom=4 headlen=65543
[ 1156.590352][   T30] audit: type=1800 audit(1778143498.848:246): pid=28455 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.8899" name="file1" dev="loop3" ino=15 res=0 errno=0
[ 1156.733998][   T34] team0 (unregistering): Port device team_slave_1 removed
[ 1156.850938][T25529] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1156.857157][   T34] team0 (unregistering): Port device team_slave_0 removed
[ 1157.899139][ T5280] 8021q: adding VLAN 0 to HW filter on device eth2
[ 1157.969932][T28482] IPVS: sync thread started: state = BACKUP, mcast_ifn = geneve0, syncid = 1, id = 0
[ 1158.576852][T28491] input: syz1 as /devices/virtual/input/input68
[ 1159.481754][T28268] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1159.529229][T28268] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1159.554490][T28268] bridge_slave_0: entered allmulticast mode
[ 1159.591250][T28268] bridge_slave_0: entered promiscuous mode
[ 1159.601370][T28516] loop1: detected capacity change from 0 to 512
[ 1159.656836][T28083] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1159.671290][T28516] EXT4-fs error (device loop1): ext4_orphan_get:1397: inode #15: comm syz.1.8917: inode has both inline data and extents flags
[ 1159.706171][T28268] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1159.746609][T28268] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1159.824467][T28516] loop1: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[ 1159.825633][    C1] EXT4-fs (loop1): error count since last fsck: 1
[ 1159.841333][    C1] EXT4-fs (loop1): initial error at time 1778143502: ext4_orphan_get:1397: inode 15
[ 1159.851003][    C1] EXT4-fs (loop1): last error at time 1778143502: ext4_orphan_get:1397: inode 15
[ 1159.874936][T28268] bridge_slave_1: entered allmulticast mode
[ 1159.878796][T28516] EXT4-fs error (device loop1): ext4_orphan_get:1400: comm syz.1.8917: couldn't read orphan inode 15 (err -117)
[ 1159.902310][T28268] bridge_slave_1: entered promiscuous mode
[ 1159.946214][T28516] loop1: lost filesystem error report for type 5 error -117
[ 1159.959200][T28516] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1160.092911][T28083] 8021q: adding VLAN 0 to HW filter on device team0
[ 1160.205788][T28268] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1160.274647][T28268] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1160.384743][   T57] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1160.392041][   T57] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1160.442785][   T57] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1160.450167][   T57] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1160.555809][T28268] team0: Port device team_slave_0 added
[ 1160.576514][ T5280] 8021q: adding VLAN 0 to HW filter on device eth3
[ 1160.753348][T28268] team0: Port device team_slave_1 added
[ 1160.768517][T25305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1160.788288][T28534] loop4: detected capacity change from 0 to 4096
[ 1160.826773][T28534] ntfs3(loop4): Different NTFS sector size (1024) and media sector size (512).
[ 1161.012809][T28268] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1161.038798][T28268] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1161.125742][T28268] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1161.155495][T28268] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1161.189257][T28268] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1161.204702][T28539] loop3: detected capacity change from 0 to 512
[ 1161.234320][T28268] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1161.327912][T28539] EXT4-fs error (device loop3): ext4_expand_extra_isize_ea:2810: inode #11: comm syz.3.8924: corrupted xattr block 95: invalid header
[ 1161.425902][T28539] loop3: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[ 1161.427207][T28539] EXT4-fs error (device loop3): ext4_validate_block_bitmap:431: comm syz.3.8924: bg 0: block 7: invalid block bitmap
[ 1161.438261][    C0] EXT4-fs (loop3): error count since last fsck: 1
[ 1161.438309][    C0] EXT4-fs (loop3): initial error at time 1778143503: ext4_expand_extra_isize_ea:2810: inode 11
[ 1161.438367][    C0] EXT4-fs (loop3): last error at time 1778143503: ext4_expand_extra_isize_ea:2810: inode 11
[ 1161.484949][T28539] loop3: lost filesystem error report for type 5 error -117
[ 1161.505264][T28539] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6679: Corrupt filesystem
[ 1161.535741][T28539] loop3: lost filesystem error report for type 5 error -117
[ 1161.536398][T28539] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2972: inode #11: comm syz.3.8924: corrupted xattr block 95: invalid header
[ 1161.638708][T28539] loop3: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[ 1161.640315][T28539] EXT4-fs warning (device loop3): ext4_evict_inode:287: xattr delete (err -117)
[ 1161.666649][T28539] EXT4-fs (loop3): 1 orphan inode deleted
[ 1161.705467][T28539] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1161.889112][T28268] hsr_slave_0: entered promiscuous mode
[ 1161.908335][T28268] hsr_slave_1: entered promiscuous mode
[ 1161.932043][T28268] debugfs: 'hsr0' already exists in 'hsr'
[ 1161.941579][T28268] Cannot create hsr debugfs directory
[ 1162.051774][T25529] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1163.214700][T28578] program syz.4.8932 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1163.557947][T28581] dummy0: entered promiscuous mode
[ 1163.644466][T28581] dummy0: left promiscuous mode
[ 1164.453455][T28601] binder: 28599:28601 ioctl c0306201 2000000003c0 returned -22
[ 1165.129729][T28614] loop4: detected capacity change from 0 to 256
[ 1165.162470][T28614] exfat: Deprecated parameter 'utf8'
[ 1165.185722][T28614] exfat: Deprecated parameter 'namecase'
[ 1165.203024][T28614] exfat: Deprecated parameter 'namecase'
[ 1165.243735][T28614] exFAT-fs (loop4): failed to load upcase table (idx : 0x0001fe89, chksum : 0xc232f927, utbl_chksum : 0xe619d30d)
[ 1165.565808][T28607] orangefs_mount: mount request failed with -4
[ 1165.776687][T28083] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1166.591610][T28618] loop7: detected capacity change from 0 to 32768
[ 1166.672250][T28618] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode.
[ 1167.207863][T28268] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1167.317337][T28268] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 1167.350270][T28268] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1167.499433][T28268] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 1167.538345][T28268] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1167.634785][T28268] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 1167.685068][T28268] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1167.746747][   T30] audit: type=1800 audit(1778143510.018:247): pid=28618 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.8947" name="file2" dev="loop7" ino=17059 res=0 errno=0
[ 1167.751815][T28268] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 1168.219769][T28083] veth0_vlan: entered promiscuous mode
[ 1168.240138][T10585] ocfs2: Unmounting device (7,7) on (node local)
[ 1168.371476][T28083] veth1_vlan: entered promiscuous mode
[ 1168.574029][T28268] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1168.718211][T28083] veth0_macvtap: entered promiscuous mode
[ 1168.778938][T28268] 8021q: adding VLAN 0 to HW filter on device team0
[ 1168.822478][T28083] veth1_macvtap: entered promiscuous mode
[ 1168.903994][  T135] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1168.911411][  T135] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1169.007983][  T135] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1169.015265][  T135] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1169.183586][T28083] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1169.277667][T28083] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1169.413920][  T135] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1169.432022][  T135] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1169.467496][  T135] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1169.494305][T28665] loop4: detected capacity change from 0 to 32768
[ 1169.511998][  T135] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1169.568344][T28665] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1169.824516][T28665] XFS (loop4): Ending clean mount
[ 1170.109091][T20373] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[ 1170.217981][ T1169] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1170.266431][ T1169] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1170.305801][T20373] usb 4-1: Using ep0 maxpacket: 16
[ 1170.366413][T20373] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[ 1170.414806][T20373] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1170.448385][T20373] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1170.483210][T20373] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1170.556515][ T9950] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1170.562526][T20373] usb 4-1: Product: syz
[ 1170.571175][T20373] usb 4-1: Manufacturer: syz
[ 1170.576528][T20373] usb 4-1: SerialNumber: syz
[ 1170.611662][T20373] usb 4-1: config 0 descriptor??
[ 1170.629812][ T9950] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1170.638162][ T5628] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1170.697351][T20373] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 1170.724338][T20373] em28xx 4-1:0.0: Audio interface 0 found (Vendor Class)
[ 1171.317013][T20373] em28xx 4-1:0.0: chip ID is em2874
[ 1171.551875][T20374] usb 4-1: USB disconnect, device number 12
[ 1171.613505][T20374] em28xx 4-1:0.0: Disconnecting em28xx
[ 1171.966629][T28735] loop4: detected capacity change from 0 to 512
[ 1172.003832][T28735] EXT4-fs: inline encryption not supported
[ 1172.030540][T20374] em28xx 4-1:0.0: Freeing device
[ 1172.063337][T28735] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1172.141166][T28735] EXT4-fs (loop4): orphan cleanup on readonly fs
[ 1172.158241][T28268] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1172.179828][T28735] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.8967: inode #15: comm syz.4.8967: iget: illegal inode #
[ 1172.210101][T28735] loop4: lost filesystem error report for type 5 error -117
[ 1172.212863][T28735] EXT4-fs error (device loop4): ext4_orphan_get:1400: comm syz.4.8967: couldn't read orphan inode 15 (err -117)
[ 1172.220311][    C0] EXT4-fs (loop4): error count since last fsck: 1
[ 1172.220348][    C0] EXT4-fs (loop4): initial error at time 1778143514: ext4_orphan_get:1397
[ 1172.220430][    C0] EXT4-fs (loop4): last error at time 1778143514: ext4_orphan_get:1397
[ 1172.346334][T28735] loop4: lost filesystem error report for type 5 error -117
[ 1172.356531][T28735] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[ 1172.570682][T28735] EXT4-fs (loop4): shut down requested (2)
[ 1172.906332][T28709] kernel read not supported for file /dsp1 (pid: 28709 comm: kworker/1:6)
[ 1172.953840][ T5628] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1173.698944][T28268] veth0_vlan: entered promiscuous mode
[ 1173.753846][T28268] veth1_vlan: entered promiscuous mode
[ 1173.994396][T28268] veth0_macvtap: entered promiscuous mode
[ 1174.042874][T28268] veth1_macvtap: entered promiscuous mode
[ 1174.178425][T28268] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1174.258780][T28268] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1174.347178][  T135] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1174.395462][  T135] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1174.461183][  T135] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1174.480536][  T135] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1175.260382][ T9950] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1175.302860][ T9950] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1175.601924][ T9950] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1175.655345][ T9950] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1176.394401][T28794] loop8: detected capacity change from 0 to 32768
[ 1176.738869][T28794] read_mapping_page failed!
[ 1176.763827][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[ 1176.776833][T28794] ERROR: (device loop8): txAbort: 
[ 1176.776833][T28794] 
[ 1176.931939][T28836] jfs_unlink: dtDelete returned -116
[ 1176.971614][T28836] jfs_unlink: dtDelete returned -116
[ 1177.070447][T28851] random: crng reseeded on system resumption
[ 1177.251257][T28857] loop3: detected capacity change from 0 to 512
[ 1177.413326][T28857] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1177.441201][T28857] ext4 filesystem being mounted at /179/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1178.018725][T25529] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1178.342611][T28874] tmpfs: Too few inodes for current use
[ 1179.293454][T28892] loop1: detected capacity change from 0 to 64
[ 1179.451443][T28892] BFS-fs: bfs_readdir(): Bad f_pos=0000031c for loop1:00000002
[ 1181.130113][T28932] netlink: 4 bytes leftover after parsing attributes in process `syz.7.9030'.
[ 1181.272098][T28903] loop1: detected capacity change from 0 to 32768
[ 1181.373864][T28903] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[ 1181.922571][T28923] loop8: detected capacity change from 0 to 32768
[ 1182.040883][T28923] XFS (loop8): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[ 1182.170333][T28923] XFS (loop8): Ending clean mount
[ 1182.294598][T25305] ocfs2: Unmounting device (7,1) on (node local)
[ 1182.584835][T28083] XFS (loop8): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[ 1182.875837][ T5768] usb 5-1: new high-speed USB device number 65 using dummy_hcd
[ 1183.066026][ T5768] usb 5-1: Using ep0 maxpacket: 16
[ 1183.078056][ T5768] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[ 1183.143439][ T5768] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1183.194267][ T5768] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1183.219255][ T5768] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1183.236838][T20374] usb 10-1: new high-speed USB device number 10 using dummy_hcd
[ 1183.265162][ T5768] usb 5-1: Product: syz
[ 1183.269463][ T5768] usb 5-1: Manufacturer: syz
[ 1183.278444][ T5768] usb 5-1: SerialNumber: syz
[ 1183.365367][ T5768] usb 5-1: config 0 descriptor??
[ 1183.378413][ T5768] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 1183.386842][  T800] usb 2-1: new high-speed USB device number 59 using dummy_hcd
[ 1183.406672][T20374] usb 10-1: Using ep0 maxpacket: 16
[ 1183.414809][T20374] usb 10-1: config 0 has an invalid interface number: 1 but max is 0
[ 1183.426352][T20374] usb 10-1: config 0 has no interface number 0
[ 1183.435861][ T5768] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class)
[ 1183.453285][T20374] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1183.520928][T20374] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1183.571359][  T800] usb 2-1: Using ep0 maxpacket: 16
[ 1183.581763][T20374] usb 10-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[ 1183.613867][  T800] usb 2-1: config 0 interface 0 altsetting 64 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1183.635631][T20374] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1183.643739][  T800] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1183.663129][  T800] usb 2-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[ 1183.722731][  T800] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1183.760727][  T800] usb 2-1: config 0 descriptor??
[ 1183.762194][T20374] usb 10-1: config 0 descriptor??
[ 1184.009008][ T5768] em28xx 5-1:0.0: chip ID is em2874
[ 1184.226158][  T800] mcp2221 0003:04D8:00DD.006D: USB HID v0.01 Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0
[ 1184.291070][T28965] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9043'.
[ 1184.294691][T28709] usb 5-1: USB disconnect, device number 65
[ 1184.356078][T28709] em28xx 5-1:0.0: Disconnecting em28xx
[ 1184.401298][T28709] em28xx 5-1:0.0: Freeing device
[ 1184.462605][T20374] uclogic 0003:28BD:0071.006E: pen parameters not found
[ 1184.507658][T20374] uclogic 0003:28BD:0071.006E: interface is invalid, ignoring
[ 1184.561292][T20374] usb 10-1: USB disconnect, device number 10
[ 1184.648512][  T800] usb 2-1: USB disconnect, device number 59
[ 1184.819734][T27073] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1184.842159][T27073] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1184.869992][T27073] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1184.886795][T27073] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1184.916270][T27073] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1186.214751][T29008] netlink: 8 bytes leftover after parsing attributes in process `syz.8.9058'.
[ 1186.903871][T29025] block nbd5: Unsupported socket: should be TCP or UNIX.
[ 1186.993452][T26808] Bluetooth: hci4: command tx timeout
[ 1187.762273][   T30] audit: type=1326 audit(1778143530.028:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29042 comm="syz.8.9073" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0958b9cdd9 code=0x0
[ 1188.209429][T29019] loop3: detected capacity change from 0 to 40427
[ 1188.254941][T29019] F2FS-fs (loop3): build fault injection rate: 173
[ 1188.281626][T29019] F2FS-fs (loop3): invalid crc value
[ 1188.300334][T29019] F2FS-fs (loop3): Wrong cp_pack_start_sum: 1
[ 1188.333442][T29019] F2FS-fs (loop3): Failed to get valid F2FS checkpoint
[ 1188.650729][T29061] random: crng reseeded on system resumption
[ 1188.982299][T29067] loop8: detected capacity change from 0 to 8
[ 1189.065759][T26808] Bluetooth: hci4: command tx timeout
[ 1189.407402][T28969] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1189.440420][T28969] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1189.489627][T28969] bridge_slave_0: entered allmulticast mode
[ 1189.512464][T28969] bridge_slave_0: entered promiscuous mode
[ 1189.574978][T28969] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1189.596686][T28969] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1189.612757][T28969] bridge_slave_1: entered allmulticast mode
[ 1189.635293][T28969] bridge_slave_1: entered promiscuous mode
[ 1190.006552][T28969] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1190.051142][T28969] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1190.165829][  T985] usb 2-1: new high-speed USB device number 60 using dummy_hcd
[ 1190.222323][T28969] team0: Port device team_slave_0 added
[ 1190.303804][T28969] team0: Port device team_slave_1 added
[ 1190.335764][  T985] usb 2-1: Using ep0 maxpacket: 8
[ 1190.358177][  T985] usb 2-1: too many endpoints for config 0 interface 0 altsetting 255: 137, using maximum allowed: 30
[ 1190.398753][  T985] usb 2-1: config 0 interface 0 altsetting 255 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1190.423984][  T985] usb 2-1: config 0 interface 0 altsetting 255 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1190.461735][T28969] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1190.461750][  T985] usb 2-1: config 0 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 137
[ 1190.508262][T28969] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1190.515774][  T985] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1190.569481][T29074] loop9: detected capacity change from 0 to 32768
[ 1190.590019][  T985] usb 2-1: New USB device found, idVendor=0079, idProduct=0011, bcdDevice= 0.00
[ 1190.613031][  T985] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1190.643128][T28969] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1190.684287][T29074] ocfs2: Mounting device (7,9) on (node local, slot 0) with ordered data mode.
[ 1190.694602][T28969] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1190.697153][  T985] usb 2-1: config 0 descriptor??
[ 1190.703643][T28969] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1190.735944][T28969] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1190.840625][T28969] hsr_slave_0: entered promiscuous mode
[ 1190.861542][T28969] hsr_slave_1: entered promiscuous mode
[ 1190.887673][T28969] debugfs: 'hsr0' already exists in 'hsr'
[ 1190.908925][T28969] Cannot create hsr debugfs directory
[ 1191.146006][T26808] Bluetooth: hci4: command tx timeout
[ 1191.223626][  T985] dragonrise 0003:0079:0011.006F: unknown main item tag 0x0
[ 1191.267167][T29100] loop3: detected capacity change from 0 to 512
[ 1191.275564][  T985] dragonrise 0003:0079:0011.006F: unknown main item tag 0x0
[ 1191.313442][  T985] dragonrise 0003:0079:0011.006F: unknown main item tag 0x0
[ 1191.347518][T29100] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[ 1191.360324][  T985] dragonrise 0003:0079:0011.006F: unknown main item tag 0x0
[ 1191.412701][  T985] dragonrise 0003:0079:0011.006F: unknown main item tag 0x0
[ 1191.466793][  T985] dragonrise 0003:0079:0011.006F: unknown main item tag 0x0
[ 1191.526832][  T985] dragonrise 0003:0079:0011.006F: unknown main item tag 0x6
[ 1191.583296][  T985] dragonrise 0003:0079:0011.006F: item fetching failed at offset 14/44
[ 1191.679425][  T985] dragonrise 0003:0079:0011.006F: parse failed
[ 1191.692834][  T985] dragonrise 0003:0079:0011.006F: probe with driver dragonrise failed with error -22
[ 1191.711263][T29100] EXT4-fs (loop3): Couldn't remount RDWR because of unprocessed orphan inode list.  Please umount/remount instead
[ 1191.794660][T28268] ocfs2: Unmounting device (7,9) on (node local)
[ 1191.947535][  T985] usb 2-1: USB disconnect, device number 60
[ 1192.131717][T25529] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1192.435517][T29094] loop4: detected capacity change from 0 to 32768
[ 1192.548586][T29094] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[ 1192.894020][T29121] random: crng reseeded on system resumption
[ 1192.940526][T29119] macvtap1: entered allmulticast mode
[ 1192.972585][T29119] dummy0: entered allmulticast mode
[ 1193.032129][T29119] dummy0: entered promiscuous mode
[ 1193.122867][T29119] dummy0: left allmulticast mode
[ 1193.226082][T26808] Bluetooth: hci4: command tx timeout
[ 1193.474632][ T5628] ocfs2: Unmounting device (7,4) on (node local)
[ 1193.487418][T20374] dummy0: left promiscuous mode
[ 1193.793796][T29133] input: syz0 as /devices/virtual/input/input69
[ 1194.545680][T29149] loop8: detected capacity change from 0 to 256
[ 1194.653501][T29149] FAT-fs (loop8): Directory bread(block 64) failed
[ 1194.693352][T29149] FAT-fs (loop8): Directory bread(block 65) failed
[ 1194.722812][T29149] FAT-fs (loop8): Directory bread(block 66) failed
[ 1194.748144][T29149] FAT-fs (loop8): Directory bread(block 67) failed
[ 1194.793584][T29149] FAT-fs (loop8): Directory bread(block 68) failed
[ 1194.810622][T29149] FAT-fs (loop8): Directory bread(block 69) failed
[ 1194.823947][T29149] FAT-fs (loop8): Directory bread(block 70) failed
[ 1194.832954][T29126] loop9: detected capacity change from 0 to 32768
[ 1194.839660][T29149] FAT-fs (loop8): Directory bread(block 71) failed
[ 1194.856440][T29149] FAT-fs (loop8): Directory bread(block 72) failed
[ 1194.903755][T29149] FAT-fs (loop8): Directory bread(block 73) failed
[ 1194.906616][T29126] XFS (loop9): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1195.086052][T29157] loop3: detected capacity change from 0 to 2048
[ 1195.135500][T29141] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1195.142818][T29141] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1195.144742][T29126] XFS (loop9): Ending clean mount
[ 1195.150570][T29141] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1195.162880][T29141] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1195.245318][T29157] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1195.258381][T29126] XFS (loop9): Metadata CRC error detected at xfs_inobt_read_verify+0x26/0xe0, xfs_finobt block 0x10 
[ 1195.317768][T29126] XFS (loop9): Unmount and run xfs_repair
[ 1195.358989][T29126] XFS (loop9): First 128 bytes of corrupted metadata buffer:
[ 1195.403074][T29126] 00000000: 46 49 42 33 00 00 00 01 ff ff ff ff ff ff ff ff  FIB3............
[ 1195.458377][T29126] 00000010: 00 00 00 00 00 00 00 10 00 00 00 01 00 00 00 10  ................
[ 1195.506030][T29126] 00000020: d7 dc 42 4e 79 90 42 cb 9f 91 9c b7 20 0a 10 1d  ..BNy.B..... ...
[ 1195.543847][T29126] 00000030: 00 00 00 00 0f 8d d2 a2 00 00 18 00 00 00 40 37  ..............@7
[ 1195.581175][T29126] 00000040: ff ff ff ff ff ff fe 00 00 00 00 00 00 00 00 00  ................
[ 1195.614158][T29126] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[ 1195.639975][T29126] 00000060: 00 00 00 00 00 f0 00 00 00 00 00 00 00 00 00 00  ................
[ 1195.657395][T29126] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[ 1195.678320][T29126] XFS (loop9): metadata I/O error in "xfs_btree_read_buf_block+0x24e/0x520" at daddr 0x10 len 4 error 74
[ 1195.697426][T29141] batman_adv: batadv0: Interface activated: ipvlan3
[ 1195.710082][T29126] loop9: lost filesystem error report for type 5 error -117
[ 1195.712439][T29126] XFS (loop9): Failed to initialize disk quotas, err -117.
[ 1195.732226][T29141] 8021q: adding VLAN 0 to HW filter on device eth0
[ 1195.761688][T29141] 8021q: adding VLAN 0 to HW filter on device eth1
[ 1195.800157][T29141] 8021q: adding VLAN 0 to HW filter on device eth2
[ 1195.829310][T29141] 8021q: adding VLAN 0 to HW filter on device eth3
[ 1195.866486][T29141] A link change request failed with some changes committed already. Interface pimreg may have been left with an inconsistent configuration, please check.
[ 1195.906240][T29126] XFS (loop9): User initiated shutdown received.
[ 1195.936105][T29126] XFS (loop9): Metadata I/O Error (0x4) detected at xfs_fs_goingdown+0x16b/0x1a0 (fs/xfs/xfs_fsops.c:462).  Shutting down filesystem.
[ 1195.987312][T29126] XFS (loop9): Please unmount the filesystem and rectify the problem(s)
[ 1196.070595][T28268] XFS (loop9): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1196.185468][T29145] A link change request failed with some changes committed already. Interface pimreg may have been left with an inconsistent configuration, please check.
[ 1196.668769][T29165] loop1: detected capacity change from 0 to 32768
[ 1197.081620][T29165] XFS (loop1): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[ 1197.104318][  T135] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1197.136829][  T135] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1197.190340][T29190] netlink: 4 bytes leftover after parsing attributes in process `syz.8.9119'.
[ 1197.206944][ T7792] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[ 1197.221085][  T135] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1197.246882][T29165] XFS (loop1): Ending clean mount
[ 1197.267350][  T800] IPVS: starting estimator thread 0...
[ 1197.274696][  T135] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1197.359215][T29193] IPVS: using max 21 ests per chain, 50400 per kthread
[ 1197.769532][T25305] XFS (loop1): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[ 1197.778978][T29200] loop3: detected capacity change from 0 to 128
[ 1198.270134][T29207] loop8: detected capacity change from 0 to 128
[ 1198.313737][T29207] EXT4-fs (loop8): Test dummy encryption mode enabled
[ 1198.374247][T29207] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a806c018, mo2=0042]
[ 1198.461607][T29207] System zones: 1-3, 19-19, 35-36
[ 1198.533848][T29207] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[ 1198.548496][T29207] ext4 filesystem being mounted at /33/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1198.598706][T29184] loop9: detected capacity change from 0 to 32768
[ 1198.878554][T28083] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1198.934066][T29184] ocfs2: Slot 0 on device (7,9) was already allocated to this node!
[ 1198.959803][T29184] JBD2: Ignoring recovery information on journal
[ 1199.027473][T29184] ocfs2: Mounting device (7,9) on (node local, slot 0) with ordered data mode.
[ 1199.431158][  T985] kernel write not supported for file /input/event2 (pid: 985 comm: kworker/1:2)
[ 1199.556522][T28709] usb 5-1: new high-speed USB device number 66 using dummy_hcd
[ 1199.721005][T28709] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1199.766579][T28709] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[ 1199.839453][T28709] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1199.879927][T28709] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1199.885377][T28969] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1199.933978][T28709] usb 5-1: config 0 descriptor??
[ 1199.963251][T28969] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 1199.971089][T28709] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[ 1200.003013][T28969] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1200.069379][T28969] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 1200.105370][T28969] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1200.153930][T28969] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 1200.191951][T28969] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1200.234895][T28969] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 1200.291950][T29246] netlink: 8 bytes leftover after parsing attributes in process `syz.8.9135'.
[ 1200.293122][  T985] usb 5-1: USB disconnect, device number 66
[ 1200.467548][T28268] ocfs2: Unmounting device (7,9) on (node local)
[ 1200.823889][T28969] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1200.989323][T28969] 8021q: adding VLAN 0 to HW filter on device team0
[ 1201.080704][   T57] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1201.087979][   T57] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1201.196794][   T34] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1201.204036][   T34] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1201.546355][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[ 1201.666267][T29281] loop8: detected capacity change from 0 to 512
[ 1201.700577][T29281] EXT4-fs: Ignoring removed i_version option
[ 1201.776005][T29281] EXT4-fs: Ignoring removed oldalloc option
[ 1201.839855][T29281] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1202.297022][T28083] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1202.732803][T29304] Set syz1 is full, maxelem 2 reached
[ 1202.987791][T29310] netlink: 28 bytes leftover after parsing attributes in process `syz.8.9153'.
[ 1203.032771][T29310] netlink: 32 bytes leftover after parsing attributes in process `syz.8.9153'.
[ 1203.094203][T29310] netlink: 28 bytes leftover after parsing attributes in process `syz.8.9153'.
[ 1203.137688][T29310] netlink: 32 bytes leftover after parsing attributes in process `syz.8.9153'.
[ 1203.581095][T29327] netlink: 16 bytes leftover after parsing attributes in process `syz.8.9157'.
[ 1203.623184][T29327] netlink: 16 bytes leftover after parsing attributes in process `syz.8.9157'.
[ 1203.816517][T28969] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1204.092929][T28969] veth0_vlan: entered promiscuous mode
[ 1204.136274][T28969] veth1_vlan: entered promiscuous mode
[ 1204.267170][T26808] Bluetooth: hci5: Opcode 0x1003 failed: -110
[ 1204.306017][T28969] veth0_macvtap: entered promiscuous mode
[ 1204.319750][T28969] veth1_macvtap: entered promiscuous mode
[ 1204.447767][T28969] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1204.508213][T28969] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1204.529668][T29348] random: crng reseeded on system resumption
[ 1204.629574][T25471] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1204.675550][T25471] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1204.714631][T25471] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1205.019259][T25471] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1205.627672][ T9947] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1205.672856][ T9947] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1205.858684][ T9950] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1205.904023][ T9950] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1206.103278][T29370] loop9: detected capacity change from 0 to 128
[ 1206.753863][T29381] loop0: detected capacity change from 0 to 4096
[ 1206.950596][T29395] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1207.633758][T29407] loop3: detected capacity change from 0 to 256
[ 1207.743418][T29407] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1207.898669][T29407] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1208.168639][T29419] loop9: detected capacity change from 0 to 256
[ 1208.203885][T29419] exfat: Deprecated parameter 'utf8'
[ 1208.222783][T29419] exfat: Deprecated parameter 'utf8'
[ 1208.256903][T29419] exfat: Deprecated parameter 'utf8'
[ 1208.353825][T29419] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[ 1208.889752][T29439] loop9: detected capacity change from 0 to 16
[ 1209.110948][T29442] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9191'.
[ 1209.146889][T29436] loop4: detected capacity change from 0 to 8192
[ 1209.192985][T29444] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9192'.
[ 1209.706395][T27073] Bluetooth: hci5: command 0xfc11 tx timeout
[ 1209.707426][T26808] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[ 1210.370314][T29468] loop8: detected capacity change from 0 to 128
[ 1210.383068][T29462] loop1: detected capacity change from 0 to 4096
[ 1210.536659][T29472] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1210.666452][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[ 1210.781904][T29477] loop9: detected capacity change from 0 to 2048
[ 1210.876222][T29477] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1211.160737][T29483] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9204'.
[ 1211.506545][ T5761] usb 9-1: new high-speed USB device number 14 using dummy_hcd
[ 1211.727332][ T5761] usb 9-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 1211.735070][T29503] loop1: detected capacity change from 0 to 128
[ 1211.748493][ T5761] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1211.788267][T29503] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[ 1211.811182][ T5761] usb 9-1: config 0 descriptor??
[ 1211.859682][T29503] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1212.065326][ T5761] udl 9-1:0.0: [drm] Unrecognized vendor firmware descriptor
[ 1212.842872][T29528] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9219'.
[ 1213.032147][T29524] netlink: 8 bytes leftover after parsing attributes in process `syz.9.9218'.
[ 1213.060986][T29524] netlink: 4 bytes leftover after parsing attributes in process `syz.9.9218'.
[ 1213.070203][ T5761] [drm] Initialized udl 0.0.1 for 9-1:0.0 on minor 2
[ 1213.102834][ T5761] [drm] Initialized udl on minor 2
[ 1213.214855][ T5761] udl 9-1:0.0: [drm] *ERROR* Read EDID byte 0 failed
[ 1213.389229][ T5761] udl 9-1:0.0: [drm] Cannot find any crtc or sizes
[ 1213.532818][ T5761] usb 9-1: USB disconnect, device number 14
[ 1213.728721][ T5768] udl 9-1:0.0: [drm] Cannot find any crtc or sizes
[ 1213.908905][T29548] nfs: Deprecated parameter 'nointr'
[ 1213.948769][T29548] nfs: Unknown parameter 'fscontext'
[ 1214.439772][T29561] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1214.453880][T29561] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1215.026229][T29572] block nbd5: server does not support multiple connections per device.
[ 1215.130518][T29572] block nbd5: shutting down sockets
[ 1215.709735][T29538] loop9: detected capacity change from 0 to 32768
[ 1215.789170][T29538] XFS (loop9): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1215.837515][T29603] loop4: detected capacity change from 0 to 1024
[ 1215.845362][T29603] EXT4-fs: inline encryption not supported
[ 1215.907191][T29603] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1216.029315][T29594] loop0: detected capacity change from 0 to 4096
[ 1216.060011][ T5628] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1216.207998][T29594] NILFS (loop0): invalid segment: Checksum error in segment payload
[ 1216.241767][T29594] NILFS (loop0): trying rollback from an earlier position
[ 1216.270238][T29538] XFS (loop9): Ending clean mount
[ 1216.379238][T29594] NILFS (loop0): recovery complete
[ 1216.412515][T29619] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1216.670832][T28268] XFS (loop9): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1216.870829][T29621] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9249'.
[ 1217.801150][T29590] loop3: detected capacity change from 0 to 32768
[ 1217.898666][T29590] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.9242 (29590)
[ 1217.930389][T29595] loop8: detected capacity change from 0 to 32768
[ 1218.064386][T29590] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1218.145915][T29590] BTRFS info (device loop3): using crc32c checksum algorithm
[ 1218.496953][    C0] IPv4: Oversized IP packet from 172.20.20.24
[ 1218.578715][T29590] BTRFS info (device loop3): setting nodatasum
[ 1218.633520][T29590] BTRFS info (device loop3): enabling ssd optimizations
[ 1218.683804][T29590] BTRFS info (device loop3): disabling tree log
[ 1218.738495][T29590] BTRFS info (device loop3): turning on async discard
[ 1218.795209][T29590] BTRFS info (device loop3): enabling free space tree
[ 1218.845942][T29590] BTRFS info (device loop3): enabling auto defrag
[ 1218.993596][T29673] netlink: 'syz.9.9262': attribute type 12 has an invalid length.
[ 1219.041287][T29673] netlink: 120 bytes leftover after parsing attributes in process `syz.9.9262'.
[ 1219.082315][T25529] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1219.111967][T29680] loop4: detected capacity change from 0 to 1024
[ 1219.130745][T29679] loop1: detected capacity change from 0 to 2048
[ 1219.170282][T29680] EXT4-fs (loop4): stripe (4) is not aligned with cluster size (4096), stripe is disabled
[ 1219.257582][T29679] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1219.314257][T29680] EXT4-fs error (device loop4): ext4_map_blocks:791: inode #3: block 2: comm syz.4.9264: lblock 2 mapped to illegal pblock 2 (length 1)
[ 1219.383744][T29680] loop4: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[ 1219.386038][    C0] EXT4-fs (loop4): error count since last fsck: 1
[ 1219.401687][    C0] EXT4-fs (loop4): initial error at time 1778143561: ext4_map_blocks:791: inode 3: block 2
[ 1219.411811][    C0] EXT4-fs (loop4): last error at time 1778143561: ext4_map_blocks:791: inode 3: block 2
[ 1219.434308][T29680] Quota error (device loop4): qtree_write_dquot: dquota write failed
[ 1219.496018][T29680] EXT4-fs error (device loop4): ext4_map_blocks:791: inode #3: block 48: comm syz.4.9264: lblock 0 mapped to illegal pblock 48 (length 1)
[ 1219.575867][T29680] loop4: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[ 1219.576433][T29680] Quota error (device loop4): v2_write_file_info: Can't write info structure
[ 1219.727004][T25305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1219.727247][T29680] EXT4-fs error (device loop4): ext4_acquire_dquot:7032: comm syz.4.9264: Failed to acquire dquot type 0
[ 1219.749630][T29680] loop4: lost filesystem error report for type 5 error -117
[ 1219.782663][T29680] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6383: Corrupt filesystem
[ 1219.936836][T29680] loop4: lost filesystem error report for type 5 error -117
[ 1219.937243][T29680] EXT4-fs error (device loop4): ext4_evict_inode:267: inode #11: comm syz.4.9264: mark_inode_dirty error
[ 1220.037465][T29680] loop4: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[ 1220.042617][T29680] EXT4-fs warning (device loop4): ext4_evict_inode:269: couldn't mark inode dirty (err -117)
[ 1220.155428][T29680] EXT4-fs (loop4): 1 orphan inode deleted
[ 1220.192331][ T1169] EXT4-fs error (device loop4): ext4_map_blocks:791: inode #3: block 1: comm kworker/u8:8: lblock 1 mapped to illegal pblock 1 (length 1)
[ 1220.284757][T29680] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1220.315043][ T1169] loop4: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[ 1220.317088][ T1169] Quota error (device loop4): remove_tree: Can't read quota data block 1
[ 1220.337573][T29699] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9281'.
[ 1220.402143][ T1169] EXT4-fs error (device loop4): ext4_release_dquot:7068: comm kworker/u8:8: Failed to release dquot type 0
[ 1220.682893][T29708] netlink: 24 bytes leftover after parsing attributes in process `syz.9.9271'.
[ 1220.840674][ T1169] EXT4-fs error (device loop4): ext4_map_blocks:791: inode #3: block 1: comm kworker/u8:8: lblock 1 mapped to illegal pblock 1 (length 1)
[ 1220.883868][ T5628] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1220.925937][ T1169] loop4: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[ 1220.944386][ T1169] Quota error (device loop4): remove_tree: Can't read quota data block 1
[ 1221.052309][ T1169] EXT4-fs error (device loop4): ext4_release_dquot:7068: comm kworker/u8:8: Failed to release dquot type 0
[ 1221.112340][ T1169] loop4: lost filesystem error report for type 5 error -117
[ 1221.143811][ T5628] EXT4-fs error (device loop4): __ext4_get_inode_loc:4884: comm syz-executor: Invalid inode table block 1 in block_group 0
[ 1221.262160][ T5628] loop4: lost filesystem error report for type 5 error -117
[ 1221.262543][ T5628] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6383: Corrupt filesystem
[ 1221.347018][ T5628] loop4: lost filesystem error report for type 5 error -117
[ 1221.347343][ T5628] EXT4-fs error (device loop4): ext4_quota_off:7318: inode #3: comm syz-executor: mark_inode_dirty error
[ 1221.458477][ T5628] loop4: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[ 1222.069758][T29727] loop9: detected capacity change from 0 to 256
[ 1222.155035][T29727] exfat: Deprecated parameter 'utf8'
[ 1222.218478][T29727] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d)
[ 1222.371091][T26808] block nbd5: Receive control failed (result -32)
[ 1222.894331][T29743] tipc: New replicast peer: 255.255.255.255
[ 1222.921583][T29743] tipc: Enabled bearer <udp:syz2>, priority 10
[ 1223.557411][T29725] loop8: detected capacity change from 0 to 32768
[ 1223.579361][T29725] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.9277 (29725)
[ 1223.667590][T29725] BTRFS info (device loop8): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1223.715226][T29725] BTRFS info (device loop8): using crc32c checksum algorithm
[ 1223.725492][T29768] loop9: detected capacity change from 0 to 524287999
[ 1223.755801][ T5768] usb 2-1: new high-speed USB device number 61 using dummy_hcd
[ 1223.988366][ T5768] usb 2-1: Using ep0 maxpacket: 16
[ 1224.021586][T29725] BTRFS info (device loop8): setting nodatasum
[ 1224.051888][ T5768] usb 2-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[ 1224.071040][T29725] BTRFS info (device loop8): enabling ssd optimizations
[ 1224.104034][ T5768] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1224.110390][T29725] BTRFS info (device loop8): disabling tree log
[ 1224.150517][T29725] BTRFS info (device loop8): turning on async discard
[ 1224.182293][ T5768] usb 2-1: Product: syz
[ 1224.190992][T29725] BTRFS info (device loop8): enabling free space tree
[ 1224.216780][ T5768] usb 2-1: Manufacturer: syz
[ 1224.239052][T29725] BTRFS info (device loop8): enabling auto defrag
[ 1224.244866][ T5768] usb 2-1: SerialNumber: syz
[ 1224.301886][ T5768] usb 2-1: config 0 descriptor??
[ 1224.700855][T28083] BTRFS info (device loop8): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1224.789456][ T5768] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state.
[ 1224.858868][ T5768] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1224.942589][ T5768] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T)
[ 1224.972956][ T5768] usb 2-1: media controller created
[ 1224.997443][ T5747] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[ 1225.119899][ T5768] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1225.232382][ T5747] usb 4-1: Using ep0 maxpacket: 16
[ 1225.254172][ T5747] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[ 1225.290320][ T5747] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1225.355703][  T800] usb 5-1: new high-speed USB device number 67 using dummy_hcd
[ 1225.371379][T29809] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 1225.404933][ T5747] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1225.426734][ T5747] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1225.435353][ T5747] usb 4-1: Product: syz
[ 1225.499609][ T5747] usb 4-1: Manufacturer: syz
[ 1225.519115][ T5747] usb 4-1: SerialNumber: syz
[ 1225.547606][ T5747] usb 4-1: config 0 descriptor??
[ 1225.551662][ T5768] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T'
[ 1225.555725][  T800] usb 5-1: Using ep0 maxpacket: 32
[ 1225.602459][ T5747] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 1225.604210][ T5768] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected.
[ 1225.606386][ T5747] em28xx 4-1:0.0: Audio interface 0 found (Vendor Class)
[ 1225.609027][  T800] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1225.772862][  T800] usb 5-1: config 0 interface 0 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 0
[ 1225.801380][T28709] usb 2-1: USB disconnect, device number 61
[ 1225.856396][  T800] usb 5-1: config 0 interface 0 has no altsetting 0
[ 1225.925066][  T800] usb 5-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[ 1225.944631][  T800] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1225.979978][  T800] usb 5-1: Product: syz
[ 1225.994296][  T800] usb 5-1: Manufacturer: syz
[ 1226.042202][  T800] usb 5-1: SerialNumber: syz
[ 1226.074991][  T800] usb 5-1: config 0 descriptor??
[ 1226.099121][T28709] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected.
[ 1226.122420][T29819] loop8: detected capacity change from 0 to 2048
[ 1226.151860][T29819] NILFS (loop8): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1226.274790][T29822] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1226.318432][ T5747] em28xx 4-1:0.0: chip ID is em2870
[ 1226.609918][  T800] gs_usb 5-1:0.0: Configuring for 1 interfaces
[ 1226.631561][T25730] usb 4-1: USB disconnect, device number 13
[ 1226.641971][T25730] em28xx 4-1:0.0: Disconnecting em28xx
[ 1226.803373][T25730] em28xx 4-1:0.0: Freeing device
[ 1227.023325][  T800] gs_usb 5-1:0.0: Disabling termination support for channel 0 (-EPROTO)
[ 1227.340412][  T800] usb 5-1: USB disconnect, device number 67
[ 1227.500122][T29847] loop0: detected capacity change from 0 to 256
[ 1227.517459][T29847] vfat: Deprecated parameter 'posix'
[ 1227.575987][T29847] FAT-fs: "posix" option is obsolete, not supported now
[ 1227.636479][   T30] audit: type=1800 audit(1778143569.898:249): pid=29847 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.9313" name="bus" dev="loop0" ino=1049212 res=0 errno=0
[ 1227.773928][T29847] Invalid ELF header magic: != ELF
[ 1227.947638][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[ 1228.010430][T29856] loop8: detected capacity change from 0 to 2048
[ 1228.114596][T29856] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1228.824843][T29852] loop1: detected capacity change from 0 to 131072
[ 1228.842129][T29852] F2FS-fs (loop1): invalid crc value
[ 1228.848521][T29852] 
[ 1228.850854][T29852] ======================================================
[ 1228.857872][T29852] WARNING: possible circular locking dependency detected
[ 1228.865023][T29852] syzkaller #0 Tainted: G             L     
[ 1228.871002][T29852] ------------------------------------------------------
[ 1228.878017][T29852] syz.1.9316/29852 is trying to acquire lock:
[ 1228.884086][T29852] ffffffff8e977480 (pcpu_alloc_mutex){+.+.}-{4:4}, at: pcpu_alloc_noprof+0xe87/0x1cc0
[ 1228.893719][T29852] 
[ 1228.893719][T29852] but task is already holding lock:
[ 1228.901091][T29852] ffffffff8e692b20 (wq_pool_mutex){+.+.}-{4:4}, at: __alloc_workqueue+0x858/0x19f0
[ 1228.910589][T29852] 
[ 1228.910589][T29852] which lock already depends on the new lock.
[ 1228.910589][T29852] 
[ 1228.921004][T29852] 
[ 1228.921004][T29852] the existing dependency chain (in reverse order) is:
[ 1228.930023][T29852] 
[ 1228.930023][T29852] -> #9 (wq_pool_mutex){+.+.}-{4:4}:
[ 1228.937787][T29852]        __mutex_lock+0x1a4/0x1b10
[ 1228.942930][T29852]        __alloc_workqueue+0x858/0x19f0
[ 1228.948568][T29852]        alloc_workqueue_noprof+0xc7/0x130
[ 1228.954384][T29852]        padata_alloc+0xc7/0x400
[ 1228.959367][T29852]        pcrypt_init_padata+0x19/0x100
[ 1228.964864][T29852]        pcrypt_init+0x72/0xf0
[ 1228.969757][T29852]        do_one_initcall+0x121/0x750
[ 1228.975081][T29852]        kernel_init_freeable+0x6ea/0x7b0
[ 1228.980820][T29852]        kernel_init+0x1f/0x1e0
[ 1228.985684][T29852]        ret_from_fork+0x72b/0xd50
[ 1228.990843][T29852]        ret_from_fork_asm+0x1a/0x30
[ 1228.996345][T29852] 
[ 1228.996345][T29852] -> #8 (cpu_hotplug_lock){++++}-{0:0}:
[ 1229.004140][T29852]        cpus_read_lock+0x42/0x170
[ 1229.009314][T29852]        static_key_slow_inc+0x12/0x30
[ 1229.014787][T29852]        fl_create+0x7fb/0xd10
[ 1229.019561][T29852]        ipv6_flowlabel_opt+0x519/0x2d40
[ 1229.025208][T29852]        do_ipv6_setsockopt+0x1b80/0x44b0
[ 1229.030958][T29852]        ipv6_setsockopt+0xcb/0x170
[ 1229.036198][T29852]        rawv6_setsockopt+0xee/0x5a0
[ 1229.041501][T29852]        do_sock_setsockopt+0xf3/0x1d0
[ 1229.046987][T29852]        __sys_setsockopt+0x195/0x220
[ 1229.052368][T29852]        __x64_sys_setsockopt+0xbd/0x160
[ 1229.058014][T29852]        do_syscall_64+0x10b/0xf80
[ 1229.063151][T29852]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1229.069627][T29852] 
[ 1229.069627][T29852] -> #7 (sk_lock-AF_INET6){+.+.}-{0:0}:
[ 1229.077398][T29852]        lock_sock_nested+0x41/0xf0
[ 1229.082634][T29852]        inet_shutdown+0x67/0x410
[ 1229.087741][T29852]        nbd_mark_nsock_dead+0xae/0x5c0
[ 1229.093334][T29852]        sock_shutdown+0x16b/0x200
[ 1229.098457][T29852]        nbd_config_put+0x1eb/0x750
[ 1229.103664][T29852]        nbd_genl_connect+0xaf8/0x1a40
[ 1229.109364][T29852]        genl_family_rcv_msg_doit+0x214/0x300
[ 1229.115478][T29852]        genl_rcv_msg+0x560/0x800
[ 1229.120551][T29852]        netlink_rcv_skb+0x159/0x420
[ 1229.125957][T29852]        genl_rcv+0x28/0x40
[ 1229.130485][T29852]        netlink_unicast+0x585/0x850
[ 1229.135795][T29852]        netlink_sendmsg+0x8b0/0xda0
[ 1229.141104][T29852]        ____sys_sendmsg+0x9e1/0xb70
[ 1229.146428][T29852]        ___sys_sendmsg+0x190/0x1e0
[ 1229.151666][T29852]        __sys_sendmsg+0x170/0x220
[ 1229.156788][T29852]        do_syscall_64+0x10b/0xf80
[ 1229.161925][T29852]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1229.168360][T29852] 
[ 1229.168360][T29852] -> #6 (&nsock->tx_lock){+.+.}-{4:4}:
[ 1229.176042][T29852]        __mutex_lock+0x1a4/0x1b10
[ 1229.181189][T29852]        nbd_queue_rq+0x428/0x1080
[ 1229.186362][T29852]        blk_mq_dispatch_rq_list+0x422/0x1e70
[ 1229.192462][T29852]        __blk_mq_sched_dispatch_requests+0xcea/0x1620
[ 1229.199359][T29852]        blk_mq_sched_dispatch_requests+0xd7/0x1c0
[ 1229.205887][T29852]        blk_mq_run_hw_queue+0x23c/0x670
[ 1229.211570][T29852]        blk_mq_dispatch_list+0x51d/0x1360
[ 1229.217406][T29852]        blk_mq_flush_plug_list+0x130/0x600
[ 1229.223321][T29852]        __blk_flush_plug+0x2c4/0x4b0
[ 1229.228709][T29852]        __submit_bio+0x584/0x6c0
[ 1229.233748][T29852]        submit_bio_noacct_nocheck+0x543/0xbf0
[ 1229.239917][T29852]        submit_bio_noacct+0xd18/0x2000
[ 1229.245474][T29852]        submit_bh_wbc+0x681/0x890
[ 1229.250610][T29852]        block_read_full_folio+0x264/0x8e0
[ 1229.256536][T29852]        filemap_read_folio+0xfc/0x3b0
[ 1229.262015][T29852]        do_read_cache_folio+0x2d7/0x6b0
[ 1229.267670][T29852]        read_part_sector+0xd1/0x370
[ 1229.273078][T29852]        adfspart_check_ICS+0x91/0x7d0
[ 1229.278549][T29852]        bdev_disk_changed+0x7a3/0x1250
[ 1229.284129][T29852]        blkdev_get_whole+0x187/0x290
[ 1229.289708][T29852]        bdev_open+0x2c7/0xe40
[ 1229.294487][T29852]        blkdev_open+0x34e/0x4f0
[ 1229.299528][T29852]        do_dentry_open+0x6d8/0x1660
[ 1229.304883][T29852]        vfs_open+0x82/0x3f0
[ 1229.309511][T29852]        path_openat+0x208c/0x31a0
[ 1229.314638][T29852]        do_file_open+0x20e/0x430
[ 1229.319680][T29852]        do_sys_openat2+0x10d/0x1e0
[ 1229.324895][T29852]        __x64_sys_openat+0x12d/0x210
[ 1229.330285][T29852]        do_syscall_64+0x10b/0xf80
[ 1229.335434][T29852]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1229.341951][T29852] 
[ 1229.341951][T29852] -> #5 (&cmd->lock){+.+.}-{4:4}:
[ 1229.349283][T29852]        __mutex_lock+0x1a4/0x1b10
[ 1229.354513][T29852]        nbd_queue_rq+0xba/0x1080
[ 1229.359568][T29852]        blk_mq_dispatch_rq_list+0x422/0x1e70
[ 1229.365652][T29852]        __blk_mq_sched_dispatch_requests+0xcea/0x1620
[ 1229.372520][T29852]        blk_mq_sched_dispatch_requests+0xd7/0x1c0
[ 1229.379053][T29852]        blk_mq_run_hw_queue+0x23c/0x670
[ 1229.384730][T29852]        blk_mq_dispatch_list+0x51d/0x1360
[ 1229.390650][T29852]        blk_mq_flush_plug_list+0x130/0x600
[ 1229.396582][T29852]        __blk_flush_plug+0x2c4/0x4b0
[ 1229.401967][T29852]        __submit_bio+0x584/0x6c0
[ 1229.407004][T29852]        submit_bio_noacct_nocheck+0x543/0xbf0
[ 1229.413186][T29852]        submit_bio_noacct+0xd18/0x2000
[ 1229.418757][T29852]        submit_bh_wbc+0x681/0x890
[ 1229.423983][T29852]        block_read_full_folio+0x264/0x8e0
[ 1229.429858][T29852]        filemap_read_folio+0xfc/0x3b0
[ 1229.435342][T29852]        do_read_cache_folio+0x2d7/0x6b0
[ 1229.441013][T29852]        read_part_sector+0xd1/0x370
[ 1229.446350][T29852]        adfspart_check_ICS+0x91/0x7d0
[ 1229.451826][T29852]        bdev_disk_changed+0x7a3/0x1250
[ 1229.457410][T29852]        blkdev_get_whole+0x187/0x290
[ 1229.462819][T29852]        bdev_open+0x2c7/0xe40
[ 1229.467605][T29852]        blkdev_open+0x34e/0x4f0
[ 1229.472593][T29852]        do_dentry_open+0x6d8/0x1660
[ 1229.477999][T29852]        vfs_open+0x82/0x3f0
[ 1229.482619][T29852]        path_openat+0x208c/0x31a0
[ 1229.487765][T29852]        do_file_open+0x20e/0x430
[ 1229.492801][T29852]        do_sys_openat2+0x10d/0x1e0
[ 1229.498106][T29852]        __x64_sys_openat+0x12d/0x210
[ 1229.503504][T29852]        do_syscall_64+0x10b/0xf80
[ 1229.508640][T29852]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1229.515065][T29852] 
[ 1229.515065][T29852] -> #4 (set->srcu){.+.+}-{0:0}:
[ 1229.522231][T29852]        __synchronize_srcu+0xa2/0x300
[ 1229.527714][T29852]        blk_mq_quiesce_queue+0x149/0x1c0
[ 1229.533473][T29852]        elevator_switch+0x17b/0x7e0
[ 1229.538786][T29852]        elevator_change+0x352/0x530
[ 1229.544102][T29852]        elevator_set_default+0x29e/0x360
[ 1229.549863][T29852]        blk_register_queue+0x48e/0x630
[ 1229.555438][T29852]        __add_disk+0x73f/0xe40
[ 1229.560348][T29852]        add_disk_fwnode+0x118/0x5c0
[ 1229.565659][T29852]        nbd_dev_add+0x77a/0xb10
[ 1229.570608][T29852]        nbd_init+0x291/0x2b0
[ 1229.575338][T29852]        do_one_initcall+0x121/0x750
[ 1229.580824][T29852]        kernel_init_freeable+0x6ea/0x7b0
[ 1229.586694][T29852]        kernel_init+0x1f/0x1e0
[ 1229.591561][T29852]        ret_from_fork+0x72b/0xd50
[ 1229.596785][T29852]        ret_from_fork_asm+0x1a/0x30
[ 1229.602107][T29852] 
[ 1229.602107][T29852] -> #3 (&q->elevator_lock){+.+.}-{4:4}:
[ 1229.610067][T29852]        __mutex_lock+0x1a4/0x1b10
[ 1229.615246][T29852]        elevator_change+0x1bc/0x530
[ 1229.620578][T29852]        elevator_set_none+0x92/0xf0
[ 1229.625879][T29852]        blk_mq_update_nr_hw_queues+0x4c1/0x15f0
[ 1229.632314][T29852]        nbd_start_device+0x1a6/0xbd0
[ 1229.637703][T29852]        nbd_genl_connect+0xff2/0x1a40
[ 1229.643350][T29852]        genl_family_rcv_msg_doit+0x214/0x300
[ 1229.649455][T29852]        genl_rcv_msg+0x560/0x800
[ 1229.654516][T29852]        netlink_rcv_skb+0x159/0x420
[ 1229.659850][T29852]        genl_rcv+0x28/0x40
[ 1229.664475][T29852]        netlink_unicast+0x585/0x850
[ 1229.669799][T29852]        netlink_sendmsg+0x8b0/0xda0
[ 1229.675116][T29852]        ____sys_sendmsg+0x9e1/0xb70
[ 1229.680436][T29852]        ___sys_sendmsg+0x190/0x1e0
[ 1229.685752][T29852]        __sys_sendmsg+0x170/0x220
[ 1229.690886][T29852]        do_syscall_64+0x10b/0xf80
[ 1229.696053][T29852]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1229.702658][T29852] 
[ 1229.702658][T29852] -> #2 (&q->q_usage_counter(io)#51){++++}-{0:0}:
[ 1229.711511][T29852]        blk_alloc_queue+0x610/0x790
[ 1229.716812][T29852]        blk_mq_alloc_queue+0x174/0x290
[ 1229.722468][T29852]        __blk_mq_alloc_disk+0x29/0x120
[ 1229.728136][T29852]        nbd_dev_add+0x492/0xb10
[ 1229.733106][T29852]        nbd_init+0x291/0x2b0
[ 1229.737803][T29852]        do_one_initcall+0x121/0x750
[ 1229.743142][T29852]        kernel_init_freeable+0x6ea/0x7b0
[ 1229.748888][T29852]        kernel_init+0x1f/0x1e0
[ 1229.753763][T29852]        ret_from_fork+0x72b/0xd50
[ 1229.758894][T29852]        ret_from_fork_asm+0x1a/0x30
[ 1229.764211][T29852] 
[ 1229.764211][T29852] -> #1 (fs_reclaim){+.+.}-{0:0}:
[ 1229.771456][T29852]        fs_reclaim_acquire+0xc4/0x100
[ 1229.776960][T29852]        prepare_alloc_pages+0x166/0x5f0
[ 1229.782632][T29852]        __alloc_frozen_pages_noprof+0x19a/0x2bc0
[ 1229.789157][T29852]        __alloc_pages_noprof+0xb/0x110
[ 1229.794733][T29852]        pcpu_populate_chunk+0x118/0x990
[ 1229.800385][T29852]        pcpu_alloc_noprof+0x881/0x1cc0
[ 1229.805953][T29852]        bpf_map_alloc_percpu+0x9a/0xf0
[ 1229.811515][T29852]        htab_map_alloc+0x1054/0x14e0
[ 1229.816899][T29852]        map_create+0x84e/0x2bc0
[ 1229.821853][T29852]        __sys_bpf+0x2091/0x4b90
[ 1229.826808][T29852]        __x64_sys_bpf+0x7b/0xc0
[ 1229.831767][T29852]        do_syscall_64+0x10b/0xf80
[ 1229.836906][T29852]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1229.843420][T29852] 
[ 1229.843420][T29852] -> #0 (pcpu_alloc_mutex){+.+.}-{4:4}:
[ 1229.851181][T29852]        __lock_acquire+0x14b8/0x2630
[ 1229.856662][T29852]        lock_acquire+0x1b1/0x370
[ 1229.861706][T29852]        __mutex_lock+0x1a4/0x1b10
[ 1229.866930][T29852]        pcpu_alloc_noprof+0xe87/0x1cc0
[ 1229.872523][T29852]        __alloc_workqueue+0x8ff/0x19f0
[ 1229.878140][T29852]        alloc_workqueue_noprof+0xc7/0x130
[ 1229.883965][T29852]        f2fs_init_post_read_wq+0x10f/0x190
[ 1229.889883][T29852]        f2fs_fill_super+0x49b8/0xae90
[ 1229.895431][T29852]        get_tree_bdev_flags+0x38c/0x620
[ 1229.901108][T29852]        vfs_get_tree+0x92/0x320
[ 1229.906101][T29852]        path_mount+0x7d0/0x23d0
[ 1229.911153][T29852]        __x64_sys_mount+0x293/0x310
[ 1229.916460][T29852]        do_syscall_64+0x10b/0xf80
[ 1229.921688][T29852]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1229.928121][T29852] 
[ 1229.928121][T29852] other info that might help us debug this:
[ 1229.928121][T29852] 
[ 1229.938349][T29852] Chain exists of:
[ 1229.938349][T29852]   pcpu_alloc_mutex --> cpu_hotplug_lock --> wq_pool_mutex
[ 1229.938349][T29852] 
[ 1229.951431][T29852]  Possible unsafe locking scenario:
[ 1229.951431][T29852] 
[ 1229.958974][T29852]        CPU0                    CPU1
[ 1229.964354][T29852]        ----                    ----
[ 1229.969728][T29852]   lock(wq_pool_mutex);
[ 1229.974077][T29852]                                lock(cpu_hotplug_lock);
[ 1229.981209][T29852]                                lock(wq_pool_mutex);
[ 1229.987987][T29852]   lock(pcpu_alloc_mutex);
[ 1229.992596][T29852] 
[ 1229.992596][T29852]  *** DEADLOCK ***
[ 1229.992596][T29852] 
[ 1230.000744][T29852] 2 locks held by syz.1.9316/29852:
[ 1230.005946][T29852]  #0: ffff8880271ec0d8 (&type->s_umount_key#85/1){+.+.}-{4:4}, at: alloc_super+0x244/0xd20
[ 1230.016154][T29852]  #1: ffffffff8e692b20 (wq_pool_mutex){+.+.}-{4:4}, at: __alloc_workqueue+0x858/0x19f0
[ 1230.025966][T29852] 
[ 1230.025966][T29852] stack backtrace:
[ 1230.031874][T29852] CPU: 1 UID: 0 PID: 29852 Comm: syz.1.9316 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1230.031927][T29852] Tainted: [L]=SOFTLOCKUP
[ 1230.031940][T29852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1230.031963][T29852] Call Trace:
[ 1230.031974][T29852]  <TASK>
[ 1230.031991][T29852]  dump_stack_lvl+0x100/0x190
[ 1230.032033][T29852]  print_circular_bug.cold+0x178/0x1c7
[ 1230.032096][T29852]  check_noncircular+0x146/0x160
[ 1230.032147][T29852]  __lock_acquire+0x14b8/0x2630
[ 1230.032195][T29852]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1230.032243][T29852]  lock_acquire+0x1b1/0x370
[ 1230.032284][T29852]  ? pcpu_alloc_noprof+0xe87/0x1cc0
[ 1230.032333][T29852]  ? __pfx___might_resched+0x10/0x10
[ 1230.032388][T29852]  __mutex_lock+0x1a4/0x1b10
[ 1230.032440][T29852]  ? pcpu_alloc_noprof+0xe87/0x1cc0
[ 1230.032485][T29852]  ? pcpu_alloc_noprof+0xe87/0x1cc0
[ 1230.032534][T29852]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1230.032583][T29852]  ? __pfx___mutex_lock+0x10/0x10
[ 1230.032633][T29852]  ? trace_contention_end+0x122/0x170
[ 1230.032681][T29852]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1230.032725][T29852]  ? __mutex_lock+0x26d/0x1b10
[ 1230.032775][T29852]  ? __alloc_workqueue+0x858/0x19f0
[ 1230.032820][T29852]  ? __pfx___mutex_lock+0x10/0x10
[ 1230.032887][T29852]  ? pcpu_alloc_noprof+0xe87/0x1cc0
[ 1230.032940][T29852]  pcpu_alloc_noprof+0xe87/0x1cc0
[ 1230.033003][T29852]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1230.033060][T29852]  __alloc_workqueue+0x8ff/0x19f0
[ 1230.033106][T29852]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1230.033171][T29852]  alloc_workqueue_noprof+0xc7/0x130
[ 1230.033214][T29852]  ? __pfx_alloc_workqueue_noprof+0x10/0x10
[ 1230.033260][T29852]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1230.033314][T29852]  ? __pfx_f2fs_get_valid_checkpoint+0x10/0x10
[ 1230.033374][T29852]  ? 0xffffffff81000000
[ 1230.033408][T29852]  f2fs_init_post_read_wq+0x10f/0x190
[ 1230.033463][T29852]  f2fs_fill_super+0x49b8/0xae90
[ 1230.033554][T29852]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1230.033606][T29852]  ? do_raw_spin_lock+0x128/0x260
[ 1230.033666][T29852]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1230.033720][T29852]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1230.033773][T29852]  ? set_blocksize+0x1cf/0x460
[ 1230.033842][T29852]  ? setup_bdev_super+0x337/0x730
[ 1230.033903][T29852]  ? __pfx_f2fs_fill_super+0x10/0x10
[ 1230.033968][T29852]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1230.034020][T29852]  ? sb_set_blocksize+0x1fe/0x290
[ 1230.034060][T29852]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1230.034112][T29852]  ? setup_bdev_super+0x425/0x730
[ 1230.034177][T29852]  get_tree_bdev_flags+0x38c/0x620
[ 1230.034242][T29852]  ? __pfx_f2fs_fill_super+0x10/0x10
[ 1230.034309][T29852]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[ 1230.034375][T29852]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1230.034428][T29852]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1230.034483][T29852]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1230.034535][T29852]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1230.034587][T29852]  ? security_capable+0x80/0x260
[ 1230.034650][T29852]  vfs_get_tree+0x92/0x320
[ 1230.034705][T29852]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1230.034760][T29852]  path_mount+0x7d0/0x23d0
[ 1230.034816][T29852]  ? __pfx_path_mount+0x10/0x10
[ 1230.034865][T29852]  ? lockdep_hardirqs_on+0x78/0x100
[ 1230.034921][T29852]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1230.034977][T29852]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1230.035029][T29852]  ? kmem_cache_free+0x127/0x6c0
[ 1230.035087][T29852]  ? __x64_sys_mount+0x293/0x310
[ 1230.035143][T29852]  __x64_sys_mount+0x293/0x310
[ 1230.035196][T29852]  ? __pfx___x64_sys_mount+0x10/0x10
[ 1230.035252][T29852]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1230.035304][T29852]  ? rcu_is_watching+0x12/0xc0
[ 1230.035370][T29852]  do_syscall_64+0x10b/0xf80
[ 1230.035426][T29852]  ? irqentry_exit+0x117/0x790
[ 1230.035486][T29852]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1230.035531][T29852] RIP: 0033:0x7f388b79e04a
[ 1230.035562][T29852] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1230.035601][T29852] RSP: 002b:00007f388c742e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1230.035636][T29852] RAX: ffffffffffffffda RBX: 00007f388c742ee0 RCX: 00007f388b79e04a
[ 1230.035668][T29852] RDX: 0000200000000000 RSI: 0000200000010600 RDI: 00007f388c742ea0
[ 1230.035696][T29852] RBP: 0000200000000000 R08: 00007f388c742ee0 R09: 0000000001004500
[ 1230.035724][T29852] R10: 0000000001004500 R11: 0000000000000246 R12: 0000200000010600
[ 1230.035752][T29852] R13: 00007f388c742ea0 R14: 00000000000105c2 R15: 0000200000000380
[ 1230.035797][T29852]  </TASK>
[ 1230.540283][T29852] F2FS-fs (loop1): Failed to start F2FS issue_checkpoint_thread (-4)
[ 1230.905964][  T800] usb 5-1: new high-speed USB device number 68 using dummy_hcd
[ 1231.059721][  T800] usb 5-1: config 0 has no interfaces?
[ 1231.065470][  T800] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1231.087555][  T800] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1231.129105][  T800] usb 5-1: config 0 descriptor??
[ 1231.150265][  T800] usb 5-1: can't set config #0, error -71
[ 1231.178970][  T800] usb 5-1: USB disconnect, device number 68
[ 1238.194627][ T1308] ieee802154 phy1 wpan1: encryption failed: -22