last executing test programs:

2m21.235934962s ago: executing program 5 (id=477):
r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000700), 0x1c1140, 0x0)
ioctl$SOUND_MIXER_WRITE_VOLUME(r0, 0xc0040d07, 0x0)
ioctl$SOUND_MIXER_READ_DEVMASK(r0, 0x80044dfe, &(0x7f0000000180))

2m20.823300212s ago: executing program 5 (id=481):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./bus\x00', 0x2000006, &(0x7f0000000cc0)={[{@utf8no}, {@utf8no}, {@numtail}, {@uni_xlate}, {@utf8}, {@shortname_mixed}, {@utf8no}, {@shortname_mixed}, {@shortname_winnt}, {@iocharset={'iocharset', 0x3d, 'macroman'}}, {@shortname_winnt}, {@uni_xlate}, {@shortname_mixed}, {@shortname_lower}, {@shortname_mixed}]}, 0x25, 0x351, &(0x7f0000000840)="$eJzs3T9sG2UUAPDnnBOnEcUekCqYDBsSqpogBphSVUWqyABFFv8WIjXlT2yQYmEpDHG8gComEAsSTGwdYOyMGBBiY2ClSKiAWOhWqRGHbJ/tc+xQZ0jaqr/fED2973v3vTs7uUuUfHmzHZuX5uPyzZs3YnGxEMXVc6txqxCVmIsk+nZjqk8WpucBgHvcrTSNf9K+O8/+bGkQufcDwP2rd/9/6+QoUTpE8ZWHjqIlAOCIzfj9/4tTs+8fWVsAwBGauP8/MTa878f8xeHvBAAA96+XX3v9hbNrERer1cWIxsetWqsWz43Gz16Od6IeG3EmyrEX0X9Q6D8tdD8+f2Ht/Jlq1x+VqHUrWrWIRrtV6z4ppOWIXn0plqMclaw+HdYn3frlXn01InbbvfWjUWjV5mMpW//XpdiIlSjHIxP1ERfWzq9UswPUGoP6dkQnFgcn0e3/dJTj59HjTL7/neVq9Vy6NlbfulqKS8f9YgAAAAAAAAAAAAAAAAAAAAAA8MA4XR2qDPe/SRvt1kcX90+ojO2PU+sPZ/sDdfr7A6Wlwe48V5L9+wON78/TqhVj7q6eOQAAAAAAAAAAAAAAAAAAANw7mtsLsV6vb2w1tz/czAftXOa9H7/5/kQMhopZ6bvJqCqy5NhxBhNzR05iuEQ6LE+T/pxCNr8/OYkYTN5dv3pt2HF+idLwLMabz4LSxFChOFzi5OO/fzmt6t9usNvLJDFxWcaDQce5ocbD3cRiROwdVHVwsHKHOdfTND2ofOeLyaooRBTj0G3MEPxw4+1Hn26eeqaX+S7b9OHJp8qvXP/867821+vR6V+Zen1hq7mXznDkbq/1jbkYH0py759Cdp0LU94J04POKNPZam6vJ7/8/epjn/60b3Iy/f2T5jMfHLzWt/szC/2gEFEZXIT/a3U+Zr3yb9zOf4Ic8oU79dXq+rWd3/6ctSr3RcJGHQAAAAAAAAAAAAAAAAAAcCxyfyt+CM++dHQdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDxG/3//1zQmcjMEtxux+RQaWOreeDiJ471VAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeID9FwAA///mym3V")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x80000, 0x0)
getdents64(r0, &(0x7f0000000080)=""/4096, 0x1000)

2m19.202746881s ago: executing program 5 (id=491):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000980)={0x802}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x14, 0x52, 0x1, 0x70bd2a, 0x0, {0xa}}, 0x14}}, 0x0)

2m18.423198395s ago: executing program 5 (id=494):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x40, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @redir={{0xa}, @void}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFT_MSG_DELFLOWTABLE={0x14, 0x18, 0xa, 0x301, 0x0, 0x0, {0x7, 0x0, 0x2}}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x7c}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000)

2m17.63419977s ago: executing program 5 (id=500):
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x10)
mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x8000, 0x2)

2m16.943859649s ago: executing program 5 (id=505):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_RINGS_SET(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x18, r1, 0x1, 0x0, 0x25dfdbfc, {}, [@ETHTOOL_A_RINGS_HEADER={0x4}]}, 0x18}}, 0x0)

2m1.32219684s ago: executing program 32 (id=505):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_RINGS_SET(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x18, r1, 0x1, 0x0, 0x25dfdbfc, {}, [@ETHTOOL_A_RINGS_HEADER={0x4}]}, 0x18}}, 0x0)

1m57.4818207s ago: executing program 4 (id=602):
r0 = getpgrp(0x0)
r1 = syz_pidfd_open(r0, 0x0)
process_madvise(r1, &(0x7f0000000280)=[{&(0x7f0000000040)="b7", 0x1}], 0x1, 0x67, 0x0)

1m56.934735962s ago: executing program 4 (id=607):
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@bloom_filter={0x1e, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x48)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000900)={&(0x7f0000000780)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@enum]}}, 0x0, 0x26}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x6, 0x6, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x2}, [@cb_func={0x18, 0x0, 0x4, 0x0, 0x2}, @exit]}, &(0x7f0000000580)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x14, &(0x7f0000000600), 0x10}, 0x94)

1m56.485252632s ago: executing program 4 (id=610):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0xb, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x1, &(0x7f0000000540)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c6261636b67726f756e645f67633d6f6e2c6e6f757365725f78617474722c6e6f71756f74612c64697361626c655f726f6c6c5f666f72776172642c67635f6d657267652c6e6f757365725f78617474722c636865636b706f696e743d64697361626c652c757365725f78617474722c6673796e635f6d6f64653d7374726963742c646973636172645f756e69743d73656374696f6e2c636865636b706f696e743d64697361626c652c6e6f696e6c696e655f64656e7472792c00ec6da92d1c80a6c720380e3c2c55bf27596d2776ce408c4bb19b149757508e1c7e919c6c2047023baa412d14fa75c8cac6e5f103e13ea52708af0a7c5da8af4ecb6612"], 0x2, 0x550c, &(0x7f00000079c0)="$eJzs3M1rI2UYAPAn/dhv1yIevO3AIrSwCU0/Fr1V3cUP7FJWPXhR0yQN2U0ypUnT2pMHj+JB8A8RBU8e/Rs8ePYmHhRvgpKZqW79AKFps93+fjB55n3z5pnnDcvCM1MSwLk1l/z6cymux+WImI6IaxHZeak4Mmt5eC4ibkTE1CNHqZj/c+JCRFyJiOuj5HnOUvHWZ7eGN1d/euOXb767OHP1i6+/n9yugUl7PiK62/n5XjePaSuPD4r52rCdxe7KsIj5G92HxTjN415zM8uwVztcV8vicitfn27v9kdxq1Orj2KrvZXNb/fyC/aHrcM82Qce1HaycaO5mcV2P81i6yCva/8g/7/toD/I8zSKfB9m6WMwOIz5fHO/me9n+2EW671BMZ/nTRvN/VEcFrG4XNTTTiOrY/M43/Tj7c12b3c/GTZ3+u20l6xWqi9UqrfL1Z200Rw0V8q1buP2SjLf6oyWlQfNWnetlaatTrNST7sLyXyrXi9Xq8n8neZmu9ZLqtXKcmWxvLpQnN1KXr33TtJpJPOj+HK7tztod/rJVrqT5J9YSJYqyy8uJDeryVvrG8nG/bt31zfefv/Ou/deWn/9lWLRP8pK5pcWl5bK1cXyUnXhHO3/46LoMe4fjqU06QIAzh79PzAJJ9f/79yPOPn+P/T/Y3Gm+t/z3v+fwP7hWPT/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADn1g+zX76Wnczl46vF/FPF1DPFuBQRUxHx+7+YjgtHck4XeWb/Y/3s32r4thRZhtE1LhbHlYhYK47fnj7pbwEAAACeXF99dOPTvFvPX+YmXRCnKb9pM3XtgzHlK0XE7NyPY8o2NXp5dkzJsn/fM7F/7DzvfR7Fja24NIayMtktt5lxZftfpo+ES4+EUh6mTrUcAADgVBztBE63CwEAAOA0fTLpApiMUhw+yjx8Fpz95f1fDwQvHxkBAAAAZ1Bp0gUAAAAAJy7r//3+HwAAADzZ8t//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgD3bu5zZxIIoD8LPBC/tPi1Z731b2BmVsCXvcY0QBaYICciAtpAFqILeUEEGExyEQcYjksa1E3yc5k7HMjzcIDjMjDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECX7qv14vbq93XbnN2+nTyjAQAAAC7ZVutF/c8s9b829783t342/SIiyoi4NHcfxaezzFGTU708f3P6fPWqhruIOuHwHpPm+hIRf5rr8UfXnwIAAAB8XJvlap5m6+nPbOiC6FNatCm//c2UV0RENXvIlFYe8n5lCqu/3+P4nymtXsCaZgpLS27jXGlvUv/cj6t205OmSE158WXHIrONHQAA6NHorOl3FgIAAECf/g1dAMMo4nkr87gVOElNs733+awHAAAAvEPF0AUAAAAAnavn/z2d/7d3/h8AAAAMI53/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJe21XqxWa7mbXN2+3byjAYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCf25yUFQhiAAWjm0xncSU/s0SVQt27dvAeFkNBCAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDuvdfK+wqdhT/Jt2zBazyS/Tg3/Tsd6YrTZemE++RMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgZH9eUiAEgiAK5oz/nfT9DysJegYRIqDhUUUtGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Kt+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgYud+XuOo4gCAv5nZ2dqquEbZQ0QUPOjFbre1tTfxoAQP/glCSLc1duuPNgdbipiLN8m5F9GjiKDEW/+HnBPIJd5y2EMEz8rMzmQnP8D118wm+XzgzfvuMMz7vlkI+c57CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlfF3xbwCnqv+Td7/6oTpWdf//lVpnOXvi7vh55H03hFa36YwAAAA4zZ4oWlbs/5quL3z004X32/b/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANTtzwAAAP//bIM/9A==")

1m52.981736379s ago: executing program 4 (id=633):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000240)={0x3, &(0x7f0000000400)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x28, 0x0, 0x0, 0xfefff024}, {0x6, 0x0, 0x0, 0x6}]}, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)

1m50.465814338s ago: executing program 4 (id=649):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000002340)=0x8)
syz_mount_image$bcachefs(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x810001, &(0x7f0000000280)=ANY=[@ANYBLOB="6a6f75726e616c5f7472616e73616374696f6e5f6e616d65732c62747265655f6e6f64655f0dcbcc28b5ef6f8b2c6a6f75726e616c5f666c7573685f64697361626c65642c6673636b2c6a6f75726e616c5f666c7573685f64697361626c65642c726174656c696d69745f6572726f72732c7265636f766572795f706173735f6c6173743d7365745f6d61795f676f5f72772c7265636f6e7374727563745f616c6c6f632c6e6f5f646174615f696f2c00"], 0x1, 0x5928, &(0x7f0000009d00)="$eJzs3WuQXFW9KPC1u3synZk8JgEk8pgMgSiCmgmvwkdp9PoqQCoWlhJuFAYywWgSUkkQCCjBC14owEJLS1E/oIXURaNFFVwlUiKPm3AVTXH1UqeQOnoO+sFTyCElkENZHufUTO/V6dnTe3ZPT09I4PerZHav1bv/a+29V+/e/9U90wEAAIDXhN03bNl37lHv/+UXhl+69kM/3XBd6C2P1VfjCn3p8spXqoccSN2VRWPL7Lh449Xf/9PAJe/9xT0933t515rj1v7ufYdd8sCnz9p5+7cefnHuff94pihuHE8n7S8nzyUhVH+292tf3PX4kaN1SQihnPRtD2FBsvDhBUkmxODfQghr0sIxlfF33vvSqWtHl9fd3D2ufn4miPH+2lZNx9m2fVecHH7/nlXX/3rxj37YtePZ7ftXSaoN4ymEeRc1Pr4rhDA7/T8qjrZF8cHpcmUIoafhcWcW9Ov4Fvu/LKd8dLqclS57C+LE+5dkyqXMetly1JVZ9hS0N115/Wh3vSJzMuXsyWi68voZ6xeky5+ky5OmGL8c/yehlIRKvfvrk/1jJDQctyQkY8eyWi+X6sc2pNufKSeZcilTLndltmus3XSglZNkfH1cL1MfT8eVtP64xnN1E+fl1L8+XVbTJ+rLsRyyN2p6J9yob9eY2K+9k/TlQCg1nIOa1dcPfHowetO63mThhMeMNBHv27XqlqXl1Y/s7svpR3JPksZP2oq/7VcL5nzyBzddvigv/kWlNH6prfh/OHvP8xfc9N1v5sa/LcYvtxX/lAd7njv70RuW5O6fvXH/VNqKP/TMY7cuPvziHbn9vyPGr7YVf8XOPd1z9z34UG7/B+P+md1W/Kff8YE/3v3k/c/mxg8xfk9b8Vfv3PSl7v59J+bGfyjun972xs8LO854qr//zwN58Z+I8ee2Ff+u7be//c75N5+Ve3xXxv3T11b8c0544Po5++4/Nu/cmdzRqVdOgNemw9JrrBvTcot55ujJ96JO9qMhX/jGQKV2zTcn/T+3kw1lLj5H25nXyfgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEEI44uT/+8F//Vjfc5W03J3eeLpUW8b6WSEks0MIW7YObd66buOlA5++7PLNG4fWDwxtHRjeuHXzVQOnvXlg8/Cm9UNXjd47+JZTa49bGJLaMjl2QtvdIyMjpb7xdbG9/3bCjt8vPfPf/hLC4BG/7a/k9n/Z7RvuPLzJz4xkxci7N1x+7m9P/066XX1pv/qa9GtkZGQk5PTr38//+51f2funE0MYfN1k/Xrs6Xf9fFyHxir2x0mVukOtQ91JT9N+1Hud9ifur8radeuHByffv6OPL+dsx3+/+tm/rb3yy3+v7d9q7na0uH9nrxhZX/r6qnP+8+vX1CqK+vVKHfei/R23IvYv7r9qur/npds1L2e7KjnbdcOvH3ryZ0fd9OL2MFh5YfHEtou2qysdAF3J61tqN7bQkywYV19N149HPD5u2dYNm5ZtuWrbW9ZtGLp0+NLhjW9bftryMwZPP+P0ZWNbvqzD2x/bf0OL239gxtP8z27/SfzZ2ngq6lfR/hjtV/H+aOxR3vOv57wvfvVttz96bq2iaJzHtevnk3TZM3qcl4eG8TZxXzXbrqL9EEIYaLYfnn/xrHDkP627vug81HhkGn9mJCtGHl/y1++c+e1F76xVHJDzfGOH2jzP13u9vz9j+6uaHo+Rg3T/dodyul29Tfu1/PFHu27Z/ZfP1fs3a1a4cmjr1s3Laz/npD2dkxzdtF/Z2rhdi8d+lkO6W0J9mDYZr6O6Qq1/2fNnXD27V3vT+3qThU23Kyvet2vVLUvLqx/Znbenk3tqLc4Oc2vL5JicNddnHliud7hZ+wfr869ofPR/8Nv3fey+H582YXycUvtZtF1Jznb96Mm7vvq9L//PH3duuz74rj19f/3nTy2tVRwq55V6r9P+JI3nlVNCKHr+LQ7NtyP3+Vdqvj1Fz79sO/vXbx5vIFPuDeW2nq+nPNjz3NmP3rAk9/m6t9Xn6zXjSuWC5+vBMn6yz6+kMr4fM/f8GjdQkhUjv7jxsO0PX7vyqFpF0biur91sXJ/aQv6Rs10/v+Cp/ssG/sf/79x54/tvvvfC3w2t+Hytov3jHvvSmeNeTfdvNWf/1nsd887G/fvWSy5bv6ZWf/Be/6bLgvwnnkq2XLXtM0Pr1w9v3tLadrX6ehrbye7ldl9P49ltYcF2lSZs18zdaGV/tfp8i/1f0/b+Gv986w1JW68L2361YM4nf3DT5X0THpU2dFEpjV9qK/4fzt7z/AU3ffebufFvi/ErbcUfeuaxWxcffvGO3Ph3JGn8alvxV+zc0z1334MP5cYfjP2f3Vb8p9/xgT/e/eT9z+bGDzF+b3v7/4UdZzzV3//n3PhPJGk7o9dIIdz70qlra+UkdKXPt9iPrnH9CtlykimXMuVyY7lUm2utN1BOkvH1cb20/riGvjTz8Zz6eBVWXVRbvhzLIXtj8vqDTanh3N+svug6FQDg1S6+/x+vQeP7/8PphVL+TAPsN908bFFO3JiH7Z/PmTXu/kVp/Pj4OA/Y/9YwOLq8bqB2oT/V9xHi8yE7zxnbOfH48THanecsmn9fkinHftXmyysNeWhqYl5TCS3Mv09sZ/L598zmF8+PD9w4oVsDDfNW2ePXlc6YNfu8Q6a/ldEIeeMjOy8WP8/RPy+sHGuvxfGR/RxNPA7Zz9HEdo7KnDjb/RzNdMdH7PYk42Osy8Xvb0w8fmGS/bv/+DWPlj1+Uzje1dH1Z/r92Q7MGzY9pR24ecOZfT/sEJiXTO+5dnz8AzQvebDPG8b6uB2VFucTP5ZT36n5xHi6iP3aO0lfDgTzicCrVcz/42vEaP4/egH+H5n1iq5Ds1eNMV7u54TKzftTlHdM/JxeT1uv46t3bvpSd/++E3Ovcx5q9XM/m8aVego+91O0H5dmyoX7MWeCpijfy7ZTtN+zn8voDXPb2u93bb/97XfOv/ms3P2+svZCWrzfvzquNLdgvx8C+ULz+PIFn2OY7Pi2OH/2iuUj6QefZiof+WhO/VTzkZ4JN+rbNeaQy0e6Dmy/AIBDR8z/6++fpfn/v8QV0uuIorz1pEw5xsvNW3OuT/Ly1g+nyysz6/emv1Ex1evmc0544Po5++4/NjdvuaPVPPR/jSv1Feah08ubc/OIlZ35vHhuHlHPs6aXJ+b2v54nTi9Pz41fz9Onl0fn7p96Hj29eYDc+PV5gEM9zy2Yr8s0Foutzte9avPo9NdnZyqPPi+nfqp5dO+EG/XtGiOPBgB4ZcX8P17Gxfz/0cx6032fPTcv6NB1e/bvgdTjP3Gg8sqZzvtmOm+d6bx+puclDvW8eP+80LVTiN/6vNDMzpO95vPitNFDNy+u9UBeDADw6hbz/9lpOT//n9771s3yt65x+Yn8vGl8+flBkp8f6vNf8n/vixeT/wMAvLrF/D/+2mP8+3//Jy1n/269PD0nvjxdnj7Z+Gk5T+/8PFvwOYBXdh5g9v71zQMAAPBK6BrLlCb+nv0n0mX29+zzfi//gpz1W1VJL48v3rp5ePjCyzetGdo6fOHGy9YMb7nwis3rtm4d3lhbb7p5Y27ekuaNXaGS7o/m62Xztvnp30OYn/P3ELLrx7BHj92Y+PcQss3OLvg7AvuPX2v9zTt+pUnWbzY+8o53XvyP56wf1Y//JZ865cK1Wy5ct3Hd1nVD69dtGx6/3mjW2jOF782Mu2VK35ea+TFBaerf39mZfpQm9KMr3R9538+eZPqxIO3JgrzvP8jp9y//31c+e8LI3+8OYfCI8jHT2n/JipH/ff7wh7fu/u2m0f6XJu1/fc20X0XfV5pdP25PZf1lW7aevPayyzdmv1GyPXE+o1Qvz9B8Rvr0L7c4P7E6p36qn1MoT7hxcGp5fgIAgHHi+//xeja+f/jl9AIq1reep0/v/ePcPH2wtTw9+71kRXl6dv24va3m6dVp5unZ9ovy9GbrN8vT8/LuvPgfzVl/qlofJ9P7nEfuOLmotXGS/T6DonGSXX+q4ySZ5jjJtl80Tpqt32yc5B33vPgfyVk/T+vjYXqfy8kdD7eVwp75xePhTZly0XjIrj/V8VCa5njItl80Hpqt32w85B3fvPjn5qzfqvHjY3RgjI2L4QuvuGzzZxrWm+nvv5h+/2b2+z/a1Xr/Z/ZzXzPf/5n9XNnM9396nyvL7f8T05sJa73/M/v9Lu06YPO16YfNij5/VjSPuyqnfqrzuLMm3Dg4mceFV07M/+PbPTH/vzlddvptoEP/e9J8j1nT+B36HrOi6xiv55M0dhAoNX8593oOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAkNFdWTS23H3Dln3nHvX+X35h+KVrP/TTDde98erv/2ngkvf+4p6e7728a81xa3/3vsMueeDTZ+28/VsPvzj3vn88Uxi4b+xn5aS0WA0heS4JofqzvV/74q7HjxytS0II5aRvewgLkoUPL0gyEQb/FkJYU+/n+DvvfenUtaPL627uHlc/PxMku12htxz709jPEK4s3CIOQdV0nG3bd8XJ4ffvWXX9rxf/6IddO57dvn+VpNownkKYd1Hj47tCCLPT/6PiaFsUH5wuV4YQehoed2ZBv45vsf/LcspHp8tZ6bK3IE68f0mmXMqsly1HXZllT0F705XXj3bXKzInU86ejKYrr5+xfkG6/Em6PGmK8cvxfxJKSajUu78+2T9GQsNxS0Iydiyr9XKpfmxDuv2ZcpIplzLlcldmu8baTQdaOUnG18f1MvXxdFxJ649rPFc3cV5O/evTZTV9or4cyyF7o6Z3wo36do2J/do7SV8OhFLDOahZff3ApwejN63rTRZOeMxIE/G+XatuWVpe/cjuvpx+JPckafykrfjbfrVgzid/cNPli/LiX1RK45faiv+Hs/c8f8FN3/1mbvzbYvxyW/FPebDnubMfvWFJ7v7ZG/dPpa34Q888duviwy/ekdv/O2L8alvxV+zc0z1334MP5fZ/MO6f2W3Ff/odH/jj3U/e/2xu/BDj97QVf/XOTV/q7t93Ym78h+L+6W1v/Lyw44yn+vv/PJAX/4kYf25b8e/afvvb75x/81m5x3dl3D99bcU/54QHrp+z7/5j886dyR2deuUEeG06LL3GujEtt5tnTldDvvCNgUrtmm9O+n9uJxvKGG1n3gzGBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg1ek315z2ifPf/ZFVlSSEJGedkSbifeVZK1YMtNHu0DOP3br48It3NNYtaiMOAAAAUCzm4aV6TTUsClcks8PRTdePcwRHx1Iyvj47hxDjZOcI2o1T6lCccofiVDoUp6tDcWZ1KE53h+JUC+JUQ2txZk8SpzI6KlrsT8+k/Wk9Tm+H4szpUJy5HYozr0Nx5ncoTt+kcVofhws6FGdhh+Ic1qE4h3cozhEdivO6DsU5skNxsnPKUx2Hc9M1j8qLM3ajXBinkpTrdzSbTz8ybefYabbTW9DO3KLX4xbbmd1iO8dnHleaYjvVFtt5wzTbSVps50157cxvrZ1SQTtx3F6Z7V9sJ5ZaHP9XdSjOtg7FubpDca7pUJzPdSjO5zsU59ppxgFoVcz/9+d7faG78s7Qk55xsrMAMd9dPPZz4utd3gkpxjsmUz+rKF42Uc/EWzzV/mUnEDLxlmTqu8bFq9TzkUniVRvjLc3cWbi92QmFTP9OytR3F8XLTiwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwAz6zTWnfeL8d39kVUjC6L+mRpqI95VnrVgx0Ea7u1bdsrS8+pHdjXXdlTYCAQAAAIViHt5Vr6mG7sry0J3MGrdeNZ0HqKblcl9t2T8vrBxdJgOlsXJPsmDSx1XSxy3bumHTsi1XbXvLug1Dlw5fOrzxbctPW37G4OlnnL5s7br1w4O1nyF0F8QLIYxNP2y5attnhtavH968pVaZ7f+i9HGL0nKSPq7/rWFwdHld2v+FBe2VJrQ3czeKjx4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAf7FrdyFyXmUcwM87Mzsz3TZ2pV/T0GyGfJSoRZO4lVRL9wXBQpuELAWZra4l2ASLmya0SYl1bAO2NUERWgIhkgsjsdhavOmHLWI/CERqNODGIG3RXuiF0molLbmQlJHszpmdmZ3JbMfStPH3u5h35pznnOc9c7Hwf3cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4IM1VR2ZqIyOjQ8mISRdamodxLlsPk3LffT96nPbflgYPrWieayQ62MjAAAAoKeYwwcaI8VQyGVDNlw5/WlJaJoIs7kfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4/zNVHZmojI6NX5iEkHSpqXUQ57L5NC330ff1t5/43CvDw39vHiv1sQ8AAADQW8zhmcZIMZTC0jCQXNlSF58NLGxb314X91k0z7r2Zwfd6pbOs+7qedZ9okfd+vp1ZwAAAICPvpj/c42RoVDILeia/3vl+li3uK0uW7/281sBAAAA4H8T83+hMVIKhVypkdfnm/eXtNXF9b3+bx/XL++yvtf/89fVr/5PDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfHVPVkYnK6Nh4Ngkh6VJT6yDOZfNpWu6j7+rnB/958+EHlzSPFXJ9bAQAAAD0FHP4bPQuhkJuMAyEC6dz//CNB5768lPPjIQQZmJ+Ph92bty+/a7VM6+xbtXRwwM/OPLmd+bUrZp5PWcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3jdT1ZGJyujY+AVJCEmXmloHcS6bT9NyH31f+8KX/vrYiWffaB4r9bEPAAAA0FvM4bPZvxhKIR/y4fLpT81Z/4xM2/puzwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA88fd37r3mxsnJzfd5Y033njTeHOu/zIBAADvt8UhCbX36IoN5/quAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAD4Op6shEZXRsvJiEkHSpqXUQ57L5NC330Td97lhhwannX2weK/WxDwAAANBbzOGz2b8YSmEgDITLpj91eiYwnf+HPsCbBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD5UpqojE5XRsfEFSQhJl5paB3Eum0/T8nvuWguP7tr/+UMXf/+m5tFCro8DAAAAAD3FHJ5vjBRDIffJUAhX1T9Pti5IsvVr5+cCs+u2tSwbnPe6asu67LzX7W47Wa5+mpl1xbjf0My1sa48d125aV0pNNqXW9aFvS2rFvS4zwAAAADnUMz/hcbIUCjkCk0592ct9UNyLgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQxVR1ZKIyOjaeJCEkXWpqHcS5bD5Ny330vfd3H7/oaz/fs6N5rNTHPgAAAEBvMYfPZv9iKIVF4WNh0XTuD0Ot9bHuX5XThx75999WhLDy8uPDufZtfxzf/Oa1G15ofwkh01qdCeHier+kS7/f/uGRe5bVTj8WwsrLslfN6RfO3q91y7T2dGXTuu1Hjm/r8eUAAADAeSLm/4HGyFAo5O7smv9j8u6R/xumA/jF9+z65aX113oib1uRGar3y3Tp98VlT/xl+Zp/vHkm/5+t32f2bzl0aUvDmZE2SVob3bJj/fFrD2biqWf6Z9v6x+/lK99+4z+bdz58eqZ/MRTr4wtznfrPfW1zQVqbzOwbX/vuvmpr/1yX8z/4+xdP/HrhnnfO9H978WCj/9VnOf/Z+w/e8tDe6/YfXt/aP4RQ7tT/rXduClf86Y4H2s8/2LZx8zff/NomSWtHl5w8uOZA6frW/klb//j9/+LEo3t/+vD3non9429FViydb/9MW/+Xd1+y66X7Nyxs7Z/pcv4Xbn1leGv5u39sP//tLbvmut7F3PM/fs2Tt726Mb2vfQoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD8MlUdmaiMjo1nkhCSLjW1DuJcNp+m5T76vn7zsbdu3fOTHzWPlfrYBwAAAOgt5vDZ7F8MpZAP+TA4nfufrmxat/3I8W1haGY2qV9zk1vv3v6pzVt33Hn7ObpzAAAAYL5i/s81RoZCIbcsDNTz/+iWHeuPX3swE/N/Jub/zXdMbloZGnUv775k10v3b1jYeE4QwvTPAopn6j47W3fjDceGTv75G8s71q2erTu65OTBNQdK18e60Fy3KjSeTzx+zZO3vboxva9xf811n/761sn644m47+AtD+29bv/h9Y1z1K+D9X1j3WRm3/jad/dVY122fi3Wzw0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzDVVHZmojI6Nh2wISZeaWgdxLptP03Iffdcu+9UDF516dlHzWCHXx0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMB/2YEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsJ+/YTGUfZxAH+e3eTNNpu0SfuCUTFNq6LUg0VBRC8qKtKKFDxVilRbexAFQUSpB1NpxVIVL4LVSxEV1CgFBRuLpVVS8V/x4kEFhepBKMWAdikeVLL7zHYz3XF1UgX184HhyfPMzHd+M8+zs1kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPhHGegba7aHd9zfuOWcGz569K4Tj9z0zr3bLnr41e8mNl334d7Bl07ObF6x5cvrl23af/ea6d3PH/pp+K1fjvYMfqjVrErdWgjxeAyh9u7sM4/NfHzW3FgMIVTjyGQIo3HpodGYS1j9cwhhc7vO+TvfPHH5lrl2266BeeNLciH5+wr1alZPy8j8evl3qaV1trXx4CXh62vXb/90+Ruv908dmzx1SKx1rKcQFm/sPL8/hLAobXOy1TaWnZzadSGEwY7zruxR1/l/sP5LC/rnpvZ/qa33yMn2r8z1K7nj8v1Mf64d7HG9hSqqo+xxvQzl+vmX0UIV1ZmNj6b27dSu+pP51WyLoRJDX7v8e+KpNRI65i2G2JzLWrtfac9tSPef68dcv5LrV/tz99W8blpo1Rjnj2fH5caz13FfGl/R+a7u4taC8bNTW0sf1JNZP+T/aKmf9kf7vpqyumZ/p5a/Q6XjHdRtvD3xaTLqaawel552zq9dZPtm1j9xYXXDe4dHCuqIe2PKj6Xyt34yOnT7azsfGCvK31hJ+ZVS+d+sPfLDbTtfeK4w/+ksv1oq/7IDg8fXvr9jZeHzmc2eT1+p/DuOfvDk8v/fOdVtrpv5e7L8Wqn8a6aPDAw3DhwsrH919nwWlcr/6uobv33l833HCvNDlj9YKn/D9H1PDYw3Li7MP9j6KNSbK7TE+vlx6oovxse/nyjK/yx7/sNd8mPP/Jcnd1/14pJdawrX57rs+YyUqv/mC/ZvH2rsO6/o3Rn3nKlvToD/pmXpf6zHU7/s78yF6vi98OxEX+sbaChtw2fyQjlz11n8F+YDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7EDByQAAAAAgv6/bkegAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwVAAAAP//QbsyMg==")

1m48.991627603s ago: executing program 4 (id=653):
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='net\x00')
getdents64(r0, &(0x7f00000002c0)=""/94, 0x5e)

1m33.811914029s ago: executing program 33 (id=653):
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='net\x00')
getdents64(r0, &(0x7f00000002c0)=""/94, 0x5e)

4.614267301s ago: executing program 3 (id=1178):
r0 = syz_open_dev$usbfs(&(0x7f0000000000), 0x76, 0x103381)
ioctl$USBDEVFS_DROP_PRIVILEGES(r0, 0x4004551e, &(0x7f00000000c0)=0x8)
ioctl$USBDEVFS_FREE_STREAMS(r0, 0x8008551d, &(0x7f0000000180)={0x7f0, 0x1, [{0x1, 0x1}]})

3.809943581s ago: executing program 7 (id=1187):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000500)={[{@resgid={'resgid', 0x3d, 0xee00}}, {@user_xattr}, {@grpquota}, {@nobarrier}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@nogrpid}, {@noauto_da_alloc}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x3, 0x572, &(0x7f00000006c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwIF6kCCIWxD/Au8fiH6B/RUELRUrQg5fIbGbbbZLNJunWbJ3PB6Z9b2ayb96++b79zs4uG0BhjWT/lCJejoivk4iDbdsGI984srLf0sNrk9mSxPLyJ38mkeTrWvsn+f/788pLEfHLFxHHS2vbrS8szlSq1XQur482Zi+P1hcWT1ycrUyn0+ml8YmJU29NjL/7zts96+vr5/7+7uO7H5z66ujStz/dP3Q7iTNxIN/W3o+ncKO9MhIj+XMyFGdW7TjWg8b6SbLTB8C2DORxPhTZHHAwBvKoB/7/rkfEMlBQifiHgmrlAa1r+x5dBz83Hry/cgG0tv+DK++NxJ7mtdG+peSJK6Psene4B+1nbfz8x53b2RJd3oe43oP2AFpu3IyIk4ODa+e/JJ//tu9k883jja1uo2ivP7CT7mb5zxvr5T+lR/lPrJP/7F8ndreje/yX7vegmY6y/O+9dfPfR1PX8EBee6GZ8w0lFy5W05MR8WJEHIuh3Vl9o/s5p5buLXfa1p7/ZUvWfisXzI/j/uDuJ/9mqtKoPE2f2z24GfHK4/w3iTXz/55mrrt6/LPn41xW+PXLrm0cSe+82mlb9/63630GvPxjxGvrjv/jO1rJxvcnR5vnw2jrrFjrr1tHfuvU/tb633vZ+O/buP/DSfv92vrW2/hhzz9pp23bPf93JZ82y7vydVcrjcbcWMSu5KO168cf/22r3to/6/+xoxvPf+ud/3sj4rNN9v/W4Vsdd+2H8Z/a0vhvvXDvw8+/79T+5sb/zWbpWL5mM/PfZg/waZ47AAAAAAAA6DeliDgQSan8qFwqlcsrn+84HPtK1Vq9cfxCbf7SVDS/KzscQ6XWne6DbZ+HGMs/D9uqj6+qT0TEoYj4ZmBvs16erFWndrrzAAAAAAAAAAAAAAAAAAAA0Cf2d/j+f+b3gZ0+OuCZ85PfUFxd478Xv/QE9CWv/1Bc4h+KS/xDcYl/KC7xD8Ul/qG4xD8Ul/gHAAAAAAAAAAAAAAAAAAAAAAAAAACAnjp39my2LC89vDaZ1aeuLMzP1K6cmErrM+XZ+cnyZG3ucnm6VpuupuXJ2my3x6vWapfHxmP+6mgjrTdG6wuL52dr85ca5y/OVqbT8+nQf9IrAAAAAAAAAAAAAAAAAAAAeL7UFxZnKtVqOqfQsXA6+uIwtl1Iuo3y6fxk2NIjR14Y3PkOKjyDwg5PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ5t8AAAD//8nLNLM=")
setxattr$trusted_overlay_upper(&(0x7f0000000180)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000000240)=ANY=[], 0x835, 0x0)
mkdir(&(0x7f0000000200)='./control\x00', 0x15d)

3.798292619s ago: executing program 6 (id=1188):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_udp_int(r0, 0x11, 0xa, &(0x7f0000000040)=0x4, 0x4)
sendmsg(r0, &(0x7f0000002c40)={&(0x7f0000000140)=@in={0x2, 0x4e24, @empty}, 0x80, &(0x7f0000001780)=[{&(0x7f00000001c0)='k', 0x1}], 0x1}, 0x0)

3.795852004s ago: executing program 1 (id=1189):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = dup(r0)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, 0x0, &(0x7f0000000200))

3.081751736s ago: executing program 3 (id=1194):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000ff0000/0x4000)=nil, 0x4000, 0x4001, &(0x7f0000000000)=0x3, 0x2, 0x0)
mbind(&(0x7f0000ff2000/0x1000)=nil, 0x1000, 0x4001, &(0x7f0000000040)=0x1, 0xbab, 0x0)

2.938483762s ago: executing program 7 (id=1197):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPVS_CMD_SET_SERVICE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000600)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="230600000100fbdbdf2502000000540001800800090009000000060004004e230000140003000a01010000000000000000000000000008000800020000000600010025000000060002"], 0x68}, 0x1, 0x0, 0x0, 0x411}, 0x14000000)

2.669017036s ago: executing program 6 (id=1199):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
open(&(0x7f0000002140)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x40000, 0x10c)

2.50267146s ago: executing program 1 (id=1201):
r0 = socket$packet(0x11, 0x2, 0x300)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x2, 0x11, r0, 0xfffff000)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

2.398472677s ago: executing program 7 (id=1202):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0x0)
rseq(&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x3}, 0x20, 0x0, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000e17000/0xa000)=nil, 0xa000, &(0x7f0000000000)=',,\x00\te\xcf\xad\x06\x8c-\xc6\xe4w\xd7\xbc\xef\r\xa0orc\xf6F\xe3\xce\xdc\xb7\x1a@\xa5\xfeo+lx\x92&\xb6\b\x82')

2.16714541s ago: executing program 6 (id=1203):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'veth1_macvtap\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000100)=@newqdisc={0x24, 0x24, 0xd0f, 0x70bd27, 0x25dfdbfd, {0x60, 0x0, 0x0, r1, {0xffe0, 0xfff2}, {}, {0x2, 0x7}}}, 0x24}, 0x1, 0x0, 0x0, 0x20004000}, 0x4040094)

2.100838128s ago: executing program 1 (id=1204):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x84, @private=0xa010101, 0x5, 0x3, 'sed\x00', 0x11, 0x4, 0x72}, 0x2c)
setsockopt$IP_VS_SO_SET_EDITDEST(r0, 0x0, 0x489, &(0x7f0000000380)={{0x84, @multicast1, 0x4e20, 0x3, 'ovf\x00', 0x0, 0x60000000, 0xc}, {@rand_addr=0x64010102, 0x4e22, 0x12002, 0x8, 0x48001}}, 0x44)

2.100134089s ago: executing program 7 (id=1205):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file2\x00', 0x200801f, &(0x7f0000000100)={[{@block_validity}, {@user_xattr}, {@journal_dev={'journal_dev', 0x3d, 0x8}}, {@max_batch_time={'max_batch_time', 0x3d, 0x5}}]}, 0xfe, 0x4e5, &(0x7f0000000980)="$eJzs3UFrHG0dAPD/THZ9mzavm6qHWrAttpIU7SZpbBs8VAXRU0Gt9xqTbQjZZEuyaZtQNMUPIIio4EVPXgQ/gCD9CCIU9C4qimirBw/Vkd2djWm6m6R0s8ub/f3gycwzOzv/559lnp1nZtgJYGhdiojJiMiyLLsaEaV8eZqX2GmVxnovXzxZaJQksuzu35NI8mXtbb2XT8/kbzsVEV//SsS3kjfjbmxtr8xXq5X1vD5VX01eZdn2teXV+aXKUmVtdnbm5tytuRtz0z3Jczwibn/pzz/83s+/fPvXn3n0h3t/nfx2K8GWvXn0Uiv1YvN/0VaIiPXjCDYghWaGLTcG3BYAAA7WON7/SER8MiKuRilGmkdzAAAAwEmSfX4sXiWt638AAADAyZRGxFgkaTm/33cs0rRcbt3D+7E4nVZrG/VPZ6Xd8wXjUUzvL1cr0/m9A+NRTBr1mfwe23b9+r76bEScjYgflEab9fJCrbo40DMfAAAAMDzO7Bv//6vUGv8DAAAAJ8z4oBsAAAAAHDvjfwAAADj5jP8BAADgRPvqnTuNkrWff734cGtzpfbw2mJlY6W8urlQXqitPygv1WpLzd/sWz1se9Va7cFnY23z8VS9slGf2tjavrda21yr31t+7RHYAAAAQB+dvfjs90lE7HxuNI2ILNnzWjEiG9m7cqH/7QOOT/o2K//p+NoB9N/IoBsADIxDehhexUE3ABi4w/qBrjfv/Kb3bQEAAI7HxMd3r/83CzA88uv/STLohgB95/o/DC/X/2F4FQ86AjAogBMvPcKu/u7X/7PsrRoFAAD03FizJGk5HweMRZqWyxHvNx8LUEzuL1cr0xHx4Yj4Xan4XqM+03xn4vQAAAAAAAAAAAAAAAAAAAAAAAAAABxRliWRdTG6uw4AAADwQRaR/iXJn/81Uboytv/8wIeSf5ea04h49JO7P3o8X6+vzzSW/2N3ef3H+fLr/T57AQAAAHTSHqe3x/EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0EsvXzxZaJd+xv3bFyNivFP8QpxqTk9FMSJO/zOJwp73JREx0oP4O08j4lyn+EmjWTGet2J//DQiRgcc/0wP4sMwe9bof77Qaf9L41Jz2nn/K+TlXXXv/9Ld/m+kS//3fqcNpm8uOv/8l1Nd4z+NOF/o3P+04ydd4l8+Yo7f/Mb2drfXsp9FTHT8/kleizWVFB5MbWxtX1tenV+qLFXWZmdnbs7dmrsxNz11f7layf92jPH9T/zqvwflf7pL/PFD8r9yxPz/8/zxi4+2Zov7XirGT7Ns8nLnz/9cl/jt775P5R93oz7Rnt9pze914Re/vXDxgPwXu+R/2Oc/ecT8r37tu3884qoAQB9sbG2vzFerlXUzZo5tZjT6GHQ+DlqnfRDbh/Z8Jw/1rtvJSoPYTwfYKQEAAMfi/wf9g24JAAAAAAAAAAAAAAAAAAAADK/DfgYsevBzYvtj7gwmVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA/0vAAD//+XXyps=")
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000ec0)=@generic={&(0x7f0000000e80)='./file3\x00', 0x0, 0x8}, 0x18)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000fc0)=@generic={&(0x7f0000000f80)='./file3/file0\x00'}, 0x18)

1.967318252s ago: executing program 2 (id=1206):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x213)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0xffffffb8, &(0x7f00000000c0)={&(0x7f0000000240)=@ipv6_getroute={0x24, 0x1a, 0x1, 0x0, 0x0, {}, [@RTA_IIF={0x8, 0x1f}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x0)

1.82290899s ago: executing program 0 (id=1207):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000080)={r1}, 0xc)

1.815404546s ago: executing program 1 (id=1208):
lsetxattr$system_posix_acl(&(0x7f0000000400)='.\x00', &(0x7f0000002440)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0xee01, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="02000000", @ANYRES32=0x0, @ANYBLOB="040000000000800008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="100000000000000020"], 0x5c, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
lgetxattr(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040)=@known='system.posix_acl_access\x00', &(0x7f0000000140)=""/246, 0xf6)

1.735475934s ago: executing program 6 (id=1209):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
getpeername(r0, 0x0, &(0x7f0000000040))

1.627880871s ago: executing program 2 (id=1210):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001480)=[{&(0x7f0000000300)="d8000000190081054e81f782db4cb9040a1d080006007c02e8fe55a10a0015000900142603600e1208000f4f1b000401a8001600200005400400027c03", 0x3d}], 0x1}, 0x0)
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x2250)

1.617400534s ago: executing program 1 (id=1211):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x1010006, &(0x7f0000006600)={[{@gid}, {@discard_size={'discard', 0x3d, 0xaff9}}, {@iocharset={'iocharset', 0x3d, 'koi8-r'}}, {@iocharset={'iocharset', 0x3d, 'macgaelic'}}, {@nointegrity}, {@nodiscard}, {@nointegrity}, {@errors_remount}, {@nodiscard}, {@noquota}]}, 0x1, 0x626d, &(0x7f0000000380)="$eJzs3cuOHFcZB/Cv+jaXYMfKIgoWQpPEXEKIr8EYAiRZwIINC+QtsjWZRBYOINsgJ7LwRLNhwUOAkFgixJIVD5AFW3Y8AJZsJFAWKIVq5pxxTaV7esb2dHW7fj9pXPX1qZo+5X9XX6aq+gQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED/8wY/PFRFx5VfphhMRn4t+RC9iparXImJl7UR9nRdiuzmej4jhUkS1/vY/z0a8HhEfH4+4/+DOenXz+QP24/t//scffvLMj/7+p+GZ//7lVv+NScvdvv3b//z17qNvLwAAAHRRWZZlkT7mn4yIQfpsDwA8/fLrf5nk29VzV2/OWX/UarVavYB1XTne3XoREZv1dar3DA7HA8CC2YxP2u4CLZJ/pw0i4pm2OwHMtaLtDnAk7j+4s16kfIv668HaTns+F2RP/pvF7vUdk6bTNM8xmdXjayv68dyE/qzMqA/zJOffa+Z/Zad9lJY76vxnZVL+o51Lnzon599v5t/w9OTfG5t/V+X8B4fKvy9/AAAAAACYY/nv/ydaPv679PibciD7Hf9dm1EfAAAAAAAAAOBJO+z4f4PG+H+7jP8HAAAAc6v6rF753fGHt036Lrbq9stFxLHG8kDHpItlVtvuBwAAAAAAAAAAAAB0yWDnHN7LRcQwIo6trpZlWf3UNevDetz1F13Xtx+6rO0neQAA2PHx8ca1/EXEckRcTt/1N1xdXS3L5ZXVcrVcWcrvZ0dLy+VK7XNtnla3LY0O8IZ4MCqrX7ZcW69u2uflae3N31fd16jsH6Bjs9Fi4AAQETuvRvcnvSL9z+vVYirLZ6PlNzksiH32fxaU/Z+DaPtxCgAAABy9sizLIn2d98l0zL/XdqcAgJnIr//N4wJq9eHqY3PWH7VarVaPq+vK8e7Wi4jYrK9TvWcwHD8ALJjN+KTtLtAi+XfaICJeaLsTwFwr2u4AR+L+gzvrRcq3qL8epPHd87kge/LfLLbXy+uPm07TPMdkVo+vrejHcxP68/yM+jBPcv69Zv5XdtpHabnHz7/c82fCts4xmpR/tZ0nWuhP23L+/Wb+DUe9/8/KVvTG5t9VOf/BofLvyx8AAAAAAOZY/vv/ibk6/jt61M2Zar/jv2tj1zi6vgAAAAAAAADAk3L/wZ31fN1rPv7/hTHLuf7z6ZTzL+TfSTn/XiP/rzaW69fm7739MP9/P7iz/sdb//p8nh40/6U8U6RHVpEeEUW6p2KQpo+zdZ+1NeyPqnsaFr3+IJ3zUw7fjWtxPTbi7J5le+n/42H7uT3tVU+H2+1lf6f9/J72wW57Xv/CnvZhOruoXMntp2M9fh7X453t9qptacr2L09pL6e05/z79v9OyvkPaj9V/qupvWhMK/c+6n1mv69Px93PW9e++JuzR785U21Ff3fb6qrte6mF/mz/nzwzil/e3Lhx+vbVW7dunIs02XPr+UiTJyznP0w/u8//L++05+f9+v5676PRofOfF1sxmJj/y7X5antfmXHf2pDzH6WfnP87qX38/r/I+U/e/19toT8AAAAAAAAAAAAAAACwn7Isty8RfSsiLqbrf9q6NhMAmK38+l8m+fZZ1f0Z359aveB1MWf9eVL10kGW/7Scm/6q1Qtb15XjvVkvIuJv9XWq9wy/HvfLAIB59mlE/LPtTtAa+XdY/r6/anqq7c4AM3Xzgw9/evX69Y0bN9vuCQAAAAAAAADwqPL4n2u18Z9PlWV5t7HcnvFf3461xx3/c5BndgcYnTBQdf/w27Sfrd6o36sNN/5iTBr/e7g7t9/434Mp9zec0j6a0r40pX15SvvYCz1qcv4v1sY7PxURJxvDr3dh/NfmmPddkPN/qfZ4rvL/SmO5ev7l7xc5/96e/M/cev8XZ25+8OFr196/+t7Gexs/u3Du3NkLFy9eunTpzLvXrm+c3fm3xR4frZx/HvvaeaDdkvPPmcu/W3L+X0q1/Lsl5//lVMu/W3L++f2e/Lsl558/+8i/W3L+r6Ra/t2S8/9aquXfLTn/V1Mt/27J+X891fLvlpz/a6mWf7fk/E+nWv7dkvM/k+oD5r9y1P1iNnL++QiX/b9bcv75zAb5d0vO/3yq5d8tOf8LqZZ/t+T8X0+1/Lsl5/+NVMu/W3L+F1Mt/27J+X8z1fLvlpz/pVTLv1ty/t9Ktfy7Jef/7VTLv1ty/m+kWv7dkvP/Tqrl3y05/++mWv7dkvP/Xqrl3y05/zdTLf9uefj9/2bMmDGTZ9p+ZgIAAAAAAAAAAAAAmmZxOnHb2wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/ZwcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2Lu7GLnO+n7gZ9a767UDiYGQv5O/AxvHhJBssms78QttigmvDW8lEAp9wXa9a7Pg2MZrl0Aj2TRQImFUVNE2XLQFhNrcVKQSF7QClAvUCqkStFLpDaJC5SKqAgpIlWgF2WrOeZ5nZ2bnZde7Xp855/OR7J935pw5z5x5ztn57fo7BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWt3yurlPNbIsa/7J/9qWZS9o/nvL5Lb8tldf7RECAAAAa/XL/O/nrks3HFrBSi3L/NPLvvPVxcXFxey9m/507HOLi+mOySwb25xl+X3RUz98X6N1meCxbKIx0vL1yIDNbxpw/+iA+8cG3D8+4P7NA+6fGHD/sh2wzJbi5zH5g+3K/7mt2KXZ9dlYft+uLms91tg8MhJ/lpNr5Ossjh3P5rOT2Vw207Z8sWwjX/7rtzS39eYsbmukZVs7mjPkp48ei2NohH28q21bS48Z/fi12eTPfvrosb8+9+yN3erA3dD2eMU4b9/ZHOcnwi3FWBvZ5rRP4jhHWsa5o8trsqltnI18vea/O8f53ArHuWlpmBuq8zWfyEbyf38330+jrT/WS/tpR7jt57dmWXZxadidyyzbVjaSbW27ZWTp9ZkoZmTzMZpT6cXZ6Krm6S0rmKfNOrurfZ52HhPx9b8lrDfaYwytL9OPPz7e8rr/YvFy5mnUfNa9jpXOObjex0pZ5mCcF9/Nn/TjXefgrvD8H72t9xzsOne6zMH0vFvm4M5Bc3BkfFM+5vQiNPJ1lubg7rblN+VbauT1mdv6z8Hpcw+fmV746Mfumn/46Im5E3On9u7ePbN3374DBw5MH58/OTdT/H2Ze7v8tmYj6RjYGfZdPAZe2bFs61Rd/OL4svPv5R6HE32Ow20dy673cTja+eQaG3NALp/TxbHx7uZOn7g0kvU4xvLX5461H4fpebcch6Mtx2HX7yldjsPRFRyHzWXO3LGy9yyjLX+6jaH394K1zcFtLXOw8/1I5xxc7/cjZZmDE2FefP+O3t8LdoTxPj612vcjm5bNwfR0w7mneUt6vz9xIC/d5uVNzTuuGc/OL8ydvfuRo+fOnd2dhbIhXtIyVzrn69aW55Qtm68jq56vh+Zf9vhNXW7fFvbVxF3NvyZ6vlbNZe65u/9rlX93674/227dk4WyzjZ6f3b7bt7cn+NZ9vlvffzBbzz6+df13J/NfvMT02t/Lx760sXChfwxxnqcf2Pf/3yxvfRQj20aGy2O301p74y1nY/bX6rR/NzVyLf93PTKzsdj4c9Gn4+v73M+3t6x7Hqfj8c6n1w8HzcG/bRjbTpfz4kwT07O9D8fN5fZvme1c3K07/n41lAbYf+/KnQKqS9qmTu95m3a1ujoWHheo3EL7fN0b9vyY6E3a27ryT3hTWEa5crm6e23Fstvalkv2qh5Otmx7HrP0/Szr17ztDHop2+Xp/P1nAjz4vq9/edpc5mn71n7uXNL/GfLe9fxQXNwbNN4c8xjaRLm5/tscUucg3dnx7LT2clsNr93PJ9PjXxbU/eu7Fw5Hv5s9Llye585eHvHsus9B9PPV3vNvcbo8ie/Djpfz4kwL564t/8cbC7z+v3r+9719nBLWqblvWvnz9d6/czrpo7ddKXmymgY57f29//ZbHOZkwdW22f23093hluu6bKfOo/fXsfUbLYx+2l7GOezB3rvp+Z4mst87uAK59OhLMsufPj+/Oe94fcrF85/76ttv3fp9judCx++/ycvPP6Pqxk/AMPv+aJsLb7XtfxmaiW//wcAAACGQuz7R0JN9P8AAABQGbHvj/8rPNH/AwAAQGXEvn801KQK/f8fDl5k++ufnX/+QpaS+eFDE1JmLu2GB4rlYsZ1Jnw9ubikefv9X57773+4sLLhjWRZ9osH/qDr8tsfiOMqTIZxPvWG9tuX+epdK9r2kYcupO225te/EB4/Pp+VToNuEdyZLMu+ft1n8u1Mvu9SXp9+4EheH7z4+GPNZZ47WHwd13/mJcXyfxHCv4eOH21b/5mwH34U6sxbuu+PuN5XLr1qx/73LG0vrtfYeW3+tJ94f/G48XNyPvtYsXzcz73G/41PP/mV5vKPvKL7+C+MdB//k+Fxvxzq/9xcLN/6GjS/jut9Mow/bi+ud/eXvtl1/E99qlj+zBuL5Y6EGrd/e/h61xufnW/dX480jrY9r+xNxXJx+zPf++P8/vh48fE7xz9x+FLb/uicH0//a/E40x3Lx9vjdqK/79h+83Fa52fc/pN/dKRtPw/a/lMPPnNz83E7t39nx3JnPnxHvv2lx2v/xKa//ORnum4vjufQ355pez6H3hmO47D9J94f5mO4/3+fKh6v89MVjryz/fwTl//Ctgttzyd688+K7T/1mhN53TyxZes1L3jhtRdf3tx3WfbdzcXjDdr+ib863Tb+L95Q7I94f8zod26/l7j9sx+ZOnV64fz8bNqrj16Xf3bOW4vxxPFeF86tnV8fPn3uA3NnJ2cmZ7JssrofoXfZvhTqT4pysf/Si8vOoHc8FF7Pm/7861tv+5dPx9v//d3F7ZfeUnzfemVY7rPh9m3h9Vvd9pd74pYb8uO78XQY4eLyzwteix27/uvAihYMz7/zfUGc72de+oF8PzTvy79vxON6jeP/wWzxOF8L+3UxfDLzzhuWtte6fPxshEvvKo73Ne+/cJqLr+vfhNf7bT8qHj+OKz7fH4T3Md/c3n6+i/PjaxdGOh8//xSPi+F8kl0s7o9Lxf196bkbug4vfg5JdvHG/Os/SY9z46qeZi8LH12YPjl/6vwj0+fmFs5NL3z0Y4cfPn3+1LnD+Wd5Hv7goPWXzk9b8/PT7Ny+e7L8bHW6KFfY1R7/mYeOze6fuW127vjR88fPPXRm7uyJYwsLx+ZmF247evz43EcGrT8/e9/uPQf37t8zdWJ+9r4DBw/uPTg1f+p0cxjFoAbYN/OhqVNnD+erLNx3z8Hd9957z8zUw6dn5+7bPzMzdX7Q+vn3pqnm2r8/dXbu5NFz8w/PTS3Mf2zuvt0H9+3bM/DTAB8+c3xhcvrs+VPT5xfmzk4Xz2XyXH5z83vfoPWppoX/KN7PdmoUH8SXvePOfenzWZu+/PGeD1Us0vEBos+Gz6L59ovOHFjJ17HvHws1qUL/DwAAAORi3z8eaqL/BwAAgMqIff/mUBP9PwAAAFRG7PsnQk3/JaAm/X/l8v/bL6xo+/L/8v+t+0v+v2b5/3eVLf9fnC9S/j/Lspvl/y/bWvP31cv/j7Z9Jf8/gPy//L/8v/w/66ps+f/Y92/JMr//BwAAgIqKff/WUBP9PwAAAFRG7PuvCTXR/wMAAEBlxL7/BaEmNen/5f/l/+X/5f/l/7tv/6rl/13/f03k//uT/x9A/n86q1f+/+J6jv8q5P+3tH4h/08ZlS3/H/v+F4aa1KT/BwAAgCHW+6cGHWLff22oif4fAAAAKiP2/deFmuj/AQAAoDJi378t1KQm/b/8/5ry/ylzJf/fPn75/3by/2E+yP/L/28A+f/+5P8HkP93/f/hyv+3kf+njMqW/499/4tCTWrS/wMAAEAdxL7/xaEm+n8AAAAon9HLWy32/S8JNVnW/1/mBgAAAICrLvb912cdQfCa/P5f/t/1/+X/5f/l/7tvf+X5/02Z/H95yP/3J/8/gPy//L/8/6ry/42WNwHy/3RTtvx/3vdnE9lLQ01q0v8DAABAHcS+/4ZQE/0/AAAAVEbs+/9fqIn+HwAAACoj9v3bQ01q0v/L/1cm///z1pdO/l/+v9/25f9d/7/K5P/7k/8fQP5f/l/+3/X/WVdly//Hvv/GUJOa9P8AAABQB7HvvynURP8PAAAAlRH7/v8faqL/BwAAgMqIff+OUJOa9P/y/yXP/8fkqOv/y//L/5cy/z8h/1868v/9yf8PIP8v/y//L//Puipb/j/2/TeHmtSk/wcAAIA6iH3/y0JN9P8AAABQGbHvf3moif4fAAAAKiP2/ZPZv7XfUZP+fzX5/8ZF+f9ervD1/8dXcP3/NvL/8v/9ti//7/r/VSb/35/8/wDy//L/8v/y/6yrsuX/J/O1JrJbQk1q0v8DAABAHcS+f2eoif4fAAAAKiP2/beGmuj/AQAAoDJi378r1KQm/b/r/w9F/j+T/5f/l/+X/5f/Xxn5//7k/weQ/5f/l/+X/2ddlS3/H/v+V4Sa1KT/BwAAgDqIff9toSb6fwAAAKiM2Pe/MtRE/w8AAACVEfv+20NNatL/y//L/8v/y//L/3ffvvz/cJL/70/+fwD5f/l/+X/5f9ZV2fL/se9/VahJTfp/AAAAqIPY998RaqL/BwAAgMqIff+doSb6fwAAAKiM2PdPhZrUpP+X/5f/l/+X/5f/7759+f/hJP/fn/z/APL/8v/y//L/rKuy5f9j339XqElN+n8AAACog9j33x1qov8HAACAyoh9/3Soif4fAAAAKiP2/TOhJjXp/+X/5f/l/+X/V5X/f/nS48r/F+T/y0X+vz/5/wHk/+X/r3r+f0z+n0opW/4/9v27Q01q0v8DAABAHcS+f0+oif4fAAAAKiP2/XtDTfT/AAAAUBmx778n1KQm/X+V8v/5M5D/b1tP/l/+v9v2Xf9f/r/K5P/7W//8f3yK8v/y//L/rv8v/89yZcv/x77/3lCTmvT/AAAAUAex798XaqL/BwAAgMqIff/+UBP9PwAAAFRG7PsPhJrUpP+vUv6/WFH+PytR/j+S/y/I/8v/y/9fefL//bn+/wDy//L/Q5z/b84t+X/Kpmz5/9j3Hww1qUn/DwAAAHUQ+/5Xh5ro/wEAAKAyYt//K6Em+n8AAACojNj3/2qoSU36f/l/+X/X/5f/L3v+f1z+X/5/FeT/+5P/H0D+X/5/iPP/rv9PGZUt/x/7/vtCTWrS/wMAAEAdxL7/10JN9P8AAABQGbHvf02oif4fAAAAKiP2/YdCTWrS/w9v/n+8xxMqaf4/3ij/L/8v/+/6//L/V9S65P//Tv5f/l/+X/5f/l/+n/VQtvx/7PtfG2pSk/4fAAAA6iD2/feHmuj/AQAAoDJi3/+6UBP9PwAAAFRG7PtfH2pSk/5/ePP/vZ5QSfP/Nbn+/9hl5f/H2sYu/7+0nvx/Qf5f/n81XP+/P/n/AeT/5f/l/+X/WVdly//Hvv8NoSY16f8BAACgDmLf/8ZQE/0/AAAAVEbs+98UaqL/BwAAgMqIff+bQ01q0v/L/8v/u/6//L/8f/fty/8PJ/n//uT/B5D/l/+X/5f/Z12VLf8f+/5fDzWpSf8PAAAAdRD7/gdCTfT/AAAAUBmx739LqIn+HwAAACoj9v1vDTWpSf8v/y//L/8v/y//33378v/DSf6/vyHL///y2nC7/H9B/r/c419t/n+04+srkv//Ya/8/+LmzvXl/7kSypb/j33/20JNatL/AwAAQB3Evv/toSb6fwAAAKiM2Pe/I9RE/w8AAACVEfv+3wg1qUn/L//fHMdSeln+X/4/v0H+X/5f/n9oyf/3N2T5f9f/7yD/X+7xu/6//D/LlS3/H/v+d4aa1KT/BwAAgDqIff+DoSb6fwAAAKiM2Pe/K9RE/w8AAACVEfv+d4ea1KT/l/93/X/5f/l/+f/u25f/H07y//3J/w8g/y//X7b8/3/K/zPcypb/j33/Q6EmNen/AQAAoA5i3/+eUBP9PwAAAFRG7Pt/M9RE/w8AAACVEfv+94aa1KT/l/8flvz/pPz/KvP/4+E2+X/5f/n/epH/70/+fwD5f/n/suX/y3j9/4nu68v/003Z8v+x739fqMnK+/8eRwAAAABQFrHv/61Qk5r8/h8AAADqIPb9vx1qov8HAACAyoh9/++EmtSk/5f/H5b8v+v/Z67/L//f8Xzk/+X/u9m4/H8888j/y//L/0fy/zXJ//cg/083Zcv/x77/d0NNatL/AwAAQB3Evv/9oSb6fwAAABgK3f5PdqfY9x8ONdH/AwAAQGXEvv9IqElN+n/5f/l/+f+S5v//bOc/f/87bz+yW/5f/l/+f1U29Pr/zYPf9f/l/+X/E/l/+X/5fzqVLf8f+/6joSZLjd9bXeAfAAAAhlvs+38v1KQmv/8HAACAOoh9/7FQE/0/AAAAVEbs+2dDTWrS/8v/y//L/5c0/z/E1/+P+2OY8v9Tm4co/x9PuvL/XW1o/v89Szlx+f/V5v/Hu97amf9vyP+3kf9f9fi/nWWZ/L/8P1dR2fL/se+fCzWpSf8PAAAAdRD6/pHjRV26Q/8PAAAAlRH7/hOhJvp/AAAAqIzY938g1KQm/b/8v/y//L/8v+v/d99+afP/rv/fl/x/f+XJ/3fn+v/y/8M8fvl/+X+WK1v+P/b986EmNen/AQAAoA5i3//BUBP9PwAAAFRG7Ps/FGqi/wcAAIDKiH3/yVCTmvT/8v/y//L/8v/y/923/3/s3cezpmWZx/H3QFN0D0XN7GYxi3HvyoUrFrJwpX+ACzYutMqySlAxJxpzxJwDBlQMGEARE5gDmFDMomLOATNqtQV9XVef0+c5z3tO93vO+zz3/fks5sKGnvcw1QP+aL596//nSf8/Tv+/hP5f/6//1/+zUlPr/3P3PyRu6WT/AwAAQA9y918Yt9j/AAAA0Izc/RfFLfY/AAAANCN3/0Pjlk72v/5f/99s/38v/f9On6//1/+3TP8/Tv+/hP5f/6//1/+zUlPr/3P3Pyxu6WT/AwAAQA9y9z88brH/AQAAoBm5+y+OW+x/AAAAaEbu/kfELZ3s/5P6/41Fn/1/Zrz6/5b6f+//7/j5+n/9f8sOtv+/9M6/8un/9f/6/6D/1//r/znZ1Pr/3P2PjFs62f8AAADQg9z9j4pb7H8AAABoRu7+R8ct9j8AAAA0I3f/Y+KWTva/9/+9/z+t/v8M/b/+X/+v/z8t3v8f11P/f/Et51x4+7X/d91ePl//r//X/+v/Wa2p9f+5+x8bt3Sy/wEAAKAHufsfF7fY/wAAANCM3P2Pj1vsfwAAAJihI4Pfmrv/CXFLJ/tf/6//n1b/v8b3/w9Psv/P39T/6//1/7uk/x/XU/9/Kp+v/9f/6//1/6zW1Pr/3P1PjFs62f8AAADQg9z9T4pb7H8AAACYrqF/EXtE7v5L4hb7HwAAAJqRu/9o3NLJ/tf/73///2/9/zz6f+//6//1/03Q/4/T/y+h/9f/6//1/6zU1Pr/3P2Xxi2d7H8AAADoQe7+J8ct9j8AAAA0I3f/U+IW+x8AAACakbv/qXFLJ/tf/+/9f/1/z/3/PeP36P+HPl//P0/6/3HT7f+P/3+W/n/2/f9Z+n/9v/6fzfbY/98x8pftlfT/ufufFrd0sv8BAACgB7n7nx632P8AAADQjNz9z4hb7H8AAABoRu7+Z8Ytnex//b/+X//fc/9/mu//b/+hdxf9/zD9/8HQ/4+bTP+/cWjwm/X/6+7/j/239//1//p/Vmlq7//n7n9W3NLJ/gcAAIAe5O5/dtwysv/3/A/zAQAAgLXK3f+cuMXP/wMAAMDsZXWWu/+5cUsn+1//r//X/+v/T7n/7/j9/+s2fX36/2nR/4+bTP+/A/3/uvv/9fbzc//69f/6f7abWv+fu/95cUsn+x8AAAB6kLv/srjF/gcAAIBm5O5/ftxi/wMAAEAzcve/IG7pZP8P9/8nfr/+f3f0/1u/fv3/8I+PVfX/+b9R/z/a/5/v/f8+6f/H6f+X0P/r//X/O/X/R5Z9f/0/Q6bW/+fuf2Hc0sn+BwAAgB7k7n9R3GL/AwAAQDNy9784brH/AQAAoBm5+18St3Sy/73/r//X/8+v/5/H+//bM8GW3v9fHHj/f0j/v0v6/3H6/yX0/5v6+Y2F/r/j/v/cHd7/H/lVAPT/DJla/5+7/6VxSyf7HwAAAHqQu/9lcYv9DwAAAPOw+d8dOPlfKA25+18et9j/AAAA0Izc/a+IW9rZ/6Nvder/9f/6f/1/o+//N9b/e/9/t/T/4/T/S+j/96OfP9RY/3/5Tt9/Cv3/Jfv3/v89ln1//T9DtvT/15/49nX1/7n7Xxm3tLP/AQAAoHu5+18Vt9j/AAAA0Izc/a+OW+x/AAAAaEbu/tfELZ3s/33v/0d+9QH9v/5f/6//1//r/1dN/z9O/7+E/n+t7+fP/eufQv+/svf/9f+syJb+f5N19f+5+18bt3Sy/wEAAKAHuftfF7fY/wAAANCM3P2Xxy32PwAAADQjd//r45ZO9r/3//X/+n/9v/5/+PP1//N0Wv39Gfr/ov/X/+v/9f/6f1Zgav1/7v43xC2d7H8AAADoQe7+N8Yt9j8AAAA0I3f/m+IW+x8AAACakbv/irilk/2v/9/f/j+/Xf+v/1/o//X/+v8D0e37/xtDfyfabof+/6YHHb3v1m/R/+v/9f/6f/0/u/Q/I79vEv3/sRP/7TJ3/5vjlk72PwAAAPQgd/9b4hb7HwAAAJqRu/+tcYv9DwAAAM3I3X9l3LLH/T/WPEyZ/t/7//p//b/+f/jz9f/z1G3/v0ve/19C/6//1//nD0f9Pysxif5/03/O3f+2uMXP/wMAAEAzcve/PW6x/wEAAKAZufvfEbfY/wAAANCM3P3vjFs62f/6f/2//l//r/8f/nz9/zzp/8fp/5eYU/9/5Wn0/4eGv3nd/fzpWvfX30j/7/1/Vmpq/X/u/qvilk72PwAAAPQgd/+74hb7HwAAAJqRu//dcYv9DwAAAM3I3f+euKWT/a//1//r//X/+v/hz9f/z5P+f5z+f7FYXD3yBQz1/8fOnmb/7/3/yX39+n/9P9tNrf/P3f/euKWT/Q8AAAA9yN1/ddxi/wMAAEAzcvdfE7fY/wAAANCM3P3vi1s62f/6f/2//l//r/8f/nz9/zzp/8fp/5eY0/v/+v/Jff36f/0/202t/8/d//64pZP9DwAAAD3I3X9t3GL/AwAAQDNy938gbrH/AQAAoBm5+6+LWzrZ//p//b/+X/8/q/7/TP2//n/c/vX/C/2//l//v4T+X/+v/+dkU+v/c/d/MG7pZP8DAABAD3L3fyhusf8BAACgGbn7Pxy32P8AAADQjNz9H4lbOtn/+n/9v/5f/z+r/t/7//r/Jbz/P07/v4T+X/+v/9f/s1LD/f8la+v/c/d/NG7pZP8DAABAD3L3Xx+32P8AAADQjNz9N8Qt9j8AAAA0I3f/x+KWTva//l//v7X/Xyz0//p//f9xY/3/4dX0/4cX+v+V29f+/4qI0fX/+n/9/6DJ9v9nLBrq/4/s+P31/0zR1N7/z93/8bilk/0PAAAAPcjd/4m4xf4HAACAZuTu/2TcYv8DAABAM3L3fypu6WT/6//1/97/1//r/4c/3/v/8+T9/3H6/yX0/232/97/1/+zNjf81/FfX+xk6+r/c/d/Om7pZP8DAABAD3L3fyZusf8BAACgGbn7Pxu32P8AAADQjNz9n4tbOtn/+n/9v/5f/6//H/58/f886f/H6f+X0P/r//X/+n9Wamrv/+fu/3zc0sn+BwAAgB7k7r8xbrH/AQAAoBm5+2+KW+x/AAAAaEbu/i/ELZ3sf/2//l//P8/+/7D+X/+v/x80lf7/vPPuc7P+X/+v/9f/6//1/72bWv+fu/+LcUsn+x8AAAB6kLv/S3GL/Q8AAADNyN3/5bjF/gcAAIBm5O7/StzSyf7f3v+ftTheqB431P9Ho6b/30T/v/Xr1/8P//jw/r/+X/+//6bS/3v//9S+fv2//n/OX/+e+v+7bf/++n9aNLX+P3f/zXFLJ/sfAAAAepC7/6txi/0PAAAAzcjd/7W4xf4HAACAZuTuvyVu6WT/e/9f/6//1//r/4c/X/8/T/r/cfr/JfT/+n/v/1/0gDP1/6zO1Pr/3P1fj1s62f8AAADQg9z934hb7H8AAABoRu7+b8Yt9j8AAAA0I3f/t+KWTva//l//r//X/+v/hz9f/z9P+v9x+v9y8p/acf30/4eHvnHd/fzpWvfX30z/7/1/Vmhq/X/u/m/HLZ3sfwAAAOhB7v7vxC32PwAAADQjd/934xb7HwAAAJqRu/97cUsn+1//r/9vv/+/v/7/pM/X/+v/W6b/z7+jD9P/L9FP/z9o3f383L9+/b/+n+2m1v/n7r81bulk/wMAAEAPcvd/P26x/wEAAKAZuft/ELfY/wAAANCM3P0/jFs62f/6/776/41Fj/2/9//1//r/nuj/x+n/l9D/6//1//p/Vmpq/X/u/ts2DnW5/wEAAGCu7nf3B9+62z/2trv+5+HFj+KW8xfHdvnT2AAAAMDE3bn7Nw4tFj++6z/5+X8AAABoUe7+n8Qtnex//X9f/X+f7//r//X/+v+e6P/H6f+X0P/r/3f6+o/p/5d9f/0/Q6bW/+fu/2ncsmn4HdrznyUAAAAwJbn7fxa3dPLz/wAAANCD3P0/j1u27X+/HCAAAADMVe7+X8Qts/35/3P39Efr/yfe/y/2qf+PP07/f5z+X/8/9Pn6/3nS/487zf7/2Ib+X/8/oun+3/v/+n9OydT6/9z9v4xbZrv/AQAAgMViseWfKOTu/1XcYv8DAABAM3L3/zpusf8BAACgGbn7fxO3dLL/9f8H3v9nqr6P7/8fqd/y/n/n/f9lhwc/X/+v/2+Z/n9c3+//33v5k876/1b6/7P1//p/pmFq/X/u/t/GLZ3sfwAAAOhB7v7fxS32PwAAADQjd//v4xb7HwAAAJqRu/8PcUsn+1//P/H3/0+p/9/F+//6/z76/x0+v53+/3/POXrjBQ+85ir9PyccZP+fPxb0/3Pp/3dB/99K/+/9f/0/E7H6/n/rL+Wy1/4/d/8f45ZO9j8AAAD0IHf/7XGL/Q8AAADNyN3/p7jF/gcAAIBm5O7/c9zSyf7X/+v/p9L/5/+t19D/Hz3l/v/IYrFYS/+fTXHv/b/3//X/23n/f5z+fwn9v/5f/6//Z6VW3/9v/ca99v+5+/8St3Sy/wEAAKAHufv/Grfk/t/Y8z+6BwAAACYmd//f4hY//w8AAADNyN3/97ilk/2v/9f/T6X/T97/P/H92nr//4KKU/vs//+/fkv/v7/0/+P0/0vo//X/+n/9Pys1tf4/d/8/4pZO9j8AAAD0IHf/HXGL/Q8AAADNyN3/z7jF/gcAAIBm5O7/V9zSyf7X/7fa/2cRr//X/0+l//f+v/f/D4b+f5z+fwn9v/5f/6//Z6Wm1v/n7v9PAAAA//8si2f+")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000001280)=""/4089, 0xff9)

1.347479577s ago: executing program 2 (id=1212):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000540)={'pimreg1\x00', 0x5d7043239156864b})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x1)

1.215884823s ago: executing program 0 (id=1213):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x16, 0x0, &(0x7f00000000c0)=0x600)

1.141166159s ago: executing program 3 (id=1214):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e22, @local}, 0x10)

1.048403942s ago: executing program 0 (id=1215):
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
setreuid(0x0, 0xee00)
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000300)=ANY=[@ANYRES64=r0, @ANYBLOB="ae"])

906.112992ms ago: executing program 2 (id=1216):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff)
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)={0x20, r1, 0x405, 0x70bd27, 0x25dfdbfd, {}, [{{0x8}, {0x4}}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000401}, 0x44084)

738.761993ms ago: executing program 0 (id=1217):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$RDMA_NLDEV_CMD_SYS_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="300000000714010000000000000000000800", @ANYRES32=r1], 0x30}}, 0x94)

715.958834ms ago: executing program 7 (id=1218):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000000c0)="0800b699f75b626f00000200fc00ffffffdf009a27012f27", 0x18)

699.344665ms ago: executing program 2 (id=1219):
mkdirat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000000)='hugetlbfs\x00', 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x2024021, &(0x7f0000000380)=ANY=[@ANYBLOB='uid='])

602.85303ms ago: executing program 3 (id=1220):
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000001b40)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000b80)=""/227, 0xe3}, {&(0x7f0000001a40)=""/217, 0xd9}, {&(0x7f0000003500)=""/4096, 0x1000}, {&(0x7f0000001d80)=""/157, 0x9d}, {&(0x7f0000000680)=""/134, 0x86}, {&(0x7f0000002c40)=""/135, 0x87}, {&(0x7f0000002d00)=""/128, 0x80}, {&(0x7f0000000000)=""/260, 0x104}, {&(0x7f0000000140)=""/88, 0x58}], 0x9}, 0xe}, {{0x0, 0x0, 0x0}, 0xa}, {{0x0, 0x0, 0x0}, 0x2}, {{0x0, 0x0, 0x0}, 0xffffffff}, {{0x0, 0x0, 0x0}, 0xfffffffe}, {{0x0, 0x0, 0x0}, 0x8}, {{0x0, 0x0, 0x0}}], 0x7, 0x40000100, 0x0)

602.061283ms ago: executing program 6 (id=1221):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x4, 0x8, 0x8}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xe, 0x0, &(0x7f0000000280)="432275e2065074ef2415f73227b2", 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

520.764018ms ago: executing program 0 (id=1222):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'veth0_macvtap\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000000)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="380000006800010000000000fddbdf250a000000000000000600070003000000100008800c00010000000f000007000008000500", @ANYRES32=r1], 0x38}, 0x1, 0x0, 0x0, 0x3}, 0x90)

332.814784ms ago: executing program 3 (id=1223):
capset(&(0x7f0000000000)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200003, 0x0, 0x0, 0x7, 0x3})
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000100)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x8, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x8, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast1}}}})

330.215141ms ago: executing program 2 (id=1224):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x110e22fff6)
ioctl$PPPIOCSNPMODE(r0, 0x4008744b, &(0x7f0000000000)={0x2d, 0x2})

285.055063ms ago: executing program 7 (id=1225):
syz_mount_image$jfs(&(0x7f0000000100), &(0x7f0000000000)='./file1\x00', 0x1000400, &(0x7f0000000200)=ANY=[@ANYBLOB='quota,noquota,iocharset=cp950,errors=continue,grpquota,usrquota,nodiscard,uid=', @ANYRESHEX=0x0, @ANYBLOB=',uid=', @ANYRESHEX=0xee01, @ANYBLOB='\x00\x00'], 0x21, 0x61b6, &(0x7f00000075c0)="$eJzs3cuOHFcZB/Cv+jYXE8fKIgoWQpPEXEKIr8EYAiRZwIINC+QtsjWZRBYOINsgJ7LwRLNhwUOAkFgixJIVD5AFW3Y8AJZsJFAWKIVq5pxxTaV7esb2dHW7fj9pXPX1qZo+5X9XX6aq+gQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED/8wY/PFRFx5VfphhMRn4t+RC9iparXImJl7UR9nRdiuzmej4jhUkS1/vY/z0a8HhEfH4+4/+DOenXz+QP24/t//scffnLsR3//0/DMf/9yq//GpOVu3/7tf/5699G3FwAAALqoLMuySB/zT0bEIH22BwCefvn1v0zy7eq5qzfnrD9qtVqtXsC6rhzvbr2IiM36OtV7BofjAWDBbMYnbXeBFsm/0wYRcaztTgBzrWi7AxyJ+w/urBcp36L+erC2057PBdmT/2axe33HpOk0zXNMZvX42op+PDehPysz6sM8yfn3mvlf2WkfpeWOOv9ZmZT/aOfSp87J+feb+Tc8Pfn3xubfVTn/waHy78sfAAAAAADmWP77/4mWj/8uPf6mHMh+x3/XZtQHAAAAAAAAAHjSDjv+36Ax/t8u4/8BAADA3Ko+q1d+d/zhbZO+i626/XIR8UxjeaBj0sUyq233AwAAAAAAAAAAAAC6ZLBzDu/lImIYEc+srpZlWf3UNevDetz1F13Xtx+6rO0neQAA2PHx8ca1/EXEckRcTt/1N1xdXS3L5ZXVcrVcWcrvZ0dLy+VK7XNtnla3LY0O8IZ4MCqrX7ZcW69u2uflae3N31fd16jsH6Bjs9Fi4AAQETuvRvcnvSL9z+vVYirLZ6PlNzksiH32fxaU/Z+DaPtxCgAAABy9sizLIn2d98l0zL/XdqcAgJnIr//N4wJqtVqtVqufvrquHO9uvYiIzfo61XsGw/EDwILZjE/a7gItkn+nDSLihbY7Acy1ou0OcCTuP7izXqR8i/rrQRrfPZ8Lsif/zWJ7vbz+uOk0zXNMZvX42op+PDehP8/PqA/zJOffa+Z/Zad9lJZ7/PzLPX8mbOsco0n5V9t5ooX+tC3n32/m33DU+/+sbEVvbP5dlfMfHCr/vvwBAAAAAGCO5b//n5ir47+jR92cqfY7/rs2do2j6wsAAAAAAAAAPCn3H9xZz9e95uP/XxiznOs/n045/0L+nZTz7zXy/2pjuX5t/t7bD/P/94M763+89a/P5+lB81/KM0V6ZBXpEVGkeyoGafo4W/dZW8P+qLqnYdHrD9I5P+Xw3bgW12Mjzu5Ztpf+Px62n9vTXvV0uN1e9nfaz+9pH+y25/Uv7GkfprOLypXcfjrW4+dxPd7Zbq/alqZs//KU9nJKe86/b//vpJz/oPZT5b+a2ovGtHLvo95n9vv6dNz9vHXti785e/SbM9VW9He3ra7avpda6M/2/8mxUfzy5saN07ev3rp141ykyZ5bz0eaPGE5/2H62X3+f3mnPT/v1/fXex+NDp3/vNiKwcT8X67NV9v7yoz71oac/yj95PzfSe3j9/9Fzn/y/v9qC/0BAAAAAAAAAAAAAACA/ZRluX2J6FsRcTFd/9PWtZkAwGzl1/8yybfPqu7P+P7U6gWviznrz0zrT8v56o9avYh1XTnem/UiIv5WX6d6z/Drcb8MAJhnn0bEP9vuBK2Rf4fl7/urpqfa7gwwUzc/+PCnV69f37hxs+2eAAAAAAAAAACPKo//uVYb//lUWZZ3G8vtGf/17Vh73PE/B3lmd4DRCQNV9w+/TfvZ6o36vdpw4y/GpPG/h7tz+43/PZhyf8Mp7aMp7UtT2pentI+90KMm5/9ibbzzUxFxsjH8ehfGf22Oed8FOf+Xao/nKv+vNJar51/+fpHz7+3J/8yt939x5uYHH7527f2r7228t/GzC+fOnb1w8eKlS5fOvHvt+sbZnX9b7PHRyvnnsa+dB9otOf+cufy7Jef/pVTLv1ty/l9Otfy7Jeef3+/Jv1ty/vmzj/y7Jef/Sqrl3y05/6+lWv7dkvN/NdXy75ac/9dTLf9uyfm/lmr5d0vO/3Sq5d8tOf8zqT5g/itH3S9mI+efj3DZ/7sl55/PbJB/t+T8z6da/t2S87+Qavl3S87/9VTLv1ty/t9Itfy7Jed/MdXy75ac/zdTLf9uyflfSrX8uyXn/61Uy79bcv7fTrX8uyXn/0aq5d8tOf/vpFr+3ZLz/26q5d8tOf/vpVr+3ZLzfzPV8u+Wh9//b8aMGTN5pu1nJgAAAAAAAAAAAACgaRanE7e9jQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/9mBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFfbuLkaus74f+Jl989qBxEDI38nfwMYxISSb7NpO/EKbYsJrw1sJhEJfsF3v2iz4Da9dAo1k00CJhFFRRdtw0RYQanNTkQsuaAUoF6gVUiVoL+gNokLlIqoCCkiVaAXZas55nmdnZmdndu3x+sw5n4+U/LIzZ+acOXPm7H53850BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoNWtr5//dCPLsuY/+b+2ZtkLmv+9eWprftlrrvUWAgAAAFfqV/m/n7shXXBwDTdqWeafX/7dry0tLS1l7xv98/HPLy2lK6aybHxTluXXRU/96P2N1mWCx7LJxkjL1yN9Vj/a5/qxPteP97l+os/1m/pcP9nn+hU7YIXNxe9j8jvbmf/n1mKXZjdm4/l1O7vc6rHGppGR+LucXCO/zdL4sWwhO5HNZ7NtyxfLNvLlv3Frc11vyeK6RlrWtb15hPzs0aNxGxphH+9sW9fyfUY/eV029fOfPXr0b889e3O32Xc3tN1fsZ137Ghu5yfDJcW2NrJNaZ/E7Rxp2c7tXZ6T0bbtbOS3a/5353Y+t8btHF3ezA3V+ZxPZiP5f38v309jrb/WS/tpe7jsF7dlWXZxebM7l1mxrmwk29J2ycjy8zNZHJHN+2geSi/OxtZ1nN66huO0Oed2th+nna+J+PzfGm43tso2tD5NP/nERMvz/sulyzlOo+ajXu210nkMDvq1UpZjMB4X38sf9ONdj8Gd4fE/evvqx2DXY6fLMZged8sxuKPfMTgyMZpvc3oSGvltlo/BXW3Lj+ZrauTzmdt7H4Mz506emVn82MfvXjh55Pj88flTe3btmt2zd+/+/ftnji2cmJ8t/n2Ze7v8tmQj6TWwI+y7+Bp4VceyrYfq0pcmVpx/L/d1ONnjdbi1Y9lBvw7HOh9cY2NekCuP6eK18Z7mTp+8NJKt8hrLn587r/x1mB53y+twrOV12PV7SpfX4dgaXofNZc7cubafWcZa/um2Dat/L7iyY3BryzHY+fNI5zE46J9HynIMTobj4gd3rv69YHvY3sen1/vzyOiKYzA93HDuaV6Sft6f3J+PbsflLc0rrpvIzi/On73nkSPnzp3dlYWxIV7Scqx0Hq9bWh5TtuJ4HVn38Xpw4eWP39Ll8q1hX03e3fzX5KrPVXOZe+/p/Vzl392678+2S3dnYQzYRu/Pbt/Nm/tzIsu+8O1PPPTNR7/w+lX3ZzNvfnLmyn8WT7m05fw7vsr5N+b+54v1pbt6bHR8rHj9jqa9M952Pm5/qsbyc1cjX/dzM2s7H4+Hfzb6fHxjj/Pxto5lB30+Hu98cPF83Oj3244r0/l8Tobj5MRs7/Nxc5ltu9d7TI71PB/fFmYj7P9Xh6SQclHLsbPacZvWNTY2Hh7XWFxD+3G6p2358ZDNmut6cnf4oTBt5dqO0ztuK5YfbbldtFHH6VTHsoM+TtPvvlY7Thv9fvt2eTqfz8lwXNy4p/dx2lzm6Xuv/Ny5Of5ny7lzot8xOD460dzm8XQQ5uf7bGlzPAbvyY5mp7MT2Vx+7UR+PDXydU3ft7Zz5UT4Z6PPldt6HIN3dCw76GMwfR9b7dhrjK188APQ+XxOhuPiift6H4PNZd6wb7A/u94RLknLtPzs2vn7tdV+53VLx266WsfKWNjOb+/r/bvZ5jIn9q83Z/beT3eFS67rsp86X7+rvabmso3ZT9vCdj67f/X91Nye5jKfP7DG4+lglmUXPvJA/vve8PeVC+e//7W2v7t0+5vOhY888NMXHvun9Ww/AMPv+WJsKb7Xtfxlai1//wcAAACGQsz9I2Em8j8AAABURsz98f8KT+R/AAAAqIyY+8fCTKqQ//+4/yLb3vDswvMXstTMXwri9Wk3PFgsFzuus+HrqaVlzcsf+Mr8f//jhbVt3kiWZb988I+6Lr/twbhdhamwnU+9sf3yFb5295rWffjhC2m9rf31L4b7j49nrYdBtwrubJZl37jhs/l6pt5/KZ9PP3g4nw9dfPyx5jLPHSi+jrd/5iXF8n8Vyr8Hjx1pu/0zYT/8OMzZt3bfH/F2X7306u373ru8vni7xo7r84f9xAeK+43vk/O5x4rl435ebfu/+Zknv9pc/pFXdt/+CyPdt//JcL9fCfN/XlYs3/ocNL+Ot/tU2P64vni7e778ra7b/9Sni+XPvKlY7nCYcf13hK93vunZhdb99UjjSNvjyt5cLBfXP/v9P82vj/cX779z+ycPXWrbH53Hx9P/VtzPTMfy8fK4nugfOtbfvJ/W4zOu/8k/Ody2n/ut/6mHnnlZ8347139Xx3JnPnJnvv7l+2t/x6a//tRnu64vbs/Bvz/T9ngOviu8jsP6n/hAOB7D9f/7VHF/ne+ucPhd7eefuPwXt15oezzRW35erP+p1x7P56bJzVuue8ELr7/4iua+y7LvbSrur9/6j//N6bbt/9JNxf6I18eOfuf6VxPXf/aj06dOL55fmEt79dEb8vfOeVuxPXF7bwjn1s6vD50+98H5s1OzU7NZNlXdt9C7bF8O86fFuNh76aUVZ9A7Hw7P5y1/+Y0tt//rZ+Ll//6e4vJLby2+b70qLPe5cPnW8Pytb/0rPXHrTfnru/F02MKlle8XfCW27/yv/WtaMDz+zp8L4vF+5qUfzPdD87r8+0Z8XV/h9v9wrrifr4f9uhTemXnHTcvra10+vjfCpXcXr/cr3n/hNBef178Lz/fbf1zcf9yu+Hh/GH6O+da29vNdPD6+fmGk8/7zd/G4GM4n2cXi+rhU3N+Xnrup6+bF9yHJLt6cf/1n6X5uXtfDXM3ixxZnTiycOv/IzLn5xXMzix/7+KGTp8+fOncofy/PQx/qd/vl89OW/Pw0N7/33iw/W50uxlV2rbf/zMNH5/bN3j43f+zI+WPnHj4zf/b40cXFo/Nzi7cfOXZs/qP9br8wd/+u3Qf27Ns9fXxh7v79Bw7sOTC9cOp0czOKjepj7+yHp0+dPZTfZPH+ew/suu++e2enT56em79/3+zs9Pl+t8+/N003b/2H02fnTxw5t3Byfnpx4ePz9+86sHfv7r7vBnjyzLHFqZmz50/NnF+cPztTPJapc/nFze99/W5PNS3+R/HzbKdG8UZ82Tvv2pven7XpK59Y9a6KRTreQPTZ8F4033nRmf1r+Trm/vEwkyrkfwAAACAXc/9EmIn8DwAAAJURc/+mMBP5HwAAACoj5v7JMNP/ElCT/F+5/v+2C2tav/6//n/r/tL/r1n//91l6/8X5wv9/8G40v69/n+g/6//r/+v/6//zwCUrf8fc//mLPP3fwAAAKiomPu3hJnI/wAAAFAZMfdfF2Yi/wMAAEBlxNz/gjCTmuR//X/9f/1//X/9/+7r1/8fTvr/ven/96H/P5PVq/9/cZDbfw36/5tbv9D/p4zK1v+Puf+FYSY1yf8AAABQBzH3Xx9mIv8DAABAZcTcf0OYifwPAAAAlRFz/9Ywk5rkf/3/K+r/p86V/n/79uv/t9P/D8eD/r/+/wbQ/+9N/78P/X+f/z9c/f82+v+UUdn6/zH3vyjMpCb5HwAAAOog5v4Xh5nI/wAAAFA+Y5d3s5j7XxJmsiL/X+YKAAAAgGsu5v4bs44ieE3+/q//7/P/9f/1//X/u69/7f3/0Uz/vzz0/3vT/+9D/1//X/9f/5+BKlv/P8/92WT20jCTmuR/AAAAqIOY+28KM5H/AQAAoDJi7v9/YSbyPwAAAFRGzP3bwkxqkv/1/yvT//9F61On/6//32v9+v8+/7/K9P970//vQ/9f/1//X/+fgSpb/z/m/pvDTGqS/wEAAKAOYu6/JcxE/gcAAIDKiLn//4eZyP8AAABQGTH3bw8zqUn+1/8vef8/Nkd9/r/+v/5/Kfv/k/r/paP/35v+fx/6//r/+v/6/wxU2fr/Mfe/LMykJvkfAAAA6iDm/peHmcj/AAAAUBkx978izET+BwAAgMqIuX8qzKQm+X89/f/GRf3/1Vzlz/+fWMPn/7fR/9f/77V+/X+f/19l+v+96f/3of+v/6//r//PQJWt/x9z/61hJjXJ/wAAAFAHMffvCDOR/wEAAKAyYu6/LcxE/gcAAIDKiLl/Z5hJTfK/z/8fiv5/pv+v/6//r/+v/782+v+96f/3of+v/6//r//PQJWt/x9z/yvDTGqS/wEAAKAOYu6/PcxE/gcAAIDKiLn/VWEm8j8AAABURsz9d4SZ1CT/6//r/+v/6//r/3dfv/7/cNL/703/vw/9f/1//X/9fwaqbP3/mPtfHWZSk/wPAAAAdRBz/51hJvI/AAAAVEbM/XeFmcj/AAAAUBkx90+HmdQk/+v/6//r/+v/6/93X7/+/3DS/+9N/78P/X/9f/1//X8Gqmz9/5j77w4zqUn+BwAAgDqIuf+eMBP5HwAAACoj5v6ZMBP5HwAAACoj5v7ZMJOa5H/9f/1//X/9/3X1/1+xfL/6/wX9/3LR/+9N/78P/X/9/2ve/x/X/6dSytb/j7l/V5hJTfI/AAAA1EHM/bvDTOR/AAAAqIyY+/eEmcj/AAAAUBkx998bZlKT/K//r/+v/6//7/P/u69f/3846f/3Nvj+f3yI+v/6//r/Pv9f/5+Vytb/j7n/vjCTmuR/AAAAqIOY+/eGmcj/AAAAUBkx9+8LM5H/AQAAoDJi7t8fZlKT/K//r/+v/6//r//fff36/8NJ/783n//fh/6//v8Q9/+bx5b+P2VTtv5/zP0Hwkxqkv8BAACgDmLuf02YifwPAAAAlRFz/6+Fmcj/AAAAUBkx9/96mElN8r/+v/6//r/+f9n7/xP6//r/66D/35v+fx/6//r/Q9z/9/n/lFHZ+v8x998fZlKT/A8AAAB1EHP/b4SZyP8AAABQGTH3vzbMRP4HAACAyoi5/2CYSU3yv/7/BvX/44X6//r/+v8+/1///6rS/+9N/78P/X/9f/1//X8Gqmz9/5j7XxdmUpP8DwAAAHUQc/8DYSbyPwAAAFRGzP2vDzOR/wEAAKAyYu5/Q5hJTfK//r/P/7/2/f/xtm3X/1++nf5/Qf9f/3899P970//vQ/9f/1//X/+fgSpb/z/m/jeGmdQk/wMAAEAdxNz/pjAT+R8AAAAqI+b+N4eZyP8AAABQGTH3vyXMpCb5X/9f///a9/99/r/+f0H/X/9/EPT/e9P/70P/X/9f/1//n4EqW/8/5v7fDDOpSf4HAACAOoi5/8EwE/kfAAAAKiPm/reGmcj/AAAAUBkx978tzKQm+V//X/9f/1//X/+/+/r1/4eT/n9vQ9b//9X14XL9/4L+f7m3f739/7GOr69K//9Hq/X/lzZ13l7/n6uhbP3/mPvfHmZSk/wPAAAAdRBz/zvCTOR/AAAAqIyY+98ZZiL/AwAAQGXE3P9bYSY1yf/6/83tWG4v6//r/+cX6P/r/+v/Dy39/96GrP/v8/876P+Xe/t9/r/+PyuVrf8fc/+7wkxqkv8BAACgDmLufyjMRP4HAACAyoi5/91hJvI/AAAAVEbM/e8JM6lJ/tf/9/n/+v/6//r/3dev/z+c9P970//vQ/9f/79s/f//1P9nuJWt/x9z/8NhJjXJ/wAAAFAHMfe/N8xE/gcAAIDKiLn/t8NM5H8AAACojJj73xdmUpP8r/8/LP3/Kf3/dfb/J8Jl+v/6//r/9aL/35v+fx/6//r/Zev/+/x/hlzZ+v8x978/zGTt+X9yzUsCAAAA10TM/b8TZlKTv/8DAABAHcTc/7thJvI/AAAAVEbM/b8XZlKT/K//Pyz9f5//n/n8f/3/jsej/6//383G9f/jmUf/X/9f/z/S/9f/1/+nU9n6/zH3/36YSU3yPwAAANRBzP0fCDOR/wEAAGAodPt/sjvF3H8ozET+BwAAgMqIuf9wmElN8r/+v/6//n9J+/9/seNffvDddxzepf+v/6//vy4b+vn/zRe/z//X/9f/T/T/9f/1/+lUtv5/zP1HwkyWg9/bfMA/AAAADLeY+/8gzKQmf/8HAACAOoi5/2iYifwPAAAAlRFz/1yYSU3yv/6//r/+f0n7/0P8+f9xfwxT/3960xD1/+NJV/+/qw3t/793uSeu/7/e/v9E10s7+/8N/f82+v/r3v7vZFmm/6//zzVUtv5/zP3zYSY1yf8AAABQByH3jxwr5vIV8j8AAABURsz9x8NM5H8AAACojJj7PxhmUpP8r/+v/6//r//v8/+7r7+0/X+f/9+T/n9v5en/d+fz//X/h3n79f/1/1mpbP3/mPsXwkxqkv8BAACgDmLu/1CYifwPAAAAlRFz/4fDTOR/AAAAqIyY+0+EmdQk/+v/6//r/+v/6/93X7/+/3DS/+9N/78P/X/9f/1//X8Gqmz9/5j7T4aZ1CT/AwAAQB3E3H8qzOT/2LuPJsvq847jt3FTzBQb77zwwt77JbAwa/sFeMHGC7vK5YWxjXNicI4454BtJRRQAAmhhHICJSSUhSSUc0AZSTUqmOd5Znr69LndM7e7z/0/n89CDzSMzkU1BfrRfDn2PwAAAAwjd//NcYv9DwAAAMPI3f/LcUuT/a//1/8P2///pP7/oOfr//X/I9P/z9P/r6H/1//r//X/bNTS+v/c/b8StzTZ/wAAANBB7v5fjVvsfwAAABhG7v5b4hb7HwAAAIaRu//X4pYm+/+y/n9n1bP/z4xX/z9S/+/9/wc+X/+v/x/Zyfb/tz3xZz79v/5f/x/0//p//T+XW1r/n7v/1+OWJvsfAAAAOsjd/xtxi/0PAAAAw8jd/5txi/0PAAAAw8jd/1txS5P97/3/3v+v/9f/6/+nn6//307e/z+vU/9/y8PX/9Jj9/7ofUd5vv5f/6//1/+zWUvr/3P3/3bc0mT/AwAAQAe5+38nbrH/AQAAYBi5+383brH/AQAAYAudnfxq7v7fi1ua7H/9v/5f/x/9/xn9v/5f/z8C/f+8Tv3/lTxf/6//1//r/9mspfX/uft/P25psv8BAACgg9z9fxC32P8AAACwXFP/IPaM3P23xi32PwAAAAwjd/+5uKXJ/tf/H3///339/3b0/97/r//X/w9B/z9P/7+G/l//r//X/7NRS+v/c/ffFrc02f8AAADQQe7+P4xb7H8AAAAYRu7+P4pb7H8AAAAYRu7+P45bmux//b/3/+v/9f/6/+nn6/+3k/5/nv5/Df3/1fbz1+r/9f/6fy51xP7/8Zk/bW+k/8/d/ydxS5P9DwAAAB3k7v/TuMX+BwAAgGHk7v+zuMX+BwAAgGHk7v/zuKXJ/tf/6//1//r/K+7/9//Ue5L+f5r+/2To/+ctpv/f2Z38sv5/6/t/7//X/+v/2WNp7//P3f8XcUuT/Q8AAAAd5O7/y7hlZv8f+W/mAwAAAKcqd/9fxS2+/w8AAABbL6uz3P1/Hbc02f/6f/2//l//7/3/08+f6//vu+Tz6f+XRf8/bzH9/wH0//r/bf78+n/9P/strf/P3f83cUuT/Q8AAAAd5O6/PW6x/wEAAGAYufv/Nm6x/wEAAGAYufv/Lm5psv+n+/+Lv13/fzj6/72fX/8//fNjU/1//jfq/2f7/xu9/78n/f88/f8a+n/9v/7/oP7/7Lofr/9nytL6/9z9fx+3NNn/AAAA0EHu/n+IW+x/AAAAGEbu/n+MW+x/AAAAGEbu/n+KW5rsf+//1//r/7ev//f+/wtO8/3/qxPv/3f1/4ek/5+n/19D/6//1//Pv/9/5t8CoP9nytL6/9z9/xy3NNn/AAAA0EHu/n+JW+x/AAAA2A6X/rMDl/8DpSF3/7/GLfY/AAAADCN3/7/FLePs/9l3der/9f/6f/2//n/6+cvq/73//7D0//P0/2vo/4+jn98drP+/46Afv4T+/9bj7v9n6P+Zsqf/v//i10+r/8/d/+9xyzj7HwAAANrL3f8fcYv9DwAAAMPI3f+fcYv9DwAAAMPI3f9fcUuT/X/s/f/Mv31A/6//1//r//X/+v9N0//P0/+vof/3/n/v/9f/s1F7+v9LnFb/n7v/v+OWJvsfAAAAOsjd/z9xi/0PAAAAw8jdf0fcYv8DAADAMHL3/2/c0mT/e/+//l//r//X/08/X/+/na6qv79G/1/0//p//b/+X//PBiyt/8/d/39xS5P9DwAAAB3k7v//uMX+BwAAgGHk7n9K3GL/AwAAwDBy9z81bmmy//X/x9v/59f1//r/lf5f/6//PxFt3/+/M/VXov0O6P8f/IVzP733K/p//b/+X/+v/+eQfnjmty2i/z9/8f9d5u5/WtzSZP8DAABAB7n7nx632P8AAAAwjNz9z4hb7H8AAAAYRu7+O+OWI+7/ueZhyfT/3v+v/9f/6/+nn6//305t+/9D8v7/NfT/+n/9v/6fjVpE/3/Jr+fuf2bc4vv/AAAAMIzc/c+KW+x/AAAAGEbu/mfHLfY/AAAADCN3/3Pilib7X/+v/9f/6//1/9PP1/9vJ/3/PP3/GtvU/995Ff3/7vSXT7ufv1qn/fn1//p/9lta/5+7/664pcn+BwAAgA5y9z83brH/AQAAYBi5+58Xt9j/AAAAMIzc/c+PW5rsf/2//l//r//X/08/X/+/nfT/8/T/q9Xq7pkPMNX/n79umf2/9/8v7vPr//X/7Le0/j93/wvilib7HwAAADrI3X933GL/AwAAwDBy998Tt9j/AAAAMIzc/S+MW5rsf/2//l//r//X/08/X/+/nfT/8/T/a2zT+//1/4v7/Pp//T/7La3/z93/orilyf4HAACADnL33xu32P8AAAAwjNz9L45b7H8AAAAYRu7+++KWJvtf/6//1//r//X/08/X/2+n4+v/V/p//b/+fw39v/5f/8/lltb/5+5/SdzSZP8DAABAB7n7Xxq32P8AAAAwjNz9L4tb7H8AAAAYRu7+l8ctTfa//l//r//X/+v/p5+v/99O3v8/T/+/hv5f/6//1/+zUdP9/62n1v/n7n9F3NJk/wMAAEAHufvvj1vsfwAAABhG7v5Xxi32PwAAAAwjd/+r4pYm+1//r//f2/+vVvp//b/+/4IT6P/PrPT/G6f/n6f/X0P/P2b/f81qoP7/7IE/Xv/PEi3t/f+5+18dtzTZ/wAAANBB7v7XxC32PwAAAAwjd/9r4xb7HwAAAIaRu/91cUuT/a//1/97/7/+X/8//Xzv/99O+v95+v819P9j9v/e/6//59Qsrf/P3f/6uKXJ/gcAAIAOcve/IW6x/wEAAGAYufvfGLfY/wAAADCM3P1vilua7H/9v/5f/6//1/9PP1//v530//P0/2vo//X/+n/9Pxu1tP4/d/+b45Ym+x8AAAA6yN3/QNxi/wMAAMAwcvc/GLfY/wAAADCM3P1viVua7H/9v/5f/7+d/f8Z/b/+X/8/aSn9/w03/NRD+n/9v/5f/6//1/93t7T+P3f/W+OWJvsfAAAAOsjd/7a4xf4HAACAYeTuf3vcYv8DAADAMHL3vyNuabL/9/f/164uFKoXTPX/0ajp/y+h/9/7+fX/0z8/vP9f/6//P35L6f+9///KPr/+X/+/zZ//SP3/j+//8fp/RrS0/j93/0NxS5P9DwAAAB3k7n9n3GL/AwAAwDBy978rbrH/AQAAYBi5+x+OW5rsf+//1//r//X/+v/p5+v/t5P+f57+fw39v/7f+/9v/rkf0v+zOUvr/3P3vztuabL/AQAAoIPc/e+JW+x/AAAAGEbu/vfGLfY/AAAADCN3//vilib7X/+v/9f/6//1/9PP1/9vJ/3/PP1/ufwP7YI+/f+ZqS+edj9/tU778w/T/3v/Pxu0tP4/d//745Ym+x8AAAA6yN3/gbjF/gcAAIBh5O7/YNxi/wMAAMAwcvd/KG5psv/1//r/8fv/n9X/X/Z8/b/+f2T6//wr+jT9/xp9+v9Jp93Pb/vn1//r/9lvaf1/7v5H4pYm+x8AAAA6yN3/4bjF/gcAAIBh5O7/SNxi/wMAAMAwcvd/NG5psv/1/736/51Vx/7f+//1//r/TvT/8/T/a+j/9f/6f/0/G7W0/j93/6M7uy33PwAAAGyrn/mJX3zksL/vo0/+55nVx+KWG1fnD/ltbAAAAGDhntj9O7ur1cef/DXf/wcAAIAR5e7/RNzSZP/r/3v1/z3f/6//1//r/zvR/8/T/6+h/9f/6//1/2zU0vr/3P2fjFsuGX67R/6jBAAAAJYkd/+n4pYm3/8HAACADnL3fzpu2bf//esAAQAAYFvl7v9M3NLk+//6/4X3/6tj6v/j99P/X6D/1/9PPV//v530//Ousv8/v6P/1//P0P/r//X/XG5p/X/u/s/GLU32PwAAAAxqz99RyN3/ubjF/gcAAIBh5O7/fNxi/wMAAMAwcvd/IW5psv/1/yfe/2eqfozv/z9bv+T9/837/9vPTD5f/6//H5n+f573/6+h/x+l/79O/6//ZxmW1v/n7v9i3NJk/wMAAEAHufu/FLfY/wAAADCM3P1fjlvsfwAAABhG7v6vxC1N9r/+f+Hv/7+i/v8Q7//X//fo/w94/jj9/49cf+6Bm37+nrv0/1x0kv1//lzQ/+v/9f8XLKj/9/5//T8Lsfn+f3fPF4/a/+fu/2rc0mT/AwAAQAe5+x+LW+x/AAAAGEbu/q/FLfY/AAAADCN3/9fjlib7X/+v/19K/5//W59C/3/uivv/s6vV6lT6/2yKu/f/3v+v/9/P+//n6f/X0P/r//X/+n82avP9/94vHrX/z93/jbilyf4HAACADnL3fzNuyf2/c+S/dQ8AAAAsTO7+b8Utvv8PAAAAw8jd/+24pcn+1//r/5fS/yfv/7/448Z6//9NFaf27P9/rH5J/3+89P/z9P9r6P/1//p//T8btbT+P3f/d+KWJvsfAAAAOsjd/3jcYv8DAADAMHL3fzdusf8BAABgGLn7vxe3NNn/+v9R+/8s4vX/+v+l9P/e/+/9/ydD/z9P/7+G/l//r//X/7NRS+v/c/f/IAAA//9GqnSo")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000680)='.\x00', 0x0, 0xc6)
getdents64(r0, &(0x7f0000004040)=""/4112, 0x1010)

245.427449ms ago: executing program 0 (id=1226):
r0 = mq_open(&(0x7f0000000080)='eth0\x00#~\x02\x00\x00\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfd\x05\x00\x00\x00\x00\x00\x80\x00\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94uu_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18A\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x05\x00\x00\x000\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xce\x00\x00\x00\xe8\vq+\xbb\xc7\xaf\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x0, 0x0)
mq_timedsend(r0, &(0x7f0000000600)="6d12", 0x2, 0x6, 0x0)
mq_timedreceive(r0, &(0x7f000001d600)=""/102389, 0x18ff5, 0x0, 0x0)

93.261412ms ago: executing program 3 (id=1227):
r0 = fsopen(&(0x7f0000000000)='cifs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000040)='source', &(0x7f0000005fc0)='//\xf2/\x06\b/\xdf/o\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcf\xcb\x92\xf1\x83\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x1bR\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xe1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000080)='source', &(0x7f0000000240)='//\xf2/\x06\b\xa30\\/\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas\x9d\x14\xe3\v\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7Gl\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x1bR\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xe1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o', 0x0)

92.255209ms ago: executing program 6 (id=1228):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x4000, &(0x7f00000000c0)=ANY=[], 0xfb, 0x5fc4, &(0x7f0000006400)="$eJzs3U9vHGcdB/Df/vHacds0qlAVIg5uyp+W0vxPoPxryoEDHEBCPZPIdauUFFASEK0i4soHxAV4CXDphUPfAi+grwHxAoiU9NQDZdDYz+OMN+usTeKZXT+fj7SZ+c2z430m3x3PrGdmJwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA+NEPf3a2FxFXfpsmHIt4OgYR/Ygjdb0S9cjl/PxhRByPzeZ4PiIGixH1/Jv/PBtxISI+ORpx7/7t1XryuT324+KZWzc+//EP/vmHP28cf/etn3803v7TL5z/+I93Io795LWPP7/zZJYdAAAASlFVVdVLH/NPpM/3/a47BQC0Im//qyRPV6vVavUTrf/U38/zn36q6/6qD2ndVE12p1lExHpznnqfweF4AJgz6/FZ112gQ/Iv2jAinuq6E8BM63XdAQ7Evfu3V3sp315ze7Cy1Z7/Trkj//Xe9vUduw2nGT/HpK3310YM4rld+nOkpT7Mkpx/fzz/K1vto/S8g86/LbvlP9q69Kk4Of/BeP5jduT/l4iY2/z7E/MvVc5/uJ/81wdzvP7LHwAAAACAwy///f9Yx8d/Fx9/UfbkUcd/V1rqAwAAAAAAAAA8aY97/79t7v8HAAAAM6v+rF7769EH03b7LrZ6+pu9iGfGng8UZqXx5YAAAAAAAAAAAAAAQDuGEcvpvP6FiHhmebmqqvrRNF7v1+POP+9KX34oWde/5AEAYMsnR8eu5e9FLEXEm+m7/haWl5eraiEilqsji3l/drS4VB1pfK7Nw3ra4mgPO8TDUVX/sKXGfE3TPi9Pax//efVrjarBHjrWjg4DB4CI2Noa3bNFOmSq6tnoei+H+WD9P3ys/+xF1+9TAAAA4OBVVVX10td5n0jH/PtddwoAaEXe/o8fF1Cr1epi6k+3Js5Mf9TqA6ybqsnuNIuIWG/OU+8zuB0/AMyZ9fis6y7QIfkXbRgRx7vuBDDTel13gANx7/7t1V7Kt9fcHqxstedzQXbkv97bnC/PP2k4zfg5Jm29vzZiEM/t0p/nW+rDLMn598fzv7LVnm/xv53P0sHk35bd8q+X81gH/elazn8wnv+Yg17/27IR/Yn5lyrnP9xX/gP5AwAAAADADMt//z/m+G9eZAAAAAAAAACYO/fu317N173m4/9fmvC8XnPM9Z+HRs6/t+f8Xf97mOT8++P5j52QM2iM333jQf6f3r+9+tGtf38xD2c+/4XBqH7thV5/MEzn/FQLb8e1uB5rceah5w93tJ99qH1hR/u5Ke3nH2of1e1HcvupWI1fxfV4a7t9ccqJUUtT2qsp7Tn/gfW/SDn/YeNR57+c2ntjw9rdD/sPrffN4aTXufz3/3z14bWrDcMd1UYMtpet4Wj9z8nW+vTA5v/JU6P4zc21G6d+d/XWrRtnIw12TD0XafCE5fwX0iPn/9KLW+35935zfb374Wjf+c+KjRhOyn/z/f1iY7xe3pdb7lsXcv6j9Mj55y3Q5PV/nvOfuP5vLt8rHfQHAAAAAAAAAAAAAAAAHqWqqs1LRC9HxKV0/U9X12YCAO3K2/8qydPVarVarVYfvrqpmuz1ZhER/2jOU+8z/H7SDwMAZtl/I+JfXXeCzsi/YPn7/urhl7vuDNCqm+9/8Iur16+v3bjZdU8AAAAAAAAAgP9Xvv/nSuP+z5vnAY3dN3rH/V/fiJW5vf9nfzTYvNd5WqAX4tH3/z4Zj77/93DK6y1MaR9NaV+c0r40pX3ihR4NOf8XUsY5/xNpwUq6/+tLHfSnazn/k+lezzn/r409r5l/9bd5zr+/I//Tt9779emb73/w6rX3rr6z9s7aL8+euXTh/MUL5y9ePP32tetrZ7b+7bDHByvnn+997TzQsuT8c+byL0vO/yupln9ZUv7bu6HyL0te//P+nvzLkvPPn33kX5ac/8upln9Zcv5fT7X8y5LzfyXV8i9Lzv8bqZZ/WXL+r6Za/mXJ+Z9KtfzLkvM/nWr5lyXnn49wyb8sOf98ZoP8y5LzP5dq+Zcl538+1fIvS87/QqrlX5ac/8VUy78sOf9LqZZ/WXL+30y1/MuS8/9WquVflpz/a6mWf1ly/t9OtfzLkvP/TqrlX5ac/3dT/aj8322xX7Qj5/+9VFv/y5Lz/36q5V+WnP/rqZZ/WR58/7+RfY8sz0Y3jBh58iNd/2YCAAAAAAAAAAAAAMa1cTpx18sIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwP3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhb17jZGrvO8HfvZmrw0B/8OdOGCbm4GF3fUNHGIwScifkl4oCWnTkhrHXhsnvtW7TgChsim0JQpSkdoX9EXTJEqiSG0FqiI1lWiE1Ejtm6p51QhVilopUl0JKgcllVIFtjpznufZmdnZmbW9a5855/OJ8M/eOWfmmTNnZve70XcGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg2cYPT/3RQJZl+X+NP9Zl2cX539dku/N/zu640CsEAAAAztU7jT//6tL0hd1L2Klpm3+87l++Mzc3N5d95u1T7/7J3Fy6YEOWDa3OssZl0T/9/GdzzdsEz2WjA4NN/x7scfNDPS4f7nH5SI/LV/W4fHWPy0d7XL7gACywpvh9TOPKbmz8dV1xSLPLs5HGZTd22Ou5gdWDg/F3OQ0DjX3mRg5kh7LD2VQ2sWCfgcb/suy1jfltPZjF2xpsuq31WZad/skz++IaBsIxvjFrubGG5sfurfuzDW//5Jl935p585pOs+dhWLDSLNu8KV/n81k2/+uqbCBbnY5JXOdg0zrXd1jnUMs6Bxr75X9vX+fpJa4z3u/RsM4fdFnn+vC1J2/Ismw2W3Sbds9lg9natltNx3u0OCPy68gfyvdmw2d0nmxcwnmS7/PjG1rPk/ZzMh7/jeGYDC+yhuaH460vrlpw3M/2PMnvdRnO1fy6H85vdHS0+VerLedqvs0zNy1+DnR87DqcA+lcbjoHNvU6BwZXDTXOgcH5NW9qOQcmF+wzmA00buvUTd3PgfGZI8fHp596+o5DR/YenDo4dXRyYse2rdu3bd2+ffzAocNTE8WfZ3ZI+8jabDCdg5vCa008B29p27b5lJz72vI9D0ZL8jzI7/snbs4XdPFgtsg5nm/z/OZzfx6k7/tNz4PhpudBx9fUDs+D4SU8D/JtTm9e2vfM4ab/Oq1hpV4L1zWdAxfy+2F+m4/duvhr4fqwrhduO9Pvh0MLzoF4twbCcy//Svp5b/TucFwWnhfX5hdctCo7OT114s4n987MnJjMwjgvLmt6rNrPl7VN9ylbcL4MnvH5svsvf3HztR2+vi4cq9Hb5x+rVR0eh3ybbWPdH6vGq3vn49ny1S1ZGMvsfB/PTt/N8uOZskSXcz/f5vk7zv1nwZRLml7/Rnq9/g2NDBevf0PpaIy0vP4tfGiGGivLstN3LO31byT8d75f/y4vyetffqweu7P7OZBv88L4mZ4Dw11f/24IcyCs59aQGEabcv+7jctni9O06bHsed4MD4+E82Y43mLrebN1wT75teW3vXni7M6bzTe0PlYtP7dU8LzJj9WfTnQ/b/JtXp8899eONfGvTa8dq3qdAyNDq/L1jqSToHi9m1sTz4E7s33Zsexwtj/tkz/K+W2NbVnaObAq/He+XzuuLsk5kB+rl7d0Pwfybb6/dXl/dtocvpK2afrZqf33C4tl/muH56+v/bAtd+bP1/mRbd1/N5Rv8+a2M80Z3Y/T7eErF3U4Tu3Pn8XO6f3Z+TlOV4d1Ht7e/XdT+TaX71ji+bQ7y7I3Jt9o/L4r/H73b07+63dafu/b6XfKb0y+8dD4Iz88k/UDAHD23m38Obuq+Fmz6f+xXsr//w8AAAD0hZj7B8NM5H8AAACojJj7h8JM5H8AAACojJj7h8NMapL/n7h75yvvPJuldwOcC+Ll8TA8fG+xXex4z4Z/b5ibl3/9Q98YeeVLzy7ttgezLPvFQ+/ruP0T98Z1FY7HdX6g9esLXH39km7/8Ufnt2t+/4TTO4vrj/dnqadB7Cq/Nr6lcb0bnppszNcfyhrzkdkXniuuv/h33P7U1mL7Pw9vWrL7wEDL/pvDem4Mc0N4T5mHd88fh3zG/V5Zf90/XPbJ+duL+w1suqRxN1/+veJ643tEvXRZsX2834ut/++//O1X8u2fvKnz+p8d7Lz+U+F6fxzmz3cV2zcf8y81rf8Pwvrj7cX97vz69zqu/9Wriu1fDefFV8NsX//9f/z+dzo9XvF2dt9T7Bdvf+J/tjX2i9cXr799/aPPTrYcj/brf/3t4np2ff6nQ83bx6/H24kev6f1/B4Ij29LjzzLsm//YdZynLMPFvv9Xdv64/Udv6fz+m9vW+fxgesb+8/fn3Ut9+sr39zS8f7G9ez+63Ut9+elB8Lxe3v8+/n1nnoknI/h8v/9QXF97e9l+uoDra83cfuvriuet/H6xtvW/1Lb+mevz49d7/U/+Hax/lfvW92y/t0fDefTg8Xstf6Df3Fpy/5f+1bxeJz4wtjRY9MnD+0Pd2Zd2/N49eiatRdd/J5LLg2vpe3/3nNs5ompExsmNkxk2YY+fMvAlV7/18P872LMLv8tFH740+K8e/FjxfetW35W/Pul8PXHw+MZvz9+5c9GWs7X9sd99r5inuv6bwvrWKqrvvwf13f48n8ueM/fU59+7eTf/v6b7T8XxPtz/IrRxv17eeOVjcsGXi8ub3+96uXfr2h9Xv9oeKIxvxuO61x4Z+ZNVxa313798b1JXvx48fyNP8nF/bO29xNZN9R6P851/T8KP8d87+rW1794fnz32bZ3c16XDeRLmA2vD9lscXncKh7vF09f2fH24vvwZLPXnMkyFzX91PT44UNHTz45PjM1PTM+/dTTe44cO3l0Zk/jvUv3fLbX/vPP77WN5/f+qR3bssaz/VgxVtiFXv/xR/ftv2vi5v1TB/aePDDz6PGpEwf3TU/vm9o/ffPeAwemvtBr/0P7d01u2bn1ri1jBw/t33X3zp1bd44dOnosX0axqB52THxu7OiJPY1dpndt2zm5ffu2ibEjx/ZP7bprYmLsZK/9G9+bxvK9Pz92Yurw3plDR6bGpg89PbVrcueOHVt6vvvjkeMHpjeMnzh5dPzk9NSJ8eK+bJhpfDn/3tdrf+ph+lh4vWszEH46/9TtO9L74+a+8cVFr6rYpPXH0+yt8F5Q8ftbr3/H3D8SZlKT/A8AAAB1EHN/eOP/+QvkfwAAAKiMmPtXh5nI/wAAAFAZMfePhpnUJP/r/+v/6//r/+v/n8f+f6b/v9z0/5el/7+Q/v+S6P/r/+v/6//TXdn6/zH3r8myWuZ/AAAAqIOY+9eGmcj/AAAAUBkx918UZiL/AwAAQGXE3H9xmEk98v9I+1/1//X/9f+b+/9xW/3/TP9f//8s6f/r/3ej/6//38/rL2H/f43+P2VTtv5/zP3vCTOpR/4HAACAWoi5/5IwE/kfAAAAKiPm/kvDTOR/AAAAqIyY+9eFmdQk//v8f/1//X+f/6//r/+/kvT/9f+70f/X/+/n9Zew/+/z/ymdsvX/Y+7/f2EmNcn/AAAAUAcx9783zET+BwAAgMqIuf+yMBP5HwAAACoj5v7Lw0xqkv/1//X/9f/1//X/9f9Xkv6//n83+v/6//28fv1//X96K1v/P+b+K8JMapL/AQAAoA5i7r8yzET+BwAAgMqIuf+qMBP5HwAAACoj5v6rw0xqkv/1//X/9f/1//X/9f9Xkv6//n83+v/6//28fv1//X96K1v/P+b+a8JMapL/AQAAoA5i7r82zET+BwAAgMqIuf99YSbyPwAAAFRGzP3rw0xqkv/1//X/S9//H9T/1/8v6P/r/3eyvP3/wUUv0f8v6P+30v/X/9f/1/+nu7L1/2Puf3+YSU3yPwAAANRBzP3XhZnI/wAAAFAZMfdfH2Yi/wMAAEBlxNy/IcykJvlf/1//v/T9f5//r/8fZu36/zMD+v9L4PP/9f8z/f+zdqH78/2+fv1//X96K1v/P+b+jWEmNcn/AAAAUAcx928KM5H/AQAAoDJi7r8hzET+BwAAgMqIuf/GMJOa5H/9/7Ps/69p/af+f+f16//r/+v/+/x//X/9/270//X/+3n9+v9L6/+v6nVFVFrZ+v8x998UZlKT/A8AAAB1EHP/zWEm8j8AAABURsz9t4SZyP8AAABQGTH3bw4zqUn+1//3+f/6//r/+v/6/ytJ/3/J/f81Z7Mu/f+C/v/ZudD9+X5ffz/1/0c77O/z/zkfytb/j7n/1jCTmuR/AAAAqIOY+28LM5H/AQAAoDJi7r89zET+BwAAgMqIuX8szKQm+V//X/9f/1//X/9f/38lVbX/n15Hff6//r/+v/7/Cvf/v7nI/v3y+f/UW9n6/zH33xFmUpP8DwAAAHUQc/+dYSbyPwAAAFRGzP3jYSbyPwAAAFRGzP0TYSY1yf/6//r/+v/6//r/+v8rqar9//bP/8+yTP9f/z/R/9f/L9vn/3ei/8/5ULb+f8z9k2EmNcn/AAAAUAcx928JM5H/AQAAoDJi7t8aZiL/AwAAQGXE3L8tzKQm+V//X/9f/1//X/9f/38l1aX/7/P/i8v1/wv6//r/+v/6/3U02OFrZev/x9y/PcykJvkfAAAA6iDm/h1hJvI/AAAAVEbM/XeFmcj/AAAAUBkx998dZlKT/K//r/+v/6//X97+f+vtr1z//7/0/1eQ/r/+fzf6//r//bx+/X/9f3pb3v7/pefc/4+5f2eYSU3yPwAAANRBzP0fCDOR/wEAAKAyYu6/J8xE/gcAAIC+0ulzCKOY+z8YZlKT/K//X/X+/9xq/X/9//7t/7ceT5//r//fSXj51P9fonr1/9csuD39/1YXuj/f7+vX/9f/p7fl7f8v+PH0jPv/MffvCjOpSf4HAACAOoi5/94wE/kfAAAAKiPm/vvCTOR/AAAAqIyY+3eHmdQk/+v/V73/X77P/x/I9P/1/wv6//r/y8Hn/+v/Zz7//6ydbX8+vu+G/n95+v/5OaT/TxmVrf8fc//9YSY1yf8AAABQBzH3fyjMRP4HAACAyoi5/8NhJvI/AAAAVEbM/R8JM6lJ/tf/1//3+f/6//r/+v8rSf9f/78b/f/+7P9H+v/l6f/7/H/Kqmz9/5j7HwgzqUn+BwAAgDqIuf+jYSbyPwAAAFRGzP3/P8xE/gcAAIDKiLn/wTCTmuR//X/9f/1//X/9f/3/laT/r//fjf6//n8/r1//X/+f3srW/4+5/5fCTGqS/wEAAKAOYu5/KMxE/gcAAIDKiLn/Y2Em8j8AAABURsz9vxxmUpP8r/9/fvr/g+n69f/1//X/9f/1/5dTn/b/R/X/C/r/+v/9vH79f/1/eitb/z/m/l8JM6lJ/gcAAIA6iLn/V8NM5H8AAACojJj7fy3MRP4HAACAyoi5/+Ewk5rkf/1/n/+v/6//X9r+/3Dr8dT/1//vpE/7/z7/P9D/1//v5/Xr/+v/01vZ+v8x9/96mElN8j8AAADUQcz9j4SZyP8AAABQGTH3fzzMRP4HAACAyoi5/xNhJjXJ//r/+v/6//r/pe3/tx1P/f+y9v//reul+v/6/93o/+v/9/P69f/1/+mtbP3/mPsfDTOpSf4HAACAOoi5/5NhJvI/AAAAVEbM/b8RZiL/AwAAQGXE3P+bYSb9mf8Hz3QH/X/9f/1//X/9f/3/laT/v7D/n7+GXcj+/6qlbKj/vyT6//r/+v/6/3RXtv5/zP2fCjPpz/wPAAAAdBBz/2+Fmcj/AAAAUBkx9/92mIn8DwAAAJURc/9jYSY1yf/6//r/+v/6//r/+v8rSf/f5/93o/+v/9/P69f/1/+nt7L1/2Pu/3SYSU3yPwAAANRBzP2/E2Yi/wMAAEBlxNy/J8xE/gcAAIDKiLn/8TCTmuR//X/9f/1//f/l6f/P6f/r/3ek/6//343+v/5/P69f/1//n97K1v+PuX9vmElN8j8AAADUQcz9nwkzkf8BAACgMmLu3xdmIv8DAABAZcTcvz/MpCb5X/9f/1//X//f5//r/68k/X/9/270//X/+3n9+v/6//RWtv5/zP1TYSY1yf8AAABQBzH3Hwgzkf8BAACgMmLuPxhmIv8DAABAZcTc/0SYSU3yv/6//r/+v/6//r/+/0rS/9f/70b/X/+/n9ev/6//T2/L1///52Xp/8fcfyjMpCb5HwAAAOog5v7PhpnI/wAAAFAZMfd/LsxE/gcAAIDKiLn/cJhJTfK//r/+v/5/Bfv/w/r/mf5/aej/6/93o/+v/9/P69f/1/+nt+Xr/2fL0v+Puf9ImElN8j8AAADUQcz9R8NM5H8AAACojJj7j4WZyP8AAABQGTH3Hw8zqUn+1//X/9f/r2D/3+f/N+j/l4P+v/5/N/r/+v/9vH79f/1/eitb/z/m/t8NM6lJ/gcAAIA6iLn/RJiJ/A8AAACVEXP/dJiJ/A8AAACVEXP/TJhJTfK//r/+v/6//r/+v/7/StL/1//vRv+/f/r/Ix321//X//8/9u6jyY676uP41WPLksr1FCv2vAV27OAd+DWwYUuxIOeMAZNzzjnnaHLOOZick0FkMFSZsu45x5Y16h6N5+p2/8/ns/DxyGOpramS61dT32r9P3OW1v/n7r9v3NJk/wMAAEAHufvvF7fY/wAAADCM3P33j1vsfwAAABhG7v4HxC1N9r/+X/+v/19M/7/t/PT/+n/9/yXR/+v/N/vu/8/EB4P3/wfR/+v/9f/MWVr/n7v/gXFLk/0PAAAAHeTuf1DcYv8DAADAMHL3Pzhusf8BAABgGLn7HxK3NNn/+n/9/7j9/6m19f/e/59f1xH7/xO3/rL6/+Ol/9f/b/bd/zd5//9B9P/6f/0/c5bW/+fuf2jc0mT/AwAAQAe5+x8Wt9j/AAAAMIzc/Q+PW+x/AAAAGEbu/kfELU32v/5f/z9u/7+69//r//PrOkT/f6Z+Hu//1//r/y9O/6//X/Pz6//1/8xbWv+fu/+RcUuT/Q8AAAAd5O5/VNxi/wMAAMAwcvc/Om6x/wEAAGAYufsfE7c02f/6f/2//l//r/+/DO//1//r//X/B9L/6//X/Pz6f/0/85bW/+fuf2zc0mT/AwAAQAe5+x8Xt9j/AAAAMIzc/Y+PW+x/AAAAGEbu/ifELU32v/5f/6//1//r//X/u6T/1/9P0f/r/9f8/Pp//T/zdt7/X3PtuXvY/j93/7VxS5P9DwAAAB3k7n9i3GL/AwAAwDBy9z8pbrH/AQAAYBi5+58ctzTZ/wf0/1ds9P9N+/+bT+j/9f/L7P9vij9l9P/6/wutu/8/rf/X/5/74eX1/4f7ndD/6//1/8zZef8/0/vf/uPc/dfFLU32PwAAAHSQu/8pcYv9DwAAAMPI3f/UuMX+BwAAgGHk7n9a3NJk/3v/v/7/ON//nz+v/n9L/+/9//p//b/3/0/bYf9/r/zN1P9f3L77+bU//1T/f/dDPL/+nw6W1v/n7n963NJk/wMAAEAHufufEbfY/wAAADCM3P3PjFvsfwAAABhG7v5nxS0N9v+V+v96jqT/9/7/Q/X/Z7b/vv7//OfR/+v/D6L/1/9P8f5//f+an9/7/+f7/6vnfhKGt7T+P3f/s+OWBvsfAAAAusjd/5y4xf4HAACAYeTuf27cYv8DAADAMHL3Py9uabL/9f/6f/2/9//fof7/Cv2//n+a/l//P0X/r/9f8/Pr/73/n3lL6/9z9z8/bqnhd+UR/isBAACAJcnd/4K4pcn3/wEAAKCD3P0vjFvsfwAAABhG7v4XxS1N9r/+X/+v/9f/e/+//n+X9P/D9f8n9P+30v/r//X/+n+mLa3/z93/4rilyf4HAACADnL3vyRusf8BAABgGLn7Xxq32P8AAAAwjNz9L4tbmux//b/+X/+v/9f/6/93Sf8/XP/v/f+3of/X/+v/9f9MW1r/n7v/5XFLk/0PAAAAHeTuf0XcYv8DAADAMHL3vzJusf8BAABgGLn7XxW3NNn/+n/9v/5f/6//1//v0vL7/5OH+iz9/5b+/3y76v9PX+TX0/8v6/mPp//Pr77+nzEtoP+/x20/zt3/6rilyf4HAACADnL3vyZusf8BAABgGLn7Xxu32P8AAAAwjNz9r4tbmuz/i/X/Z6/e/vOZ/j9/w/T/cfX/+v+N/r/o//X/m1X0/4ej/9/S/5/P+//1/97/r/9n2gL6//M+zt3/+rilyf4HAACADnL3vyFusf8BAABgGLn73xi32P8AAAAwjNz9b4pbmux/7//X/+v/9f/6f/3/Lun/9f9TVtT/nzroB/X/+n/9v/6faUvr/3P3vzluabL/AQAAoIPc/W+JW+x/AAAAGEbu/rfGLfY/AAAADCN3/9vilib7X/+v/997//9/+v+k/4+vq/5f/38J9P/6/433/x/Zvvv5tT+//l//z7yl9f+5+98etzTZ/wAAANBB7v53xC32PwAAAAwjd/874xb7HwAAAIaRu/9dcUuT/a//1//vvf/3/v+i/4+vq/5f/38J9P/6/43+/8j23c+v/fn1//p/5i2t/8/d/+64pcn+BwAAgA5y978nbrH/AQAAYBi5+98bt9j/AAAAMIzc/e+LW5rsf/2//l//r//X/+v/d0n/r/+fcnn7/+vO6v/Pt+9+fu3Pr//X/zNvaf1/7v73xy1N9j8AAAB0kLv/A3GL/Q8AAADDyN3/wbjF/gcAAIBh5O7/UNzSZP/r/9fe/9/zxniCpfX/+Sn6f/2//l//r//X/1/Uct//f/s/KQ6m/9f/6//1/0y7bP3/va+5z91u+ZuZ/j93/4fjlib7HwAAADrI3X993GL/AwAAwDBy938kbrH/AQAAYBi5+z8atzTZ/z36/5MXfNo4/b/3/+v/F93/5x+q+n/9v/5f/3+g5fb/h6P/1//r//X/TFva+/9z938sbmmy/wEAAKCD3P0fj1vsfwAAABhG7v5PxC32PwAAAAwjd/8n45Ym+79H/38h/f/Wsff/N99J/6//L97/r//f6P/1/zP0//r/NT//0P3/iY3+n2OxtP4/d/+n4pYm+x8AAAA6yN3/6bjF/gcAAIBh5O7/TNxi/wMAAMAwcvd/Nm646//v75EuK/2//t/7//X/+n/9/y7p/4/Q/5+48tDPpf/f0v8fzb77+bU//9D9v/f/c0yW1v/n7v9c3OL7/wAAADCM3P2fj1vsfwAAABhG7v4vxC32PwAAAAxg27vn7v9i3NJk/+v/9f/6f/2//l//v0v6f+//n6L/1/+v+fn1//p/5i2t/8/d/6W4pcn+BwAAgA5y9385brH/AQAAYBi5+78St9j/AAAAMIzc/V+NW5rsf/2//l//r//X/+v/d0n/r/+fov/X/6/5+fX/+n/mLa3/z93/tbilyf4HAACADnL3fz1usf8BAABgGLn7vxG32P8AAAAwjNz934xbmux//b/+X/+v/9f/773/P7nR/x+Z/l//v9H/H9m++/m1P7/+X//PvKX1/7n7vxW3NNn/AAAA0EHu/m/HLfY/AAAADCN3/3fiFvsfAAAAhpG7/7txS5P9P3L/P/Vp+v8t/b/+f6P/X0L/7/3/d4D+X/+/0f8f2b77+bU/v/5f/8+8pfX/ufu/F7c02f8AAADQQe7+78ct9j8AAAAMI3f/DZvN9fY/AAAAjOmGc389vflB3NJk/4/c/0/R/2/p//X/G/2//n/H9P/6/yn6f/3/mp9f/6//Z97S+v/c/T+MW5rsfwAAAOggd/+P4hb7HwAAAIaRu//HcYv9DwAAAMPI3f+TuKXJ/tf/6//1//p//b/+f5f0//r/Kfp//f+an1//r/9n3tL6/9z9P41bmux/AAAA6CB3/8/iFvsfAAAAhpG7/+dxi/0PAAAAw8jd/4u4pcn+1//r//X/+n/9v/5/l/T/+v8p+n/9/5qfX/+v/2fe0vr/3P2/jFua7H8AAADoIHf/r+IW+x8AAACGkbv/13GL/Q8AAADDyN3/m7ilyf7X/+v/9f/6f/2//n+X2vb/t/xvVf8/S/+v/1/z8+v/9f/MW1r/n7v/t3FLk/0PAAAAHeTu/13cYv8DAADAMHL3/z5usf8BAABgGLn7/xC3NNn/+n/9v/5f/7+O/v8q/b/+/0CL7f+9//9Q9P/6/zU/v/5f/8+8pfX/uftvjFua7H8AAADoIHf/H+MW+x8AAACGkbv/T3GL/Q8AAADDyN1/Nm5psv/1//r/Ifv/U/r/8fp/7/9fZf9/F/2//n+a/l//v+bn1//r/5m3tP4/d/+f45Ym+x8AAAA6yN3/l7jF/gcAAIBh5O7/a9xi/wMAAMAwcvf/LW5psv/1//r/Ift/7//X/+v/F0P/r/+fov/X/6/5+fX/+n/mLa3/z93/97ilyf4HAACADnL3/yNusf8BAABgGLn7/xm32P8AAAAwjNz9/4pbmux//b/+X/+v/9f/6/93Sf+/3v7/qo3+f47+X/+v/9f/M21p/X/u/n/HLU32PwAAAHSQu/+muOXA/X/ny/RUAAAAwHHK3f+fuMX3/wEAAGAYufv/G7c02f/6f/2//l//r//X/++S/n+9/b/3/8/T/+v/9f/6f6Ytrf/P3f+/AAAA///XHBWv")
rename(&(0x7f0000000140)='./file0/file0\x00', &(0x7f00000002c0)='./file1\x00')
rename(&(0x7f0000000000)='./file0/file1\x00', &(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

0s ago: executing program 1 (id=1229):
r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x56a, 0x94, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x40, 0xc6, [{{0x9, 0x4, 0x0, 0x7, 0x22, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x0, 0x5, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x20, 0x0, 0x0, 0x1}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x22, 0x5, {[@global=@item_4={0x3, 0x1, 0x5, "17321748"}]}}, 0x0}, 0x0)

kernel console output (not intermixed with test programs):

bmit option
[  154.943538][ T7029] EXT4-fs: Ignoring removed nomblk_io_submit option
[  155.060067][ T7029] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  155.150266][ T7029] ext4 filesystem being mounted at /55/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  155.300605][ T7029] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  155.351685][ T7029] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 5 with error 28
[  155.388378][ T7029] EXT4-fs (loop1): This should not happen!! Data will be lost
[  155.388378][ T7029] 
[  155.425437][ T7029] EXT4-fs (loop1): Total free blocks count 0
[  155.448795][ T7029] EXT4-fs (loop1): Free/Dirty block details
[  155.466028][ T7029] EXT4-fs (loop1): free_blocks=4293918720
[  155.484929][ T7029] EXT4-fs (loop1): dirty_blocks=16
[  155.504978][ T7029] EXT4-fs (loop1): Block reservation details
[  155.521362][ T7029] EXT4-fs (loop1): i_reserved_data_blocks=1
[  156.268266][ T5867] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.067802][ T7045] loop0: detected capacity change from 0 to 128
[  157.135706][ T7048] loop5: detected capacity change from 0 to 128
[  157.207963][ T7045] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  157.269241][ T7048] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  157.305379][ T7045] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  157.366881][ T7048] hpfs: filesystem error: improperly stopped
[  157.429207][ T7048] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  157.529052][ T7048] hpfs: You really don't want any checks? You are crazy...
[  157.536991][ T7048] hpfs: hpfs_map_sector(): read error
[  157.639072][ T5870] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  157.654147][ T7048] hpfs: code page support is disabled
[  157.718783][ T7048] hpfs: hpfs_map_4sectors(): unaligned read
[  157.788466][ T7048] hpfs: hpfs_map_4sectors(): unaligned read
[  157.869012][ T5870] usb 2-1: Using ep0 maxpacket: 16
[  157.894500][ T7048] hpfs: filesystem error: unable to find root dir
[  157.946345][ T5870] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  158.054887][ T5870] usb 2-1: New USB device found, idVendor=0458, idProduct=5016, bcdDevice= 0.00
[  158.172194][ T7057] loop0: detected capacity change from 0 to 64
[  158.188697][ T5870] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  158.310279][ T5870] usb 2-1: config 0 descriptor??
[  158.802966][ T7063] program syz.5.371 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  158.842523][ T5870] kye 0003:0458:5016.0002: control desc unexpectedly large
[  158.995832][ T5870] input: HID 0458:5016 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0458:5016.0002/input/input6
[  159.188834][ T5870] input: HID 0458:5016 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0458:5016.0002/input/input7
[  159.255206][ T7072] loop2: detected capacity change from 0 to 512
[  159.299812][    T9] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  159.359093][ T5856] usb 4-1: new full-speed USB device number 4 using dummy_hcd
[  159.399668][ T7072] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  159.419261][ T5870] kye 0003:0458:5016.0002: input,hiddev0,hidraw0: USB HID v0.09 Device [HID 0458:5016] on usb-dummy_hcd.1-1/input0
[  159.504025][ T7072] EXT4-fs error (device loop2): ext4_get_branch:178: inode #11: block 4294967295: comm syz.2.375: invalid block
[  159.517423][    T9] usb 5-1: Using ep0 maxpacket: 16
[  159.530487][ T5870] usb 2-1: USB disconnect, device number 4
[  159.560372][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  159.603091][ T5856] usb 4-1: config 1 has an invalid interface number: 105 but max is 0
[  159.684168][ T7072] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.375: invalid indirect mapped block 4294967295 (level 1)
[  159.707854][    T9] usb 5-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[  159.717110][ T5856] usb 4-1: config 1 has no interface number 0
[  159.790089][ T5856] usb 4-1: config 1 interface 105 has no altsetting 0
[  159.819144][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  159.892826][ T5856] usb 4-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[  159.911162][ T7072] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.375: invalid indirect mapped block 4294967295 (level 1)
[  159.981846][    T9] usb 5-1: config 0 descriptor??
[  159.997085][ T5856] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  160.029910][ T7070] kthread_run failed with err -4
[  160.114937][ T5856] usb 4-1: Product: syz
[  160.150535][ T5856] usb 4-1: Manufacturer: syz
[  160.155179][ T5856] usb 4-1: SerialNumber: syz
[  160.209727][ T7072] EXT4-fs (loop2): 2 truncates cleaned up
[  160.276226][ T7072] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  160.298885][ T7076] fido_id[7076]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  160.476599][    T9] lenovo 0003:17EF:6047.0003: unknown main item tag 0x0
[  160.598225][    T9] lenovo 0003:17EF:6047.0003: unknown main item tag 0x0
[  160.609404][ T7072] EXT4-fs error (device loop2): ext4_get_parent:1834: inode #11: comm syz.2.375: bad parent inode number: 3
[  160.672727][    T9] lenovo 0003:17EF:6047.0003: unknown main item tag 0x0
[  160.762678][    T9] lenovo 0003:17EF:6047.0003: unknown main item tag 0x0
[  160.832707][    T9] lenovo 0003:17EF:6047.0003: unknown main item tag 0x0
[  160.956886][    T9] lenovo 0003:17EF:6047.0003: hidraw0: USB HID v0.05 Device [HID 17ef:6047] on usb-dummy_hcd.4-1/input0
[  161.004368][ T5856] aqc111 4-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x20) reg index 0x0000: -71
[  161.137246][ T7087] loop5: detected capacity change from 0 to 256
[  161.155555][    T9] usb 5-1: USB disconnect, device number 4
[  161.164448][ T5856] aqc111 4-1:1.105: probe with driver aqc111 failed with error -71
[  161.215842][ T5889] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.321571][ T5856] usb 4-1: USB disconnect, device number 4
[  161.547234][ T7087] FAT-fs (loop5): Directory bread(block 64) failed
[  161.633489][ T7087] FAT-fs (loop5): Directory bread(block 65) failed
[  161.713641][ T7087] FAT-fs (loop5): Directory bread(block 66) failed
[  161.778607][ T7088] fido_id[7088]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  161.802881][ T5870] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  161.810498][ T7087] FAT-fs (loop5): Directory bread(block 67) failed
[  161.857631][ T7087] FAT-fs (loop5): Directory bread(block 68) failed
[  161.909153][ T7087] FAT-fs (loop5): Directory bread(block 69) failed
[  161.915769][ T7087] FAT-fs (loop5): Directory bread(block 70) failed
[  162.039943][ T5870] usb 1-1: Using ep0 maxpacket: 8
[  162.074017][ T7087] FAT-fs (loop5): Directory bread(block 71) failed
[  162.129167][ T5870] usb 1-1: unable to get BOS descriptor or descriptor too short
[  162.165975][ T7087] FAT-fs (loop5): Directory bread(block 72) failed
[  162.232750][ T5870] usb 1-1: config index 0 descriptor too short (expected 25, got 18)
[  162.294201][ T7087] FAT-fs (loop5): Directory bread(block 73) failed
[  162.329063][ T5870] usb 1-1: config 9 has an invalid interface number: 112 but max is 0
[  162.435183][ T5870] usb 1-1: config 9 has no interface number 0
[  162.541789][ T5870] usb 1-1: config 9 interface 112 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  162.598047][ T7103] Bluetooth: MGMT ver 1.23
[  162.652721][ T5870] usb 1-1: config 9 interface 112 has no altsetting 0
[  162.770492][ T5870] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice= 8.d3
[  162.830077][ T5870] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  162.854587][ T5870] usb 1-1: Product: syz
[  162.858750][ T5870] usb 1-1: Manufacturer: syz
[  162.949061][ T5870] usb 1-1: SerialNumber: syz
[  163.035895][ T5870] r8152-cfgselector 1-1: Unknown version 0x0000
[  163.389121][ T5870] r8152-cfgselector 1-1: USB disconnect, device number 3
[  163.800070][ T7116] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  163.975588][ T7114] loop5: detected capacity change from 0 to 4096
[  164.077391][ T7121] netlink: 'syz.2.395': attribute type 12 has an invalid length.
[  164.088575][ T7114] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512).
[  164.163438][ T7121] netlink: 9472 bytes leftover after parsing attributes in process `syz.2.395'.
[  164.369117][ T5870] usb 4-1: new full-speed USB device number 5 using dummy_hcd
[  164.410073][ T7114] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  164.447745][ T7125] loop4: detected capacity change from 0 to 256
[  164.482772][ T7114] ntfs3(loop5): ino=19, mi_enum_attr
[  164.593341][ T5870] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  164.700567][ T5870] usb 4-1: New USB device found, idVendor=1ea7, idProduct=0907, bcdDevice= 0.00
[  164.785935][ T5870] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  164.900199][ T5870] usb 4-1: config 0 descriptor??
[  165.149434][ T7100] loop1: detected capacity change from 0 to 32768
[  165.374108][ T7100] workqueue: Failed to create a rescuer kthread for wq "ocfs2_wq": -EINTR
[  165.375202][ T7100] (syz.1.386,7100,0):ocfs2_initialize_super:2229 ERROR: status = -12
[  165.589581][ T5870] semitek 0003:1EA7:0907.0004: hidraw0: USB HID v0.00 Device [HID 1ea7:0907] on usb-dummy_hcd.3-1/input0
[  165.616555][ T7100] (syz.1.386,7100,0):ocfs2_fill_super:1177 ERROR: status = -12
[  165.739146][ T5963] usb 5-1: new full-speed USB device number 5 using dummy_hcd
[  165.771352][ T5870] usb 4-1: USB disconnect, device number 5
[  166.004783][ T5963] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  166.144463][ T5963] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  166.276047][ T5963] usb 5-1: New USB device found, idVendor=596a, idProduct=00f8, bcdDevice= 0.00
[  166.400801][ T5963] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  166.481215][ T7136] fido_id[7136]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  166.510890][ T5963] usb 5-1: config 0 descriptor??
[  166.569075][ T5870] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  166.646716][ T7147] loop2: detected capacity change from 0 to 256
[  166.819203][ T5870] usb 2-1: Using ep0 maxpacket: 8
[  166.871081][ T5870] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  166.898473][ T7147] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[  166.925718][ T7150] loop3: detected capacity change from 0 to 736
[  166.952467][ T5870] usb 2-1: config 0 has no interface number 0
[  167.030609][ T5870] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  167.103817][ T7153] loop0: detected capacity change from 0 to 64
[  167.149160][ T5870] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  167.171263][ T5963] hid-generic 0003:596A:00F8.0005: hidraw0: USB HID vff.fa Device [HID 596a:00f8] on usb-dummy_hcd.4-1/input0
[  167.270072][ T5870] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.376160][ T5963] usb 5-1: USB disconnect, device number 5
[  167.400774][ T5870] usb 2-1: config 0 descriptor??
[  167.569717][ T5870] iowarrior 2-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  168.359069][   T24] usb 2-1: USB disconnect, device number 5
[  168.893890][ T7158] fido_id[7158]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  169.200571][ T7171] loop2: detected capacity change from 0 to 256
[  169.382528][ T7171] FAT-fs (loop2): Directory bread(block 64) failed
[  169.442626][ T7171] FAT-fs (loop2): Directory bread(block 65) failed
[  169.486055][ T7171] FAT-fs (loop2): Directory bread(block 66) failed
[  169.539925][ T7171] FAT-fs (loop2): Directory bread(block 67) failed
[  169.607686][ T7171] FAT-fs (loop2): Directory bread(block 68) failed
[  169.653666][ T7171] FAT-fs (loop2): Directory bread(block 69) failed
[  169.695700][ T7171] FAT-fs (loop2): Directory bread(block 70) failed
[  169.740221][ T7171] FAT-fs (loop2): Directory bread(block 71) failed
[  169.784008][ T7171] FAT-fs (loop2): Directory bread(block 72) failed
[  169.834954][ T7171] FAT-fs (loop2): Directory bread(block 73) failed
[  170.253112][ T7181] warning: `syz.0.423' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  170.616805][ T7187] loop4: detected capacity change from 0 to 2048
[  170.797256][ T7196] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  170.956507][   T30] audit: type=1326 audit(1758590616.461:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7195 comm="syz.0.431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcadc98eec9 code=0x7ffc0000
[  170.978602][    C1] vkms_vblank_simulate: vblank timer overrun
[  171.033117][ T7199] loop2: detected capacity change from 0 to 128
[  171.191205][   T30] audit: type=1326 audit(1758590616.551:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7195 comm="syz.0.431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcadc98eec9 code=0x7ffc0000
[  171.213319][    C1] vkms_vblank_simulate: vblank timer overrun
[  171.259374][ T7199] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  171.332508][ T7199] ext4 filesystem being mounted at /74/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  171.364366][    C1] vkms_vblank_simulate: vblank timer overrun
[  171.437904][   T30] audit: type=1326 audit(1758590616.551:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7195 comm="syz.0.431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fcadc98eec9 code=0x7ffc0000
[  171.547810][   T30] audit: type=1326 audit(1758590616.551:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7195 comm="syz.0.431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcadc98eec9 code=0x7ffc0000
[  171.768799][   T30] audit: type=1326 audit(1758590616.551:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7195 comm="syz.0.431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcadc98eec9 code=0x7ffc0000
[  171.872418][ T5889] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  171.932947][ T7206] x_tables: ip_tables: udp match: only valid for protocol 17
[  171.941130][   T30] audit: type=1326 audit(1758590616.561:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7195 comm="syz.0.431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=260 compat=0 ip=0x7fcadc98eec9 code=0x7ffc0000
[  171.963200][    C1] vkms_vblank_simulate: vblank timer overrun
[  172.203361][   T30] audit: type=1326 audit(1758590616.561:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7195 comm="syz.0.431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcadc98eec9 code=0x7ffc0000
[  172.427490][ T7216] random: crng reseeded on system resumption
[  172.443006][   T30] audit: type=1326 audit(1758590616.561:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7195 comm="syz.0.431" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcadc98eec9 code=0x7ffc0000
[  172.465111][    C1] vkms_vblank_simulate: vblank timer overrun
[  173.307552][ T7229] loop5: detected capacity change from 0 to 1035
[  173.483368][ T7229] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  173.630091][ T7229] ext4 filesystem being mounted at /80/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  174.056070][ T7244] netlink: 4 bytes leftover after parsing attributes in process `syz.1.451'.
[  174.108768][ T5877] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.447812][ T7250] capability: warning: `syz.0.455' uses 32-bit capabilities (legacy support in use)
[  174.691092][ T7257] netlink: 8 bytes leftover after parsing attributes in process `syz.1.456'.
[  174.786792][ T7257] netlink: 44 bytes leftover after parsing attributes in process `syz.1.456'.
[  174.999630][ T7073] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  175.091724][ T7263] loop4: detected capacity change from 0 to 164
[  175.219671][ T7073] usb 4-1: Using ep0 maxpacket: 32
[  175.298067][ T7073] usb 4-1: config 0 has an invalid interface number: 247 but max is 0
[  175.347084][ T7073] usb 4-1: config 0 has no interface number 0
[  175.387183][ T7267] loop2: detected capacity change from 0 to 256
[  175.456363][ T7073] usb 4-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  175.519931][ T7073] usb 4-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  175.594401][ T7073] usb 4-1: Product: syz
[  175.598610][ T7073] usb 4-1: Manufacturer: syz
[  175.681904][ T7269] loop1: detected capacity change from 0 to 1764
[  175.701272][ T7073] usb 4-1: config 0 descriptor??
[  176.012652][ T6007] usb 4-1: USB disconnect, device number 6
[  176.421580][ T7282] loop0: detected capacity change from 0 to 64
[  177.906011][ T7304] loop3: detected capacity change from 0 to 2048
[  177.934756][ T7307] loop5: detected capacity change from 0 to 256
[  178.036867][ T7304] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  178.131236][ T7307] FAT-fs (loop5): Directory bread(block 64) failed
[  178.179735][ T7307] FAT-fs (loop5): Directory bread(block 65) failed
[  178.242030][ T7305] loop0: detected capacity change from 0 to 4096
[  178.288880][ T7307] FAT-fs (loop5): Directory bread(block 66) failed
[  178.319509][ T7307] FAT-fs (loop5): Directory bread(block 67) failed
[  178.326143][ T7307] FAT-fs (loop5): Directory bread(block 68) failed
[  178.344298][ T7305] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  178.451214][ T7307] FAT-fs (loop5): Directory bread(block 69) failed
[  178.544441][ T7307] FAT-fs (loop5): Directory bread(block 70) failed
[  178.608283][ T7307] FAT-fs (loop5): Directory bread(block 71) failed
[  178.669858][ T7307] FAT-fs (loop5): Directory bread(block 72) failed
[  178.717603][ T7305] ntfs3(loop0): failed to convert "c46c" to cp861
[  178.725139][ T7307] FAT-fs (loop5): Directory bread(block 73) failed
[  178.813543][ T7305] ntfs3(loop0): ino=20, mi_enum_attr
[  178.865070][ T7305] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  179.139726][ T6007] usb 4-1: new full-speed USB device number 7 using dummy_hcd
[  179.207300][ T7322] netlink: 28 bytes leftover after parsing attributes in process `syz.2.488'.
[  179.331524][ T6007] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  179.392968][ T6007] usb 4-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00
[  179.517301][ T6007] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  179.598880][ T6007] usb 4-1: config 0 descriptor??
[  180.106225][ T6007] uclogic 0003:5543:0522.0006: unbalanced delimiter at end of report description
[  180.266383][ T6007] uclogic 0003:5543:0522.0006: parse failed
[  180.338403][ T6007] uclogic 0003:5543:0522.0006: probe with driver uclogic failed with error -22
[  180.463119][ T6007] usb 4-1: USB disconnect, device number 7
[  181.094920][ T7340] netlink: 44 bytes leftover after parsing attributes in process `syz.0.498'.
[  181.241373][ T7340] netlink: 84 bytes leftover after parsing attributes in process `syz.0.498'.
[  183.333414][ T7378] loop2: detected capacity change from 0 to 128
[  183.782899][ T7378] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  183.933830][ T7378] ext4 filesystem being mounted at /90/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  184.013309][ T7389] loop0: detected capacity change from 0 to 256
[  184.108089][ T7391] loop1: detected capacity change from 0 to 256
[  184.487780][ T7389] FAT-fs (loop0): Directory bread(block 64) failed
[  184.557459][ T5889] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  184.570218][ T7389] FAT-fs (loop0): Directory bread(block 65) failed
[  184.597454][ T7389] FAT-fs (loop0): Directory bread(block 66) failed
[  184.650192][ T7389] FAT-fs (loop0): Directory bread(block 67) failed
[  184.656790][ T7389] FAT-fs (loop0): Directory bread(block 68) failed
[  184.838051][ T7389] FAT-fs (loop0): Directory bread(block 69) failed
[  184.920455][ T7389] FAT-fs (loop0): Directory bread(block 70) failed
[  184.937168][ T7389] FAT-fs (loop0): Directory bread(block 71) failed
[  185.028691][ T7389] FAT-fs (loop0): Directory bread(block 72) failed
[  185.066655][ T7389] FAT-fs (loop0): Directory bread(block 73) failed
[  185.209772][ T6007] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  185.445432][ T6007] usb 5-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0
[  185.545538][ T7397] loop1: detected capacity change from 0 to 4096
[  185.553074][ T6007] usb 5-1: config 0 interface 0 has no altsetting 0
[  185.628686][ T6007] usb 5-1: New USB device found, idVendor=056a, idProduct=00ba, bcdDevice= 0.00
[  185.716707][ T6007] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  185.800034][ T6007] usb 5-1: config 0 descriptor??
[  185.844609][ T7403] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  186.390842][ T6007] wacom 0003:056A:00BA.0007: unbalanced collection at end of report description
[  186.496297][ T6007] wacom 0003:056A:00BA.0007: parse failed
[  186.609731][ T6007] wacom 0003:056A:00BA.0007: probe with driver wacom failed with error -22
[  186.695967][ T6007] usb 5-1: USB disconnect, device number 6
[  186.795847][ T7411] loop0: detected capacity change from 0 to 4096
[  186.876222][ T7415] loop3: detected capacity change from 0 to 128
[  187.053556][ T7415] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  187.250331][ T7415] hpfs: filesystem error: improperly stopped
[  187.294443][ T7415] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  187.395396][ T7415] hpfs: You really don't want any checks? You are crazy...
[  187.500556][ T7415] hpfs: hpfs_map_sector(): read error
[  187.571575][ T7415] hpfs: code page support is disabled
[  187.639129][ T7415] hpfs: hpfs_map_4sectors(): unaligned read
[  187.645366][ T7415] hpfs: hpfs_map_4sectors(): unaligned read
[  187.675676][ T7419] loop4: detected capacity change from 0 to 64
[  187.789614][ T7415] hpfs: filesystem error: unable to find root dir
[  188.289676][ T6007] usb 2-1: new full-speed USB device number 6 using dummy_hcd
[  188.469642][ T6007] usb 2-1: config 1 has an invalid interface number: 105 but max is 0
[  188.545038][ T6007] usb 2-1: config 1 has no interface number 0
[  188.601409][ T6007] usb 2-1: config 1 interface 105 has no altsetting 0
[  188.730318][ T6007] usb 2-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[  188.825178][ T6007] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  188.908203][ T6007] usb 2-1: Product: syz
[  188.941156][ T6007] usb 2-1: Manufacturer: syz
[  188.993639][ T6007] usb 2-1: SerialNumber: syz
[  189.138128][ T7434] loop2: detected capacity change from 0 to 256
[  189.226497][ T7434] exfat: Deprecated parameter 'utf8'
[  189.374566][ T7434] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d)
[  189.681470][ T6007] aqc111 2-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x20) reg index 0x0000: -71
[  189.806769][ T6007] aqc111 2-1:1.105: probe with driver aqc111 failed with error -71
[  189.938711][ T6007] usb 2-1: USB disconnect, device number 6
[  190.012526][ T7443] loop4: detected capacity change from 0 to 512
[  190.067443][ T7440] loop0: detected capacity change from 0 to 1764
[  190.133779][ T7443] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  190.305706][ T7443] EXT4-fs warning (device loop4): dx_probe:837: inode #2: comm syz.4.543: Unimplemented hash flags: 0x0001
[  190.338912][ T7448] Driver unsupported XDP return value 0 on prog  (id 35) dev N/A, expect packet loss!
[  190.422631][ T7443] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.543: Corrupt directory, running e2fsck is recommended
[  190.560368][ T7443] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 3: comm syz.4.543: path /97/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=4294967295, rec_len=7, size=1024 fake=0
[  190.796259][ T7452] sctp: [Deprecated]: syz.3.548 (pid 7452) Use of int in max_burst socket option.
[  190.796259][ T7452] Use struct sctp_assoc_value instead
[  191.184048][ T5874] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.580723][ T7461] Invalid logical block size (2310)
[  191.715631][ T7462] team0: Device vlan2 is already an upper device of the team interface
[  192.013709][ T7467] loop3: detected capacity change from 0 to 16
[  192.184479][ T7467] erofs (device loop3): mounted with root inode @ nid 36.
[  192.662138][ T7476] loop4: detected capacity change from 0 to 64
[  192.821515][ T7073] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  193.034979][ T7073] usb 1-1: Using ep0 maxpacket: 16
[  193.121229][ T7073] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0099, bcdDevice=f4.9b
[  193.177333][ T7073] usb 1-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  193.265721][ T7073] usb 1-1: Product: syz
[  193.308006][ T7073] usb 1-1: SerialNumber: syz
[  193.402488][ T7073] usb 1-1: config 0 descriptor??
[  193.501644][ T7073] usb 1-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  193.533024][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  193.540572][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  193.596948][ T7073] dvb_usb_af9015 1-1:0.0: probe with driver dvb_usb_af9015 failed with error -22
[  193.665440][ T7073] usb 1-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  193.695254][ T7073] dvb_usb_af9035 1-1:0.0: probe with driver dvb_usb_af9035 failed with error -22
[  193.742712][ T7073] usb 1-1: USB disconnect, device number 4
[  193.998121][ T7489] loop4: detected capacity change from 0 to 512
[  194.050784][ T7489] EXT4-fs: Ignoring removed mblk_io_submit option
[  194.098273][ T7489] EXT4-fs: inline encryption not supported
[  194.152478][ T7489] EXT4-fs: Ignoring removed mblk_io_submit option
[  194.327085][ T7489] EXT4-fs (loop4): Test dummy encryption mode enabled
[  194.585138][ T7489] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  194.824452][ T7489] EXT4-fs (loop4): 1 truncate cleaned up
[  194.955521][ T7489] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  195.007533][ T7504] loop2: detected capacity change from 0 to 1024
[  195.280532][ T7504] hfsplus: bad catalog entry type
[  195.665089][ T5874] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.133143][ T7515] loop2: detected capacity change from 0 to 2048
[  196.245199][ T7515] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  196.911243][ T7519] loop4: detected capacity change from 0 to 2048
[  197.078328][ T7519] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  197.275240][ T7519] UDF-fs: error (device loop4): udf_verify_fi: directory (ino 1376) has entry where CRC length (0) does not match entry length (44)
[  197.653175][ T7530] loop1: detected capacity change from 0 to 256
[  198.133271][ T7530] FAT-fs (loop1): Directory bread(block 64) failed
[  198.329188][ T7530] FAT-fs (loop1): Directory bread(block 65) failed
[  198.385896][ T7530] FAT-fs (loop1): Directory bread(block 66) failed
[  198.462195][ T7530] FAT-fs (loop1): Directory bread(block 67) failed
[  198.468791][ T7530] FAT-fs (loop1): Directory bread(block 68) failed
[  198.612745][ T7530] FAT-fs (loop1): Directory bread(block 69) failed
[  198.659164][ T7530] FAT-fs (loop1): Directory bread(block 70) failed
[  198.665683][ T7530] FAT-fs (loop1): Directory bread(block 71) failed
[  198.802285][ T7530] FAT-fs (loop1): Directory bread(block 72) failed
[  198.869156][ T7530] FAT-fs (loop1): Directory bread(block 73) failed
[  200.409340][ T5883] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  200.417988][ T5883] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  200.427367][ T5883] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  200.435869][ T5883] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  200.443735][ T5883] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  201.116437][ T7569] loop3: detected capacity change from 0 to 128
[  201.213830][ T7574] netlink: 4 bytes leftover after parsing attributes in process `syz.0.600'.
[  202.618057][ T7595] loop4: detected capacity change from 0 to 40427
[  202.647612][ T7558] chnl_net:caif_netlink_parms(): no params data found
[  202.712270][ T7595] F2FS-fs (loop4): invalid crc value
[  202.791107][ T7595] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  202.825941][ T5883] Bluetooth: hci4: command tx timeout
[  202.843713][ T7595] F2FS-fs (loop4): checkpoint=disable on readonly fs
[  203.564596][ T7606] netlink: 32 bytes leftover after parsing attributes in process `syz.2.616'.
[  203.739106][   T36] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.389199][ T7623] netlink: 8 bytes leftover after parsing attributes in process `syz.3.622'.
[  204.398162][ T7623] openvswitch: netlink: push_nsh: missing base or metadata attributes
[  204.548352][ T7623] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  204.879152][ T5883] Bluetooth: hci4: command tx timeout
[  205.045544][ T7558] bridge0: port 1(bridge_slave_0) entered blocking state
[  205.076835][ T7558] bridge0: port 1(bridge_slave_0) entered disabled state
[  205.139334][ T7558] bridge_slave_0: entered allmulticast mode
[  205.216012][ T7558] bridge_slave_0: entered promiscuous mode
[  205.270421][ T7558] bridge0: port 2(bridge_slave_1) entered blocking state
[  205.277554][ T7558] bridge0: port 2(bridge_slave_1) entered disabled state
[  205.444896][ T7558] bridge_slave_1: entered allmulticast mode
[  205.518108][ T7558] bridge_slave_1: entered promiscuous mode
[  205.570461][ T7639] netlink: 'syz.1.630': attribute type 4 has an invalid length.
[  206.113287][ T7558] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  206.242723][ T7558] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  206.741200][ T7558] team0: Port device team_slave_0 added
[  206.822123][ T7558] team0: Port device team_slave_1 added
[  206.899920][ T1206] usb 2-1: new low-speed USB device number 7 using dummy_hcd
[  206.959876][ T5883] Bluetooth: hci4: command tx timeout
[  207.091374][ T1206] usb 2-1: config 0 has an invalid interface number: 55 but max is 0
[  207.101311][ T7664] netlink: 168 bytes leftover after parsing attributes in process `syz.3.642'.
[  207.134624][ T1206] usb 2-1: config 0 has no interface number 0
[  207.175547][ T1206] usb 2-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  207.244038][ T1206] usb 2-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[  207.303464][ T7672] loop2: detected capacity change from 0 to 256
[  207.321644][ T1206] usb 2-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  207.413280][ T1206] usb 2-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  207.445030][   T30] audit: type=1800 audit(1758590652.951:28): pid=7672 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.644" name="bus" dev="loop2" ino=1048690 res=0 errno=0
[  207.482232][ T1206] usb 2-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[  207.482267][ T1206] usb 2-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  207.482315][ T1206] usb 2-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  207.482342][ T1206] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  207.539248][ T1206] usb 2-1: config 0 descriptor??
[  207.540121][ T7658] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  207.540319][ T7658] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  207.563413][ T1206] ldusb 2-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  207.646889][ T7558] batman_adv: batadv0: Adding interface: batadv_slave_0
[  207.724981][ T7558] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  207.750889][    C0] vkms_vblank_simulate: vblank timer overrun
[  207.850057][ T7658] ldusb 2-1:0.55: Write buffer overflow, 2 bytes dropped
[  208.042889][ T7558] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  208.079270][ T7558] batman_adv: batadv0: Adding interface: batadv_slave_1
[  208.079288][ T7558] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  208.079319][ T7558] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  208.119318][ T1206] usb 2-1: USB disconnect, device number 7
[  208.564975][   T36] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.570032][ T7681] loop4: detected capacity change from 0 to 32768
[  208.584160][ T1206] ldusb 2-1:0.55: LD USB Device #0 now disconnected
[  208.733314][ T7681] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,recovery_pass_last=set_may_go_rw,read_only,reconstruct_alloc,no_data_io
[  208.733343][ T7681]   allowing incompatible features above 0.0: (unknown version)
[  208.733358][ T7681]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  208.733389][ T7681] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0
[  208.733538][ T7681] bcachefs (loop4): recovering from clean shutdown, journal seq 10
[  208.733651][ T7681] bcachefs (loop4): dropping and reconstructing all alloc info
[  208.790567][ T7681] bcachefs (loop4): accounting_read... done
[  208.815087][ T7681] bcachefs (loop4): alloc_read... done
[  208.816146][ T7681] bcachefs (loop4): snapshots_read... done
[  208.817395][ T7681] bcachefs (loop4): check_allocations...
[  208.821278][ T7681] bcachefs (loop4): btree ptr not marked in member info btree allocated bitmap
[  208.821312][ T7681]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7589ab5e0c11cc7a written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing
[  208.825373][ T7681] bcachefs (loop4): btree ptr not marked in member info btree allocated bitmap
[  208.825392][ T7681]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing
[  208.827527][ T7681] bcachefs (loop4): btree ptr not marked in member info btree allocated bitmap
[  208.827545][ T7681]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c0bef60d07ceb940 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing
[  208.832390][ T7681] bcachefs (loop4): btree ptr not marked in member info btree allocated bitmap
[  208.832408][ T7681]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ebb8d5a9e3463bdb written 16 min_key POS_MIN durability: 1 ptr: 0:32:0 gen 0, fixing
[  208.847144][ T7681]  done
[  208.849586][ T7681] bcachefs (loop4): going read-write
[  208.849659][ T7681] bcachefs (loop4): insufficient writeable journal devices available: have 0, need 1
[  208.849659][ T7681] rw journal devs:
[  208.855383][ T7681] bcachefs (loop4): Fixed errors, running fsck a second time to verify fs is clean
[  208.866423][ T7681] bcachefs (loop4): going read-only
[  208.866465][ T7681] bcachefs (loop4): finished waiting for writes to stop
[  208.975566][ T7681] bcachefs (loop4): flushing journal and stopping allocators, journal seq 10
[  208.975868][ T7681] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 10
[  208.993542][ T7681] bcachefs (loop4): unclean shutdown complete, journal seq 10
[  208.996422][ T7681] bcachefs (loop4): done going read-only, filesystem not clean
[  208.996445][ T7681] bcachefs (loop4): done starting filesystem
[  209.039133][ T5883] Bluetooth: hci4: command tx timeout
[  209.274068][ T7695] loop3: detected capacity change from 0 to 1024
[  209.453145][ T7558] hsr_slave_0: entered promiscuous mode
[  209.481230][ T7558] hsr_slave_1: entered promiscuous mode
[  209.482059][ T7558] debugfs: 'hsr0' already exists in 'hsr'
[  209.482080][ T7558] Cannot create hsr debugfs directory
[  209.490011][ T5874] bcachefs (loop4): shutting down
[  209.619840][ T1206] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  209.750557][ T5874] bcachefs (loop4): shutdown complete
[  209.772458][ T1206] usb 3-1: Using ep0 maxpacket: 16
[  209.798775][ T1206] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  209.798809][ T1206] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  209.798852][ T1206] usb 3-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  209.798879][ T1206] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  209.851208][ T1206] usb 3-1: config 0 descriptor??
[  210.381817][ T1206] hid-multitouch 0003:1FD2:6007.0008: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.2-1/input0
[  210.569495][ T1206] usb 3-1: USB disconnect, device number 4
[  210.871381][ T7709] fido_id[7709]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[  211.147779][   T36] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.584013][ T7558] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  211.641270][ T7558] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  211.701114][ T7558] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  211.762812][ T7558] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  212.443033][ T7558] 8021q: adding VLAN 0 to HW filter on device bond0
[  212.514776][ T7558] 8021q: adding VLAN 0 to HW filter on device team0
[  212.588521][ T3511] bridge0: port 1(bridge_slave_0) entered blocking state
[  212.588650][ T3511] bridge0: port 1(bridge_slave_0) entered forwarding state
[  212.615835][ T3471] bridge0: port 2(bridge_slave_1) entered blocking state
[  212.615948][ T3471] bridge0: port 2(bridge_slave_1) entered forwarding state
[  212.784561][ T7741] netlink: 16 bytes leftover after parsing attributes in process `syz.3.669'.
[  212.852609][ T7558] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  213.650146][ T7721] loop1: detected capacity change from 0 to 40427
[  213.720895][ T7721] F2FS-fs (loop1): invalid crc value
[  213.897374][ T7558] 8021q: adding VLAN 0 to HW filter on device batadv0
[  214.286521][ T7721] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  214.412356][ T7721] F2FS-fs (loop1): Start checkpoint disabled!
[  214.493634][ T7721] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  214.792857][ T7774] loop0: detected capacity change from 0 to 128
[  215.842152][   T36] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  216.179225][ T5182] Bluetooth: hci1: command 0x0406 tx timeout
[  216.185262][ T5182] Bluetooth: hci0: command 0x0406 tx timeout
[  216.191489][ T5890] Bluetooth: hci2: command 0x0406 tx timeout
[  216.197513][ T5890] Bluetooth: hci3: command 0x0406 tx timeout
[  216.598895][ T7558] veth0_vlan: entered promiscuous mode
[  216.698683][ T7558] veth1_vlan: entered promiscuous mode
[  216.936632][ T7558] veth0_macvtap: entered promiscuous mode
[  217.005327][ T7558] veth1_macvtap: entered promiscuous mode
[  217.160130][ T7558] batman_adv: batadv0: Interface activated: batadv_slave_0
[  217.246117][ T7558] batman_adv: batadv0: Interface activated: batadv_slave_1
[  217.352386][ T3511] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  217.432000][ T3511] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  217.461276][ T3511] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  217.539053][ T3511] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  217.803073][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  217.836812][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  217.942028][ T1206] usb 4-1: new full-speed USB device number 8 using dummy_hcd
[  218.010671][ T3606] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  218.064482][ T3606] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  218.178558][ T1206] usb 4-1: unable to get BOS descriptor or descriptor too short
[  218.204903][ T1206] usb 4-1: not running at top speed; connect to a high speed hub
[  218.269911][ T7786] loop2: detected capacity change from 0 to 40427
[  218.285291][ T1206] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  218.345287][ T1206] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  218.417586][ T1206] usb 4-1: string descriptor 0 read error: -22
[  218.429787][ T7786] F2FS-fs (loop2): invalid crc value
[  218.456911][ T1206] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  218.530959][ T1206] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  218.627007][ T1206] usb 4-1: 0:2 : does not exist
[  218.635429][ T7804] netlink: 8 bytes leftover after parsing attributes in process `syz.6.582'.
[  218.968435][ T7786] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  219.089891][ T7786] F2FS-fs (loop2): Start checkpoint disabled!
[  219.266229][ T1206] usb 4-1: 5:0: cannot get min/max values for control 2 (id 5)
[  219.315200][ T1206] usb 4-1: 5:0: cannot get min/max values for control 3 (id 5)
[  219.397245][ T1206] usb 4-1: 5:0: failed to get current value for ch 1 (-22)
[  219.539151][ T1206] usb 4-1: 5:0: cannot get min/max values for control 3 (id 5)
[  219.623958][ T1206] usb 4-1: USB disconnect, device number 8
[  220.674029][ T7823] loop6: detected capacity change from 0 to 512
[  220.714447][ T7823] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  220.800084][ T7823] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  220.866962][ T7823] ext4 filesystem being mounted at /4/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  221.052504][ T7826] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  221.113943][ T7558] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.277665][ T7813] loop1: detected capacity change from 0 to 32768
[  221.318308][ T7813] ERROR: (device loop1): jfs_readdir: JFS:Dtree error: ino = 2, bn=0, index = 1
[  221.318308][ T7813] 
[  222.175693][ T7830] loop1: detected capacity change from 0 to 128
[  222.213797][ T7830] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535)
[  222.270712][ T7830] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none.
[  222.330771][ T7830] EXT4-fs (loop1): ext4_remount: Checksum for group 0 failed (30846!=65535)
[  222.478662][ T5867] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  222.838023][   T36] bridge_slave_1: left allmulticast mode
[  222.878189][   T36] bridge_slave_1: left promiscuous mode
[  222.899749][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  223.005621][   T36] bridge_slave_0: left allmulticast mode
[  223.032548][   T36] bridge_slave_0: left promiscuous mode
[  223.075154][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  223.792593][ T7842] loop2: detected capacity change from 0 to 1024
[  224.090370][   T49] hfsplus: b-tree write err: -5, ino 4
[  224.792259][ T7852] loop2: detected capacity change from 0 to 512
[  224.915072][ T7852] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  225.009598][ T7852] EXT4-fs (loop2): orphan cleanup on readonly fs
[  225.017641][ T7852] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:517: comm syz.2.709: Block bitmap for bg 0 marked uninitialized
[  225.174848][ T7852] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  225.246549][ T7852] EXT4-fs (loop2): 1 orphan inode deleted
[  225.275336][ T7852] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  225.490440][ T5889] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.801110][   T51] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  225.810831][   T51] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  225.818401][   T51] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  225.833759][   T51] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  225.849792][   T51] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  227.177922][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  227.221642][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  227.248525][   T36] bond0 (unregistering): Released all slaves
[  227.920095][ T5885] Bluetooth: hci6: command tx timeout
[  227.990085][ T7856] chnl_net:caif_netlink_parms(): no params data found
[  228.444825][ T7856] bridge0: port 1(bridge_slave_0) entered blocking state
[  228.466227][ T7856] bridge0: port 1(bridge_slave_0) entered disabled state
[  228.489193][ T7856] bridge_slave_0: entered allmulticast mode
[  228.519927][ T7856] bridge_slave_0: entered promiscuous mode
[  228.535256][ T7856] bridge0: port 2(bridge_slave_1) entered blocking state
[  228.565532][ T7856] bridge0: port 2(bridge_slave_1) entered disabled state
[  228.579087][ T7856] bridge_slave_1: entered allmulticast mode
[  228.616969][ T7856] bridge_slave_1: entered promiscuous mode
[  228.827243][ T7856] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  228.863016][ T7856] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  229.060159][ T7856] team0: Port device team_slave_0 added
[  229.091892][ T7856] team0: Port device team_slave_1 added
[  229.202104][ T7856] batman_adv: batadv0: Adding interface: batadv_slave_0
[  229.234680][ T7856] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  229.309176][ T7856] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  229.349903][ T7856] batman_adv: batadv0: Adding interface: batadv_slave_1
[  229.356835][ T7856] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  229.486022][ T7856] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  229.810515][ T7856] hsr_slave_0: entered promiscuous mode
[  229.817145][ T7856] hsr_slave_1: entered promiscuous mode
[  229.871405][ T7856] debugfs: 'hsr0' already exists in 'hsr'
[  229.877137][ T7856] Cannot create hsr debugfs directory
[  230.009385][ T5885] Bluetooth: hci6: command tx timeout
[  232.079604][ T5885] Bluetooth: hci6: command tx timeout
[  232.329440][ T5962] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  232.560289][ T5962] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  232.622416][ T5962] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  232.703719][ T5962] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  232.815654][ T5962] usb 1-1: New USB device found, idVendor=056e, idProduct=00fb, bcdDevice= 0.00
[  232.894703][ T5962] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  232.981663][ T5962] usb 1-1: config 0 descriptor??
[  233.433698][   T24] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  233.505356][ T5962] elecom 0003:056E:00FB.0009: unknown main item tag 0x0
[  233.556079][ T5962] elecom 0003:056E:00FB.0009: hidraw0: USB HID v0.00 Device [HID 056e:00fb] on usb-dummy_hcd.0-1/input0
[  233.649570][   T24] usb 7-1: Using ep0 maxpacket: 16
[  233.676979][   T24] usb 7-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[  233.724922][   T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  233.737176][ T5962] usb 1-1: USB disconnect, device number 5
[  233.768140][   T24] usb 7-1: Product: syz
[  233.796167][   T24] usb 7-1: Manufacturer: syz
[  233.815786][   T24] usb 7-1: SerialNumber: syz
[  233.834261][ T7935] fido_id[7935]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[  233.858241][   T24] usb 7-1: config 0 descriptor??
[  233.886760][   T24] visor 7-1:0.0: Sony Clie 3.5 converter detected
[  234.160260][ T5885] Bluetooth: hci6: command tx timeout
[  234.354203][   T24] usb 7-1: Sony Clie 3.5 converter now attached to ttyUSB0
[  234.626454][ T7073] usb 7-1: USB disconnect, device number 2
[  234.691772][ T7073] clie_3.5 ttyUSB0: Sony Clie 3.5 converter now disconnected from ttyUSB0
[  234.798691][ T7073] visor 7-1:0.0: device disconnected
[  234.862188][ T7945] loop0: detected capacity change from 0 to 512
[  234.977925][ T7945] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found
[  235.042521][ T7945] UDF-fs: Scanning with blocksize 512 failed
[  235.091429][ T7945] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found
[  235.104266][ T7856] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  235.210054][ T7945] UDF-fs: Scanning with blocksize 1024 failed
[  235.298000][ T7856] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  235.325662][ T7945] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found
[  235.358458][ T7951] netlink: 8 bytes leftover after parsing attributes in process `syz.2.733'.
[  235.414245][ T7945] UDF-fs: Scanning with blocksize 2048 failed
[  235.479440][ T7951] netlink: 4 bytes leftover after parsing attributes in process `syz.2.733'.
[  235.488370][ T7951] netlink: 52 bytes leftover after parsing attributes in process `syz.2.733'.
[  235.502649][ T7856] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  235.546714][ T7945] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  235.643222][ T7856] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  235.656038][ T7945] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  236.814401][ T7974] loop0: detected capacity change from 0 to 64
[  238.489140][ T5962] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  238.669162][ T5962] usb 1-1: Using ep0 maxpacket: 8
[  238.706813][ T5962] usb 1-1: too many endpoints for config 0 interface 0 altsetting 250: 255, using maximum allowed: 30
[  238.755037][ T5962] usb 1-1: config 0 interface 0 altsetting 250 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  238.830701][ T5962] usb 1-1: config 0 interface 0 has no altsetting 0
[  238.868173][ T5962] usb 1-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00
[  238.904968][ T5962] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  238.928013][ T8001] loop2: detected capacity change from 0 to 256
[  238.969949][ T5962] usb 1-1: config 0 descriptor??
[  238.979803][  T975] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  238.991057][ T8001] exfat: Deprecated parameter 'utf8'
[  239.037233][ T8001] exfat: Deprecated parameter 'utf8'
[  239.151595][ T8001] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[  239.185682][  T975] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  239.282859][  T975] usb 2-1: New USB device found, idVendor=1b1c, idProduct=0a14, bcdDevice= 0.00
[  239.395738][  T975] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  239.529636][ T5962] gt683r_led 0003:1770:FF00.000A: hidraw0: USB HID vf4.f6 Device [HID 1770:ff00] on usb-dummy_hcd.0-1/input0
[  239.550972][  T975] usb 2-1: config 0 descriptor??
[  239.831816][ T5962] usb 1-1: USB disconnect, device number 6
[  240.019820][ T6022] gt683r_led 0003:1770:FF00.000A: failed to send set report request: -19
[  240.128506][  T975] hid (null): invalid report_count -1699516925
[  240.252288][  T975] hid-corsair-void 0003:1B1C:0A14.000B: invalid report_count -1699516925
[  240.357815][ T7856] 8021q: adding VLAN 0 to HW filter on device bond0
[  240.397987][  T975] hid-corsair-void 0003:1B1C:0A14.000B: item 0 4 1 9 parsing failed
[  240.517311][  T975] hid-corsair-void 0003:1B1C:0A14.000B: parse failed (reason: -22)
[  240.602959][ T7856] 8021q: adding VLAN 0 to HW filter on device team0
[  240.627883][  T975] hid-corsair-void 0003:1B1C:0A14.000B: probe with driver hid-corsair-void failed with error -22
[  240.692455][ T8014] fido_id[8014]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[  240.869636][  T975] usb 2-1: USB disconnect, device number 8
[  240.902124][ T3606] bridge0: port 1(bridge_slave_0) entered blocking state
[  240.909300][ T3606] bridge0: port 1(bridge_slave_0) entered forwarding state
[  241.110217][ T3606] bridge0: port 2(bridge_slave_1) entered blocking state
[  241.117377][ T3606] bridge0: port 2(bridge_slave_1) entered forwarding state
[  241.736965][ T7856] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  242.006176][ T8042] loop0: detected capacity change from 0 to 64
[  242.050065][ T8041] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  242.333509][ T8045] netlink: 8 bytes leftover after parsing attributes in process `syz.1.765'.
[  242.409384][   T36] hsr_slave_0: left promiscuous mode
[  242.479346][   T36] hsr_slave_1: left promiscuous mode
[  242.520798][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  242.589366][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  242.819627][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  242.838670][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  243.023421][   T30] audit: type=1326 audit(1758590688.531:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8057 comm="syz.2.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f574898eec9 code=0x7ffc0000
[  243.045524][    C1] vkms_vblank_simulate: vblank timer overrun
[  243.083304][   T36] veth1_macvtap: left promiscuous mode
[  243.119450][   T43] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  243.172347][   T36] veth0_macvtap: left promiscuous mode
[  243.178104][   T36] veth1_vlan: left promiscuous mode
[  243.319542][   T36] veth0_vlan: left promiscuous mode
[  243.346573][   T30] audit: type=1326 audit(1758590688.531:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8057 comm="syz.2.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f574898eec9 code=0x7ffc0000
[  243.371311][   T43] usb 4-1: Using ep0 maxpacket: 16
[  243.449047][   T43] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  243.546492][   T43] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  243.644509][   T30] audit: type=1326 audit(1758590688.531:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8057 comm="syz.2.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=235 compat=0 ip=0x7f574898eec9 code=0x7ffc0000
[  243.690407][   T43] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  243.845530][   T43] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  243.919982][   T30] audit: type=1326 audit(1758590688.531:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8057 comm="syz.2.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f574898eec9 code=0x7ffc0000
[  243.962389][   T43] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  244.094338][   T43] usb 4-1: config 0 descriptor??
[  244.189274][   T30] audit: type=1326 audit(1758590688.531:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8057 comm="syz.2.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f574898eec9 code=0x7ffc0000
[  244.211342][    C1] vkms_vblank_simulate: vblank timer overrun
[  244.317656][ T8070] loop0: detected capacity change from 0 to 128
[  244.622263][   T43] microsoft 0003:045E:07DA.000C: unexpected long global item
[  244.732034][   T43] microsoft 0003:045E:07DA.000C: parse failed
[  244.820924][   T43] microsoft 0003:045E:07DA.000C: probe with driver microsoft failed with error -22
[  244.939092][   T43] usb 4-1: USB disconnect, device number 9
[  245.739662][ T8087] loop0: detected capacity change from 0 to 1024
[  245.863191][ T8087] hfsplus: bad catalog entry type
[  246.119974][ T8002] hfsplus: b-tree write err: -5, ino 4
[  246.708294][ T8100] loop3: detected capacity change from 0 to 256
[  246.763383][ T8100] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  246.841001][ T8100] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  246.915393][ T8100] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  247.798763][ T8111] loop2: detected capacity change from 0 to 1024
[  248.316360][   T36] team0 (unregistering): Port device team_slave_1 removed
[  248.693454][   T36] team0 (unregistering): Port device team_slave_0 removed
[  248.736138][ T8122] netlink: 56 bytes leftover after parsing attributes in process `syz.1.801'.
[  248.806357][ T8123] loop3: detected capacity change from 0 to 1024
[  248.826988][ T8122] netlink: 56 bytes leftover after parsing attributes in process `syz.1.801'.
[  249.669498][ T8130] loop3: detected capacity change from 0 to 1024
[  249.704369][ T8132] loop2: detected capacity change from 0 to 1024
[  249.781033][ T8132] EXT4-fs: Ignoring removed orlov option
[  249.860557][ T8132] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  249.964509][ T8132] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  250.048718][ T8134] loop1: detected capacity change from 0 to 4096
[  250.124854][ T8134] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512).
[  250.231455][ T8134] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  250.728931][    C0] sched: DL replenish lagged too much
[  251.000912][ T5889] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.528861][ T8139] loop3: detected capacity change from 0 to 32768
[  252.595062][ T8139] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode.
[  252.876297][ T5868] ocfs2: Unmounting device (7,3) on (node local)
[  252.911625][ T8089] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  253.868102][ T8169] gretap1: entered allmulticast mode
[  254.456789][ T7856] 8021q: adding VLAN 0 to HW filter on device batadv0
[  254.713617][ T8180] bond0: default FDB implementation only supports local addresses
[  254.739956][ T8181] PKCS8: Unsupported PKCS#8 version
[  254.751354][ T8183] loop0: detected capacity change from 0 to 47
[  254.974441][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  254.987858][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  255.909633][ T8199] loop2: detected capacity change from 0 to 1024
[  256.080507][ T8201] netlink: 'syz.1.829': attribute type 5 has an invalid length.
[  257.291796][ T7856] veth0_vlan: entered promiscuous mode
[  257.404920][ T7856] veth1_vlan: entered promiscuous mode
[  257.645880][ T7856] veth0_macvtap: entered promiscuous mode
[  257.805717][ T7856] veth1_macvtap: entered promiscuous mode
[  258.098367][ T7856] batman_adv: batadv0: Interface activated: batadv_slave_0
[  258.193781][ T7856] batman_adv: batadv0: Interface activated: batadv_slave_1
[  258.410984][   T12] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  258.485007][   T12] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  258.650028][   T12] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  258.719141][ T6022] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  258.777882][   T12] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  258.980556][ T6022] usb 3-1: Using ep0 maxpacket: 32
[  259.034068][ T6022] usb 3-1: config 0 has an invalid interface number: 51 but max is 0
[  259.056078][ T6022] usb 3-1: config 0 has no interface number 0
[  259.139883][ T6022] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  259.222473][  T975] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  259.253659][ T6022] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  259.371267][ T6022] usb 3-1: Product: syz
[  259.375442][ T6022] usb 3-1: Manufacturer: syz
[  259.446514][ T6022] usb 3-1: SerialNumber: syz
[  259.483550][  T975] usb 2-1: config 220 has an invalid interface number: 76 but max is 2
[  259.555860][  T975] usb 2-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  259.570335][ T6022] usb 3-1: config 0 descriptor??
[  259.607327][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  259.641823][ T6022] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  259.675282][  T975] usb 2-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  259.709945][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  259.801489][  T975] usb 2-1: config 220 has no interface number 2
[  259.835911][ T8255] program syz.6.852 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  259.925960][  T975] usb 2-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  259.982028][ T6022] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  260.088026][  T975] usb 2-1: config 220 interface 0 has no altsetting 0
[  260.109035][ T3471] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  260.160179][ T6022] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  260.209470][  T975] usb 2-1: config 220 interface 76 has no altsetting 0
[  260.216375][  T975] usb 2-1: config 220 interface 1 has no altsetting 0
[  260.243748][ T3471] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  260.344348][    C1] usb 3-1: qt2_read_bulk_callback - non-zero urb status: -71
[  260.388247][ T6022] usb 3-1: USB disconnect, device number 5
[  260.429622][  T975] usb 2-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  260.533046][ T6022] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  260.566835][  T975] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  260.675250][  T975] usb 2-1: Product: syz
[  260.717742][ T6022] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  260.733300][  T975] usb 2-1: Manufacturer: syz
[  260.737894][  T975] usb 2-1: SerialNumber: syz
[  260.843779][ T6022] quatech2 3-1:0.51: device disconnected
[  261.109817][  T975] usb 2-1: selecting invalid altsetting 0
[  261.159974][  T975] usb 2-1: Found UVC 7.01 device syz (8086:0b07)
[  261.230468][  T975] usb 2-1: No valid video chain found.
[  261.316168][  T975] usb 2-1: selecting invalid altsetting 0
[  261.402611][  T975] usbtest 2-1:220.1: probe with driver usbtest failed with error -22
[  261.438607][ T8277] loop7: detected capacity change from 0 to 512
[  261.543031][  T975] usb 2-1: USB disconnect, device number 9
[  261.645639][ T8277] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  261.732292][ T8277] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[  262.226733][ T8281] loop2: detected capacity change from 0 to 32768
[  262.280152][ T8277] System zones: 0-2, 18-18, 34-34
[  262.348011][ T8281] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  262.356498][ T8281] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  262.367366][ T8277] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  262.426119][ T8281] gfs2: fsid=syz:syz.s: fatal: filesystem consistency error - inode = 1 19, function = gfs2_jdesc_check, file = fs/gfs2/super.c, line = 119
[  262.440432][ T8281] gfs2: fsid=syz:syz.s: G:  s:SH n:2/13 f:aqob t:SH d:EX/0 a:0 v:0 r:2 m:20 p:2
[  262.449873][ T8281] gfs2: fsid=syz:syz.s:  H: s:SH f:eEcH e:0 p:8281 [syz.2.860] init_journal+0x17f8/0x2260
[  262.459924][ T8281] gfs2: fsid=syz:syz.s:  I: n:1/19 t:8 f:0x00 d:0x00000200 s:8388608 p:0
[  262.468339][ T8281] gfs2: fsid=syz:syz.s: about to withdraw this file system
[  262.475821][ T8281] gfs2: fsid=syz:syz.s: Journal recovery skipped for jid 0 until next mount.
[  262.485024][ T8281] gfs2: fsid=syz:syz.s: Glock dequeues delayed: 0
[  262.491733][ T8281] gfs2: fsid=syz:syz.s: File system withdrawn
[  262.497796][ T8281] CPU: 1 UID: 0 PID: 8281 Comm: syz.2.860 Not tainted syzkaller #0 PREEMPT(full) 
[  262.497826][ T8281] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  262.497842][ T8281] Call Trace:
[  262.497851][ T8281]  <TASK>
[  262.497861][ T8281]  dump_stack_lvl+0x189/0x250
[  262.497898][ T8281]  ? __pfx_dump_stack_lvl+0x10/0x10
[  262.497929][ T8281]  ? __pfx__printk+0x10/0x10
[  262.497964][ T8281]  ? kobject_uevent_env+0x36b/0x8c0
[  262.498009][ T8281]  gfs2_withdraw+0xb30/0x1430
[  262.498065][ T8281]  ? __pfx_gfs2_withdraw+0x10/0x10
[  262.498104][ T8281]  ? __pfx_wake_up_bit+0x10/0x10
[  262.498136][ T8281]  ? srso_alias_return_thunk+0x5/0xfbef5
[  262.498165][ T8281]  ? srso_alias_return_thunk+0x5/0xfbef5
[  262.498198][ T8281]  ? srso_alias_return_thunk+0x5/0xfbef5
[  262.498224][ T8281]  ? gfs2_consist_inode_i+0xf5/0x110
[  262.498264][ T8281]  gfs2_jdesc_check+0x17d/0x2f0
[  262.498310][ T8281]  check_journal_clean+0x158/0x310
[  262.498347][ T8281]  ? __pfx_check_journal_clean+0x10/0x10
[  262.498385][ T8281]  ? init_journal+0x17f8/0x2260
[  262.498430][ T8281]  ? srso_alias_return_thunk+0x5/0xfbef5
[  262.498466][ T8281]  ? do_raw_spin_unlock+0x122/0x240
[  262.498500][ T8281]  ? srso_alias_return_thunk+0x5/0xfbef5
[  262.498527][ T8281]  ? _raw_spin_unlock+0x28/0x50
[  262.498563][ T8281]  ? srso_alias_return_thunk+0x5/0xfbef5
[  262.498590][ T8281]  ? gfs2_jdesc_find+0xab/0xc0
[  262.498632][ T8281]  init_journal+0x17f8/0x2260
[  262.498681][ T8281]  ? init_inodes+0xdb/0x320
[  262.498721][ T8281]  ? __pfx_init_journal+0x10/0x10
[  262.498756][ T8281]  ? srso_alias_return_thunk+0x5/0xfbef5
[  262.498783][ T8281]  ? vsnprintf+0xe11/0xf00
[  262.498831][ T8281]  ? srso_alias_return_thunk+0x5/0xfbef5
[  262.498859][ T8281]  ? snprintf+0xda/0x120
[  262.498901][ T8281]  ? init_inodes+0xdb/0x320
[  262.498937][ T8281]  ? __pfx_snprintf+0x10/0x10
[  262.498973][ T8281]  ? srso_alias_return_thunk+0x5/0xfbef5
[  262.499000][ T8281]  ? gfs2_glock_nq_num+0x13d/0x170
[  262.499043][ T8281]  init_inodes+0xdb/0x320
[  262.499081][ T8281]  gfs2_fill_super+0x1923/0x20d0
[  262.499136][ T8281]  ? __pfx_gfs2_fill_super+0x10/0x10
[  262.499168][ T8281]  ? srso_alias_return_thunk+0x5/0xfbef5
[  262.499201][ T8281]  ? init_locking+0xb8/0x210
[  262.499233][ T8281]  ? srso_alias_return_thunk+0x5/0xfbef5
[  262.499260][ T8281]  ? sb_set_blocksize+0x104/0x180
[  262.499286][ T8281]  ? srso_alias_return_thunk+0x5/0xfbef5
[  262.499314][ T8281]  ? setup_bdev_super+0x4c1/0x5b0
[  262.499353][ T8281]  get_tree_bdev_flags+0x40e/0x4d0
[  262.499387][ T8281]  ? __pfx_gfs2_fill_super+0x10/0x10
[  262.499422][ T8281]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  262.499467][ T8281]  ? srso_alias_return_thunk+0x5/0xfbef5
[  262.499505][ T8281]  gfs2_get_tree+0x51/0x1e0
[  262.499543][ T8281]  vfs_get_tree+0x92/0x2b0
[  262.499581][ T8281]  do_new_mount+0x2a2/0x9e0
[  262.499622][ T8281]  ? srso_alias_return_thunk+0x5/0xfbef5
[  262.499650][ T8281]  ? ns_capable+0x8a/0xf0
[  262.499674][ T8281]  ? __pfx_do_new_mount+0x10/0x10
[  262.499709][ T8281]  ? srso_alias_return_thunk+0x5/0xfbef5
[  262.499737][ T8281]  ? path_mount+0x61c/0xfe0
[  262.499770][ T8281]  ? srso_alias_return_thunk+0x5/0xfbef5
[  262.499812][ T8281]  __se_sys_mount+0x317/0x410
[  262.499859][ T8281]  ? __pfx___se_sys_mount+0x10/0x10
[  262.499895][ T8281]  ? srso_alias_return_thunk+0x5/0xfbef5
[  262.499930][ T8281]  ? srso_alias_return_thunk+0x5/0xfbef5
[  262.499957][ T8281]  ? __x64_sys_mount+0x20/0xc0
[  262.499998][ T8281]  do_syscall_64+0xfa/0x3b0
[  262.500025][ T8281]  ? lockdep_hardirqs_on+0x9c/0x150
[  262.500050][ T8281]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.500073][ T8281]  ? srso_alias_return_thunk+0x5/0xfbef5
[  262.500101][ T8281]  ? exc_page_fault+0x9f/0xf0
[  262.500128][ T8281]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.500152][ T8281] RIP: 0033:0x7f574899066a
[  262.500173][ T8281] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  262.500193][ T8281] RSP: 002b:00007f5749768e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  262.500218][ T8281] RAX: ffffffffffffffda RBX: 00007f5749768ef0 RCX: 00007f574899066a
[  262.500237][ T8281] RDX: 0000200000000400 RSI: 0000200000012500 RDI: 00007f5749768eb0
[  262.500255][ T8281] RBP: 0000200000000400 R08: 00007f5749768ef0 R09: 0000000000000000
[  262.500272][ T8281] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000012500
[  262.500288][ T8281] R13: 00007f5749768eb0 R14: 00000000000125bb R15: 0000200000000200
[  262.500326][ T8281]  </TASK>
[  262.936002][ T8281] gfs2: fsid=syz:syz.s: Error checking journal for spectator mount.
[  263.216048][ T8277] ext4 filesystem being mounted at /0/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  263.340384][ T8293] loop1: detected capacity change from 0 to 512
[  263.563284][ T8293] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  263.671777][ T8293] ext4 filesystem being mounted at /150/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  263.936662][ T8293] EXT4-fs error (device loop1): ext4_get_first_dir_block:3537: inode #12: block 32: comm syz.1.865: bad entry in directory: rec_len is too small for name_len - offset=0, inode=12, rec_len=12, size=2048 fake=0
[  264.127607][ T8293] EXT4-fs error (device loop1): ext4_get_first_dir_block:3540: inode #12: comm syz.1.865: directory missing '.'
[  264.411938][ T7856] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.646443][ T5867] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.735457][ T8335] loop0: detected capacity change from 0 to 512
[  265.968070][ T8335] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.879: invalid indirect mapped block 4294967295 (level 1)
[  266.209075][   T30] audit: type=1326 audit(1758590711.711:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8342 comm="syz.2.882" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f574898eec9 code=0x0
[  266.296039][ T8335] EXT4-fs (loop0): Remounting filesystem read-only
[  266.350588][ T8335] EXT4-fs (loop0): 2 truncates cleaned up
[  266.432478][ T8335] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  266.975902][ T5871] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.275143][ T8355] loop6: detected capacity change from 0 to 128
[  267.423430][ T8358] netlink: 40 bytes leftover after parsing attributes in process `syz.2.891'.
[  267.503012][ T8360] loop1: detected capacity change from 0 to 512
[  267.589523][ T8360] EXT4-fs: Ignoring removed orlov option
[  267.773246][ T8360] EXT4-fs (loop1): couldn't mount as ext3 due to feature incompatibilities
[  268.386766][ T8367] loop2: detected capacity change from 0 to 2048
[  268.418745][ T8369] loop6: detected capacity change from 0 to 512
[  268.475090][ T8364] netlink: 12 bytes leftover after parsing attributes in process `syz.3.892'.
[  268.573654][ T8369] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  268.765387][ T8367] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  268.809464][ T8369] EXT4-fs (loop6): 1 truncate cleaned up
[  268.816908][ T8369] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  269.134471][ T8367] EXT4-fs error (device loop2): ext4_search_dir:1474: inode #12: block 9: comm syz.2.893: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=13, rec_len=21, size=56 fake=0
[  269.271370][ T8367] EXT4-fs (loop2): Remounting filesystem read-only
[  270.508830][ T8392] loop7: detected capacity change from 0 to 4096
[  270.527807][ T8392] ntfs3(loop7): Different NTFS sector size (4096) and media sector size (512).
[  270.776724][ T5889] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  270.850898][ T7558] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  271.399757][ T8401] netlink: 24 bytes leftover after parsing attributes in process `syz.3.905'.
[  271.437307][ T8399] loop0: detected capacity change from 0 to 512
[  271.475895][ T8399] EXT4-fs: Ignoring removed nobh option
[  271.590898][ T8404] loop1: detected capacity change from 0 to 128
[  271.684943][ T8399] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -117
[  271.731110][ T8404] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  271.824252][ T8399] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.906: invalid indirect mapped block 256 (level 1)
[  271.907773][ T8404] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  271.980381][ T8392] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  272.036294][ T8399] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.906: invalid indirect mapped block 2683928664 (level 1)
[  272.521911][ T8411] loop2: detected capacity change from 0 to 32768
[  272.675438][ T8399] EXT4-fs (loop0): 1 truncate cleaned up
[  272.695232][ T8411] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  272.703519][ T8411] gfs2: fsid=syz:syz: Now mounting FS (format 1802)...
[  272.734813][ T8411] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error - inode = 0 19, function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 404
[  272.751779][ T8411] gfs2: fsid=syz:syz.0: G:  s:SH n:2/13 f:aqobnN t:SH d:EX/0 a:0 v:0 r:2 m:20 p:1
[  272.761081][ T8411] gfs2: fsid=syz:syz.0:  H: s:SH f:eEcH e:0 p:0 [(none)] init_inodes+0xdb/0x320
[  272.770322][ T8411] gfs2: fsid=syz:syz.0:  I: n:0/19 t:4 f:0x00 d:0x00000000 s:0 p:0
[  272.778225][ T8411] gfs2: fsid=syz:syz.0: about to withdraw this file system
[  272.794126][ T8411] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[  272.802968][ T8411] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[  272.810039][ T8411] gfs2: fsid=syz:syz.0: File system withdrawn
[  272.816101][ T8411] CPU: 1 UID: 0 PID: 8411 Comm: syz.2.899 Not tainted syzkaller #0 PREEMPT(full) 
[  272.816129][ T8411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  272.816144][ T8411] Call Trace:
[  272.816153][ T8411]  <TASK>
[  272.816162][ T8411]  dump_stack_lvl+0x189/0x250
[  272.816199][ T8411]  ? __pfx_dump_stack_lvl+0x10/0x10
[  272.816236][ T8411]  ? __pfx__printk+0x10/0x10
[  272.816271][ T8411]  ? kobject_uevent_env+0x36b/0x8c0
[  272.816316][ T8411]  gfs2_withdraw+0xb30/0x1430
[  272.816369][ T8411]  ? __pfx_gfs2_withdraw+0x10/0x10
[  272.816404][ T8411]  ? queue_delayed_work_on+0x1f7/0x280
[  272.816442][ T8411]  ? srso_alias_return_thunk+0x5/0xfbef5
[  272.816471][ T8411]  ? gfs2_consist_inode_i+0xf5/0x110
[  272.816509][ T8411]  inode_go_instantiate+0xaf7/0x1260
[  272.816553][ T8411]  ? __pfx_inode_go_instantiate+0x10/0x10
[  272.816587][ T8411]  ? srso_alias_return_thunk+0x5/0xfbef5
[  272.816614][ T8411]  ? srso_alias_return_thunk+0x5/0xfbef5
[  272.816641][ T8411]  ? gfs2_glock_nq+0x10bb/0x1900
[  272.816685][ T8411]  gfs2_instantiate+0x168/0x220
[  272.816723][ T8411]  gfs2_glock_wait+0x1d4/0x2a0
[  272.816762][ T8411]  init_journal+0xc71/0x2260
[  272.816810][ T8411]  ? init_inodes+0xdb/0x320
[  272.816849][ T8411]  ? __pfx_init_journal+0x10/0x10
[  272.816882][ T8411]  ? srso_alias_return_thunk+0x5/0xfbef5
[  272.816909][ T8411]  ? vsnprintf+0xe11/0xf00
[  272.816956][ T8411]  ? srso_alias_return_thunk+0x5/0xfbef5
[  272.816983][ T8411]  ? snprintf+0xda/0x120
[  272.817020][ T8411]  ? init_inodes+0xdb/0x320
[  272.817054][ T8411]  ? __pfx_snprintf+0x10/0x10
[  272.817089][ T8411]  ? srso_alias_return_thunk+0x5/0xfbef5
[  272.817115][ T8411]  ? gfs2_glock_nq_num+0x13d/0x170
[  272.817157][ T8411]  init_inodes+0xdb/0x320
[  272.817194][ T8411]  gfs2_fill_super+0x1923/0x20d0
[  272.817253][ T8411]  ? __pfx_gfs2_fill_super+0x10/0x10
[  272.817284][ T8411]  ? srso_alias_return_thunk+0x5/0xfbef5
[  272.817317][ T8411]  ? init_locking+0xb8/0x210
[  272.817346][ T8411]  ? srso_alias_return_thunk+0x5/0xfbef5
[  272.817374][ T8411]  ? sb_set_blocksize+0x104/0x180
[  272.817400][ T8411]  ? srso_alias_return_thunk+0x5/0xfbef5
[  272.817426][ T8411]  ? setup_bdev_super+0x4c1/0x5b0
[  272.817465][ T8411]  get_tree_bdev_flags+0x40e/0x4d0
[  272.817497][ T8411]  ? __pfx_gfs2_fill_super+0x10/0x10
[  272.817532][ T8411]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  272.817569][ T8411]  ? srso_alias_return_thunk+0x5/0xfbef5
[  272.817606][ T8411]  gfs2_get_tree+0x51/0x1e0
[  272.817643][ T8411]  vfs_get_tree+0x92/0x2b0
[  272.817680][ T8411]  do_new_mount+0x2a2/0x9e0
[  272.817720][ T8411]  ? srso_alias_return_thunk+0x5/0xfbef5
[  272.817747][ T8411]  ? ns_capable+0x8a/0xf0
[  272.817770][ T8411]  ? __pfx_do_new_mount+0x10/0x10
[  272.817804][ T8411]  ? srso_alias_return_thunk+0x5/0xfbef5
[  272.817831][ T8411]  ? path_mount+0x61c/0xfe0
[  272.817864][ T8411]  ? srso_alias_return_thunk+0x5/0xfbef5
[  272.817905][ T8411]  __se_sys_mount+0x317/0x410
[  272.817949][ T8411]  ? __pfx___se_sys_mount+0x10/0x10
[  272.817983][ T8411]  ? srso_alias_return_thunk+0x5/0xfbef5
[  272.818019][ T8411]  ? srso_alias_return_thunk+0x5/0xfbef5
[  272.818046][ T8411]  ? __x64_sys_mount+0x20/0xc0
[  272.818085][ T8411]  do_syscall_64+0xfa/0x3b0
[  272.818111][ T8411]  ? lockdep_hardirqs_on+0x9c/0x150
[  272.818135][ T8411]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.818158][ T8411]  ? srso_alias_return_thunk+0x5/0xfbef5
[  272.818185][ T8411]  ? exc_page_fault+0x9f/0xf0
[  272.818217][ T8411]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.818241][ T8411] RIP: 0033:0x7f574899066a
[  272.818262][ T8411] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  272.818282][ T8411] RSP: 002b:00007f5749768e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  272.818307][ T8411] RAX: ffffffffffffffda RBX: 00007f5749768ef0 RCX: 00007f574899066a
[  272.818325][ T8411] RDX: 0000200000000400 RSI: 0000200000012500 RDI: 00007f5749768eb0
[  272.818343][ T8411] RBP: 0000200000000400 R08: 00007f5749768ef0 R09: 0000000001000004
[  272.818360][ T8411] R10: 0000000001000004 R11: 0000000000000246 R12: 0000200000012500
[  272.818376][ T8411] R13: 00007f5749768eb0 R14: 00000000000126de R15: 0000200000000440
[  272.818413][ T8411]  </TASK>
[  272.818458][ T8411] gfs2: fsid=syz:syz.0: can't acquire journal inode glock: -5
[  273.371632][ T8399] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  273.776653][ T8399] EXT4-fs error (device loop0): ext4_lookup:1787: inode #14: comm syz.0.906: invalid fast symlink length 39
[  274.496982][ T5871] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  274.623982][ T8429] sp0: Synchronizing with TNC
[  274.757561][ T8434] sp0: Found TNC
[  275.059697][ T8438] loop2: detected capacity change from 0 to 2048
[  275.174956][ T8438] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  275.590361][ T8437] loop7: detected capacity change from 0 to 8192
[  276.515449][ T8454] loop3: detected capacity change from 0 to 1024
[  276.587949][ T8454] EXT4-fs: Ignoring removed orlov option
[  276.702077][ T8454] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  276.860971][ T8454] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  277.242088][ T5868] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  277.633712][ T8441] loop1: detected capacity change from 0 to 32768
[  277.844631][   T51] Bluetooth: hci6: command 0x0405 tx timeout
[  278.139979][ T8471] loop0: detected capacity change from 0 to 512
[  278.330793][ T8471] EXT4-fs (loop0): orphan cleanup on readonly fs
[  278.453501][ T8471] Quota error (device loop0): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0
[  278.616403][ T8471] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0
[  278.788097][ T8471] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.915: Failed to acquire dquot type 1
[  278.979822][ T8471] EXT4-fs (loop0): 1 truncate cleaned up
[  279.981876][ T8494] input: syz0 as /devices/virtual/input/input9
[  280.387612][ T8498] loop3: detected capacity change from 0 to 256
[  280.490173][ T8498] exfat: Deprecated parameter 'utf8'
[  280.495480][ T8498] exfat: Deprecated parameter 'utf8'
[  280.681946][ T8498] exfat: Deprecated parameter 'utf8'
[  280.910018][ T8498] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6d3f72e, utbl_chksum : 0xe619d30d)
[  280.961378][ T8471] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  281.434411][ T5871] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  281.520266][  T975] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  281.800831][  T975] usb 3-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  281.882286][  T975] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  281.939077][  T975] usb 3-1: Product: syz
[  281.998759][  T975] usb 3-1: Manufacturer: syz
[  282.045733][ T8516] netlink: 4 bytes leftover after parsing attributes in process `syz.6.945'.
[  282.054635][  T975] usb 3-1: SerialNumber: syz
[  282.168638][  T975] usb 3-1: config 0 descriptor??
[  283.535499][ T8526] loop3: detected capacity change from 0 to 4096
[  283.880702][ T8533] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  284.235232][ T8538] netlink: 8 bytes leftover after parsing attributes in process `syz.7.951'.
[  284.358968][ T8540] netlink: 48 bytes leftover after parsing attributes in process `syz.0.942'.
[  284.771018][ T8542] loop1: detected capacity change from 0 to 1024
[  284.778376][ T8542] EXT4-fs: Ignoring removed nomblk_io_submit option
[  285.126616][ T8542] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  285.462344][ T8542] EXT4-fs error (device loop1): __ext4_new_inode:1073: comm syz.1.952: reserved inode found cleared - inode=18
[  285.979624][ T8562] netlink: 60 bytes leftover after parsing attributes in process `syz.0.959'.
[  285.988531][ T8562] netlink: 16 bytes leftover after parsing attributes in process `syz.0.959'.
[  286.031965][ T5867] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.179726][ T8562] netlink: 60 bytes leftover after parsing attributes in process `syz.0.959'.
[  286.181291][  T975] usb 3-1: USB disconnect, device number 6
[  286.960897][ T8578] loop6: detected capacity change from 0 to 16
[  286.968027][ T8578] MTD: Attempt to mount non-MTD device "/dev/loop6"
[  287.392915][ T3511] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  287.704991][ T5930] udevd[5930]: incorrect cramfs checksum on /dev/loop6
[  287.850692][ T3511] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  287.968061][ T8595] loop9: detected capacity change from 0 to 7
[  288.003236][ T7162] Buffer I/O error on dev loop9, logical block 0, async page read
[  288.052298][ T7162] Buffer I/O error on dev loop9, logical block 0, async page read
[  288.098575][ T7162] Buffer I/O error on dev loop9, logical block 0, async page read
[  288.109780][ T7162] Buffer I/O error on dev loop9, logical block 0, async page read
[  288.125769][ T7162] Buffer I/O error on dev loop9, logical block 0, async page read
[  288.144130][ T7162] Buffer I/O error on dev loop9, logical block 0, async page read
[  288.147010][ T3511] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  288.163580][   T30] audit: type=1326 audit(1758590733.661:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8596 comm="syz.2.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f574898eec9 code=0x7ffc0000
[  288.172513][ T7162] Buffer I/O error on dev loop9, logical block 0, async page read
[  288.251521][   T30] audit: type=1326 audit(1758590733.661:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8596 comm="syz.2.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f574898eec9 code=0x7ffc0000
[  288.316888][ T7162] ldm_validate_partition_table(): Disk read failed.
[  288.355019][   T30] audit: type=1326 audit(1758590733.661:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8596 comm="syz.2.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f574898eec9 code=0x7ffc0000
[  288.357247][ T7162] Buffer I/O error on dev loop9, logical block 0, async page read
[  288.392422][ T8599] loop6: detected capacity change from 0 to 256
[  288.483396][   T30] audit: type=1326 audit(1758590733.761:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8596 comm="syz.2.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f574898eec9 code=0x7ffc0000
[  288.498273][ T7162] Buffer I/O error on dev loop9, logical block 0, async page read
[  288.583354][ T7162] Buffer I/O error on dev loop9, logical block 0, async page read
[  288.649415][   T30] audit: type=1326 audit(1758590733.761:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8596 comm="syz.2.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f574898eec9 code=0x7ffc0000
[  288.659063][ T7162] Dev loop9: unable to read RDB block 0
[  288.686414][ T3511] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  288.703649][ T8608] loop0: detected capacity change from 0 to 256
[  288.728549][ T7162]  loop9: unable to read partition table
[  288.747513][ T8608] exfat: Deprecated parameter 'utf8'
[  288.753438][ T8610] program syz.2.977 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  288.763539][ T7162] loop9: partition table beyond EOD, truncated
[  288.778683][   T30] audit: type=1326 audit(1758590733.761:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8601 comm="syz.2.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f57489c1785 code=0x7ffc0000
[  288.813891][   T30] audit: type=1326 audit(1758590733.921:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8601 comm="syz.2.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f574898eec9 code=0x7ffc0000
[  288.824648][ T8608] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011d93, chksum : 0x4501cc6b, utbl_chksum : 0xe619d30d)
[  288.885429][ T8611] loop3: detected capacity change from 0 to 1024
[  289.012542][ T8584] loop1: detected capacity change from 0 to 32768
[  289.122052][ T8584] (syz.1.967,8584,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  289.162145][   T13] hfsplus: b-tree write err: -5, ino 4
[  289.242666][ T8584] (syz.1.967,8584,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  289.401587][ T8584] (syz.1.967,8584,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xcfdff595, computed 0xefed4a20. Applying ECC.
[  289.564218][ T8626] netlink: 'syz.0.984': attribute type 1 has an invalid length.
[  289.565222][ T3511] bridge_slave_1: left allmulticast mode
[  289.607637][ T3511] bridge_slave_1: left promiscuous mode
[  289.614140][ T8626] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  289.621673][ T8626] IPv6: NLM_F_CREATE should be set when creating new route
[  289.624072][ T3511] bridge0: port 2(bridge_slave_1) entered disabled state
[  289.628926][ T8626] IPv6: NLM_F_CREATE should be set when creating new route
[  289.665142][ T8584] JBD2: Ignoring recovery information on journal
[  289.696255][ T3511] bridge_slave_0: left allmulticast mode
[  289.759082][ T3511] bridge_slave_0: left promiscuous mode
[  289.789674][ T3511] bridge0: port 1(bridge_slave_0) entered disabled state
[  289.799160][ T8500] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  289.827737][ T8635] loop6: detected capacity change from 0 to 16
[  289.839168][   T10] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  289.872272][ T8584] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  289.872723][ T8635] erofs (device loop6): mounted with root inode @ nid 36.
[  290.002932][   T30] audit: type=1800 audit(1758590735.511:42): pid=8635 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.989" name="file1" dev="loop6" ino=86 res=0 errno=0
[  290.029208][   T10] usb 3-1: Using ep0 maxpacket: 32
[  290.034492][ T8500] usb 8-1: Using ep0 maxpacket: 16
[  290.062504][   T10] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  290.073368][ T8500] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  290.094549][   T10] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  290.119746][ T8500] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  290.135154][   T10] usb 3-1: config 1 interface 2 altsetting 0 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  290.161365][ T8500] usb 8-1: New USB device found, idVendor=054c, idProduct=05c4, bcdDevice= 0.00
[  290.171137][   T10] usb 3-1: Duplicate descriptor for config 1 interface 2 altsetting 0, skipping
[  290.178449][ T5867] ocfs2: Unmounting device (7,1) on (node local)
[  290.180550][ T8500] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  290.183642][ T8500] usb 8-1: config 0 descriptor??
[  290.219293][   T10] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  290.237108][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  290.248521][   T10] usb 3-1: Product: syz
[  290.255278][   T10] usb 3-1: Manufacturer: syz
[  290.260348][   T10] usb 3-1: SerialNumber: syz
[  290.680737][ T8500] playstation 0003:054C:05C4.000D: unbalanced collection at end of report description
[  290.706866][   T10] usb 3-1: USB disconnect, device number 7
[  290.744729][ T8500] playstation 0003:054C:05C4.000D: Parse failed
[  290.781131][ T8500] playstation 0003:054C:05C4.000D: probe with driver playstation failed with error -22
[  290.931432][ T8500] usb 8-1: USB disconnect, device number 2
[  291.983104][ T8685] GUP no longer grows the stack in syz.7.1006 (8685): 200000005000-200000008000 (200000004000)
[  292.036192][ T8685] CPU: 1 UID: 0 PID: 8685 Comm: syz.7.1006 Not tainted syzkaller #0 PREEMPT(full) 
[  292.036225][ T8685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  292.036241][ T8685] Call Trace:
[  292.036251][ T8685]  <TASK>
[  292.036261][ T8685]  dump_stack_lvl+0x189/0x250
[  292.036301][ T8685]  ? __pfx_dump_stack_lvl+0x10/0x10
[  292.036330][ T8685]  ? __pfx__printk+0x10/0x10
[  292.036362][ T8685]  ? find_vma+0xe7/0x160
[  292.036401][ T8685]  ? srso_alias_return_thunk+0x5/0xfbef5
[  292.036438][ T8685]  fixup_user_fault+0x661/0x720
[  292.036476][ T8685]  fault_in_user_writeable+0x72/0xe0
[  292.036508][ T8685]  futex_lock_pi+0x773/0xa90
[  292.036554][ T8685]  ? __pfx_futex_lock_pi+0x10/0x10
[  292.036616][ T8685]  ? futex_private_hash_put+0x4b/0x280
[  292.036642][ T8685]  ? srso_alias_return_thunk+0x5/0xfbef5
[  292.036675][ T8685]  ? __pfx_futex_wake_mark+0x10/0x10
[  292.036719][ T8685]  ? __pfx_futex_wake+0x10/0x10
[  292.036752][ T8685]  ? userfaultfd_unmap_complete+0x278/0x2d0
[  292.036796][ T8685]  ? __pfx_userfaultfd_unmap_complete+0x10/0x10
[  292.036833][ T8685]  ? srso_alias_return_thunk+0x5/0xfbef5
[  292.036868][ T8685]  do_futex+0x292/0x420
[  292.036898][ T8685]  ? srso_alias_return_thunk+0x5/0xfbef5
[  292.036932][ T8685]  ? __pfx_do_futex+0x10/0x10
[  292.036963][ T8685]  ? srso_alias_return_thunk+0x5/0xfbef5
[  292.036990][ T8685]  ? __vm_munmap+0x301/0x3d0
[  292.037027][ T8685]  __se_sys_futex+0x36f/0x400
[  292.037067][ T8685]  ? __pfx___se_sys_futex+0x10/0x10
[  292.037099][ T8685]  ? srso_alias_return_thunk+0x5/0xfbef5
[  292.037126][ T8685]  ? rcu_is_watching+0x15/0xb0
[  292.037163][ T8685]  ? srso_alias_return_thunk+0x5/0xfbef5
[  292.037190][ T8685]  ? __x64_sys_futex+0x21/0xf0
[  292.037225][ T8685]  do_syscall_64+0xfa/0x3b0
[  292.037253][ T8685]  ? lockdep_hardirqs_on+0x9c/0x150
[  292.037278][ T8685]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  292.037300][ T8685]  ? srso_alias_return_thunk+0x5/0xfbef5
[  292.037329][ T8685]  ? exc_page_fault+0x9f/0xf0
[  292.037357][ T8685]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  292.037380][ T8685] RIP: 0033:0x7fcd2918eec9
[  292.037401][ T8685] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  292.037422][ T8685] RSP: 002b:00007fcd2a0ab038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  292.037447][ T8685] RAX: ffffffffffffffda RBX: 00007fcd293e5fa0 RCX: 00007fcd2918eec9
[  292.037466][ T8685] RDX: 00000000fffffffd RSI: 000000000000008d RDI: 0000200000004000
[  292.037482][ T8685] RBP: 00007fcd29211f91 R08: 0000000000000000 R09: 0000000000000000
[  292.037497][ T8685] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  292.037512][ T8685] R13: 00007fcd293e6038 R14: 00007fcd293e5fa0 R15: 00007ffe468baf18
[  292.037550][ T8685]  </TASK>
[  292.404401][ T3511] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  292.439919][ T8693] loop6: detected capacity change from 0 to 256
[  292.473924][ T3511] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  292.479980][ T8693] FAT-fs (loop6): Directory bread(block 64) failed
[  292.539535][ T3511] bond0 (unregistering): Released all slaves
[  292.558320][ T8693] FAT-fs (loop6): Directory bread(block 65) failed
[  292.565510][ T8693] FAT-fs (loop6): Directory bread(block 66) failed
[  292.575928][ T8693] FAT-fs (loop6): Directory bread(block 67) failed
[  292.582890][ T8693] FAT-fs (loop6): Directory bread(block 68) failed
[  292.589593][ T8693] FAT-fs (loop6): Directory bread(block 69) failed
[  292.596177][ T8693] FAT-fs (loop6): Directory bread(block 70) failed
[  292.603173][ T8693] FAT-fs (loop6): Directory bread(block 71) failed
[  292.629064][ T8693] FAT-fs (loop6): Directory bread(block 72) failed
[  292.635589][ T8693] FAT-fs (loop6): Directory bread(block 73) failed
[  293.099288][   T10] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  293.302720][   T10] usb 3-1: New USB device found, idVendor=0547, idProduct=0201, bcdDevice=11.64
[  293.349145][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  293.357167][   T10] usb 3-1: Product: syz
[  293.408972][   T10] usb 3-1: Manufacturer: syz
[  293.446441][   T10] usb 3-1: SerialNumber: syz
[  293.477768][   T10] usb 3-1: config 0 descriptor??
[  293.511815][   T10] dvb-usb: found a 'Nebula Electronics uDigiTV DVB-T USB2.0)' in warm state.
[  293.533640][ T8724] loop3: detected capacity change from 0 to 1024
[  293.574839][   T10] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  293.625460][   T10] dvbdev: DVB: registering new adapter (Nebula Electronics uDigiTV DVB-T USB2.0))
[  293.672662][ T8731] loop0: detected capacity change from 0 to 128
[  293.711636][   T10] usb 3-1: media controller created
[  293.735535][ T8703] dvb-usb: bulk message failed: -22 (7/0)
[  293.759228][  T975] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  293.805989][ T8731] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  293.878821][   T10] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  293.907503][ T8731] hpfs: filesystem error: improperly stopped
[  293.930473][  T975] usb 7-1: Using ep0 maxpacket: 16
[  293.949050][ T8731] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  293.956782][ T8731] hpfs: You really don't want any checks? You are crazy...
[  293.966755][ T8734] loop7: detected capacity change from 0 to 1024
[  293.990464][ T3471] hfsplus: b-tree write err: -5, ino 4
[  293.994023][  T975] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  294.017345][ T8731] hpfs: hpfs_map_sector(): read error
[  294.073569][  T975] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  294.081267][ T8731] hpfs: code page support is disabled
[  294.093971][ T8731] hpfs: hpfs_map_4sectors(): unaligned read
[  294.103165][ T8731] hpfs: hpfs_map_4sectors(): unaligned read
[  294.118985][ T3511] hsr_slave_0: left promiscuous mode
[  294.134197][ T8731] hpfs: filesystem error: unable to find root dir
[  294.143828][ T3511] hsr_slave_1: left promiscuous mode
[  294.170480][ T8734] hfsplus: invalid extended attribute record
[  294.184594][  T975] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  294.189708][ T3511] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  294.224240][  T975] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  294.272138][ T3511] batman_adv: batadv0: Removing interface: batadv_slave_0
[  294.283376][ T8731] hpfs: hpfs_map_4sectors(): unaligned read
[  294.299950][  T975] usb 7-1: config 0 descriptor??
[  294.332451][   T10] DVB: Unable to find symbol mt352_attach()
[  294.354924][ T3511] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  294.417872][ T3511] batman_adv: batadv0: Removing interface: batadv_slave_1
[  294.441623][ T3471] hfsplus: b-tree write err: -5, ino 8
[  294.583571][   T10] DVB: Unable to find symbol nxt6000_attach()
[  294.609055][   T10] dvb-usb: no frontend was attached by 'Nebula Electronics uDigiTV DVB-T USB2.0)'
[  294.687664][ T3511] veth1_macvtap: left promiscuous mode
[  294.720833][   T10] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input10
[  294.746990][ T3511] veth0_macvtap: left promiscuous mode
[  294.783339][  T975] microsoft 0003:045E:07DA.000E: unknown main item tag 0x1
[  294.784377][ T3511] veth1_vlan: left promiscuous mode
[  294.816905][   T10] dvb-usb: schedule remote query interval to 1000 msecs.
[  294.819516][  T975] microsoft 0003:045E:07DA.000E: unbalanced collection at end of report description
[  294.847293][ T8754] loop3: detected capacity change from 0 to 512
[  294.872272][ T8755] loop0: detected capacity change from 0 to 256
[  294.879302][ T3511] veth0_vlan: left promiscuous mode
[  294.889038][   T10] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0) successfully initialized and connected.
[  294.908584][  T975] microsoft 0003:045E:07DA.000E: parse failed
[  294.931800][   T10] dvb-usb: bulk message failed: -22 (7/0)
[  294.934864][  T975] microsoft 0003:045E:07DA.000E: probe with driver microsoft failed with error -22
[  294.937847][   T10] dvb-usb: bulk message failed: -22 (7/0)
[  294.950947][ T8755] exfat: Deprecated parameter 'utf8'
[  294.986276][ T8754] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  294.988013][   T10] usb 3-1: USB disconnect, device number 8
[  295.006715][ T8755] exfat: Deprecated parameter 'utf8'
[  295.080230][ T8755] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  295.109189][ T8754] ext4 filesystem being mounted at /171/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  295.111126][  T975] usb 7-1: USB disconnect, device number 3
[  295.387793][   T10] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0 successfully deinitialized and disconnected.
[  295.516707][ T5868] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.676393][ T8773] F2FS-fs: Conflicting test_dummy_encryption options
[  296.818316][ T8784] loop1: detected capacity change from 0 to 32768
[  297.509083][ T3511] team0 (unregistering): Port device team_slave_1 removed
[  297.591220][ T3511] team0 (unregistering): Port device team_slave_0 removed
[  297.695972][ T8803] loop1: detected capacity change from 0 to 32768
[  297.922049][ T8805] loop3: detected capacity change from 0 to 32768
[  298.001256][   T51] Bluetooth: hci5: command 0x0406 tx timeout
[  298.279708][ T8799] netlink: 'syz.0.1051': attribute type 1 has an invalid length.
[  298.297889][ T8799] netlink: 244 bytes leftover after parsing attributes in process `syz.0.1051'.
[  298.344842][ T8769] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  298.389598][ T8769] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  298.566090][ T8769] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  298.594662][ T8769] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  298.739111][ T8817] loop3: detected capacity change from 0 to 1024
[  298.747930][ T8769] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  298.790245][ T8769] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  298.811249][ T8817] EXT4-fs: Ignoring removed nomblk_io_submit option
[  298.861646][ T8769] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  298.892969][ T8769] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  298.998584][ T8817] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  299.063035][ T8769] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  299.078581][ T8827] loop6: detected capacity change from 0 to 512
[  299.129529][ T8769] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  299.185383][ T8831] netlink: 65039 bytes leftover after parsing attributes in process `syz.0.1064'.
[  299.211388][ T8769] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  299.428366][ T8769] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  299.444249][ T5868] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  299.447042][ T8769] Bluetooth: hci6: Opcode 0x0406 failed: -4
[  299.553124][ T8841] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1068'.
[  299.612611][ T8769] Bluetooth: hci6: Opcode 0x0406 failed: -4
[  299.729474][ T8847] sock: sock_timestamping_bind_phc: sock not bind to device
[  300.400520][ T5885] Bluetooth: hci0: command 0x0406 tx timeout
[  300.489539][ T8881] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1082'.
[  300.528078][ T8881] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1082'.
[  300.564908][ T8871] loop0: detected capacity change from 0 to 4096
[  300.639281][ T5885] Bluetooth: hci1: command 0x0406 tx timeout
[  300.789675][ T8871] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  300.799272][ T5885] Bluetooth: hci3: command 0x0406 tx timeout
[  300.879106][ T5885] Bluetooth: hci5: command 0x0406 tx timeout
[  300.951020][ T8871] ntfs3(loop0): ino=9, ntfs_sync_fs failed, -22.
[  301.031917][ T8895] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1088'.
[  301.119331][ T5885] Bluetooth: hci4: command 0x0c1a tx timeout
[  301.228403][ T5871] ntfs3(loop0): ino=9, ntfs_sync_fs failed, -22.
[  301.315073][ T8902] netlink: 88 bytes leftover after parsing attributes in process `syz.2.1092'.
[  301.439344][ T5885] Bluetooth: hci6: command 0x0405 tx timeout
[  301.897925][ T8917] loop2: detected capacity change from 0 to 2048
[  302.076009][ T8917] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  302.478983][ T5885] Bluetooth: hci0: command 0x0406 tx timeout
[  302.719276][ T5885] Bluetooth: hci1: command 0x0406 tx timeout
[  302.868465][ T8906] loop1: detected capacity change from 0 to 32768
[  302.884562][ T5885] Bluetooth: hci3: command 0x0406 tx timeout
[  302.905568][ T8906] XFS: noikeep mount option is deprecated.
[  302.956513][ T8937] sctp: [Deprecated]: syz.2.1102 (pid 8937) Use of int in maxseg socket option.
[  302.956513][ T8937] Use struct sctp_assoc_value instead
[  302.971353][ T5885] Bluetooth: hci5: command 0x0406 tx timeout
[  303.018284][ T8910] loop6: detected capacity change from 0 to 32768
[  303.106532][ T8906] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  303.161752][ T8920] loop3: detected capacity change from 0 to 32768
[  303.178019][ T8920] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1097 (8920)
[  303.199721][ T5885] Bluetooth: hci4: command 0x0c1a tx timeout
[  303.272103][ T8920] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  303.399033][ T8920] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  303.498110][ T8960] loop0: detected capacity change from 0 to 512
[  303.518966][ T5885] Bluetooth: hci6: command 0x0405 tx timeout
[  303.692695][   T10] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  303.699048][ T8906] XFS (loop1): Ending clean mount
[  303.743282][ T8906] XFS (loop1): Quotacheck needed: Please wait.
[  303.762309][ T8960] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  303.823196][ T8920] BTRFS info (device loop3): enabling ssd optimizations
[  303.884297][ T8920] BTRFS info (device loop3): enabling free space tree
[  303.899578][ T8960] ext4 filesystem being mounted at /198/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  303.930275][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  303.952040][ T8906] XFS (loop1): Quotacheck: Done.
[  303.971401][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  303.993193][   T10] usb 7-1: New USB device found, idVendor=056a, idProduct=030c, bcdDevice= 0.00
[  304.003083][   T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  304.016861][   T10] usb 7-1: config 0 descriptor??
[  304.287501][ T5867] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  304.292694][ T5871] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  304.376902][ T8986] tipc: Started in network mode
[  304.401124][ T8986] tipc: Node identity e0000002, cluster identity 4711
[  304.429809][ T5868] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  304.459126][ T8986] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  304.677986][ T6022] usb 7-1: USB disconnect, device number 4
[  304.983229][ T8994] loop7: detected capacity change from 0 to 4096
[  305.096874][ T8996] loop3: detected capacity change from 0 to 1024
[  305.143227][ T8999] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  305.233997][ T9002] loop1: detected capacity change from 0 to 1024
[  305.288581][ T9002] EXT4-fs: inline encryption not supported
[  305.289957][ T5885] Bluetooth: hci4: command 0x0c1a tx timeout
[  305.409213][ T9002] EXT4-fs: Ignoring removed i_version option
[  305.445390][ T8966] loop2: detected capacity change from 0 to 32768
[  305.558858][ T9002] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  305.599113][ T5885] Bluetooth: hci6: command 0x0405 tx timeout
[  305.781521][ T9016] netlink: 'syz.3.1119': attribute type 1 has an invalid length.
[  306.065872][ T5867] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  306.856714][ T9013] loop7: detected capacity change from 0 to 131072
[  306.876794][ T9013] F2FS-fs (loop7): QUOTA feature is enabled, so ignore qf_name
[  306.914689][ T9034] loop6: detected capacity change from 0 to 1024
[  306.934773][ T9037] loop3: detected capacity change from 0 to 512
[  306.966215][ T9037] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  307.059389][ T9013] F2FS-fs (loop7): Bad quota inode 2:2048
[  307.065157][ T9013] F2FS-fs (loop7): Failed to enable quota tracking (type=2, err=-2). Please run fsck to fix.
[  307.075395][ T9013] F2FS-fs (loop7): Cannot turn on quotas: error -2
[  307.077364][ T9034] EXT4-fs (loop6): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  307.082022][ T9013] F2FS-fs (loop7): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  307.105653][ T9013] F2FS-fs (loop7): Mounted with checkpoint version = 1b41e955
[  307.132805][ T9034] ext4 filesystem being mounted at /80/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  307.211871][ T9037] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  307.312294][ T9037] ext4 filesystem being mounted at /192/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  307.478698][ T9037] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  307.483657][ T7558] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  307.559311][ T9037] EXT4-fs (loop3): changing journal_checksum during remount not supported; ignoring
[  307.648302][ T9037] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000.
[  307.922612][ T5868] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  308.461123][ T9031] loop0: detected capacity change from 0 to 32768
[  308.481948][ T9067] loop2: detected capacity change from 0 to 256
[  308.490898][ T9031] XFS: attr2 mount option is deprecated.
[  308.512557][ T9067] exfat: Deprecated parameter 'utf8'
[  308.521183][ T9067] exfat: Deprecated parameter 'utf8'
[  308.536486][ T9031] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  308.588846][ T9035] loop1: detected capacity change from 0 to 40427
[  308.591747][ T9067] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x23a77120, utbl_chksum : 0xe619d30d)
[  308.654417][ T9035] F2FS-fs (loop1): invalid crc value
[  308.692484][ T9031] XFS (loop0): Ending clean mount
[  308.795464][ T9031] XFS (loop0): Quotacheck needed: Please wait.
[  308.925098][ T9031] XFS (loop0): Quotacheck: Done.
[  309.213500][ T9035] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  309.228578][ T9085] loop3: detected capacity change from 0 to 128
[  309.253133][ T9035] F2FS-fs (loop1): Start checkpoint disabled!
[  309.302306][ T9085] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  309.329630][ T9035] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  309.337711][ T9085] FAT-fs (loop3): Filesystem has been set read-only
[  309.356720][ T5871] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  309.466888][ T9091] loop7: detected capacity change from 0 to 4096
[  309.467453][   T30] audit: type=1800 audit(1758590754.971:43): pid=9035 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1124" name="bus" dev="loop1" ino=10 res=0 errno=0
[  309.562293][ T9091] NILFS (loop7): invalid segment: Checksum error in segment payload
[  309.616053][ T9091] NILFS (loop7): trying rollback from an earlier position
[  309.673707][ T9091] NILFS (loop7): recovery complete
[  309.719425][ T9099] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  309.768560][   T49] kworker/u8:3: attempt to access beyond end of device
[  309.768560][   T49] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  309.894095][   T49] CPU: 0 UID: 0 PID: 49 Comm: kworker/u8:3 Not tainted syzkaller #0 PREEMPT(full) 
[  309.894127][   T49] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  309.894143][   T49] Workqueue: writeback wb_workfn (flush-7:1)
[  309.894200][   T49] Call Trace:
[  309.894210][   T49]  <TASK>
[  309.894219][   T49]  dump_stack_lvl+0x189/0x250
[  309.894255][   T49]  ? __pfx_dump_stack_lvl+0x10/0x10
[  309.894284][   T49]  ? __pfx_queue_work_on+0x10/0x10
[  309.894309][   T49]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  309.894348][   T49]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  309.894400][   T49]  f2fs_handle_critical_error+0x37c/0x540
[  309.894445][   T49]  f2fs_write_end_io+0x886/0xb60
[  309.894492][   T49]  __submit_merged_bio+0x27a/0x6a0
[  309.894536][   T49]  __submit_merged_write_cond+0x255/0x530
[  309.894579][   T49]  f2fs_write_data_pages+0x261d/0x3000
[  309.894643][   T49]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  309.894665][   T49]  ? __local_bh_enable_ip+0x12d/0x1c0
[  309.894705][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  309.894732][   T49]  ? rcu_is_watching+0x15/0xb0
[  309.894796][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  309.894823][   T49]  ? rcu_is_watching+0x15/0xb0
[  309.894846][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  309.894874][   T49]  ? trace_pelt_se_tp+0x39/0x130
[  309.894924][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  309.894977][   T49]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  309.895003][   T49]  do_writepages+0x32e/0x550
[  309.895041][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  309.895068][   T49]  ? reacquire_held_locks+0x127/0x1d0
[  309.895093][   T49]  ? writeback_sb_inodes+0x384/0x1010
[  309.895140][   T49]  __writeback_single_inode+0x145/0xff0
[  309.895191][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  309.895218][   T49]  ? do_raw_spin_unlock+0x122/0x240
[  309.895254][   T49]  writeback_sb_inodes+0x6c7/0x1010
[  309.895287][   T49]  ? save_fpregs_to_fpstate+0xa3/0x210
[  309.895347][   T49]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  309.895427][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  309.895455][   T49]  ? rcu_is_watching+0x15/0xb0
[  309.895479][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  309.895517][   T49]  wb_writeback+0x43b/0xaf0
[  309.895558][   T49]  ? queue_io+0x381/0x590
[  309.895593][   T49]  ? __pfx_wb_writeback+0x10/0x10
[  309.895634][   T49]  ? _raw_spin_unlock_irq+0x23/0x50
[  309.895679][   T49]  wb_workfn+0x409/0xef0
[  309.895723][   T49]  ? __pfx_wb_workfn+0x10/0x10
[  309.895754][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  309.895781][   T49]  ? __lock_acquire+0xab9/0xd20
[  309.895831][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  309.895862][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  309.895894][   T49]  ? _raw_spin_unlock_irq+0x23/0x50
[  309.895930][   T49]  ? process_scheduled_works+0x9ef/0x17b0
[  309.895953][   T49]  ? process_scheduled_works+0x9ef/0x17b0
[  309.895979][   T49]  process_scheduled_works+0xae1/0x17b0
[  309.896039][   T49]  ? __pfx_process_scheduled_works+0x10/0x10
[  309.896072][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  309.896109][   T49]  worker_thread+0x8a0/0xda0
[  309.896197][   T49]  kthread+0x711/0x8a0
[  309.896233][   T49]  ? __pfx_worker_thread+0x10/0x10
[  309.896256][   T49]  ? __pfx_kthread+0x10/0x10
[  309.896284][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  309.896315][   T49]  ? _raw_spin_unlock_irq+0x23/0x50
[  309.896350][   T49]  ? srso_alias_return_thunk+0x5/0xfbef5
[  309.896377][   T49]  ? lockdep_hardirqs_on+0x9c/0x150
[  309.896400][   T49]  ? __pfx_kthread+0x10/0x10
[  309.896432][   T49]  ret_from_fork+0x439/0x7d0
[  309.896460][   T49]  ? __pfx_ret_from_fork+0x10/0x10
[  309.896493][   T49]  ? __switch_to_asm+0x39/0x70
[  309.896523][   T49]  ? __switch_to_asm+0x33/0x70
[  309.896553][   T49]  ? __pfx_kthread+0x10/0x10
[  309.896584][   T49]  ret_from_fork_asm+0x1a/0x30
[  309.896635][   T49]  </TASK>
[  310.268600][   T49] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  310.690266][ T9113] loop6: detected capacity change from 0 to 1024
[  310.745270][ T9113] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  310.832261][ T9120] loop3: detected capacity change from 0 to 512
[  310.918798][ T9120] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  310.949147][ T9120] ext4 filesystem being mounted at /200/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  310.991715][ T7558] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  311.030637][ T9120] EXT4-fs error (device loop3): ext4_add_entry:2417: inode #12: comm syz.3.1157: Directory hole found for htree leaf block 0
[  311.179109][  T975] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  311.263790][ T5868] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  311.352654][  T975] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  311.352977][ T9135] loop1: detected capacity change from 0 to 512
[  311.428984][  T975] usb 8-1: New USB device found, idVendor=0079, idProduct=1846, bcdDevice= 0.00
[  311.489477][  T975] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  311.526494][ T9135] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  311.575884][  T975] usb 8-1: config 0 descriptor??
[  311.594499][ T9135] ext4 filesystem being mounted at /192/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  311.746267][ T9143] tipc: New replicast peer: 10.1.1.2
[  311.771962][ T9143] tipc: Enabled bearer <udp:syz2>, priority 10
[  311.865967][ T5867] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  312.001861][  T975] hid_mf 0003:0079:1846.0010: unknown main item tag 0x1
[  312.060891][  T975] hid_mf 0003:0079:1846.0010: hidraw0: USB HID v0.00 Device [HID 0079:1846] on usb-dummy_hcd.7-1/input0
[  312.131092][  T975] hid_mf 0003:0079:1846.0010: Invalid report, this should never happen!
[  312.171591][  T975] hid_mf 0003:0079:1846.0010: Force feedback init failed.
[  312.248319][  T975] usb 8-1: USB disconnect, device number 3
[  312.373848][ T9153] fido_id[9153]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.7/usb8/report_descriptor': No such file or directory
[  312.921736][ T9137] loop3: detected capacity change from 0 to 32768
[  313.136214][ T9137] 
[  313.136214][ T9137]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  313.136214][ T9137] 
[  313.149447][ T9166] sp0: Synchronizing with TNC
[  313.239395][ T9137] 
[  313.239395][ T9137]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  313.239395][ T9137] 
[  313.266591][ T9172] loop0: detected capacity change from 0 to 64
[  313.293003][ T9137] 
[  313.293003][ T9137]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  313.293003][ T9137] 
[  313.339542][ T9137] 
[  313.339542][ T9137]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  313.339542][ T9137] 
[  313.401556][ T9137] 
[  313.401556][ T9137]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  313.401556][ T9137] 
[  313.496586][ T9137] 
[  313.496586][ T9137]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  313.496586][ T9137] 
[  313.542832][ T9137] 
[  313.542832][ T9137]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  313.542832][ T9137] 
[  313.579273][ T9152] loop1: detected capacity change from 0 to 32768
[  313.622221][ T9152] XFS: noikeep mount option is deprecated.
[  313.648457][ T9141] loop6: detected capacity change from 0 to 32768
[  313.708197][ T9141] XFS: attr2 mount option is deprecated.
[  313.745300][ T9152] XFS (loop1): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  313.765094][  T111] 
[  313.765094][  T111]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  313.765094][  T111] 
[  313.867723][ T9141] XFS (loop6): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  313.919235][ T5868] 
[  313.919235][ T5868]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  313.919235][ T5868] 
[  314.018101][ T9152] XFS (loop1): Ending clean mount
[  314.048580][ T5868] 
[  314.048580][ T5868]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  314.048580][ T5868] 
[  314.113359][ T9141] XFS (loop6): Ending clean mount
[  314.154701][ T9141] XFS (loop6): Quotacheck needed: Please wait.
[  314.189376][ T9152] XFS (loop1): Quotacheck needed: Please wait.
[  314.313134][ T9141] XFS (loop6): Quotacheck: Done.
[  314.400632][ T9152] XFS (loop1): Quotacheck: Done.
[  314.713153][ T5867] XFS (loop1): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  314.723787][ T7558] XFS (loop6): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  314.810919][ T9224] loop7: detected capacity change from 0 to 1024
[  314.932902][ T9224] EXT4-fs (loop7): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  315.047173][ T9229] usb usb8: usbfs: process 9229 (syz.3.1178) did not claim interface 0 before use
[  315.106625][ T9224] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  315.594739][ T7856] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  315.899337][ T9255] netlink: 20 bytes leftover after parsing attributes in process `syz.7.1197'.
[  315.943100][ T9257] loop2: detected capacity change from 0 to 2048
[  316.109110][ T9257] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  316.150570][ T9257] ext4 filesystem being mounted at /231/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  316.166783][ T9262] loop0: detected capacity change from 0 to 2048
[  316.254849][ T9262] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  316.397530][ T9272] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  316.400085][ T6070] udevd[6070]: incorrect nilfs2 checksum on /dev/loop0
[  316.424848][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  316.449396][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  316.552923][ T1206] IPVS: starting estimator thread 0...
[  316.595913][ T9279] loop7: detected capacity change from 0 to 512
[  316.601687][ T5889] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  316.669087][ T9280] IPVS: using max 24 ests per chain, 57600 per kthread
[  316.733873][ T9279] EXT4-fs (loop7): revision level too high, forcing read-only mode
[  316.841329][ T9279] EXT4-fs (loop7): orphan cleanup on readonly fs
[  316.959254][ T9279] Quota error (device loop7): find_block_dqentry: Quota for id 0 referenced but not present
[  316.987228][ T9279] Quota error (device loop7): qtree_read_dquot: Can't read quota structure for id 0
[  317.061992][ T9279] EXT4-fs error (device loop7): ext4_acquire_dquot:6937: comm syz.7.1205: Failed to acquire dquot type 1
[  317.172817][ T9279] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.1205: bg 0: block 40: padding at end of block bitmap is not set
[  317.252749][ T9279] EXT4-fs error (device loop7) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  317.320755][ T9279] EXT4-fs (loop7): 1 truncate cleaned up
[  317.360287][ T9279] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  317.471601][ T9279] EXT4-fs error (device loop7): ext4_get_link:106: inode #16: comm syz.7.1205: bad symlink.
[  317.519993][ T9307] EXT4-fs error (device loop7): ext4_get_link:106: inode #16: comm syz.7.1205: bad symlink.
[  317.539750][ T9309] program syz.0.1215 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  317.843322][ T7856] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  317.948002][ T9317] hugetlbfs: Bad value for 'uid'
[  317.998333][ T9317] hugetlbfs: Bad value for 'uid'
[  318.138417][ T9290] loop1: detected capacity change from 0 to 32768
[  318.469033][  T110] ==================================================================
[  318.477128][  T110] BUG: KASAN: slab-use-after-free in jfs_lazycommit+0x74b/0xa90
[  318.484765][  T110] Read of size 4 at addr ffff888027de9a94 by task jfsCommit/110
[  318.492383][  T110] 
[  318.494701][  T110] CPU: 0 UID: 0 PID: 110 Comm: jfsCommit Not tainted syzkaller #0 PREEMPT(full) 
[  318.494729][  T110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  318.494744][  T110] Call Trace:
[  318.494754][  T110]  <TASK>
[  318.494763][  T110]  dump_stack_lvl+0x189/0x250
[  318.494795][  T110]  ? __kasan_check_byte+0x12/0x40
[  318.494831][  T110]  ? __pfx_dump_stack_lvl+0x10/0x10
[  318.494859][  T110]  ? srso_alias_return_thunk+0x5/0xfbef5
[  318.494887][  T110]  ? lock_release+0x4b/0x3e0
[  318.494926][  T110]  ? srso_alias_return_thunk+0x5/0xfbef5
[  318.494954][  T110]  ? __virt_addr_valid+0x4a5/0x5c0
[  318.494987][  T110]  print_report+0xca/0x240
[  318.495010][  T110]  ? jfs_lazycommit+0x74b/0xa90
[  318.495038][  T110]  kasan_report+0x118/0x150
[  318.495070][  T110]  ? _raw_spin_lock_irqsave+0xb3/0xf0
[  318.495110][  T110]  ? jfs_lazycommit+0x74b/0xa90
[  318.495143][  T110]  jfs_lazycommit+0x74b/0xa90
[  318.495182][  T110]  ? __pfx_jfs_lazycommit+0x10/0x10
[  318.495210][  T110]  ? __pfx_default_wake_function+0x10/0x10
[  318.495246][  T110]  ? __kthread_parkme+0x7b/0x200
[  318.495271][  T110]  ? srso_alias_return_thunk+0x5/0xfbef5
[  318.495299][  T110]  ? __kthread_parkme+0x1a1/0x200
[  318.495329][  T110]  kthread+0x711/0x8a0
[  318.495360][  T110]  ? __pfx_jfs_lazycommit+0x10/0x10
[  318.495388][  T110]  ? __pfx_kthread+0x10/0x10
[  318.495415][  T110]  ? srso_alias_return_thunk+0x5/0xfbef5
[  318.495445][  T110]  ? _raw_spin_unlock_irq+0x23/0x50
[  318.495481][  T110]  ? srso_alias_return_thunk+0x5/0xfbef5
[  318.495509][  T110]  ? lockdep_hardirqs_on+0x9c/0x150
[  318.495532][  T110]  ? __pfx_kthread+0x10/0x10
[  318.495562][  T110]  ret_from_fork+0x439/0x7d0
[  318.495588][  T110]  ? __pfx_ret_from_fork+0x10/0x10
[  318.495616][  T110]  ? __switch_to_asm+0x39/0x70
[  318.495647][  T110]  ? __switch_to_asm+0x33/0x70
[  318.495677][  T110]  ? __pfx_kthread+0x10/0x10
[  318.495707][  T110]  ret_from_fork_asm+0x1a/0x30
[  318.495748][  T110]  </TASK>
[  318.495756][  T110] 
[  318.684994][  T110] Allocated by task 9290:
[  318.689312][  T110]  kasan_save_track+0x3e/0x80
[  318.693992][  T110]  __kasan_kmalloc+0x93/0xb0
[  318.698582][  T110]  __kmalloc_cache_noprof+0x230/0x3d0
[  318.703957][  T110]  jfs_fill_super+0xc2/0xd80
[  318.708549][  T110]  get_tree_bdev_flags+0x40e/0x4d0
[  318.713664][  T110]  vfs_get_tree+0x92/0x2b0
[  318.718075][  T110]  do_new_mount+0x2a2/0x9e0
[  318.722580][  T110]  __se_sys_mount+0x317/0x410
[  318.727249][  T110]  do_syscall_64+0xfa/0x3b0
[  318.731737][  T110]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  318.737612][  T110] 
[  318.739911][  T110] Freed by task 5867:
[  318.743863][  T110]  kasan_save_track+0x3e/0x80
[  318.748525][  T110]  kasan_save_free_info+0x46/0x50
[  318.753531][  T110]  __kasan_slab_free+0x5b/0x80
[  318.758284][  T110]  kfree+0x18e/0x440
[  318.762172][  T110]  generic_shutdown_super+0x135/0x2c0
[  318.767530][  T110]  kill_block_super+0x44/0x90
[  318.772196][  T110]  deactivate_locked_super+0xbc/0x130
[  318.777552][  T110]  cleanup_mnt+0x425/0x4c0
[  318.781951][  T110]  task_work_run+0x1d4/0x260
[  318.786531][  T110]  exit_to_user_mode_loop+0xec/0x110
[  318.791807][  T110]  do_syscall_64+0x2bd/0x3b0
[  318.796381][  T110]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  318.802258][  T110] 
[  318.804556][  T110] The buggy address belongs to the object at ffff888027de9a00
[  318.804556][  T110]  which belongs to the cache kmalloc-256 of size 256
[  318.818586][  T110] The buggy address is located 148 bytes inside of
[  318.818586][  T110]  freed 256-byte region [ffff888027de9a00, ffff888027de9b00)
[  318.832363][  T110] 
[  318.834666][  T110] The buggy address belongs to the physical page:
[  318.841049][  T110] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x27de8
[  318.849788][  T110] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  318.858266][  T110] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  318.866221][  T110] page_type: f5(slab)
[  318.870186][  T110] raw: 00fff00000000040 ffff88801a441b40 ffffea0001514b80 dead000000000005
[  318.878748][  T110] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  318.887314][  T110] head: 00fff00000000040 ffff88801a441b40 ffffea0001514b80 dead000000000005
[  318.895966][  T110] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  318.904621][  T110] head: 00fff00000000001 ffffea00009f7a01 00000000ffffffff 00000000ffffffff
[  318.913271][  T110] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[  318.921917][  T110] page dumped because: kasan: bad access detected
[  318.928305][  T110] page_owner tracks the page as allocated
[  318.933996][  T110] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5889, tgid 5889 (syz-executor), ts 96097465139, free_ts 96086141403
[  318.955341][  T110]  post_alloc_hook+0x240/0x2a0
[  318.960103][  T110]  get_page_from_freelist+0x21e4/0x22c0
[  318.965632][  T110]  __alloc_frozen_pages_noprof+0x181/0x370
[  318.971423][  T110]  alloc_pages_mpol+0x232/0x4a0
[  318.976264][  T110]  allocate_slab+0x8a/0x370
[  318.980746][  T110]  ___slab_alloc+0xbeb/0x1420
[  318.985418][  T110]  __kmalloc_noprof+0x305/0x4f0
[  318.990255][  T110]  fib_create_info+0x1728/0x3210
[  318.995182][  T110]  fib_table_insert+0xc6/0x1b50
[  319.000017][  T110]  fib_magic+0x2c4/0x390
[  319.004249][  T110]  fib_add_ifaddr+0x38d/0x5f0
[  319.008916][  T110]  fib_netdev_event+0x382/0x490
[  319.013755][  T110]  notifier_call_chain+0x1b6/0x3e0
[  319.018846][  T110]  __dev_notify_flags+0x18d/0x2e0
[  319.023863][  T110]  netif_change_flags+0xe8/0x1a0
[  319.028786][  T110]  do_setlink+0xc55/0x41c0
[  319.033190][  T110] page last free pid 5874 tgid 5874 stack trace:
[  319.039491][  T110]  __free_frozen_pages+0xbc4/0xd30
[  319.044596][  T110]  __put_partials+0x156/0x1a0
[  319.049251][  T110]  put_cpu_partial+0x17c/0x250
[  319.053997][  T110]  __slab_free+0x2d5/0x3c0
[  319.058391][  T110]  qlist_free_all+0x97/0x140
[  319.062966][  T110]  kasan_quarantine_reduce+0x148/0x160
[  319.068412][  T110]  __kasan_slab_alloc+0x22/0x80
[  319.073250][  T110]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  319.078697][  T110]  fib_table_insert+0x4a7/0x1b50
[  319.083616][  T110]  fib_magic+0x2c4/0x390
[  319.087848][  T110]  fib_add_ifaddr+0x144/0x5f0
[  319.092514][  T110]  fib_inetaddr_event+0x12e/0x190
[  319.097529][  T110]  notifier_call_chain+0x1b6/0x3e0
[  319.102621][  T110]  blocking_notifier_call_chain+0x6a/0x90
[  319.108323][  T110]  __inet_insert_ifa+0xa13/0xbf0
[  319.113247][  T110]  inet_rtm_newaddr+0xf3a/0x18b0
[  319.118175][  T110] 
[  319.120474][  T110] Memory state around the buggy address:
[  319.126078][  T110]  ffff888027de9980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  319.134119][  T110]  ffff888027de9a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  319.142164][  T110] >ffff888027de9a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  319.150203][  T110]                          ^
[  319.154772][  T110]  ffff888027de9b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  319.162812][  T110]  ffff888027de9b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  319.170850][  T110] ==================================================================
[  319.178891][  T110] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  319.186069][  T110] CPU: 0 UID: 0 PID: 110 Comm: jfsCommit Not tainted syzkaller #0 PREEMPT(full) 
[  319.195161][  T110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  319.205202][  T110] Call Trace:
[  319.208463][  T110]  <TASK>
[  319.211376][  T110]  dump_stack_lvl+0x99/0x250
[  319.215960][  T110]  ? __asan_memcpy+0x40/0x70
[  319.220537][  T110]  ? __pfx_dump_stack_lvl+0x10/0x10
[  319.225724][  T110]  ? __pfx__printk+0x10/0x10
[  319.230315][  T110]  ? srso_alias_return_thunk+0x5/0xfbef5
[  319.235947][  T110]  vpanic+0x281/0x750
[  319.239921][  T110]  ? __pfx_print_hex_dump+0x10/0x10
[  319.245107][  T110]  ? __pfx_vpanic+0x10/0x10
[  319.249606][  T110]  panic+0xb9/0xc0
[  319.253317][  T110]  ? __pfx_panic+0x10/0x10
[  319.257718][  T110]  ? srso_alias_return_thunk+0x5/0xfbef5
[  319.263342][  T110]  ? srso_alias_return_thunk+0x5/0xfbef5
[  319.268964][  T110]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  319.274865][  T110]  ? jfs_lazycommit+0x74b/0xa90
[  319.279707][  T110]  check_panic_on_warn+0x89/0xb0
[  319.284640][  T110]  ? jfs_lazycommit+0x74b/0xa90
[  319.289481][  T110]  end_report+0x78/0x160
[  319.293716][  T110]  kasan_report+0x129/0x150
[  319.298208][  T110]  ? _raw_spin_lock_irqsave+0xb3/0xf0
[  319.303577][  T110]  ? jfs_lazycommit+0x74b/0xa90
[  319.308419][  T110]  jfs_lazycommit+0x74b/0xa90
[  319.313088][  T110]  ? __pfx_jfs_lazycommit+0x10/0x10
[  319.318274][  T110]  ? __pfx_default_wake_function+0x10/0x10
[  319.324073][  T110]  ? __kthread_parkme+0x7b/0x200
[  319.328999][  T110]  ? srso_alias_return_thunk+0x5/0xfbef5
[  319.334624][  T110]  ? __kthread_parkme+0x1a1/0x200
[  319.339642][  T110]  kthread+0x711/0x8a0
[  319.343704][  T110]  ? __pfx_jfs_lazycommit+0x10/0x10
[  319.348894][  T110]  ? __pfx_kthread+0x10/0x10
[  319.353476][  T110]  ? srso_alias_return_thunk+0x5/0xfbef5
[  319.359100][  T110]  ? _raw_spin_unlock_irq+0x23/0x50
[  319.364303][  T110]  ? srso_alias_return_thunk+0x5/0xfbef5
[  319.369924][  T110]  ? lockdep_hardirqs_on+0x9c/0x150
[  319.375108][  T110]  ? __pfx_kthread+0x10/0x10
[  319.379688][  T110]  ret_from_fork+0x439/0x7d0
[  319.384266][  T110]  ? __pfx_ret_from_fork+0x10/0x10
[  319.389364][  T110]  ? __switch_to_asm+0x39/0x70
[  319.394119][  T110]  ? __switch_to_asm+0x33/0x70
[  319.398878][  T110]  ? __pfx_kthread+0x10/0x10
[  319.403461][  T110]  ret_from_fork_asm+0x1a/0x30
[  319.408223][  T110]  </TASK>
[  319.411421][  T110] Kernel Offset: disabled
[  319.415728][  T110] Rebooting in 86400 seconds..