last executing test programs:

25.152026022s ago: executing program 0 (id=1514):
r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000140)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x56e, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0xb0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x8, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x46}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x5}}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="0000460000004600a7ea3163fdfa964e2c8d95"], 0x0, 0x0, 0x0, 0x0}, 0x0)

22.414269252s ago: executing program 0 (id=1522):
syz_mount_image$hfs(&(0x7f00000001c0), &(0x7f0000000140)='./bus\x00', 0x14000, &(0x7f0000000000)=ANY=[], 0x1, 0x2b9, &(0x7f0000000200)="$eJzs3U1rE0Ecx/HfbNa60VK3DyKIIFQLnqStF/GiSK/ePYnaRCgNFbSCeqqexRfg3bfgi/Akgud68tSjh4Lgysxumk06m6c22bR+P9Bku5n/zH+yu92ZtGUE4L91f233861f9stIFVUk3ZECSZEUSrqoS9Grre2N7Ua91q2iiouwISZ9cs/t1rfqvlAb5yKse1Jsvws1fbAPIxMlSfLT94J3J04rd/V7BNLZ7Op0r0djz2w0dspOoGRmX/t6rZmy8wAAlCu7/wfZfX46G78HgbSU3fZP1f1/v+wESpa7/4fSrhJjj+8F91JrvuemcHbsFzRnicO0NaX0zGobYJpes0qXS1B9ttGo31x/3qgFeq+7mVyxBS1KqqWnblM+23eHq170zE0Pq/hqG8x514cztg+rBfnP++KO8m73Yr6ab+aRifVJtYPxX5gYe5jckYo7jlSa/3Jxja6XcVqqoJezrpHLWQuZHr2M/DMSNc+oWbV/QBD3ytNFzXVEpb1b6RE1741a7SgadkQtdEa1zubi9kbNfDQPzaL29EVrufF/YN/tJfVzZdoyrmR2Znj707zCQlcylvQ3SWnnirfO4IgdwyA+6Klua+blm7ebTxqNemKkHbvxornHyGizbc8AG1cHjqoO01Y4fIaTvxFqZE0oGwFNSE/HsVGVNAFpjHjDjs+PqcKyf0BhHFoHvd+IB6NNCONmx10mnf/l5ivLbgBnH+Iu4/TEPVaLK8/VuFIwN5hz9Zzzz+D22n8HGB1UWziD63fOde2GdN3TYkG1scuzW1cnXv6zG7Om73rM5/8AAAAAAAAAAAAAAAAAAAAnjf+v/38nSXJ8/5ZQdh8BAAAAAAAAAAAAAAAAAAAAADjp/mSLsnSs//ujMuT6v1Fr/d/Dq/f2s/6v+ln/d2qwTgLw+hcAAP//qAiKUw==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x1db)
writev(r0, &(0x7f0000000140)=[{&(0x7f0000001200)="10", 0x64000}], 0x1)

21.5544763s ago: executing program 0 (id=1527):
mknod(&(0x7f00000002c0)='./file0\x00', 0x0, 0x0)
syz_mount_image$sysv(&(0x7f0000000f00), &(0x7f0000000f40)='./file0\x00', 0x1000000, &(0x7f0000000f40)=ANY=[], 0x1, 0x9ec0, &(0x7f0000015380)="$eJxEmnPwJ8nytb+zOztr2zaftW3btu1nvZ+2sbZt27Zt28a8MffeX7z5T0d3dGfkqXNORXVW3TLAWwd42wBvH+AdA7xzgHcN8O4B3jPAewd43wDvH+ADA3xwgA8N8OEBPjLARwf42AAfH+ATA3xygE8N8OkBPjPAZwf43ACfH+ALA3xxgC8N8OUBvjLAVwf42gBfH+AbA3xzgG8N8O0BvjPAdwf43gDfH+AHA/xwgB8N8OMBfjLATwf42QA/H+AXA/xygF8N8OsBfjPAbwf43QC/H+APA/xxgD8N8OcB/jLAXwf42wB/H+AfA/xzgH8N8O8B/jPAfwc4coBDAQ4LcLQARw9weIBjBDgiwDEDHCvAsQMcJ8BxAxwvwPEDnCDACQOcKMCJA5wkwEkDnCzAyQOcIsApA5wqwKkDnCbAaQOcLsDpA5whwBkDnCnAmQOcJcBZA5wtwNkDnCPAOQOcK8C5A5wnwHkDnC/A+QNcIMAFA1woQAJcOMBFAlw0wMUCXDzAJQJcMsClAlw6wGUCXDbA5QJcPsAVAlwxwJUCXDnAVQJcNcDVAlw9wDUCXDPAtQJcO8B1Alw3wPUCXD/ADQLcMMCNAtw4wE0C3DTAzQLcPMAtAtwywK0C3DrAbQLcNsDtAtw+wB0C3DHAnQLcOcBdAtw1wN0C3D3APQLcM8C9Atw7wH0C3DfA/QLcP8ADAjwwwIMCPDgY4SEBHhrgYQEeHuARAR4Z4FEBHh2gAR4T4LEBHhcw+ijuTwjwxABPCvDkAAcBBgGGAUYBxgEmAaYBZgHmARYBlgFWAdYBNgG2AXYBQ6NynhLgqQGeFuDpAZ4R4JkBnhXg2QGeE+C5AZ4X4PkBXhDghQFeFODFAV4S4KUBXhbg5QFeEeCVAV4V4NUBXhPgtQFeF+D1Ad4Q4I0B3hTgzQHeEuCtwVhDQ0N4e4B3BHhngHcFeHeA9wR4b4D3BXh/gA8E+GCADwX48CgfhENDj47i9ouh/8QTAT4ZDP9PvqcDfGbU2P03fD7AFwJ8McCXAnw5wFcCfDXA1wJ8PcA3AnwzwLcCfDvAdwJ8N8D3Anw/wA8C/DDAjwL8OMBPAvw0wM8C/DzALwL8MsCvAvw6wG8C/DbA7wL8PsAfAvwxwJ8C/DnAXwL8NcDfAvw9wD8C/DPAvwL8O8B/Avw3wJEBDoU4LMTRwlG4cXiIY4Q4IsQxQxwrxLFDHCfEcUMcL2T28UOcIMQJQ5woxIlDnCTESUOcLMTJQ5wixClDnCrEqUOcJsRpQ5wuxOn/l3fGEGcKceYQZwlx1hBnC3H2EOcIcc4Q5wpx7hDnCXHeEOcLcf4QFwhxwRAXCpEQFw5xkRAXDXGxEBcPcYkQlwxxqRCXDnGZEJcNcbkQlw9xhRBXDHGlEFcOcZUQVw1xtRBXD3GNENcMca0Q1w5xnRDXDXG9ENcPcYMQNwxxoxA3DnGTEDcNcbMQNw9xixC3DHGrELcOcZsQtw1xuxC3D3GHEHcMcafRhoZG8bBLiLuGuFuIu4e4R4h7hrhXiHuHuE+I+4a4X4j7h3hAiAeGeFCIB4d4SIiHhnhYiIeHeESIR4Z4VIhHh2iIx4R4bIjHhXh8iCeEeGKIJ4V4coiDEIMQwxCj8P/rPA0xCzEPsQixDLEKsQ6xCbENsQuxf2HC/34R4mkhnh7iGSGeGeJZIZ4d4jkhnhvieSGeH+IFIV4Y4kUhXhziJSFeGuJlIV4e4hUhXhniVSFeHeI1IV4b4nUhXh/iDSHeOIq7zeYdGjY0NHRLiLeGeFuIt4d4R4h3hnhXiHeHeE+I94Z4X4j3h/hAiA+G+FCID4/S+xA+GuJjIT4e4hMhPhniUyE+HeIzIT4b4nMhPh/iCyG+GOJLIb4c4ishvhriayG+HuIbIb4Z4lshvh3iOyG+G+J7Ib4f4gchfhjiRyF+HOInIX4a4mchfh7iFyF+GeJXIX4d4jchfhvidyF+H+IPIf4Y4k8h/hziLyH+GuJvIf4e4h8h/hniXyH+HeI/If4b4sgQhyIcFuFoEY4e4fAIx4hwRIRjRjhWhGNHOE6E40Y4XoTjRyOcIMIJI5wowokjnCTCSSOcLMLJI5wiwikjnCrCqSOcJsJpI5wuwukjnCHCGSOcKcKZI5wlwlkjnC3C2SOcI8I5I5wrwrkjnCfCeSOcL8L5I1wgwgUjXChCIlw4wkUiXDTCxSJcPMIlIlwywqUiXDrCZSJcNsLlIlw+whUiXDHClSJcOcJVIlw1wtUiXD3CNSJcM8K1Ilw7wnUiXDfC9SJcP8INItwwwo0i3DjCTSLcNMLNItw8wi0i3DLCrSLcOsJtItw2wu0i3D7CHSLcMcKdItw5wl0i3DXC3SLcPcI9Itwzwr0i3DvCfSLcN8L9Itw/wgMiPDDCgyI8OMJDIjw0wsMiPDzCIyI8MsKjIjw6QiM8JsJjIzwuwuMjPCHCEyM8KcKTIxxEGEQYRhhFGEeYRJhGmEWYR1hEWEZYRVhH2ETYRthF2Ed4SoSnRnhahKdHeEaEZ0Z4VoRnR3hOhOdGeF6E50d4QYQXRnhRhBdHeEmEl0Z4WYSXR3hFhFdGeFWEV0d4TYTXRnjdsP/NThHeGOFNEd4c4S3RmN4a4W0R3h7hHRHeGeFdEd4d4T0R3hvhfRHeH+EDET4Y4UMRPhzhIxE+GuFjET4e4RMRPhnhUxE+HeEzET4b4XMRPh/hCxG+GOFLEb4c4SsRvhrhaxG+HuEbEb4Z4VsRvh3hOxG+G+F7Eb4f4QcRfhjhRxF+HOEnEX4a4WcRfh7hFxFjfRnhVxF+HeE3EX4b4XcRfh/hDxH+GOFPEf4c4S8R/hrhbxH+HuEfEf4Z4V8R/h3hPxH+G+HICIdiHBbjaDGOHuPwGMeIcUSMY8Y4VoxjxzhOjOPGOF6M48c4QYwTxjhRjBPHOEmMk8Y4WYyTxzhFjFPGOFWMU8c4TYzTxjhdjNPHOEOMM8Y4U4wzxzhLjLPGOFuMs8c4R4xzxjhXjHPHOE+M88Y4X/zJhPPHuECMC8a4UIzEuHCMi8S4aIyLxbh4jEvEuGSMS40YcukYl4lx2RiXi3H5GFeIccUYV4px5RhXiXHVGFeLcfUY14hxzRjXinHtGNeJcd0Y14tx/Rg3iHHDGDeKceMYN4lx0xg3i3HzGLeIccsYt4px6xi3iZlx2xi3i3H7GHeIcccYd4px5xh3iXHXGHeLcfcY94hxzxj3inHvGPeJcd8Y94tx/xgPiPHAGA+K8eAYD4nx0BgPi/HwGI+I8cgYj4rx6BiN8ZgYj43xuBiPj/GEGE+M8aQYT45xEGMQYxhjFGMcYxJjGmMWYx5jEWMZYxVjHWMTYxtjF2Mf4ykxnhrjaTGeHuMZMZ4Z41kxnh3jOTGeG+N5MZ4f4wUxXhjjRTFeHOMlMV4a42UxXh7jFTFeGeNVMV4d4zUxXhvjdTFeH+MNMd4Y400x3hzjLTHeGuNtMd4e4x0x3hnjXTHeHeM9Md4b430x3h/jAzE+GONDMT4c4yMxPhrjYzE+HuMTMT4Z41MxPh3jMzE+G+NzMT4f4wsxvhjjSzG+HOMrMb4a42sxvh7jGzG+OWq8h/DtGN+J8d0Y34vx/Rg/iPHDGD+K8eMYP4nx0xg/i/HzGL+I8csYv4rx6xi/ifHbGL+L8fsYf4jxxxh/ivHnGH+J8dcYf4vx9xj/iPHPGP+K8e8Y/4nx3xhHxjiU4LAER0tw9ASHJzhGgiMSHDPBsRIcO8FxEhw3wfESHD/BCRKcMMGJEpw4wUkSnDTByRKcPMEpEpwywakSnDrBaRKcNsHpEpw+wRkSnDHBmRKcOcFZEpw1wdkSnD3BORKcM8G5Epw7wXkSnDfB+RKcP8EFElwwwYUSJMGFE1wkwUUTXCzBxRNcIsElE1wqwaUTXCbBZRNcLsHlE1whwRUTXCnBlRNcJcFVE1wtwdUTXCPBNRNcK8G1E1wnwXUTXC/B9RPcIMENE9wowY0T3CTBTRPcLMHNE9wiwS0T3CrBrRPcJsFtE9wuwe0T3CHBHRPcKcGdE9wlwV0T3C3B3RPcI8E9E9wrwb0T3CfBfRPcL8H9EzwgwQMTPCjBgxM8JMFDEzwswcMTPCLBIxM8KsGjEzTBYxI8NsHjEjw+wRMSPDHBkxI8OcFBgkGCYYJRgnGCSYJpglmCeYJFgmWCVYJ1gk2CbYJdgn2CpyR4aoKnJXh6gmckeGaCZyV4doLnJHhugucleH6CFyR4YYIXJXhxgpeM0uHQ0NBlCV6e4BUJXpngVQleneA1CV6b4HUJXp/gDQnemOBNCd6c4C0J3prgbQnenuAdCd6Z4F0J3p3gPQnem+B9Cd6f4AMJPpjgQwk+nOAjCT6a4GMJPp7gEwk+meBTCT6d4DMJPpvgcwk+n+ALCb6Y4EsJvpzgKwm+muBrCb6e4BsJvpngWwm+neA7Cb6b4HsJvp/gBwl+mOBHCX6c4CcJfprgZwl+nuAXCX6Z4FcJfp3gNwl+m+B3CX6f4A8J/pjgTwn+nOAvCf6a4G8J/p7gHwn+meBfCf6d4D8J/pvgyASHUhyW4mgpjp7i8BTHSHFEimOmOFaKY6c4TorjpjheiuOnOEGKE6Y4UYoTpzhJipOmOFmKk6c4RYpTpjhVilOnOE2K06Y4XYrTpzhDijOmOFOKM6c4S4qzpjhbirOnOEeKc6Y4V4pzpzhPivOmOF+K86e4QIoLprhQiqS4cIqLpLhoiouluHiKS6S4ZIpLpbh0isukuGyKy6W4fIorpLhiiiuluHKKq6S4aoqrpbh6imukuGaKa6W4dorrpLhuiuuluH6KG6S4YYobpbhxipukuGmKm6W4eYpbpLhliluluHWK26S4bYpJitunuEOKO6a4U4o7p7hLirumuFuKu6e4R4p7prhXinunuE+K+6a4X4r7p3hAigemeFCKB6d4SIqHpnhYioeneESKR6Z4VIpHp2iKx6R4bIrHpXh8iiekeGKKJ6V4coqDFIMUwxSjFOP/1ZummKWYp1ikWKZYpVin2KTYptil2Kd4SoqnpnhaiqeneEaKZ6Z4Vopnp3hOiuemeF6K56d4QYoXpnhRiheneEmKl6Z4WYqXp3hFilemeFWKV6d4TYrXpnhditeneEOKN6Z4U4o3p3hLiremeFuKt6d4R4p3pnhXineneE+K96Z4X4r3p/hAig+m+FCKD6f4SIqPpvhYio+n+ESKT6b4VIpPp/hMis+mOHLkyJHPp/hCii+m+FKKL6f4Soqvpvhaiq+n+EaKb6b4Vopvp/hOiu+m+F6K76f4QYofpvhRih+n+EmKn6b4WYqfp/hFil+m+FWKX6f4TYrfpvhdit+n+EOKP6b4U4o/p/hLir+m+FuKv6f4R4p/pvhXin+n+E+K/46qP8WhDIdlOFqGo2c4PMMxMhyR4ZgZjpXh2BmOk+G4GY6X4fgZTpDhhBlOlOHEGU6S4aQZTpbh5BlOkeGUGU6V4dQZTpPhtBlOl+H0Gc6Q4YwZzpThzBnOMjrOmuFsGc6e4RwZzpkPDY2qb+4M58lw3gzny3D+DBfIcMEMF8qQDBfOcJEMF81wsQwXz3CJDJfMcKkMl85wmQyXzXC5DJfPcIUMV8xwpQxXznCVDFfNcLUMV89wjQzXzHCtDNfOcJ0M181wvQzXz3CDDDfMcKMMN85wkww3zXCzUc+PGxraIsMtM9wqw60z3CbDbTPcLsPtM9whwx0z3CnDnTPcJcNdM9wtw90z3CPDPTPcK8O9M9wnw30z3C/D/TM8IMMDMzwow4MzPCTDQzM8LMPDMzwiwyMzPCrDozM0w2MyPDbD4zI8PsMTMjwxw5MyPDnDQYZBhmGGUYZxhkmGaYZZhnmGRYZlhlWGdYZNhm2GXYZ9hqdkeGqGp2V4eoZnZHhmhmdleHaG52R4bobnZXh+hhdkeGGGF2UM/V+/8dIML8vw8gyvyPDKDK/KGHl1htdkeG2G12V4fcbwURq5McObMrw5w1syvDXD2zK8PcM7Mrwzw7syvDvDezK8N8P7Mrw/wwcyfDDDhzJ8OMNHMnw0w8cyfDzDJzJ8MsOnMnw6w2cyfDbD5zJ8PsMXMnwxw5cyfDnDVzJ8NcPXMnw9wzcyfDPDtzJ8O8N3Mnw3w/cyfD/DDzL8MMOPMvw4w08y/HPkf+PzDL/I8MsMv8rw6wy/yf67F/Fdht9n+EOGP2b4U4Y/Z/hLhr9m+FuGv2f4x6h8Gf6V4d8Z/pPhvxmOzHAox2E5jpbj6DkOz3GMHEfkOGaOY+U4do7j5DhujuPlOH6OE+Q4YY4T5ThxjpPkOGmOk+U4eY5T5DhljlPlOHWO0+Q4bY7T5Th9jjPkOGOOM+U4c46z5DhrjrPlOHuOc+Sj/I9z5Th3jvPkOG+O8+U4f44L5LhgjgvlSI4L57hIjovmuFiOi+e4RI5L5rhUjkvnuEyOy+a4XI7L57hCjivmuFKOK+e4So6r5rhajqvnuEaOa+a4Vo5r57hOjuvmuF6O6+e4QY4b5rhRjhvnuEmOm+a4WY6b57hFjlvmuFWOW+e4TY7b5rhdjtvnuEOOO+a4U44757hLjrvmuFuOu+e4R4575rhXjnvnuE+O++a4X47753hAjgfmeFCOB+d4SI6H5nhYjofneESOR+Z4VI5H52iOx+R4bI7H5Xh8jifkeGKOJ+V4co6DHIMcwxyjHOMckxzTHLMc8xyLHMscqxzrHJsc2xy7HPscT8nx1BxPy/H0HM/I8cwcz8rx7BzPyfHcHM/L8fwcL8jxwhwvyvHiHC/J8dIcL8vx8hyvyPHKHK/K8eocr8nx2hyvy/H6HG/I8cYcb8rx5hxvyfHWHG/L8fYc78jxzhzvyvHuHO/J8d4c78vx/hwfyPHBHB/K8eEcH8nx0Rwfy/HxHJ/I8ckcn8rx6RyfyfHZHJ/L8fkcX8jxxRxfyvHlHF/J8dUcX8vx9RzfyPHNHN/K8e0c38nx3Rzfy/H9HD/I8cM/RvpRjh/n+EmOn+b4WY6f5/hFjl/m+FWOX+f4TY7f5vhdjt/n+EOOP+b4U45DEw0N/ZLjrzn+luPvOf6R4585/pXj3zn+k+O/OY4c9X6BwwocrcDRCxxe4BgFjihwzALHKnDsAscpcNwCxytw/AInKHDCAicqcOICJylw0gInK3DyAqcocMoCpypw6gKnKXDaAqcrcPoCZyhwxgJnKnDmAmcpcNYCZytw9gLnKHDOAucqcO4C5ylw3gLnK3D+AhcocMECFyqQAhcucJECFy1wsQIXL3CJApcscKkCly5wmYKhUXiXK3D5AlcocMUCVypw5QJXKXDVAlcrcPUC1yhwzQLXKnDtAtcpcN0C1ytw/QI3KHDDAjcqcOMCNylw0wI3K3DzArcocMsCtypw6wK3KXDbArcrcPsCdyhwxwJ3KnDnAncpcNcCdytw9wL3KHDPAvcqcO8C9ylw3wL3K3D/Ag8o8MACDyrw4AIPKfDQAg8r8PACjyj+u0YdOXLk8UcXaIHHFHhsgccVeHyBJxR4YoEnFXhygYMCgwLDAqMC4wKTAtMCswLzAosCywKrAusCmwLbArsC+wJPKfDUAk8r8PQCzyjwzALPKvDsAs8p8NwCzyvw/AIvKPDCAi8q8OICLynw0gIvK/DyAq8o8MoCryrw6gKvKfDaAq8r8PoCbyjwxgJvKvDmAm8p8NYCbyvw9gLvKPDOAu8q8O4C7ynw3gLvK/D+Ah8o8MECHyrw4QIfKfDRAh8r8PECnyjwyQKfKvDpAp8p8NkCnyvw+QJfKPDFAl8q8OUCXynw1QJfK/D1At8o8M0C3yrw7QLfKfDdAt8r8P0CPyjwwwI/KvDjAj8p8NMCPyvw8wK/KPDLAr8q8OsCvynw2wK/K/D7An8o8McCfyrw5wJ/KfDXAn8r8PcC/yjwzwL/KvDvAv8p8N9R2ihwqMRhJY5W4uglDi9xjBJHlDhmiWOVOHaJ45Q4bonjlTh+iROUOGGJE5U4cYmTlDhpiZOVOHmJU5Q4ZYlTlTh1idOUOG2J05U4fYkzlDhjiTOVOHOJs5Q4a4mzlTh7iXOUOGeJc5U4d4nzlDhvifOVOH+JC5S4YIkLlUiJC5e4SImLlrhYiYuXuESJS5a4VIlLl7hMicuWuFyJy5e4QokrlrhSiSuXuEqJq5a4Womrl7hGiWuWuFaJa5e4TonrlrheieuXuEGJG5a4UYkbl7hJiZuWuFmJm5e4RYlblrhViVuXuE2J25a4XYnbl7hDOcwdS9ypxJ1L3KXEXUvcrcTdS9yjxD1L3KvEvUvcp8R9S9yvxP1LPKDEA0s8qMSDSzykxENLPKzEw0s8osQjSzyqxKNLtMRjSjy2xONKPL7EE0o8scSTSjy5xEGJQYlhiVGJcYlJiWmJWYl5iUWJZYlViXWJTYltiV2JfYmnlHhqiaeVeHqJZ5R4ZolnlXh2ieeUeG6J55V4fokXlHhhiReVeHGJl5R4aYmXlXh5iVeUeGWJV5V4dYnXlHhtideVeH2JN5R4Y4k3lXhzibeUeGuJt5V4e4l3lHhniXeVeHeJ95R4b4n3lXh/iQ+U+GCJD5X4cImPlPhoiY+V+HiJT5T4ZIlPlfh0ic+U+GyJz5X4fIkvlPhiiS+V+HKJr5T4aomvlfh6iW+U+GaJb5X4donvlPhuie+V+H6JH5T4YYkflfhxiZ+U+GmJn5X4eYlflPhliV+V+HWJ35T4bYnflfh9iT+U+GOJP5X4c4m/lPhrib+V+HuJf5T4Z4l/lfh3if+U+G+JI0scqnBYhaNVOHqFwysco8IRFY5Z4VgVjl3hOBWOW+F4FY5f4QQVTljhRBVOXOEkFU5a4WQVTl7hFBVOWeFUFU5d4TQVTlvhdBVOX+EMFc5YjTU0U4UzVzhLhbNWOFuFs1c4R4VzVjhXhXNXOE+F81Y4X4XzV7hAhQtWuFCFVLhwhYtUuGiFi1W4eIVLVLhkhUsNDR8ahXOZCpetcLkKl69whQpXrHClCleucJUKV61wtQpXr3CNCtescK0K165wnQrXrXC9CtevcIMKN6xwowo3rnCTCjetcLMKN69wiwq3rHCrCreucJsKt61wuwq3r3CHCnescKcKd65wlwp3rXC3CnevcI8K96xwrwr3rnCfCvetcL8K96/wgAoPrPCgCg+u8JAKD63wsAoPr/CICo+s8KgKj67QCo+p8NgKj6vw+ApPqPDECk+q8OQKBxUGFYYVRhXGFSYVphVmFeYVFhWWFVYV1qN0MoRthV2FfYWnVHhqhadVeHqFZ1R4ZoVnVXh29T//V3hehedXeEGFF1Z4UYUXV3hJhZdWeFmFl1d4RYVXVnhVhVdXeE2F11Z4XYXXV3hDhTdWeFOFN1d4S4W3VnhbhbdXeEeFd1Z4V4V3V3hPhfdWeF+F91f4QIUPVvhQhQ9X+EiFj1b4WIWPV/hEhU9W+FSFT1f4TIXPVjhyzKGh5yt8ocIXK3ypwpcrfKXCVyt8rcLXK3yjwjcrfKvCtyt8p8J3K3yvwvcr/KDCDyv8qMKPK/ykwk8r/KzCzyv8osIvK/yqwq8r/KbCbyv8rsLvK/yhwh8r/KnCnyv8pcJfK/ytwt8r/KPCPyv8q8K/K/ynwn9H1V/hUI3DahytxtFrHF7jGDWOqHHMGseqcewax6lx3BrHq3H8GieoccIaJ6px4honqXHSGiercfIap6hxyhqnqnHqGqepcdoap6tx+hpnqHHGGmeqceYaZ6lx1hpnq3H2Gueocc4a56px7hrnqXHeGuercf4aF6hxwRoXqpFRGIaGhhapcdEaF6tx8RqXqHHJGpeqcekal6lx2RqXq3H5GleoccUaV6px5RpXqXHVGlercfUa16hxzRrXqnHtGtepcd0a16tx/Ro3qHHDGjeqceMaN6lx0xo3q3HzGreoccsat6px6xq3qXHbGrercfsad6hxxxp3qnHnGnepcdcad6tx92HDThgawj1r3KvGvWvcp8Z9a9yvxv1rPKDGA2s8qMaDazykxkNrPKzGw2s8osYjazyqxqNrtMZjajy2xuNqPL7GE2o8scaTajy5xkGNQY1hjVGNcY1JjWmNWY15jUXN8P/r09U1NjW2NXY19jWeUuOpNZ5W4+k1nlHjmTWeVePZNZ5T47k1nlfj+TVeUOOFNV5U48U1XlLjpTVeVuPlNV5R45U1XlXj1TVeU+O1NV5X4/U13lDjjTXeVOPNNd5S4601M42q7/Ya76jxzhrvqvHuGu+p8d4a76vx/hofqPHBGh+q8eEaH6nx0Rofq/HxGp+o8ckan6rx6RqfqfHZGp+r8fkaX6jxxRpfqvHlGl+p8dUaX6vx9RrfqPHNGt+q8e0a36nx3Rrfq/H9Gj+o8cMaP6rx4xo/qfHTGj+r8fMav6jxy/958+sav6nx2xq/q/H7Gn+o8ccaf6rx5xp/qfHXGn+r8fca/6jxzxr/qvHvGv+p8d8aR9Y41OCwBkdrcPQGhzc4RoMjGhyzwbEaHLvBcRoct8HxGhy/wQkanLDBiRqcuMFJGpy0wckanLzBKRqcssGpmpX/JxWctsHpGpy+wRkanLHBmRqcucFZGpy1wdkanL3BORqcs8G5Gpy7wXkanLfB+Rqcv8EFGlywwYUapMGFG1ykwUUbXKzBxRtcosElG1yqwaUbXKbBZRtcrsHlR+V8AFdscKUGV25wlQZXbXC1BldvcI0G12xwrQbXbnCdBtdtcL0G129wgwY3bHCjBjducJMGN21wswY3b3CLBrdscKsGt25wmwa3bXC7BrdvcIcGd2xwpwZ3bnCXBndtcLcGd29wjwb3bHCvBvducJ8G921wvwb3b/CABg9s8KAGD27wkAYPbfCwBg9v8IgGj2zwqAaPbtAGj2nw2AaPa/D4Bk9o8MQGT2rw5AYHDQYNhg1GDcYNJg2mDWYN5g0WDZYNVg3WDTYNtg2O/Ou/zYZTGjy1wdMaPL3BMxr8v8b+2Q2e0+C5DZ7X4PkNXtDghQ1e1ODFw/GSBi9t8LIGL28Y+b9DyF7V4NUNXtPgtQ1e1+D1Dd7QMOb/zUc3N3hLg7c2eFuDtzd4R4N3NnhXg3c3eE+D9zZ4X4P3N/hAgw82+FCDDzf4SIOPNvhYg483+ESDTzb4VINPN/hMg882+FyDzzf4QoMvNvhSgy83+EqDrzb4WoOvN/hGg282+FaDbzf4ToPvNvheg+83+EGDHzb4UYMfN/hJw2ijfPlZg583+EWDXzb4VYNfN/hNg982+F2D3zf4Q4M/NvhTgz83+EuDvzb4W4O/N/hHg382+FeDfzf4T4P/Dh9y5CheWhzW4mgtjt7i8BbHaHFEi2O2ONao68j/nelucbwWx29xgpEj/3M/UYsTtzhJi5O2OFmLk7c4RYtTtjhVi1O3OE2L07Y4XYvTtzhDizO2OFOLM7c4S4uztow2isPZW5yjxTlbnKvFuVucp8V5W5yvxflbXKDFBVtcqEVaXLjFRVpctMXFWly8xSVaXLLFpVpcusVDW1y2xeVaXL7FFVpcscWVWly5xVVaXLXF1VpcvcU1WlyzxbVaXLvFdVpct8X1Wly/xQ1a3LDFjVrcuMVNWty0xc1a3LzFLVrcssWtWty6xW1a3LbF7VrcvsUdWtyxxZ1a3LnFXVrctcXdWty9xT1a3LPFvVrcu8V9Wty3xf1a3L/FA1o8sMWDWjy4xUP+h/GwFg9v8YgWj2zxqBaPbtEWj2nx2BaPa/H4Fk9o8cQWT2rx5BYHLQYthi1GLcYtJi2mLWYt5i0WLZYtVi3WLTYtti12LfYtntLiqS2e1uLpLZ7R4pktntXi2S2e0+K5LZ7X4vktXtDihS1e1OLFLV7S4qUtXtbi5S1e0eKVLV7V4tUtXtPitS1e1+L1Ld7Q4o0t3tTizS3e0uKtLd7W4u0t3tHinS3e1eLdLd7T4r0t3tfi/S0+0OKDLT7U4sMtPtLioy0+1uLjLT7R4pMtPtXi0y0+0+KzLT7X4vMtvtDiiy2+1OLLLb7S4qstvtbi6y2+0eKbLb7V4tstvtPiuy2+1+L7LX7Q4octftTixy1+0uKnLX7W4uctftHily1+1eLXLX7T4rctftfi9y3+0OKPLf7U4s8t/tLiry3+1uLvLf7R4p8t/tXi3y3+0+K/LY5scajDYR2O1uHoHQ7vcIwOR3Q4ZodjdTh2h+N0OG6H43U4focTdDhhhxN1OHGHk3Q4aYeTdTh5h1N0OGWHU3U4dYfTdDhth9N1OH2HM3Q4Y4czdThzh7N0OGuHs3U4e4dzdDhnh3N1OHeH83Q4b4fzdTh/hwt0uGCHC3VIhwt3uEiHi3a4WIeLd7hEh0t2uFSHS3e4TIfLdrhch8t3uEKHK3a4Uocrd7hKh6t2uFqHq3e4RodrdrhWh2t3uE6H63a4Xofrd7hBhxt2uFGHG3e4SYebdrhZh5t3uEWHW3a4VYdbd7hNh9sOG3K7DrfvcIcOd+xwpw537nCXDnftcLcOd+9wjw737HCvDvfucJ8O9+1wvw737/CADg/s8KAOD+7wkA4P7fCwDg/v8IgOj+zwqA6P7tAOj+nw2A6P6/D4Dk/o8MQOT+rw5A4HHQYdhh1GHcYdJh2mHWYd5h0WHZYdVh3WHTYdth12HfYdntLhqR2e1uHpHZ7R4ZkdntXh2R2e0+G5HZ7X4fkdXtDhhR1e1OHFHV7S4aUdXtbh5R1e0eGVHV7V4dUdXtPhtR1e1+H1Hd7Q4Y0d3tThzR3e0uGtHd7W4e0d3tHhnR3e1eHdHd7T4b0d3tfh/R0+0OGDHT7U4cMdPtLhox0+1uHjHT7R4ZMdPtXh0x0+0+GzHT7X4fMdvtDhix2+1OHLHb7S4asdvtbh6x2+0eGbHb7V4dsdvtPhux2+1+H7HX7Q4YcdftThxx1+0uGnHX7W4ecdftHhlx1+1eHXHX7T4bcdftfh9x3+0OGPHf7U4c8d/tLhrx3+1uHvHf7R4Z8d/tXh3x3+0+G/HY7scKjHYT2O1uPoPQ7vcYweR/Q4Zo9j9Th2j+P0OG6P4/U4fo8T9DhhjxP1OHGPk/Q4aY+T9Th5j1P0OGWPU/U4dY/T9Dhtj9P1OH2PM/Q4Y48z9Thzj7P0OGuPs/U4e49z9Dhnj3P1OHeP8/Q4b4/z9Th/jwv0uGCPC/XIaLhwj4v0uGiPi/W4eI9L9Lhkj0v1uHSPy/S4bI/L9bh8jyv0uGKPK/W4co+r9Lhqj6v1uHqPa/S4Zo9r9bh2j+v0uG6P6/W4fo8b9Lhhjxv1uHGPm/S4aY+b9bh5j1v0uGWPW/W4dY/b9LjtTLhdj9v3uEOPO/a4U48797hLj7v2uFvPnyN73KPHPXvcq8e9e9ynx3173K/H/Xs8oMcDRwwNjeLw4B4P6fHQHg/r8fAej+jxyB6P6vHoHu3xmB6P7fG4Ho/v8YQeT+zxpB5P7nHQY9Bj2GPUY9xj0mPaY9Zj3mPRY9lj1WPdY9Nj22PXY9/jKT2e2uNpPZ7e4xk9ntnjWT2e3eM5PZ7b43k9nt/jBT1e2ONFPV7c4yU9XtrjZT1e3uMVPV7Z41U9Xt3jNT1e2+N1PV7f4w093tjjTT3e3OMtPd7a42093t7jHT3e2eNdPd7d/2eN+Z9/hft6vL/HB3p8sMeHeny4x0d6fLTHx3p8vMcnenyyx6d6fLrHZ3p8tsfneny+xxd6fHHovzy83OMrPb7a42s9vt7jGz2+2eNbPb7d4zs9vtvjez2+3+MHPX7Y40c9ftzjJz1+2uNnPX7e4xc9ftnjVz1+3eM3PX7b43c9ft/z/4g6x6hBrmZtP4NMZmLbdnLFtm3btq/Y5rSNJ7Zt27Zta76V873nvP271+69667quqtWVW2/H40/jMYfR+NPo/Hn0fjLaPx1NP42Gn8fjX+Mxj9H41+j8e/R+M9o/FfHBgIcEuDQAIcFODzAsQIcEeDYAY4McFSA4wQ4boDjBTh+gBMEOGGAEwU4cYCTBDhpgJMFOHmAUwQ4ZYBTBTh1gNMEOG2A0wU4fYAzBDhjgDMFjPx3D7MEOGuAswU4e4BzBDhngHMFOHeA8wQ4b4DzBTh/gAsEuGCACwVIgAsHuEiAiwa4WICLB7hEgEsGuFSASwe4TIDLBrhcgMsHuEKAKwa4UoArB7hKgKsGuFqAqwe4RoBrBrhWgGsHuE6A6wa4XoDrB7hBgBsGuFGAGwe4SYCbBrhZgJsHuEWAWwa4VYBbB7hNgNsGuF2A2we4Q4A7BrhTgDsHuEuAuwa4W4C7B7hHgHsGuFeAewe4T4D7BrhfgPsHeECABwZ4UIAHB3hIgIcGeFiAhwd4RHDCwJEBHhXg0QEa4DEBHhvgcQEeH+AJAZ4Y4EkBnhzgKQGeGuBpAZ4e4BkBnhngWQGeHeA5x//HegI8P8ALArwwwIsCvDjA0QEGAYYBRgHGASYBpgFmAeYBFgGWAVYB1gE2AbYBdgH2AQ4GeEmAlwZ4WYCXB3hFgFcGeFXAWP9rv9cGeF2A1wd4Q4A3BnhTgDcHeEuAtwZ4W4C3B3hHgHcGeFeAdwd4T4D3BnhfgPcH+ECADwb4UIAPB/hIgI8G+FiAjwf4RIBPBvhUgE8H+EyAzwb4XIDPB/hCgC8G+FKALwf4SoCvBvhagK8H+EaAbwb4VoBvB/hOgO8G+F6A7wf4QYAfBvhRgB8H+EmAnwb4WYCfB/hFgF8G+FWAXwf4TYDfBvhdgN8H+EOAPwb4U4A/B/hLgL8G+FuAvwf4R4B/BvhXgH8H+E+AYwIcCHFIiENDHBbi8BDHCnFEiGOHODLEUSGOE+K4IY4X4vghThDihCFOFOLEIU4S4qQhThbi5CFOEeKUIU4V4tQhThPitCFOF+L0Ic4Q4owhzhTizCHOEuKsIc4W4uwhzhHinCHOFeLcIc4T4rwhzhfi/CEuEOKCIS4UIiEuHOIiIS4a4mIhLh7iEiEuGeJSIS4d4jIhLhuO+r985AohrhjiSiGuHOIqIa4a4mohrh7iGiGuGeJaIa4d4johrhvieiGuH+IGIW4Y4kYhbhziJiFuGuJmIW4e4hYhbhniViFuHeI2IW4b4nYhbh/iDiHuGOJOIe4c4i4h7hribiHuHuIeIe4Z4l4h7h3iPiHuG+J+Ie4f4gEhHhjiQSEeHOIhIR4a4mEhHh7iESEeGeJRIR4doiEeE+KxIR4X4vEhnhDiiSGeFOLJIZ4S4qkhnhbi6SGeEeKZIZ4V4tkhnhPiuSGeF+L5IV4Q4oUhXhTixSGODjEIMQwxCjEOMQkxDTELMQ+xCLEMsQqxDrEJsQ2xC7EPcTDES0K8NMTLQrw8xCtCvDLEq0K8OsRrQrw2xOtCvD7EG0K8McSbQrw5xFtCvDXEgeccdnuId4R4Z4h3hXh3iPeEeG+I94V4f4gPhPhgiA+F+HCIj4T4aIiPhfh4iE+E+GSIT4X4dIjPhPhsiM+F+HyIL4T4YogvhfhyiK+E+GqIr4X4eohvhPhmiG+F+HaI74T4bvg//zLfD/GDED8M8aMQPw7xkxA/DfGzcIifh/hFiF+G+FWIX4f4TYjfhvhdiN+H+EOIP4b4U4g/h/hLiL+G+FuIv4f4R4h/hvhXiH+H+E+IY/6VT4RDIhwa4bAIh0c4VoQjIhw7wpERjopwnAjHjXC8CMePcIIIJ4xwoggnjnCSCCeNcLIIJ49wiginjHCqCKeOcJoIp41wuginj3CGCGeMcKYIZ45wlghnjXC2CGePcI4I54xwrgjnjnCeCOeNcL4I549wgQgXjHChCIlw4QgXiXDRCBeLcPEIl4hwyQiXinDpCJeJcNkIl4tw+QhXiHDFCFeKcOUIV4lw1QhXi3D1CNeIcM0I14pw7QjXiXDdCNeLcP0IN4hwwwg3inDjCDeJcNMIN4tw8wi3iHDLCLeKcOsIt4lw2wi3i3D7CHeIcMcId4pw5wh3iXDXCHeLcPcI94hwzwj3inDvCPeJcN8I94tw/wgPiPDACA+K8OAID4nw0AgPi/DwCI+I8MgIj4rw6AiN8JgIj43wuAiPj/CECE+M8KQIT47wlAhPjfC0CE+P8IwIz4zwrAjPjvDPCM+N8LwIz4/wgggvjPCiCC+OcHSEQYRhhFGEcYRJhGmEWYR5hEWEZYRVhHWETYRthF2EfYSDEV4S4aURXhbh5RFeEeGVEV4V4dURXhPhtRFeF+H1Ed4Q4Y0R3hThzRHeEuGtEd4W4e0R3hHhnRHeFeHdEd4T4b0R3hfh/RE+EOGDET4U4cMRPhLho9GI//ETj0f4RIRPRvhUhE9H+EyEz0b4XDT0f955IcIXI3wpwpcjfCXCVyN8LcLXI3wjwjcjfCvCtyN8J8J3I3wvwvcj/CDCDyP8KMKPI/wkwk8j/CzCzyP8IsIvI/wqwq8j/CbCbyP8LsLvI/whwh8j/CnCnyP8JcJfI/wtwt8j/OM/2P0V4d8R/hPhmAgHYhwS49AYh8U4PMaxYhwR49gxjoxxVIzjxDhujOPFOH6ME8Q4YYwTxThx/P7AJDFOGuNkMU4e4xQxThnjVDFOHeM0MU4b43QxTh/jDDHOGONMMc4c4ywxzhrjbDHOHuMcMc4Z41wxzh3jPDHOG+N8Mc4f4wIxLhjjQjES48IxLhLjojEuFuPiMS4R45IxLhXj0jEuE+OyMS4X4/IxrhDjijGuFOPKMa4S46oxrhbj6jGuEeOaMa4V49oxrhPjujGuF+P6MW4Q44YxbhTjxjFuEuOmMW4W4+YxbhHjljFuFePWMW4T47Yxbhfj9jHuEOOOMe4U484x7hLjrjHuFuPuMe4R454x7hXj3jHuE+O+Me4X4/4xHhDjgTEeFOPBMR4S46ExHhbj4TEeEeORMR4V49ExGuMxMR4b43ExHh/jCTGeGONJMZ4c4ykxnhrjaTGeHuMZMZ4Z41kxnh3jOTGeG+N5MZ4f4wUxXhjjRTFeHOPoGIMYwxijGOMYkxjTGLMY8xiLGMsYqxjrGJsY2xi7GPsYB2O8JMZLY7wsxstjvCLGK2O8KsarY7wmxmtjvC7G62O8IcYbY7wpxptjvCXGW2O8LcbbY7wjxjtjvCvGu2O8J8Z7Y7wvxvtjfCDGB2N8KMaHY3wkxkdjfCzGx2N8IsYnY3wqxqdjfCbGZ2N8LsbnY3whxhdjfCnGl2N8JcZXY3wtxtdjfCPGN2N8K8a3Y3wnxndjfC/G92P8IMYPY/woxo9j/CTGT2P8LMbPY/wixi9j/CrGr2P8JsZvY/wuxu9j/CHGH2P8KcafY/wlxl9j/C3G32P8I8Y/Y/wrxr9j/CfGMTEOJDgkwaEJDktweIJjJTgiwbETHJngqATHSXDcZOL/484TJDhhghMlOHGCkyQ4aYKTJTh5glMkOGWCUyU4dYLTJDhtgtMlOH2CMyQ4Y4IzJThzgrMkOGuCsyU4e4JzJDhngnMlOHeC8yQ4b4LzJTh/ggskuGCCCyVIggsnuEiCiya4WIKLJ7hEgksmuFSCSye4TILLJrhcgssnuEKCKya4UoIrJ7hKgqsmuFqCqye4RoJrJrhWgmsnuE6C6ya4XoLrJ7hBghsmuFGCGye4SYKbJrhZgpsnuEWCWya4VYJbJ7hNgtsmuF2C2ye4Q4I7JrhTgjsnuEuCuya4W4K7J7hHgnsmuFeCeye4T4L7JrhfgvsneECCByZ4UIIHJ3hIgocmeFiChyd4RIJHJnhUgkcnaILHJHhsgscleHyCJyR4YoInJXhygqckeGqCpyV4eoJnJHhmgmcleHaC5yR4boLnJXh+ghckeGGCFyV4cYKjEwwSDBOMEowTTBJME8wSzBMsEiwTrBKsE2wSbBPsEuwTHEzwkgQvTfCyBC9P8IoEr0zwqgSvTvCaBK9N8LoEr0/whgRvTPCmBG9O8JYEb03wtgRvT/COBO9M8K4E707wngTvTfC+BO9P8IEEH0zwoQQfTvCRBB9N8LEEH0/wiQSfTPCpBJ9O8JkEn03wuQSfT/7bt/hSgi8n+EqCryb4WoKvJ/hGgm8m+FaCbyf4ToLvJvhegu8n+EGCHyb4UYIfJ/hJgp8m+FmCnyf4RYJfJvhVgl8n+E2C3yb4XYLfJ/hDgj8m+FOCPyf4S4K/Jvhbgr8n+EeCfyb4V4J/J/hPgmMSHEhxSIpDUxyW4vAUx0pxRIpjpzgyxVEpjpPiuCmOl+L4KU6Q4oQpTpTi2iMHBiZJcdIUJ0tx8hSnSHHKFKdKceoUp0lx2hSnS3H6FGdIccYUZ0px5hRnSXHWEQPOluLsKc6R4pwpzpXi3CnOk+K8AzhfivOnuECKC6a4UIqkuHCKi6S4aIqLpbh4ikukuGSKS6W4dIrLpLhsisuluHyKK6S4YoorpbhyiqukuGqKq6W4eoprpLhmimv9e8YU10lx3RTXS3H9FDdIccMUN0px4xQ3SXHTFDdLcfMUt0hxyxS3SnHrFLdJcdsUt0tx+xR3SHHHFHdKcecUd0lx1xR3S3H3FPdIcc8U90px7xT3SXHfFPdLcf8UD0jxwBQPSvHgFA9J8dAUD0vx8BSPSPHIFI9K8egUTfGYFI9N8bgUj0/xhBRPTPGkFE9O8ZQUT03xtBRPT/GMFM9M8awUz07xnBTPTfG8FM9P8YIUL0zxohQvTnF0ikGKYYpRinGKSYppilmKeYpFimWKVYp1ik2KbYpdin2Kgylekl7npSleluLlKV6R4pUpXpXi1Slek+K1KV6X4vUp3pDijSnelOLNKd6S4q0p3pbi7SnekeKdKd6V4t0p3pPivSnel+L9KT6Q4oMpPpTiwyk+kuKjKT6W4uMpPpHikyk+leLTKT6T4rMpPpfi8ym+kOKLKb6U4sspvpLiqym+luLrKb6R4pspvpXi2ym+k+K7Kb6X4vspfpDihyl+lOLHKX6S4qcpfpbi5yl+keKXKX6V4tcpfpPityl+l+L3Kf6Q4o8p/pTizyn+kuKvKf6W4u8p/pHinyn+leLfKf6T4pgUBzIckuHQDIdlODzDsTIckeHYGY7McFSG42Q4bobjZTh+hhNkOGGGE2U4cYaTZDhphpNlOHmGU2Q4ZYZTZTh1htNkOG2G02U4fYYzZDhjhjNlOHOGs2Q4a4azZTh7hnNkOGeGc2U4d4bzZDhvhvNlOH+GC2S4YIYLZUiGC2e4SIaLZrhYhotnuESGS2a4VIZLZ7hMhstmuFyGy2e4QoYrZrhShitnuEqGq2a4WoarZ7hGhmtmuFaGa2e4TobrZrhehutnuEGGG2a4UYYbZ7hJhptmuFmGm2e4RYZbZrhVhltnuE2G22a4XYbbZ7hDhjtmuFOGO2e4S4a7Zse7W4a7Z7hHhntmuFeGe2e4T4b7ZrhfhvtneECGB2Z4UIYHZ3hIhodmeFiGh2d4RIZHZnhUhkdnaIbHZHhshsdleHyGJ2R4YoYnZXhyhqdkeGqGp2V4eoZnZHhmhmdleHaG52R4bobnZXh+hhdkeGGGF2V4cYajMwwyDDOMMowzTDJMM8wyzDMsMiwzrDKsM2wybDPsMuwzHMzwkgwvzfCyDC/P8IoMr8zwqgyvzvCaDK/N8LoMr8/whgxvzPCmDG/O8JYMb83wtgxvz/CODO/M8K4M787wngzvzfC+DO/P8IEMH8zwoQwfzvCRDB/N8LEMH8/wiQyfzPCpDJ/O8JkMn83wuQyfz/CFDF/M8KUMX87wlQxfzfC1DF/P8I0M38zwrQzfzvCdDN/N8L0M38/wgww/zPCjDD/O8JMMP83wsww/z/CLDL/M8KsMv87wmwy/zfC7DL/P8IcMf8zwpwx/zvCXDH/N8LcMf8/wjwz/zPCvDP/O8J8Mx2Q4kOOQHIfmOCzH4TmOleOIHMfOV3RkjqNyHCfHcXMcL8fxc5wgxwlznCjHiXOcJMdJc5wsx8lznCLHKXOcKsepc5wmx2lznC7H6XOcIccZc5wpx5lznCXHWXOcLcfZc5wjxzlznCvHuXOcJ8d5c5wvx/lzXCDHBXNcKEdyXDjHRXJcNMfFclw8xyVyXDLHpXJcOsdlclw2x+VyXD7HFXJcMceVclw5x1VyXDXH1XJcPcc1clwzx7VyXDvHdXJcN8f1clw/xw1y3DDHjXLcOMdNctw0x81yhvynQN4tc9wqx61z3CbHbXPcLsftc9whxx1z3CnHnXPcJcddc9wtx91z3CPHPXPcK8e9c9wnx31z3C/H/XM8IMcDczwox4NzPCTHQ3M8LMfDczwixyNzPCrHo3M0x2NyPDbH43I8PscTcjwxx5NyPDnHU3I8NcfTcjw9xzNyPDPHMWP+GXN2jufkeG6O5+V4fo4X5HhhjhfleHGOo3MMcgxzjHKMc0xyTHPMcsxzLHIsc6xyrHNscmxz7HLscxzM8ZIcL83xshwvz/GKHK/M8aocr87xmhyvzfG6HK/P8YYcb8zxphxvzvGWHG/N8bYcb8/xjhzvzPGuHO/O8Z4c783xvhzvz/GBHB/M8aEcH87xkRwfzfGxHB//1x7+Q/CfyvHpHJ/J8dkcn8vx+RxfyPHFHF/K8eUcX8nx1Rxfy/H1HN/I8c0c38rx7RzfyfHdHN/L8f0cP8jxwxw/yvHjHD/J8dMcP8vx8xy/yPHLHL/K8escv8nx2xy/y/H7HH/I8cccf8rx5xx/yfHXHH/L8fcc/8jxzxz/yvHvHP/5F9McBwocUuDQAocVOLzAsQocUeDYBY4scFSB4xQ4boHjFTh+gRMUOGGBExU4cYGTFDhpgZMVOHmBUxQ4ZYFTFTh1gdMUOG2B0xU4fYEzFDhjgTMVOHOBsxQ4a4GzFTh7gXMUOGeBcxU4d4HzFDhvgfMVOH+BCxS4YIELFUiBCxe4SIGLFrhYgYsXuESBSxa4VIFLF7hMgcsWuFyByxe4QoErFrhSgSsXuEqBqxa4WoGrF7hGgWsWuFaBaxe4ToHrFrhegesXuEGBGxa4UYEbF7hJgZsWuFmBmxe4RYFbFrhVgVsXuE2B2xa4XYHbF7hDgTsW/O8UW3cpcNcCdytw9wL3KHDPAvcqcO8C9ylw3wL3K3D/Ag8o8MACDyrw4AIPKfDQAg8r8PACjyjwyAKPKvDoAi3wmAKPLfC4Ao8v8IQCTyzwpAJPLvCUAk8t8LQCT/9XPgN4ZoFnFXh2gecUeG6B5xV4foEXFHhhgRcVeHGBowsMCgwLjAqMC0wKTAvMCswLLAosC6wKrAtsCmwL7ArsCxws8JICLy3wsgIvL/CKAq8s8KoCry7wmgKvLfC6Aq8v8IYCbywYelOBNxd4S4G3FnhbgbcXeEeBdxZ4V4F3F3hPgfcWeF/x/3vH/n0eLPChAh8u8JECHy3wsQIfL/CJAp8s8KkCny7wmQKfLfC5Ap8v8IUCXyzwpQJfLvCVAl8t8LUCXy/wjQLfLPCtAt8u8J0C3y3wvQLfL/CDAj8s8KMCPy7wkwI/LfCzAj8v8IsCvyzwqwK/LvCbAr8t8LsCvy/whwJ/LPCnAn8u8JcCfy3wtwJ/L/CPAv8s8K8C/y7wnwLHFDhQ4pASh5Y4rMThJY5V4ogSxy5xZImjShynxHFLHK/E8UucoMQJS5yoxIlLnKTESUucrMTJS5yixClLnKrEqUucZhROW+J0JU5f4gwlzljiTCXOXOIsJc5a4mwlzl7iHCXOWeJcJc5d4jwlzlvifCXOX+ICJS5Y4kIlUuLCJS5S4qIlLlbi4iUuUeKSJS5V4tIlLlPisiUuV+LyJa5Q4oolrlTiyiWuUuKqJa5W4uolrlHimiWuVeLaJa5T4rolrlfi+iVuUOKGJW5U4sYlblLipiVuVuLmJW5R4pYlblXi1iVuU+K2JW5X4vYl7lDijiXuVOLOJe5S4q4l7vYvBgMDA3uUuGeJe5W4d4n7lLhvifuVuH+JB5R4YIkHlXhwiYeUeGiJh5V4eIlHlHhkiUeVeHSJlnhMiceWeFyJx5d4QoknlnhSiSeXeEqJp5Z4Womnl3hGiWeWeFaJZ5d4TonnlnheieeXeEGJF5Z4UYkXlzi6xKDEsMSoxLjEpMS0xKz8l0dgUWJZYlViXWJTYltiV2Jf4mCJl5R4aYmXlXh5iVeUeGWJV5V4dYnXlHhtideVeH2JN5R4Y/nf+wpuKfHWEm8r8fYS7yjxzhLvKvHuEu8p8d4S7yvx/hIfKPHBEh8q8eESHynx0RIfK/HxEp8o8ckSnyrx6RKfKfHZE/C5Ep8v8YUSXyzxpRJfLvGVEl8t8bUSXy/xjRLfLPGtEt8u8Z0S3y3xvRLfL/GDEj8s8aMSPy7xkxI/LfGzEj8v8YsSvyzxqxK/LvGbEr8tx4z533z8DyX+WOJPJf5c4i8l/lribyX+XuIfJf5Z4l8l/l3iP/9iUeJAhUMqHFrhsAqHVzhWhSMqHLvCkRWOqnCcCsetcLwKx69wggonrHCiCieucJIKJ61wsgonr3CKCqescKoKp65wmgqn/Xe9gYGB6SucocIZK5ypwpkrnKXCWSucrcLZK5yjwjkrnKvCuSucp8J5K5yvwvkrXKDCBStcqEIqXLjCRar/Pzd2sQoXr3CJCpescKkKl65wmQqXrXC5CpevcIUKV6xwpQpXrnCVCletcLUKV69wjQrXrHCtCteucJ0K161wvQrXr3CDCjescKMKN65wkwo3rXCzCjevcIsKt6xwqwq3rnCbCretcLsKt69whwp3rHCnCneucJcKd61wtwp3r3CPCvescK8K965wnwr3rXC/Cvev8IAKD6zwoAoPrvCQCg+t8LAKD6/wiAqPrPCoCo+u0AqPqfDYCo+r8PgKT6jwxApPqvDkCk+p8NQKT6vw9ArPqPDMCs+q8OwKz6nw3ArPq/D8Ci+o8MIKL6rw4gpHVxhUGFYYVRhXmFSYVphVmFdYVFhWWFVYV9hU2FbYVdhXOFjhJRVeWuFlFV5e4RUVXlnhVRVeXeE1FV5b4XUVXl/hDRXeWOFNFd5c4S0V3lrhbRXeXuEdFd5Z4V0V3l3hPRXeW+F9Fd5f4QMVPljhQxU+XOEjFT5a4WMVPl7hExU+WeFTFT5d4TMVPlvhcxU+X+ELFb5Y4UsVvlzhKxW+WuFrFb5e4RsVvlnhWxW+XeE7Fb5b4XsVvl/hBxV+WOFHFX5c4ScVflrhZxV+XuEXFX5Z4VcVfl3hNxV+W+F3FX5f4Q8V/ljhTxX+XOEvFf5a4W8V/l7hHxX+WeFfFf5d4T8VjqlwoMYhNQ6tcViNw2scq8YRNY5d48gaR9U4To3j1jhejePXOEGNE9Y4UY0T1zhJjZPWOFmNk9c4RY1T1jhVjVPXOE2N09Y4XY3T1zhDjTPWOFONM9c4S42z1jhbjbPXOEeNc9Y4V41z1zhPjfPWOF+N89e4QI0L1rhQjdS4cI2L1LhojYvVuHiNS9S4ZI1L1bh0jcvUuGyNy9W4fI0r1LhijSvVuHKNq9S4ao2r1bh6jWvUuGaNa9W4do3r1LhujevVuH6NG9S4YY0b1bhxjZvUuGmNm9W4eY1b1LhljVvVuHWN29S4bY3b1bh9jTvUuGONO9W4c4271LhrjbvVuHuNe9S4Z4171bh3jfvUuG+N+9W4f40H1HhgjQfVeHCNh9R4aI2H1Xh4jUfUeGSNR9V4dI3WeEyNx9Z4XI3H13hCjSfWeFKNJ9d4So2n1nhajafXeEaNZ9Z4Vo1n13hOjefWeF6N59d4QY0X1nhRjRfXOLrGoMawXvF//FJcY1JjWmNWY15jUWNZY1VjXWNTY1tjV2Nf42CNl9R4aY2X1Xh5jVfUeGWNV9V4dY3X1HhtjdfVeH2NN9R4Y4031XhzjbfUeGuNt9V4e4131HhnjXfVeHeN99R4b4331Xh/jQ/U+GCND9X4cI2P1PhojY/V+HiNT9T4ZI1P1fh0jc/U+GyNz9X4fI0v1PhijS/V+HKNr9T4ao2v1fh6jW/U+GaNb9X4do3v1Phuje/V+H6NH9T4YY0f1fhxjZ/U+GmNn9X4eY1f1PhljV/V+HWN39T4bY3f1fh9jT/U+GONP9X4c42/1Phrjb/V+HuNf9T4Z41/1fh3jf/UOKbGgQaHNDi0wWENDm9wrAZHNDh2gyMbHNXgOA2O2+B4DY7f4AQNTtjgRA1O3OAkDU7a4GQNTt7gFA1O2eBUDU7d4DQNTtvgdA1O3+AMDc7Y4EwNztzgLA3O2uBsDc7e4BwNztngXA3O3eA8Dc7b4HwNzt/gAg0u2OBCDdLgwg0u0uCiDS7W4OINLtGMc0g2yf/nR0s3uEyDyza4XIPLN7hCgys2uFKDKze4SoOrNrhag6s3uEaDazaMXKvBtRtcp8F1G1yvwfUb3KDBDRvcqMGNG9ykwU0b3KzBzRvcosEtG9yqwa0bHBiO2za4XYPbN7hDgzs2uFODOze4S4O7Nrhbg7s3uEeDeza4V4N7N7hPg/s2uF+D+zd4QIMHNnhQgwc3eEiDhzZ4WIOHN3hEg0c2eFSDRzdog8c0eGyDxzV4fIMnNHhigyc1eHKDpzR4aoOnNXh6g2c0eGaDZzV4doPnNHhug+c1eH6DFzR4YYMXNXhxg6MbDBoMG4wajBtMGkznSMwazJv/xttVg3WDTYNtg12DfYODDV7S4KUNXtbg5Q1e0eCVDV7V4NUNXtPgtQ1e1+D1Dd7Q4I0N3tTgzQ3e0uCtDd7W4O0N3tHgnQ3eNXRg4F+dv6fBexu8r8H7G3ygwQcbfKjBhxt8pMFHG3yswccbfKLBJxt8qsGnG3ymwWcbfK7B5xt8ocEXG3ypwZcbfKXBVxt8rcHXG3yjwTcbfKvBtxt8p8F3G3yvwfcb/KDBDxv8qMGPG/ykwU8b/KzBzxv8osEvG/yqwa8b/KbBbxv8rsHvG/yhwR8b/KnBnxv8pcFfG/ytwd8b/KPBPxv8q8G/G/ynwTH/6mSLQ1oc2uKwFoe3OFaLI1ocu8WRLY5qcZwWx21xvBbHb3GCFidscaIWJ25xkhYnbXGyFidvcYqxB5yyxalanLrFaVqctsXpWpy+xRlanLHFmVqcucVZWpy1xdlanL3FOVqcs8W5Wpy7xXlanLfF+Vqcv8UFWlywxYVapMWFW1ykxUVbXKzFxVtcosUlW1yqxaVbXKbFZVtcrsXlW1yhxRVbXKnFlVtcpcVVW1ytxdVbXKPFNVtcq8W1W1ynxXVbXK/F9VvcoMUNW9yoxY1b3KTFTVvcrMXNW9yixS1b3KrFrVvcpsVtW9yuxe1b3KHFHVvcqcWdW9ylxV1b3K3F3Vvco8U9W9yrxb1b3KfFfVvcr8X9WzygxQNbPKjFg1s8pMVDWzysxcNbPKLFI1s8qsWjW7TFY1o8tsXjWjy+xRNaPLHFk1o8ucVTWjy1xdNaPL3FM1o8s8WzWjy7xXNaPLfF81o8v8ULWrywxYtavLjF0S0GLYYtRi3GLSYtpi1mLeYtFi2WLVYt1i02LbYtdi32LQ62eEmLl7Z4WYuXt3hFi1e2eFWLV7d4TYvXtnhdi9e3eEOLN7Z4U4s3t3hLi7e2eFuLt7d4R4t3tnhXi3e3eE+L97Z4X4v3t/hAiw+2+FCLD7f4SIuPtvhYi4+3+ESLT7b4VItPt/hMi8+2+FyLz7f4QosvtvhSiy+3+EqLr7b4Wouvt/hGi2+2+FaLb7f4Tovvtvhei++3/BsW+2GLH7X4cYuftPhpi5+1+Hk73C9a/LLFr1r8usVvWvy2xe9a/L7FH1r8scWfWvy5xV9a/LXF31r8vcU/Wvyzxb9a/LvFf1oc0+JAh0M6HNrhsA6HdzhWhyM6HLvDkR2O6nCcDsftcLwOx+9wgg4n7HCiDifucJIOJ+1wsg4n73CKDqfscKoOp+5wmg6n7XC6DqfvcIYOZ+xwpo6Bf/cwS4ezdjhbh7N3OEeHc3Y4V4dzdzhPh/N2OF+H83e4QIcLdrhQh3S4cIeLdLhoh4t1/82pL9nhUh0u/Z/vLNvhch0u3+EKHa7Y4UodrtzhKh2u2uFqHa7e4RodrtnhWh2u3eE6Ha7b4Xodrt/hBh1u2OFGHW7c4SYdbtrhZh1u3uEWHW7Z4VYdbt3hNh1u2+F2HW7f4Q4d7tjhTh3u3OEuHe7a4W4d7t7hHh3u2eFeHe7d4T4d7tvhfh3u3+EBHR7Y4UEdHtzhIR0e2uFhHR7e4REdHtnhUR0e3aEdHtPhsR0e1+HxHZ7Q4YkdntThyR2e0uGpHZ7W4ekdntHhmR2e1eHZHZ7T4bkdntfh+R1e0OGFHV7U4cUdju4w6DDsMOow7jDpMO0w6zDvsOiw7LDqsO6w6bDtsOuw73Cww0s6vLTDyzq8vMMrOryyw6s6vLrDazq8tsPrOry+wxs6vLHDmzq8ucNbOry1w9s6vL3DO7oh/1e7eneH93R4b4f3dXh/hw90+GCHD3X4cIePdPhoh2OGDQw83uETHT7Z4VMdPt3hMx0+2+FzHT7f4QsdvtjhSx2+3OErHb7a4Wsdvt7hGx2+2eFbHb7d4Tsdvtvhex2+3+EHHX7Y4UcdftzhJx1+2uFnHX7e4RcdftnhVx1+3eE3HX7b4Xcdft/hDx3+2OFPHf7c4S8d/trhbx3+3uEfHf7Z4V8d/t3hP/+ercOBHof0OLTHYT0O73GsHkf0OHaPI3sc1eM4PY7b43g9jt/jBD1O2ONEPU7c4yQ9TtrjZD1O3uMUPU7Z41Q9Tt3jND1O2+N0PU7f4ww9zvif9WfucZYeZ+1xth5n73GOHufsca4e5+5xnh7n7XG+HufvcYEeF+xxoR7pceEeF+lx0R4X63HxHpfocckel+px6R6X6XHZHpfrcfkeV+hxxR5X6nHlHlfpcdUeV+tx9R7X6HHNHtfqce0e1+lx3R7X63H9HjfoccMeN+px4x436XHTHjfrcfMet+hxyx636nHrHrfpcdset+tx+x536HHHHnfqceced+lx1x5363H3Hvfocc8e9+px7x736XHfHvfrcf8eD+jxwB4P6vHgHg/p8dAeD+vx8B6P6PHIHo/q8ege7fGYHo/t8bgej+/xhB5P7PGkHk/u8ZQeT+3xtB5P7/GMHs/s8awez+7xnB7P7fG8Hs/v8YIeL+zxoh4v7nF0j0GPYY9Rj3GPSY9pj1mPeY9Fj2WPVY91j02PbY9dj32Pgz1e8h98Luvx8h6v6PHKHq/q8eoer+nx2h6v6/H6Hm/o8cYeb+rx5h5v6fHWHm/r8fYe7+jxzh7v6vHuHu/p8d4e7+vx/h4f6PHBHh/q8eEeH+nx0R4f6/HxHp/o8cken+rx6R6f6fHZHp/r8fkeX+jxxR5f6vHlHl/p8dUeX+vx9R7f6PHNHt/q8e0e3+nx3R7f6/H9Hj/o8cMeP+rx4x4/6fHTHj/r8fMev+jxyx6/6vHrHr/p8dsev+vx+x5/6PHHHn/q8ecef+nx1x5/6/H3Hv/o8c8e/+rx7x7/6XFMjwODOGQQhw7isEEcPohjDeKIQRx7EEcO4qhBHGcQxx3E8QZx/EGcYBAnHMSJBnHiQZxkECcdxMkGcfJBnGIQpxzEqQZx6kGcZhCnHcTpBnH6QZxhEGccxJkGcebB/5tTP2a2QZx9EP8fUe/g/PkRdG3/Nt7Ytp1csbOxbds2rmA3tm19bHxj27Zt2/tWnvu53+cPmJnqrnOqpqfPmZ47wHkCnDfA+QKcP8AFAlwwwIUCXDjARQJcNEACXCzAxQNcIsAlA8b4L66lA1wmwGUDXC7A5QNcIcAVA1wpwJUDHBHgKgGuGuBqAa4e4BoBrhngWgGuHeA6Aa4b4HoBrh/gBgFuGOBGAW4c4CYBbhrgZgFuHuAWAW4Z4FYBbh3gNgFuG+B2AW4f4A4B7hjgTgHuHOAuAe4a4G4B7h7gHgHuGeBeAe4d4D4B7hvgfgHuH+ABAR4Y4EEBHhzgIQEeGuBhAR4e4BFj4ZEBHhXg0QEeE+CxARrgcQEeH+AJAZ4Y4MgARwV4UoAnB3hKgKcGeFqApwd4RoBnBnhWgGcHeE6A5wZ4XoDnB3hBgBcGeFGAFwd4SYCXBnhZgJcHeEWAVwZ4VYBXB3hNgNcGeF2A1wd4Q4A3BnhTgDcHeEuAQYBhgFGAcYBJgGmAWYB5gEWAZYBVgHWATYBtgF2AfYCDAG8N8LYAbw/wjgDvDPCuAO8O8J4A7w3wvgDvD/CBAB8M8KEAHw7wkQAfDfCxAB8P8IkAnwzwqQCfDvCZAJ8N8LkAnw/whQBfDPClAF8O8JUAXw3wtQBfD/CNAN8M8K0A3w7wnQDfDfC9AN8P8IMAPwzwowA/DvCTAD8N8LMAPw/wiwC/DPCrAL8O8JsAvw3wuwC/D/CHAH8M8KcAfw7wlwB/DfC3AH8P8I8A/wzwrwD/DvCfAP/9j3MBDoU4LMQxQhwzxLFCHDvEcUIcN8TxQhwe4vghThDihCFOFOLEIU4S4qQhThbi5CFOEeKUIU4V4tQhThPitCFOF+L0Ic4Q4owhzhTizCHOEuKsIc4W4uwhzhHinCF7/ndvnzvEeUKcN8T5Qpw/xAVCXDDEhUJcOMRFQlw0REJcLMTFQ1wixCVDXCrEpUNcJsRlQ1wuxOVDXCHEFUNcKcSVQxwR4iohrhriaiGuHuIaIa4Z4lohrh3iOiGuG+J6Ia4f4gYhbhjiRiFuHOImv0w+enSIm4W4eYhbhLhliFuFuHWI24S4bYjbhbh9iDuEuGOIO4W4c4i7hLhriLuFuHuIe4S4Z4h7hbh3iPuEuG+I+4W4f4gHhHhgiAeFeHCIh4R4aIiHhXh4iEeEeGSIR4V4dIjHhHhsiIZ4XIjHh3hCiCeGODLEUSGeFOLJIZ4S4qkhnhbi6SGeEeKZIZ4V4tkhnhPiuSGeF+L5IV4Q4oUhXhTixSFeEuKlIV4W4uUhXhHilSFeFeLVIV4T4rUhXhfi9SHeEOKNId4U4s0h3hJiEGIYYhRiHGISYhpiFmIeYhFiGWIVYh1iE2IbYhdiH+IgxFtDvC3E20O8I8Q7Q7wrxLtDvCfEe0O8L8T7Q3wgxAdDfCjEh0N8JMRHQ3wsxMdDfCLEJ0N8Khzy6RCfCfHZEJ8L8fkQXwjxxRBfCvHlEF8J8dUQXwvx9RDfCPHNEN8K8e0Q3wnx3RDfC/H9ED8I8cMQPwrx4xA/CfHTED8L8fMQvwjxyxC/CvHrEL8J8dsQvwvx+xB/CPHHEH8K8ecQfwnx1xB/C/H3EP8I8c8Q/wrx7xD/CfHfEP/D7FCEwyIcI8IxIxwrwrEjHCfCcSMcL8LhEY4f4QQRThjhRBFOHOEkEU4a4WQRTh7hFBFOGeFUEU4d4TQRThvhdBFOH+EMEc4Y4UwRzhzhLBHOGuFsEc4e4RwRzhnhXBHOHeE8Ec4b4XwRzh/hAhEuGOFCES4c4SIRLhohES4W4eIRLhHhkhEuFeHSES4T4bIRLhfh8hGuEOGKEa4U4coRjohwlQhXjXC1CFePcI0I14xwrQjXjnCdCNeNcL0I149wgwg3jHCjCDeOcJMIN41wswg3j3CLCLeMcKsIt45wmwi3jXC7CLePcIcId4xwpwh3jnCXCHeNcLcId49wj9Gj3TPCvSLcO8J9Itw3wv0i3D/CAyI8MMKDIjw4wkMiPDTCwyI8PMIjIjwywqMiPDrCYyI8NkIjPC7C4yM8IcITIxwZ4agIT4rw5AhPifDUCE+L8PQIz4jwzAjPivDsCM+J8NwIz4vw/AgviPDCCC+K8OIIL4nw0ggvi/DyCK+I8MoIr4rw6givifDaCK+L8PoIb4jwxghvivDmCG+JMIgwjDCKMI4wiTCNMIswj7CIsIywirCOsImwjbCLsI9wEOGtEd4W4e0R3hHhnRHeFeHdEd4T4b0R3hfh/RE+EOGDET4U4cMRPhLhoxE+FuHjET4R4ZMRPhXh0xE+E+GzET4X4fMRvhDhixG+FOHLEb4S4asRvhbh6xG+EeGbEb4V4dsRvhPhu/+XY+9H+EGEH0b4UYQfR/hJhJ9G+FmEn0f4RYRfRvhVhF9H+E2E30b4XYTfR/hDhD9G+FOEP0f4S4S/RvhbhL9H+EeEf0b4V4R/R/hPhP9GODrCoRiHxThGjGPGOFaMY8c4TozjxjhejMNjHD/GCWKcMMaJhoaG/ls3SYyTxjhZzKjJY5wixiljnCrGqWOcJsZpY4YN/c/TizPEOGOMM8U4c4yzxDhrjLPFOHuMc8Q4Z4xzxTh3jPPEOG+M88U4f4wLxLhgjAvFuHCMi8S4aIzEuFiMi8e4RIxLxrhUjEvHuEyMy8a4XIzLx7hCjCvGuFKMK8c4IsZVYlw1xtViXD3GNWJcM8a1Ylw7xnViXDfG9WJcP8YNYtwwxo1i3DjGTWLcNMbNYtw8xi1i3DLGrWLcOsZtYtw2xu1i3D7GHWLcMcadYtw5xl1i3DXG3WLcPcY9Ytwzxr1i3DvGfWLcN8b9Ytw/xgNiPDDGg2I8OMZDYjw0xsNiPDzGI2I8MsajYjw6xmNiPDZGYzwuxuPj/9eDGxnjqBhPivHkGE+J8dQYT4vx9BjPiPHMGM+K8ex4HM+J8dwYz4vx/BgviPHCGC+K8eIYL4nx0hgvi/HyGK+I8coYr4rx6hivifHaGK+L8foYb4jxxhhvivHmGG+JMYj/R28fxRjHmMSYxpjFmMdYxFjGWMVYx9jE2MbYxdjHOIjx1hhvi/H2GO+I8c4Y74rx7hjvifHeGO+L8f4YH4jxwRgfivHhGB+J8dEYH4vx8RifiPHJGJ+K8ekYn4nx2Rifi/H5GF+I8cUYX4rx5RhfifHVGF+L8fUY34jxzRjfivHtGN+J8d0Y34vx/Rg/iPHDGD+K8eMYP4nx0xg/i/HzGL+I8csYv4rx6xi/ifHbGL+L8fsYf4jxxxh/ivHnGH+J8dcYf4vx9xj/iPHPGP+K8e8Y/4nx3xhHj4VDCQ5LcIwEx0xwrATHTnCcBMdNcLwEhyc4foITJDhhghMlOHGCkyQ4aYKTJTh5glMkOGWCUyU4dYLTJDhtgtMlOH2CMyQ4Y4IzJThzgrMkOGuCsyU4e4JzJDhngnMlOHeC8yQ4b4LzJTh/ggskuGCCCyW4cIKLJLhogiS4WIKLJ7hEwnFLJrhUgksnuEyCyya4XILLJ7hCgismuFKCKyc4IsFVElw1wdUSXD3BNRJcM8G1Elw7wXUSXDfB9RJcP8ENEtwwwY0S3DjBTRLcNMHNEtw8wS0S3DLBrRLcOsFtEtw2we0S3D7BHRLcMcGdEtw5wV0S3DXB3RLcPcE9Etwzwb0S3DvBfRLcN8H9Etw/wQMSPDDBgxI8OMFDEjw0wcMSPDzBIxI8MsGjEjw6wWMSPDZBEzwuweMTPCHBExMcmeCoBE9K8OQET0nw1ARPS/D0BM9I8MwEz0rw7ATPSfDcBM9L8PwEL0jwwgQvSvDiBC9J8NIEL0vw8gSvSPDKBK9K8OoEr0nw2gSvS/D6BG9I8MYEb0rw5gRvSTBIMEwwSjBOMEkY/X+/HTRPsEiwTLBKsE6wSbBNsEuwT3CQ4K0J3pbg7QnekeCdCd6V4N0J3pPgvQnel+D9CT6Q4IMJPpTgwwk+kuCjCT6W4OMJPpHgkwk+leDTCT6T4LMJPpfg8wm+kOCLCb6U4MsJvpLgqwm+luDrCb6R4JsJvpXg2wm+k+C7Cb6X4PsJfpDghwl+lODHCX4y+kQ/TfCzBD9P8IsEv0zwqwS/TvCbBL9N8LsEv0/whwR/TPCnBH9O8JcEf03wtwR/T/CPBP9M8K8E/07wnwT/TXB0gkMpDktxjBTHTHGsFMdOcZwUx01xvBSHpzh+ihOkOGGKE6U4cYqTpDhpipOlOHmKU6Q4ZYpTpTh1itOkOG2K06U4fYozpDhjijOlOHOKs6Q4a4qzpTh7inOkOGeKc6U4d4rzpDhvivOlOH+KC6S4YIoLpbhwioukuGiKpLhYiounuESKS6a4VIpLp7hMisumuFyKy6e4QoorprhSiiunOCLFVVKGjUxxtRRXT3GNFNdMca0U105xnRTXTXG9FNdPcYMUN0xxoxQ3TnGTFDdNcbMUN09xixS3THGrFLdOcZsUt01xuxS3T3GHFHdMcacUd05xlxR3TXG3FHdPcY8U90xxrxT3TnGfFPdNcb8U90/xgBQPTPGgFA9O8ZAUD03xsBQPT/GIFI9M8agUj07xmBSPTdEUj0vx+BRPSPHEFP+Le1SKJ6V4coqnpHhqiqeleHqKZ6R4ZopnpXh2iuekeG6K56V4fooXpHhhiheleHGKl6R4aYqXpXh5ilekeGWKV6V4dYrXpHhtiteleH2KN6R4Y4o3pXhzuu+Et6QYpBimGKUYp5ikmKaYpZinWKRYplilWKfYpNim2KXYpzhI8dYUb0vx9hTvSPHOFO9K8e4U70nx3hTvS/H+FB9I8cEUH0rx4RQfSfHRFB9L8fEUn0jxyRSfSvHpFJ9J8dkUn0vx+RRfSPHFFF9K8eUUX0nx1RRfS/H1FN9I8c0U30rx7RTfSfHdFN9L8f0UP0jxwxQ/SvHjFD9J8dMUP0tHDH2e4hcpfpniVyl+neI3KX6b4ncpfp/iDyn+mOJPKf6c4i8p/pribyn+nuIfKf6Z4l8p/p3iPyn+m+LoFIcyHJbhGBmOmeFYGY6d4TgZjpvheBkOz3D8DCfIcMIMJ8pw4gwnyXDSDCfLcPIMp8hwygynynDqDKfJcNoMp8tw+gxnyHDGDGfKcOYMZ8lw1gxny3D2DOfIcM4M58pw7gznyXDeDOfLcP4MF8hwwQwXyhi1cIaLZLhohmS4WIaLZ7hEhktmuFSGS2e4TIbLZrhchstnuEKGK2a4UoYrZzgiw1UyXDXD1TJcPcM1Mlwzw7UyXDvDdTJcN8P1Mlw/ww0y3DBj2EYZbpzhJhlumuFmGW6e4RYZbpnhVhlunTF8mwy3zXC7DLfPcIcMd8xwpwx3znCXDHfNcLcMd89wjwz3zHCvDPfOcJ8M981wvwz3z/CADA/M8KAMD87wkAwPzfCwDA/P8IgMj8zwqAyPzvCYDI/N0AyPy/D4DE/I8MQMR2Y4KsOTMjw5w1MyPDXD0zI8PcMzMjwzw7MyPDvDczI8N8PzMjw/wwsyvDDDizK8OMNLMrw0w8syvDzDKzK8MsOrMrw6w2syvDbD6zK8PsMbMrwxw5syvDnDWzIMMgwzjDKMM0wyTDPMMswzLDIsM6wyrDNsMmwz7DLsMxxkeGuGt2V4e4Z3ZHhnhndleHeG92R4b/Y/NdD9GT6Q4YMZPpThwxk+kuGjGT6W4eMZPpHhkxk+leHTGT6T4bMZPpfh8xm+kOGLGb6U4csZvpLhqxm+luHrGb6R4ZsZvpXh2xm+k+G7Gb6X4fsZfpDhhxl+lOHHGX6S4acZfpbh5xl+keGXGX6V4dcZfpPhtxl+l+H3Gf6Q4Y8Z/pThzxn+kuGvGf6W4e8Z/pHhnxn+leHfGf6T4b8Zjs5wKMdhOY6R45g5jpXj2DmOk+O4OY6X4/Acx89xghwnzHGiHCfOcZIcJ81xshwnz3GKHKfMcaocp85xmhynzZl+vqEhp89xhhxnzHGmHGfOcZYcZ81xthxnz3GOHOfMca4c585xnhznzXG+HOfPcYEcF8xxoRwXznGRHBfNkRwXy3HxHJfIcckcl8px6RyXyXHZHJfLcfkcV8hxxRxXynHlHEfkuEqOq+a4Wo6r57hGjmvmuFaOa+e4To7r5rhejuvnuEGOG+a4UY4b57hJjpvmuFmOm+e4RY5b5rhVjlvnuE2O2+a4XY7b57hDjjvmuFOOO+e4S4675rhbjrvnuEeOe+a4V45757hPjvvmuF+O++d4QI4H5nhQjgfneEiOh+Z4WI6H53hEjkfmeFSOR+d4TI7H5miOx+V4fI4n5HhijiNzHJXjSTmenOMpOZ6a42k5np7jGTmemeNZOZ6d4zk5npvjeTmen+MFOV6Y40U5XpzjJTlemuNlOV6e4xU5XpnjVTleneM1OV6b43U5Xp/jDTnemONNOd6c4y05BjmGOUY5xjkmOaY5ZjnmORY5ljlWOdY5Njm2OXY59jkOcrw1x9tyvD3HO3K8M8e7crw7x3tyvDfH+3K8P8cHcnwwx4dyfDjHR3J8NMfHcnw8xydyfDLHp3J8Osdncnw2x+dyfD7HF3J8MceXcnw5x1dyfDXH13J8Pcc3cnwzx7dyfDsf5Ts5vpvjezm+n+MHOX6Y40c5fpzjJzl+muNnOX6e4xc5fpnjVzl+neM3OX6b43c5fp/jDzn+mONPOf6c4y85/prjbzn+nuMfOf6Z4185/p3jPzn+m+PoHIcKHFbgGAWOWeBYBY5d4DgFjlvgeAUOL3D8AicocMICJypw4gInKXDSAicrcPICpyhwygKnKnDqAqcpcNoCpytw+gJnKHDGAmcqcOYCZylw1gJnK3D2AucocM4C5ypw7gLnKXDeAucrcP4CFyhwwQIXKnDhAhcpcNECKXCxAhcfPXr0iQUuWeBSBS5d4DIFLlvgcgUuX+AKBa5Y4EoFrlzgiAJXKXDVAlcrcPUC1yhwzQLXKnDtAtcpcN0C1ytw/QI3KHDDAjcqcOMCNylw0wI3K3DzArcocMsCtypw6wK3KXDbArcrcPsCdyhwxwJ3KnDnAncpcNcCdytw9wL3KHDPAvcqcO8C9ylw1NDQ0H4F7l/gAQUeWOBBBR5c4CEFHlrgYQUeXuARBR5Z4FEFHl3gMQUeW6AFHlfg8QWeUOB/uRr5394FnlTgyQWeUuCpBZ5W4OkFnlHgmQWeVeDZBZ5T4LkFnlfg+QVeUOCFBV5U4MUFXlLgpQVeVuDlBV5R4JUFXlXg1QVeU+C1BV5X4PUF3lDgjcW4/78275ahYQYFhgVGBcYFJgWmBWYF5gUWBZYFVgXWBTYFtgV2BfYFDgq8tcDbCry9wDsKvLPAuwq8u8B7Cry3wPsKvL/ABwp8sMCHCny4wEcKfLTAxwp8vMAnCnyywKcKfLrAZwp8tsDnCny+wBcKfLHAlwp8ucBXCny1wNcKfL3ANwp8s8C3Cny7wHcKfLfA9wp8v8APCvywwI8K/LjATwr8tMDPCvy8wC8K/LLArwr8usBvCvy2wO8K/L7AHwr8scCfCvy5wF8K/LXA3wr8vcA/CvyzwL8K/LvAfwr8t8DRBQ6VOKzEMUocs8SxShy7xHFKHLfE8UocXuL4JU5Q4oQlTlTixCVOUuKkJU5W4uQlTlHilCVOVeLUJU5T4rQlTlfi9CXOUOKM5f/zaM9SjuesJc5W4uwlzlHinCXOVeLcJc5T4rwlzlfi/CUuUOKCJS5U4sIlLlLioiVS4mIlLl7iEiUuWeJSJS5d4jIlLlviciUuX+IKJa5Y4kolrlziiBJXKXHVElcrcfUS1yhxzRLXKnHtEtcpcd0S1ytx/RI3KHHDEjcqceMSNylx0xI3K3HzErcoccsStypx6xK3KXHbErcrcfsSdyhxxxJ3KnHnEncpcdcSdytx9xL3KHHPEvcqce8S9ylx3xL3K3H/Eg8o8cASDyrx4BIPKfHQEg8r8fASjyjxyBKPKvHoEo8p8dgSLfG4Eo8v8YQSTyxxZImjSjypxJNLPKXEU0s8rcTTSzyjxDNLPKvEs0s8p8RzSzyvxPNLvKDEC0u8qMSLS7ykxEtLvKzEy0u8osQrS7yqxKtLvKbEa0u8rsTrS7yhxBtLvKnEm0u8pcSgxLDEqMS4xKTEtMSsxLzEosSy/F+N90ibEtsSuxL7Egcl3lribSXeXuIdJd5Z4l0l3l3iPSXeW+J9Jd5f4gMlPljiQyU+XOIjJT5a4mMlPl7iEyU+WeJTJT5d4jMlPlvicyU+X+ILJb5Y4kslvlziKyW+WuJrJb5e4hslvlniWyW+XeI7Jb5b4nslvl/iByV+WOJHJX5c4iclflriZyV+XuIXJX5Z4lclfl3iNyV+W+J3JX5f4g8l/ljiTyX+XOIvJf5a4m8l/l7iHyX+WeJfJf5d4j8l/lvi6BKHKhxW4RgVjlnhWBWOXeE4FY5b4XgVDq9w/AonqMZxwgonqnDiCiepcNIKJ6tw8gqnqHDKCqeqcOoKp6lw2gqnq3D6CmeocMYKZ6pw5gpnqXDWCmercPYK56hwzv97/twVzlPhvBXOV+H8FS5Q4YIVLlThwhUuUuGiFVLhYhUuXuESFS5Z4VIVLl3hMhUuW+FyFS5f4QoVrljhShWuXOGIClepcNUKV6tw9QrXqHDNCteqcO0K16lw3QrXq3D9CjeocMMKN6pw4wo3qXDTCjercPMKt6hwywq3qnDrCrepcNsKt6tw+wp3qHDHCneqcOcKd6lw1wp3q3D3CveocM8K96pw7wr3qXDfCvercP8KD6jwwAoPqvDgCg+p8NAKD6vw8AqPqPDICo+q8OgKj6nw2Aqt8LgKj6/whApPrHBkhaMqPKnCkys8pcJTKzytwtMrPKPCMys8q8KzKzynwnMrPK/C8yu8oMILK7yowosrvKTCSyu8rGLoP2xdUeGVFV5V4dUVXlPhtRVeV+H1Fd5Q4Y0V3lThzRXeUmFQYVhhVGFcYVJhWmFWYV5hUWFZYVVhXWFTYVthV2Ff4aDCWyu8rcLbK7yjwjsrvKvCuyu8p8J7K7yvwvsrfKDCByt8qMKHK3ykwkcrfKzCxyt8osInK3yqwqcrfKbCZyt8rsLnK3yhwhcrfKnClyt8pcJXK3ytwtcrfKPCNyt8q8K3K3ynwncrfK/C9yv8oMIPK/yowo8r/KTCTyv8rMLPK/yiwi8r/KrCryv8psJvK/yuwu8r/KHCHyv8qcKfK/ylwl8r/K3C3yv8o8I/K/yrwr8r/KfCf//j+xAO1TisxjFqHLPGsWocu8Zxahy3xvFqHF7j+DVOUOOENU5U48Q1TlLjpDVOVuPkNU5R45Q1TlXj1DVOU+O0NU5X4/Q1zlDjjDXOVOPMNc5S46w1zlbj7DXOUeOcNc5V49w1zlPjvDXOV+P8NS5Q44I1LlTjwjUuUuOiNVLjYjUuXuMSNS5Z41I1Ll3jMjUuW+NyNS5f4wo1rljjSjWuXOOIGlepcdUaV6tx9RrXqHHNGteqce0a16lx3RrXq3H9GjeoccMaN6px4xo3qXHTGjercfMat6hxyxq3qnHrGrepcdsat6tx+xp3qHHHGneqcecad6lx1xp3q9d29xr3qHHPGveqce8a96lx3xr3q3H/Gg+o8cAaD6rx4BoPqfHQGg+r8fAaj6jxyBqPqvHoGo+p8dgarfG4Go+v8YQaT6xxZI2jajypxpNrPKXGU2s8rcbTazyjxjNrPKvGs2s8p8ZzazyvxvNrvKDGC2u8qMaLa7ykxktrvKzGy2u8osYra7yqxqtrvKbGa2u8rsbra7yhxhtrvKnGm2u8pcagxrDGqMa4xqTGtMasxrzGosayxqrGusamxrbGrsa+xkGNt9Z4W42313hHjXfWeFeNd9d4T4331nhfjffX+ECND9b4UI0P1/hIjY/W+FiNj9f4RI1P1vhUjU/X+EyNz043bOg/7jxf4ws1vljjSzW+XOMrNb5a42s1vl7jGzW+WeNbNb5d4zs1vlvjezW+X+MHNX5Y40c1flzjJzV+WuNnNX5e4xc1flnjVzV+XeM3NX5b43c1fl/jDzX+WONPNf5c4y81/lrjbzX+XuMfNf5Z4181/l3jPzX+W+PoGocaHNbgGA2O2eBYDY7d4DgNjtvgeA0Ob3D8BidocMIGJ2pw4gYnaXDSBidrcPIGp2hwygananDqBqdpcNoGp2tw+gZnaHDGBmdqcOYGZ2lw1gZna3D2BudocM4G52pw7gbnaXDeBudrcP4GF2hwwQYXanDhBhdpcNEGaXCxBhdvcIkGl2xwqQaXbnCZBpdtcLkGl29whQZXbHClBlducESDq/yXg2FDQ6s1uHqDazS4ZoNrNbh2g+s0uG6D6zW4foMbNLhhgxs1uHGDmzS4aYObNbh5g1s0uGWDWzW4dYPbNLhtg9s1uH2DOzS4Y4M7Nbhzg7s0uGuDuzW4e4N7NLhng3s1uHeD+zS4b4P7Nbh/gwc0eGCDBzV4cIOHNHhog4c1eHiDRzR4ZINHNXh0g8c0eGyDNnhcg8c3eEKDJzY4ssFRDZ7U4MkNntLgqQ2e1uDpDZ7R4JkNntXg2Q2e0+C5DZ7X4PkNXtDghQ1e1ODFDV7S4KUNXtbg5Q1e0eCVDV7V4NUNXtPgtQ1e1+D1Dd7Q4I0N3tTgzQ1DI4eGDBoMG4wajBtMGkwbzBrMGywaLBusGqwbbBpsG+wa7BscNHhrg7c1eHuDdzR4Z4N3NXh3g/c0eG+D9zV4f4MPNPhggw81+HCDjzT4aIOPNfh4g080+GSDTzX4dIPPNPhsg881+HyDLzT4YoMvNfhyg680+GqDrzX4eoNvNPhmg281+HaD7zT4boPvNfh+gx80+GGDHzX4cYOfNPhpg581+HmDXzT4ZYNfNfh1g980+G2D3zX4fYM/NPhjgz81+HODvzT4a4O/Nfh7g380+GeDfzX4d4P/NPhvg6MbHGpxWItjtDhmi2O1OHaL47T/x5P8f+r04S2O3+IELU7Y4kQtTtziJC1O2uJkLU7e4hQtTtniVC1O3eI0LU7b4nQtTt/iDC3O2OJMLc7c4iwtztribC3O3uIcLc7Z4lwtzt3iPP87qq/F+VtcoMUFW1yoxYVbXKTFRVukxcVaXLzFJVpcssWlWly6xWVaXLbF5VpcvsUVWlyxxZVaXLnFES2u0uKqLa7W4uotrtHimi2u1eLaLa7T4rotrtfi+i1u0OKGLW7U4sYtbtLipi1u1uLmLW7R4pYtbtXi1i1u0+K2LW7X4vYt7tDiji3u1OLOLe7S4q4t7tbi7i3u0eKeLY47NDS0d4v7tLhvi/u1uH+LB7R4YIsHtXhwi4e0w4YObfGwFg9v8YgWj2zxqBaPbvGYFo9t0RaPa/H4Fk9o8cQWR7Y4qh0+dFKLJ7d4Sountnhai6e3eEaLZ7Z4Votnt3hOi+e2eF6L57d4QYsXtnhRixe3eEmLl7Z4WYuXt3hFi1e2eFWLV7d4TYvXtnhdi9e3eEOLN7Z4U4s3t3hLi0GLYYtRi3GLSYtpi1mLeYtFi2WLVYt1i02LbYtdi32LgxZvbfG2Fm9v8Y4W72zxrhbvbvGeFu9t8b4W72/xgRYfbPGhFh9u8ZEWH23xsRYfb/GJFp9s8akWn27xmRafbfG5Fp9v8YUWX2zxpRZfbvGVFl9t8bUWX2/xjRbfbPGtFt9u8Z0W323xvRbfb/GDFj9s8aMWP27xkxY/bfGzFj9v8YsWv2zxqxa/bvGbFr9t8bsWv2/xhxZ/bPGnFn9u8ZcWf23xtxZ/b/GPFv9s8a8W/27xnxb/bXF0i0MdDutwjA7H7HCsDsfucJwOx+1wvA6Hdzh+hxN0OGGHE3U4cYeTdDhph5N1OHmHU3Q4ZYdTdTh1h9N0OG2H03U4fYczdDhjhzN1OHO30wRDQzhrh7N1OHuHc3Q4Z4dzdTh3h/N0OG+H83U4f4cLdLhghwt1uHCHi3S4aId0uFiHi3e4RIdLdrhUh0t3uEyHy3a4XIfLd7hChyt2uFKHK3c4osNVOly1w9U6XL3DNTpcs8O1Oly7w3U6XLfD9Tpcv8MNOtyww4063LjDTTrctMPNOty8wy063LLDrTrcusNtOty2w+063L7DHTrcscOdOty5w1063LXD3TrcvcM9Otyzw7063LvDfTrct8P9Oty/wwM6PLDDgzo8uMNDOjy0w8M6PLzDIzo8ssOjOjy6w2M6PLZDOzyuw+M7PKHDEzsc2eGoDk/q8OQOT+nw1A5P6/D0Ds/o8MwOz+rw7A7P6fDcDs/r8PwOL+jwwg4v6vDiDi/p8NIOL+vw8g6v6PDKjmH/4erqDq/p8NoOr+vw+g5v6PDGDm/q8OYOb+kw6DDsMOow7jDpMO0w6zDvsOiw7LDqsO6w6bDtsOuw73DQ4a0d3tbh7R3e0eGdHd7V4d0d3tPhvR3e1+H9HT7Q4YMdPtThwx0+0uGjHT7W4eMdPtHhkx0+1eHTHT7T4bMdPtfh8x2+0OGLHb7U4csdvtLhqx2+1uHrHb7R4ZsdvtXh2x2+0+G7Hb7X4fsdftDhhx1+1OHHHX7S4acdftbh5x1+0eGXHX7V4dcdftPhtx1+1+H3Hf7Q4Y8d/tThzx3+0uGvHf7W4e8d/tHhn92wkf/bY/mnw387HN3hUI/DehyjxzF7HKvHsXscp8dxexyvx+E9jt/jBD1O2ONEPU7c4yQ9TtrjZD1O3uMUPU7Z41Q9Tt3jND1O2+N0PU7f4ww9ztjjTD3O3OMsPc7a42w9zt7jHD3O2eNcPc7d4zw9zrs+ztfj/D0u0OOCPS7U48I9LtLjoj3S42I9Lt7jEj0u2eNSPS7d4zI9Ltvjcj0u3+MKPa7Y40o9rtzjiB5X6XHVHlfrcfUe1+hxzR7X6nHtHtfpcd0e1+tx/R436HHDHjfqceMeN+lx0x4363HzHrfoccset+px6x636XHbHrfrcfsed+hxxx536nHnHnfpcdced+tx9x736HHPHvfqce8e9+lx3x7363H/Hg/o8cAeD+rx4B4P6fHQHg/r8fAej+jxyB6P6vHoHo/p8dge7fG4Ho/v8YQeT+xxZI+jejypx5N7PKXHU3s8rcfTezyjxzN7PKvHs3s8p8dzezyvx/N7vKDHC3u8qMeLe7ykx0t7vKzHy3u8oscre7yqx6t7vKbHa3u8rsfre7yhxxt7vKnHm3u8pcegx7DHqMe4x6THtMesx7zHoseyx6rHeuyhof8w3PbY9dj3OOjx1h5v6/H2Hu/o8c4e7+rx7v5/vAX39nhfj/f3+ECPD/b4UI8P9/hIj4/2+FiPj/f4RI9P9vhUj0/3+EyPz/b4XI/P9/hCjy/2+FKPL/f4So+v9vhaj6/3+EaPb/b4Vo9v9/hOj+/2+F6P7/f4QY8f9vhRjx/3+EmPn/b4WY+f9/hFj1/2+FWPX/f4TY/f9vhdj9/3+EOPP/b4U48/9/hLj7/2+FuPv/f4R49/9vhXj3/3+E+P//Y4usehAQ4b4BgDHHOAYw1w7AGOM8BxBzjeAIcPcPwBTjDACQc40QAnHuAkA5x0gJMNcPIBTjHAKQc41QCnHuA0A5x2gNMNcPoBzjDAGQc40wBnHuAsA5x1gLMNcPYBzjHAOQc41wDnHuA8A5x3gPMNcP4BLjDABQe40AAXHuAiA1x0gAxwsQEuPsAlBrjkAJca4NIDXGaAyw5wuQEuP8AVBrjiAFca4MoDHDHAVQa46gBXG+DqA1xjgGsOcK0B/x9N5xg+xtX04X+Stqlt27pr223K1Klt826bpLZt2+3aqG3btpH3yvM+z/l2vp39YefMzlyzrhfg+gFuEOCGAW4U4LAANw5wkwA3DXCzADdfdWBgLJbDA9wywK0C3DrAbQLcNsDtAtw+wBEB7hDgjgHuFODOAe4S4K4B7hbg7gHuEeCeAe4V4N4B7hPgvgHuF+D+AR4Q4IEBHhTgwQEeEuChAR4W4OEBHhHgkQEeFeDRAR4T4LEBGuBxAR4f4AkBjgxwVICjAzwxwJMCPDnAUwI8NcDTAjw9wDMCPDPAswI8O8BzAjw3+P9Zy2PXBQFeGOBFAV4c4CUBXhrgZQFeHuAVAV4Z4FUBXh3gNQFeG+B1AV4f4A0B3hjgTQHeHOAtAd4a4G0B3h7gHQHeGeBdAd4d4D0B3hvgfQHeHzDmrwAfDPChAB8OMAgwHMvvf8+XBJgGmP1Xb0WAZYBVgHWATYBtgF2AfYCPBPhogI8F+HiATwT4ZIBPBfh0gM8E+GyAzwX4fIAvBPhigC8F+HKArwT4aoCvBfh6gG8E+GaAbwX4doDvBPhugO8F+H7wnxrmjIMH8KMAPw7wkwA/DfCzAD8P8IsAvwzwqwC/DvCbAL8N8LsAvw/whwB/DPCnAH8O8JcAfw3wtwB/D/CPAP8McCxOfwf4T4D/BjgmwIEQB4U4OMQhIY4T4rghjhfi0BDHD3GCECcMcaIQJw5xkhAnDXGyECcPcYoQpwxxqhCnDnGaEKcNcboQpw9xhhBnDAfGnynEmUOcJcRZQ5wtxNlDnCPEOUOcK8S5Q5wnxHlDnC/E+UNcIMQFQ1woxIVDXCTERUNcLMTFQyTEJUJcMsSlQlw6xGVCXDbE5UJcPsQVQlwxxJVCXDnEVUJcNcTVQlw9xDVCXDPEtUJcO8R1Qlw3xPVCXD/EDULcMMSNQhwW4sYhbhLipiFuFuLmIW4R4vAQtwxxqxC3DnGbELcNcbsQtw9xRIg7hLhjiDuFuHOIu4S4a4i7hbh7iHuEuGeIe4W4d4j7hLhviPuFuH+IB4R4YIgHhXhwiIeEeGiIh4V4eIhHhHhkiEeFeHSIx4R4bIiGeFyIx4d4QogjQxwV4ugQTwzxpBBPDvGUEE8N8bQQTw/xjBDPDPGsEM8O8ZwQzw3xvBDPD/GCEC8M8aIQLw7xkhAvDfGyEC8P8YoQrwzxqhCvDvGaEK8N8boQrw/xhhBvDPGmEG8O8ZYQbw3xthBvD/GOEO8M8a4Q7w7xnhDvDfG+EO8P8YEQHwzxoRAfDjEIMQzHDB17141DTEJMQ8xCzEMsQixDrEKsQ2xCbEPsQuxDfCTER0N8LMTHQ3wixCdDfCrEp0N8JsRnQ3wuxOdDfCHEF0N8KcSXQ3wlxFdDfC3E10N8I8Q3Q3xrgoGBsX57J8R3Q3wvxPdD/CDED0P8KMSPQ/wkxE9D/CzEz0P8IsQvQ/wqxK9D/CbEb0P8LsTvQ/whxB9D/CnEn0P8JcRfQ/wtxN9D/CPEP0P8K8S/Q/wnxH9DHBPiQISDIhwc4ZAIx4lw3AjHi3BohONHOEGEE0Y4UYQTRzhJhJNGOFmEk0c4RYRTRjhVhFNHOE2E00Y4XYTTRzhDhDNGOFOEM0c4S4SzRvhlhLNHOEeEc0a41mQ4d4TzRDhvhPNFOH+EC0S4YIQLRbhwhItEuGiEi0W4eIREuESES0a4VIRLR7hMhMtGuFyEy0e4QoQrRrhShCtHuEqEq0a4WoSrR7hGhGuOPUOEa0e4ToTrRrhehOtHuEGEG0a4UYTDItw4wk0i3DTCzSLcPMItIhwe4ZYRbhXh1hFuE+G2EW4X4fYRjohwhwh3jHCnCHeOcJcId41wtwh3j3CPCPeMcK8I945wnwj3jXC/CPeP8IAID4zwoAgPjvCQCA+N8LAID4/wiAiPjPCoCI+O8JgIj43QCI+L8PgIT4hwZISjIhwd4YkRnhThyRGeEuGpEZ4W4ekRnhHhmRGeFeHZEZ4T4bkRnhfh+RFeEOGFY/UygBdHeEn0/3eDyyK8PMIrIrwywqsivDrCayK8NsLrIrw+whsivDHCmyK8OcJbIrw1wtsivD3COyK8M8K7Irw7wnsivDfC+yK8P8IHInwwwocifDjCIMIwwijCOMIkwjTCLMI8wiLCMsIqwjrCJsI2wi7CPsJHInw0wscifDzCJyJ8MsKnInw6wmcifDbC5yJ8PsIXInwxwpcifDnCVyJ8NcLXInw9wjcifDPCtyJ8O8J3Inw3wvcifD/CDyL8MMKPxvpsYGDgkwg/jfCzCD+PGPzFf73yVYRfR/hNhN9G+F2E30f4Q4Q/RvhThD9H+EuEv0b4W4S/R/hHhH9G+FeEf0f4T4T/RjgmwoEYB8U4OMYhMY4T47gxjhfj0BjHj3GCGCeMcaIYJ45xkhgnjXGyGCePcYoYp4xxqhinjnGaGKeNcboYp49xhhhnjHGmGGeOcZYYZ41xthhnj3GOGOeMca4Y545xnhjnjXG+GOePcYEYF4xxoRgXjnGRGBeNcbEYF4+RGJeIcckYl4px6RiXiXHZGJeLcfkYV4hxxRhXinHlGFeJcdUYV4tx9RjXiHHNGNeKce0Y14lx3RjXi3H9GDeIccMYN4pxWIwbx7hJjJvGuFmMm8e4RYzDY9wyxq1i3DrGbWLcNsbtYtw+xhEx7hDjjjHuFOPOMe4S464x7hbj7jHuEeOeMe4V494x7hPjvjHuF+P+MR4Q44ExHhTjwTEeEuOhMR42NrGN8YgYj4zxqBiPjvGYGI+N0RiPi/H4GE+IcWSMo2IcHeOJMZ4U48kxnhLjqTGeFuPpMZ4R45kxnhXj2TGeE+O5MZ4X4/kxXhDjhTFeFOPFMV4S46UxXhbj5TFeEeOVMV4V49UxXhMz4toYr4vx+hhviPHGGG+K8eYYb4nx1hhvi/H2GO+I8c4Y74rx7hjvifHeGO+L8f6YgYFBAz4Y40MxPhxjEGMYYxRjHGMSYxpjFmMeYxFjGWMVYx1jE2MbYxdjH+MjMT4a42MxPh7jEzE+GeNTMT4d4zMxPhvjczE+H+MLMb4Y40sxvhzjKzG+GuNrMb4e4xsxvhnjWzG+HeM7Mb4b43sxvh/jBzF+GONHMX4c4ycxfhrjZzF+HuMXMX4Z41cxfh3jNzF+G+N3MX4f4w8x/hjjTzH+HOMvMf4a428x/h7jHzH+GeNfMf4d4z8x/hvjmBgHEhyU4OAEhyQMHbsfN8HxEhya4PgJTpDghAlOlODECU6S4KQJTpbg5AlOkeCUCU6V4NQJTpPgtAlOl+D0Cc6Q4IwJzpTgzAnOkuCsCc6W4OwJzpHgnAnOleDcCc6T4LwJzpfg/AkukOCCCS6U4MIJLpLgogkuluDiCZLgEgkumeBSCS6d4DIJLpvgcgkun+AKCa6Y4EoJrpzgKgmumuBqCa6e4BoJrpngWgmuneA6Ca6b4HoJrp/gBglumOBGCQ5LcOMEN0lw0wQ3S3DzBLdIcHiCWya4VYJbJ7hNgtsmuF2C2yc4IsEdEtwxwZ0S3DnBXRLcNcHdEtw9wT0S3DPBvRLcO8F9Etw3wf0S3D/BAxI8MMGDEjw4wUMSPDTBwxI8PMEjEjwywaMSPDrBYxI8NkETPC7B4xM8IcGRCY5KcHSCJyZ40v86sxM8NcHTEjw9wTMSPDPBsxI8O8FzEjw3wfMSPD/BCxK8MMGLErw4wUsSvDTByxK8PMErErwywasSvDrBaxK8NsHrErw+wRsSvDHBmxK8OcFbErw1wdsSvD3BOxK8M8G7Erw7wXsSvDfB+xK8P8EHEnwwwYcSfDjBIMEwwSjBOMEkwTTBLME8wSLBMsEqwTrBJsE2wS7BPsFHEnw0wccSfDzBJxJ8MsGnEnw6wWcSfDbB5xJ8PsEXEnwxwZcSfDnBVxJ8NcHXEnw9wTcSfDPBtxJ8O8F3Enw3wfcSfD/BDxL8MMGPEvw4wU8S/DTBzxL8PMEvEvwywa8S/DrBbxL8NsHvEvw+wR8S/DHBnxL8OcFfEvw1wd8S/D3BPxL8M8G/Evw7wX8S/DfBMQkOpDgoxcEpDklxnBTHTXG8FIemOH6KE6Q4YYoTpThxipOkOGmKk6U4eYpTpDhlilOlOHWK06Q4bYrTpTh9ijOkOGOKM6U4c4qzpDhrirOlOHuKc6SMjVzOleLcKc6T4rwpzpfi/CkukOKCKS6U4sIpLpLioikuluLiKZLiEikumeJSKS6d4jIpLpvicikun+IKKa6Y4koprpziKimumuJqKa6e4hoprpniWimuneI6Ka6b4noprp/iBilumOJGKQ5LceMUN0lx0xQ3S3HzFLdIcXiKW6a4VYpbp7hNitumuF2K26c4IsUdUtwxxZ1S3DnFXVLcNcXdUtw9xT1S3DPFvVLcOx3iPinum+J+Ke6f4gEpHpjiQSkenOIhKR6a4mEpHp7iESkemeJRKR6d4jEpHpuiKR6X4vEpnpDiyBRHpTg6xRNTPCnFk1M8JcVTUzwtxdNTPCPFM1M8K8WzUzwnxXNTPC/F81O8IMULU7woxYtTvCTFS1O8LMXLU7wixStTvCrFq1O8JsVrU7wuxetTvCHFG1O8KcWbU7wlxVtTvC3F21O8I8U7U7wrxbtTvCfFe1O8L8X7U3wgxQdTfCjFh1MMUgzTCf5T64pTTFJMU8xSzFMsUixTrFKsU2xSbFPsUuxTfCTFR1N8LMXHU3wixSdTfCrFp1N8JsVnU3wuxedTfCHFF1N8KcWXU3wlxVdTfC3F11N8I8U3U3wrxbdTfCfFd1N8L8X3U/wgxQ9T/CjFj1P8JMVPU/wsxc9T/CLFL1P8KsWvU/wmxW9T/C7F78f67L+v7Z9S/DnFX1L8NcXfUvw9xT9S/DPFv1L8O8V/Uvw3xTEpDmQ4KMPBGQ7JcJwMx81wvAyHZjh+hhNkOGGGE2U4cYaTZDhphpNlOHmGU2Q4ZYZTZTh1htNkOG2G02U4fYYzZDhjhjNlOHOGs2Q4a4azZTh7hnNkOGeGc2U4d4bzZDhvhvNlOH+GC2S4YIYLZbhwhotkuGiGi2W4eIZkuESGS2a4VIZLZ7hMhstmuFyGy2e4QoYrZrhShitnuEqGq2a4WoarZ7hGhmtmk/9HM2tnuE6G62a4XobrZ7hBhhtmuFGGwzLcOMNNMtw0w80y3DzDLTIcnuGWGW6V4dYZbpPhthlul+H2GY7IcIcMd8xwpwx3znCXDHfNcLcMd89wjwz3zHCvDPfOcJ8M981wvwz3z/CADA/M8KAMD/7fR/gMD8vw8AyPyPDIDI/KGHR0hsdkeGyGZnhchsdneEKGIzMcleHoDE/M8KQMT87wlAxPzfC0DE/P8IwMz8zwrAzPzvCcDM/N8LwMz8/wggwvzPCiDC/O8JIML83wsgwvz/CKDK/MBkZdleHVGV6T4bUZXpfh9RnekOGNGd6U4c0Z3pLhrRneluHtGd6R4Z0Z3pXh3Rnek+G9Gd43FreBkf+dHI0PZfhwNmicsRyGGUYZxhkmGaYZZhnmGRYZlhlWGdYZNhm2GXYZ9hk+kuGjGT6W4eMZPpHhkxk+leHTGT6T4bMZPpfh8xm+kOGLGb6U4csZvpLhqxm+luHrGb6R4ZsZvpXh2xm+k+G7Gb6X4fsZfpDhhxl+lOHHGX6S4acZfpbh5xl+keGXGX6V4dcZfpPhtxl+l+H3Gf6Q4Y8Z/pThzxn+kuGvGf6W4e8Z/pHhnxn+leHfGf6T4b8ZjslwIMdBOQ7OcUiO4+Q4bo7j5Tg0x/FznCDHCXOcKMeJc5wkx0lznCxnyOQ5TpHjlDlOlePUOU6T47Q5Tpfj9DnOkOOMOc6U48w5zpLjrDnOluPsOc6R45w5zpXj3DnOk+O8Oc6X4/w5LpDjgjkulOPCOS6S46I5Lpbj4jmS4xI5LpnjUjkuneMyOS6b43I5Lp/jCjmumONKOa6c4yo5rprjajmunuMaOa6Z41o5rp3jOjmum+N6Oa6f4wY5bpjjRjkOy3HjHDfJcdMcN8tx8xy3yHF4jlvmuFWOW+e4TY7b5rhdjtvnOCLHHXLcMcedctw5x11y3DXH3XLcPcc9ctwzx71y3DvHfXLcN8f9ctw/xwNyPDDHg3I8OMdDcjw0x8NyPDzHI3I8Msejcjw6x2NyPDZHczwux+NzPCHHkTmOynF0jifmeFKOJ+d4So6n5nhajqfneEaOZ+Z4Vo5n53hOjuf+Vy/n53hBjhfmeFGOF+d4SY6X5nhZjpfneEWOV+Z4VY5X53hNjtfmeF2O1+d4Q4435nhTjjePOzAwVpO35nhbjrfneEeOd+Z4V45353hPjvfmeF+O9+f4QI4P5vhQjg/nGOQY5hjlGOeY5JjmmOWY51jkWOZY5Vjn2OTY5tjl2Of4SI6P5vhYjo/n+ESOT+b4VI5P5/hMjs/m+FyOz+f4Qo4v5vhSji/n+EqOr+b4Wo6v5/hGjm/m+FaOb+f4To7v5vheju/n+EGOH+b4UY4f5/hJjp/m+FmOn+f4RY5f5vhVjl/n+E2O3+b4XY7f5/hDjj/m+FOOP+f4S46/5vhbjr/n+EeOf+b4V45/5/hPjv/mOCbHgQIHFTi4wCEFjlPguAWOV+DQAscvcIL/7icqcOICJylw0gInK3DyAqcocMoCpypw6gKnKXDaAqcrcPoCZyhwxgJnKnDmAmcpcNYCZytw9gLnKHDOAucqcO4C5ylw3gLnK3D+AhcocMECFypw4QIXKXDRAhcrcPECKXCJApcscKkCly5wmQKXLXC5ApcvcIUCVyz+k2f8p6d5lQJXLXC1AlcvcI0C1yxwrQLXLnCdAtctcL0C1y9wgwI3LHCjAocVuHGBmxS4aYGbFbh5gVsUOLzALQvcqsCtC9ymwG0L3K7A7QscUeAOwwYGxuK+U4E7F7hLgbsWuFuBuxe4R4F7FrhXgXsXuE+B+xa4X4H7F3hAgQcWeFCBBxd4SIGHFnhYgYcXeESBRxZ4VIFHF3hMgccWaIHHFXh8gScUOLLAUQWOLvDEAk8q8OQCTynw1AJPK/D0As8o8MwCzyrw7ALPKfDcAs8r8PwCLyjwwgIvKvDiAi8p8NICLyvw8gKvKPDKAq8q8OoCrynw2gKvK/D6Am8o8MYCbyrw5gJvKfDWAm8r8PYC7yjwzgLvKvDuAu8p8N4C7yvw/gIfKPDBAh8q8OECgwLD/xI9FuekwLTArMC8wKLAssCqwLrApsC2wK7AvsBHCny0wMcKfLzAJwp8ssCnCny6wGcKfLbA5wp8vsAXCnyxwJcKfLnAV4ohvlrgawW+XuAbBb5Z4FsFvl3gOwW+W+B7Bb5f4AcFfljgRwV+XOAnBX5a4GcFfl7gFwV+WeBXBX5d4DcFflvgdwV+X+APBf5Y4E8F/lzgLwX+WuBvBf5e4B8F/lngXwX+XeA/Bf5b4JgCB0ocVOLgEoeUOE6J45Y4XolDSxy/xAlKnLDEiUqcuMRJSpy0xMlKnLzEKUqcssSpSpy6xGlKnLbE6UqcvsQZSpyxxJlKnLnEWUqctcTZSpy9xJ1LnLPEuUqcu8R5Spy3xPlKnL/EBUpcsMSFSly4xEVKXLTExUpcvERKXKLEJUtcqsSlS1ymxGVLXK7E5UtcocQVS1ypxJVLXKXEVUtcrcTVS1yjxDVLXKvEtUtcp8R1S1yvxPVL3KDEDUvcqMRhJW5c4iYlblriZiVuXuIWJQ4vBwb/r89y6xK3KXHbErcrcfsSR5S4Q4k7lrjTf599lxJ3LXG3EncvcY8S9yxxrxL3LnGfEvctcb8S9y/xgBIPHDNkYCx3B5d4SImHlnhYiYeXeESJR5Z4VIlHl3hMiceWaInHlXh8iSeUOLLEUSWOLvHEEk8q8eQSTynx1BJPK/H0Es8o8cwSzyrx7BLPKfHcEs8r8fwSLyjxwhIvKvHiEi8p8dISLyvx8hKvKPHKEq8q8eoSrynx2hKvK/H6Em8o8cYSbyrx5hJvKfHWEm8r8fYS7yjxzhLvKvHuEu8p+Z+7vb/EB0p8sMSHSny4xKDEsMSoxLjEpMS0xKzEvMSixLLEqsS6xKbEtsSuxL7ER0p8tMTHSny8xCdKfLLEp0p8usRnSny2xOdKfL7EF0p8scSXSny5xFdKfLXE10p8vcQ3SnyzxLdKfLvEd0p8t8T3Sny/xA9K/LDEj0r8uMRPSvy0xM9K/LzEL0r8ssSvSvy6xG9K/LbE70r8vsQfSvyxxJ9K/LnEX0r8tcTfSvy9xD9K/LPEv0r8u8R/Svy3xDElDlQ4qMLBFQ6pcJwKx61wvAqHVjh+hRNUOGGFE1U4cYWTVDhphZNVOHmFU1Q4ZYVTVTh1hdNUOG2F01U4fYUzVDhjhTNVOHOFs1Q4a4WzVTh7hXNUOGeFc1U4d4XzVDhvhfNVOH+FC1S4YIULVbhwhYtUuGiFi1W4eIVUuESFS1a4VIVLV7hMhctWuFyFy1e4QoUrVrhShStXuEqFq1a4WoWrV7hGhWtWuFaFa1e4ToXrVrhehetXuEGFG1a4UYXDKty4wk0q3LTCzSrcvMItKhxe4ZYVblXh1hVuU+G2FW5X4fYVjqhwhwp3rHCnCneucJcKd61wtwp3r3CPCvescK8K965wnwr3rXC/Cvev8IAKD6zwoAoPrvCQCg+t8LAKD6/wiAqPrPCoCo+u8JgKj63QCo+r8PgKT6hwZIWjKhxd4YkVnlThyRWeUuGpFZ5W4ekVnvE/t1V4doXnVHhuhedVeH6FF1R4YYUXVXhxhZdUeGmFl1V4eYVXVHhlhVdVeHWF11R4bYXXVXh9hTdUeGOFN1V4c4W3VHhrhbdVeHuFd1R4Z4V3VXh3hfdUeG+F91V4f4UPVPhghQ9V+HCFQYVhhVGFcYVJhWmFWYV5hUWFZYVVhXWFTYVthV2FfYWPVPhohY9V+HiFT1T4ZIVPVfh0hc9U+Gw1/IHnKny+whcqfLHClyp8ucJXKny1wtcqfL3CNyp8s8K3Kny7wncqfLfC9yp8v8IPqiH/iRcfVfhxhZ9U+GmFn1X4eYVfVPhlhV9V+HWF31T4bYXfVfh9hT9U+GOFP1X4c4W/VPhrhb9V+HuFf1T4Z4V/Vfh3hf9U+G+FYyocqHFQjYNrHFLjODWOW+N4NQ6tcfwaJ6hxwhonqnHiGiepcdIaJ6tx8hqnqHHKGqeqceoap6lx2hqnq3H6GmeoccYaZ6px5hpnqXHWGmercfYa56hxzhrnqnHuGuepcd4a56tx/hoXqHHBGheqceEaF6lx0RoXq3HxGqlxiRqXrHGpGpeucZkal61xuRqXr3GFGlescaUaV65xlRpXrXG1GlevcY0a16xxrRrXrnGdGtetcb0a169xgxo3rHGjGofVuHGNm9S4aY2b1bh5jVvUOLzGLWvcqsata9ymxm1r3K7G7WscUeMONe5Y40417lzjLjXuWuNuNe5e4x417lnjXjXuXeM+Ne5b43417j8eHlDjgTUeVOPBNR5S46E1Hlbj4TUeUeORNR5V49E1HlPjsTVa43E1Hl/jCTWOrHFUjaNrPLHGk2o8ucZTajy1xtNqPL3GM2o8s8azajy7xnNqPLfG82o8v8YLarywxotqvLjGS2q8tMbLary8xitqvLLGq2q8usZrary2xutqvL7GG2q8scabary5xltqvLXG22q8vcY7aryzxrtqvLvGe2q8t8b7ary/xgdqfLDGh2p8uMagxrDGqMa4xqTGtMasxrzGosayxqrGusamxrbGrsa+xkdqfLTGx2p8vMYnanyyxqdqfLrGZ2p8tsbnany+xhdqfLHGl2p8ucZXany1xtdqfL3GN2p8s8a3any7xndqfLfG92p8v8YPavywxo9q/LjGT2r8tMbPavy8xi9q/LLGr2r8usZvavy2xu9q/L7GH2r8scafavy5xl9q/LXG32r8vcY/avyzxr9q/LvGf2r8t8YxNQ40OKjBwQ0OaXCcBsdtcLwGhzY4foMTNDhhgxM1OHGDkzQ4aYOTNTh5g1M0OGWDUzU4dYPTNDhtg9M1OH2DMzQ4Y4MzNThzg7M0OGuDszU4e4NzNDhng3M1OHeD8zQ4b4PzNTh/gws0uGCDCzW4cIOLNLhog4s1uHiDNLhEg0s2uFSDSze4TIPLNoyzXIPLN7hCgys2uFKDKze4SoOrNrhag6s3uEaDaza4VoNrN0wyFpN1G1yvwfUb3KDBDRvcqMFhDW7c4CYNbtrgZg1u3uAWDQ5vcMsGt2pw6wa3aXDbBrdrcPsGRzS4Q4M7NrhTgzs3uEuDuza4W4O7N7hHg3s2uFeDeze4T4P7Nrhfg/s3eECDBzZ4UIMHN3hIg4c2eFiDhzd4RINHNnhUg0c3eEyDxzZog8c1eHyDJzQ4ssFRDY5u8MQGT2rw5AZPafDUBk9r8PQGz2jwzAbPavDsBs9p8NwGz2vw/AYvaPDCBi9q8OIGL2nw0gYva/DyBq9o8MoGr2oYenWD1zR4bYPXNXh9gzc0eGODNzV4c4O3NHhrg7c1eHuDd4zlagDHxsi7G7ynwXsbvK/B+xt8oMEHG3yowYcbDBoMG4wajBtMGkwbzBrMGywaLBusGqwbbBpsG+wa7Bt8pMFHG3yswccbfKLBJxt8qsGnG3ymwWcbfK7B5xt8ocEXG3ypwZcbfKXBVxt8rcHXG3yjwTcbfKvBtxt8p8F3G3yvwfcb/KDBDxv8qMGPG/ykwU8b/KzBzxv8osEvG/yqwa8b/KbBbxv8rsHvG/yhwR8b/KnBnxv8pcFfG/ytwd8b/KPBPxv8q8G/G/ynwX8bHNPgQIuDWhzc4pAWx2lx3BbHa3Foi+O3OEGLE7Y4UYsTtzhJi5O2OFmLk7c4RYtTtjhVi1O3OE2L07Y4XYvTtzhDizO2OFOLM7c4S4uztjhbi7O3OEeLc7Y4V4tztzhPi/O2OF+L87e4QIsLtrhQiwu3uEiLi7a4WIuLt0iLS7S4ZItLtbh0i8u0uGyLy7W4fIsrtLhiiyu1uPL//kjU4motrt7iGi2u2eJaLa7d4jotrtviei2u3+IGLW7Y4kYtDmtx4xY3aXHTFjdrcfMWt2hxeItbtrhVi1u3uE2L27a4XYvbtziixR1a3LHFnVrcucVdWty1xd1a3L3FPVrcs8W9Wty7xX1a3LfF/Vrcv8UDWjywxYNaPLjFQ1o8tMXDWjy8xSNaPLLFo1o8usVjWjy2RVs8rsXjWzyhxZEtjmpxdIsntnhSiye3eEqLp7Z4Wount3hGi2e2eFaLZ7d4Tovntnhei+e3g72gxQtbvKjFi1u8pMVLW7ysxctbvKLFK1u8qmX01S1e0+K1LV7X4vUt3tDijS3e1OLNLd7S4q0t3tbi7S3e0eKdLd7V4t0t3tPivS3e1+L9LT7Q4oMtPtTiwy0GLYYtRi3GLSYtpi1mLeYtFi2WLVYt1i02LbYtdi32LT7S4qMtPtbi4y0+0eKTLT7V4tMtPtPisy0+1+LzLb7Q4ostvtTiyy2+0uKrLb7W4ustvtHimy2+1eLbLb7T4rstvtfi+y1+0OKHLX7U4sctftLipy1+1uLnLX7R4pctftXi1y1+0+K3LX7X4vct/tDijy3+1OLPLf7S4q8t/tbi7y3+0eKfLf7V4t8t/tPivy2OaXGgw0EdDu5wSIfjdDhuh+N1OLTD8TucoMMJO5yow4k7nKTDSTucrMPJO5yiwyk7nKrDqTucpsNpO5yuw+k7nKHDGTucqcOZO5ylw1k7nK3D2Tuco8M5O5yrw7k7nKfDeTucr8P5O1ygwwU7XKjDhTtcpMNFO1ysw8U7pMMlOlyyw6U6XLrDZTpctsPlOly+wxU6XLH7/5kaY9cq3cDAqh2u1uHqHa7R4ZodrtXh2h2u0+G6Ha7X4fodbtDhhh1u1OGwDjfucJMON+1wsw4373CLDod3uGWHW3W4dYfbdLhth9t1uH2HIzrcocMdO9ypw5073KXDXTvcrcPdO9yjwz073KvDvTvcp8N9O9yvw/07PKDDAzs8qMODOzykw0M7PKzDwzs8osMjOzyqw6M7PKbDYzu0w+M6PL7DEzoc2eGoDkd3eGKHJ3V4coendHhqh6d1eHqHZ3R4ZodndXh2h+d0eG6H53V4focXdHhhhxd1eHGHl3R4aYeXdXh5h1d0eGWHV3V4dYfXdHhth9d1eH2HN6w64I0d/5v24i0d3trhbR3e3uEdHd7Z4V0d3t3hPR3e2+F9Hd7f4QMdPtjhQx0+3GHQYdhh1GHcYdJh2mHWYd5h0WHZYdVh3WHTYdth12Hf4SMdPtrhYx0+Ph4+0eGTHT7V4dMdPtPhsx0+1+HzHb7Q4YsdvtThyx2+0uGrHb7W4esdvtHhmx2+1eHbHb7T4bsdvtfh+x1+0OGHHX7U4ccdftLhpx1+1uHnHX7R4ZcdftXh1x1+0+G3HX7X4fcd/tDhjx3+1OHPHf7S4a8d/tbh7x3+0eGfHf7V4d8d/tPhvx2O6XCgx0E9Du5xSI/j9Dhuj+P1OLTH8XucoMcJe5yox4l7nKTHSXucrMfJe5yixyl7nKrHqXucpsdpe5yux+l7nKHHGXucqceZe5ylx1l7nK3H2Xuco8c5e5yrx7l7nKfHeXucr8f5e1ygxwV7XKjHhXtcpMdFe1ysx8V7pMclelyyx6V6XLrHZXpctsflely+xxV6XLHHlXpcucdVely1x9V6XL3HNXpcs8e1ely7x3V6XLfH9Xpcv8cNetywx416HNbjxj1u0uOmPW7W4+Y9btHj8B637HGrHrfucZset+1xux6373FEjzv0uGOPO/W4c4+79Lhrj7v1uHuPe/S4Z4979bh3j/v0uO84uF+P+/d4QI8H9nhQjwf3eMj4AwNjeTys//+6wxE9HtnjUT0e3eMxPR7boz0e1+PxPZ7Q48geR/U4uscTezypx5N7PKXHU3s8rcfTezyjxzN7PKvHs3s8p8dzezyvx/N7vKDHC3u8qMeLe7ykx0t7vKzHy3u8oscre7yqx6t7vKbHa3u8rsfre7yhxxt7vKnHm3u8pcdbe7ytx9t7vKPHO3u8q8e7e7ynx3t7vK/H+3t8oMcHe3yox4d7/L8AAAD//yDQ0jI=")
stat(&(0x7f0000000200)='./file0\x00', &(0x7f0000000140))

20.608841198s ago: executing program 0 (id=1532):
open$dir(0x0, 0x0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x63, 0xe8, 0x1e, 0x10, 0x1199, 0x25, 0x1e64, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x99, 0x0, 0x0, 0xff, 0xff, 0xff}}]}}]}}, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)

18.96572339s ago: executing program 4 (id=1545):
syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000100)='./bus\x00', 0x1000840, &(0x7f0000000400)=ANY=[@ANYBLOB="6572726f72733d636f6e74696e75652c73686f72746e616d653d6d697865642c756e695f786c6174653d302c696f636861727365743d63703933362c73686f72746e616d653d6d697865642c756e695f786c6174653d302c757466383d302c636f6465706167653d3733372c73686f72746e616d653d77696e6e742c696f636861727365743d6d61637475726b6973682c73686f72746e616d653d6d697865642c757466383d302c756e695f786c617465001d18"], 0x83, 0x367, &(0x7f0000002cc0)="$eJzs3T2IHOUbAPBnM3u7d4H874o/BAVxtBP0SCIW2nghXCC4jcriRyEu5qJyuwZucTEpsjkbsRQstbJLoYVFahEUsbOwNYJExULTBYyOzO7s1+3e5SJu4sfvVwzPve/zzPu+N8vd3Bz77otrsXl6Ic5cu3Y1FhdLUV47sRbXS7ESSQxcjGmVGW0AwD/D9SyLX7K+fZaUesdkrtMCAOao9/v/5UNjLW9+tld+VhqGv81zXgDA/BR//y/tlbO4W8fZuUwJAJizqef/9090Vyb/1V/22B8A/gWefu75J47XIp5K08WI1ludeqcej436j5+JV6MZG3EkluNGRP9GIT+UeseTp2rrR9I07cb3K1HPKzr1iFa3U+/fKRxPevXVOBrLsVLUF3cbWZYlJz+urR9NeyLiYrc3frRKnfpCHCzG/+ZgbMSxSOP/U/URp2rrx9LiBPXWoL4bsT16bpHPfzWW46uX4mw043TktYPbmtr6haNpeiKrTdR36tVeXt+uT0AAAAAAAAAAAAAAAAAAAAAAAOBPWU2HVob732Sj/XtWV2f0Ryvp1Pv1xf5A2/39gbJqFln28xsP1d9OYmJ/oJ3783Tq5ThwZ5cOAAAAAAAAAAAAAAAAAAAAfxvtc5VoNJsbW+1z5zfHg+5W+9yBiMhbXvviw0+XYjrnJkG5GGOsKy2azm82smSQnCUTOUWQ5IMPWi5dzquW8sN4TnW4ipnTqO7e1Wweuu+790Yt9ySDM/8+ykli9gKTHdMYD1r/60/pVr5Rw+DYTXKuZFm2W/mFF6arohRRvvULt3eQ5cHnV1+56+H24Ud6LZ9kfQ88uPzMlXc/+HGz0cxHjt4VrGy1b2SbjeLraFyq3sqgydjrpxT9YHCqXk55r/LtyZZG8vVPz979zpf7Gz0bb3l9Rk4+t0az+dHOrko/yKe5o2tp1lgLgwU+PnzZ3Ns/81964Q6/v9a4fOHbH/ZbNfZDwkYdAAAAAAAAAAAAAAAAAABwW4y9V7xQvNl3Ya+qR5+c/8wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4PYZff7/WLA91bKf4NduTHdVN7baEZU7vUwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP7j/ggAAP//JvBrlA==")
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8)

17.891844147s ago: executing program 0 (id=1554):
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000000340)=0xfffffffffffffff9, 0x4)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f00000002c0)=[@in6={0xa, 0x0, 0x0, @loopback={0xfec0ffff00000000}}, @in6={0xa, 0x0, 0x0, @private0}, @in={0x2, 0x4e21, @broadcast}], 0x48)

17.31132902s ago: executing program 0 (id=1557):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0))
ioctl$PPPIOCGNPMODE(r0, 0xc008744c, &(0x7f0000000140)={0x281})

17.212057273s ago: executing program 4 (id=1558):
syz_mount_image$exfat(&(0x7f0000000080), &(0x7f0000000000)='./file1\x00', 0x800, &(0x7f0000000180)={[{@discard}, {@errors_continue}, {@dmask={'dmask', 0x3d, 0x9}}, {@utf8}, {@errors_remount}, {@keep_last_dots}, {@fmask={'fmask', 0x3d, 0x1}}, {@errors_continue}, {@iocharset={'iocharset', 0x3d, 'cp874'}}, {@errors_continue}]}, 0x1, 0x1548, &(0x7f0000000380)="$eJzs3AuYTdX7OPD3XWvtMSSdJrkMa613c5LLMkmSS5JckiRJktwSkib5SkJiyC1pSEJyGZLLEJLLxKRxv98vCU2SJklCckvW/1H8fftVv++lvl/P85v38zz7sd6z9rv22vOeM2fvdZz5psvQmo1rVWtIRPCn4C//JAFALAAMBIBrACAAgHJx5eIu9OeUmPTnDsL+Wg+lXukZsCuJ65+9cf2zN65/9sb1z964/tkb1z974/pnb1x/xrKzzdMLXstb9t14/T874/f//0OySo/9Ym3p67sCxPyzKVz/7I3r/39W8M/sxPXP3rj+2VXslZ4A+yvN/vfS+PWfHeT4wx6uf/bG9WcsO/t5HTgnXPF16Cu1QSR7fwZypZ9/jDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcayh9P+MgUAl9pXel6MMcYYY4wxxhj76/gcV3oGjDHGGGOMMcYY+89DECBBQQAxkANiISfkAgEAV0MeuAYicC3EwXWQF66HfJAfCkBBiIdCUBg0GLBAEEIRKApRuAGKwY1QHEpASSgFDkpDAtwEZeBmKAu3QDm4FcrDbVABKkIlqAy3QxW4A6rCnVAN7oLqUANqQi24G2rDPVAH7oW6cB/Ug/uhPjwADeBBaAgPQSN4GBrDI9AEHoWm0AyaQwto+W/lvwA94EXoCb0gCXpDH3gJ+kI/6A8DYCC8DIPgFRgMr0IyDIGh8BoMg9dhOLwBI2AkjII3YTS8BWNgLIyD8ZACE2AivA2T4B2YDFNgKkyDVJgOM+BdmAmzYDa8B3PgfZgL82A+LIA0+AAWwiJIhw9hMXwEGbAElsIyWA4rYCWsgtWwBtbCuh/7wgbYCJtgM2yBrbANtsMO2Akfwy74BHbDntfnAUAmfPZH+bD+d/NPXcqHvfApZEJXBAQUKFChwhiMwViMxVyYC3NjbsyDeTCCEYzDOMyLeTEf5sMCWADjMR4LY2E0aJCQsAgWwShGsRgWw+JYHEtiSXToMAETsAzejGWxLJbDclgey2MFrIgVsTJWxipYBatiVayG1bA6VseaWBPvxruxN9bBOlgX62I9rHdpeQobYkNshI2wMTbGJtgEm2JTbI7NsSW2xFbYCltja2yLbbEdtsP22B4TMRE7YAfsiB2xE3bCztgZu2AX7IrdsFvWCzkAX8QXsRdWF72xD/bBvpicoz8OwAH4Mg7CV/AVfBWTcQgOxdfwNXwdh+NJHIEjcRSOwiriLRyDY5HEeEzBFJyIE3ESTsLJOAWn4DRMxek4A2fgTJyFs/A9nIPv4/s4D+fhAkzDNFyIizAd03ExnsIMXIJLcRkuxxW4HFfhalyFa3EdrsUNuAE34SbcgltwG27DHbgDP0YFgJ/gHtyDyZiJmbgP9+F+3I8H8ABmYRYexIN4CA/hYTyMR/AIHsVjeByP4Qk8gSfxFJ7G03gWz+I5fC7+q0Yfl1iTDOICJZSIETEiVsSKXCKXyC1yizwij4iIiIgTcSKvyCvyiXyigCgg4kW8KCwKCyOMIBHGAICIiqgoJoqJ4qK4KClKCiecSBAJoowoI8qKsqKcuFWUF7eJCqKiaOMqi8qiimjrqoo7RTVRTVQXNURNUUvUErVFbVFH1BF1RV1RT9QT9cUDooHojf3xIXGhMo3FEGwihmJT0UzIi7/BWonh2Fq0EW3FE2IkjsD2opVLFE+LDmIMdhR/E2PxWdFZjMcu4nnRVXQT3cULoodo7XqKXmIy9hZ9xDTsK/qJ/mKAmIk1xHs4J2dN8apIFkPEUPGaWICvi+HiDTFCjBSjxJtitHhLjBFjxTgxXqSICWKieFtMEu+IyWKKmCqmiVQxXcwQ74qZYpaYLd4Tc8T7Yq6YJ+aLBSJNfCAWikUiXXwoFouPRIZYIpaKZWK5WCFWilVitVgj1op1Yr3YIDaKTWKz2CK2im1iu9ghdoqPxS7xidgt9oi94lORKT4T+8TnYr/4QhwQX4os8ZU4KL4Wh8Q34rD4VhwR34mj4pg4Lr4XJ8QP4qQ4JU6LM+Ks+FGcEz+J88ILkCiFlFLJQMbIHDJW5pS55FUytwwu/nSvlXHyOplXXi/zyfyygCwo42UhWVhqaaSVJENZRBaVUXmDLCZvlMVlCVlSlpJOlpYJ8iZZRt4sy8pbZDl5qywvb5MVZEVZSVaWt8sq8g4JkV+OUV3WkDVlLXm3TIJ7ZB15r6wr75P15P2yvnxANpAPyobyIdlIPiwby0dkE/mobCqbyeayhWwpH5Ot5OOytWwj28onZDv5pGwvn5KJ8mnZQfqLT5FnZWf5nOwin5ddZTfZXf4kz0sve8peEnqD7CNfkn1lP9lfDpAD5ctykHxFDpavymQ5RA6Vr8lh8nU5XL4hR8iRcpR8U46Wb8kxcqwcJ8fLFDlBTpRvy0nyHTlZTpFT5TSZKqfL/hdHmi3lP8x/+3fyB/989E1ys9wit8ptcrvcIXfKj+UuuUvulrvlXrlXZspMuU/uk/vlfnlAHpBZMkselAflIXlIHpaH5RF5RB6Vx+QZ+b08IX+QJ+UpeUqekWflWXnu4s8AFCqhpFIqUDEqh4pVOVUudZXKra5WedQ1KqKuVXHqOpVXXa/yqfyqgCqo4lUhVVhpZZRVpEJVRBVVUXUDXnzCqJKqlHKqtEpQN/0r+aqYulEVVyV+lX9pfkl/ML+WqqVqpVqp1qq1aqvaqnaqnWqv2qtElag6qA6qo+qoOqlOqrPqrLqoLqqr6qq6q+6qh+qheqqeKkklqT7qJdVX9VP91QA1UL2sBqlBarAarJJVshqqhqphapgaroarEWqEGqVGqdFqtBqjxqhxapxKUSlqopqoJqlJarKarKaqqSpVpaoZaoaaqWaq2Wq2mqPmqLlqrpqv5qs0laYWqoUqXaWrxWqxylBL1BK1TC1TK9QKtUqtUmvUGrVOrVMb1AaVoTarzWqr2qq2q+1qp9qpdqldarfarfaqvSpTZap9ap/ar/arA+qAylJZ6qA6qA6pQ+qwOqyOqCPqqDqqjqvj6oQ6oU6qk+q0Oq3OqrPqnDqnzqvzFy77AhGIQAUqiAligtggNsgV5ApyB7mDPEGeIBJEgrggLsgbXB/kC/IHBYKCQXxQKCgc6MAENhAXix4NbgiKBTcGxYMSQcmgVOCC0kFCzMXO4JagXHBrUD64LagQVAwqBZWD24MqwR1B1eDOoFpwV1A9qBHUDGoFdwe1g3uCOsG9Qd3gvqBecH9QP3ggaBA8GDQMHgoaBQ8HjYNHgibBo0HToFnQPGgRtAxuDsr+ZeN7fzL/466n7qWTdG/dR7+k++p+ur8eoAfql/Ug/YoerF/VyXqIHqpf08P063q4fkOP0CP1KP2mHq3f0mP0WD1Oj9cpeoKeqN/Wk/Q7erKeoqfqaTpVT9cz9Lt6pp6lZ+v39Bz9vp6r5+n5eoFO0x/ohXqRTtcf6sX6I52hl+ileplerlfolXqVXq3X6LV6nV6vN+iNepPerLforXqb3q536J36Y71Lf6J36z16r/5UZ+rP9D79ud6vv9AH9Jc6S3+lD+qv9SH9jT6sv9VH9Hf6qD6mj+vv9Qn9gz6pT+nT+ow+q3/U5/RP+rz2Fy7uL7y9G2WUiTExJtbEmlwml8ltcps8Jo+JmIiJM3Emr8lr8pl8poApYOJNvClsCpsLyJApYoqYqImaYqaYKW6Km5KmpHHGmQSTYMqYMqasKWvKmXKmvClvKpgKppKpZG43t5s7zB3mTnOnucvcZWqYGqaWqWVqm9qmjqlj6pq6pp6pZ+qb+qaBaWAamoamkWlkGpvGpolpYpqapqa5aW5ampamlWllWpvWpq1pa9qZdqa9aW8STaLpYDqYjqaj6WQ6mc6ms+liupiupqvpbrqbHqaH6Wl6miSTZPqYPqav6Wv6m/5moBloBplBZrAZbJJNshlqhpphZpgZboabEWakGXXhQtW8ZcaYsWacGW9STIqZaCaaSWaSmWwmm6lmqkk1qWaGmWFmmplmtplt5pg5Zq6Za+ab+SbNpJmFZqFJN+lmsVlsMkyGWWqWmuVmuVlpVprVZrVZa9aa9bDebDQbzWaz2Ww1W812s93sNDvNLrPL7Da7zV6z12SaTLPP7DP7zX5zwBwwWSbLHDQHzSFzyBw2h80Rc8QcNUfNcXPcnDAnzElz0pw2p81Zk//i+6U3sTanzWWvsrnt1TaPvcb+z7iALWjjbSFb2Gqbz+b/VWystcVtCVvSlrLOlrYJ9qbfxBVsRVvJVra32yr2Dlv1N3Fte4+tY++1de19tpa9+1dxPXu/rW8fsQ0QAWwz28i2sI3tI7aJfdQ2tc1sc9vCtrNP2vb2KZton7Yd7DO/iRfaRXa1XWPX2nV2t91jT9sz9pD9xp61P9qetpcdaF+2g+wrdrB91SbbIb+JR9k37Wj7lh1jx9pxdvxv4ql2mk210+0M+66daWf9Jk6zH9g5Nt3OtfPsfLvg5/jCnNLth3ax/chm2ACW2mV2uV1hV9pV/3+uy+wGu9FusrvsJ3ar3Wa32x1256ULYbvH7rWf2kz7mT1ov7b77Rf2gD1ss+xXP8cXzu+w/dYesd/Zo/aYPW6/tyfsD+pS9oVz/97+ZM9bb4GQgCQpCiiGclAs5aRcdBXlpqspD11DEbqW4ug6ykvXUz7KTwWoIMVTISpMmgxZIgqpCBWlKN1Al6ZXkkqRo9KUQDdRGbqZytItVI5upfJ0G1WgilSJKtPtVIXuoKp0J1Wju6g61aCaVIvuptp0D9Whe6ku3Uf16H6qTw9QA3qQGtJD1Igepsb0CDWhR6kpNaPm1IJa0mPUih6n1tSG2tIT1I6epPb0FCXS09SBnqGO9DfqRM9SZ3qOutDz1JW6UXd6gXrQi9STelES9aY+9BL1pX7UnwbQQHqZBtErNJhepWQaQkPpNRpGr9NweoNG0EgaRW/SaHqLxtBYGkfjKYUm0ER6mybROzSZptBUmkapNJ1m0Ls0k2bRbHqP5tD7NJfm0XxaQGn0AS2kRZROH9Ji+ogyaAktpWW0nFbQSlpFq2kNraV1tJ420EbaRJtpC22lbbSddtBO+ph20Se0m/bQXvqUMukz2kef0376gg7Ql5RFX9FB+poO0Td0mL71veg7OkrH6Dh9TyfoBzpJp+g0naGz9COdo5/oPHmCEEMRylCFQRgT5ghjw5xhrvCqMHd4dZgnvCaMhNeGceF1Yd7w+jBfmD8sEBYM48NCYeFQhya0IYVhWCQsGkbDG8Ji4Y1h8bBEWDIsFbqwdJgQ3hSWCW8Oy4a3hOXCW8Py4W1hhbBi+Mh9lcPbwyrhHWHV8M6wWnhXWD2sEdYMa4V3h7XDe8I64b1h3fC+sGx4f1g/fCBsED4YNgwfChuFD4eNw0fCJuGjYdOwWdg8bBG2DB8LW4WPh63DNmHb8ImwXfhk2D58KkwMnw47hM/83H//oj/uTwp7h33Cl8KXQu/vlfOjC6Jp0Q+iC6OLounRD6OLox9FM6JLokujy6LLoyuiK6Oroquja6Jro+ui66Mbohujm6Le18oBDp1w0ikXuBiXw8W6nC6Xu8rldle7PO4aF3HXujh3ncvrrnf5XH5XwBV08a6QK+y0M846cqEr4oq6qLvBFXM3uuKuhCvpSjnnSrsE18K1dC1dK/e4a+3auLbuCfeEe9I96Z5yT7mnXQf3jOvo/uY6uWddZ/ece84977q6bq67e8H1cBPy/PKaTHJ9XB/X1/V1/V1/N9ANdIPcIDfYDXbJLtkNdUPdMDfMDXfD3Qg3wo1yo9xoN9qNcWPcODfOpbgUN9FNdJPcJDfZTXZT3VSX6lLdDDfDzXQzXZVZvxxlrpvr5rv5Ls2luYXuwjVjulvsFrsMl+GWuqVuuVvuVrqVbrVb7da6tW69W+82uo1us9vstrqtbrvb7na6nW6X2+V2+2t+GdRlun1un9vv9rsD7kuX5b5yB93X7pD7xh1237oj7jt31B1zx9337oT7wZ10p9xpd8addT+6c+4nd955lxKZEJkYeTsyKfJOZHJkSmRqZFokNTI9MiPybmRmZFZkduS9yJzI+5G5kXmR+ZEFkbTIB5GFkUWR9MiHkcWRjyIZkSWRpZFlkeWRFRHvC20NfRFf1Ef9Db6Yv9EX9yV8SV/KO1/aJ/ibfBl/sy/rb/Hl/K2+vL/NV/AVfSX/qG/qm/nmvoVv6R/zrfzjvrVv49v6J3w7/6Rv75/yif5p38E/4zv6v/lO/lnf2T/nu/jnfVffzXf3L/ge/kXf0/fySb637+Nf8n19P9/fD/AD/ct+kH/FD/av+mQ/xA/1r/lh/nU/3L/hR/iRflTMm370pVtkGO9T/AQ/0b/tJ/l3/GQ/xU/103yqn+5n+Hf9TD/Lz/bv+Tn+fT/Xz/Pz/QKf5j/wC/0in+4/9Iv9Rz7DL7m0qOxX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+m1+u9/hd/qP/S7/id/t9/i9/lOf6T/z+/znfr//wh/wX/os/5U/6L/2h/w3/rD/1h/x3/mj/pg/7r/3J/wP/qQ/5U/7M/6s/9Gf8z/58/ydNcYYY4yxf8qEy03x655flvN7/06O+Lud+wDA1dsKZv19/4UryvX5fmn3E/HtIgDwdK8uD13aqldPSkq6uG+GhKDoPIBLnwRd8POy8cV4CbSFJyER2kCZ351/P9HtLP2D8aO3AuT6u5xYuBxfHv9zAEz6nfEfe2LUwvLh6bj/Zfx5AMWLXs7JCZfjJdD25/WVNlD2D+afv9U/mH/OL1IAWv9dTm64HF+efwI8Ds9A4q/2ZIwxxhhjjDHGftFPVOp06f7z0v/4/L3783h1OScHXI7/0f05Y4wxxhhjjDHGrrxnu3V/6rFL39x7LDGxTaefH/lnGlX/lZ3/9UYT+E+NzI3fbXgPcOkRBQB/ckCACw353zyLLf+VYyVffLX8z67lZ3wA3Ytd/NLjX3fQ2D9fi3+ncaV+IzHGGGOMMcb+Uy5f9P/6cXWlJsQYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjGVD/40/J3alz5ExxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhi70v5fAAAA//8XnvpB")
chdir(&(0x7f0000000140)='./bus/file0/file0\x00')
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)

16.247447067s ago: executing program 4 (id=1564):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000240)={0x1, &(0x7f00000000c0)=[{0x16}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000180)={0x3, &(0x7f0000000000)=[{0x2, 0x0, 0x4}, {0x1, 0x2, 0x0, 0xfffffffc}, {0x0, 0x0, 0x0, 0x1}]})
ioctl$BTRFS_IOC_SCRUB_CANCEL(r0, 0xc0182101, 0x20000000)

15.324283992s ago: executing program 3 (id=1572):
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
setsockopt$RDS_CANCEL_SENT_TO(r0, 0x114, 0x1, 0x0, 0xa00)

14.994350452s ago: executing program 4 (id=1575):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0xffc, 0x3a}, 0x7b)

14.920547298s ago: executing program 3 (id=1576):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000cc0)={{0x14}, [@NFT_MSG_DELCHAIN={0x2c, 0x5, 0xa, 0x401, 0x0, 0x0, {0x2, 0x0, 0x4}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELTABLE={0x14, 0x2, 0xa, 0x101, 0x0, 0x0, {0x2, 0x0, 0xa}}], {0x14}}, 0x68}, 0x1, 0x0, 0x0, 0x4000000}, 0x4004004)

14.529730612s ago: executing program 4 (id=1578):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSSOFTCAR(r0, 0x5453, 0x0)
ioctl$TIOCMBIC(r0, 0x5417, &(0x7f00000004c0))

14.427775764s ago: executing program 3 (id=1579):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)={0x44, r1, 0x207, 0x0, 0x0, {0x4b}, [@DEVLINK_ATTR_RATE_NODE_NAME={0xf, 0xa8, @name2}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x44}}, 0x0)

14.044566557s ago: executing program 4 (id=1581):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)={0x3c, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5}, @ETHTOOL_A_LINKINFO_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKINFO_PHYADDR={0x5, 0x3, 0x28}]}, 0x3c}}, 0x0)

14.034646646s ago: executing program 3 (id=1583):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x103042, 0x0)
pwritev2(r0, 0x0, 0x0, 0xffff, 0x0, 0x0)

13.700530487s ago: executing program 3 (id=1585):
syz_mount_image$hfs(&(0x7f0000000140), &(0x7f0000000880)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x30008c0, &(0x7f00000004c0)={[{}, {@codepage={'codepage', 0x3d, 'iso8859-13'}}, {@iocharset={'iocharset', 0x3d, 'cp852'}}, {}, {@part={'part', 0x3d, 0x5}}]}, 0x11, 0x2b6, &(0x7f0000000200)="$eJzs3U9rE0EYx/HfbNI22lK3tiJ4rBb0Ilov4iUieRGeRG0iFENFrfjnVMWTiN69+xZ8EV4U34CePPkC6mllZifZJLvZTUOTber3Aw2b7D47z2T/zDyBsgLw37rV+Pn52m/7Z6SKKtK7G1IgqSZVJZ3R2dqznd3t3Xarmbejiouwf0ZxpElts7XTygq1cS7CC+27qpZ6P8NkRFF081fZSaB07urPEEgL/up062tTzyzf6zHj9g45j1lj9rWvF1ouOw8AQLn8+B/4cX7Jz9+DQNrww/6RHP/HtV92AhMX5a7tGf9dlRUZe3xPuVVJvedKOLs+6FSJo7Q8N/B+XvGZ1TfBNEVVpcslOPFgu926vPWo3Qz0RnWvZ7M199qMT92OgmzXM2rTHCP03WTPKBddH+ZsHzbj/J9L6st/dcwWx2a+mu/mjgn1Sc3u/K8aGXuY3JEKB45UnP+V4Xt0vQztVvK3jXq9HvRtsuIaOedb8Ap6WcuuSNQ5o1bU/wNBWJSnizo9EBX37mpB1Gpm1Gbn3ZCotb4o25vu2Ty8vUkzH8xts64/+qJGz/w/sPltKPfKTK4asxEPBe4bj/szn91c1e0zTI0c6cul+y0uDEv9b/49DQfwXvd1XctPX756WGm3W0/swr2MhcdL3U/m3kqZ25S8oL3kkwVFTmrjzqA0zcQuHeoO7f2jcGN7lR2Jg3KsFxrfpnsilbFQ8v0JU5Ec9LIzQUnsvMvE9V9Sr1TjyZ59CTPn6SP+EOD3GNk5dreCS2KjeEYu6eSBKrjF4RVcuuZK1Yyu5jp/Uboweouhz/OYMA390F1+/wcAAAAAAAAAAAAAAAAAAJg10/h3grL7CAAAAAAAAAAAAAAAAAAAAADArOs+/1ed5/9qtOf/Dj6K5TCf//txRzz/F5i8fwEAAP//FZd8vg==")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r0, 0x0, 0x0)

13.35240701s ago: executing program 1 (id=1586):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000680)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="0000000000000000002aac0000000000", 0x10)

13.308227581s ago: executing program 3 (id=1587):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)={0x4c, r1, 0x1, 0x2, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_OURS={0x20, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x1c, 0x3, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'ethtool\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xa}]}]}]}]}, 0x4c}}, 0x0)

13.145774111s ago: executing program 5 (id=1588):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x30, r1, 0x1, 0x0, 0x0, {{}, {}, {0xfffffffffffffdfe, 0x19, {0xfffffffe, 0x0, 0x4, 0xc1}}}}, 0x30}}, 0x0)

12.992277112s ago: executing program 1 (id=1589):
r0 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000080)={0x40, 0x4, 0x3}, 0x10)

12.752690831s ago: executing program 5 (id=1590):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x16, 0x0, 0x4, 0xffff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0xd, 0x5a87, 0x4, 0x3, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x4942639aae3aa2ea}, 0x38)

12.570526365s ago: executing program 1 (id=1592):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$WG_CMD_GET_DEVICE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000500)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="01030000"], 0x14}}, 0x0)

12.256569962s ago: executing program 5 (id=1593):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000180), r0)
sendmsg$NFC_CMD_SE_IO(r0, &(0x7f0000002100)={0x0, 0x0, &(0x7f00000020c0)={&(0x7f00000001c0)={0x14, r1, 0x401}, 0x14}}, 0x0)

12.140506716s ago: executing program 1 (id=1594):
r0 = syz_create_resource$binfmt(&(0x7f0000000000)='./file0\x00')
openat$binfmt(0xffffff9c, r0, 0x41, 0x1ff)
execve(&(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000300)={[0xfffffffffffffffe, &(0x7f0000000180)='.[\\=!}\x00']})

11.889172685s ago: executing program 5 (id=1595):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file0\x00', 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="6163746976655f6c6f67733d342c6e6f646973636172642c616c6c6f635f6d6f64653d64656661756c742c6163746976655f6c6f67733d362c6e6f666c7573685f6d657267652c64697361626c655f726f6c6c5f666f72776172642c696e6c696e655f646174612c6673796e635f6d6f64653d706f7369782c686561702c6e6f696e6c696e655f646174612c6e6f657874656e745f63616368652c6d6f64653d61646170746976652c6a71666d743d7666736f6c642c757365725f78617474722c00779cd4f02894cf964d909c186aac251e773b07a2a2349d810b3ec41107242d9e37b999afd91d5fe52bdddd57868a70f0b28523203ce742ef793e984a3e5c4fb9fa37eec6c48714f05711f8f7206ba61dcb3d975e8b544ca8aae49633e3cf0d015e32276cf811c1900db5f8e56ba59a7ec100"/320], 0x1, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
readahead(r0, 0x0, 0xffff381e0080ffff)

11.772528285s ago: executing program 1 (id=1596):
mknod(&(0x7f0000000080)='./bus\x00', 0x1000, 0x0)
r0 = open(&(0x7f00000002c0)='./bus\x00', 0x60102, 0x0)
poll(&(0x7f0000000200)=[{r0}], 0x1, 0xb43)

10.690625968s ago: executing program 1 (id=1600):
r0 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, 0x0, 0x0)
setsockopt$MRT6_FLUSH(r0, 0x29, 0xd4, &(0x7f0000000000)=0x4, 0x4)

9.790518649s ago: executing program 5 (id=1602):
r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)={0x1c, r0, 0x303, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x1c}}, 0x0)

8.556523898s ago: executing program 2 (id=1604):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000980)={0x802}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000009c0)=ANY=[@ANYBLOB="4c1200005200010000000000000000000a000000351203"], 0x124c}}, 0x0)

8.460798382s ago: executing program 2 (id=1605):
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
syz_emit_ethernet(0x5e, &(0x7f0000000540)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x28, 0x3a, 0xff, @empty, @mcast2, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @rand_addr=' \x01\x00', @dev}}}}}}, 0x0)

8.212575105s ago: executing program 2 (id=1606):
syz_mount_image$jfs(&(0x7f0000005d00), &(0x7f0000005d40)='./file0\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="00f3a8929fc27e9dcd22d51bc8178a85fe247e5d60c9724dd81995e63092466cbd720fb20cc28881"], 0x1, 0x5d17, &(0x7f000000bac0)="$eJzs3U1vHVcZB/Dnvvj6pbSNKlSFiEWaQmkpzXsC5a0pCxawAAllTSLXrQIpoMQgWlnElReIFV8BNt2w6FfgA/QzID4AkWxWXVAGjX1OMh5f5zokvnPt8/tJzswz547vmfw9nns9M/cEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/+uHPLvQi4sbv0oITEV+IQUQ/YrGuT0c9cy0/fhgRJ2O7OV6MiMF8RL3+9j/PR1yOiE+fi9jcWluuF188YD+unF+98/mPf/CPP/554+Qv3vn5x+32n37x0id/uhdx4idvfvL5vaez7QAAAFCKqqqqXnqbfyq9v+933SkAYCry8b9K8nK1Wq1Wq9XHr26qxrvXLCJivblO/ZrB6XgAOGLW47Ouu0CH5F+0YUQ803UngJnW67oDHIrNrbXlXsq31zwenN5pz9eC7Mp/vffg/o79ppO0rzGZ1s/XRgzihX36szilPsySnH+/nf+NnfZRetxh5z8t++U/2rn1qTg5/0E7/5bjk39/bP6lyvkPHyv/gfwBAAAAAGCG5b//n+j4/O/8k2/KgTzq/O/pKfUBAAAAAAAAAJ62Jx3/7wHj/wEAAMDMqt+r1/7y3MNl+30WW738ei/i2dbjgcKkm2WWuu4HAAAAAAAAAAAAAJRkuHMN7/VexFxEPLu0VFVV/dXUrh/Xk65/1JW+/VCyrn/JAwDAjk+fa93L34tYiIjr6bP+5paWlqpqYXGpWqoW5/Pr2dH8QrXYeF+bp/Wy+dEBXhAPR1X9zRYa6zVNer88qb39/ernGlWDA3RsOjoMHAAiYudotOmIdMxU1fPR9ascjgb7//Fj/+cguv45BQAAAA5fVVVVL32c96l0zr/fdacAgKnIx//2eQG1Wq1Wq9XHr26qxrvXLCJivblO/ZrBcPwAcMSsx2ddd4EOyb9ow4g42XUngJnW67oDHIrNrbXlXsq31zwepPHd87Ugu/Jf722vl9cfN52kfY3JtH6+NmIQL+zTnxen1IdZkvPvt/O/sdM+So877PynZb/86+080UF/upbzH7Tzbzk++ffH5l+qnP/wsfIfyB8AAAAAAGZY/vv/Ced/8yYDAAAAAAAAwJGzubW2nO97zef/vzzmce7/PJ5y/j35Fynn32/n37ogZ9CYv//2w/z/vbW2/PHqv76UpzOf/9xgVD/3XK8/GKZrfqq5d+NW3I6VOL/n8cNd7Rf2tM/tar84of3SnvZR3b6Y28/Gcvw6bsc7D9rnJ1wYtTChvZrQnvMf2P+LlPMfNr7q/JdSe681rd3/qL9nv29Oxz3Ptb/955W9e9f0bcTgwbY11dt3poP+bP+fPDOK395duXP29zdXV+9ciDTZtfRipMlTlvOfS185/1df3mnPv/eb++v9j0aPnf+s2Ijhvvm/3Jivt/e1KfetCzn/UfrK+ecj0Pj9/yjnv//+/3oH/QEAAAAAAAAAAAAAAIBHqapq+xbRaxFxNd3/09W9mQDAdOXjf5Xk5Wq1Wq1Wq49f3VSN91aziIi/N9epXzP8Ydw3AwBm2X8j4p9dd4LOyL9g+fP+6ulXuu4MMFV3P/jwlzdv3165c7frngAAAAAAAAAA/688/ufpxvjP29cBtcaN3jX+69tx+siO/9kfDbbHOk8b9FI8evzvM/Ho8b+HE55vbkL7aEL7/IT2hQntY2/0aMj5v5QyzvmfShtW0vivr3bQn67l/M+ksZ5z/l9rPa6Zf/XXo5x/f1f+51bf/825ux98+Mat92++t/Leyq8unL96+dKVy5euXDn37q3bK+d3/u2wx4cr55/HvnYdaFly/jlz+Zcl5//VVMu/LDn/V1It/7Lk/PPrPfmXJeef3/vIvyw5/9dSLf+y5Py/nmr5lyXn/3qq5V+WnP83Ui3/suT830i1/MuS8z+bavmXJed/LtXyL0vOP5/hkn9Zcv75ygb5lyXnfzHV8i9Lzv9SquVflpz/5VTLvyw5/yupln9Zcv5XUy3/suT8v5lq+Zcl5/+tVMu/LDn/N1Mt/7Lk/L+davmXJef/nVTLvyw5/++mWv5lyfl/L9XyL0vO//upln9Zcv5vpVr+ZXn4+f9mzJgxk2e6/s0EAAAAAAAAAAAAALRN43LirrcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB/7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKe/cWI1d93wH87M1eGwJuuBMHbHMzsLC7voFDDCYJKSW9UBLSpiU1jr02Tnyrd81NqGwKbYmCVKT2gT40TaI0itRWoCpSU4lGSI3UvjVPjXiJWikPfoDKQUmlVIGtzsz///fM7HrOGnvwzPl/PpH9886cM/OfM2dm97vRdwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABotf7jM382VBRF+afx15qiuLD896piZ/nl/LbzvUIAAADgbL3T+PvvL04X7FzGTi3b/Ns1//HdhYWFheILb5949y8WFtIV64piZGVRNK6L/v0XP19o3SZ4rhgfGm75erji7kcqrh+tuH6s4voVFdevrLh+vOL6RQdgkVXN38c0buz6xj/XNA9pcWkx1rju+iX2em5o5fBw/F1Ow1Bjn4WxfcWB4mAxU0wt2meo8b+ieG19eV/3F/G+hlvua21RFCd/+syeuIahcIyvL9rurKH1uXvr3mLd2z99Zs+35968aqlZeRgWrbQoNm4o1/l8UZz6dVUxVKxMxySuc7hlnWuXWOdI2zqHGvuV/+5c58llrjM+7vGwzh92WefacNmT1xVFMV+cdptOzxXDxeqOe03He7x5RpS3UT6VHyxGz+g8Wb+M86Tc5yfXtZ8nnedkPP7rwzEZPc0aWp+Ot768YtFxf6/nSfmo++FcLW/7wfJOx8dbf7Xadq6W2zxzw+nPgSWfuyXOgXQut5wDG6rOgeEVI41zYPjUmje0nQPTi/YZLoYa93Xihu7nwOTcoaOTs089fduBQ7v3z+yfOTw9tW3L5q1bNm/dOrnvwMGZqebfZ3ZIB8jqYjidgxvCe008B2/q2Lb1lFz4xrl7HYz3yeugfOyfubFc0IXDxWnO8XKb5zee/esgfd9veR2MtrwOlnxPXeJ1MLqM10G5zcmNy/ueOdryZ6k19Oq9cE3LOXA+vx+W9/nIzad/L1wb1vXCLWf6/XBk0TkQH9ZQeO2Vl6Sf98bvDMdl8XlxdXnFBSuK47Mzx25/cvfc3LHpIoz3xSUtz1Xn+bK65TEVi86X4TM+X3b+3S9vvHqJy9eEYzV+a/fnqtxmy0T356rx7r708Wy7dFMRxjn2fh/Ppb6blcczZYkux7Pc5vnbzv5nwZRLWt7/xqre/0bGRpvvfyPpaIy1vf8tfmpGGisripO3Le/9byz8eb/f/y7tk/e/8lg9cnv3c6Dc5oXJMz0HRru+/10X5lBYz80hMYy35P53G9fPN0/Tluey8rwZHR0L581ovMf282bzon3KWyvve+PUeztvNl7X/ly1/dxSw/OmPFZ/OdX9vCm3eX367N87VsV/trx3rKg6B8ZGVpTrHUsnQfP9bmFVPAduL/YUR4qDxd60T/ksl/c1sWl558CK8Of9fu+4sk/OgfJYvbyp+zlQbvODzef2Z6eN4ZK0TcvPTp2/Xzhd5r969NTtdR62c535y3V+Ykv33w2V27y55UxzRvfjdGu45IIljlPn6+d05/Te4v05TleGdR7c2v13U+U2l25b5vm0syiKN6bfaPy+K/x+9x+P/+d3237vu9TvlN+YfuOByYd+dCbrBwDgvXu38ff8iubPmi3/j/Vy/v9/AAAAYCDE3D8cZiL/AwAAQG3E3D8SZiL/AwAAQG3E3D8aZpJJ/n/szu2vvPNskT4NcCGI18fD8ODdze1ix3s+fL1u4ZTy8o99a+yVrzy7vPseLorilw98aMntH7s7rqvpaFznR9ovX+TKa5d1/48+fGq71s9POLm9efvx8Sz3NIhd5dcmNzVud91T0435+gNFYz40/8Jzzdtvfh23P7G5uf1fhw8t2blvqG3/jWE914e5LnymzIM7Tx2Hcsb9Xll7zb9e8tlT9xf3G9pwUeNhvvxHzduNnxH10iXN7ePjPt36/+Wr33ml3P7JG5Ze/7PDS6//RLjdn4T5ix3N7VuP+Vda1v8nYf3x/uJ+t3/z+0uu/9Urmtu/Gs6Lr4fZuf57//zD7yz1fMX72XlXc794/1P/u6WxX7y9ePud6x9/drrteHTe/utvN29nx+M/G2ndPl4e7yd69K7283soPL9tPfKiKL7zp0XbcS4+2tzvnzvWH2/v6F1Lr//WjnUeHbq2sf+px7Om7XF97W83Lfl443p2/sOatsfz0n3h+L09+YPydk88FM7HcP3//bB5e52fZfrqfe3vN3H7r69pvm7j7U12rP+ljvXPX1seu+r13/92c/2v3rOybf07PxnOp/ubs2r9+//m4rb9v/Ht5vNx7ImJw0dmjx/Y23JUW1/HK8dXrb7gwg9cdHF4L+38eteRucdmjq2bWjdVFOsG8CMDe73+b4b5P80xf+7voelHP2uedy9+qvl966afN79+KVz+aHg+4/fHr/3VWNv52vm8z9/TnGe7/lvCOpbriq/+97XL2vDE5187/k9//GbnzwXx8Ry9bLzx+F5ef3njuqHXm9d3vl9V+a/L2l/XPx6daszvheO6ED6ZecPlzfvrvP342SQvfrr5+o0/ycX9i47PE1kz0v44znb9Pw4/x3z/yvb3v3h+fO/Zjk9zXlMMlUuYD+8PxXzz+rhVPN4vnrx8yfuLn8NTzF91Jss8rdmnZicPHjh8/MnJuZnZucnZp57edejI8cNzuxqfXbrri1X7n3p9r268vvfObNtSNF7tR5qjx873+o8+vGfvHVM37p3Zt/v4vrmHj84c279ndnbPzN7ZG3fv2zfzRNX+B/bumN60ffMdmyb2H9i7487t2zdvnzhw+Ei5jOaiKmyb+tLE4WO7GrvM7tiyfXrr1i1TE4eO7J3ZccfU1MTxqv0b35smyr0fnzg2c3D33IFDMxOzB56e2TG9fdu2TZWf/njo6L7ZdZPHjh+ePD47c2yy+VjWzTUuLr/3Ve1PHmaPhPe7DkPhp/PP3botfT5u6VtfPu1NNTdp//G0eCt8FlT8/lb1dcz9Y2EmmeR/AAAAyEHM/eGD/09dIf8DAABAbcTcvzLMRP4HAACA2oi5fzzMJJP8r/+v/6//r/+v/6//30v6//r/3ej/6/8P8vr1//X/qdZv/f+Y+1cVRZb5HwAAAHIQc//qMBP5HwAAAGoj5v4LwkzkfwAAAKiNmPsvDDPJJP/r/+v/6//r/+v/6//3kv6//n83+v/6/4O8fv1//X+q9Vv/P+b+D4SZZJL/AQAAIAcx918UZiL/AwAAQG3E3H9xmIn8DwAAALURc/+aMJNM8r/+v/6//r/+v/6//n8v6f/r/3ej/6//P8jr1//X/6dav/X/Y+7/lTCTTPI/AAAA5CDm/g+Gmcj/AAAAUBsx918SZiL/AwAAQG3E3H9pmEkm+V//X/9f/1//X/9f/7+X9P/1/7vR/9f/H+T16//r/1Ot3/r/MfdfFmaSSf4HAACAHMTcf3mYifwPAAAAtRFz/xVhJvI/AAAA1EbM/VeGmWSS//X/9f/1//X/9f/1/3tJ/1//vxv9f/3/QV6//r/+P9X6rf8fc/9VYSaZ5H8AAADIQcz9V4eZyP8AAABQGzH3fyjMRP4HAACA2oi5f22YSSb5X/9f/1//X/9f/1//v5f0//X/u9H/1/8f5PXr/+v/U63f+v8x9384zCST/A8AAAA5iLn/mjAT+R8AAABqI+b+a8NM5H8AAACojZj714WZZJL/9f/1//X/9f/1//X/e0n/X/+/G/1//f9BXr/+v/4/1fqt/x9z//owk0zyPwAAAOQg5v4NYSbyPwAAANRGzP3XhZnI/wAAAFAbMfdfH2aSSf7X/9f/1//X/9f/1//vJf1//f9u9P/1/wd5/fr/+v9U67f+f8z9N4SZZJL/AQAAIAcx998YZiL/AwAAQG3E3H9TmIn8DwAAALURc//GMJNM8r/+v/6//r/+v/6//n8v6f/r/3ej/6//P8jr1//X/6dav/X/Y+6/Ocwkk/wPAAAAOYi5/5YwE/kfAAAAaiPm/lvDTOR/AAAAqI2Y+yfCTDLJ//r/+v/6//r/+v/6/72k/6//343+v/7/IK9f/1//n2r91v+Puf+2MJNM8j8AAADkIOb+28NM5H8AAACojZj7J8NM5H8AAACojZj7p8JMMsn/+v/6//r/+v/6//r/vaT/r//fjf6//v8gr1//X/+fav3W/4+5fzrMJJP8DwAAADmIuX9TmIn8DwAAALURc//mMBP5HwAAAGoj5v4tYSaZ5H/9f/1//X/9f/1//f9e0v/X/+9G/1//f5DXr/+v/0+1fuv/x9y/Ncwkk/wPAAAAOYi5f1uYifwPAAAAtRFz/x1hJvI/AAAA1EbM/XeGmWSS//X/9f/1//X/9f/1/3tJ/1//vxv9f/3/QV6//r/+P9X6rf8fc//2MJNM8j8AAADkIOb+j4SZyP8AAABQGzH33xVmIv8DAABAbcTc/9Ewk0zyv/6//r/+v/6//r/+fy+d7/7/+Dm6H/3/Jv3/dvr/+v/6//r/dNdv/f+Y+3eEmWSS/wEAACAHMfffHWYi/wMAAEBtxNx/T5iJ/A8AAAC1EXP/zjCTTPK//r/+v/6//r/+v/5/L53v/v+5ov/fpP/fTv9f/1//X/+f7vqt/x9z/71hJpnkfwAAAMhBzP0fCzOR/wEAAKA2Yu7/eJiJ/A8AAAC1EXP/J8JMMsn/+v/6//r/+v/6//r/vaT/r//fjf6//v8gr1//X/+fav3W/4+5/74wk0zyPwAAAOQg5v5PhpnI/wAAAFAbMff/apiJ/A8AAAC1EXP//WEmmeR//X/9f/1//X/9f/3/XtL/1//vRv9f/3+Q16//r/9PtX7r/8fc/2thJpnkfwAAAMhBzP0PhJnI/wAAAFAbMfd/KsxE/gcAAIDaiLn/18NMMsn/+v/6//r/+v/6//r/vaT/r//fjf6//v8gr1//X/+fav3W/4+5/zfCTDLJ/wAAAJCDmPt/M8xE/gcAAIDaiLn/t8JM5H8AAACojZj7HwwzyST/6//r/+v/6//r/+v/95L+v/5/N/r/+v+DvH79f/1/qvVb/z/m/t8OM8kk/wMAAEAOYu5/KMxE/gcAAIDaiLn/02Em8j8AAADURsz9nwkzyST/6//r/+v/6//r/+v/95L+v/5/N/r/+v+DvH79f/1/qvVb/z/m/ofDTDLJ/wAAAJCDmPs/G2Yi/wMAAEBtxNz/O2Em8j8AAADURsz9vxtmkkn+1//X/9f/1//X/9f/7yX9f/3/bvT/9f8Hef36//r/VOu3/n/M/Z8LM8kk/wMAAEAOYu7/vTAT+R8AAABqI+b+3w8zkf8BAACgNmLufyTMJJP8r/+v/6//r/+v/6//30v6//r/3ej/6/8P8vr1//X/qdZv/f+Y+z8fZpJJ/gcAAIAcxNz/B2Em8j8AAADURsz9u8JM5H8AAACojZj7Hw0zyST/6//r/+v/6//r/+v/95L+v/5/N/r/+v+DvH79f/1/qvVb/z/m/t1hJpnkfwAAAMhBzP1fCDOR/wEAAKA2Yu7fE2Yi/wMAAEBtxNy/N8wkk/yv/6//r/+v/6//r//fS/r/+v/d6P/r/w/y+vX/9f+p1m/9/5j7Z8JMMsn/AAAAkIOY+/eFmcj/AAAAUBsx9+8PM5H/AQAAoDZi7n8szCST/K//r/+v/6//r/+v/99L+v/6/93o/+v/D/L69f/1/6nWb/3/mPsPhJlkkv8BAAAgBzH3fzHMRP4HAACA2oi5/0thJvI/AAAA1EbM/QfDTDLJ/2fQ/19R6P+flv7/0uvX/9f/1//X/9f/1//vRv9f/3+Q16//r/9PtX7r/8fcfyjMJJP8DwAAADmIuf9wmIn8DwAAALURc/+RMBP5HwAAAGoj5v6jYSaZ5H///X/9f/1//X/9f/3/XtL/1//vRv9f/3+Q16//r/9PtX7r/8fc/4dhJpnkfwAAAMhBzP3HwkzkfwAAAKiNmPtnw0zkfwAAAKiNmPvnwkwyyf/6//r/+v/Z9P/TG5z+fzv9/97S/9f/70b/X/9/kNev/6//T7V+6//H3H88zCST/A8AAAA5iLn/8TAT+R8AAABqI+b+J8JM5H8AAACojZj7nwwzyST/6//r/+v/Z9P/99//1/8/L/T/9f+70f/X/x/k9ev/6/9Trd/6/zH3PxVmkkn+BwAAgBzE3P90mIn8DwD8P3t3zQPAkcNxtL7PfMzMzMzMzMzMzHdh5iJFbKeItFutMmO/17idaqV/8dMCAG3k7n9i3GL/AwAAQBu5+58UtwzZ//p//b/+X/+v/9f/X0n/r/8/ov/X/+/8fv2//p9zq/X/ufufHLcM2f8AAAAwQe7+p8Qt9j8AAAC0kbv/qXGL/Q8AAABt5O5/WtwyZP/r//X/+n/9v/5f/38l/b/+/4j+X/+/8/v1//p/zq3W/+fuf3rcMmT/AwAAwAS5+58Rt9j/AAAA0Ebu/mfGLfY/AAAAtJG7/1lxy5D9r//X/+v/9f/6f/3/lfT/+v8j+n/9/87v1//r/zm3Wv+fu//ZccuQ/Q8AAAAT5O5/Ttxi/wMAAEAbufufG7fY/wAAANBG7v7nxS1D9r/+X/+v/9f/6//1/1fS/+v/H/1qP5b+X/+/8/v1//p/zq3W/+fuf37cMmT/AwAAwAS5+18Qt9j/AAAA0Ebu/hfGLfY/AAAAtJG7/0Vxy5D9r//X/+v/9f/6f/3/lfT/+v8j+n/9/87vf9z6/yc8cvT/7GC1/j93/4vjliH7HwAAACbI3f+SuMX+BwAAgDZy9780brH/AQAAoI3c/S+LW4bsf/2//l//r//X/+v/r6T/1/8f0f/r/3d+v///6/85t1r/n7v/5XHLkP0PAAAAE+Tuf0XcYv8DAABAG7n7Xxm32P8AAADQRu7+V8UtQ/a//l//r//X/+v/9f9X0v/r/4/o//X/O79f/6//59xq/X/u/lfHLUP2PwAAAEyQu/81cYv9DwAAAG3k7n9t3GL/AwAAQBu5+18XtwzZ//p//b/+X/+v/9f/X0n/r/8/ov/X/+/8fv2//p9zq/X/uftfH7cM2f8AAAAwQe7+N8Qt9j8AAAC0kbv/jXGL/Q8AAABt5O5/U9wyZP/r//X/+n/9v/5f/38l/b/+/4j+X/+/8/v1//p/zq3W/+fuf3PcMmT/AwAAwAS5+98St9j/AAAA0Ebu/rfGLfY/AAAAtJG7/21xy5D9r//X/+v/9f/6f/3/lfT/+v8j+n/9/87v1//r/zm3Wv+fu//tccuQ/Q8AAAAT5O5/R9xi/wMAAEAbufvfGbfY/wAAANBG7v53xS1D9r/+X/+v/9f/6//1/1fS/+v/j+j/9f87v1//r//n3Gr9f+7+d8ctQ/Y/AAAATJC7/z1xi/0PAAAAbeTuf2/cYv8DAABAG7n73xe3DNn/+n/9v/5f/6//1/9fSf+v/z+i/9f/7/x+/b/+n3Or9f+5+98ftwzZ/wAAADBB7v4PxC32PwAAALSRu/+DcYv9DwAAAG3k7v9Q3DJk/+v/9f/6f/2//l//fyX9v/7/iP5f/7/z+/X/+n/Ordb/5+7/cNwyZP8DAADABLn7PxK32P8AAADQRu7+j8Yt9j8AAAC0kbv/Y3HLkP2v/9f/6//1//p//f+V9P/6/yP6f/3/zu/X/+v/Obda/5+7/+Nxy5D9DwAAABPk7v9E3GL/AwAAQBu5+z8Zt9j/AAAA0Ebu/k/FLUP2v/5f/6//1//r//X/V9L/6/+P6P/1/zu/X/+v/+fcav1/7v5Pxy1D9j8AAABMkLv/M3GL/Q8AAABt5O7/bNxi/wMAAEAbufs/F7cM2f/6f/2//l//r//X/19J/6//P6L/1//v/H79v/6fc6v1/7n7Px+3DNn/AAAAMEHu/i/ELfY/AAAAtJG7/4txi/0PAAAAbeTu/1LcMmT/6//1//p//b/+X/9/Jf2//v+I/l//v/P79f/6f86t1v/n7v9y3DJk/wMAAMAEufu/ErfY/wAAANBG7v6vxi32PwAAALSRu/9rccuQ/a//1//r//X/+n/9/5X0//r/I/p//f/O79f/6/85t1r/n7v/63HLkP0PAAAAE+Tu/0bcYv8DAABAG7n7vxm32P8AAADQRu7+b8UtQ/a//l//r//X/+v/9f9X0v/r/4/o//X/O79f/6//59xq/X/u/m/HLUP2PwAAAEyQu/87cYv9DwAAAG3k7v9u3GL/AwAAQBu5+78XtwzZ//p//b/+X/+v/9f/X0n/r/8/ov/X/+/8fv2//p9zq/X/ufu/H7cM2f8AAAAwQe7+H8Qt9j8AAAC0kbv/h3GL/Q8AAABt5O7/UdwyZP/r//X/+n/9v/5f/38l/b/+/4j+X/+/8/v1//p/zq3W/+fu/3HcMmT/AwAAwAS5+38St9j/AAAA0Ebu/p/GLfY/AAAAtJG7/2dxy5D9r//X/+v/9f/6f/3/lfT/+v8j+n/9/87v1//r/zm3Wv+fu//nccuQ/Q8AAAAT5O7/Rdxi/wMAAEAbuft/GbfY/wAAANBG7v5fxS1D9r/+X/+v/9f/6//1/1fS/+v/j+j/9f87v1//r//n3Gr9f+7+X8ctQ/Y/AAAATJC7/zdxi/0PAAAAbeTu/23cYv8DAABAG7n7fxe3DNn/+n/9v/5f/6//1/9fSf+v/z+i/9f/7/x+/b/+n3Or9f+5+38ftwzZ/wAAADBB7v4/xC32PwAAALSRu/+PcYv9DwAAAG3k7v9T3DJk/+v/9f/6f/2//l//fyX9v/7/iP5f/7/z+/X/+n/Ordb/5+7/c9wyZP8DAADABLn7/xK32P8AAADQRu7+v8Yt9j8AAAC0kbv/b3HLkP2v/9f/6//1//p//f+V9P/6/yP6f/3/zu/X/+v/Obda/5+7/+9xy5D9DwAAABPk7v9H3GL/AwAAQBu5+/8Zt9j/AAAA0Ebu/n/FLUP2v/5f/6//1//r//X/V9L/6/+P6P/1/zu/X/+v/+fcav1/7v5/xy1D9j8AAABMkLv/P3GL/Q8AAABt5O7/b9xi/wMAAEAbufv/F7cM2f/6f/2//l//r//X/19J/6//P6L/1//v/H79v/6fc6v1/7n7/x+3DNn/AAAAMEHu/hviFvsfAAAA2sjdf2PcYv8DAABAG7n7b4pbhux//b/+X/+v/9f/6/+vpP/X/x/R/+v/d36//l//z7nV+v/c/TfHLUP2PwAAAEyQu/+WuMX+BwAAgDZy998at9j/AAAA0Ebu/tviliH7X/+v/9f/6//1//r/K+n/9f9H9P/6/53fr//X/3Nutf4/d//tccuQ/Q8AAAAT5O6/I26x/wEAAKCN3P13xi32PwAAALSRu/+uuGXI/tf/6//1//p//b/+/0r6f/3/Ef2//n/n9+v/9f+cW63/z91/d9wyZP8DAADABLn774lb7H8AAABoI3f/vXGL/Q8AAABt5O6/L24Zsv/1//p//b/+X/+v/7+S/l//f0T/r//f+f36f/0/51br/3P33x+3DNn/AAAAMEHu/gfiFvsfAAAA2sjd/2DcYv8DAABAG7n7H4pbhux//b/+X/+v/9f/6/+vpP/X/x/R/+v/d36//l//z7nV+v/c/Q8HAAD//1hEP40=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)

7.444493478s ago: executing program 2 (id=1607):
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
ioctl$SNDCTL_DSP_RESET(r0, 0x5000, 0x0)

4.109698346s ago: executing program 2 (id=1609):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x441, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)

3.941929205s ago: executing program 2 (id=1610):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x1)
ioctl$TCSETS(r0, 0x89f0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, "bb5dff00"})

0s ago: executing program 5 (id=1614):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000300)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x1}, @val={0x8}, @val={0xc, 0x99, {0x0, 0x1f}}}}}, 0x30}}, 0x20000000)

kernel console output (not intermixed with test programs):

 needed: Please wait.
[  138.943525][ T7183] XFS (loop2): Quotacheck: Done.
[  139.007270][ T5300] usb 2-1: unable to get BOS descriptor or descriptor too short
[  139.020579][ T5300] usb 2-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  139.026928][ T7238] netlink: 76 bytes leftover after parsing attributes in process `syz.4.703'.
[  139.059564][ T5300] usb 2-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  139.117325][ T5300] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  139.145863][ T5300] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  139.178976][ T5300] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  139.201161][ T5300] usb 2-1: Product: syz
[  139.209137][ T5239] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  139.225857][ T5300] usb 2-1: Manufacturer: syz
[  139.258952][ T5300] usb 2-1: SerialNumber: syz
[  139.503623][   T47] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  139.772804][   T47] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  139.794750][   T47] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  139.836282][   T47] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  139.879305][   T47] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  139.978014][   T47] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  140.001327][ T5300] usb 2-1: 0:2 : does not exist
[  140.031182][ T5300] usb 2-1: USB disconnect, device number 9
[  140.038463][   T47] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.073861][ T7264] fuse: Bad value for 'user_id'
[  140.085236][ T7254] loop5: detected capacity change from 0 to 32768
[  140.099815][   T47] usb 5-1: config 0 descriptor??
[  140.111157][ T7264] fuse: Bad value for 'user_id'
[  140.151080][ T5398] udevd[5398]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  140.190954][ T7254] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  140.402350][ T7254] XFS (loop5): Ending clean mount
[  140.416047][ T7254] XFS (loop5): Quotacheck needed: Please wait.
[  140.498411][ T7254] XFS (loop5): Quotacheck: Done.
[  140.643717][   T47] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0
[  140.652158][   T47] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0
[  140.660561][   T47] plantronics 0003:047F:FFFF.0014: unbalanced collection at end of report description
[  140.670859][   T47] plantronics 0003:047F:FFFF.0014: parse failed
[  140.677595][   T47] plantronics 0003:047F:FFFF.0014: probe with driver plantronics failed with error -22
[  140.792939][ T5294] usb 5-1: USB disconnect, device number 10
[  140.819622][ T7283] netlink: 168 bytes leftover after parsing attributes in process `syz.0.722'.
[  140.823207][ T5244] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  140.909453][ T7289] netlink: 'syz.3.724': attribute type 2 has an invalid length.
[  141.252123][ T7299] loop2: detected capacity change from 0 to 256
[  141.319106][   T47] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  141.336166][ T7303] loop5: detected capacity change from 0 to 256
[  141.359161][ T5359] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  141.549474][   T47] usb 1-1: New USB device found, idVendor=1d50, idProduct=6089, bcdDevice=d0.1d
[  141.558685][   T47] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.568469][ T5359] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  141.598199][ T5359] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.613991][   T47] usb 1-1: config 0 descriptor??
[  141.737664][ T5359] usb 2-1: config 0 descriptor??
[  141.745158][ T7319] loop3: detected capacity change from 0 to 22
[  141.754615][ T7314] loop4: detected capacity change from 0 to 256
[  141.765720][ T5359] cp210x 2-1:0.0: cp210x converter detected
[  141.780931][ T7319] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  141.800967][ T7319] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  141.803968][ T7314] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  142.158749][   T47] hackrf 1-1:0.0: Board ID: 00
[  142.163963][   T47] hackrf 1-1:0.0: Firmware version: 
[  142.204535][   T47] hackrf 1-1:0.0: Registered as swradio16
[  142.216574][   T47] hackrf 1-1:0.0: Registered as swradio17
[  142.223200][   T47] hackrf 1-1:0.0: SDR API is still slightly experimental and functionality changes may follow
[  142.250417][ T5359] usb 2-1: cp210x converter now attached to ttyUSB0
[  142.309820][  T932] usb 1-1: USB disconnect, device number 7
[  142.452268][ T7341] loop3: detected capacity change from 0 to 64
[  142.493848][ T5300] usb 2-1: USB disconnect, device number 10
[  142.515559][ T5300] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  142.622352][ T5300] cp210x 2-1:0.0: device disconnected
[  142.718749][ T7347] netlink: 108 bytes leftover after parsing attributes in process `syz.5.752'.
[  142.766046][ T7347] netlink: 'syz.5.752': attribute type 6 has an invalid length.
[  143.213214][ T7356] loop4: detected capacity change from 0 to 32768
[  143.243769][ T7356] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.756 (7356)
[  143.299881][ T7356] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  143.333468][ T7356] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  143.362428][ T7356] BTRFS info (device loop4): disk space caching is enabled
[  143.394128][ T7356] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  143.402428][ T7368] loop1: detected capacity change from 0 to 1024
[  143.504109][ T7368] hfsplus: keylen 65060 too large
[  143.514437][ T7368] hfsplus: keylen 65060 too large
[  143.821982][ T7349] loop2: detected capacity change from 0 to 32768
[  143.961096][ T7349] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  143.971594][ T7349] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  144.030076][ T7395] sp0: Synchronizing with TNC
[  144.122005][   T47] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  144.228511][ T7349] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms
[  144.264760][  T932] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  144.271723][ T7356] BTRFS info (device loop4): rebuilding free space tree
[  144.272663][  T932] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  144.311598][   T47] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  144.348966][   T47] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  144.369459][   T47] usb 4-1: New USB device found, idVendor=17ef, idProduct=6062, bcdDevice= 0.00
[  144.378557][   T47] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.383035][  T932] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 110ms
[  144.399306][  T932] gfs2: fsid=syz:syz.0: jid=0: Done
[  144.406057][ T7349] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  144.421396][   T47] usb 4-1: config 0 descriptor??
[  144.430900][ T7356] BTRFS info (device loop4): disabling free space tree
[  144.444452][ T7356] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  144.495921][ T7356] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  144.819042][  T932] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  144.980191][  T932] usb 1-1: Using ep0 maxpacket: 32
[  144.985757][ T5230] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  145.060753][ T7427] dlm: non-version read from control device 2147479540
[  145.082822][   T47] lenovo 0003:17EF:6062.0015: hidraw0: USB HID v0.00 Device [HID 17ef:6062] on usb-dummy_hcd.3-1/input0
[  145.249065][   T47] usb 4-1: USB disconnect, device number 10
[  145.272501][ T7422] loop1: detected capacity change from 0 to 32768
[  145.279988][ T7422] XFS: attr2 mount option is deprecated.
[  145.287264][ T7422] XFS (loop1): invalid log iosize: 0 [not 12-30]
[  145.417137][ T7422] loop1: detected capacity change from 0 to 1024
[  145.424103][ T7422] tmpfs: Cannot enable swap on remount if it was disabled on first mount
[  145.458153][  T932] usb 1-1: config 0 has an invalid interface number: 8 but max is 0
[  145.466337][  T932] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  145.476565][  T932] usb 1-1: config 0 has no interface number 0
[  145.482829][  T932] usb 1-1: config 0 interface 8 altsetting 248 endpoint 0xD has invalid maxpacket 1024, setting to 64
[  145.495214][  T932] usb 1-1: config 0 interface 8 altsetting 248 has 3 endpoint descriptors, different from the interface descriptor's value: 10
[  145.508467][  T932] usb 1-1: config 0 interface 8 has no altsetting 0
[  145.536498][  T932] usb 1-1: New USB device found, idVendor=04da, idProduct=390d, bcdDevice=2d.bb
[  145.557970][  T932] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  145.578254][  T932] usb 1-1: Product: syz
[  145.582510][  T932] usb 1-1: Manufacturer: syz
[  145.587127][  T932] usb 1-1: SerialNumber: syz
[  145.681921][  T932] usb 1-1: config 0 descriptor??
[  145.964355][  T932] ath6kl: Failed to submit usb control message: -71
[  146.025229][  T932] ath6kl: unable to send the bmi data to the device: -71
[  146.078264][  T932] ath6kl: Unable to send get target info: -71
[  146.165651][  T932] ath6kl: Failed to init ath6kl core: -71
[  146.172730][  T932] ath6kl_usb 1-1:0.8: probe with driver ath6kl_usb failed with error -71
[  146.199579][  T932] usb 1-1: USB disconnect, device number 8
[  146.231561][ T7447] loop4: detected capacity change from 0 to 512
[  146.241732][ T7451] loop3: detected capacity change from 0 to 2048
[  146.305785][ T7447] EXT4-fs (loop4): bad block size 65536
[  146.431846][ T7442] loop2: detected capacity change from 0 to 32768
[  146.506299][ T7451] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  146.551397][ T7451] ext4 filesystem being mounted at /103/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  146.579294][ T7442] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.788 (7442)
[  146.616484][ T7451] fscrypt (loop3, inode 13): Error -61 getting encryption context
[  146.661619][ T7464] loop5: detected capacity change from 0 to 256
[  146.669660][ T7442] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  146.681789][ T7442] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm
[  146.697429][ T7442] BTRFS info (device loop2): using free-space-tree
[  146.712450][ T5524] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.746449][ T7464] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  146.814184][   T29] audit: type=1800 audit(1729117823.438:29): pid=7464 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.796" name="bus" dev="loop5" ino=1048736 res=0 errno=0
[  146.844521][ T7477] loop0: detected capacity change from 0 to 256
[  147.011996][ T7477] FAT-fs (loop0): Directory bread(block 64) failed
[  147.019808][ T7442] BTRFS info (device loop2): rebuilding free space tree
[  147.062957][ T7477] FAT-fs (loop0): Directory bread(block 65) failed
[  147.101926][ T7477] FAT-fs (loop0): Directory bread(block 66) failed
[  147.142827][ T7477] FAT-fs (loop0): Directory bread(block 67) failed
[  147.149750][ T7477] FAT-fs (loop0): Directory bread(block 68) failed
[  147.156399][ T7477] FAT-fs (loop0): Directory bread(block 69) failed
[  147.163532][ T7477] FAT-fs (loop0): Directory bread(block 70) failed
[  147.170313][ T7477] FAT-fs (loop0): Directory bread(block 71) failed
[  147.177009][ T7477] FAT-fs (loop0): Directory bread(block 72) failed
[  147.197265][ T7477] FAT-fs (loop0): Directory bread(block 73) failed
[  147.199042][ T5300] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  147.240265][ T5239] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  147.425544][ T5300] usb 4-1: Using ep0 maxpacket: 16
[  147.619397][ T5300] usb 4-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  147.630409][ T5300] usb 4-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0
[  147.640229][ T5300] usb 4-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  147.654082][ T5300] usb 4-1: config 0 interface 0 has no altsetting 0
[  147.660782][ T5300] usb 4-1: New USB device found, idVendor=045e, idProduct=05da, bcdDevice= 0.00
[  147.669944][ T5300] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  147.681118][ T5300] usb 4-1: config 0 descriptor??
[  147.844762][ T7503] loop5: detected capacity change from 0 to 512
[  148.060671][ T7508] loop0: detected capacity change from 0 to 2048
[  148.072447][ T7503] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  148.129115][ T7503] ext4 filesystem being mounted at /140/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  148.142212][ T7518] loop2: detected capacity change from 0 to 2048
[  148.151490][ T5300] hid-generic 0003:045E:05DA.0016: ignoring exceeding usage max
[  148.190458][ T7508] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  148.234077][ T5300] hid-generic 0003:045E:05DA.0016: hidraw0: USB HID v0.00 Device [HID 045e:05da] on usb-dummy_hcd.3-1/input0
[  148.266861][ T7518] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  148.463744][ T7530] loop4: detected capacity change from 0 to 512
[  148.505186][ T5239] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.518068][ T5244] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.566640][ T5359] usb 4-1: USB disconnect, device number 11
[  148.591048][ T7530] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  148.642749][ T7530] ext4 filesystem being mounted at /140/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  148.726811][ T7538] loop0: detected capacity change from 0 to 512
[  148.800615][ T7541] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.818'.
[  148.821773][ T5230] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.876466][ T7538] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  148.880204][ T7536] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.818'.
[  148.901251][ T7538] ext4 filesystem being mounted at /142/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  148.980599][ T7547] loop4: detected capacity change from 0 to 128
[  148.991293][ T7547] hpfs: bad mount options.
[  149.166330][ T7551] loop5: detected capacity change from 0 to 4096
[  149.200494][ T7554] loop1: detected capacity change from 0 to 8
[  149.261042][ T5242] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  149.324065][ T7554] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  149.461779][ T7551] EXT4-fs: Ignoring removed nomblk_io_submit option
[  149.470830][ T7551] EXT4-fs (loop5): Test dummy encryption mode enabled
[  149.537682][ T7551] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  149.726452][ T5244] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.049313][  T932] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  150.109097][ T7596] loop0: detected capacity change from 0 to 22
[  150.118264][ T7596] MTD: Attempt to mount non-MTD device "/dev/loop0"
[  150.125182][    T9] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  150.141979][ T7596] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  150.212782][  T932] usb 3-1: Using ep0 maxpacket: 32
[  150.231180][  T932] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  150.239584][  T932] usb 3-1: config 0 has no interface number 0
[  150.265019][  T932] usb 3-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  150.274562][  T932] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  150.330780][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  150.343812][    T9] usb 4-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99
[  150.359862][  T932] usb 3-1: Product: syz
[  150.369196][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  150.389443][  T932] usb 3-1: Manufacturer: syz
[  150.394068][  T932] usb 3-1: SerialNumber: syz
[  150.416760][    T9] usb 4-1: Product: syz
[  150.447687][    T9] usb 4-1: Manufacturer: syz
[  150.466981][    T9] usb 4-1: SerialNumber: syz
[  150.518619][ T7604] loop5: detected capacity change from 0 to 2048
[  150.536315][    T9] usb 4-1: config 0 descriptor??
[  150.542783][  T932] usb 3-1: config 0 descriptor??
[  150.556276][    T9] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  150.566031][  T932] usb 3-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  150.609012][  T932] usb 3-1: selecting invalid altsetting 1
[  150.647968][  T932] usb 3-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  150.650042][ T7602] loop4: detected capacity change from 0 to 32768
[  150.686162][ T7609] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  150.706457][  T932] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  150.807395][  T932] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  150.835001][  T932] usb 3-1: media controller created
[  150.857758][    T9] snd-usb-audio 4-1:0.0: probe with driver snd-usb-audio failed with error -2
[  150.914372][  T932] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  150.968595][ T5398] udevd[5398]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  151.025462][  T932] usb 3-1: dvb_usb_ce6230: usb_control_msg() failed=-32
[  151.035213][    T9] usb 4-1: USB disconnect, device number 12
[  151.051685][  T932] zl10353_read_register: readreg error (reg=127, ret==-32)
[  151.302329][   T29] audit: type=1800 audit(1729117827.958:30): pid=7618 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.857" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  151.322783][ T5300] usb 3-1: USB disconnect, device number 6
[  151.657267][ T7627] loop0: detected capacity change from 0 to 512
[  151.729087][ T7627] EXT4-fs: Ignoring removed mblk_io_submit option
[  151.780112][ T7627] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  151.872800][ T7627] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c118, mo2=0002]
[  151.876492][ T7638] loop4: detected capacity change from 0 to 256
[  151.901986][ T7627] System zones: 1-12
[  151.959024][ T7627] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.860: corrupted in-inode xattr: e_value size too large
[  151.976185][ T7627] EXT4-fs error (device loop0): ext4_orphan_get:1393: comm syz.0.860: couldn't read orphan inode 15 (err -117)
[  151.989970][ T7627] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  152.056559][ T7641] loop3: detected capacity change from 0 to 2048
[  152.210711][ T7638] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  152.277503][ T7641] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  152.316085][ T7608] loop1: detected capacity change from 0 to 32768
[  152.421212][ T7608] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  152.500978][ T7608] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  152.592093][ T7608] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms
[  152.610719][    T9] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  152.618212][    T9] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  152.666553][ T5524] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  152.695037][ T7660] netlink: 248 bytes leftover after parsing attributes in process `syz.5.873'.
[  152.727242][ T5242] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  152.864610][    T9] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 246ms
[  152.895473][ T7664] netlink: 8 bytes leftover after parsing attributes in process `syz.4.875'.
[  152.915854][    T9] gfs2: fsid=syz:syz.0: jid=0: Done
[  152.971991][ T7608] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  153.138322][ T7676] loop5: detected capacity change from 0 to 512
[  153.148321][ T7676] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  153.159511][ T7676] EXT4-fs (loop5): invalid journal inode
[  153.166568][ T7676] EXT4-fs (loop5): can't get journal size
[  153.295524][ T7676] EXT4-fs (loop5): 1 truncate cleaned up
[  153.334457][ T7676] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  153.417306][   T29] audit: type=1800 audit(1729117830.068:31): pid=7676 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.879" name="file2" dev="loop5" ino=16 res=0 errno=0
[  153.621779][ T5244] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.666210][ T7693] fuse: Bad value for 'group_id'
[  153.711372][ T7693] fuse: Bad value for 'group_id'
[  153.724635][ T7688] loop4: detected capacity change from 0 to 4096
[  153.826309][ T7688] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512).
[  153.911425][ T7695] loop1: detected capacity change from 0 to 1024
[  154.079222][ T7707] netlink: 16 bytes leftover after parsing attributes in process `syz.2.894'.
[  154.125170][ T7688] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  154.145315][ T7688] ntfs3(loop4): Failed to load $Extend (-22).
[  154.156577][ T7688] ntfs3(loop4): Failed to initialize $Extend.
[  154.243543][ T7713] loop3: detected capacity change from 0 to 4096
[  154.281654][ T7713] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512).
[  154.332307][   T12] hfsplus: b-tree write err: -5, ino 4
[  154.524390][ T7723] loop0: detected capacity change from 0 to 64
[  154.713574][ T5300] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  154.769022][ T7713] ntfs3(loop3): Inode r=b is not in use!
[  154.774771][ T7713] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  154.877904][ T7713] ntfs3(loop3): Failed to load $Extend (-116).
[  154.894667][ T5300] usb 2-1: Using ep0 maxpacket: 16
[  154.899956][ T7713] ntfs3(loop3): Failed to initialize $Extend.
[  154.949063][ T5300] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  154.991153][ T5300] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  155.010345][ T7740] netlink: 165 bytes leftover after parsing attributes in process `syz.5.909'.
[  155.031698][ T5300] usb 2-1: New USB device found, idVendor=1294, idProduct=1320, bcdDevice= 0.00
[  155.068918][ T5300] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  155.099727][ T5300] usb 2-1: config 0 descriptor??
[  155.497605][ T7753] Zero length message leads to an empty skb
[  155.599614][ T5300] hid-led 0003:1294:1320.0017: unbalanced delimiter at end of report description
[  155.609464][   T29] audit: type=1326 audit(1729117832.238:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7757 comm="syz.0.918" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f46f777dff9 code=0x0
[  155.619587][ T5300] hid-led 0003:1294:1320.0017: probe with driver hid-led failed with error -22
[  155.714841][ T7751] loop3: detected capacity change from 0 to 4096
[  155.771187][ T7751] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512).
[  155.785139][    T9] usb 2-1: USB disconnect, device number 11
[  155.807473][ T7743] loop2: detected capacity change from 0 to 32768
[  155.857142][ T7751] ntfs3(loop3): Failed to load $Extend (-22).
[  155.866173][ T7743] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  155.877608][ T7751] ntfs3(loop3): Failed to initialize $Extend.
[  155.899174][ T7767] tipc: Started in network mode
[  155.908173][ T7767] tipc: Node identity , cluster identity 4711
[  155.963387][ T7767] tipc: Failed to set node id, please configure manually
[  155.987012][ T7743] XFS (loop2): Ending clean mount
[  156.016396][ T7767] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  156.108438][ T5239] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  156.582994][ T7795] loop0: detected capacity change from 0 to 256
[  156.612691][ T7795] exfat: Deprecated parameter 'namecase'
[  156.989201][  T932] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  157.002193][ T7795] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36bd6320, utbl_chksum : 0xe619d30d)
[  157.082994][ T7797] loop2: detected capacity change from 0 to 32768
[  157.104699][ T7797] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.924 (7797)
[  157.146583][ T7797] BTRFS info (device loop2): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  157.158129][ T7797] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  157.168280][ T7797] BTRFS info (device loop2): using free-space-tree
[  157.180378][  T932] usb 6-1: Using ep0 maxpacket: 16
[  157.237495][  T932] usb 6-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=9c.25
[  157.309182][  T932] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  157.317242][  T932] usb 6-1: Product: syz
[  157.388507][  T932] usb 6-1: Manufacturer: syz
[  157.424725][  T932] usb 6-1: SerialNumber: syz
[  157.480135][  T932] usb 6-1: config 0 descriptor??
[  157.501187][ T7822] loop0: detected capacity change from 0 to 8
[  157.507930][ T7822] MTD: Attempt to mount non-MTD device "/dev/loop0"
[  157.586902][ T7787] loop3: detected capacity change from 0 to 32768
[  157.651039][ T7787] JBD2: Ignoring recovery information on journal
[  157.704929][  T932] usb 6-1: Found UVC 0.00 device syz (045e:0721)
[  157.737239][  T932] usb 6-1: No valid video chain found.
[  157.743839][ T7838] netlink: 'syz.1.941': attribute type 4 has an invalid length.
[  157.789171][  T932] usb 6-1: USB disconnect, device number 11
[  157.803214][ T7838] netlink: 17 bytes leftover after parsing attributes in process `syz.1.941'.
[  157.817461][ T7787] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  157.831208][ T5239] BTRFS info (device loop2): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  158.097700][ T7844] netlink: 8 bytes leftover after parsing attributes in process `syz.1.944'.
[  158.385668][ T5524] ocfs2: Unmounting device (7,3) on (node local)
[  158.713549][ T7819] loop4: detected capacity change from 0 to 32768
[  158.751420][ T7819] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.935 (7819)
[  158.865480][   T29] audit: type=1326 audit(1729117835.518:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7861 comm="syz.5.952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd33f77dff9 code=0x7ffc0000
[  158.887622][    C1] vkms_vblank_simulate: vblank timer overrun
[  158.946584][ T7819] BTRFS info (device loop4): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  158.961478][ T7819] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  158.971754][ T7819] BTRFS info (device loop4): using free-space-tree
[  159.057546][   T29] audit: type=1326 audit(1729117835.518:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7861 comm="syz.5.952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd33f77dff9 code=0x7ffc0000
[  159.116940][   T29] audit: type=1326 audit(1729117835.518:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7861 comm="syz.5.952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7fd33f77dff9 code=0x7ffc0000
[  159.190854][   T29] audit: type=1326 audit(1729117835.518:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7861 comm="syz.5.952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd33f77dff9 code=0x7ffc0000
[  159.214906][   T29] audit: type=1326 audit(1729117835.528:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7861 comm="syz.5.952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd33f77dff9 code=0x7ffc0000
[  159.237991][   T29] audit: type=1326 audit(1729117835.528:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7861 comm="syz.5.952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=86 compat=0 ip=0x7fd33f77dff9 code=0x7ffc0000
[  159.262947][   T29] audit: type=1326 audit(1729117835.528:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7861 comm="syz.5.952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd33f77dff9 code=0x7ffc0000
[  159.631875][ T7880] loop3: detected capacity change from 0 to 40427
[  159.641450][   T29] audit: type=1326 audit(1729117835.528:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7861 comm="syz.5.952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd33f77dff9 code=0x7ffc0000
[  159.663716][ T7880] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  159.671605][ T7880] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  159.683419][ T7880] F2FS-fs (loop3): invalid crc value
[  159.702655][ T7880] F2FS-fs (loop3): Found nat_bits in checkpoint
[  159.740774][   T29] audit: type=1800 audit(1729117836.398:41): pid=7819 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.935" name="file1" dev="loop4" ino=260 res=0 errno=0
[  159.896541][ T5230] BTRFS info (device loop4): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  159.923716][ T7880] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  159.958796][ T7880] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  160.111790][ T7913] loop1: detected capacity change from 0 to 64
[  160.643806][ T7875] loop0: detected capacity change from 0 to 40427
[  160.714175][ T7875] F2FS-fs (loop0): Found nat_bits in checkpoint
[  160.919178][ T7875] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  161.620666][ T7954] loop2: detected capacity change from 0 to 2048
[  161.673253][ T7954] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  161.748352][ T7954] syz.2.984: attempt to access beyond end of device
[  161.748352][ T7954] loop2: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[  161.766665][ T7962] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  161.897589][ T7966] loop4: detected capacity change from 0 to 512
[  161.948402][ T7973] loop1: detected capacity change from 0 to 256
[  162.027408][ T7966] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  162.084176][ T7966] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2863: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  162.097931][ T7979] loop2: detected capacity change from 0 to 256
[  162.105045][ T7979] vfat: Bad value for 'shortname'
[  162.200355][ T7981] loop0: detected capacity change from 0 to 1024
[  162.241085][ T7966] EXT4-fs (loop4): 1 truncate cleaned up
[  162.334382][ T7966] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  162.681276][ T5230] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.125269][ T8018] process 'syz.4.1010' launched './file0' with NULL argv: empty string added
[  163.556420][ T8038] loop4: detected capacity change from 0 to 128
[  163.595496][ T8038] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  163.626660][ T7987] loop5: detected capacity change from 0 to 32768
[  163.635508][ T7987] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.994 (7987)
[  163.680748][ T8038] ext4 filesystem being mounted at /173/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  163.723661][ T7987] BTRFS info (device loop5): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  163.756943][ T7987] BTRFS info (device loop5): using blake2b (blake2b-256-generic) checksum algorithm
[  163.801417][ T8033] ebtables: ebtables: counters copy to user failed while replacing table
[  163.810361][ T7987] BTRFS info (device loop5): using free-space-tree
[  163.914363][ T7987] BTRFS info (device loop5): checking UUID tree
[  163.957146][ T5230] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  164.321166][ T8024] loop0: detected capacity change from 0 to 32768
[  164.349037][ T5244] BTRFS info (device loop5): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  164.380289][ T8024] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  164.388468][ T8024] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  164.539493][ T8024] gfs2: fsid=syz:syz.s: journal 0 mapped with 1 extents in 2ms
[  164.609945][ T8072] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1026'.
[  164.671813][ T8024] gfs2: fsid=syz:syz.s: first mount done, others may mount
[  164.686147][ T8043] loop1: detected capacity change from 0 to 32768
[  164.721952][ T8043] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1020 (8043)
[  164.837970][ T8081] loop3: detected capacity change from 0 to 512
[  164.892317][ T8043] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  164.909385][ T8043] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm
[  164.920556][ T8043] BTRFS info (device loop1): using free-space-tree
[  165.082245][ T8081] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #13: comm syz.3.1030: attempt to clear invalid blocks 2 len 1
[  165.130342][ T8081] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 216 vs 220 free clusters
[  165.191790][ T8081] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.1030: invalid indirect mapped block 1819239214 (level 0)
[  165.206610][ T8081] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.1030: invalid indirect mapped block 1819239214 (level 1)
[  165.226030][ T8081] EXT4-fs (loop3): 1 truncate cleaned up
[  165.233196][ T8081] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  165.467753][ T5524] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.666224][ T5235] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  165.798962][ T8116] loop2: detected capacity change from 0 to 16
[  165.836074][ T8116] erofs: (device loop2): mounted with root inode @ nid 36.
[  166.164579][ T8124] loop2: detected capacity change from 0 to 256
[  166.177220][ T8124] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  166.328833][ T8129] loop1: detected capacity change from 0 to 512
[  166.344552][ T8130] loop3: detected capacity change from 0 to 512
[  166.422999][ T8130] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  166.472949][ T8129] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  166.519227][ T8129] ext4 filesystem being mounted at /164/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  166.624707][ T8129] Quota error (device loop1): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8
[  166.673416][ T8140] loop2: detected capacity change from 0 to 64
[  166.702405][ T5524] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.738284][ T8129] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  166.760091][ T8129] EXT4-fs error (device loop1): ext4_acquire_dquot:6879: comm syz.1.1036: Failed to acquire dquot type 0
[  166.942727][ T8146] netlink: 'syz.3.1048': attribute type 29 has an invalid length.
[  166.986505][ T8146] netlink: 'syz.3.1048': attribute type 29 has an invalid length.
[  167.081030][ T5235] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  167.115976][ T8114] loop4: detected capacity change from 0 to 32768
[  167.221741][ T8114] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1039 (8114)
[  167.307413][ T8114] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  167.342337][ T8159] loop5: detected capacity change from 0 to 1024
[  167.366369][ T8114] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm
[  167.419815][ T8114] BTRFS info (device loop4): using free-space-tree
[  167.570945][ T1118] hfsplus: b-tree write err: -5, ino 4
[  167.751989][ T8181] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1058'.
[  167.979802][ T5230] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  168.501827][ T8151] loop2: detected capacity change from 0 to 40427
[  168.562035][ T8151] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  168.619046][ T8151] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  168.629303][    T9] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  168.712647][ T8151] F2FS-fs (loop2): invalid crc value
[  168.732297][ T8151] F2FS-fs (loop2): Found nat_bits in checkpoint
[  168.827081][    T9] usb 2-1: config 0 interface 0 altsetting 253 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  168.864993][    T9] usb 2-1: config 0 interface 0 altsetting 253 endpoint 0x81 has invalid wMaxPacketSize 0
[  168.901771][    T9] usb 2-1: config 0 interface 0 has no altsetting 0
[  168.931943][ T8151] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  168.932106][    T9] usb 2-1: New USB device found, idVendor=056a, idProduct=0035, bcdDevice= 0.00
[  168.941516][ T8216] loop4: detected capacity change from 0 to 16
[  168.963902][ T8151] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  168.980313][ T8183] loop5: detected capacity change from 0 to 32768
[  168.988658][ T8216] erofs: (device loop4): mounted with root inode @ nid 36.
[  168.998949][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  169.035432][ T8216] erofs: (device loop4): z_erofs_do_map_blocks: inconsistent algorithmtype 1 for nid 36
[  169.035626][   T29] audit: type=1800 audit(1729117845.688:42): pid=8151 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1051" name="bus" dev="loop2" ino=10 res=0 errno=0
[  169.065794][    C1] vkms_vblank_simulate: vblank timer overrun
[  169.080700][    T9] usb 2-1: config 0 descriptor??
[  169.088501][ T8183] XFS (loop5): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  169.197542][ T8183] XFS (loop5): Ending clean mount
[  169.403955][ T5244] XFS (loop5): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  169.547386][    T9] wacom 0003:056A:0035.0018: hidraw0: USB HID v0.00 Device [HID 056a:0035] on usb-dummy_hcd.1-1/input0
[  169.776644][    T9] usb 2-1: USB disconnect, device number 12
[  170.195567][ T8253] loop4: detected capacity change from 0 to 1024
[  170.260535][ T8253] hfsplus: bad catalog entry type
[  170.318597][ T8252] loop3: detected capacity change from 0 to 256
[  170.329333][ T5359] usb 1-1: new full-speed USB device number 9 using dummy_hcd
[  170.355916][ T8252] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  170.457651][ T1046] hfsplus: b-tree write err: -5, ino 4
[  170.472938][ T8252] exFAT-fs (loop3): error, tried to truncate zeroed cluster.
[  170.499786][ T5359] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  170.519302][ T8252] exFAT-fs (loop3): Filesystem has been set read-only
[  170.537219][ T5359] usb 1-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  170.571665][ T5359] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  170.611159][ T8265] loop4: detected capacity change from 0 to 1024
[  170.625853][ T5359] usb 1-1: config 0 descriptor??
[  170.629298][ T8263] program syz.2.1089 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  170.728420][ T8265] hfsplus: request for non-existent node 768 in B*Tree
[  170.761852][ T8265] hfsplus: request for non-existent node 768 in B*Tree
[  170.855925][ T8265] hfsplus: xattr searching failed
[  171.067324][ T8277] loop3: detected capacity change from 0 to 764
[  171.074557][ T5359] mcp2221 0003:04D8:00DD.0019: USB HID v0.00 Device [HID 04d8:00dd] on usb-dummy_hcd.0-1/input0
[  171.105078][ T8277] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  171.234311][ T8281] loop5: detected capacity change from 0 to 512
[  171.270918][ T8283] netlink: 'syz.4.1097': attribute type 6 has an invalid length.
[  171.271695][ T8281] EXT4-fs: Ignoring removed nobh option
[  171.394813][ T5359] usb 1-1: USB disconnect, device number 9
[  171.558635][ T8294] loop3: detected capacity change from 0 to 64
[  171.581784][ T8292] netlink: 84 bytes leftover after parsing attributes in process `syz.4.1104'.
[  171.675994][   T29] audit: type=1400 audit(1729117848.318:43): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11FFFF37DFD147CCA3E5098A207BE806EA7167101F8C1B5C8FE41E170FD0C775DBC5BE0B6D3AB625AB702E5B1DC15F9C4B3D09BE812F340E681E0694F5BADF640DA3FDFC2F929B4C2BEB9A592C577287B6021BFEEC24146C7F95608BB60A736207A09D9F47E89C4044EADDE57CDEFD15F25B822D2EAF2205DF0D6B71B63EE0B63CB598F26509AF36983578F6F4198A0843CC1B1BD780015007AB9709CC6211E3B5C685B972B5C5E95F054A7A9FE149282F679C8466B9734E3850EC98419DD0C887715902F9E7802842085BC606F30C2654869E9E3701FD0FC69137FE165592689465EEBD5CAFAD7C29DE2ADADEC42A818D8EE389CA1FE33A1EF23617C89116A3A458B56612E4C36C43A9150D5331ADBB0BEB01A062B1F1349FC2ECEA76CB7C40CDFE378185F3099B1D71414D0FDA5A47F8593260CC0BD723A4CCA81435F041
[  171.781016][ T8292] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  171.784619][ T8289] loop1: detected capacity change from 0 to 40427
[  171.872208][    C1] vkms_vblank_simulate: vblank timer overrun
[  171.931989][ T8289] F2FS-fs (loop1): Corrupted extension count (64 + 1 > 64)
[  171.939503][ T8289] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  171.949826][ T8281] fscrypt (loop5, inode 2): Error -61 getting encryption context
[  171.978786][ T8281] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -61
[  172.142670][ T8302] loop3: detected capacity change from 0 to 4096
[  172.159290][ T8281] EXT4-fs error (device loop5): ext4_orphan_get:1388: inode #13: comm syz.5.1098: casefold flag without casefold feature
[  172.218947][ T8302] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512).
[  172.238399][ T8281] EXT4-fs error (device loop5): ext4_orphan_get:1393: comm syz.5.1098: couldn't read orphan inode 13 (err -117)
[  172.254157][ T8289] F2FS-fs (loop1): Found nat_bits in checkpoint
[  172.304074][ T8281] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  172.359244][ T8281] fscrypt (loop5, inode 2): Error -61 getting encryption context
[  172.497212][ T8289] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  172.508476][ T5244] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.517207][ T8289] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  172.593771][ T8303] f2fs_ckpt-7:1: attempt to access beyond end of device
[  172.593771][ T8303] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  172.612587][ T8303] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  173.158995][ T8330] netlink: 'syz.4.1118': attribute type 3 has an invalid length.
[  173.397788][ T8332] loop0: detected capacity change from 0 to 128
[  173.486360][ T8324] loop5: detected capacity change from 0 to 4096
[  173.580831][ T8332] ERROR: Domain '<kernel> /sbin/init /etc/init.d/rcS /etc/init.d/S50sshd /usr/sbin/sshd /usr/sbin/sshd /bin/sh /root/syz-executor /root/syz-executor /newroot/186/file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  173.649548][ T8324] ntfs3(loop5): ino=5, "/" directory corrupted
[  173.729066][ T8340] /dev/nullb0: Can't open blockdev
[  174.118577][ T8326] loop3: detected capacity change from 0 to 32768
[  174.166689][ T8353] loop5: detected capacity change from 0 to 1024
[  174.193796][ T8326] JBD2: Ignoring recovery information on journal
[  174.398780][ T8326] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  174.640577][ T8352] loop2: detected capacity change from 0 to 32768
[  174.687532][ T8367] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  174.696524][ T8367] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  174.705571][ T8367] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  174.714488][ T8367] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  174.723769][ T8367] geneve2: entered promiscuous mode
[  174.729092][ T8367] geneve2: entered allmulticast mode
[  174.779951][   T29] audit: type=1326 audit(1729117851.428:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8369 comm="syz.5.1134" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd33f77dff9 code=0x0
[  174.807985][ T5524] ocfs2: Unmounting device (7,3) on (node local)
[  174.910287][ T8367] netdevsim netdevsim4 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0
[  174.952389][ T8367] netdevsim netdevsim4 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0
[  174.989377][ T8367] netdevsim netdevsim4 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0
[  175.003805][ T8352] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  175.054756][ T8367] netdevsim netdevsim4 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0
[  175.116156][ T8373] loop1: detected capacity change from 0 to 4096
[  175.140564][ T8373] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512).
[  175.236779][ T5239] ocfs2: Unmounting device (7,2) on (node local)
[  175.809613][ T8388] loop2: detected capacity change from 0 to 2048
[  175.851825][ T8388] EXT4-fs: Ignoring removed orlov option
[  175.938267][ T8388] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  176.105758][ T8377] loop3: detected capacity change from 0 to 32768
[  176.154044][ T5239] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.213639][ T8377] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  176.228953][ T8377] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  176.278033][ T8382] loop4: detected capacity change from 0 to 32768
[  176.336967][ T8382] XFS (loop4): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  176.395646][ T8380] loop0: detected capacity change from 0 to 40427
[  176.404961][ T8380] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  176.410982][ T8377] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms
[  176.414149][ T8380] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  176.454986][ T8380] F2FS-fs (loop0): Found nat_bits in checkpoint
[  176.541185][ T5359] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  176.573723][ T5359] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  176.663516][ T8420] loop5: detected capacity change from 0 to 256
[  176.677994][ T8420] exfat: Deprecated parameter 'namecase'
[  176.696372][ T5359] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 122ms
[  176.704098][ T5359] gfs2: fsid=syz:syz.0: jid=0: Done
[  176.704190][ T8380] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  176.709633][ T8377] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  176.753118][ T8380] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  176.772826][ T8420] exfat: Deprecated parameter 'utf8'
[  176.792293][ T8420] exfat: Deprecated parameter 'namecase'
[  176.853708][ T8420] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  176.854689][ T8382] XFS (loop4): Starting recovery (logdev: internal)
[  176.952468][ T8382] XFS (loop4): Ending recovery (logdev: internal)
[  177.081040][ T5230] XFS (loop4): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  177.357060][ T8417] loop2: detected capacity change from 0 to 32768
[  177.366020][ T8417] (syz.2.1147,8417,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  177.413388][ T8417] (syz.2.1147,8417,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  177.468648][ T8417] (syz.2.1147,8417,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xcfdff595, computed 0xefed4a20. Applying ECC.
[  177.589038][ T5300] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  177.721633][ T8417] JBD2: Ignoring recovery information on journal
[  177.768242][ T5300] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  177.784155][ T5300] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  177.828798][ T5300] usb 4-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[  177.882738][ T5300] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  177.914190][ T8417] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  177.925036][ T8425] loop1: detected capacity change from 0 to 32768
[  177.940649][ T5300] usb 4-1: config 0 descriptor??
[  178.013663][ T8425] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  178.143154][ T8417] (syz.2.1147,8417,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb68296ec, computed 0xec517776. Applying ECC.
[  178.168351][ T8417] (syz.2.1147,8417,0):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0xb68296ec, computed 0xccb4c126
[  178.182396][ T8425] XFS (loop1): Ending clean mount
[  178.194948][ T8417] (syz.2.1147,8417,0):ocfs2_trim_mainbm:7610 ERROR: status = -5
[  178.205416][ T8425] XFS (loop1): Quotacheck needed: Please wait.
[  178.249110][    T9] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  178.256795][ T5294] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  178.260962][ T8425] XFS (loop1): Quotacheck: Done.
[  178.358104][ T5239] ocfs2: Unmounting device (7,2) on (node local)
[  178.383689][ T5300] arvo 0003:1E7D:30D4.001A: unknown main item tag 0x0
[  178.390869][ T5300] arvo 0003:1E7D:30D4.001A: unknown main item tag 0x0
[  178.397663][ T5300] arvo 0003:1E7D:30D4.001A: unknown main item tag 0x0
[  178.404986][ T5300] arvo 0003:1E7D:30D4.001A: unknown main item tag 0x0
[  178.411149][    T9] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x92, changing to 0x82
[  178.412518][ T5300] arvo 0003:1E7D:30D4.001A: unknown main item tag 0x0
[  178.431350][ T5300] arvo 0003:1E7D:30D4.001A: unknown main item tag 0x0
[  178.440619][ T5294] usb 1-1: New USB device found, idVendor=0458, idProduct=5005, bcdDevice= 0.00
[  178.448929][ T5300] arvo 0003:1E7D:30D4.001A: unknown main item tag 0x0
[  178.462930][ T5300] arvo 0003:1E7D:30D4.001A: hidraw0: USB HID v0.00 Device [HID 1e7d:30d4] on usb-dummy_hcd.3-1/input0
[  178.474080][ T5294] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  178.475086][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  178.510506][ T5294] usb 1-1: config 0 descriptor??
[  178.555484][ T5235] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  178.574013][    T9] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  178.596536][    T9] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  178.605903][ T5300] arvo 0003:1E7D:30D4.001A: couldn't init struct arvo_device
[  178.617515][ T5300] arvo 0003:1E7D:30D4.001A: couldn't install keyboard
[  178.631206][ T5300] arvo 0003:1E7D:30D4.001A: probe with driver arvo failed with error -71
[  178.642867][ T5300] usb 4-1: USB disconnect, device number 13
[  178.693041][    T9] usb 6-1: New USB device found, idVendor=112a, idProduct=0001, bcdDevice=9e.7f
[  178.722531][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  178.755371][ T8453] netlink: 'syz.4.1162': attribute type 1 has an invalid length.
[  178.759665][    T9] usb 6-1: Product: syz
[  178.794452][    T9] usb 6-1: Manufacturer: syz
[  178.811110][    T9] usb 6-1: SerialNumber: syz
[  178.840198][    T9] usb 6-1: config 0 descriptor??
[  178.857861][    T9] redrat3 6-1:0.0: Couldn't find all endpoints
[  178.950492][ T5294] kye 0003:0458:5005.001B: tablet report size too small, or kye_tablet_rdesc unexpectedly large
[  178.978492][ T8457] loop4: detected capacity change from 0 to 512
[  178.989490][ T5294] kye 0003:0458:5005.001B: unknown main item tag 0x0
[  179.006837][ T5294] kye 0003:0458:5005.001B: unknown main item tag 0x0
[  179.028979][ T5294] kye 0003:0458:5005.001B: unknown main item tag 0x0
[  179.039275][ T5294] kye 0003:0458:5005.001B: unknown main item tag 0x0
[  179.066386][ T8457] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  179.076470][ T5294] kye 0003:0458:5005.001B: unknown main item tag 0x0
[  179.105920][ T5294] kye 0003:0458:5005.001B: unknown main item tag 0x0
[  179.122833][ T5294] kye 0003:0458:5005.001B: unknown main item tag 0x0
[  179.126759][ T8459] loop2: detected capacity change from 0 to 512
[  179.130937][    T9] usb 6-1: USB disconnect, device number 12
[  179.182741][ T8457] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm syz.4.1164: invalid indirect mapped block 83886080 (level 1)
[  179.203994][ T5294] kye 0003:0458:5005.001B: hidraw0: USB HID v0.00 Device [HID 0458:5005] on usb-dummy_hcd.0-1/input0
[  179.252635][ T8459] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  179.265630][ T5294] kye 0003:0458:5005.001B: tablet-enabling feature report not found
[  179.293939][ T8463] loop1: detected capacity change from 0 to 2048
[  179.306057][ T8459] ext4 filesystem being mounted at /202/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  179.321579][ T8457] EXT4-fs (loop4): Remounting filesystem read-only
[  179.329796][ T8457] EXT4-fs (loop4): 1 orphan inode deleted
[  179.335526][ T8457] EXT4-fs (loop4): 1 truncate cleaned up
[  179.341596][ T5294] kye 0003:0458:5005.001B: tablet enabling failed
[  179.353912][ T8457] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  179.383747][ T8463] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  179.423810][ T5294] usb 1-1: USB disconnect, device number 10
[  179.474768][ T8459] Quota error (device loop2): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8
[  179.496414][ T5230] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.506228][ T8459] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  179.545432][ T8459] EXT4-fs error (device loop2): ext4_acquire_dquot:6879: comm syz.2.1165: Failed to acquire dquot type 0
[  179.687214][ T8476] loop4: detected capacity change from 0 to 256
[  179.707995][ T5239] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  179.749401][    T9] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  179.796495][ T4618] Bluetooth: hci0: Dropping invalid advertising data
[  179.805126][ T4618] Bluetooth: hci0: Malformed LE Event: 0x02
[  180.035200][    T9] usb 6-1: Using ep0 maxpacket: 16
[  180.056072][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  180.073911][    T9] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  180.089639][    T9] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x92, changing to 0x82
[  180.101428][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  180.112687][    T9] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  180.143814][    T9] usb 6-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice=b4.5b
[  180.160370][    T9] usb 6-1: New USB device strings: Mfr=1, Product=130, SerialNumber=3
[  180.168645][    T9] usb 6-1: Product: syz
[  180.182093][    T9] usb 6-1: Manufacturer: syz
[  180.186802][    T9] usb 6-1: SerialNumber: syz
[  180.199567][    T9] usb 6-1: config 0 descriptor??
[  180.212260][    T9] usb 6-1: NFC: intf ffff88802935b000 id ffffffff8f31afa0
[  180.262221][    T9] nfcmrvl 6-1:0.0: NFC: registered with nci successfully
[  180.270914][ T8496] loop1: detected capacity change from 0 to 4096
[  180.347636][ T8501] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  180.418129][ T8473] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  180.427214][ T8473] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  180.446092][ T5300] usb 6-1: USB disconnect, device number 13
[  180.467903][ T5300] usb 6-1: NFC: intf ffff88802935b000
[  180.478726][ T8473] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  180.542202][ T8473] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  180.550730][ T8473] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  180.580507][ T8473] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  180.629938][ T8473] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  180.635955][ T8473] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  180.695436][ T8473] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  180.710751][ T8473] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  180.739158][ T8473] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  180.769154][ T8473] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  180.796152][ T8473] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  180.816904][ T8473] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  180.840055][ T8473] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  180.846716][ T8473] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  180.899799][ T8494] loop3: detected capacity change from 0 to 32768
[  180.968251][ T8494] jfs_strtoUCS: char2uni returned -22.
[  180.996294][ T8494] charset = cp1255, char = 0xfc
[  181.139413][ T5300] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  181.169008][    T9] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  181.299133][ T5300] usb 3-1: Using ep0 maxpacket: 8
[  181.322284][ T5300] usb 3-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  181.329843][    T9] usb 1-1: Using ep0 maxpacket: 16
[  181.342379][ T5300] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  181.352514][    T9] usb 1-1: config 0 has no interfaces?
[  181.358016][    T9] usb 1-1: New USB device found, idVendor=04b4, idProduct=0001, bcdDevice= 0.00
[  181.360991][ T5300] usb 3-1: Product: syz
[  181.394908][ T5300] usb 3-1: Manufacturer: syz
[  181.416820][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  181.422663][ T5300] usb 3-1: SerialNumber: syz
[  181.450243][    T9] usb 1-1: config 0 descriptor??
[  181.454980][ T5300] usb 3-1: config 0 descriptor??
[  181.487012][ T5300] gspca_main: se401-2.14.0 probing 047d:5003
[  181.677393][  T932] usb 1-1: USB disconnect, device number 11
[  181.759045][ T5251] Bluetooth: hci0: command 0x0c1a tx timeout
[  181.866517][ T8530] loop5: detected capacity change from 0 to 1024
[  181.901329][ T5300] gspca_se401: Bayer format not supported!
[  181.963780][ T8530] hfsplus: invalid extent btree flag
[  181.985063][ T8530] hfsplus: failed to load extents file
[  182.016048][ T8530] RDS: rds_bind could not find a transport for b43:5899:af77:7060:ba8b:29fe:de55:21b8, load rds_tcp or rds_rdma?
[  182.147455][   T25] usb 3-1: USB disconnect, device number 7
[  182.221434][ T8513] loop4: detected capacity change from 0 to 32768
[  182.319639][ T8541] devtmpfs: Too few inodes for current use
[  182.327770][ T8545] syz.5.1200 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  182.348331][ T5300] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  182.372154][ T8513] JBD2: Ignoring recovery information on journal
[  182.466728][ T8513] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  182.509584][ T5300] usb 4-1: Using ep0 maxpacket: 8
[  182.516356][ T5300] usb 4-1: config 0 has an invalid interface number: 95 but max is 0
[  182.534863][ T5300] usb 4-1: config 0 has no interface number 0
[  182.558085][ T5300] usb 4-1: config 0 interface 95 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[  182.568026][ T5251] Bluetooth: hci2: command 0x0c1a tx timeout
[  182.601930][ T5230] ocfs2: Unmounting device (7,4) on (node local)
[  182.619001][ T5300] usb 4-1: config 0 interface 95 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 0
[  182.635083][ T5300] usb 4-1: config 0 interface 95 altsetting 0 endpoint 0x5 has an invalid bInterval 255, changing to 11
[  182.646437][ T5251] Bluetooth: hci3: command 0x0c1a tx timeout
[  182.652833][ T5300] usb 4-1: config 0 interface 95 altsetting 0 endpoint 0x5 has invalid maxpacket 59391, setting to 1024
[  182.681494][ T5300] usb 4-1: New USB device found, idVendor=06cd, idProduct=0108, bcdDevice=10.15
[  182.719101][ T5251] Bluetooth: hci4: command 0x0c1a tx timeout
[  182.726308][ T5300] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  182.740034][ T8553] [U] 	
[  182.808927][ T5300] usb 4-1: Product: syz
[  182.809599][ T5251] Bluetooth: hci5: command 0x0c1a tx timeout
[  182.813447][ T5300] usb 4-1: Manufacturer: syz
[  182.838433][ T5300] usb 4-1: SerialNumber: syz
[  182.879809][ T5251] Bluetooth: hci1: command 0x0419 tx timeout
[  183.110957][ T5300] usb 4-1: config 0 descriptor??
[  183.141746][ T5300] keyspan 4-1:0.95: Keyspan 1 port adapter converter detected
[  183.149533][ T5300] keyspan 4-1:0.95: found no endpoint descriptor for endpoint 87
[  183.157311][ T5300] keyspan 4-1:0.95: found no endpoint descriptor for endpoint 7
[  183.166093][ T5300] keyspan 4-1:0.95: found no endpoint descriptor for endpoint 81
[  183.177413][ T5300] keyspan 4-1:0.95: found no endpoint descriptor for endpoint 1
[  183.185299][ T5300] keyspan 4-1:0.95: found no endpoint descriptor for endpoint 2
[  183.193753][ T5300] keyspan 4-1:0.95: found no endpoint descriptor for endpoint 85
[  183.199736][ T8571] loop1: detected capacity change from 0 to 256
[  183.235679][ T8571] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f50, chksum : 0xa6aae999, utbl_chksum : 0xe619d30d)
[  183.259198][ T5300] usb 4-1: Keyspan 1 port adapter converter now attached to ttyUSB0
[  183.512423][  T932] usb 4-1: USB disconnect, device number 14
[  183.585353][  T932] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0
[  183.590905][ T8576] netlink: 'syz.2.1214': attribute type 3 has an invalid length.
[  183.603245][ T8576] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.1214'.
[  183.630983][  T932] keyspan 4-1:0.95: device disconnected
[  183.652498][ T8578] netlink: 209800 bytes leftover after parsing attributes in process `syz.0.1215'.
[  183.672553][ T8578] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16)
[  183.693082][ T8578] openvswitch: netlink: Message has 48 unknown bytes.
[  183.700590][ T8561] loop5: detected capacity change from 0 to 32768
[  183.742408][ T8561] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1208 (8561)
[  183.759503][   T25] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  183.777279][ T8561] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  183.811585][ T8561] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm
[  183.846095][ T4618] Bluetooth: hci0: command 0x0c1a tx timeout
[  183.922055][ T8561] BTRFS info (device loop5): using free-space-tree
[  183.930914][ T8583] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1216'.
[  184.059053][   T25] usb 5-1: Using ep0 maxpacket: 8
[  184.077800][   T25] usb 5-1: New USB device found, idVendor=16c0, idProduct=05df, bcdDevice= 1.ef
[  184.087543][   T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  184.109109][   T25] usb 5-1: SerialNumber: syz
[  184.117154][   T25] usb 5-1: config 0 descriptor??
[  184.172672][ T8604] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1219'.
[  184.230093][ T8604] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1219'.
[  184.346649][ T5244] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  184.348938][   T25] usb 5-1: USB disconnect, device number 11
[  184.647507][ T4618] Bluetooth: hci2: command 0x0c1a tx timeout
[  184.723239][ T4618] Bluetooth: hci3: command 0x0c1a tx timeout
[  184.799115][ T4618] Bluetooth: hci4: command 0x0c1a tx timeout
[  184.884858][ T5251] Bluetooth: hci5: command 0x0c1a tx timeout
[  184.892866][ T8623] openvswitch: netlink: Missing key (keys=44, expected=200000)
[  184.959083][ T5251] Bluetooth: hci1: command 0x0419 tx timeout
[  185.210912][ T8634] Bluetooth: MGMT ver 1.23
[  185.381672][ T8638] netlink: 'syz.4.1234': attribute type 1 has an invalid length.
[  185.399201][ T5300] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  185.399910][ T8638] netlink: 9344 bytes leftover after parsing attributes in process `syz.4.1234'.
[  185.435052][ T8638] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1234'.
[  185.589084][ T5300] usb 2-1: Using ep0 maxpacket: 8
[  185.608109][ T5300] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 223, changing to 11
[  185.639037][ T5300] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  185.652374][ T8640] loop4: detected capacity change from 0 to 8
[  185.676130][ T5300] usb 2-1: New USB device found, idVendor=044e, idProduct=1215, bcdDevice= 0.00
[  185.689091][ T8640] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  185.706635][ T5300] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  185.731482][ T5300] usb 2-1: config 0 descriptor??
[  185.859879][ T8621] loop2: detected capacity change from 0 to 32768
[  185.884316][ T8621] XFS: noikeep mount option is deprecated.
[  185.919261][ T4618] Bluetooth: hci0: command 0x0c1a tx timeout
[  186.178313][ T8627] loop0: detected capacity change from 0 to 32768
[  186.197162][ T8621] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  186.254526][ T8621] XFS (loop2): Ending clean mount
[  186.262510][ T8621] XFS (loop2): Quotacheck needed: Please wait.
[  186.287381][ T5300] hid-alps 0003:044E:1215.001C: hidraw0: USB HID v40.00 Device [HID 044e:1215] on usb-dummy_hcd.1-1/input0
[  186.315005][ T8636] loop5: detected capacity change from 0 to 32768
[  186.417983][ T8621] XFS (loop2): Quotacheck: Done.
[  186.484055][ T8636] ocfs2: Mounting device (7,5) on (node local, slot 0) with writeback data mode.
[  186.551867][  T932] usb 2-1: USB disconnect, device number 13
[  186.692506][ T5239] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  186.719631][ T4618] Bluetooth: hci2: command 0x0c1a tx timeout
[  186.776631][ T5244] ocfs2: Unmounting device (7,5) on (node local)
[  186.805577][ T4618] Bluetooth: hci3: command 0x0c1a tx timeout
[  186.885517][ T4618] Bluetooth: hci4: command 0x0c1a tx timeout
[  187.039278][ T4618] Bluetooth: hci1: command 0x0419 tx timeout
[  187.385237][ T8645] loop3: detected capacity change from 0 to 40427
[  187.417434][ T8645] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  187.425416][ T8645] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  187.469233][ T8645] F2FS-fs (loop3): Found nat_bits in checkpoint
[  187.597127][ T8645] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  187.619001][ T5432] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  187.622486][ T8645] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  187.626809][   T25] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  187.642001][   T47] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  187.692062][   T29] audit: type=1800 audit(1729117864.348:45): pid=8645 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1238" name="bus" dev="loop3" ino=10 res=0 errno=0
[  187.809048][ T5432] usb 1-1: Using ep0 maxpacket: 16
[  187.816396][ T5432] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  187.828934][   T47] usb 3-1: Using ep0 maxpacket: 32
[  187.845904][ T5432] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  187.857295][   T25] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  187.878205][   T47] usb 3-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  187.892321][   T25] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  187.909913][   T47] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.911012][ T5432] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2c2e, bcdDevice= 0.00
[  187.911047][ T5432] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.912990][ T5432] usb 1-1: config 0 descriptor??
[  187.914254][   T47] usb 3-1: config 0 descriptor??
[  187.917314][   T47] gspca_main: nw80x-2.14.0 probing 055f:d001
[  187.927359][   T25] usb 6-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00
[  188.038969][   T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  188.068809][   T25] usb 6-1: config 0 descriptor??
[  188.330904][ T5432] lua 0003:1E7D:2C2E.001D: unknown main item tag 0x0
[  188.360752][ T5432] lua 0003:1E7D:2C2E.001D: hidraw0: USB HID v0.00 Device [HID 1e7d:2c2e] on usb-dummy_hcd.0-1/input0
[  188.529263][   T47] gspca_nw80x: reg_w err -71
[  188.534005][   T47] nw80x 3-1:0.0: probe with driver nw80x failed with error -71
[  188.547087][    T9] usb 1-1: USB disconnect, device number 12
[  188.600811][   T47] usb 3-1: USB disconnect, device number 8
[  188.663864][ T8702] loop4: detected capacity change from 0 to 1024
[  188.702927][   T25] hid-led 0003:1D34:000A.001E: probe with driver hid-led failed with error -71
[  188.736418][ T8692] loop1: detected capacity change from 0 to 32768
[  188.745174][   T25] usb 6-1: USB disconnect, device number 14
[  188.792862][ T8706] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1260'.
[  189.046633][ T8712] loop4: detected capacity change from 0 to 128
[  189.120094][ T4618] Bluetooth: hci1: command 0x0419 tx timeout
[  189.146578][   T29] audit: type=1800 audit(1729117865.798:46): pid=8712 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1264" name="bus" dev="loop4" ino=1048759 res=0 errno=0
[  189.526363][ T8724] loop0: detected capacity change from 0 to 256
[  189.614456][ T8724] exFAT-fs (loop0): failed to load upcase table (idx : 0x00017f3e, chksum : 0x84cb8d72, utbl_chksum : 0xe619d30d)
[  189.881633][ T8734] atomic_op ffff88807d643198 conn xmit_atomic 0000000000000000
[  189.918464][ T8710] loop3: detected capacity change from 0 to 40427
[  189.973375][ T8736] netlink: 'syz.1.1273': attribute type 142 has an invalid length.
[  190.001401][ T8710] F2FS-fs (loop3): Found nat_bits in checkpoint
[  190.370704][ T8710] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  190.385011][ T8757] loop2: detected capacity change from 0 to 47
[  190.395800][   T29] audit: type=1800 audit(1729117867.048:47): pid=8710 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1262" name="file2" dev="loop3" ino=10 res=0 errno=0
[  190.452684][ T5524] syz-executor: attempt to access beyond end of device
[  190.452684][ T5524] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  190.500675][ T5524] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  190.609436][   T25] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  190.800206][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  190.849141][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  190.870201][   T25] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  190.882998][   T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  190.914967][   T25] usb 2-1: config 0 descriptor??
[  191.084677][  T932] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  191.112681][ T8777] loop2: detected capacity change from 0 to 4096
[  191.262682][  T932] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  191.273374][  T932] usb 5-1: config 0 has no interface number 0
[  191.294567][  T932] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  191.327401][  T932] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  191.328777][ T8777] ntfs3(loop2): ino=0, "file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" failed to parse mft record
[  191.359219][  T932] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice=ee.00
[  191.379636][   T25] cp2112 0003:10C4:EA90.001F: unknown main item tag 0x0
[  191.388489][   T25] cp2112 0003:10C4:EA90.001F: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.1-1/input0
[  191.449343][  T932] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  191.472069][  T932] usb 5-1: config 0 descriptor??
[  191.529799][    T9] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  191.584503][   T25] cp2112 0003:10C4:EA90.001F: error requesting version
[  191.599569][   T25] cp2112 0003:10C4:EA90.001F: probe with driver cp2112 failed with error -71
[  191.625898][   T25] usb 2-1: USB disconnect, device number 14
[  191.671890][ T5359] usb 1-1: new low-speed USB device number 13 using dummy_hcd
[  191.730648][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  191.741890][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  191.752122][    T9] usb 6-1: New USB device found, idVendor=060b, idProduct=700a, bcdDevice= 0.00
[  191.761690][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  191.783072][    T9] usb 6-1: config 0 descriptor??
[  191.789008][ T5294] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  191.860482][ T5359] usb 1-1: config 179 has an invalid interface number: 65 but max is 0
[  191.869588][ T5359] usb 1-1: config 179 has no interface number 0
[  191.875865][ T5359] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 10
[  191.899090][ T5359] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  191.914290][  T932] uclogic 0003:256C:006D.0020: No inputs registered, leaving
[  191.923627][ T5359] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10
[  191.928236][  T932] uclogic 0003:256C:006D.0020: hidraw0: USB HID v0.40 Device [HID 256c:006d] on usb-dummy_hcd.4-1/input1
[  191.976861][ T5294] usb 4-1: too many endpoints for config 0 interface 0 altsetting 64: 254, using maximum allowed: 30
[  191.977842][ T5359] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 58368, setting to 8
[  192.001591][ T5294] usb 4-1: config 0 interface 0 altsetting 64 endpoint 0x81 has an invalid bInterval 32, changing to 9
[  192.013272][ T5294] usb 4-1: config 0 interface 0 altsetting 64 endpoint 0x81 has invalid wMaxPacketSize 0
[  192.023717][ T5294] usb 4-1: config 0 interface 0 altsetting 64 has 1 endpoint descriptor, different from the interface descriptor's value: 254
[  192.050120][ T5294] usb 4-1: config 0 interface 0 has no altsetting 0
[  192.051956][ T5359] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  192.056803][ T5294] usb 4-1: New USB device found, idVendor=5543, idProduct=0047, bcdDevice= 0.00
[  192.078640][ T5359] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  192.092353][ T5359] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  192.118328][ T5294] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  192.129711][ T5294] usb 4-1: config 0 descriptor??
[  192.148739][ T8785] raw-gadget.3 gadget.0: fail, usb_ep_enable returned -22
[  192.172263][ T5359] xpad 1-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[  192.198411][ T5359] xpad 1-1:179.65: probe with driver xpad failed with error -5
[  192.223175][  T932] usb 5-1: USB disconnect, device number 12
[  192.235430][    T9] cougar 0003:060B:700A.0021: hidraw1: USB HID v0.00 Device [HID 060b:700a] on usb-dummy_hcd.5-1/input0
[  192.327067][ T8799] loop1: detected capacity change from 0 to 256
[  192.334988][ T8799] exfat: Deprecated parameter 'utf8'
[  192.377744][ T8799] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  192.400521][ T5359] usb 1-1: USB disconnect, device number 13
[  192.434041][   T25] usb 6-1: USB disconnect, device number 15
[  192.661139][ T8807] loop1: detected capacity change from 0 to 128
[  192.696015][ T8807] sysv_count_free_blocks: >flc_size entries in free-list block
[  192.715341][ T8807] sysv_count_free_inodes: unable to read inode table
[  192.752486][ T5235] sysv_free_block: flc_count > flc_size
[  192.758352][ T5235] sysv_free_block: flc_count > flc_size
[  192.764291][ T5235] sysv_free_block: flc_count > flc_size
[  192.776018][ T5294] usb 4-1: string descriptor 0 read error: -71
[  192.781905][ T5235] sysv_free_block: flc_count > flc_size
[  192.783837][ T5294] uclogic 0003:5543:0047.0022: failed retrieving string descriptor #200: -71
[  192.787685][ T5235] sysv_free_block: flc_count > flc_size
[  192.796839][ T5294] uclogic 0003:5543:0047.0022: failed retrieving pen parameters: -71
[  192.806405][ T5235] sysv_free_block: flc_count > flc_size
[  192.812384][ T5294] uclogic 0003:5543:0047.0022: failed probing pen v2 parameters: -71
[  192.818307][   T47] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  192.825523][ T5294] uclogic 0003:5543:0047.0022: failed probing parameters: -71
[  192.833017][ T5235] sysv_free_block: flc_count > flc_size
[  192.840508][ T5294] uclogic 0003:5543:0047.0022: probe with driver uclogic failed with error -71
[  192.846033][ T5235] sysv_free_block: flc_count > flc_size
[  192.860964][ T5294] usb 4-1: USB disconnect, device number 15
[  192.867013][ T5235] sysv_free_block: flc_count > flc_size
[  192.872858][ T5235] sysv_free_block: flc_count > flc_size
[  192.902136][ T5235] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  193.099370][   T47] usb 3-1: Using ep0 maxpacket: 16
[  193.115936][   T47] usb 3-1: config 0 has no interfaces?
[  193.131059][   T47] usb 3-1: New USB device found, idVendor=15c2, idProduct=0040, bcdDevice= 7.fb
[  193.156531][   T47] usb 3-1: New USB device strings: Mfr=7, Product=130, SerialNumber=11
[  193.222539][   T47] usb 3-1: Product: syz
[  193.238993][   T47] usb 3-1: Manufacturer: syz
[  193.243625][   T47] usb 3-1: SerialNumber: syz
[  193.274919][   T47] usb 3-1: config 0 descriptor??
[  193.470072][ T8828] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1316'.
[  193.515428][ T8803] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1305'.
[  193.567274][   T25] usb 3-1: USB disconnect, device number 9
[  193.686948][ T1262] ieee802154 phy0 wpan0: encryption failed: -22
[  193.693400][ T1262] ieee802154 phy1 wpan1: encryption failed: -22
[  194.176125][ T8858] netlink: 'syz.3.1329': attribute type 3 has an invalid length.
[  194.595675][ T8841] loop1: detected capacity change from 0 to 32768
[  194.648615][ T8841] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  194.758949][ T8841] XFS (loop1): Ending clean mount
[  194.893630][ T8841] XFS (loop1): Quotacheck needed: Please wait.
[  195.241110][ T8905] loop4: detected capacity change from 0 to 64
[  195.385023][ T8900] loop0: detected capacity change from 0 to 40427
[  195.414795][ T8900] F2FS-fs (loop0): invalid crc value
[  195.541795][ T8897] loop3: detected capacity change from 0 to 32768
[  195.557552][ T8900] F2FS-fs (loop0): Found nat_bits in checkpoint
[  195.579967][ T8841] XFS (loop1): Quotacheck: Done.
[  195.703975][ T8916] loop2: detected capacity change from 0 to 1024
[  195.725149][ T5235] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  195.887930][ T8900] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  196.164324][ T8928] loop5: detected capacity change from 0 to 256
[  196.205636][ T8928] exfat: Deprecated parameter 'utf8'
[  196.226425][ T8928] exfat: Deprecated parameter 'utf8'
[  196.245089][ T8928] exfat: Deprecated parameter 'namecase'
[  196.259800][ T8928] exfat: Deprecated parameter 'utf8'
[  196.320406][   T47] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  196.362823][ T8928] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d)
[  196.500398][   T47] usb 5-1: Using ep0 maxpacket: 32
[  196.522953][   T47] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  196.555694][   T47] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  196.573499][ T8938] loop5: detected capacity change from 0 to 64
[  196.579566][   T47] usb 5-1: New USB device found, idVendor=046d, idProduct=c714, bcdDevice= 0.00
[  196.596866][   T47] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  196.636700][   T47] usb 5-1: config 0 descriptor??
[  196.649021][  T932] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  196.656706][ T5294] usb 3-1: new full-speed USB device number 10 using dummy_hcd
[  196.969015][  T932] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  196.980243][  T932] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  196.985057][ T8944] netlink: 210596 bytes leftover after parsing attributes in process `syz.5.1364'.
[  196.990075][  T932] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00
[  196.990109][  T932] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  197.029112][ T5294] usb 3-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32
[  197.038169][ T5294] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  197.047385][  T932] usb 2-1: config 0 descriptor??
[  197.060773][ T5294] usb 3-1: config 0 descriptor??
[  197.085610][ T5294] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[  197.209131][ T5295] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  197.235964][ T8934] loop3: detected capacity change from 0 to 32768
[  197.243758][ T8934] XFS: attr2 mount option is deprecated.
[  197.250138][ T8934] XFS: ikeep mount option is deprecated.
[  197.255992][ T8934] XFS: noikeep mount option is deprecated.
[  197.283719][ T5359] usb 5-1: USB disconnect, device number 13
[  197.307720][ T8951] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1366'.
[  197.314919][ T8934] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  197.361837][ T5295] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  197.381799][ T5295] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  197.411422][ T5295] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  197.418463][ T8934] XFS (loop3): Ending clean mount
[  197.423242][ T5295] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  197.430003][ T8934] XFS (loop3): Quotacheck needed: Please wait.
[  197.441326][ T5295] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  197.456606][ T5295] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  197.484773][  T932] konepure 0003:1E7D:2DB4.0024: unknown main item tag 0x0
[  197.498586][ T8934] XFS (loop3): Quotacheck: Done.
[  197.512759][  T932] konepure 0003:1E7D:2DB4.0024: hidraw0: USB HID v0.00 Device [HID 1e7d:2db4] on usb-dummy_hcd.1-1/input0
[  197.540272][ T5295] usb 1-1: config 0 descriptor??
[  197.556250][ T8942] raw-gadget.3 gadget.0: fail, usb_ep_enable returned -22
[  197.607775][ T5524] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  197.686267][  T932] usb 2-1: USB disconnect, device number 15
[  197.699053][ T5294] gp8psk: usb out operation failed.
[  197.704751][ T5294] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  197.728269][ T5294] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19)
[  197.750816][ T5294] usb 3-1: USB disconnect, device number 10
[  197.976092][ T5295] plantronics 0003:047F:FFFF.0025: unknown main item tag 0x1
[  197.983760][ T5295] plantronics 0003:047F:FFFF.0025: unbalanced delimiter at end of report description
[  197.999777][ T5295] plantronics 0003:047F:FFFF.0025: parse failed
[  198.016660][ T5295] plantronics 0003:047F:FFFF.0025: probe with driver plantronics failed with error -22
[  198.207568][   T25] usb 1-1: USB disconnect, device number 14
[  199.187248][ T9001] loop0: detected capacity change from 0 to 256
[  199.225654][ T9001] MINIX-fs: mounting file system with errors, running fsck is recommended
[  199.271331][ T9002] loop2: detected capacity change from 0 to 512
[  199.337976][ T9002] EXT4-fs: Ignoring removed i_version option
[  199.368303][ T8999] loop4: detected capacity change from 0 to 4096
[  199.459624][ T8999] ntfs3(loop4): Different NTFS sector size (2048) and media sector size (512).
[  199.489158][ T9002] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  199.584540][ T9002] EXT4-fs (loop2): 1 truncate cleaned up
[  199.620690][ T9002] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  199.937579][ T9019] loop3: detected capacity change from 0 to 512
[  199.944736][ T9019] ext4: Bad value for 'min_batch_time'
[  199.985640][ T9021] loop0: detected capacity change from 0 to 512
[  199.992728][ T9021] EXT4-fs: Ignoring removed nomblk_io_submit option
[  199.999569][ T9021] EXT4-fs: Ignoring removed mblk_io_submit option
[  200.225419][ T5239] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.238822][ T9021] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[  200.247041][ T9021] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2
[  200.261470][ T9021] EXT4-fs (loop0): 1 truncate cleaned up
[  200.268080][ T9021] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  200.281922][ T9026] program syz.5.1399 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  200.492324][ T9021] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[  200.648821][ T5242] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.541864][ T9073] loop0: detected capacity change from 0 to 2048
[  201.619855][  T932] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  201.662282][ T9080] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  201.823827][  T932] usb 5-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  201.850110][  T932] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  201.883571][  T932] usb 5-1: Product: syz
[  201.887765][  T932] usb 5-1: Manufacturer: syz
[  201.919206][  T932] usb 5-1: SerialNumber: syz
[  201.977457][  T932] usb 5-1: config 0 descriptor??
[  202.222992][  T932] usb 5-1: USB disconnect, device number 14
[  202.299045][ T9096] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1431'.
[  202.339757][ T5294] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  202.342069][ T9052] loop1: detected capacity change from 0 to 32768
[  202.427748][ T9052] XFS (loop1): Mounting V5 Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6
[  202.518967][ T5294] usb 1-1: Using ep0 maxpacket: 16
[  202.526122][ T5294] usb 1-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  202.548059][ T5294] usb 1-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0
[  202.568133][ T5294] usb 1-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  202.586936][ T5294] usb 1-1: config 0 interface 0 has no altsetting 0
[  202.598996][ T5294] usb 1-1: New USB device found, idVendor=045e, idProduct=05da, bcdDevice= 0.00
[  202.618659][ T5294] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  202.638483][ T5294] usb 1-1: config 0 descriptor??
[  202.739229][ T9052] XFS (loop1): Ending clean mount
[  202.757069][ T9083] loop5: detected capacity change from 0 to 32768
[  202.795291][ T9083] XFS: ikeep mount option is deprecated.
[  202.941157][ T9083] XFS (loop5): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  202.947988][ T5235] XFS (loop1): Unmounting Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6
[  203.082055][ T5294] hid (null): no more usage index available
[  203.118594][ T5294] hid-generic 0003:045E:05DA.0026: ignoring exceeding usage max
[  203.175539][ T9083] XFS (loop5): Ending clean mount
[  203.192891][ T5294] hid-generic 0003:045E:05DA.0026: ignoring exceeding usage max
[  203.232172][ T5294] hid-generic 0003:045E:05DA.0026: no more usage index available
[  203.246880][ T9083] XFS (loop5): Quotacheck needed: Please wait.
[  203.259788][ T5294] hid-generic 0003:045E:05DA.0026: item 0 4 2 2 parsing failed
[  203.279686][ T5294] hid-generic 0003:045E:05DA.0026: probe with driver hid-generic failed with error -22
[  203.323724][ T5294] usb 1-1: USB disconnect, device number 15
[  203.368254][ T9094] loop3: detected capacity change from 0 to 32768
[  203.371571][ T9083] XFS (loop5): Quotacheck: Done.
[  203.584333][ T5244] XFS (loop5): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  204.082770][ T9120] loop2: detected capacity change from 0 to 32768
[  204.087020][ T9120] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1436 (9120)
[  204.090935][ T9120] BTRFS info (device loop2): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  204.090995][ T9120] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  204.091046][ T9120] BTRFS info (device loop2): using free-space-tree
[  204.596224][ T9173] futex_wake_op: syz.1.1449 tries to shift op by 32; fix this program
[  204.645938][ T5239] BTRFS info (device loop2): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  205.404635][ T9191] loop0: detected capacity change from 0 to 32768
[  205.425559][ T9191] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1456 (9191)
[  205.453183][ T9191] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  205.453272][ T9191] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  205.453323][ T9191] BTRFS info (device loop0): using free-space-tree
[  206.057470][ T9191] BTRFS error (device loop0): unable to set label with more than 255 bytes
[  206.204007][ T9229] loop5: detected capacity change from 0 to 128
[  206.260309][ T9229] EXT4-fs: Ignoring removed nobh option
[  206.266754][ T5242] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  206.326220][ T9229] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  206.388030][ T9229] ext4 filesystem being mounted at /246/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  206.404818][ T9237] loop2: detected capacity change from 0 to 256
[  206.622395][ T5244] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  206.837923][ T9211] loop4: detected capacity change from 0 to 32768
[  207.225440][ T9211] ERROR: (device loop4): diWrite: ixpxd invalid
[  207.225440][ T9211] 
[  207.330986][ T9211] ERROR: (device loop4): remounting filesystem as read-only
[  207.338393][ T9211] ERROR: (device loop4): txCommit: 
[  207.338393][ T9211] 
[  208.423663][ T9268] loop0: detected capacity change from 0 to 512
[  208.684592][ T9268] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  208.791651][ T9268] ext4 filesystem being mounted at /243/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  208.963940][   T29] audit: type=1326 audit(1729117885.618:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9265 comm="syz.0.1484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46f777dff9 code=0x7ffc0000
[  208.986149][    C1] vkms_vblank_simulate: vblank timer overrun
[  209.008703][ T9251] loop2: detected capacity change from 0 to 32768
[  209.191317][ T9251] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  209.220333][   T29] audit: type=1326 audit(1729117885.618:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9265 comm="syz.0.1484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46f777dff9 code=0x7ffc0000
[  209.353917][ T5242] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  209.438172][   T29] audit: type=1326 audit(1729117885.648:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9265 comm="syz.0.1484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=260 compat=0 ip=0x7f46f777dff9 code=0x7ffc0000
[  209.460939][   T25] usb 2-1: new full-speed USB device number 16 using dummy_hcd
[  209.491517][ T9245] loop3: detected capacity change from 0 to 32768
[  209.528577][ T4618] Bluetooth: hci0: unexpected event for opcode 0x0401
[  209.650819][   T29] audit: type=1326 audit(1729117885.648:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9265 comm="syz.0.1484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46f777dff9 code=0x7ffc0000
[  209.685016][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  209.768984][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  209.791948][ T9245] workqueue: Failed to create a rescuer kthread for wq "xfs-inodegc/loop3": -EINTR
[  209.855766][   T25] usb 2-1: New USB device found, idVendor=056e, idProduct=00fe, bcdDevice= 0.00
[  209.880464][   T29] audit: type=1326 audit(1729117885.738:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9265 comm="syz.0.1484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46f777dff9 code=0x7ffc0000
[  209.902684][    C1] vkms_vblank_simulate: vblank timer overrun
[  209.966988][ T9251] XFS (loop2): Ending clean mount
[  210.081557][   T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  210.189256][   T25] usb 2-1: config 0 descriptor??
[  210.219036][   T29] audit: type=1326 audit(1729117886.668:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9299 comm="syz.0.1489" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f46f777dff9 code=0x0
[  210.304921][ T5239] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  210.814045][   T25] elecom 0003:056E:00FE.0027: unknown main item tag 0x0
[  210.918970][   T25] elecom 0003:056E:00FE.0027: unknown main item tag 0x6
[  210.989120][   T25] elecom 0003:056E:00FE.0027: unknown main item tag 0x5
[  210.996127][   T25] elecom 0003:056E:00FE.0027: unknown main item tag 0x4
[  211.139025][   T25] elecom 0003:056E:00FE.0027: unknown main item tag 0x0
[  211.199135][   T25] elecom 0003:056E:00FE.0027: unknown main item tag 0x0
[  211.243769][ T9312] loop0: detected capacity change from 0 to 1024
[  211.279827][   T25] elecom 0003:056E:00FE.0027: unknown main item tag 0x0
[  211.338469][   T25] elecom 0003:056E:00FE.0027: unknown main item tag 0x0
[  211.345995][ T9312] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  211.393242][   T25] elecom 0003:056E:00FE.0027: unknown main item tag 0x0
[  211.443159][ T9312] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  211.487465][   T25] elecom 0003:056E:00FE.0027: unknown main item tag 0x0
[  211.541709][   T25] elecom 0003:056E:00FE.0027: unknown global tag 0xd
[  211.593948][   T25] elecom 0003:056E:00FE.0027: item 0 4 1 13 parsing failed
[  211.601983][   T47] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  211.669612][   T25] elecom 0003:056E:00FE.0027: probe with driver elecom failed with error -22
[  211.680104][ T9312] EXT4-fs error (device loop0): ext4_expand_extra_isize_ea:2793: inode #2: comm syz.0.1497: corrupted in-inode xattr: bad e_name length
[  211.702036][ T9320] loop5: detected capacity change from 0 to 8
[  211.769432][   T25] usb 2-1: USB disconnect, device number 16
[  211.791062][ T9323] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #2: comm syz.0.1497: corrupted in-inode xattr: bad e_name length
[  211.816175][ T9320] unable to read xattr id index table
[  211.829402][   T47] usb 5-1: New USB device found, idVendor=044e, idProduct=120b, bcdDevice= 0.00
[  211.840772][ T5359] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  211.892649][   T47] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  211.970080][   T47] usb 5-1: config 0 descriptor??
[  212.084336][ T5359] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 8
[  212.147843][ T5359] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 895
[  212.235612][ T5242] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  212.271598][ T5359] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  212.423497][ T5359] usb 4-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice= 0.00
[  212.477750][   T47] hid-alps 0003:044E:120B.0028: unknown main item tag 0x0
[  212.497295][ T5359] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  212.565847][   T47] hid-alps 0003:044E:120B.0028: hidraw0: USB HID v0.00 Device [HID 044e:120b] on usb-dummy_hcd.4-1/input0
[  212.584568][ T5359] usb 4-1: SerialNumber: syz
[  212.626617][ T5359] usb 4-1: config 0 descriptor??
[  212.669531][ T9318] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  212.714892][   T47] usb 5-1: USB disconnect, device number 15
[  212.746126][ T5359] port100 4-1:0.0: NFC: Could not find bulk-in or bulk-out endpoint
[  213.024107][ T5359] usb 4-1: USB disconnect, device number 16
[  213.049219][   T25] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  213.294372][   T25] usb 2-1: config 0 has an invalid interface number: 27 but max is 0
[  213.338930][   T25] usb 2-1: config 0 has no interface number 0
[  213.375733][   T25] usb 2-1: config 0 interface 27 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  213.462331][   T25] usb 2-1: config 0 interface 27 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  213.473656][ T9339] netlink: 'syz.0.1508': attribute type 2 has an invalid length.
[  213.543403][   T25] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  213.602886][ T4618] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  213.613898][ T4618] Bluetooth: hci0: Injecting HCI hardware error event
[  213.624522][ T5251] Bluetooth: hci0: hardware error 0x00
[  213.635005][   T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  213.710721][   T25] usb 2-1: config 0 descriptor??
[  214.263226][   T25] uclogic 0003:256C:006D.0029: interface is invalid, ignoring
[  214.494022][   T47] usb 2-1: USB disconnect, device number 17
[  214.854649][   T25] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  215.062496][   T25] usb 1-1: Using ep0 maxpacket: 8
[  215.119505][   T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  215.169014][   T25] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 8
[  215.278539][   T25] usb 1-1: New USB device found, idVendor=056e, idProduct=00fe, bcdDevice= 0.00
[  215.344857][ T9335] loop5: detected capacity change from 0 to 32768
[  215.351763][ T5432] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  215.372398][   T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  215.437444][   T25] usb 1-1: config 0 descriptor??
[  215.468687][ T9335] ocfs2: Slot 0 on device (7,5) was already allocated to this node!
[  215.517068][ T9359] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1517'.
[  215.547010][ T9335] JBD2: Ignoring recovery information on journal
[  215.563950][ T5432] usb 5-1: Using ep0 maxpacket: 16
[  215.629082][ T5432] usb 5-1: unable to get BOS descriptor or descriptor too short
[  215.648951][ T9359] openvswitch: netlink: Multiple metadata blocks provided
[  215.679385][ T5251] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  215.696170][ T5432] usb 5-1: config 0 has an invalid interface number: 193 but max is 0
[  215.774725][ T9333] loop2: detected capacity change from 0 to 40427
[  215.781657][ T5432] usb 5-1: config 0 has no interface number 0
[  215.821404][ T9335] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  215.835979][ T5432] usb 5-1: config 0 interface 193 altsetting 4 endpoint 0xC has invalid maxpacket 1023, setting to 64
[  215.918917][ T5432] usb 5-1: config 0 interface 193 has no altsetting 0
[  215.982847][   T25] elecom 0003:056E:00FE.002A: item fetching failed at offset 6/70
[  216.042671][ T5432] usb 5-1: New USB device found, idVendor=0499, idProduct=1034, bcdDevice=50.3a
[  216.057083][   T25] elecom 0003:056E:00FE.002A: probe with driver elecom failed with error -22
[  216.111258][ T5432] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  216.190204][ T5432] usb 5-1: Product: syz
[  216.235310][ T5432] usb 5-1: Manufacturer: syz
[  216.251646][   T25] usb 1-1: USB disconnect, device number 16
[  216.291904][ T5432] usb 5-1: SerialNumber: syz
[  216.322012][ T5244] ocfs2: Unmounting device (7,5) on (node local)
[  216.354640][ T5432] usb 5-1: config 0 descriptor??
[  216.724367][ T5432] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  216.832540][ T5432] snd-usb-audio 5-1:0.193: probe with driver snd-usb-audio failed with error -2
[  216.973911][ T5432] usb 5-1: USB disconnect, device number 16
[  217.008103][ T9068] udevd[9068]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.193/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  217.147059][ T9351] loop3: detected capacity change from 0 to 32768
[  217.256608][ T9351] JBD2: Ignoring recovery information on journal
[  217.271943][ T9367] loop0: detected capacity change from 0 to 64
[  217.369601][ T9367] hfs: unable to locate alternate MDB
[  217.457402][ T9367] hfs: continuing without an alternate MDB
[  217.468018][ T9369] lo speed is unknown, defaulting to 1000
[  217.546309][ T9351] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  217.573171][   T29] audit: type=1800 audit(1729117894.228:54): pid=9367 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1522" name="file1" dev="loop0" ino=18 res=0 errno=0
[  217.595130][ T9369] lo speed is unknown, defaulting to 1000
[  217.706121][ T9369] lo speed is unknown, defaulting to 1000
[  217.830284][ T9369] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  217.963985][ T5524] ocfs2: Unmounting device (7,3) on (node local)
[  217.991113][ T9369] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  218.256858][ T9381] fuse: Unexpected value for 'default_permissions'
[  218.341630][ T9383] loop0: detected capacity change from 0 to 128
[  218.383409][ T9369] lo speed is unknown, defaulting to 1000
[  218.461453][ T9369] lo speed is unknown, defaulting to 1000
[  218.547364][ T9369] lo speed is unknown, defaulting to 1000
[  218.565350][ T9383] VFS: Found a Xenix FS (block size = 512) on device loop0
[  218.606277][ T9369] lo speed is unknown, defaulting to 1000
[  218.686886][ T9369] lo speed is unknown, defaulting to 1000
[  218.764605][ T9369] lo speed is unknown, defaulting to 1000
[  218.941994][ T5242] sysv_free_block: trying to free block not in datazone
[  218.987818][ T5242] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  219.243588][ T9397] loop1: detected capacity change from 0 to 256
[  219.453106][ T9397] FAT-fs (loop1): Directory bread(block 64) failed
[  219.519767][ T9397] FAT-fs (loop1): Directory bread(block 65) failed
[  219.599164][ T9397] FAT-fs (loop1): Directory bread(block 66) failed
[  219.605777][ T9397] FAT-fs (loop1): Directory bread(block 67) failed
[  219.694773][ T9397] FAT-fs (loop1): Directory bread(block 68) failed
[  219.757756][ T5432] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  219.766072][ T9397] FAT-fs (loop1): Directory bread(block 69) failed
[  219.803781][ T9397] FAT-fs (loop1): Directory bread(block 70) failed
[  219.863513][ T9397] FAT-fs (loop1): Directory bread(block 71) failed
[  219.927047][ T9397] FAT-fs (loop1): Directory bread(block 72) failed
[  219.970391][ T5432] usb 1-1: Using ep0 maxpacket: 16
[  219.989064][ T9397] FAT-fs (loop1): Directory bread(block 73) failed
[  220.040242][ T5432] usb 1-1: config 0 has an invalid interface number: 153 but max is 0
[  220.048591][ T5432] usb 1-1: config 0 has no interface number 0
[  220.168871][    C0] sched: DL replenish lagged too much
[  220.173419][ T5432] usb 1-1: New USB device found, idVendor=1199, idProduct=0025, bcdDevice=1e.64
[  220.223995][ T5432] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  220.295678][ T5432] usb 1-1: Product: syz
[  220.329833][ T5432] usb 1-1: Manufacturer: syz
[  220.386431][ T5432] usb 1-1: SerialNumber: syz
[  220.449861][ T5432] usb 1-1: config 0 descriptor??
[  220.522467][ T5432] sierra 1-1:0.153: Sierra USB modem converter detected
[  220.750343][ T5432] usb 1-1: USB disconnect, device number 17
[  220.786466][ T9421] loop4: detected capacity change from 0 to 256
[  220.826600][ T5432] sierra 1-1:0.153: device disconnected
[  221.049802][ T9421] FAT-fs (loop4): Directory bread(block 64) failed
[  221.089112][ T5359] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  221.110839][ T9421] FAT-fs (loop4): Directory bread(block 65) failed
[  221.117503][ T9421] FAT-fs (loop4): Directory bread(block 66) failed
[  221.196768][ T9421] FAT-fs (loop4): Directory bread(block 67) failed
[  221.240373][ T9421] FAT-fs (loop4): Directory bread(block 68) failed
[  221.292253][ T9421] FAT-fs (loop4): Directory bread(block 69) failed
[  221.299291][ T5359] usb 3-1: Using ep0 maxpacket: 32
[  221.363142][ T5359] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  221.414541][ T9421] FAT-fs (loop4): Directory bread(block 70) failed
[  221.506957][ T5359] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  221.517215][ T9421] FAT-fs (loop4): Directory bread(block 71) failed
[  221.573056][ T9421] FAT-fs (loop4): Directory bread(block 72) failed
[  221.619950][ T5359] usb 3-1: New USB device found, idVendor=0079, idProduct=1801, bcdDevice= 0.00
[  221.669810][ T9421] FAT-fs (loop4): Directory bread(block 73) failed
[  221.739027][ T5359] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  221.826803][ T5359] usb 3-1: config 0 descriptor??
[  221.907569][ T9435] loop3: detected capacity change from 0 to 1024
[  221.987038][ T9435] EXT4-fs: Ignoring removed nobh option
[  222.054125][ T9435] EXT4-fs: Ignoring removed oldalloc option
[  222.124754][ T9440] loop5: detected capacity change from 0 to 128
[  222.149134][ T9435] EXT4-fs: Mount option(s) incompatible with ext2
[  222.222318][ T9440] VFS: Found a Xenix FS (block size = 512) on device loop5
[  222.326323][ T5359] hid_mf 0003:0079:1801.002B: unknown main item tag 0x0
[  222.369429][ T9435] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1553'.
[  222.422364][ T5359] hid_mf 0003:0079:1801.002B: hidraw0: USB HID v0.00 Device [HID 0079:1801] on usb-dummy_hcd.2-1/input0
[  222.452509][ T9435] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1553'.
[  222.509351][ T5359] hid_mf 0003:0079:1801.002B: Force feedback for HJZ Mayflash game controller adapters by Marcel Hasler <mahasler@gmail.com>
[  222.544780][ T5244] sysv_free_block: trying to free block not in datazone
[  222.607221][ T5244] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  222.632737][ T9447] loop4: detected capacity change from 0 to 256
[  222.669288][ T5359] usb 3-1: USB disconnect, device number 11
[  222.749300][ T9447] exfat: Deprecated parameter 'utf8'
[  222.832542][ T9447] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d)
[  223.032898][ T9450] loop5: detected capacity change from 0 to 256
[  223.128408][ T9453] loop1: detected capacity change from 0 to 1024
[  223.145303][ T9450] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  223.333100][   T29] audit: type=1800 audit(1729117899.978:55): pid=9450 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1560" name="file1" dev="loop5" ino=1048794 res=0 errno=0
[  223.505971][ T1046] hfsplus: b-tree write err: -5, ino 4
[  223.532114][   T29] audit: type=1326 audit(1729117900.188:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9457 comm="syz.4.1564" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f38f5b7dff9 code=0x0
[  224.698350][ T9480] loop5: detected capacity change from 0 to 64
[  225.139374][ T9484] CUSE: unknown device info ""
[  225.165359][ T9484] CUSE: unknown device info "appraise_type"
[  225.216875][ T9484] CUSE: DEVNAME unspecified
[  225.932466][ T9500] loop3: detected capacity change from 0 to 64
[  226.074110][ T9468] loop2: detected capacity change from 0 to 32768
[  226.132334][ T9468] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1568 (9468)
[  226.264523][ T9468] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  226.341462][ T9468] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm
[  226.403650][ T9468] BTRFS info (device loop2): using free-space-tree
[  226.836823][ T5239] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  229.159173][ T5359] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  229.245355][ T9540] loop5: detected capacity change from 0 to 40427
[  229.270844][ T9540] F2FS-fs (loop5): heap/no_heap options were deprecated
[  229.301100][ T9540] F2FS-fs (loop5): invalid crc value
[  229.327141][ T9540] F2FS-fs (loop5): Found nat_bits in checkpoint
[  229.333806][ T5359] usb 3-1: Using ep0 maxpacket: 16
[  229.350461][ T5359] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  229.396110][ T5359] usb 3-1: New USB device found, idVendor=17ef, idProduct=60a3, bcdDevice= 0.00
[  229.429015][ T5359] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  229.465069][ T5359] usb 3-1: config 0 descriptor??
[  229.552423][ T9540] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  229.681477][ T5244] syz-executor: attempt to access beyond end of device
[  229.681477][ T5244] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  229.724895][ T5244] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  229.944900][ T5359] lenovo 0003:17EF:60A3.002C: hidraw0: USB HID v0.00 Device [HID 17ef:60a3] on usb-dummy_hcd.2-1/input0
[  230.149255][ T5359] usb 3-1: USB disconnect, device number 12
[  231.884273][ T9569] loop2: detected capacity change from 0 to 32768
[  233.047817][ T4618] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  233.064500][ T4618] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  233.072574][ T4618] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  233.085716][ T4618] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  233.093958][ T4618] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  233.101910][ T4618] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  235.199156][ T5251] Bluetooth: hci6: command tx timeout
[  236.023442][ T4618] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  236.036760][ T4618] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  236.047703][ T4618] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  236.055861][ T4618] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  236.074607][ T4618] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  236.082104][ T4618] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  237.069452][ T5251] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  237.084642][ T5251] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  237.095034][ T5251] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  237.106344][ T5251] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  237.119758][ T5251] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[  237.127345][ T5251] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  237.280473][ T4618] Bluetooth: hci6: command tx timeout
[  238.159275][ T4618] Bluetooth: hci7: command tx timeout
[  239.206683][ T4618] Bluetooth: hci8: command tx timeout
[  239.359247][ T4618] Bluetooth: hci6: command tx timeout
[  239.815986][ T5251] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  239.837639][ T5251] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  239.848102][ T5251] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  239.857393][ T5251] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  239.865281][ T5251] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3
[  239.873181][ T5251] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  240.239147][ T5251] Bluetooth: hci7: command tx timeout
[  241.279341][ T5251] Bluetooth: hci8: command tx timeout
[  241.439085][ T5251] Bluetooth: hci6: command tx timeout
[  241.919169][ T5251] Bluetooth: hci9: command tx timeout
[  242.319032][ T5251] Bluetooth: hci7: command tx timeout
[  243.359252][ T5251] Bluetooth: hci8: command tx timeout
[  243.998979][ T5251] Bluetooth: hci9: command tx timeout
[  244.399149][ T5251] Bluetooth: hci7: command tx timeout
[  245.439344][ T5251] Bluetooth: hci8: command tx timeout
[  246.099251][ T4618] Bluetooth: hci9: command tx timeout
[  246.108517][ T5240] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  246.125141][ T5240] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  246.134837][ T5240] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  246.147044][ T5240] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  246.171773][ T5240] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3
[  246.179568][ T5240] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  248.159100][ T5251] Bluetooth: hci9: command tx timeout
[  248.239138][ T5251] Bluetooth: hci10: command tx timeout
[  250.095580][ T5240] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[  250.111956][ T5240] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[  250.120348][ T5240] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[  250.131158][ T5240] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[  250.146206][ T5240] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3
[  250.154089][ T5240] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[  250.319146][ T5240] Bluetooth: hci10: command tx timeout
[  252.242623][ T5240] Bluetooth: hci11: command tx timeout
[  252.399101][ T5240] Bluetooth: hci10: command tx timeout
[  254.319020][ T5240] Bluetooth: hci11: command tx timeout
[  254.479084][ T5240] Bluetooth: hci10: command tx timeout
[  255.123962][ T1262] ieee802154 phy0 wpan0: encryption failed: -22
[  255.137025][ T1262] ieee802154 phy1 wpan1: encryption failed: -22
[  256.399251][ T5251] Bluetooth: hci11: command tx timeout
[  258.481925][ T5240] Bluetooth: hci11: command tx timeout
[  295.019309][ T5251] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[  295.028644][ T5251] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[  295.037125][ T5251] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[  295.047208][ T5251] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[  295.055314][ T5251] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3
[  295.069086][ T5251] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[  296.117915][ T5240] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[  296.127872][ T5240] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9
[  296.137923][ T5240] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9
[  296.145943][ T5240] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4
[  296.154009][ T5240] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3
[  296.161789][ T5240] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2
[  297.119078][ T5240] Bluetooth: hci12: command tx timeout
[  297.627433][ T5251] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1
[  297.636609][ T5251] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9
[  297.645313][ T5251] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9
[  297.653626][ T5251] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4
[  297.665762][ T5251] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3
[  297.673881][ T5251] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2
[  298.239066][ T5251] Bluetooth: hci13: command tx timeout
[  299.199212][ T5251] Bluetooth: hci12: command tx timeout
[  299.759813][ T5251] Bluetooth: hci14: command tx timeout
[  300.149736][ T5240] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1
[  300.168335][ T5240] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9
[  300.177456][ T5240] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9
[  300.188165][ T5240] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4
[  300.196493][ T5240] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3
[  300.207527][ T5240] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2
[  300.319002][ T5240] Bluetooth: hci13: command tx timeout
[  301.279085][ T5240] Bluetooth: hci12: command tx timeout
[  301.839251][ T5240] Bluetooth: hci14: command tx timeout
[  302.239105][ T5251] Bluetooth: hci15: command tx timeout
[  302.399036][ T5251] Bluetooth: hci13: command tx timeout
[  303.359060][ T5251] Bluetooth: hci12: command tx timeout
[  303.919025][ T5251] Bluetooth: hci14: command tx timeout
[  304.319088][ T5251] Bluetooth: hci15: command tx timeout
[  304.478974][ T5251] Bluetooth: hci13: command tx timeout
[  305.998992][ T5251] Bluetooth: hci14: command tx timeout
[  306.406723][ T5251] Bluetooth: hci15: command tx timeout
[  306.669674][ T5240] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1
[  306.679237][ T5240] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9
[  306.689533][ T5240] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9
[  306.697568][ T5240] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4
[  306.705520][ T5240] Bluetooth: hci16: unexpected cc 0x0c25 length: 249 > 3
[  306.715174][ T5240] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2
[  308.479663][ T5251] Bluetooth: hci15: command tx timeout
[  308.799204][ T5251] Bluetooth: hci16: command tx timeout
[  310.619862][ T5240] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1
[  310.645804][ T5240] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9
[  310.653724][ T5240] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9
[  310.663319][ T5240] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4
[  310.671739][ T5240] Bluetooth: hci17: unexpected cc 0x0c25 length: 249 > 3
[  310.679968][ T5240] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2
[  310.879133][ T5251] Bluetooth: hci16: command tx timeout
[  312.720145][ T5251] Bluetooth: hci17: command tx timeout
[  312.959187][ T5251] Bluetooth: hci16: command tx timeout
[  314.799074][ T5251] Bluetooth: hci17: command tx timeout
[  315.039125][ T5251] Bluetooth: hci16: command tx timeout
[  316.566258][ T1262] ieee802154 phy0 wpan0: encryption failed: -22
[  316.572778][ T1262] ieee802154 phy1 wpan1: encryption failed: -22
[  316.879049][ T5251] Bluetooth: hci17: command tx timeout
[  318.959030][ T5251] Bluetooth: hci17: command tx timeout
[  355.705200][ T5240] Bluetooth: hci18: unexpected cc 0x0c03 length: 249 > 1
[  355.719124][ T5240] Bluetooth: hci18: unexpected cc 0x1003 length: 249 > 9
[  355.726871][ T5240] Bluetooth: hci18: unexpected cc 0x1001 length: 249 > 9
[  355.735131][ T5240] Bluetooth: hci18: unexpected cc 0x0c23 length: 249 > 4
[  355.742961][ T5240] Bluetooth: hci18: unexpected cc 0x0c25 length: 249 > 3
[  355.751126][ T5240] Bluetooth: hci18: unexpected cc 0x0c38 length: 249 > 2
[  356.209910][ T5240] Bluetooth: hci19: unexpected cc 0x0c03 length: 249 > 1
[  356.221245][ T5240] Bluetooth: hci19: unexpected cc 0x1003 length: 249 > 9
[  356.229394][ T5240] Bluetooth: hci19: unexpected cc 0x1001 length: 249 > 9
[  356.240395][ T5240] Bluetooth: hci19: unexpected cc 0x0c23 length: 249 > 4
[  356.248056][ T5240] Bluetooth: hci19: unexpected cc 0x0c25 length: 249 > 3
[  356.256906][ T5240] Bluetooth: hci19: unexpected cc 0x0c38 length: 249 > 2
[  357.756726][ T5248] Bluetooth: hci20: unexpected cc 0x0c03 length: 249 > 1
[  357.766922][ T5248] Bluetooth: hci20: unexpected cc 0x1003 length: 249 > 9
[  357.775560][ T5248] Bluetooth: hci20: unexpected cc 0x1001 length: 249 > 9
[  357.784633][ T5248] Bluetooth: hci20: unexpected cc 0x0c23 length: 249 > 4
[  357.792724][ T5248] Bluetooth: hci20: unexpected cc 0x0c25 length: 249 > 3
[  357.808698][ T5248] Bluetooth: hci20: unexpected cc 0x0c38 length: 249 > 2
[  357.839117][ T5248] Bluetooth: hci18: command tx timeout
[  358.318976][ T5248] Bluetooth: hci19: command tx timeout
[  359.615257][ T5248] Bluetooth: hci6: command 0x0406 tx timeout
[  359.621398][ T5253] Bluetooth: hci7: command 0x0406 tx timeout
[  359.627424][ T5253] Bluetooth: hci8: command 0x0406 tx timeout
[  359.842471][ T4618] Bluetooth: hci20: command tx timeout
[  359.918964][ T4618] Bluetooth: hci18: command tx timeout
[  360.406253][ T4618] Bluetooth: hci19: command tx timeout
[  360.725684][ T5251] Bluetooth: hci21: unexpected cc 0x0c03 length: 249 > 1
[  360.743348][ T5251] Bluetooth: hci21: unexpected cc 0x1003 length: 249 > 9
[  360.753247][ T5251] Bluetooth: hci21: unexpected cc 0x1001 length: 249 > 9
[  360.761626][ T5251] Bluetooth: hci21: unexpected cc 0x0c23 length: 249 > 4
[  360.778463][ T5251] Bluetooth: hci21: unexpected cc 0x0c25 length: 249 > 3
[  360.786514][ T5251] Bluetooth: hci21: unexpected cc 0x0c38 length: 249 > 2
[  361.919124][ T5251] Bluetooth: hci20: command tx timeout
[  361.998965][ T5251] Bluetooth: hci18: command tx timeout
[  362.480075][ T5251] Bluetooth: hci19: command tx timeout
[  362.879068][ T5251] Bluetooth: hci21: command tx timeout
[  364.005723][ T5251] Bluetooth: hci20: command tx timeout
[  364.078992][ T5251] Bluetooth: hci18: command tx timeout
[  364.558996][ T5251] Bluetooth: hci19: command tx timeout
[  364.726236][ T5251] Bluetooth: hci9: command 0x0406 tx timeout
[  364.959135][ T4618] Bluetooth: hci21: command tx timeout
[  366.079227][ T4618] Bluetooth: hci20: command tx timeout
[  366.489503][   T30] INFO: task syz.0.1557:9442 blocked for more than 143 seconds.
[  366.497195][   T30]       Not tainted 6.12.0-rc3-syzkaller-00087-gc964ced77262 #0
[  366.527475][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  366.559076][   T30] task:syz.0.1557      state:D stack:23808 pid:9442  tgid:9442  ppid:5242   flags:0x00004004
[  366.597267][   T30] Call Trace:
[  366.608877][   T30]  <TASK>
[  366.611839][   T30]  __schedule+0x1895/0x4b30
[  366.616415][   T30]  ? __pfx___schedule+0x10/0x10
[  366.708175][   T30]  ? __pfx_lock_release+0x10/0x10
[  366.758896][   T30]  ? schedule+0x90/0x320
[  366.763206][   T30]  schedule+0x14b/0x320
[  366.767405][   T30]  schedule_timeout+0xb0/0x310
[  366.825805][   T30]  ? __pfx_schedule_timeout+0x10/0x10
[  366.845626][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  366.859018][   T30]  ? wait_for_completion+0x2fe/0x620
[  366.864345][   T30]  ? wait_for_completion+0x2fe/0x620
[  366.898837][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  366.904098][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  366.938851][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  366.944101][   T30]  ? wait_for_completion+0x2fe/0x620
[  366.967660][   T30]  wait_for_completion+0x355/0x620
[  366.978987][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  366.985602][   T30]  ? __pfx_wait_for_completion+0x10/0x10
[  367.021125][   T30]  ? __flush_work+0xe7/0xc50
[  367.025771][   T30]  __flush_work+0xa37/0xc50
[  367.041111][ T4618] Bluetooth: hci21: command tx timeout
[  367.055943][   T30]  ? __flush_work+0xe7/0xc50
[  367.060881][   T30]  ? __pfx___flush_work+0x10/0x10
[  367.065938][   T30]  ? __pfx_wq_barrier_func+0x10/0x10
[  367.078320][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  367.086460][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[  367.098572][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  367.105468][   T30]  unregister_netdevice_many_notify+0x87b/0x1da0
[  367.121369][   T30]  ? __mutex_trylock_common+0x183/0x2e0
[  367.126960][   T30]  ? __pfx___might_resched+0x10/0x10
[  367.139146][   T30]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  367.145957][   T30]  ? __pfx___mutex_trylock_common+0x10/0x10
[  367.158868][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  367.164542][   T30]  ? rcu_is_watching+0x15/0xb0
[  367.176945][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  367.182907][   T30]  ? trace_contention_end+0x3c/0x120
[  367.196717][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  367.202659][   T30]  ? __mutex_lock+0x2ef/0xd70
[  367.207380][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  367.220722][   T30]  ? __asan_memset+0x23/0x50
[  367.225370][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  367.238535][   T30]  unregister_netdevice_queue+0x303/0x370
[  367.244562][   T30]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  367.257784][   T30]  ppp_release+0xed/0x1f0
[  367.262414][   T30]  ? __pfx_ppp_release+0x10/0x10
[  367.267475][   T30]  __fput+0x241/0x880
[  367.278632][   T30]  task_work_run+0x251/0x310
[  367.286986][   T30]  ? __pfx_task_work_run+0x10/0x10
[  367.298841][   T30]  ? syscall_exit_to_user_mode+0xa3/0x370
[  367.304602][   T30]  syscall_exit_to_user_mode+0x168/0x370
[  367.316957][   T30]  do_syscall_64+0x100/0x230
[  367.322666][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.328611][   T30] RIP: 0033:0x7f46f777dff9
[  367.341273][   T30] RSP: 002b:00007ffd9c1b6f58 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  367.356958][   T30] RAX: 0000000000000000 RBX: 0000000000036488 RCX: 00007f46f777dff9
[  367.368994][   T30] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  367.376996][   T30] RBP: 00007f46f7937a80 R08: 0000000000000001 R09: 00007ffd9c1b724f
[  367.393536][   T30] R10: 00007f46f7600000 R11: 0000000000000246 R12: 0000000000036532
[  367.406615][   T30] R13: 00007ffd9c1b7060 R14: 0000000000000032 R15: ffffffffffffffff
[  367.418268][   T30]  </TASK>
[  367.426002][   T30] 
[  367.426002][   T30] Showing all locks held in the system:
[  367.437835][   T30] 1 lock held by khungtaskd/30:
[  367.447589][   T30]  #0: ffffffff8e937de0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  367.465977][   T30] 3 locks held by kworker/u8:3/53:
[  367.471453][   T30]  #0: ffff88814ba99948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  367.488833][   T30]  #1: ffffc90000bd7d00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  367.510289][   T30]  #2: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30
[  367.526992][   T30] 2 locks held by getty/4995:
[  367.534205][   T30]  #0: ffff88802e6190a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  367.551216][   T30]  #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00
[  367.566788][   T30] 5 locks held by kworker/0:7/5298:
[  367.578309][   T30] 3 locks held by kworker/1:7/5359:
[  367.598945][   T30]  #0: ffff88801ac78948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  367.618940][   T30]  #1: ffffc90004837d00 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  367.639495][   T30]  #2: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20
[  367.656966][   T30] 2 locks held by syz.0.1557/9442:
[  367.662362][   T30]  #0: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: ppp_release+0x87/0x1f0
[  367.678297][   T30]  #1: ffffffff8e7d1dd0 (cpu_hotplug_lock){++++}-{0:0}, at: unregister_netdevice_many_notify+0x5ea/0x1da0
[  367.699820][   T30] 2 locks held by syz.4.1581/9495:
[  367.704954][   T30]  #0: ffffffff8fd38970 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40
[  367.721352][   T30]  #1: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: ethnl_default_set_doit+0x394/0x910
[  367.736121][   T30] 2 locks held by syz.3.1587/9505:
[  367.745295][   T30]  #0: ffffffff8fd38970 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40
[  367.758348][   T30]  #1: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: ethnl_default_set_doit+0x394/0x910
[  367.788543][   T30] 1 lock held by syz.1.1600/9553:
[  367.807345][   T30]  #0: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: ip6_mroute_setsockopt+0xc5a/0x1340
[  367.832046][   T30] 1 lock held by syz-executor/9574:
[  367.837268][   T30]  #0: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  367.856640][   T30] 3 locks held by syz.2.1610/9580:
[  367.862310][   T30]  #0: ffff8880597901c0 (&tty->legacy_mutex){+.+.}-{3:3}, at: tty_set_ldisc+0x52/0x560
[  367.878890][   T30]  #1: ffff8880597900a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_lock+0x6c/0xc0
[  367.888381][   T30]  #2: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: slip_open+0xda/0xe80
[  367.907399][   T30] 1 lock held by syz.2.1610/9581:
[  367.915556][   T30]  #0: ffff8880597900a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  367.933173][   T30] 1 lock held by syz-executor/9582:
[  367.938393][   T30]  #0: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  367.955058][   T30] 1 lock held by syz-executor/9585:
[  367.961238][   T30]  #0: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  367.977638][   T30] 2 locks held by syz.5.1614/9591:
[  367.983176][   T30]  #0: ffffffff8fd38970 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40
[  367.998458][   T30]  #1: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x5f/0x8b0
[  368.018339][   T30] 1 lock held by syz-executor/9592:
[  368.025752][   T30]  #0: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  368.043017][   T30] 1 lock held by syz-executor/9595:
[  368.048238][   T30]  #0: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  368.065051][   T30] 1 lock held by syz-executor/9600:
[  368.074178][   T30]  #0: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  368.089066][   T30] 1 lock held by syz-executor/9605:
[  368.094285][   T30]  #0: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  368.111694][   T30] 1 lock held by syz-executor/9610:
[  368.116912][   T30]  #0: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  368.136198][   T30] 1 lock held by syz-executor/9613:
[  368.143950][   T30]  #0: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  368.158242][   T30] 1 lock held by syz-executor/9616:
[  368.166152][   T30]  #0: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  368.182654][   T30] 1 lock held by syz-executor/9619:
[  368.187872][   T30]  #0: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  368.206194][   T30] 1 lock held by syz-executor/9625:
[  368.213169][   T30]  #0: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  368.228961][   T30] 1 lock held by syz-executor/9632:
[  368.235748][   T30]  #0: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  368.257399][   T30] 1 lock held by syz-executor/9638:
[  368.262933][   T30]  #0: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  368.279776][   T30] 1 lock held by syz-executor/9643:
[  368.284997][   T30]  #0: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  368.298897][   T30] 1 lock held by syz-executor/9649:
[  368.304117][   T30]  #0: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  368.325344][   T30] 
[  368.327697][   T30] =============================================
[  368.327697][   T30] 
[  368.344266][   T30] NMI backtrace for cpu 1
[  368.348613][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc3-syzkaller-00087-gc964ced77262 #0
[  368.359135][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  368.369207][   T30] Call Trace:
[  368.372498][   T30]  <TASK>
[  368.375442][   T30]  dump_stack_lvl+0x241/0x360
[  368.380150][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  368.385378][   T30]  ? __pfx__printk+0x10/0x10
[  368.390003][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[  368.394976][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  368.400462][   T30]  ? _printk+0xd5/0x120
[  368.404636][   T30]  ? __pfx__printk+0x10/0x10
[  368.409245][   T30]  ? __wake_up_klogd+0xcc/0x110
[  368.414128][   T30]  ? __pfx__printk+0x10/0x10
[  368.418740][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  368.424399][   T30]  ? __rcu_read_unlock+0xa1/0x110
[  368.429463][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  368.435480][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  368.441496][   T30]  watchdog+0xff4/0x1040
[  368.445773][   T30]  ? watchdog+0x1ea/0x1040
[  368.450230][   T30]  ? __pfx_watchdog+0x10/0x10
[  368.454937][   T30]  kthread+0x2f2/0x390
[  368.459027][   T30]  ? __pfx_watchdog+0x10/0x10
[  368.463735][   T30]  ? __pfx_kthread+0x10/0x10
[  368.468347][   T30]  ret_from_fork+0x4d/0x80
[  368.472804][   T30]  ? __pfx_kthread+0x10/0x10
[  368.477421][   T30]  ret_from_fork_asm+0x1a/0x30
[  368.482261][   T30]  </TASK>
[  368.486142][   T30] Sending NMI from CPU 1 to CPUs 0:
[  368.491851][    C0] NMI backtrace for cpu 0
[  368.491865][    C0] CPU: 0 UID: 0 PID: 5298 Comm: kworker/0:7 Not tainted 6.12.0-rc3-syzkaller-00087-gc964ced77262 #0
[  368.491891][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  368.491906][    C0] Workqueue: events_power_efficient neigh_periodic_work
[  368.491940][    C0] RIP: 0010:arch_stack_walk+0x123/0x150
[  368.491968][    C0] Code: 03 9d 09 00 48 85 c0 74 23 4c 89 f7 48 89 c6 4d 89 eb e8 30 82 98 0a 84 c0 74 11 48 89 df e8 34 9e 09 00 83 bd 70 ff ff ff 00 <75> d0 65 48 8b 04 25 28 00 00 00 48 3b 45 d0 75 13 48 83 c4 68 5b
[  368.491987][    C0] RSP: 0018:ffffc900000067a0 EFLAGS: 00000202
[  368.492006][    C0] RAX: 0000000080000101 RBX: ffffc900000067a0 RCX: 0000000080000101
[  368.492023][    C0] RDX: dffffc0000000000 RSI: ffffc90000000000 RDI: 0000000000000001
[  368.492040][    C0] RBP: ffffc90000006830 R08: ffffc90000006c08 R09: ffffc900000067f0
[  368.492058][    C0] R10: dffffc0000000000 R11: fffff52000000d00 R12: ffff88802e5f8000
[  368.492076][    C0] R13: ffffffff8180a0e0 R14: ffffc90000006880 R15: 0000000000000000
[  368.492096][    C0] FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  368.492121][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  368.492138][    C0] CR2: 00007fa3788afe25 CR3: 000000000e734000 CR4: 0000000000350ef0
[  368.492156][    C0] Call Trace:
[  368.492164][    C0]  <NMI>
[  368.492172][    C0]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  368.492202][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  368.492240][    C0]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  368.492270][    C0]  ? nmi_handle+0x2a/0x5a0
[  368.492304][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  368.492336][    C0]  ? nmi_handle+0x151/0x5a0
[  368.492361][    C0]  ? nmi_handle+0x2a/0x5a0
[  368.492386][    C0]  ? arch_stack_walk+0x123/0x150
[  368.492411][    C0]  ? default_do_nmi+0x63/0x160
[  368.492442][    C0]  ? exc_nmi+0x123/0x1f0
[  368.492472][    C0]  ? end_repeat_nmi+0xf/0x53
[  368.492497][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  368.492532][    C0]  ? arch_stack_walk+0x123/0x150
[  368.492558][    C0]  ? arch_stack_walk+0x123/0x150
[  368.492584][    C0]  ? arch_stack_walk+0x123/0x150
[  368.492609][    C0]  </NMI>
[  368.492617][    C0]  <IRQ>
[  368.492629][    C0]  ? ip_route_output_key_hash_rcu+0x13cc/0x2390
[  368.492671][    C0]  stack_trace_save+0x118/0x1d0
[  368.492698][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  368.492723][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[  368.492746][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  368.492772][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  368.492809][    C0]  ? ktime_get_with_offset+0x83/0x150
[  368.492836][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  368.492868][    C0]  kasan_save_track+0x3f/0x80
[  368.492894][    C0]  ? kasan_save_track+0x3f/0x80
[  368.492916][    C0]  ? __kasan_slab_alloc+0x66/0x80
[  368.492939][    C0]  ? kmem_cache_alloc_noprof+0x135/0x2a0
[  368.492970][    C0]  ? dst_alloc+0x12b/0x190
[  368.493021][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  368.493049][    C0]  __kasan_slab_alloc+0x66/0x80
[  368.493074][    C0]  ? dst_alloc+0x12b/0x190
[  368.493095][    C0]  kmem_cache_alloc_noprof+0x135/0x2a0
[  368.493133][    C0]  dst_alloc+0x12b/0x190
[  368.493158][    C0]  ip_route_output_key_hash_rcu+0x13cc/0x2390
[  368.493203][    C0]  ip_route_output_key_hash+0x193/0x2b0
[  368.493239][    C0]  ? ip_route_output_key_hash+0xdf/0x2b0
[  368.493274][    C0]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  368.493312][    C0]  ? __pfx_lock_release+0x10/0x10
[  368.493346][    C0]  ? kthread+0x2f2/0x390
[  368.493375][    C0]  ip_route_output_flow+0x29/0x140
[  368.493409][    C0]  ip_route_me_harder+0x80d/0x1300
[  368.493450][    C0]  ? __pfx_ip_route_me_harder+0x10/0x10
[  368.493484][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  368.493509][    C0]  ? __kmalloc_node_track_caller_noprof+0x242/0x440
[  368.493556][    C0]  synproxy_send_tcp+0x356/0x6c0
[  368.493596][    C0]  synproxy_send_client_synack+0x8b8/0xf30
[  368.493638][    C0]  ? __pfx_synproxy_send_client_synack+0x10/0x10
[  368.493671][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  368.493700][    C0]  ? synproxy_pernet+0x45/0x270
[  368.493735][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  368.493764][    C0]  nft_synproxy_eval_v4+0x3ca/0x610
[  368.493803][    C0]  ? __pfx_nft_synproxy_eval_v4+0x10/0x10
[  368.493842][    C0]  ? nf_ip_checksum+0x13a/0x500
[  368.493868][    C0]  nft_synproxy_do_eval+0x362/0xa60
[  368.493907][    C0]  ? __pfx_nft_synproxy_do_eval+0x10/0x10
[  368.493942][    C0]  ? validate_chain+0x11e/0x5920
[  368.493969][    C0]  ? __lock_acquire+0x1384/0x2050
[  368.494005][    C0]  ? __pfx_validate_chain+0x10/0x10
[  368.494033][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  368.494063][    C0]  nft_do_chain+0x4af/0x1da0
[  368.494095][    C0]  ? __pfx_nft_do_chain+0x10/0x10
[  368.494120][    C0]  ? __local_bh_enable_ip+0x168/0x200
[  368.494157][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  368.494195][    C0]  ? __pfx_nf_nat_inet_fn+0x10/0x10
[  368.494224][    C0]  nft_do_chain_inet+0x418/0x6b0
[  368.494262][    C0]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  368.494297][    C0]  ? ipt_do_table+0x312/0x1860
[  368.494343][    C0]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  368.494377][    C0]  nf_hook_slow+0xc5/0x220
[  368.494410][    C0]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  368.494439][    C0]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  368.494467][    C0]  NF_HOOK+0x29e/0x450
[  368.494492][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  368.494521][    C0]  ? NF_HOOK+0x9a/0x450
[  368.494547][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[  368.494575][    C0]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  368.494608][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  368.494633][    C0]  ? ip_rcv_finish+0x406/0x560
[  368.494662][    C0]  ? __pfx_ip_rcv_finish+0x10/0x10
[  368.494690][    C0]  NF_HOOK+0x3a6/0x450
[  368.494718][    C0]  ? NF_HOOK+0x9a/0x450
[  368.494744][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[  368.494770][    C0]  ? ip_rcv_core+0x801/0xd10
[  368.494798][    C0]  ? __pfx_ip_rcv_finish+0x10/0x10
[  368.494831][    C0]  ? __pfx_ip_rcv+0x10/0x10
[  368.494859][    C0]  __netif_receive_skb+0x2bf/0x650
[  368.494891][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  368.494926][    C0]  ? __pfx___netif_receive_skb+0x10/0x10
[  368.494954][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  368.494990][    C0]  ? __pfx_lock_release+0x10/0x10
[  368.495026][    C0]  ? _raw_spin_lock_irq+0xdf/0x120
[  368.495067][    C0]  process_backlog+0x662/0x15b0
[  368.495103][    C0]  ? process_backlog+0x33b/0x15b0
[  368.495145][    C0]  ? __pfx_process_backlog+0x10/0x10
[  368.495176][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  368.495213][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  368.495251][    C0]  __napi_poll+0xcd/0x490
[  368.495283][    C0]  net_rx_action+0x89b/0x1240
[  368.495329][    C0]  ? __pfx_net_rx_action+0x10/0x10
[  368.495363][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  368.495389][    C0]  ? sched_clock+0x4a/0x70
[  368.495428][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  368.495471][    C0]  handle_softirqs+0x2c7/0x980
[  368.495506][    C0]  ? do_softirq+0x11b/0x1e0
[  368.495538][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  368.495572][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  368.495600][    C0]  do_softirq+0x11b/0x1e0
[  368.495629][    C0]  </IRQ>
[  368.495636][    C0]  <TASK>
[  368.495645][    C0]  ? __pfx_do_softirq+0x10/0x10
[  368.495675][    C0]  ? __pfx_lockdep_softirqs_on+0x10/0x10
[  368.495713][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  368.495738][    C0]  ? rcu_is_watching+0x15/0xb0
[  368.495766][    C0]  __local_bh_enable_ip+0x1bb/0x200
[  368.495798][    C0]  ? neigh_periodic_work+0xb35/0xd50
[  368.495828][    C0]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  368.495860][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  368.495885][    C0]  ? neigh_destroy+0x423/0x580
[  368.495913][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  368.495943][    C0]  neigh_periodic_work+0xb35/0xd50
[  368.495978][    C0]  ? process_scheduled_works+0x976/0x1850
[  368.496012][    C0]  process_scheduled_works+0xa65/0x1850
[  368.496062][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  368.496100][    C0]  ? assign_work+0x364/0x3d0
[  368.496137][    C0]  worker_thread+0x870/0xd30
[  368.496172][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  368.496200][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  368.496225][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  368.496263][    C0]  ? __kthread_parkme+0x169/0x1d0
[  368.496299][    C0]  ? __pfx_worker_thread+0x10/0x10
[  368.496333][    C0]  kthread+0x2f2/0x390
[  368.496354][    C0]  ? __pfx_worker_thread+0x10/0x10
[  368.496387][    C0]  ? __pfx_kthread+0x10/0x10
[  368.496411][    C0]  ret_from_fork+0x4d/0x80
[  368.496444][    C0]  ? __pfx_kthread+0x10/0x10
[  368.496468][    C0]  ret_from_fork_asm+0x1a/0x30
[  368.496510][    C0]  </TASK>
[  369.376786][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  369.383659][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc3-syzkaller-00087-gc964ced77262 #0
[  369.394178][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  369.404247][   T30] Call Trace:
[  369.407538][   T30]  <TASK>
[  369.410483][   T30]  dump_stack_lvl+0x241/0x360
[  369.415190][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  369.420412][   T30]  ? __pfx__printk+0x10/0x10
[  369.425020][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  369.431044][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  369.436703][   T30]  ? vscnprintf+0x5d/0x90
[  369.441064][   T30]  panic+0x349/0x880
[  369.444980][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  369.450641][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  369.456825][   T30]  ? __pfx_panic+0x10/0x10
[  369.461260][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[  369.466657][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  369.472311][   T30]  ? __irq_work_queue_local+0x137/0x410
[  369.477894][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  369.483550][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  369.488945][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  369.495126][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  369.501316][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  369.506977][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  369.513162][   T30]  watchdog+0x1033/0x1040
[  369.517526][   T30]  ? watchdog+0x1ea/0x1040
[  369.521981][   T30]  ? __pfx_watchdog+0x10/0x10
[  369.526688][   T30]  kthread+0x2f2/0x390
[  369.530781][   T30]  ? __pfx_watchdog+0x10/0x10
[  369.535487][   T30]  ? __pfx_kthread+0x10/0x10
[  369.540100][   T30]  ret_from_fork+0x4d/0x80
[  369.544550][   T30]  ? __pfx_kthread+0x10/0x10
[  369.549161][   T30]  ret_from_fork_asm+0x1a/0x30
[  369.553972][   T30]  </TASK>
[  369.557221][   T30] Kernel Offset: disabled
[  369.561541][   T30] Rebooting in 86400 seconds..