last executing test programs:

49.528215133s ago: executing program 4 (id=1887):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f00000000c0)=0x3)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0x8a5, 0x93, 0x1, 0x2, 0xd59f80, 0x196f, 0x100, 0x19ef, 0x2800, 0x5, 0x2800, 0x2, 0x3, 0xbb6, 0x16, 0x10, {0x81, 0xfffffff8}, 0xd0, 0x9}})

12.813148661s ago: executing program 1 (id=2143):
r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x20000000006a, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x3, 0x2, 0x1})
ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000540)={0x0, 0x3, 0x2, {0x2, @win={{}, 0x0, 0x2, 0x0, 0x0, 0x0}}})

12.466198093s ago: executing program 1 (id=2147):
unshare(0x20000600)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001740)={&(0x7f0000001580)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@enum]}}, 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f000000b5c0)={0x8, 0x3, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}}, &(0x7f0000000080)='syzkaller\x00', 0x7, 0x94, &(0x7f00000000c0)=""/148, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)

12.255112377s ago: executing program 1 (id=2150):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000300)=ANY=[@ANYBLOB="1201000000000040630437c539340100000109022400010000000009040000010300000009210000400122050009058103"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000780)={0x24, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="002205"], 0x0}, 0x0)

10.049247996s ago: executing program 1 (id=2164):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000001140)={[{@abort}]}, 0x25, 0x4a6, &(0x7f0000000a40)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
mount$bind(&(0x7f0000000400)='./file0\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount(0x0, &(0x7f0000000040)='./file0/../file0\x00', 0x0, 0x20, 0x0)

9.035391951s ago: executing program 1 (id=2167):
r0 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
writev(r0, &(0x7f00000000c0)=[{&(0x7f00000004c0)='4', 0x1}], 0x1)

7.955343317s ago: executing program 1 (id=2174):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000080), 0x4)
sendmmsg$unix(r0, &(0x7f000000a040)=[{{&(0x7f0000000540)=@abs={0x1, 0x0, 0x4e1e}, 0x6e, &(0x7f0000000640)=[{&(0x7f00000005c0)="04789c6e36dfc6faa5e91f0f4ffb8cc3725aa49007bc", 0x16}, {&(0x7f0000007d80)="b4badb0953ad09cc9e3dde1c7b5443176d47e1c0990f7fb2daafebb31e8328007165d264adea892e4956d80ef882de27b2c496e5fc02cf6f0815e58fd0bcdf92144c33bd393d8361ed571ba3e14e4446c4b480a3aacd0ea0a84ad4f34adf8b4c771f79fdb61e5e60c44257312b4eb1eae3f2be6e85f06d675d04a1824db22e705d761c9102b7660850b1c860b4dda696d5ec32dbc579465fc9f7c367fb9a5ba8675ebd149583e8255c77aada59a099ef8f95caa3156f74d64ada80ea80d47813de4fdc2f0701bde64bf9f8e56605eb06fe36b629fb9cdb030eda7018a85d676503611cfa032aa9691aead3864486a82c8069f38d9e68762d345d36965f1dbd52e1e2c9a4504276c1f9f7d02c4a2fa1e129eb33b896a28a92cbfbc2a71a628ab5a931874c9ef3fb22d62ed48d4b6f4e6c7d44379893a1f2d8bb41aab553c5a6322329193672f3c5d23c6f4c1b2830207fb54ddcd6ab23ac17a63a96a950026ce2216b16a688c03578540f42ecfa7ccc630e5bd0548cc308393d9a8ba11fb7f7dbcff00ff99880d20e2bc46d33226db6898782729c0223f4c9448c50c8c718c61e1bedef5cf23ea0e5e3a6c74facf6118d3962eaeca8e1b3f50349e918b03c768d0cf13e6b4adddd82e77b3b6a9f7782e44a9622109b8867598f58c5795ddf7aa91669beba77f2057e986e75edf8f281de013b6689ccc6e0cfab6bde502ff2838e451dc701286ea1a82713ad99ab9b550d86de0145e2f999365e1db8c8e39f1e9255d06f74e6d1adf6be05f7947d20d552eb5d023b98b739181cad2a1f9597ae57ef7371395aa9a56a7429788a7b4d6a8f52337915c235662076cd76097d4619d43990562f83b4f04a54855712fe931ada2a032bafb50872102740c3606f237c3ec8e0bf7e3e15f2519016a88423fedfa9a065d60bfc67f0da2311543ef00200cbd6bb40abda8585e120603032170b5f8bd29b91992901df4930b89a112e374289acb25fa00a074178385b7a156661275980ca5fc45bb8443a8788fe891dcee8df5a672724c70190b70a57b87a5603764f9649448333bd51ce765bd57088539be83cbe4ffb0cb5eb3c46564538f1c9e2132310c1dc709c45eb82a8fe2d6e24ae345c630d0946a0e0e43057031fcecfa51cc90bfa6a10c1d4bbd02e1da0f2e585d8b40857066642215302f0336fa53ec32fc1e20110a1d0d6d9c8abc0d8a739a04c721bd8c95739f75f1747f9c1381e2843c06d48ecd20e46bb45172c71748849c40bb150caa2b02a493ffccd0ecfbd90fa82ff79521f30eeae933acbfb49ca3003d3ba9b48fec13a2d4a702d7c6f1081b518b291ebcf869d2c1cb609803584ee81f6e8411a5a5f7a345872a4958efa9a51e47d06eb6413417f12c4fc9acd5d3cf64a8fc4f8442dc66ffef5bc20f7d3586f62cc042a48bbcad4435b1f7f931d21923d85a637c2d4a335753daa816699e1d44b27abf8ddc0aaef852f6ef5756756ee05627b0cba4e1f2c67be129ea5f008f9ca7f73a991adf96f3df6d060ff4879bc8687c6715c16406d2a451b169373c387141b9124cc4611ccbfe140636128cc094c88e4297e4379feed75446c73fd46262a7461bbc3f170557cd00fdd6156b17d1430e12ebe7f0405c03dacaa914adb34210eede881dbc946f6691b62a57e157f6df439d3fcc49b62d80bc44649b35982364ccf5e7e65e1b1fac179aac389e5bb466ee215a0bfd1f2b173c807144f5f18842197f722cd6fa2741bd313b90a386331a4fb45015665d195ba482099ac07dd5c209bc05f3508ea815333ad22f79e2f2ba278dfb0ce9deb34748d378bf2a8f42dcf1fd039a21dd3ed104fd8b9a9228d86aac7b6001e38e24a0045d4579dc1d7b96426d6c4fe88a6b56648306c8dcf6360f2a33aab226504c6f570266475980f06ca0bfa2eaee5b6c8ffb6a3692e5c004664169ed9b78257220419322c433cf0190d6554c5c42ffca6eba3b2902131a389387da75ba3d6a1ac80f0deac07727a890e9af2f0933bd533dedd9f901723903c7914532aa22fcb362ad8c1a068add6616e04daa4d29e630e98e36c80e9ffcb9e0f16279775c4f9f8f382b1c8ebcca6298f5bb423e77a1709dee43d905d146acad4ec3aa84d16ae9e4129a3d14905bb63abf71b76ef04f90c60b691eac9b0da97f8699a829962535aaecfa2bea4adb7e1bc8e47664dfab9a13ef4c2bb79749fdd6fe9792fb3d6764691a6ddd354fa070a8d962bca419e4ba6469b123294940b667d5d6b048b6e879b72863f03c5fd322f651cecf676f7a95fe67503448608d595ad02ceced1e35af473811c3d4a03a727f15cf45e84a6088790fa8f998332415295191fa3e4f096bbb98948a3981bfc22fce10e55541213977de0ef2626c3f9024f7ff7093100661b4ef47013539e37abcd9ee0993c6feead778d39ea6d72fa5e4698831e1dd18bd953045769c610293fffcad91908cb41ca08d1e4077a69e0d60bbe193428ec3b54b68875876b923679b7bd6d1671930c17baa4ce22e7c872b09c7ef3e01152dd05d0a70044444ce7276756e8ff644b5c14d358922ba460f425c3d12f06373fab2c6a4609121a91f8c075660c469e554b9119a55fe80cb72cab06d298822f123405ee6634bf3a71f02c013ebca00d75efdacf1fa937a2f428d5a844ccba93612b1dec1d00f6ec7a36a4b57d3c70eca5d06b434b3bc65fd88a52efa85c139766f009cc65522c5b5aeba6786cde1d2b8ba5fc03e9f6d572fb7beec6378c30ba58d80807a44465be36cac40d49ada5eee7c966d1f25e9f7054e49bc26b77981c9391f3c7a9ba7d265d8c08c39b5d474d1a77777c0595799a699a62bda6267cefa978c1bae67eeb7af4f2ef71fdaeac6ffe1f193255188dabfbceb08d0ae810453dca37ef7b4537d0bd2ae1b57723c67f746075e83d27ea440feaf63d8fee5ec35d43509784217ef84a89838077f516814e498910a7d66727855ccdadaf0f595c4df48dbbbc76a8edc81ad7a221488887281e94bc8051fe6f1509e8969bc1560361cf9daa72dd4de459d6e463efaa1ab44c036a12afd97a6a8c57a58e2facef4762eb6211201f90c167e317e91a729eb1e20d37a4df98e6c067c16903e471698cb327188342edbbd2a52be10bb22e022763b7bf7e0be8cb6d94cc77c6dc177f8948dc3ce7ee2fa8a3177cd6f8b6cafb3f251b22ee56433db067af2121e23e4238e4d53100c5a82e94968c9743cbfc7a8f0240f5a2a90da4af73f6416e6806dfadd6196e0da3696c2be2a79c4e6ea4247f34ea42c52965b2aaca1c7079389541970b4db47a40a6edfa6e4feac116a8f62905274c217c8c9be8d92194419aac1d02bca3ff12862f41f95dfe138a1ac681ec6965ae318adf5d716078b656960259da642def3cbcc4954b563c703e7e9b25a15f76a2f63d9e81aed97f99b693f6e15960796db01bc1f40c624dcc0c9a754b4592f4050770092b47ee13e9ea819da2b0e6e8fc9ed99ed258b094c2a8c0857ede7b8ef7372c798fb0fb7ad425d86dc1645380a4dc7e01d545a33981f4024c042459b31f8823b48f812d6a6b7e55ca6262302ee78840829e989c0d288e00006acedee0d81af69a1b2a108552ced0fcb6d3680b489ae70eccda7937048a1b0ef4c7763cea606c43d9c00f7e6a08c606c0b71127b1eb7fa78b1036d2e00cd780e25b0f82cab90fb9415794d00c91e793989fa1c6e1329f670790dac89292f0471c1b22d5d5552b13da3dc80e8c1d722b0cbeb7a1552977c1af1b9b412d2e795c81ce3bd9162c63a608a5364d79ff2cdc5f82e5b00d2718bb96cc375c0011aba97730a2e98a148783e8796830fa7c1bf3d2983a1fb0c27e19f6f462c6b60b320924cbcf7aa57cefd80ee761992a5e691788dfad193869147a5ee986dfdec3cff2220e67be9254b6f96c619d49c8b0a1f2936710bcc440a7b376f664445386f1f37c457067d3c7202642065905110cff698c1df6f6641b08b26dc155f19005fdd324198b27895382b27c61a6f1fee1a29b973da3b224d88f14e6f13ce67620d3c245e5d23315082fbd58f2bf58f4c34a1ab9c63040828f623d4dd8e42c13d88d62229ae097698b4043167b871c36fb99d0f4f23590e378be973fbde5655cfac296aa40a9f9667e8e2a6b79370cbb66c3bbf48c1cef5456d351a176f5200e8fa8220664aa31d189b4b3a370edcc9e9abdc9ac33d3a2fb1044c97d46787bba14429ce03cfde8513aa1db8a576c191d4c0d8ce488f8bfb7614184236524d1d7a9fa8eb9e8555010750796283769209571bab14b8287d46fae16aa05cfae6a556226ec38255b15c3354ad3fb640a4d2ed52393a4622e6c05ad65f37ef39a1cadd1927e4708aced2d91959863683b29166873be37789a2f04085558f71f9a27e6012da7bff1f1c33a478d1f96135ba864cbeb35247514babb568ace55f400e8e6f4c3b4e897a7095b792a7e685d5d37fae4d544358ba62832509a0c1e8fb38ca752098e976a2e1ff14fbb97584f3b4f6d2200824ebb685be5e6261a3aa24c181893e6a516040ee6a9631014a8364601b1f52340c2a82b8c6471f1bb447e38805e8ee2d9e5ce09a8f726241f06455404992d404f5b98dd5212c8fc50f62698994797a98f5a20620feb1a084a2959b29dd1048659119e98637828319e6260946932411a31e2ee6c11e9f632fe246dffa9e67156f98572440bd7414e40c75e2bc05961de485e74dcd3e9f58574dbdf8cc57b17e81a5ef521e556420bf381ea481aede65b95cd9f362d84ba01c2ba956862d887f4c10ecfadb604e2fb0415fa58af2e55bf677b94dde881dc7ccdd4affa11f5e65e50d2de8d0b24632b973fbd4eee3cf7b7f95ec0b22f7cb502166dc481b16d49eda0cb3b1d52f88064a1889535b27040e4466821ef7e6314a47e0dfafa41db63ad9f6c474591750ca15dec8d625ada3f5745dba2409418a4b50736cb9a6f7cf75ed6cb1a5fed21b6be63dcecaab1ff5bc4ea8f059144d1a1f368ca2e3354ff0a529d1b7610b666be6baac01e7ac12d79278cbdbcd06aed2cdcd50e502c3204ef0ac764b59168222ebfaf459de8babd290d3736835b9546781dd8983477480c66edc3d0573393352a7aa9d9ffb1646e75a6a102b445315b5ed9342beb0ade8ba798a7185573a5dc9a64069169ffbec5ff742ce66ae571eb4fb5f6692047878451e963c9a901e395e7cffbc06fcba8e38764a5587eccbb9cb9fb8f007be76557b0b6ef71f8f0b738d20dfa3608ec67b39af1ad91bdff589a869ffab5e43d997e5b7609bc7ddcaad4eee2f9730de3e1359f1796371351a00aa08b09bb4ac45d3faf838dd082cb72e5b2b0d397e95841c28586f641fa3a503cdd4d17b2183b18d4ffde13a6f860762bf8bb2e0a16464be7e6b068a12a5db91a76d314e007202cb750bae934e94834dbdee7205347d18bc1e6c9f0956e5e898e474dc6f59aa282e8fd7869cf14d66e5e42c914ff30cebfdfb5f648e333671eae3d75a3038c9c8268f4ceb7409b18be5a8cfc3b94c0543c20a6d97a9684675d9c0e9989739112e62f1cf8fa9f2b75bcb339907d5594e0a1e8639947d7a67debd81b5cabdb4d3447bfcba1c29b7a6322fea8ad7d794995d54bb246848ea82674713994c88f9f6bc5efa75bff7d3f73043a958ab5f50d936cef3dc2f19e99655d8751bcb7a96d1fd8c793efea75c41f76043637cac70a380155f7a9e14d83b14827e7c91e97189bc58bb02651315f4c32d1a17fd6ade7cbab58b84647349577c48bcf77c829055722", 0x1000}, {&(0x7f0000008d80)="1db0e6bcd3c6bcd4bfa14362fb6b0f96968c757e60d990e61eeceeb74d831fbd950af55b803f4daa2ab2a04ba1ddade8086e6158a80f51aa93433285ceca315311bff3eacddd1ae836c27d4ecafc90818c73100505ea36620b8cc0f2592c2b6d3e3027ec8a8b5bbede265c4cd0103d532e7dfbc1bc34d01228b2ccdcec07d6266a9e0a3ab21652c436aa8cb1a3bc656da477e0acbf80d7dcd9698328217de3595eda024d020ed64026318f5d30c464d4426962b05e53f08cf3d53c9418bed8a18b9ba07cfb45564c7c26751502602c3948694180bc2f00c53846af6f8fb10ce61ada3e3aea1a35e2ff2684804e607c5db80e31b7e7b8719c34bbeb814906cfc202c4113f4bb36ec8ead60ce78dc1c62bbd310187c67351c68f0966a1a2abef9c671858e763138a647d08442f79d30915fe8f4445985d8d655d42edb91fa0bbc08e01cfd883a0ca7fb5a98a7e6cb47b9af43c1cad0544b02ec83de3aa051ab679b675bc44e1e4d257b5525d4bb33ff61b03ac8eb17bd1d822b478c8de34ce89a6224253691ffefee51159808cbca2fe1e0a9e0529e8f08bf6c8c2470e1a988b1dad408f9f064b7d137199bdc048c7565eefe3415fe911a85fb3b843768d4cbd5e746ddf1e6497e36ee187b6", 0x1cb}], 0x3, 0x0, 0x0, 0x1}}], 0x1, 0x4000004)

6.735796174s ago: executing program 2 (id=2184):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f00000000c0), 0x10)
sendmsg$can_bcm(r0, &(0x7f0000000180)={&(0x7f0000000040), 0x10, &(0x7f0000000080)={&(0x7f0000000100)={0x5, 0x500, 0x0, {0x77359400}, {0x77359400}, {0x0, 0x0, 0x1, 0x1}, 0x1, @can={{0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, "8d416cfa6fc2313e"}}, 0x48}}, 0x0)

6.353553153s ago: executing program 2 (id=2186):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r0 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000))

6.233980819s ago: executing program 4 (id=1979):
syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000240)='./file1\x00', 0x80c406, &(0x7f0000000540)=ANY=[@ANYBLOB="646f74732c646f74732c646d61736b3d3030303030303030303230303030302c6e6f646f74732c646973826172642c6e66733d6e6f7374616c655f726f2c6769643d", @ANYRESHEX, @ANYRES8], 0x1, 0x291, &(0x7f0000000280)="$eJzs3M9r034YwPGn6dZ0+7Ifpy/oxQe96CXMelQPVTYQC0q3inoQMpZpaG1HErQVwZw97e8YHr0J4j+w/8LbEGSnnYyszbKs+4Wza2f7fkHJkzz5tE8SUp5PId16uv66uupbq3YgRl7FEAllR2RWXNmTiZe5dpxLtsvdgoRyY+7N9sfFZ88fFkul+bLqQnHpVkFVp698ffv+09VvwX9PPk+bpmzOvtj6Wfi++f/mpa1fS69cX11f641AbV1uNAJ7ueboiutXLdXHNcf2HXXrvuMdyK/WGmtrLbXrK1OTa57j+2rXW2pIS4OG5uOq6mpZlk5N7sZ5GSG5Px5R2SiX7eK5FIMLw/OKdlZEJg7dDZWNwVQEAAAG6fj+30j22ev/je7+X+SU/v9DvNf0l573/1lJ+v+q0+7/A6+l9kvbTff/ONHZ+n/jfIrB38iEqZV7B1KeV5w4ehD9PwAAAAAAAAAAAAAAAAAAAAAA/4KdKJqJomhmd2mISBSvmyKSTa0fMXSknq0fVunrH6VeZnyBT7j+GAKpB/fyIj/CZqVZybSXnfzCg9L8nLalHvzbbjYr2SR/s5PXg/lxmYzzhSPzObl+rZPfzd1/VErn15uVCVk5sfKwV6cAAAAAAIChZ2liNtmYl2R+b1lqSne+PX/vROH+7wNd8/sxuTzWv+MAAAAAAADH81vvqnat5nj9CbJ9/KwzByJnG347MntSRlZETtmnvCgy+BN1KDDlQpQxzMGdnr1hlBHpbBmPvwy67gIAAAAAw2V/PjDoSgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGF39+OuyQR8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcFH8DgAA//8sg70h")
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="2c00000019000100000000000000000002180000"], 0x2c}, 0x1, 0x0, 0x0, 0x2400c000}, 0x0)

6.034852838s ago: executing program 2 (id=2188):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000006400)=ANY=[@ANYBLOB='iocharset=iso8859-2,quota,errors=remount-ro,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c6e6f646973636172642c646973636172643d307830303030303030303064303030303030382c6572726f72733d72656d6f756e742d726f00646973636172643d3078666666666666666666666666666666612c646973636172643d3078303030303030303030303030303030392c756d61736b3d3078303030303030303030303030306663652c71756f74612c6e6f71756f74612c75737271756f74612c6e6f696e746567726974792c66736e616d653dd2c4a1e3ac16f4d301128fe19757c17a4d269f2a0180000000000000ba071664ca39efa589a1fb6dc916863eafa265fb79ca5afc7f1813c864a45a8e75602c646566636f6e746578743d757365725f752c617564"], 0x1, 0x612b, &(0x7f00000002c0)="$eJzs3c1vHGcdB/DfvvqltLV6qEqEkJuWl1KaxEkJgQJtD3Dg0gPKFSVy3SoiBZQElFYWceULB078BSAkjghxRBz4A3rgyo0TJyLZSKCeGDT288TjzW7t1PHO2s/nIzkzv3lmvc/4u7MvmZl9AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACI73/vByudiLj287RgKeIz0YvoRizU9XJELCwv5fX7EfFc7DTHsxExmIuob7/zz9MRr0bER09FbG2vr9aLLx6yH9/9499/98Mn3vrbHwbn//unO73XJq139+6v/vPne0fbZgAAAChNVVVVJ33MP5M+33fb7hQAMBX59b9K8vJTX//6n2/9ZZb6o1ar1Wr1FOqmarx7zSIiNpq3qd8zOBwPACfMRnzcdhdokfyL1o+IJ9ruBDDTOm13gGOxtb2+2kn5dpqvB8u77flckH35b3QeXN8xaXqQ0XNMpvX42oxePDOhPwtT6sMsyfl3R/O/tts+TOsdd/7TMin/4e6lT8XJ+fdG8x9xevLvjs2/VDn//iPl35M/AAAAAADMsPz//0stH/+dO/qmHMonHf9dnlIfAAAAAAAAAOBxO+r4fw8Y/w8AAABmVv1Zvfabp/aWTfoutnr51U7EkyPrA4VJF8sstt0PAAAAAAAAAAAAAChJf/cc3qudiEFEPLm4WFVV/dM0Wj+qo97+pCt9+6FkbT/JAwDAro+eGrmWvxMxHxFX03f9DRYXF6tqfmGxWqwW5vL72eHcfLXQ+Fybp/WyueEh3hD3h1X9y+Ybt2s66PPyQe2jv6++r2HVO0THHpNB+mtOaG4pbABIdl+NtrwinTJV9fSkNx+wj/3/FFqKpbYfV8y+th+mAAAAwPGrqqrqpK/zPpOO+Xfb7hQAMBX59X/0uMCR6u6E9ojH8/vVarVarVZ/qrqpGu9es4iIjeZt6vcMhuMHgBNmIz5uuwu0SP5F60fEc213AphpnbY7wLHY2l5f7aR8O83XgzS+ez4XZF/+G52d2+Xbj5seZPQck2k9vjajF89M6M+zU+rDLMn5d0fzv7bbPkzrHXf+0zIp/+HOJXPlyfn3RvMfcXry747Nv1Q5//4j5d+TPwAAAAAAzLD8//9Ljv/mTQYAAAAAAACAE2dre301X/eaj/9/bsx6rv88nXL+nUfNfyHNy/9Ey/l3R/L/8sh6vcb8/Tf39v9/b6+v/v7Ovz6bp4fNfy7PdNIjq5MeEZ10T51+mh5l6x62OegN63sadLq9fjrnpxq8EzfiZqzFhX3rdtPfY699ZV973dPBvvaL+9r7D7Vf2tc+SN87UC3k9nOxGj+Jm/H2TnvdNnfA9s8f0F4d0J7z73n+L1LOv9/4qfNfTO2dkWnt/ofdh/b75nTc/bxx4/O/vHD8m3Ogzeg92LamevvOttCfnb/JE8P42e21W+fuXr9z59ZKpMm+pRcjTR6znP9g52du7/n/hd32/Lzf3F/vfzh85PxnxWb0J+b/QmO+3t6Xpty3NuT8h+kn5/92ah+//5/k/Cfv/y+30B8AAAAAAAAAAAAAAAD4JFVV7Vwi+kZEXE7X/7R1bSYAMF359b9K8nK1Wq1Wq9Wnr26qxnu9WUTEX5u3qd8z/GLcLwMAZtn/IuIfbXeC1si/YPn7/urpi213Bpiq2+9/8KPrN2+u3brddk8AAAAAAAAAgE8rj/+53Bj/+cWIWBpZb9/4r2/G8lHH/+znmQcDjD7mgb4n2OwOe93GcOPPx8743Ocmjf99Nh4e/zuPidtrbscEgwPahwe0zx3QPj926V5aYy/0aMj5P98Y77zO/8zI8OsljP86OuZ9CXL+ZxuP5zr/L42s18y/+u3M5b9x2BU3o7sv//N33vvp+dvvf/DKjfeuv7v27tqPL62sXLh0+fKVK1fOv3Pj5tqF3X+Pp9czIOefx752HmhZcv45c/mXJef/hVTLvyw5/y+mWv5lyfnn93vyL0vOP3/2kX9Zcv4vpVr+Zcn5fyXV8i/L1vb6XJ3/y6mWf1ny/v/VVMu/LDn/V1It/7Lk/M+lWv5lyfmfT/Uh8vf18KdIzj8f4bL/lyXnv5Jq+Zcl538x1fIvS87/UqrlX5ac/6upln9Zcv5fS7X8y5Lzv5xq+Zcl5//1VMu/LDn/K6mWf1ly/t9ItfzLkvP/ZqrlX5ac/2upln9Zcv7fSrX8y5Lz/3aq5V+WnP93Ui3/suT8X0+1/Muy9/3/ZsyYMZNn2n5mAgAAAAAAAAAAAABGTeN04ra3EQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/7MDBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzda4xcZ30G8DN7sdcOIQZCcFIDa8cY4yzZ9SW+0LqYcG2AUiCh0Au2612bBd/w2iVQJJsGSiSMiiqqph/aAkJtpKrCqvhAK0rzoerlU9N+oF8qqkpIjaoQBVSktqLZaua87+uZ2dmZXe94PXve309K/t6dM3POnHlndp+1nx0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg2dY3z3y+VhRF/b/G/zYVxYvqf94wvqnxuTfc6iMEAAAAVur/Gv9//o70iSNLuFLTNn/3qn/85vz8/HzxweHfHf3y/Hy6YLwoRtcXReOy6Nq/f6jWvE3wWDFWG2r6eKjH7od7XD7S4/LRHpev63H5+h6Xj/W4fMEJWGBD+fOYxo1tb/xxU3lKizuL0cZl2ztc67Ha+qGh+LOchlrjOvOjJ4vZ4nQxU0y1bF9uW2ts/+2t9X29o4j7Gmra15b6Cvnhp0/EY6iFc7y9ZV/XbzP6wZuK8R/98NMn/vjis3d3mj1PQ8vtlce5c1v9OD8bPlMea61Yn85JPM6hpuPc0uExGW45zlrjevU/tx/n80s8zuHrh7mq2h/zsWKo8eenG+dppPnHeuk8bQmf++97i6K4cv2w27dZsK9iqNjY8pmh64/PWLki67dRX0ovLUaWtU63LmGd1uf09tZ12v6ciI//1nC9kUWOoflh+sFn1i143Je7TqP6vV7sudK+Bvv9XBmUNRjXxdONO/14xzW4Pdz/T+9YfA12XDsd1mC6301rcFuvNTi0brhxzOlBqDWuc30N7m7Zfrixp1pjPrOj+xqcvHjm/OTcJz/1+tkzx0/NnJo5u3f37qm9+/cfPHhw8uTs6Zmp8v83eLYH38ZiKD0HtoVzF58Dr23btnmpzn+1f8/DsS7Pw01t2/b7eTjSfudqq/OEXLimy+fGw/WTPnZ1qFjkOdZ4fHat/HmY7nfT83Ck6XnY8WtKh+fhyBKeh/Vtzu9a2vcsI03/dTqGm/W1YFPTGmz/fqR9Dfb7+5FBWYNjYV38667FvxZsCcf7+MRyvx8ZXrAG090Nrz31z6Tv98cONkandXlP/YLb1hWX5mYu3P/o8YsXL+wuwlgVL2taK+3rdWPTfSoWrNehZa/XI7OvevyeDp/fFM7V2Ovr/xtb9LGqb7Pv/u6PVeOrW+fz2fLZPUUYfbba57PTV/P6+UxZssv5rG/z2cmVfy+ecmnT6+/oIq+/Mfe/UO4v3dRjw6Mj5fN3OJ2d0ZbX49aHaqTx2lVr7Pv5yaW9Ho+G/1b79fjOLq/Hm9u27ffr8Wj7nYuvx7VeP+1YmfbHcyysk9NT3V+P69ts3rPcNTnS9fX43jBr4fy/LiSFlIua1s5i6zbta2RkNNyvkbiH1nW6t2X70ZDN6vt6cs+NrdOd95a3NZzu3XWrtU7H27bt9zpNr1eLrdNar5++3Zj2x3MsrIs793Zfp/Vtntq38tfODfGPTa+d63qtwdHhdfVjHk2LsHy9n98Q1+D9xYniXHG6mG5cuq6xnmqNfU08sLQ1uC78t9qvlZu7rMGdbdv2ew2mr2OLrb3ayMI73wftj+dYWBdPPNB9Dda3ecuB/n7vujN8Jm3T9L1r+8/XFvuZ1z1tp+lm/syrfpx/c6D7z2br25w+uNyc2f083Rc+c1uH89T+/F3sOTVdrM552hyO89mDi5+n+vHUt/nyoSWupyNFUVz++IONn/eGv1/580vf/WbL37t0+judyx9/8LnbT/7tco4fgLXvhXJsLL/WNf3N1FL+/h8AAABYE2LuHwozkf8BAACgMmLuj/8qPJH/AQAAoDJi7h8JM8kk/29+y7OzL1wuUjN/PoiXp9PwULld7LhOhY/H56+rf/7Br8/8+C8vL23fQ0VR/OSh3+i4/eaH4nGVxsNxXntr6+cXXvHykvZ/7JHr2zX3178Sbj/en6Uug04V3KmiKL59xxcb+xn/0NXGfOqhY435viuPP1bf5vlD5cfx+s+8rNz+D0L598jJ4y3Xfyach++HOfXOzucjXu8bV1+35cAHru8vXq+27cWNu/3Eh8vbjb8n50uPldvH87zY8f/VF578Rn37R1/T+fgvD3U+/ifD7X49zP95Zbl982NQ/zhe73Ph+OP+4vXu/9p3Oh7/tc+X259/W7ndsTDj/neGj7e/7dnZ5vP1aO14y/0q3l5uF/c/9d3fblweby/efvvxjx292nI+2tfHU/9c3s5k2/bx83E/0V+07b9+O83rM+7/yd861nKee+3/2vueeWX9dtv3f1/bdsNt12//jU1/+LkvdtxfPJ4jf3a+5f4ceW94Hof9P/HhsB7D5f977Yst+42Ovbf19Sdu/5VNl1vuT/SOH5X7v/bGU435H+M//v3bXnT7i6+8un7uiuLp95e312v/p/7oXMvxf/WuXY3HI14eO/rt+19M3P+FT0ycPTd3aXa66aw2fnfOu8rjWT+2YWP9eO8Ir63tHx89d/EjMxfGp8animK8ur9C74Z9LcznynFludff9Uh4PO/5vW9v3PFPX4if/5eHy89ffWf5deu1Ybsvhc9vKh+/+doK9//E1rsaz+/aU+XHLT32Ptiy/T8PLmnDcP/bvy+I6/38yz/SOA/1yxpfN+LzeoXH/73p8na+Fc7rfPjNzNvuur6/5u3j70a4+v7y+b7i8xde5uLj+ifh8X7398vbj8cV7+/3wvcx39nc+noX18e3Lg+1337jt3hcCa8nxZXy8rhVPN9Xn7+r4+HF30NSXLm78fHvpNu5e1l3czFzn5ybPD179tKjkxdn5i5Ozn3yU0fPnLt09uLRxu/yPPrRXte//vq0sfH6ND2zf18xtaEoinPF1Cq8YN2c46//aWnHf/6RE9MHpnZMz5w8funkxUfOz1w4dWJu7sTM9NyO4ydPznyi1/Vnpw/v3nNo74E9E6dmpw8fPHRo76GJ2bPn6odRHlQP+6c+NnH2wtHGVeYO7zu0+4EH9k1NnDk3PXP4wNTUxKVe1298bZqoX/vXJy7MnD5+cfbMzMTc7KdmDu8+tH//np6/DfDM+ZNz45MXLp2dvDQ3c2GyvC/jFxufrn/t63V9qmnu38rvZ9vVyl/EV7znvv3p97PWff0zi95UuUnbLxB9Nvwumn94yfmDS/k45v7RMJNM8j8AAADkIOb+dWEm8j8AAABURsz968NM5H8AAACojJj7x8JMMsn/+v/6/0vr/5eX6//n1f8///GyV7rW+/+xP6//n4db3P9f8f71//X/q9f/X3p/fq0fv/6//j8LDVr/P+b+DUWRZf4HAACAHMTcvzHMRP4HAACAyoi5/7YwE/kfAAAAKiPm/heFmWSS//X/l9T/39OrcFX9/r/3/9f/L9Zm/z8+OPr/2Vh2//4DD7d8qP8f6P/r/+v/6//r/7Nio4tecqv6/zH33x5mkkn+BwAAgBzE3P/iMBP5HwAAACoj5v47wkzkfwAAAKiMmPs3hZlkkv/1/73/v/6//n+l+/8rff//poPR/18bvP9/d/r/Pdxw/39M/38t9v9H+3v8g93/73n4+v/cFIP2/v8x978kzCST/A8AAAA5iLn/pWEm8j8AAABURsz9Lwszkf8BAACgMmLuvzPMJJP8r/+v/6//r/+v/995/73f/7/8k/7/YNH/707/vwfv/59X/7/Pxz/Y/f9+v///6Fvbr6//TyeD1v+Puf/lYSaZ5H8AAADIQcz9d4WZyP8AAABQGTH3vyLMRP4HAACAyoi5f3OYSSb5X/9f/1//X/9f/7/z/nv3/0v6/4NF/787/f8e9P/1//X/l9b/7/DNr/4/nQxa/z/m/rvDTDLJ/wAAAJCDmPvvCTOR/wEAAKAyYu7/qTAT+R8AAAAqI+b+LWEmmeR//X/9f/3/vPr/963T/9f/rzb9/+70/3vQ/9f/1/9f4vv/L7Sc/v/6XjdGZQxa/z/m/leGmWSS/wEAACAHMfe/KsxE/gcAAIDKiLn/1WEm8j8AAABURsz942EmmeR//f9q9f//9K+feHWh/6//32P/Fe3/x2Wg/585/f/u9P970P/X/9f/X5X+P/kYtP5/zP1bw0wyyf8AAACQg5j7t4WZyP8AAABQGTH33xtmIv8DAABAZcTcvz3MJJP8r/9frf5/pP+v/99t/xXt/yf6/3nT/++g6Umq/9+D/r/+f/b9//jdr/4//TFo/f+Y+18TZpJJ/gcAAIAcxNy/I8xE/gcAAIDKiLn/tWEm8j8AAABURsz9O8NMMsn/+v/6//r/+v/6/533r/+/Nun/d7fc/v86/X/9f/3/zPr/3v+f/hq0/n/M/a8LM8kk/wMAAEAOYu7fFWYi/wMAAEBlxH+/Wf67V/kfAAAAqijm/okwk0zyv/6//n9O/f+a/r/+v/5/5en/d+f9/3vQ/9f/1//X/6evBq3/H3P/68NMMsn/AAAAkIOY++8PM5H/AQAAoDJi7p8MM5H/AQAAoDJi7p8KM8kk/+v/6//n1P/3/v/6//r/1af/353+fw/6//r/Vev/F4X+P7fUoPX/Y+7fHWaSSf4HAACAHMTcvyfMRP4HAACAyoi5f2+YifwPAAAAlRFz/74wk0zyv/6//r/+v/6//n/n/ev/r036/93p//eg/6//X7X+v/f/5xYbtP5/zP0PhJlkkv8BAAAgBzH37w8zkf8BAACgMmLuPxBmEvJ/p3/XDQAAAKwtMfcfDDPJ5O//9f8r0v//zb9v2bf+v/5/t/33p/+/Qf8/TP3/wVLR/n/70+KG6f/3oP+v/6//r/9PXw1a/z/m/kNhJpnkfwAAAMhBzP1vCDOR/wEAAKAyYu7/6TAT+R8AAAAqI+b+nwkzyST/6/9XpP/fRv9f/7/b/r3/v/5/lVW0/983ler/D+n/6/8P1vHr/+v/s9DN7//HPy2t/x9z/+Ewk0zyPwAAAOQg5v6fDTOR/wEAAKAyYu5/Y5iJ/A8AAACVEXP/kTCTTPK//r/+v/6//v/N6f+/sWg3iP3/+uLR/68W/f/uKtX/9/7/+v8Ddvz6//r/LDRo7/8fc/+bwkwyyf8AAACQg5j7Hwwzkf8BAACgMmLuf3OYifwPAAAAlRFz/1vCTDLJ//r/+v/6//r/3v+/8/71/9cm/f/u9P970P/X/9f/1/+nrwat/x9z/1vDTDLJ/wAAAJCDmPvfFmYi/wMAAEBlxNz/9jAT+R8AAAAqI+b+d4SZZJL/9f/1//X/9f/1/zvvX/9/bdL/707/vwf9f/1//X/9f/pq0Pr/Mff/XJhJJvkfAAAAchBz/0NhJvI/AAAAVEbM/e8MM5H/AQAAoDJi7n9XmEkm+V//X/9f/1//X/+/8/71/9cm/f/u9P970P/X/9f/1/+nrwat/x9z/7vDTDLJ/wAAAJCDmPt/PsxE/gcAAIDKiLn/PWEm8j8AAABURsz9vxBmkkn+1//X/x+s/v/85ebr6f/r/xf96v/Xr6T/nwX9/+70/3vo0P9fr/+v/6//r//PDRu0/n/M/e8NM8kk/wMAAEAOYu5/X5iJ/A8AAACVEXP/+8NM5H8AAACojJj7Hw4zyST/6/9n2f9Pd3nw+v/e/1//3/v/6/+vjP5/d/r/PXj/f/1//X/9f/pq0Pr/Mfc/EmaSSf4HAACAHMTc/4EwE/kfAAAAKiPm/l8MM5H/AQAAoDJi7v9gmEkm+V//P8v+/wC//3/V+v8jLesjp/7/WNPjmdal/r/+/yrQ/+9O/78H/X/9/0Hu/4fVvGGR6+v/M4gGrf8fc/+Hwkwyyf8AAACQg5j7fynMRP4HAACAyoi5/5fDTOR/AAAAqIyY+38lzCST/K//r/+v/+/9/73/f+f96/+vTfr/3en/96D/r/8/yP3/HvT/GUSD1v+Puf9Xw0wWDX7P/dcS7iYAAAAwQGLu/3CYSSZ//w8AAAA5iLn/aJiJ/A8AAACVEXP/sTCTTPK//n97/z++o6r+v/6//r/+v/7/WtS//v8rbi8K/X/9f/1//X/9f/1/VmLQ+v8x9x8PM8kk/wMAAEAOYu7/tTAT+R8AAAAqI+b+E2Em8j8AAABURsz902EmmeT/W9j/Hx3M/r/3/7/R/v9P9P/1/wP9/870/1eH9//vTv+/B/1//X/9f/1/+mrQ+v8x98+EmWSS/wEAAKDC0o+DY+4/GWYi/wMAAEBlxNx/KsxE/gcAAIDKiLn/I2EmmeR/7/+v/+/9/29F/3+kZXv9/5L+v/5/P+j/d6f/34P+v/6//r/+P301aP3/mPtnw0wyyf8AAACQg5j7PxpmIv8DAABAZcTc/7EwE/kfAAAAKiPm/tNhJpnkf/1//f/c+/+1orji/f/1/zvtX/9/bdL/707/vwf9f/1//X/9f/pq0Pr/MfefCTPJJP8DAABADmLuPxtmIv8DAABAZcTcfy7MRP4HgP9n7y6aJDuvPA7naKSG1cxHmPWsZjmz0nwEb71zhNeOMMgMksxsy8wgMzOTzMzMMjPKKDuiHao+53RXV/a9DdlV977neTbH3aFyZqlTcvxd8YsLADCM3P13j1ua7H/9v/6/e/+/OZLn/+//6/X/p+n/9f+7cKC/v3r7X3e+KPy8/f///O91d9H/6//1/5P0//p//T/nWlr/n7v/HnFLk/0PAAAAHeTuv2fcYv8DAADAMHL33ytusf8BAABgGLn7r4tbmux//b/+X/+v/9/X/9+i/9f/r5vn/0/T/8/Q/+v/9f/6f3Zqaf1/7v57xy1N9j8AAAB0kLv/PnGL/Q8AAADDyN1/37jF/gcAAIBh5O6/X9zSZP/r//X/+v+19P/HPP//nO9H/6//30b/P03/P0P/r//X/+v/2aml9f+5++8ftzTZ/wAAANBB7v4HxC32PwAAAAwjd/8D4xb7HwAAAIaRu/9BcUuT/a//1//r/9fS/x/S8//1//r/lbt5c+bfCfr/g/T/M2b6/81G/z/lgvv57d/eet7/eej/9f8ctLT+P3f/g+OW/99sjl3qNwkAAAAsSu7+h8QtTX7+DwAAAB3k7r8+brH/AQAAYBi5+2+IW5rsf/2//l//r//X/29/ff3/Onn+/7TL7///+z/vdte+/b/n/0/z/P9d9/93fDL0/6zb0vr/3P03xi1N9j8AAAB0kLv/oXGL/Q8AAADDyN3/sLjF/gcAAIBh5O5/eNzSZP/r/0fr//9939ed1f/v1S76f/2//l//Pzr9/zTP/5+x96+5k/VL/b/+3/P/9f9cnqX1/7n7HxG3NNn/AAAA0EHu/kfGLfY/AAAADCN3/6PiFvsfAAAAhpG7/9FxS5P9r/8frf/f/3We/6//3/b6+n/9/8j0/9P0/zNGef7/JX5qjrqfv1xH/f71//p/Dlpa/5+7/zFxS5P9DwAAAB3k7n9s3GL/AwAAwDBy9z8ubrH/AQAAYBi5+x8ftzTZ//p//f86+v98Bf2//v/K9/9J/79O+v9p+v8Zo/T/l+io+/m1v3/9v/6fg5bW/+fuf0Lc0mT/AwAAQAe5+58Yt9j/AAAAMIzc/U+KW+x/AAAAGEbu/ifHLU32v/5f/7+O/t/z//X/nv+v/78w+v9p+v8Z+n/9v/5f/89OLa3/z91/U9zSZP8DAABAB7n7nxK32P8AAAAwjNz9T41b7H8AAAAYRu7+p8UtTfa//l//r//X/+v/t7++/n+d9P/T9P8z9P/6f/2//p+dWlD/f9ZXndg8PW5psv8BAACgg9z9z4hb7H8AAAAYRu7+Z8Yt9j8AAAAMI3f/s+KWJvtf/7+Y/n8v5xur/z+52Wz0/5um/f/Js/4863Op/9f/HwL9/zT9/wz9v/5f/6//Z6cW1P/v/Tp3/7Pjlib7HwAAADrI3f+cuMX+BwAAgGHk7n9u3GL/AwAAwDBy9z8vbmmy//X/i+n/94zV/3v+/7mfj079v+f/H6T/Pxz6/2n6/xn6f/2//l//z04trf/P3f/8uOnYNZf8LQIAAAALk7v/BXFLk5//AwAAQAe5+18Yt9j/AAAAsFI3Hfid3P0vilua7H/9/277/2Nn/Z7+X/9/7udD/6//1/9fefr/afr/Gfp//b/+X//PTi2t/8/d/+K4pcn+BwAAgA5y998ct9j/AAAAMIzc/S+JW+x/AAAAGEbu/pfGLU32v/7f8//1//p//f/219f/r5P+f5r+f4b+X/9/tP3/8TP/Uf/PGC6i/z916tT1V7z/z93/srilyf4HAACADnL3vzxusf8BAABgGLn7XxG32P8AAAAwjNz9r4xbmux//X/T/j8/6uvq/2/YbPT/+n/9v/5/mv5/mv5/hv5f/+/5//p/dmppz//P3f+quKXJ/gcAAIAOcve/Om6x/wEAAGAYuftfE7fY/wAAADCM3P2vjVua7H/9f9P+3/P/9f/6/8Pu/2/f6P8PxSr6/5Pnf/2l9/836v/1/xPa9f93+r99v9T/6/85aGn9f+7+18UtTfY/AAAAdJC7//Vxi/0PAAAAw8jd/4a4xf4HAACAYeTuf2PcdHWT/a//1//r//X/+v/tr3/Iz/8/ttls9P87sIr+f8LS+//dPP//3H/Kz9D/6//X/P71//p/Dlpa/5+7/01xS5P9DwAAAB3k7n9z3GL/AwAAwDBy978lbrH/AQAAYBi5+98atzTZ//p//b/+X/8/fP9/4yr6f8//3xH9/7Rl9P/np//X/6/5/ev/9f9cuKPq/3P3vy1uabL/AQAAoIPc/W+PW+x/AAAAGEbu/nfELfY/AAAADCN3/zvjlib7X/+v/7+Y/j/fp/5/rP7/+OL6/xP7/vuaPP9f/78j+v9p+v8Z+n/9v/7/Jv0/u7S05//n7n9X3NJk/wMAAEAHufvfHbf+r1v7HwAAAIaRu/89cYv9DwAAAMPI3f/euKXJ/tf/6/89/1//P/zz//X/rej/p+n/Z+j/9f/6f8//Z6eW1v/n7n9f3NJk/wMAAEAHufvfH7fY/wAAADCM3P0fiFvsfwAAABhG7v5b4pYm+1//r//X/+v/9f+n/wz1/2PQ/087nP7/pP5f/1/9/L/FPwX6f/3/3NczpqX1/7n7Pxi3NNn/AAAA0EHu/g/FLfY/AAAADCN3/4fjFvsfAAAAVunqLb+Xu/8jcUuT/a//1//r//X/+v/tr6//X6cj6f/zQ6H/9/z/0Kf//699v1rb8//P/d8v/b/+n91bWv+fu/+jcUuT/Q8AAAAd5O7/WNxi/wMAAMAwcvd/PG6x/wEAAGAYufs/Ebc02f/6f/2//l//r//f/vr6/3Xy/P9p+v8Z+v8jfX7+2t+//l//z0FL6/9z938ybmmy/wEAAKCD3P2filvsfwAAABhG7v5Pxy32PwAAAAxjb/dnXNZw/+v/9f/6f/2//n/76+v/10n/P03/P0P/r//X/+v/2aml9f+f2fuqE5vPxi1N9j8AAAB0kLv/c3GL/Q8AAADDyN3/+bjF/gcAAIBh5O7/QtzSZP/r//X/6+j/T506db3+X/+///s50//fqv+n6P+n6f9n6P/1//p//T87tbT+P3f/F+OWJvsfAAAAOsjd/6W4xf4HAACAYeTu/3LcYv8DAADAMHL3fyVuabL/9f8L6P9P6P89/1//v/H8f/3/juj/p+n/Z4zY/5+48G//qPv5y3XU71//r//noKX1/7n7vxq3NNn/AAAA0EHu/q/FLfY/AAAADCN3/9fjFvsfAAAAhpG7/xtxS5P9r/8/vP7/jr93XZ7/f3Kz/f3r//X/+n/9/5Wm/5+m/58xYv9/EY66n1/7+9f/6/85aGn9f+7+b8Yt+4ffNRf3XQIAAABLkrv/W3FLk5//AwAAQAe5+78dt9j/AAAAMIzc/d+JW5rsf/3/Ap7/P2D/7/n/2z8f+v9F9/9X6f/HoP+fpv+fof/X/+v/d9T/56dZ/9/d0vr/3P3fjVua7H8AAADoIHf/9+IW+x8AAACGkbv/+3GL/Q8AAADDyN1/a9xy1v7f1naPQv+v/9f/6//1/9tfX/+/Tvr/aRfa/x/fXF7/n/T/+n/9f9f+3/P/OW1p/X/u/h/ELX7+DwAAAKtzzXl+P3f/D+MW+x8AAACGkbv/R3GL/Q8AAADDyN3/47jltquO6i0dKv2//l//r//X/29/ff3/Oun/p3n+/wz9/y76+Wv1/2P0/5uN/p/Lt7T+P3f/T+IWP/8HAACAYeTu/2ncYv8DAADAMHL3/yxusf8BAABgGLn7fx63NNn/+n/9/2X2/3tppv7/NP3/afr/7fT/h0P/P03/P0P/7/n/+n/P/2enltb/5+7/RdzSZP8DAABAB7n7fxm32P8AAAAwjNz9v4pb7H8AAAAYRu7+X8ctTfb/kfX/8bda/7/6/t/z//X/+n/9/6Lo/6fp/2fo//X/+n/9Pzu1tP4/d/9v4pYm+x8AAAA6yN3/27jF/gcAAIBh5O7/Xdxi/wMAAMAwcvf/Pm5psv89/1//r//X/+v/t7++/n+d9P/T9P/b1R+U/l//r//X/7NTS+v/c/f/IW5psv8BAACgg9z9f4xb7H8AAAAYRu7+2+IW+x8AAACGkbv/T3FLk/2v/9f/6//1//r/7a+v/18n/f+0o+z/7/wf8y/r+f9H3v/nW9D/6//1/+zE0vr/3P1/jlua7H8AAADoIHf/X+IW+x8AAACGkbv/r3GL/Q8AAADDyN3/t7ilyf6f6f+P11+o/5+k/9///vX/2z8f+n/9v/7/ytP/T/P8/xn6f8//1//r/9mppfX/ufv/Hrc02f8AAADQQe7+2+MW+x8AAACGkbv/H3GL/Q8AAADDyN3/z7ilyf73/P819f/X6v/1//p//b/+f4b+f5r+f4b+X/+v/9f/s1NL6/9z9/8rAAD//z66VbA=")
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f00000066c0)=ANY=[], 0xfe37, 0x0)
lsetxattr$trusted_overlay_opaque(&(0x7f0000000180)='./file1\x00', &(0x7f0000000200), 0x0, 0x0, 0x3)

5.786738373s ago: executing program 4 (id=2190):
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000080)={0x18, r0, 0x301, 0x0, 0x0, {0x15}, [@ETHTOOL_A_PAUSE_HEADER={0x4}]}, 0x18}}, 0x0)

4.578662844s ago: executing program 2 (id=2193):
r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103382)
r1 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d', 0x1)
ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1)

4.031659343s ago: executing program 2 (id=2195):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x56a, 0x116, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x5, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000400)={0x2c, &(0x7f0000000280)={0x0, 0x0, 0x7, {0x7, 0x0, "5a7da32917"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)

3.789220513s ago: executing program 4 (id=2197):
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000005600)='./file0\x00', 0x0, &(0x7f0000000000)={[{@nodatasum}]}, 0x1, 0x559a, &(0x7f0000005680)="$eJzs3X2QVWUdB/Bzd1lYZGI3BMGBFShfQEIhpVRS7kBBuDJtkjU2GQtioaAwzBI1ii04WLgam1kz5QxCiwjDUmszGmXlygyQk9PWjIPIgjLThjG9SMXEFjU2e+99Lveey+5eyVxfPh9m99zn/s7znOeeOX/c72WfcyMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIoujgjtr/rB1ZV75+06hFt199cPSq0RNWVDWdHHWg+rzdl/absWjovuntdw6b0bH6SPX65tsu6IyiRKpfItN/3vSPX/+FufPmlIcBaz+Z3lZWdnfIdNfD6Ub/vCe7+uX/zI+iqCw2QGlmu7s0p52IHyBaXjhgj8pmbVsycEGyduvmp+ouX7J1XOFLp0t5X0+gr2Suq45T11Iy9bsktke2nXPpJfIu0XT/+AX3prwIAOB1mVST2mTfjmbe4mbb9fF6rJ2MtRtj7fAOoTG3cSbS4/bvbp5j4vU+mmcyHRUGdDvPWD1z/rPtmnj/WDsWNV7HPPN3zUSa8u7muSxW76t5AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALyVvFa3Ys34z714sOyX549bvfLk4WvLL3zoq/8uWXrzS68dqlnzl7ah+6a33zlsRsfqI9Xrm2+7oDOKKlP9EunuiWknXr1kYvWcUeuf+N7ETc+OP16aGTds++XsHO0PD66siKIFOZWOMOzRwVFUk19INaPvFhZuTT2YHQoAAAC8k5yb+l2SbafjYFleO5FKk4nUvyAdFstmbVsycEGyduvmp+ouX7J13JmPV9PNeMnTjpdtV576SeQE4xB/4+OdqoddlxeM07P4iPE8P+X5l1+oGHHtT5+pOu+mlde/NPKax9tmfnP48UX7K+8YtGrc2CsK8n9lz/k/nDn5HwAAgP+F/B8fp2e95f/PzK+75Y5HvnJszD2HVw66+8H9G4eVH7nplsn7/jj8hosvvqz2xoL8PybvkAX5P8w45P+S6MzyPwAAALyV/b/zf7JgnJ71lv/bhzff/MB7Di2sbOt4evtlK/b0X3j1RUMOPHTR3In3XjdozPkNBfl/UnH5v1/utMOTz4UJL66IoknFn1QAAAAgT/h/91MfLYS8nv7kIJ7XW+dtGd3y6swvTxj78KH6P1Vtnvj5jUMe37lh5jd2PXf3/RPbzi7I/8ni8n/Zm/NyAQAAgCI0HTpnxNBPJ38e3X/01vnf/+yuR+9b+sWrLtnbOWvC2l9UP72jviD/1xSX/wf0zcsBAAAATuPE+GsW/mPnkd9e1/yJ+5qO/v5Lq0p/NaNp9/62hqZ/bh81e/XkgvxfW1z+Pyuzzax8SHfaE/4K4VsVUVTe9WBZurA3apyWLQAAAABvkJDT75ryfMm9A6edu2Xub06Me+KFPZ/aN3vxhnPWTGp69n2tiz9y4WMF+X9Zz/f/D3c6COv/8+7/V7D+P6eQvuvfVDcGAAAA4N2ocD1/uD1++psLuvv+/WLX///w6xv+mqiqf/ID8342q/P9zT/Z2zr1wZNVf5hz/OGW5MgnL32xIP/XF5f/S3O3b+T3/wEAAMAZeLt9/9+NBeP0rLf7/7c980j1o1d+6GtXza2buuN3H77iz68Mn9qwPXpl+UfbFx342K5fF+T/xuLyf9gOyn15reH83FMRRSO6HmTuJrgtTHdxrNBSllNIn/hYj7mhR6bQMiCnkLIs1uODFVE0tutBfazw3lBojBWODc4UNsYKbaGQuR6yhR/ECq3hSvvO4Mx044Ufh0JmgUVLWEExKLskItbj79316Cqctkd79uAAAADvKiE8Z7JsWX4zikfZlkRvO5zV2w4lve1Q2tsO/WI7xHfs7vmoNr8Qnv/Rt294ecBdD2yom7Jl04KqhrPX/euxyZNuX7Z2Z93SziF/W7euIP9vLC7/h1PRP73pbv1/FNb/Z77XMLv+vzYUKmOFllCoid8xoCYcIx12G8IxKmsyPY6NyBYAAADgHS18LlDax/MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/7J373FW1nXiwL8zzIUZhplRMS+RISaKwTCMKYaZID/TnwQOq6WFJgSDjgxCXEzQTUTd1VzB2+ZtE0jdtIwoNbVUeGnekspLsKl5SfHSK41lS5Js133NnPM9nPOcOc5BQBn3/f5jzvecz/f6nMuc7/M85/sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/N2z85GVfeHmfj/xg3cKBi1eP+krfI4cMn3DMNTceu/jhb0/e777f//8+aw575sydR60955XRi245de+3QmjuKFeSKl5y6F/XNQwePabvotuvGbz0kYF/qUjXm46HXu1/StN3zoutru0dwh0lIZQlA4NrUoHy9P2aWF/fmhB2CJsCmRIt1akSyYbDA1UhLAmbApmq7qoKoSYrcOwT9624uD1xRVUIe4cQKpNtPFuZaqMqGRhQkQpUJwPTy1KBv76TkgncWZoKwBaLb4bMi355c26G+s7LFXj9lW+1jn2wksPrERP1hfO9MXIbdypLRfKB5i162vKqY5vIe3us9G7rBu+2vO18iact+4tU+hvKO5tClaF0csuUiXPaZsdHSkNDQ49CNW2j5/np9WdN2px0t3kdxg7Ub5XX4aoLe49d/OhRw2+tG35Dn0ELN25pNwtt3m2tMqRfc93meYxG+DzpBm+/vG9J/XzpCiHsf9v42798wcs3L7h87K4HPbHTsDc+u/vdLT+75YTxxx++fsVXf//jvPl//bvP/+PLOd6W5uSOrb5dm5qbx0dqYmJdbWpuDgAAAN1Gd9hr+srq/5722X3HDX185OrqW2+659SL7/v8tT9r3a/t4bE77fj8vvN+lDf/71fc8f94yL8me7QrQxjRkTi3LoRdOx5PBW6O3flqXQh7dqSacwMjE4GVIezWkRiYqSpRomcs0S8ReLU2HRiRCDwYA82JwI0xcEkicF4MLE8EJsXAykTgsBgIrbnj2K82PY6iA1UxMCG1EZfHsxD+XBtbS2yrZzJVAQAAbCXp2WF57t2scx22NEOcXi6v6ipDPAO7YIbKRA3JGWxmWlWwhrKuaijtqobMuOe/+/Dzai7pqua80zBKcjNcWXXLpT8aNumNu2e8tOG0Iz7x2quP1S/96afXXfPGU9Mr79/j8ofz5v+N7z7/r+ykIyV5x/9DGNfxN+YuTUfaMvEJzTkZAAAAgC3w1sADvvydsq/NfeH3jwz75K+vfez1lQ9/dO8zb1v7/Bk/+NZ3au4fnTf/H1Hc+f9xn0iPrMxhVdwNMbUuhMbcQKrag/MDqaPevdIBAAAA6A4yx+Mzx8Jb07epU7ST8+n8/M2bmT8e+B/Raf7131p2/Y6feGT2Q7W3zXhqw+NfWTl64bEz3xh05dmP7HvoQU+N/Gze/L+5uPP/q3NvU514MPbi8roQemYFHoq9bA906BcDLxyaG0iP/8G4AS6KVaVPTMhUdVEsMSEGGhOBJYVKPJYpsWtuIP1kZRo/NzOO1nSJrAAAAAC87+LugHhcPp7/v2LBXZf9x41/umzVgUtnnzz98de+V1H5zknL7zyxzwX39li008hJefP/CZt3/n/HPDjv9P62XiEMKQuhR/KHAauqUwsDxkBNSTpxT3Wqrh7JqhZUh3Bw+8CSVb2YXv+/LLnG4JNVqapiYNf+N60f0J64oSqEIdmBNeOXHtCemJMIZBr/YlUIH28fbbLxn/RMNV6ebPyqniHskRXIVDWpZwjtjVUkq7q/Mn0dg2RVyytD2CkrkKlqWGUIcwMA3VX8Xzo5+8FZc+dNndjW1jJzGybiTvyqMKW1raVh0vS2yZUF+jQ50eecdYzOyR9TsZe++V16jaLVx0ytKyad+aFgY3Zb6R35eWcOpu/HL0PlHeNsKs+5u39yyPvuld9EyPoqVWjIpdt4yNXZlWx6EvPqj/krQq/Qc86slpkNZ0ycPXvm0NTfYrM3pf7G40ypbTU0ua2qO+tbES+PgstlJbzXbTUgu5Ihs6fNGDJr7rzBrdMmntxycstpwz7VNKxp6P5NjUPaB5X+28VIB3RWc2Kk7ywtclhbcaS7l2VV8n58aEhISHS3xE2Xj39m0UcXV3538UmXPHH++WefcvrOt1057ft9p48fdOXnlkz9et78f8a7z//jp0784E+vz1Do+H99PMyfenzTYf4JMbCk2OP/9YWO5mdODOiXCMyPgfkO8wMAAPDhEHdHxr2Zcad07SvfOP1/Tjii9NA/HP2LpqGDdrnw1qkDbnx94+kf23vekmvLKvKv/ze/uN//b6X1/zNL1x9VaJn/gbFEY6H1/5PL/GfW/59faP3/5DL/mfX/l3wA6//PyQQSm+TP1v8HAAA+DN6/9f+7XN4/eYGAvAxdLu+fvEBAXoYul/Ev9gIBm73+/89/XrbDx47YrW/ZF56YuNedB/7mpGkP7vKjUVev+3RT/TfPWPPzZXnz/0uKm/9buB8AAAC2Hyfs+6UBC14a8vVzpj/ww8Ezdn7purOfH3HPL4/75MYxfddVr+v76bz5/5Li5v/v//p/odD5//0KBZoLLQxo/T8AAAC6qULr//3t42d987p+O24Y1O/M29+6emrJ8L2fO/XXbRc9NOrwj435xyWTrs2b/y8vbv4fT7sozckde/N2bWpNu5Bc025dbeYnAwAAANA9lIaGhvIi8+YsjDryvbf5dHop0HdLZ9vtE6vWnHvvdX8fcvP5C9Ydf3rtQUf+oeyQOydf99KCU/boX/Pc2rz5/8ri5v85v8tYdWHvsYsfPWr427fWDb+hz6CFGzcd/wcAAAC2nWL3SwAAAAAAAAAAAAAAAB+8Y1b95Kz/+uWY4+4cNu/qR3d+/OT//PqsM1on/aLtiHUHPLv0hk/tk/f7/zCuo1yh3//H6/7F3xf0yckdW+16/b/0/WNHL5vbsWThqtoQ9soOTF0wdYeQvjb/PtmBFScO3KU9sSBZ4u7nDnu5PXFSMnDk4B03tCc+kwhMiIsk7pYMxKsqbuidCMTlFZ9MBuL2WJ4MVKQDF/ZOjaMkua3+UJPaViXJbfV0TQh1WYHMtrqjJtVGSXKAVyQCmQF+LRmIAxybDpQme7WsV6pXMVATiy7uleoVAADbrfgtsDxMaW1raYxf4ePt7mW5t1HOkmXn5FdbUmTzv0svTbb6mKl1xaR7JL+LbrrWeHmobB/C0Lyvq9lZSjpGuXVq6WLT9Skw5K5WeystUC5pczddReERVaVG1DBpetvk8i4Hvn/XWZrKuswyNG+yk52ltGOTFlFLEX0pYkRFbpsiuhzvl4aGhh6JXMNjsD7k6OoVUezv9bPX+Sv0KsjOs3zUQQOOW/bcgRMWPXnQtKnhI5e9M2Li5FmHXPHiU0vnjxw0oUfe/L++uPl/Zfa4NqQvBjA/Xlnv4LoQJhQ5IgAAAPjwO+W05y674P5LX32hecDL04dcuuK3c6+aV1Z783mHP3336W+OX3jSlsYHDHtj6Kl3/ebcjU2jHrqy99X3X7PTkXU//H/Vvea+tWLQmy/cvVfe/L9fcfP/uAcrfSg4tbdjZbz+/7l1IXRcWr8+Fbg5DverdSHs2ZFqjiVSF9Q/KpZoTAVujjtMBsYSE5pzq+oZA8sTgVdr04GVicCDMZDeS3FTSO/KubQ2hAM6UuNyS8yIJeoTgaNjoF8i0BADjYlA7xgYkQi83jsdaE4EHo2B0Jq7rW7tnd5WAAAAmyM9zyrPvRuS87zlZV1lKOkqQ3VXGUq7ylDZVYZCo4j3fxwzlCdOXinJylSerLUqUUtehngx/M3uV16G8FhuzmTBvKbj+QeZ8w1KcjNccWbF9Dc/33/R8UPGrB/ftPhzc38a/uHtOW9d8OYvz6977pqNJXnz/8bi5v/Vubep1h+M8/9N1/9LBR6K3bs8njreLwZeODQ3kN4x8GCc7F6Uqao5XSI9ab8olhgRA/0SgRkxMCIRmDAuHViyS24gPdPONH5upvHWdImsAAAAALzv4g6CuJsmzv+fXTv+iWnjf3vQZX1nLzx/+VFffvrXx736i3t73v3d/osebitZuzpv/j+iuPl/bK9XdmPnxd6s7R3CHSWbepMJDK5JBeJ+jJr48/i+NSHskLWDI1OipTpVoiLRcHigKvUL9YpkVXdVpdYYiPePfeK+FRe3J66oCmHvrL0vmTaerUy1UZUMDKhIBaqTgellqUDc85MJ3FmaCsAWy+wVjC+o9KkuGfWdlyvw+vuwXBM0Oby8faCd5OvsN1fbSmXygfQ+1YzNe9ryqmObyHt7rPRu647vtnrvtuwvUulvKO9sClWG0sktUybOaZsdH8n+JWuebfQ8Z/9KtZj0Vngdzn/vve1aZbIDjYmPj8bOy3X+OiyJ1a26sPfYxY8eNfzWuuE39Bm0cGPR3Sgg/lB45rCr6rM377ZWGdKvuW73edLs86Q7/hvo52kLIYy7d+xFjYfcuHDSiP7X73xH7fDLvzT4lkMbnx1XM2eXw8e89sV5efP/5uLm/2WJ2w4b48acVRfCvlkbd1Xc/KPqUp+DWYHUp+RO+YHUIfeXagt+cgIAAMDWltndkdlf0Jq+TZ0Qnpwn5+dv3sz8cX/FiE7zF9vv/lecsnL0hAN/23f8XoccvM9Zdy04er+/Tbz+tT9Wj5z0wPd+tfr6vPn/hHef//dMdNPxf8f/2UYc/+/U9r4rumfygflbtCs6rzq2Ccf/O7W9v9sc/++U4/+O/3fG8f8uOP7fqe39acv7ljTDl64Qwr9f/vm/vX3Pbv02LC393pQH5vU//rLvL1r2k52f+efH/mn69H33/FXe/H9GcfN/6/91vmhfZv2/CYXW/5tRaP2/+db/AwAAtqkCC80l53l5q/flZUiu3peXocsFArtcYtD6f5u9/t+L/3Lpgr2mjv3GiWc9dnDvR+tHrRkz6O8nvbrnmuuevHLoIyf8/dt58//5xc3/48uhV3br3WX9v37jClR1SQzMsDAgAAAA26NCOwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4YJ31xynnjVjw+J+ap39l/fLx32nd8fGHprzefMQPRy87es0pu5xyb581hz1z5s6j1p7zyuhFt5y691shtHaUK0kVLzn0r+saBo8e03fR7dcMXvrIwL9UpustT99+NCd3bPXt2hCWZD1SExPratvvbAocO3rZ3LL2xKraEPbKDkxdMHWH9sSNtSHskx1YceLAXdoTC5Il7n7usJfbEyclA0cO3nFDe+Iz6UBJsrv/1jvV3ZJkdy/uHUJdViDT3VN751aVaeOIdKA02cZ3a1JtxEBNLHpVTaqNGGiLJVp7hjCkLIQeyaoeqUxV1SNZ1U8rU1X1SFZ1dmUIB4cQypJVPV+RqqosOfLHKlJVxcCu/W9aP6A9sbQihCHZgTXjlx7QnpiZCGQaP6YihI+3v2SSjd9anmq8PNn4v5aHsEcIoSJZ4s2yVImKZIkXy0LYKSuwaSOWhTA38OEQP30mZz84a+68qRPb2lpmbsNERbqtqjClta2lYdL0tsmViT4VUpKVfuec9z72360/a1L77epjptYVky5Llyvv6HJTec7d/bf33sd+VWdXsun5yKs/5q8IvULPObNaZjacMXH27JlDU3+Lzd6U+tsjHU1tq6HdZVsNyK5kyOxpM4bMmjtvcOu0iSe3nNxy2rBPNQ1rGrp/U+OQ9kGl/26NkS59/0e6e1lWJe/H+19CQqK7JUpzPt0at/fP8bwv+ps6Wh4qOz6g86YV2VlKOka5NQY98j2O+L18TelyREPzJg55WZq6zrJ/3mRiU5aqVJaOr3V5k8Psmko7Nmm8XxoaGnoU2g71uXezN+8bW7B5n05vumLTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwv+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwLAAAAAAgzN86jJ4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAD//+GI8JI=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101442, 0x1ff)
ioctl$BTRFS_IOC_LOGICAL_INO(r0, 0xc0389424, &(0x7f0000000100)={0xf000000, 0x0, '\x00', 0x0, 0x0})

3.731328333s ago: executing program 3 (id=2198):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000002640)='/sys/power/resume_offset', 0x0, 0x20)
getdents(r0, 0x0, 0x0)

3.52180785s ago: executing program 3 (id=2200):
syz_mount_image$romfs(&(0x7f0000000140), &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="007a93b9d6cfc45636b907277d9dbc239676439a4b03adcc20dc27453a1a833c802e8650810eff9fdc8bb6e768076d890752db516f649dec5891435b1f58f186364bdaa1125ea94a5612d57018cabe3abbf321deff9ed2c8785be41507def3240220d808940ac2bb251873ea3f1bdb0d5ee04cf4ffd184dbadc5c6f95ad3a49841645535cd00151145a07f0000007792c93473b9878343b5f12ef5329eb2f14caa61dc0dd0aa6d91ebd9522a076cb40792e8541570a733ad433f6fc926cfa2890a6005fd74a822076e172f1f5ca254e5936e8c3eb5b4d966f1d6b8772fcc0f000f85bd3ed8c95c267f4cd1acd681b1"], 0x1, 0x12d, &(0x7f0000000200)="$eJzs2r9Kw1AUBvCjCEIfwamQgHXIf62DuyA4+QSG9t704o23JIK0U/EFFIfrI7i6iW4+QmafQN/AKZI2sTZ316Hfb7kfOZeTZDnTcTKVBjx3iPZm92cfm5lKu/3ocMADHtPCCRF1q1CU5YNLhvOfelHOXOOC9VqfvUSfvnAhWWj2AAAAAAAAAAAAAAAAAAAAAABYE9ZnHTojrR65kCz4Vc0n04tYSpblzROb6h0d4lodVfejlX69LyJ7vr8j9PFNVfdX6nbTaXek1Ub7fd5VOvbyydQRaZywhF2GYdT3933/IPTmvbx2R/uu/iYqyuexuU9kPy33id59c5+IOotja0fo2+t29+X/IyAgIDShPT9ouB1Zb9X8cAdKDv9wfhgTDeCffAcAAP//NHw5bA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x20)
getdents64(r0, 0x0, 0x22)

3.139342267s ago: executing program 3 (id=2202):
r0 = socket$inet(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @local}, 0x10)
syz_emit_ethernet(0x32, &(0x7f0000000240)={@multicast, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x11, 0x0, @dev, @local}, {0x0, 0x4e20, 0x10, 0x0, @gue={{0x2}}}}}}}, 0x0)

2.95951734s ago: executing program 5 (id=2203):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f00000003c0)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r0 = syz_open_procfs(0x0, &(0x7f00000042c0)='mounts\x00')
pread64(r0, 0x0, 0x0, 0x61a)

2.838344391s ago: executing program 3 (id=2204):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0x4, 0x4, 0xff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r0, &(0x7f0000000140), &(0x7f0000000080)=@udp6}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r0, &(0x7f0000000140), &(0x7f0000000080)=@tcp6, 0x1}, 0x20)

2.501038373s ago: executing program 3 (id=2206):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)

2.352188753s ago: executing program 5 (id=2207):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1a00fe00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000ca00000095"], &(0x7f0000000000)='syzkaller\x00', 0x3, 0xfe7, &(0x7f0000001e00)=""/4071, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

2.283441835s ago: executing program 0 (id=2208):
syz_mount_image$vfat(&(0x7f00000003c0), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003b40)=ANY=[], 0x8, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN")
r0 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000140)='.pending_reads\x00', 0x1a10c1, 0x9c37611dc13d0d83)
fchown(r0, 0xee01, 0x0)

2.028421997s ago: executing program 0 (id=2209):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='5\x00\x00\x00\a'], 0xd)

1.93539939s ago: executing program 2 (id=2210):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x34, r1, 0x431, 0x0, 0x0, {}, [@ETHTOOL_A_PAUSE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_PAUSE_AUTONEG={0x5}]}, 0x34}}, 0x0)

1.897032791s ago: executing program 3 (id=2211):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r1=>0x0})
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000080)={r1, 0x1, 0x6}, 0x10)

1.821900496s ago: executing program 4 (id=2212):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000080)=ANY=[@ANYBLOB='acl,heartbeat=none,dir_resv_level=00003,coherency=full,coherency=full,localflocks,coherency=full,noacl,\x00'/119], 0x1, 0x4421, &(0x7f0000004500)="$eJzs3c9PHGUfAPBnBt63UNsKtYeamLiJTTRqCPSk0kRKaSm0WFNtY7xsF9i26MI2sBgPPeCtiScTD8ZDo4k3Tg0Hr/VP8OKxnpvowYuJSSNmd2eBGXbDSliwzeeTlNl5fu9+d5595jB94kTl9txSbm4pV1jIlWduLp3OfVYuLc8XQ7xPDrp/2tOJOIn9wbly7sIH10+H8NPsL4/X19fXQ1V3aGpoy+s//7g7s/XYEGfqVNtt3tpe+TiEcGLbuKq6Qggf/RhCFEI4m6SNJsfeEMKxUM+7fvfLG7k9Gs2DR8Uz+SdT99aGT02u3l9r/d6jEL4tvfjmrfnfXuka/vX1PeoeAAAAAAAAAAAAAAAAAICn3PjVK9feHxwKD6PQvRptf153PDm2ej52fc+83Pk3CwAAAAAAAAAAAAAAAAAAAP9Rm8//56LjTZ7/H0uOIy3qr7/b+THSORPvXRk7PziU7P8ebct/K0n6/WxX6G+y73t2//ezmfrN93/f3s9uNcbX6LcvRPFA6jyOBwZC+D7Z+P1kdDgulZcqb9wsLy/M7tkwnlrp+Nd3709FJ9nQv934j2ba7/z+/y9s+zZVz2/s3VfsmZaOf1fLcj98EbUV/3OZevsRf3YvHf/uWlrv1gIj9QmgGv+vuneO/1im/U7F/1gIIRdVx5pLzQDVNUw1vdV6hbR0/P9XS0tNnckH2er6/ysT//OZ9g9q/l/J/hDRVDr+/6+l9aRKbF7//fHO1/+FTPsHEf/q+Ff8/rclHf9D9cTuVJHaJ9nu/D+eab9T8b8WJ+M8FqW+AatRPb3V/1dHWjr+PdvyN+//4rbWfxcz9ffr/q/Rb+P+rzH9vxbV7/9oLh3/3pbl2r3+JzL1Oj3/j9TWf+xWOv6Ha2nptXNf7W+78Z/MtN+p+NdWJT2N+G/OJ38fqqd/Z/3XlnT8n6snxltLrNT+1tZ/0c7r/0uZ9g9i/Vcd/0rc2V6fFen4H2lZrhr/n9v4/b+cqdf5+IcwaK2/a+n4H21Zrnb99+wc/6lMvU7H/9VONg4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwFBhNjn0higdS53E8MBDCueT8ZDgcTRdm89Ol8synSyGMJem5cDy6VSpPF0r5uYXybDFfKJXKMyGcT/JPhJ5oqVSu5OcLdy5stNUb3S4WFivTxUIlhDCepL8Ujjbamp6rzBfuhBAubuQ9H5cX79wuLORn5xbfGRwcHAwTG2Poj4qfV4oLlXrv9dwQJjfq9kVbBlfLvrQxliPRJ+XlxYVCqZZ+eUudUnmmUNpSZyrJ+zr0R5XF5YWZQqWYL5VvNfo7SCPJcWzi6odXLw9ty78R1Y+j+zssAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP6lh8NvfxNC6K6fxSGEXJS8iJJ/KQ8eFc/kn0zdWxs+Nbl6f+1xszIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/7ADBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFXfpHaSCI4gD8Ziy09BhWy25nu6KIFq4InkCP4WH0KF7CO1ikSJsiBJJZCPsHtkmq72sezI+Z92AeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyz2+de+vdROR4mp7GfH7+fd/nD+X+n03ff/iDDNyOk8v3f1D3ZR/T6P8thyt2rxPN+uvj5iovZ/Bngz36WDcZ2hu3+bm6/teR8pVRLQlv0k5V9WytwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAHTtwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgWMBAAAAAGH+1lH0bQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPArAAD//z8QH1I=")
mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
chmod(&(0x7f0000000000)='./file0\x00', 0x0)

1.723381247s ago: executing program 5 (id=2213):
r0 = syz_mount_image$hfs(&(0x7f00000001c0), &(0x7f0000000140)='./bus\x00', 0x14000, &(0x7f0000000000)=ANY=[], 0x4, 0x293, &(0x7f0000000900)="$eJzs3c9q1FAUx/HfzcSaaqnpHxFEEKoFV9LWjbhRpFv3rkTtjFA6VNAK6qq6Fh/Ava/gQ7gSX6CuXPkABcHIvUnazDSZzJ9mMqPfD+ikMzk350zuNPcMlAjAf+v+5sHnWz/tPyM11JB0R/IkBZIv6aIuBa9297b32q1mr4EaLsKGmPjBPXba2m3lhdo4F2Hdk0L7k6+5o+dQmSCKoh91J4HauU9/Dk86m3w63evB2DOrxn7dCdTMHOpQrzVfdx4AgHol138vuc7PJet3z5NWk8v+P3X9P6w7gZplrv++dKDI2PN7wb103O+5Fs6u/by0SxzmWDOKZ1bHAtOUdZUuF2/22Xa7dXPrebvp6b3uJjK7LWtFUjOeuqlstu9ODr2S05ue1MgbbTDnXQ1nbA0bBfkv5cWN8m6XMV/NN/PIhPqk5tH6z4+MPU3uTIVdZyrOf614RFdlGO9VUOWCO8jl5AiJkiqD/I5E6YxaUOcXBGFZni5qsSsqrm69JGopN2qjJGq5O+p4NhdHVs18NA/Nin7pizYz63/Pvtur6ueTafdxeyYzo2c9vtszlPQnimn/Su6e3ghFYVAf9FS3Nf/yzdudJ+12KzLSvt14kT5jZLTT8cwAG1eHihp4wx8+w8nf8FXZIdJJMCGVjmNjVtIEpFHxhl2fn9KA9f56wngcn/R+Ix5UmxDGza67TNz/ZfqVNdci2f/CHuv0qGzwzIjrBb3BohvnXHEHlxEcDVvYwfXbc127IV0vP2IqdHlqtqzgKWE29V2P+f4fAAAAAAAAAAAAAAAAAABg2ozjzxLqrhEAAAAAAAAAAAAAAAAAAAAAgGn3O7kpy2nd/zcY9f6/6uf+vzODFQkg198AAAD///PAhLg=")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a4443c, &(0x7f00000004c0)=ANY=[@ANYRES16, @ANYRESHEX, @ANYRES64=r0, @ANYBLOB="f1bcde2281a84392f4e66ff7ef22aa9af727ceae8a8ec95fc1b73083de2de825a0cb2b0be774fdb33650d7dace27c16bc23b2f7c7fb72585548939698f280d138aa9255a8a924008f8477e82ba11cdb11efd5ca2f1ab049ce2ccc415d2daf8dac725533a558d561654faf5e0924f1376174f374d664fad4a6ab24ec0e822e7f9426e8e5de1fe58085a0ae86fd02a118b9365961834d46208b9fb4cb1a1fa962a8b0000dc2e319379ea1e5a07aeb3f9cd4e648df4dd18e6253e7b2310a78d63a232a2a40758027a472e7d263ef567a84166f26ee56e701c63a886378788a512f28edec086b1c0823c028840eeaf3f5d8769023c01218614f4fa40be9892e7a285ac63f7f97aaa5b8ecc86e28c6193bc21a2b833e5c9c703c4cfa063dd34c245706bde3d7ac373abe788a36ef25bad99be2aa924949558c800"/341, @ANYRES32, @ANYRESDEC, @ANYRESDEC=0x0, @ANYRES32=r1, @ANYRESOCT=r1, @ANYRESOCT=0x0, @ANYRES16=r1, @ANYRES8, @ANYBLOB="2026edcf7e52c453260c4c6a79f996557847e28286a656d03c54394159aac8ea80292bf26c3c5dd8048c9e89665922ee4d3624f9e7d9f8774f04ca68e4d640218cbcfde03173fe3002eac0f4c3a637fa7e7529b0b4c897689c3a5f264f877fbef4cb99b019aa20bd9b58bfdf91bf1230b33ce6e3c8af634216be4c9b9b6c1c9f672ac47cfb78c6289b62856874478459b705cce3f20c46f696a6ac69b11a9621a6440d2f0b0d2341440e2cdecf7d0eaa91807e2983e4ad4ca73e10a1cc52f7e523bf15de880c", @ANYRES64], 0x0, 0x0, &(0x7f0000000000))

1.664394685s ago: executing program 0 (id=2214):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000140)={0x5, 0x4000})

1.44929677s ago: executing program 0 (id=2215):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = inotify_init()
inotify_add_watch(r0, &(0x7f0000000280)='.\x00', 0x25000001)

1.309651231s ago: executing program 5 (id=2216):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r1=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x5}}, &(0x7f0000000040)='GPL\x00', 0x5, 0x19, &(0x7f0000000080)=""/25, 0x0, 0x0, '\x00', r1, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000, @void, @value}, 0x90)

1.222972618s ago: executing program 0 (id=2217):
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r0, &(0x7f00000018c0)={&(0x7f0000003ec0)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000140)=[@rdma_map={0x30, 0x114, 0x3, {{0x0}, 0x0}}, @rdma_args={0x48, 0x114, 0x20000001, {{}, {0x0}, 0x0}}], 0x78}, 0x0)

993.116321ms ago: executing program 5 (id=2218):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000940), r0)
sendmsg$IEEE802154_LLSEC_GETPARAMS(r0, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000a80)={0x14, r1, 0x1, 0x0, 0x0, {0x22}}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

983.147795ms ago: executing program 0 (id=2219):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0xeef, 0x72d0, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000140)={0x24, 0x0, 0x0, &(0x7f0000000240)={0x0, 0x22, 0x5, {[@main=@item_4={0x3, 0x0, 0xb, "59aa0c74"}]}}, 0x0}, 0x0)

795.371705ms ago: executing program 5 (id=2220):
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb1000000001020009050276"], 0x0)
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000400)={0x14, 0x0, &(0x7f00000001c0)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000c00)={0x44, &(0x7f0000000440)=ANY=[@ANYBLOB="4017710000000398728c3b22ec5eea01fbaede0025e8c4b81f4e019df1c3292d299f72873cfef583ac4ddfb36332de208ac965c8f7b7c8e501fcffffffffffff568b89d7857d431745202c58f9c8462db18219583bcecd9b230b81c319809f81"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xc38, &(0x7f0000000200)=ANY=[])

0s ago: executing program 4 (id=2221):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./bus\x00', 0x1808014, &(0x7f0000000600)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461002018bbdecde39739fcd1df176dde746ec834120600000000003b048000000000000072462abc30ef5b65c70f73ecea54b5e5bec5aca9836c319f653557e79a002208ceae6dda659bd5ba0f4ce5c2080002223dc60000000000000044cd0a1e36868736000000f6a55493b4b81d5b9fa9b40fe4d76afc3a989c6d60044e89eb96e44d01a1174e3797ffa86870b82939f41ffa0f3d726f085663c29cbdc4c766a7eb77cc369c71e57fafab52f325ca91e684160191acf5ae7469c82ab4145b595b987d75912afdcc1c061835294cc0c618aba204f8adaa20c80108d356cd887ba217c8f569e6d0caf75052a77056b06e7068c40f807d9e539f8f5b64a8ee0725aa8d00000000007cb6ac0d90ea79b8027cf75964dd86c2ed2b5e75779677a28c76b848dd03dab190b5f02ec52830f3ff01eaae1c3df076000000000000000000000000000083a48a6b926c668b9ba42490175018ea3619f9d80a0b894e212178e1a19909d764666264fa29e2c055fd7f8e67c2acfb75f0a8d41692f4542a575ee42ed94a0014fba44985cca9df12fe93bfaccf0122a6e7e593613ac011170182f99766e86fb125cc6799c43aa4dc708dc4a00a6decad26f0378072a571da000000aec3dfbae348b5b494f6fddb9f56142a47a40ef81690a7eca421bd0ad198afa58ce69d61c29deaa93c0efea0f1415e90fd0400bad5f796374bb196e60e537b8ffca80a5ec3c5c063aab2c87a7824c4fbfab7264185e1b2e59012acbf3732abe75b848de8ec4aaba2e3c8cd14dd9bf9499952815b9fb34057a585a9c18a11f3d496825b3fcb0c8aa89e079fd78997da864b302139b2b10597100846b55f7d0b050b7b0ef7e9c897c50b53404acdd701425323201b33465fddec69c37cb13fd441a830af5ea73f4ac82d7926eb0db1141003d148473077a76c3bee7e37dc799abb47bd67cde7958c50fb2d15c9cc196e4bff1d00"/716], 0x5, 0x558b, &(0x7f00000079c0)="$eJzs3EtvG2UXAOAzTtP71y9CLNh1pAopkWqrTi+CFQVacRGtKi4LVuDYruXW9kSx64auumCJWPBPEEisWPIbWMASdogFiB1SkWcmULdJC63jQPs80vjMHL8+874jK9KZiRzAU2sp/e2XJI7FoYhYiIijSeT7SblF3I44X4x9LiKOR0Tlri0p838m9kfE4Yg4Nile1EzKtz47OT5x9uc3f/362wP7jnz+1Xd7unBgTz0fEf31Yv9mv4hZJw93Fsp8Y9zNY//MuIzrUzX6WZG/2V7LK9xsbI1r5PF0pxifrd8YTuLVXqM5iZ3u1Ty/PihOOBx3tupMPpBea2zkx632Wh67wyyPnVvFeTdvFX/bbg1HRZ1WWe+jvHyMRluxyLc328V61q/nsTkYlfmibtZqb07iuIzl6aKZ9Vr5PNYe9Sr/+73VHdzYTMftjWE3G6Rna/UXavVz1fpG1mqP2meqjX7r3Jl0udObDKuO2o3++U6WdXrtWjPrr6TLnWazWq+nyxfaa93GIK3Xa6drp6pnV8q9k+lrl99Le610eRJf6Q5ujLq9YXo120iLT6ykq7XTL66kJ+rpO5eupFfevnjx0pV3P7jw/uWXL73xajnovmmly6unVler9VPV1frKU7T+j8tJ/4P1J9unf/j+8S4bFHb4ggGws/v6/7i3/w/9PzBzD+j/49pD+v/+9fJ4d/r/2Lb/r0z3/zHL/n/SUun/H97/Vvag/10M/f8urh8ey6P1//tnPg8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAObux8UvXs93lorjI2X+f2XqmfI4iYhKRNzZxkLsn6q5UNZZ3GH84j1z+CaJvMLkHAfK7XBEnC+33/+/21cBAAAAnlxf3j7+adGtFy9Lez0h5qm4aVM5+uGM6iURsbj004yqVSYvz86oWP793hebM6qW38A6OKNixS23fbOq9rcsTIWDd4WkCJW5TgcAAJiL6U5gvl0IAAAA8/TJA999aW7zYM6S2HqUufUsOP/P+78eCB6aeg8AAAD4D0r2egIAAADArsv7f7//BwAAAE+24vf/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YOd+ctMGojgAPxsM/auiqvtepTs4Ro/QZZeFA/QSHIGeoFIvwBmolEWOkIQIe4LkBKRIjHGCvk+ynRlHP88AmzeWBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu/a9Wsz+/vv4+Mebv7fY0maYDAAAAHLCpVrP6j0nTfp/6P6auz6ldREQZEYdq90GMWpmDlFMd+f/q0Rj+RdQJu/5xOt5FxLd03Hzq+lMAAACAy7VeLKdNtd6c0hLAVb+j4kyaRZvyw/dMeUVEVJPrTGnl7vQlU1j9+x7Gz0xp9QLWm0xhzZLb8PC9Ua6HtA1al4eZzOsvsW6V3TwXAADoU7sSOFKFAAAAcAF+9D0AzuFpaV/sT/v3jOPmkl4Ivm21AAAAgFeo6HsAAAAAQOfq+v8l7f9X2P8PAAAAsmv2/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBLm2o1Wy+W02P358/MudueJt+MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB79ucdBUIgDMJg7/rOZO5/WGnQ0NikCoSPvzEYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN787i//J6bGmWTutbH0PJKsnRpbp8beuXH0h/H1awAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYn5cUCIEgiII5438nff/DSoKeQYQIaHhUUYsGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAL/rdL/8npsaZZO60sXQ8kqxdNbauGnsPGkcPxtu/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYt2PfNqowAOCffbbbFBAhoEgEUJE6wEJTt7R0RQgUMfAnIEWpUwIuhTYDrSJKFjaUuQuCESEkUNjyP3RupC5l65AhSEwMQXe+S8+JoVFp79zm95Oe3+fz9b3vna0qn98ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKCw9W682szjJH2YHMTFsdvbKwtpv7mnT22s3ZlJWxo3Ks77CfBa+cnx6foSAQAA4PBIivo+Iu621+fSvjmZ1f/t4py05v/huUFc1PN76/7N7ZWj+UszRf3/+2/3XtqdaDLJ5kkHXVzq907tT6X1mJY49p5/4Bmt7Mpn370k2RvS/HD1xa12dj0b39269X4nC49UkS0A8DBOFn0eFH8PpX23zsQAODRapcK7qP+TyXpzAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKjC1mo8U8SNiJhp3Y9Tm9srC6P6b9buzGzk7dzNm2vlMdMh2hGxuNTvnapwLeOruJrXP5vv93tXrl6rOjgeESNeunGwf57k6f/rOZ2IGDpy4uUR43x8gLn2jLMvyD+eUe01nEjX98CTG0NHGvsu+Hs7A3V8AKoKmvn7My75PMqg+Ow9+pEr/u8IAICnXjtvaSV6t70+lx5rTEXs/Dhc/79RimOo7t+5MTgyeL5Rqv/vfXLudnmucv3frWh9T4LZ5UtfzF69dv2tpUvzF3sXe5+/fbr7TvfM+bNnz89m35XMLkbTNyYAAAD8D528lev/5tT+/f9jpTj+Y/+/XP9/+X336/Jcifp/pPubfnVnAgAAcBh1dqMXXv/rz8aIMxqdTnw1v7x8pTt43H1+evBYaboP6UjeyvV/MlV3VgAAAEAVtlYbQ/v/F0pxHHD//9mfXvmlPGYSERMRlyOid3Lhcv9CdcsZa1X8UDmbqFP3SgEAAKjLRN7K+//t7P7/5u4tD82IePNExN/5b/jjgPV/8sG3P5fnKt//f6bSVY6f5vTgemT9dERruu6MAAAAeJodzVta7P/RXp/79NdjH3Xc/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQtX8CAAD//4ztMoY=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
write$UHID_INPUT(r0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

06950][ T8740] netlink: 152 bytes leftover after parsing attributes in process `syz.5.1293'.
[  195.751641][ T5319] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  195.941938][ T5319] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  195.961564][ T5319] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  196.016457][ T5319] usb 4-1: New USB device found, idVendor=13ec, idProduct=0006, bcdDevice= 0.00
[  196.058487][ T5319] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  196.098561][ T5319] usb 4-1: config 0 descriptor??
[  196.324835][ T8768] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1306'.
[  196.362360][ T8771] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 0, id = 0
[  196.386991][ T8772] IPVS: stopping master sync thread 8771 ...
[  196.500884][ T8777] loop4: detected capacity change from 0 to 16
[  196.523291][ T5319] zydacron 0003:13EC:0006.0026: item fetching failed at offset 4/5
[  196.563004][ T5319] zydacron 0003:13EC:0006.0026: parse failed
[  196.576158][ T8777] erofs: (device loop4): mounted with root inode @ nid 36.
[  196.589844][ T5319] zydacron 0003:13EC:0006.0026: probe with driver zydacron failed with error -22
[  196.725101][ T8778] loop2: detected capacity change from 0 to 4096
[  196.730365][ T5319] usb 4-1: USB disconnect, device number 12
[  196.876396][ T8778] ntfs3: loop2: ino=3, ntfs_iget5
[  196.891504][ T8778] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  197.105487][ T8790] loop4: detected capacity change from 0 to 512
[  197.197840][ T8790] EXT4-fs error (device loop4): dx_probe:823: inode #2: comm syz.4.1317: Attempting to read directory block (0) that is past i_size (256)
[  197.341584][ T8790] EXT4-fs (loop4): Remounting filesystem read-only
[  197.349128][ T8790] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[  197.372498][ T8790] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  197.447254][ T8800] loop2: detected capacity change from 0 to 512
[  197.528014][ T8800] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  197.608962][ T8800] EXT4-fs (loop2): 1 truncate cleaned up
[  197.619349][ T5222] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.652737][ T8800] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  197.873236][ T8800] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[  197.917934][ T8788] loop1: detected capacity change from 0 to 32768
[  197.984908][ T5220] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.010789][ T8788] XFS (loop1): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  198.082535][ T8788] XFS (loop1): Ending clean mount
[  198.263753][ T5221] XFS (loop1): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  198.540314][ T8830] loop4: detected capacity change from 0 to 4096
[  198.597096][ T8831] loop2: detected capacity change from 0 to 4096
[  198.647152][ T8831] ntfs3: loop2: ino=3, Correct links count -> 2.
[  199.289728][ T8848] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1338'.
[  199.340960][ T8848] openvswitch: netlink: Geneve opt len 2 is not a multiple of 4.
[  199.934301][ T8838] loop1: detected capacity change from 0 to 32768
[  200.006243][ T8838] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1329 (8838)
[  200.113760][ T8838] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  200.162054][ T8838] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  200.170842][ T8838] BTRFS info (device loop1): using free-space-tree
[  200.438437][   T29] audit: type=1800 audit(1726588485.562:64): pid=8838 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1329" name="file2" dev="loop1" ino=261 res=0 errno=0
[  200.842339][ T5221] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  201.062692][ T8862] loop4: detected capacity change from 0 to 32768
[  201.098020][ T8862] XFS: ikeep mount option is deprecated.
[  201.280074][ T8862] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  201.465862][ T8862] XFS (loop4): Ending clean mount
[  201.500728][ T8866] loop0: detected capacity change from 0 to 32768
[  201.520541][ T8904] netlink: 'syz.5.1356': attribute type 12 has an invalid length.
[  201.552802][ T8862] XFS (loop4): Quotacheck needed: Please wait.
[  201.601447][ T8866] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1347 (8866)
[  201.627280][ T8904] netlink: 132 bytes leftover after parsing attributes in process `syz.5.1356'.
[  201.727057][ T8866] BTRFS info (device loop0): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787
[  201.729014][ T8862] XFS (loop4): Quotacheck: Done.
[  201.811360][ T8866] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm
[  201.862013][ T8866] BTRFS info (device loop0): using free-space-tree
[  201.923052][ T5222] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  202.076096][ T8866] BTRFS info (device loop0): rebuilding free space tree
[  202.148020][   T29] audit: type=1800 audit(1726588487.272:65): pid=8866 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1347" name="file1" dev="loop0" ino=260 res=0 errno=0
[  202.261875][ T8922] loop3: detected capacity change from 0 to 8192
[  202.286343][ T5219] BTRFS info (device loop0): last unmount of filesystem e0cb6322-611b-4325-acdf-015f79de3787
[  202.312944][ T8922] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  202.389816][   T29] audit: type=1800 audit(1726588487.512:66): pid=8922 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1361" name="bus" dev="loop3" ino=1048752 res=0 errno=0
[  202.519091][ T8895] loop2: detected capacity change from 0 to 32768
[  202.771722][ T8895] XFS (loop2): Mounting V5 Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  202.995387][ T8950] x_tables: ip6_tables: CLASSIFY target: used from hooks PREROUTING, but only usable from FORWARD/OUTPUT/POSTROUTING
[  203.018571][ T8895] XFS (loop2): Ending clean mount
[  203.258116][ T5220] XFS (loop2): Unmounting Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  204.045865][ T8952] loop0: detected capacity change from 0 to 32768
[  204.128969][ T8952] non-latin1 character 0xffff found in JFS file name
[  204.157102][ T8952] mount with iocharset=utf8 to access
[  204.369136][ T8970] loop4: detected capacity change from 0 to 32768
[  204.383273][ T8961] loop1: detected capacity change from 0 to 40427
[  204.441311][ T8961] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  204.455788][ T8975] loop3: detected capacity change from 0 to 32768
[  204.458850][ T8970] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1373 (8970)
[  204.475355][ T8961] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  204.516861][ T8961] F2FS-fs (loop1): invalid crc value
[  204.551353][ T8975] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1376 (8975)
[  204.554181][ T8970] BTRFS info (device loop4): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787
[  204.607185][ T8970] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm
[  204.609619][ T8975] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  204.626655][ T8970] BTRFS info (device loop4): using free-space-tree
[  204.633262][ T8961] F2FS-fs (loop1): Found nat_bits in checkpoint
[  204.715966][ T8975] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  204.766781][ T8975] BTRFS info (device loop3): disk space caching is enabled
[  204.851624][ T8975] BTRFS warning (device loop3): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  204.941630][ T8961] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  204.948735][ T8961] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  205.031438][ T9018] loop2: detected capacity change from 0 to 256
[  205.039084][ T9018] exfat: Deprecated parameter 'utf8'
[  205.227724][ T8975] BTRFS info (device loop3): rebuilding free space tree
[  205.245056][ T9018] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  205.319588][ T5222] BTRFS info (device loop4): last unmount of filesystem e0cb6322-611b-4325-acdf-015f79de3787
[  205.334890][ T8975] BTRFS info (device loop3): disabling free space tree
[  205.364549][ T8975] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  205.422075][ T8975] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  205.577252][ T9035] netlink: 'syz.2.1389': attribute type 29 has an invalid length.
[  205.641524][ T9035] netlink: 'syz.2.1389': attribute type 29 has an invalid length.
[  205.855855][ T8975] BTRFS warning (device loop3): failed to trim 1 device(s), last error -512
[  206.045880][ T5223] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  207.399744][ T9077] loop3: detected capacity change from 0 to 4096
[  207.438742][ T9077] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[  207.541861][ T9077] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  207.738564][ T9056] loop1: detected capacity change from 0 to 32768
[  207.781410][ T9056] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1397 (9056)
[  207.828411][ T9056] BTRFS info (device loop1): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  207.890474][ T9056] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  207.941447][ T9056] BTRFS info (device loop1): using free-space-tree
[  208.045916][   T29] audit: type=1326 audit(1726588493.172:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9097 comm="syz.0.1415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb466d7def9 code=0x7ffc0000
[  208.051473][ T5335] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  208.156714][   T29] audit: type=1326 audit(1726588493.202:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9097 comm="syz.0.1415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=221 compat=0 ip=0x7fb466d7def9 code=0x7ffc0000
[  208.276136][   T29] audit: type=1326 audit(1726588493.202:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9097 comm="syz.0.1415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb466d7def9 code=0x7ffc0000
[  208.333739][ T5335] usb 5-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc
[  208.343773][ T5335] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  208.370392][ T5335] usb 5-1: Product: syz
[  208.388728][ T5335] usb 5-1: Manufacturer: syz
[  208.408984][ T5335] usb 5-1: SerialNumber: syz
[  208.459551][ T5221] BTRFS info (device loop1): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  208.489320][ T5335] usb 5-1: config 0 descriptor??
[  208.498180][ T5335] i2c-tiny-usb 5-1:0.0: version 6d.cc found at bus 005 address 012
[  208.920047][ T9128] loop2: detected capacity change from 0 to 2048
[  208.991132][ T9128] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  209.116934][ T9137] loop0: detected capacity change from 0 to 512
[  209.134321][ T5335] i2c i2c-1: failure reading functionality
[  209.159930][ T5335] i2c i2c-1: connected i2c-tiny-usb device
[  209.197392][ T9137] EXT4-fs: Ignoring removed mblk_io_submit option
[  209.218979][ T5335] usb 5-1: USB disconnect, device number 12
[  209.277701][ T9137] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  209.291793][ T5319] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  209.308950][ T9140] netlink: 'syz.1.1429': attribute type 11 has an invalid length.
[  209.451748][ T9137] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c118, mo2=0002]
[  209.459796][ T9137] System zones: 1-12
[  209.502878][ T5319] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  209.521585][ T5319] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  209.534992][ T5319] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  209.561467][ T9137] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.1428: corrupted in-inode xattr: e_value size too large
[  209.581325][ T5319] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  209.616874][ T5319] usb 4-1: New USB device found, idVendor=5543, idProduct=0003, bcdDevice= 0.00
[  209.626520][ T9137] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.1428: couldn't read orphan inode 15 (err -117)
[  209.643135][ T9150] loop2: detected capacity change from 0 to 256
[  209.645627][ T5319] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  209.665546][ T9137] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  209.695614][ T5319] usb 4-1: config 0 descriptor??
[  209.879213][ T5219] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  210.158094][ T5319] uclogic 0003:5543:0003.0027: No inputs registered, leaving
[  210.204710][ T5319] uclogic 0003:5543:0003.0027: hidraw0: USB HID v0.00 Device [HID 5543:0003] on usb-dummy_hcd.3-1/input0
[  210.412110][ T5230] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  210.434353][ T5335] usb 4-1: USB disconnect, device number 13
[  210.468288][ T9170] loop1: detected capacity change from 0 to 512
[  210.528888][ T9170] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  210.561474][ T9170] ext4 filesystem being mounted at /247/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  210.593080][ T5230] usb 3-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  210.604071][ T5230] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  210.615513][ T5230] usb 3-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  210.629591][ T5230] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  210.642030][ T5230] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  210.665832][   T29] audit: type=1326 audit(1726588495.792:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9168 comm="syz.1.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44e1b7def9 code=0x7ffc0000
[  210.693278][ T5230] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  210.702643][ T5230] usb 3-1: invalid MIDI out EP 0
[  210.758504][   T29] audit: type=1326 audit(1726588495.792:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9168 comm="syz.1.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44e1b7def9 code=0x7ffc0000
[  210.816954][   T29] audit: type=1326 audit(1726588495.792:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9168 comm="syz.1.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=260 compat=0 ip=0x7f44e1b7def9 code=0x7ffc0000
[  210.854317][   T29] audit: type=1326 audit(1726588495.792:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9168 comm="syz.1.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44e1b7def9 code=0x7ffc0000
[  210.854759][ T5221] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  210.876521][    C1] vkms_vblank_simulate: vblank timer overrun
[  210.917389][ T9177] netlink: 'syz.4.1445': attribute type 153 has an invalid length.
[  210.973404][ T5230] snd-usb-audio 3-1:27.0: probe with driver snd-usb-audio failed with error -22
[  211.511791][ T5230] usb 3-1: USB disconnect, device number 13
[  212.088681][ T9187] loop3: detected capacity change from 0 to 40427
[  212.132000][ T9187] F2FS-fs (loop3): heap/no_heap options were deprecated
[  212.158752][ T9187] F2FS-fs (loop3): invalid crc value
[  212.172654][ T9187] F2FS-fs (loop3): Found nat_bits in checkpoint
[  212.337717][ T9187] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  212.391398][    T8] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  212.551525][    T8] usb 5-1: Using ep0 maxpacket: 16
[  212.583217][ T5335] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  212.592382][    T8] usb 5-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  212.612088][    T8] usb 5-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  212.620506][    T8] usb 5-1: Product: syz
[  212.631356][    T8] usb 5-1: Manufacturer: syz
[  212.638734][    T8] usb 5-1: SerialNumber: syz
[  212.650838][    T8] usb 5-1: config 0 descriptor??
[  212.761362][ T5335] usb 3-1: Using ep0 maxpacket: 8
[  212.774908][ T5335] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  212.801416][ T5335] usb 3-1: New USB device found, idVendor=0458, idProduct=5014, bcdDevice= 0.00
[  212.845370][ T5335] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  212.903330][ T5335] usb 3-1: config 0 descriptor??
[  212.924586][    T8] usb 5-1: USB disconnect, device number 13
[  213.051854][    T9] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  213.226720][ T9220] tipc: Started in network mode
[  213.240634][ T9220] tipc: Node identity 4, cluster identity 4711
[  213.241341][    T9] usb 2-1: Using ep0 maxpacket: 32
[  213.252019][ T9220] tipc: Node number set to 4
[  213.287063][    T9] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  213.321296][    T9] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  213.350664][    T9] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  213.373781][ T5335] kye 0003:0458:5014.0028: tablet report size too small, or kye_tablet_rdesc unexpectedly large
[  213.401098][    T9] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  213.425800][ T5335] kye 0003:0458:5014.0028: unknown main item tag 0x0
[  213.441432][ T5335] kye 0003:0458:5014.0028: unknown main item tag 0x0
[  213.452794][    T9] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  213.471390][ T5335] kye 0003:0458:5014.0028: unknown main item tag 0x0
[  213.478278][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  213.488413][ T5335] kye 0003:0458:5014.0028: unknown main item tag 0x0
[  213.511298][    T9] usb 2-1: Product: syz
[  213.515489][    T9] usb 2-1: Manufacturer: syz
[  213.530293][ T5335] kye 0003:0458:5014.0028: unknown main item tag 0x0
[  213.554849][    T9] usb 2-1: SerialNumber: syz
[  213.566814][ T5335] kye 0003:0458:5014.0028: hidraw0: USB HID v0.00 Device [HID 0458:5014] on usb-dummy_hcd.2-1/input0
[  213.633982][ T5335] kye 0003:0458:5014.0028: tablet-enabling feature report not found
[  213.663056][ T5335] kye 0003:0458:5014.0028: tablet enabling failed
[  213.691780][ T5335] usb 3-1: USB disconnect, device number 14
[  213.742418][ T9228] loop4: detected capacity change from 0 to 512
[  213.764426][ T9228] EXT4-fs: Ignoring removed bh option
[  213.798925][    T9] usb 2-1: 2:1 : no or invalid class specific endpoint descriptor
[  213.820547][    T9] usb 2-1: 2:1 : unknown format tag 0x0 is detected.  processed as MPEG.
[  213.827195][ T9228] EXT4-fs error (device loop4): __ext4_iget:4982: inode #15: block 1803188595: comm syz.4.1467: invalid block
[  213.839504][    T9] usb 2-1: found format II with max.bitrate = 0, frame size=0
[  213.848750][    T9] usb 2-1: 2:1 : no or invalid class specific endpoint descriptor
[  213.857320][    T9] usb 2-1: 2:1 : unknown format tag 0x0 is detected.  processed as MPEG.
[  213.868697][    T9] usb 2-1: found format II with max.bitrate = 0, frame size=0
[  213.886737][ T9228] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.1467: couldn't read orphan inode 15 (err -117)
[  213.922746][ T9228] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  213.932506][    T9] usb 2-1: USB disconnect, device number 13
[  213.997843][ T5240] udevd[5240]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  214.143367][ T5222] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.308983][ T9218] loop3: detected capacity change from 0 to 40427
[  214.342025][ T9218] F2FS-fs (loop3): Wrong NAT boundary, start(2560) end(462336) blocks(1024)
[  214.371452][ T9218] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  214.433628][ T9218] F2FS-fs (loop3): Found nat_bits in checkpoint
[  214.572009][ T9246] loop4: detected capacity change from 0 to 2048
[  214.604152][ T9249] loop2: detected capacity change from 0 to 1024
[  214.627970][ T9250] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  214.660203][ T9218] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  214.697049][ T9218] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  214.715168][ T9249] hfsplus: xattr searching failed
[  214.871071][ T5223] syz-executor: attempt to access beyond end of device
[  214.871071][ T5223] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  214.937653][ T5223] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  215.068787][ T9261] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1480'.
[  215.229383][ T9265] loop4: detected capacity change from 0 to 256
[  216.004616][ T9260] loop2: detected capacity change from 0 to 32768
[  216.051711][ T9279] netlink: 'syz.4.1489': attribute type 1 has an invalid length.
[  216.079827][ T9279] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1489'.
[  216.099227][ T9260] JBD2: Ignoring recovery information on journal
[  216.179245][ T9267] loop1: detected capacity change from 0 to 32768
[  216.209938][ T9267] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1484 (9267)
[  216.255239][ T9260] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  216.271768][ T9267] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  216.302802][ T9267] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  216.342294][ T9267] BTRFS info (device loop1): using free-space-tree
[  216.513562][ T5220] ocfs2: Unmounting device (7,2) on (node local)
[  216.634968][   T29] audit: type=1800 audit(1726588501.762:74): pid=9267 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1484" name="file1" dev="loop1" ino=260 res=0 errno=0
[  216.774634][ T9267] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  217.082921][ T5221] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  217.862612][ T9347] ieee802154 phy0 wpan0: encryption failed: -22
[  218.471615][ T5335] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  218.651418][ T5335] usb 4-1: Using ep0 maxpacket: 32
[  218.659011][ T5335] usb 4-1: config index 0 descriptor too short (expected 164, got 36)
[  218.688162][ T5335] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  218.754693][ T5335] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  218.780625][ T5335] usb 4-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00
[  218.790671][ T5335] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  218.812280][ T5335] usb 4-1: config 0 descriptor??
[  219.010343][ T9351] loop2: detected capacity change from 0 to 32768
[  219.064527][ T9351] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1515 (9351)
[  219.105152][ T9351] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  219.153023][ T9351] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  219.178228][ T9351] BTRFS info (device loop2): disk space caching is enabled
[  219.199907][ T9351] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  219.255183][ T5335] logitech 0003:046D:C29C.0029: unknown main item tag 0xe
[  219.280540][ T5335] logitech 0003:046D:C29C.0029: hidraw0: USB HID v0.00 Device [HID 046d:c29c] on usb-dummy_hcd.3-1/input0
[  219.398495][ T9351] BTRFS info (device loop2): rebuilding free space tree
[  219.456636][ T5335] logitech 0003:046D:C29C.0029: no inputs found
[  219.459559][ T9351] BTRFS info (device loop2): disabling free space tree
[  219.493704][ T9351] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  219.502558][ T5335] usb 4-1: USB disconnect, device number 14
[  219.533800][ T9351] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  219.843297][ T9351] BTRFS warning (device loop2): failed to trim 1 device(s), last error -512
[  219.929479][ T9377] loop4: detected capacity change from 0 to 32768
[  219.941635][ T5220] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  220.009365][ T9377] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  220.256961][ T9377] XFS (loop4): Ending clean mount
[  220.437475][ T9424] loop3: detected capacity change from 0 to 4096
[  220.472845][ T5222] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  220.482671][ T9424] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512).
[  220.621804][ T9424] ntfs3: loop3: Failed to initialize $Extend/$ObjId.
[  220.991403][ T1851] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  221.011186][ T9438] netlink: 'syz.4.1541': attribute type 4 has an invalid length.
[  221.051406][ T9438] netlink: 'syz.4.1541': attribute type 2 has an invalid length.
[  221.152965][ T1851] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  221.173644][ T1851] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[  221.214638][ T1851] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  221.233754][ T9443] loop3: detected capacity change from 0 to 64
[  221.256584][ T1851] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[  221.312875][ T1851] usb 3-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[  221.341552][ T1851] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  221.384082][ T1851] usb 3-1: config 0 descriptor??
[  221.586145][ T9449] loop3: detected capacity change from 0 to 64
[  221.612803][ T1851] hdpvr 3-1:0.0: firmware version 0x8 dated ¥)†íËŸâè�=ÛJå¦+nÍoKÜ�o5Éüf¦oŠÉ °ÐôçO¬übL
[  221.780255][ T9431] loop1: detected capacity change from 0 to 32768
[  221.851601][ T9431] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1542 (9431)
[  221.922485][ T9431] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  221.965778][ T9431] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm
[  222.041557][ T9431] BTRFS info (device loop1): using free-space-tree
[  222.095758][ T1851] hdpvr 3-1:0.0: Could not setup controls
[  222.129393][ T9469] vivid-003: disconnect
[  222.146743][ T1851] hdpvr 3-1:0.0: registering videodev failed
[  222.184161][ T9464] vivid-003: reconnect
[  222.207372][ T1851] hdpvr 3-1:0.0: probe with driver hdpvr failed with error -71
[  222.232719][ T1851] usb 3-1: USB disconnect, device number 15
[  222.322637][ T9484] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  222.886100][ T5221] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  222.886132][ T9502] loop3: detected capacity change from 0 to 1024
[  223.003742][ T2521] hfsplus: b-tree write err: -5, ino 4
[  223.091345][ T1851] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  223.248335][ T9504] loop4: detected capacity change from 0 to 4096
[  223.254860][ T1851] usb 3-1: Using ep0 maxpacket: 16
[  223.275553][ T1851] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  223.291300][ T1851] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  223.321682][ T9504] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512).
[  223.334827][ T1851] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  223.368330][ T1851] usb 3-1: New USB device found, idVendor=056a, idProduct=0022, bcdDevice= 0.00
[  223.409723][ T9504] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  223.417009][ T1851] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  223.468298][ T1851] usb 3-1: config 0 descriptor??
[  223.540428][ T9504] ntfs3: loop4: Failed to initialize $Extend/$ObjId.
[  223.929846][ T1851] wacom 0003:056A:0022.002A: unbalanced collection at end of report description
[  223.973738][ T1851] wacom 0003:056A:0022.002A: parse failed
[  223.979624][ T1851] wacom 0003:056A:0022.002A: probe with driver wacom failed with error -22
[  224.126912][ T9526] loop4: detected capacity change from 0 to 512
[  224.135711][ T1851] usb 3-1: USB disconnect, device number 16
[  224.142336][ T9526] EXT4-fs: Ignoring removed nobh option
[  224.199808][ T9526] fscrypt (loop4, inode 2): Error -61 getting encryption context
[  224.265783][ T9526] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -61
[  224.303396][ T9526] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #13: comm syz.4.1579: casefold flag without casefold feature
[  224.341918][ T9526] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.1579: couldn't read orphan inode 13 (err -117)
[  224.391165][ T9526] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  224.552986][ T5222] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.702860][ T9536] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1583'.
[  224.979309][ T9545] loop2: detected capacity change from 0 to 256
[  225.020919][ T9548] netlink: 'syz.4.1586': attribute type 29 has an invalid length.
[  225.042851][ T9547] loop1: detected capacity change from 0 to 512
[  225.051992][ T9544] netlink: 'syz.4.1586': attribute type 29 has an invalid length.
[  225.151887][ T9547] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  225.221543][ T9547] ext4 filesystem being mounted at /274/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  225.236696][ T9523] loop3: detected capacity change from 0 to 32768
[  225.341549][ T9523] XFS (loop3): Mounting V5 Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6
[  225.601085][ T9561] loop4: detected capacity change from 0 to 8192
[  225.614587][ T9523] XFS (loop3): Ending clean mount
[  225.743484][ T5221] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.806052][ T5223] XFS (loop3): Unmounting Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6
[  226.163485][    T9] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  226.332536][    T9] usb 2-1: Using ep0 maxpacket: 8
[  226.343632][    T9] usb 2-1: config index 0 descriptor too short (expected 30482, got 18)
[  226.382009][    T9] usb 2-1: config 0 has too many interfaces: 101, using maximum allowed: 32
[  226.418454][    T9] usb 2-1: config 0 has an invalid interface number: 167 but max is 100
[  226.441271][    T9] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 101
[  226.471542][    T9] usb 2-1: config 0 has no interface number 0
[  226.480789][    T9] usb 2-1: New USB device found, idVendor=0403, idProduct=6010, bcdDevice= 5.00
[  226.500839][    T9] usb 2-1: New USB device strings: Mfr=253, Product=255, SerialNumber=0
[  226.545716][    T9] usb 2-1: Product: syz
[  226.549932][    T9] usb 2-1: Manufacturer: syz
[  226.567627][    T9] usb 2-1: config 0 descriptor??
[  226.588408][    T9] ftdi_sio 2-1:0.167: FTDI USB Serial Device converter detected
[  226.645798][    T9] usb 2-1: Detected FT2232C/D
[  226.718900][ T9605] vim2m vim2m.0: vidioc_s_fmt queue busy
[  226.797240][    T9] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  226.814109][    T9] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  226.845131][    T9] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  226.865975][    T9] usb 2-1: USB disconnect, device number 14
[  226.884720][    T9] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  226.904933][    T9] ftdi_sio 2-1:0.167: device disconnected
[  227.341361][    T9] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  227.570496][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  227.574010][ T9628] loop1: detected capacity change from 0 to 8
[  227.601437][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  227.654416][    T9] usb 6-1: New USB device found, idVendor=046d, idProduct=c534, bcdDevice= 0.00
[  227.701394][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  227.737329][    T9] usb 6-1: config 0 descriptor??
[  227.783147][ T9628] SQUASHFS error: xz decompression failed, data probably corrupt
[  227.838310][ T9628] SQUASHFS error: Failed to read block 0xa8: -5
[  227.913306][ T9628] SQUASHFS error: xz decompression failed, data probably corrupt
[  227.931687][ T9628] SQUASHFS error: Failed to read block 0xa8: -5
[  227.958150][   T29] audit: type=1800 audit(1726588513.082:75): pid=9628 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1620" name="file0" dev="loop1" ino=3 res=0 errno=0
[  227.996581][ T9613] loop0: detected capacity change from 0 to 32768
[  228.056963][ T9613] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1613 (9613)
[  228.129930][ T9613] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  228.183676][ T9613] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm
[  228.216631][ T9613] BTRFS info (device loop0): using free-space-tree
[  228.230688][    T9] logitech-djreceiver 0003:046D:C534.002B: hidraw0: USB HID v0.00 Device [HID 046d:c534] on usb-dummy_hcd.5-1/input0
[  228.594087][ T5287] usb 6-1: USB disconnect, device number 5
[  228.685165][ T9629] loop3: detected capacity change from 0 to 32768
[  228.716397][ T9623] loop2: detected capacity change from 0 to 40427
[  228.717234][ T9642] loop1: detected capacity change from 0 to 4096
[  228.724728][ T9629] XFS: attr2 mount option is deprecated.
[  228.769423][ T9629] XFS: ikeep mount option is deprecated.
[  228.783541][ T9629] XFS: noikeep mount option is deprecated.
[  228.793811][ T9623] F2FS-fs (loop2): heap/no_heap options were deprecated
[  228.810824][ T5219] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  228.831775][ T9623] F2FS-fs (loop2): invalid crc value
[  228.888784][ T9623] F2FS-fs (loop2): Found nat_bits in checkpoint
[  228.927226][ T9629] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  229.022014][ T9623] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  229.049227][ T9629] XFS (loop3): Ending clean mount
[  229.181624][   T29] audit: type=1800 audit(1726588514.302:76): pid=9623 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1618" name="file1" dev="loop2" ino=10 res=0 errno=0
[  229.202118][ T9629] XFS (loop3): Quotacheck needed: Please wait.
[  229.313526][ T5220] syz-executor: attempt to access beyond end of device
[  229.313526][ T5220] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  229.333672][ T9629] XFS (loop3): Quotacheck: Done.
[  229.390574][ T5220] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  229.519998][ T5223] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  230.781725][ T9709] loop4: detected capacity change from 0 to 64
[  230.817328][ T9710] netlink: 'syz.3.1647': attribute type 1 has an invalid length.
[  230.850747][ T9710] netlink: 9380 bytes leftover after parsing attributes in process `syz.3.1647'.
[  231.087835][ T9718] netlink: 'syz.3.1651': attribute type 4 has an invalid length.
[  231.179517][ T9718] netlink: 17 bytes leftover after parsing attributes in process `syz.3.1651'.
[  231.492158][ T1851] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  231.672216][ T1851] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  231.685895][   T55] Bluetooth: hci6: command 0x0406 tx timeout
[  231.701359][ T1851] usb 2-1: New USB device found, idVendor=056a, idProduct=00b3, bcdDevice= 0.00
[  231.748446][ T9704] loop0: detected capacity change from 0 to 32768
[  231.775745][ T1851] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  231.823437][ T9704] 
[  231.823437][ T9704]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  231.823437][ T9704] 
[  231.842961][ T1851] usb 2-1: config 0 descriptor??
[  232.085586][ T5219] 
[  232.085586][ T5219]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  232.085586][ T5219] 
[  232.103201][ T9743] netlink: 17 bytes leftover after parsing attributes in process `syz.4.1662'.
[  232.133329][ T5219] 
[  232.133329][ T5219]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  232.133329][ T5219] 
[  232.164664][ T9745] loop3: detected capacity change from 0 to 2048
[  232.222029][ T9745] EXT4-fs: Ignoring removed orlov option
[  232.260089][ T1851] wacom 0003:056A:00B3.002C: Unknown device_type for 'HID 056a:00b3'. Assuming pen.
[  232.307968][ T1851] wacom 0003:056A:00B3.002C: hidraw0: USB HID v0.01 Device [HID 056a:00b3] on usb-dummy_hcd.1-1/input0
[  232.361067][ T1851] input: Wacom Intuos3 12x12 Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:056A:00B3.002C/input/input32
[  232.397964][ T9745] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  232.531821][ T1851] usb 2-1: USB disconnect, device number 15
[  232.634406][ T5223] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  233.266534][ T9767] netlink: 'syz.1.1671': attribute type 1 has an invalid length.
[  233.491699][ T9777] tmpfs: Cannot retroactively limit size
[  233.822588][ T1851] hid-generic 0000:0000:0000.002D: unknown main item tag 0x0
[  233.830719][ T1851] hid-generic 0000:0000:0000.002D: unknown main item tag 0x0
[  233.906259][ T1851] hid-generic 0000:0000:0000.002D: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  234.225561][ T9800] loop2: detected capacity change from 0 to 2048
[  234.289289][ T9800] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  234.368509][ T9808] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  234.475808][ T9805] loop3: detected capacity change from 0 to 4096
[  234.553799][ T9805] ntfs3: loop3: Failed to load $MFT.
[  234.709505][ T9805] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1689'.
[  235.179156][ T9830] syz.5.1700 uses obsolete (PF_INET,SOCK_PACKET)
[  235.288388][ T9792] loop0: detected capacity change from 0 to 32768
[  235.346346][ T9792] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1683 (9792)
[  235.418852][ T9792] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  235.461755][ T9792] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm
[  235.496591][ T9792] BTRFS info (device loop0): using free-space-tree
[  235.585517][ T9813] loop1: detected capacity change from 0 to 32768
[  235.690896][ T9813] JBD2: Ignoring recovery information on journal
[  235.862404][ T9813] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  236.251535][ T5219] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  236.361392][   T29] audit: type=1800 audit(1726588521.462:77): pid=9813 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1693" name="file1" dev="loop1" ino=16946 res=0 errno=0
[  236.613939][ T5221] ocfs2: Unmounting device (7,1) on (node local)
[  237.047469][ T9836] loop3: detected capacity change from 0 to 32768
[  237.109752][ T9836] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1703 (9836)
[  237.203014][ T9836] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  237.244652][ T9836] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm
[  237.286802][ T9836] BTRFS info (device loop3): using free-space-tree
[  237.361701][ T5234] Bluetooth: Frame is too long (len 18, expected len 4)
[  238.066669][ T5223] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  238.354133][ T9905] loop4: detected capacity change from 0 to 40427
[  238.493533][ T9905] F2FS-fs (loop4): Found nat_bits in checkpoint
[  238.761387][ T9905] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  238.797529][ T9930] loop1: detected capacity change from 0 to 32768
[  238.807040][ T9905] F2FS-fs (loop4): sanity_check_inode: corrupted inode footer i_ino=8, ino,nid: [1048584, 8] run fsck to fix.
[  238.816270][ T9930] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1715 (9930)
[  238.863148][ T9930] BTRFS info (device loop1): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  238.901573][ T9930] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  238.910367][ T9930] BTRFS info (device loop1): using free-space-tree
[  239.065108][ T9981] IPVS: Error connecting to the multicast addr
[  239.522013][ T5221] BTRFS info (device loop1): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  240.748095][T10038] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1750'.
[  240.935143][T10045] loop2: detected capacity change from 0 to 1024
[  241.147175][ T9890] hfsplus: b-tree write err: -5, ino 4
[  241.454429][T10060] loop3: detected capacity change from 0 to 64
[  241.503286][T10064] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1764'.
[  241.519702][T10060] hfs: bad catalog entry type 0
[  241.757560][T10073] loop4: detected capacity change from 0 to 256
[  241.847947][T10073] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  241.876273][T10073] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512
[  241.910234][T10073] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  241.940313][T10073] UDF-fs: Scanning with blocksize 512 failed
[  241.991813][T10073] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  242.023991][T10073] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  242.114624][T10085] netlink: 'syz.1.1774': attribute type 11 has an invalid length.
[  242.314351][T10091] loop1: detected capacity change from 0 to 128
[  242.366814][T10091] VFS: Found a Xenix FS (block size = 512) on device loop1
[  242.413419][T10091] sysv_count_free_blocks: cannot read free-list block
[  242.620976][T10091] sysv_count_free_inodes: unable to read inode table
[  242.788823][ T5221] sysv_free_block: trying to free block not in datazone
[  242.831638][ T5221] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  243.221410][ T5285] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  243.286633][T10117] loop1: detected capacity change from 0 to 2048
[  243.364205][T10117] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  243.407247][T10117] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  243.416413][ T5285] usb 4-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad
[  243.423486][T10094] loop2: detected capacity change from 0 to 32768
[  243.425937][ T5285] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  243.471427][T10094] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1779 (10094)
[  243.494401][T10117] ./file0: Can't lookup blockdev
[  243.537650][ T5285] usb 4-1: config 0 descriptor??
[  243.556748][ T5285] gspca_main: spca508-2.14.0 probing 8086:0110
[  243.586985][T10094] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  243.595898][T10102] loop0: detected capacity change from 0 to 32768
[  243.638146][T10094] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm
[  243.688820][T10094] BTRFS info (device loop2): using free-space-tree
[  243.743668][T10102] JBD2: Ignoring recovery information on journal
[  243.761177][ T5285] gspca_spca508: reg_read err -32
[  243.918389][T10094] BTRFS info (device loop2): rebuilding free space tree
[  243.919469][T10102] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  244.007870][ T5285] gspca_spca508: reg_read err -71
[  244.031509][ T5285] gspca_spca508: reg_read err -71
[  244.051136][ T5285] gspca_spca508: reg_read err -71
[  244.068926][   T29] audit: type=1800 audit(1726588529.192:78): pid=10102 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1783" name="file1" dev="loop0" ino=16946 res=0 errno=0
[  244.102243][ T5285] gspca_spca508: reg write: error -71
[  244.107703][ T5285] spca508 4-1:0.0: probe with driver spca508 failed with error -71
[  244.167337][ T5285] usb 4-1: USB disconnect, device number 15
[  244.178985][   T29] audit: type=1800 audit(1726588529.242:79): pid=10102 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1783" name="file1" dev="loop0" ino=16946 res=0 errno=0
[  244.250899][ T5219] ocfs2: Unmounting device (7,0) on (node local)
[  244.264805][ T5220] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  244.396123][T10149] loop1: detected capacity change from 0 to 1024
[  244.423232][T10149] EXT4-fs: Ignoring removed nobh option
[  244.520625][T10149] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  244.806075][ T5221] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  244.843593][T10156] loop0: detected capacity change from 0 to 1024
[  244.879983][T10156] EXT4-fs: Ignoring removed orlov option
[  244.924303][T10158] loop4: detected capacity change from 0 to 128
[  244.951463][T10156] EXT4-fs (loop0): Test dummy encryption mode enabled
[  244.991610][T10156] EXT4-fs (loop0): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  245.007386][T10158] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  245.109026][T10156] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  245.236950][T10156] EXT4-fs (loop0): Online resizing not supported with bigalloc
[  245.382372][ T5219] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  245.465186][T10170] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1804'.
[  245.971923][ T5287] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  246.132420][T10154] loop3: detected capacity change from 0 to 32768
[  246.162071][T10154] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1799 (10154)
[  246.177704][ T5287] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  246.211602][ T5287] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  246.212016][T10185] macvlan2: entered promiscuous mode
[  246.233730][ T5287] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  246.276653][ T5287] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  246.286728][T10154] BTRFS info (device loop3): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  246.321666][ T5287] usb 3-1: SerialNumber: syz
[  246.329292][T10154] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  246.339798][T10185] macvlan2: entered allmulticast mode
[  246.363999][T10154] BTRFS info (device loop3): using free-space-tree
[  246.444009][T10192] loop0: detected capacity change from 0 to 2048
[  246.475305][T10192] EXT4-fs: Ignoring removed bh option
[  246.502077][T10197] syz.4.1815[10197] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  246.502233][T10197] syz.4.1815[10197] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  246.582266][ T5287] usb 3-1: 0:2 : does not exist
[  246.607341][T10192] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  246.766654][T10192] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #12: comm syz.0.1814: corrupted in-inode xattr: e_name out of bounds
[  246.777894][ T5287] usb 3-1: USB disconnect, device number 17
[  246.828212][T10174] loop1: detected capacity change from 0 to 32768
[  246.903657][T10227] dccp_invalid_packet: P.Data Offset(4) too small
[  246.928201][ T5730] udevd[5730]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  246.950781][T10174] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  247.043152][ T5219] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  247.078443][T10174] XFS (loop1): Ending clean mount
[  247.133231][ T5223] BTRFS info (device loop3): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  247.360952][ T5221] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  247.571350][ T5285] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  247.811913][ T5285] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  247.865247][ T5285] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  247.906949][ T5285] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  247.951259][ T5285] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  248.003494][T10238] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  248.029348][ T5285] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  248.294211][ T5285] usb 3-1: USB disconnect, device number 18
[  248.749089][T10246] loop3: detected capacity change from 0 to 32768
[  248.876271][T10246] XFS (loop3): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  248.985768][T10250] loop0: detected capacity change from 0 to 32768
[  249.073614][T10250] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1831 (10250)
[  249.158009][T10250] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  249.176604][T10256] loop1: detected capacity change from 0 to 32768
[  249.190473][T10250] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm
[  249.195902][T10246] XFS (loop3): Ending clean mount
[  249.210581][T10256] XFS: ikeep mount option is deprecated.
[  249.221404][T10250] BTRFS info (device loop0): using free-space-tree
[  249.303630][T10256] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  249.359272][ T5223] XFS (loop3): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  249.445371][T10250] BTRFS info (device loop0): rebuilding free space tree
[  249.509145][T10256] XFS (loop1): Ending clean mount
[  249.571738][T10256] XFS (loop1): Quotacheck needed: Please wait.
[  249.686446][T10256] XFS (loop1): Quotacheck: Done.
[  249.814536][ T5219] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  249.865012][ T5221] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  250.350903][T10270] loop2: detected capacity change from 0 to 32768
[  250.402474][T10270] XFS: ikeep mount option is deprecated.
[  250.408178][T10270] XFS: ikeep mount option is deprecated.
[  250.543847][T10270] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  250.769267][T10321] loop0: detected capacity change from 0 to 64
[  250.996771][T10270] XFS (loop2): Ending clean mount
[  251.035570][T10270] XFS (loop2): Quotacheck needed: Please wait.
[  251.200855][T10270] XFS (loop2): Quotacheck: Done.
[  251.462276][ T5220] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  251.537899][T10316] loop1: detected capacity change from 0 to 32768
[  251.618626][   T29] audit: type=1800 audit(1726588536.742:80): pid=10316 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1840" name="file2" dev="loop1" ino=5 res=0 errno=0
[  252.127571][T10357] netlink: 4088 bytes leftover after parsing attributes in process `syz.3.1863'.
[  252.340860][T10363] netlink: 'syz.4.1867': attribute type 10 has an invalid length.
[  252.425112][T10363] batman_adv: batadv0: Adding interface: team0
[  252.451304][T10363] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  252.505730][T10363] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  252.532033][T10364] netlink: 'syz.4.1867': attribute type 10 has an invalid length.
[  252.581506][T10364] netlink: 2 bytes leftover after parsing attributes in process `syz.4.1867'.
[  252.625432][T10374] loop1: detected capacity change from 0 to 256
[  252.651951][T10364] team0: entered promiscuous mode
[  252.657969][T10364] team_slave_0: entered promiscuous mode
[  252.665905][T10374] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  252.686355][T10364] team_slave_1: entered promiscuous mode
[  252.688590][T10374] exFAT-fs (loop1): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  252.708497][T10364] 8021q: adding VLAN 0 to HW filter on device team0
[  252.720272][T10371] loop0: detected capacity change from 0 to 4096
[  252.738380][T10364] batman_adv: batadv0: Interface activated: team0
[  252.776687][T10364] batman_adv: batadv0: Interface deactivated: team0
[  252.798052][T10364] batman_adv: batadv0: Removing interface: team0
[  252.840652][T10364] bridge0: port 3(team0) entered blocking state
[  252.867642][T10364] bridge0: port 3(team0) entered disabled state
[  252.890564][T10364] team0: entered allmulticast mode
[  252.913108][T10364] team_slave_0: entered allmulticast mode
[  252.958846][T10364] team_slave_1: entered allmulticast mode
[  252.965122][T10378] loop1: detected capacity change from 0 to 512
[  253.011446][T10378] EXT4-fs (loop1): 1 truncate cleaned up
[  253.029832][T10378] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  253.055543][T10364] bridge0: port 3(team0) entered blocking state
[  253.061942][T10364] bridge0: port 3(team0) entered forwarding state
[  253.243571][T10384] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1873'.
[  253.354389][T10388] netlink: 'syz.4.1875': attribute type 1 has an invalid length.
[  253.379923][T10388] netlink: 9384 bytes leftover after parsing attributes in process `syz.4.1875'.
[  253.407023][ T5221] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  253.831997][T10401] netlink: 'syz.0.1879': attribute type 1 has an invalid length.
[  253.933621][T10368] loop3: detected capacity change from 0 to 40427
[  254.014353][T10368] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  254.091508][T10368] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  254.123498][T10409] loop4: detected capacity change from 0 to 512
[  254.172325][T10408] netlink: 332 bytes leftover after parsing attributes in process `syz.0.1883'.
[  254.183022][T10368] F2FS-fs (loop3): invalid crc value
[  254.222186][T10408] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1883'.
[  254.241559][T10409] EXT4-fs error (device loop4): ext4_clear_blocks:883: inode #13: comm syz.4.1882: attempt to clear invalid blocks 1 len 1
[  254.292592][T10368] F2FS-fs (loop3): Found nat_bits in checkpoint
[  254.307808][T10408] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1883'.
[  254.329340][T10409] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1882: bg 0: block 343: padding at end of block bitmap is not set
[  254.401926][T10409] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  254.463900][T10409] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.1882: invalid indirect mapped block 1819239214 (level 0)
[  254.532354][T10409] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.1882: invalid indirect mapped block 1819239214 (level 1)
[  254.541311][T10368] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  254.588426][T10368] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  254.640223][T10409] EXT4-fs (loop4): 1 truncate cleaned up
[  254.682679][T10409] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  254.852488][ T5222] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.908121][T10390] loop2: detected capacity change from 0 to 32768
[  254.967039][T10390] XFS (loop2): Mounting V5 Filesystem bc2378ed-6193-40d5-9d59-7ebcb787b415
[  255.145520][T10427] loop1: detected capacity change from 0 to 4096
[  255.184234][T10427] ntfs3: loop1: ino=3, Correct links count -> 2.
[  255.211601][ T1254] ieee802154 phy0 wpan0: encryption failed: -22
[  255.218256][ T1254] ieee802154 phy1 wpan1: encryption failed: -22
[  255.246982][T10390] XFS (loop2): Ending clean mount
[  255.522269][ T5220] XFS (loop2): Unmounting Filesystem bc2378ed-6193-40d5-9d59-7ebcb787b415
[  255.904499][T10456] loop1: detected capacity change from 0 to 512
[  256.015761][T10456] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #17: comm syz.1.1891: iget: bogus i_mode (0)
[  256.125419][T10456] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.1891: couldn't read orphan inode 17 (err -117)
[  256.232408][T10456] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  256.480206][ T5221] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.523676][T10468] loop3: detected capacity change from 0 to 4096
[  257.714395][T10505] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1910'.
[  257.795328][T10508] loop2: detected capacity change from 0 to 1764
[  257.932784][T10508] syz.2.1913 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  258.493724][T10524] 9pnet_rdma: rdma_create_trans (10524): problem binding to privport: 13
[  258.790589][T10530] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1924'.
[  258.945491][T10511] loop3: detected capacity change from 0 to 32768
[  258.992021][ T5319] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  259.094727][T10511] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  259.148841][T10441] syz.4.1887: vmalloc error: size 3874816, failed to allocated page array size 7568, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[  259.168370][T10441] CPU: 1 UID: 0 PID: 10441 Comm: syz.4.1887 Not tainted 6.11.0-syzkaller-04003-gfc1dc0d50780 #0
[  259.178826][T10441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  259.188901][T10441] Call Trace:
[  259.192194][T10441]  <TASK>
[  259.195138][T10441]  dump_stack_lvl+0x241/0x360
[  259.199948][T10441]  ? __pfx_dump_stack_lvl+0x10/0x10
[  259.205185][T10441]  ? __pfx__printk+0x10/0x10
[  259.209819][T10441]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  259.216274][T10441]  ? srso_alias_return_thunk+0x5/0xfbef5
[  259.221943][T10441]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  259.228593][T10441]  warn_alloc+0x278/0x410
[  259.232956][T10441]  ? __pfx_warn_alloc+0x10/0x10
[  259.237832][T10441]  ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60
[  259.244095][T10441]  ? srso_alias_return_thunk+0x5/0xfbef5
[  259.249779][T10441]  ? srso_alias_return_thunk+0x5/0xfbef5
[  259.255431][T10441]  ? __get_vm_area_node+0x23d/0x270
[  259.261001][T10441]  __vmalloc_node_range_noprof+0x6a2/0x1400
[  259.266936][T10441]  ? __kmalloc_cache_node_noprof+0x1d3/0x300
[  259.272940][T10441]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  259.279294][T10441]  ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60
[  259.285466][T10441]  ? srso_alias_return_thunk+0x5/0xfbef5
[  259.291120][T10441]  ? srso_alias_return_thunk+0x5/0xfbef5
[  259.296769][T10441]  ? __get_vm_area_node+0x23d/0x270
[  259.301985][T10441]  __vmalloc_node_range_noprof+0x5bc/0x1400
[  259.307911][T10441]  ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60
[  259.314086][T10441]  ? __mutex_trylock_common+0x183/0x2e0
[  259.319668][T10441]  ? rcu_is_watching+0x15/0xb0
[  259.324525][T10441]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  259.330862][T10441]  ? srso_alias_return_thunk+0x5/0xfbef5
[  259.336512][T10441]  ? rcu_is_watching+0x15/0xb0
[  259.341282][T10441]  ? srso_alias_return_thunk+0x5/0xfbef5
[  259.346927][T10441]  ? __kmalloc_node_noprof+0x247/0x440
[  259.352831][T10441]  ? __kvmalloc_node_noprof+0x72/0x190
[  259.358298][T10441]  __kvmalloc_node_noprof+0x142/0x190
[  259.363678][T10441]  ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60
[  259.369844][T10441]  __v4l2_ctrl_modify_dimensions+0x43b/0xb60
[  259.375843][T10441]  ? tpg_update_mv_step+0x361/0x4f0
[  259.381060][T10441]  vivid_update_format_cap+0x133c/0x2090
[  259.386721][T10441]  ? __pfx_vivid_update_format_cap+0x10/0x10
[  259.392715][T10441]  ? srso_alias_return_thunk+0x5/0xfbef5
[  259.398371][T10441]  vivid_vid_cap_s_dv_timings+0x535/0x1230
[  259.404211][T10441]  __video_do_ioctl+0xc25/0xdd0
[  259.409079][T10441]  ? __pfx___video_do_ioctl+0x10/0x10
[  259.414459][T10441]  ? srso_alias_return_thunk+0x5/0xfbef5
[  259.420104][T10441]  ? __might_fault+0xc6/0x120
[  259.424794][T10441]  video_usercopy+0x89d/0x1180
[  259.429573][T10441]  ? __pfx___video_do_ioctl+0x10/0x10
[  259.434947][T10441]  ? __pfx_video_usercopy+0x10/0x10
[  259.440158][T10441]  ? __fget_files+0x29/0x470
[  259.444767][T10441]  ? __fget_files+0x3f3/0x470
[  259.449464][T10441]  v4l2_ioctl+0x18b/0x1e0
[  259.453813][T10441]  ? __pfx_v4l2_ioctl+0x10/0x10
[  259.458681][T10441]  __se_sys_ioctl+0xfb/0x170
[  259.463291][T10441]  do_syscall_64+0xf3/0x230
[  259.467813][T10441]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.473717][T10441] RIP: 0033:0x7f78e177def9
[  259.478141][T10441] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  259.497761][T10441] RSP: 002b:00007f78e25a6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  259.506187][T10441] RAX: ffffffffffffffda RBX: 00007f78e1935f80 RCX: 00007f78e177def9
[  259.514161][T10441] RDX: 0000000020000200 RSI: 00000000c0845657 RDI: 0000000000000003
[  259.522134][T10441] RBP: 00007f78e17f0b76 R08: 0000000000000000 R09: 0000000000000000
[  259.530104][T10441] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  259.538074][T10441] R13: 0000000000000000 R14: 00007f78e1935f80 R15: 00007ffe60c8f688
[  259.546064][T10441]  </TASK>
[  259.589213][T10441] Mem-Info:
[  259.592522][T10441] active_anon:14780 inactive_anon:0 isolated_anon:0
[  259.592522][T10441]  active_file:1581 inactive_file:38725 isolated_file:0
[  259.592522][T10441]  unevictable:768 dirty:227 writeback:0
[  259.592522][T10441]  slab_reclaimable:9627 slab_unreclaimable:108343
[  259.592522][T10441]  mapped:32836 shmem:10306 pagetables:988
[  259.592522][T10441]  sec_pagetables:0 bounce:0
[  259.592522][T10441]  kernel_misc_reclaimable:0
[  259.592522][T10441]  free:1246408 free_pcp:280 free_cma:0
[  259.670452][T10511] XFS (loop3): Ending clean mount
[  259.670548][ T5319] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  259.717956][ T5319] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  259.772350][T10441] Node 0 active_anon:62220kB inactive_anon:0kB active_file:6284kB inactive_file:154768kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:131248kB dirty:868kB writeback:0kB shmem:42888kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11760kB pagetables:3852kB sec_pagetables:0kB all_unreclaimable? no
[  259.778682][ T5319] usb 2-1: New USB device found, idVendor=04b4, idProduct=de61, bcdDevice=20.00
[  259.866495][ T5223] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  259.891837][ T5319] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  259.916582][T10441] Node 1 active_anon:0kB inactive_anon:0kB active_file:40kB inactive_file:132kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:96kB dirty:40kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  259.932665][ T5319] usb 2-1: config 0 descriptor??
[  260.011993][T10441] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  260.100927][T10533] loop2: detected capacity change from 0 to 32768
[  260.122105][T10441] lowmem_reserve[]: 0 2467 2468 0 0
[  260.127487][T10441] Node 0 DMA32 free:1007964kB boost:0kB min:34228kB low:42784kB high:51340kB reserved_highatomic:0KB active_anon:66380kB inactive_anon:0kB active_file:6284kB inactive_file:153652kB unevictable:1536kB writepending:852kB present:3129332kB managed:2554508kB mlocked:0kB bounce:0kB free_pcp:10528kB local_pcp:8948kB free_cma:0kB
[  260.240917][   T29] audit: type=1800 audit(1726588545.362:81): pid=10533 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1925" name="file2" dev="loop2" ino=5 res=0 errno=0
[  260.251263][T10441] lowmem_reserve[]: 0 0 0 0 0
[  260.329306][T10441] Node 0 Normal free:8kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:816kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[  260.390836][ T5319] cypress 0003:04B4:DE61.002E: hidraw0: USB HID v0.00 Device [HID 04b4:de61] on usb-dummy_hcd.1-1/input0
[  260.449613][T10441] lowmem_reserve[]: 0 0 0 0 0
[  260.466811][T10441] Node 1 Normal free:3947196kB boost:0kB min:55660kB low:69572kB high:83484kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:40kB inactive_file:132kB unevictable:1536kB writepending:40kB present:4194304kB managed:4109120kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  260.558631][T10441] lowmem_reserve[]: 0 0 0 0 0
[  260.578923][T10441] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  260.617569][ T5319] usb 2-1: USB disconnect, device number 16
[  260.634017][T10441] Node 0 DMA32: 341*4kB (ME) 474*8kB (UME) 365*16kB (ME) 280*32kB (UME) 16*64kB (UM) 41*128kB (UME) 46*256kB (UM) 26*512kB (UM) 8*1024kB (UME) 2*2048kB (M) 236*4096kB (UM) = 1030260kB
[  260.731873][T10441] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
[  260.781611][T10441] Node 1 Normal: 5*4kB (UM) 5*8kB (U) 13*16kB (UM) 9*32kB (U) 5*64kB (UM) 5*128kB (UM) 3*256kB (U) 1*512kB (M) 2*1024kB (U) 3*2048kB (UM) 961*4096kB (M) = 3947244kB
[  260.865797][T10441] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  260.887699][T10441] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  260.914136][T10441] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  260.941549][T10441] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  260.961113][T10441] 45520 total pagecache pages
[  260.971373][T10441] 0 pages in swap cache
[  260.975547][T10441] Free swap  = 124960kB
[  261.026190][T10441] Total swap = 124996kB
[  261.030405][T10441] 2097051 pages RAM
[  261.067319][T10441] 0 pages HighMem/MovableOnly
[  261.079072][T10441] 427086 pages reserved
[  261.093662][T10441] 0 pages cma reserved
[  261.442896][T10581] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1943'.
[  261.547909][T10586] netlink: 'syz.0.1946': attribute type 29 has an invalid length.
[  261.593882][T10586] netlink: 'syz.0.1946': attribute type 29 has an invalid length.
[  261.650933][T10588] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1947'.
[  261.691346][ T1851] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  261.842183][ T1851] usb 4-1: Using ep0 maxpacket: 16
[  261.858468][ T1851] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  261.899900][ T1851] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  261.941488][ T1851] usb 4-1: New USB device found, idVendor=05a4, idProduct=2000, bcdDevice= 0.00
[  262.002370][ T1851] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  262.081615][ T1851] usb 4-1: config 0 descriptor??
[  262.535870][ T1851] ortek 0003:05A4:2000.002F: item fetching failed at offset 2/5
[  262.585378][ T1851] ortek 0003:05A4:2000.002F: probe with driver ortek failed with error -22
[  262.623302][T10610] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1958'.
[  262.727743][ T5285] usb 4-1: USB disconnect, device number 16
[  263.034836][T10623] loop1: detected capacity change from 0 to 256
[  263.450150][T10631] loop1: detected capacity change from 0 to 256
[  263.661375][ T5335] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  263.668074][T10638] loop1: detected capacity change from 0 to 256
[  263.700329][T10638] vfat: Bad value for 'shortname'
[  263.831348][ T5335] usb 4-1: Using ep0 maxpacket: 16
[  263.840494][ T5335] usb 4-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  263.902052][ T5335] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD7, changing to 0x87
[  263.972861][ T5335] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 152, changing to 11
[  264.011369][ T5335] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x87 has invalid maxpacket 8285, setting to 1024
[  264.069392][ T5335] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  264.133042][ T5335] usb 4-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89
[  264.166216][ T5335] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  264.197912][ T5335] usb 4-1: Product: syz
[  264.212425][ T5335] usb 4-1: Manufacturer: syz
[  264.233490][ T5335] usb 4-1: SerialNumber: syz
[  264.256871][T10647] loop2: detected capacity change from 0 to 1024
[  264.262430][ T5335] usb 4-1: config 0 descriptor??
[  264.425268][T10649] loop1: detected capacity change from 0 to 1024
[  264.456121][ T5220] hfsplus: bad catalog entry type
[  264.531653][ T5335] appledisplay: Apple Cinema Display connected
[  264.766597][ T1851] usb 4-1: USB disconnect, device number 17
[  264.766658][    C0] usb 4-1: appledisplay_complete - usb_submit_urb failed with result -19
[  264.782106][ T1115] hfsplus: b-tree write err: -5, ino 4
[  264.792107][ T1851] appledisplay: Apple Cinema Display disconnected
[  264.993661][ T1115] hfsplus: b-tree write err: -5, ino 4
[  265.420287][   T80] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  265.838601][   T80] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  265.899446][ T5230] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  265.954790][   T55] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  265.975858][   T55] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  265.992985][   T55] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  266.008390][   T55] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  266.016285][   T55] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  266.024682][   T55] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  266.119739][ T5230] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  266.141036][ T5230] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  266.162139][ T5230] usb 2-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  266.181321][ T5230] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  266.201876][ T5230] usb 2-1: config 0 descriptor??
[  266.210631][T10667] loop3: detected capacity change from 0 to 256
[  266.371078][   T80] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  266.589994][   T55] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  266.611413][   T55] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  266.620179][   T55] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  266.630995][   T55] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  266.639146][   T55] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[  266.651583][   T55] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  266.688984][ T5230] hid-multitouch 0003:1FD2:6007.0030: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.1-1/input0
[  266.753763][T10681] loop0: detected capacity change from 0 to 256
[  266.819112][ T5230] usb 2-1: USB disconnect, device number 17
[  266.874040][T10681] FAT-fs (loop0): Directory bread(block 64) failed
[  266.880626][T10681] FAT-fs (loop0): Directory bread(block 65) failed
[  266.922068][T10681] FAT-fs (loop0): Directory bread(block 66) failed
[  266.928672][T10681] FAT-fs (loop0): Directory bread(block 67) failed
[  266.997465][   T80] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.008561][T10681] FAT-fs (loop0): Directory bread(block 68) failed
[  267.049967][T10681] FAT-fs (loop0): Directory bread(block 69) failed
[  267.078844][T10681] FAT-fs (loop0): Directory bread(block 70) failed
[  267.121437][T10681] FAT-fs (loop0): Directory bread(block 71) failed
[  267.159395][T10681] FAT-fs (loop0): Directory bread(block 72) failed
[  267.191405][T10681] FAT-fs (loop0): Directory bread(block 73) failed
[  267.642822][   T80] team0: left allmulticast mode
[  267.659581][   T80] team_slave_0: left allmulticast mode
[  267.699309][   T80] team_slave_1: left allmulticast mode
[  267.726354][   T80] bridge0: port 3(team0) entered disabled state
[  267.824290][   T80] bridge_slave_1: left allmulticast mode
[  267.864495][   T80] bridge_slave_1: left promiscuous mode
[  267.870280][   T80] bridge0: port 2(bridge_slave_1) entered disabled state
[  267.951647][   T80] bridge_slave_0: left allmulticast mode
[  267.957349][   T80] bridge_slave_0: left promiscuous mode
[  267.983507][   T80] bridge0: port 1(bridge_slave_0) entered disabled state
[  268.051330][    T9] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  268.161420][ T4615] Bluetooth: hci0: command tx timeout
[  268.211327][    T9] usb 2-1: Using ep0 maxpacket: 8
[  268.219064][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  268.231120][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  268.251303][    T9] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  268.291487][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  268.333361][    T9] usb 2-1: config 0 descriptor??
[  268.587096][    T9] iowarrior 2-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  268.691127][T10701] loop0: detected capacity change from 0 to 32768
[  268.768822][T10701] JBD2: Ignoring recovery information on journal
[  268.801576][ T4615] Bluetooth: hci8: command tx timeout
[  268.841595][T10702] iowarrior 2-1:0.0: Error -90 while submitting URB
[  268.849399][T10701] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  268.883997][    T9] usb 2-1: USB disconnect, device number 18
[  268.917924][    T9] iowarrior 2-1:0.0: I/O-Warror #0 now disconnected
[  268.963491][   T29] audit: type=1800 audit(1726588554.092:82): pid=10701 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1999" name="file1" dev="loop0" ino=16946 res=0 errno=0
[  269.030129][T10701] (syz.0.1999,10701,0):ocfs2_read_blocks_sync:112 ERROR: status = -12
[  269.041325][T10701] (syz.0.1999,10701,1):update_backups:196 ERROR: status = -12
[  269.053362][T10701] ocfs2: Failed to update super blocks on 7,0 during fs resize. This condition is not fatal, but fsck.ocfs2 should be run to fix it
[  269.166679][ T5219] ocfs2: Unmounting device (7,0) on (node local)
[  269.263448][   T80] dvmrp0 (unregistering): left allmulticast mode
[  270.004903][   T80] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  270.076707][   T80] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  270.097689][   T80] bond0 (unregistering): Released all slaves
[  270.158182][T10726] loop1: detected capacity change from 0 to 64
[  270.234762][T10718] dvmrp5: entered allmulticast mode
[  270.252777][ T4615] Bluetooth: hci0: command tx timeout
[  270.289292][T10719] dvmrp5: left allmulticast mode
[  270.296630][T10726] hfs: filesystem was not cleanly unmounted, running fsck.hfs is recommended.  mounting read-only.
[  270.444121][T10664] chnl_net:caif_netlink_parms(): no params data found
[  270.459140][T10707] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  270.508406][T10707] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  270.695220][T10707] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  270.704699][T10733] netlink: 'syz.3.2011': attribute type 1 has an invalid length.
[  270.729465][T10733] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2011'.
[  270.731557][T10707] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  270.874223][T10707] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  270.881587][ T4615] Bluetooth: hci8: command 0x041b tx timeout
[  270.987542][T10707] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  271.082775][T10707] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  271.110889][T10707] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  271.182854][T10707] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  271.212286][T10707] Bluetooth: hci6: Opcode 0x0406 failed: -4
[  271.321896][T10707] Bluetooth: hci7: Opcode 0x0c1a failed: -4
[  271.382554][T10707] Bluetooth: hci7: Opcode 0x0406 failed: -4
[  271.422651][T10750] tipc: Started in network mode
[  271.460862][T10750] tipc: Node identity 066d8156bd48, cluster identity 4711
[  271.497401][T10750] tipc: Enabled bearer <eth:netdevsim0>, priority 10
[  271.510414][T10707] Bluetooth: hci7: Opcode 0x0406 failed: -4
[  271.544746][T10757] loop0: detected capacity change from 0 to 64
[  271.731480][   T80] hsr_slave_0: left promiscuous mode
[  271.776597][T10707] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  271.817814][T10707] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  271.824371][   T80] hsr_slave_1: left promiscuous mode
[  271.861701][   T80] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  271.879299][   T80] batman_adv: batadv0: Removing interface: batadv_slave_0
[  271.890943][T10707] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  271.902701][   T80] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  271.910593][   T80] batman_adv: batadv0: Removing interface: batadv_slave_1
[  271.945352][T10707] Bluetooth: hci8: Opcode 0x0c1a failed: -4
[  271.971577][T10707] Bluetooth: hci8: Opcode 0x0406 failed: -4
[  271.985273][   T80] veth1_macvtap: left promiscuous mode
[  272.002170][   T80] veth0_macvtap: left promiscuous mode
[  272.013672][   T80] veth1_vlan: left promiscuous mode
[  272.020381][T10707] Bluetooth: hci8: Opcode 0x0406 failed: -4
[  272.024049][   T80] veth0_vlan: left promiscuous mode
[  272.496266][   T55] Bluetooth: hci4: command 0x0406 tx timeout
[  272.515601][   T25] tipc: Node number set to 3139797334
[  272.721426][   T55] Bluetooth: hci1: command 0x0406 tx timeout
[  272.737598][T10761] loop3: detected capacity change from 0 to 32768
[  272.881348][   T55] Bluetooth: hci3: command 0x1407 tx timeout
[  273.129798][   T55] Bluetooth: hci5: command 0x0406 tx timeout
[  273.223528][   T55] Bluetooth: hci6: command 0x0406 tx timeout
[  273.361998][   T55] Bluetooth: hci7: command 0x0405 tx timeout
[  273.699326][T10777] loop0: detected capacity change from 0 to 32768
[  273.714692][T10777] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2023 (10777)
[  273.760069][T10777] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  273.785411][T10777] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm
[  273.810042][T10777] BTRFS info (device loop0): using free-space-tree
[  273.845570][ T4615] Bluetooth: hci0: command 0x0419 tx timeout
[  274.001395][ T4615] Bluetooth: hci8: command 0x041b tx timeout
[  274.099720][ T5219] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  274.190598][   T80] team_slave_1 (unregistering): left promiscuous mode
[  274.221656][   T80] team0 (unregistering): Port device team_slave_1 removed
[  274.393812][T10800] netlink: 'syz.0.2026': attribute type 9 has an invalid length.
[  274.407178][T10800] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.2026'.
[  274.487887][   T80] team_slave_0 (unregistering): left promiscuous mode
[  274.508815][   T80] team0 (unregistering): Port device team_slave_0 removed
[  274.571546][ T4615] Bluetooth: hci4: command 0x0406 tx timeout
[  274.804407][ T4615] Bluetooth: hci1: command 0x0406 tx timeout
[  274.973956][ T4615] Bluetooth: hci3: command 0x1407 tx timeout
[  275.210999][ T4615] Bluetooth: hci5: command 0x0406 tx timeout
[  275.281596][ T4615] Bluetooth: hci6: command 0x0406 tx timeout
[  275.338995][T10664] bridge0: port 1(bridge_slave_0) entered blocking state
[  275.360818][T10664] bridge0: port 1(bridge_slave_0) entered disabled state
[  275.378404][T10664] bridge_slave_0: entered allmulticast mode
[  275.393537][T10664] bridge_slave_0: entered promiscuous mode
[  275.447993][ T4615] Bluetooth: hci7: command 0x0405 tx timeout
[  275.491585][T10664] bridge0: port 2(bridge_slave_1) entered blocking state
[  275.498735][T10664] bridge0: port 2(bridge_slave_1) entered disabled state
[  275.520266][T10664] bridge_slave_1: entered allmulticast mode
[  275.528549][T10664] bridge_slave_1: entered promiscuous mode
[  275.630369][T10803] netlink: 'syz.0.2026': attribute type 9 has an invalid length.
[  275.648771][T10803] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.2026'.
[  275.761440][   T25] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  275.816764][T10664] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  275.917530][T10664] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  275.931452][ T5285] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  275.939004][ T4615] Bluetooth: hci0: command 0x0419 tx timeout
[  275.961469][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  275.974012][   T25] usb 2-1: New USB device found, idVendor=18b1, idProduct=0037, bcdDevice= 0.00
[  275.983618][   T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  276.002544][   T25] usb 2-1: config 0 descriptor??
[  276.092190][ T4615] Bluetooth: hci8: command 0x041b tx timeout
[  276.155404][T10675] chnl_net:caif_netlink_parms(): no params data found
[  276.162703][ T5285] usb 6-1: Using ep0 maxpacket: 16
[  276.174464][ T5285] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  276.192286][ T5285] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  276.202355][ T5285] usb 6-1: New USB device found, idVendor=22d4, idProduct=1503, bcdDevice= 0.00
[  276.237525][ T5285] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  276.256416][T10664] team0: Port device team_slave_0 added
[  276.263975][ T5285] usb 6-1: config 0 descriptor??
[  276.435423][T10664] team0: Port device team_slave_1 added
[  276.455580][   T25] petalynx 0003:18B1:0037.0031: unknown main item tag 0xd
[  276.481771][   T25] petalynx 0003:18B1:0037.0031: unexpected long global item
[  276.510160][   T25] petalynx 0003:18B1:0037.0031: parse failed
[  276.545285][   T25] petalynx 0003:18B1:0037.0031: probe with driver petalynx failed with error -22
[  276.560893][T10819] loop0: detected capacity change from 0 to 256
[  276.699552][   T25] usb 2-1: USB disconnect, device number 19
[  276.723699][T10819] FAT-fs (loop0): Directory bread(block 64) failed
[  276.750251][T10819] FAT-fs (loop0): Directory bread(block 65) failed
[  276.756989][T10819] FAT-fs (loop0): Directory bread(block 66) failed
[  276.764135][T10664] batman_adv: batadv0: Adding interface: batadv_slave_0
[  276.771085][T10664] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  276.798137][T10819] FAT-fs (loop0): Directory bread(block 67) failed
[  276.805889][T10819] FAT-fs (loop0): Directory bread(block 68) failed
[  276.814332][T10819] FAT-fs (loop0): Directory bread(block 69) failed
[  276.820923][T10819] FAT-fs (loop0): Directory bread(block 70) failed
[  276.827607][T10819] FAT-fs (loop0): Directory bread(block 71) failed
[  276.841622][T10819] FAT-fs (loop0): Directory bread(block 72) failed
[  276.848172][T10819] FAT-fs (loop0): Directory bread(block 73) failed
[  276.863302][ T5285] glorious 0003:22D4:1503.0032: hidraw0: USB HID v0.00 Device [Glorious Model I] on usb-dummy_hcd.5-1/input0
[  276.881691][T10664] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  276.926550][T10664] batman_adv: batadv0: Adding interface: batadv_slave_1
[  276.944905][T10664] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  277.028659][T10664] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  277.085439][   T25] usb 6-1: USB disconnect, device number 6
[  277.340787][T10811] loop3: detected capacity change from 0 to 40427
[  277.371968][T10833] loop0: detected capacity change from 0 to 512
[  277.391690][T10811] F2FS-fs (loop3): Small segment_count (9 < 1 * 24)
[  277.408148][T10811] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  277.452311][T10833] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.2035: invalid indirect mapped block 256 (level 2)
[  277.498616][T10664] hsr_slave_0: entered promiscuous mode
[  277.523141][ T4615] Bluetooth: hci7: command 0x0405 tx timeout
[  277.532519][T10833] EXT4-fs (loop0): 2 truncates cleaned up
[  277.538637][T10811] F2FS-fs (loop3): Found nat_bits in checkpoint
[  277.555611][T10664] hsr_slave_1: entered promiscuous mode
[  277.566604][T10843] loop1: detected capacity change from 0 to 256
[  277.583005][T10833] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  277.629707][T10664] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  277.659552][T10664] Cannot create hsr debugfs directory
[  277.675929][T10675] bridge0: port 1(bridge_slave_0) entered blocking state
[  277.713197][ T5219] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  277.723113][T10675] bridge0: port 1(bridge_slave_0) entered disabled state
[  277.745900][T10843] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011ecd, chksum : 0x5182c0e5, utbl_chksum : 0xe619d30d)
[  277.781625][T10675] bridge_slave_0: entered allmulticast mode
[  277.788756][T10675] bridge_slave_0: entered promiscuous mode
[  277.831185][T10811] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  277.838347][T10811] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  277.847415][T10675] bridge0: port 2(bridge_slave_1) entered blocking state
[  277.861935][T10675] bridge0: port 2(bridge_slave_1) entered disabled state
[  277.869275][T10675] bridge_slave_1: entered allmulticast mode
[  277.902775][T10675] bridge_slave_1: entered promiscuous mode
[  277.946045][T10847] loop0: detected capacity change from 0 to 512
[  278.012640][ T4615] Bluetooth: hci0: command 0x0419 tx timeout
[  278.040714][T10847] EXT4-fs error (device loop0): dx_probe:823: inode #2: comm syz.0.2038: Attempting to read directory block (0) that is past i_size (256)
[  278.067611][T10847] EXT4-fs (loop0): Remounting filesystem read-only
[  278.090991][T10852] 9pnet_fd: p9_fd_create_unix (10852): problem connecting socket: éq‰Y’3aK: -111
[  278.100482][T10847] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117
[  278.161503][ T4615] Bluetooth: hci8: command 0x041b tx timeout
[  278.168762][T10847] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  278.253106][ T5219] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  278.275986][ T5223] syz-executor: attempt to access beyond end of device
[  278.275986][ T5223] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  278.301561][ T5223] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  278.353812][T10675] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  278.590334][T10675] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  278.918120][   T80] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.217184][   T80] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.290237][T10675] team0: Port device team_slave_0 added
[  279.314302][T10675] team0: Port device team_slave_1 added
[  279.391326][   T25] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  279.511508][T10675] batman_adv: batadv0: Adding interface: batadv_slave_0
[  279.518538][T10675] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  279.518818][T10885] loop0: detected capacity change from 0 to 128
[  279.587690][T10885] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  279.597540][   T25] usb 4-1: Using ep0 maxpacket: 16
[  279.604762][   T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  279.608453][T10885] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  279.615870][   T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  279.627567][T10675] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  279.634484][   T25] usb 4-1: New USB device found, idVendor=1532, idProduct=010d, bcdDevice= 0.00
[  279.655312][   T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  279.672611][   T25] usb 4-1: config 0 descriptor??
[  279.780682][T10869] loop1: detected capacity change from 0 to 32768
[  279.822144][   T80] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.917177][T10869] JBD2: Ignoring recovery information on journal
[  280.038676][T10675] batman_adv: batadv0: Adding interface: batadv_slave_1
[  280.081394][T10675] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  280.091338][ T4615] Bluetooth: hci0: command 0x0419 tx timeout
[  280.118222][   T25] razer 0003:1532:010D.0033: item fetching failed at offset 4/6
[  280.128016][   T25] razer 0003:1532:010D.0033: probe with driver razer failed with error -22
[  280.168971][T10869] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  280.198549][T10675] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  280.242957][ T4615] Bluetooth: hci8: command 0x041b tx timeout
[  280.349281][    T8] usb 4-1: USB disconnect, device number 18
[  280.692598][ T5221] ocfs2: Unmounting device (7,1) on (node local)
[  280.703714][   T80] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.926554][T10904] sp0: Synchronizing with TNC
[  280.934891][T10675] hsr_slave_0: entered promiscuous mode
[  280.957471][T10903] [U] è`
[  281.013650][T10675] hsr_slave_1: entered promiscuous mode
[  281.052193][T10675] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  281.070063][T10675] Cannot create hsr debugfs directory
[  281.701811][   T80] team0: left allmulticast mode
[  281.706837][   T80] team_slave_0: left allmulticast mode
[  281.727384][   T80] team_slave_1: left allmulticast mode
[  281.755255][   T80] bridge0: port 3(team0) entered disabled state
[  281.833988][   T80] bridge_slave_1: left allmulticast mode
[  281.839883][   T80] bridge_slave_1: left promiscuous mode
[  281.871363][   T80] bridge0: port 2(bridge_slave_1) entered disabled state
[  281.982946][   T80] bridge_slave_0: left allmulticast mode
[  281.988668][   T80] bridge_slave_0: left promiscuous mode
[  282.021124][   T80] bridge0: port 1(bridge_slave_0) entered disabled state
[  282.321594][ T4615] Bluetooth: hci8: command 0x041b tx timeout
[  283.210271][   T80] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  283.236745][   T80] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  283.256450][T10964] netlink: 'syz.3.2080': attribute type 1 has an invalid length.
[  283.271679][T10964] netlink: 112860 bytes leftover after parsing attributes in process `syz.3.2080'.
[  283.281084][   T80] bond0 (unregistering): Released all slaves
[  283.288326][T10964] netlink: 5 bytes leftover after parsing attributes in process `syz.3.2080'.
[  283.302883][T10964] netlink: zone id is out of range
[  283.311782][T10964] netlink: set zone limit has 8 unknown bytes
[  283.531281][T10937] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2072'.
[  283.758391][T10972] loop0: detected capacity change from 0 to 8
[  283.810587][T10972] SQUASHFS error: Unable to read directory block [629:46]
[  284.030648][T10979] loop0: detected capacity change from 0 to 512
[  284.087847][T10979] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  284.164338][T10979] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c018, mo2=0002]
[  284.231486][T10979] System zones: 1-3, 19-19, 35-38
[  284.264410][T10979] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  284.293383][T10981] loop1: detected capacity change from 0 to 4096
[  284.334666][T10979] ext4 filesystem being mounted at /343/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  284.401612][ T4615] Bluetooth: hci8: command 0x041b tx timeout
[  284.415663][T10974] loop3: detected capacity change from 0 to 32768
[  284.447985][T10979] EXT4-fs error (device loop0): __ext4_new_inode:1279: comm syz.0.2087: failed to insert inode 16: doubly allocated?
[  284.490951][T10974] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.2085 (10974)
[  284.561372][T10974] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  284.612595][T10974] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm
[  284.621113][T10974] BTRFS info (device loop3): using free-space-tree
[  284.643715][   T80] hsr_slave_0: left promiscuous mode
[  284.648670][T10991] loop1: detected capacity change from 0 to 1024
[  284.656885][ T5219] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.684357][   T80] hsr_slave_1: left promiscuous mode
[  284.782136][   T80] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  284.790750][   T80] batman_adv: batadv0: Removing interface: batadv_slave_0
[  284.837101][T11006] hfsplus: invalid xattr key length: 0
[  284.956211][   T80] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  284.972469][   T35] hfsplus: b-tree write err: -5, ino 8
[  284.998723][   T80] batman_adv: batadv0: Removing interface: batadv_slave_1
[  285.107338][   T80] veth1_macvtap: left promiscuous mode
[  285.136656][   T80] veth0_macvtap: left promiscuous mode
[  285.151738][T11012] netlink: 'syz.1.2093': attribute type 1 has an invalid length.
[  285.152379][   T80] veth1_vlan: left promiscuous mode
[  285.189068][T11015] loop0: detected capacity change from 0 to 512
[  285.192972][ T5223] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  285.196131][   T80] veth0_vlan: left promiscuous mode
[  285.209423][T11012] netlink: 9352 bytes leftover after parsing attributes in process `syz.1.2093'.
[  285.231938][T11012] netlink: 'syz.1.2093': attribute type 1 has an invalid length.
[  285.239835][T11012] netlink: 'syz.1.2093': attribute type 2 has an invalid length.
[  285.271520][T11012] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2093'.
[  285.279011][T11015] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  285.351197][T11015] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0002]
[  285.422970][T11015] System zones: 1-12
[  285.481095][T11015] EXT4-fs (loop0): 1 truncate cleaned up
[  285.512577][T11015] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  285.647912][   T29] audit: type=1800 audit(1726588570.762:83): pid=11015 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2095" name="bus" dev="loop0" ino=18 res=0 errno=0
[  285.868264][ T5219] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.114581][T11031] loop3: detected capacity change from 0 to 256
[  286.154837][T11031] exfat: Deprecated parameter 'utf8'
[  286.160394][T11031] exfat: Deprecated parameter 'utf8'
[  286.274228][T11031] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d)
[  286.580754][   T29] audit: type=1326 audit(1726588571.702:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11043 comm="syz.5.2108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa95ab7def9 code=0x7ffc0000
[  286.627044][   T29] audit: type=1326 audit(1726588571.702:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11043 comm="syz.5.2108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa95ab7def9 code=0x7ffc0000
[  286.680458][   T29] audit: type=1326 audit(1726588571.702:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11043 comm="syz.5.2108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7fa95ab7def9 code=0x7ffc0000
[  286.721722][   T29] audit: type=1326 audit(1726588571.702:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11043 comm="syz.5.2108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa95ab7def9 code=0x7ffc0000
[  286.761395][   T29] audit: type=1326 audit(1726588571.702:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11043 comm="syz.5.2108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa95ab7def9 code=0x7ffc0000
[  286.786339][   T29] audit: type=1326 audit(1726588571.702:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11043 comm="syz.5.2108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=94 compat=0 ip=0x7fa95ab7def9 code=0x7ffc0000
[  286.809210][   T29] audit: type=1326 audit(1726588571.702:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11043 comm="syz.5.2108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa95ab7def9 code=0x7ffc0000
[  287.218949][   T80] team_slave_1 (unregistering): left promiscuous mode
[  287.247571][   T80] team0 (unregistering): Port device team_slave_1 removed
[  287.348958][   T80] team_slave_0 (unregistering): left promiscuous mode
[  287.360147][   T80] team0 (unregistering): Port device team_slave_0 removed
[  288.256522][   T80] smc: removing net device lo with user defined pnetid SYZ2
[  288.802266][ T5319] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  288.840247][T11067] loop0: detected capacity change from 0 to 256
[  288.861837][ T1851] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  288.882939][T11067] exfat: Deprecated parameter 'namecase'
[  288.898866][T11067] exfat: Deprecated parameter 'utf8'
[  288.904565][T11067] exfat: Deprecated parameter 'namecase'
[  288.914576][T11067] exfat: Deprecated parameter 'utf8'
[  288.939039][T10664] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  288.956612][T11067] exFAT-fs (loop0): failed to load upcase table (idx : 0x00012153, chksum : 0x555ffa9e, utbl_chksum : 0xe619d30d)
[  288.956728][T10664] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  288.992232][ T5319] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  289.043777][T10664] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  289.054583][ T1851] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.9e
[  289.081566][ T5319] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  289.101371][ T1851] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  289.121444][ T5319] usb 2-1: New USB device found, idVendor=056a, idProduct=00b8, bcdDevice= 0.07
[  289.130513][ T5319] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  289.139692][ T1851] usb 4-1: config 0 descriptor??
[  289.167848][ T5319] usb 2-1: config 0 descriptor??
[  289.380319][T11079] autofs: Bad value for 'uid'
[  289.414529][T11079] autofs: Bad value for 'uid'
[  289.456398][T10664] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  289.619799][ T5319] wacom 0003:056A:00B8.0034: Unknown device_type for 'HID 056a:00b8'. Assuming pen.
[  289.667624][ T5319] wacom 0003:056A:00B8.0034: hidraw0: USB HID v0.00 Device [HID 056a:00b8] on usb-dummy_hcd.1-1/input0
[  289.732917][ T5319] input: Wacom Intuos4 4x6 Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:056A:00B8.0034/input/input35
[  289.760589][ T1851] ath6kl: Failed to read usb control message: -71
[  289.788411][ T1851] ath6kl: Unable to read the bmi data from the device: -71
[  289.805513][ T1851] ath6kl: unable to read target info byte count: -71
[  289.822885][ T5230] usb 2-1: USB disconnect, device number 20
[  289.825846][ T1851] ath6kl: Failed to init ath6kl core: -71
[  289.858870][ T1851] ath6kl_usb 4-1:0.0: probe with driver ath6kl_usb failed with error -71
[  289.894893][T11089] netlink: 'syz.5.2121': attribute type 1 has an invalid length.
[  289.920748][ T1851] usb 4-1: USB disconnect, device number 19
[  289.947364][T11089] netlink: 4076 bytes leftover after parsing attributes in process `syz.5.2121'.
[  290.035475][T11089] netlink: 13 bytes leftover after parsing attributes in process `syz.5.2121'.
[  290.354967][T10664] 8021q: adding VLAN 0 to HW filter on device bond0
[  290.438147][T10664] 8021q: adding VLAN 0 to HW filter on device team0
[  290.586058][ T1115] bridge0: port 1(bridge_slave_0) entered blocking state
[  290.593250][ T1115] bridge0: port 1(bridge_slave_0) entered forwarding state
[  290.657934][   T29] audit: type=1326 audit(1726588575.782:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11102 comm="syz.1.2128" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f44e1b7def9 code=0x0
[  290.713371][ T1115] bridge0: port 2(bridge_slave_1) entered blocking state
[  290.720537][ T1115] bridge0: port 2(bridge_slave_1) entered forwarding state
[  290.806926][T10675] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  290.866537][T10675] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  290.948607][T10675] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  290.977293][T10675] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  291.365323][T10675] 8021q: adding VLAN 0 to HW filter on device bond0
[  291.416875][T10675] 8021q: adding VLAN 0 to HW filter on device team0
[  291.482789][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  291.489979][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  291.599603][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  291.606796][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  291.739462][T10664] 8021q: adding VLAN 0 to HW filter on device batadv0
[  292.240680][T11161] loop0: detected capacity change from 0 to 4096
[  292.287143][T11161] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512).
[  292.397503][T11177] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2151'.
[  292.415249][T10675] 8021q: adding VLAN 0 to HW filter on device batadv0
[  292.462222][    T8] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  292.497362][T11161] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  292.648065][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  292.677498][T10675] veth0_vlan: entered promiscuous mode
[  292.691401][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  292.722945][    T8] usb 2-1: New USB device found, idVendor=0463, idProduct=c537, bcdDevice=34.39
[  292.751468][    T8] usb 2-1: New USB device strings: Mfr=1, Product=0, SerialNumber=0
[  292.761038][T10675] veth1_vlan: entered promiscuous mode
[  292.771135][    T8] usb 2-1: Manufacturer: syz
[  292.806779][    T8] usb 2-1: config 0 descriptor??
[  292.837347][T10664] veth0_vlan: entered promiscuous mode
[  293.003738][T10664] veth1_vlan: entered promiscuous mode
[  293.066988][T10675] veth0_macvtap: entered promiscuous mode
[  293.117867][T11196] netlink: 184 bytes leftover after parsing attributes in process `syz.5.2156'.
[  293.135428][T10675] veth1_macvtap: entered promiscuous mode
[  293.156520][T11196] netlink: 'syz.5.2156': attribute type 1 has an invalid length.
[  293.234059][T10664] veth0_macvtap: entered promiscuous mode
[  293.243851][T10675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.258959][    T8] hid-generic 0003:0463:C537.0035: unknown main item tag 0x0
[  293.292219][T10675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.310800][    T8] hid-generic 0003:0463:C537.0035: unknown main item tag 0x0
[  293.331329][    T8] hid-generic 0003:0463:C537.0035: unknown main item tag 0x0
[  293.338754][    T8] hid-generic 0003:0463:C537.0035: unknown main item tag 0x0
[  293.347470][T10675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.393806][T10675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.414251][    T8] hid-generic 0003:0463:C537.0035: unknown main item tag 0x0
[  293.435856][T10675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.452301][    T8] hid-generic 0003:0463:C537.0035: hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[  293.475095][T10675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.496238][    T8] usb 2-1: USB disconnect, device number 21
[  293.504271][T10675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.551345][T10675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.579142][T10675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.617413][T10675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.639679][T10675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.670666][T10675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.715187][T10675] batman_adv: batadv0: Interface activated: batadv_slave_0
[  293.768028][T10664] veth1_macvtap: entered promiscuous mode
[  293.806032][T10675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  293.848461][T10675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.878961][T10675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  293.910674][T10675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.951389][T10675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  293.973499][T10675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.011999][T10675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  294.042057][T10675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.062022][   T25] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  294.081757][T10675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  294.104317][T10675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.152091][T10675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  294.192056][T10675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.224739][T10675] batman_adv: batadv0: Interface activated: batadv_slave_1
[  294.262126][   T25] usb 6-1: Using ep0 maxpacket: 8
[  294.275626][T10675] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  294.292438][   T25] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  294.309577][T11198] loop3: detected capacity change from 0 to 32768
[  294.331344][   T25] usb 6-1: New USB device found, idVendor=044e, idProduct=121e, bcdDevice= 0.00
[  294.341394][T10675] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  294.370920][T10675] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  294.377721][   T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  294.400604][T10675] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  294.430138][T11198] ERROR: (device loop3): jfs_readdir: JFS:Dtree error: ino = 2, bn=0, index = 1
[  294.430138][T11198] 
[  294.443233][   T25] usb 6-1: config 0 descriptor??
[  294.466820][T11228] loop1: detected capacity change from 0 to 512
[  294.535724][T10664] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  294.581285][T10664] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.593588][ T5224] udevd[5224]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system
[  294.621454][T10664] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  294.639400][T11228] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  294.661508][T11228] ext4 filesystem being mounted at /372/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  294.683112][T10664] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.737582][T10664] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  294.791329][T10664] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.818876][T10664] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  294.868173][T10664] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.903931][T10664] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  294.931293][T10664] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.953907][T10664] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  294.959500][T11218] loop0: detected capacity change from 0 to 32768
[  294.984816][   T25] hid-alps 0003:044E:121E.0036: hidraw0: USB HID v0.00 Device [HID 044e:121e] on usb-dummy_hcd.5-1/input0
[  294.996358][T10664] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  295.028772][T10664] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  295.066547][T10664] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  295.098988][T11228] EXT4-fs error (device loop1): __ext4_remount:6491: comm syz.1.2164: Abort forced by user
[  295.114098][T10664] batman_adv: batadv0: Interface activated: batadv_slave_0
[  295.159534][T11228] EXT4-fs (loop1): Remounting filesystem read-only
[  295.164931][ T5496] udevd[5496]: symlink '../../loop0' '/dev/disk/by-uuid/45b0d9a3-5e0b-4fd0-ae05-2ff6b274033b.tmp-b7:0' failed: Read-only file system
[  295.258217][T10664] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  295.283729][   T25] usb 6-1: USB disconnect, device number 7
[  295.323129][T10664] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  295.392925][T10664] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  295.429414][T10664] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  295.477962][T10664] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  295.507388][T10664] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  295.563119][T10664] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  295.597233][T10664] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  295.632047][T10664] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  295.676783][T10664] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  295.691314][T10664] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  295.721612][T10664] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  295.747777][T10664] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  295.773641][T10664] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  295.800218][T10664] batman_adv: batadv0: Interface activated: batadv_slave_1
[  295.935517][T10664] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  295.978562][T10664] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  295.988001][T10664] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  296.021625][T10664] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  296.074146][T11261] loop3: detected capacity change from 0 to 64
[  296.213378][ T5496] udevd[5496]: symlink '../../loop3' '/dev/disk/by-label/untitled.tmp-b7:3' failed: Read-only file system
[  296.213819][ T5335] kernel read not supported for file /rfkill (pid: 5335 comm: kworker/0:7)
[  296.301159][ T5221] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.525967][T11271] netlink: 3060 bytes leftover after parsing attributes in process `syz.0.2175'.
[  296.669653][ T1115] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  296.730837][ T9890] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  296.742468][ T9890] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  296.926554][ T1115] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.067147][   T80] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  297.071366][ T2931] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  297.108246][   T80] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  297.110253][ T2931] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  297.248873][T11290] netlink: 'syz.0.2180': attribute type 27 has an invalid length.
[  297.291859][ T1115] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.661387][   T25] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  297.676734][   T55] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  297.701628][   T55] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  297.721626][   T55] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  297.731782][   T55] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  297.743256][   T55] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  297.744388][ T1115] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.769980][   T55] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  297.793888][ T2931] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  297.831896][ T2931] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  297.842164][   T25] usb 4-1: Using ep0 maxpacket: 8
[  297.860155][   T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 253, changing to 11
[  297.968368][   T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  298.012066][   T25] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  298.067305][   T25] usb 4-1: New USB device found, idVendor=1223, idProduct=3f07, bcdDevice= 0.00
[  298.121665][   T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  298.163126][   T25] usb 4-1: config 0 descriptor??
[  298.240372][T11318] loop4: detected capacity change from 0 to 128
[  298.248540][T11318] msdos: Unknown parameter 'dis‚ard'
[  298.372840][T11318] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1979'.
[  298.609051][ T1115] bridge_slave_1: left allmulticast mode
[  298.641435][ T1115] bridge_slave_1: left promiscuous mode
[  298.666021][   T25] ortek 0003:1223:3F07.0037: report_id 0 is invalid
[  298.667121][ T1115] bridge0: port 2(bridge_slave_1) entered disabled state
[  298.702601][   T25] ortek 0003:1223:3F07.0037: item 0 1 1 8 parsing failed
[  298.721862][   T25] ortek 0003:1223:3F07.0037: probe with driver ortek failed with error -22
[  298.777672][ T1115] bridge_slave_0: left allmulticast mode
[  298.794974][ T1115] bridge_slave_0: left promiscuous mode
[  298.815828][ T1115] bridge0: port 1(bridge_slave_0) entered disabled state
[  298.851524][   T25] usb 4-1: USB disconnect, device number 20
[  299.507479][T11326] loop2: detected capacity change from 0 to 32768
[  299.593584][ T5224] udevd[5224]: symlink '../../loop2' '/dev/disk/by-uuid/45b0d9a3-5e0b-4fd0-ae05-2ff6b274033b.tmp-b7:2' failed: Read-only file system
[  299.927521][   T55] Bluetooth: hci2: command tx timeout
[  300.330104][ T1115] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  300.367635][ T1115] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  300.395091][ T1115] bond0 (unregistering): Released all slaves
[  300.532191][T11360] netlink: 36 bytes leftover after parsing attributes in process `syz.5.2196'.
[  300.611337][   T25] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  300.627069][T11302] chnl_net:caif_netlink_parms(): no params data found
[  300.806979][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  300.838650][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  300.895374][   T25] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  300.933500][T11375] loop3: detected capacity change from 0 to 22
[  300.951977][   T25] usb 3-1: New USB device found, idVendor=056a, idProduct=0116, bcdDevice= 0.00
[  300.961046][   T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  300.967827][T11375] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  300.998043][ T5224] udevd[5224]: symlink '../../loop3' '/dev/disk/by-label/rom\x20637cf1fa.tmp-b7:3' failed: Read-only file system
[  301.022755][   T25] usb 3-1: config 0 descriptor??
[  301.033114][T11375] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  301.471571][   T25] wacom 0003:056A:0116.0038: hidraw0: USB HID v0.05 Device [HID 056a:0116] on usb-dummy_hcd.2-1/input0
[  301.636739][T11364] loop4: detected capacity change from 0 to 32768
[  301.678390][T11302] bridge0: port 1(bridge_slave_0) entered blocking state
[  301.688599][T11364] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.2197 (11364)
[  301.713049][T11302] bridge0: port 1(bridge_slave_0) entered disabled state
[  301.724715][ T5319] usb 3-1: USB disconnect, device number 19
[  301.755787][T11302] bridge_slave_0: entered allmulticast mode
[  301.779996][T11302] bridge_slave_0: entered promiscuous mode
[  301.822014][T11364] BTRFS info (device loop4): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  301.861695][ T5496] udevd[5496]: symlink '../../loop4' '/dev/disk/by-uuid/14d642db-7b15-43e4-81e6-4b8fac6a25f8.tmp-b7:4' failed: Read-only file system
[  301.862685][T11364] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  301.911654][T11397] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2205'.
[  301.968266][T11364] BTRFS info (device loop4): using free-space-tree
[  302.001766][   T55] Bluetooth: hci2: command tx timeout
[  302.062287][ T1115] hsr_slave_0: left promiscuous mode
[  302.079415][ T1115] hsr_slave_1: left promiscuous mode
[  302.148543][T11403] mmap: syz.3.2206 (11403) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  302.190925][ T1115] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  302.199595][T11418] loop0: detected capacity change from 0 to 128
[  302.241431][ T1115] batman_adv: batadv0: Removing interface: batadv_slave_0
[  302.289832][ T1115] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  302.327513][ T1115] batman_adv: batadv0: Removing interface: batadv_slave_1
[  302.534567][ T1115] veth1_macvtap: left promiscuous mode
[  302.540188][ T1115] veth0_macvtap: left promiscuous mode
[  302.546848][T11428] Bluetooth: MGMT ver 1.23
[  302.584247][T10664] BTRFS info (device loop4): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  302.591681][ T1115] veth1_vlan: left promiscuous mode
[  302.600514][ T1115] veth0_vlan: left promiscuous mode
[  303.851345][ T1851] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  303.942783][T11449] loop4: detected capacity change from 0 to 32768
[  304.006214][T11449] JBD2: Ignoring recovery information on journal
[  304.023777][ T1851] usb 6-1: Using ep0 maxpacket: 16
[  304.032627][ T1851] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  304.051440][ T1851] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  304.063073][ T1851] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  304.073133][ T1851] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  304.083204][   T55] Bluetooth: hci2: command tx timeout
[  304.091411][ T1851] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  304.095729][ T5224] udevd[5224]: symlink '../../loop4' '/dev/disk/by-uuid/b1de653c-5ffc-4d88-b33b-244aab9eb3e9.tmp-b7:4' failed: Read-only file system
[  304.106116][ T1851] usb 6-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  304.129310][ T1851] usb 6-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  304.137525][ T1851] usb 6-1: Manufacturer: syz
[  304.151495][ T1851] usb 6-1: config 0 descriptor??
[  304.151627][T11449] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  304.395657][T10664] ocfs2: Unmounting device (7,4) on (node local)
[  304.493000][   T30] INFO: task kworker/0:2:935 blocked for more than 143 seconds.
[  304.500679][   T30]       Not tainted 6.11.0-syzkaller-04003-gfc1dc0d50780 #0
[  304.519669][ T1851] rc_core: IR keymap rc-hauppauge not found
[  304.561894][ T1851] Registered IR keymap rc-empty
[  304.561899][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  304.567293][ T1851] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  304.596657][   T30] task:kworker/0:2     state:D stack:19376 pid:935   tgid:935   ppid:2      flags:0x00004000
[  304.616131][   T30] Workqueue: events_long bch2_fs_read_only_work
[  304.628389][ T1851] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  304.637140][   T30] Call Trace:
[  304.640535][   T30]  <TASK>
[  304.651299][   T30]  __schedule+0x1800/0x4a60
[  304.655870][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  304.672913][ T1851] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0
[  304.684663][   T30]  ? __pfx___schedule+0x10/0x10
[  304.689557][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  304.706363][ T1851] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input41
[  304.718707][   T30]  ? __pfx_lock_release+0x10/0x10
[  304.731567][   T30]  ? kick_pool+0x45c/0x620
[  304.736035][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  304.744284][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  304.750099][ T1851] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  304.757908][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  304.764011][   T30]  ? schedule+0x90/0x320
[  304.768349][   T30]  schedule+0x14b/0x320
[  304.776256][   T30]  schedule_preempt_disabled+0x13/0x30
[  304.782422][ T1851] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  304.789677][   T30]  rwsem_down_write_slowpath+0xeeb/0x13b0
[  304.796306][   T30]  ? rwsem_down_write_slowpath+0xa06/0x13b0
[  304.803160][   T30]  ? __pfx_rwsem_down_write_slowpath+0x10/0x10
[  304.809477][   T30]  ? __pfx_lock_acquire+0x10/0x10
[  304.815077][ T1851] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  304.824251][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  304.830057][   T30]  ? __pfx_lock_acquire+0x10/0x10
[  304.835958][   T30]  down_write+0x1d7/0x220
[  304.843119][ T1851] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  304.851618][   T30]  ? __pfx_down_write+0x10/0x10
[  304.856618][   T30]  ? process_scheduled_works+0x945/0x1830
[  304.863375][   T30]  bch2_fs_read_only_work+0x25/0x40
[  304.885584][ T1851] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  304.892861][   T30]  process_scheduled_works+0xa2e/0x1830
[  304.898624][   T30]  ? __pfx_process_scheduled_works+0x10/0x10
[  304.911363][   T30]  ? assign_work+0x364/0x3d0
[  304.916114][   T30]  worker_thread+0x870/0xd30
[  304.920802][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  304.931382][ T1851] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  304.949316][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  304.962276][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  304.970497][   T30]  ? __kthread_parkme+0x169/0x1d0
[  304.975928][ T1851] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  304.991355][   T30]  ? __pfx_worker_thread+0x10/0x10
[  304.997750][   T30]  kthread+0x2f2/0x390
[  305.009324][   T30]  ? __pfx_worker_thread+0x10/0x10
[  305.014737][ T1851] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  305.031406][   T30]  ? __pfx_kthread+0x10/0x10
[  305.036162][   T30]  ret_from_fork+0x4d/0x80
[  305.047542][   T30]  ? __pfx_kthread+0x10/0x10
[  305.052943][ T1851] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  305.065861][   T30]  ret_from_fork_asm+0x1a/0x30
[  305.076423][   T30]  </TASK>
[  305.095713][ T1851] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  305.104101][   T30] INFO: task bch-reclaim/loo:7271 blocked for more than 143 seconds.
[  305.124722][   T30]       Not tainted 6.11.0-syzkaller-04003-gfc1dc0d50780 #0
[  305.141248][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  305.152148][ T1851] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  305.171378][   T30] task:bch-reclaim/loo state:D stack:26224 pid:7271  tgid:7271  ppid:2      flags:0x00004000
[  305.191914][ T1851] mceusb 6-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  305.201061][ T1851] mceusb 6-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  305.221287][   T30] Call Trace:
[  305.224605][   T30]  <TASK>
[  305.227566][   T30]  __schedule+0x1800/0x4a60
[  305.235717][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  305.244025][   T30]  ? __pfx___schedule+0x10/0x10
[  305.253519][ T1851] usb 6-1: USB disconnect, device number 8
[  305.261805][   T30]  ? __pfx_lock_release+0x10/0x10
[  305.277901][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  305.294906][   T30]  ? schedule+0x90/0x320
[  305.304881][   T30]  schedule+0x14b/0x320
[  305.313649][   T30]  schedule_preempt_disabled+0x13/0x30
[  305.324816][   T30]  __mutex_lock+0x6a4/0xd70
[  305.335035][   T30]  ? __mutex_lock+0x527/0xd70
[  305.347927][   T30]  ? bch2_journal_reclaim_thread+0x167/0x560
[  305.361921][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  305.368660][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  305.374814][   T30]  ? do_raw_spin_unlock+0x13c/0x8b0
[  305.380138][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  305.388749][   T30]  bch2_journal_reclaim_thread+0x167/0x560
[  305.401367][   T30]  ? bch2_journal_reclaim_thread+0x249/0x560
[  305.410848][   T30]  ? __pfx_bch2_journal_reclaim_thread+0x10/0x10
[  305.424344][   T30]  kthread+0x2f2/0x390
[  305.434829][   T30]  ? __pfx_bch2_journal_reclaim_thread+0x10/0x10
[  305.446956][   T30]  ? __pfx_kthread+0x10/0x10
[  305.461024][   T30]  ret_from_fork+0x4d/0x80
[  305.470241][   T30]  ? __pfx_kthread+0x10/0x10
[  305.481337][   T30]  ret_from_fork_asm+0x1a/0x30
[  305.487355][   T30]  </TASK>
[  305.494677][   T30] 
[  305.494677][   T30] Showing all locks held in the system:
[  305.552437][   T30] 3 locks held by kworker/u8:0/11:
[  305.558896][   T30] 1 lock held by khungtaskd/30:
[  305.594231][   T30]  #0: ffffffff8e938a60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  305.621544][   T30] 3 locks held by kworker/0:2/935:
[  305.626738][   T30]  #0: ffff88801ac79148 ((wq_completion)events_long){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  305.661475][   T30]  #1: ffffc9000388fd00 ((work_completion)(&c->read_only_work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  305.681912][   T30]  #2: ffff888057100278 (&c->state_lock){+.+.}-{3:3}, at: bch2_fs_read_only_work+0x25/0x40
[  305.711499][   T30] 5 locks held by kworker/u8:6/1115:
[  305.716847][   T30]  #0: ffff88801bae5948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  305.741309][   T30]  #1: ffffc90003e3fd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  305.764212][   T30]  #2: ffffffff8fcb40d0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0
[  305.782206][   T30]  #3: ffffffff8fcc0bc8 (rtnl_mutex){+.+.}-{3:3}, at: default_device_exit_batch+0xe9/0xaa0
[  305.803751][   T30]  #4: ffffffff8e93de38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830
[  305.823597][   T30] 1 lock held by dhcpcd/4890:
[  305.832967][   T30]  #0: ffffffff8fcc0bc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  305.851492][   T30] 2 locks held by getty/4977:
[  305.858151][T11462] loop4: detected capacity change from 0 to 40427
[  305.867898][   T30]  #0: ffff88803464a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  305.883440][T11462] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  305.897675][   T30]  #1: ffffc9000311b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00
[  305.914152][T11462] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  305.922729][   T30] 1 lock held by udevd/5224:
[  305.927440][   T30] 3 locks held by kworker/1:7/5319:
[  305.934315][   T30]  #0: ffff88801ac78948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  305.948453][T11462] F2FS-fs (loop4): invalid crc value
[  305.954007][   T30]  #1: ffffc900039bfd00 ((work_completion)(&aux->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  305.956551][ T5224] udevd[5224]: symlink '../../loop4' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:4' failed: Read-only file system
[  305.966367][   T30]  #2: ffffffff8fcc0bc8 (rtnl_mutex){+.+.}-{3:3}, at: bpf_prog_dev_bound_destroy+0x76/0x590
[  305.992244][   T30] 5 locks held by syz-executor/6299:
[  305.997874][   T30] 1 lock held by bch-reclaim/loo/7271:
[  306.004053][   T30]  #0: ffff88805714af28 (&j->reclaim_lock){+.+.}-{3:3}, at: bch2_journal_reclaim_thread+0x167/0x560
[  306.016075][   T30] 3 locks held by kworker/u8:13/9892:
[  306.023822][T11462] F2FS-fs (loop4): Found nat_bits in checkpoint
[  306.039319][   T30]  #0: ffff88801ac81148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  306.061369][   T30]  #1: ffffc90008ebfd00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  306.086034][   T30]  #2: ffffffff8fcc0bc8 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60
[  306.103484][   T30] 1 lock held by syz-executor/11302:
[  306.114523][   T30]  #0: ffffffff8fcc0bc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  306.127387][   T30] 2 locks held by syz.2.2210/11431:
[  306.135713][T11462] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  306.143056][T11462] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  306.150708][   T30]  #0: ffffffff8fd268f0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40
[  306.160385][   T30]  #1: ffffffff8fcc0bc8 (rtnl_mutex){+.+.}-{3:3}, at: ethnl_default_set_doit+0x394/0x910
[  306.169246][   T55] Bluetooth: hci2: command tx timeout
[  306.171072][   T30] 1 lock held by syz.3.2211/11433:
[  306.191369][   T30]  #0: ffffffff8fcc0bc8 (rtnl_mutex){+.+.}-{3:3}, at: packet_mc_add+0x28/0x950
[  306.200534][   T30] 7 locks held by syz.4.2221/11462:
[  306.205976][   T30] 
[  306.208319][   T30] =============================================
[  306.208319][   T30] 
[  306.229742][   T30] NMI backtrace for cpu 0
[  306.234098][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-syzkaller-04003-gfc1dc0d50780 #0
[  306.244263][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  306.254333][   T30] Call Trace:
[  306.257621][   T30]  <TASK>
[  306.260563][   T30]  dump_stack_lvl+0x241/0x360
[  306.265278][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  306.270507][   T30]  ? __pfx__printk+0x10/0x10
[  306.275144][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[  306.280114][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  306.285589][   T30]  ? _printk+0xd5/0x120
[  306.289769][   T30]  ? __pfx__printk+0x10/0x10
[  306.294386][   T30]  ? __wake_up_klogd+0xcc/0x110
[  306.299267][   T30]  ? __pfx__printk+0x10/0x10
[  306.303889][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  306.309729][   T30]  ? __rcu_read_unlock+0xa1/0x110
[  306.314785][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  306.320794][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  306.326802][   T30]  watchdog+0xff4/0x1040
[  306.331069][   T30]  ? watchdog+0x1ea/0x1040
[  306.335517][   T30]  ? __pfx_watchdog+0x10/0x10
[  306.340221][   T30]  kthread+0x2f2/0x390
[  306.344310][   T30]  ? __pfx_watchdog+0x10/0x10
[  306.349005][   T30]  ? __pfx_kthread+0x10/0x10
[  306.353614][   T30]  ret_from_fork+0x4d/0x80
[  306.358167][   T30]  ? __pfx_kthread+0x10/0x10
[  306.362774][   T30]  ret_from_fork_asm+0x1a/0x30
[  306.367583][   T30]  </TASK>
[  306.370690][    C0] vkms_vblank_simulate: vblank timer overrun
[  306.377800][   T30] Sending NMI from CPU 0 to CPUs 1:
[  306.383744][    C1] NMI backtrace for cpu 1
[  306.383758][    C1] CPU: 1 UID: 0 PID: 6299 Comm: syz-executor Not tainted 6.11.0-syzkaller-04003-gfc1dc0d50780 #0
[  306.383784][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  306.383798][    C1] RIP: 0010:memset+0xf/0x20
[  306.383836][    C1] Code: 44 88 1f e9 ce e1 32 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 49 89 f9 40 88 f0 48 89 d1 <f3> aa 4c 89 c8 e9 a2 e1 32 00 0f 1f 80 00 00 00 00 90 90 90 90 90
[  306.383855][    C1] RSP: 0018:ffffc90019ec7358 EFLAGS: 00000202
[  306.383876][    C1] RAX: 1ffff920033d8e00 RBX: 0000000000000000 RCX: 0000000000000005
[  306.383892][    C1] RDX: 0000000000000028 RSI: 0000000000000000 RDI: ffffc90019ec7423
[  306.383908][    C1] RBP: ffffc90019ec74b0 R08: ffffc90019ec7427 R09: ffffc90019ec7400
[  306.383925][    C1] R10: dffffc0000000000 R11: fffff520033d8e85 R12: dffffc0000000000
[  306.383942][    C1] R13: ffff8880571046a0 R14: 0000000000000000 R15: 0000000000000000
[  306.383960][    C1] FS:  0000555592777500(0000) GS:ffff8880b8900000(0000) knlGS:0000000000000000
[  306.383981][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  306.383997][    C1] CR2: 00007ffd6d923ff8 CR3: 00000000593b0000 CR4: 0000000000350ef0
[  306.384016][    C1] Call Trace:
[  306.384024][    C1]  <NMI>
[  306.384033][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  306.384056][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  306.384092][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  306.384118][    C1]  ? nmi_handle+0x2a/0x5a0
[  306.384152][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  306.384182][    C1]  ? nmi_handle+0x151/0x5a0
[  306.384205][    C1]  ? nmi_handle+0x2a/0x5a0
[  306.384228][    C1]  ? memset+0xf/0x20
[  306.384259][    C1]  ? default_do_nmi+0x63/0x160
[  306.384289][    C1]  ? exc_nmi+0x123/0x1f0
[  306.384311][    C1]  ? end_repeat_nmi+0xf/0x53
[  306.384349][    C1]  ? memset+0xf/0x20
[  306.384381][    C1]  ? memset+0xf/0x20
[  306.384414][    C1]  ? memset+0xf/0x20
[  306.384446][    C1]  </NMI>
[  306.384453][    C1]  <TASK>
[  306.384461][    C1]  __mutex_lock+0xb0/0xd70
[  306.384495][    C1]  ? __bch2_next_write_buffer_flush_journal_buf+0x287/0x2a0
[  306.384534][    C1]  ? btree_write_buffer_flush_seq+0x1a39/0x1bc0
[  306.384559][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  306.384591][    C1]  ? bch2_next_write_buffer_flush_journal_buf+0xb1/0x1b0
[  306.384624][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  306.384660][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  306.384692][    C1]  ? bch2_trans_unlock+0x3a6/0x470
[  306.384720][    C1]  btree_write_buffer_flush_seq+0x1a39/0x1bc0
[  306.384754][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  306.384791][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  306.384822][    C1]  ? __asan_memset+0x23/0x50
[  306.384856][    C1]  ? lockdep_init_map_type+0xa1/0x910
[  306.384888][    C1]  ? __pfx_btree_write_buffer_flush_seq+0x10/0x10
[  306.384914][    C1]  ? __pfx_lockdep_init_map_type+0x10/0x10
[  306.384949][    C1]  ? journal_flush_pins+0x597/0xb20
[  306.384973][    C1]  ? do_raw_spin_lock+0x14f/0x370
[  306.385007][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  306.385038][    C1]  ? __bch2_trans_get+0x975/0xd20
[  306.385069][    C1]  bch2_btree_write_buffer_journal_flush+0x4e/0x80
[  306.385095][    C1]  ? __pfx_bch2_btree_write_buffer_journal_flush+0x10/0x10
[  306.385123][    C1]  journal_flush_pins+0x5f9/0xb20
[  306.385164][    C1]  journal_flush_done+0x8e/0x260
[  306.385192][    C1]  bch2_journal_flush_pins+0x102/0x3a0
[  306.385219][    C1]  ? __pfx_bch2_journal_flush_pins+0x10/0x10
[  306.385244][    C1]  ? __bch2_print+0x17a/0x220
[  306.385285][    C1]  ? __pfx_bch2_btree_interior_updates_flush+0x10/0x10
[  306.385329][    C1]  ? __pfx___bch2_print+0x10/0x10
[  306.385362][    C1]  ? rcu_is_watching+0x15/0xb0
[  306.385386][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  306.385417][    C1]  ? kthread_stop+0x2c2/0x640
[  306.385453][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  306.385485][    C1]  ? bch2_copygc_stop+0x103/0x150
[  306.385522][    C1]  __bch2_fs_read_only+0x124/0x430
[  306.385560][    C1]  bch2_fs_read_only+0xb57/0x1220
[  306.385605][    C1]  ? __pfx_bch2_fs_read_only+0x10/0x10
[  306.385641][    C1]  ? __bch2_print+0x17a/0x220
[  306.385677][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  306.385709][    C1]  ? down_write+0x18c/0x220
[  306.385744][    C1]  ? __pfx_down_write+0x10/0x10
[  306.385781][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  306.385812][    C1]  ? hook_sb_delete+0xa7f/0xbb0
[  306.385846][    C1]  __bch2_fs_stop+0x105/0x540
[  306.385880][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  306.385913][    C1]  ? __pfx___bch2_fs_stop+0x10/0x10
[  306.385950][    C1]  ? __pfx_evict_inodes+0x10/0x10
[  306.385987][    C1]  ? bch2_sync_fs+0x155/0x300
[  306.386016][    C1]  ? __pfx_bch2_put_super+0x10/0x10
[  306.386045][    C1]  generic_shutdown_super+0x13b/0x2d0
[  306.386076][    C1]  bch2_kill_sb+0x41/0x50
[  306.386100][    C1]  deactivate_locked_super+0xc6/0x130
[  306.386129][    C1]  cleanup_mnt+0x41f/0x4b0
[  306.386154][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  306.386186][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  306.386216][    C1]  task_work_run+0x251/0x310
[  306.386245][    C1]  ? __pfx_task_work_run+0x10/0x10
[  306.386268][    C1]  ? __x64_sys_umount+0x123/0x170
[  306.386304][    C1]  ? syscall_exit_to_user_mode+0xa3/0x370
[  306.386337][    C1]  syscall_exit_to_user_mode+0x168/0x370
[  306.386369][    C1]  do_syscall_64+0x100/0x230
[  306.386404][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  306.386432][    C1] RIP: 0033:0x7fe28cf7f227
[  306.386451][    C1] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  306.386470][    C1] RSP: 002b:00007fff8c5c9e48 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  306.386493][    C1] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fe28cf7f227
[  306.386507][    C1] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff8c5c9f00
[  306.386523][    C1] RBP: 00007fff8c5c9f00 R08: 0000000000000000 R09: 0000000000000000
[  306.386538][    C1] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff8c5caf80
[  306.386554][    C1] R13: 00007fe28cff0a14 R14: 0000000000021870 R15: 00007fff8c5cafc0
[  306.386581][    C1]  </TASK>
[  306.390435][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  306.991070][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-syzkaller-04003-gfc1dc0d50780 #0
[  307.001252][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  307.011327][   T30] Call Trace:
[  307.014604][   T30]  <TASK>
[  307.017532][   T30]  dump_stack_lvl+0x241/0x360
[  307.022228][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  307.027444][   T30]  ? __pfx__printk+0x10/0x10
[  307.032042][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  307.038054][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  307.043708][   T30]  ? vscnprintf+0x5d/0x90
[  307.048045][   T30]  panic+0x349/0x870
[  307.051950][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  307.057598][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  307.063756][   T30]  ? __pfx_panic+0x10/0x10
[  307.068178][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[  307.073562][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  307.079205][   T30]  ? __irq_work_queue_local+0x137/0x410
[  307.084766][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  307.090409][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  307.095788][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  307.101947][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  307.108106][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  307.113750][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  307.119909][   T30]  watchdog+0x1033/0x1040
[  307.124244][   T30]  ? watchdog+0x1ea/0x1040
[  307.128671][   T30]  ? __pfx_watchdog+0x10/0x10
[  307.133350][   T30]  kthread+0x2f2/0x390
[  307.137422][   T30]  ? __pfx_watchdog+0x10/0x10
[  307.142104][   T30]  ? __pfx_kthread+0x10/0x10
[  307.146697][   T30]  ret_from_fork+0x4d/0x80
[  307.151125][   T30]  ? __pfx_kthread+0x10/0x10
[  307.155715][   T30]  ret_from_fork_asm+0x1a/0x30
[  307.160508][   T30]  </TASK>
[  307.163800][   T30] Kernel Offset: disabled
[  307.168414][   T30] Rebooting in 86400 seconds..