last executing test programs: 35.772847084s ago: executing program 2: syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x804000, &(0x7f0000000200), 0x3, 0x4ae, &(0x7f0000000a00)="$eJzs3d9rm+UeAPDvm7Y73daddueci53B2SnnTLqhS9rVbcWLbYLo1UCd97W2aSlNm9Kk21qGdPgHCCIqeuWVN4J/gCD7E0QY6L2IKEO3eeGFGknyZqsl/THXNrP5fODp+7zvm+b7fRLyJE+eh7wBtK3+iLgYER0RcTIietPjmbTESr1Ub3f3zvXxakmiUrn8QxJJeqxxX0m6PZj+W3dEvPxCxGtJUj+wSmlpeWasUMgvpPu58ux8rrS0fGp6dmwqP5WfGx4eOjtybuTMyOC2tfX8c9++8+ZHz5//7KmrX49+f+L1ar496bnV7dhO9cekq/ZYNHRGxMJOBGuBjrQ9Xa1OBACALal+xv9HRPwvIu693+psAAAAgJ1QudATvyQRFQAAAGDPytTWwCaZbLoWoCcymWy2vob3X3EhCsVS+cnJ4uLcRH2tbF90ZSanC/nBdK1wX3Ql1f2hWv3B/uk1+8MRcTgi3u7dX9vPjhcLE63+8gMAAADaRHWc35Op16ubn3rr438AAABgj+lrdQIAAADAjjP+BwAAgL1v3fF/0rm7iQAAAAA74cVLl6ql0rj+9cSVpcWZ4pVTE/nSTHZ2cTw7XlyYz04Vi1O13+yb3ez+CsXi/NMxt3gtV86XyrnS0vLobHFxrjxau673aN51ogEAAGD3Hf7vza+SiFh5Zn+tVO1Lzxmrw96WebibJzuVB7D7OlqdANAyFvhC+zLGBzYb2HfvUh4AAMDOGfi3+X9oVw85/w/sIeb/oX2Z/4f2ZYwP/On5/8+3PxcAAGBn9NRKksmmc4E9kclksxGHapcF6Eompwv5wYj4e0R82dv1t+r+UKuTBgAAAAAAAAAAAAAAAAAAAAAAAIC/mEoliQoAAACwp0VkvkvS638N9B7vWfv9wL7k597aNiKufnD53Wtj5fLCUPX4j/ePl99Lj59uxTcYAAAAwFqNcXpjHA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2+nunevjjbKbcW8/GxF9zeJ3Rndt2x1dEXHgXhKdq/4viYiObYi/ciMijjSLn1TTir40i7XxMxGxv8XxD25DfGhnN6v9z8Vmr79M9Ne2zV9/nWl5VLf71+v/Mvf7v451+r9Dm9z3vnR79NYnuXXj34g42tm8/2nETx6x/331leXl9c5VPowYaPr+k/whVq48O58rLS2fmp4dm8pP5eeGh4fOjpwbOTMymJucLuTTv01jvPWfT3/bqP0H1onft0n7j2+x/b/eunbnnxvEP/H/5s//kQ3iVx/7J9L3ger5gUZ9pV5f7djHXxzbqP0T67R/s+f/xBbbf/KlN77Z4k0BgF1QWlqeGSsU8gsqj1ul//FIQ6U9K63umQAAgO324EN/qzMBAAAAAAAAAAAAAAAAAACA9rUbPye2Ol5365oKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALCh3wMAAP//LP/UjQ==") bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x0, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x4, 0x0, &(0x7f00000007c0)=[{0x0, 0x5}, {}, {}, {0x3, 0x2, 0xf, 0x4}]}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x5, 0x5, 0x7fe2, 0x1}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000840)={{r0}, &(0x7f00000007c0), &(0x7f0000000800)='%+9llu \x00'}, 0x20) r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000540)=@raw={'raw\x00', 0x8, 0x3, 0x4d8, 0x340, 0x11, 0x148, 0x340, 0x0, 0x440, 0x2a8, 0x2a8, 0x440, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip_vti0\x00', {0x0, 0x0, 0x3f, 0x0, 0x0, 0x3, 0x7}}}, @common=@unspec=@bpf1={{0x230}, @pinned={0x1, 0x0, 0x0, './file0\x00'}}]}, @unspec=@CT0={0x48}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00'}, 0x0, 0xd0, 0x100, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@quota={{0x38}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x538) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f00000002c0)=0x20) statx(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0, 0xffff4a9c0080ffff, &(0x7f0000000240)) 35.219633757s ago: executing program 2: syz_mount_image$jfs(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x221009c, &(0x7f0000000200)=ANY=[@ANYBLOB='errors=remount-ro,quota,nodiscard,iocharset=koi8-u,errors=continue,noquota,errors=remount-ro\x00resize=0x0000000000000000,uid=', @ANYRESOCT, @ANYBLOB="2c6e6ff1756f74612c6e6f646973636172642c6572726f72733d72656d6f756e742d726f2c6769643d", @ANYRESHEX=0x0, @ANYBLOB="2c6e6fff0000000000000071756f74612c005dc55abd804d6f01f0f1055bb38f1a40dfa6fc9beecb8a0f4c4de2d44eb6f407d75f44a0e259"], 0x1, 0x60a5, &(0x7f0000000340)="$eJzs3UuPHFfZB/Cnr3PxG2eURZTXQmjihEsI8TUYQ4AkC1iwyQJ5i2xNJpGFA8g2yIksPNFsWLDiE4CQWCLEErHgA2TBlh0rVliykUBZUahmzvFUt7vdY8bT1Z7z+0njqqdO9fSp+Xf1xVXVJwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA+O53vne2ExGXf5oWrEX8X/QiuhErdb0eESvra3n9fkS8EDvN8XxEDJYi6tvv/PNsxOsR8cnxiHv3b2/Ui8/tsx/f/v1ff/P9Y+/85XeD0//+w83eG9PWu3XrF//6452DbTMAAACUpqqqqpM+5p9In++7bXcKAJiL/PpfJXn5ka9/+fd3/rRI/VGr1Wq1eg51UzXZnWYREVvN29TvGRyOB4CnzFZ82nYXaJH8i9aPiGNtdwJYaJ22O8ChuHf/9kYn5dtpvh6s77bnc0FG8t/qPLi+Y9p0lvFzTOb1+NqOXjw3pT8rc+rDIsn5d8fzv7zbPkzrHXb+8zIt/+HupU/Fyfn3xvMfc3Ty707Mv1Q5//5j5d+TPwAAAAAALLD8//9rLR//XTr4puzLo47/rs+pDwAAAAAAAADwpB10/L8HjP8HAAAAC6v+rF771fG9ZdO+i61efqkT8czY+kBh0sUyq233AwAAAAAAAAAAAABK0t89h/dSJ2IQEc+srlZVVf80jdeP66C3f9qVvv1Qsraf5AEAYNcnx8eu5e9ELEfEpfRdf4PV1dWqWl5ZrVarlaX8fna4tFytND7X5mm9bGm4jzfE/WFV/7Llxu2aZn1entU+/vvq+xpWvX107AkZpL/mlOaWwgaAZPfV6J5XpCOmqp6d9uYDRtj/jx77P/vR9uMUAAAAOHxVVVWd9HXeJ9Ix/27bnQIA5iK//o8fFziUOuJwf79arVar1epH1k3VZHeaRURsNW9Tv2cwHD8APGW24tO2u0CL5F+0fkS80HYngIXWabsDHIp7929vdFK+nebrQRrfPZ8LMpL/Vmfndvn2k6azjJ9jMq/H13b04rkp/Xl+Tn1YJDn/7nj+l3fbh2m9w85/XqblX2/nWgv9aVvOvzee/5ijk393Yv6lyvn3Hyv/nvwBAAAAAGCB5f//X3P8N28yAAAAAAAAADx17t2/vZGve83H/z8zYT3Xfx5NOf+O/IuU8++O5f/FsfV6jfm7b+/l/8/7tzd+e/Mf/5+n+81/Kc900iOrkx4RnXRPnX6aHmTrHrY96A3rexp0ur1+OuenGrwXV+NabMaZkXW76e+x1352pL3u6WCk/dxIe/+h9vMj7YP0vQPVSm4/FRvxo7gW7+60121LM7Z/eUZ7NaM959+z/xcp599v/NT5r6b2zti0dvfj7kP7fXM66X7euvrZn585/M2ZaTt6D7atqd6+ky30Z+dvcmwYP7mxef3UrSs3b14/G2kysvRcpMkTlvMf7Pws7T3/v7Tbnp/3m/vr3Y+Hj53/otiO/tT8X2rM19v7ypz71oac/zD95PzfTe2T9/+nOf/p+/+rLfQHAAAAAAAAAAAAAAAAHqWqqp1LRN+KiAvp+p+2rs0EAOYrv/5XSV6uVqvVarX66NVN1WRvNouI+HPzNvV7hp9N+mUAwCL7T0T8re1O0Br5Fyx/3189fbntzgBzdePDj35w5dq1zes32u4JAAAAAAAAAPC/yuN/rjfGf345ItbG1hsZ//XtWD/o+J/9PPNggNEnPND3FNvdYa/bGG78xdgZn/vUtPG/T8ajx//uz7i/wYz24Yz2pRntyxOX7qU18UKPhpz/i43xzuv8T4wNv17C+K/jY96XIOd/svF4rvP/wth6zfyrXy9c/lv7XXE7uiP5n775wY9P3/jwo9eufnDl/c33N394/uzZM+cvXLh48eLp965e2zyz++/h9HoB5Pzz2NfOAy1Lzj9nLv+y5Pw/l2r5lyXn//lUy78sOf/8fk/+Zcn5588+8i9Lzv+VVMu/LDn/L6Va/mXJ+b+aavmXJef/5VTLvyw5/9dSLf+y5PxPpVr+Zcn5n071PvL39fBHSM4/H+Gy/5cl55/PbJB/WXL+51It/7Lk/M+nWv5lyfm/nmr5lyXn/5VUy78sOf8LqZZ/WXL+X021/MuS87+YavmXJef/tVTLvyw5/6+nWv5lyfm/kWr5lyXn/41Uy78sOf9vplr+Zcn5fyvV8i9Lzv/NVMu/LHvf/2/GjBkzeabtZyYAAAAAAAAAAAAAYNw8TiduexsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sgMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7N1djFxnfT/wM/tirx1CDITg5G9gk5gQkiW7thO/8K+LCa8NUAokFPqC7XrXZsFveO0SKJJNAyUSRkUVVdOLtoBQG6mqsCouaEVpLqq+XJX2gt5UVJWQGlUBBSSktqJsNXOe5/HM7OycXe94PXuez0eKf96dM3POnHlmdr/rfHcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABod+cb5z7bKIqi+V/rj21F8YLm37dMbmt97nU3+ggBAACAtfrf1p/P35I+cWgFV2rb5u9e8Y9fX1xcXCzeP/q7419cXEwXTBbF+OaiaF0WXfn3DzTatwmeKCYaI20fj1TsfrTi8rGKy8crLt9UcfnmissnKi5fcgKW2FL+PKZ1Yztbf91WntLi1mK8ddnOHtd6orF5ZCT+LKel0brO4vjxYr44WcwVMx3bl9s2Wtt/887mvt5WxH2NtO1rR3OF/PCTx+IxNMI53tmxr6u3GX3/DcXkj374yWN/fP6523vNytPQcXvlcd57V/M4Px0+Ux5ro9iczkk8zpG249zR4zEZ7TjORut6zb93H+fzKzzO0auHua66H/OJYqT192+3ztNY+4/10nnaET73X3cXRXHp6mF3b7NkX8VIsbXjMyNXH5+JckU2b6O5lF5cjK1qnd65gnXanLM7O9dp93MiPv53huuNLXMM7Q/T9z+1acnjvtp1GjXv9XLPle41OOjnyrCswbguvt2600/2XIM7w/3/5D3Lr8Gea6fHGkz3u20N3lW1Bkc2jbaOOT0IjdZ1rq7BXR3bj7b21GjNZ+/pvwanz586O73w8U+8dv7U0RNzJ+ZO79m1a2bP3r379++fPj5/cm6m/PMaz/bw21qMpOfAXeHcxefAq7u2bV+qi18e3PNwos/zcFvXtoN+Ho5137nG+jwhl67p8rnxaPOkT1weKZZ5jrUen/vW/jxM97vteTjW9jzs+TWlx/NwbAXPw+Y2Z+9b2fcsY23/9TqG6/W1YFvbGuz+fqR7DQ76+5FhWYMTYV38633Lfy3YEY73yanVfj8yumQNprsbXnuan0nf70/sb41e6/KO5gU3bSouLMyde+Dxo+fPn9tVhLEuXtK2VrrX69a2+1QsWa8jq16vh+Zf8eQdPT6/LZyridc2/5hY9rFqbvPgA/0fq9ZXt97ns+Ozu4swBmy9z2evr+bN85myZJ/z2dzm09Nr/1485dK219/xZV5/Y+7/abm/dFNPjI6Plc/f0XR2xjtejzsfqrHWa1ejte/np1f2ejwe/lvv1+Nb+7web+/adtCvx+Pddy6+HjeqftqxNt2P50RYJydn+r8eN7fZvnu1a3Ks7+vx3WE2wvl/TUgKKRe1rZ3l1m3a19jYeLhfY3EPnet0T8f24yGbNff19O5rW6f33l3e1mi6d1et1zqd7Np20Os0vV4tt04bVT99uzbdj+dEWBe37um/TpvbPPPg2l87t8S/tr12bqpag+Ojm5rHPJ4WYfl6v7glrsEHimPFmeJkMdu6dFNrPTVa+5p6aGVrcFP4b71fK7f3WYP3dm076DWYvo4tt/YaY0vv/AB0P54TYV089VD/Ndjc5k37Bvu9673hM2mbtu9du3++ttzPvO7oOk3X82dezeP8m339fzbb3Obk/tXmzP7n6f7wmZt6nKfu5+9yz6nZYn3O0/ZwnM/tX/48NY+nuc0XD6xwPR0qiuLiRx9u/bw3/PvKn1/4ztc7/t2l17/pXPzowz+4+fjfrub4Adj4flqOreXXurZ/mVrJv/8DAAAAG0LM/SNhJvI/AAAA1EbM/fH/Ck/kfwAAAKiNmPvHwkwyyf/b3/Tc/E8vFqmZvxjEy9NpeKTcLnZcZ8LHk4tXNT//8FfnfvyXF1e275GiKH7yyG/03H77I/G4SpPhOK+8ufPzS694cUX7P/LY1e3a++tfCrcf789Kl0GvCu5MURTfvOXzrf1MfuByaz7zyJHWfM+lJ59obvP8gfLjeP1nX1Ju/weh/Hvo+NGO6z8bzsP3wpx5e+/zEa/3tcuv2bHvfVf3F6/XuOuFrbv91AfL242/J+cLT5Tbx/O83PH/1eee/lpz+8df1fv4L470Pv6nw+1+Ncz/fnm5fftj0Pw4Xu8z4fjj/uL1HvjKt3oe/5XPltuffUu53ZEw4/7vDR/vfMtz8+3n6/HG0Y77Vby13C7uf+Y7v926PN5evP3u4584fLnjfHSvj2f+ubyd6a7t4+fjfqK/6Np/83ba12fc/9O/daTjPFft/8p7nn1583a7939/13ajXdfv/o1Nf/iZz/fcXzyeQ392tuP+HHp3eB6H/T/1wbAew+X/c+XzHfuNjry78/Unbv+lbRc77k/0th+V+7/y+hOt+R+TP/79m15w8wsvvbJ57ori2+8tb69q/yf+6EzH8X/5tvtaj0e8PHb0u/e/nLj/cx+bOn1m4cL8bNtZbf3unHeUx7N5YsvW5vHeEl5buz8+fOb8h+bOTc5MzhTFZH1/hd41+0qYPyjHpdVe/77HwuN5x+99c+s9//S5+Pl/ebT8/OW3l1+3Xh22+0L4/Lby8VtsrHH/T915W+v53Xim/Lijxz4AO3b+5/4VbRjuf/f3BXG9n33ph1rnoXlZ6+tGfF6v8fi/O1vezjfCeV0Mv5n5rtuu7q99+/i7ES6/t3y+r/n8hZe5+Lj+SXi83/m98vbjccX7+93wfcy3tne+3sX18Y2LI9233/otHpfC60lxqbw8bhXP9+Xnb+t5ePH3kBSXbm99/Dvpdm5f1d1czsLHF6ZPzp++8Pj0+bmF89MLH//E4VNnLpw+f7j1uzwPf7jq+ldfn7a2Xp9m5/Y+WMxsKYriTDGzDi9Y1+f4m39b2fGffezY7L6Ze2bnjh+9cPz8Y2fnzp04trBwbG524Z6jx4/Pfazq+vOzB3ftPrBn3+6pE/OzB/cfOLDnwNT86TPNwygPqsLemY9MnT53uHWVhYMPHtj10EMPzkydOjM7d3DfzMzUharrt742TTWv/etT5+ZOHj0/f2puamH+E3MHdx3Yu3d35W8DPHX2+MLk9LkLp6cvLMydmy7vy+T51qebX/uqrk89Lfxb+f1st0b5i/iKd92/N/1+1qavfmrZmyo36foFos+F30XzDy86u38lH8fcPx5mkkn+BwAAgBzE3L8pzET+BwAAgNqIuX9zmIn8DwAAALURc/9EmEkm+V//X/9/Zf3/8nL9/7z6/2c/WvZKN3r/P/bn9f/zcIP7/2vev/6//n/9+v8r789v9OPX/9f/Z6lh6//H3L+lKLLM/wAAAJCDmPu3hpnI/wAAAFAbMfffFGYi/wMAAEBtxNz/gjCTTPK//v+K+v+7qwpX9e//e/9//f9iY/b/44Oj/5+NVffv3/dox4f6/4H+v/6//r/+v/4/aza+7CU3qv8fc//NYSaZ5H8AAADIQcz9Lwwzkf8BAACgNmLuvyXMRP4HAACA2oi5f1uYSSb5X//f+//r/+v/17r/v9b3/287GP3/jcH7//en/1/hmvv/E/r/G7H/Pz7Y4x/u/n/l4ev/c10M2/v/x9z/ojCTTPI/AAAA5CDm/heHmcj/AAAAUBsx978kzET+BwAAgNqIuf/WMJNM8r/+v/6//r/+v/5/7/1Xv/9/+Tf9/+Gi/9+f/n8F7/+fV/9/wMc/3P3/Qb////ibu6+v/08vw9b/j7n/pWEmmeR/AAAAyEHM/beFmcj/AAAAUBsx978szET+BwAAgNqIuX97mEkm+V//X/9f/1//X/+/9/6r+/8l/f/hov/fn/5/Bf1//X/9/5X1/3t886v/Ty/D1v+Puf/2MJNM8j8AAADkIOb+O8JM5H8AAACojZj7/1+YifwPAAAAtRFz/44wk0zyv/6//r/+f179//s36f/r/9eb/n9/+v8V9P/1//X/V/j+/0utpv+/uerGqI1h6//H3P/yMJNM8j8AAADkIOb+V4SZyP8AAABQGzH3vzLMRP4HAACA2oi5fzLMJJP8r/9fr/7/n/71U68s9P/1/yv2X9P+f1wG+v+Z0//vT/+/gv6//r/+/7r0/8nHsPX/Y+6/M8wkk/wPAAAAOYi5/64wE/kfAAAAaiPm/rvDTOR/AAAAqI2Y+3eGmWSS//X/69X/j/T/9f/77b+m/f9E/z9v+v89tD1J9f8r6P/r/2ff/4/f/er/MxjD1v+Puf9VYSaZ5H8AAADIQcz994SZyP8AAABQGzH3vzrMRP4HAACA2oi5/94wk0zyv/6//r/+v/6//n/v/ev/b0z6//3p/1fQ/9f/z77/7/3/Gaxh6//H3P+aMJNM8j8AAADkIOb++8JM5H8AAACojfj/b5b/36v8DwAAAHUUc/9UmEkm+V//X/8/p/5/Q/9f/1//v/b0//vT/6+g/6//r/+v/89ADVv/P+b+14aZZJL/AQAAIAcx9z8QZiL/AwAAQG3E3D8dZiL/AwAAQG3E3D8TZpJJ/tf/1//Pqf/v/f/1//X/60//vz/9/wr6//r/dev/F4X+PzfUsPX/Y+7fFWaSSf4HAACAHMTcvzvMRP4HAACA2oi5f0+YifwPAAAAtRFz/4NhJpnkf/1//X/9f/1//f/e+9f/35j0//vT/6+g/6//X7f+v/f/5wYbtv5/zP0PhZlkkv8BAAAgBzH37w0zkf8BAACgNmLu3xdmIv8DAABAbcTcvz/MJJP8r/9fk/7/b/59x771//X/++1/MP3/Lfr/Yer/D5ea9v+7nxbXTP+/gv6//r/+v/4/AzVs/f+Y+w+EmWSS/wEAACAHMfe/LsxE/gcAAIDaiLn//4eZyP8AAABQGzH3/0yYSSb5X/+/Jv3/Lvr/+v/99u/9//X/66ym/f+B0f+voP+v/6//r//PQF3//n/828r6/zH3HwwzyST/AwAAQA5i7v/ZMBP5HwAAAGoj5v7Xh5nI/wAAAFAbMfcfCjPJJP/r/+v/6//r/1+f/v/ri27D2P9vLh79/3rR/+9P/7+C/r/+v/6//j8DNWzv/x9z/xvCTDLJ/wAAAJCDmPsfDjOR/wEAAKA2Yu5/Y5iJ/A8AAAC1EXP/m8JMMsn/+v/6//r/+v/e/7/3/vX/Nyb9//70/yvo/+v/6//r/zNQw9b/j7n/zWEmmeR/AAAAyEHM/W8JM5H/AQAAoDZi7n9rmIn8DwAAALURc//bwkwyyf/6//r/+v/6//r/vfev/78x6f/3p/9fQf9f/1//X/+fgRq2/n/M/T8XZpJJ/gcAAIAcxNz/SJiJ/A8AAAC1EXP/28NM5H8AAACojZj73xFmkkn+1//X/9f/1//X/++9f/3/jUn/vz/9/wr6//r/+v/6/wzUsPX/Y+5/Z5hJJvkfAAAAchBz/8+Hmcj/AAAAUBsx978rzET+BwAAgNqIuf8Xwkwyyf/6//r/+v/6/1n0/5tX0v/Pgv5/f/r/FXr0/zfr/+v/6//r/3PNhq3/H3P/u8NMMsn/AAAAkIOY+98TZiL/AwAAQG3E3P/eMBP5HwAAAGoj5v5Hw0wyyf/6/1n2/9Nd1v8v6f9n0P/3/v/Z0P/vT/+/gvf/1//X/9f/Z6CGrf8fc/9jYSaZ5H8AAADIQcz97wszkf8BAACgNmLu/8UwE/kfAAAAaiPm/veHmWSS//X/s+z/e///dev/j3Wsj5z6/xNtj2dal/r/+v/rQP+/P/3/Cvr/+v/D3P8Pq3nLMtfX/2cYDVv/P+b+D4SZZJL/AQAAIAcx9/9SmIn8DwAAALURc/8vh5nI/wAAAFAbMff/SphJJvlf/1//X//f+/97///e+9f/35j0//vT/6+g/6//P8z9/wr6/wyjYev/x9z/q2EmmeR/AAAAyEHM/R8MM5H/AQAAoDZi7j8cZiL/AwAAQG3E3H8kzCST/K//393/j++oqv+v/6//r/+v/78RDa7//7Kbi0L/X/9f/1//X/9f/5+1GLb+f8z9R8NMMsn/AAAAkIOY+38tzET+BwAAgNqIuf9YmIn8DwAAALURc/9smEkm+V//3/v/D6r//xP9f/3/QP+/N/3/9eH9//vT/6+g/6//r/+v/89ADVv/P+b+uTCTTPI/AAAA1Fj6cXDM/cfDTOR/AAAAqI2Y+0+Emcj/AAAAUBsx938ozCST/K//r//v/f9vRP9/rGN7/f+S/r/+/yDo//en/19B/1//X/9f/5+BGrb+f8z982EmmeR/AAAAyEHM/R8OM5H/AQAAoDZi7v9ImIn8DwAAALURc//JMJNM8r/+v/5/7v3/RlFc8v7/+v+99q//vzHp//en/19B/1//X/9f/5+BGrb+f8z9p8JMMsn/AAAAkIOY+0+Hmcj/AAAAUBsx958JM5H/AQAAoDZi7j8bZpJJ/tf/1//Pvf9f3JD3/+/cXv+/pP+v/z8IS/r3Y6u7/rL9//9j7z6a9DirPg4/r8u2pNXLR2DNiiWs+Aps2VHFmgVgcjAmZzA5B5NzzsnknHM2OUcTDVWiGJ1zLGked8tWa6b7Pte1OUiFeUbWYOqP6lf3He901d31//p//f8k/b/+X//P+dbW/+fuv1fc0mT/AwAAQAe5++8dt9j/AAAAMIzc/feJW+x/AAAAGEbu/qvilib7X/+v/9f/6//P6f+v1//r/7fN+//T9P8z9P/6f/2//p9Fra3/z91/37ilyf4HAACADnL33y9usf8BAABgGLn77x+32P8AAAAwjNz9D4hbmux//b/+X/+v//f+//7P1/9vk/5/mv5/hv5f/6//1/+zqLX1/7n7Hxi3NNn/AAAA0EHu/gfFLfY/AAAADCN3/4PjFvsfAAAAhpG7/yFxS5P9r//X/+v/9f/6//2fr//fput2N/8zQf9/mP5/xkz/v9vp/6dccD+//5e3na//Fuj/9f8ctrb+P3f/Q+OWJvsfAAAAOsjd/7C4xf4HAACAYeTuvzpusf8BAABgGLn7Hx63NNn/+n/9v/5f/6//3//5+v9t8v7/tIvv/+9wu3veo2//7/3/ad7/1//r/znf2vr/3P3XxC1N9j8AAAB0kLv/EXGL/Q8AAADDyN3/yLjF/gcAAIBh5O5/VNzSZP/r/9v0/we1i/5f/6//1/+PTv8/zfv/Mw7+MXeqfqj/1//r//X/XJy19f+5+x8dtzTZ/wAAANBB7v7HxC32PwAAAAwjd/9j4xb7HwAAAIaRu/9xcUuT/a//b9P/e/9f/6//1/+3oP+fpv+fMcr7/7fxu+a4+/mLddxfv/5f/89ha+v/c/c/Pm5psv8BAACgg9z9T4hb7H8AAAAYRu7+J8Yt9j8AAAAMI3f/k+KWJvtf/6//30b/n5+g/9f/6//1/9P0/9P0/zNG6f9vo+Pu57f+9ev/9f8ctrb+P3f/k+OWJvsfAAAAOsjd/5S4xf4HAACAYeTuf2rcYv8DAADAMHL3Py1uabL/9f/6/230/97/1//r//X/F0b/P03/P0P/r//X/+v/WdTa+v/c/dfGLU32PwAAAHSQu//pcYv9DwAAAMPI3f+MuMX+BwAAgGHk7n9m3NJk/+v/9f/6f/2//n//5+v/t0n/P03/P0P/r//X/+v/WdSK+v+z/qqTu2fFLU32PwAAAHSQu//ZcYv9DwAAAMPI3f+cuMX+BwAAgGHk7n9u3NJk/+v/V9P/H+R8Y/X/p3a7nf5/17T/P3XW72d9X+r/9f9HQP8/Tf8/Q/+v/9f/6/9Z1Ir6/4Mf5+5/XtzSZP8DAABAB7n7nx+32P8AAAAwjNz9L4hb7H8AAAAYRu7+F8YtTfa//n81/f+Bsfp/7/+f//3Rqf/3/v9h+v+jof+fpv+fof/X/+v/9f8sam39f+7+F8VNV15xm3+JAAAAwMrk7n9x3NLkz/8BAACgg9z9L4lb7H8AAADYqGsP/Uzu/pfGLU32v/5/2f7/yrN+Tv+v/z//+0P/r//X/196+v9p+v8Z+n/9v/5f/8+i1tb/5+5/WdzSZP8DAABAB7n7r4tb7H8AAAAYRu7+l8ct9j8AAAAMI3f/K+KWJvtf/+/9f/2//l//v//z9f/bpP+fpv+fof/X/x9v/3/i5n+p/2cMt6L/P3369NWXvP/P3f/KuKXJ/gcAAIAOcve/Km6x/wEAAGAYuftfHbfY/wAAADCM3P2viVua7H/9f9P+P7/V9f8H9P/6/32fr//fJv3/NP3/DP2//t/7//p/FrW29/9z9782bmmy/wEAAKCD3P2vi1vsfwAAABhG7v7Xxy32PwAAAAwjd/8b4pYm+1//37T/9/6//l//f9T9/007/f+R2ET/f+qWP3/t/f81+n/9/4R2/f9d73zOD/X/+n8OW1v/n7v/jXFLk/0PAAAAHeTuf1PcYv8DAADAMHL3vzlusf8BAABgGLn73xI3Xd5k/+v/9f/6f/2//n//5x/x+/9X7nY7/f8CNtH/T1h7/+/9f/3/lHb9/3n0//p/Dltb/5+7/61xS5P9DwAAAB3k7n9b3GL/AwAAwDBy9789brH/AQAAYBi5+98RtzTZ//p//b/+X/8/fP9/zSb6f+//L0T/P03/P0P/r//X/+v/ORLH1f/n7n9n3NJk/wMAAEAHufvfFbfY/wAAADCM3P3vjlvsfwAAABhG7v73xC1N9r/+X/+v/9f/n1hd/3/ynP+8Ju//6/8Xov+fpv+fof/X/+v/r9X/s6S1vf+fu/+9cUuT/Q8AAAAd5O5/X9z6v27tfwAAABhG7v73xy32PwAAAAwjd/8H4pYm+1//r//X/+v/h3//X//fiv5/mv5/hv5f/6//9/4/i1pb/5+7/4NxS5P9DwAAAB3k7v9Q3GL/AwAAwDBy9384brH/AQAAYBi5+6+PW5rsf/2//l//r//X/5/5PdT/j0H/P+1o+v9T+n/9f/Xz/xf/LdD/6//n/nrGtLb+P3f/R+KWJvsfAAAAOsjd/9G4xf4HAACAYeTu/1jcYv8DAADAJl2+5+dy9388bmmy//X/+n/9v/5f/7//8/X/26T/n+b9/xn6/1vZz9/+nB9t7f3/8//3S/+v/2d5a+v/c/d/Im5psv8BAACgg9z9n4xb7H8AAAAYRu7+T8Ut9j8AAAAMI3f/p+OWJvtf/6//1//r//X/+z9f/79N+v9p+v8Z+v9jfT9/61+//l//z2Fr6/9z938mbmmy/wEAAKCD3P2fjVvsfwAAABhG7v7PxS32PwAAAAzjYPdnXNZw/+v/9f/6f/2//n//5+v/t0n/P03/P0P/r//X/+v/WdTa+v/PH/xVJ3dfiFua7H8AAADoIHf/F+MW+x8AAACGkbv/S3GL/Q8AAADDyN3/5bilyf7X/+v/t9H/nz59+mr9v/7/3F/Pzf3/Dfp/iv5/mv5/hv5f/6//1/+zqLX1/7n7vxK3NNn/AAAA0EHu/q/GLfY/AAAADCN3/9fiFvsfAAAAhpG7/+txS5P9r/9fQf9/Uv/v/X/9/877//r/hej/p+n/Z4zY/5+88F/+cffzF+u4v379v/6fw9bW/+fu/0bc0mT/AwAAQAe5+78Zt9j/AAAAMIzc/d+KW+x/AAAAGEbu/m/HLU32v/7/6Pr///296/L+/6nd/q9f/6//1//r/y81/f80/f+MEfv/W+G4+/mtf/36f/0/h62t/8/d/524pcn+BwAAgA5y9383brH/AQAAYBi5+78Xt9j/AAAAMIzc/d+PW5rsf/3/Ct7/H7D/9/7//u8P/f+q+//L9P9j0P9P0//P0P/r//X/C/X/+d2s/+9ubf1/7v4fxC1N9j8AAAB0kLv/h3GL/Q8AAADDyN3/o7jF/gcAAIBh5O6/IW45a//va7tHof/X/+v/9f/6//2fr//fJv3/tAvt/0/sLq7/T/p//b/+v2v/7/1/zlhb/5+7/8dxiz//BwAAgM254hZ+Pnf/T+IW+x8AAACGkbv/p3GL/Q8AAADDyN3/s7jlxsuO60s6Uvp//b/+X/+v/9//+fr/bdL/T/P+/wz9/xL9/F30/2P0/7ud/p+Lt7b+P3f/z+MWf/4PAAAAw8jd/4u4xf4HAACAYeTu/2XcYv8DAADAMHL3/ypuabL/9f/6/4vs/w/STP3/Gfr/M/T/++n/j4b+f5r+f4b+3/v/+n/v/7OotfX/uft/Hbc02f8AAADQQe7+38Qt9j8AAAAMI3f/b+MW+x8AAACGkbv/d3FLk/1/bP1//K3W/2++//f+v/5f/6//XxX9/zT9/wz9v/5f/6//Z1Fr6/9z9/8+bmmy/wEAAKCD3P1/iFvsfwAAABhG7v4/xi32PwAAAAwjd/+f4pYm+9/7//p//b/+X/+///P1/9uk/5+m/9+vfqP0//p//b/+n0Wtrf/P3f/nuKXJ/gcAAIAOcvf/JW6x/wEAAGAYuftvjFvsfwAAABhG7v6/xi1N9r/+X/+v/9f/6//3f77+f5v0/9OOs/+/2//Pf6z3/4+9/88vQf+v/9f/s4i19f+5+/8WtzTZ/wAAANBB7v6/xy32PwAAAAwjd/8/4hb7HwAAAIaRu/+fcUuT/T/T/5+of6P+f5L+/9yvX/+///tD/6//1/9fevr/ad7/n6H/9/6//l//z6LW1v/n7v9X3NJk/wMAAEAHuftvilvsfwAAABhG7v5/xy32PwAAAAwjd/9/4pYm+9/7//p//b/+X/+///P1/9uk/5+m/5+h/9f/6//1/yxqbf1/7v7/BgAA//+GT2Bf") bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x10003, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events.local\x00', 0x275a, 0x0) open(&(0x7f0000000140)='./bus\x00', 0x143142, 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, "ee289f413bb90152f7d6d1ce5ca93c0f7c41499dc28ac63a01000000000000004faa2ad9c084a003ea00", "03bdbcef549ba19704007ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c20c62df7a8d5da5c00000000ff030000fff2ff008900"}) write$cgroup_int(r0, &(0x7f0000000000), 0x12) 33.698349829s ago: executing program 2: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, 0x0, 0x2, 0x0) write$cgroup_subtree(r1, &(0x7f0000000180)=ANY=[@ANYBLOB='-1'], 0x27) 31.137398071s ago: executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_HYPERV_EVENTFD(r1, 0x4048aec9, &(0x7f0000000080)={0x6, 0xffffffffffffffff, 0x20000000}) r2 = socket$inet6(0xa, 0x0, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$SMC_PNETID_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0) syz_mount_image$hfsplus(&(0x7f0000000080), &(0x7f0000000040)='./file1\x00', 0x3000c00, &(0x7f0000000800)=ANY=[], 0x1, 0x663, &(0x7f0000000840)="$eJzs3c1vXFfdB/DvnUzsTJ4+qZsmbYoqxWokQEQkdqwUzIaAEPKiQlVZsLYSp7EyScF2kVsh6vK67SJ/QFl4xwqJfaSyYQMb1K2XlSrYdINZDbp37kwmsccvaeKxw+cT3Tnn3nPvOb/zm/tiT2RNgP9ZcxfTvJ8icxffWC3XN9Zn2hvrM3d69STjSRpJs1uk+Hen0/kkuZbuklfKjXV3xbBx7i3OvvXpFxufddea9VLt39jpuL1Zq5dMJjlWl0+qv+u79Xdit+6K/gzLhF3oJQ5G7XiSTuWf97pbfvbX5/otA1rbHb3rmQ8cAUX3ubnFRHKyvtDLnwO6T8XuM/tIWxt1AAAAAHAAnt/MZlZzatRxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFFSf/9/US+NXn0yRe/7/8fqbanrh8v5/e1+/2nFAQAAAAAAAAAH6PxmNlM0T/XWO0X1f/6vVStnqtf/y7tZzkKWcimrmc9KVrKU6SQTAx2Nrc6vrCxN7+HIK9seeWWXQMfrsvVk5g0AAAAAAAAAz5hfZS6nRh0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMKpJj3aJazvTqE2k0k5xIMlbut5b8vVc/yu6POgAAAAA4AM9vZjOrOdXfMNGvFTmRd3M3K1nMStpZyI3qs4Dub/2NjfWZ9sb6zJ1y2drv9/61rzCqHtP97KE78mTy0Mjnqj1auZnFasulXM87aedGGtWRpXO9eLaP68MypuK7tT1GdqOfjeSjutzig31Ndph9fpgyUWXkeD8jU3VsZTZe2DkTg+9OZ3zfI02n0Q/2zCMjPTKJx8r5ybos5/O7YTkfiUczcWXg7Htp55wnX/vzH39yq3339q2byxcPz5R2tlaXx+qyU722tmZiZiATLz+LmRhqqsrE2f76XH6YH+diJvNmlrKYn2c+K1nIZH5Q1ebr87kYuOSHZOraQ2tv7hbJWH2Gdt+s/cX0WnXsqSzmR3knN7KQ16t/VzKdb+VqrmZ24B0+u4c7bWPIVd/5/22Dv/D1utJK8vu6PBzKvL4wkNfBe+5E1Ta45UGWTu+QpfKu+xj3xuZX6ko5xq/r8nB4NBPTA5l4cefz5Q/VbWW5fff20q35z/c23OmP6kp5Hf12y1PiH19+Qo+tPF9Ol29Wtfbw2VG2vbht23TVdqbf1tjSdrbf1r1S14ZeqeXeL23b05Wq7eVt22aqtnMDbdv9vAXAoXfyGyfHWp+3/tb6uPWb1q3WGye+P/7t8VfHcvwvx7/TnDr21carxZ/ycX458Ps/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw2Jbfe//2/Fh7YamqtPuVTqfzwcNbnolK7+vMDnDQV55LRjXlsSSHI/P/6XQ69ZbiMMSzc6VTGk/nqY/VTLJd0/nBLR+O5PwZ8Y0JeOour9z56eXl997/5uKd+bcX3l64O3v16uzU7NXXZy7fXGwvTHVfRx0l8DQ8eOiPOhIAAAAAAAAAAABgr57M3wy0kgzfZ/joJw5yqgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMARNXcxzfspMj11aapc31ifaZdLr/5gz2aSRpLiF0nxSXIt3SUTA90Vw8a5tzj71qdfbHz2oK9mb//GTsftzVq9ZDLJsbp8Uv1d/9L9Ff0Zlgm70EscjNp/AwAA//+SOAQD") r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$bt_sco(r4, 0x0, 0x0) listen(r4, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2b, '\x00', 0x0, 0x9}, 0x90) ioctl$BTRFS_IOC_SPACE_INFO(0xffffffffffffffff, 0xc0109414, &(0x7f0000001940)={0xa02, 0x80000001, ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r5, &(0x7f00000001c0)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r5, 0x0) io_uring_enter(0xffffffffffffffff, 0x2d3e, 0x0, 0x0, 0x0, 0x0) syz_mount_image$udf(&(0x7f0000000c40), &(0x7f0000000340)='./file0\x00', 0x800000, &(0x7f00000000c0)=ANY=[], 0x4, 0xc24, &(0x7f0000000d00)="$eJzs3V9oXOl5B+D3myOtJW/TzG42zh/nYmAD2Xqzi2R51yregBwrIgvGa1ZWLhYKGluyO6w0kiW5eEMJLiSUkLa45CKXNWwCvauvWggNuFfbEgKiV6UXxW03Zns3CaQtvViVM/ONNNLalrK2JXn9PMb+nTnznpnvzOrVnDN7zpwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACK+/o2TQ8Npr0cBAOymM5NvDo14/weAJ8o5+/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGwvRRHfjRTv/qCVptu3OwZON5pXrk6NT9x9scEUKSpRtOvLvwPDR0eOvfLq8dFu3n/5h+0L8cbkuZO1Uwvzi0uzy8uzM7WpZuPCwszsjh/hQZff6kj7BajNv31l5uLF5drRl0c23X21eufA04eqJ0YPj7zVrZ0an5iY7Knp6//Yz/4R6eE9FJ8gT0UR34wU7730QapHRCUevBe2+d3xqA1GX9l/7ZWYGp9or8hco95cKe9MlVzVF1HtWWis2yO70IsPZCziWvnfqRzwkXL1JhfrS/Xzc7O1s/WllcZKY6GZKp3RlutTjUqMpojFiGgVez149pv+KOJYpLjz61Y6HxFFtw9ePDP55tDI9g/QtwuDvMfTVouI1XgMehb2qQNRxF9Gih9OD8WF3Ffttnk/4itlvhZxucxbKa7n26n8BTEa8SvvJ/BY64sifhEpFlIrzXR7v71defpbtdebFxd6arvblY/9/sFusm3CPjYQRZxvb/G30sf/sAsAAAAAAAAAAAAA2B1F/DRS3Jx/IS1G7zmljeal2rn6+bnOUcHdY/9ream1tbW1aupkLedQzrGcZ3NO51zMeS3n9Zw3ct7MeSvnas7bOVs5o5KfP2ct51DOsZxnc07nXMx5Lef1nDdy3sx5K+dqzts5WznDeU8AAAAAAAAAAAAAAAAAAAA8ZINRxESkuPHuH7WvKx3t69J/+sTomfHneq8Z/7ltHqesfTkifho7uyZvf77WeKqUfx7+egHbG4givpOv//cnez0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgX6hEEd+NFD/6TStFioixiOno5O1ir0cHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJQGUhGnIsV/fWOgfXs1Ir4YER+ulX8i/ndtq70eMQAAAAAAAAAAAAAAAAAAAHwCpSIuR4ofv9dK1Yi4Wr1z4OlD1ROjh0feKqKIVJb01r8xee5k7dTC/OLS7PLy7Extqtm4sDAzu9OnGzjdaF65OjU+8UhWZluDj3j8gwOnFhbfWWpc+sOVu95/cODk+eWVpfqFu98dg9EXMdQ750h7wFPjE+1BzzXqzfaiqXKPAfZF1Ha6MgAAAAAAAAAAAAAAAAAAAOwbB1MR45Hi+Z8dS93zxvs65/x/qnOrWK/9yR9vfBfA3Jbs6v3+gJ1Mp50O9Ej7xPva1PjExGTP7L7+j5aWY0qpiM9GisN///n2+fApDt713Piy7s8ixej/Hct11cNl3dimqoEjU+MTtTMLzZdOzs0tXKiv1M/PzdYmF+sXdvzFAQAAAAAAAAAAAAAAAAAAAHAfB1MRfx4pjr2+mrrXnc/n//d1bvWc//9aRPey8wNpc65rn9v/u+1z+zvTnz4x+vrR5+81/1Gc/1+OKaUiPowUz/zV59vX0++e/z+0pbas+3Gk+MX3vpTrKk+VdcPd1ek84sXG3OxQWftipPj+2W5ttGtfzbWf2agdLmv/IVI8+weba4/n2uc2ao+WtXcixcSZu9d+dqN2pKwdjBRf/dNat/ZgWfv1XHtoo/blCwtzMzt9eXkylf3/b5Hiy8PfTN2f+Xv2f8/3f1zbkus+0vP3n35Y/V/tmXct9/Va7v/hbfr/cqT4i+tfynWd3jua73+m/e9G/38/UvzepzbXvpJrn92oHd7pasFeKvv/nyLF6u1/Wf+Zz/2fO2ujQ3v7/4t9m7O7XbBX/f9Mz7xqHtfIb/lawJNm+Z1vv12fm5tdMmHChIn1ib3+zQQ8auX2/39Hiq9dLlJ3PzZv//9O59bG/v//fGdj+//Elly3R9v/z/bMO5H3Wvr7IgZW5hf7PxcxsPzOt19qzNcvzV6abY6MjB7//WPDR48P9z/V3bnfmNrxawePu7L/344UP/mbf17/HHvz/v/dP/87uCXX7VH/f6Z3nTbt1+z4pYAnTtn/fx0p/vXGB+v/v+l+n/91P+d74fnNOdgt2qP+f65nXi3/M9oz74Ui4uROnwsAAAAAAAAAAB4TB1MRP4sUf9v6x/Vr3m8+/ie+3K3tPf7vXvbD9f8BgPsr3/8nI8XPD341db9DZifH/89syXV7dPzvoZ55M7t0XvOOX2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiYUhRxIFK8+4NWul2UtzsGTjeaV65OjU/cfbHBFCkqUbTry78Dw0dHjr3y6vHRbt5/+YftC/HG5LmTtVML84tLs8vLszO1qWbjwsLM7I4f4UGX3+pI+wWozb99ZebixeXa0ZdHNt19tXrnwNOHqidGD4+81a2dGp+YmOyp6ev/2M/+EenhPRSfIE9FET+PFO+99EH69yKiEg/eC9v87njUBqOv7L/2SkyNT7RXZK5Rb66Ud6ZKruqLqPYsNNbtkV3oxQcyFnEtIirlgI+Uqze5WF+qn5+brZ2tL600VhoLzVTpjLZcn2pUYjRFLEZEq9jrwbPf9EcRfxcp7vy6lf6jiCi6ffDimck3h0a2f4C+XRjkPZ62WkSsxmPQs7BPHYginosUP5weiv8sOn3Vbpv3I75S5msRl8u8leJ6vp3KXxCjEb/yfgKPtb4o4mykWEit9H6Re7+9XXn6W7XXmxcXemq725WP/f7BbrJtwj42EEX8sr3F30q/9H4OAAAAAAAAAAAAAPtcEV+LFDfnX0jt80PXzyltNC/VztXPz3UO6+8e+1/LS62tra1VUydrOYdyjuU8m3M652LOazmv57yR82bOWzlXc97O2coZlfz8OWs5h3KO5TybczrnYs5rOa/nvJHzZs5bOVdz3s7ZyhmOkwYAAAAAAAAAAAAAAAAA4BGpRBHfixQ/+k0rrRWd68tORydvO88VPtH+PwAA//9mFkcG") r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) getdents(r6, 0xfffffffffffffffd, 0x58) getsockname$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) sendmsg$nl_route(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000900)=ANY=[@ANYBLOB="400000001000370400"/20, @ANYRES32=r7, @ANYBLOB="a90404020e0000002000128008000100736974001400028006040000000000000000140009000000"], 0x40}}, 0x0) sendmmsg$inet(r2, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @remote}, 0x10, 0x0, 0x0, &(0x7f00000004c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r7, @empty}}}], 0x20}}], 0x1, 0x0) 30.785107892s ago: executing program 2: prlimit64(0x0, 0xf, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x20, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000240)) timer_settime(0x0, 0x1, &(0x7f0000000640)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="73656366090000000000000075736569736595586366ad8ebb99dba1bcfab3f7022f86815b7d752c00002f460fb35c26bd6e622c79955bd29f95eb3a9e9bff7518795578c4400410f86746831fe448"], 0x1, 0x612b, &(0x7f0000006640)="$eJzs3c1vHGcdB/DfvvqltLV6qEqEkJuWl1KaxEkJgQJtD3Dg0gPKFSVy3SoiBZQElFYWceULB078BSAkjghxRBz4A3rgyo0TJyLZSKCeGDT288TjzW7t1PHO2s/nIzkzv3lmvc/4u7MvmZl9AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACI73/vByudiLj287RgKeIz0YvoRizU9XJELCwv5fX7EfFc7DTHsxExmIuob7/zz9MRr0bER09FbG2vr9aLLx6yH9/9499/98Mn3vrbHwbn//unO73XJq139+6v/vPne0fbZgAAAChNVVVVJ33MP5M+33fb7hQAMBX59b9K8vJTX//6n2/9ZZb6o1ar1Wr1FOqmarx7zSIiNpq3qd8zOBwPACfMRnzcdhdokfyL1o+IJ9ruBDDTOm13gGOxtb2+2kn5dpqvB8u77flckH35b3QeXN8xaXqQ0XNMpvX42oxePDOhPwtT6sMsyfl3R/O/tts+TOsdd/7TMin/4e6lT8XJ+fdG8x9xevLvjs2/VDn//iPl35M/AAAAAADMsPz//0stH/+dO/qmHMonHf9dnlIfAAAAAAAAAOBxO+r4fw8Y/w8AAABmVv1Zvfabp/aWTfoutnr51U7EkyPrA4VJF8sstt0PAAAAAAAAAAAAAChJf/cc3qudiEFEPLm4WFVV/dM0Wj+qo97+pCt9+6FkbT/JAwDAro+eGrmWvxMxHxFX03f9DRYXF6tqfmGxWqwW5vL72eHcfLXQ+Fybp/WyueEh3hD3h1X9y+Ybt2s66PPyQe2jv6++r2HVO0THHpNB+mtOaG4pbABIdl+NtrwinTJV9fSkNx+wj/3/FFqKpbYfV8y+th+mAAAAwPGrqqrqpK/zPpOO+Xfb7hQAMBX59X/0uMCR6u6E9ojH8/vVarVarVZ/qrqpGu9es4iIjeZt6vcMhuMHgBNmIz5uuwu0SP5F60fEc213AphpnbY7wLHY2l5f7aR8O83XgzS+ez4XZF/+G52d2+Xbj5seZPQck2k9vjajF89M6M+zU+rDLMn5d0fzv7bbPkzrHXf+0zIp/+HOJXPlyfn3RvMfcXry747Nv1Q5//4j5d+TPwAAAAAAzLD8//9Ljv/mTQYAAAAAAACAE2dre301X/eaj/9/bsx6rv88nXL+nUfNfyHNy/9Ey/l3R/L/8sh6vcb8/Tf39v9/b6+v/v7Ovz6bp4fNfy7PdNIjq5MeEZ10T51+mh5l6x62OegN63sadLq9fjrnpxq8EzfiZqzFhX3rdtPfY699ZV973dPBvvaL+9r7D7Vf2tc+SN87UC3k9nOxGj+Jm/H2TnvdNnfA9s8f0F4d0J7z73n+L1LOv9/4qfNfTO2dkWnt/ofdh/b75nTc/bxx4/O/vHD8m3Ogzeg92LamevvOttCfnb/JE8P42e21W+fuXr9z59ZKpMm+pRcjTR6znP9g52du7/n/hd32/Lzf3F/vfzh85PxnxWb0J+b/QmO+3t6Xpty3NuT8h+kn5/92ah+//5/k/Cfv/y+30B8AAAAAAAAAAAAAAAD4JFVV7Vwi+kZEXE7X/7R1bSYAMF359b9K8nK1Wq1Wq9Wnr26qxnu9WUTEX5u3qd8z/GLcLwMAZtn/IuIfbXeC1si/YPn7/urpi213Bpiq2+9/8KPrN2+u3brddk8AAAAAAAAAgE8rj/+53Bj/+cWIWBpZb9/4r2/G8lHH/+znmQcDjD7mgb4n2OwOe93GcOPPx8743Ocmjf99Nh4e/zuPidtrbscEgwPahwe0zx3QPj926V5aYy/0aMj5P98Y77zO/8zI8OsljP86OuZ9CXL+ZxuP5zr/L42s18y/+u3M5b9x2BU3o7sv//N33vvp+dvvf/DKjfeuv7v27tqPL62sXLh0+fKVK1fOv3Pj5tqF3X+Pp9czIOefx752HmhZcv45c/mXJef/hVTLvyw5/y+mWv5lyfnn93vyL0vOP3/2kX9Zcv4vpVr+Zcn5fyXV8i/L1vb6XJ3/y6mWf1ny/v/VVMu/LDn/V1It/7Lk/M+lWv5lyfmfT/Uh8vf18KdIzj8f4bL/lyXnv5Jq+Zcl538x1fIvS87/UqrlX5ac/6upln9Zcv5fS7X8y5Lzv5xq+Zcl5//1VMu/LDn/K6mWf1ly/t9ItfzLkvP/ZqrlX5ac/2upln9Zcv7fSrX8y5Lz/3aq5V+WnP93Ui3/suT8X0+1/Muy9/3/ZsyYMZNn2n5mAgAAAAAAAAAAAABGTeN04ra3EQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/7MDBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzda4xcZ30G8DN7sdcOIQZCcFIDa8cY4yzZ9SW+0LqYcG2AUiCh0Au2612bBd/w2iVQJJsGSiSMiiqqph/aAkJtpKrCqvhAK0rzoerlU9N+oF8qqkpIjaoQBVSktqLZaua87+uZ2dmZXe94PXve309K/t6dM3POnHlndp+1nx0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg2dY3z3y+VhRF/b/G/zYVxYvqf94wvqnxuTfc6iMEAAAAVur/Gv9//o70iSNLuFLTNn/3qn/85vz8/HzxweHfHf3y/Hy6YLwoRtcXReOy6Nq/f6jWvE3wWDFWG2r6eKjH7od7XD7S4/LRHpev63H5+h6Xj/W4fMEJWGBD+fOYxo1tb/xxU3lKizuL0cZl2ztc67Ha+qGh+LOchlrjOvOjJ4vZ4nQxU0y1bF9uW2ts/+2t9X29o4j7Gmra15b6Cvnhp0/EY6iFc7y9ZV/XbzP6wZuK8R/98NMn/vjis3d3mj1PQ8vtlce5c1v9OD8bPlMea61Yn85JPM6hpuPc0uExGW45zlrjevU/tx/n80s8zuHrh7mq2h/zsWKo8eenG+dppPnHeuk8bQmf++97i6K4cv2w27dZsK9iqNjY8pmh64/PWLki67dRX0ovLUaWtU63LmGd1uf09tZ12v6ciI//1nC9kUWOoflh+sFn1i143Je7TqP6vV7sudK+Bvv9XBmUNRjXxdONO/14xzW4Pdz/T+9YfA12XDsd1mC6301rcFuvNTi0brhxzOlBqDWuc30N7m7Zfrixp1pjPrOj+xqcvHjm/OTcJz/1+tkzx0/NnJo5u3f37qm9+/cfPHhw8uTs6Zmp8v83eLYH38ZiKD0HtoVzF58Dr23btnmpzn+1f8/DsS7Pw01t2/b7eTjSfudqq/OEXLimy+fGw/WTPnZ1qFjkOdZ4fHat/HmY7nfT83Ck6XnY8WtKh+fhyBKeh/Vtzu9a2vcsI03/dTqGm/W1YFPTGmz/fqR9Dfb7+5FBWYNjYV38667FvxZsCcf7+MRyvx8ZXrAG090Nrz31z6Tv98cONkandXlP/YLb1hWX5mYu3P/o8YsXL+wuwlgVL2taK+3rdWPTfSoWrNehZa/XI7OvevyeDp/fFM7V2Ovr/xtb9LGqb7Pv/u6PVeOrW+fz2fLZPUUYfbba57PTV/P6+UxZssv5rG/z2cmVfy+ecmnT6+/oIq+/Mfe/UO4v3dRjw6Mj5fN3OJ2d0ZbX49aHaqTx2lVr7Pv5yaW9Ho+G/1b79fjOLq/Hm9u27ffr8Wj7nYuvx7VeP+1YmfbHcyysk9NT3V+P69ts3rPcNTnS9fX43jBr4fy/LiSFlIua1s5i6zbta2RkNNyvkbiH1nW6t2X70ZDN6vt6cs+NrdOd95a3NZzu3XWrtU7H27bt9zpNr1eLrdNar5++3Zj2x3MsrIs793Zfp/Vtntq38tfODfGPTa+d63qtwdHhdfVjHk2LsHy9n98Q1+D9xYniXHG6mG5cuq6xnmqNfU08sLQ1uC78t9qvlZu7rMGdbdv2ew2mr2OLrb3ayMI73wftj+dYWBdPPNB9Dda3ecuB/n7vujN8Jm3T9L1r+8/XFvuZ1z1tp+lm/syrfpx/c6D7z2br25w+uNyc2f083Rc+c1uH89T+/F3sOTVdrM552hyO89mDi5+n+vHUt/nyoSWupyNFUVz++IONn/eGv1/580vf/WbL37t0+judyx9/8LnbT/7tco4fgLXvhXJsLL/WNf3N1FL+/h8AAABYE2LuHwozkf8BAACgMmLuj/8qPJH/AQAAoDJi7h8JM8kk/29+y7OzL1wuUjN/PoiXp9PwULld7LhOhY/H56+rf/7Br8/8+C8vL23fQ0VR/OSh3+i4/eaH4nGVxsNxXntr6+cXXvHykvZ/7JHr2zX3178Sbj/en6Uug04V3KmiKL59xxcb+xn/0NXGfOqhY435viuPP1bf5vlD5cfx+s+8rNz+D0L598jJ4y3Xfyach++HOfXOzucjXu8bV1+35cAHru8vXq+27cWNu/3Eh8vbjb8n50uPldvH87zY8f/VF578Rn37R1/T+fgvD3U+/ifD7X49zP95Zbl982NQ/zhe73Ph+OP+4vXu/9p3Oh7/tc+X259/W7ndsTDj/neGj7e/7dnZ5vP1aO14y/0q3l5uF/c/9d3fblweby/efvvxjx292nI+2tfHU/9c3s5k2/bx83E/0V+07b9+O83rM+7/yd861nKee+3/2vueeWX9dtv3f1/bdsNt12//jU1/+LkvdtxfPJ4jf3a+5f4ceW94Hof9P/HhsB7D5f977Yst+42Ovbf19Sdu/5VNl1vuT/SOH5X7v/bGU435H+M//v3bXnT7i6+8un7uiuLp95e312v/p/7oXMvxf/WuXY3HI14eO/rt+19M3P+FT0ycPTd3aXa66aw2fnfOu8rjWT+2YWP9eO8Ir63tHx89d/EjMxfGp8animK8ur9C74Z9LcznynFludff9Uh4PO/5vW9v3PFPX4if/5eHy89ffWf5deu1Ybsvhc9vKh+/+doK9//E1rsaz+/aU+XHLT32Ptiy/T8PLmnDcP/bvy+I6/38yz/SOA/1yxpfN+LzeoXH/73p8na+Fc7rfPjNzNvuur6/5u3j70a4+v7y+b7i8xde5uLj+ifh8X7398vbj8cV7+/3wvcx39nc+noX18e3Lg+1337jt3hcCa8nxZXy8rhVPN9Xn7+r4+HF30NSXLm78fHvpNu5e1l3czFzn5ybPD179tKjkxdn5i5Ozn3yU0fPnLt09uLRxu/yPPrRXte//vq0sfH6ND2zf18xtaEoinPF1Cq8YN2c46//aWnHf/6RE9MHpnZMz5w8funkxUfOz1w4dWJu7sTM9NyO4ydPznyi1/Vnpw/v3nNo74E9E6dmpw8fPHRo76GJ2bPn6odRHlQP+6c+NnH2wtHGVeYO7zu0+4EH9k1NnDk3PXP4wNTUxKVe1298bZqoX/vXJy7MnD5+cfbMzMTc7KdmDu8+tH//np6/DfDM+ZNz45MXLp2dvDQ3c2GyvC/jFxufrn/t63V9qmnu38rvZ9vVyl/EV7znvv3p97PWff0zi95UuUnbLxB9Nvwumn94yfmDS/k45v7RMJNM8j8AAADkIOb+dWEm8j8AAABURsz968NM5H8AAACojJj7x8JMMsn/+v/6/0vr/5eX6//n1f8///GyV7rW+/+xP6//n4db3P9f8f71//X/q9f/X3p/fq0fv/6//j8LDVr/P+b+DUWRZf4HAACAHMTcvzHMRP4HAACAyoi5/7YwE/kfAAAAKiPm/heFmWSS//X/l9T/39OrcFX9/r/3/9f/L9Zm/z8+OPr/2Vh2//4DD7d8qP8f6P/r/+v/6//r/7Nio4tecqv6/zH33x5mkkn+BwAAgBzE3P/iMBP5HwAAACoj5v47wkzkfwAAAKiMmPs3hZlkkv/1/73/v/6//n+l+/8rff//poPR/18bvP9/d/r/Pdxw/39M/38t9v9H+3v8g93/73n4+v/cFIP2/v8x978kzCST/A8AAAA5iLn/pWEm8j8AAABURsz9Lwszkf8BAACgMmLuvzPMJJP8r/+v/6//r/+v/995/73f/7/8k/7/YNH/707/vwfv/59X/7/Pxz/Y/f9+v///6Fvbr6//TyeD1v+Puf/lYSaZ5H8AAADIQcz9d4WZyP8AAABQGTH3vyLMRP4HAACAyoi5f3OYSSb5X/9f/1//X/9f/7/z/nv3/0v6/4NF/787/f8e9P/1//X/l9b/7/DNr/4/nQxa/z/m/rvDTDLJ/wAAAJCDmPvvCTOR/wEAAKAyYu7/qTAT+R8AAAAqI+b+LWEmmeR//X/9f/3/vPr/963T/9f/rzb9/+70/3vQ/9f/1/9f4vv/L7Sc/v/6XjdGZQxa/z/m/leGmWSS/wEAACAHMfe/KsxE/gcAAIDKiLn/1WEm8j8AAABURsz942EmmeR//f9q9f//9K+feHWh/6//32P/Fe3/x2Wg/585/f/u9P970P/X/9f/X5X+P/kYtP5/zP1bw0wyyf8AAACQg5j7t4WZyP8AAABQGTH33xtmIv8DAABAZcTcvz3MJJP8r/9frf5/pP+v/99t/xXt/yf6/3nT/++g6Umq/9+D/r/+f/b9//jdr/4//TFo/f+Y+18TZpJJ/gcAAIAcxNy/I8xE/gcAAIDKiLn/tWEm8j8AAABURsz9O8NMMsn/+v/6//r/+v/6/533r/+/Nun/d7fc/v86/X/9f/3/zPr/3v+f/hq0/n/M/a8LM8kk/wMAAEAOYu7fFWYi/wMAAEBlxH+/Wf67V/kfAAAAqijm/okwk0zyv/6//n9O/f+a/r/+v/5/5en/d+f9/3vQ/9f/1//X/6evBq3/H3P/68NMMsn/AAAAkIOY++8PM5H/AQAAoDJi7p8MM5H/AQAAoDJi7p8KM8kk/+v/6//n1P/3/v/6//r/1af/353+fw/6//r/Vev/F4X+P7fUoPX/Y+7fHWaSSf4HAACAHMTcvyfMRP4HAACAyoi5f2+YifwPAAAAlRFz/74wk0zyv/6//r/+v/6//n/n/ev/r036/93p//eg/6//X7X+v/f/5xYbtP5/zP0PhJlkkv8BAAAgBzH37w8zkf8BAACgMmLuPxBmEvJ/p3/XDQAAAKwtMfcfDDPJ5O//9f8r0v//zb9v2bf+v/5/t/33p/+/Qf8/TP3/wVLR/n/70+KG6f/3oP+v/6//r/9PXw1a/z/m/kNhJpnkfwAAAMhBzP1vCDOR/wEAAKAyYu7/6TAT+R8AAAAqI+b+nwkzyST/6/9XpP/fRv9f/7/b/r3/v/5/lVW0/983ler/D+n/6/8P1vHr/+v/s9DN7//HPy2t/x9z/+Ewk0zyPwAAAOQg5v6fDTOR/wEAAKAyYu5/Y5iJ/A8AAACVEXP/kTCTTPK//r/+v/6//v/N6f+/sWg3iP3/+uLR/68W/f/uKtX/9/7/+v8Ddvz6//r/LDRo7/8fc/+bwkwyyf8AAACQg5j7Hwwzkf8BAACgMmLuf3OYifwPAAAAlRFz/1vCTDLJ//r/+v/6//r/3v+/8/71/9cm/f/u9P970P/X/9f/1/+nrwat/x9z/1vDTDLJ/wAAAJCDmPvfFmYi/wMAAEBlxNz/9jAT+R8AAAAqI+b+d4SZZJL/9f/1//X/9f/1/zvvX/9/bdL/707/vwf9f/1//X/9f/pq0Pr/Mff/XJhJJvkfAAAAchBz/0NhJvI/AAAAVEbM/e8MM5H/AQAAoDJi7n9XmEkm+V//X/9f/1//X/+/8/71/9cm/f/u9P970P/X/9f/1/+nrwat/x9z/7vDTDLJ/wAAAJCDmPt/PsxE/gcAAIDKiLn/PWEm8j8AAABURsz9vxBmkkn+1//X/x+s/v/85ebr6f/r/xf96v/Xr6T/nwX9/+70/3vo0P9fr/+v/6//r//PDRu0/n/M/e8NM8kk/wMAAEAOYu5/X5iJ/A8AAACVEXP/+8NM5H8AAACojJj7Hw4zyST/6/9n2f9Pd3nw+v/e/1//3/v/6/+vjP5/d/r/PXj/f/1//X/9f/pq0Pr/Mfc/EmaSSf4HAACAHMTc/4EwE/kfAAAAKiPm/l8MM5H/AQAAoDJi7v9gmEkm+V//P8v+/wC//3/V+v8jLesjp/7/WNPjmdal/r/+/yrQ/+9O/78H/X/9/0Hu/4fVvGGR6+v/M4gGrf8fc/+Hwkwyyf8AAACQg5j7fynMRP4HAACAyoi5/5fDTOR/AAAAqIyY+38lzCST/K//r/+v/+/9/73/f+f96/+vTfr/3en/96D/r/8/yP3/HvT/GUSD1v+Puf9Xw0wWDX7P/dcS7iYAAAAwQGLu/3CYSSZ//w8AAAA5iLn/aJiJ/A8AAACVEXP/sTCTTPK//n97/z++o6r+v/6//r/+v/7/WtS//v8rbi8K/X/9f/1//X/9f/1/VmLQ+v8x9x8PM8kk/wMAAEAOYu7/tTAT+R8AAAAqI+b+E2Em8j8AAABURsz902EmmeT/W9j/Hx3M/r/3/7/R/v9P9P/1/wP9/870/1eH9//vTv+/B/1//X/9f/1/+mrQ+v8x98+EmWSS/wEAAKDC0o+DY+4/GWYi/wMAAEBlxNx/KsxE/gcAAIDKiLn/I2EmmeR/7/+v/+/9/29F/3+kZXv9/5L+v/5/P+j/d6f/34P+v/6//r/+P301aP3/mPtnw0wyyf8AAACQg5j7PxpmIv8DAABAZcTc/7EwE/kfAAAAKiPm/tNhJpnkf/1//f/c+/+1orji/f/1/zvtX/9/bdL/707/vwf9f/1//X/9f/pq0Pr/MfefCTPJJP8DAABADmLuPxtmIv8DAABAZcTcfy7MRP4HgP9n7y6aJDuvPA7naKSG1cxHmPWsZjmz0nwEb71zhNeOMMgMksxsy8wgMzOTzMzMMjPKKDuiHao+53RXV/a9DdlV977neTbH3aFyZqlTcvxd8YsLADCM3P13j1ua7H/9v/6/e/+/OZLn/+//6/X/p+n/9f+7cKC/v3r7X3e+KPy8/f///O91d9H/6//1/5P0//p//T/nWlr/n7v/HnFLk/0PAAAAHeTuv2fcYv8DAADAMHL33ytusf8BAABgGLn7r4tbmux//b/+X/+v/9/X/9+i/9f/r5vn/0/T/8/Q/+v/9f/6f3Zqaf1/7v57xy1N9j8AAAB0kLv/PnGL/Q8AAADDyN1/37jF/gcAAIBh5O6/X9zSZP/r//X/+v+19P/HPP//nO9H/6//30b/P03/P0P/r//X/+v/2aml9f+5++8ftzTZ/wAAANBB7v4HxC32PwAAAAwjd/8D4xb7HwAAAIaRu/9BcUuT/a//1//r/9fS/x/S8//1//r/lbt5c+bfCfr/g/T/M2b6/81G/z/lgvv57d/eet7/eej/9f8ctLT+P3f/g+OW/99sjl3qNwkAAAAsSu7+h8QtTX7+DwAAAB3k7r8+brH/AQAAYBi5+2+IW5rsf/2//l//r//X/29/ff3/Onn+/7TL7///+z/vdte+/b/n/0/z/P9d9/93fDL0/6zb0vr/3P03xi1N9j8AAAB0kLv/oXGL/Q8AAADDyN3/sLjF/gcAAIBh5O5/eNzSZP/r/0fr//9939ed1f/v1S76f/2//l//Pzr9/zTP/5+x96+5k/VL/b/+3/P/9f9cnqX1/7n7HxG3NNn/AAAA0EHu/kfGLfY/AAAADCN3/6PiFvsfAAAAhpG7/9FxS5P9r/8frf/f/3We/6//3/b6+n/9/8j0/9P0/zNGef7/JX5qjrqfv1xH/f71//p/Dlpa/5+7/zFxS5P9DwAAAB3k7n9s3GL/AwAAwDBy9z8ubrH/AQAAYBi5+x8ftzTZ//p//f86+v98Bf2//v/K9/9J/79O+v9p+v8Zo/T/l+io+/m1v3/9v/6fg5bW/+fuf0Lc0mT/AwAAQAe5+58Yt9j/AAAAMIzc/U+KW+x/AAAAGEbu/ifHLU32v/5f/7+O/t/z//X/nv+v/78w+v9p+v8Z+n/9v/5f/89OLa3/z91/U9zSZP8DAABAB7n7nxK32P8AAAAwjNz9T41b7H8AAAAYRu7+p8UtTfa//l//r//X/+v/t7++/n+d9P/T9P8z9P/6f/2//p+dWlD/f9ZXndg8PW5psv8BAACgg9z9z4hb7H8AAAAYRu7+Z8Yt9j8AAAAMI3f/s+KWJvtf/7+Y/n8v5xur/z+52Wz0/5um/f/Js/4863Op/9f/HwL9/zT9/wz9v/5f/6//Z6cW1P/v/Tp3/7Pjlib7HwAAADrI3f+cuMX+BwAAgGHk7n9u3GL/AwAAwDBy9z8vbmmy//X/i+n/94zV/3v+/7mfj079v+f/H6T/Pxz6/2n6/xn6f/2//l//z04trf/P3f/8uOnYNZf8LQIAAAALk7v/BXFLk5//AwAAQAe5+18Yt9j/AAAAsFI3Hfid3P0vilua7H/9/277/2Nn/Z7+X/9/7udD/6//1/9fefr/afr/Gfp//b/+X//PTi2t/8/d/+K4pcn+BwAAgA5y998ct9j/AAAAMIzc/S+JW+x/AAAAGEbu/pfGLU32v/7f8//1//p//f/219f/r5P+f5r+f4b+X/9/tP3/8TP/Uf/PGC6i/z916tT1V7z/z93/srilyf4HAACADnL3vzxusf8BAABgGLn7XxG32P8AAAAwjNz9r4xbmux//X/T/j8/6uvq/2/YbPT/+n/9v/5/mv5/mv5/hv5f/+/5//p/dmppz//P3f+quKXJ/gcAAIAOcve/Om6x/wEAAGAYuftfE7fY/wAAADCM3P2vjVua7H/9f9P+3/P/9f/6/8Pu/2/f6P8PxSr6/5Pnf/2l9/836v/1/xPa9f93+r99v9T/6/85aGn9f+7+18UtTfY/AAAAdJC7//Vxi/0PAAAAw8jd/4a4xf4HAACAYeTuf2PcdHWT/a//1//r//X/+v/tr3/Iz/8/ttls9P87sIr+f8LS+//dPP//3H/Kz9D/6//X/P71//p/Dlpa/5+7/01xS5P9DwAAAB3k7n9z3GL/AwAAwDBy978lbrH/AQAAYBi5+98atzTZ//p//b/+X/8/fP9/4yr6f8//3xH9/7Rl9P/np//X/6/5/ev/9f9cuKPq/3P3vy1uabL/AQAAoIPc/W+PW+x/AAAAGEbu/nfELfY/AAAADCN3/zvjlib7X/+v/7+Y/j/fp/5/rP7/+OL6/xP7/vuaPP9f/78j+v9p+v8Z+n/9v/7/Jv0/u7S05//n7n9X3NJk/wMAAEAHufvfHbf+r1v7HwAAAIaRu/89cYv9DwAAAMPI3f/euKXJ/tf/6/89/1//P/zz//X/rej/p+n/Z+j/9f/6f8//Z6eW1v/n7n9f3NJk/wMAAEAHufvfH7fY/wAAADCM3P0fiFvsfwAAABhG7v5b4pYm+1//r//X/+v/9f+n/wz1/2PQ/087nP7/pP5f/1/9/L/FPwX6f/3/3NczpqX1/7n7Pxi3NNn/AAAA0EHu/g/FLfY/AAAADCN3/4fjFvsfAAAAVunqLb+Xu/8jcUuT/a//1//r//X/+v/tr6//X6cj6f/zQ6H/9/z/0Kf//699v1rb8//P/d8v/b/+n91bWv+fu/+jcUuT/Q8AAAAd5O7/WNxi/wMAAMAwcvd/PG6x/wEAAGAYufs/Ebc02f/6f/2//l//r//f/vr6/3Xy/P9p+v8Z+v8jfX7+2t+//l//z0FL6/9z938ybmmy/wEAAKCD3P2filvsfwAAABhG7v5Pxy32PwAAAAxjb/dnXNZw/+v/9f/6f/2//n/76+v/10n/P03/P0P/r//X/+v/2aml9f+f2fuqE5vPxi1N9j8AAAB0kLv/c3GL/Q8AAADDyN3/+bjF/gcAAIBh5O7/QtzSZP/r//X/6+j/T506db3+X/+///s50//fqv+n6P+n6f9n6P/1//p//T87tbT+P3f/F+OWJvsfAAAAOsjd/6W4xf4HAACAYeTu/3LcYv8DAADAMHL3fyVuabL/9f8L6P9P6P89/1//v/H8f/3/juj/p+n/Z4zY/5+48G//qPv5y3XU71//r//noKX1/7n7vxq3NNn/AAAA0EHu/q/FLfY/AAAADCN3/9fjFvsfAAAAhpG7/xtxS5P9r/8/vP7/jr93XZ7/f3Kz/f3r//X/+n/9/5Wm/5+m/58xYv9/EY66n1/7+9f/6/85aGn9f+7+b8Yt+4ffNRf3XQIAAABLkrv/W3FLk5//AwAAQAe5+78dt9j/AAAAMIzc/d+JW5rsf/3/Ap7/P2D/7/n/2z8f+v9F9/9X6f/HoP+fpv+fof/X/+v/d9T/56dZ/9/d0vr/3P3fjVua7H8AAADoIHf/9+IW+x8AAACGkbv/+3GL/Q8AAADDyN1/a9xy1v7f1naPQv+v/9f/6//1/9tfX/+/Tvr/aRfa/x/fXF7/n/T/+n/9f9f+3/P/OW1p/X/u/h/ELX7+DwAAAKtzzXl+P3f/D+MW+x8AAACGkbv/R3GL/Q8AAADDyN3/47jltquO6i0dKv2//l//r//X/29/ff3/Oun/p3n+/wz9/y76+Wv1/2P0/5uN/p/Lt7T+P3f/T+IWP/8HAACAYeTu/2ncYv8DAADAMHL3/yxusf8BAABgGLn7fx63NNn/+n/9/2X2/3tppv7/NP3/afr/7fT/h0P/P03/P0P/7/n/+n/P/2enltb/5+7/RdzSZP8DAABAB7n7fxm32P8AAAAwjNz9v4pb7H8AAAAYRu7+X8ctTfb/kfX/8bda/7/6/t/z//X/+n/9/6Lo/6fp/2fo//X/+n/9Pzu1tP4/d/9v4pYm+x8AAAA6yN3/27jF/gcAAIBh5O7/Xdxi/wMAAMAwcvf/Pm5psv89/1//r//X/+v/t7++/n+d9P/T9P/b1R+U/l//r//X/7NTS+v/c/f/IW5psv8BAACgg9z9f4xb7H8AAAAYRu7+2+IW+x8AAACGkbv/T3FLk/2v/9f/6//1//r/7a+v/18n/f+0o+z/7/wf8y/r+f9H3v/nW9D/6//1/+zE0vr/3P1/jlua7H8AAADoIHf/X+IW+x8AAACGkbv/r3GL/Q8AAADDyN3/t7ilyf6f6f+P11+o/5+k/9///vX/2z8f+n/9v/7/ytP/T/P8/xn6f8//1//r/9mppfX/ufv/Hrc02f8AAADQQe7+2+MW+x8AAACGkbv/H3GL/Q8AAADDyN3/z7ilyf73/P819f/X6v/1//p//b/+f4b+f5r+f4b+X/+v/9f/s1NL6/9z9/8rAAD//z66VbA=") 26.999370647s ago: executing program 4: r0 = syz_io_uring_setup(0x2cdb, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000000400)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x34, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xff44}}) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000001040)='blkio.bfq.time_recursive\x00', 0x275a, 0x0) syz_mount_image$bfs(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100), 0x1, 0x71, &(0x7f0000000140)="$eJzszrENAVAUBdDrLyASnUIYwA5GESWdiljJDiYwgg0UWs1XfArfABI5J3kvue827/I4Tc6zpA6T2tntD5vVtu3wl0qSUZJxkum85duydYNXf70f1+/59b8AAAAAAAAAwLeSRZ8/Ds8AAAD//9ZiI98=") write$binfmt_script(r3, &(0x7f00000000c0), 0x10f) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2000005, 0x10012, r3, 0x0) io_uring_enter(r0, 0x5b43, 0x24, 0x0, 0x0, 0x0) 26.732922395s ago: executing program 4: write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000440)=ANY=[@ANYBLOB="8fcacb7907051175f37538e486dd6300800701082c00db5b686158bbcfe8875a060300000023000000000000000000000000ac1414aa"], 0xfdef) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) write$cgroup_subtree(r0, 0x0, 0xfdef) 24.197970361s ago: executing program 4: syz_mount_image$jfs(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x221009c, &(0x7f0000000200)=ANY=[@ANYBLOB='errors=remount-ro,quota,nodiscard,iocharset=koi8-u,errors=continue,noquota,errors=remount-ro\x00resize=0x0000000000000000,uid=', @ANYRESOCT, @ANYBLOB="2c6e6ff1756f74612c6e6f646973636172642c6572726f72733d72656d6f756e742d726f2c6769643d", @ANYRESHEX=0x0, @ANYBLOB="2c6e6fff0000000000000071756f74612c005dc55abd804d6f01f0f1055bb38f1a40dfa6fc9beecb8a0f4c4de2d44eb6f407d75f44a0e259"], 0x1, 0x60a5, &(0x7f0000000340)="$eJzs3UuPHFfZB/Cnr3PxG2eURZTXQmjihEsI8TUYQ4AkC1iwyQJ5i2xNJpGFA8g2yIksPNFsWLDiE4CQWCLEErHgA2TBlh0rVliykUBZUahmzvFUt7vdY8bT1Z7z+0njqqdO9fSp+Xf1xVXVJwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA+O53vne2ExGXf5oWrEX8X/QiuhErdb0eESvra3n9fkS8EDvN8XxEDJYi6tvv/PNsxOsR8cnxiHv3b2/Ui8/tsx/f/v1ff/P9Y+/85XeD0//+w83eG9PWu3XrF//6452DbTMAAACUpqqqqpM+5p9In++7bXcKAJiL/PpfJXn5ka9/+fd3/rRI/VGr1Wq1eg51UzXZnWYREVvN29TvGRyOB4CnzFZ82nYXaJH8i9aPiGNtdwJYaJ22O8ChuHf/9kYn5dtpvh6s77bnc0FG8t/qPLi+Y9p0lvFzTOb1+NqOXjw3pT8rc+rDIsn5d8fzv7zbPkzrHXb+8zIt/+HupU/Fyfn3xvMfc3Ty707Mv1Q5//5j5d+TPwAAAAAALLD8//9rLR//XTr4puzLo47/rs+pDwAAAAAAAADwpB10/L8HjP8HAAAAC6v+rF771fG9ZdO+i61efqkT8czY+kBh0sUyq233AwAAAAAAAAAAAABK0t89h/dSJ2IQEc+srlZVVf80jdeP66C3f9qVvv1Qsraf5AEAYNcnx8eu5e9ELEfEpfRdf4PV1dWqWl5ZrVarlaX8fna4tFytND7X5mm9bGm4jzfE/WFV/7Llxu2aZn1entU+/vvq+xpWvX107AkZpL/mlOaWwgaAZPfV6J5XpCOmqp6d9uYDRtj/jx77P/vR9uMUAAAAOHxVVVWd9HXeJ9Ix/27bnQIA5iK//o8fFziUOuJwf79arVar1epH1k3VZHeaRURsNW9Tv2cwHD8APGW24tO2u0CL5F+0fkS80HYngIXWabsDHIp7929vdFK+nebrQRrfPZ8LMpL/Vmfndvn2k6azjJ9jMq/H13b04rkp/Xl+Tn1YJDn/7nj+l3fbh2m9w85/XqblX2/nWgv9aVvOvzee/5ijk393Yv6lyvn3Hyv/nvwBAAAAAGCB5f//X3P8N28yAAAAAAAAADx17t2/vZGve83H/z8zYT3Xfx5NOf+O/IuU8++O5f/FsfV6jfm7b+/l/8/7tzd+e/Mf/5+n+81/Kc900iOrkx4RnXRPnX6aHmTrHrY96A3rexp0ur1+OuenGrwXV+NabMaZkXW76e+x1352pL3u6WCk/dxIe/+h9vMj7YP0vQPVSm4/FRvxo7gW7+60121LM7Z/eUZ7NaM959+z/xcp599v/NT5r6b2zti0dvfj7kP7fXM66X7euvrZn585/M2ZaTt6D7atqd6+ky30Z+dvcmwYP7mxef3UrSs3b14/G2kysvRcpMkTlvMf7Pws7T3/v7Tbnp/3m/vr3Y+Hj53/otiO/tT8X2rM19v7ypz71oac/zD95PzfTe2T9/+nOf/p+/+rLfQHAAAAAAAAAAAAAAAAHqWqqp1LRN+KiAvp+p+2rs0EAOYrv/5XSV6uVqvVarX66NVN1WRvNouI+HPzNvV7hp9N+mUAwCL7T0T8re1O0Br5Fyx/3189fbntzgBzdePDj35w5dq1zes32u4JAAAAAAAAAPC/yuN/rjfGf345ItbG1hsZ//XtWD/o+J/9PPNggNEnPND3FNvdYa/bGG78xdgZn/vUtPG/T8ajx//uz7i/wYz24Yz2pRntyxOX7qU18UKPhpz/i43xzuv8T4wNv17C+K/jY96XIOd/svF4rvP/wth6zfyrXy9c/lv7XXE7uiP5n775wY9P3/jwo9eufnDl/c33N394/uzZM+cvXLh48eLp965e2zyz++/h9HoB5Pzz2NfOAy1Lzj9nLv+y5Pw/l2r5lyXn//lUy78sOf/8fk/+Zcn5588+8i9Lzv+VVMu/LDn/L6Va/mXJ+b+aavmXJef/5VTLvyw5/9dSLf+y5PxPpVr+Zcn5n071PvL39fBHSM4/H+Gy/5cl55/PbJB/WXL+51It/7Lk/M+nWv5lyfm/nmr5lyXn/5VUy78sOf8LqZZ/WXL+X021/MuS87+YavmXJef/tVTLvyw5/6+nWv5lyfm/kWr5lyXn/41Uy78sOf9vplr+Zcn5fyvV8i9Lzv/NVMu/LHvf/2/GjBkzeabtZyYAAAAAAAAAAAAAYNw8TiduexsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sgMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7N1djFxnfT/wM/tirx1CDITg5G9gk5gQkiW7thO/8K+LCa8NUAokFPqC7XrXZsFveO0SKJJNAyUSRkUVVdOLtoBQG6mqsCouaEVpLqq+XJX2gt5UVJWQGlUBBSSktqJsNXOe5/HM7OycXe94PXuez0eKf96dM3POnHlmdr/rfHcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABod+cb5z7bKIqi+V/rj21F8YLm37dMbmt97nU3+ggBAACAtfrf1p/P35I+cWgFV2rb5u9e8Y9fX1xcXCzeP/q7419cXEwXTBbF+OaiaF0WXfn3DzTatwmeKCYaI20fj1TsfrTi8rGKy8crLt9UcfnmissnKi5fcgKW2FL+PKZ1Yztbf91WntLi1mK8ddnOHtd6orF5ZCT+LKel0brO4vjxYr44WcwVMx3bl9s2Wtt/887mvt5WxH2NtO1rR3OF/PCTx+IxNMI53tmxr6u3GX3/DcXkj374yWN/fP6523vNytPQcXvlcd57V/M4Px0+Ux5ro9iczkk8zpG249zR4zEZ7TjORut6zb93H+fzKzzO0auHua66H/OJYqT192+3ztNY+4/10nnaET73X3cXRXHp6mF3b7NkX8VIsbXjMyNXH5+JckU2b6O5lF5cjK1qnd65gnXanLM7O9dp93MiPv53huuNLXMM7Q/T9z+1acnjvtp1GjXv9XLPle41OOjnyrCswbguvt2600/2XIM7w/3/5D3Lr8Gea6fHGkz3u20N3lW1Bkc2jbaOOT0IjdZ1rq7BXR3bj7b21GjNZ+/pvwanz586O73w8U+8dv7U0RNzJ+ZO79m1a2bP3r379++fPj5/cm6m/PMaz/bw21qMpOfAXeHcxefAq7u2bV+qi18e3PNwos/zcFvXtoN+Ho5137nG+jwhl67p8rnxaPOkT1weKZZ5jrUen/vW/jxM97vteTjW9jzs+TWlx/NwbAXPw+Y2Z+9b2fcsY23/9TqG6/W1YFvbGuz+fqR7DQ76+5FhWYMTYV38633Lfy3YEY73yanVfj8yumQNprsbXnuan0nf70/sb41e6/KO5gU3bSouLMyde+Dxo+fPn9tVhLEuXtK2VrrX69a2+1QsWa8jq16vh+Zf8eQdPT6/LZyridc2/5hY9rFqbvPgA/0fq9ZXt97ns+Ozu4swBmy9z2evr+bN85myZJ/z2dzm09Nr/1485dK219/xZV5/Y+7/abm/dFNPjI6Plc/f0XR2xjtejzsfqrHWa1ejte/np1f2ejwe/lvv1+Nb+7web+/adtCvx+Pddy6+HjeqftqxNt2P50RYJydn+r8eN7fZvnu1a3Ks7+vx3WE2wvl/TUgKKRe1rZ3l1m3a19jYeLhfY3EPnet0T8f24yGbNff19O5rW6f33l3e1mi6d1et1zqd7Np20Os0vV4tt04bVT99uzbdj+dEWBe37um/TpvbPPPg2l87t8S/tr12bqpag+Ojm5rHPJ4WYfl6v7glrsEHimPFmeJkMdu6dFNrPTVa+5p6aGVrcFP4b71fK7f3WYP3dm076DWYvo4tt/YaY0vv/AB0P54TYV089VD/Ndjc5k37Bvu9673hM2mbtu9du3++ttzPvO7oOk3X82dezeP8m339fzbb3Obk/tXmzP7n6f7wmZt6nKfu5+9yz6nZYn3O0/ZwnM/tX/48NY+nuc0XD6xwPR0qiuLiRx9u/bw3/PvKn1/4ztc7/t2l17/pXPzowz+4+fjfrub4Adj4flqOreXXurZ/mVrJv/8DAAAAG0LM/SNhJvI/AAAA1EbM/fH/Ck/kfwAAAKiNmPvHwkwyyf/b3/Tc/E8vFqmZvxjEy9NpeKTcLnZcZ8LHk4tXNT//8FfnfvyXF1e275GiKH7yyG/03H77I/G4SpPhOK+8ufPzS694cUX7P/LY1e3a++tfCrcf789Kl0GvCu5MURTfvOXzrf1MfuByaz7zyJHWfM+lJ59obvP8gfLjeP1nX1Ju/weh/Hvo+NGO6z8bzsP3wpx5e+/zEa/3tcuv2bHvfVf3F6/XuOuFrbv91AfL242/J+cLT5Tbx/O83PH/1eee/lpz+8df1fv4L470Pv6nw+1+Ncz/fnm5fftj0Pw4Xu8z4fjj/uL1HvjKt3oe/5XPltuffUu53ZEw4/7vDR/vfMtz8+3n6/HG0Y77Vby13C7uf+Y7v926PN5evP3u4584fLnjfHSvj2f+ubyd6a7t4+fjfqK/6Np/83ba12fc/9O/daTjPFft/8p7nn1583a7939/13ajXdfv/o1Nf/iZz/fcXzyeQ392tuP+HHp3eB6H/T/1wbAew+X/c+XzHfuNjry78/Unbv+lbRc77k/0th+V+7/y+hOt+R+TP/79m15w8wsvvbJ57ori2+8tb69q/yf+6EzH8X/5tvtaj0e8PHb0u/e/nLj/cx+bOn1m4cL8bNtZbf3unHeUx7N5YsvW5vHeEl5buz8+fOb8h+bOTc5MzhTFZH1/hd41+0qYPyjHpdVe/77HwuN5x+99c+s9//S5+Pl/ebT8/OW3l1+3Xh22+0L4/Lby8VtsrHH/T915W+v53Xim/Lijxz4AO3b+5/4VbRjuf/f3BXG9n33ph1rnoXlZ6+tGfF6v8fi/O1vezjfCeV0Mv5n5rtuu7q99+/i7ES6/t3y+r/n8hZe5+Lj+SXi83/m98vbjccX7+93wfcy3tne+3sX18Y2LI9233/otHpfC60lxqbw8bhXP9+Xnb+t5ePH3kBSXbm99/Dvpdm5f1d1czsLHF6ZPzp++8Pj0+bmF89MLH//E4VNnLpw+f7j1uzwPf7jq+ldfn7a2Xp9m5/Y+WMxsKYriTDGzDi9Y1+f4m39b2fGffezY7L6Ze2bnjh+9cPz8Y2fnzp04trBwbG524Z6jx4/Pfazq+vOzB3ftPrBn3+6pE/OzB/cfOLDnwNT86TPNwygPqsLemY9MnT53uHWVhYMPHtj10EMPzkydOjM7d3DfzMzUharrt742TTWv/etT5+ZOHj0/f2puamH+E3MHdx3Yu3d35W8DPHX2+MLk9LkLp6cvLMydmy7vy+T51qebX/uqrk89Lfxb+f1st0b5i/iKd92/N/1+1qavfmrZmyo36foFos+F30XzDy86u38lH8fcPx5mkkn+BwAAgBzE3L8pzET+BwAAgNqIuX9zmIn8DwAAALURc/9EmEkm+V//X/9/Zf3/8nL9/7z6/2c/WvZKN3r/P/bn9f/zcIP7/2vev/6//n/9+v8r789v9OPX/9f/Z6lh6//H3L+lKLLM/wAAAJCDmPu3hpnI/wAAAFAbMfffFGYi/wMAAEBtxNz/gjCTTPK//v+K+v+7qwpX9e//e/9//f9iY/b/44Oj/5+NVffv3/dox4f6/4H+v/6//r/+v/4/aza+7CU3qv8fc//NYSaZ5H8AAADIQcz9Lwwzkf8BAACgNmLuvyXMRP4HAACA2oi5f1uYSSb5X//f+//r/+v/17r/v9b3/287GP3/jcH7//en/1/hmvv/E/r/G7H/Pz7Y4x/u/n/l4ev/c10M2/v/x9z/ojCTTPI/AAAA5CDm/heHmcj/AAAAUBsx978kzET+BwAAgNqIuf/WMJNM8r/+v/6//r/+v/5/7/1Xv/9/+Tf9/+Gi/9+f/n8F7/+fV/9/wMc/3P3/Qb////ibu6+v/08vw9b/j7n/pWEmmeR/AAAAyEHM/beFmcj/AAAAUBsx978szET+BwAAgNqIuX97mEkm+V//X/9f/1//X/+/9/6r+/8l/f/hov/fn/5/Bf1//X/9/5X1/3t886v/Ty/D1v+Puf/2MJNM8j8AAADkIOb+O8JM5H8AAACojZj7/1+YifwPAAAAtRFz/44wk0zyv/6//r/+f179//s36f/r/9eb/n9/+v8V9P/1//X/V/j+/0utpv+/uerGqI1h6//H3P/yMJNM8j8AAADkIOb+V4SZyP8AAABQGzH3vzLMRP4HAACA2oi5fzLMJJP8r/9fr/7/n/71U68s9P/1/yv2X9P+f1wG+v+Z0//vT/+/gv6//r/+/7r0/8nHsPX/Y+6/M8wkk/wPAAAAOYi5/64wE/kfAAAAaiPm/rvDTOR/AAAAqI2Y+3eGmWSS//X/69X/j/T/9f/77b+m/f9E/z9v+v89tD1J9f8r6P/r/2ff/4/f/er/MxjD1v+Puf9VYSaZ5H8AAADIQcz994SZyP8AAABQGzH3vzrMRP4HAACA2oi5/94wk0zyv/6//r/+v/6//n/v/ev/b0z6//3p/1fQ/9f/z77/7/3/Gaxh6//H3P+aMJNM8j8AAADkIOb++8JM5H8AAACojfj/b5b/36v8DwAAAHUUc/9UmEkm+V//X/8/p/5/Q/9f/1//v/b0//vT/6+g/6//r/+v/89ADVv/P+b+14aZZJL/AQAAIAcx9z8QZiL/AwAAQG3E3D8dZiL/AwAAQG3E3D8TZpJJ/tf/1//Pqf/v/f/1//X/60//vz/9/wr6//r/dev/F4X+PzfUsPX/Y+7fFWaSSf4HAACAHMTcvzvMRP4HAACA2oi5f0+YifwPAAAAtRFz/4NhJpnkf/1//X/9f/1//f/e+9f/35j0//vT/6+g/6//X7f+v/f/5wYbtv5/zP0PhZlkkv8BAAAgBzH37w0zkf8BAACgNmLu3xdmIv8DAABAbcTcvz/MJJP8r/9fk/7/b/59x771//X/++1/MP3/Lfr/Yer/D5ea9v+7nxbXTP+/gv6//r/+v/4/AzVs/f+Y+w+EmWSS/wEAACAHMfe/LsxE/gcAAIDaiLn//4eZyP8AAABQGzH3/0yYSSb5X/+/Jv3/Lvr/+v/99u/9//X/66ym/f+B0f+voP+v/6//r//PQF3//n/828r6/zH3HwwzyST/AwAAQA5i7v/ZMBP5HwAAAGoj5v7Xh5nI/wAAAFAbMfcfCjPJJP/r/+v/6//r/1+f/v/ri27D2P9vLh79/3rR/+9P/7+C/r/+v/6//j8DNWzv/x9z/xvCTDLJ/wAAAJCDmPsfDjOR/wEAAKA2Yu5/Y5iJ/A8AAAC1EXP/m8JMMsn/+v/6//r/+v/e/7/3/vX/Nyb9//70/yvo/+v/6//r/zNQw9b/j7n/zWEmmeR/AAAAyEHM/W8JM5H/AQAAoDZi7n9rmIn8DwAAALURc//bwkwyyf/6//r/+v/6//r/vfev/78x6f/3p/9fQf9f/1//X/+fgRq2/n/M/T8XZpJJ/gcAAIAcxNz/SJiJ/A8AAAC1EXP/28NM5H8AAACojZj73xFmkkn+1//X/9f/1//X/++9f/3/jUn/vz/9/wr6//r/+v/6/wzUsPX/Y+5/Z5hJJvkfAAAAchBz/8+Hmcj/AAAAUBsx978rzET+BwAAgNqIuf8Xwkwyyf/6//r/+v/6/1n0/5tX0v/Pgv5/f/r/FXr0/zfr/+v/6//r/3PNhq3/H3P/u8NMMsn/AAAAkIOY+98TZiL/AwAAQG3E3P/eMBP5HwAAAGoj5v5Hw0wyyf/6/1n2/9Nd1v8v6f9n0P/3/v/Z0P/vT/+/gvf/1//X/9f/Z6CGrf8fc/9jYSaZ5H8AAADIQcz97wszkf8BAACgNmLu/8UwE/kfAAAAaiPm/veHmWSS//X/s+z/e///dev/j3Wsj5z6/xNtj2dal/r/+v/rQP+/P/3/Cvr/+v/D3P8Pq3nLMtfX/2cYDVv/P+b+D4SZZJL/AQAAIAcx9/9SmIn8DwAAALURc/8vh5nI/wAAAFAbMff/SphJJvlf/1//X//f+/97///e+9f/35j0//vT/6+g/6//P8z9/wr6/wyjYev/x9z/q2EmmeR/AAAAyEHM/R8MM5H/AQAAoDZi7j8cZiL/AwAAQG3E3H8kzCST/K//393/j++oqv+v/6//r/+v/78RDa7//7Kbi0L/X/9f/1//X/9f/5+1GLb+f8z9R8NMMsn/AAAAkIOY+38tzET+BwAAgNqIuf9YmIn8DwAAALURc/9smEkm+V//3/v/D6r//xP9f/3/QP+/N/3/9eH9//vT/6+g/6//r/+v/89ADVv/P+b+uTCTTPI/AAAA1Fj6cXDM/cfDTOR/AAAAqI2Y+0+Emcj/AAAAUBsx938ozCST/K//r//v/f9vRP9/rGN7/f+S/r/+/yDo//en/19B/1//X/9f/5+BGrb+f8z982EmmeR/AAAAyEHM/R8OM5H/AQAAoDZi7v9ImIn8DwAAALURc//JMJNM8r/+v/5/7v3/RlFc8v7/+v+99q//vzHp//en/19B/1//X/9f/5+BGrb+f8z9p8JMMsn/AAAAkIOY+0+Hmcj/AAAAUBsx958JM5H/AQAAoDZi7j8bZpJJ/tf/1//Pvf9f3JD3/+/cXv+/pP+v/z8IS/r3Y6u7/rL9//9j7z6a9DirPg4/r8u2pNXLR2DNiiWs+Aps2VHFmgVgcjAmZzA5B5NzzsnknHM2OUcTDVWiGJ1zLGked8tWa6b7Pte1OUiFeUbWYOqP6lf3He901d31//p//f8k/b/+X//P+dbW/+fuv1fc0mT/AwAAQAe5++8dt9j/AAAAMIzc/feJW+x/AAAAGEbu/qvilib7X/+v/9f/6//P6f+v1//r/7fN+//T9P8z9P/6f/2//p9Fra3/z91/37ilyf4HAACADnL33y9usf8BAABgGLn77x+32P8AAAAwjNz9D4hbmux//b/+X/+v//f+//7P1/9vk/5/mv5/hv5f/6//1/+zqLX1/7n7Hxi3NNn/AAAA0EHu/gfFLfY/AAAADCN3/4PjFvsfAAAAhpG7/yFxS5P9r//X/+v/9f/6//2fr//fput2N/8zQf9/mP5/xkz/v9vp/6dccD+//5e3na//Fuj/9f8ctrb+P3f/Q+OWJvsfAAAAOsjd/7C4xf4HAACAYeTuvzpusf8BAABgGLn7Hx63NNn/+n/9v/5f/6//3//5+v9t8v7/tIvv/+9wu3veo2//7/3/ad7/1//r/znf2vr/3P3XxC1N9j8AAAB0kLv/EXGL/Q8AAADDyN3/yLjF/gcAAIBh5O5/VNzSZP/r/9v0/we1i/5f/6//1/+PTv8/zfv/Mw7+MXeqfqj/1//r//X/XJy19f+5+x8dtzTZ/wAAANBB7v7HxC32PwAAAAwjd/9j4xb7HwAAAIaRu/9xcUuT/a//b9P/e/9f/6//1/+3oP+fpv+fMcr7/7fxu+a4+/mLddxfv/5f/89ha+v/c/c/Pm5psv8BAACgg9z9T4hb7H8AAAAYRu7+J8Yt9j8AAAAMI3f/k+KWJvtf/6//30b/n5+g/9f/6//1/9P0/9P0/zNG6f9vo+Pu57f+9ev/9f8ctrb+P3f/k+OWJvsfAAAAOsjd/5S4xf4HAACAYeTuf2rcYv8DAADAMHL3Py1uabL/9f/6/230/97/1//r//X/F0b/P03/P0P/r//X/+v/WdTa+v/c/dfGLU32PwAAAHSQu//pcYv9DwAAAMPI3f+MuMX+BwAAgGHk7n9m3NJk/+v/9f/6f/2//n//5+v/t0n/P03/P0P/r//X/+v/WdSK+v+z/qqTu2fFLU32PwAAAHSQu//ZcYv9DwAAAMPI3f+cuMX+BwAAgGHk7n9u3NJk/+v/V9P/H+R8Y/X/p3a7nf5/17T/P3XW72d9X+r/9f9HQP8/Tf8/Q/+v/9f/6/9Z1Ir6/4Mf5+5/XtzSZP8DAABAB7n7nx+32P8AAAAwjNz9L4hb7H8AAAAYRu7+F8YtTfa//n81/f+Bsfp/7/+f//3Rqf/3/v9h+v+jof+fpv+fof/X/+v/9f8sam39f+7+F8VNV15xm3+JAAAAwMrk7n9x3NLkz/8BAACgg9z9L4lb7H8AAADYqGsP/Uzu/pfGLU32v/5/2f7/yrN+Tv+v/z//+0P/r//X/196+v9p+v8Z+n/9v/5f/8+i1tb/5+5/WdzSZP8DAABAB7n7r4tb7H8AAAAYRu7+l8ct9j8AAAAMI3f/K+KWJvtf/+/9f/2//l//v//z9f/bpP+fpv+fof/X/x9v/3/i5n+p/2cMt6L/P3369NWXvP/P3f/KuKXJ/gcAAIAOcve/Km6x/wEAAGAYuftfHbfY/wAAADCM3P2viVua7H/9f9P+P7/V9f8H9P/6/32fr//fJv3/NP3/DP2//t/7//p/FrW29/9z9782bmmy/wEAAKCD3P2vi1vsfwAAABhG7v7Xxy32PwAAAAwjd/8b4pYm+1//37T/9/6//l//f9T9/007/f+R2ET/f+qWP3/t/f81+n/9/4R2/f9d73zOD/X/+n8OW1v/n7v/jXFLk/0PAAAAHeTuf1PcYv8DAADAMHL3vzlusf8BAABgGLn73xI3Xd5k/+v/9f/6f/2//n//5x/x+/9X7nY7/f8CNtH/T1h7/+/9f/3/lHb9/3n0//p/Dltb/5+7/61xS5P9DwAAAB3k7n9b3GL/AwAAwDBy9789brH/AQAAYBi5+98RtzTZ//p//b/+X/8/fP9/zSb6f+//L0T/P03/P0P/r//X/+v/ORLH1f/n7n9n3NJk/wMAAEAHufvfFbfY/wAAADCM3P3vjlvsfwAAABhG7v73xC1N9r/+X/+v/9f/n1hd/3/ynP+8Ju//6/8Xov+fpv+fof/X/+v/r9X/s6S1vf+fu/+9cUuT/Q8AAAAd5O5/X9z6v27tfwAAABhG7v73xy32PwAAAAwjd/8H4pYm+1//r//X/+v/h3//X//fiv5/mv5/hv5f/6//9/4/i1pb/5+7/4NxS5P9DwAAAB3k7v9Q3GL/AwAAwDBy9384brH/AQAAYBi5+6+PW5rsf/2//l//r//X/5/5PdT/j0H/P+1o+v9T+n/9f/Xz/xf/LdD/6//n/nrGtLb+P3f/R+KWJvsfAAAAOsjd/9G4xf4HAACAYeTu/1jcYv8DAADAJl2+5+dy9388bmmy//X/+n/9v/5f/7//8/X/26T/n+b9/xn6/1vZz9/+nB9t7f3/8//3S/+v/2d5a+v/c/d/Im5psv8BAACgg9z9n4xb7H8AAAAYRu7+T8Ut9j8AAAAMI3f/p+OWJvtf/6//1//r//X/+z9f/79N+v9p+v8Z+v9jfT9/61+//l//z2Fr6/9z938mbmmy/wEAAKCD3P2fjVvsfwAAABhG7v7PxS32PwAAAAzjYPdnXNZw/+v/9f/6f/2//n//5+v/t0n/P03/P0P/r//X/+v/WdTa+v/PH/xVJ3dfiFua7H8AAADoIHf/F+MW+x8AAACGkbv/S3GL/Q8AAADDyN3/5bilyf7X/+v/t9H/nz59+mr9v/7/3F/Pzf3/Dfp/iv5/mv5/hv5f/6//1/+zqLX1/7n7vxK3NNn/AAAA0EHu/q/GLfY/AAAADCN3/9fiFvsfAAAAhpG7/+txS5P9r/9fQf9/Uv/v/X/9/877//r/hej/p+n/Z4zY/5+88F/+cffzF+u4v379v/6fw9bW/+fu/0bc0mT/AwAAQAe5+78Zt9j/AAAAMIzc/d+KW+x/AAAAGEbu/m/HLU32v/7/6Pr///296/L+/6nd/q9f/6//1//r/y81/f80/f+MEfv/W+G4+/mtf/36f/0/h62t/8/d/524pcn+BwAAgA5y9383brH/AQAAYBi5+78Xt9j/AAAAMIzc/d+PW5rsf/3/Ct7/H7D/9/7//u8P/f+q+//L9P9j0P9P0//P0P/r//X/C/X/+d2s/+9ubf1/7v4fxC1N9j8AAAB0kLv/h3GL/Q8AAADDyN3/o7jF/gcAAIBh5O6/IW45a//va7tHof/X/+v/9f/6//2fr//fJv3/tAvt/0/sLq7/T/p//b/+v2v/7/1/zlhb/5+7/8dxiz//BwAAgM254hZ+Pnf/T+IW+x8AAACGkbv/p3GL/Q8AAADDyN3/s7jlxsuO60s6Uvp//b/+X/+v/9//+fr/bdL/T/P+/wz9/xL9/F30/2P0/7ud/p+Lt7b+P3f/z+MWf/4PAAAAw8jd/4u4xf4HAACAYeTu/2XcYv8DAADAMHL3/ypuabL/9f/6/4vs/w/STP3/Gfr/M/T/++n/j4b+f5r+f4b+3/v/+n/v/7OotfX/uft/Hbc02f8AAADQQe7+38Qt9j8AAAAMI3f/b+MW+x8AAACGkbv/d3FLk/1/bP1//K3W/2++//f+v/5f/6//XxX9/zT9/wz9v/5f/6//Z1Fr6/9z9/8+bmmy/wEAAKCD3P1/iFvsfwAAABhG7v4/xi32PwAAAAwjd/+f4pYm+9/7//p//b/+X/+///P1/9uk/5+m/9+vfqP0//p//b/+n0Wtrf/P3f/nuKXJ/gcAAIAOcvf/JW6x/wEAAGAYuftvjFvsfwAAABhG7v6/xi1N9r/+X/+v/9f/6//3f77+f5v0/9OOs/+/2//Pf6z3/4+9/88vQf+v/9f/s4i19f+5+/8WtzTZ/wAAANBB7v6/xy32PwAAAAwjd/8/4hb7HwAAAIaRu/+fcUuT/T/T/5+of6P+f5L+/9yvX/+///tD/6//1/9fevr/ad7/n6H/9/6//l//z6LW1v/n7v9X3NJk/wMAAEAHuftvilvsfwAAABhG7v5/xy32PwAAAAwjd/9/4pYm+9/7//p//b/+X/+///P1/9uk/5+m/5+h/9f/6//1/yxqbf1/7v7/BgAA//+GT2Bf") bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x10003, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events.local\x00', 0x275a, 0x0) open(&(0x7f0000000140)='./bus\x00', 0x143142, 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, "ee289f413bb90152f7d6d1ce5ca93c0f7c41499dc28ac63a01000000000000004faa2ad9c084a003ea00", "03bdbcef549ba19704007ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c20c62df7a8d5da5c00000000ff030000fff2ff008900"}) write$cgroup_int(r0, &(0x7f0000000000), 0x12) 22.831022695s ago: executing program 4: connect$inet(0xffffffffffffffff, 0x0, 0x0) setsockopt$SO_BINDTODEVICE_wg(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000000)='wg1\x00', 0x4) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'veth1_to_batadv\x00', 0x0}) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x200, 0x4) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='mmap_lock_acquire_returned\x00', r2}, 0x10) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000080)='configfs\x00', 0x0, 0x0) chdir(&(0x7f0000000140)='./file0\x00') open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) sendto$packet(0xffffffffffffffff, &(0x7f00000000c0)="3f030e03f007120006001e0089e9aaa911d7c2290f0086dd1327c9167c64114a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xb318, 0x0, &(0x7f0000000540)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x4d, '\x00', r1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = syz_open_dev$loop(&(0x7f0000000040), 0x0, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_merged\x00', 0x275a, 0x0) ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f00000002c0)={r4, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, "1271a2ab78fce00d9683dda1af1ea89d62b7080a01000000000300008a0300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}}) r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040)=0xffffffffffffffff, 0x4) getdents64(0xffffffffffffffff, 0x0, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@bloom_filter={0x1e, 0x5, 0x5, 0x6, 0x0, 0xffffffffffffffff, 0x80000000, '\x00', 0x0, r5, 0x4, 0x4, 0x1, 0x6}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, 0x0, 0x0) sendmmsg(0xffffffffffffffff, &(0x7f0000007fc0), 0x800001d, 0x810) 20.865474473s ago: executing program 4: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) openat$cgroup_int(r0, &(0x7f0000000080)='hugetlb.2MB.limit_in_bytes\x00', 0x2, 0x0) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB='-1'], 0x27) 20.620199272s ago: executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x0, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000008000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = fsopen(&(0x7f0000000280)='gadgetfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 8.674153066s ago: executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) ftruncate(r0, 0xc17a) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000e94c1fbdb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) close(0xffffffffffffffff) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r2, 0x14a80, 0x8d, 0x8, &(0x7f0000001040)="24006f20a01c25003f5fb668cf5dfb096d9f7a711ca795b5a11963617e5eb8553be37258ab53ef083679b8d4d0d16eb05ad5c5f6308f2182f7e11214f2229901cb8670189809f40ebf1ab1bd4ab2e80344ff0fd046526019a21cec4ce528112af6790b3d0aa66f83f56e5a331c9dd6ca0a12532e2a3c63971a5ecc1017fd1035bc952d57bbf66b6cb9be0a2cee", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) syz_usb_connect(0x0, 0x2d, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000b8d811083d1b4601b8010000000109021b000100000000090400000101dea900090502"], 0x0) connect$llc(0xffffffffffffffff, &(0x7f0000000180), 0x10) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040), 0x20) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={0xffffffffffffffff, &(0x7f0000000340), 0x0}, 0x20) 7.202383026s ago: executing program 0: write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000440)=ANY=[@ANYBLOB="8fcacb7907051175f37538e486dd6300800701082c00db5b686158bbcfe8875a060300000023000000000000000000000000ac1414aa"], 0xfdef) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) write$cgroup_subtree(r0, &(0x7f0000000440)=ANY=[], 0xfdef) 2.592785616s ago: executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) ftruncate(r0, 0xc17a) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000e94c1fbdb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) close(0xffffffffffffffff) syz_usb_connect(0x0, 0x2d, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000b8d811083d1b4601b8010000000109021b000100000000090400000101dea900090502"], 0x0) connect$llc(0xffffffffffffffff, &(0x7f0000000180), 0x10) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040), 0x20) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={0xffffffffffffffff, &(0x7f0000000340), 0x0}, 0x20) 2.062388395s ago: executing program 0: bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) accept(0xffffffffffffffff, &(0x7f0000001fc0)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000002040)=0x80) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000001c0)={'ip6_vti0\x00', &(0x7f0000000140)={'syztnl2\x00', 0x0, 0x4, 0x7f, 0x4, 0x40, 0x20, @local, @rand_addr=' \x01\x00', 0x20, 0x3a3e817f909bc597, 0x80, 0xff}}) sendmsg$ETHTOOL_MSG_LINKINFO_SET(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f0000000200)={0xc8, 0x0, 0x20, 0x70bd2b, 0x25dfdbfc, {}, [@ETHTOOL_A_LINKINFO_HEADER={0x68, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_virt_wifi\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_vlan\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller0\x00'}]}, @ETHTOOL_A_LINKINFO_HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_macvtap\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}]}, @ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0x8}, @ETHTOOL_A_LINKINFO_PORT={0x5, 0x2, 0x9}, @ETHTOOL_A_LINKINFO_PHYADDR={0x5, 0x3, 0x1}]}, 0xc8}, 0x1, 0x0, 0x0, 0x20000000}, 0x80) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'team0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000180)={'syztnl1\x00', &(0x7f0000000100)={'syztnl0\x00', 0x0, 0x29, 0x3f, 0x5, 0x3, 0x40, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @mcast2, 0x80, 0x20, 0x401, 0x7}}) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000280)={'gre0\x00', &(0x7f00000001c0)}) sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000580)={&(0x7f00000002c0)={0x2a4, 0x0, 0x100, 0x70bd25, 0x25dfdbfe, {}, [{{0x8}, {0xec, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x81}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0xf52}}, {0x8}}}]}}, {{0x8, 0x1, r3}, {0x7c, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xfffff000}}, {0x8, 0x6, r3}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0xffffff63}}}]}}, {{0x8}, {0x110, 0x2, 0x0, 0x1, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x20000000}}}, {0x5c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x2c, 0x4, [{0x800, 0x5a, 0x6, 0xdb9}, {0x69, 0x4, 0x4, 0x80000000}, {0x2, 0x4, 0xf9, 0x45}, {0x5, 0x7f, 0x1f, 0x800}, {0x8, 0x6, 0x5, 0x85dc}]}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x3}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8}}}]}}]}, 0x2a4}, 0x1, 0x0, 0x0, 0x800}, 0x4000000) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) r7 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), r7) getsockname$packet(r7, &(0x7f0000000380)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r8, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000500)=@newqdisc={0x2c, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000900)=@delchain={0x30, 0x28, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0x0, 0xffff}}, [@filter_kind_options=@f_u32={{0x8}, {0x4}}]}, 0x30}}, 0x0) sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newlink={0x20, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r8}}, 0x20}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'team0\x00', 0x0}) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000180)={'gretap0\x00', &(0x7f0000000280)={'ip_vti0\x00', 0x0, 0x700, 0x20, 0xc998, 0x0, {{0x24, 0x4, 0x2, 0x2, 0x90, 0x66, 0x0, 0x81, 0x2f, 0x0, @local, @remote, {[@end, @lsrr={0x83, 0x1f, 0x7d, [@private=0xa010100, @local, @multicast2, @remote, @remote, @rand_addr=0x64010102, @local]}, @timestamp_prespec={0x44, 0x24, 0x1b, 0x3, 0xd, [{@multicast2, 0x440}, {@private=0xa010100, 0x6342}, {@multicast2, 0x81}, {@multicast1, 0x2}]}, @end, @cipso={0x86, 0x36, 0x2, [{0x6, 0x4, "d39e"}, {0x2, 0xc, "1fa6b8757ce044a35691"}, {0x0, 0x6, "6bb93fa8"}, {0x1, 0x6, "4224e805"}, {0x6, 0x3, "16"}, {0x7, 0xf, "e070ab75860e28c25e78a984fd"}, {0x5, 0x2}]}, @noop]}}}}}) sendmsg$TEAM_CMD_PORT_LIST_GET(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000500)={0x168, 0x0, 0x4, 0x70bd2c, 0x25dfdbff, {}, [{{0x8, 0x1, r8}, {0x78, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7ff}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}]}}, {{0x8, 0x1, r9}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x84}}}]}}, {{0x8, 0x1, r10}, {0x88, 0x2, 0x0, 0x1, [{0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}]}}]}, 0x168}, 0x1, 0x0, 0x0, 0x20004004}, 0x841) r11 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$EVIOCSKEYCODE_V2(0xffffffffffffffff, 0x40284504, &(0x7f00000004c0)={0x4, 0x0, 0x0, 0x0, "01000000ffffffff0000000000eb55d7315800000200"}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, &(0x7f0000000400)="2e64460f01f866ba6100b0faee3e650f01eec744240000000000c7442402a000c0fec7442406000000000f011c2466b8e1008ed0c421695723b805000000b90e0000000f01d948b820590000000000000f23c80f21f8350800b0000f23f866b89d008ec80f07", 0x66}], 0x1, 0x0, 0x0, 0x61) ioctl$KVM_SET_VCPU_EVENTS(r11, 0x4400ae8f, &(0x7f0000000140)) ioctl$KVM_RUN(r11, 0xae80, 0x0) 1.359607029s ago: executing program 1: r0 = socket(0x18, 0x1, 0x0) setsockopt(r0, 0x29, 0x28, &(0x7f0000000100)="02000081", 0x4) 1.268377126s ago: executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) ftruncate(r0, 0xf2d) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) read$FUSE(r1, &(0x7f00000000c0)={0x2020}, 0x2020) r2 = dup(r0) sendfile(r1, r2, 0x0, 0xe0000000) socket$inet6_tcp(0xa, 0x1, 0x0) ftruncate(r1, 0xffff) 1.176397512s ago: executing program 3: recvmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) eventfd2(0x9, 0x1) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='children\x00') pread64(0xffffffffffffffff, 0x0, 0x0, 0x0) getsockname(0xffffffffffffffff, &(0x7f0000000300)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}}}, &(0x7f00000002c0)=0x80) timer_create(0x0, &(0x7f0000000080)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000140)) futex(&(0x7f0000000700)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000080)='./binderfs/custom1\x00', 0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000000640), 0x0, 0x0, 0x0) recvmsg(r0, &(0x7f0000000180)={&(0x7f0000000080)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x80, 0x0}, 0x1) close(r1) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000700)=[{{0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}}], 0x1, 0x0) rt_sigreturn() clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f000006b000)={{}, {r2, r3+60000000}}, 0x0) timer_create(0x0, &(0x7f0000000100)={0x0, 0x14, 0x2}, &(0x7f0000000040)=0x0) timer_settime(r4, 0x0, &(0x7f0000000280)={{}, {0x0, 0x989680}}, 0x0) gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0x0, 0x800000000004}, 0x0) socket$unix(0x1, 0x5, 0x0) 1.117458276s ago: executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{}, {0x0, 0x989680}}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) write$binfmt_script(r1, &(0x7f0000000340), 0xffffff46) sendmsg$unix(r1, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f00000001c0)='D', 0x1}], 0x1}, 0x0) close(r1) rt_sigreturn() futex(&(0x7f0000000000)=0x2, 0x0, 0x2, &(0x7f0000000740)={0x0, 0x3938700}, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) ioctl$BTRFS_IOC_SET_FEATURES(0xffffffffffffffff, 0x5450, 0x0) ioctl$NS_GET_PARENT(0xffffffffffffffff, 0x5450, 0x0) getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x24, &(0x7f00000011c0), &(0x7f0000000040)=0x14) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000080), 0x8, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='./binderfs/binder-control\x00', 0x0, 0x0) recvmsg(r3, &(0x7f0000000180)={&(0x7f0000000080)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x80, 0x0}, 0x0) close(r4) ioctl$PAGEMAP_SCAN(r2, 0x5450, 0x0) 1.07517302s ago: executing program 1: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0}) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000e40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3576], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r1}, 0x10) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000003380)) r2 = eventfd2(0x0, 0x0) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000001c0)={0x0, r2}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f00000016c0)=""/175, 0x0}) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000000)={0x0, r2}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1) r3 = socket$vsock_stream(0x28, 0x1, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0}) connect$vsock_stream(r3, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) 1.020734824s ago: executing program 3: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="0100000000000000e100"]) 974.668572ms ago: executing program 0: bind$inet(0xffffffffffffffff, 0x0, 0x0) clock_adjtime(0x5, &(0x7f0000000600)={0x60, 0x9d, 0xffffffffffffffff, 0x5, 0x6}) clock_adjtime(0x0, 0x0) ioctl$FS_IOC_GETVERSION(0xffffffffffffffff, 0x80087601, 0x0) openat$rfkill(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_IRQCHIP(r0, 0x8208ae63, &(0x7f0000000880)={0x1, 0x0, @pic={0x40, 0x6, 0x80, 0x6, 0x2, 0x5, 0x4, 0xa0, 0x20, 0x1, 0x20, 0x20, 0x8, 0x5, 0x9}}) removexattr(&(0x7f0000000ac0)='./file0\x00', &(0x7f0000000b00)=@known='trusted.overlay.opaque\x00') add_key$user(&(0x7f0000000b40), 0x0, 0x0, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$MRT_FLUSH(0xffffffffffffffff, 0x0, 0xd4, &(0x7f0000000d40)=0xa, 0x4) read$FUSE(0xffffffffffffffff, &(0x7f0000000d80)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_DIRENT(0xffffffffffffffff, &(0x7f0000002dc0)={0x50, 0x0, r1, [{0x5, 0xffffffffffffffff, 0x1, 0x7, '!'}, {0x1, 0xf34, 0x8, 0xbd5, 'erspan0\x00'}]}, 0x50) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000002ec0)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0xfffffff8, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x4}, 0x48) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000002f40)) bpf$PROG_LOAD(0x5, &(0x7f00000032c0)={0x10, 0x0, 0x0, &(0x7f0000002fc0)='GPL\x00', 0x8, 0x86, &(0x7f0000003000)=""/134, 0x41100, 0xf, '\x00', 0x0, 0x7, 0xffffffffffffffff, 0x8, &(0x7f00000030c0)={0x3, 0x5}, 0x8, 0x10, &(0x7f0000003100)={0x1, 0xb, 0xffff, 0x6}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x401}, 0x90) 857.475502ms ago: executing program 1: syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000080)='./bus\x00', 0x2000010, &(0x7f0000000100)=ANY=[], 0x1, 0x6a6, &(0x7f00000007c0)="$eJzs3c9vHGf9B/D3rNeON98qX6dNaISKsBKpIEUkTqwUwgWDEMqhQlU5cLYSp7GycSrHRW6FwAUEJyQO/QMKkm+ckLgHhXO59epjJSQuEYeol0UzO2uvvevYjn8GXq9o/DyzzzPPfPYzz8x411ltgP9Zty6n+ThFbl1+e7lcX1udbq+tTp+qm9tJynojaXaLFAtJ8SSZKduLviV95YBP5m+++/nTtS+6a816qfqPPG+7IYb0XamXTNbjTQ7dcnS3u1ipw8srSW7X5WZjux1rU8cyaZfqEo5dZ8DKXjbfy3kLnDC9u1PRvW8OmEhOJxmvfw9IfXVoHF2Eh2NPVzkAAAB4SX328LgjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJdP/f3/Rb006jKTKXrf/z/We6yun0Azu+75+FDjAAAAAAAAAICj8fVneZblnOmtd4rqb/4Xq5Vz+bKT/F8+yKPMZTFXspzZLGUpi7mWZKJvoLHl2aWlxWvrW5aGb3l96JbXj+oZAwAAAAAAAMB/pV+ltfH3fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAmKZKRbVMu5usxEGs1stGUl+UeSseOOdw+KYQ8+Pvo4AAAAYF/GX2Cb/3+WZ1nOmd56p6he83+ler08ng+ykKXMZyntzOVO/Rq6fNXfWFudbq+tTj8ol8Fxv/+vPYVRjVi/vzB8zxeqHq3czXz1yJXcroK5k0a1ZS4lF3rxDI/r4zKm4nu1XUbWrNNa7uwP272LcCD2+lbERBlcsp6RqTq2Mhtnuxkoqjdqkq2Z2PHoNLfuKY2Mru/pWhrr7/ycO4Scn67L8vn89lBzvlfrmWikysT13uwrz5nnZyL5xl///NN77YX79+4+unxyntIORrZ5fOucmO7LxOsvdSaae+w/VWXi/Pr6rfwoP8nlTOadLGY+P8tsljKXTt0+W8/n8ufE8zM1s2ntnZ0iGauPS/eY7Samyfywqs3mYrXtmcynyMPcyVzeqv5dz7V8OzdyIzf7jvD5beOunlt11je2nvW9I/23ocFf+mZdaSX5XV0O5GCL7WbnQele+8u8nu3La3fWP13vdbbvPJjqy9KrveyMDh38Ra6Nza/WlXIfv67Lk2GizkR5AvXuEr3oXutmolndiwbn+R875XZpL9xfvDf7/jbjr2xZf7Muy2m1+rXdRjn8UByscr68mvH6SrJ5dpRtr61fZc5uuquO1X9x6bY1BtrOV21F0TtTf5yH1QQYPFPH6t/hBke6XrW9PrRtumq70Ne26fetPEw7d44gfwDs00ROj7X+2fqs9WnrN617rbfHf3DqO6feGMvo30e/25waebPxRvGXfJpfbLz+BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXtyjDz+6P9tuzy0OrzS2b9qhstPIWypF/YU+L7SvE1gZT7Lpkep7jo48jNbWMAYqnV8mR56f3pcIDu/z+7LSzG4GnNmpz8fHPhNOemUkwyfAMV+YgEN3denB+1cfffjRt+YfzL43997cwuiNGzenbt54a/rq3fn23FT353FHCRyGjZv+cUcCAAAAAAAAAAAA7NawDwZcfGWnD43s6jMe/mchAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcCBuXU7zcYpcm7oyVa6vrU63y6VX3+jZTNJoJMXPk+JJMpPukom+4Yr86Uk6Q/bzyfzNdz9/uvbFxljNbv+kUZf7sFIvmUwyUpcHNd7tfY9X/Lv3DMuEfdnpdGb2Fx8cjP8EAAD//97S9ts=") mkdir(&(0x7f0000000140)='./bus\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.throttle.io_service_bytes\x00', 0x26e1, 0x0) write$cgroup_type(r0, &(0x7f0000000080), 0x11ffffce1) write$cgroup_int(r0, &(0x7f0000000040), 0x12) 793.521179ms ago: executing program 0: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) r0 = socket(0x10, 0x3, 0x0) bind$netlink(r0, &(0x7f0000177ff4)={0x10, 0x0, 0x1}, 0xc) write(r0, &(0x7f0000000140)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400b017ca5b", 0x26) connect$netlink(r0, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000b4bffc), 0x4) write(r0, &(0x7f0000000000)='\"', 0x1) recvmmsg(r0, &(0x7f0000000780), 0x3ffffffffffff81, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) 641.371252ms ago: executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="0100000000000000020000400000000009"]) 487.42803ms ago: executing program 2: prlimit64(0x0, 0xf, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x20, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000240)) timer_settime(0x0, 0x1, &(0x7f0000000640)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="73656366090000000000000075736569736595586366ad8ebb99dba1bcfab3f7022f86815b7d752c00002f460fb35c26bd6e622c79955bd29f95eb3a9e9bff7518795578c4400410f86746831fe448"], 0x1, 0x612b, &(0x7f0000006640)="$eJzs3c1vHGcdB/DfvvqltLV6qEqEkJuWl1KaxEkJgQJtD3Dg0gPKFSVy3SoiBZQElFYWceULB078BSAkjghxRBz4A3rgyo0TJyLZSKCeGDT288TjzW7t1PHO2s/nIzkzv3lmvc/4u7MvmZl9AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACI73/vByudiLj287RgKeIz0YvoRizU9XJELCwv5fX7EfFc7DTHsxExmIuob7/zz9MRr0bER09FbG2vr9aLLx6yH9/9499/98Mn3vrbHwbn//unO73XJq139+6v/vPne0fbZgAAAChNVVVVJ33MP5M+33fb7hQAMBX59b9K8vJTX//6n2/9ZZb6o1ar1Wr1FOqmarx7zSIiNpq3qd8zOBwPACfMRnzcdhdokfyL1o+IJ9ruBDDTOm13gGOxtb2+2kn5dpqvB8u77flckH35b3QeXN8xaXqQ0XNMpvX42oxePDOhPwtT6sMsyfl3R/O/tts+TOsdd/7TMin/4e6lT8XJ+fdG8x9xevLvjs2/VDn//iPl35M/AAAAAADMsPz//0stH/+dO/qmHMonHf9dnlIfAAAAAAAAAOBxO+r4fw8Y/w8AAABmVv1Zvfabp/aWTfoutnr51U7EkyPrA4VJF8sstt0PAAAAAAAAAAAAAChJf/cc3qudiEFEPLm4WFVV/dM0Wj+qo97+pCt9+6FkbT/JAwDAro+eGrmWvxMxHxFX03f9DRYXF6tqfmGxWqwW5vL72eHcfLXQ+Fybp/WyueEh3hD3h1X9y+Ybt2s66PPyQe2jv6++r2HVO0THHpNB+mtOaG4pbABIdl+NtrwinTJV9fSkNx+wj/3/FFqKpbYfV8y+th+mAAAAwPGrqqrqpK/zPpOO+Xfb7hQAMBX59X/0uMCR6u6E9ojH8/vVarVarVZ/qrqpGu9es4iIjeZt6vcMhuMHgBNmIz5uuwu0SP5F60fEc213AphpnbY7wLHY2l5f7aR8O83XgzS+ez4XZF/+G52d2+Xbj5seZPQck2k9vjajF89M6M+zU+rDLMn5d0fzv7bbPkzrHXf+0zIp/+HOJXPlyfn3RvMfcXry747Nv1Q5//4j5d+TPwAAAAAAzLD8//9Ljv/mTQYAAAAAAACAE2dre301X/eaj/9/bsx6rv88nXL+nUfNfyHNy/9Ey/l3R/L/8sh6vcb8/Tf39v9/b6+v/v7Ovz6bp4fNfy7PdNIjq5MeEZ10T51+mh5l6x62OegN63sadLq9fjrnpxq8EzfiZqzFhX3rdtPfY699ZV973dPBvvaL+9r7D7Vf2tc+SN87UC3k9nOxGj+Jm/H2TnvdNnfA9s8f0F4d0J7z73n+L1LOv9/4qfNfTO2dkWnt/ofdh/b75nTc/bxx4/O/vHD8m3Ogzeg92LamevvOttCfnb/JE8P42e21W+fuXr9z59ZKpMm+pRcjTR6znP9g52du7/n/hd32/Lzf3F/vfzh85PxnxWb0J+b/QmO+3t6Xpty3NuT8h+kn5/92ah+//5/k/Cfv/y+30B8AAAAAAAAAAAAAAAD4JFVV7Vwi+kZEXE7X/7R1bSYAMF359b9K8nK1Wq1Wq9Wnr26qxnu9WUTEX5u3qd8z/GLcLwMAZtn/IuIfbXeC1si/YPn7/urpi213Bpiq2+9/8KPrN2+u3brddk8AAAAAAAAAgE8rj/+53Bj/+cWIWBpZb9/4r2/G8lHH/+znmQcDjD7mgb4n2OwOe93GcOPPx8743Ocmjf99Nh4e/zuPidtrbscEgwPahwe0zx3QPj926V5aYy/0aMj5P98Y77zO/8zI8OsljP86OuZ9CXL+ZxuP5zr/L42s18y/+u3M5b9x2BU3o7sv//N33vvp+dvvf/DKjfeuv7v27tqPL62sXLh0+fKVK1fOv3Pj5tqF3X+Pp9czIOefx752HmhZcv45c/mXJef/hVTLvyw5/y+mWv5lyfnn93vyL0vOP3/2kX9Zcv4vpVr+Zcn5fyXV8i/L1vb6XJ3/y6mWf1ny/v/VVMu/LDn/V1It/7Lk/M+lWv5lyfmfT/Uh8vf18KdIzj8f4bL/lyXnv5Jq+Zcl538x1fIvS87/UqrlX5ac/6upln9Zcv5fS7X8y5Lzv5xq+Zcl5//1VMu/LDn/K6mWf1ly/t9ItfzLkvP/ZqrlX5ac/2upln9Zcv7fSrX8y5Lz/3aq5V+WnP93Ui3/suT8X0+1/Muy9/3/ZsyYMZNn2n5mAgAAAAAAAAAAAABGTeN04ra3EQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/7MDBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzda4xcZ30G8DN7sdcOIQZCcFIDa8cY4yzZ9SW+0LqYcG2AUiCh0Au2612bBd/w2iVQJJsGSiSMiiqqph/aAkJtpKrCqvhAK0rzoerlU9N+oF8qqkpIjaoQBVSktqLZaua87+uZ2dmZXe94PXve309K/t6dM3POnHlndp+1nx0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg2dY3z3y+VhRF/b/G/zYVxYvqf94wvqnxuTfc6iMEAAAAVur/Gv9//o70iSNLuFLTNn/3qn/85vz8/HzxweHfHf3y/Hy6YLwoRtcXReOy6Nq/f6jWvE3wWDFWG2r6eKjH7od7XD7S4/LRHpev63H5+h6Xj/W4fMEJWGBD+fOYxo1tb/xxU3lKizuL0cZl2ztc67Ha+qGh+LOchlrjOvOjJ4vZ4nQxU0y1bF9uW2ts/+2t9X29o4j7Gmra15b6Cvnhp0/EY6iFc7y9ZV/XbzP6wZuK8R/98NMn/vjis3d3mj1PQ8vtlce5c1v9OD8bPlMea61Yn85JPM6hpuPc0uExGW45zlrjevU/tx/n80s8zuHrh7mq2h/zsWKo8eenG+dppPnHeuk8bQmf++97i6K4cv2w27dZsK9iqNjY8pmh64/PWLki67dRX0ovLUaWtU63LmGd1uf09tZ12v6ciI//1nC9kUWOoflh+sFn1i143Je7TqP6vV7sudK+Bvv9XBmUNRjXxdONO/14xzW4Pdz/T+9YfA12XDsd1mC6301rcFuvNTi0brhxzOlBqDWuc30N7m7Zfrixp1pjPrOj+xqcvHjm/OTcJz/1+tkzx0/NnJo5u3f37qm9+/cfPHhw8uTs6Zmp8v83eLYH38ZiKD0HtoVzF58Dr23btnmpzn+1f8/DsS7Pw01t2/b7eTjSfudqq/OEXLimy+fGw/WTPnZ1qFjkOdZ4fHat/HmY7nfT83Ck6XnY8WtKh+fhyBKeh/Vtzu9a2vcsI03/dTqGm/W1YFPTGmz/fqR9Dfb7+5FBWYNjYV38667FvxZsCcf7+MRyvx8ZXrAG090Nrz31z6Tv98cONkandXlP/YLb1hWX5mYu3P/o8YsXL+wuwlgVL2taK+3rdWPTfSoWrNehZa/XI7OvevyeDp/fFM7V2Ovr/xtb9LGqb7Pv/u6PVeOrW+fz2fLZPUUYfbba57PTV/P6+UxZssv5rG/z2cmVfy+ecmnT6+/oIq+/Mfe/UO4v3dRjw6Mj5fN3OJ2d0ZbX49aHaqTx2lVr7Pv5yaW9Ho+G/1b79fjOLq/Hm9u27ffr8Wj7nYuvx7VeP+1YmfbHcyysk9NT3V+P69ts3rPcNTnS9fX43jBr4fy/LiSFlIua1s5i6zbta2RkNNyvkbiH1nW6t2X70ZDN6vt6cs+NrdOd95a3NZzu3XWrtU7H27bt9zpNr1eLrdNar5++3Zj2x3MsrIs793Zfp/Vtntq38tfODfGPTa+d63qtwdHhdfVjHk2LsHy9n98Q1+D9xYniXHG6mG5cuq6xnmqNfU08sLQ1uC78t9qvlZu7rMGdbdv2ew2mr2OLrb3ayMI73wftj+dYWBdPPNB9Dda3ecuB/n7vujN8Jm3T9L1r+8/XFvuZ1z1tp+lm/syrfpx/c6D7z2br25w+uNyc2f083Rc+c1uH89T+/F3sOTVdrM552hyO89mDi5+n+vHUt/nyoSWupyNFUVz++IONn/eGv1/580vf/WbL37t0+judyx9/8LnbT/7tco4fgLXvhXJsLL/WNf3N1FL+/h8AAABYE2LuHwozkf8BAACgMmLuj/8qPJH/AQAAoDJi7h8JM8kk/29+y7OzL1wuUjN/PoiXp9PwULld7LhOhY/H56+rf/7Br8/8+C8vL23fQ0VR/OSh3+i4/eaH4nGVxsNxXntr6+cXXvHykvZ/7JHr2zX3178Sbj/en6Uug04V3KmiKL59xxcb+xn/0NXGfOqhY435viuPP1bf5vlD5cfx+s+8rNz+D0L598jJ4y3Xfyach++HOfXOzucjXu8bV1+35cAHru8vXq+27cWNu/3Eh8vbjb8n50uPldvH87zY8f/VF578Rn37R1/T+fgvD3U+/ifD7X49zP95Zbl982NQ/zhe73Ph+OP+4vXu/9p3Oh7/tc+X259/W7ndsTDj/neGj7e/7dnZ5vP1aO14y/0q3l5uF/c/9d3fblweby/efvvxjx292nI+2tfHU/9c3s5k2/bx83E/0V+07b9+O83rM+7/yd861nKee+3/2vueeWX9dtv3f1/bdsNt12//jU1/+LkvdtxfPJ4jf3a+5f4ceW94Hof9P/HhsB7D5f977Yst+42Ovbf19Sdu/5VNl1vuT/SOH5X7v/bGU435H+M//v3bXnT7i6+8un7uiuLp95e312v/p/7oXMvxf/WuXY3HI14eO/rt+19M3P+FT0ycPTd3aXa66aw2fnfOu8rjWT+2YWP9eO8Ir63tHx89d/EjMxfGp8animK8ur9C74Z9LcznynFludff9Uh4PO/5vW9v3PFPX4if/5eHy89ffWf5deu1Ybsvhc9vKh+/+doK9//E1rsaz+/aU+XHLT32Ptiy/T8PLmnDcP/bvy+I6/38yz/SOA/1yxpfN+LzeoXH/73p8na+Fc7rfPjNzNvuur6/5u3j70a4+v7y+b7i8xde5uLj+ifh8X7398vbj8cV7+/3wvcx39nc+noX18e3Lg+1337jt3hcCa8nxZXy8rhVPN9Xn7+r4+HF30NSXLm78fHvpNu5e1l3czFzn5ybPD179tKjkxdn5i5Ozn3yU0fPnLt09uLRxu/yPPrRXte//vq0sfH6ND2zf18xtaEoinPF1Cq8YN2c46//aWnHf/6RE9MHpnZMz5w8funkxUfOz1w4dWJu7sTM9NyO4ydPznyi1/Vnpw/v3nNo74E9E6dmpw8fPHRo76GJ2bPn6odRHlQP+6c+NnH2wtHGVeYO7zu0+4EH9k1NnDk3PXP4wNTUxKVe1298bZqoX/vXJy7MnD5+cfbMzMTc7KdmDu8+tH//np6/DfDM+ZNz45MXLp2dvDQ3c2GyvC/jFxufrn/t63V9qmnu38rvZ9vVyl/EV7znvv3p97PWff0zi95UuUnbLxB9Nvwumn94yfmDS/k45v7RMJNM8j8AAADkIOb+dWEm8j8AAABURsz968NM5H8AAACojJj7x8JMMsn/+v/6/0vr/5eX6//n1f8///GyV7rW+/+xP6//n4db3P9f8f71//X/q9f/X3p/fq0fv/6//j8LDVr/P+b+DUWRZf4HAACAHMTcvzHMRP4HAACAyoi5/7YwE/kfAAAAKiPm/heFmWSS//X/l9T/39OrcFX9/r/3/9f/L9Zm/z8+OPr/2Vh2//4DD7d8qP8f6P/r/+v/6//r/7Nio4tecqv6/zH33x5mkkn+BwAAgBzE3P/iMBP5HwAAACoj5v47wkzkfwAAAKiMmPs3hZlkkv/1/73/v/6//n+l+/8rff//poPR/18bvP9/d/r/Pdxw/39M/38t9v9H+3v8g93/73n4+v/cFIP2/v8x978kzCST/A8AAAA5iLn/pWEm8j8AAABURsz9Lwszkf8BAACgMmLuvzPMJJP8r/+v/6//r/+v/995/73f/7/8k/7/YNH/707/vwfv/59X/7/Pxz/Y/f9+v///6Fvbr6//TyeD1v+Puf/lYSaZ5H8AAADIQcz9d4WZyP8AAABQGTH3vyLMRP4HAACAyoi5f3OYSSb5X/9f/1//X/9f/7/z/nv3/0v6/4NF/787/f8e9P/1//X/l9b/7/DNr/4/nQxa/z/m/rvDTDLJ/wAAAJCDmPvvCTOR/wEAAKAyYu7/qTAT+R8AAAAqI+b+LWEmmeR//X/9f/3/vPr/963T/9f/rzb9/+70/3vQ/9f/1/9f4vv/L7Sc/v/6XjdGZQxa/z/m/leGmWSS/wEAACAHMfe/KsxE/gcAAIDKiLn/1WEm8j8AAABURsz942EmmeR//f9q9f//9K+feHWh/6//32P/Fe3/x2Wg/585/f/u9P970P/X/9f/X5X+P/kYtP5/zP1bw0wyyf8AAACQg5j7t4WZyP8AAABQGTH33xtmIv8DAABAZcTcvz3MJJP8r/9frf5/pP+v/99t/xXt/yf6/3nT/++g6Umq/9+D/r/+f/b9//jdr/4//TFo/f+Y+18TZpJJ/gcAAIAcxNy/I8xE/gcAAIDKiLn/tWEm8j8AAABURsz9O8NMMsn/+v/6//r/+v/6/533r/+/Nun/d7fc/v86/X/9f/3/zPr/3v+f/hq0/n/M/a8LM8kk/wMAAEAOYu7fFWYi/wMAAEBlxH+/Wf67V/kfAAAAqijm/okwk0zyv/6//n9O/f+a/r/+v/5/5en/d+f9/3vQ/9f/1//X/6evBq3/H3P/68NMMsn/AAAAkIOY++8PM5H/AQAAoDJi7p8MM5H/AQAAoDJi7p8KM8kk/+v/6//n1P/3/v/6//r/1af/353+fw/6//r/Vev/F4X+P7fUoPX/Y+7fHWaSSf4HAACAHMTcvyfMRP4HAACAyoi5f2+YifwPAAAAlRFz/74wk0zyv/6//r/+v/6//n/n/ev/r036/93p//eg/6//X7X+v/f/5xYbtP5/zP0PhJlkkv8BAAAgBzH37w8zkf8BAACgMmLuPxBmEvJ/p3/XDQAAAKwtMfcfDDPJ5O//9f8r0v//zb9v2bf+v/5/t/33p/+/Qf8/TP3/wVLR/n/70+KG6f/3oP+v/6//r/9PXw1a/z/m/kNhJpnkfwAAAMhBzP1vCDOR/wEAAKAyYu7/6TAT+R8AAAAqI+b+nwkzyST/6/9XpP/fRv9f/7/b/r3/v/5/lVW0/983ler/D+n/6/8P1vHr/+v/s9DN7//HPy2t/x9z/+Ewk0zyPwAAAOQg5v6fDTOR/wEAAKAyYu5/Y5iJ/A8AAACVEXP/kTCTTPK//r/+v/6//v/N6f+/sWg3iP3/+uLR/68W/f/uKtX/9/7/+v8Ddvz6//r/LDRo7/8fc/+bwkwyyf8AAACQg5j7Hwwzkf8BAACgMmLuf3OYifwPAAAAlRFz/1vCTDLJ//r/+v/6//r/3v+/8/71/9cm/f/u9P970P/X/9f/1/+nrwat/x9z/1vDTDLJ/wAAAJCDmPvfFmYi/wMAAEBlxNz/9jAT+R8AAAAqI+b+d4SZZJL/9f/1//X/9f/1/zvvX/9/bdL/707/vwf9f/1//X/9f/pq0Pr/Mff/XJhJJvkfAAAAchBz/0NhJvI/AAAAVEbM/e8MM5H/AQAAoDJi7n9XmEkm+V//X/9f/1//X/+/8/71/9cm/f/u9P970P/X/9f/1/+nrwat/x9z/7vDTDLJ/wAAAJCDmPt/PsxE/gcAAIDKiLn/PWEm8j8AAABURsz9vxBmkkn+1//X/x+s/v/85ebr6f/r/xf96v/Xr6T/nwX9/+70/3vo0P9fr/+v/6//r//PDRu0/n/M/e8NM8kk/wMAAEAOYu5/X5iJ/A8AAACVEXP/+8NM5H8AAACojJj7Hw4zyST/6/9n2f9Pd3nw+v/e/1//3/v/6/+vjP5/d/r/PXj/f/1//X/9f/pq0Pr/Mfc/EmaSSf4HAACAHMTc/4EwE/kfAAAAKiPm/l8MM5H/AQAAoDJi7v9gmEkm+V//P8v+/wC//3/V+v8jLesjp/7/WNPjmdal/r/+/yrQ/+9O/78H/X/9/0Hu/4fVvGGR6+v/M4gGrf8fc/+Hwkwyyf8AAACQg5j7fynMRP4HAACAyoi5/5fDTOR/AAAAqIyY+38lzCST/K//r/+v/+/9/73/f+f96/+vTfr/3en/96D/r/8/yP3/HvT/GUSD1v+Puf9Xw0wWDX7P/dcS7iYAAAAwQGLu/3CYSSZ//w8AAAA5iLn/aJiJ/A8AAACVEXP/sTCTTPK//n97/z++o6r+v/6//r/+v/7/WtS//v8rbi8K/X/9f/1//X/9f/1/VmLQ+v8x9x8PM8kk/wMAAEAOYu7/tTAT+R8AAAAqI+b+E2Em8j8AAABURsz902EmmeT/W9j/Hx3M/r/3/7/R/v9P9P/1/wP9/870/1eH9//vTv+/B/1//X/9f/1/+mrQ+v8x98+EmWSS/wEAAKDC0o+DY+4/GWYi/wMAAEBlxNx/KsxE/gcAAIDKiLn/I2EmmeR/7/+v/+/9/29F/3+kZXv9/5L+v/5/P+j/d6f/34P+v/6//r/+P301aP3/mPtnw0wyyf8AAACQg5j7PxpmIv8DAABAZcTc/7EwE/kfAAAAKiPm/tNhJpnkf/1//f/c+/+1orji/f/1/zvtX/9/bdL/707/vwf9f/1//X/9f/pq0Pr/MfefCTPJJP8DAABADmLuPxtmIv8DAABAZcTcfy7MRP4HgP9n7y6aJDuvPA7naKSG1cxHmPWsZjmz0nwEb71zhNeOMMgMksxsy8wgMzOTzMzMMjPKKDuiHao+53RXV/a9DdlV977neTbH3aFyZqlTcvxd8YsLADCM3P13j1ua7H/9v/6/e/+/OZLn/+//6/X/p+n/9f+7cKC/v3r7X3e+KPy8/f///O91d9H/6//1/5P0//p//T/nWlr/n7v/HnFLk/0PAAAAHeTuv2fcYv8DAADAMHL33ytusf8BAABgGLn7r4tbmux//b/+X/+v/9/X/9+i/9f/r5vn/0/T/8/Q/+v/9f/6f3Zqaf1/7v57xy1N9j8AAAB0kLv/PnGL/Q8AAADDyN1/37jF/gcAAIBh5O6/X9zSZP/r//X/+v+19P/HPP//nO9H/6//30b/P03/P0P/r//X/+v/2aml9f+5++8ftzTZ/wAAANBB7v4HxC32PwAAAAwjd/8D4xb7HwAAAIaRu/9BcUuT/a//1//r/9fS/x/S8//1//r/lbt5c+bfCfr/g/T/M2b6/81G/z/lgvv57d/eet7/eej/9f8ctLT+P3f/g+OW/99sjl3qNwkAAAAsSu7+h8QtTX7+DwAAAB3k7r8+brH/AQAAYBi5+2+IW5rsf/2//l//r//X/29/ff3/Onn+/7TL7///+z/vdte+/b/n/0/z/P9d9/93fDL0/6zb0vr/3P03xi1N9j8AAAB0kLv/oXGL/Q8AAADDyN3/sLjF/gcAAIBh5O5/eNzSZP/r/0fr//9939ed1f/v1S76f/2//l//Pzr9/zTP/5+x96+5k/VL/b/+3/P/9f9cnqX1/7n7HxG3NNn/AAAA0EHu/kfGLfY/AAAADCN3/6PiFvsfAAAAhpG7/9FxS5P9r/8frf/f/3We/6//3/b6+n/9/8j0/9P0/zNGef7/JX5qjrqfv1xH/f71//p/Dlpa/5+7/zFxS5P9DwAAAB3k7n9s3GL/AwAAwDBy9z8ubrH/AQAAYBi5+x8ftzTZ//p//f86+v98Bf2//v/K9/9J/79O+v9p+v8Zo/T/l+io+/m1v3/9v/6fg5bW/+fuf0Lc0mT/AwAAQAe5+58Yt9j/AAAAMIzc/U+KW+x/AAAAGEbu/ifHLU32v/5f/7+O/t/z//X/nv+v/78w+v9p+v8Z+n/9v/5f/89OLa3/z91/U9zSZP8DAABAB7n7nxK32P8AAAAwjNz9T41b7H8AAAAYRu7+p8UtTfa//l//r//X/+v/t7++/n+d9P/T9P8z9P/6f/2//p+dWlD/f9ZXndg8PW5psv8BAACgg9z9z4hb7H8AAAAYRu7+Z8Yt9j8AAAAMI3f/s+KWJvtf/7+Y/n8v5xur/z+52Wz0/5um/f/Js/4863Op/9f/HwL9/zT9/wz9v/5f/6//Z6cW1P/v/Tp3/7Pjlib7HwAAADrI3f+cuMX+BwAAgGHk7n9u3GL/AwAAwDBy9z8vbmmy//X/i+n/94zV/3v+/7mfj079v+f/H6T/Pxz6/2n6/xn6f/2//l//z04trf/P3f/8uOnYNZf8LQIAAAALk7v/BXFLk5//AwAAQAe5+18Yt9j/AAAAsFI3Hfid3P0vilua7H/9/277/2Nn/Z7+X/9/7udD/6//1/9fefr/afr/Gfp//b/+X//PTi2t/8/d/+K4pcn+BwAAgA5y998ct9j/AAAAMIzc/S+JW+x/AAAAGEbu/pfGLU32v/7f8//1//p//f/219f/r5P+f5r+f4b+X/9/tP3/8TP/Uf/PGC6i/z916tT1V7z/z93/srilyf4HAACADnL3vzxusf8BAABgGLn7XxG32P8AAAAwjNz9r4xbmux//X/T/j8/6uvq/2/YbPT/+n/9v/5/mv5/mv5/hv5f/+/5//p/dmppz//P3f+quKXJ/gcAAIAOcve/Om6x/wEAAGAYuftfE7fY/wAAADCM3P2vjVua7H/9f9P+3/P/9f/6/8Pu/2/f6P8PxSr6/5Pnf/2l9/836v/1/xPa9f93+r99v9T/6/85aGn9f+7+18UtTfY/AAAAdJC7//Vxi/0PAAAAw8jd/4a4xf4HAACAYeTuf2PcdHWT/a//1//r//X/+v/tr3/Iz/8/ttls9P87sIr+f8LS+//dPP//3H/Kz9D/6//X/P71//p/Dlpa/5+7/01xS5P9DwAAAB3k7n9z3GL/AwAAwDBy978lbrH/AQAAYBi5+98atzTZ//p//b/+X/8/fP9/4yr6f8//3xH9/7Rl9P/np//X/6/5/ev/9f9cuKPq/3P3vy1uabL/AQAAoIPc/W+PW+x/AAAAGEbu/nfELfY/AAAADCN3/zvjlib7X/+v/7+Y/j/fp/5/rP7/+OL6/xP7/vuaPP9f/78j+v9p+v8Z+n/9v/7/Jv0/u7S05//n7n9X3NJk/wMAAEAHufvfHbf+r1v7HwAAAIaRu/89cYv9DwAAAMPI3f/euKXJ/tf/6/89/1//P/zz//X/rej/p+n/Z+j/9f/6f8//Z6eW1v/n7n9f3NJk/wMAAEAHufvfH7fY/wAAADCM3P0fiFvsfwAAABhG7v5b4pYm+1//r//X/+v/9f+n/wz1/2PQ/087nP7/pP5f/1/9/L/FPwX6f/3/3NczpqX1/7n7Pxi3NNn/AAAA0EHu/g/FLfY/AAAADCN3/4fjFvsfAAAAVunqLb+Xu/8jcUuT/a//1//r//X/+v/tr6//X6cj6f/zQ6H/9/z/0Kf//699v1rb8//P/d8v/b/+n91bWv+fu/+jcUuT/Q8AAAAd5O7/WNxi/wMAAMAwcvd/PG6x/wEAAGAYufs/Ebc02f/6f/2//l//r//f/vr6/3Xy/P9p+v8Z+v8jfX7+2t+//l//z0FL6/9z938ybmmy/wEAAKCD3P2filvsfwAAABhG7v5Pxy32PwAAAAxjb/dnXNZw/+v/9f/6f/2//n/76+v/10n/P03/P0P/r//X/+v/2aml9f+f2fuqE5vPxi1N9j8AAAB0kLv/c3GL/Q8AAADDyN3/+bjF/gcAAIBh5O7/QtzSZP/r//X/6+j/T506db3+X/+///s50//fqv+n6P+n6f9n6P/1//p//T87tbT+P3f/F+OWJvsfAAAAOsjd/6W4xf4HAACAYeTu/3LcYv8DAADAMHL3fyVuabL/9f8L6P9P6P89/1//v/H8f/3/juj/p+n/Z4zY/5+48G//qPv5y3XU71//r//noKX1/7n7vxq3NNn/AAAA0EHu/q/FLfY/AAAADCN3/9fjFvsfAAAAhpG7/xtxS5P9r/8/vP7/jr93XZ7/f3Kz/f3r//X/+n/9/5Wm/5+m/58xYv9/EY66n1/7+9f/6/85aGn9f+7+b8Yt+4ffNRf3XQIAAABLkrv/W3FLk5//AwAAQAe5+78dt9j/AAAAMIzc/d+JW5rsf/3/Ap7/P2D/7/n/2z8f+v9F9/9X6f/HoP+fpv+fof/X/+v/d9T/56dZ/9/d0vr/3P3fjVua7H8AAADoIHf/9+IW+x8AAACGkbv/+3GL/Q8AAADDyN1/a9xy1v7f1naPQv+v/9f/6//1/9tfX/+/Tvr/aRfa/x/fXF7/n/T/+n/9f9f+3/P/OW1p/X/u/h/ELX7+DwAAAKtzzXl+P3f/D+MW+x8AAACGkbv/R3GL/Q8AAADDyN3/47jltquO6i0dKv2//l//r//X/29/ff3/Oun/p3n+/wz9/y76+Wv1/2P0/5uN/p/Lt7T+P3f/T+IWP/8HAACAYeTu/2ncYv8DAADAMHL3/yxusf8BAABgGLn7fx63NNn/+n/9/2X2/3tppv7/NP3/afr/7fT/h0P/P03/P0P/7/n/+n/P/2enltb/5+7/RdzSZP8DAABAB7n7fxm32P8AAAAwjNz9v4pb7H8AAAAYRu7+X8ctTfb/kfX/8bda/7/6/t/z//X/+n/9/6Lo/6fp/2fo//X/+n/9Pzu1tP4/d/9v4pYm+x8AAAA6yN3/27jF/gcAAIBh5O7/Xdxi/wMAAMAwcvf/Pm5psv89/1//r//X/+v/t7++/n+d9P/T9P/b1R+U/l//r//X/7NTS+v/c/f/IW5psv8BAACgg9z9f4xb7H8AAAAYRu7+2+IW+x8AAACGkbv/T3FLk/2v/9f/6//1//r/7a+v/18n/f+0o+z/7/wf8y/r+f9H3v/nW9D/6//1/+zE0vr/3P1/jlua7H8AAADoIHf/X+IW+x8AAACGkbv/r3GL/Q8AAADDyN3/t7ilyf6f6f+P11+o/5+k/9///vX/2z8f+n/9v/7/ytP/T/P8/xn6f8//1//r/9mppfX/ufv/Hrc02f8AAADQQe7+2+MW+x8AAACGkbv/H3GL/Q8AAADDyN3/z7ilyf73/P819f/X6v/1//p//b/+f4b+f5r+f4b+X/+v/9f/s1NL6/9z9/8rAAD//z66VbA=") 322.701514ms ago: executing program 3: r0 = socket$packet(0x11, 0x3, 0x300) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f0000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='sys_exit\x00'}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x0) ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000000)=@urb_type_interrupt={0x1, {0x5}, 0x10001, 0x27, &(0x7f0000000380)="0176727b28b0768e9b4bbb9f4df06ea0ea341bc585264980e9f31887810a6ecd176a39c782d38da87403bdb1605f74c167028634d985c632a17e3cbd86182e0f332d82ef6a48648bfa21d680e65575a7e059130e5a92f2c4675fe18d4dbeef82bc993fcefdc8f985359a1406f1ab1c1fc546f65cda22c062d2fe51d970e08c71a9928782f322696369bc52de776a1d72770c5ff504c4384de823ce12996814b6dc3eff13ee7ccf46cbcbe0cd53a8334424aed41cf194f145ca70b6", 0xbb, 0xfffffffc, 0x582, 0x0, 0x0, 0x0, &(0x7f00000004c0)="b32b291260bccc8d088ad2afe413c5ffb56151dfd4e5997af2d401b243efd43022d73d7202e2a118e7"}) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x9004}, 0x4) socket$packet(0x11, 0x2, 0x300) r3 = socket$packet(0x11, 0x0, 0x300) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'syz_tun\x00', 0x0}) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'wpan1\x00'}) syz_emit_ethernet(0xfdef, &(0x7f0000001b80)={@multicast, @dev, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x2, 0x0, 0x0, 0x0, @empty=0x2, @multicast2}}}}}, 0x0) r5 = openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) r6 = syz_mount_image$fuse(&(0x7f0000000080), 0x0, 0x0, &(0x7f0000002880)={{'fd', 0x3d, r5}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0) open_by_handle_at(r6, &(0x7f00000021c0)=ANY=[@ANYBLOB], 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000940)=@bpf_tracing={0x1a, 0x14, &(0x7f00000006c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x41, 0x0, 0x0, 0x0, 0x275a}, [@map_idx_val, @map_idx_val={0x18, 0xb, 0x6, 0x0, 0xc, 0x0, 0x0, 0x0, 0x6}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}]}, &(0x7f0000000180)='syzkaller\x00', 0x5, 0xf2, &(0x7f00000007c0)=""/242, 0x41000, 0x14, '\x00', r4, 0x0, r2, 0x8, &(0x7f0000000280), 0x8, 0x10, &(0x7f0000000300)={0x2, 0x8, 0x8}, 0x10, 0x0, 0xffffffffffffffff, 0x6, 0x0, &(0x7f00000008c0)=[{0x1}, {0x2, 0x1, 0x2}, {0x0, 0x1, 0x3}, {0x1, 0x5, 0x0, 0xb}, {0x0, 0x2, 0x5}, {0x0, 0x5, 0xc, 0x1}], 0x10, 0x2}, 0x90) 235.720676ms ago: executing program 1: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r0) openat$random(0xffffffffffffff9c, &(0x7f0000003600), 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, 0x0) 70.743284ms ago: executing program 3: r0 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2) r1 = memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x3) prlimit64(0x0, 0x7, &(0x7f0000000080), 0x0) ftruncate(r1, 0xffff) fcntl$addseals(r1, 0x409, 0x7) ioctl$UDMABUF_CREATE(r0, 0x40187542, &(0x7f0000000100)={r1, 0x0, 0x0, 0x1000}) 0s ago: executing program 1: pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r1 = socket$unix(0x1, 0x5, 0x0) splice(r1, 0x0, r0, 0x0, 0x401, 0x0) kernel console output (not intermixed with test programs): d from eth3 [ 473.972774][T11068] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 474.007509][T11068] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 474.036407][T11068] BTRFS info (device loop2): using free-space-tree [ 474.067525][T11064] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 474.361284][T10946] 8021q: adding VLAN 0 to HW filter on device bond0 [ 474.495619][T11068] loop2: detected capacity change from 32768 to 0 [ 474.698754][T11102] syz-executor.4: attempt to access beyond end of device [ 474.698754][T11102] loop4: rw=2049, sector=53248, nr_sectors = 976 limit=40427 [ 474.998647][ T9294] kworker/u8:4: attempt to access beyond end of device [ 474.998647][ T9294] loop2: rw=6145, sector=13448, nr_sectors = 8 limit=0 [ 475.243669][ T29] kauditd_printk_skb: 29 callbacks suppressed [ 475.243691][ T29] audit: type=1800 audit(1717338533.367:638): pid=11102 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=10 res=0 errno=0 [ 475.284294][T10946] 8021q: adding VLAN 0 to HW filter on device team0 [ 475.310570][ T9294] kworker/u8:4: attempt to access beyond end of device [ 475.310570][ T9294] loop2: rw=6145, sector=13456, nr_sectors = 8 limit=0 [ 475.382544][ T7447] bridge0: port 1(bridge_slave_0) entered blocking state [ 475.389765][ T7447] bridge0: port 1(bridge_slave_0) entered forwarding state [ 475.411123][T10592] syz-executor.4: attempt to access beyond end of device [ 475.411123][T10592] loop4: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 475.429425][T11098] BTRFS error (device loop2 state A): Transaction aborted (error -5) [ 475.459642][T11098] BTRFS: error (device loop2 state A) in __btrfs_run_delayed_items:1174: errno=-5 IO failure [ 475.485341][T10592] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 475.486266][ T7447] bridge0: port 2(bridge_slave_1) entered blocking state [ 475.493169][T10592] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 475.499404][ T7447] bridge0: port 2(bridge_slave_1) entered forwarding state [ 475.523523][T11098] BTRFS info (device loop2 state EA): forced readonly [ 475.553575][T11098] BTRFS warning (device loop2 state EA): Skipping commit of aborted transaction. [ 475.563053][T11098] BTRFS: error (device loop2 state EA) in cleanup_transaction:2018: errno=-5 IO failure [ 475.578165][T11098] BTRFS error (device loop2 state EMA): remounting read-write after error is not allowed [ 475.582430][ T5122] Bluetooth: Unknown BR/EDR signaling command 0x0f [ 475.597392][ T5122] Bluetooth: Wrong link type (-22) [ 475.603899][ T5122] Bluetooth: Unknown BR/EDR signaling command 0x11 [ 475.611628][ T5122] Bluetooth: Wrong link type (-22) [ 475.733925][T10092] BTRFS info (device loop2 state EA): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 475.836907][T11104] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 476.202698][T10946] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 476.464358][T10946] veth0_vlan: entered promiscuous mode [ 476.513810][T10946] veth1_vlan: entered promiscuous mode [ 476.634417][T10946] veth0_macvtap: entered promiscuous mode [ 476.670167][T10946] veth1_macvtap: entered promiscuous mode [ 476.741073][T10946] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 476.741102][T10946] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 476.741117][T10946] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 476.741141][T10946] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 476.741155][T10946] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 476.741171][T10946] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 476.741186][T10946] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 476.741202][T10946] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 476.745807][T10946] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 476.754254][T10946] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 476.754280][T10946] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 476.754295][T10946] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 476.754312][T10946] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 476.754326][T10946] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 476.754342][T10946] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 476.754357][T10946] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 476.754373][T10946] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 476.756402][T10946] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 476.764411][T10946] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 476.764453][T10946] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 476.764485][T10946] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 476.764517][T10946] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 477.086667][T11130] loop2: detected capacity change from 0 to 32768 [ 477.106248][ T1093] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 477.297336][ T1093] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 477.628826][ T9294] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 477.667638][ T9294] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 478.582766][T11148] loop4: detected capacity change from 0 to 16 [ 479.008904][T11148] loop4: detected capacity change from 0 to 8192 [ 479.309530][T11157] loop3: detected capacity change from 0 to 1024 [ 479.381035][T11157] hfsplus: failed to load root directory [ 479.481521][T11160] loop4: detected capacity change from 0 to 1024 [ 479.573886][T11160] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (1764!=20869) [ 479.599612][T11160] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 479.635260][T11160] EXT4-fs (loop4): invalid journal inode [ 479.650622][T11160] EXT4-fs (loop4): can't get journal size [ 479.678152][T11160] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 479.707383][ T5122] Bluetooth: Unknown BR/EDR signaling command 0x0f [ 479.723375][ T5122] Bluetooth: Wrong link type (-22) [ 479.728688][ T5122] Bluetooth: Unknown BR/EDR signaling command 0x11 [ 479.736506][ T5122] Bluetooth: Wrong link type (-22) [ 479.743031][ T5122] Bluetooth: hci3: link tx timeout [ 479.749272][ T5122] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa [ 479.802582][T11146] loop1: detected capacity change from 0 to 32768 [ 479.815320][T11146] jfs: Unrecognized mount option "secf " or missing value [ 479.932282][T11145] loop2: detected capacity change from 0 to 40427 [ 479.978406][T11145] F2FS-fs (loop2): Found nat_bits in checkpoint [ 480.033849][T11164] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 480.192127][T11145] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 480.702385][T11186] syz-executor.2: attempt to access beyond end of device [ 480.702385][T11186] loop2: rw=2049, sector=53248, nr_sectors = 976 limit=40427 [ 480.923774][ T29] audit: type=1800 audit(1717338539.407:639): pid=11186 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="loop2" ino=10 res=0 errno=0 [ 481.412967][T11190] loop1: detected capacity change from 0 to 512 [ 481.489849][T10092] syz-executor.2: attempt to access beyond end of device [ 481.489849][T10092] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 481.515137][T11190] EXT4-fs: Invalid want_extra_isize 183 [ 481.535504][T10092] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 481.573744][T10092] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 481.623828][T11190] loop1: detected capacity change from 0 to 256 [ 481.665067][T11190] FAT-fs (loop1): Unrecognized mount option "check=suõict" or missing value [ 481.732333][T11194] loop3: detected capacity change from 0 to 2048 [ 481.806794][T11194] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 481.820761][ T4489] Bluetooth: hci3: command 0x0406 tx timeout [ 481.860513][T11194] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 482.292802][T11207] loop1: detected capacity change from 0 to 1024 [ 482.351919][T11207] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 482.773179][T11221] loop2: detected capacity change from 0 to 256 [ 482.792779][T11221] FAT-fs (loop2): Unrecognized mount option "shortnamm=mixed" or missing value [ 482.994751][T11223] loop3: detected capacity change from 0 to 2048 [ 483.047691][T11223] EXT4-fs (loop3): unsupported descriptor size 2 [ 483.182453][T11207] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: none. [ 483.256942][T11232] syz-executor.3: attempt to access beyond end of device [ 483.256942][T11232] loop7: rw=4096, sector=2, nr_sectors = 2 limit=0 [ 483.272237][T11229] syz-executor.1 (11229) used greatest stack depth: 17840 bytes left [ 483.310320][T11232] EXT4-fs (loop7): unable to read superblock [ 483.413081][T10592] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 483.462192][T10746] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 483.543413][ T7443] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 483.733361][ T7443] usb 3-1: Using ep0 maxpacket: 8 [ 483.746270][ T7443] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 4352, setting to 64 [ 483.771977][ T7443] usb 3-1: New USB device found, idVendor=1b3d, idProduct=0146, bcdDevice= 1.b8 [ 483.802388][ T7443] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 483.840253][ T7443] usb 3-1: config 0 descriptor?? [ 483.855387][ T7443] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected [ 483.860424][T11244] IPVS: set_ctl: invalid protocol: 47 255.255.255.255:20000 [ 483.874092][ T7443] usb 3-1: Detected SIO [ 483.884035][ T7443] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 483.894602][ T25] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 484.063537][T11228] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 484.073410][ T7448] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 484.075080][T11228] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 484.091282][ T25] usb 5-1: Using ep0 maxpacket: 8 [ 484.099314][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 4352, setting to 64 [ 484.113113][ T25] usb 5-1: New USB device found, idVendor=1b3d, idProduct=0146, bcdDevice= 1.b8 [ 484.134472][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 484.176424][ T25] usb 5-1: config 0 descriptor?? [ 484.201736][ T25] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected [ 484.211485][T11234] loop3: detected capacity change from 0 to 32768 [ 484.231303][ T7443] usb 3-1: USB disconnect, device number 20 [ 484.241582][ T25] usb 5-1: Detected SIO [ 484.245381][T11234] jfs: Unrecognized mount option "secf " or missing value [ 484.257264][ T7443] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 484.272899][ T25] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB1 [ 484.288515][ T7443] ftdi_sio 3-1:0.0: device disconnected [ 484.308782][ T4489] Bluetooth: Unknown BR/EDR signaling command 0x0f [ 484.315796][ T7448] usb 2-1: Using ep0 maxpacket: 32 [ 484.322055][ T4489] Bluetooth: Wrong link type (-22) [ 484.327838][ T4489] Bluetooth: Unknown BR/EDR signaling command 0x11 [ 484.334484][ T4489] Bluetooth: Wrong link type (-22) [ 484.344411][ T7448] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 484.375466][ T7448] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 484.393671][ T7448] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 484.402784][ T7448] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 484.415984][ T7448] usb 2-1: config 0 descriptor?? [ 484.428337][T11236] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 484.434385][ T7448] hub 2-1:0.0: USB hub found [ 484.446822][T11236] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 484.572502][T11250] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 484.581179][ T25] usb 5-1: USB disconnect, device number 21 [ 484.623060][ T25] ftdi_sio ttyUSB1: FTDI USB Serial Device converter now disconnected from ttyUSB1 [ 484.642501][ T7448] hub 2-1:0.0: 1 port detected [ 484.649310][ T25] ftdi_sio 5-1:0.0: device disconnected [ 484.935958][T11266] loop2: detected capacity change from 0 to 1024 [ 484.958469][T11266] hfsplus: failed to load root directory [ 485.311932][ T7448] hub 2-1:0.0: activate --> -90 [ 485.358280][T11270] loop4: detected capacity change from 0 to 2048 [ 485.386006][T11270] UDF-fs: error (device loop4): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 485.406855][T11270] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 485.426712][T11270] UDF-fs: Scanning with blocksize 512 failed [ 485.461639][T11270] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 485.532382][T11260] loop3: detected capacity change from 0 to 32768 [ 485.550058][T11276] loop2: detected capacity change from 0 to 256 [ 485.570109][T11260] jfs: Unrecognized mount option "secf " or missing value [ 485.591541][T11276] FAT-fs (loop2): Unrecognized mount option "shortnamm=mixed" or missing value [ 486.127716][ T7448] usb 2-1-port1: config error [ 486.184175][T11281] loop2: detected capacity change from 0 to 32768 [ 486.337733][T11242] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 486.393734][T11242] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 486.425632][ T7447] usb 2-1: USB disconnect, device number 19 [ 486.440106][ T7448] usb 2-1-port1: attempt power cycle [ 487.667207][ T7445] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 487.905850][ T7445] usb 4-1: Using ep0 maxpacket: 8 [ 487.936254][ T7445] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 4352, setting to 64 [ 487.984065][ T7445] usb 4-1: New USB device found, idVendor=1b3d, idProduct=0146, bcdDevice= 1.b8 [ 488.021127][ T7445] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 488.060148][ T7445] usb 4-1: config 0 descriptor?? [ 488.078763][ T7445] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected [ 488.102699][ T4489] Bluetooth: Unknown BR/EDR signaling command 0x0f [ 488.112177][ T4489] Bluetooth: Wrong link type (-22) [ 488.117705][ T4489] Bluetooth: Unknown BR/EDR signaling command 0x11 [ 488.124551][ T4489] Bluetooth: Wrong link type (-22) [ 488.137575][ T7445] usb 4-1: Detected SIO [ 488.147093][ T7445] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 488.243336][ T7437] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 488.283678][T11288] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 488.292721][T11288] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 488.389558][T11294] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 488.406385][ T7445] usb 4-1: USB disconnect, device number 20 [ 488.428742][ T7445] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 488.429404][T11286] loop4: detected capacity change from 0 to 32768 [ 488.459170][ T7445] ftdi_sio 4-1:0.0: device disconnected [ 488.462944][T11286] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (11286) [ 488.478516][ T7437] usb 3-1: Using ep0 maxpacket: 8 [ 488.491615][ T7437] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 4352, setting to 64 [ 488.511001][ T7437] usb 3-1: New USB device found, idVendor=1b3d, idProduct=0146, bcdDevice= 1.b8 [ 488.526072][ T7437] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 488.534571][T11286] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 488.560312][T11286] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 488.578071][ T7437] usb 3-1: config 0 descriptor?? [ 488.595844][T11286] BTRFS info (device loop4): using free-space-tree [ 488.606683][ T7437] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected [ 488.637890][ T7437] usb 3-1: Detected SIO [ 488.651196][ T7437] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 488.835045][T11293] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 488.840023][T11326] loop1: detected capacity change from 0 to 1024 [ 488.858573][T11326] hfsplus: failed to load root directory [ 488.865032][T11293] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 489.002686][T10592] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 489.012566][ T7437] usb 3-1: USB disconnect, device number 21 [ 489.060166][ T7437] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 489.088508][ T7437] ftdi_sio 3-1:0.0: device disconnected [ 489.510450][T11344] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 489.664508][T11350] loop4: detected capacity change from 0 to 2048 [ 489.698056][T11350] UDF-fs: error (device loop4): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 489.709506][T11350] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 489.736214][T11350] UDF-fs: Scanning with blocksize 512 failed [ 489.768880][T11350] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 489.799268][T11344] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns [ 489.813531][ T7437] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 489.836544][T11344] kvm: pic: non byte write [ 489.953365][ T7445] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 490.023435][ T7437] usb 4-1: Using ep0 maxpacket: 32 [ 490.030760][ T7437] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 490.058793][ T7437] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 490.088115][ T7437] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 490.109046][ T7437] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 490.117492][ T4489] Bluetooth: Unknown BR/EDR signaling command 0x0f [ 490.124385][ T4489] Bluetooth: Wrong link type (-22) [ 490.129777][ T4489] Bluetooth: Unknown BR/EDR signaling command 0x11 [ 490.136437][ T4489] Bluetooth: Wrong link type (-22) [ 490.142327][ T4489] Bluetooth: hci4: link tx timeout [ 490.150188][ T4489] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 490.154058][ T7437] usb 4-1: config 0 descriptor?? [ 490.183983][ T7437] hub 4-1:0.0: USB hub found [ 490.196648][ T7445] usb 3-1: too many configurations: 233, using maximum allowed: 8 [ 490.208044][ T7445] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x76 has an invalid bInterval 0, changing to 7 [ 490.226554][ T7445] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x76 has invalid wMaxPacketSize 0 [ 490.240415][ T7445] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x76 has an invalid bInterval 0, changing to 7 [ 490.252808][ T7445] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x76 has invalid wMaxPacketSize 0 [ 490.266519][ T7445] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x76 has an invalid bInterval 0, changing to 7 [ 490.277999][ T7445] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x76 has invalid wMaxPacketSize 0 [ 490.289926][ T7445] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x76 has an invalid bInterval 0, changing to 7 [ 490.301076][ T7445] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x76 has invalid wMaxPacketSize 0 [ 490.315644][ T5201] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 490.324849][T11338] loop1: detected capacity change from 0 to 32768 [ 490.328199][ T7445] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x76 has an invalid bInterval 0, changing to 7 [ 490.344343][ T7445] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x76 has invalid wMaxPacketSize 0 [ 490.354925][T11338] jfs: Unrecognized mount option "secf " or missing value [ 490.356111][ T7445] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x76 has an invalid bInterval 0, changing to 7 [ 490.390254][ T7437] hub 4-1:0.0: 1 port detected [ 490.395279][ T7445] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x76 has invalid wMaxPacketSize 0 [ 490.407949][ T7445] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x76 has an invalid bInterval 0, changing to 7 [ 490.421631][ T7445] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x76 has invalid wMaxPacketSize 0 [ 490.434173][ T7445] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x76 has an invalid bInterval 0, changing to 7 [ 490.444986][T11356] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. [ 490.445820][ T7445] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x76 has invalid wMaxPacketSize 0 [ 490.465507][ T7445] usb 3-1: New USB device found, idVendor=806a, idProduct=00d2, bcdDevice= 0.00 [ 490.475026][ T7445] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 490.495160][ T7445] usb 3-1: config 0 descriptor?? [ 490.505315][ T7445] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 490.523511][ T5201] usb 1-1: Using ep0 maxpacket: 8 [ 490.530687][ T5201] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 4352, setting to 64 [ 490.544981][ T5201] usb 1-1: New USB device found, idVendor=1b3d, idProduct=0146, bcdDevice= 1.b8 [ 490.554503][ T5201] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 490.574921][ T5201] usb 1-1: config 0 descriptor?? [ 490.592156][ T5201] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected [ 490.604057][ T5201] usb 1-1: Detected SIO [ 490.610534][ T5201] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 490.698529][T11364] loop1: detected capacity change from 0 to 64 [ 490.706924][T11365] loop2: detected capacity change from 0 to 16 [ 490.732581][T11365] erofs: (device loop2): mounted with root inode @ nid 36. [ 490.762430][T11365] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36 [ 490.786865][T11365] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -12 in[45, 4051] out[1851] [ 490.792604][T11354] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 490.804832][T11365] erofs: (device loop2): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 490.818464][T11354] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 490.857646][ T7437] usb 3-1: USB disconnect, device number 22 [ 490.924977][ T25] usb 1-1: USB disconnect, device number 11 [ 490.959621][ T25] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 490.984397][ T25] ftdi_sio 1-1:0.0: device disconnected [ 491.052578][ T7443] hub 4-1:0.0: activate --> -90 [ 491.149202][T11379] loop4: detected capacity change from 0 to 1024 [ 491.157743][T11379] hfsplus: unable to parse mount options [ 491.220341][T11383] loop2: detected capacity change from 0 to 1024 [ 491.256019][T11383] hfsplus: failed to load root directory [ 491.726243][T11399] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 491.833385][ T7445] usb 3-1: new high-speed USB device number 23 using dummy_hcd [ 491.865297][ T7443] usb 4-1-port1: config error [ 491.949377][ T29] audit: type=1326 audit(1717338550.727:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11377 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff77687cee9 code=0x7fc00000 [ 491.993396][ T29] audit: type=1326 audit(1717338550.757:641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11377 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff77687cee9 code=0x7fc00000 [ 492.017014][T11403] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns [ 492.053748][ T7445] usb 3-1: Using ep0 maxpacket: 8 [ 492.068264][ T7445] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 4352, setting to 64 [ 492.070644][ C1] hrtimer: interrupt took 1523670 ns [ 492.083092][ T29] audit: type=1326 audit(1717338550.757:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11377 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff77687cee9 code=0x7fc00000 [ 492.087252][T11347] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 492.124409][ T7445] usb 3-1: New USB device found, idVendor=1b3d, idProduct=0146, bcdDevice= 1.b8 [ 492.152952][ T7445] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 492.154101][T11347] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 492.169719][ T29] audit: type=1326 audit(1717338550.757:643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11377 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff77687cee9 code=0x7fc00000 [ 492.199903][ T7445] usb 3-1: config 0 descriptor?? [ 492.203126][ T25] usb 4-1: USB disconnect, device number 21 [ 492.223593][ T7443] usb 4-1-port1: attempt power cycle [ 492.225736][ T4489] Bluetooth: hci4: command 0x0406 tx timeout [ 492.245596][ T7445] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected [ 492.254340][ T7445] usb 3-1: Detected SIO [ 492.265978][ T7445] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 492.276670][ T29] audit: type=1326 audit(1717338550.757:644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11377 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff77687cee9 code=0x7fc00000 [ 492.343327][ T29] audit: type=1326 audit(1717338550.757:645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11377 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff77687cee9 code=0x7fc00000 [ 492.378758][ T29] audit: type=1326 audit(1717338550.757:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11377 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff77687cee9 code=0x7fc00000 [ 492.431314][ T29] audit: type=1326 audit(1717338550.757:647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11377 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff77687cee9 code=0x7fc00000 [ 492.451836][T11397] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 492.462112][ T29] audit: type=1326 audit(1717338550.757:648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11377 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff77687cee9 code=0x7fc00000 [ 492.470085][T11397] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 492.486729][ T29] audit: type=1326 audit(1717338550.757:649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11377 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff77687cee9 code=0x7fc00000 [ 492.598995][ T7443] usb 3-1: USB disconnect, device number 23 [ 492.609820][ T7443] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 492.615633][T11402] loop1: detected capacity change from 0 to 32768 [ 492.657056][ T7443] ftdi_sio 3-1:0.0: device disconnected [ 492.660730][T11402] jfs: Unrecognized mount option "secf " or missing value [ 492.919605][ T5122] Bluetooth: Unknown BR/EDR signaling command 0x0f [ 492.943123][ T5122] Bluetooth: Wrong link type (-22) [ 492.949277][ T5122] Bluetooth: Unknown BR/EDR signaling command 0x11 [ 492.956657][ T5122] Bluetooth: Wrong link type (-22) [ 493.178058][T11413] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. [ 493.356488][T11432] loop2: detected capacity change from 0 to 1024 [ 493.410997][T11432] hfsplus: failed to load root directory [ 493.445066][T11435] loop1: detected capacity change from 0 to 2048 [ 493.461857][T11435] UDF-fs: error (device loop1): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 493.492722][T11435] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 493.516569][T11435] UDF-fs: Scanning with blocksize 512 failed [ 493.551101][T11435] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 493.894748][ T7443] usb 4-1: new high-speed USB device number 26 using dummy_hcd [ 493.940377][T11446] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 494.115365][ T7443] usb 4-1: Using ep0 maxpacket: 8 [ 494.132380][ T7443] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 4352, setting to 64 [ 494.173158][ T7443] usb 4-1: New USB device found, idVendor=1b3d, idProduct=0146, bcdDevice= 1.b8 [ 494.183853][T11452] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns [ 494.191950][ T7443] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 494.251497][ T7443] usb 4-1: config 0 descriptor?? [ 494.274865][ T7443] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected [ 494.295224][ T7443] usb 4-1: Detected SIO [ 494.300824][T11446] kvm: pic: non byte write [ 494.308891][ T7443] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 494.482814][T11437] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 494.505259][T11437] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 494.663705][ T7443] usb 4-1: USB disconnect, device number 26 [ 494.695050][ T7443] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 494.730601][ T7443] ftdi_sio 4-1:0.0: device disconnected [ 495.122761][T11470] loop1: detected capacity change from 0 to 512 [ 495.135063][T11470] ext4: Unknown parameter 'uid>00000000000000000000' [ 495.163846][ T5171] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 495.289006][T11470] loop1: detected capacity change from 0 to 2048 [ 495.335793][T11470] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found! [ 495.362970][T11470] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 495.383543][ T5171] usb 5-1: Using ep0 maxpacket: 8 [ 495.404479][ T5171] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 4352, setting to 64 [ 495.437085][ T5171] usb 5-1: New USB device found, idVendor=1b3d, idProduct=0146, bcdDevice= 1.b8 [ 495.453037][ T5171] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 495.470527][ T5171] usb 5-1: config 0 descriptor?? [ 495.476886][ T5122] Bluetooth: Unknown BR/EDR signaling command 0x0f [ 495.484614][ T5122] Bluetooth: Wrong link type (-22) [ 495.490873][ T5122] Bluetooth: Unknown BR/EDR signaling command 0x11 [ 495.491784][ T5171] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected [ 495.498010][ T5122] Bluetooth: Wrong link type (-22) [ 495.511512][ T5122] Bluetooth: hci2: link tx timeout [ 495.513018][ T5171] usb 5-1: Detected SIO [ 495.517589][ T5122] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa [ 495.547670][T11479] loop3: detected capacity change from 0 to 1024 [ 495.566500][ T5171] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 495.623442][T11479] hfsplus: failed to load root directory [ 495.697938][T11466] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 495.739700][T11466] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 495.767361][T11478] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 495.898130][ T7443] usb 5-1: USB disconnect, device number 22 [ 495.911559][ T7443] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 495.925447][ T7443] ftdi_sio 5-1:0.0: device disconnected [ 497.503600][T11521] loop3: detected capacity change from 0 to 32768 [ 497.511971][T11521] jfs: Unrecognized mount option "secf " or missing value [ 497.583629][ T4489] Bluetooth: hci2: command 0x0406 tx timeout [ 498.095920][T11528] loop3: detected capacity change from 0 to 1024 [ 498.140249][T11528] hfsplus: failed to load root directory [ 498.784550][T11533] loop3: detected capacity change from 0 to 32768 [ 498.809147][T11533] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (11533) [ 498.852865][T11533] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 498.866551][T11533] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 498.875532][T11533] BTRFS info (device loop3): using free-space-tree [ 499.280884][ T29] kauditd_printk_skb: 58 callbacks suppressed [ 499.280904][ T29] audit: type=1804 audit(1717338558.057:708): pid=11533 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir1613967106/syzkaller.PPF4Cn/30/file1/bus" dev="loop3" ino=263 res=1 errno=0 [ 500.200057][ T5122] Bluetooth: Unknown BR/EDR signaling command 0x0f [ 500.208375][ T5122] Bluetooth: Wrong link type (-22) [ 500.218707][ T5122] Bluetooth: Unknown BR/EDR signaling command 0x11 [ 500.226590][ T5122] Bluetooth: Wrong link type (-22) [ 500.436417][T10946] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 500.455690][T11563] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. [ 500.463865][ T7443] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 500.673407][ T7443] usb 1-1: Using ep0 maxpacket: 8 [ 500.685861][ T7443] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 4352, setting to 64 [ 500.713871][ T7443] usb 1-1: New USB device found, idVendor=1b3d, idProduct=0146, bcdDevice= 1.b8 [ 500.742325][ T7443] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 500.777490][ T7443] usb 1-1: config 0 descriptor?? [ 500.796802][ T7443] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected [ 500.858004][ T7443] usb 1-1: Detected SIO [ 500.877587][ T7443] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 501.006315][T11553] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 501.044224][T11553] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 501.166518][ T7443] usb 1-1: USB disconnect, device number 12 [ 501.191799][ T7443] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 501.210903][T11560] loop2: detected capacity change from 0 to 32768 [ 501.232152][ T7443] ftdi_sio 1-1:0.0: device disconnected [ 501.249198][T11560] ERROR: (device loop2): diAllocAG: numfree > numinos [ 501.249198][T11560] [ 501.296546][T11560] ERROR: (device loop2): remounting filesystem as read-only [ 501.306334][T11560] ialloc: diAlloc returned -5! [ 501.423658][ T7447] usb 4-1: new high-speed USB device number 27 using dummy_hcd [ 501.474473][T11578] loop4: detected capacity change from 0 to 1024 [ 501.499700][T11578] hfsplus: failed to load root directory [ 501.585091][T11567] loop1: detected capacity change from 0 to 32768 [ 501.603729][T11567] jfs: Unrecognized mount option "secf " or missing value [ 501.633610][ T7447] usb 4-1: Using ep0 maxpacket: 8 [ 501.640824][ T7447] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 4352, setting to 64 [ 501.673442][ T7447] usb 4-1: New USB device found, idVendor=1b3d, idProduct=0146, bcdDevice= 1.b8 [ 501.682556][ T7447] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 501.731415][ T7447] usb 4-1: config 0 descriptor?? [ 501.755114][ T7447] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected [ 501.784161][ T7447] usb 4-1: Detected SIO [ 501.804385][ T7447] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 501.886803][ T1250] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.894015][ T1250] ieee802154 phy1 wpan1: encryption failed: -22 [ 502.012202][T11570] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 502.046059][T11570] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 502.091998][T11589] loop2: detected capacity change from 0 to 1024 [ 502.181351][ T7443] usb 4-1: USB disconnect, device number 27 [ 502.222559][ T7443] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 502.252081][ T7443] ftdi_sio 4-1:0.0: device disconnected [ 502.297030][ T11] hfsplus: b-tree write err: -5, ino 4 [ 502.788474][ T5122] Bluetooth: Unknown BR/EDR signaling command 0x0f [ 502.795379][ T5122] Bluetooth: Wrong link type (-22) [ 502.800728][ T5122] Bluetooth: Unknown BR/EDR signaling command 0x11 [ 502.808561][ T5122] Bluetooth: Wrong link type (-22) [ 502.974987][T11586] loop4: detected capacity change from 0 to 32768 [ 503.020057][T11601] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 503.060735][T11586] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 503.190813][T11586] XFS (loop4): Ending clean mount [ 503.280795][T11617] loop3: detected capacity change from 0 to 4096 [ 503.302902][T11586] XFS (loop4): Metadata CRC error detected at xfs_allocbt_read_verify+0x41/0xd0, xfs_bnobt block 0x8 [ 503.322820][T11586] XFS (loop4): Unmount and run xfs_repair [ 503.331254][T11586] XFS (loop4): First 128 bytes of corrupted metadata buffer: [ 503.340498][T11586] 00000000: 41 42 33 42 00 00 00 02 ff ff ff ff ff ff ff ff AB3B............ [ 503.349913][T11586] 00000010: 00 00 00 00 00 00 00 08 00 00 00 01 00 00 00 10 ................ [ 503.359307][T11586] 00000020: a2 f8 2a ab 77 f8 42 86 af d4 a8 f7 00 a7 4b ab ..*.w.B.......K. [ 503.402801][T11586] 00000030: 00 00 00 00 5b fd 4f dd 00 00 00 05 00 00 00 01 ....[.O......... [ 503.453184][T11586] 00000040: 00 00 02 36 00 00 0d ca 00 00 00 00 00 00 00 00 ...6............ [ 503.502584][T11586] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 503.523920][T11586] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 503.568414][T11586] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 503.581734][T11586] XFS (loop4): metadata I/O error in "xfs_btree_read_buf_block+0x36f/0x5b0" at daddr 0x8 len 8 error 74 [ 503.611476][T11617] syz_tun: entered promiscuous mode [ 503.624216][T11595] loop1: detected capacity change from 0 to 32768 [ 503.631413][T11617] batadv_slave_1: entered promiscuous mode [ 503.631686][T11586] XFS (loop4): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x663/0xad0 (fs/xfs/xfs_trans_buf.c:296). Shutting down filesystem. [ 503.675588][T11586] XFS (loop4): Please unmount the filesystem and rectify the problem(s) [ 503.759600][T11595] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 503.823457][T10592] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 503.895939][T11595] XFS (loop1): Ending clean mount [ 504.095854][ T7443] XFS (loop1): Metadata CRC error detected at xfs_allocbt_read_verify+0x41/0xd0, xfs_bnobt block 0x8 [ 504.144667][ T7443] XFS (loop1): Unmount and run xfs_repair [ 504.150475][ T7443] XFS (loop1): First 128 bytes of corrupted metadata buffer: [ 504.163387][ T7447] usb 4-1: new high-speed USB device number 28 using dummy_hcd [ 504.189517][ T7443] 00000000: 41 42 33 42 00 00 00 02 ff ff ff ff ff ff ff ff AB3B............ [ 504.220440][ T7443] 00000010: 00 00 00 00 00 00 00 08 00 00 00 01 00 00 00 10 ................ [ 504.250043][ T7443] 00000020: a2 f8 2a ab 77 f8 42 86 af d4 a8 f7 00 a7 4b ab ..*.w.B.......K. [ 504.271156][ T7443] 00000030: 00 00 00 00 5b fd 4f dd 00 00 00 05 00 00 00 01 ....[.O......... [ 504.292661][ T7443] 00000040: 00 00 02 36 00 00 0d ca 00 00 00 00 00 00 00 00 ...6............ [ 504.314566][ T7443] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 504.341119][ T7443] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 504.353551][ T7447] usb 4-1: Using ep0 maxpacket: 8 [ 504.363068][ T7443] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 504.369794][ T7447] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 4352, setting to 64 [ 504.387899][T11595] XFS (loop1): metadata I/O error in "xfs_btree_read_buf_block+0x36f/0x5b0" at daddr 0x8 len 8 error 74 [ 504.419101][ T7447] usb 4-1: New USB device found, idVendor=1b3d, idProduct=0146, bcdDevice= 1.b8 [ 504.446781][ T7447] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 504.454883][T11595] XFS (loop1): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x663/0xad0 (fs/xfs/xfs_trans_buf.c:296). Shutting down filesystem. [ 504.454947][T11595] XFS (loop1): Please unmount the filesystem and rectify the problem(s) [ 504.531257][ T7447] usb 4-1: config 0 descriptor?? [ 504.558485][ T7447] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected [ 504.571289][T10746] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 504.571996][ T7447] usb 4-1: Detected SIO [ 504.625209][ T7447] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 504.732089][ T7443] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 504.762525][T11644] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 504.774014][T11644] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 504.892414][ T5172] usb 4-1: USB disconnect, device number 28 [ 504.919064][ T5172] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 504.933933][ T7443] usb 5-1: Using ep0 maxpacket: 8 [ 504.948364][ T7443] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 4352, setting to 64 [ 504.969694][ T5172] ftdi_sio 4-1:0.0: device disconnected [ 504.983525][ T7443] usb 5-1: New USB device found, idVendor=1b3d, idProduct=0146, bcdDevice= 1.b8 [ 505.013890][ T7443] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 505.036307][ T7443] usb 5-1: config 0 descriptor?? [ 505.063146][ T7443] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected [ 505.077005][ T7443] usb 5-1: Detected SIO [ 505.088391][ T7443] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 505.159595][T11657] loop1: detected capacity change from 0 to 512 [ 505.176543][T11657] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2234: inode #15: comm syz-executor.1: corrupted in-inode xattr: invalid ea_ino [ 505.193481][T11657] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz-executor.1: couldn't read orphan inode 15 (err -117) [ 505.216750][T11657] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 505.294864][T11653] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 505.314818][T11653] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 505.359896][T10746] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 505.451267][ T7447] usb 5-1: USB disconnect, device number 23 [ 505.481004][ T7447] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 505.507148][ T7447] ftdi_sio 5-1:0.0: device disconnected [ 505.581190][T11651] loop2: detected capacity change from 0 to 32768 [ 505.640781][T11651] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 505.749056][T11651] XFS (loop2): Ending clean mount [ 505.827465][ T7443] XFS (loop2): Metadata CRC error detected at xfs_allocbt_read_verify+0x41/0xd0, xfs_bnobt block 0x8 [ 505.865731][ T7443] XFS (loop2): Unmount and run xfs_repair [ 505.871534][ T7443] XFS (loop2): First 128 bytes of corrupted metadata buffer: [ 505.909520][ T7443] 00000000: 41 42 33 42 00 00 00 02 ff ff ff ff ff ff ff ff AB3B............ [ 505.929306][ T5173] usb 2-1: new high-speed USB device number 24 using dummy_hcd [ 505.943400][ T7443] 00000010: 00 00 00 00 00 00 00 08 00 00 00 01 00 00 00 10 ................ [ 505.952310][ T7443] 00000020: a2 f8 2a ab 77 f8 42 86 af d4 a8 f7 00 a7 4b ab ..*.w.B.......K. [ 505.969512][ T5122] Bluetooth: Unknown BR/EDR signaling command 0x0f [ 505.976304][ T5122] Bluetooth: Wrong link type (-22) [ 505.981678][ T5122] Bluetooth: Unknown BR/EDR signaling command 0x11 [ 505.988386][ T5122] Bluetooth: Wrong link type (-22) [ 505.988793][ T7443] 00000030: 00 00 00 00 5b fd 4f dd 00 00 00 05 00 00 00 01 ....[.O......... [ 506.017239][ T7443] 00000040: 00 00 02 36 00 00 0d ca 00 00 00 00 00 00 00 00 ...6............ [ 506.057298][ T7443] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 506.093550][ T7443] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 506.113285][ T7443] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 506.113312][ T5173] usb 2-1: Using ep0 maxpacket: 8 [ 506.131983][ T5173] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 4352, setting to 64 [ 506.143423][ T5173] usb 2-1: New USB device found, idVendor=1b3d, idProduct=0146, bcdDevice= 1.b8 [ 506.152841][ T5173] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 506.161345][T11651] XFS (loop2): metadata I/O error in "xfs_btree_read_buf_block+0x36f/0x5b0" at daddr 0x8 len 8 error 74 [ 506.167356][T11696] loop4: detected capacity change from 0 to 512 [ 506.184707][ T5173] usb 2-1: config 0 descriptor?? [ 506.192767][ T5173] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected [ 506.206429][T11651] XFS (loop2): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x663/0xad0 (fs/xfs/xfs_trans_buf.c:296). Shutting down filesystem. [ 506.226999][ T5173] usb 2-1: Detected SIO [ 506.234499][ T5173] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 506.249757][T11651] XFS (loop2): Please unmount the filesystem and rectify the problem(s) [ 506.284586][T11696] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 506.297689][T11696] ext4 filesystem being mounted at /root/syzkaller-testdir1201648851/syzkaller.jL9qLJ/38/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 506.332651][T11688] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 506.399716][T10092] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 506.474264][T11672] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 506.482936][T11672] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 506.649912][ T5173] usb 2-1: USB disconnect, device number 24 [ 506.663708][ T5173] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 506.694973][ T5173] ftdi_sio 2-1:0.0: device disconnected [ 507.081085][T11682] loop3: detected capacity change from 0 to 32768 [ 507.159812][T11682] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 507.251731][T11682] XFS (loop3): Ending clean mount [ 507.271730][T11682] XFS (loop3): Quotacheck needed: Please wait. [ 507.358742][T11682] XFS (loop3): Quotacheck: Done. [ 507.639678][T11726] loop1: detected capacity change from 0 to 4096 [ 507.677291][T11726] nilfs2: Unknown parameter 'xœìÝOlÕ' [ 507.793630][ T5172] usb 3-1: new high-speed USB device number 24 using dummy_hcd [ 507.960058][T10592] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 508.019242][ T5172] usb 3-1: Using ep0 maxpacket: 8 [ 508.039826][ T5172] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 4352, setting to 64 [ 508.073540][ T5172] usb 3-1: New USB device found, idVendor=1b3d, idProduct=0146, bcdDevice= 1.b8 [ 508.109328][ T5172] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 508.144302][ T5172] usb 3-1: config 0 descriptor?? [ 508.162411][ T5172] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected [ 508.177500][T11731] loop1: detected capacity change from 0 to 1024 [ 508.199888][ T5172] usb 3-1: Detected SIO [ 508.212491][ T5172] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 508.231706][T11731] hfsplus: failed to load root directory [ 508.363351][T11723] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 508.372542][T11723] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 508.528499][ T5172] usb 3-1: USB disconnect, device number 24 [ 508.556026][ T5172] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 508.583040][ T5172] ftdi_sio 3-1:0.0: device disconnected [ 508.678939][ T5122] Bluetooth: Unknown BR/EDR signaling command 0x0f [ 508.686675][ T5122] Bluetooth: Wrong link type (-22) [ 508.692852][ T5122] Bluetooth: Unknown BR/EDR signaling command 0x11 [ 508.699610][ T5122] Bluetooth: Wrong link type (-22) [ 508.812999][T11755] loop1: detected capacity change from 0 to 64 [ 508.824574][T11755] minix: Unknown parameter '¬ª' [ 508.852346][T11746] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. [ 508.904057][ T5171] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 508.944093][T10946] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 509.123624][ T5171] usb 1-1: Using ep0 maxpacket: 8 [ 509.135715][ T5171] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 4352, setting to 64 [ 509.163137][ T5171] usb 1-1: New USB device found, idVendor=1b3d, idProduct=0146, bcdDevice= 1.b8 [ 509.194014][ T5171] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 509.245289][ T5171] usb 1-1: config 0 descriptor?? [ 509.259781][ T5171] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected [ 509.290989][ T5171] usb 1-1: Detected SIO [ 509.311799][ T5171] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 509.422923][T11764] loop4: detected capacity change from 0 to 1024 [ 509.450364][T11764] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 509.482049][T11764] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 509.501510][T11742] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 509.512573][T11742] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 509.521256][T11764] EXT4-fs (loop4): orphan cleanup on readonly fs [ 509.558207][T11764] EXT4-fs error (device loop4): ext4_map_blocks:689: inode #3: block 3: comm syz-executor.4: lblock 3 mapped to illegal pblock 3 (length 1) [ 509.578598][T11764] Quota error (device loop4): write_blk: dquota write failed [ 509.586558][T11764] Quota error (device loop4): find_free_dqentry: Can't write quota data block 3 [ 509.596056][T11764] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 509.606189][T11764] EXT4-fs error (device loop4): ext4_acquire_dquot:6860: comm syz-executor.4: Failed to acquire dquot type 0 [ 509.636802][T11764] EXT4-fs error (device loop4): ext4_map_blocks:580: inode #3: block 3: comm syz-executor.4: lblock 3 mapped to illegal pblock 3 (length 1) [ 509.665364][ T5173] usb 1-1: USB disconnect, device number 13 [ 509.685182][T11764] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 509.696756][ T5173] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 509.711118][T11764] EXT4-fs error (device loop4): ext4_acquire_dquot:6860: comm syz-executor.4: Failed to acquire dquot type 0 [ 509.732420][ T5173] ftdi_sio 1-1:0.0: device disconnected [ 509.751099][T11764] EXT4-fs error (device loop4): ext4_free_blocks:6590: comm syz-executor.4: Freeing blocks not in datazone - block = 0, count = 4096 [ 509.832201][T11764] EXT4-fs error (device loop4): ext4_map_blocks:580: inode #3: block 3: comm syz-executor.4: lblock 3 mapped to illegal pblock 3 (length 1) [ 509.911973][T11764] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 509.950941][T11776] loop3: detected capacity change from 0 to 512 [ 509.951333][T11764] EXT4-fs error (device loop4): ext4_acquire_dquot:6860: comm syz-executor.4: Failed to acquire dquot type 0 [ 509.997946][T11776] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2234: inode #15: comm syz-executor.3: corrupted in-inode xattr: invalid ea_ino [ 510.040266][T11755] loop1: detected capacity change from 0 to 40427 [ 510.045597][T11764] EXT4-fs (loop4): 1 orphan inode deleted [ 510.057021][T11776] EXT4-fs error (device loop3): ext4_orphan_get:1399: comm syz-executor.3: couldn't read orphan inode 15 (err -117) [ 510.065556][T11764] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 510.073345][T11755] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 510.089784][T11755] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 510.103526][T11776] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 510.147467][T11755] F2FS-fs (loop1): Found nat_bits in checkpoint [ 510.298419][T11755] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 510.313312][T11755] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 510.374910][T10946] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 510.500839][T10592] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 510.761809][T11769] loop2: detected capacity change from 0 to 32768 [ 510.782720][T10746] syz-executor.1: attempt to access beyond end of device [ 510.782720][T10746] loop1: rw=2051, sector=77824, nr_sectors = 408 limit=40427 [ 510.788752][T11769] jfs: Unrecognized mount option "secf " or missing value [ 510.823816][T10746] F2FS-fs (loop1): Issue discard(9728, 9728, 51) failed, ret: -5 [ 510.870258][T11795] loop4: detected capacity change from 0 to 4096 [ 510.889208][T11795] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 511.054845][ T29] audit: type=1800 audit(1717338569.837:709): pid=11795 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=33 res=0 errno=0 [ 511.092326][ T5201] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 511.109100][ T29] audit: type=1804 audit(1717338569.867:710): pid=11795 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1201648851/syzkaller.jL9qLJ/44/file0/bus" dev="loop4" ino=33 res=1 errno=0 [ 511.173080][ T29] audit: type=1804 audit(1717338569.907:711): pid=11795 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir1201648851/syzkaller.jL9qLJ/44/file0/bus" dev="loop4" ino=33 res=1 errno=0 [ 511.294789][ T5201] usb 1-1: Using ep0 maxpacket: 8 [ 511.315936][ T5201] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 4352, setting to 64 [ 511.360566][ T5201] usb 1-1: New USB device found, idVendor=1b3d, idProduct=0146, bcdDevice= 1.b8 [ 511.388118][ T5201] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 511.410956][ T5201] usb 1-1: config 0 descriptor?? [ 511.430732][ T5201] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected [ 511.450817][ T5201] usb 1-1: Detected SIO [ 511.459345][T11808] loop3: detected capacity change from 0 to 2048 [ 511.468551][ T5201] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 511.488556][T11808] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 511.601407][ T29] audit: type=1800 audit(1717338570.377:712): pid=11814 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1964 res=0 errno=0 [ 511.623702][ T7443] usb 3-1: new high-speed USB device number 25 using dummy_hcd [ 511.668507][T11798] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 511.688425][T11798] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 511.707081][ T5122] Bluetooth: Unknown BR/EDR signaling command 0x0f [ 511.714421][ T5122] Bluetooth: Wrong link type (-22) [ 511.719703][ T5122] Bluetooth: Unknown BR/EDR signaling command 0x11 [ 511.726376][ T5122] Bluetooth: Wrong link type (-22) [ 511.736420][ T5122] Bluetooth: hci1: link tx timeout [ 511.743043][ T5122] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa [ 511.814059][ T5172] usb 1-1: USB disconnect, device number 14 [ 511.835847][ T7443] usb 3-1: Using ep0 maxpacket: 8 [ 511.878585][ T7443] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 4352, setting to 64 [ 511.901272][ T5172] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 511.912387][ T7443] usb 3-1: New USB device found, idVendor=1b3d, idProduct=0146, bcdDevice= 1.b8 [ 511.926601][ T5172] ftdi_sio 1-1:0.0: device disconnected [ 511.932885][ T7443] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 511.951919][ T7443] usb 3-1: config 0 descriptor?? [ 511.960581][ T7443] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected [ 511.986598][ T7443] usb 3-1: Detected SIO [ 511.995420][ T7443] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 512.032288][T11816] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 512.234837][T11807] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 512.264031][T11807] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 512.330576][T11826] loop3: detected capacity change from 0 to 64 [ 512.353696][T11826] minix: Unknown parameter '¬ª' [ 512.411191][ T5201] usb 3-1: USB disconnect, device number 25 [ 512.455479][ T5201] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 512.513860][ T5201] ftdi_sio 3-1:0.0: device disconnected [ 512.864494][T11839] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 513.033734][T11839] 8021q: adding VLAN 0 to HW filter on device bond1 [ 513.189862][T11841] 8021q: adding VLAN 0 to HW filter on device bond1 [ 513.224078][T11841] bond1: (slave ip6tnl1): The slave device specified does not support setting the MAC address [ 513.244529][T11847] loop4: detected capacity change from 0 to 1024 [ 513.253975][T11841] bond1: (slave ip6tnl1): Error -95 calling set_mac_address [ 513.406789][ T12] hfsplus: b-tree write err: -5, ino 4 [ 513.599365][T11855] afs: Unknown parameter 'fhock' [ 513.686791][T11856] loop1: detected capacity change from 0 to 1024 [ 513.774103][T11856] hfsplus: failed to load root directory [ 513.803596][ T4489] Bluetooth: hci1: command 0x0406 tx timeout [ 513.930497][T11863] loop4: detected capacity change from 0 to 512 [ 513.956371][T11863] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 513.982612][ T5122] Bluetooth: Unknown BR/EDR signaling command 0x0f [ 513.990272][ T5122] Bluetooth: Wrong link type (-22) [ 513.995733][ T5122] Bluetooth: Unknown BR/EDR signaling command 0x11 [ 514.002365][ T5122] Bluetooth: Wrong link type (-22) [ 514.055850][T11863] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 514.069659][T11826] loop3: detected capacity change from 0 to 40427 [ 514.096458][T11826] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 514.113897][T11826] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 514.132178][T11863] ext4 filesystem being mounted at /root/syzkaller-testdir1201648851/syzkaller.jL9qLJ/53/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 514.186916][T11826] F2FS-fs (loop3): Found nat_bits in checkpoint [ 514.197819][T11863] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 514.212796][T11872] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 514.267539][T11863] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback. [ 514.349592][T10592] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 514.411683][T11826] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 514.441278][T11826] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 514.828807][T11890] loop2: detected capacity change from 0 to 512 [ 514.882986][T11890] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities [ 515.012675][T10946] syz-executor.3: attempt to access beyond end of device [ 515.012675][T10946] loop3: rw=2051, sector=77824, nr_sectors = 408 limit=40427 [ 515.074056][T10946] F2FS-fs (loop3): Issue discard(9728, 9728, 51) failed, ret: -5 [ 515.082492][T11894] afs: Unknown parameter 'fhock' [ 515.320501][T11879] loop1: detected capacity change from 0 to 32768 [ 515.421500][T11879] XFS (loop1): Mounting V5 Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 515.443578][ T5173] usb 3-1: new high-speed USB device number 26 using dummy_hcd [ 515.673352][ T5173] usb 3-1: Using ep0 maxpacket: 16 [ 515.710521][ T5173] usb 3-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=94.f9 [ 515.735063][T11879] XFS (loop1): Starting recovery (logdev: internal) [ 515.753854][ T5173] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 515.776398][ T5173] usb 3-1: Product: syz [ 515.786071][ T5173] usb 3-1: Manufacturer: syz [ 515.790742][ T5173] usb 3-1: SerialNumber: syz [ 515.810728][T11879] XFS (loop1): Ending recovery (logdev: internal) [ 515.825746][ T5173] usb 3-1: config 0 descriptor?? [ 515.836772][ T5173] snd-usb-audio 3-1:0.0: probe with driver snd-usb-audio failed with error -22 [ 516.395051][T10746] XFS (loop1): Unmounting Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 516.636735][ T5201] usb 3-1: USB disconnect, device number 26 [ 516.766109][ T5122] Bluetooth: Unknown BR/EDR signaling command 0x0f [ 516.772746][ T5122] Bluetooth: Wrong link type (-22) [ 516.778223][ T5122] Bluetooth: Unknown BR/EDR signaling command 0x11 [ 516.785445][ T5122] Bluetooth: Wrong link type (-22) [ 516.939105][T11929] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. [ 517.083751][ T29] audit: type=1800 audit(1717338575.867:713): pid=11922 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1962 res=0 errno=0 [ 517.184026][T11949] afs: Unknown parameter 'fhock' [ 517.364760][ T7443] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 517.407091][T11964] loop3: detected capacity change from 0 to 1024 [ 517.427440][T11964] hfsplus: failed to load root directory [ 517.577219][ T7443] usb 1-1: Using ep0 maxpacket: 32 [ 517.637740][ T7443] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 517.648949][ T7443] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 517.692728][ T7443] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 517.714934][ T7443] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 517.760694][ T7443] usb 1-1: config 0 descriptor?? [ 517.776224][ T7443] hub 1-1:0.0: bad descriptor, ignoring hub [ 517.800741][ T7443] hub 1-1:0.0: probe with driver hub failed with error -5 [ 517.827165][ T7443] usbhid 1-1:0.0: couldn't find an input interrupt endpoint [ 517.955421][T11975] loop1: detected capacity change from 0 to 64 [ 517.989521][T11975] minix: Unknown parameter '¬ª' [ 518.118526][T11922] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns [ 518.143813][T11922] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 518.513044][T11990] afs: Unknown parameter 'fhock' [ 518.683486][ T5173] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 518.885724][ T5173] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 518.904091][ T5173] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 518.935214][ T5173] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 518.954833][ T5173] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 518.972915][ T5173] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 519.005670][ T5173] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 519.045454][ T5173] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 519.078252][ T5173] usb 5-1: Product: syz [ 519.089850][ T5173] usb 5-1: Manufacturer: syz [ 519.126422][ T5173] cdc_wdm 5-1:1.0: skipping garbage [ 519.146449][ T5173] cdc_wdm 5-1:1.0: skipping garbage [ 519.171462][ T5173] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 519.192652][ T5173] cdc_wdm 5-1:1.0: Unknown control protocol [ 519.456963][ T5172] usb 5-1: USB disconnect, device number 24 [ 519.637242][T12002] loop3: detected capacity change from 0 to 1024 [ 519.677358][T12002] hfsplus: failed to load root directory [ 519.905459][T11975] loop1: detected capacity change from 0 to 40427 [ 519.914705][T11975] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 519.933546][T11975] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 519.974402][ T5122] Bluetooth: Unknown BR/EDR signaling command 0x0f [ 519.981231][ T5122] Bluetooth: Wrong link type (-22) [ 519.986713][ T5122] Bluetooth: Unknown BR/EDR signaling command 0x11 [ 519.997442][ T5122] Bluetooth: Wrong link type (-22) [ 520.045919][T11975] F2FS-fs (loop1): Found nat_bits in checkpoint [ 520.080913][ T5172] usb 1-1: USB disconnect, device number 16 [ 520.227604][T12005] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 520.298817][T11975] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 520.307547][T12021] loop4: detected capacity change from 0 to 4096 [ 520.314984][T11975] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 520.360142][T12021] ntfs3: loop4: Failed to load $Extend (-22). [ 520.384218][T12021] ntfs3: loop4: Failed to initialize $Extend. [ 520.792852][T10746] syz-executor.1: attempt to access beyond end of device [ 520.792852][T10746] loop1: rw=2051, sector=77824, nr_sectors = 408 limit=40427 [ 520.824769][T10746] F2FS-fs (loop1): Issue discard(9728, 9728, 51) failed, ret: -5 [ 521.061067][T12039] loop4: detected capacity change from 0 to 512 [ 521.153657][T12039] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000079f) [ 521.162549][T12039] FAT-fs (loop4): Filesystem has been set read-only [ 521.249887][T12045] loop2: detected capacity change from 0 to 1024 [ 521.280692][T12045] hfsplus: failed to load root directory [ 521.679802][T12051] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'. [ 521.790684][T12035] loop3: detected capacity change from 0 to 32768 [ 521.815123][T12035] jfs: Unrecognized mount option "secf " or missing value [ 521.861548][T12054] loop1: detected capacity change from 0 to 1024 [ 521.884269][T12054] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 521.896167][T12054] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (3411!=20869) [ 521.940646][T12054] jbd2_journal_init_inode: Cannot locate journal superblock [ 521.964772][T12054] EXT4-fs (loop1): Could not load journal inode [ 522.091048][T12058] loop4: detected capacity change from 0 to 512 [ 522.109731][T12030] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 522.193106][T12058] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 522.218495][T12058] ext4 filesystem being mounted at /root/syzkaller-testdir1201648851/syzkaller.jL9qLJ/68/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 522.466633][T10592] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 522.479962][T12068] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 522.504951][T12071] loop3: detected capacity change from 0 to 64 [ 522.512553][T12071] minix: Unknown parameter '¬ª' [ 522.640476][ T5122] Bluetooth: Unknown BR/EDR signaling command 0x0f [ 522.647493][ T5122] Bluetooth: Wrong link type (-22) [ 522.652889][ T5122] Bluetooth: Unknown BR/EDR signaling command 0x11 [ 522.659700][ T5122] Bluetooth: Wrong link type (-22) [ 522.855773][T12076] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns [ 522.876378][T12052] loop2: detected capacity change from 0 to 40427 [ 522.887093][T12052] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 522.896740][T12052] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 522.916977][T12073] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 522.936469][T12052] F2FS-fs (loop2): invalid crc value [ 522.939949][T12076] kvm: pic: non byte write [ 522.962392][T12052] F2FS-fs (loop2): Found nat_bits in checkpoint [ 523.050782][T12052] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 523.058274][T12052] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 523.159772][ T29] audit: type=1800 audit(1717338581.937:714): pid=12052 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="loop2" ino=10 res=0 errno=0 [ 523.463764][ T7447] usb 3-1: new high-speed USB device number 27 using dummy_hcd [ 523.533911][ T5201] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 523.569663][T12071] loop3: detected capacity change from 0 to 40427 [ 523.581052][T12071] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 523.610319][T12071] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 523.653945][ T7447] usb 3-1: Using ep0 maxpacket: 32 [ 523.677732][ T7447] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 523.688434][T12071] F2FS-fs (loop3): Found nat_bits in checkpoint [ 523.710331][ T7447] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 523.744836][ T5201] usb 1-1: config 4 has an invalid interface number: 109 but max is 2 [ 523.760359][ T5201] usb 1-1: config 4 has an invalid interface descriptor of length 5, skipping [ 523.769520][ T7447] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 523.782017][T12092] loop1: detected capacity change from 0 to 4096 [ 523.799089][ T5201] usb 1-1: config 4 has an invalid descriptor of length 1, skipping remainder of the config [ 523.807732][T12100] loop4: detected capacity change from 0 to 1024 [ 523.811684][ T7447] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 523.835958][T12092] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 523.840611][T12100] hfsplus: failed to load root directory [ 523.853500][ T5201] usb 1-1: config 4 has 1 interface, different from the descriptor's value: 3 [ 523.862426][ T5201] usb 1-1: config 4 has no interface number 0 [ 523.872964][ T7447] usb 3-1: config 0 descriptor?? [ 523.878543][ T5201] usb 1-1: config 4 interface 109 altsetting 3 has 0 endpoint descriptors, different from the interface descriptor's value: 11 [ 523.892563][ T5201] usb 1-1: config 4 interface 109 has no altsetting 0 [ 523.903115][ T7447] hub 3-1:0.0: bad descriptor, ignoring hub [ 523.909596][ T7447] hub 3-1:0.0: probe with driver hub failed with error -5 [ 523.919927][ T7447] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 523.932877][ T5201] usb 1-1: New USB device found, idVendor=19d2, idProduct=0034, bcdDevice=4f.a2 [ 523.944328][ T5201] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 523.954245][T12071] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 523.967260][ T5201] usb 1-1: Product: syz [ 523.973051][T12071] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 523.982370][ T5201] usb 1-1: Manufacturer: Ð’ [ 524.002974][ T5201] usb 1-1: SerialNumber: syz [ 524.234170][T12052] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns [ 524.244544][T12052] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 524.441639][ T29] audit: type=1800 audit(1717338583.217:715): pid=12112 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="sda1" ino=1962 res=0 errno=0 [ 524.507057][ T29] audit: type=1804 audit(1717338583.247:716): pid=12112 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1201648851/syzkaller.jL9qLJ/72/file0" dev="sda1" ino=1962 res=1 errno=0 [ 524.536980][T10946] syz-executor.3: attempt to access beyond end of device [ 524.536980][T10946] loop3: rw=2051, sector=77824, nr_sectors = 408 limit=40427 [ 524.613626][T10946] F2FS-fs (loop3): Issue discard(9728, 9728, 51) failed, ret: -5 [ 524.630089][T12113] syz-executor.2: attempt to access beyond end of device [ 524.630089][T12113] loop2: rw=34817, sector=77824, nr_sectors = 848 limit=40427 [ 524.865998][ T5201] option 1-1:4.109: GSM modem (1-port) converter detected [ 524.929027][ T5201] usb 1-1: USB disconnect, device number 17 [ 524.951337][ T5201] option 1-1:4.109: device disconnected [ 526.023530][ T5201] usb 4-1: new high-speed USB device number 29 using dummy_hcd [ 526.127671][T12109] loop1: detected capacity change from 0 to 40427 [ 526.156673][T12109] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 526.184272][T12109] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 526.233528][ T5201] usb 4-1: Using ep0 maxpacket: 8 [ 526.244848][T12109] F2FS-fs (loop1): invalid crc value [ 526.252557][ T5201] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 4352, setting to 64 [ 526.264216][ T5201] usb 4-1: New USB device found, idVendor=1b3d, idProduct=0146, bcdDevice= 1.b8 [ 526.274764][ T5201] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 526.287491][ T5201] usb 4-1: config 0 descriptor?? [ 526.296971][ T5201] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected [ 526.306677][T12109] F2FS-fs (loop1): Found nat_bits in checkpoint [ 526.308728][ T5201] usb 4-1: Detected SIO [ 526.318805][ T5201] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 526.477160][T12115] loop4: detected capacity change from 0 to 32768 [ 526.491455][T12115] jfs: Unrecognized mount option "secf " or missing value [ 526.516257][T12121] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 526.533123][T12121] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 526.582989][T12109] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 526.596269][T12109] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 526.636252][T12109] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 526.701962][ T5201] usb 4-1: USB disconnect, device number 29 [ 526.735311][ T5201] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 526.753772][ T5172] usb 3-1: USB disconnect, device number 27 [ 526.760630][ T5201] ftdi_sio 4-1:0.0: device disconnected [ 526.806919][T12128] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 526.894968][T12109] syz-executor.1: attempt to access beyond end of device [ 526.894968][T12109] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 527.202538][ T5122] Bluetooth: Unknown BR/EDR signaling command 0x0f [ 527.209467][ T5122] Bluetooth: Wrong link type (-22) [ 527.214818][ T5122] Bluetooth: Unknown BR/EDR signaling command 0x11 [ 527.221374][ T5122] Bluetooth: Wrong link type (-22) [ 527.476931][T12130] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. [ 527.501009][T12140] loop3: detected capacity change from 0 to 1024 [ 527.554989][T12140] hfsplus: failed to load root directory [ 527.660301][ T29] audit: type=1800 audit(1717338586.437:717): pid=12119 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1949 res=0 errno=0 [ 527.939552][ T7447] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 528.005893][ T25] libceph: connect (1)[c::]:6789 error -101 [ 528.011970][ T25] libceph: mon0 (1)[c::]:6789 connect error [ 528.135716][ T7447] usb 1-1: Using ep0 maxpacket: 32 [ 528.157208][ T7447] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 528.193500][ T7447] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 528.211852][ T7447] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 528.221384][ T7447] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 528.232334][ T7447] usb 1-1: config 0 descriptor?? [ 528.240524][ T7447] hub 1-1:0.0: bad descriptor, ignoring hub [ 528.246833][ T7447] hub 1-1:0.0: probe with driver hub failed with error -5 [ 528.266612][ T7447] usbhid 1-1:0.0: couldn't find an input interrupt endpoint [ 528.287261][ T5172] libceph: connect (1)[c::]:6789 error -101 [ 528.293786][ T5172] libceph: mon0 (1)[c::]:6789 connect error [ 528.463408][ T25] usb 2-1: new high-speed USB device number 25 using dummy_hcd [ 528.554759][T12119] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns [ 528.571222][T12119] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 528.623348][ T25] usb 2-1: device descriptor read/64, error -71 [ 528.871863][ T7443] libceph: connect (1)[c::]:6789 error -101 [ 528.884704][T12148] ceph: No mds server is up or the cluster is laggy [ 528.894664][ T25] usb 2-1: new high-speed USB device number 26 using dummy_hcd [ 528.916717][ T7443] libceph: mon0 (1)[c::]:6789 connect error [ 529.083617][ T25] usb 2-1: device descriptor read/64, error -71 [ 529.217071][T12169] loop4: detected capacity change from 0 to 32768 [ 529.224838][ T25] usb usb2-port1: attempt power cycle [ 529.265469][T12169] jfs: Unrecognized mount option "secf " or missing value [ 529.563650][ T5171] usb 3-1: new high-speed USB device number 28 using dummy_hcd [ 529.687728][ T25] usb 2-1: new high-speed USB device number 27 using dummy_hcd [ 529.725150][ T25] usb 2-1: device descriptor read/8, error -71 [ 529.803555][ T5171] usb 3-1: Using ep0 maxpacket: 8 [ 529.821436][ T5171] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 4352, setting to 64 [ 529.849869][ T5171] usb 3-1: New USB device found, idVendor=1b3d, idProduct=0146, bcdDevice= 1.b8 [ 529.879266][ T5171] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 529.927766][ T5171] usb 3-1: config 0 descriptor?? [ 529.977948][ T5171] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected [ 530.015514][ T5171] usb 3-1: Detected SIO [ 530.022796][T12180] loop4: detected capacity change from 0 to 1024 [ 530.035802][ T25] usb 2-1: new high-speed USB device number 28 using dummy_hcd [ 530.046409][ T5171] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 530.068691][T12180] hfsplus: failed to load root directory [ 530.104716][ T25] usb 2-1: device descriptor read/8, error -71 [ 530.116761][T12174] loop3: detected capacity change from 0 to 32768 [ 530.131125][T12174] XFS: noikeep mount option is deprecated. [ 530.175714][T12176] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 530.237943][T12174] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 530.241780][T12176] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 530.269888][ T25] usb usb2-port1: unable to enumerate USB device [ 530.335471][T12174] XFS (loop3): Ending clean mount [ 530.349686][T12174] XFS (loop3): Quotacheck needed: Please wait. [ 530.470615][ T5173] usb 3-1: USB disconnect, device number 28 [ 530.509329][ T5173] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 530.534687][T12174] XFS (loop3): Quotacheck: Done. [ 530.538418][ T5173] ftdi_sio 3-1:0.0: device disconnected [ 530.573652][ T7447] usb 1-1: USB disconnect, device number 18 [ 530.630926][T12174] netem: change failed [ 530.837740][T10946] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 531.416631][T12209] loop2: detected capacity change from 0 to 512 [ 531.430235][T12212] loop3: detected capacity change from 0 to 1024 [ 531.457766][T12212] hfsplus: unable to parse mount options [ 531.491095][T12209] EXT4-fs (loop2): mounted filesystem 00800000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 531.564929][T12209] ext4 filesystem being mounted at /root/syzkaller-testdir2213663050/syzkaller.3vQdmr/111/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 531.684801][T12212] loop3: detected capacity change from 0 to 1024 [ 531.850396][T10092] EXT4-fs (loop2): unmounting filesystem 00800000-0000-0000-0000-000000000000. [ 532.173774][ T1093] hfsplus: b-tree write err: -5, ino 4 [ 532.363932][T12204] loop4: detected capacity change from 0 to 32768 [ 532.390276][T12204] xfs: Unknown parameter 'defcontext' [ 532.818529][T12217] loop1: detected capacity change from 0 to 32768 [ 532.840572][T12217] jfs: Unrecognized mount option "secf " or missing value [ 532.851864][ T29] audit: type=1800 audit(1717338591.627:718): pid=12204 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1967 res=0 errno=0 [ 532.896951][ T29] audit: type=1800 audit(1717338591.667:719): pid=12232 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1967 res=0 errno=0 [ 532.975760][T12224] loop2: detected capacity change from 0 to 32768 [ 533.085506][T12224] loop2: detected capacity change from 32768 to 0 [ 533.112224][T12237] syz-executor.2: attempt to access beyond end of device [ 533.112224][T12237] loop2: rw=0, sector=160, nr_sectors = 8 limit=0 [ 533.156236][T12237] Read error 10 at 0x4000 [ 533.178035][T12237] read_mapping_page failed! [ 533.195492][T12237] syz-executor.2: attempt to access beyond end of device [ 533.195492][T12237] loop2: rw=2049, sector=30744, nr_sectors = 8 limit=0 [ 533.271745][T12237] lbmIODone: I/O error in JFS log [ 533.283443][ T112] jfsCommit: attempt to access beyond end of device [ 533.283443][ T112] loop2: rw=0, sector=160, nr_sectors = 8 limit=0 [ 533.317863][ T112] Read error 10 at 0x4000 [ 533.322431][ T112] read_mapping_page failed! [ 533.337007][T10092] syz-executor.2: attempt to access beyond end of device [ 533.337007][T10092] loop2: rw=0, sector=288, nr_sectors = 8 limit=0 [ 533.375712][ T112] jfsCommit: attempt to access beyond end of device [ 533.375712][ T112] loop2: rw=0, sector=160, nr_sectors = 8 limit=0 [ 533.394993][T10092] Read error 10 at 0x24000 [ 533.412529][ T112] Read error 10 at 0x4000 [ 533.415052][T10092] read_mapping_page failed! [ 533.421652][ T112] read_mapping_page failed! [ 533.423328][T12240] loop4: detected capacity change from 0 to 256 [ 533.425082][T10092] diRead: read_metapage failed [ 533.449645][T10092] jfs_lookup: iget failed on inum 32 [ 533.457740][T10092] syz-executor.2: attempt to access beyond end of device [ 533.457740][T10092] loop2: rw=0, sector=288, nr_sectors = 8 limit=0 [ 533.479619][T10092] Read error 10 at 0x24000 [ 533.487907][T10092] read_mapping_page failed! [ 533.494906][T10092] diRead: read_metapage failed [ 533.504467][T10092] jfs_lookup: iget failed on inum 32 [ 533.634026][ T5173] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 533.741265][T12226] loop3: detected capacity change from 0 to 40427 [ 533.757580][T12226] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 533.771387][T12226] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 533.801710][T12226] F2FS-fs (loop3): invalid crc value [ 533.823311][ T5173] usb 1-1: Using ep0 maxpacket: 8 [ 533.823316][T12226] F2FS-fs (loop3): Found nat_bits in checkpoint [ 533.850896][ T5173] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 4352, setting to 64 [ 533.869899][ T5173] usb 1-1: New USB device found, idVendor=1b3d, idProduct=0146, bcdDevice= 1.b8 [ 533.897723][ T5173] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 533.934279][ T5173] usb 1-1: config 0 descriptor?? [ 533.940000][T12226] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 533.953888][ T5173] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected [ 533.955495][T12226] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 533.971029][ T5173] usb 1-1: Detected SIO [ 533.989643][ T5173] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 534.026057][ T29] audit: type=1800 audit(1717338592.807:720): pid=12226 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=10 res=0 errno=0 [ 534.174643][T12242] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 534.203709][T12242] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 534.249646][ T5171] usb 1-1: USB disconnect, device number 19 [ 534.260993][ T5171] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 534.300044][ T5171] ftdi_sio 1-1:0.0: device disconnected [ 534.333405][ T25] usb 4-1: new high-speed USB device number 30 using dummy_hcd [ 534.336611][T12244] loop1: detected capacity change from 0 to 32768 [ 534.355611][T12244] XFS: noikeep mount option is deprecated. [ 534.380167][T12244] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 534.439182][T12239] loop4: detected capacity change from 0 to 32768 [ 534.462414][T12239] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (12239) [ 534.478930][T12244] XFS (loop1): Ending clean mount [ 534.488004][T12239] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 534.488366][T12244] XFS (loop1): Quotacheck needed: Please wait. [ 534.508535][T12239] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 534.525596][ T25] usb 4-1: Using ep0 maxpacket: 32 [ 534.542586][T12239] BTRFS info (device loop4): using free-space-tree [ 534.555262][ T25] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 534.570988][ T25] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 534.602453][ T25] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 534.613629][ T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 534.621466][T12244] XFS (loop1): Quotacheck: Done. [ 534.625124][ T25] usb 4-1: config 0 descriptor?? [ 534.649609][ T25] hub 4-1:0.0: bad descriptor, ignoring hub [ 534.657963][ T25] hub 4-1:0.0: probe with driver hub failed with error -5 [ 534.674219][ T25] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 534.683361][ T5122] Bluetooth: hci2: command 0x0406 tx timeout [ 534.692604][T12244] netem: change failed [ 534.853615][T10592] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 534.943679][ T9294] kworker/u8:4: attempt to access beyond end of device [ 534.943679][ T9294] loop2: rw=1, sector=264, nr_sectors = 8 limit=0 [ 534.990250][T10746] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 535.003966][ T9294] metapage_write_end_io: I/O error [ 535.043640][ T9294] kworker/u8:4: attempt to access beyond end of device [ 535.043640][ T9294] loop2: rw=2049, sector=30752, nr_sectors = 8 limit=0 [ 535.123589][ T9294] lbmIODone: I/O error in JFS log [ 535.129102][ T113] jfsCommit: attempt to access beyond end of device [ 535.129102][ T113] loop2: rw=0, sector=160, nr_sectors = 8 limit=0 [ 535.190159][T12280] syz-executor.3: attempt to access beyond end of device [ 535.190159][T12280] loop3: rw=34817, sector=77824, nr_sectors = 848 limit=40427 [ 535.204837][T10092] metapage_write_end_io: I/O error [ 535.210125][T10092] metapage_write_end_io: I/O error [ 535.222471][ T113] Read error 10 at 0x4000 [ 535.238658][ T113] read_mapping_page failed! [ 535.252578][ T113] Read error 10 at 0x4000 [ 535.258963][ T9294] metapage_write_end_io: I/O error [ 535.264561][ T113] read_mapping_page failed! [ 535.325094][ T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 535.568348][T10092] metapage_write_end_io: I/O error [ 535.581911][T10092] metapage_write_end_io: I/O error [ 535.642057][T10092] metapage_write_end_io: I/O error [ 535.674067][ T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 535.711542][T10092] metapage_write_end_io: I/O error [ 535.729479][T10092] metapage_write_end_io: I/O error [ 535.734501][ T7447] usb 4-1: USB disconnect, device number 30 [ 535.743862][T10092] metapage_write_end_io: I/O error [ 535.763258][T10092] metapage_write_end_io: I/O error [ 535.785447][T10092] metapage_write_end_io: I/O error [ 535.792385][T10092] lbmIODone: I/O error in JFS log [ 535.809909][T10092] lbmIODone: I/O error in JFS log [ 535.815354][T10092] lbmIODone: I/O error in JFS log [ 535.846908][T10092] lmLogShutdown: exit(-5) [ 535.852110][T10092] jfs_umount failed with return code -5 [ 535.887817][ T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 536.022674][ T25] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 536.085388][ T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 536.233344][ T25] usb 5-1: Using ep0 maxpacket: 8 [ 536.261454][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 4352, setting to 64 [ 536.292155][ T25] usb 5-1: New USB device found, idVendor=1b3d, idProduct=0146, bcdDevice= 1.b8 [ 536.326966][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 536.398960][ T25] usb 5-1: config 0 descriptor?? [ 536.419394][ T12] bridge_slave_1: left allmulticast mode [ 536.419577][ T25] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected [ 536.456676][ T12] bridge_slave_1: left promiscuous mode [ 536.457380][ T25] usb 5-1: Detected SIO [ 536.462500][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 536.485245][ T25] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 536.554383][ T12] bridge_slave_0: left allmulticast mode [ 536.560439][ T12] bridge_slave_0: left promiscuous mode [ 536.577460][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 536.671474][ T25] usb 5-1: USB disconnect, device number 25 [ 536.701519][ T25] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 536.735320][ T25] ftdi_sio 5-1:0.0: device disconnected [ 537.344688][T12306] 9pnet_fd: Insufficient options for proto=fd [ 537.344821][ T5122] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 537.398150][ T5122] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 537.413868][ T5122] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 537.424057][ T5122] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 537.435302][ T5122] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 537.442782][ T5122] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 537.535502][T12304] loop3: detected capacity change from 0 to 1024 [ 537.647220][T12304] hfsplus: bad catalog entry type [ 537.768496][ T11] hfsplus: b-tree write err: -5, ino 4 [ 537.805962][T12295] loop1: detected capacity change from 0 to 40427 [ 537.822837][T12295] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 537.845912][T12295] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 537.870346][T12295] F2FS-fs (loop1): invalid crc value [ 537.918014][T12295] F2FS-fs (loop1): Found nat_bits in checkpoint [ 538.016784][ T5122] Bluetooth: Unknown BR/EDR signaling command 0x0f [ 538.023822][ T5122] Bluetooth: Wrong link type (-22) [ 538.032501][ T5122] Bluetooth: Unknown BR/EDR signaling command 0x11 [ 538.039685][ T5122] Bluetooth: Wrong link type (-22) [ 538.046064][ T5122] Bluetooth: hci0: link tx timeout [ 538.054692][ T5122] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 538.104131][T12295] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 538.115513][T12295] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 538.148050][ T29] audit: type=1800 audit(1717338596.927:721): pid=12295 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="loop1" ino=10 res=0 errno=0 [ 538.493402][ T7445] usb 2-1: new high-speed USB device number 29 using dummy_hcd [ 538.594578][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 538.620893][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 538.642069][ T12] bond0 (unregistering): Released all slaves [ 538.669198][T12318] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 538.684176][ T7445] usb 2-1: Using ep0 maxpacket: 32 [ 538.696654][T12329] loop4: detected capacity change from 0 to 128 [ 538.714724][ T7445] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 538.752515][ T7445] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 538.776338][ T7445] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 538.820688][ T7445] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 538.873561][ T7445] usb 2-1: config 0 descriptor?? [ 538.891248][ T7445] hub 2-1:0.0: bad descriptor, ignoring hub [ 538.933474][ T7445] hub 2-1:0.0: probe with driver hub failed with error -5 [ 538.942764][ T7445] usbhid 2-1:0.0: couldn't find an input interrupt endpoint [ 538.951748][T10592] sysv_free_block: flc_count > flc_size [ 538.958471][T10592] sysv_free_block: flc_count > flc_size [ 538.965660][T10592] sysv_free_block: flc_count > flc_size [ 538.971512][T10592] sysv_free_block: flc_count > flc_size [ 538.978690][T10592] sysv_free_block: flc_count > flc_size [ 538.984452][T10592] sysv_free_block: flc_count > flc_size [ 538.990222][T10592] sysv_free_block: flc_count > flc_size [ 539.001725][T10592] sysv_free_block: flc_count > flc_size [ 539.011254][T10592] sysv_free_block: flc_count > flc_size [ 539.019319][T10592] sysv_free_block: flc_count > flc_size [ 539.030180][T10592] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 539.250905][T12295] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns [ 539.263534][ T25] usb 4-1: new high-speed USB device number 31 using dummy_hcd [ 539.277412][T12295] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 539.451087][ T12] hsr_slave_0: left promiscuous mode [ 539.465835][ T12] hsr_slave_1: left promiscuous mode [ 539.483391][ T25] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 539.497256][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 539.515249][ T25] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 539.526696][ T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 539.527953][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 539.535978][ T25] usb 4-1: Product: syz [ 539.546753][ T25] usb 4-1: Manufacturer: syz [ 539.551472][ T25] usb 4-1: SerialNumber: syz [ 539.565394][ T5122] Bluetooth: hci2: command tx timeout [ 539.567110][T12335] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 539.585740][T12351] bio_check_eod: 17 callbacks suppressed [ 539.585789][T12351] syz-executor.1: attempt to access beyond end of device [ 539.585789][T12351] loop1: rw=34817, sector=77824, nr_sectors = 848 limit=40427 [ 539.635526][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 539.710239][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 539.790732][ T12] veth1_macvtap: left promiscuous mode [ 539.796706][ T12] veth0_macvtap: left promiscuous mode [ 539.802703][ T12] veth1_vlan: left promiscuous mode [ 539.809073][ T12] veth0_vlan: left promiscuous mode [ 539.884081][ T5171] usb 4-1: USB disconnect, device number 31 [ 540.123629][ T5122] Bluetooth: hci0: command 0x0406 tx timeout [ 540.163368][T12356] loop4: detected capacity change from 0 to 17 [ 540.211038][T12356] BFS-fs: bfs_fill_super(): Superblock is corrupted on loop4 [ 541.033939][ T5171] usb 2-1: USB disconnect, device number 29 [ 541.112110][T12373] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns [ 541.341176][ T12] team0 (unregistering): Port device team_slave_1 removed [ 541.473050][ T12] team0 (unregistering): Port device team_slave_0 removed [ 541.643558][ T4489] Bluetooth: hci2: command tx timeout [ 542.167054][T12375] loop1: detected capacity change from 0 to 32768 [ 542.197417][T12375] XFS: attr2 mount option is deprecated. [ 542.204195][T12375] XFS: ikeep mount option is deprecated. [ 542.210336][T12375] XFS: noikeep mount option is deprecated. [ 542.239884][T12375] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 542.344835][T12375] XFS (loop1): Ending clean mount [ 542.394606][T12375] XFS (loop1): Quotacheck needed: Please wait. [ 542.629115][T12375] XFS (loop1): Quotacheck: Done. [ 542.748239][T10746] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 542.763633][T12369] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 543.141581][T12301] chnl_net:caif_netlink_parms(): no params data found [ 543.397082][T12393] loop3: detected capacity change from 0 to 1024 [ 543.464634][T12393] hfsplus: failed to load root directory [ 543.476495][T12301] bridge0: port 1(bridge_slave_0) entered blocking state [ 543.487600][T12301] bridge0: port 1(bridge_slave_0) entered disabled state [ 543.504035][T12301] bridge_slave_0: entered allmulticast mode [ 543.512362][T12301] bridge_slave_0: entered promiscuous mode [ 543.535277][T12301] bridge0: port 2(bridge_slave_1) entered blocking state [ 543.539575][ T4489] Bluetooth: Unknown BR/EDR signaling command 0x0f [ 543.549801][ T4489] Bluetooth: Wrong link type (-22) [ 543.549998][T12301] bridge0: port 2(bridge_slave_1) entered disabled state [ 543.555662][ T4489] Bluetooth: Unknown BR/EDR signaling command 0x11 [ 543.569360][ T4489] Bluetooth: Wrong link type (-22) [ 543.579863][T12301] bridge_slave_1: entered allmulticast mode [ 543.609269][T12301] bridge_slave_1: entered promiscuous mode [ 543.723368][ T4489] Bluetooth: hci2: command tx timeout [ 543.819599][T12301] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 543.838146][T12403] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 543.888866][T12301] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 543.902310][T12388] loop4: detected capacity change from 0 to 32768 [ 544.014085][T12388] loop4: detected capacity change from 32768 to 0 [ 544.045579][T12301] team0: Port device team_slave_0 added [ 544.060620][T12416] syz-executor.4: attempt to access beyond end of device [ 544.060620][T12416] loop4: rw=0, sector=160, nr_sectors = 8 limit=0 [ 544.065419][T12301] team0: Port device team_slave_1 added [ 544.093388][T12416] Read error 10 at 0x4000 [ 544.099334][T12416] read_mapping_page failed! [ 544.104661][T12416] syz-executor.4: attempt to access beyond end of device [ 544.104661][T12416] loop4: rw=2049, sector=30744, nr_sectors = 8 limit=0 [ 544.122876][T12416] lbmIODone: I/O error in JFS log [ 544.133817][ T113] jfsCommit: attempt to access beyond end of device [ 544.133817][ T113] loop4: rw=0, sector=160, nr_sectors = 8 limit=0 [ 544.150086][ T113] Read error 10 at 0x4000 [ 544.160487][T12415] netlink: 88 bytes leftover after parsing attributes in process `syz-executor.3'. [ 544.175756][T12415] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 544.189465][ T113] read_mapping_page failed! [ 544.196085][ T113] jfsCommit: attempt to access beyond end of device [ 544.196085][ T113] loop4: rw=0, sector=160, nr_sectors = 8 limit=0 [ 544.198171][T12301] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 544.218368][ T113] Read error 10 at 0x4000 [ 544.222753][ T113] read_mapping_page failed! [ 544.234944][T10592] syz-executor.4: attempt to access beyond end of device [ 544.234944][T10592] loop4: rw=0, sector=288, nr_sectors = 8 limit=0 [ 544.254964][T12301] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 544.282330][T10592] Read error 10 at 0x24000 [ 544.287685][T10592] read_mapping_page failed! [ 544.292262][T10592] diRead: read_metapage failed [ 544.298290][T10592] jfs_lookup: iget failed on inum 32 [ 544.304039][T10592] syz-executor.4: attempt to access beyond end of device [ 544.304039][T10592] loop4: rw=0, sector=288, nr_sectors = 8 limit=0 [ 544.319516][T12301] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 544.331043][T10592] Read error 10 at 0x24000 [ 544.340772][T12301] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 544.347874][T10592] read_mapping_page failed! [ 544.352421][T10592] diRead: read_metapage failed [ 544.358494][T12301] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 544.387300][T10592] jfs_lookup: iget failed on inum 32 [ 544.405844][T12301] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 544.522970][T12301] hsr_slave_0: entered promiscuous mode [ 544.531417][T12301] hsr_slave_1: entered promiscuous mode [ 544.538690][T12301] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 544.547706][T12301] Cannot create hsr debugfs directory [ 544.722205][T12422] loop3: detected capacity change from 0 to 32768 [ 544.927603][ T746] kworker/u8:5: attempt to access beyond end of device [ 544.927603][ T746] loop4: rw=1, sector=264, nr_sectors = 8 limit=0 [ 544.980096][ T746] metapage_write_end_io: I/O error [ 545.018798][ T746] kworker/u8:5: attempt to access beyond end of device [ 545.018798][ T746] loop4: rw=2049, sector=30752, nr_sectors = 8 limit=0 [ 545.100923][ T746] lbmIODone: I/O error in JFS log [ 545.116282][ T113] jfsCommit: attempt to access beyond end of device [ 545.116282][ T113] loop4: rw=0, sector=160, nr_sectors = 8 limit=0 [ 545.143601][T10592] syz-executor.4: attempt to access beyond end of device [ 545.143601][T10592] loop4: rw=1, sector=264, nr_sectors = 8 limit=0 [ 545.176844][T10592] metapage_write_end_io: I/O error [ 545.181373][ T113] Read error 10 at 0x4000 [ 545.189939][ T113] read_mapping_page failed! [ 545.194047][T10592] syz-executor.4: attempt to access beyond end of device [ 545.194047][T10592] loop4: rw=1, sector=232, nr_sectors = 8 limit=0 [ 545.198105][ T113] jfsCommit: attempt to access beyond end of device [ 545.198105][ T113] loop4: rw=0, sector=160, nr_sectors = 8 limit=0 [ 545.213132][T10592] metapage_write_end_io: I/O error [ 545.239829][ T113] Read error 10 at 0x4000 [ 545.257404][ T113] read_mapping_page failed! [ 545.566398][ T11] kworker/u8:0: attempt to access beyond end of device [ 545.566398][ T11] loop4: rw=1, sector=264, nr_sectors = 8 limit=0 [ 545.609441][ T11] metapage_write_end_io: I/O error [ 545.627155][ T11] kworker/u8:0: attempt to access beyond end of device [ 545.627155][ T11] loop4: rw=1, sector=224, nr_sectors = 8 limit=0 [ 545.692850][ T11] metapage_write_end_io: I/O error [ 545.704021][ T12] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 545.728787][T10592] syz-executor.4: attempt to access beyond end of device [ 545.728787][T10592] loop4: rw=1, sector=256, nr_sectors = 8 limit=0 [ 545.785492][T10592] metapage_write_end_io: I/O error [ 545.814036][ T4489] Bluetooth: hci2: command tx timeout [ 545.824808][T10592] syz-executor.4: attempt to access beyond end of device [ 545.824808][T10592] loop4: rw=1, sector=176, nr_sectors = 8 limit=0 [ 545.900350][T10592] metapage_write_end_io: I/O error [ 545.941528][T10592] metapage_write_end_io: I/O error [ 545.978970][T10592] metapage_write_end_io: I/O error [ 545.999248][T10592] metapage_write_end_io: I/O error [ 546.021339][T10592] metapage_write_end_io: I/O error [ 546.044419][T10592] lbmIODone: I/O error in JFS log [ 546.074616][T10592] lbmIODone: I/O error in JFS log [ 546.093566][T10592] lbmIODone: I/O error in JFS log [ 546.115393][T10592] lmLogShutdown: exit(-5) [ 546.150264][T10592] jfs_umount failed with return code -5 [ 546.472030][ T5173] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 546.645096][T12443] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns [ 546.687250][ T5173] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 114, changing to 10 [ 546.713676][ T5173] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 33791, setting to 1024 [ 546.725258][ T5173] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 546.752604][ T5173] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 546.762118][ T5173] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 546.788656][ T5173] usb 1-1: config 0 descriptor?? [ 546.937292][ T5122] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 546.949390][ T5122] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 546.976727][ T5122] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 547.015684][ T5122] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 547.046072][ T5122] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 547.056330][ T5122] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 548.005818][ T5173] usbhid 1-1:0.0: can't add hid device: -71 [ 548.013015][ T5173] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 548.038796][ T5173] usb 1-1: USB disconnect, device number 20 [ 549.163609][ T4489] Bluetooth: hci4: command tx timeout [ 550.566611][ T4489] Bluetooth: Unknown BR/EDR signaling command 0x0f [ 550.577343][ T4489] Bluetooth: Wrong link type (-22) [ 550.587549][ T4489] Bluetooth: Unknown BR/EDR signaling command 0x11 [ 550.594328][ T4489] Bluetooth: Wrong link type (-22) [ 550.610255][ T4489] Bluetooth: hci3: link tx timeout [ 550.615551][ T4489] Bluetooth: hci3: killing stalled connection 10:aa:aa:aa:aa:aa [ 550.822755][ T12] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 550.844826][T12438] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 550.988326][ T12] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 551.026972][T12455] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 551.126127][ T12] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 551.249328][ T4489] Bluetooth: hci4: command tx timeout [ 551.300474][T12466] loop3: detected capacity change from 0 to 512 [ 551.387811][T12466] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 551.402352][T12466] ext4 filesystem being mounted at /root/syzkaller-testdir1613967106/syzkaller.PPF4Cn/78/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 551.448134][T12466] EXT4-fs error (device loop3): ext4_search_dir:1548: inode #2: block 3: comm syz-executor.3: bad entry in directory: rec_len is smaller than minimal - offset=16444, inode=113, rec_len=0, size=2048 fake=0 [ 551.737775][T12472] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.0'. [ 551.777724][T12462] loop1: detected capacity change from 0 to 32768 [ 551.808473][ T12] bridge_slave_1: left allmulticast mode [ 551.818575][ T12] bridge_slave_1: left promiscuous mode [ 551.824651][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 551.826286][T12462] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 551.844834][ T12] bridge_slave_0: left allmulticast mode [ 551.850733][ T12] bridge_slave_0: left promiscuous mode [ 551.877221][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 551.981190][T12462] XFS (loop1): Ending clean mount [ 552.015296][T12462] XFS (loop1): Quotacheck needed: Please wait. [ 552.130265][T12462] XFS (loop1): Quotacheck: Done. [ 552.262307][T10946] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 552.684313][ T4489] Bluetooth: hci3: command 0x0406 tx timeout [ 552.851500][ T25] usb 4-1: new high-speed USB device number 32 using dummy_hcd [ 553.007268][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 553.020625][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 553.044458][ T25] usb 4-1: Using ep0 maxpacket: 8 [ 553.055554][ T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 4352, setting to 64 [ 553.067366][ T12] bond0 (unregistering): Released all slaves [ 553.082493][ T25] usb 4-1: New USB device found, idVendor=1b3d, idProduct=0146, bcdDevice= 1.b8 [ 553.118632][ T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 553.155631][ T25] usb 4-1: config 0 descriptor?? [ 553.178604][ T25] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected [ 553.225242][ T25] usb 4-1: Detected SIO [ 553.277841][ T25] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 553.335970][ T5122] Bluetooth: hci4: command tx timeout [ 553.370521][ T25] usb 4-1: USB disconnect, device number 32 [ 553.409459][ T25] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 553.428542][ T25] ftdi_sio 4-1:0.0: device disconnected [ 553.628374][T12444] chnl_net:caif_netlink_parms(): no params data found [ 553.933654][ T12] hsr_slave_0: left promiscuous mode [ 553.943568][ T12] hsr_slave_1: left promiscuous mode [ 553.958375][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 553.985507][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 554.004573][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 554.012458][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 554.090522][ T12] veth1_macvtap: left promiscuous mode [ 554.110040][ T12] veth0_macvtap: left promiscuous mode [ 554.124349][ T12] veth1_vlan: left promiscuous mode [ 554.129756][ T12] veth0_vlan: left promiscuous mode [ 554.840089][T12502] syz-executor.0[12502] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 554.840264][T12502] syz-executor.0[12502] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 555.042808][T12501] loop3: detected capacity change from 0 to 32768 [ 555.108921][T10746] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 555.191081][ T12] team0 (unregistering): Port device virt_wifi0 removed [ 555.272369][T12501] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 555.411707][ T5122] Bluetooth: hci4: command tx timeout [ 555.610652][T12501] XFS (loop3): Ending clean mount [ 555.621956][T12501] XFS (loop3): Quotacheck needed: Please wait. [ 555.812805][T12525] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns [ 555.876730][T12501] XFS (loop3): Quotacheck: Done. [ 555.909530][ T12] team0 (unregistering): Port device team_slave_1 removed [ 556.010781][ T12] team0 (unregistering): Port device team_slave_0 removed [ 557.365287][T12516] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 557.577717][T12532] loop1: detected capacity change from 0 to 4096 [ 557.599507][T12532] ntfs3: loop1: ino=3, Correct links count -> 2. [ 557.684685][T12301] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 557.697264][T12301] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 557.720049][T12444] bridge0: port 1(bridge_slave_0) entered blocking state [ 557.756365][T12444] bridge0: port 1(bridge_slave_0) entered disabled state [ 557.778863][T12444] bridge_slave_0: entered allmulticast mode [ 557.809667][T12444] bridge_slave_0: entered promiscuous mode [ 557.939519][T12301] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 557.953163][T12444] bridge0: port 2(bridge_slave_1) entered blocking state [ 557.961918][T12444] bridge0: port 2(bridge_slave_1) entered disabled state [ 557.971805][T12444] bridge_slave_1: entered allmulticast mode [ 557.984481][T12444] bridge_slave_1: entered promiscuous mode [ 557.994468][T12301] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 558.101959][T12444] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 558.140817][T10946] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 558.149227][T12444] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 558.300706][T12538] loop1: detected capacity change from 0 to 4096 [ 558.381880][T12538] NILFS (loop1): invalid segment: Checksum error in segment payload [ 558.397342][T12444] team0: Port device team_slave_0 added [ 558.407837][T12444] team0: Port device team_slave_1 added [ 558.415901][T12538] NILFS (loop1): trying rollback from an earlier position [ 558.472760][T12538] NILFS (loop1): recovery complete [ 558.508487][T12543] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 558.596740][T12444] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 558.605222][T12444] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 558.619063][T12545] loop3: detected capacity change from 0 to 2048 [ 558.644447][T12444] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 558.657173][T12545] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 558.697641][T12444] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 558.705822][T12444] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 558.732796][T12444] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 558.793684][ T25] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 558.882333][T12444] hsr_slave_0: entered promiscuous mode [ 558.904587][T12444] hsr_slave_1: entered promiscuous mode [ 558.914283][T12444] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 558.921911][T12444] Cannot create hsr debugfs directory [ 558.985956][ T25] usb 1-1: Using ep0 maxpacket: 8 [ 559.000116][ T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 4352, setting to 64 [ 559.013331][ T25] usb 1-1: New USB device found, idVendor=1b3d, idProduct=0146, bcdDevice= 1.b8 [ 559.022603][ T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 559.036810][ T25] usb 1-1: config 0 descriptor?? [ 559.051653][ T25] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected [ 559.064998][ T25] usb 1-1: Detected SIO [ 559.072459][ T25] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 559.090992][T12301] 8021q: adding VLAN 0 to HW filter on device bond0 [ 559.219480][T12301] 8021q: adding VLAN 0 to HW filter on device team0 [ 559.241670][ T7445] bridge0: port 1(bridge_slave_0) entered blocking state [ 559.248922][ T7445] bridge0: port 1(bridge_slave_0) entered forwarding state [ 559.256709][ T25] usb 1-1: USB disconnect, device number 21 [ 559.278271][ T25] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 559.299605][T12552] loop1: detected capacity change from 0 to 512 [ 559.322196][ T25] ftdi_sio 1-1:0.0: device disconnected [ 559.334424][ T7445] bridge0: port 2(bridge_slave_1) entered blocking state [ 559.341618][ T7445] bridge0: port 2(bridge_slave_1) entered forwarding state [ 559.360343][T12552] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 559.399957][T12552] EXT4-fs (loop1): 1 truncate cleaned up [ 559.426483][T12552] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 559.488832][ T29] audit: type=1800 audit(1717338618.267:722): pid=12552 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 559.531265][T12552] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2234: inode #15: comm syz-executor.1: corrupted in-inode xattr: overlapping e_value [ 559.577250][T12552] EXT4-fs (loop1): Remounting filesystem read-only [ 559.594026][T12552] EXT4-fs warning (device loop1): ext4_xattr_set_entry:1766: inode #15: comm syz-executor.1: unable to update i_inline_off [ 559.698873][T10746] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 559.942569][T12559] loop1: detected capacity change from 0 to 2048 [ 559.999280][T12559] loop1: p1 < > p4 [ 560.012216][T12559] loop1: p4 size 8388608 extends beyond EOD, truncated [ 560.043738][T12548] loop3: detected capacity change from 0 to 40427 [ 560.053495][T12559] EXT4-fs (loop1p1): unable to read superblock [ 560.066523][T12548] F2FS-fs (loop3): invalid crc value [ 560.082456][T12548] F2FS-fs (loop3): Found nat_bits in checkpoint [ 560.164476][T12444] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 560.208974][T12548] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 560.233315][ T29] audit: type=1800 audit(1717338619.007:723): pid=12548 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=10 res=0 errno=0 [ 560.267970][T12548] bio_check_eod: 9 callbacks suppressed [ 560.267994][T12548] syz-executor.3: attempt to access beyond end of device [ 560.267994][T12548] loop3: rw=2049, sector=77824, nr_sectors = 8 limit=40427 [ 560.344852][T12548] fuse: Unknown parameter 'hash' [ 560.408988][T10946] syz-executor.3: attempt to access beyond end of device [ 560.408988][T10946] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 560.459585][T10946] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 561.039673][T12567] loop1: detected capacity change from 0 to 40427 [ 561.093447][T12567] F2FS-fs (loop1): Encrypt feature is off [ 561.864875][T12569] loop3: detected capacity change from 0 to 40427 [ 561.902599][T12569] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 561.911850][T12569] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 561.946296][T12569] F2FS-fs (loop3): invalid crc value [ 561.988181][T12569] F2FS-fs (loop3): Found nat_bits in checkpoint [ 562.118842][T12569] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 562.127225][T12569] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 562.208217][T12569] F2FS-fs (loop3): Unrecognized mount option "#! ./bus [ 562.208217][T12569] " or missing value [ 562.276300][ T12] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 562.330164][ T12] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 562.549088][T12582] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.1'. [ 562.754745][ T5122] Bluetooth: Unknown BR/EDR signaling command 0x0f [ 562.762968][ T5122] Bluetooth: Wrong link type (-22) [ 562.770003][ T5122] Bluetooth: Unknown BR/EDR signaling command 0x11 [ 562.776891][ T5122] Bluetooth: Wrong link type (-22) [ 563.334178][ T1250] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.340880][ T1250] ieee802154 phy1 wpan1: encryption failed: -22 [ 564.064548][T12601] loop3: detected capacity change from 0 to 1024 [ 564.075933][T12601] hfsplus: failed to load root directory [ 564.773500][ T25] usb 4-1: new high-speed USB device number 33 using dummy_hcd [ 564.903689][T12444] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 564.915096][T12584] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 564.927917][T12444] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 564.953862][T12444] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 564.983556][ T25] usb 4-1: Using ep0 maxpacket: 8 [ 565.021792][ T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 4352, setting to 64 [ 565.032418][T12301] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 565.058683][ T25] usb 4-1: New USB device found, idVendor=1b3d, idProduct=0146, bcdDevice= 1.b8 [ 565.075244][ T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 565.090659][ T25] usb 4-1: config 0 descriptor?? [ 565.104920][ T25] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected [ 565.118393][ T25] usb 4-1: Detected SIO [ 565.125341][ T25] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 565.228903][T12611] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 565.260455][T12301] veth0_vlan: entered promiscuous mode [ 565.289344][T12301] veth1_vlan: entered promiscuous mode [ 565.302934][ T25] usb 4-1: USB disconnect, device number 33 [ 565.319309][ T25] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 565.330971][ T25] ftdi_sio 4-1:0.0: device disconnected [ 565.430575][T12444] 8021q: adding VLAN 0 to HW filter on device bond0 [ 565.452068][T12301] veth0_macvtap: entered promiscuous mode [ 565.496932][T12301] veth1_macvtap: entered promiscuous mode [ 565.549538][T12444] 8021q: adding VLAN 0 to HW filter on device team0 [ 565.559811][T12301] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 565.573879][T12301] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 565.584139][T12301] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 565.595060][T12301] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 565.606751][T12301] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 565.617544][T12301] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 565.649112][T12301] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 565.680831][T12301] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 565.703237][T12301] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 565.719726][T12301] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 565.742964][T12301] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 565.758013][T12301] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 565.769466][T12301] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 565.782336][T12301] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 565.791868][ T5173] bridge0: port 1(bridge_slave_0) entered blocking state [ 565.799148][ T5173] bridge0: port 1(bridge_slave_0) entered forwarding state [ 565.854434][ T5173] bridge0: port 2(bridge_slave_1) entered blocking state [ 565.861721][ T5173] bridge0: port 2(bridge_slave_1) entered forwarding state [ 565.897361][T12301] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 565.924701][T12301] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 565.940252][T12301] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 565.958014][T12301] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 566.148073][T12444] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 566.320079][ T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 566.337673][ T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 566.339578][T12645] loop1: detected capacity change from 0 to 1024 [ 566.432521][ T1093] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 566.470189][ T1093] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 566.583801][T12645] hfsplus: xattr searching failed [ 566.709724][T12645] hfsplus: b-tree write err: -5, ino 3 [ 566.766211][T12444] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 567.050017][T12665] VFS: Close: file count is 0 (f_op=shmem_file_operations) [ 567.050313][T12665] ------------[ cut here ]------------ [ 567.064050][T12665] kernel BUG at fs/open.c:1514! [ 567.099012][T12665] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI [ 567.099047][T12665] CPU: 1 PID: 12665 Comm: syz-executor.3 Not tainted 6.10.0-rc1-next-20240531-syzkaller #0 [ 567.099071][T12665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 567.099085][T12665] RIP: 0010:filp_flush+0x152/0x160 [ 567.099121][T12665] Code: e9 80 e1 07 80 c1 03 38 c1 7c a6 48 89 ef e8 c5 03 f0 ff eb 9c e8 6e 16 8a ff 48 c7 c7 20 59 d8 8b 48 89 ee e8 6f 84 7d 09 90 <0f> 0b 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 90 90 90 [ 567.099140][T12665] RSP: 0018:ffffc9001480feb8 EFLAGS: 00010246 [ 567.099160][T12665] RAX: 0000000000000038 RBX: 0000000000000000 RCX: 00b368664fe7a600 [ 567.099176][T12665] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 [ 567.099190][T12665] RBP: ffffffff8bd42dc0 R08: ffffffff8176b129 R09: fffffbfff1c39958 [ 567.099207][T12665] R10: dffffc0000000000 R11: fffffbfff1c39958 R12: ffff88802bfee780 2024/06/02 14:30:25 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF [ 567.099223][T12665] R13: dffffc0000000000 R14: ffff88802e690b40 R15: 0000000000000003 [ 567.099240][T12665] FS: 000055558e922480(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000 [ 567.099266][T12665] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 567.099281][T12665] CR2: 00007ff2b01e8000 CR3: 0000000078e3c000 CR4: 00000000003506f0 [ 567.099301][T12665] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 567.099315][T12665] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 567.099329][T12665] Call Trace: [ 567.099337][T12665] [ 567.099346][T12665] ? __die_body+0x88/0xe0 [ 567.099380][T12665] ? die+0xcf/0x110 [ 567.099411][T12665] ? do_trap+0x15a/0x3a0 [ 567.099440][T12665] ? filp_flush+0x152/0x160 [ 567.099468][T12665] ? do_error_trap+0x1dc/0x2c0 [ 567.099495][T12665] ? filp_flush+0x152/0x160 [ 567.099524][T12665] ? __pfx_do_error_trap+0x10/0x10 [ 567.099559][T12665] ? handle_invalid_op+0x34/0x40 [ 567.099585][T12665] ? filp_flush+0x152/0x160 [ 567.099615][T12665] ? exc_invalid_op+0x38/0x50 [ 567.099644][T12665] ? asm_exc_invalid_op+0x1a/0x20 [ 567.099675][T12665] ? __wake_up_klogd+0x109/0x140 [ 567.099699][T12665] ? filp_flush+0x152/0x160 [ 567.099725][T12665] ? filp_flush+0x151/0x160 [ 567.099753][T12665] __x64_sys_close+0x75/0x110 [ 567.099780][T12665] do_syscall_64+0xf3/0x230 [ 567.099807][T12665] ? clear_bhb_loop+0x35/0x90 [ 567.099838][T12665] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 567.099866][T12665] RIP: 0033:0x7fb9f4a7bdda [ 567.099884][T12665] Code: 48 3d 00 f0 ff ff 77 48 c3 0f 1f 80 00 00 00 00 48 83 ec 18 89 7c 24 0c e8 03 7f 02 00 8b 7c 24 0c 89 c2 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 36 89 d7 89 44 24 0c e8 63 7f 02 00 8b 44 24 [ 567.099902][T12665] RSP: 002b:00007ffd76fddb40 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 567.099924][T12665] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007fb9f4a7bdda [ 567.099940][T12665] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 567.099953][T12665] RBP: ffffffffffffffff R08: 00007fb9f4a00000 R09: 0000000000000001 [ 567.099967][T12665] R10: 0000000000000001 R11: 0000000000000293 R12: 00007fb9f4bb3fa0 [ 567.099982][T12665] R13: 00007fb9f4bb3fac R14: 0000000000000032 R15: 00007fb9f4bb59a0 [ 567.100006][T12665] [ 567.100015][T12665] Modules linked in: [ 567.100081][T12665] ---[ end trace 0000000000000000 ]--- [ 567.514163][T12665] RIP: 0010:filp_flush+0x152/0x160 [ 567.519358][T12665] Code: e9 80 e1 07 80 c1 03 38 c1 7c a6 48 89 ef e8 c5 03 f0 ff eb 9c e8 6e 16 8a ff 48 c7 c7 20 59 d8 8b 48 89 ee e8 6f 84 7d 09 90 <0f> 0b 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 90 90 90 [ 567.539356][T12665] RSP: 0018:ffffc9001480feb8 EFLAGS: 00010246 [ 567.545604][T12665] RAX: 0000000000000038 RBX: 0000000000000000 RCX: 00b368664fe7a600 [ 567.676535][T12665] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 [ 567.685268][T12665] RBP: ffffffff8bd42dc0 R08: ffffffff8176b129 R09: fffffbfff1c39958 [ 567.696508][T12444] veth0_vlan: entered promiscuous mode [ 567.713268][T12665] R10: dffffc0000000000 R11: fffffbfff1c39958 R12: ffff88802bfee780 [ 567.721322][T12665] R13: dffffc0000000000 R14: ffff88802e690b40 R15: 0000000000000003 [ 567.746084][T12444] veth1_vlan: entered promiscuous mode [ 567.773361][T12665] FS: 000055558e922480(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000 [ 567.808675][T12665] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 567.825328][T12444] veth0_macvtap: entered promiscuous mode [ 567.831178][T12665] CR2: 000000002023a030 CR3: 0000000078e3c000 CR4: 00000000003506f0 [ 567.839389][T12444] veth1_macvtap: entered promiscuous mode [ 567.855285][T12665] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 567.885257][T12665] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 567.893886][T12665] Kernel panic - not syncing: Fatal exception [ 567.900300][T12665] Kernel Offset: disabled [ 567.904628][T12665] Rebooting in 86400 seconds..