last executing test programs: 3m10.855455265s ago: executing program 3 (id=240): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000001000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x47, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000010000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x4cf68d79c8eac253, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 3m10.321741681s ago: executing program 3 (id=243): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000001940)=ANY=[@ANYBLOB='allow_utime=00000000000000000200000,zero_size_dir,errors=remount-ro,umask=00000000000000000000020,fmask=00000000000000000000005,iocharset=cp775,gid=', @ANYRESHEX=0x0, @ANYBLOB=',umask=00000000000000000000003,errors=continue,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c616c6c6f775f7574696d653d303030303030303030307356d38c179a3cd230303017302c00"], 0x1, 0x152a, &(0x7f0000000340)="$eJzs3AuYjtXaOPD7Xms9Y0h6m+QwrLXuhzc5LJMkOSTJIUmSJMkpIWmSLQmJIaekIQnJYUgOQ0gOE5PG+ZDzKSFJmiQJySlZ/2vC327X/vbe3+7Lvvbcv+t6r1n3u557Pet57/ewnuedmW+7DK3ZuFa1hkQE/xa88CMJAGIBYCAAXAMAAQCUiysXl9WfU2LSv7cT9sd6KPVKz4BdSVz/7I3rn71x/bM3rn/2xvXP3rj+2RvXP3vj+jOWnW2aXvBavmXfG1//z8748/+/SGbpsV+uLX19V4CYfzaF65+9cf3/awX/zEZc/+yN659dxV7pCbD/APz6zw5y/N0ern/2xvVnLDv7c683y/+47xsg8uc+Bgqu/DH/6vgZY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLE/wWl/mQKAS+0rPS/GGGOMMcYYY4z9cXyOKz0DxhhjjDHGGGOM/d9DECBBQQAxkANiISfkAgEAV0MeuAYicC3EwXWQF66HfJAfCkBBiIdCUBg0GLBAEEIRKApRuAGKwY1QHEpASSgFDkpDAtwEZeBmKAu3QDm4FcrDbVABKkIlqAy3QxW4A6rCnVAN7oLqUANqQi24G2rDPVAH7oW6cB/Ug/uhPjwADeBBaAgPQSN4GBrDI9AEHoWm0AyaQwto+b/KfwF6wIvQE3pBEvSGPvAS9IV+0B8GwEB4GQbBKzAYXoVkGAJD4TUYBq/DcHgDRsBIGAVvwmh4C8bAWBgH4yEFJsBEeBsmwTswGabAVJgGqTAdZsC7MBNmwWx4D+bA+zAX5sF8WABp8AEshEWQDh/CYvgIMmAJLIVlsBxWwEpYBathDayFj2EdrIcNsBE2wWbYAlthG2yHHfAJ7IRPYRfshj3wGeyFz//F/FN/k98VAQEFClSoMAZjMBZjMRfmwtyYG/NgHoxgBOMwDvNiXsyH+bAAFsB4jMfCWBgNGiQkLIJFMIpRLIbFsDgWx5JYEh06TMAELIM3Y1ksi+WwHJbH8lgBK2JFrIyVsQpWwapYFathNayO1bEm1sS78W7sjXWwDtbFulgP6126PIUNsSE2wkbYGBtjE2yCTbEpNsfm2BJbYitsha2xNbbFttgO22F7bI+JmIgdsAN2xI7YCTthZ+yMXbALdsVu2C3zhRyAL+KL2Auri97YB/tgX0zO0R8H4AB8GQfhK/gKvorJOASH4mv4Gr6Ow/EkjsCROApHYRXxFo7BsUhiPKZgCk7EiTgJJ+FknIJTcBqm4nScgTNwJs7CWfgezsH38X2ch/NwAaZhGi7ERZiO6bgYT2EGLsGluAyX4wpcjqtwNa7CtfgxrsX1uB434kbcjJtxK27F7bgdP0EFgJ/ibtyNybgX9+I+3If7cT8ewAOYiZl4EA/iITyEh/EwHsEjeBSP4XE8hifwBJ7EU3gaT+NZPIvn8Ln4rxt9UmJNMogsSigRI2JErIgVuUQukVvkFnlEHhEREREn4kRekVfkE/lEAVFAxIt4UVgUFkYYQSKMAQARFVFRTBQTxUVxUVKUFE44kSASRBlRRpQVZUU5casoL24TFURF0cZJUVlUEW1dVXGnqCaqieqihqgpaolaoraoLeqIOqKuqCvqiXqivnhANBC9sT8+JLIq01gMwSZiKDYVzYS8+A7WSgzH1qKNaCueECNxBLYXrVyieFp0EGOwo/iLGIvPis5iPHYRz4uuopvoLl4QPURr11P0EpOxt+gjpmFf0U/0FwPETKwh3sM5OWuKV0WyGCKGitfEAnxdDBdviBFipBgl3hSjxVtijBgrxonxIkVMEBPF22KSeEdMFlPEVDFNpIrpYoZ4V8wUs8Rs8Z6YI94Xc8U8MV8sEGniA7FQLBLp4kOxWHwkMsQSsVQsE8vFCrFSrBKrxRqxVnws1on1YoPYKDaJzWKL2Cq2ie1ih/hE7BSfil1it9gjPhN7xedin/hC7BdfigPiK5EpvhYHxTfikPhWHBbfiSPie3FUHBPHxQ/ihPhRnBSnxGlxRpwVP4lz4mdxXngBEqWQUioZyBiZQ8bKnDKXvErmlsHFR/daGSevk3nl9TKfzC8LyIIyXhaShaWWRlpJMpRFZFEZlTfIYvJGWVyWkCVlKelkaZkgb5Jl5M2yrLxFlpO3yvLyNllBVpSVZGV5u6wi75AQubCP6rKGrClrybtlEtwj68h7ZV15n6wn75f15QOygXxQNpQPyUbyYdlYPiKbyEdlU9lMNpctZEv5mGwlH5etZRvZVj4h28knZXv5lEyUT8sO0l98ijwrO8vnZBf5vOwqu8nu8md5XnrZU/aS0BtkH/mS7Cv7yf5ygBwoX5aD5CtysHxVJsshcqh8TQ6Tr8vh8g05Qo6Uo+SbcrR8S46RY+U4OV6myAlyonxbTpLvyMlyipwqp8lUOV32vzjSbCn/Yf7bv5M/+Je9b5Sb5Ga5RW6V2+R2uUN+InfKnXKX3CX3yD1yr9wr98l9cr/cLw/IAzJTZsqD8qA8JA/Jw/KwPCKPyKPymDwjf5An5I/ypDwlT8kz8qw8K89dfAxAoRJKKqUCFaNyqFiVU+VSV6nc6mqVR12jIupaFaeuU3nV9Sqfyq8KqIIqXhVShZVWRllFKlRFVFEVVTfgxSeMKqlKKadKqwR107+Sr4qpG1VxVeJX+Zfml/R35tdStVStVCvVWrVWbVVb1U61U+1Ve5WoElUH1UF1VB1VJ9VJdVadVRfVRXVVXVV31V31UD1UT9VTJakk1Ue9pPqqfqq/GqAGqpfVIDVIDVaDVbJKVkPVUDVMDVPD1XA1Qo1Qo9QoNVqNVmPUGDVOjVMpKkVNVBPVJDVJTVaT1VQ1VaWqVDVDzVAz1Uw1W81Wc9QcNVfNVfPVfJWm0tRCtVClq3S1WC1WGWqJWqKWqWVqhVqhVqlVao1ao7LWX+vVepWhNqlNaovaorapbWqH2qF2qp1ql9ql9qg9aq/aq/apfWq/2q8OqAMqU2Wqg+qgOqQOqcPqsDqijqij6qg6ro6rE+qEOqlOqtPqtDqrzqpz6pw6r85nLfsCEYhABSqICWKC2CA2yBXkCnIHuYM8QZ4gEkSCuCAuyBtcH+QL8gcFgoJBfFAoKBzowAQ2EBeLHg1uCIoFNwbFgxJByaBU4ILSQUJwU1AmuDkoG9wSlAtuDcoHtwUVgopBpaBycHtQJbgjqBrcGVQL7gqqBzWCmkGt4O6gdnBPUCe4N6gb3BfUC+4P6gcPBA2CB4OGwUNBo+DhoHHwSNAkeDRoGjQLmgctgpZ/6Pjen8z/uOupe+kk3Vv30S/pvrqf7q8H6IH6ZT1Iv6IH61d1sh6ih+rX9DD9uh6u39Aj9Eg9Sr+pR+u39Bg9Vo/T43WKnqAn6rf1JP2Onqyn6Kl6mk7V0/UM/a6eqWfp2fo9PUe/r+fqeXq+XqDT9Ad6oV6k0/WHerH+SGfoJXqpXqaX6xV6pV6lV+s1eq3+WK/T6/UGvVFv0pv1Fr1Vb9Pb9Q79id6pP9W79G69R3+m9+rP9T79hd6vv9QH9Fc6U3+tD+pv9CH9rT6sv9NH9Pf6qD6mj+sf9An9oz6pT+nT+ow+q3/S5/TP+rz2WYv7rI93o4wyMSbGxJpYk8vkMrlNbpPH5DEREzFxJs7kNXlNPpPPFDAFTLyJN4VNYZOFDJkipoiJmqgpZoqZ4qa4KWlKGmecSTAJpowpY8qasqacKWfKm/KmgqlgKplK5nZzu7nD3GHuNHeau8xdpoapYWqZWqa2qW3qmDqmrqlr6pl6pr6pbxqYBqahaWgamUamsWlsmpgmpqlpapqb5qalaWlamVamtWlt2pq2pp1pZ9qb9ibRJJoOpoPpaDqaTqaT6Ww6my6mi+lqupruprvpYXqYnqanSTJJpo/pY/qavqa/6W8GmoFmkBlkBpvBJtkkm6FmqBlmhpnhZrgZYUaaUVkLVfOWGWPGmnFmvEkxKWaimWgmmUlmsplsppqpJtWkmhlmhplpZprZZraZY+aYuWaumW/mmzSTZhaahSbdpJvFZrHJMBlmqVlqlpvlZqVZaVab1WatWWvWwTqzwWwwm8wms8VsMdvMNrPD7DA7zU6zy+wye8wes9fsNfvMPrPf7DcHzAGTaTLNQXPQHDKHzGFz2BwxR8xRc9QcN8fNCXPCnDQnzWlz2pw1+S9+XnoTa3PaXPYqm9tebfPYa+zfxgVsQRtvC9nCVtt8Nv+vYmOtLW5L2JK2lHW2tE2wN/0mrmAr2kq2sr3dVrF32Kq/iWvbe2wde6+ta++ztezdv4rr2fttffuIbYAIYJvZRraFbWwfsU3so7apbWab2xa2nX3StrdP2UT7tO1gn/lNvNAusqvtGrvWfmx32d32tD1jD9lv7Vn7k+1pe9mB9mU7yL5iB9tXbbId8pt4lH3TjrZv2TF2rB1nx/8mnmqn2VQ73c6w79qZdtZv4jT7gZ1j0+1cO8/Otwt+ibPmlG4/tIvtRzbDBrDULrPL7Qq70q76/3NdZtfbDXaj3Wk/tVvsVrvNbrc7Li2E7W67x35m99rP7UH7jd1vv7QH7GGbab/+Jc46vsP2O3vEfm+P2mP2uP3BnrA/qkvZWcf+g/3ZnrfeAiEBSVIUUAzloFjKSbnoKspNV1MeuoYidC3F0XWUl66nfJSfClBBiqdCVJg0GbJEFFIRKkpRuoEuTa8klSJHpSmBbqIydDOVpVuoHN1K5ek2qkAVqRJVptupCt1BVelOqkZ3UXWqQTWpFt1NtekeqkP3Ul26j+rR/VSfHqAG9CA1pIeoET1MjekRakKPUlNqRs2pBbWkx6gVPU6tqQ21pSeoHT1J7ekpSqSnqQM9Qx3pL9SJnqXO9Bx1oeepK3Wj7vQC9aAXqSf1oiTqTX3oJepL/ag/DaCB9DINoldoML1KyTSEhtJrNIxep+H0Bo2gkTSK3qTR9BaNobE0jsZTCk2gifQ2TaJ3aDJNoak0jVJpOs2gd2kmzaLZ9B7NofdpLs2j+bSA0ugDWkiLKJ0+pMX0EWXQElpKy2g5raCVtIpW0xpaSx/TOlpPG2gjbaLNtIW20jbaTjvoE9pJn9Iu2k176DPaS5/TPvqC9tOXdIC+okz6mg7SN3SIvqXD9J3vRd/TUTpGx+kHOkE/0kk6RafpDJ2ln+gc/UznyROEGIpQhioMwpgwRxgb5gxzhVeFucOrwzzhNWEkvDaMC68L84bXh/nC/GGBsGAYHxYKC4c6NKENKQzDImHRMBreEBYLbwyLhyXCkmGp0IWlw4TwprBMeHNYNrwlLBfeGpYPbwsrhBXDR+6rHN4eVgnvCKuGd4bVwrvC6mGNsGZYK7w7rB3eE9YJ7w3rhveFZcP7w/rhA2GD8MGwYfhQ2Ch8OGwcPhI2CR8Nm4bNwuZhi7Bl+FjYKnw8bB22CduGT4TtwifD9uFTYWL4dNghfOaX/vsX/f3+pLB32Cd8KXwp9P5eOT+6IJoW/SC6MLoomh79MLo4+lE0I7okujS6LLo8uiK6Mroqujq6Jro2+nF0XXR9dEN0Y9T7WjnAoRNOOuUCF+NyuFiX0+VyV7nc7mqXx13jIu5aF+euc3nd9S6fy+8KuIIu3hVyhZ12xllHLnRFXFEXdTe4Yu5GV9yVcCVdKedcaZfgWriWrqVr5R53rV0b19Y94Z5wT7on3VPuKfe06+CecR3dX1wn96zr7J5zz7nnXVfXzXV3L7gebkKeC6/JJNfH9XF9XV/X3/V3A91AN8gNcoPdYJfskt1QN9QNc8PccDfcjXAj3Cg3yo12o90YN8aNc+NciktxE91EN8lNcpPdZDfVTXWpLtXNcDPcTDfTVZl1YS9z3Vw33813aS7NLXRZa8Z0t9gtdhkuwy11S91yt9ytdCvdarfarXVr3Tq3zm1wG9wmt8ltcVvcNrfN7XA73E630+3y11wY1O11+9w+t9/tdwfcVy7Tfe0Oum/cIfetO+y+c0fc9+6oO+aOux/cCfejO+lOudPujDvrfnLn3M/uvPMuJTIhMjHydmRS5J3I5MiUyNTItEhqZHpkRuTdyMzIrMjsyHuROZH3I3Mj8yLzIwsiaZEPIgsjiyLpkQ8jiyMfRTIiSyJLI8siyyMrIt4X2hL6Ir6oj/obfDF/oy/uS/iSvpR3vrRP8Df5Mv5mX9bf4sv5W315f5uv4Cv6Sv5R39Q38819C9/SP+Zb+cd9a9/Gt/VP+Hb+Sd/eP+UT/dO+g3/Gd/R/8Z38s76zf8538c/7rr6b7+5f8D38i76n7+WTfG/fx7/k+/p+vr8f4Af6l/0g/4of7F/1yX6IH+pf88P86364f8OP8CP9qJg3/ehLp8gw3qf4CX6if9tP8u/4yX6Kn+qn+VQ/3c/w7/qZfpaf7d/zc/z7fq6f5+f7BT7Nf+AX+kU+3X/oF/uPfIZfcumisl/pV/nVfo1f6z/26/x6v8Fv9Jv8Zr/Fb/Xb/Ha/w3/id/pP/S6/2+/xn/m9/nO/z3/h9/sv/QH/lc/0X/uD/ht/yH/rD/vv/BH/vT/qj/nj/gd/wv/oT/pT/rQ/48/6n/w5/7M/z3+zxhhjjDH2T5lwuSl+3XPhcn7v38kRf7VxHwC4emvBzL/uz1pRrst3od1PxLeLAMDTvbo8dOlWvXpSUtLFbTMkBEXnAVz6JihLDFyOl0BbeBISoQ2U+d359xPdztI/GD96K0Cuv8qJhcvx5fG/AMCk3xn/sSdGLSwfno77H8afB1C86OWcnHA5XgJtf7m+0gbK/p3552/1D+af88sUgNZ/lZMbLseX558Aj8MzkPirLRljjDHGGGOMsQv6iUqdLp1/XvqNz987P49Xl3NywOX4H52fM8YYY4wxxhhj7Mp7tlv3px5LTGzT6V9vVP1fZf3TjSbwfzUyN3634T3ApXsUAPybAwJkNeSfeRSb/5R9JV986fxt1/IzPoD/jFL+EY0r/MbEGGOMMcYY+8NdXvT/+n51pSbEGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4xlQ3/GvxO70sfIGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMXWn/LwAA//9+qv+4") mkdir(&(0x7f0000000300)='./bus\x00', 0x93) chdir(&(0x7f0000000380)='./bus\x00') mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0) 3m9.945243018s ago: executing program 3 (id=246): r0 = io_uring_setup(0x14cd, &(0x7f0000000380)={0x0, 0x9db3, 0x40, 0x20000, 0x2b9}) syz_read_part_table(0x1070, &(0x7f0000000000)="$eJzs0LFNQzEUBdDrJN/kNygjZAYqdmANOpZgBJqUzMEYDITEQzZRFIkWKc05heVrv2dbDje1Lj3ZnMNddpd5kt1V3Tb98fvjPoe53i/t2Sd5+kxq9I9Q9fKWHNNy2n5VVdLa67n8fZ40LfntWdaR+sz7VK0Pp8Pcvr49bQybP+96Pv7zdwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADATfwEAAD//3plEeI=") io_uring_register$IORING_REGISTER_BUFFERS2(r0, 0x14, &(0x7f0000003480)={0x4, 0x0, 0x4, &(0x7f00000001c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x0}, 0x2) io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r0, 0x13, &(0x7f0000002640)=[0x4, 0x55db2314], 0x2) 3m9.496807792s ago: executing program 3 (id=250): r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000001740)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000bc7ef9642d29ba564165605dca29708efdf9b15a5c10a126121b2751f642635bcd9a8bf7a928a5d054b0d2c54d519ea75c52f41ed6f2886973626b684c8bd9108c0b0b2ea7e556948f0367aff4fbcede3294f6e73d06ad16dc2d26725ff833b5f83b499918e6a6ec245b781d41aee9624c847e2f2312d6b9db45bad354fc1a3f20407ffe406483a0524937ee7559e4bf70136746b37fdfbbb152758d37ed8bcac41fb7243bdcd536249c7996e898b61927eaa5a8790054ba13d3ade593220f96027090a34aaf7ea92f41aab73e7a85eef87e956bb7c5c76a347264fd99359f4e57b0dcc2bcc188ea880a4b11a8bb81eb22b0ddfc689e3218cf310dcc61cab354149d9107d8a88b0aa5b5661555f00443aee5e714009e52cee5e88f008148ddbc0fa81bf938bed4a1ac778d5337cc0311d0772eeac3eab38426e8d1472ff514aa5379ed21551790cc10148410b4fc27582fd7106a8887a9a0b613dfe10aee77542d887208f5534f5dce4d43f258fc9ef975834e1917666e2aff1cebfc3ce2c1e8ff66bba1d9050000000000000078db7024bf321636bede8651e672ed4f01ba5da2c3f9042a8552bd3f2c9ad546ad0ea20b4d35fb0a15c6239f67c7747a40fe26a88adf727fd1b801b4e56fbffcad99ce68fe2af0d94fdc78d27268de435021dca51acaa7a9e0944bdf579c170db6405944b6791a7713ee54f650fdf71b57c3629fb185efce700620ef5744623be08ec935dd563e6ba0b461bda98b364acf3dcdafa9b0e68c21ea509212c2938aa09cc31aa4ee5bfb8e507181909f5854b13997af4888cd61c8aab5fdfd701a16d546e5a533cd9b985dcc582b67979551dcc750fc51f2c9b6814edeffc76a86ea9f58b7c66fa24540daf14c2163d064f8cf0b4878f81e6b8bc4dabc10dac82b39e033963a6d02434cb783a198829d1373790a85c0e01a362d89e80165d280283af3c2060000000000000034b12a73b0c53bfae5d2f6e55728052247adfe0966c6c5eca57918c4540c979a70a281ba00e408c9fe1b20fa208976dd6a56f9bd9a74d81447c9b265d8c23f0e983e0b1d2d62d1e57c9188e4882634476e62ab1b7415a58208eaaf166d14720092f79a6197fe8b4ea7d5485cc6b3630afed8d3403cfa4d7bf48efb371706e0e65901eea3743c98261cbb7a246cf62f99bbc918741d32539ec0754e7d7f08dd45aaf49623342eabf466e54d8da4346e73da54ba2e4b5e2ae2823864d4147b490e55c9509f75c8828500ac32cab11b0262e75fa9e39e3792d01e0b210fdfb686bfffdc677432f6332c1a27502b43997060acdf7784c79fed0325e06f6b64b6434ebf4730509bcf95b9a1d0ba7c469d55351cc1dce6c90f5872e7ad5eed5f850d9d1f928b4e0263b241e8fe03e5e66252c8a3bd320e8deee5b91c653b8f22f58cff36c2ba4d6774f14229939595d2beb998c9312212de00468fc488591aca07ab75fba4a318d3ee4581711927b77a7f14dbcd639892f8cb0000000000000080411736eb1ee86eec338197a56293c9cdb72e84155681553b896d58b62a96852320e74dc4c9b41d6f90d2353dc573a94a092a84209c12da57f8c78e161b0899eb1c8b694d26c5fbf7f65fefacdbf39151f335dddc3b179a13f6de93ffb338e94738c86e35e9fcc654e4d6618dc1201cbd16e1281df911e6c699da16fbbb7a2e5c77966c98d3e7edd58cabfe6bf1bb7f6329084e3e4a2a36da07bbac3ebc00472f55b7966f250109fcce0ad5d4526d20ef74d1a634d724"], &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1}, 0x6d) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x0, 0x0}, 0x8) bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x1c, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000002ff0100000000000000000095"], &(0x7f0000000180)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r2, r1}, 0x94) 3m9.092830064s ago: executing program 3 (id=254): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000000)=[@in6={0xa, 0x4e24, 0x9, @local, 0x4}], 0x1c) setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000040)=0x3, 0x4) getsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000080), &(0x7f00000000c0)=0x4) 3m7.855059529s ago: executing program 3 (id=258): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x3, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000e00)={&(0x7f0000000980)='sys_exit\x00', r0}, 0x10) sync() 2m57.518436871s ago: executing program 32 (id=231): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x148, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_red={{0x8}, {0x11c, 0x2, [@TCA_RED_STAB={0x104, 0x2, "1e1f167147edf01ff373eace88d075ff99a144456a38ec47e07f003253492ba9242048f60ed8c0ea71ddb8716d0205a243d4431e81b319b1cb64e2c01ff51162e2ae910c292c8ecc040a585cc94a9086ba92cd7f31c4ea17efb38b1bbe69e846bdd1ac50319cdacc3b305d2ae1402a9c82493e91c357dc175918a430d11a6bdfef8c3ae43c4fcae3909b38b23024bb7cf2bed0915cabc2e40b3a50056dc030b64113d32aa2ffbbbfd68045df32a522c82c9002c18bbf12afb3c607dd6fb05f3045a299dee90cc2b5a10de9ca82ac248e10bdacb15c6a4e55927253b5a4b9bebd3b2961705dbfbd4c4a70f1cbd86db32e03af4ca73087fa21aa03924b36d7b67c"}, @TCA_RED_PARMS={0x14, 0x1, {0xffffffff, 0x5, 0xf, 0x10, 0x13, 0x1f, 0x7}}]}}]}, 0x148}}, 0x0) 2m52.633233567s ago: executing program 33 (id=258): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x3, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000e00)={&(0x7f0000000980)='sys_exit\x00', r0}, 0x10) sync() 2m30.186762812s ago: executing program 2 (id=479): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) syz_mount_image$bcachefs(&(0x7f0000000140), &(0x7f0000000100)='./file0\x00', 0x400, &(0x7f0000000380)=ANY=[@ANYBLOB="cb190a25f8797b1842dd9b780a315f33ade7ea4740d042271298b0d69f6916a67a9207ae1d8a8d4703577a8853d6e689023df4bb8def", @ANYRESDEC, @ANYRESHEX, @ANYRES8, @ANYBLOB="001d99745f834b8056be239a7d835a0bfb39de7c6a048dc6cca6919d7927aad862aeeed8e9583e7fe162d5638e7737ce9b3233e97e1804ae7bee3132e912e97dae39daf50ac1923fb85d272827347af8e5c7a77927aeaeb7a56c444e8d198ce1dd530631341e2e6bad0858bc4dead37fcf2e3cfe776486b240c264d698ff7a4e182ee14fca", @ANYRESDEC, @ANYRES16], 0xfd, 0x5a7a, &(0x7f0000006680)="$eJzs3WuQXNV9IPBzu3s0Lz1GAgcZzGiQ0Ybg2BrxKj9SsZJN7BQQSi5SDmJlw4BGRLYkVHoEECSILHhRAS6cIpXg5ANxYXYxiosq2BiFMuGxEmtjq9h4qS1MrZ3F/uAtwqIKoKVcXs/W9NzT032779yenh4hid+vYG7fM6f/99xzT9++/9NX0wEAAID3hEN37Dx62em/+90/G3/71t/7h623hcFytbwvVhhKlze+Wy3kWOqtLK8us+PiV2/+xk9Hrv3t7zw68PV3Dm48a9MPf+eUa5/8wsUH7v/rZ95a9PgvXy2KG8fTudPryetJCH3fPvIXXzr4wmmTZcniyZ+lvSEsTZY9szQJ4fb6EKM/DyFsTFeWZ+I/9vb5myaXt93V21C+JFPPeH9vmzzOSQhhz9EbPhR+9Fvrb//+im/+Xc/+1/ZOV0n66sZTCIuvrn9+TwihP/1/UhxtcTwm6XJdCGGg7nkfLWjXB9to96TVmfK4fka6XJAuBwvixd+vzKyXMvWy61FPZjlQsL25ymtHp/WKLMysJ12KG+W1M5YvTZffSpfnzjJ+Od2HchJKSajUmr8lmR4joe64JSGpHsu+2nqpdmxDuv+Z9SSzXsqsl3sy+1XdbjrQyknSWB7rZcrj6biSlp9Vf65u4fK6x/X13h/L0hfqO9k6maCDTQ9q+1UV23VkhrYcC6W6c1Cr8tqBTw/GYFo2mCxres5EC/F3B9ffvaq84dlDQzntSB5N0vhJR/H3fG/pws8/sm939n29Fv/qUhq/1FH8H19y+I0r933tq7nx743xyx3FP++pgdcvee6Olbn9cyT2T6Wj+GOvPn/PilOv2Z/b/gdi/L6O4q89cLh30dGnns5t/2jsn/6O4r/yiU/95OGXnngtN36I8Qc6ir/hwPYv9w4fPSc3/tOxfwY7Gz9v7r/o5eHhn43kxX8xxl/UUfyH9vZ+/MEld12ce3zXxf4Z6ij+pWc/efvCo0+cmXfuTB7o1jsnwHvTKek11p3peqd55lzV5Qt/NVKZuuZbmP6/qJsbylx8ZvMEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiG933ov376f3126PVKut6bPnilNLWM5QtCSPpDCDt3je3YtXnbdSNfuH73jm1jW0bGdo2Mb9u146aRC359ZMf49i1jN03+dvTD5089b1lIppbJmU3b7p2YmCgNNZbF7f3bs/f/aNVH//e/hDD6vh8MV3Lbv/r+rQ+e2uJnRrJ24pNbd1/2gwv/Nt2vobRdQy3aNTExMRFy2vV/rvjFg39+5KfnhDD6KzO16/lXfvMfGxpULZiOkyr1hqkG9SYDLdtRa3XanthflU2bt4yPzty/k88v5+zHv7v5tZ9vuvErv5jq377c/Wizf/vXTmwp/eX6S//fX94yVVDUrnfruE/2dzkn5mS74l7E9sX+60v7e3G6X4tz9quSs193fP/pl759+r639obRypsrmo910X71pAOgJ3l/W9uNWxhIljaU96X14xGPz1u9a+v21Ttv2vPhzVvHrhu/bnzbx9ZcsOai0QsvunB1dc9Xd3n/4/b/TZv7f2zG05I/3vut+LO98dTYrgWz7o/JdhX3R32L8l5/A5d/6b6P3f/cZVMFReeVWLt2PkmXA5PHeU2oG2/NfdVqv4qOTwhhpFU/vPHWxeG0/7H59qLzUP2Rqf+ZkaydeGHlv/7tR/9m+W9MFRyT83x9gzo8z9daPd2ean/1pcdj4jjt3970bNqbDLZs15oXnuu5+9C//EmtfQsWhBvHdu3asWbq58K0pQuTM1q2K1sa92tF9Wc5pN0SasO0xXid1BOm2pc9f8bq2V4dTH83mCxruV9Z8XcH19+9qrzh2UN5PZ08OrXF/rBoapl8IKfmlswTy7UGt9r+8fr6Kxofw5/+m8c/+/jfX9A0Ps6b+lm0X0nOfn3zpYfu+/pX/sPfd2+/Pv2bh4f+9X/+0aqpgmNwXglzOq+UpxpSa3XanqT+vHJeCEWvvxWh9X7kvv5Krfen6PWX3c50/dbxRjLrg6Hc0ev1vKcGXr/kuTtW5r5ej8z0eq3f2VsanlcueL0eL+9L2ddXUmlsx/y9vhoGSrJ24jt3nrL3mVvXnT5VUPR+Wavdalyf30b+kbNf/3jly8PXj/z7/96988Y3fv2xq344tvZPpwo6P+6xLd057n1p//bl9G+t1THvrO/fj1x7/ZaNU+VF/fzuXf+my4L8J55Kdt6054tjW7aM79jZ3n61+34at5Pt5U7fT+PZbVnBfpWa9mv+HrTTX+2+3mL7N3bcX42vt8GQdPS+sOd7Sxd+/pF9u4eanpVu6OpSGr/UUfwfX3L4jSv3fe2rufHvjfErHcUfe/X5e1aces3+3PgPJGn8vuL4i0NT/LUHDvcuOvrU07nxR2P7+ztq/yuf+NRPHn7piddy44cYf7Cz/n9z/0UvDw//LDf+i0m6nclrpBAee/v8TVPrSehJX2+xHT0N7QrZ9SSzXsqsl+vXS3EWId1AOUkay2O9tPysura08oc55fEqrG/51PKduB6yD2YuP96U6s79rcqLrlMBAE528fP/eA0aP/8fTy+U8mcaYNpc87DlOXFjHjY9n9P4GevyNH58fpwHHP5IGJ1c3jYydaE/288R4ushO88Zt3POBxtjtJyfOFC/ker2m+Y5i+bfV2bWY7um5ssrdXloqjmvqYQ25t+btzPz/Htm94s/zxq5s6lZI3XzVtnj15POmLW63yHT3spkhLzxkZ0Xi/dzDC8O66rba3N8ZO+jicchex9N3M7pmRNnp/fR5I2PoeZ+aGhXHB+x3gzjo9rk4s8jm49fmKF/p49f62jZ4zeL4903WX++P5/twrxhy1PasZs3nN/Pw46LeckW8Y/xvOTCpvjpC+x4nzeM5bGfKm3OJ342p7xb84nxdBHbdWSGthwL5hOBk1XM/+N7xGT+P3kB/n8z9YrylOxVY4yXe59Qzk3YRXlH8316Ax29j284sP3LvcNHz8m9znm63fv0tjesDRTc91PUj6sy64X9mDNBU5TvZbdT1O/Z+zIGw6KO+v2hvfd//MEld12c2+/rpt5Ii/v9voa1RQX9fgLkC63jyxdOpnyhOX6X7mMomj/Lz0fKtXbMSz6S3vg0X/nIH+SUzzYfGWh6UNuvquM3H5l+I23IR3qObbsAgBNHzP9rn5+l+f8/xwuL9DqiKG89N7Me4+XmrTnXJ3l56++nyxsz9QfTf1Ex2+vmS89+8vaFR584MzdveaDdPPQ/NawNFeahc8ubc/OIdd25Xzw3j6jlWXPLE3PbX8sT55an53xMW5enzy2Pzu2fWh7dOA9w3+HpTGOm+HEeIDd+bR6gi3nuL6crHbs8t2C+LrOxuNrufN2xzqMnS3oWN+5nY1480J08Ov3ns/OVR1+eUz7bPHqw6UFtv6qO3zy6sVweDQCcrGL+Hy/jqvl/bwjPxQr98cHcPmfPzQu6dN2e/XsgtfgvzkteOR2/S5//Fud98523zndeP9/zEif657/zPS80VP0DnvM1T/au3e86L3nxP9cetZ0XpxuVFwMAcDyL+X9M8+Pn/89l6s01P2nK33qmLiGn85MTLz+vr3cC5+dXhGOVn/eeyPn5iT7/Nb/3yZxc+f+0Dj8Xf2fiJM7/q22W/wMAnJBi/h//2WP8+3//JV3P/t36NvP0B7K38/oc3efoQZ7eRp7e5Xm2GL/+PoATeB6gPPd5gP5jfn98/3T9k2keoKonmAwAADgB9FQzpeZ/Z/+5dJn9d/Z5/y7/ypz67aqkl8fX7NoxPn7V7u0bx3aNX7Xt+o3jO6+6YcfmXbvGa9fOc8sbc/OWNG/sCZW0P1rXy+ZtS9K/h7Ak5+8hZOvHsGdUHzT/PYTsZvsL/o7A9PFrr715x680Q/1W4yPveOfF/8Oc+lHt+F/7R+ddtWnnVZu3bd61eWzL5j3jjfWGqv+Suv3vzYyfU87q+1IzP5qUZv/9nfHwzK0dpaZ29KT9kff97EmmHUvTlizN+/6DnHZ/97/9+R+fPfGLh0MYfV/5A3Pqv2TtxH++Yvz3dx36wfbJ9pdmbH+tZtquou8rzdaP+1PZcv3OXR/adP3ubdlvlOxMnM8o1dbn6b6G9OVfbnN+YkNO+Wz//X656cHxqe35CQAAGsTP/+P1bPz88CvpBVQsL8zTt03Vm+vnx7l5+mh7eXr2e8mK8vRs/bi/7ebpfXPM07PbL8rTW9Vvlafn5d158f8gp/5stT9OOrjPo5L2wyP7dueOk6vbGyfZ7zMoGifZ+rMdJ8kcx0l2+0XjpFX9VuMk77jnxf9MTv08ReOhUhsPc7svJ3c83NveePi1zHrReMjWn+14KM1xPGS3XzQeWtVvNR7yjm9z/MYJgu7M/04OjOq4GL/qhut3fLGu3nx//0VoviWjnfYtmH7u/H7/R6fa79/5ve9r7u0PYW21JK/98fOBBbNqf7v3lc29/UX9P4v7yhaHpvvKctv/4txmwtpv/6zuS7wt/q7d73fJyKve/PxjNV+bDrui+8+K5nHX55TPdh53QdOD45N5XHj3xPw/Xs3F/P+udNntj4FO/O9J6+D++3gO9j1m+f3f5nXMe+79PPuRu/dzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJNCb2V5dXnojp1HLzv9d7/7Z+Nv3/p7/7D1tl+9+Rs/Hbn2t7/z6MDX3zm48axNP/ydU6598gsXH7j/r595a9Hjv3y1MPBQ9Wfl3HS1L4Tk9SSEvm8f+YsvHXzhtMmyJIRQTob2hrA0WfbM0iQTYfTnIYSNtXY2/vKxt8/fNLm87a7ehvIlmSDZ/QqD5die+naGcGPhHnEC6kvH2Z6jN3wo/Oi31t/+/RXf/Lue/a/tna6S9NWNpxAWX13//J4QQn/6/6Q42pbHJ6fLdSGEgbrnfbSgXR9ss/2rc9bPSJcL0uVgQZz4+5WZ9VKmXnY96sks6/a1v2DTHclrR6f1iizMrGdPRnOV185YvjRdfitdnjvL+OX4fxJKSajUmr8lmR4joe64JSGpHsu+2nqpdmxDuv+Z9SSzXsqsl3sy+1XdbjrQyknSWB7rZcrj6biSlp9Vf65u4fKc8veny770hfpOXA/ZB1MGmx7U9qsqtuvIDG1J/cfWxZXiZ7ahVHcOalVeO/DpwRhMywaTZU3PmWgh/u7g+rtXlTc8e2gopx3Jo0kaP+ko/p7vLV34+Uf27V6eF//qUhq/1FH8H19y+I0r933tq7nx743xyx3FP++pgdcvee6Olbn9cyT2T6Wj+GOvPn/PilOv2Z/b/gdi/L6O4q89cLh30dGnns5t/2jsn/6O4r/yiU/95OGXnngtN36I8Qc6ir/hwPYv9w4fPSc3/tOxfwY7Gz9v7r/o5eHhn43kxX8xxl/UUfyH9t7/8QeX3HVx7vFdF/tnqKP4l5795O0Ljz5xZt65M3mgW++cAO9Np6TXWHem653mmXNVly/81Uhl6ppvYfr/om5uKGNyO4vnMT4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACenf7rlgs9d8cnPrK8kISQ5dSZaiL8rL1i7dqSD7Y69+vw9K069Zn992fIO4gAAAADFYh5eqpX0heXhhqQ/nNGyfpwjOCOuJY3l2TmEGCc7R9BpnFKLOKUO4pS71J5Kl+L0dCnOgi7F6e1SnL6COH2hvTj9M8SpTI6ANtszMGN72o8z2KU4C7sUZ1EmRKdxFnepPUu6FGdoxjjtj8OlXYqzrEtxTulSnFO7FOd9XYrzK12Kc1qX4mTnlGc7DhelNU/Pi1N9UC6MU0nKtV+0mk8/Ld3OmXPczmDBdhYVvR+3uZ3+NrfzwczzSrPcTl+b27lgjttJ2tzOr81xO6WC7cRxe2O2fXE7ca3N8X9Tl+Ls6VKcm7sU55YuxfmTLsX50y7FuTU0XpzONg5Au2L+P53vDYXeym+EgfSMk50FiPnuiurP5ve7vBNSjPeBTPmConjZRD0Tb8Vs25edQMjEW5kp72mIV6nlIzPE66uPtyrzy5n29xNrW7etPt65mfLeGeI17AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHAP/dMsFn7vik59ZH5Iw+V9LEy3E35UXrF070sF2D66/e1V5w7OH6st6Kx0EAgAAAArFPLynVtIXeitrQm+yoKFeXzoP0Jeul4emlsOLw7rJZTJSqq4PJEtnfF4lfd7qXVu3r955054Pb946dt34dePbPrbmgjUXjV540YWrN23eMj469TOE3oJ4IYTq9MPOm/Z8cWzLlvEdO6cKs+1fnj5vebqepM8b/kgYnVzelrZ/WcH2Sk3bm78HxUcPAAAAAAAAAAAAAAAAAAAAAAD+P7v2GyJpXQcA/PvMzM6Mq5cb/hsP7xzOU6ys9FpDS9wHggT/HC5CzFqbHHmStHqH3onZpAepKUWgHBwXvujCJE1645+UyD8cGGYJ7XWESvmiXhRahoovQpnY3Xnm38442yS35/X5vJjnme/v+/t9f7+H4+D7zAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABxa8/XJ2drU9Mx4EpEMyGn0kY3li2laHaHuV57c/oPS+nfO7IyVCiMsBAAAAAyV9eFjrUg5SoV85OPkxW8bomMg2n0/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw/2e+Pjlbm5qeOTqJSAbkNPrIxvLFNK2OUPfVtx7+7Evr1/+tM1YZYR0AAABguKwPz7Ui5ajEaTGWnLzQ+bei2buBtT3zl/LasnXWrTCv993BoLzTVph3xgrzPjYkb3PzenMAAADAh1/W/xdakYkoFdYs64ez/n9YX5/lndqTl29eq51J76u4kiQAAABgBbL+v9SKVKJUqLT69ZX2+xvaocWfzrP5w363z+af3pOXzR/2e/5lzavf6QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgw2O+Pjlbm5qeyScRyYCcRh/ZWL6YptUR6m56avwfl+y/Y0NnrFQYYSEAAABgqKwPb7fe5SgVxmMsjl7s+9dfdN+jX3r08cmIWGrzi8W4ecuOHTdsWviMTVneOS/sH/v+c69/e1neOUufq3ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgAzNfn5ytTU3PHJVEJANyGn1kY/limlZHqPvK57/4lwcPPvFaZ6wywjoAAADAcFkf3u79y1GJYhTjxMVvnb3+glzP/EHvDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAjx43fvOUbW+bmtt7gZnVuGvmIw2Ab/+NN9s/pcNnPh/+mvNrbWN3/lwAAgA/eqZFE47900uWrvWsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBwMF+fnK1NTc+Uk4hkQE4jU2oHsrF8MU2rI9RNn3yxtOadp57pjFVGWAcAAAAYLuvD271/OSoxFmNxwuK3fu8EGgv9/8Qh3CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwWJmvT87WpqZn1iQRyYCcRh/ZWL6YptUR6j6wa+/n7j/2exd3xkqFERYCAAAAhsr68GIrUo5S4eNRilOa3+e6JyT55rX/e4H2vO1d08ZXPK/eNS//fvOSQkRr3l09Jys0T7M0r5ytN7F0bdWrtuflmvOqHfMq0Spfbc1bfFi7u6qtGXK+5U8eAAAADp2s/y+1IhNRKpQ6+v+fNq9HNa+D+tzcod04AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDYma9PztampmeSJCIZkNPoIxvLF9O0OkLdW3770WO++rO7d3bGKiOsAwAAAAyX9eHt3r8clVgXH4l1i31/THTnZ3n/rL17/73/+uuZEWefeGB9oXfZH2U3v37lwqd7PyJy3dm5iGOb9ZIB9X7z+3tv2th498GIs0/In7KsXrx/ve4l08Zjta2X7XjuwPYhDwcAAACOEFn/P9aKTESpcP3A/j/rvIf0/y2LDfixN+36xfHNz2ZH3jMjN9GslxtQ7wsbH/7z6ef9/fWF/n95vU+27j6997r7j+8quBTpkaSNqet2bj5w7r5cduql+vme+tlz+fK3Xvv3NTff8+5S/XKUm/G1PVtZqrb8s6d8pI253J6ZS9/bU++uXxhw/jt+98zBX629++2F+m+dOt6qf0b0q7908sLA+nFU2hi/4s7d5+/dv7m7fkRU+9V/4+2L46Q/Xnt77/nH42DXwp1PvvOz9wGkjRc2vLnvvPsqF3TXT3rqZ8//5wcf2P2Te777eFY/+1uRM0+LFdbP9dR//q7jdj172+Vru+vnBpz/6StfWr+t+p0/9J7/6q5VCwN3sfz8D531yFUvb0lv7R0CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4sszXJ2drU9MzuSQiGZDT6CMbyxfTtDpC3VcvefGNK+/+8Q87Y5UR1gEAAACGy/rwdu9fjkoUoxjji33/Y7Wtl+147sD2mFgaTZrXwty2G3d84pptO6+/epV2DgAAAKzUq5cki/1/oRWZiFJhY4w1+/+p63ZuPnDuvlzW/+cWrklEXHPt3Nazo5X3/F3H7Xr2tsvXtt4TRCz+WUB5Ie8z7byLLnxx4s0/ff30vnmb2nkvbHhz33n3VS7I8qIz75xovZ946KxHrnp5S3pra3+deZ/62ra55uuJbN3xK+7cff7e/Ztz2XuM5nW8uW6WN5fbM3Ppe3vquYkoLYznm3nl5rkBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOXm65OztanpmchHJANyGp2agWwsX0zT6gh1L934y9uPeeeJdZ2xUmGEhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP+wAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhf36CY2j7OMA/jy7yZtNNmmT9gWjYppWRamHFgURvaioSCtS8FQpUm3tQRQEEaUeTKUVS1W8CFYvRVRQoxQq2FgsrZKK/4oXDyooVA9CKQY0S/Ggks0zm81kpxs3KiifDyxPnmdmvvObmWefzQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwL9KT9dwvT2x56Ha7Rfc/MkT904/fut7D+y67LE3fhjdduPHB/tePTu5ffWOr29aue3IfRsm9r90/JeBd3471Tb40dlmbepWQohnYgiV96eef3Ly0/NmxmIIoRwHx0IYiiuOD8VcwvpfQwjbG3XO33ho+qodM+2ufT3zxpfnQvLXFarlrJ5Zg/Pr5b+lkubZztojV4Rvb9i8+/NVb7/VPX56bG6XOLNPOc2nEJZtbT6+O4TQmz4zstk2nB2c2k0hhL6m465pU9fFi6x/XQi1XL/uwtT+L7XVNjnZ9jW5fim3X76f6c61fW3Ot1RFdbTdr7ez8/Xn+vnFaKkada5rPT6U2ndTu/ZP5pezTwylGLoa5d8f5+ZIaHpuMcT6s6w0+qXGsw3p+nP9mOuXcv1yd+666udNE60c4/zxbL/ceLYcd6Xx1c1rdQt3FIyfn9pK+qKezfoh/8es6oI/GtdVl9U1dY5a/gmlpjWo1XjjwaeHUU1j1bhiwTG/t5Btm9z89KXlLR+cGCyoIx6MKT92lL/zs6H+u97c+/BwUf7WUsovdZT/3caTP9259+UXC/Ofy/LLHeVfebTvzMYP96wpvD9TcyvIYvJj6mfb7j710TOr/n/PeKtnXc88kN3/Skf1Xz9xsmegdvRYYf3rs/vT21H+N9fd8v3rXx4+XZgfsvy+jvK3TDz4bM9I7fLC/GOzX4VqfYZ2MH9+Hr/6q5GRH0eL8r/I7v9Ai/zYNv+1sf3XvrJ834bC+bkpuz+DKX/hD9u58m+75Mju/trhi4rWznhgsb+wALSyMv2P9VTqt3vPPDRdavmeuVRN7wsvjHbN/gL1p8/AX3minJnzLPsb8wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD/YgQMSAAAAAEH/X7cjUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgqAAD//0wFDK4=") quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f0000000100)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000200)={0x9, 0x3, 0x800078, 0x2, 0x6, 0x10001, 0x1000, 0xf67, 0x16}) 2m29.231065618s ago: executing program 2 (id=486): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]}) bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="170000000000c2d41fe300"/20, @ANYRES32=0x1], 0x50) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0182101, &(0x7f00000004c0)) 2m24.391203239s ago: executing program 2 (id=526): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000400)={'wlan0\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000e40)={&(0x7f0000000040)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002abd7000f9dbdf252100000008000300", @ANYRES32=r1, @ANYBLOB="08009e0032b4"], 0x30}, 0x1, 0x0, 0x0, 0x24004080}, 0x40004) 2m24.113116743s ago: executing program 2 (id=530): syz_mount_image$jfs(&(0x7f0000000100), &(0x7f0000000400)='./file0\x00', 0x1010006, &(0x7f0000000d80)=ANY=[@ANYBLOB='errors=continue,discard=0x000000000000aff9,iocharset=none,usrquota,iocharset=macromanian,errors=remount-ro,errors=continue,uid=', @ANYRESHEX=0x0, @ANYBLOB=',uid=', @ANYRESHEX=0xee01, @ANYBLOB='\x00\x00'], 0x24, 0x6235, &(0x7f0000007a80)="$eJzs3cuOHFcZB/Cv+jYXE8fKIgoWQpPEXEKIr8EYAiRZwIINC+QtsjWZRBYOINsgJ7LwRLNhwUOAkFgixJIVD5AFW3Y8AJZsJFAWKIVq5pxxTaV7esb2dHW7fj9pXPX1qZo+5X9XX6aq+gQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED/8wY/PFRFx5VfphhMRn4t+RC9iparXImJl7UR9nRdiuzmej4jhUkS1/vY/z0a8HhEfH4+4/+DOenXz+QP24/t//scffnLsR3//0/DMf/9yq//GpOVu3/7tf/5699G3FwAAALqoLMuySB/zT0bEIH22BwCefvn1v0zy7eq5qzfnrD9qtVqtXsC6rhzvbr2IiM36OtV7BofjAWDBbMYnbXeBFsm/0wYRcaztTgBzrWi7AxyJ+w/urBcp36L+erC2057PBdmT/2axe33HpOk0zXNMZvX42op+PDehPysz6sM8yfn3mvlf2WkfpeWOOv9ZmZT/aOfSp87J+feb+Tc8Pfn3xubfVTn/waHy78sfAAAAAADmWP77/4mWj/8uPf6mHMh+x3/XZtQHAAAAAAAAAHjSDjv+36Ax/t8u4/8BAADA3Ko+q1d+d/zhbZO+i626/XIR8UxjeaBj0sUyq233AwAAAAAAAAAAAAC6ZLBzDu/lImIYEc+srpZlWf3UNevDetz1F13Xtx+6rO0neQAA2PHx8ca1/EXEckRcTt/1N1xdXS3L5ZXVcrVcWcrvZ0dLy+VK7XNtnla3LY0O8IZ4MCqrX7ZcW69u2uflae3N31fd16jsH6Bjs9Fi4AAQETuvRvcnvSL9z+vVYirLZ6PlNzksiH32fxaU/Z+DaPtxCgAAABy9sizLIn2d98l0zL/XdqcAgJnIr//N4wJqtVqtVqufvrquHO9uvYiIzfo61XsGw/EDwILZjE/a7gItkn+nDSLihbY7Acy1ou0OcCTuP7izXqR8i/rrQRrfPZ8Lsif/zWJ7vbz+uOk0zXNMZvX42op+PDehP8/PqA/zJOffa+Z/Zad9lJZ7/PzLPX8mbOsco0n5V9t5ooX+tC3n32/m33DU+/+sbEVvbP5dlfMfHCr/vvwBAAAAAGCO5b//n5ir47+jR92cqfY7/rs2do2j6wsAAAAAAAAAPCn3H9xZz9e95uP/XxiznOs/n045/0L+nZTz7zXy/2pjuX5t/t7bD/P/94M763+89a/P5+lB81/KM0V6ZBXpEVGkeyoGafo4W/dZW8P+qLqnYdHrD9I5P+Xw3bgW12Mjzu5Ztpf+Px62n9vTXvV0uN1e9nfaz+9pH+y25/Uv7GkfprOLypXcfjrW4+dxPd7Zbq/alqZs//KU9nJKe86/b//vpJz/oPZT5b+a2ovGtHLvo95n9vv6dNz9vHXti785e/SbM9VW9He3ra7avpda6M/2/8mxUfzy5saN07ev3rp141ykyZ5bz0eaPGE5/2H62X3+f3mnPT/v1/fXex+NDp3/vNiKwcT8X67NV9v7yoz71oac/yj95PzfSe3j9/9Fzn/y/v9qC/0BAAAAAAAAAAAAAACA/ZRluX2J6FsRcTFd/9PWtZkAwGzl1/8yybfPqu7P+P7U6gWviznrz5Oqlw6y/Kfl3PRXrV7Yuq4c7816ERF/q69TvWf49bhfBgDMs08j4p9td4LWyL/D8vf9VdNTbXcGmKmbH3z406vXr2/cuNl2TwAAAAAAAACAR5XH/1yrjf98qizLu43l9oz/+nasPe74n4M8szvA6ISBqvuH36b9bPVG/V5tuPEXY9L438Pduf3G/x5Mub/hlPbRlPalKe3LU9rHXuhRk/N/sTbe+amIONkYfr0L4782x7zvgpz/S7XHc5X/VxrL1fMvf7/I+ff25H/m1vu/OHPzgw9fu/b+1fc23tv42YVz585euHjx0qVLZ969dn3j7M6/Lfb4aOX889jXzgPtlpx/zlz+3ZLz/1Kq5d8tOf8vp1r+3ZLzz+/35N8tOf/82Uf+3ZLzfyXV8u+WnP/XUi3/bsn5v5pq+XdLzv/rqZZ/t+T8X0u1/Lsl53861fLvlpz/mVQfMP+Vo+4Xs5Hzz0e47P/dkvPPZzbIv1ty/udTLf9uyflfSLX8uyXn/3qq5d8tOf9vpFr+3ZLzv5hq+XdLzv+bqZZ/t+T8L6Va/t2S8/9WquXfLTn/b6da/t2S838j1fLvlpz/d1It/27J+X831fLvlpz/91It/27J+b+Zavl3y8Pv/zdjxoyZPNP2MxMAAAAAAAAAAAAA0DSL04nb3kYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s8OHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrB3dzFyneUdwM+sd9drBxIDIXVSAxvHhJBssms78QdtigmfDV8lEAr9wHa9a7Pg2MZrl0Aj2TRQImFUVNE2XLQFhNrcVPiCC1oBygVqhVQJWqn0BlGhchFVAQWkSrQCtppz3vfdmdn52LXH9plzfj/Jfrwz58x5z5l3zs6z6/8cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDVra9d+GQjy7Lmn/yvLVn2vOa/N01vyW971bUeIQAAAHC5fpH//dwN6YYDa1ipZZl/fum3v7K8vLycvWfDn098dnk53TGdZRMbsyy/L7r4g/c2WpcJHs+mGmMtX48N2PyGAfePD7h/YsD9kwPu3zjg/qkB9686AKtsKn4ekz/YjvyfW4pDmt2YTeT37eiy1uONjWNj8Wc5uUa+zvLE0WwxO54tZHNtyxfLNvLlv3Zrc1tvyuK2xlq2ta05Q37y2JE4hkY4xjvatrXymNGPXpNN//Qnjx352zPP3tytDjwMbY9XjPOO7c1xfjzcUoy1kW1MxySOc6xlnNu6PCcb2sbZyNdr/rtznM+tcZwbVoZ5VXU+51PZWP7v7+THabz1x3rpOG0Lt/3stizLzq8Mu3OZVdvKxrLNbbeMrTw/U8WMbD5Gcyq9MBtf1zy9dQ3ztFnnd7TP087XRHz+bw3rjfcYQ+vT9KOPTbY87z9fvpR5GjX3utdrpXMODvu1UpY5GOfFd/KdfqLrHNwR9v+x23vPwa5zp8scTPvdMge3D5qDY5Mb8jGnJ6GRr7MyB3e2Lb8h31Ijr8/c3n8Ozp555NTs0kc+evfiI4ePLRxbOLF758653Xv27Nu3b/bo4vGFueLvSzza5bc5G0uvge3h2MXXwCs6lm2dqstfmFx1/r3U1+FUn9fhlo5lh/06HO/cucbVeUGuntPFa+NdzYM+dWEs6/Eay5+fOy//dZj2u+V1ON7yOuz6PaXL63B8Da/D5jKn7lzbe5bxlj/dxtD7e8HlzcEtLXOw8/1I5xwc9vuRsszBqTAvvndn7+8F28J4n5hZ7/uRDavmYNrdcO5p3pLe70/ty0u3eXlL847rJrOzSwun73n08Jkzp3dmoVwVL2qZK53zdXPLPmWr5uvYuufrgcWXPnFLl9u3hGM1dXfzr6mez1VzmXvv6f9c5d/duh/Ptlt3ZaEM2dU+nt2+mzeP52SWfe6bH3vo64997rU9j2ez3/z47OW/F099acv5d6LH+Tf2/b8stpce6vENE+PF63dDOjoTbefj9qdqPD93NfJtPze7tvPxRPhztc/HN/Y5H2/tWHbY5+OJzp2L5+PGoJ92XJ7O53MqzJPjc/3Px81ltu5a75wc73s+vi3URjj+rwydQuqLWuZOr3mbtjU+PhH2azxuoX2e7m5bfiL0Zs1tPbUrvClMo1zbPL3jtmL5DS3rRVdrnk53LDvseZp+9tVrnjYG/fTt0nQ+n1NhXty4u/88bS7z9L2Xf+7cFP/Zcu6cHDQHJzZMNsc8kSZhfr7PljfFOXhPdiQ7mR3P5vN7J/P51Mi3NXPf2s6Vk+HP1T5Xbu0zB+/oWHbYczB9H+s19xrjq3d+CDqfz6kwL568r/8cbC7zur3Dfe96R7glLdPy3rXz52u9fuZ1S8dhulJzZTyM85t7+/9strnM8X3r7TP7H6e7wi3XdTlOna/fXq+p+ezqHKetYZzP7ut9nJrjaS7z2f1rnE8Hsiw796EH8p/3ht+vnDv73a+0/d6l2+90zn3ogR8//+g/rWf8AIy+XxZlc/G9ruU3U2v5/T8AAAAwEmLfPxZqov8HAACAyoh9f/xf4Yn+HwAAACoj9v3joSZV6P//ePAiW1/37OIvz2Upmb8cxPvTYXiwWC5mXOfC19PLK5q3P/Clhf/5x3NrG95YlmU/f/CPui6/9cE4rsJ0GOfF17ffvspX7l7Ttg89fC5ttzW//vnw+HF/1joNukVw57Is+9oNn863M/3eC3l9+sFDeX3o/BOPN5d5bn/xdVz/mRcVy/9VCP8eOHq4bf1nwnH4Yahzb+5+POJ6X77wym17372yvbheY/v1+W4/+b7icePn5Hzm8WL5eJx7jf/rn3rqy83lH3159/GfG+s+/qfC434p1P99SbF863PQ/Dqu94kw/ri9uN49X/xG1/Ff/GSx/Kk3FMsdCjVu/47w9Y43PLvYerwebRxu26/sjcVycftz3/3T/P74ePHxO8c/dfBC2/HonB9P/1vxOLMdy8fb43aif+jYfvNxWudn3P5Tf3Ko7TgP2v7Fh555SfNxO7d/V8dypz50Z779lcdr/8Smv/7Ep7tuL47nwN+fatufA+8Ir+Ow/SffF+ZjuP//LhaP1/npCofe0X7+ict/fsu5tv2J3vTTYvsXX30srxunNm2+7nnPv/78y5rHLsu+s7F4vEHbP/Y3J9vG/4WbiuMR748Z/c7t9xK3f/rDMydOLp1dnE9H9bEb8s/OeUsxnjjeG8K5tfPrgyfPvH/h9PTc9FyWTVf3I/Qu2RdD/XFRzvdfennVGfTOh8Pzectffm3z7f/6qXj7f7yruP3Cm4vvW68Iy30m3L4lPH/r2/5qT956U/76bjwdRri8+vOCL8e2Hf+9b00Lhv3vfF8Q5/upF78/Pw7N+/LvG/F1fZnj//588ThfDcd1OXwy8/abVrbXunz8bIQL7yxe75d9/MJpLj6vfxee77f+sHj8OK64v98P72O+sbX9fBfnx1fPjXU+fv4pHufD+SQ7X9wfl4rH+8JzN3UdXvwckuz8zfnXf5Ye5+Z17WYvSx9Zmj2+eOLso7NnFpbOzC595KMHHzl59sSZg/lneR78wKD1V85Pm/Pz0/zCnnuz/Gx1sihX2LUe/6mHj8zvnbt9fuHo4bNHzzx8auH0sSNLS0cW5pduP3z06MKHB62/OH//zl37d+/dNXNscf7+ffv3794/s3jiZHMYxaAG2DP3wZkTpw/mqyzdf+/+nffdd+/czCMn5xfu3zs3N3N20Pr596aZ5tp/OHN64fjhM4uPLMwsLX504f6d+/fs2TXw0wAfOXV0aXr29NkTs2eXFk7PFvsyfSa/ufm9b9D6VNPSfxbvZzs1ig/iy95+1570+axNX/pYz4cqFun4ANFnw2fRfOsFp/at5evY90+EmlSh/wcAAAByse+fDDXR/wMAAEBlxL5/Y6iJ/h8AAAAqI/b9U6Gm/xJQk/6/cvn/refWtH35f/n/1uMl/1+z/P87y5b/L84X8v/Dcbn5++rl/8fbvpL/H0D+X/5f/l/+n6EqW/4/9v2bsszv/wEAAKCiYt+/OdRE/w8AAACVEfv+60JN9P8AAABQGbHvf16oSU36f/l/+X/5f/l/+f/u25f/H03y//3J/w8g/z+b1Sv/f36Y478G+f9NrV/I/1NGZcv/x77/+aEmNen/AQAAYIT1/qlBh9j3Xx9qov8HAACAyoh9/w2hJvp/AAAAqIzY928JNalJ/y//f1n5/5S5kv9vH7/8fzv5/zAf5P/l/68C+f/+5P8HkP93/f/Ryv+3kf+njMqW/499/wtCTWrS/wMAAEAdxL7/haEm+n8AAAAon/FLWy32/S8KNVnV/1/iBgAAAIBrLvb9N2YdQfCa/P5f/t/1/+X/5f/l/7tvf+35/w2Z/H95yP/3J/8/gPy//L/8/7ry/42WNwHy/3RTtvx/3vdnU9mLQ01q0v8DAABAHcS+/6ZQE/0/AAAAVEbs+38l1ET/DwAAAJUR+/6toSY16f/l/yuT//9Z61Mn/y//32/78v+u/19l8v/9yf8PIP8v/y//7/r/DFXZ8v+x77851KQm/T8AAADUQez7bwk10f8DAABAZcS+/1dDTfT/AAAAUBmx798WalKT/l/+v+T5/5gcdf1/+X/5/1Lm/6fk/0tH/r8/+f8B5P/l/+X/5f8ZqrLl/2Pf/5JQk5r0/wAAAFAHse9/aaiJ/h8AAAAqI/b9Lws10f8DAABAZcS+fzr79/Y7atL/ryf/3zgv/9/LFb7+/+Qarv/fRv5f/r/f9uX/Xf+/yuT/+5P/H0D+X/5f/l/+n6EqW/5/Ol9rKrs11KQm/T8AAADUQez7t4ea6P8BAACgMmLff1uoif4fAAAAKiP2/TtCTWrS/7v+/0jk/zP5f/l/+X/5f/n/tZH/70/+fwD5f/l/+X/5f4aqbPn/2Pe/PNSkJv0/AAAA1EHs+28PNdH/AwAAQGXEvv8VoSb6fwAAAKiM2PffEWpSk/5f/l/+X/5f/l/+v/v25f9Hk/x/f/L/A8j/y//L/8v/M1Rly//Hvv+VoSY16f8BAACgDmLff2eoif4fAAAAKiP2/XeFmuj/AQAAoDJi3z8TalKT/l/+X/5f/l/+X/6/+/bl/0eT/H9/8v8DyP/L/8v/y/8zVGXL/8e+/+5Qk5r0/wAAAFAHse+/J9RE/w8AAACVEfv+2VAT/T8AAABURuz750JNatL/y//L/8v/y/+vK///spXHlf8vyP+Xi/x/f/L/A8j/y/9f8/z/hPw/lVK2/H/s+3eGmtSk/wcAAIA6iH3/rlAT/T8AAABURuz7d4ea6P8BAACgMmLff2+oSU36/yrl//M9kP9vW0/+X/6/2/Zd/1/+v8rk//sbfv4/7qL8v/y//L/r/8v/s1rZ8v+x778v1KQm/T8AAADUQez794Sa6P8BAACgMmLfvzfURP8PAAAAlRH7/n2hJjXp/6uU/y9WlP/PSpT/j+T/C/L/8v/y/1ee/H9/rv8/gPy//P8I5/+bc0v+n7IpW/4/9v37Q01q0v8DAABAHcS+/1WhJvp/AAAAqIzY9/9aqIn+HwAAACoj9v2/HmpSk/5f/l/+3/X/5f/Lnv+flP+X/18H+f/+5P8HkP+X/x/h/L/r/1NGZcv/x77//lCTmvT/AAAAUAex7/+NUBP9PwAAAFRG7PtfHWqi/wcAAIDKiH3/gVCTmvT/o5v/n+yxQyXN/8cb5f/l/+X/Xf9f/v+Kkv/vT/5/APl/+X/5f/l/hqps+f/Y978m1KQm/T8AAADUQez7Hwg10f8DAABAZcS+/7WhJvp/AAAAqIzY978u1KQm/f/o5v977VBJ8/+u/98n/z/RNnb5/5X15P8L8v/y/+sh/9+f/P8A8v/y//L/8v8MVdny/7Hvf32oSU36fwAAAKiD2Pe/IdRE/w8AAACVEfv+N4aa6P8BAACgMmLf/6ZQk5r0//L/8v/XPv/v+v/y/wX5f/n/YZD/70/+fwD5f/l/+X/5f4aqbPn/2Pf/ZqhJTfp/AAAAqIPY9z8YaqL/BwAAgMqIff+bQ030/wAAAFAZse9/S6hJTfp/+X/5f/l/+X/5/+7bl/8fTfL//Y1Y/v8X14fb5f8L8v/lHv968//jHV9fkfz/D3rl/5c3dq4v/8+VULb8f+z73xpqUpP+HwAAAOog9v1vCzXR/wMAAEBlxL7/7aEm+n8AAACojNj3/1aoSU36f/n/5jhW0svy//L/+Q3y//L/8v8jS/6/vxHL/7v+fwf5/3KP3/X/5f9ZrWz5/9j3vyPUpCb9PwAAANRB7PsfCjXR/wMAAEBlxL7/naEm+n8AAACojNj3vyvUpCb9v/y/6//L/8v/y/933778/2iS/+9P/n8A+X/5/7Ll//9L/p/RVrb8f+z7Hw41qUn/DwAAAHUQ+/53h5ro/wEAAKAyYt//26Em+n8AAACojNj3vyfUpCb9v/z/qOT/p+X/15n/nwy3yf/L/8v/14v8f3/y/wPI/8v/ly3/7/r/jLiy5f9j3//eUJO19/9Ta14SAAAAuCZi3/87oSY1+f0/AAAA1EHs+3831ET/DwAAAJUR+/7fCzWpSf8v/z8q+X/X/89c/1/+v2N/5P/l/7u5evn/eOaR/5f/l/+P5P/l/+X/6VS2/H/s+38/1KQm/T8AAADUQez73xdqov8HAACAkdDt/2R3in3/wVAT/T8AAABURuz7D4Wa1KT/l/+X/5f/L2n+/y+2/8v3vv22Qzvl/+X/5f/X5ape/7/54nf9f/l/+f9E/l/+X/6fTmXL/8e+/3CoyUrj9xYX+AcAAIDRFvv+Pwg1qcnv/wEAAKAOYt9/JNRE/w8AAACVEfv++VCTmvT/8v/y//L/Jc3/j/D1/+PxGKX8/8zGEcr/x5Ou/H9XVzX//+6VnLj8/3rz/5Ndb+3M/zfk/9vI/697/N/Kskz+X/6fa6hs+f/Y9y+EmtSk/wcAAIA6CH3/2NGirtyh/wcAAIDKiH3/sVAT/T8AAABURuz73x9qUpP+X/5f/l/+X/7f9f+7b7+0+X/X/+9L/r+/8uT/u3P9f/n/UR6//L/8P6uVLf8f+/7FUJOa9P8AAABQB7Hv/0Coif4fAAAAKiP2/R8MNdH/AwAAQGXEvv94qElN+n/5f/l/+X/5f/n/7tuX/x9N8v/9yf8PIP8v/y//L//PUJUt/x/7/v9n706eLC2zOo7fxCSoCsLQnQsXunflwhULWesf4IKNC40wjBBUnCcK5xHnecABFQccQBEnHHuCnuim56a76Xke6JnujuqAOudUZuWb782suln3vc/5fBYeOunyZhsl9I/iy/MdcUuT/Q8AAAAd5O6/PW6x/wEAAGAYufvviFvsfwAAABhG7v7vjFua7H/9v/5/2P7/6/X/x32+/l//PzL9/zz9/xr6f/2//l//z0Ytrf/P3f9dcUuT/Q8AAAAd5O7/7rjF/gcAAIBh5O6/M26x/wEAAGAYufu/J25psv+v6P/3Vj37/8x49f8j9f/e/z/28/X/+v+RXd/+/+7n/sin/9f/6/+D/l//r//nSkvr/3P3f2/c0mT/AwAAQAe5+78vbrH/AQAAYBi5+78/brH/AQAAYBi5+38gbmmy/73/7/3/ZfX/N+j/9f/6f/3/NfH+/7xO/f+dT958+zMPf+Ujp/l8/b/+X/+v/2ezltb/5+7/wbilyf4HAACADnL3/1DcYv8DAADAMHL3/3DcYv8DAADADjo/+dXc/T8StzTZ//p//f+y+v8tvv9/bpH9f/6m/l//r/8/If3/vE79/9V8vv5f/6//1/+zWUvr/3P3/2jc0mT/AwAAQAe5+38sbrH/AQAAYLmm/kbsGbn774pb7H8AAAAYRu7+C3FLk/2v/z/7/v8L+v/d6P+9/6//1/8PQf8/T/+/hv5f/6//1/+zUUvr/3P33x23NNn/AAAA0EHu/h+PW+x/AAAAGEbu/p+IW+x/AAAAGEbu/p+MW5rsf/2/9//1/537/6+L36P/n/p8/f9u0v/PW27/f+n/s/T/O9//36j/1//r/znolP3/szN/2N5I/5+7/6filib7HwAAADrI3f/TcYv9DwAAAMPI3f8zcYv9DwAAAMPI3f+zcUuT/a//1//r/zv3/9f4/v/Rn3rP0/9P0/9fH/r/eYvp//f2J7+s/992/3/xy7z/r//X/7NJS3v/P3f/z8UtTfY/AAAAdJC7/+fjlpn9f+q/mA8AAABsVe7+X4hb/Po/AAAA7LysznL3/2Lc0mT/6//1//p//f9V9/+N3/9/5MD3p/9fFv3/vMX0/8fQ/2+7/99uP7/r37/+X//PUUvr/3P3/1Lc0mT/AwAAQAe5+++JW+x/AAAAGEbu/l+OW+x/AAAAGEbu/l+JW5rs/+n+//Lv1/+fjP7/8Pev/5/++bGp/j//N+r/Z/v/W73/35P+f57+fw39v/5f/39c/39+3Y/X/zNlaf1/7v5fjVua7H8AAADoIHf/r8Ut9j8AAAAMI3f/r8ct9j8AAAAMI3f/b8QtTfa/9//1//r/3ev/d+P9/6OZ4Ejv/6+ue/+/r/8/If3/PP3/Gvr/A/383kr/37j//9Jj3v+f+acA6P+ZsrT+P3f/b8YtTfY/AAAAdJC7/7fiFvsfAAAAdsPBv3fgyr+hNOTu/+24xf4HAACAYeTu/524ZZz9P/tWp/5f/6//1/8P+v7/YP2/9/9PSv8/T/+/hv7/LPr5/cH6/3uP+/FL6P/vOrv3/7923Y/X/zPlUP//6OWvb6v/z93/u3HLOPsfAAAA2svd/3txi/0PAAAAw8jd//txi/0PAAAAw8jd/wdxS5P9f+b9/8w/fUD/r//X/+v/9f/6/03T/8/T/6+h/9/q+/m7/v0vof/f2Pv/+n825FD/f8C2+v/c/X8YtzTZ/wAAANBB7v4/ilvsfwAAABhG7v574xb7HwAAAIaRu/+P45Ym+9/7//p//b/+X/8//fn6/910Tf39Dfr/ov/X/+v/9f/6fzZgaf1/7v4/iVua7H8AAADoIHf/n8Yt9j8AAAAMI3f/n8Ut9j8AAAAMI3f/fXFLk/2v/z/b/j+/rv/X/6/0//p//f910fb9/72pPxMddUz///i3XfjGw1/R/+v/9f/6f/0/J/TlM79vEf3/xcv/7TJ3/5/HLU32PwAAAHSQu/8v4hb7HwAAAIaRu/8v4xb7HwAAAIaRu//+uOWU+3+ueVgy/b/3//X/+n/9//Tn6/93U9v+/4S8/7+G/l//r//Pn476fzZiEf3/gX+du/+v4ha//g8AAADDyN3/13GL/Q8AAADDyN3/N3GL/Q8AAADDyN3/t3FLk/2v/9f/6//1//r/6c/X/+8m/f88/f8au9T/338N/f/+9Je33c9fq21//4P0/97/Z6OW1v/n7n8gbmmy/wEAAKCD3P1/F7fY/wAAADCM3P1/H7fY/wAAADCM3P3/ELc02f/6f/2//l//r/+f/nz9/27S/8/T/69WqwdnvoGp/v/iTcvs/73/v7jvX/+v/+eopfX/ufv/MW5psv8BAACgg9z9D8Yt9j8AAAAMI3f/Q3GL/Q8AAADDyN3/T3FLk/2v/9f/6//1//r/6c/X/+8m/f88/f8au/T+v/5/cd+//l//z1FL6/9z9/9z3NJk/wMAAEAHufsfjlvsfwAAABhG7v5/iVvsfwAAABhG7v5H4pYm+1//r//X/+v/9f/Tn6//301n1/+v9P/6f/3/Gvp//b/+nystrf/P3f+vcUuT/Q8AAAAd5O7/t7jF/gcAAIBh5O7/97jF/gcAAIBh5O7/j7ilyf7X/+v/9f/6f/3/9Ofr/3eT9//n6f/X0P/r//X/+n82arr/v2tr/X/u/v+MW5rsfwAAAOggd/+jcYv9DwAAAMPI3f9fcYv9DwAAAMPI3f/fcUuT/a//1/8f7v9XK/2//l//f8lc/39uM/3/uZX+f+POtP+/L2J0/b/+X/8/abH9/w2rgfr/88f+eP0/S7S09/9z9/9P3NJk/wMAAEAHufv/N26x/wEAAGAYufv/L26x/wEAAGAYufv/P25psv/1//p/7//r//X/05/v/f/d5P3/efr/NfT/Y/b/3v/X/7M1S+v/c/e/IG5psv8BAACgg9z9L4xb7H8AAAAYRu7+F8Ut9j8AAAAMI3f/i+OWJvtf/6//1//r//X/05+v/99N+v95+v819P/6f/2//p+NWlr/n7v/JXFLk/0PAAAAHeTufyxusf8BAABgGLn7H49b7H8AAAAYRu7+l8YtTfa//l//r//fzf7/nP5f/6//n7SU/v+WW77hCf2//l//r//X/+v/u1ta/5+7/2VxS5P9DwAAAB3k7n953GL/AwAAwDBy978ibrH/AQAAYBi5+18ZtzTZ/0f7/xtXlwrVS6b6/2jU9P8H6P8Pf//6/+mfH97/1//r/8/eUvp/7/9f3fev/9f/7/L3f6r+/6uP/nj9PyNaWv+fu/+JuKXJ/gcAAIAOcve/Km6x/wEAAGAYuftfHbfY/wAAADCM3P1Pxi1N9r/3//X/+n/9v/5/+vP1/7tJ/z9P/7+G/l//7/3/O77lS/T/bM7S+v/c/a+JW5rsfwAAAOggd/9r4xb7HwAAAIaRu/91cYv9DwAAAMPI3f/6uKXJ/tf/6//1//p//f/05+v/d5P+f57+v1z5H+2SPv3/uakvbrufv1bb/v6H6f+9/88GLa3/z93/hrilyf4HAACADnL3vzFusf8BAABgGLn73xS32P8AAAAwjNz9b45bmux//b/+f/z+/5v1/1d8vv5f/z8y/X/+GX2a/n+NPv3/pG3387v+/ev/9f8ctbT+P3f/U3FLk/0PAAAAHeTuf0vcYv8DAADAMHL3vzVusf8BAABgGLn73xa3NNn/+v9e/f/eqmP/7/1//b/+vxP9/zz9/xr6f/2//l//z0Ytrf/P3f/03n7L/Q8AAAC76pu+5tufOum/9+nn/+e51dvjlltXF0/4y9gAAADAwj23+/f2V6t3PP+v/Po/AAAAjCh3/zvjlib7X//fq//v+f6//l//r//vRP8/T/+/hv5f/3/c939R/7/ux+v/mbK0/j93/7vilgPDb//U/ykBAACAJcnd/+64pcmv/wMAAEAHufvfE7cc2f/+cYAAAACwq3L3vzduafLr//r/hff/qzPq/+Pfp/+/RP+v/5/6fP3/btL/z7vG/v/inv5f/z9j6P7f+//6f67K0vr/3P3vi1ua7H8AAAAY1KG/opC7//1xi/0PAAAAw8jd/4G4xf4HAACAYeTu/2Dc0mT/6/+ve/+fqfoZvv9/vn7L+//N+/97zk1+vv5f/z8y/f887/+vof8fpf+/Sf+v/2cZltb/5+7/UNzSZP8DAABAB7n7Pxy32P8AAAAwjNz9H4lb7H8AAAAYRu7+j8YtTfa//n/h7/9fVf9/gvf/9f89+v9jPn+c/v8rbr7w2G3f+tAD+n8uu579f/5c0P/r//X/lyyo//f+v/6fhdh8/79/6Iun7f9z938sbmmy/wEAAKCD3P3PxC32PwAAAAwjd//H4xb7HwAAAIaRu/8TcUuT/a//1/8vpf/P/1tvof+/cNX9//nVarWV/j+b4u79v/f/9f9Hef9/nv5/Df2//l//r/9nozbf/x/+4mn7/9z9n4xbmux/AAAA6CB3/6filtz/e6f+S/cAAADAwuTu/3Tc4tf/AQAAYBi5+z8TtzTZ//p//f9S+v/k/f/LP26s9/9vqzi1Z///VfVb+v+zpf+fp/9fQ/+v/9f/6//ZqKX1/7n7Pxu3NNn/AAAA0EHu/mfjFvsfAAAAhpG7/3Nxi/0PAAAAw8jd//m4pcn+1/+P2v9nEa//1/8vpf/3/r/3/68P/f88/f8a+n/9v/5f/89GLa3/z93/xQAAAP//qN9iow==") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) chdir(&(0x7f0000000040)='./file0\x00') quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000000)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f00000003c0)='./file1\x00') 2m22.64004183s ago: executing program 2 (id=548): r0 = socket(0x2, 0x1, 0x0) listen(r0, 0x0) setsockopt$sock_timeval(r0, 0x1, 0x14, &(0x7f0000454ff0)={0x0, 0x2710}, 0x10) accept$inet(r0, 0x0, 0x0) 2m21.879183178s ago: executing program 2 (id=557): pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$packet(0x11, 0x3, 0x300) splice(r0, 0x0, r2, 0x0, 0x10500, 0x0) write$cgroup_devices(r1, &(0x7f0000000080)=ANY=[], 0xffdd) 2m21.215140697s ago: executing program 34 (id=557): pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$packet(0x11, 0x3, 0x300) splice(r0, 0x0, r2, 0x0, 0x10500, 0x0) write$cgroup_devices(r1, &(0x7f0000000080)=ANY=[], 0xffdd) 2m8.677911675s ago: executing program 6 (id=662): futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0) futex(0x0, 0xc, 0x1, 0x0, 0x0, 0x0) futex(&(0x7f000000cffc)=0x4, 0xb, 0x4, 0x0, &(0x7f0000000080), 0x0) futex(&(0x7f000000cffc), 0x5, 0x2, 0x0, &(0x7f0000000000), 0x5000000) 2m7.559795958s ago: executing program 6 (id=674): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f00000005c0)=[{0x6}]}) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r0, 0xc0502103, &(0x7f00000001c0)) 2m5.569172545s ago: executing program 6 (id=697): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) ioctl$TUNSETVNETBE(r0, 0x400454de, &(0x7f00000000c0)=0x1) write$tun(r0, &(0x7f0000000a00)=ANY=[@ANYBLOB="080088f703"], 0x22) 2m5.12738701s ago: executing program 6 (id=701): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=ANY=[@ANYBLOB="5c0000001000030400000000fedbdf2500007400", @ANYRES32=r1, @ANYBLOB="00080000075005003c0012800b00010062726964676500002c00028005001900020000000c00230001000000000000000c0022000600"], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0) 2m4.735878881s ago: executing program 6 (id=704): syz_mount_image$jfs(&(0x7f0000000400), &(0x7f00000000c0)='./file1\x00', 0x1c880, &(0x7f0000000000)=ANY=[], 0xfb, 0x603f, &(0x7f0000002480)="$eJzs3cuOHFcZB/CvL9NzCYmtCEXGYuE4EBJCfLch3OKwYAFIICGvsTWZRAYHkG0QiSw8kReIBZdHgE02LPIiYcca8QBYsllFglCops+xq9s902M809U95/eTZqq+PlXTp/yfmu5yVfUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACC+8+0fnu5ExOVfpgcOR3wqehHdiNW6Phb1zMW8fD8ijsRWczwXEb3liHr9rW+HIs5FxEfPRNy7f2u9fvjMLvtx/tTN659891t//80f7hz58Zs/+mC8/QefPvvhb29HHP7+ax9+cntvth0AAABKUVVV1UmH+Ue3vg+P7QGAg2/4+j98P1DLj6vVanVB9eYMnu/33fnZXnXBdVM12e1mERGbzXXq9wxOxwPAgtmMj9vuAi2Sf9H6EfFU250A5lqn7Q6wL+7dv7XeSfl2mq8Hw0tBHlwLMpL/ZufB/R3bTacZv8ZkVr9fd6IXz27Tn9UZ9WGe5Py74/lfHrYP0nL7nf+sbJf/YHjrU3Fy/r3x/MeM5P/HiFjY/LsT8y9Vzr//OPlv9hZ4/5c/AAAAAAAHX/7//8Mtn/9dfvJN2ZWdzv8em1EfAAAAAAAAAGCvPen4fw8Y/w8AAADmVn2sXvvTMw8f60T87dCEZetD/EudiKfHlgcKk26WWWu7HwAAAAAAAAAAAABQkv7wGt5LnYiliHh6ba2qqvqrabx+XE+6/qIrffuhZG3/kQcAgKGPnkn38t9dGT7QiajnLqXP+ltaW1urqpXVtWqtWl3O72cHyyvVauO4Nk/rx5YHu3hD3B9U9Q9baazXNO14eVr7+M+rn2tQ9XbRsdloO3UASjd8NbrnFemAqapD0fa7HBaD/f/gsf+zG23/ngIAAAD7r6qqqpM+zvtoOuffbbtTAMAsrOTX//HzAmq1Wq1Wqw9e3VRNdrtZRMRmc536PYPh+AFgwWzGx213gRbJv2j9iDjSdieAudZpuwPsi3v3b613Ur6d5utBGt89Xwsykv9mZ2u9vP6k6TTj15jM6vfrTvTi2W3689yM+jBPcv7d8fwvD9sHabn9zn9Wtsu/3s7DLfSnbTn/3nj+Yw5O/t2J+Zcq599/rPx78gcAAAAAgDmW////sPO/eZMBAAAAAAAAYOHcu39rPd/3ms//f3bCcp3mnPs/D4ycf2fX+bv/9yDJ+XfH8x+7IKfXmL/7xsP8/3X/1voHN//5mTyd+/yXeoP6uZc63V4/XfNTLb0VV+NabMSpR5bvj7SffqR9aaT9zJT2s4+0D+r21dx+ItbjZ3Et3nzQvjzlwqiVKe3VlPacf8/+X6Scf7/xVee/lto7Y9Pa3fe7j+z3zemk57n4l/+8+OjetdcGU5e4E70H29ZUb9/xfenTzrb+TZ4axC9ubFw/8asrN29ePx1pMvLomUiTPZbzX0pfOf+XXhi257/7zf317vuDx85/XtyJ/rb5v9CYr7f35Rn3rQ05/0H6yvnnV6DJ+/8i57/9/v9KC/0BAAAAAAAAAAAAAACAnVRVtXWL6MWIuJDu/2nr3kwAYKZ+9700UyWhVqvVarV6r+r+nPVnRDXZ680iVkbXuRARv570wwCAefbfiPhH252gNfIvWP68v3r6ubY7A8zUjXff+8mVa9c2rt9ouycAAAAAAAAAwP8rj/95rDH+89Z1QGPjRo+M//pGHFvY8T+7g97WWOdpg56Pncf/Ph47j//dn/J8S1Pap41YvDylfWVK+8QbPRpy/s+njHP+R9OGlTT+60st9KdtOf/jaaznnP8XxpZr5l/9eZHz747kf/LmOz8/eePd9169+s6Vtzfe3vjp6VMXzp09f+7s+fMn37p6bePU8HuLPd5fOf889rXrQMuS88+Zy78sOf/Pp1r+Zcn5v5hq+Zcl55/f78m/LDn/fOwj/7Lk/F9OtfzLkvP/YqrlX5ac/yupln9Zcv5fSrX8y5LzfzXV8i9Lzv9EquVflpz/yVTLvyw5/3yGS/5lyfnnKxvkX5ac/5lUy78sOf+zqZZ/WXL+51It/7Lk/M+nWv5lyflfSLX8y5Lz/3Kq5V+WnP9XUi3/suT8X0u1/MuS8/9qquVflpz/11It/7Lk/L+eavmXJef/jVTLvyw5/2+mWv5lyfm/nmr5l+Xh5/+bmfHMv/8aMQfd2I+ZqqqqOeiGmSeYafsvEwAAAAAAAAAAAAAwbhaXE7e9jQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPyPHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVh795i5KrvO4CfvdlrQ4IbCCHECWtjiBMW765v4BAHk4SUkialJKRNS2oce22c+FavnQBCYSm0JQpSkdoH+tDclEZRLwJFkZpKNEJqpPatPCXiJWolHiwVKgcllVIFtjpz/v//zszOzqztXfvMOZ8Pwj/vXP9z5szsftf6zgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJpt+Mj0nw9kWZb/3/hjXZZdnv99TbYn/3J256VeIQAAAHCh3mj8+Q9XpBP2LOFKTZf5t/f8xw/m5ubmss+/fubNv5ybS2eMZdnQ6ixrnBf9+69+Odd8meCJbHRgsOnrwR53P9Tj/OEe54/0OH9Vj/NX9zh/tMf5CzbAAmuK38c0bmxT46/rik2aXZWNNM7b1OFaTwysHhyMv8tpGGhcZ27kYHY4O5JNZ5MLrjPQ+C/LXtiQ39ddWbyvwab7Wp9l2dmfP7o/rmEgbONNWcudNTQ/d6/dkY29/vNH93/31Kvv7DR7boYFK82yzRvzdT6ZZfO/rsoGstVpm8R1Djatc32HdQ61rHOgcb387+3rPLvEdcbHPRrW+VKXda4Ppz10fZZls9mil2n3RDaYrW2717S9R4s9Ir+N/Kl8WzZ8TvvJhiXsJ/l1Xrm+dT9p3yfj9t8QtsnwImtofjpee3zVgu1+vvtJ/qjLsK/mt31Pfqejo82/Wm3ZV/PLPHrD4vtAx+euwz6Q9uWmfWBjr31gcNVQYx8YnF/zxpZ9YGrBdQazgcZ9nbmh+z4wceroiYmZhx+5+fDRfYemD00fm5rcuX3bju3bduyYOHj4yPRk8ee5bdI+sjYbTPvgxvBeE/fB97ZdtnmXnPvW8r0ORkvyOsgf+6dvzBd0+WC2yD6eX+bJzRf+Okjf95teB8NNr4OO76kdXgfDS3gd5Jc5u3lp3zOHm/7vtIaVei9c17QPXMrvh/l93v++xd8L14d1PfX+c/1+OLRgH4gPayC89vJT0s97o7eG7bJwv7g2P+OyVdnpmemTWx7ad+rUyaksjIviyqbnqn1/Wdv0mLIF+8vgOe8ve/7+1zde2+H0dWFbjd7U/bnKL7N9vPtz1Xh3b92eq7Jie7acujULY5ld7O3Z6btZvj1TluiyPfPLPHnzhf8smHJJ0/vfSK/3v6GR4eL9byhtjZGW97+FT81QY2VZdvbmpb3/jYT/L/b731Ulef/Lt9X9W7rvA/llnpo4131guOv73/VhDoT1vC8khtGm3P9m4/zZYjdtei577jfDwyNhvxmO99i632xbcJ381vL73jx5fvvN5utbn6uWn1squN/k2+qvJrvvN/llXpy68PeONfGvTe8dq3rtAyNDq/L1jqSdoHi/m1sT94Et2f7seHYkO5Cukz/L+X2Nb13aPrAq/H+x3zuuKck+kG+rZ7d23wfyy/x42/L+7LQ5nJIu0/SzU/vvFxbL/NcOz99e+2Zb7syfr/OjP/lkOq1Thsgv8+r2c80Z3bfTTeGUyzpsp/bXz2L79IHs4myna8I6j+zo/rup/DJX7Vzi/rQny7KXp15u/L4r/H73+6d/8oOW3/t2+p3yy1Mv3z1x70/PZf0AAJy/Nxt/zq4qftZs+hfrpfz7PwAAANAXYu4fDDOR/wEAAKAyYu4fCjOR/wEAAKAyYu4fDjOpSf5/8NZdz73xWJY+DXAuiOfHzXDPh4rLxY73bPh6bG5efvqHvzPy3FcfW9p9D2ZZ9uu739Xx8g9+KK6rcCKu8wOtpy9wzXVLuv8H7pu/XPPnJ5zdVdx+fDxL3Q1iV/mFia2N2x17eKoxX7w7a8x7Z596orj94ut4+TPbisv/TfjQkj0HB1quvzmsZ1OYY+EzZe7ZM78d8hmv99z69/zrlZ+Zv794vYGNb208zGe/Utxu/IyoZ64sLh8f92Lr/5evfe+5/PIP3dB5/Y8Ndl7/mXC7r4T5q93F5Zu3+Veb1v+nYf3x/uL1tnz7Rx3X//w7iss/H/aLb4bZvv47/uLdb3R6vuL97LmtuF68/8n/3d64Xry9ePvt6x99bKple7Tf/ouvF7ez+0u/GGq+fDw93k/0wG2t+/dAeH5beuRZln3vz7KW7Zx9sLjeP7etP97eids6r/+mtnWeGLiucf35x7Ou5XF9/W+3dny8cT17/nFdy+N55s6w/V6f+HF+u2fuDftjOP//Xipur/2zTJ+/s/X9Jl7+m+uK1228vYm29T/Ttv7Z6/Jt13v9d71erP/521e3rH/Px8L+dFcxe63/0DeuaLn+t75bPB8nvzx+7PjM6cMHmrZq8+t49eiatZdd/pa3XhHeS9u/3nv81IPTJ8cmxyazbKwPPzJwpdf/7TD/pxizy38PhZ/+otjvnv548X3rvb8svn4mnP5AeD7j98ev//VIy/7a/rzP3l7MC13/+8M6luodX/uv65Z0wTOfe+H0P/3Jq+0/F8THc+Lto43H9+yGqxvnDbxYnN/+ftXLf7699XX9s+HJxvxh2K5z4ZOZN15d3F/77cfPJnn6U8XrN/4kF6+ftX2eyLqh1sdxoev/Wfg55kfXtL7/xf3jh4+1fZrzumwgX8JseH/IZovz46Xi9n767NUd7y9+Dk82+85zWeaiZh6emThy+NjphyZOTc+cmph5+JG9R4+fPnZqb+OzS/d+odf151/faxuv7wPTO7dnjVf78WKssEu9/hP37T9wy+SNB6YP7jt98NR9J6ZPHto/M7N/+sDMjfsOHpz+cq/rHz6we2rrrm23bB0/dPjA7lt37dq2a/zwseP5MopF9bBz8ovjx07ubVxlZvf2XVM7dmyfHD96/MD07lsmJ8dP97p+43vTeH7tL42fnD6y79Tho9PjM4cfmd49tWvnzq09P/3x6ImDM2MTJ08fmzg9M31yongsY6caJ+ff+3pdn3qYOR7e79oMhJ/OP3vTzvT5uLnvPL7oTRUXaf3xNHstfBZU/P7W6+uY+0fCTGqS/wEAAKAOYu4PH/w/f4b8DwAAAJURc//qMBP5HwAAACoj5v4i+Y+mw7/XJf8vV///cf3/Bv1//f9M/z/R/9f/z/T/9f970P/X/+/n9ev/6//TW9n6/yH3Z2uyzL//AwAAQEXF3L82zET+BwAAgMqIuf+yMBP5HwAAACoj5v7Lw0xqkv8d/1//X/+/W/8/Xlb/P9P/L0P/f9N/6/8voP+v/5/p/5+3S92f7/f1l7D/v0b/n7IpW/8/5v63hJnUJP8DAABAHcTc/9YwE/kfAAAAKiPm/ivCTOR/AAAAqIyY+9eFmdQk/+v/6//r/zv+v/5/3/T/Hf+/A/3/le//N39b1f9vpf+v/1+y/r/j/1M6Zev/x9z/G2EmNcn/AAAAUAcx978tzET+BwAAgMqIuf/KMBP5HwAAACoj5v6rwkxqkv/r2f9/Jcsy/f9M/1//v22d+v/6/ytB/7//+/+O/784/X/9f/1//X+6K1v/P+b+t4eZ1CT/AwAAQB3E3H91mIn8DwAAAJURc/87wkzkfwAAAKiMmPuvCTOpSf6vZ//f8f/1/wv6/63rvET9/6/o/+v/Xwj9f/3/TP//vF3q/ny/r1//X/+f3srW/4+5/51hJjXJ/wAAAFAHMfdfG2Yi/wMAAEBlxNz/rjAT+R8AAAAqI+b+9WEmNcn/+v/6//r/+v+O/6//v5L6q/8/uOg5+v8F/f9Wy9f/n51fgP5/36xf/1//n97K1v+Puf/dYSY1yf8AAABQBzH3vyfMRP4HAACAyoi5/7owE/kfAAAAKiPm/rEwk5rkf/1//X/9f/1//X/9/5XUX/3/xen/F/T/Wzn+v/6//r/+P92Vrf8fc/+GMJOa5H8AAACog5j7N4aZyP8AAABQGTH3Xx9mIv8DAABAZcTcvynMpCb5X/9f/1//X/9f/1//fyXp/+v/d6P/r//fz+vX/9f/p7ey9f9j7r8hzKQm+R8AAADqIOb+G8NM5H8AAACojJj73xtmIv8DAABAZcTcvznMpCb5X/9f/1//v4/7/0P6/5n+f+np/+v/d6P/X67+/7D+v/6//j/LrGz9/5j73xdmUpP8DwAAAHUQc//7w0zkfwAAAKiMmPtvCjOR/wEAAKAyYu4fDzOpSf7X/9f/1//v4/6/4/+3rH8Z+v8jzafr/y8P/X/9/270/8vV/3f8f/1//X+WW9n6/zH33xxmUpP8DwAAAHUQc/+WMBP5HwAAACoj5v6JMBP5HwAAACoj5v7JMJOa5H/9/4vZ/29sY/1//X/9/3B+Cfv/jv+/AvT/9f+70f/X/+/n9ev/6//TW9n6/zH3T4WZ1CT/AwAAQB3E3L81zET+BwAAgMqIuX9bmIn8DwAAAJURc//2MJOa5P8+6f9vSQWovu7/O/6//n9f9v/Ty0D/X///fOj/6/93o/+v/9/P69f/1/+n1WCH08rW/4+5f0eYSU3yPwAAANRBzP07w0zkfwAAAKiMmPtvCTOR/wEAAKAyYu6/NcykJvm/T/r/FTn+v/6//n9f9v+Toj8/pP+/yPr1/zvT/9f/70b/X/+/n9ev/6//T29l6//H3L8rzKQm+R8AAADqIOb+D4SZyP8AAABQGTH33xZmIv8DAABAX+l0HMIo5v4PhpnUJP/r/1e9/z+3Wv9f/395+/+O/6//f270//X/u9H/1//v5/Xr/+v/01vZ+v8x9+8OM6lJ/gcAAIA6iLn/Q2Em8j8AAABURsz9t4eZyP8AAABQGTH37wkzqUn+1/+vev+/Nsf/b5yv/6//r/9fPvr/+v/d6P/3Z/8//Nii/1+i/n++D+n/U0Zl6//H3H9HmElN8j8AAADUQcz9Hw4zkf8BAACgMmLu/0iYifwPAAAAlRFz/0fDTGqS//X/9f8r0v93/H/9f/3/ktL/X7H+f+OtUP+/sGj/f43+fzfz/fkrHP+/z/v/jv9PWZWt/x9z/51hJjXJ/wAAAFAHMfd/LMxE/gcAAIDKiLn/N8NM5H8AAACojJj77wozqUn+1//X/9f/1//X/9f/X0n6/47/343j/5el/39p+vP9vn79f/1/eitb/z/m/t8KM6lJ/gcAAIA6iLn/7jAT+R8AAAAqI+b+j4eZyP8AAADQZ1Ytek7M/b8dZlKT/N9//f+xvuz/D6bb1//X/9f/1//X/19O+v/6/5n+/3m71P35fl+//r/+P72Vrf8fc/8nwkxqkv8BAACgDmLu/2SYifwPAAAAlRFz/++Emcj/AAAAUBkx998TZlKT/L/c/f/263fj+P/6/5n+v/6//r/+/wXqp/7/iP7/Avr/+v/9vH79f/1/eitb/z/m/t8NM6lJ/gcAAIA6iLn/3jAT+R8AAABK6sFzvkbM/Z8KM5H/AQAAoDJi7v90mElN8n//Hf+///r/+e3r/+v/Z/r/+v9NW1X/f/l0789/4xPLdT+O/1/Q/2+l/99f/f81y7x+/X/9f3orW/8/5v77wkxqkv8BAACgDmLu/0yYifwPAAAAlRFz/++Fmcj/AAAAUBkx9/9+mElN8r/+f8/+/98t5bE4/n/n9ev/6//r/+v/O/7/wv5//h6m/1/Q/9f/7+f16//r/9Nb2fr/Mfd/NsykJvkfAAAA6iDm/j8IM5H/AQAAoDJi7v/DMBP5HwAAACoj5v77w0xqkv/1/1f++P/6//r/+v/6//r/+v+O/9+Z/r/+fz+vX/9f/5/eytb/j7n/c2EmNcn/AAAAUAcx9/9RmIn8DwAAAJURc//eMBP5HwAAAPpAe6O0s5j7HwgzqUn+1//X/9f/1//X/9f/X0n6//r/3ej/6//38/r1//X/6a1s/f+Y+/eFmexpvRsAAACgf8Xc//kwk5r8+z8AAADUQcz9+8NM5H8AAACojJj7D4SZ1CT/6//r/+v/6//r/+v/ryT9f/3/bvT/9f/7ef36//r/9Fa2/n/M/dNhJjXJ/wAAAFAHMfcfDDOR/wEAAKAyYu4/FGYi/wMAAEBlxNz/YJhJTfK//r/+v/5/bfv/L32/bZ36//r/K0H/X/+/G/1//f9+Xr/+v/4/vZWt/x9z/+Ewk5rkfwAAAKiDmPu/EGYi/wMAAEBlxNz/xTAT+R8AAAAqI+b+I2EmNcn/+v/6//r/te3/L+34/2vm71f/X///fOj/6/93o/+v/9/P69f/1/+nt7L1/2PuPxpmUpP8DwAAAHUQc/+xMBP5HwAAACoj5v7jYSbyPwAAAFRGzP0nwkxqkv/1/8+t/z+wSDdQ/7/z+vX/K9D/b6L/r/9/PvT/9f+7uQj9/zebr6L/3+pS9+f7ff36//r/9FaK/v/I/Ncx9/9xmElN8j8AAADUQcz9J8NM5H8AAACojJj7Z8JM5H8A4P/Zu68ky64qj8O3Uz46usegKTAChsAzvBHBDPBewgsPwnsnvBMehPfeeyO8RyA8AiIglLnWKpXJc7Oq8lbus9f3PbCgqEanQtXd/EP6xQYAppG7/35xS5P9r//3/r/+X/+v/9f/75L+X/+/xPv/+v81f7/+X//PdkP0/3f517n77x+3NNn/AAAA0EHu/gfELfY/AAAATCN3/wPjFvsfAAAAppG7/0FxS5P9r//X/+v/9f/6f/3/Lun/9f+Hyf9bpP/X/6/1+/X/+n+2G63/z93/4Lilyf4HAACADnL3PyRusf8BAABgGrn7Hxq32P8AAAAwjdz9D4tbmux//b/+X/+v/9f/6/93Sf+v/1/i/X/9/5q/X/+v/2e70fr/3P0Pj1ua7H8AAADoIHf/I+IW+x8AAACmkbv/kXGL/Q8AAADTyN1/XdzSYv9frv/X/+v/19j/X67/1/8fuO9mfPp//f8S/b/+f83fr//X/7PdaP1/7v7r45YW+x8AAAB6yN3/qLjF/gcAAIAV2DvSz8rd/+i4xf4HAACAaeTuf0zc0mT/6//1//r/Ffb/3v/X/6+I/l//v0T/r/9f8/fr//X/bDda/5+7/7FxS5P9DwAAAB3k7n9c3GL/AwAAwDRy9z8+brH/AQAAYBq5+58QtzTZ//p//b/+X/+v/9f/75L+X/+/ZM39f/5c/b/+X/+v/+dwO+//73HD/j1q/5+7/4a4pcn+BwAAgA5y9z8xbrH/AQAAYBq5+58Ut9j/AAAAMI3c/U+OW5rsf/2//v9U//+f/9H/6//1/6d+XP9/PPT/+v8la+7/N97/1//r//X/bLXz/n9L73/mv87d/5S4pcn+BwAAgA5y9z81brH/AQAAYBq5+58Wt9j/AAAAMI3c/U+PW5rsf/2//t/7//p//b/+f5f0/8P2/2f+r97p9P9Hov/X/x/W/9/9CN+v/6eD0fr/3P3PiFua7H8AAADoIHf/M+MW+x8AAACmkbv/xrjF/gcAAIBp5O5/VtzSZP/r//X/+n/9/+n9/17L/v/OH9P/74b+f9j+f5n+/0j0//p/7//r/1k2Wv+fu//ZcUuT/Q8AAAAd5O5/Ttxi/wMAAMA0cvc/N26x/wEAAGAaufufF7c02f/6f/3/RfX/V+n/5+v/z/P9/8vm6P+9/787+n/9/xL9v/5/zd+v/9f/s91o/X/u/ufHLU32PwAAAExvb1O7/wVxi/0PAAAA08jd/8K4xf4HAACAaeTuf1Hc0mT/6//1/97/1/9fVP8/yfv/6+j/r9H/n4P+v0f/v9H/169F/z/O9+v/9f9sN1r/n7v/xXFLk/0PAAAAHeTuf0ncYv8DAADANHL3vzRusf8BAABgGrn7Xxa3NNn/+n/9v/5f/6//X0v/7/3/c9H/9+j/vf9/6tei/x/n+/X/+n+2G63/z93/8rilyf4HAACADnL3vyJusf8BAABgGrn7Xxm32P8AAAAwjdz9r4pbztz/e5fyqy4d/b/+X/+v/9f/6/93Sf+v/1+i/z93/3/1IX88/f9Y36//1/+z3Wj9f+7+m+IWf/0fAAAAppG7/9Vxi/0PAAAA08jd/5q4xf4HAACAaeTuf23c0mT/H9b/3/6/B/++/v9o9P/n/n79v/7/qP3/Hbee+p/T/+v/z4f+X/+/mbD/9/7/Or5f/6//Z7vR+v/c/a+LW5rsfwAAAOggd//r4xb7HwAAAKaRu/8NcYv9DwAAANPI3f/GuKXJ/j/+9/+v1f/r//X/cfX/3v/X/+v/9f/L9P8n3v/f88qDf6r/1//r/9mJ4+n/L9scV/+fu/9NcUuT/Q8AAAAd5O5/c9xi/wMAAMA0cve/JW6x/wEAAGAaufvfGrc02f/H3/97/1//f579/57+P+n/48+r/l//fx70//r/jf7/gp10P7/279f/6//ZbrT3/3P337w/9frtfwAAAOjg5v1/vHrztrjF/gcAAIBp5O5/e9xi/wMAAMA0cve/I25psv/1//r/E+//vf9f9P/x51X/r/8/D/p//f9G/3/BTrqfX/v36//1/2w3Wv+fu/+dcUuT/Q8AAAAd5O5/V9xi/wMAAMA0Yvcf/M3v9j8AAABM6d37/3j15j1xS5P937j/v/Zi+/9r7vLP9f/n/n79/7H0/zef+XtP/6//XxP9v/5/if5f/7/m7x+n/48fuE7/z3hG6/9z9783bmmy/wEAAKCD3P3vi1vsfwAAAJhG7v5b4hb7HwAAANbqrK4ud//745Ym+79x/z/J+//3vi2+QP8/b//v/f+4q+r/b9f/J/2//n+J/l//v+bvH6f/9/4/4xqt/8/d/4G4pcn+BwAAgA5y938wbrH/AQAAYBq5+z8Ut9j/AAAAMI3c/R+OW5rsf/3/2vt/7//r//X/Q/b/3v8v+n/9/xL9/97+fxPR/6/z+/X/+n+2G63/z93/kbilyf4HAACADnL3fzRusf8BAABgGrn7Pxa32P8AAAAwjdz9H49bmux//b/+f1f9/51/EP1/k/7/ev3/Rv9/KP2//n+J/t/7/2v+fv2//p/tRuv/c/d/Im5psv8BAACgg9z9n4xb7H8AAACYRu7+T8Ut9j8AAABMI3f/p+OGu/3fyX3S8brikB+P3lz/r//3/r/+3/v/+v9dunT9//7/D9f/b6H/P/3Xof/X/+v/9f/s1mj9f+7+z8Qt/vo/AAAATCN3/2fjFvsfAAAAppG7/3Nxi/0PAAAA08jd//m4pcn+1//r//X/q+3/r9H/n/79+v8xef9f/79E/6//X/P36//1/2w3Wv+fu/8LcUuT/Q8AAAAd5O7/Ytxi/wMAAMA0cvd/KW6x/wEAAGAaufu/HLc02f/6f/2//n+1/b/3/8/4fv3/mPT/+v8l+n/9/5q/X/+v/2e70fr/3P1fiVua7H8AAADoIHf/V+MW+x8AAACmkbv/a3GL/Q8AAADTyN3/9bilyf7X/+v/9f/6f/2//n+X9P/6/yX6f/3/MXx//jbR/+v/GdBo/X/u/m/ELU32PwAAAHSQu/+bcYv9DwAAAKM782/vPFTu/m/FLfY/AAAATCN3/7fjlib7f+b+f+mn6f8P6P/1/xv9v/5/x/T/F97/H+UXo/8/oP+/MJP0/97/1/8zsNH6/9z934lbmux/AAAA6CB3/3fjFvsfAAAAppG7/3txi/0PAAAA08jd//24pcn+n7n/X6L/P6D/1/9v9P/6/x3T/3v/f4n+X/+/5u/X/+v/2e6E+v8rNof0/7n7fxC3NNn/AAAA0EHu/lvjFvsfAAAAppG7/4dxi/0PAAAA08jd/6O4ZZ79f59bFv5N/f+x9//7v4n0//r/jf5f/6//36f/1/8v0f/r/9f8/fp//T/bjfb+f+7+H8ct8+x/AAAAaC93/0/iFvsfAAAAppG7/6dxi/0PAAAA08jd/7O4pcn+1/+P8f5/foP+X/+/4/7/so3+X/9/ien/9f9L9P/6/zV/v/5f/892o/X/uft/Hrc02f8AAADQQe7+X8Qt9j8AAABMI3f/L+MW+x8AAACmkbv/V3FLk/1/0f1/hhr6/30X2v9f3Pv/p+pp/f9J9v97Z/3nD9j/e/9f/3/J6f/1/0v0//r/NX9/9v/5+07/r//nbKP1/7n7fx23NNn/AAAA0EHu/t/ELfY/AAAATCN3/2/jFvsfAAAAppG7/3dxS5P97/3/Gfp/7/+P0f+f/Z+v/99d/3/nj+n/10H/r/9fov/X/6/5+73/r/9nu9H6/9z9t8UtTfY/AAAAdJC7//dxi/0PAAAA08jd/4e4xf4HAACAaeTuvz1uabL/9f/6/yn7/6v0/7P3/97/Xw/9v/5/if5f/7/m79f/6//ZbrT+P3f/H+OWJvsfAAAAOsjd/6e4xf4HAACAaeTu/3PcYv8DAADANHL3/yVuabL/9f/6//Pv/6+oX/ew/b/3//X/+v9hzNv/X6n/1/9fdP9/400HP6z/X+f36//1/2w3Wv+fu/+vcUuT/Q8AAAAd5O7/W9xi/wMAAMA0cvf/PW6x/wEAAGAaufv/Ebc02f+z9//3OuSn6f8PTPv+v/5f/6//H8a8/b/3//X/3v/X/+v/9f9sM1r/n7v/jrilyf4HAACADnL3/zNusf8BAABgbP9/9J+au/9fcYv9DwAAANPI3f/vuKXJ/p+9/z+M/v+A/l//v9H/6/93TP+v/1+i/9f/r/n79f/6f7Ybrf/P3f/fAAAA//+OdCcu") r0 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000140), 0x2000, 0x0) sendfile(r0, r1, 0x0, 0x20fffe82) 2m3.370731449s ago: executing program 6 (id=716): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r0) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001200)={0x2c, r2, 0x1, 0x70bd27, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_TX_RATES={0x10, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0xc, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}]}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x10}, 0x48090) 1m48.230421315s ago: executing program 35 (id=716): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r0) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001200)={0x2c, r2, 0x1, 0x70bd27, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_TX_RATES={0x10, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0xc, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}]}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x10}, 0x48090) 1m6.013530819s ago: executing program 8 (id=1101): r0 = getpid() r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RELOAD(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r2, 0x1, 0x70bd26, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r0}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x0) 1m4.29909561s ago: executing program 8 (id=1112): syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f00000000c0)='./file2\x00', 0x0, &(0x7f0000000100)={[{@nouser_xattr}, {@four_active_logs}, {@four_active_logs}, {@noquota}, {@gc_merge}, {@fastboot}, {@prjjquota={'prjjquota', 0x3d, '-{'}}, {@jqfmt_vfsv1}, {@extent_cache}, {@fastboot}]}, 0x1, 0x54f9, &(0x7f000000ab40)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYogbSQBqiB3FJCBBEeB4WIRJE8thX0fZIZxoIfMwgO80YaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgS3fVenFz9fu6bc5u306e2QAAAADnbKv1on4yS/2vzf3vza2fTb+IiDIizq3dR/HpJHPU5FSvvL56MYbbiDrh8BmT5voSEX+a6+FH198CAAAAXK7NcjVPq/X0MBt6QPQpFW3Kb38z5RURUc3uM6WVh7xfmcLq3/c4/mdKqwtY00xhqeQ2zpX2LvXf/Vi1mz5ritSUb78/29wBAIAejU6aflchAAAA9Onf0ANgGEU8bWUetwInqWm29z6f9AAAAIAPqBh6AAAAAEDn6vW/8/8AAADgsqXz/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjStlovNsvVvG3Obt9OntkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/szzsKhEAYhMHe9Z3J3P+w0qCpqUkVCB9/YzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvPndX/5PTI0zydxrY+l5JFk7NbZOjb1z4+gP4+vXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcLE/LykQAkEQBXPG/076/oeVBD2DCBHQ8KiiFg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABf9Ltf/k9MjTPJ3Glj6XgkWbtqbF019h40jh6Mt38DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcLFzP69xVHEAwN/M7GxtVVyj7CEiCh70Yrfb2tqbeFCCB/8EIaTbGrv1R5uDLUXIxZvknIvoUURQ4i3/Q84J5BJvOewhgmdlZmeSyQ9w/dGZTfL5wJv33WGY932zEPKd9xIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNLo3YM4yQ6dcRwX5zb3Hi9k/daRPrO+sj2btSyO6kz6dHi5+iHqNpcIAAAA50dS1vchhJ10bS7r405e/6flNVnN/92z47is54/W/WVf1v5Z+/WX3Rf3B+qMx8luentxOLhyPJXWk5vldHvub69o5U8+f/eS5F9I/MHyC6M0f57RNxsb77Xz8EId2QIA/8blsi+C8vehrO83mRgA50arUniX9X/SaTYnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDqMlsPTZRyFEGZbB3Fma+/xwkn9+sr2bNlurK6uVO+Z3SINIdxeHA6u1DiXaffg4aO788Ph4H79wSshhKZGf6eY/t2PJrg4hEaej+B/CuLiy56WfE5H0OAPJQAAzqS0aFldv5OuzWXnopkQ/vz+cP3/eiUOE9b/ux/f2KyOVa3/+7XNcPr1lu593nvw8NGbi/fm7wzuDD5962r/7f61m9ev3+zl70p63pgAAADw37SLVq3/45nj6/+XKnGYsP7/4tv+V9WxEvX/iQ4W/ZrOBAAA4Hx7/tU/fo9OOB+12+HL+aWl+/3xcf/z1fGxgVT/sQtFq9b/yUzTWQEAAAB1GC1Hh9b/b1XiMOH6/zM/vPRT9Z5JCOFisf5/eeGz4a36pjPV6vhz4qbnCAAAQLMuFq26/p/m+//j/S0PcQjhjdfGcfFvACeq/5P3v/6xOlZ1//+1+qY4leLu+HnkfTeEVrfpjAAAADjLnipaVuz/lq7NffLzpQ/b9v8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1O2vAAAA//+END5e") r0 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20) fallocate(r0, 0x0, 0x0, 0x1001f0) fallocate(r0, 0x3, 0x9, 0x10000) 1m1.984786938s ago: executing program 8 (id=1141): ioctl$vim2m_VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000100)={0x1, @pix={0xfffffffe, 0xeb97, 0x38414261, 0x9, 0x5b1, 0x2, 0x8, 0x80000001, 0x1, 0x7, 0x0, 0x2}}) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDFONTOP_SET(r0, 0x4b72, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x12, 0x201, 0x0}) 59.983417545s ago: executing program 8 (id=1146): syz_mount_image$squashfs(&(0x7f0000000940), &(0x7f00000000c0)='./file1\x00', 0x10000, &(0x7f00000009c0)=ANY=[], 0x1, 0x17f, &(0x7f0000000140)="$eJzskL1O60AQhc/azt8trm6kW6UJEgiFAmI7gOigDD0PQJSYEMXhJ44EiVIYIZSCAlHyBHmNSPQIChRR0yGliKiR0e6OzeYZ2K/w8c6cnZ2Z4+A8yAD4mg/r2IPAxF+8MAYLQJHJ2MyQek/6SnonBc/k26f4NWkhMMnxRBr0B+2a70fiwucS8knI6wa7VwZmIjOdD+v85xBAFEURjzWAjzwA1WO+WZmJ4ilYwH8xRJR4+CAMOfF8udc5Kwf9wXqrU2t6Te/EdSvb9qZtb7nlo5bv2fLLlCdoFHBdA8D3lVPyKQA35PlD+RimtEZ5pt5NKzssLWMBg1qGUoNhktyN3+EbPsAqsgAuQvYTncoqFsRIVTCYdHAspT/pyorERv3Ub4zAwOJrY1hJDecdqeTgqofKThi3OiJdIa2SjgG0aY2cYlrZKwBLVLilUymMW+w63HhZ6/W6DpCWf24Sc/+FUArxVx+MxeEeDWg0Go1Go9FoNBrNb+c7AAD//y+ic7s=") mount$overlay(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) chdir(&(0x7f0000000240)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) 59.431663853s ago: executing program 8 (id=1149): mkdir(&(0x7f0000000300)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000200)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@allow_other}]}}) open$dir(&(0x7f0000000580)='./file0/file0\x00', 0x101000, 0x111) 58.939718234s ago: executing program 8 (id=1153): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r1, 0x2f126000) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) 58.303939028s ago: executing program 36 (id=1153): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r1, 0x2f126000) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) 4.761467711s ago: executing program 7 (id=1634): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000002c0)='./file1\x00', 0x0, &(0x7f0000000140)=ANY=[], 0x5, 0x1282, &(0x7f0000000300)="$eJzs3U1rY1UcB+B/pmmbduyLOo52QDzoRhHitAtXborMgFhQqh1QQbhjUy1Nm9KEQkScunIl+DFEXboTxC/QjRvXgiDSjctZiFfSpE7TpB2nNq0Mz7PJ5ZzzO+fce8qFW+7h7r3y5fraSr28kjXiUqEQxc3hKN5NkeJSDEXbTrxw6+dfnn7rnXdfn19YuLGY0s35t2dfTilNPvPDe598++yPjcu3vpv8fjR2p9/f+2Pu192ruzN7f30Tq/W0Wk8btUbK0u1arZHdrlbS8mp9rZzSm9VKVq+kUmeMe/Ur1drmZjNlG8sT45tblXo9ZRvNtFZppkYhNbaaKfswW91I5XI5TYwH/8XS13fzPI/I8+EYiTzP87EYj8vxSEzEZEzFdDwaj8XjcSWeiKvxZDwVM/utDvIjFzt9AAAAAAAAAAAAAAAAAAAAeEjcZ/9/oXf//+hFTxkAAAAAAAAAAAAAAAAAAAAeOkf3/xcjHuD7/wAAAAAAAAAAAAAAAAAAAMBZuM/3/4/s/3/R/n8AAAAAAAAAAAAAAAAAAAAYhFL7ZzGlUsT659tL20vt33b5/EqsRjUqcT2m4s/Y3/3f1j6++drCjetp33S8tH6nk7+zvTTUnZ8dnorpQt/8bDufuvOjMX44PxdTcaX/+HN986V4/rlW/rN2vhxT8dMHUYtqLEcUOme/n/90NqVX31gY685fa7U71tCAlwUAAADOUjn9o/f5fafTqG99u6rzfJ46LQsn/H/gyPN5Ma4VL+qsOVBvfryWVauVrVMejBzfz0h3yVin5anHKkRE1hWfHP9tsdXlaSd/ZgdD5zro8Mltjq7FTOnEDi8dWsEo/g8u5hkc/P7VoZJSDGqs4dafc0/VwQXNqq3757/rMHbyfKCXZaRf1ehJqePvGYUB3o84X/cW/aJnAgAAAAAAAAAAwIPo+/bfWET0vA/4UU/Jwevh3fHeno8f/YtzOEMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+ZgeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwVQAAAP//kh3BBA==") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x10a) r1 = fanotify_init(0xf00, 0x0) fanotify_mark(r1, 0x1, 0x10001011, r0, 0x0) 4.122710061s ago: executing program 7 (id=1638): r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000003d40), 0x4) setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f0000003d80)={0x1, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10) syz_emit_ethernet(0x66, &(0x7f0000000340)={@multicast, @link_local, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x0, 0x0, 0x58, 0x0, 0x0, 0x0, 0x2f, 0x0, @private=0xe0, @multicast1=0xe000c800}, {{0x0, 0x0, 0x1, 0x0, 0xb, 0x0, 0x0, 0x4, 0x6558}, {0x0, 0x0, 0x0, 0x0, 0x11}, {}, {0x8, 0x88be, 0x0, {{}, 0xfffff788}}}}}}}, 0x0) 4.026242688s ago: executing program 9 (id=1641): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000040)=0x90000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000240)={@hyper}) ioctl$IOCTL_VMCI_QUEUEPAIR_SETPF(r0, 0x7a9, &(0x7f00000003c0)={{@my=0x1}, 0xfff, 0xffffffffffffffff, 0x0, 0x0, 0x80000, 0x2, 0x1000000000ff6, 0x58df}) 3.738844297s ago: executing program 0 (id=1645): r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xcabd8245) write$tun(r1, &(0x7f0000000400)={@val={0x1c, 0x800}, @val={0x2, 0x4, 0x45, 0x0, 0x9, 0x8}, @x25={0x0, 0xfd, 0x5}}, 0x11) 3.680629577s ago: executing program 7 (id=1646): r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0x302) r1 = gettid() read$midi(r0, 0x0, 0x0) tkill(r1, 0xb) 3.679879404s ago: executing program 9 (id=1658): r0 = socket$kcm(0x29, 0x5, 0x0) sendmmsg$inet(r0, &(0x7f0000008dc0)=[{{0x0, 0x0, &(0x7f0000000c00)=[{&(0x7f00000006c0)="9de6d3", 0x3}], 0x1}}], 0x1, 0x0) r1 = socket$kcm(0xa, 0x2, 0x3a) sendmsg$kcm(r1, &(0x7f0000000440)={&(0x7f0000000800)=@in6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c00)=[{&(0x7f0000000780)="80005b020eaa4da2", 0xfdef}], 0x1, 0x0, 0x0, 0x900}, 0x0) 3.46425497s ago: executing program 0 (id=1647): r0 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0) r1 = epoll_create(0x80) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000001c0)={0x8}) syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401) 3.419067364s ago: executing program 1 (id=1648): munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x400, &(0x7f0000000000)={[{@grpjquota}, {@dax_never}]}, 0x5, 0x4a6, &(0x7f0000001240)="$eJzs3c9rXNUeAPDvzDRpkua9/niPR9sHr4U+6HtKM/mBNFEXulIXBbHgRqHGZBprJpmQmdQmdJHqrgsXoiiIC/f+BW7syiKIa92LC6lojaCCMHLvzKT5NXXQNAO5nw/czrn33M73nAzfw51z750bQGadTv7JRQxGxBcRcbixunmH042XtbvXp5IlF/X6xe9z6X7JemvX1v87FBGrEdEXEc89FfFybnvc6vLK7GS5XFpsrhdrcwvF6vLKuStzkzOlmdL8yPj5iYnx4bHRiV3r6803X7154eNnej/6+Y07t9/69JOkWYPNuo392E2NrvfE0Q3bDkTE4w8iWBcUmv3p73ZD+FOSz+8fEXEmzf/DUUg/TSAL6vV6/bf6wXbVq3Vg38qnx8C5/FBENMr5/NBQ4xj+nzGQL1eqtYcvV5bmpxvHykeiJ3/5Srk03PyucCR6csn6SFq+tz66ZX0sIj0GfrvQn64PTVXK03s71AFbHNqS/z8VGvkPZISv/JBd8h+yS/5Ddsl/yC75D9kl/yG75D9kl/yH7JL/kF3yH7JL/kMmPXvhQrLUW/e/T19dXpqtXD03XarODs0tTQ1NVRYXhmYqlZn0np25P3q/cqWyMPJILF0r1krVWrG6vHJprrI0X7uU3td/qdSzJ70COnH01K2vchGx+mh/uiR6m3VyFfa3ej0X3b4HGeiOQrcHIKBrTP1BdvmOD+zwE72b9LWrWNj9tgB7I9/tBgBdc/aE83+QVeb/IbvM/0N2OcYHzP9D9pj/h+wabPP8r79teHbXcET8PSK+LPQcbD3rC9gP8t/mmsf/Zw//d3BrbW/ul/QUQW9EvPb+xXevTdZqiyPJ9h/Wt9fea24f7Ub7gU618rSVxwBAdq3dvT7VWvYy7ndPNi5C2B7/QHNusi89Rzmwltt0rUJul65dWL0REcd3ip9rPu+8ceZjYK2wLf6x5muu8RZpew+kz03fm/gnNsT/z4b4J//yXwWy4VYy/gzvlH/5NKdjPf82jz+Du3TtRPvxL78+/hXajH+nOozxygevf9M2/o2IkzvGb8XrS2NtjZ+07WyH8e+8+Py/2tXVP2y8z07xW5JSsTa3UKwur5xLf0dupjQ/Mn5+YmJ8eGx0opjOURdbM9XbPXb889v36/9Am/jt+v9Es03/77D/v/77sxdO3yf+/87s/PkfaxM/0R8RD3UY/8fRr19qV5fEn27T//x94ifbxjqMX33n6YMd7goA7IHq8srsZLlcWlRQUFBYL3R7ZAIetHtJ3+2WAAAAAAAAAAAAAJ3ai8uJu91HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID94PcAAAD//5j81ps=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0) writev(r0, &(0x7f0000000140)=[{&(0x7f0000001200)="10", 0x69000}], 0x1) 3.414604893s ago: executing program 9 (id=1661): mq_notify(0xffffffffffffffff, &(0x7f0000000000)={0x110c230000, 0x3, 0x2, @thr={0x0, 0x0}}) r0 = syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) move_pages(r0, 0x1, &(0x7f0000000000)=[&(0x7f000000b000/0x3000)=nil], 0x0, 0x0, 0x2) 3.333739041s ago: executing program 0 (id=1649): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000001040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000140)={0x34, r0, 0x1, 0x70bd29, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x18, 0x11d, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xc0}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}]}]}]}, 0x34}}, 0x0) 3.313500595s ago: executing program 7 (id=1650): bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xb, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000800000000000000000001801000020"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000280)={0x4, 0x0, 0xb51b, 0x10}, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x20, 0x12, 0xa01, 0x0, 0x0, {0x80}}, 0x26}}, 0x0) 3.051078975s ago: executing program 0 (id=1665): r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000180)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$chown(0x4, r0, 0xee00, 0x0) keyctl$setperm(0x5, r0, 0x1100100) keyctl$chown(0x6, r0, 0x0, 0x0) 2.964518245s ago: executing program 9 (id=1653): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbeef, 0x8031, 0xffffffffffffffff, 0x1000) madvise(&(0x7f0000000000/0x2000)=nil, 0x8000000, 0x19) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19) 2.903232833s ago: executing program 7 (id=1654): syz_mount_image$udf(&(0x7f00000004c0), &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='shortad,partition=00000000000000000005,noadinicb,uid=', @ANYRESDEC=0x0, @ANYBLOB='\x00\x00\x00\x00=', @ANYRESDEC=0x0, @ANYBLOB=',nostrict,\x00'], 0x1, 0x489, &(0x7f0000000580)="$eJzs29trHOUfx/HPd7K72Wz7+3XbpmmVgquCSsWaQ4/Gix5iqNCkOTQiRYWYbOLSnMimkhTR4o233ngjIgoKUkULIt54pb3zD1AQBL3wQgT3wgMIgszszM5ks2nS7iHd9v2CdifPfGfmOewzz7M7zwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEinnjrZ2WVbnQsAANBIg6Mjnd2M/wAA3FXO8/kfAADgbmJy9L1MfSMFG/D+Lkqezc1dWh7r6698WJt5R7Z48e6/ZFd3z6HDR44eC15vfHyt3aNzo+dPZk7Pzy4sZvP57GRmbC43MT+Z3fQZqj2+3AGvAjKzFy9NTk3lM90He1btXk7/0rqtI917tOOEE8SO9fX3j0ZiYvFbvvoa683wE3K0T6bfHvrUBiU5qr4uNnjv1FubV4gDXiHG+vq9gszkxueW3J1DQUU4fll9iaCOGtAWVWmX3HxZojaf2eJydEKmjp8Ldk5SS1APj3pfDK9/YKwml79lbj6fl/SAmqDNbmOtcvSjTLM7khra+mZFg8XkaFmmP3oLNuzdD9z+5N42zz6TeXpuaj4SO2R+j2r28aGRbvN7U1KOBr07fsFGtjozaDh3svSWTHs+ftmbV8ibl+7oPfrEcE90hrF3g/O4sQf9+eNmxuS4HztkQ2ZO7csFAAAAAAAAQGo1R9/JVPgqEyamTU7kkXFSxQdDma3JIoB6MUdvyzQ8UvC+ho+uS2mJrO8pafZnf/XNf1vy9PzCymJu+qWlivtTyZMv5pcWxycq71abe59tiaZstI6lSnFzlJDpuT8/stJ1i/d/fylAmJsPnwzXzCTLr++9b/5fXM8UPEM6fmFvdLtilm/i+ah7TTNHSzKd2rXPX6uS0po6UzHuc5l+f2+/H+ck3MwHp00XzziVm8l2urFfy/T+v0GstyxK2/zY3WFslxtrMr05sDp2ux/bHsZ2u7H9Ml1/oXLsnjC2x419XaaFXzNBbMqNvc+P7QhjD07Mz0xWqkrgZrn9/yeZ3m3PWNA3YsX339r+/0o4FlwpP9E6fb7a/p+OpF3x+/UFt///tc/ry17/dyr3/zdk+uSL/X5cse8l/P07vf/D/v+sTNPfro5N+bG7wtiuTVdsk3Dbf79MZ/ZcK9WN3/5+C4StFm3/e8vfHXVq/52RtLR/3dbaFB2S8iuXL47PzGQX2WCDDTZKG1t9Z0IjuOP/Z+4s6ssfSvMdf/z3P6aEM6u/Xw3H/97yE9Vp/N8VSev1ZyPxmJRcml2I75WS+ZXLj+Vmx6ez09m5Q51HOg8fOt51/Fg8EUzuwq2q6+pO5Lb/NzL9s+1q6fPu6vlf5fl/qvxEdWr/3ZG01Kr5StVFh9/+V2W6//q10vcSN5r/B9//PPJg8bXUP+vU/u2RtLR/3f/VpugAAAAAAAAAAAAAAAAA0NTi5ugDmc48HrPgt2abWf+35gdodVr/1RFJm2zQ7xWqrlQAaAKOHL0j08Mq2GtuwnZpIPqKO9p/AQAA//9HASOO") r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./bus\x00', 0x40942, 0x0) write$cgroup_type(r0, &(0x7f0000000040), 0x9) ftruncate(r0, 0x100) 2.732627173s ago: executing program 0 (id=1655): r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000140)={{0x12, 0x1, 0x0, 0x41, 0x3f, 0x5f, 0x20, 0x61d, 0xc150, 0xce6f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x33, 0x0, 0x1, 0x18, 0x70, 0xfd, 0x0, [], [{{0x9, 0x5, 0x82, 0x2, 0x200, 0x0, 0x4}}]}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1cf8ff002000010320"], 0x1c}}, 0x4044814) syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xa8, &(0x7f0000000040)=ANY=[@ANYBLOB="6b0ee0b3d41b1b"]) 2.505892675s ago: executing program 5 (id=1656): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000001680)=ANY=[@ANYBLOB="1800000000030000000000000000000095"], &(0x7f0000001700)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x9}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='mmap_lock_acquire_returned\x00', r0}, 0x10) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000e, 0x204031, 0xffffffffffffffff, 0xd0c6f000) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x19) 2.46862076s ago: executing program 1 (id=1657): r0 = fsopen(&(0x7f0000000080)='tmpfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0xf) quotactl_fd$Q_GETQUOTA(r1, 0xffffffff80000701, 0x0, 0x0) 2.458991114s ago: executing program 7 (id=1659): r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000d5e9bd40eb030200c0ba050000010902115c01000000000904000001b504b100090581"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x4, 0x0) ioctl$EVIOCGKEYCODE_V2(r1, 0x80284504, &(0x7f0000000040)=""/185) 2.118134474s ago: executing program 1 (id=1662): r0 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488) r1 = socket$l2tp6(0xa, 0x2, 0x73) sendmmsg$inet6(r1, &(0x7f00000038c0)=[{{&(0x7f0000001cc0)={0xa, 0xfffc, 0x0, @mcast2, 0x9}, 0x1c, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="20000000000000002900000004000000000100000000000001000101000401"], 0x20}}], 0x1, 0x0) 2.089552552s ago: executing program 5 (id=1663): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000018c0)={'team0\x00', 0x0}) r2 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x40, 0x10, 0x49920d862a92153b, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, 0x41, 0x150fe}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gtp={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GTP_FD0={0x8, 0x1, @udp=r2}]}}}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x40}}, 0x2400c080) 1.895201853s ago: executing program 4 (id=1664): timer_create(0x3, 0x0, &(0x7f0000001b40)) timer_create(0x1, 0x0, &(0x7f0000000000)=0x0) timer_settime(r0, 0x1, &(0x7f0000000880)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) timer_delete(r0) 1.724356098s ago: executing program 4 (id=1666): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000001040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000140)={0x34, r0, 0x1, 0x70bd29, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x18, 0x11d, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xc0}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}]}]}]}, 0x34}}, 0x0) 1.704568636s ago: executing program 5 (id=1667): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000001040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={0x1c, r0, 0x1, 0x7, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}}, 0x0) 1.683672174s ago: executing program 1 (id=1668): r0 = socket$igmp(0x2, 0x3, 0x2) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'cryptd(cbc-des3_ede-asm)\x00'}, 0x58) close_range(r0, 0xffffffffffffffff, 0x0) 1.486504117s ago: executing program 1 (id=1669): syz_mount_image$jfs(&(0x7f0000000400), &(0x7f00000000c0)='./file1\x00', 0x1c880, &(0x7f0000000000)=ANY=[], 0xf9, 0x6075, &(0x7f00000084c0)="$eJzs3cuOHFcZB/CvL9NzCYmtCEXGYuE4EBJCfLch3OKwYAFIICGLZWxNJpHBAWQbRCILT+QFYsHlEWCTDYs8AW8QdqwRD4AlO6tIEArV9Dl2dbvHPcYzXd1zfj+pp+rrUzV9yv+p6S5X1ZwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOI73/7hyU5EXPxleuJgxKeiF9GNWK3rI1HPnM/L9yPiUGw1xzMR0VuOqNff+nIg4kxEfPhUxJ27N9brp0/tsB9nT1y/+sl3v/WP3/zh1qEfv/H6++PtP/j06Q9+ezPi4Pdf+eCTm7uz7QAAAFCKqqqqTjrMP7z1dXhsDwDsf8P3/+HngVp+Xq1WqwuqN2fwer/vzs/2qguum6rJbjaLiNhsrlN/ZnA6HgAWzGZ83HYXaJH8i9aPiCfa7gQw1zptd4A9cefujfVOyrfTfD8YXgpy71qQkfw3O/fu79huOs34NSaz+vm6Fb14epv+rM6oD/Mk598dz//isH2Qltvr/Gdlu/wHw1ufipPz743nP2Yk/z9GxMLm352Yf6ly/v1HyX+zt8D7v/wBAAAAANj/8v//H2z5/O/y42/Kjjzs/O+RGfUBAAAAAAAAAHbb447/d4/x/wAAAGBu1cfqtT89df+5TsTfD0xYtj7Ev9CJeHJseaAw6WaZtbb7AQAAAAAAAAAAAAAl6Q+v4b3QiViKiCfX1qqqqh9N4/Wjetz1F13p2w8la/uXPAAADH34VLqX//bK8IlORD13IT56/a8/ilhaW1urqpXVtWqtWl3On2cHyyvVauO4Nk/r55YHO/hA3B9U9TdbaazXNO14eVr7+PerX2tQ9XbQsdloO3UASjd8N7rjHWmfqaoD0fanHBaD/X//sf+zE23/nAIAAAB7r6qqqpP+nPfhNL5ft+1OAQCzsJLf/8fPC6jVarVard5/dVM12c1mERGbzXXqzwyG4weABbMZH7fdBVok/6L1I+JQ250A5lqn7Q6wJ+7cvbHeSfl2mu8HaXz3fC3ISP6bna318vqTptOMX2Myq5+vW9GLp7fpzzMz6sM8yfl3x/O/OGwfpOX2Ov9Z2S7/ejsPttCftuX8e+P5j9k/+Xcn5l+qnH//kfLvyR8AAAAAAOZY/v//g87/5k0GAAAAAAAAgIVz5+6N9Xzfaz7//9kJy3Wac+7/3Ddy/p0d5+/+3/0k598dz3/sgpxeY/72a/fz/+jujfX3r//rM3k69/kv9Qb1ay91ur1+uuanWnozLseV2IgTDyzfH2k/+UD70kj7qSntpx9oH9Ttq7n9WKzHz+JKvHGvfXnKhVErU9qrKe05/579v0g5/37jUee/lto7Y9Pa7fe6D+z3zemk1zn/l/88/+DetdsGU5e4Fb1729ZUb9/RPenTw239mzwxiF9c27h67FeXrl+/ejLSZOTZU5Emuyznv5QeOf8Xnhu259/7zf319nuDR85/XtyK/rb5P9eYr7f3xRn3rQ05/0F65PzzO9Dk/X+R899+/3+phf4AAAAAAAAAAAAAAADAw1RVtXWL6PmIOJfu/2nr3kwAYKZ+9700UyWhVqvVarV6t+r+nPVnRDXZq80iVkbXORcRv570zQCAefbfiPhn252gNfIvWP57f/X0c213Bpipa++8+5NLV65sXL3Wdk8AAAAAAAAAgP9XHv/zSGP8563rgMbGjR4Z//W1OLKw4392B72tsc7TBj0bDx//+2g8fPzv/pTXW5rSPm3E4uUp7StT2ife6NGQ8382ZZzzP5w2rKTxX19ooT9ty/kfTWM95/y/MLZcM//qz4ucf3ck/+PX3/758WvvvPvy5bcvvbXx1sZPT544d+b02TOnz549/ublKxsnhl9b7PHeyvnnsa9dB1qWnH/OXP5lyfl/PtXyL0vO//lUy78sOf/8eU/+Zcn552Mf+Zcl5/9iquVflpz/F1Mt/7Lk/F9KtfzLkvP/UqrlX5ac/8upln9Zcv7HUi3/suT8j6da/mXJ+eczXPIvS84/X9kg/7Lk/E+lWv5lyfmfTrX8y5LzP5Nq+Zcl53821fIvS87/XKrlX5ac/5dTLf+y5Py/kmr5lyXn/0qq5V+WnP9XUy3/suT8v5Zq+Zcl5//1VMu/LDn/b6Ra/mXJ+X8z1fIvS87/1VTLvyz3//6/mRnP/PtvEXPQjb2YqaqqmoNumHmMmbZ/MwEAAAAAAAAAAAAA42ZxOXHb2wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/I8dOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWHv3mLkqu87gJ+92WtDghsIIcQJa2OIExbvrm/gECebaylpUkpC2rRJjWOvjRPf6rUTQCgshbZEQSpS+0AfmpvSKOpFoChSU4lGSI3UvpWnRLxErcSDpULloKRSqsBWZ87//9+Z2dmZtb1rnznn85Hgx+6cmfnPmTOz+130nQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAs00fmvnzgSzL8n8a/9qQZVfm/70um86/nNt9uVcIAAAAXKzXGv/+h6vSN6aXcaWmbf7tHf/xg/n5+fns86+eff0v5+fTBWNZNrQ2yxqXRf/+q1/ON28TPJaNDgw2fT3Y4+6Helw+3OPykR6Xr+lx+doelw8Uf01Z0qIdsMi6hVsY3dL4zw3FLs2uyUYal23pcK3HBtYODsa/5YSV5NeZHzmUHcmOZjPZZMe15ts/tym/rzuzeF+DTfe1Mcuycz9/+EBcw0DYx1uyljtraH7uXvlANvbqzx8+8N3TL7+10+y5GxatNMu2bs7X+XiWLfy5KhvI1qZ9Etc52LTOjR3WOdSyzoHG9fL/bl/nuWWuMz7u0bDOF7qsc2P43gM3Zlk2ly25TbvHssFsfdu9pv09WhwR+W3kT+WbsuHzOk42LeM4ya/z0o2tx0n7MRn3/6awT4aXWEPz0/HKo2sW7fcLPU7yR12GYzW/7bvzOx0dbf7Tasuxmm/z8E1LHwMdn7sOx0A6lpuOgc29joHBNUONY2BwYc2bW46BqUXXGcwGGvd19qbux8DE6WMnJ2YffOjWI8f2H545PHN8anL3zh27du7YtWvi0JGjM5PFv89vl/aR9dlgOgY3h/eaeAy+s23b5kNy/lsr9zoYLcnrIH/sn7o5X9CVg9kSx3i+zeNbL/51kH7uN70OhpteBx3fUzu8DoaX8TrItzm3dXk/M4eb/um0htV6L9zQdAxczp+H+X1+9l1LvxduDOt64t3n+/NwaNExEB/WQHjt5d9Jv++N3h72y+Lj4vr8givWZGdmZ05te2D/6dOnprIwLomrm56r9uNlfdNjyhYdL4PnfbxM//2vb76+w/c3hH01ekv35yrfZud49+eq8e7euj/XZMX+bPnu9iyMFXap92enn2b5/kxZosv+zLd5/NaL/10w5ZKm97+RXu9/QyPDxfvfUNobIy3vf4ufmqHGyrLs3K3Le/8bCf9c6ve/a0ry/pfvq89u634M5Ns8MXG+x8Bw1/e/G8McCOt5V0gMo025//XG5XPFYdr0XPY8boaHR8JxMxzvsfW42bHoOvmt5fe9dfLCjputN7Y+Vy2/t1TwuMn31V9Ndj9u8m2en7r494518T+b3jvW9DoGRobW5OsdSQdB8X43vy4eA9uyA9mJ7Gh2MF0nf5bz+xrfvrxjYE3451K/d1xXkmMg31dPb+9+DOTb/HjHyv7utDV8J23T9LtT+98Xlsr81w8v3F77blvpzJ+v88M/+UT6XqcMkW/z8s7zzRnd99Mt4TtXdNhP7a+fpY7pg9ml2U/XhXUe3dX9b1P5NtfsXubxNJ1l2YtTLzb+3hX+vvv9Mz/5QcvffTv9TfnFqRfvmrjnp+ezfgAALtzrjX/PrSl+1xxduGA5//8fAAAA6Asx9w+Gmcj/AAAAUBkx9w+Fmcj/AAAAUBkx9w+HmdQk/99/+55nXnskS58GOB/Ey+NuuPt9xXax4z0Xvh6bX5B//4PfGXnmq48s774Hsyz79V1v67j9/e+L6yqcjOt8T+v3F7nuhmXd/333LmzX/PkJ5/YUtx8fz3IPg9hVfm5ie+N2xx6caszn78oa8565Jx4rbr/4Om5/dkex/d+EDy2ZPjTQcv2tYT1bwhwLnylz9/TCfshnvN4zG9/xr1d/euH+4vUGNr+x8TCf/kpxu/Ezop66utg+Pu6l1v8vX/veM/n2D9zUef2PDHZe/9lwuy+F+au9xfbN+/yrTev/07D+eH/xetu+/aOO63/2LcX2z4bj4pthtq//A3/x9tc6PV/xfqbvKK4X73/yf3c2rhdvL95++/pHH5lq2R/tt//8q8Xt7P3SL4aat4/fj/cT3XdH6/E9EJ7flh55lmXf+7OsZT9n7y2u989t64+3d/KOzuu/pW2dJwduaFx/4fFsaHlcX//b7R0fb1zP9D9uaHk8T30k7L9XJ36c3+7Ze8LxGC7/vxeK22v/LNNnP9L6fhO3/+aG4nUbb2+ibf1Pta1/7oZ83/Ve/52vFut/9v1rW9Y//dFwPN1ZzF7rP/yNq1qu/63vFs/HqS+PHz8xe+bIwaa92vw6Xju6bv0VV77hjVeF99L2r/edOH3/zKmxybHJLBvrw48MXO31fzvM/ynG3MrfQ+GnvyiOuyc/Vvzceucvi6+fCt+/Lzyf8efj1/96pOV4bX/e595fzItd/7vDOpbrLV/7rxuWteHZzz135p/+5OX23wvi4zn55tHG43t607WNywaeLy5vf7/q5T/f3Pq6/tnwZGP+MOzX+fDJzJuvLe6v/fbjZ5M8+cni9Rt/k4vXz9o+T2TDUOvjuNj1/yz8HvOj61rf/+Lx8cNH2j7NeUM2kC9hLrw/ZHPF5XGruL+fPHdtx/uLn8OTzb31fJa5pNkHZyeOHjl+5oGJ0zOzpydmH3xo37ETZ46f3tf47NJ9X+h1/YXX9/rG6/vgzO6dWePVfqIYq+xyr//kvQcO3jZ588GZQ/vPHDp978mZU4cPzM4emDk4e/P+Q4dmvtzr+kcO7p3avmfHbdvHDx85uPf2PXt27Bk/cvxEvoxiUT3snvzi+PFT+xpXmd27c8/Url07J8ePnTg4s/e2ycnxM72u3/jZNJ5f+0vjp2aO7j995NjM+OyRh2b2Tu3ZvXt7z09/PHby0OzYxKkzxyfOzM6cmigey9jpxrfzn329rk89zJ4I73dtBsJv55+5ZXf6fNzcdx5d8qaKTVp/Pc1eCZ8FFX++9fo65v6RMJOa5H8AAACog5j7wwf/L1wg/wMAAEBlxNy/NsxE/gcAAIDKiLm/SP6j6fTvdcn/K9X/f1T/v0H/X/8/0/9P9P/1/zP9f/3/HvT/9f/7ef36//r/9Fa2/n/I/dm6LPP//wEAAKCiYu5fH2Yi/wMAAEBlxNx/RZiJ/A8AAACVEXP/lWEmNcn/zv+v/6//363/H7fV/8/0/8vQ/9/y3/r/i+j/6/9n+v8X7HL35/t9/SXs/6/T/6dsytb/j7n/DWEmNcn/AAAAUAcx978xzET+BwAAgMqIuf+qMBP5HwAAACoj5v4NYSY1yf/6//r/+v/O/6//3zf9f+f/70D/f/X7/80/VvX/W+n/6/+XrP/v/P+UTtn6/zH3/0aYSU3yPwAAANRBzP1vCjOR/wEAAKAyYu6/OsxE/gcAAIDKiLn/mjCTmuT/evb/X8qyTP8/0//X/29bp/6//v9q0P/v//6/8/8vTf9f/1//X/+f7srW/4+5/81hJjXJ/wAAAFAHMfdfG2Yi/wMAAEBlxNz/ljAT+R8AAAAqI+b+68JMapL/69n/d/5//f+C/n/rOi9T//8r+v/6/xdD/1//P9P/v2CXuz/f7+vX/9f/p7ey9f9j7n9rmElN8j8AAADUQcz914eZyP8AAABQGTH3vy3MRP4HAACAyoi5f2OYSU3yv/6//r/+/1L9/7P6/87/r/+/Avqr/z+45CX6/wX9/1Yr1/+fW1iA/n/frF//X/+f3srW/4+5/+1hJjXJ/wAAAFAHMfe/I8xE/gcAAIDKiLn/hjAT+R8AAAAqI+b+sTCTmuR//X/9f/1/5//X/9f/X0391f9fmv5/Qf+/lfP/6//r/+v/013Z+v8x928KM6lJ/gcAAIA6iLl/c5iJ/A8AAACVEXP/jWEm8j8AAABURsz9W8JMapL/9f/1//X/9f/1//X/V5P+v/5/N/r/+v/9vH79f/1/eitb/z/m/pvCTGqS/wEAAKAOYu6/OcxE/gcAAIDKiLn/nWEm8j8AAABURsz9W8NMapL/9f/1//X/+7j/P6T/n+n/l57+v/5/N/r/5er/D+v/6//r/7PCytb/j7n/XWEmNcn/AAAAUAcx9787zET+BwAAgMqIuf+WMBP5HwAAACoj5v7xMJOa5H/9f/1//f8+7v87/3/L+leg/z/S/H39/5Wh/6//343+f7n6/87/r/+v/89KK1v/P+b+W8NMapL/AQAAoA5i7t8WZiL/AwAAQGXE3D8RZiL/AwAAQGXE3D8ZZlKT/K//fyn7/419rP+v/6//Hy4vYf/f+f9Xgf6//n83+v/6//28fv1//X96K1v/P+b+qTCTmuR/AAAAqIOY+7eHmcj/AAAAUBkx9+8IM5H/AQAAoDJi7t8ZZlKT/N8n/f9tqQDV1/1/5//X/+/L/n96Gej/6/9fCP1//f9u9P/1//t5/fr/+v+0GuzwvbL1/2Pu3xVmUpP8DwAAAHUQc//uMBP5HwAAACoj5v7bwkzkfwAAAKiMmPtvDzOpSf7vk/5/Rc7/r/+v/9+X/f+k6M8P6f8vsX79/870//X/u9H/1//v5/Xr/+v/01vZ+v8x9+8JM6lJ/gcAAIA6iLn/PWEm8j8AAABURsz9d4SZyP8AAADQVzqdhzCKuf+9YSY1yf/6/1Xv/8+v1f/X/1/Z/r/z/+v/nx/9f/3/bvT/9f/7ef36//r/9Fa2/n/M/XvDTGqS/wEAAKAOYu5/X5iJ/A8AAACVEXP/+8NM5H8AAACojJj7p8NMapL/9f+r3v+vzfn/G5fr/+v/6/+Xj/6//n83+v/92f8Pv7bo/5eo/58fQ/r/lFHZ+v8x938gzKQm+R8AAADqIOb+D4aZyP8AAABQGTH3fyjMRP4HAACAyoi5/8NhJjXJ//r/+v8V6f87/7/+v/5/Sen/r1r/v/FWqP9fWLL/v07/v5uF/vxVzv/f5/1/5/+nrMrW/4+5/yNhJjXJ/wAAAFAHMfd/NMxE/gcAAIDKiLn/N8NM5H8AAACojJj77wwzqUn+1//X/9f/1//X/9f/X036/87/343z/5el/395+vP9vn79f/1/eitb/z/m/t8KM6lJ/gcAAIA6iLn/rjAT+R8AAAAqI+b+j4WZyP8AAADQZ9YseUnM/b8dZlKT/N9//f+xvuz/D6bb1//X/9f/1//X/19J+v/6/5n+/wW73P35fl+//r/+P72Vrf8fc//Hw0xqkv8BAACgDmLu/0SYifwPAAAAlRFz/++Emcj/AAAAUBkx998dZlKT/L/S/f/263fj/P/6/5n+v/6//r/+/0Xqp/7/iP7/Ivr/+v/9vH79f/1/eitb/z/m/t8NM6lJ/gcAAIA6iLn/njAT+R8AAABK6v7zvkbM/Z8MM5H/AQAAoDJi7v9UmElN8n//nf+///r/+e3r/+v/Z/r/+v9Ne1X/f+V0789/4+MrcR/Tzv+v/78E/f/+6v+vW+H16//r/9Nb2fr/MfffG2ZSk/wPAAAAdRBz/6fDTOR/AAAAqIyY+38vzET+BwAAgMqIuf/3w0xqkv/1/3v2//9uOY/F+f87r1//X/9f/1//3/n/F/f/8/cw/f+C/r/+fz+vX/9f/5/eytb/j7n/M2EmNcn/AAAAUAcx9/9BmIn8DwAAAJURc/8fhpnI/wAAAFAZMfd/NsykJvlf/3/1z/+v/6//r/+v/6//r//v/P+d6f/r//fz+vX/9f/prWz9/5j7PxdmUpP8DwAAAHUQc/8fhZnI/wAAAFAZMffvCzOR/wEAAKAPtDdKO4u5/74wk5rkf/1//X/9f/1//X/9/9Wk/6//343+v/5/P69f/1//n97K1v+PuX9/mMl0690AAAAA/Svm/s+HmdTk//8DAABAHcTcfyDMRP4HAACAyoi5/2CYSU3yv/6//r/+v/6//r/+/2rS/9f/70b/X/+/n9ev/6//T29l6//H3D8TZlKT/A8AAAB1EHP/oTAT+R8AAAAqI+b+w2Em8j8AAABURsz994eZ1CT/6//r/+v/17b//8L329ap/6//vxr0//X/u9H/1//v5/Xr/+v/01vZ+v8x9x8JM6lJ/gcAAIA6iLn/C2Em8j8AAABURsz9Xwwzkf8BAACgMmLuPxpmUpP8r/+v/6//X9v+//LO/79u4X71//X/L4T+v/5/N/r/+v/9vH79f/1/eitb/z/m/mNhJjXJ/wAAAFAHMfcfDzOR/wEAAKAyYu4/EWYi/wMAAEBlxNx/MsykJvlf///8+v8DS3QD9f87r1//vwL9/yb6//r/F0L/X/+/m0vQ/3+9+Sr6/60ud3++39ev/6//T2+l6P+PLHwdc/8fh5nUJP8DAABAHcTcfyrMRP4HAACAyoi5fzbMRP7n/9m7rx1LzyqPw9tlt4NGwxnnvgWugEvgGE4QEndgkok22WQwOSeTk8lgcs45B5MzBpMxIIFctdZqd6i9q7pqd73fu57ngAVNj/216JnhL/unFwAAgGnk7n9A3NJk/+v/vf+v/9f/6//1/9uk/9f/r+P9f/3/kr9f/6//Z7Mh+v+7/Ovc/Q+MW5rsfwAAAOggd/+D4hb7HwAAAKaRu//BcYv9DwAAANPI3f+QuKXJ/tf/6//1//p//b/+f5v0//r//eT/LdL/6/+X+v36f/0/m43W/+fuvzZuabL/AQAAoIPc/Q+NW+x/AAAAmEbu/ofFLfY/AAAATCN3/8Pjlib7X/+v/9f/6//1//r/bdL/6//X8f6//n/J36//1/+z2Wj9f+7+R8QtTfY/AAAAdJC7/5Fxi/0PAAAA08jd/6i4xf4HAACAaeTuvy5uabH/L9P/6//1/0vs/y/T/+v/91yzGp/+X/+/jv5f/7/k79f/6//ZbLT+P3f/9XFLi/0PAAAAPeTuf3TcYv8DAADAAuwc6Gfl7n9M3GL/AwAAwDRy9z82bmmy//X/+n/9/wL7f+//6/8XRP+v/19H/6//X/L36//1/2w2Wv+fu/9xcUuT/Q8AAAAd5O5/fNxi/wMAAMA0cvc/IW6x/wEAAGAaufufGLc02f/6f/2//l//r//X/2+T/l//v86S+//8ufp//b/+X//P/rbe/9/rht170P4/d/8NcUuT/Q8AAAAd5O5/Utxi/wMAAMA0cvc/OW6x/wEAAGAaufufErc02f/6f/3/6f7/v5fo//X/+v/TP67/Px76f/3/Okvu/1fe/9f/6//1/2y09f5/Q+9/9r/O3f/UuKXJ/gcAAIAOcvc/LW6x/wEAAGAaufufHrfY/wAAADCN3P3PiFua7H/9v/7f+//6f/2//n+b9P/D9v9n/6/emfT/B6L/1//v1//f8wDfr/+ng9H6/9z9z4xbmux/AAAA6CB3/7PiFvsfAAAAppG7/8a4xf4HAACAaeTuf3bc0mT/6//1//p//f+Z/f9Oy/7/zh/T/2+H/n/Y/n89/f+B6P/1/97/1/+z3mj9f+7+58QtTfY/AAAAdJC7/7lxi/0PAAAA08jd/7y4xf4HAACAaeTuf37c0mT/6//1/0fq/6/Q/8/X/x/y/f9L5+j/vf+/Pfp//f86+n/9/5K/X/+v/2ez0fr/3P0viFua7H8AAACY3s6qdv8L4xb7HwAAAKaRu/9FcYv9DwAAANPI3f/iuKXJ/tf/6/+9/6//P1L/P8n7/8vo/6/S/5+H/r9H/7/S/9evRf8/zvfr//X/bDZa/5+7/yVxS5P9DwAAAB3k7n9p3GL/AwAAwDRy978sbrH/AQAAYBq5+18etzTZ//p//b/+X//fq/8/teD+3/v/56P/79H/e///9K9F/z/O9+v/9f9sNlr/n7v/FXFLk/0PAAAAHeTuf2XcYv8DAADANHL3vypusf8BAABgGrn7Xx23nL3/dy7mV108+n/9v/5f/388/f8lC+n/l/z+v/7/fPT/+v/VhP3/lfv8+fT/Y32//l//z2aj9f+5+2+KW/z1fwAAAJhG7v7XxC32PwAAAEwjd/9r4xb7HwAAAKaRu/91cUuT/b9f/3/7/+39+/r/g9H/n//7F9L/n8of1/+f3Pv/d9x6+n9O/6//Pwz9v/5/NWH/7/3/ZXz/Mff/d7+v/p8Jjdb/5+5/fdzSZP8DAABAB7n73xC32P8AAAAwjdz9b4xb7H8AAACYRu7+N8UtTfb/8b//f7X+X/+/tP7f+/8D9P93pf/X/x+G/l//v9L/X7Brrr3m3pfv/VP9/8n3/97/Z0rH0/9fujqu/j93/5vjlib7HwAAADrI3f+WuMX+BwAAgGnk7n9r3GL/AwAAwDRy978tbmmy/4+///f+v/7/kP3/jv4/6f/jP1f9v/7/EPT/+v+V/v+CnXQ/v/Tv1//r/9lstPf/c/ffvDv1+u1/AAAA6ODm3X+8cvX2uMX+BwAAgGnk7n9H3GL/AwAAwDRy978zbmmy//X/+v8T7/+9/1/0//Gfq/5f/38I+n/9/0r/f8FOup9f+vfr//X/bDZa/5+7/11xS5P9DwAAAB3k7n933GL/AwAAwDRi9+/9ze/2PwAAAEzpPbv/eOXqvXFLk/3fuP+/+qj9/1V3+ef6//N/v/7/WPr/m8/+vaf/1/8vif5f/7+O/l//v+TvH6f/jx+4Tv/PeEbr/3P3vy9uabL/AQAAoIPc/e+PW+x/AAAAmEbu/lviFvsfAAAAluqcri53/wfilib7v3H/P8n7//e7Lb5A/z9v/+/9/7iL6v9v1/8n/b/+fx39v/5/yd8/Tv/v/X/GNVr/n7v/g3FLk/0PAAAAHeTu/1DcYv8DAADANHL3fzhusf8BAABgGrn7PxK3NNn/+v+l9//e/9f/6/+H7P+9/1/0//r/dfT/O7v/TUT/v8zv1//r/9lstP4/d/9H45Ym+x8AAAA6yN3/sbjF/gcAAIBp5O7/eNxi/wMAAMA0cvd/Im5psv/1/6P1/3t/xhn6/zv/JPr/Jv3/9fr/lf5/X/p//f86+n/v/y/5+/X/+n82G63/z93/ybilyf4HAACADnL3fypusf8BAABgGrn7Px232P8AAAAwjdz9n4kb7vH/J/dJx+vUPj8evbn+f7T+3/v/+v8z/ziL6P+9/79L/39+F6//3/3/4fr/DfT/Z/469P/6f/2//p/tGq3/z93/2bjFX/8HAACAaeTu/1zcYv8DAADANHL3fz5usf8BAABgGrn7vxC3NNn/+n/9v/5/sf3/Vfr/M79f/z8m7//r/9fR/+v/l/z9+n/9P5uN1v/n7v9i3NJk/wMAAEAHufu/FLfY/wAAADCN3P1fjlvsfwAAAJhG7v6vxC1N9r/+X/+v/19s/+/9/7O+X/8/Jv2//n8d/b/+f8nfr//X/7PZaP1/7v6vxi1N9j8AAAB0kLv/a3GL/Q8AAADTyN3/9bjF/gcAAIBp5O7/RtzSZP/r//X/+n/9v/5f/79N+n/9/zr6f/3/MXx//jbR/+v/GdBo/X/u/m/GLU32PwAAAHSQu/9bcYv9DwAAAKM7+2/v3Ffu/m/HLfY/AAAATCN3/3filib7f+b+f91P0//v0f/r/1f6f/3/lun/L7z/P8gvRv+/R/9/YSbp/73/r/9nYKP1/7n7vxu3NNn/AAAA0EHu/u/FLfY/AAAATCN3//fjFvsfAAAAppG7/wdxS5P9P3P/v47+f4/+X/+/0v/r/7dM/+/9/3X0//r/JX+//l//z2Yn1P+fWu3T/+fu/2Hc0mT/AwAAQAe5+2+NW+x/AAAAmEbu/h/FLfY/AAAATCN3/4/jlnn2//1vWfNv6v+Pvf/f/U2k/9f/r/T/+n/9/y79v/5/Hf2//n/J36//1/+z2Wjv/+fu/0ncMs/+BwAAgPZy9/80brH/AQAAYBq5+38Wt9j/AAAAMI3c/T+PW5rsf/3/GO//5zfo//X/W+7/L13p//X/F5n+X/+/jv5f/7/k79f/6//ZbLT+P3f/L+KWJvsfAAAAOsjd/8u4xf4HAACAaeTu/1XcYv8DAADANHL3/zpuabL/j9z/Z6ih/991of3/0d7/P11P6/9Psv/fOeePP2D/7/1//f9Fp//X/6+j/9f/L/n7s//P33f6f/0/5xqt/8/d/5u4pcn+BwAAgA5y9/82brH/AQAAYBq5+38Xt9j/AAAAMI3c/b+PW5rsf+//z9D/e/9/jP7/3D++/n97/f+dP6b/Xwb9v/5/Hf2//n/J3+/9f/0/m43W/+fuvy1uabL/AQAAoIPc/X+IW+x/AAAAmEbu/j/GLfY/AAAATCN3/+1xS5P9r//X/0/Z/1+h/5+9//f+/3Lo//X/6+j/9f9L/n79v/6fzUbr/3P3/yluabL/AQAAoIPc/X+OW+x/AAAAmEbu/r/ELfY/AAAATCN3/1/jlib7X/+v/z98/3+qft3D9v/e/9f/6/+HMW//f7n+X/9/5P7/xpv2flj/v8zv1//r/9lstP4/d//f4pYm+x8AAAA6yN3/97jF/gcAAIBp5O7/R9xi/wMAAMA0cvf/M25psv9n7//vs89P0//vmfb9f/2//l//P4x5+3/v/+v/vf+v/9f/6//ZZLT+P3f/HXFLk/0PAAAAHeTu/1fcYv8DAADA2O528J+au//fcYv9DwAAANPI3f+fuKXJ/p+9/9+P/n+P/l//v9L/6/+3TP+v/19H/6//X/L36//1/2w2Wv+fu/9/AQAA//9i1CZn") open(&(0x7f00000000c0)='./file1\x00', 0x14927e, 0x6) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x441, 0x78) mkdir(&(0x7f0000002bc0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x1) 1.470841649s ago: executing program 4 (id=1670): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x4, &(0x7f0000000000)=0x4a9, 0x4) 1.419186488s ago: executing program 5 (id=1671): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_FLOW_DEFAULT_RATE={0x8, 0x10, 0x9}]}}]}, 0x38}}, 0x0) 1.234271474s ago: executing program 4 (id=1672): r0 = syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0xb8f1, 0x1, 0xffffffee, 0x1c3}, &(0x7f0000000040)=0x0, &(0x7f0000000000)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000500)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x48, 0x0, 0x10000, 0x3, 0x0, 0x1, 0x0, 0x1, {0x3}}) io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0) 1.189356226s ago: executing program 5 (id=1673): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000006c0), 0x48200, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xe) ioctl$TIOCVHANGUP(r0, 0x5437, 0x200000000000000) 976.746479ms ago: executing program 4 (id=1674): r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000740)={0x26, 'skcipher\x00', 0x0, 0x0, 'adiantum(xchacha20,serpent)\x00'}, 0x4e) close_range(r0, 0xffffffffffffffff, 0x0) 875.147417ms ago: executing program 5 (id=1675): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0) r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0) sendfile(r1, r0, &(0x7f0000002080)=0x64, 0x23b) setsockopt$inet6_tcp_TCP_QUEUE_SEQ(r0, 0x6, 0x15, 0x0, 0x0) 634.75894ms ago: executing program 0 (id=1676): syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x800002, &(0x7f0000000000)={[{@noblock_validity}, {@dioread_nolock}, {@errors_remount}, {@minixdf}, {@jqfmt_vfsv0}, {@usrjquota, 0x2e}], [], 0x22}, 0x84, 0x464, &(0x7f0000000ac0)="$eJzs3EtvG0UcAPD/bpq+S0Ipjz6AQEFEPJImLdADFxBIvSAhwaEcQ5pWpWmDmiDRKqIpQuWI+gmAIxKfgBNcEHACcYU7QqpQLgQOaNHau6lx7GAncZ3g30/aeGZ31jt/7449O2MngJ41lP9JIvZGxM8RMRARffUFhqoPS4vzk38uzk8mkWWv/57ku8Ufi/OTZdGkeNxTZIbTiPTDJA43OO7slasXJqanpy4X+dG5i++Mzl65+sz5ixPnps5NXRo/efLE8bHnnxt/dkPi3JfX9dD7M0cOnnrz5quTp2++9d0XeX33Fttr46gaXPcxh2Jo+TWp9/i6n31z2VeTTrZ1sSK0JW/r+enqr7T/geiL2ydvIF75oKuVAzoqy7Jsx4q1yz2AhQz4H0ui2zUAuqP8oM/vf8vlDnY/uu7Wi9UboDzupWKpbtkWaVGmv+7+diMNRcTphb8+yZdoOA4BALCxvsr7P0836v+lcV9NubuKuaHBiLg7IvZHxD0RcSAi7o2olL0/Ih5o8/hDdfmV/Z8fd60psBbl/b8Xirmtf/f/yt5fDPYVuX2V+PuTs+enp44Vr8lw9O/I82OrHOPrl3/6uNm22v5fviz1x2TZFyzq8du2ugG6MxNzE+uJudat65UxwGsr40+WZwKSiDgYEYfW8Pw7I+L8k58fabZ9RfyL83Xxr2ID5pmyzyKeqJ7/haiLv5SsPj85ujOmp46NllfFSt//cOO1ZsdfV/wbID//uxte/8vxDya187Wz7R/jxi8fNb2n+e/4G1//25M3Kuntxbr3JubmLo9FbE8WVq4fv71vmS/L5/EPH23c/vdH/P1psd/hiMgv4gcj4qGIeLio+yMR8WhEHF0l/m9feuzttcffWXn8Z9o6/+0n+i5882Wz47d2/k9UUsPFmlbe/1qt4HpeOwAAANgq0sp34JN0ZDmdpiMj1e/wH4jd6fTM7NxTZ2fevXSm+l35wehPy5GugZrx0LFibLjMj9flj1fGjbMsy3ZV8iOTM9OdmlMHWrOnSfvP/drX7doBHdfWPFqzX7QBW5Lfa0Lv0v6hd2n/0Lu0f+hdjdr/tYilVXe63rHqAHeQz3/oXdo/9C7tH3qX9g89aT2/618tsf9Ua4XLf0DYoWpsgUTf5qhG24lIN0U11pZIN0c1qokdEdFq4Wt3rKV0+Y0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/wTAAD//7YA6Ok=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) ioctl$FS_IOC_ENABLE_VERITY(r0, 0x8004587d, &(0x7f0000000200)={0x2, 0x1, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0}) 633.089666ms ago: executing program 9 (id=1677): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x11, 0x0) umount2(&(0x7f00000000c0)='./file0\x00', 0x4) 234.198713ms ago: executing program 9 (id=1678): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x1018e58, &(0x7f0000000380)={[{@nodioread_nolock}, {@noblock_validity}, {@data_err_ignore}, {@max_batch_time={'max_batch_time', 0x3d, 0x8c9}}, {@nodiscard}, {@inlinecrypt}, {@i_version}]}, 0x6, 0x5fc, &(0x7f0000000600)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySSvKy5fpI/b88zwxHx7dGIRyur6124cvXsdLXW8F7E/sVzF/cvXLm6b/7c9JnZM7Pnpw68cPDQ5ItTB6c2JM7t+fOx4689+fH7bz8/9111XxKH4+TguzOxIo6NMh7jcScPsbV8ICIOZYk2n8vDZguEUGqV/PdxMCIej7Go1HMNYzH/UaGNA3qqVomoASWV6P9QUs1xQPPYvrvj4JM9HpX0z60jjQOg1fEPNM6NxHD92Gjb7aTlyKhxbmPHBtSf1fHPtd2fZ49Ydh7iz7tbZ2AD6ulk6XpEPNEu/qTeth31SLP402XtSCJiMiKG8va98gBtSFrSvTgPs5b1xp9GxOH8OSs/us76x1fk+x0/AOV080i+I1/Kcvf2f9nYozn+iTbjn9E2+671KHr/13n819zfD9fPkacrxmHZmOVE+7ccXFnw04fHPu1Uf+v4L3tk9TfHgv1w63rE7hXxf5AFm49/sviTNts/W+XU4e7qePX7X451WlZ0/LUbEXvaHv/cG5VmqTWuT+6fm6/OTjZ+tq3j62/e+rJT/UXHn23/bR3ib9n+6crXZZ/JxS7r+OrEjXOdlo3eN/7056Gkcbw5lJe8M724eGkqYig5nq/SUn5g7bY012m+Rxb/3mfa9/9lv//Xl7/PSPNPZhcuvnH2dqdl69n+LReT79S6bEMnWfwz99/+q/p/VvZJl3X88eblpzotWyv+kQcJDAAAAAAAAEoorV+DTdKJu+k0nZhozJd9LLal1QsLi8/OXbh8fiZib/3/IQfT5pXusUY+yfJT+f/DNvMHVuSfi4idEfFZZaSenzh9oTpTdPAAAAAAAAAAAAAAAAAAAACwSWzP5/8371P9e6Ux/x8oiV7eYA7Y3PR/KK96/191iyegDOz/obz0fygv/R/KS/+H8tL/obz0fygv/R/KS/8HAAAAgC1p59M3f0wiYumlkfojM5QvMyMItrbBohsAFKZSdAOAwty99G+wD6XT1fj/r/zLAXvfHKAASbvC+uCgtnbnv9n2lQAAAAAAAAAAAABAD+zZ1Xn+v7nBsLWZ9gfl9QDz/311ADzkfPU/lJdjfOB+s/iHOy0w/x8AAAAAAAAAAAAA+ma0/kjSiXwu8Gik6cRExP8jYkcMJnPz1dnJiHgkIn6oDP4vy08V3WgAAAAAAAAAAAAAAAAAAADYYhauXD07Xa3OXmpN/L2qZGsnmndB7UNdL8d/fFUk/f9YRiKi8I3Ss8RAS0kSsZRt+U3RsEsLsTmaUU8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hziwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793iaJjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTv8GAAD//7V5QCw=") syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x4000, &(0x7f0000000000), 0xa, 0xbb8, &(0x7f00000017c0)="$eJzs3M1rXFUbAPDn3kymaZv3nfTlRawbIyItiNOkkmKLYCsVNy4E3QoN6aSETD9IIjVpFhP9B0RdC24EtSgu7LobRbdutN0qLoQisVEQ0cidjyQ2mTS1M70x/f3gzD3nnpl5nmcuM/cemJkA7luD2U0asT8iTiURpeb+NCKK9V5fRK1xv6XF+bFfF+fHklhefumnJJKIuLk4P9Z6rqS53dsc9EXE188m8b831sednp2bHK1WK1PN8aGZsxcOTc/OPTFxdvRM5Uzl3PCRp0YOjxwZOjrSsVp/++74lV8eef6H2u8f/nH557ffT+J49Dfn1tbRKYMxuPKarFWIiNFOB8tJT7OetXUmhds8KO1yUgAAtJWuuYZ7IErRE6sXb6X4/JtckwMAAAA6YrknYhkAAADY4RLrfwAAANjhWt8DuLk4P9Zq+X4j4d66cSIiBhr1LzVbY6YQtfq2L3ojYs/NJNb+rDVpPOyuDUbE99ePfpK16NLvkDdTW4iIBzc6/km9/oH6r7jX159GxFAH4g/eMv431X+8A/Hzrh+A+9PVE40T2frzX7py/RMbnP8KG5y7/om8z3+t67+lddd/q/X3tLn+e3GLMS598O7FdnNZ/U9fee7jVsviZ9u7KuoO3FiIeKiwUf3JSv1Jm/pPbTFG6c+LlXZzede//F7Egdi4/pZk8/8nOjQ+Ua0MNW43jLHw1chH7eLnXX92/Pe0qb/1/0/tjv+FLcZ45eTJT9ftvL7a3bz+9Mdi8nK9V2zueW10ZmZqOKKYvLB+/+HNc2ndp/UcWf0HH938/b9R/dlnQq35OmRrgYXmNhu/fkvMZy5f+qxdPq31X57H/3Sb47+2/i8L64//m1uM8dgXbx1sN7d2/Zu1LH5rLQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALWlE9EeSllf6aVouR+yNiP/HnrR6fnrm8fHzr547nc1FDERvOj5RrQxFRKkxTrLxcL2/Oj58y/jJiNgXEe+UdtfH5bHz1dN5Fw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCKvRHRH0lajog0IpZKaVou550VAAAA0HEDeScAAAAAdJ31PwAAAOx81v8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB02b6Hr15LIqJ2bHe9ZYrNud5cMwO6Lc07ASA3PXknAOSmkHcCQG7ucI3vcgF2oOQ2831tZ3Z1PBcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtq8D+69eSyKidmx3vWWKzbneXDMDui3NOwEgNz2bTRbuXR7AvectDvcva3wguc183+p9an+f2dW1nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYfvrrLUnLEVFs7iuXI/4TEQPRm4xPVCtDEfHfiPi21LsrGw/nnDMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACdNz07NzlarVamsk4azc7KHp3VTtJ4xWrbJR+du+wUY1uksU07eX8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQh+nZucnRarUyNZ13JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDepmfnJker1cpUFzt51wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH7+CgAA//9gfgp0") open(&(0x7f0000000040)='.\x00', 0x418601, 0x8) read(0xffffffffffffffff, 0x0, 0x0) 131.124481ms ago: executing program 4 (id=1679): r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCL_SETSEL(r0, 0x5452, &(0x7f0000000100)) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7ffffffc}]}) close_range(r1, 0xffffffffffffffff, 0x0) 0s ago: executing program 1 (id=1680): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x9c, 0xb, 0x0, 0xffffffffffffffff, 0x327}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000240)='ns/user\x00') kernel console output (not intermixed with test programs): vice found, idVendor=0eef, idProduct=72c4, bcdDevice= 0.00 [ 238.937836][ T972] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 238.981005][ T972] usb 2-1: config 0 descriptor?? [ 239.329978][ T8826] loop9: detected capacity change from 0 to 1024 [ 239.408806][ T972] hid-multitouch 0003:0EEF:72C4.000A: unknown main item tag 0x0 [ 239.428759][ T972] hid-multitouch 0003:0EEF:72C4.000A: hidraw0: USB HID v0.03 Device [HID 0eef:72c4] on usb-dummy_hcd.1-1/input0 [ 239.530761][ T5856] usb 8-1: new full-speed USB device number 8 using dummy_hcd [ 239.656908][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 239.695458][ T5856] usb 8-1: config 4 has an invalid interface number: 44 but max is 0 [ 239.708271][ T8810] loop8: detected capacity change from 0 to 32768 [ 239.727401][ T5856] usb 8-1: config 4 has no interface number 0 [ 239.745284][ T55] usb 2-1: USB disconnect, device number 10 [ 239.760707][ T8810] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.912 (8810) [ 239.774354][ T5856] usb 8-1: config 4 interface 44 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 239.794127][ T5856] usb 8-1: New USB device found, idVendor=1044, idProduct=7001, bcdDevice= 5.20 [ 239.807754][ T5856] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 239.816455][ T5856] usb 8-1: Product: syz [ 239.825719][ T5856] usb 8-1: Manufacturer: syz [ 239.835903][ T8810] BTRFS info (device loop8): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 239.849304][ T8810] BTRFS info (device loop8): using sha256 (sha256-x86_64) checksum algorithm [ 239.862151][ T5856] usb 8-1: SerialNumber: syz [ 239.868875][ T8810] BTRFS info (device loop8): using free-space-tree [ 239.942939][ T8810] BTRFS info (device loop8): rebuilding free space tree [ 240.211945][ T7731] BTRFS info (device loop8): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 240.310647][ T5856] dvb-usb: found a 'Gigabyte U7000' in warm state. [ 240.325889][ T5856] dvb-usb: will use the device's hardware PID filter (table count: 32). [ 240.351334][ T5856] dvbdev: DVB: registering new adapter (Gigabyte U7000) [ 240.400201][ T5856] usb 8-1: media controller created [ 240.421913][ T5856] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 240.548626][ T8829] loop9: detected capacity change from 0 to 32768 [ 240.586575][ T5856] DVB: Unable to find symbol dib7000p_attach() [ 240.612568][ T5856] dvb-usb: no frontend was attached by 'Gigabyte U7000' [ 240.663087][ T8829] JBD2: Ignoring recovery information on journal [ 240.751856][ T5856] rc_core: IR keymap rc-dib0700-rc5 not found [ 240.760650][ T5856] Registered IR keymap rc-empty [ 240.764284][ T8829] ocfs2: Mounting device (7,9) on (node local, slot 0) with ordered data mode. [ 240.765787][ T5856] dvb-usb: could not initialize remote control. [ 240.812913][ T5856] dvb-usb: Gigabyte U7000 successfully initialized and connected. [ 240.838316][ T5856] dib0700: There's no endpoint for remote controller [ 241.052045][ T8487] ocfs2: Unmounting device (7,9) on (node local) [ 241.139376][ T6040] usb 8-1: USB disconnect, device number 8 [ 241.188958][ T6040] dvb-usb: Gigabyte U7000 successfully deinitialized and disconnected. [ 241.314533][ T8864] loop1: detected capacity change from 0 to 4096 [ 241.346678][ T8866] batadv_slave_1: entered promiscuous mode [ 241.372620][ T8865] batadv_slave_1: left promiscuous mode [ 241.670819][ T55] usb 10-1: new full-speed USB device number 3 using dummy_hcd [ 241.853232][ T55] usb 10-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 241.874320][ T55] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 241.903889][ T55] usb 10-1: config 0 descriptor?? [ 241.931411][ T8879] loop8: detected capacity change from 0 to 256 [ 242.004235][ T8879] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0x36e06c6e, utbl_chksum : 0xe619d30d) [ 242.141028][ T55] udl 10-1:0.0: [drm] Unrecognized vendor firmware descriptor [ 242.373530][ T55] [drm] Initialized udl 0.0.1 for 10-1:0.0 on minor 2 [ 242.400672][ T55] [drm] Initialized udl on minor 2 [ 242.655570][ T8895] loop8: detected capacity change from 0 to 256 [ 242.735428][ T8895] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 242.763038][ T55] udl 10-1:0.0: [drm] *ERROR* Read EDID byte 1 failed err ffffffb9 [ 242.772753][ T8877] loop5: detected capacity change from 0 to 32768 [ 242.776759][ T8897] 8021q: adding VLAN 0 to HW filter on device bond1 [ 242.790125][ T55] udl 10-1:0.0: [drm] Cannot find any crtc or sizes [ 242.802910][ T24] udl 10-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 242.830096][ T8897] bond0: (slave bond1): Enslaving as an active interface with an up link [ 242.832868][ T24] udl 10-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 242.850589][ T55] usb 10-1: USB disconnect, device number 3 [ 242.861000][ T8877] JBD2: Ignoring recovery information on journal [ 242.886346][ T24] udl 10-1:0.0: [drm] Cannot find any crtc or sizes [ 243.046750][ T8877] ocfs2: Mounting device (7,5) on (node local, slot 0) with writeback data mode. [ 243.320578][ T5843] jfs_flush_journal: synclist not empty [ 243.326632][ T5843] metapage: ffff888079510ba0: 00001000 00000000 00003a48 00000000 [ 243.371029][ T5843] metapage: ffff888079510bb0: 30e9e228 ffff8880 30e9e228 ffff8880 [ 243.379039][ T5843] metapage: ffff888079510bc0: 00000004 00000000 00000000 00000000 [ 243.387642][ T5843] metapage: ffff888079510bd0: 7a379000 ffff8880 0000001c 00000000 [ 243.402111][ T5846] ocfs2: Unmounting device (7,5) on (node local) [ 243.427799][ T5843] metapage: ffff888079510be0: 00000000 dead4ead ffffffff 00000000 [ 243.472656][ T5843] metapage: ffff888079510bf0: ffffffff ffffffff 9aed89a0 ffffffff [ 243.489524][ T5843] metapage: ffff888079510c00: 95dfcbe0 ffffffff 00000000 00000000 [ 243.523366][ T5843] metapage: ffff888079510c10: 8bed9fa0 ffffffff 00000300 00000000 [ 243.553870][ T5843] metapage: ffff888079510c20: 79510c20 ffff8880 79510c20 ffff8880 [ 243.580604][ T5843] metapage: ffff888079510c30: 01e8de40 ffffea00 725bc000 ffff8880 [ 243.605980][ T5843] metapage: ffff888079510c40: 00001000 00003b94 00000000 00000000 [ 243.631044][ T5843] metapage: ffff888079510c50: 30e9e000 ffff8880 [ 243.655132][ T5843] page: ffffea0001e8de40: 00fff3000000403c ffffea0001bb8b08 [ 243.680602][ T5843] page: ffffea0001e8de50: ffffea0001386588 0000000000000000 [ 243.688055][ T5843] page: ffffea0001e8de60: 000000000000001c ffff888079510ba0 [ 243.695495][ T5843] page: ffffea0001e8de70: 00000001ffffffff ffff88801cae8d00 [ 243.804645][ T8901] loop1: detected capacity change from 0 to 32768 [ 243.850630][ T972] usb 10-1: new full-speed USB device number 4 using dummy_hcd [ 243.860886][ T8901] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 244.006096][ T8901] XFS (loop1): Ending clean mount [ 244.024345][ T8901] XFS (loop1): Quotacheck needed: Please wait. [ 244.108920][ T972] usb 10-1: config 4 has an invalid interface number: 44 but max is 0 [ 244.186380][ T972] usb 10-1: config 4 has no interface number 0 [ 244.230738][ T972] usb 10-1: config 4 interface 44 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 244.299864][ T972] usb 10-1: New USB device found, idVendor=1044, idProduct=7001, bcdDevice= 5.20 [ 244.339193][ T8901] XFS (loop1): Quotacheck: Done. [ 244.340771][ T972] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 244.380706][ T972] usb 10-1: Product: syz [ 244.399921][ T972] usb 10-1: Manufacturer: syz [ 244.409190][ T972] usb 10-1: SerialNumber: syz [ 244.555845][ T8901] XFS (loop1): User initiated shutdown received. [ 244.583949][ T8928] tipc: Started in network mode [ 244.587037][ T8930] netlink: 8 bytes leftover after parsing attributes in process `syz.5.950'. [ 244.588863][ T8928] tipc: Node identity ff, cluster identity 4711 [ 244.610924][ T8901] XFS (loop1): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x160/0x190 (fs/xfs/xfs_fsops.c:475). Shutting down filesystem. [ 244.668631][ T8928] tipc: Enabling of bearer rejected, failed to enable media [ 244.677242][ T8901] XFS (loop1): Please unmount the filesystem and rectify the problem(s) [ 244.882051][ T972] dvb-usb: found a 'Gigabyte U7000' in warm state. [ 244.921175][ T972] dvb-usb: will use the device's hardware PID filter (table count: 32). [ 244.957608][ T972] dvbdev: DVB: registering new adapter (Gigabyte U7000) [ 244.968567][ T8603] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 244.990239][ T972] usb 10-1: media controller created [ 245.043802][ T972] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 245.119617][ T8933] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 245.428895][ T972] DVB: Unable to find symbol dib7000p_attach() [ 245.436296][ T972] dvb-usb: no frontend was attached by 'Gigabyte U7000' [ 245.599104][ T8933] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 245.750717][ T972] rc_core: IR keymap rc-dib0700-rc5 not found [ 245.779380][ T972] Registered IR keymap rc-empty [ 245.839739][ T972] dvb-usb: could not initialize remote control. [ 245.848506][ T8918] loop8: detected capacity change from 0 to 32768 [ 245.858089][ T972] dvb-usb: Gigabyte U7000 successfully initialized and connected. [ 245.909187][ T972] dib0700: There's no endpoint for remote controller [ 245.920853][ T8918] XFS (loop8): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 246.013288][ T8918] XFS (loop8): Ending clean mount [ 246.034465][ T8954] loop5: detected capacity change from 0 to 1024 [ 246.121175][ T8933] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 246.227037][ T55] usb 10-1: USB disconnect, device number 4 [ 246.267233][ T55] dvb-usb: Gigabyte U7000 successfully deinitialized and disconnected. [ 246.285098][ T7731] XFS (loop8): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 246.314442][ T49] hfsplus: b-tree write err: -5, ino 4 [ 246.450313][ T8933] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 246.537722][ T8963] bridge: RTM_NEWNEIGH with invalid state 0x0 [ 246.853805][ T13] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 246.960294][ T8933] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 247.056811][ T8933] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 247.134540][ T8933] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 247.150908][ T9] usb 9-1: new low-speed USB device number 9 using dummy_hcd [ 247.205083][ T13] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 247.229519][ T8976] netlink: 32 bytes leftover after parsing attributes in process `syz.1.968'. [ 247.265724][ T8933] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 247.345078][ T9] usb 9-1: config 0 has an invalid interface number: 1 but max is 0 [ 247.360315][ T9] usb 9-1: config 0 has no interface number 0 [ 247.372203][ T9] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 247.384012][ T9] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8 [ 247.395699][ T9] usb 9-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 247.407113][ T9] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 247.445290][ T9] usb 9-1: config 0 descriptor?? [ 247.476543][ T8972] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22 [ 247.494692][ T9] iowarrior 9-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 247.518234][ T13] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 247.681833][ T13] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 247.717925][ T9] usb 9-1: USB disconnect, device number 9 [ 248.160127][ T13] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 248.304611][ T13] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 248.489216][ T13] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 248.528469][ T9013] netlink: 24 bytes leftover after parsing attributes in process `syz.8.983'. [ 248.683294][ T13] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 248.710869][ T9] usb 10-1: new high-speed USB device number 5 using dummy_hcd [ 248.880761][ T9] usb 10-1: Using ep0 maxpacket: 8 [ 248.935164][ T9] usb 10-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4 [ 248.958667][ T9] usb 10-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3 [ 248.993459][ T9] usb 10-1: Product: syz [ 248.997758][ T9] usb 10-1: Manufacturer: syz [ 249.026070][ T9] usb 10-1: SerialNumber: syz [ 249.046490][ T9] usb 10-1: config 0 descriptor?? [ 249.074017][ T13] bridge_slave_1: left allmulticast mode [ 249.079709][ T13] bridge_slave_1: left promiscuous mode [ 249.092763][ T9] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08dd [ 249.140989][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 249.269229][ T13] bridge_slave_0: left allmulticast mode [ 249.300065][ T13] bridge_slave_0: left promiscuous mode [ 249.322723][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 249.398649][ T9037] netlink: 8 bytes leftover after parsing attributes in process `syz.1.997'. [ 249.413017][ T13] bridge_slave_1: left allmulticast mode [ 249.426423][ T13] bridge_slave_1: left promiscuous mode [ 249.441401][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 249.512159][ T13] bridge_slave_0: left allmulticast mode [ 249.517896][ T13] bridge_slave_0: left promiscuous mode [ 249.544441][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 249.796799][ T9] input: gspca_zc3xx as /devices/platform/dummy_hcd.9/usb10/10-1/input/input29 [ 250.044360][ T6040] usb 10-1: USB disconnect, device number 5 [ 250.476233][ T9039] loop7: detected capacity change from 0 to 32768 [ 250.494963][ T9039] bcachefs (/dev/loop7): error validating superblock: Invalid option metadata_replicas_required: too small (min 1) [ 250.529195][ T9039] bcachefs: bch2_fs_get_tree() error: ERANGE_option_too_small [ 252.121297][ T9041] loop5: detected capacity change from 0 to 262144 [ 252.229418][ T9041] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 252.730834][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 252.750177][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 252.766489][ T13] bond0 (unregistering): Released all slaves [ 253.218361][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 253.230703][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 253.249913][ T13] bond0 (unregistering): Released all slaves [ 253.934460][ T9080] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1015'. [ 254.054306][ T9079] loop8: detected capacity change from 0 to 4096 [ 254.107671][ T9079] NILFS (loop8): invalid segment: Checksum error in segment payload [ 254.124449][ T9086] loop9: detected capacity change from 0 to 1024 [ 254.142529][ T9079] NILFS (loop8): trying rollback from an earlier position [ 254.168719][ T9087] loop7: detected capacity change from 0 to 16 [ 254.196122][ T9079] NILFS (loop8): recovery complete [ 254.241498][ T9087] erofs (device loop7): mounted with root inode @ nid 36. [ 254.254465][ T5923] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 254.254607][ T9088] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 254.361164][ T9079] NILFS error (device loop8): nilfs_readdir: zero-length directory entry [ 254.397408][ T9091] loop1: detected capacity change from 0 to 1024 [ 254.413790][ T9079] Remounting filesystem read-only [ 254.432075][ T9091] EXT4-fs: Ignoring removed nobh option [ 254.437792][ T9091] EXT4-fs: Ignoring removed bh option [ 254.441129][ T5923] usb 5-1: Using ep0 maxpacket: 32 [ 254.474230][ T5923] usb 5-1: config 0 has an invalid interface number: 51 but max is 0 [ 254.485502][ T5923] usb 5-1: config 0 has no interface number 0 [ 254.504608][ T5923] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 254.546423][ T5923] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 254.562584][ T9091] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 254.594777][ T5923] usb 5-1: Product: syz [ 254.635726][ T5923] usb 5-1: Manufacturer: syz [ 254.678794][ T5923] usb 5-1: SerialNumber: syz [ 254.691530][ T9097] netlink: 'syz.8.1022': attribute type 4 has an invalid length. [ 254.716574][ T5923] usb 5-1: config 0 descriptor?? [ 254.761937][ T5923] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 254.814461][ T8603] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 254.980940][ T5923] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 255.028999][ T5923] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 255.350928][ T13] hsr_slave_0: left promiscuous mode [ 255.370533][ T13] hsr_slave_1: left promiscuous mode [ 255.377765][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 255.400948][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 255.433988][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 255.450834][ T972] usb 10-1: new high-speed USB device number 6 using dummy_hcd [ 255.460873][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 255.468961][ C1] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 255.489058][ T5923] usb 5-1: USB disconnect, device number 6 [ 255.492669][ T9116] loop1: detected capacity change from 0 to 4096 [ 255.512618][ T5923] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 255.557292][ T5923] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 255.580299][ T13] hsr_slave_0: left promiscuous mode [ 255.586462][ T5923] quatech2 5-1:0.51: device disconnected [ 255.603859][ T13] hsr_slave_1: left promiscuous mode [ 255.609999][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 255.611011][ T972] usb 10-1: Using ep0 maxpacket: 32 [ 255.636691][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 255.653874][ T972] usb 10-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 255.660058][ T9120] loop8: detected capacity change from 0 to 256 [ 255.675996][ T972] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 255.682294][ T9120] FAT-fs (loop8): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 255.697153][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 255.697988][ T972] usb 10-1: config 0 descriptor?? [ 255.710889][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 255.739994][ T9120] FAT-fs (loop8): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 255.885655][ T13] veth1_macvtap: left promiscuous mode [ 255.892955][ T13] veth0_macvtap: left promiscuous mode [ 255.911232][ T13] veth1_vlan: left promiscuous mode [ 255.916613][ T13] veth0_vlan: left promiscuous mode [ 255.944217][ T13] veth1_macvtap: left promiscuous mode [ 255.949817][ T13] veth0_macvtap: left promiscuous mode [ 256.008634][ T13] veth1_vlan: left promiscuous mode [ 256.020657][ T13] veth0_vlan: left promiscuous mode [ 256.074960][ T972] dvb-usb: found a 'Elgato EyeTV Sat' in cold state, will try to load a firmware [ 256.116761][ T972] usb 10-1: Direct firmware load for dvb-usb-az6027-03.fw failed with error -2 [ 256.146966][ T972] usb 10-1: Falling back to sysfs fallback for: dvb-usb-az6027-03.fw [ 256.478254][ T9130] loop5: detected capacity change from 0 to 4096 [ 256.583417][ T9137] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 257.222423][ T2967] Bluetooth: hci3: Frame reassembly failed (-84) [ 257.760612][ T24] usb 8-1: new full-speed USB device number 9 using dummy_hcd [ 257.893444][ T5846] NILFS (loop5): disposed unprocessed dirty file(s) when stopping log writer [ 257.946116][ T24] usb 8-1: config index 0 descriptor too short (expected 156, got 27) [ 257.967117][ T24] usb 8-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 257.991067][ T24] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 10 [ 258.028264][ T24] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid maxpacket 255, setting to 64 [ 258.040003][ T24] usb 8-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 258.058329][ T24] usb 8-1: config 0 interface 0 has no altsetting 0 [ 258.099976][ T24] usb 8-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 258.122505][ T24] usb 8-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 258.131165][ T24] usb 8-1: Product: syz [ 258.135559][ T24] usb 8-1: Manufacturer: syz [ 258.140182][ T24] usb 8-1: SerialNumber: syz [ 258.154719][ T24] usb 8-1: config 0 descriptor?? [ 258.163438][ T9150] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22 [ 258.211748][ T24] ldusb 8-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 258.235938][ T24] ldusb 8-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 258.274534][ T13] team0 (unregistering): Port device team_slave_1 removed [ 258.383662][ T13] team0 (unregistering): Port device team_slave_0 removed [ 258.680074][ T9] usb 8-1: USB disconnect, device number 9 [ 258.694012][ T9] ldusb 8-1:0.0: LD USB Device #0 now disconnected [ 259.233214][ T5855] Bluetooth: hci3: command 0xfc11 tx timeout [ 259.239476][ T5850] Bluetooth: hci3: Entering manufacturer mode failed (-110) [ 260.065390][ T13] team0 (unregistering): Port device team_slave_1 removed [ 260.137137][ T13] team0 (unregistering): Port device team_slave_0 removed [ 260.280876][ T24] usb 8-1: new high-speed USB device number 10 using dummy_hcd [ 260.387610][ T9184] loop9: detected capacity change from 0 to 32768 [ 260.410450][ T9184] XFS (loop9): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 260.469926][ T9184] XFS (loop9): Ending clean mount [ 260.475595][ T24] usb 8-1: Using ep0 maxpacket: 16 [ 260.489437][ T24] usb 8-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice= 7.79 [ 260.499016][ T24] usb 8-1: New USB device strings: Mfr=1, Product=0, SerialNumber=0 [ 260.530817][ T24] usb 8-1: Manufacturer: syz [ 260.562547][ T24] usb 8-1: config 0 descriptor?? [ 260.597078][ T8487] XFS (loop9): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 260.795633][ T24] usb 8-1: Limiting number of CPorts to U8_MAX [ 260.822879][ T24] usb 8-1: Not enough endpoints found in device, aborting! [ 260.909924][ T9196] loop9: detected capacity change from 0 to 2048 [ 260.926875][ T9196] UDF-fs: error (device loop9): udf_process_sequence: Primary Volume Descriptor not found! [ 260.930113][ T9152] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1044'. [ 261.015525][ T9196] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 261.056633][ T24] usb 8-1: USB disconnect, device number 10 [ 261.216443][ T9201] netlink: 'syz.8.1060': attribute type 8 has an invalid length. [ 261.722672][ T9216] loop1: detected capacity change from 0 to 1024 [ 261.750580][ T24] usb 9-1: new low-speed USB device number 10 using dummy_hcd [ 261.895288][ T2967] hfsplus: b-tree write err: -5, ino 4 [ 261.918793][ T24] usb 9-1: config 168 descriptor has 1 excess byte, ignoring [ 261.930180][ T24] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 261.990616][ T24] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 262.037176][ T24] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 262.080553][ T24] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 262.160785][ T24] usb 9-1: config 168 descriptor has 1 excess byte, ignoring [ 262.180651][ T24] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 262.191149][ T9226] netlink: 'syz.1.1072': attribute type 4 has an invalid length. [ 262.219543][ T9226] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1072'. [ 262.220569][ T24] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 262.249445][ T9228] loop7: detected capacity change from 0 to 256 [ 262.272310][ T24] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 262.287120][ T9228] UDF-fs: error (device loop7): udf_read_tagged: read failed, block=256, location=256 [ 262.325582][ T24] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 262.363668][ T9228] UDF-fs: error (device loop7): udf_read_tagged: read failed, block=512, location=512 [ 262.374963][ T24] usb 9-1: config 168 descriptor has 1 excess byte, ignoring [ 262.390643][ T24] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 262.404790][ T9228] UDF-fs: warning (device loop7): udf_load_vrs: No anchor found [ 262.421122][ T9228] UDF-fs: Scanning with blocksize 512 failed [ 262.460572][ T24] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 262.491259][ T9228] UDF-fs: error (device loop7): udf_read_tagged: read failed, block=256, location=256 [ 262.510568][ T24] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 262.543149][ T24] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 262.572121][ T9228] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 262.621702][ T24] usb 9-1: string descriptor 0 read error: -22 [ 262.628067][ T24] usb 9-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 262.668611][ T24] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 262.707720][ T24] adutux 9-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 263.078971][ T24] usb 9-1: USB disconnect, device number 10 [ 263.138041][ T9241] loop7: detected capacity change from 0 to 128 [ 263.230390][ T9220] loop4: detected capacity change from 0 to 32768 [ 263.288654][ T9245] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1080'. [ 263.353272][ T9220] XFS (loop4): Mounting V5 Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4 [ 263.498442][ T9220] XFS (loop4): Ending clean mount [ 263.765239][ T6609] XFS (loop4): Unmounting Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4 [ 263.944242][ T9272] loop8: detected capacity change from 0 to 512 [ 263.992817][ T9272] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode [ 264.040750][ T9272] EXT4-fs (loop8): 1 truncate cleaned up [ 264.098292][ T9272] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 264.212481][ T9278] loop1: detected capacity change from 0 to 4096 [ 264.226032][ T9278] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 264.235556][ T9278] ntfs3(loop1): It is recommened to use chkdsk. [ 264.270125][ T7731] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 264.360898][ T9282] siw: device registration error -23 [ 264.417751][ T9278] ntfs3(loop1): failed to convert "076c" to ascii [ 264.459289][ T9278] ntfs3(loop1): ino=5, "/" ntfs_readdir [ 264.465932][ T9285] loop8: detected capacity change from 0 to 164 [ 264.494781][ T9248] loop5: detected capacity change from 0 to 32768 [ 264.577127][ T30] audit: type=1800 audit(1752840254.998:67): pid=9248 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1081" name="file1" dev="loop5" ino=4 res=0 errno=0 [ 265.039570][ T9300] loop9: detected capacity change from 0 to 256 [ 265.053305][ T9300] exFAT-fs (loop9): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 265.070599][ T9300] exFAT-fs (loop9): Medium has reported failures. Some data may be lost. [ 265.125359][ T9300] exFAT-fs (loop9): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d) [ 265.151235][ T9302] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 265.240196][ T24] usb 5-1: new full-speed USB device number 7 using dummy_hcd [ 265.246823][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 265.254306][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 265.397489][ T9302] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 265.434460][ T24] usb 5-1: config 4 has an invalid interface number: 44 but max is 0 [ 265.442967][ T24] usb 5-1: config 4 has no interface number 0 [ 265.459328][ T24] usb 5-1: config 4 interface 44 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 265.483848][ T24] usb 5-1: New USB device found, idVendor=1044, idProduct=7001, bcdDevice= 5.20 [ 265.493637][ T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 265.505055][ T24] usb 5-1: Product: syz [ 265.514261][ T24] usb 5-1: Manufacturer: syz [ 265.522771][ T24] usb 5-1: SerialNumber: syz [ 265.658029][ T9302] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 265.918390][ T9302] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 265.976835][ T24] dvb-usb: found a 'Gigabyte U7000' in warm state. [ 266.024608][ T24] dvb-usb: will use the device's hardware PID filter (table count: 32). [ 266.051358][ T24] dvbdev: DVB: registering new adapter (Gigabyte U7000) [ 266.078566][ T24] usb 5-1: media controller created [ 266.102672][ T24] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 266.302881][ T9302] netdevsim netdevsim8 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 266.324796][ T9324] openvswitch: netlink: IP tunnel dst address not specified [ 266.341920][ T24] DVB: Unable to find symbol dib7000p_attach() [ 266.370737][ T24] dvb-usb: no frontend was attached by 'Gigabyte U7000' [ 266.383404][ T9302] netdevsim netdevsim8 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 266.486881][ T9302] netdevsim netdevsim8 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 266.560869][ T9302] netdevsim netdevsim8 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 266.567083][ T24] rc_core: IR keymap rc-dib0700-rc5 not found [ 266.613391][ T24] Registered IR keymap rc-empty [ 266.631010][ T24] dvb-usb: could not initialize remote control. [ 266.653078][ T24] dvb-usb: Gigabyte U7000 successfully initialized and connected. [ 266.687847][ T24] dib0700: There's no endpoint for remote controller [ 266.977379][ T5923] usb 5-1: USB disconnect, device number 7 [ 267.021871][ T5923] dvb-usb: Gigabyte U7000 successfully deinitialized and disconnected. [ 267.086168][ T9317] loop9: detected capacity change from 0 to 32768 [ 267.114374][ T9317] (syz.9.1105,9317,1):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xc2d589a7, computed 0xa7538fce. Applying ECC. [ 267.143497][ T9317] (syz.9.1105,9317,1):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 267.198016][ T9317] (syz.9.1105,9317,1):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 267.283940][ T9317] (syz.9.1105,9317,0):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xa9c51222, computed 0xb6cc4dbf. Applying ECC. [ 267.321528][ T5855] Bluetooth: hci1: command 0x080f tx timeout [ 267.338971][ T9317] JBD2: Ignoring recovery information on journal [ 267.476660][ T9343] loop1: detected capacity change from 0 to 1024 [ 267.492108][ T9343] EXT4-fs: Ignoring removed oldalloc option [ 267.522273][ T9343] EXT4-fs: Ignoring removed orlov option [ 267.528006][ T9343] EXT4-fs: Ignoring removed oldalloc option [ 267.557899][ T9317] ocfs2: Mounting device (7,9) on (node local, slot 0) with ordered data mode. [ 267.601622][ T9343] EXT4-fs: Ignoring removed nomblk_io_submit option [ 267.609597][ T9346] loop5: detected capacity change from 0 to 16 [ 267.644321][ T1160] (kworker/u8:7,1160,1):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xa9c51222, computed 0xb6cc4dbf. Applying ECC. [ 267.670898][ T9316] (syz.9.1105,9316,1):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xc2d589a7, computed 0xa7538fce. Applying ECC. [ 267.708612][ T9346] erofs (device loop5): mounted with root inode @ nid 36. [ 267.716628][ T9316] (syz.9.1105,9316,1):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xdf8356d3, computed 0x2e880d5e. Applying ECC. [ 267.731788][ T9316] (syz.9.1105,9316,1):ocfs2_block_check_validate:415 ERROR: Fixed CRC32 failed: stored: 0xdf8356d3, computed 0x960d5e93 [ 267.744628][ T9316] (syz.9.1105,9316,1):ocfs2_read_quota_phys_block:160 ERROR: status = -5 [ 267.753460][ T9343] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 267.753501][ T9316] (syz.9.1105,9316,1):ocfs2_quota_read:201 ERROR: status = -5 [ 267.773231][ T9316] Quota error (device loop9): find_block_dqentry: Can't read quota tree block 6 [ 267.782569][ T9316] Quota error (device loop9): qtree_read_dquot: Can't read quota structure for id 0 [ 267.792671][ T9316] (syz.9.1105,9316,1):ocfs2_acquire_dquot:890 ERROR: status = -5 [ 267.802961][ T9316] (syz.9.1105,9316,1):ocfs2_mknod:314 ERROR: status = -5 [ 267.811603][ T9316] (syz.9.1105,9316,1):ocfs2_mknod:502 ERROR: status = -5 [ 267.820003][ T9316] (syz.9.1105,9316,1):ocfs2_create:675 ERROR: status = -5 [ 267.922508][ T9343] EXT4-fs error (device loop1): ext4_xattr_set_entry:1660: inode #13: comm syz.1.1118: corrupted xattr entries [ 267.985105][ T8487] ocfs2: Unmounting device (7,9) on (node local) [ 267.990570][ T9343] EXT4-fs (loop1): Remounting filesystem read-only [ 267.998169][ T9343] EXT4-fs warning (device loop1): ext4_xattr_ibody_set:2271: inode #18: comm syz.1.1118: dec ref error=-30 [ 268.138376][ T9331] loop8: detected capacity change from 0 to 40427 [ 268.223471][ T8603] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 268.560369][ T9331] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5 [ 268.667582][ T9369] loop4: detected capacity change from 0 to 64 [ 268.740577][ T9369] BFS-fs: bfs_fill_super(): loop4 is unclean, continuing [ 268.798638][ T9369] BFS-fs: bfs_fill_super(): Inode 0x00000002 corrupted on loop4 [ 268.886182][ T7731] syz-executor: attempt to access beyond end of device [ 268.886182][ T7731] loop8: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 268.922833][ T7731] CPU: 0 UID: 0 PID: 7731 Comm: syz-executor Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 268.922886][ T7731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 268.922909][ T7731] Call Trace: [ 268.922921][ T7731] [ 268.922934][ T7731] dump_stack_lvl+0x16c/0x1f0 [ 268.922978][ T7731] f2fs_handle_critical_error+0x621/0x9f0 [ 268.923037][ T7731] ? srso_alias_return_thunk+0x5/0xfbef5 [ 268.923081][ T7731] ? f2fs_build_fault_attr+0x53/0x1f0 [ 268.923140][ T7731] f2fs_write_end_io+0x785/0xc20 [ 268.923203][ T7731] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 268.923269][ T7731] ? srso_alias_return_thunk+0x5/0xfbef5 [ 268.923326][ T7731] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 268.923383][ T7731] bio_endio+0x70d/0x850 [ 268.923433][ T7731] submit_bio_noacct+0x56d/0x1eb0 [ 268.923502][ T7731] __submit_merged_bio+0x33c/0x770 [ 268.923567][ T7731] __submit_merged_write_cond+0x319/0x3f0 [ 268.923640][ T7731] f2fs_write_cache_pages+0x2067/0x2570 [ 268.923714][ T7731] ? __pfx_f2fs_write_cache_pages+0x10/0x10 [ 268.923763][ T7731] ? srso_alias_return_thunk+0x5/0xfbef5 [ 268.923815][ T7731] ? __lock_acquire+0x622/0x1c90 [ 268.923888][ T7731] ? srso_alias_return_thunk+0x5/0xfbef5 [ 268.924030][ T7731] ? srso_alias_return_thunk+0x5/0xfbef5 [ 268.924074][ T7731] ? rcu_is_watching+0x12/0xc0 [ 268.924121][ T7731] ? srso_alias_return_thunk+0x5/0xfbef5 [ 268.924173][ T7731] ? srso_alias_return_thunk+0x5/0xfbef5 [ 268.924227][ T7731] f2fs_write_data_pages+0x4ad/0xd90 [ 268.924276][ T7731] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 268.924314][ T7731] ? srso_alias_return_thunk+0x5/0xfbef5 [ 268.924371][ T7731] ? srso_alias_return_thunk+0x5/0xfbef5 [ 268.924422][ T7731] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 268.924466][ T7731] do_writepages+0x27a/0x600 [ 268.924515][ T7731] ? __pfx_do_writepages+0x10/0x10 [ 268.924553][ T7731] ? do_raw_spin_unlock+0x172/0x230 [ 268.924597][ T7731] ? srso_alias_return_thunk+0x5/0xfbef5 [ 268.924641][ T7731] ? _raw_spin_unlock+0x28/0x50 [ 268.924703][ T7731] filemap_fdatawrite_wbc+0x104/0x160 [ 268.924746][ T7731] ? srso_alias_return_thunk+0x5/0xfbef5 [ 268.924799][ T7731] __filemap_fdatawrite_range+0xb2/0xf0 [ 268.924854][ T7731] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 268.924975][ T7731] ? find_held_lock+0x2b/0x80 [ 268.925024][ T7731] ? srso_alias_return_thunk+0x5/0xfbef5 [ 268.925069][ T7731] ? do_raw_spin_unlock+0x172/0x230 [ 268.925111][ T7731] ? srso_alias_return_thunk+0x5/0xfbef5 [ 268.925164][ T7731] f2fs_sync_dirty_inodes+0x2a9/0x990 [ 268.925230][ T7731] block_operations+0x2a3/0xfd0 [ 268.925278][ T7731] ? __pfx___schedule+0x10/0x10 [ 268.925340][ T7731] ? __pfx_block_operations+0x10/0x10 [ 268.925446][ T7731] ? srso_alias_return_thunk+0x5/0xfbef5 [ 268.925490][ T7731] ? down_write+0x14d/0x200 [ 268.925532][ T7731] ? __pfx_down_write+0x10/0x10 [ 268.925576][ T7731] ? srso_alias_return_thunk+0x5/0xfbef5 [ 268.925620][ T7731] ? rcu_is_watching+0x12/0xc0 [ 268.925675][ T7731] f2fs_write_checkpoint+0x2b8/0x4c60 [ 268.925726][ T7731] ? srso_alias_return_thunk+0x5/0xfbef5 [ 268.925770][ T7731] ? kfree+0x2b4/0x4d0 [ 268.925813][ T7731] ? srso_alias_return_thunk+0x5/0xfbef5 [ 268.925862][ T7731] ? srso_alias_return_thunk+0x5/0xfbef5 [ 268.925906][ T7731] ? rcu_is_watching+0x12/0xc0 [ 268.925953][ T7731] ? srso_alias_return_thunk+0x5/0xfbef5 [ 268.925997][ T7731] ? kthread_stop+0x273/0x650 [ 268.926037][ T7731] kill_f2fs_super+0x3c2/0x470 [ 268.926081][ T7731] ? __pfx_kill_f2fs_super+0x10/0x10 [ 268.926121][ T7731] ? lockdep_hardirqs_on+0x7c/0x110 [ 268.926180][ T7731] deactivate_locked_super+0xc1/0x1a0 [ 268.926230][ T7731] deactivate_super+0xde/0x100 [ 268.926279][ T7731] cleanup_mnt+0x225/0x450 [ 268.926333][ T7731] task_work_run+0x150/0x240 [ 268.926376][ T7731] ? __pfx_task_work_run+0x10/0x10 [ 268.926414][ T7731] ? srso_alias_return_thunk+0x5/0xfbef5 [ 268.926461][ T7731] ? __pfx___x64_sys_umount+0x10/0x10 [ 268.926528][ T7731] exit_to_user_mode_loop+0xeb/0x110 [ 268.926574][ T7731] do_syscall_64+0x3f6/0x4c0 [ 268.926618][ T7731] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 268.926655][ T7731] RIP: 0033:0x7ff9e158fcd7 [ 268.926684][ T7731] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 268.926720][ T7731] RSP: 002b:00007fffde2d4508 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 268.926754][ T7731] RAX: 0000000000000000 RBX: 00007ff9e1610a8d RCX: 00007ff9e158fcd7 [ 268.926778][ T7731] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffde2d45c0 [ 268.926809][ T7731] RBP: 00007fffde2d45c0 R08: 0000000000000000 R09: 0000000000000000 [ 268.926832][ T7731] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffde2d5650 [ 268.926855][ T7731] R13: 00007ff9e1610a8d R14: 00000000000419ac R15: 00007fffde2d5690 [ 268.926909][ T7731] [ 268.926922][ T7731] F2FS-fs (loop8): Stopped filesystem due to reason: 3 [ 269.597360][ T9378] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 269.867182][ T9378] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 270.056454][ T9363] loop1: detected capacity change from 0 to 40427 [ 270.074559][ T9378] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 270.101773][ T9363] F2FS-fs (loop1): heap/no_heap options were deprecated [ 270.121802][ T9363] F2FS-fs (loop1): build fault injection rate: 19 [ 270.142497][ T9363] F2FS-fs (loop1): invalid crc value [ 270.288626][ T9378] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 270.351675][ T9363] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 270.619291][ T9378] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 270.624345][ T8603] syz-executor: attempt to access beyond end of device [ 270.624345][ T8603] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 270.663670][ T9378] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 270.685430][ T8603] CPU: 0 UID: 0 PID: 8603 Comm: syz-executor Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 270.685480][ T8603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 270.685501][ T8603] Call Trace: [ 270.685513][ T8603] [ 270.685525][ T8603] dump_stack_lvl+0x16c/0x1f0 [ 270.685567][ T8603] f2fs_handle_critical_error+0x621/0x9f0 [ 270.685622][ T8603] ? srso_alias_return_thunk+0x5/0xfbef5 [ 270.685665][ T8603] ? f2fs_build_fault_attr+0x53/0x1f0 [ 270.685716][ T8603] f2fs_write_end_io+0x785/0xc20 [ 270.685766][ T8603] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 270.685826][ T8603] ? srso_alias_return_thunk+0x5/0xfbef5 [ 270.685874][ T8603] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 270.685927][ T8603] bio_endio+0x70d/0x850 [ 270.685973][ T8603] submit_bio_noacct+0x56d/0x1eb0 [ 270.686037][ T8603] __submit_merged_bio+0x33c/0x770 [ 270.686098][ T8603] __submit_merged_write_cond+0x319/0x3f0 [ 270.686165][ T8603] f2fs_write_cache_pages+0x2067/0x2570 [ 270.686230][ T8603] ? __pfx_f2fs_write_cache_pages+0x10/0x10 [ 270.686276][ T8603] ? srso_alias_return_thunk+0x5/0xfbef5 [ 270.686318][ T8603] ? __lock_acquire+0x622/0x1c90 [ 270.686386][ T8603] ? srso_alias_return_thunk+0x5/0xfbef5 [ 270.686510][ T8603] ? srso_alias_return_thunk+0x5/0xfbef5 [ 270.686551][ T8603] ? mod_memcg_lruvec_state+0x394/0x610 [ 270.686600][ T8603] ? srso_alias_return_thunk+0x5/0xfbef5 [ 270.686650][ T8603] f2fs_write_data_pages+0x4ad/0xd90 [ 270.686696][ T8603] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 270.686731][ T8603] ? srso_alias_return_thunk+0x5/0xfbef5 [ 270.686784][ T8603] ? srso_alias_return_thunk+0x5/0xfbef5 [ 270.686836][ T8603] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 270.686877][ T8603] do_writepages+0x27a/0x600 [ 270.686923][ T8603] ? __pfx_do_writepages+0x10/0x10 [ 270.686960][ T8603] ? do_raw_spin_unlock+0x172/0x230 [ 270.687001][ T8603] ? srso_alias_return_thunk+0x5/0xfbef5 [ 270.687042][ T8603] ? _raw_spin_unlock+0x28/0x50 [ 270.687101][ T8603] filemap_fdatawrite_wbc+0x104/0x160 [ 270.687146][ T8603] __filemap_fdatawrite_range+0xb2/0xf0 [ 270.687198][ T8603] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 270.687305][ T8603] ? find_held_lock+0x2b/0x80 [ 270.687352][ T8603] ? srso_alias_return_thunk+0x5/0xfbef5 [ 270.687395][ T8603] ? do_raw_spin_unlock+0x172/0x230 [ 270.687437][ T8603] ? srso_alias_return_thunk+0x5/0xfbef5 [ 270.687485][ T8603] f2fs_sync_dirty_inodes+0x2a9/0x990 [ 270.687545][ T8603] block_operations+0x2a3/0xfd0 [ 270.687589][ T8603] ? __pfx___schedule+0x10/0x10 [ 270.687647][ T8603] ? __pfx_block_operations+0x10/0x10 [ 270.687740][ T8603] ? srso_alias_return_thunk+0x5/0xfbef5 [ 270.687782][ T8603] ? down_write+0x14d/0x200 [ 270.687826][ T8603] ? __pfx_down_write+0x10/0x10 [ 270.687869][ T8603] ? srso_alias_return_thunk+0x5/0xfbef5 [ 270.687910][ T8603] ? rcu_is_watching+0x12/0xc0 [ 270.687963][ T8603] f2fs_write_checkpoint+0x2b8/0x4c60 [ 270.688010][ T8603] ? srso_alias_return_thunk+0x5/0xfbef5 [ 270.688052][ T8603] ? kfree+0x2b4/0x4d0 [ 270.688087][ T8603] ? srso_alias_return_thunk+0x5/0xfbef5 [ 270.688134][ T8603] ? srso_alias_return_thunk+0x5/0xfbef5 [ 270.688175][ T8603] ? rcu_is_watching+0x12/0xc0 [ 270.688220][ T8603] ? srso_alias_return_thunk+0x5/0xfbef5 [ 270.688261][ T8603] ? kthread_stop+0x273/0x650 [ 270.688299][ T8603] kill_f2fs_super+0x3c2/0x470 [ 270.688341][ T8603] ? __pfx_kill_f2fs_super+0x10/0x10 [ 270.688380][ T8603] ? lockdep_hardirqs_on+0x7c/0x110 [ 270.688431][ T8603] deactivate_locked_super+0xc1/0x1a0 [ 270.688479][ T8603] deactivate_super+0xde/0x100 [ 270.688525][ T8603] cleanup_mnt+0x225/0x450 [ 270.688575][ T8603] task_work_run+0x150/0x240 [ 270.688616][ T8603] ? __pfx_task_work_run+0x10/0x10 [ 270.688652][ T8603] ? srso_alias_return_thunk+0x5/0xfbef5 [ 270.688698][ T8603] ? __pfx___x64_sys_umount+0x10/0x10 [ 270.688760][ T8603] exit_to_user_mode_loop+0xeb/0x110 [ 270.688808][ T8603] do_syscall_64+0x3f6/0x4c0 [ 270.688849][ T8603] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 270.688884][ T8603] RIP: 0033:0x7f152378fcd7 [ 270.688912][ T8603] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 270.688947][ T8603] RSP: 002b:00007ffcd071f678 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 270.688979][ T8603] RAX: 0000000000000000 RBX: 00007f1523810a8d RCX: 00007f152378fcd7 [ 270.689003][ T8603] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcd071f730 [ 270.689025][ T8603] RBP: 00007ffcd071f730 R08: 0000000000000000 R09: 0000000000000000 [ 270.689047][ T8603] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffcd07207c0 [ 270.689069][ T8603] R13: 00007f1523810a8d R14: 0000000000042085 R15: 00007ffcd0720800 [ 270.689118][ T8603] [ 270.689130][ T8603] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 270.711679][ T9378] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 271.169682][ T9414] loop8: detected capacity change from 0 to 8 [ 271.224593][ T9378] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 271.285679][ T9414] SQUASHFS error: lzo decompression failed, data probably corrupt [ 271.323484][ T9414] SQUASHFS error: Failed to read block 0x60: -5 [ 271.329945][ T9414] SQUASHFS error: Failed to read block 0x71: -5 [ 271.372023][ T9414] SQUASHFS error: lzo decompression failed, data probably corrupt [ 271.401059][ T9414] SQUASHFS error: Failed to read block 0x60: -5 [ 271.423093][ T30] audit: type=1800 audit(1752840261.848:68): pid=9414 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.8.1146" name="file0" dev="overlay" ino=1 res=0 errno=0 [ 271.593488][ T7731] SQUASHFS error: Unable to read inode 0xe3 [ 271.622124][ T7731] SQUASHFS error: Unable to read inode 0xe3 [ 271.828024][ T9408] loop5: detected capacity change from 0 to 32768 [ 271.879885][ T9408] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1144 (9408) [ 271.922494][ T9408] BTRFS info (device loop5): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 271.947722][ T9408] BTRFS info (device loop5): using xxhash64 (xxhash64-generic) checksum algorithm [ 271.985724][ T9408] BTRFS info (device loop5): disk space caching is enabled [ 272.000335][ T9408] BTRFS warning (device loop5): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 272.153022][ T9427] loop1: detected capacity change from 0 to 4096 [ 272.213712][ T9408] BTRFS info (device loop5): rebuilding free space tree [ 272.268175][ T9408] BTRFS info (device loop5): disabling free space tree [ 272.290887][ T9408] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 272.328731][ T9408] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 272.493234][ T9408] BTRFS info (device loop5): balance: start -d -m [ 272.519059][ T9408] BTRFS info (device loop5): relocating block group 6881280 flags data|metadata [ 272.578586][ T9408] BTRFS info (device loop5): relocating block group 5242880 flags data|metadata [ 272.675536][ T9408] BTRFS info (device loop5): found 9 extents, stage: move data extents [ 272.819054][ T9408] BTRFS info (device loop5): balance: canceled [ 272.874670][ T9429] loop9: detected capacity change from 0 to 32768 [ 272.983258][ T30] audit: type=1326 audit(1752840263.408:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9453 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f152378e9a9 code=0x7ffc0000 [ 273.023004][ T5846] BTRFS info (device loop5): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 273.095264][ T30] audit: type=1326 audit(1752840263.458:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9453 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f152378e9a9 code=0x7ffc0000 [ 273.210600][ T30] audit: type=1326 audit(1752840263.468:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9453 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f152378e9a9 code=0x7ffc0000 [ 273.259764][ T30] audit: type=1326 audit(1752840263.468:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9453 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f152378e9a9 code=0x7ffc0000 [ 273.360701][ T30] audit: type=1326 audit(1752840263.468:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9453 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f152378e9a9 code=0x7ffc0000 [ 273.470698][ T30] audit: type=1326 audit(1752840263.478:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9453 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f152378e9a9 code=0x7ffc0000 [ 273.518456][ T30] audit: type=1326 audit(1752840263.478:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9453 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f152378e9a9 code=0x7ffc0000 [ 273.699752][ T30] audit: type=1326 audit(1752840263.478:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9453 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1523785967 code=0x7ffc0000 [ 273.829424][ T30] audit: type=1326 audit(1752840263.478:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9453 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f152372ab89 code=0x7ffc0000 [ 273.924494][ T5855] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 273.951522][ T5855] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 273.972095][ T5855] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 273.992568][ T5855] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 274.011377][ T5855] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 274.197423][ T9466] loop9: detected capacity change from 0 to 4096 [ 274.305275][ T9466] ntfs3(loop9): ino=1a, mi_enum_attr [ 274.339983][ T9466] ntfs3(loop9): Mark volume as dirty due to NTFS errors [ 274.727652][ T9482] loop1: detected capacity change from 0 to 164 [ 274.913651][ T9461] chnl_net:caif_netlink_parms(): no params data found [ 275.041295][ T9487] loop4: detected capacity change from 0 to 764 [ 275.090856][ T9487] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 275.203887][ T9493] loop9: detected capacity change from 0 to 8 [ 275.252464][ T9493] SQUASHFS error: xz decompression failed, data probably corrupt [ 275.285891][ T9493] SQUASHFS error: Failed to read block 0x108: -5 [ 275.304838][ T9493] SQUASHFS error: Unable to read metadata cache entry [106] [ 275.361454][ T9493] SQUASHFS error: Unable to read inode 0x11f [ 275.410771][ T9] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 275.466673][ T9461] bridge0: port 1(bridge_slave_0) entered blocking state [ 275.519905][ T9502] loop4: detected capacity change from 0 to 1024 [ 275.537155][ T9461] bridge0: port 1(bridge_slave_0) entered disabled state [ 275.573914][ T9461] bridge_slave_0: entered allmulticast mode [ 275.580013][ T9502] EXT4-fs (loop4): couldn't mount as ext3 due to feature incompatibilities [ 275.634966][ T9] usb 6-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 275.646356][ T9461] bridge_slave_0: entered promiscuous mode [ 275.663271][ T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 275.683411][ T9500] loop1: detected capacity change from 0 to 32768 [ 275.712031][ T9461] bridge0: port 2(bridge_slave_1) entered blocking state [ 275.724763][ T9461] bridge0: port 2(bridge_slave_1) entered disabled state [ 275.739469][ T9] usb 6-1: Product: syz [ 275.761054][ T9] usb 6-1: Manufacturer: syz [ 275.768309][ T9461] bridge_slave_1: entered allmulticast mode [ 275.786104][ T9461] bridge_slave_1: entered promiscuous mode [ 275.977156][ T9500] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,recovery_pass_last=set_may_go_rw,reconstruct_alloc,no_data_io [ 275.977203][ T9500] allowing incompatible features above 0.0: (unknown version) [ 275.977225][ T9500] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 276.022377][ T9500] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0 [ 276.030777][ T9500] bcachefs (loop1): recovering from clean shutdown, journal seq 10 [ 276.039089][ T9500] bcachefs (loop1): Version upgrade required: [ 276.039089][ T9500] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 276.039089][ T9500] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive [ 276.039089][ T9500] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance [ 276.115596][ T5855] Bluetooth: hci2: command tx timeout [ 276.158944][ T9461] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 276.160379][ T9507] loop7: detected capacity change from 0 to 40427 [ 276.181348][ T9] usb 6-1: SerialNumber: syz [ 276.183847][ T9500] bcachefs (loop1): dropping and reconstructing all alloc info [ 276.191412][ T9507] F2FS-fs (loop7): invalid crc value [ 276.204186][ T9] usb 6-1: config 0 descriptor?? [ 276.213947][ T9] ch341 6-1:0.0: ch341-uart converter detected [ 276.231500][ T9500] bcachefs (loop1): accounting_read... done [ 276.256742][ T9500] bcachefs (loop1): alloc_read... done [ 276.266263][ T9500] bcachefs (loop1): snapshots_read... done [ 276.273706][ T9500] bcachefs (loop1): check_allocations... done [ 276.318720][ T9500] bcachefs (loop1): going read-write [ 276.324188][ T9500] bcachefs (loop1): insufficient writeable journal devices available: have 0, need 1 [ 276.324188][ T9500] rw journal devs: [ 276.339943][ T9507] F2FS-fs (loop7): Start checkpoint disabled! [ 276.345857][ T9500] bcachefs (loop1): done starting filesystem [ 276.364998][ T9461] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 276.390767][ T9507] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6 [ 276.539703][ T9524] loop9: detected capacity change from 0 to 512 [ 276.562149][ T9524] EXT4-fs: Ignoring removed nobh option [ 276.570384][ T8603] bcachefs (loop1): shutting down [ 276.588532][ T8603] bcachefs (loop1): going read-only [ 276.599156][ T8603] bcachefs (loop1): finished waiting for writes to stop [ 276.620423][ T9461] team0: Port device team_slave_0 added [ 276.637953][ T9461] team0: Port device team_slave_1 added [ 276.644802][ T9524] EXT4-fs error (device loop9): ext4_orphan_get:1393: inode #15: comm syz.9.1181: iget: bad i_size value: 38620345925642 [ 276.683983][ T8603] bcachefs (loop1): flushing journal and stopping allocators, journal seq 10 [ 276.706553][ T8603] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 10 [ 276.719938][ T9524] EXT4-fs error (device loop9): ext4_orphan_get:1396: comm syz.9.1181: couldn't read orphan inode 15 (err -117) [ 276.768605][ T8603] bcachefs (loop1): unclean shutdown complete, journal seq 10 [ 276.798262][ T9524] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 276.841919][ T8603] bcachefs (loop1): done going read-only, filesystem not clean [ 276.875491][ T9524] EXT4-fs (loop9): shut down requested (2) [ 276.883504][ T9528] input: syz0 as /devices/virtual/input/input31 [ 276.949441][ T8603] bcachefs (loop1): shutdown complete [ 276.962813][ T9461] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 276.995835][ T8487] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 276.996435][ T9461] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 277.042347][ T9] usb 6-1: failed to send control message: -71 [ 277.049498][ T9] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71 [ 277.090960][ T9] usb 6-1: USB disconnect, device number 8 [ 277.108660][ T9] ch341 6-1:0.0: device disconnected [ 277.117763][ T9461] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 277.169704][ T9461] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 277.196340][ T9461] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 277.247585][ T9461] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 277.374017][ T9461] hsr_slave_0: entered promiscuous mode [ 277.399282][ T9461] hsr_slave_1: entered promiscuous mode [ 277.413852][ T9461] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 277.443111][ T9461] Cannot create hsr debugfs directory [ 277.633234][ T9539] loop7: detected capacity change from 0 to 64 [ 277.972333][ T9548] binder: 9546:9548 ioctl c0306201 200000000640 returned -22 [ 278.191332][ T5855] Bluetooth: hci2: command tx timeout [ 278.844976][ T9557] loop4: detected capacity change from 0 to 1024 [ 278.871674][ T9557] EXT4-fs: Ignoring removed oldalloc option [ 278.877637][ T9557] EXT4-fs: Ignoring removed bh option [ 278.937293][ T9549] loop7: detected capacity change from 0 to 32768 [ 278.987514][ T9557] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 279.002104][ T9461] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 279.084477][ T9461] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 279.127720][ T9461] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 279.181201][ T9461] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 279.434529][ T9557] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4112: comm syz.4.1197: Allocating blocks 497-513 which overlap fs metadata [ 279.606371][ T9556] EXT4-fs (loop4): pa ffff888057a9a740: logic 48, phys. 177, len 21 [ 279.614527][ T9556] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5363: group 0, free 0, pa_free 1 [ 279.731675][ T9461] 8021q: adding VLAN 0 to HW filter on device bond0 [ 279.805582][ T9461] 8021q: adding VLAN 0 to HW filter on device team0 [ 279.820186][ T6609] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 279.882882][ T2950] bridge0: port 1(bridge_slave_0) entered blocking state [ 279.890085][ T2950] bridge0: port 1(bridge_slave_0) entered forwarding state [ 279.944737][ T2950] bridge0: port 2(bridge_slave_1) entered blocking state [ 279.951968][ T2950] bridge0: port 2(bridge_slave_1) entered forwarding state [ 280.229468][ T9589] loop1: detected capacity change from 0 to 64 [ 280.280796][ T5855] Bluetooth: hci2: command tx timeout [ 280.332276][ T9591] input: syz1 as /devices/virtual/input/input32 [ 280.682856][ T9597] loop5: detected capacity change from 0 to 4096 [ 280.997269][ T30] kauditd_printk_skb: 9 callbacks suppressed [ 280.997294][ T30] audit: type=1800 audit(1752840271.428:87): pid=9597 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1219" name="file1" dev="loop5" ino=33 res=0 errno=0 [ 281.049275][ T9461] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 281.294898][ T9461] veth0_vlan: entered promiscuous mode [ 281.345402][ T9616] loop9: detected capacity change from 0 to 1024 [ 281.358512][ T9461] veth1_vlan: entered promiscuous mode [ 281.456376][ T2967] hfsplus: b-tree write err: -5, ino 4 [ 281.492605][ T9461] veth0_macvtap: entered promiscuous mode [ 281.568736][ T9461] veth1_macvtap: entered promiscuous mode [ 281.724133][ T9461] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 281.879492][ T9461] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 281.944698][ T9461] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 281.996228][ T9461] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 282.049912][ T9628] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1222'. [ 282.064115][ T9461] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 282.088493][ T9461] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 282.152318][ T9629] Zero length message leads to an empty skb [ 282.299561][ T9631] loop9: detected capacity change from 0 to 64 [ 282.357119][ T5855] Bluetooth: hci2: command tx timeout [ 282.479405][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 282.507485][ T9634] loop7: detected capacity change from 0 to 512 [ 282.508003][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 282.568569][ T9634] EXT4-fs: Ignoring removed nobh option [ 282.577665][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 282.632114][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 282.657892][ T9634] EXT4-fs error (device loop7): ext4_orphan_get:1393: inode #15: comm syz.7.1226: iget: bad i_size value: 38620345925642 [ 282.731590][ T9634] EXT4-fs error (device loop7): ext4_orphan_get:1396: comm syz.7.1226: couldn't read orphan inode 15 (err -117) [ 282.760786][ T6044] usb 6-1: new low-speed USB device number 9 using dummy_hcd [ 282.792654][ T9634] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 282.914853][ T9634] EXT4-fs (loop7): shut down requested (2) [ 282.933649][ T6044] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 282.952422][ T6044] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 282.980713][ T6044] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 283.023425][ T6044] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 283.045071][ T6044] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 283.060438][ T6981] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 283.102774][ T6044] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 283.110225][ T6044] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 283.170548][ T6044] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 283.189762][ T6044] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 283.201363][ T6044] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 283.221047][ T6044] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 283.231599][ T6044] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 283.250920][ T6044] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 283.278969][ T6044] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 283.313007][ T6044] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 283.326063][ T9653] overlayfs: workdir and upperdir must be separate subtrees [ 283.346081][ T6044] usb 6-1: string descriptor 0 read error: -22 [ 283.357573][ T6044] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 283.383181][ T6044] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 283.482336][ T6044] adutux 6-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 283.792637][ T5972] usb 6-1: USB disconnect, device number 9 [ 283.831031][ T24] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 283.992627][ T24] usb 2-1: Using ep0 maxpacket: 16 [ 284.011883][ T24] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 284.040691][ T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 284.072802][ T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 284.104647][ T24] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 284.133030][ T24] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 284.162183][ T24] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 284.172066][ T24] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 284.187641][ T24] usb 2-1: Manufacturer: syz [ 284.230247][ T24] usb 2-1: config 0 descriptor?? [ 284.341956][ T55] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 284.520067][ T55] usb 1-1: Using ep0 maxpacket: 8 [ 284.545358][ T55] usb 1-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4 [ 284.566630][ T55] usb 1-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3 [ 284.601644][ T24] rc_core: IR keymap rc-hauppauge not found [ 284.617875][ T55] usb 1-1: Product: syz [ 284.622201][ T24] Registered IR keymap rc-empty [ 284.627222][ T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 284.640626][ T55] usb 1-1: Manufacturer: syz [ 284.655551][ T55] usb 1-1: SerialNumber: syz [ 284.675611][ T55] usb 1-1: config 0 descriptor?? [ 284.681017][ T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 284.714083][ T55] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08dd [ 284.724094][ T24] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0 [ 284.753281][ T24] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input33 [ 284.798632][ T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 284.811551][ C1] mceusb 2-1:0.0: short-range (0x7) receiver active [ 284.880707][ T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 284.922099][ T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 284.952600][ T9689] netlink: 32 bytes leftover after parsing attributes in process `syz.9.1250'. [ 284.961978][ T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 284.981545][ T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 285.020828][ T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 285.035519][ T30] audit: type=1326 audit(1752840275.468:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9691 comm="syz.5.1251" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f11e4b8e9a9 code=0x0 [ 285.076674][ T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 285.112882][ T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 285.155648][ T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 285.200623][ T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 285.238831][ T24] mceusb 2-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 285.270571][ T24] mceusb 2-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x7 active) [ 285.312724][ T24] usb 2-1: USB disconnect, device number 11 [ 285.342526][ T55] input: gspca_zc3xx as /devices/platform/dummy_hcd.0/usb1/1-1/input/input34 [ 285.502024][ T9704] netlink: 48 bytes leftover after parsing attributes in process `syz.9.1256'. [ 285.581107][ T24] usb 1-1: USB disconnect, device number 4 [ 286.280235][ T9718] loop4: detected capacity change from 0 to 4096 [ 286.493512][ T30] audit: type=1800 audit(1752840276.928:89): pid=9718 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1264" name="file1" dev="loop4" ino=33 res=0 errno=0 [ 286.962814][ T5855] Bluetooth: hci8: ISO packet too small [ 287.340649][ T5972] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 287.530700][ T5972] usb 6-1: Using ep0 maxpacket: 8 [ 287.601535][ T5972] usb 6-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4 [ 287.642918][ T5972] usb 6-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3 [ 287.680619][ T5972] usb 6-1: Product: syz [ 287.684818][ T5972] usb 6-1: Manufacturer: syz [ 287.694923][ T9755] loop4: detected capacity change from 0 to 32768 [ 287.699122][ T9727] loop0: detected capacity change from 0 to 32768 [ 287.716843][ T9755] (syz.4.1280,9755,1):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xc2d589a7, computed 0xa7538fce. Applying ECC. [ 287.731015][ T9755] (syz.4.1280,9755,1):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 287.742965][ T5972] usb 6-1: SerialNumber: syz [ 287.746388][ T9755] (syz.4.1280,9755,1):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 287.760111][ T9727] XFS: noikeep mount option is deprecated. [ 287.769281][ T5972] usb 6-1: config 0 descriptor?? [ 287.779212][ T9755] (syz.4.1280,9755,1):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xa9c51222, computed 0xb6cc4dbf. Applying ECC. [ 287.794749][ T5972] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08dd [ 287.799459][ T9755] JBD2: Ignoring recovery information on journal [ 287.832668][ T9727] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 287.863298][ T9755] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 287.883683][ T2967] (kworker/u8:9,2967,0):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xa9c51222, computed 0xb6cc4dbf. Applying ECC. [ 287.956129][ T9755] (syz.4.1280,9755,1):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xc2d589a7, computed 0xa7538fce. Applying ECC. [ 287.985271][ T9755] (syz.4.1280,9755,1):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xdf8356d3, computed 0x2e880d5e. Applying ECC. [ 287.998708][ T9755] (syz.4.1280,9755,1):ocfs2_block_check_validate:415 ERROR: Fixed CRC32 failed: stored: 0xdf8356d3, computed 0x960d5e93 [ 288.011325][ T9755] (syz.4.1280,9755,1):ocfs2_read_quota_phys_block:160 ERROR: status = -5 [ 288.019804][ T9755] (syz.4.1280,9755,1):ocfs2_quota_read:201 ERROR: status = -5 [ 288.027359][ T9755] Quota error (device loop4): find_block_dqentry: Can't read quota tree block 6 [ 288.036935][ T9755] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0 [ 288.046394][ T9755] (syz.4.1280,9755,1):ocfs2_acquire_dquot:890 ERROR: status = -5 [ 288.054277][ T9755] (syz.4.1280,9755,1):ocfs2_mknod:314 ERROR: status = -5 [ 288.061640][ T9755] (syz.4.1280,9755,1):ocfs2_mknod:502 ERROR: status = -5 [ 288.068727][ T9755] (syz.4.1280,9755,1):ocfs2_create:675 ERROR: status = -5 [ 288.167437][ T9767] loop1: detected capacity change from 0 to 4096 [ 288.205031][ T6609] ocfs2: Unmounting device (7,4) on (node local) [ 288.280901][ T9727] XFS (loop0): Ending clean mount [ 288.318887][ T9727] XFS (loop0): Quotacheck needed: Please wait. [ 288.404029][ T9727] XFS (loop0): Quotacheck: Done. [ 288.416018][ T30] audit: type=1800 audit(1752840278.838:90): pid=9767 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1283" name="file1" dev="loop1" ino=33 res=0 errno=0 [ 288.459322][ T5972] input: gspca_zc3xx as /devices/platform/dummy_hcd.5/usb6/6-1/input/input35 [ 288.664267][ T9461] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 288.739668][ T55] usb 6-1: USB disconnect, device number 10 [ 288.804476][ T9775] loop9: detected capacity change from 0 to 512 [ 288.885962][ T9775] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 289.033179][ T9775] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 289.121326][ T9779] loop4: detected capacity change from 0 to 32768 [ 289.129588][ T9775] ext4 filesystem being mounted at /87/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 289.227184][ T30] audit: type=1800 audit(1752840279.668:91): pid=9775 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.1297" name="file1" dev="loop9" ino=15 res=0 errno=0 [ 289.247599][ C1] vkms_vblank_simulate: vblank timer overrun [ 289.337739][ T9779] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,recovery_pass_last=set_may_go_rw,reconstruct_alloc,no_data_io [ 289.337785][ T9779] allowing incompatible features above 0.0: (unknown version) [ 289.337808][ T9779] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 289.380453][ T9779] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0 [ 289.388804][ T9779] bcachefs (loop4): recovering from clean shutdown, journal seq 10 [ 289.397190][ T9779] bcachefs (loop4): Version upgrade required: [ 289.397190][ T9779] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 289.397190][ T9779] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive [ 289.397190][ T9779] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance [ 289.470133][ C1] vkms_vblank_simulate: vblank timer overrun [ 289.482414][ T9784] netlink: 'syz.7.1287': attribute type 1 has an invalid length. [ 289.490168][ T9784] nbd: error processing sock list [ 289.538409][ T9779] bcachefs (loop4): dropping and reconstructing all alloc info [ 289.547883][ T9784] block nbd2: shutting down sockets [ 289.566111][ T9779] bcachefs (loop4): accounting_read... done [ 289.598076][ T9779] bcachefs (loop4): alloc_read... done [ 289.614018][ T8487] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 289.619560][ T9779] bcachefs (loop4): snapshots_read... done [ 289.633974][ T9779] bcachefs (loop4): check_allocations... done [ 289.666871][ T9779] bcachefs (loop4): going read-write [ 289.672261][ T9779] bcachefs (loop4): insufficient writeable journal devices available: have 0, need 1 [ 289.672261][ T9779] rw journal devs: [ 289.818326][ T9803] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 4, id = 0 [ 289.849552][ T9779] bcachefs (loop4): done starting filesystem [ 290.201686][ T6609] bcachefs (loop4): shutting down [ 290.206767][ T6609] bcachefs (loop4): going read-only [ 290.226555][ T6609] bcachefs (loop4): finished waiting for writes to stop [ 290.237562][ T9814] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1295'. [ 290.308332][ T6609] bcachefs (loop4): flushing journal and stopping allocators, journal seq 10 [ 290.337501][ T6609] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 10 [ 290.368753][ T6609] bcachefs (loop4): unclean shutdown complete, journal seq 10 [ 290.434781][ T6609] bcachefs (loop4): done going read-only, filesystem not clean [ 290.531306][ T9820] loop1: detected capacity change from 0 to 256 [ 290.610440][ T6609] bcachefs (loop4): shutdown complete [ 290.940428][ T9830] loop9: detected capacity change from 0 to 2048 [ 290.965905][ T9830] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 291.201319][ T9806] loop5: detected capacity change from 0 to 40427 [ 291.222114][ T9806] F2FS-fs (loop5): Invalid segment/section count (31, 2328 x 1) [ 291.244269][ T9844] netlink: 830 bytes leftover after parsing attributes in process `syz.0.1306'. [ 291.256849][ T9806] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 291.322833][ T9806] F2FS-fs (loop5): invalid crc value [ 291.510653][ T9851] loop1: detected capacity change from 0 to 128 [ 291.537106][ T9851] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 291.679442][ T9851] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 291.750022][ T9806] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 291.790676][ T9806] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4 [ 291.915221][ T9855] loop9: detected capacity change from 0 to 32768 [ 291.948590][ T5846] syz-executor: attempt to access beyond end of device [ 291.948590][ T5846] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 291.989608][ T5846] CPU: 1 UID: 0 PID: 5846 Comm: syz-executor Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 291.989658][ T5846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 291.989680][ T5846] Call Trace: [ 291.989691][ T5846] [ 291.989704][ T5846] dump_stack_lvl+0x16c/0x1f0 [ 291.989748][ T5846] f2fs_handle_critical_error+0x621/0x9f0 [ 291.989829][ T5846] ? srso_alias_return_thunk+0x5/0xfbef5 [ 291.989873][ T5846] ? f2fs_build_fault_attr+0x53/0x1f0 [ 291.989930][ T5846] f2fs_write_end_io+0x785/0xc20 [ 291.989984][ T5846] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 291.990041][ T5846] ? srso_alias_return_thunk+0x5/0xfbef5 [ 291.990091][ T5846] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 291.990140][ T5846] bio_endio+0x70d/0x850 [ 291.990184][ T5846] submit_bio_noacct+0x56d/0x1eb0 [ 291.990244][ T5846] __submit_merged_bio+0x33c/0x770 [ 291.990302][ T5846] __submit_merged_write_cond+0x319/0x3f0 [ 291.990366][ T5846] f2fs_write_cache_pages+0x2067/0x2570 [ 291.990431][ T5846] ? __pfx_f2fs_write_cache_pages+0x10/0x10 [ 291.990478][ T5846] ? srso_alias_return_thunk+0x5/0xfbef5 [ 291.990522][ T5846] ? __lock_acquire+0x622/0x1c90 [ 291.990594][ T5846] ? srso_alias_return_thunk+0x5/0xfbef5 [ 291.990747][ T5846] ? srso_alias_return_thunk+0x5/0xfbef5 [ 291.990799][ T5846] f2fs_write_data_pages+0x4ad/0xd90 [ 291.990855][ T5846] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 291.990890][ T5846] ? srso_alias_return_thunk+0x5/0xfbef5 [ 291.990946][ T5846] ? srso_alias_return_thunk+0x5/0xfbef5 [ 291.990995][ T5846] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 291.991038][ T5846] do_writepages+0x27a/0x600 [ 291.991086][ T5846] ? __pfx_do_writepages+0x10/0x10 [ 291.991123][ T5846] ? do_raw_spin_unlock+0x172/0x230 [ 291.991165][ T5846] ? srso_alias_return_thunk+0x5/0xfbef5 [ 291.991207][ T5846] ? _raw_spin_unlock+0x28/0x50 [ 291.991268][ T5846] filemap_fdatawrite_wbc+0x104/0x160 [ 291.991315][ T5846] __filemap_fdatawrite_range+0xb2/0xf0 [ 291.991368][ T5846] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 291.991487][ T5846] ? find_held_lock+0x2b/0x80 [ 291.991536][ T5846] ? srso_alias_return_thunk+0x5/0xfbef5 [ 291.991579][ T5846] ? do_raw_spin_unlock+0x172/0x230 [ 291.991621][ T5846] ? srso_alias_return_thunk+0x5/0xfbef5 [ 291.991672][ T5846] f2fs_sync_dirty_inodes+0x2a9/0x990 [ 291.991736][ T5846] block_operations+0x2a3/0xfd0 [ 291.991783][ T5846] ? __pfx___schedule+0x10/0x10 [ 291.991851][ T5846] ? __pfx_block_operations+0x10/0x10 [ 291.991955][ T5846] ? srso_alias_return_thunk+0x5/0xfbef5 [ 291.991997][ T5846] ? down_write+0x14d/0x200 [ 291.992037][ T5846] ? __pfx_down_write+0x10/0x10 [ 291.992078][ T5846] ? srso_alias_return_thunk+0x5/0xfbef5 [ 291.992116][ T5846] ? rcu_is_watching+0x12/0xc0 [ 291.992166][ T5846] f2fs_write_checkpoint+0x2b8/0x4c60 [ 291.992211][ T5846] ? srso_alias_return_thunk+0x5/0xfbef5 [ 291.992249][ T5846] ? kfree+0x2b4/0x4d0 [ 291.992282][ T5846] ? srso_alias_return_thunk+0x5/0xfbef5 [ 291.992328][ T5846] ? srso_alias_return_thunk+0x5/0xfbef5 [ 291.992366][ T5846] ? rcu_is_watching+0x12/0xc0 [ 291.992407][ T5846] ? srso_alias_return_thunk+0x5/0xfbef5 [ 291.992445][ T5846] ? kthread_stop+0x273/0x650 [ 291.992481][ T5846] kill_f2fs_super+0x3c2/0x470 [ 291.992520][ T5846] ? __pfx_kill_f2fs_super+0x10/0x10 [ 291.992555][ T5846] ? lockdep_hardirqs_on+0x7c/0x110 [ 291.992606][ T5846] deactivate_locked_super+0xc1/0x1a0 [ 291.992649][ T5846] deactivate_super+0xde/0x100 [ 291.992692][ T5846] cleanup_mnt+0x225/0x450 [ 291.992740][ T5846] task_work_run+0x150/0x240 [ 291.992778][ T5846] ? __pfx_task_work_run+0x10/0x10 [ 291.992811][ T5846] ? srso_alias_return_thunk+0x5/0xfbef5 [ 291.992857][ T5846] ? __pfx___x64_sys_umount+0x10/0x10 [ 291.992917][ T5846] exit_to_user_mode_loop+0xeb/0x110 [ 291.992958][ T5846] do_syscall_64+0x3f6/0x4c0 [ 291.992997][ T5846] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 291.993029][ T5846] RIP: 0033:0x7f11e4b8fcd7 [ 291.993054][ T5846] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 291.993086][ T5846] RSP: 002b:00007ffcae172cd8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 291.993117][ T5846] RAX: 0000000000000000 RBX: 00007f11e4c10a8d RCX: 00007f11e4b8fcd7 [ 291.993138][ T5846] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcae172d90 [ 291.993158][ T5846] RBP: 00007ffcae172d90 R08: 0000000000000000 R09: 0000000000000000 [ 291.993177][ T5846] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffcae173e20 [ 291.993197][ T5846] R13: 00007f11e4c10a8d R14: 000000000004741f R15: 00007ffcae173e60 [ 291.993245][ T5846] [ 292.474988][ T5846] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 293.054317][ T9867] loop1: detected capacity change from 0 to 32768 [ 293.064330][ T9867] (syz.1.1316,9867,1):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xc2d589a7, computed 0xa7538fce. Applying ECC. [ 293.078302][ T9867] (syz.1.1316,9867,1):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 293.091994][ T9867] (syz.1.1316,9867,1):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 293.147175][ T9867] (syz.1.1316,9867,0):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xa9c51222, computed 0xb6cc4dbf. Applying ECC. [ 293.164590][ T9867] JBD2: Ignoring recovery information on journal [ 293.235538][ T9867] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 293.281079][ T36] (kworker/u8:2,36,0):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xa9c51222, computed 0xb6cc4dbf. Applying ECC. [ 293.307207][ T9867] (syz.1.1316,9867,0):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xc2d589a7, computed 0xa7538fce. Applying ECC. [ 293.326233][ T9867] (syz.1.1316,9867,0):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xdf8356d3, computed 0x2e880d5e. Applying ECC. [ 293.339978][ T9867] (syz.1.1316,9867,0):ocfs2_block_check_validate:415 ERROR: Fixed CRC32 failed: stored: 0xdf8356d3, computed 0x960d5e93 [ 293.352652][ T9867] (syz.1.1316,9867,0):ocfs2_read_quota_phys_block:160 ERROR: status = -5 [ 293.361384][ T9867] (syz.1.1316,9867,0):ocfs2_quota_read:201 ERROR: status = -5 [ 293.368898][ T9867] Quota error (device loop1): find_block_dqentry: Can't read quota tree block 6 [ 293.378208][ T9867] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 293.387711][ T9867] (syz.1.1316,9867,0):ocfs2_acquire_dquot:890 ERROR: status = -5 [ 293.398985][ T9867] (syz.1.1316,9867,0):ocfs2_mknod:314 ERROR: status = -5 [ 293.407611][ T9867] (syz.1.1316,9867,0):ocfs2_mknod:502 ERROR: status = -5 [ 293.414773][ T9867] (syz.1.1316,9867,0):ocfs2_create:675 ERROR: status = -5 [ 293.450023][ T9855] bcachefs (loop9): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,recovery_pass_last=set_may_go_rw,reconstruct_alloc,no_data_io [ 293.450070][ T9855] allowing incompatible features above 0.0: (unknown version) [ 293.450097][ T9855] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 293.494157][ T9855] bcachefs (loop9): Using encoding defined by superblock: utf8-12.1.0 [ 293.502539][ T9855] bcachefs (loop9): recovering from clean shutdown, journal seq 10 [ 293.512460][ T9855] bcachefs (loop9): Version upgrade required: [ 293.512460][ T9855] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 293.512460][ T9855] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive [ 293.512460][ T9855] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance [ 293.614751][ T9855] bcachefs (loop9): dropping and reconstructing all alloc info [ 293.638861][ T9855] bcachefs (loop9): accounting_read... done [ 293.656516][ T9855] bcachefs (loop9): alloc_read... done [ 293.666024][ T9855] bcachefs (loop9): snapshots_read... done [ 293.676908][ T9855] bcachefs (loop9): check_allocations... [ 293.684437][ T8603] ocfs2: Unmounting device (7,1) on (node local) [ 293.705110][ T9855] done [ 293.711620][ T9855] bcachefs (loop9): going read-write [ 293.719977][ T9855] bcachefs (loop9): insufficient writeable journal devices available: have 0, need 1 [ 293.719977][ T9855] rw journal devs: [ 293.760330][ T9855] bcachefs (loop9): done starting filesystem [ 294.091704][ T8487] bcachefs (loop9): shutting down [ 294.096788][ T8487] bcachefs (loop9): going read-only [ 294.111950][ T8487] bcachefs (loop9): finished waiting for writes to stop [ 294.151006][ T8487] bcachefs (loop9): flushing journal and stopping allocators, journal seq 10 [ 294.159985][ T8487] bcachefs (loop9): flushing journal and stopping allocators complete, journal seq 10 [ 294.196536][ T8487] bcachefs (loop9): unclean shutdown complete, journal seq 10 [ 294.249455][ T8487] bcachefs (loop9): done going read-only, filesystem not clean [ 294.378932][ T8487] bcachefs (loop9): shutdown complete [ 295.013301][ T9910] netlink: 128 bytes leftover after parsing attributes in process `syz.5.1330'. [ 295.230160][ T9891] loop0: detected capacity change from 0 to 32768 [ 295.249914][ T9891] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1323 (9891) [ 295.290969][ T9891] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 295.320331][ T9891] BTRFS info (device loop0): using crc32c (crc32c-x86_64) checksum algorithm [ 295.349083][ T9891] BTRFS info (device loop0): disk space caching is enabled [ 295.377488][ T9891] BTRFS warning (device loop0): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 295.666749][ T9933] loop7: detected capacity change from 0 to 4096 [ 295.691834][ T9891] BTRFS info (device loop0): rebuilding free space tree [ 295.746230][ T9891] BTRFS info (device loop0): disabling free space tree [ 295.753905][ T9933] ntfs3(loop7): Mark volume as dirty due to NTFS errors [ 295.773891][ T9891] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 295.802391][ T9891] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 295.807681][ T9933] ntfs3(loop7): ino=1b, "file0" ntfs_readdir [ 295.979177][ T6981] ntfs3(loop7): ino=9, ntfs_sync_fs failed, -22. [ 296.051868][ T9461] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 297.076208][ T9959] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1359'. [ 297.538638][ T9968] use of bytesused == 0 is deprecated and will be removed in the future, [ 297.631391][ T9968] use the actual size instead. [ 297.982799][ T9980] loop5: detected capacity change from 0 to 128 [ 298.032225][ T5855] Bluetooth: hci7: command 0x0406 tx timeout [ 298.073779][ T9980] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256 [ 298.176582][ T9956] loop4: detected capacity change from 0 to 32768 [ 298.215923][ T9956] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 298.331897][ T9956] XFS (loop4): Ending clean mount [ 298.369471][ T9995] loop1: detected capacity change from 0 to 2048 [ 298.390459][ T9956] XFS (loop4): Quotacheck needed: Please wait. [ 298.495751][ T9995] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 298.506839][ T9956] XFS (loop4): Quotacheck: Done. [ 298.546555][ T30] audit: type=1326 audit(1752840288.968:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9996 comm="syz.5.1357" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f11e4b8e9a9 code=0x0 [ 298.668336][ T6609] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 300.345784][T10029] loop9: detected capacity change from 0 to 1024 [ 300.818642][T10013] loop0: detected capacity change from 0 to 32768 [ 300.852542][T10013] XFS: ikeep mount option is deprecated. [ 300.959299][T10013] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 301.066419][T10022] loop4: detected capacity change from 0 to 32768 [ 301.152969][T10022] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1367 (10022) [ 301.192931][T10022] BTRFS info (device loop4): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 301.202248][T10013] XFS (loop0): Ending clean mount [ 301.210692][T10022] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm [ 301.226621][T10013] XFS (loop0): Quotacheck needed: Please wait. [ 301.240798][T10022] BTRFS info (device loop4): using free-space-tree [ 301.342470][T10013] XFS (loop0): Quotacheck: Done. [ 301.596425][ T9461] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 301.614855][T10060] loop7: detected capacity change from 0 to 512 [ 301.738159][T10060] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 301.760187][T10031] loop9: detected capacity change from 0 to 32768 [ 301.780728][T10060] ext4 filesystem being mounted at /178/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 301.797872][ T6609] BTRFS info (device loop4): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 301.933019][T10065] loop5: detected capacity change from 0 to 128 [ 302.223191][ T6981] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 302.596470][T10033] loop1: detected capacity change from 0 to 32768 [ 302.932611][T10082] netlink: 'syz.7.1384': attribute type 1 has an invalid length. [ 302.971420][T10033] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 303.162453][T10033] XFS (loop1): Ending clean mount [ 303.170545][T10033] XFS (loop1): Quotacheck needed: Please wait. [ 303.194910][T10091] loop4: detected capacity change from 0 to 256 [ 303.231561][T10088] can0: slcan on ttyS3. [ 303.290032][T10033] XFS (loop1): Quotacheck: Done. [ 303.344080][T10094] bridge0: the hash_elasticity option has been deprecated and is always 16 [ 303.377549][T10094] bridge0: port 2(bridge_slave_1) entered disabled state [ 303.385359][T10094] bridge0: port 1(bridge_slave_0) entered disabled state [ 303.433152][T10092] can0 (unregistered): slcan off ttyS3. [ 303.494745][ T8603] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 303.778592][T10103] loop7: detected capacity change from 0 to 1024 [ 303.835228][T10108] netlink: 'syz.5.1394': attribute type 1 has an invalid length. [ 303.876081][T10103] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 303.960734][T10103] ext4 filesystem being mounted at /183/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 304.191771][ T6981] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 304.338558][T10123] loop5: detected capacity change from 0 to 1024 [ 304.353505][T10120] loop9: detected capacity change from 0 to 4096 [ 304.405174][T10123] hfsplus: bad catalog entry type [ 304.420330][T10125] NILFS (loop9): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 304.485342][T10120] NILFS (loop9): DAT doesn't have a block to manage vblocknr = 648518346341351424 [ 304.511259][T10120] NILFS error (device loop9): nilfs_bmap_truncate: broken bmap (inode number=12) [ 304.535046][ T1108] hfsplus: b-tree write err: -5, ino 4 [ 304.560888][T10120] Remounting filesystem read-only [ 304.574886][T10120] NILFS (loop9): error -5 truncating bmap (ino=12) [ 304.614645][T10107] Bluetooth: hci0: Opcode 0x0401 failed: -4 [ 304.744803][ T8487] NILFS (loop9): disposed unprocessed dirty file(s) when detaching log writer [ 304.928038][T10142] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1408'. [ 305.000743][ T5923] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 305.188239][ T5923] usb 6-1: Using ep0 maxpacket: 16 [ 305.206454][ T5923] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 305.243104][ T5923] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 305.306490][ T5923] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 305.330607][ T5923] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 305.369153][ T5923] usb 6-1: Product: syz [ 305.377980][ T5923] usb 6-1: Manufacturer: syz [ 305.400768][ T5923] usb 6-1: SerialNumber: syz [ 305.418456][ T5923] usb 6-1: config 0 descriptor?? [ 305.438069][ T5923] em28xx 6-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 305.500653][ T5923] em28xx 6-1:0.0: Audio interface 0 found (Vendor Class) [ 305.826186][T10170] loop1: detected capacity change from 0 to 256 [ 305.881481][ T5850] Bluetooth: hci0: command 0x0401 tx timeout [ 306.042797][ T5923] em28xx 6-1:0.0: chip ID is em2710/2820 [ 306.144586][T10147] loop9: detected capacity change from 0 to 32768 [ 306.184253][T10147] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.1406 (10147) [ 306.249531][ T5923] em28xx 6-1:0.0: Config register raw data: 0xfffffffb [ 306.278932][T10164] loop7: detected capacity change from 0 to 32768 [ 306.294734][T10147] BTRFS info (device loop9): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 306.302763][ T6044] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 306.310984][ T5923] em28xx 6-1:0.0: AC97 chip type couldn't be determined [ 306.319232][ T5923] em28xx 6-1:0.0: No AC97 audio processor [ 306.328720][T10147] BTRFS info (device loop9): using xxhash64 (xxhash64-generic) checksum algorithm [ 306.341067][T10164] ocfs2: Slot 0 on device (7,7) was already allocated to this node! [ 306.341790][T10147] BTRFS info (device loop9): disk space caching is enabled [ 306.363058][ T5923] usb 6-1: USB disconnect, device number 11 [ 306.378172][T10147] BTRFS warning (device loop9): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 306.394453][ T5923] em28xx 6-1:0.0: Disconnecting em28xx [ 306.413467][ T5923] em28xx 6-1:0.0: Freeing device [ 306.417365][T10164] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode. [ 306.476300][ T6044] usb 5-1: Using ep0 maxpacket: 16 [ 306.504515][ T6044] usb 5-1: config 0 has no interfaces? [ 306.511934][ T6044] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 306.536687][ T6044] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 306.545683][T10147] BTRFS info (device loop9): rebuilding free space tree [ 306.602626][ T6044] usb 5-1: SerialNumber: syz [ 306.607611][T10147] BTRFS info (device loop9): disabling free space tree [ 306.614439][T10164] overlayfs: upper fs does not support tmpfile. [ 306.624277][T10164] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 306.651049][T10164] overlayfs: failed to set xattr on upper [ 306.656793][T10164] overlayfs: ...falling back to redirect_dir=nofollow. [ 306.672014][ T6044] usb 5-1: config 0 descriptor?? [ 306.675077][T10147] BTRFS info (device loop9): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 306.704061][T10147] BTRFS info (device loop9): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 306.714950][T10164] overlayfs: ...falling back to index=off. [ 306.740712][T10164] overlayfs: ...falling back to uuid=null. [ 306.771615][T10164] overlayfs: upper fs missing required features. [ 306.899142][ T5972] usb 5-1: USB disconnect, device number 8 [ 307.006192][ T6981] ocfs2: Unmounting device (7,7) on (node local) [ 307.028268][ T8487] BTRFS info (device loop9): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 307.549854][T10212] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in; [ 307.549854][T10212] program syz.7.1429 not setting count and/or reply_len properly [ 308.087809][T10224] loop7: detected capacity change from 0 to 32768 [ 308.191267][T10224] bcachefs (loop7): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names [ 308.191317][T10224] allowing incompatible features above 0.0: (unknown version) [ 308.191339][T10224] features: [ 308.226086][T10224] bcachefs (loop7): Using encoding defined by superblock: utf8-12.1.0 [ 308.234341][T10224] bcachefs (loop7): initializing new filesystem [ 308.249214][T10224] bcachefs (loop7): going read-write [ 308.272367][T10224] bcachefs (loop7): marking superblocks [ 308.289161][T10224] bcachefs (loop7): initializing freespace [ 308.299323][T10224] bcachefs (loop7): done initializing freespace [ 308.308649][T10224] bcachefs (loop7): reading snapshots table [ 308.314651][T10224] bcachefs (loop7): reading snapshots done [ 308.361673][T10224] bcachefs (loop7): done starting filesystem [ 308.433291][ T6981] bcachefs (loop7): shutting down [ 308.448286][ T6981] bcachefs (loop7): going read-only [ 308.486142][ T6981] bcachefs (loop7): finished waiting for writes to stop [ 308.557944][ T6981] bcachefs (loop7): flushing journal and stopping allocators, journal seq 3 [ 308.729401][ T6981] bcachefs (loop7): flushing journal and stopping allocators complete, journal seq 3 [ 308.819510][T10253] loop1: detected capacity change from 0 to 1024 [ 308.826051][ T6981] bcachefs (loop7): clean shutdown complete, journal seq 4 [ 308.856469][T10257] loop5: detected capacity change from 0 to 1024 [ 308.861455][ T6981] bcachefs (loop7): marking filesystem clean [ 308.986165][ T6981] bcachefs (loop7): shutdown complete [ 309.085093][ T49] hfsplus: b-tree write err: -5, ino 4 [ 309.172359][ T13] hfsplus: b-tree write err: -5, ino 8 [ 309.518324][T10276] bond_slave_0: entered promiscuous mode [ 309.524449][T10276] bond_slave_1: entered promiscuous mode [ 309.543446][T10276] macsec1: entered allmulticast mode [ 309.555628][T10276] bond0: entered allmulticast mode [ 309.566426][T10276] bond_slave_0: entered allmulticast mode [ 309.579017][T10276] bond_slave_1: entered allmulticast mode [ 309.748753][T10276] bond0: left allmulticast mode [ 309.754807][T10276] bond_slave_0: left allmulticast mode [ 309.770895][T10276] bond_slave_1: left allmulticast mode [ 309.812182][T10276] bond_slave_0: left promiscuous mode [ 309.817668][T10276] bond_slave_1: left promiscuous mode [ 310.013453][T10286] loop0: detected capacity change from 0 to 2048 [ 310.091343][T10286] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 310.126846][T10286] ext4 filesystem being mounted at /36/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 310.260189][T10286] fs-verity: sha256 using implementation "sha256-x86_64" [ 310.293532][T10294] loop9: detected capacity change from 0 to 64 [ 310.318334][T10286] fs-verity (loop0, inode 13): fs-verity keyring is empty, rejecting signed file! [ 310.453862][T10300] loop1: detected capacity change from 0 to 4096 [ 310.581147][ T9461] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 310.820400][T10308] loop9: detected capacity change from 0 to 1024 [ 310.869588][T10308] hfsplus: xattr searching failed [ 310.919849][ T12] hfsplus: bad catalog file entry [ 310.933555][ T12] hfsplus: b-tree write err: -5, ino 3 [ 311.435940][T10327] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1476'. [ 311.699215][T10335] CIFS: VFS: Malformed UNC in devname [ 311.916770][T10344] loop1: detected capacity change from 0 to 512 [ 311.975777][T10344] EXT4-fs: Ignoring removed i_version option [ 312.036781][T10344] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 312.154172][T10344] EXT4-fs (loop1): 1 truncate cleaned up [ 312.182896][T10344] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 312.626566][ T8603] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 313.266682][T10378] syz.9.1500 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 313.650061][T10389] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1506'. [ 313.849879][T10398] trusted_key: encrypted_key: keyword 'load' not allowed when called from .update method [ 314.315651][T10410] loop9: detected capacity change from 0 to 2048 [ 314.388440][T10414] NILFS (loop9): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 314.465501][ T30] audit: type=1800 audit(1752840304.898:93): pid=10410 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.1513" name="file2" dev="loop9" ino=16 res=0 errno=0 [ 314.470072][T10410] NILFS (loop9): vblocknr = 15 has abnormal lifetime: start cno (= 4128770) > current cno (= 3) [ 314.533186][T10418] loop5: detected capacity change from 0 to 512 [ 314.550572][T10410] NILFS error (device loop9): nilfs_bmap_propagate: broken bmap (inode number=16) [ 314.568053][T10418] EXT4-fs: Ignoring removed nomblk_io_submit option [ 314.596214][T10410] Remounting filesystem read-only [ 314.643372][T10420] loop7: detected capacity change from 0 to 128 [ 314.701965][T10418] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 314.747761][ T8487] NILFS (loop9): disposed unprocessed dirty file(s) when stopping log writer [ 314.758329][T10420] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 314.763617][T10418] ext4 filesystem being mounted at /302/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 314.795370][T10420] ext4 filesystem being mounted at /195/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 314.878123][T10430] loop1: detected capacity change from 0 to 1024 [ 314.891786][T10430] EXT4-fs: inline encryption not supported [ 314.897680][T10430] EXT4-fs: Ignoring removed i_version option [ 314.942164][T10430] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 314.960729][ T30] audit: type=1800 audit(1752840305.378:94): pid=10418 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1517" name="file1" dev="loop5" ino=15 res=0 errno=0 [ 315.019795][T10430] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 2: comm syz.1.1522: lblock 2 mapped to illegal pblock 2 (length 1) [ 315.050920][ T30] audit: type=1800 audit(1752840305.378:95): pid=10418 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1517" name="file2" dev="loop5" ino=16 res=0 errno=0 [ 315.107411][ T6981] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 315.127037][T10430] Quota error (device loop1): qtree_write_dquot: dquota write failed [ 315.140626][T10430] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 48: comm syz.1.1522: lblock 0 mapped to illegal pblock 48 (length 1) [ 315.153381][ T5846] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 315.180844][T10430] Quota error (device loop1): v2_write_file_info: Can't write info structure [ 315.190100][T10430] EXT4-fs error (device loop1): ext4_acquire_dquot:6931: comm syz.1.1522: Failed to acquire dquot type 0 [ 315.255802][T10435] loop0: detected capacity change from 0 to 256 [ 315.263235][T10430] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6255: Corrupt filesystem [ 315.290595][T10430] EXT4-fs error (device loop1): ext4_evict_inode:254: inode #11: comm syz.1.1522: mark_inode_dirty error [ 315.335727][T10430] EXT4-fs warning (device loop1): ext4_evict_inode:256: couldn't mark inode dirty (err -117) [ 315.359960][T10430] EXT4-fs (loop1): 1 orphan inode deleted [ 315.398485][T10430] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 315.420957][ T2967] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:9: lblock 1 mapped to illegal pblock 1 (length 1) [ 315.468175][ T2967] Quota error (device loop1): remove_tree: Can't read quota data block 1 [ 315.500677][ T2967] EXT4-fs error (device loop1): ext4_release_dquot:6967: comm kworker/u8:9: Failed to release dquot type 0 [ 315.723307][T10449] loop7: detected capacity change from 0 to 256 [ 315.769325][T10449] exFAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 315.820618][T10449] exFAT-fs (loop7): Medium has reported failures. Some data may be lost. [ 315.841557][ T8603] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 315.868733][ T12] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:0: lblock 1 mapped to illegal pblock 1 (length 1) [ 315.911681][ T12] Quota error (device loop1): remove_tree: Can't read quota data block 1 [ 315.919935][T10449] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 315.920130][ T12] EXT4-fs error (device loop1): ext4_release_dquot:6967: comm kworker/u8:0: Failed to release dquot type 0 [ 316.032308][T10459] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.1536'. [ 316.046064][ T8603] EXT4-fs error (device loop1): __ext4_get_inode_loc:4791: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 316.090791][ T8603] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6255: Corrupt filesystem [ 316.113725][ T8603] EXT4-fs error (device loop1): ext4_quota_off:7217: inode #3: comm syz-executor: mark_inode_dirty error [ 316.435192][ T972] dvb-usb: did not find the firmware file 'dvb-usb-az6027-03.fw' (status -110). You can use /scripts/get_dvb_firmware to get the firmware [ 316.466507][ T972] dvb_usb_az6027 10-1:0.0: probe with driver dvb_usb_az6027 failed with error -110 [ 316.496391][ T972] usb 10-1: USB disconnect, device number 6 [ 317.069954][T10455] loop5: detected capacity change from 0 to 32768 [ 317.131295][T10455] JBD2: Ignoring recovery information on journal [ 317.304572][T10455] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 317.462356][T10478] loop0: detected capacity change from 0 to 32768 [ 317.496724][T10478] (syz.0.1540,10478,1):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 317.549426][T10478] (syz.0.1540,10478,1):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 317.591795][ T5846] ocfs2: Unmounting device (7,5) on (node local) [ 317.627772][T10478] JBD2: Ignoring recovery information on journal [ 317.652391][T10503] loop1: detected capacity change from 0 to 128 [ 317.713343][ T6040] hid-generic 0005:0B57:0007.000B: collection stack underflow [ 317.777581][ T6040] hid-generic 0005:0B57:0007.000B: item 0 0 0 12 parsing failed [ 317.798533][T10478] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 317.831517][ T6040] hid-generic 0005:0B57:0007.000B: probe with driver hid-generic failed with error -22 [ 318.215434][ T9461] ocfs2: Unmounting device (7,0) on (node local) [ 318.483477][T10527] loop1: detected capacity change from 0 to 2048 [ 318.606108][T10527] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 318.780616][ T6040] usb 10-1: new high-speed USB device number 7 using dummy_hcd [ 318.838537][ T8603] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 318.940676][ T6040] usb 10-1: Using ep0 maxpacket: 16 [ 318.960034][ T6040] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 318.984144][ T6040] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 319.017053][ T6040] usb 10-1: config 0 interface 0 has no altsetting 0 [ 319.051592][ T6040] usb 10-1: New USB device found, idVendor=060b, idProduct=500a, bcdDevice= 0.00 [ 319.100990][ T6040] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 319.134272][ T6040] usb 10-1: config 0 descriptor?? [ 319.591978][ T6040] cougar 0003:060B:500A.000C: unexpected long global item [ 319.625560][ T6040] cougar 0003:060B:500A.000C: parse failed [ 319.650823][ T6040] cougar 0003:060B:500A.000C: probe with driver cougar failed with error -22 [ 319.769198][ T972] usb 10-1: USB disconnect, device number 7 [ 319.922162][ T24] usb 1-1: new full-speed USB device number 5 using dummy_hcd [ 320.104221][ T24] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 320.114871][ T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 320.146624][ T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 320.180583][ T24] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 320.215721][ T24] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 320.241652][ T24] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 320.266663][T10551] syz.4.1571 (10551): drop_caches: 2 [ 320.275229][ T24] usb 1-1: Manufacturer: syz [ 320.293973][ T24] usb 1-1: config 0 descriptor?? [ 320.309507][T10556] loop1: detected capacity change from 0 to 32768 [ 320.506833][T10560] loop7: detected capacity change from 0 to 32768 [ 320.574844][T10560] XFS: ikeep mount option is deprecated. [ 320.616218][T10573] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1581'. [ 320.661597][ T24] rc_core: IR keymap rc-hauppauge not found [ 320.667552][ T24] Registered IR keymap rc-empty [ 320.680953][ T24] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 320.696198][T10560] XFS (loop7): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 320.705971][ T24] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 320.733074][ T24] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0 [ 320.766482][ T24] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input36 [ 320.798948][ T24] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 320.841015][ T24] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 320.891637][ T24] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 320.922395][ T24] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 320.971025][ T24] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 321.001158][ T24] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 321.031118][ T24] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 321.056167][T10560] XFS (loop7): Ending clean mount [ 321.090841][ T24] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 321.101023][T10560] XFS (loop7): Quotacheck needed: Please wait. [ 321.126682][ T24] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 321.187183][ T24] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 321.219416][T10560] XFS (loop7): Quotacheck: Done. [ 321.233075][ T24] mceusb 1-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 321.280558][ T24] mceusb 1-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 321.336605][ T24] usb 1-1: USB disconnect, device number 5 [ 321.457998][ T6981] XFS (loop7): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 322.230884][ T55] usb 2-1: new full-speed USB device number 12 using dummy_hcd [ 322.256012][T10612] input: syz1 as /devices/virtual/input/input37 [ 322.313917][T10588] loop4: detected capacity change from 0 to 40427 [ 322.340984][T10588] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 322.361061][T10588] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 322.386777][T10588] F2FS-fs (loop4): invalid crc value [ 322.426943][ T55] usb 2-1: New USB device found, idVendor=1397, idProduct=00bd, bcdDevice=c5.66 [ 322.460740][ T55] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 322.511573][ T55] usb 2-1: config 0 descriptor?? [ 322.534919][T10624] loop0: detected capacity change from 0 to 16 [ 322.537392][ T55] usb 2-1: invalid MIDI EP [ 322.566043][T10624] erofs (device loop0): mounted with root inode @ nid 36. [ 322.573557][ T55] usb 2-1: snd-bcd2000: error during probing [ 322.595604][ T55] snd-bcd2000 2-1:0.0: probe with driver snd-bcd2000 failed with error -22 [ 322.645122][T10624] overlayfs: failed to get metacopy (-117) [ 322.737256][T10588] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 322.763915][T10588] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 322.778917][ T55] usb 2-1: USB disconnect, device number 12 [ 323.546124][T10645] loop1: detected capacity change from 0 to 16 [ 323.580596][T10645] erofs (device loop1): EXPERIMENTAL EROFS subpage compressed block support in use. Use at your own risk! [ 323.630156][T10645] erofs (device loop1): mounted with root inode @ nid 36. [ 323.682408][T10645] erofs (device loop1): corrupted dir block 0 @ nid 36 [ 323.835221][T10629] loop9: detected capacity change from 0 to 32768 [ 323.851524][T10646] loop0: detected capacity change from 0 to 4096 [ 323.852761][T10633] loop5: detected capacity change from 0 to 32768 [ 323.898613][T10629] ocfs2: Slot 0 on device (7,9) was already allocated to this node! [ 323.907945][T10633] XFS: ikeep mount option is deprecated. [ 323.948508][T10633] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 323.984595][T10629] ocfs2: Mounting device (7,9) on (node local, slot 0) with ordered data mode. [ 324.014907][T10646] ntfs3(loop0): ino=5, "/" mi_enum_attr [ 324.192171][T10633] XFS (loop5): Ending clean mount [ 324.200454][T10629] overlayfs: upper fs does not support tmpfile. [ 324.226093][T10629] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 324.226511][T10667] loop4: detected capacity change from 0 to 512 [ 324.255629][T10633] XFS (loop5): Quotacheck needed: Please wait. [ 324.265082][T10629] overlayfs: failed to set xattr on upper [ 324.286733][T10667] EXT4-fs: Ignoring removed nomblk_io_submit option [ 324.309630][T10629] overlayfs: ...falling back to redirect_dir=nofollow. [ 324.340652][T10629] overlayfs: ...falling back to index=off. [ 324.346742][T10633] XFS (loop5): Quotacheck: Done. [ 324.393885][T10629] overlayfs: ...falling back to uuid=null. [ 324.399723][T10629] overlayfs: upper fs missing required features. [ 324.411592][T10667] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 324.430781][T10667] ext4 filesystem being mounted at /209/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 324.565311][ T8487] ocfs2: Unmounting device (7,9) on (node local) [ 324.583767][ T30] audit: type=1800 audit(1752840315.008:96): pid=10667 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1615" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 324.661788][ T30] audit: type=1800 audit(1752840315.048:97): pid=10667 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1615" name="file2" dev="loop4" ino=16 res=0 errno=0 [ 324.721345][ T5846] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 324.800212][ T6609] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 325.081370][ T24] kernel write not supported for file bpf-map (pid: 24 comm: kworker/1:0) [ 325.587298][T10697] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1626'. [ 325.906750][T10708] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1629'. [ 326.045397][ T30] audit: type=1326 audit(1752840316.478:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10710 comm="syz.9.1644" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7eff5718e9a9 code=0x0 [ 326.090641][ T24] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 326.278252][ T24] usb 6-1: Using ep0 maxpacket: 16 [ 326.302810][ T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 326.320526][ T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 326.362323][ T24] usb 6-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00 [ 326.391618][ T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 326.426183][ T24] usb 6-1: config 0 descriptor?? [ 326.614857][T10722] loop7: detected capacity change from 0 to 8192 [ 326.674864][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 326.683473][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 326.887212][ T24] corsair 0003:1B1C:1B02.000D: unknown main item tag 0x0 [ 326.938201][ T24] corsair 0003:1B1C:1B02.000D: unknown main item tag 0x0 [ 326.960300][ T24] corsair 0003:1B1C:1B02.000D: unknown main item tag 0x0 [ 326.980919][ T24] corsair 0003:1B1C:1B02.000D: unknown main item tag 0x0 [ 326.987997][ T24] corsair 0003:1B1C:1B02.000D: unknown main item tag 0x0 [ 327.055999][ T24] corsair 0003:1B1C:1B02.000D: hidraw0: USB HID v0.00 Device [HID 1b1c:1b02] on usb-dummy_hcd.5-1/input0 [ 327.139051][T10736] Context (ID=0x0) not attached to queue pair (handle=0x4e5:0x0) [ 327.161118][T10737] syz_tun: entered allmulticast mode [ 327.193170][T10735] syz_tun: left allmulticast mode [ 327.279073][T10717] loop4: detected capacity change from 0 to 32768 [ 327.337590][ T24] usb 6-1: USB disconnect, device number 12 [ 327.408511][T10717] ocfs2: Slot 0 on device (7,4) was already allocated to this node! [ 327.486644][T10717] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 327.629915][T10717] overlayfs: upper fs does not support tmpfile. [ 327.657840][T10717] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 327.707409][T10717] overlayfs: failed to set xattr on upper [ 327.726513][T10717] overlayfs: ...falling back to redirect_dir=nofollow. [ 327.730623][T10753] loop1: detected capacity change from 0 to 512 [ 327.743661][T10717] overlayfs: ...falling back to index=off. [ 327.759766][T10717] overlayfs: ...falling back to uuid=null. [ 327.768395][T10717] overlayfs: upper fs missing required features. [ 327.776281][T10753] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 327.830127][T10753] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 327.883332][T10753] ext4 filesystem being mounted at /135/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 327.975001][ T6609] ocfs2: Unmounting device (7,4) on (node local) [ 327.983843][ T30] audit: type=1800 audit(1752840318.418:99): pid=10753 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1648" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 328.167129][T10769] loop5: detected capacity change from 0 to 2048 [ 328.232374][T10769] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 328.254808][T10773] loop7: detected capacity change from 0 to 128 [ 328.317340][T10773] UDF-fs: error (device loop7): udf_read_tagged: read failed, block=256, location=256 [ 328.369648][T10773] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 328.556668][ T8603] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 328.620624][ T5923] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 328.800898][ T5923] usb 1-1: Using ep0 maxpacket: 32 [ 328.813241][ T5923] usb 1-1: config 0 has an invalid interface number: 51 but max is 0 [ 328.840690][ T5923] usb 1-1: config 0 has no interface number 0 [ 328.857699][ T5923] usb 1-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 328.876211][ T5923] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 328.914825][ T5923] usb 1-1: Product: syz [ 328.919136][ T5923] usb 1-1: Manufacturer: syz [ 328.956224][ T5923] usb 1-1: SerialNumber: syz [ 328.978304][ T5923] usb 1-1: config 0 descriptor?? [ 329.008927][ T5923] quatech2 1-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 329.052164][T10790] team0: Device gtp0 is of different type [ 329.229556][ T5923] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 329.266447][ T5923] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 329.447661][ C1] quatech-serial ttyUSB0: qt2_process_read_urb - port change to invalid port: 32 [ 329.659173][ C1] usb 1-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 329.659629][ T972] usb 1-1: USB disconnect, device number 6 [ 329.720661][ T972] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 329.774064][ T972] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 329.811212][ T972] quatech2 1-1:0.51: device disconnected [ 330.528089][T10824] loop0: detected capacity change from 0 to 512 [ 330.608864][T10824] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2 [ 330.641796][T10824] EXT4-fs error (device loop0): ext4_free_branches:1020: inode #13: comm syz.0.1676: invalid indirect mapped block 2683928664 (level 1) [ 330.660164][T10803] loop1: detected capacity change from 0 to 32768 [ 330.721080][T10824] EXT4-fs (loop0): Remounting filesystem read-only [ 330.728407][T10824] EXT4-fs (loop0): 1 truncate cleaned up [ 330.769102][T10803] ERROR: (device loop1): dbFindCtl: Corrupt dmapctl page [ 330.769102][T10803] [ 330.802996][T10824] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 330.838086][T10803] ERROR: (device loop1): remounting filesystem as read-only [ 330.846156][T10830] loop9: detected capacity change from 0 to 1024 [ 330.861815][T10830] EXT4-fs: inline encryption not supported [ 330.869983][T10803] ialloc: diAlloc returned -5! [ 330.880420][T10830] EXT4-fs: Ignoring removed i_version option [ 330.913388][T10830] EXT4-fs (loop9): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 330.921154][T10824] EXT4-fs (loop0): shut down requested (0) [ 330.948741][T10830] EXT4-fs error (device loop9): ext4_map_blocks:780: inode #3: block 2: comm syz.9.1678: lblock 2 mapped to illegal pblock 2 (length 1) [ 330.993693][T10830] Quota error (device loop9): qtree_write_dquot: dquota write failed [ 331.010670][T10830] EXT4-fs error (device loop9): ext4_map_blocks:780: inode #3: block 48: comm syz.9.1678: lblock 0 mapped to illegal pblock 48 (length 1) [ 331.013665][ T111] ------------[ cut here ]------------ [ 331.031025][ T111] WARNING: CPU: 1 PID: 111 at fs/jfs/jfs_dmap.c:2867 dbAdjTree+0x310/0x400 [ 331.039670][ T111] Modules linked in: [ 331.044081][ T111] CPU: 1 UID: 0 PID: 111 Comm: jfsCommit Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 331.056477][ T111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 331.066938][ T111] RIP: 0010:dbAdjTree+0x310/0x400 [ 331.072760][ T111] Code: e8 95 4c 78 fe 0f b6 14 24 38 da 0f 85 89 fe ff ff 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f e9 56 52 78 fe e8 51 52 78 fe 90 <0f> 0b 90 eb e2 e8 46 af dc fe e9 20 fe ff ff e8 3c af dc fe e9 47 [ 331.092702][ T111] RSP: 0018:ffffc900026e7a18 EFLAGS: 00010293 [ 331.098803][ T111] RAX: 0000000000000000 RBX: 000000005ff20056 RCX: ffffffff83439370 [ 331.109270][ T111] RDX: ffff88801f78bc00 RSI: ffffffff834395ff RDI: 0000000000000004 [ 331.118848][ T111] RBP: ffff888038fb4010 R08: 0000000000000004 R09: 0000000000000155 [ 331.127301][ T111] R10: 000000005ff20056 R11: 0000000000000001 R12: 0000000000000155 [ 331.135624][ T111] R13: 000000005ff20056 R14: 0000000000000004 R15: 0000000000000001 [ 331.136640][T10830] Quota error (device loop9): v2_write_file_info: Can't write info structure [ 331.143657][ T111] FS: 0000000000000000(0000) GS:ffff888124827000(0000) knlGS:0000000000000000 [ 331.143694][ T111] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 331.143720][ T111] CR2: 0000001b2f419ff8 CR3: 000000000e382000 CR4: 0000000000350ef0 [ 331.143747][ T111] Call Trace: [ 331.143760][ T111] [ 331.143784][ T111] dbJoin+0x24b/0x2b0 [ 331.167534][T10830] EXT4-fs error (device loop9): ext4_acquire_dquot:6931: comm syz.9.1678: Failed to acquire dquot type 0 [ 331.168386][ T111] ? srso_alias_return_thunk+0x5/0xfbef5 [ 331.181446][T10830] EXT4-fs error (device loop9) in ext4_reserve_inode_write:6255: Corrupt filesystem [ 331.182716][ T111] dbFreeBits+0x15f/0x8f0 [ 331.189999][T10830] EXT4-fs error (device loop9): ext4_evict_inode:254: inode #11: comm syz.9.1678: mark_inode_dirty error [ 331.199603][ T111] ? srso_alias_return_thunk+0x5/0xfbef5 [ 331.216378][T10830] EXT4-fs warning (device loop9): ext4_evict_inode:256: couldn't mark inode dirty (err -117) [ 331.219777][ T111] dbFreeDmap+0x62/0x1b0 [ 331.251283][ T111] dbFree+0x266/0x550 [ 331.255314][ T111] txFreeMap+0x9f8/0xef0 [ 331.259622][ T111] txUpdateMap+0x3ed/0xb70 [ 331.264150][ T111] ? __pfx_txUpdateMap+0x10/0x10 [ 331.269142][ T111] ? srso_alias_return_thunk+0x5/0xfbef5 [ 331.274881][ T111] ? rcu_is_watching+0x12/0xc0 [ 331.279704][ T111] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 331.285598][ T111] jfs_lazycommit+0x5f9/0xb30 [ 331.290339][ T111] ? __pfx_jfs_lazycommit+0x10/0x10 [ 331.298163][ T111] ? __pfx_default_wake_function+0x10/0x10 [ 331.305368][ T111] ? lockdep_hardirqs_on+0x7c/0x110 [ 331.311060][T10830] EXT4-fs (loop9): 1 orphan inode deleted [ 331.318398][ T111] ? srso_alias_return_thunk+0x5/0xfbef5 [ 331.319557][T10830] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 331.324078][ T111] ? srso_alias_return_thunk+0x5/0xfbef5 [ 331.324127][ T111] ? __kthread_parkme+0x19e/0x250 [ 331.324186][ T111] ? __pfx_jfs_lazycommit+0x10/0x10 [ 331.324244][ T111] kthread+0x3c5/0x780 [ 331.356263][ T111] ? __pfx_kthread+0x10/0x10 [ 331.360924][ T111] ? srso_alias_return_thunk+0x5/0xfbef5 [ 331.366593][ T111] ? rcu_is_watching+0x12/0xc0 [ 331.371459][ T111] ? __pfx_kthread+0x10/0x10 [ 331.376084][ T111] ret_from_fork+0x5d7/0x6f0 [ 331.380638][ T2950] EXT4-fs error (device loop9): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:8: lblock 1 mapped to illegal pblock 1 (length 1) [ 331.395016][ T111] ? __pfx_kthread+0x10/0x10 [ 331.401759][ T111] ret_from_fork_asm+0x1a/0x30 [ 331.406593][ T111] [ 331.409641][ T111] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 331.416943][ T111] CPU: 1 UID: 0 PID: 111 Comm: jfsCommit Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 331.428780][ T111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 331.438854][ T111] Call Trace: [ 331.442151][ T111] [ 331.445099][ T111] dump_stack_lvl+0x3d/0x1f0 [ 331.449720][ T111] panic+0x71c/0x800 [ 331.453671][ T111] ? __pfx_panic+0x10/0x10 [ 331.458143][ T111] ? show_trace_log_lvl+0x29b/0x3e0 [ 331.463407][ T111] ? check_panic_on_warn+0x1f/0xb0 [ 331.468576][ T111] ? dbAdjTree+0x310/0x400 [ 331.473042][ T111] check_panic_on_warn+0xab/0xb0 [ 331.478034][ T111] __warn+0xf6/0x3c0 [ 331.481955][ T111] ? dbAdjTree+0x310/0x400 [ 331.486425][ T111] report_bug+0x3c3/0x580 [ 331.490808][ T111] ? dbAdjTree+0x310/0x400 [ 331.495277][ T111] handle_bug+0x184/0x210 [ 331.499649][ T111] exc_invalid_op+0x17/0x50 [ 331.504197][ T111] asm_exc_invalid_op+0x1a/0x20 [ 331.509075][ T111] RIP: 0010:dbAdjTree+0x310/0x400 [ 331.514151][ T111] Code: e8 95 4c 78 fe 0f b6 14 24 38 da 0f 85 89 fe ff ff 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f e9 56 52 78 fe e8 51 52 78 fe 90 <0f> 0b 90 eb e2 e8 46 af dc fe e9 20 fe ff ff e8 3c af dc fe e9 47 [ 331.533796][ T111] RSP: 0018:ffffc900026e7a18 EFLAGS: 00010293 [ 331.539905][ T111] RAX: 0000000000000000 RBX: 000000005ff20056 RCX: ffffffff83439370 [ 331.547905][ T111] RDX: ffff88801f78bc00 RSI: ffffffff834395ff RDI: 0000000000000004 [ 331.555912][ T111] RBP: ffff888038fb4010 R08: 0000000000000004 R09: 0000000000000155 [ 331.563914][ T111] R10: 000000005ff20056 R11: 0000000000000001 R12: 0000000000000155 [ 331.571915][ T111] R13: 000000005ff20056 R14: 0000000000000004 R15: 0000000000000001 [ 331.579926][ T111] ? dbAdjTree+0x80/0x400 [ 331.584306][ T111] ? dbAdjTree+0x30f/0x400 [ 331.588778][ T111] ? dbAdjTree+0x30f/0x400 [ 331.593253][ T111] dbJoin+0x24b/0x2b0 [ 331.597282][ T111] ? srso_alias_return_thunk+0x5/0xfbef5 [ 331.602964][ T111] dbFreeBits+0x15f/0x8f0 [ 331.607349][ T111] ? srso_alias_return_thunk+0x5/0xfbef5 [ 331.613030][ T111] dbFreeDmap+0x62/0x1b0 [ 331.617330][ T111] dbFree+0x266/0x550 [ 331.621352][ T111] txFreeMap+0x9f8/0xef0 [ 331.625660][ T111] txUpdateMap+0x3ed/0xb70 [ 331.630136][ T111] ? __pfx_txUpdateMap+0x10/0x10 [ 331.635130][ T111] ? srso_alias_return_thunk+0x5/0xfbef5 [ 331.640805][ T111] ? rcu_is_watching+0x12/0xc0 [ 331.645613][ T111] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 331.651479][ T111] jfs_lazycommit+0x5f9/0xb30 [ 331.656218][ T111] ? __pfx_jfs_lazycommit+0x10/0x10 [ 331.661469][ T111] ? __pfx_default_wake_function+0x10/0x10 [ 331.667321][ T111] ? lockdep_hardirqs_on+0x7c/0x110 [ 331.672546][ T111] ? srso_alias_return_thunk+0x5/0xfbef5 [ 331.678220][ T111] ? srso_alias_return_thunk+0x5/0xfbef5 [ 331.683889][ T111] ? __kthread_parkme+0x19e/0x250 [ 331.688972][ T111] ? __pfx_jfs_lazycommit+0x10/0x10 [ 331.694222][ T111] kthread+0x3c5/0x780 [ 331.699102][ T111] ? __pfx_kthread+0x10/0x10 [ 331.703724][ T111] ? srso_alias_return_thunk+0x5/0xfbef5 [ 331.709395][ T111] ? rcu_is_watching+0x12/0xc0 [ 331.714197][ T111] ? __pfx_kthread+0x10/0x10 [ 331.718808][ T111] ret_from_fork+0x5d7/0x6f0 [ 331.724217][ T111] ? __pfx_kthread+0x10/0x10 [ 331.728856][ T111] ret_from_fork_asm+0x1a/0x30 [ 331.733678][ T111] [ 331.736970][ T111] Kernel Offset: disabled [ 331.741300][ T111] Rebooting in 86400 seconds..