last executing test programs:

1m9.296061882s ago: executing program 2 (id=366):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x1, 0x44, 0x20}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000740), &(0x7f0000000140), 0x1003, r0, 0x0, 0x2000000}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000280)={0x0, &(0x7f0000000140)=""/83, &(0x7f0000000080), &(0x7f0000000080), 0x6, r0}, 0x38)

1m8.984256352s ago: executing program 2 (id=368):
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
mmap(&(0x7f00002e3000/0x2000)=nil, 0x2000, 0x0, 0x11012, r0, 0x10c000)
r1 = syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f0000000080))
ioctl$PAGEMAP_SCAN(r1, 0xc0606610, &(0x7f0000000100)={0x60, 0x0, &(0x7f00001c9000/0x3000)=nil, &(0x7f0000887000/0x2000)=nil, 0xfffffffffffffffd, 0x0, 0x0, 0x6, 0x0, 0xa, 0xe4, 0x76})

1m8.799570379s ago: executing program 2 (id=370):
unshare(0x20000400)
syz_mount_image$xfs(&(0x7f0000000040), &(0x7f0000009740)='./file2\x00', 0x4008010, &(0x7f0000000580)={[{@sysvgroups}, {@discard}, {@nolargeio}, {@filestreams}, {@nogrpid}, {@gquota}, {@nouuid}, {@dax_inode}]}, 0x1, 0x97ee, &(0x7f0000012f40)="$eJzs3QW8rGWheP994ACHDkGwACkxSQkD6VBESVFCkJYUEAGlQwkVFAEFFFCQ7u4u6e7u7o7/58AB8bjgcn9/74XLWuvj2bNn5t2zn3m+87zu2e9mZsl5F51zYGCcgTd68/SfnbPr7csuNuaC6x678+Dr9tphoYeGXTzyGyfjzj7sdI5hp3MODAwMGnY7g964bPBsxxw7wsDggaH/+2djjDraCGMMDIw27Oyw2xmY+Y2T0fd/c7vXhosHOunQb7f9G/9eb8yhNzL0k6WXe2WtgYGBIW/7+qHjmvbf7qi0JeeYb95/Wr3lNsKwqwf987rXTwe/8W/0fQcGRt974J0fH0O3HeltX/u/2dDvOc7kA4vf/j587/9zLTnHfAsM5z90LY447LKZh67x4degseEf5zssuvoDw6Zw0LCJG/y29fJ+PO7/n1pyjnkXHHjndTyw0Dyb3P/a6/vNwXMPDAyeZ2Bg8LwDA4Pne7896j/T+/rgq6qqqvelOeacYehz9hGG+3lgyJs/19LPhRe8PN3dAwODF3rjeeLg5d58LlhVVVVVVVVVH8zmmHOGueD5/zjv9vx/0pO3Hrfn/1VVVVVVVVX/d1pgjjlnGPpcf7jn/xO92/P/xx88dL83/vZ/9pnf+KpX3987UVVVVVVVVVXv2rwL4PP/Sd/t+f9Fx0x6ac//q6qqqqqqqv7vtMhrr7222dteZ2/YxVO/eT09/z/1vluXed8GXFVVVVVVVVX/7V595KTT/vma7xMPDPd676837PcCg4444/LL37eBfjAa9O+/D9n8/R7T/9+GOg85aNKBgbUWf7+HUu9D/2deq77+R8rfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/MW9w/H/t17//9SjVnjzveA/M+UM15/0z698/b3/By+0wCNbvE9Dfz/6sB7/H1ht0MDAMN9xVhsYGFhojkUWm3pgYOCk62eYcoqBt66bZeh1Xx1vxNffIP7N/0xknnH5hjef7I3ToQ+UgfHfuo0jXr/9BV7bZ8RBww3ibY173H77rbrkczMOfzrVO9+PEd76bMxjH3zzv2UZYbiNhrzDF795+2/el+Gdh4196qFjn2b9NdeZZr2NNv7iamsuv8pKq6y01qzTzzTdjLPOOtNM06y82horTfvGx3eas0lf/zjXe5mzMYafs0fmePucDX/f3mnOJn33OXv9Fne5cMg33pyzwf/NOZvr3eds0tWGfaNxZx9pYLnX52bQwMC4c480sOHQM9ONMjAw7jzDtp1o6LZfG2+EgYGd/nlHh342yluPwUGbD91myXkXnfON3dTAwD9P/9k7vJ/9yMNGPvuw0zmGnc75xrcZZ+CfD8XBsx1z7AhD5+JfpmOMUUcbYYyBgdGGnR12OwOzvnEy2slvbvcO77M+3EBff5mV7d/493pjDgwMjD70k4mXP3WboVP/v/A+7f9P////b16zDHrr8Tho2L9h27zhNcd8C/zze70+DUPnbsRhl8081OQ//Nb2/9K/jXfSIQOTvst43+V1cV6PHl9rnDTBlv+p18Wh8U70LuN9l9fxfcfxLnH37g+8cVP/sfEOt69b8PWPs7+Xfd3Au+/rRqQbWOmSTw2/r/vWOw/xX3aXb87RKMNt9E77uon2nGTzobc/+7vv6xYcOvaR/mVfN8LAwLhzvbmvG7rjm3ekgZ2Gnpl+6Jn5Rho4YOiZGV4/M+rAGUPPfGmFtddYcegF8//742DqQf/yB5qwzuYdbp0Nett9HzTc33cOfuN09H3ffA+nd9hvDhp2t/7LfQU9bsd5l/G+y/tP4TwPvWzFI4dM8J96/yka75B3H+87vV/2O453x2dPvf0/PN631tlIb5uu+d/LOpv0X9fZ0Ls44ttWxnv9OWxF2P6Nzyd669Y22PTBt36mGGm42/2vfqaY/93X2TirDfd12+09MOjd5ma+9zI3n/y3fdAWb5+b9/rz1tSTv3H9iO8yN6PMuuxUb87NyP/NuZnvvzs3sw+M+K9zM3hgnoGBgSmG7R/mfS9zM9G7z817fdyMBtu/8flKb1009w4Hnffm3Aw/F//V3Mz7352bSd963Ezx+nWTjTAw8sgDGy6//vrrTvfGxzfPTv/Gx3dfg3O/l7kc5z8zlx8f/E5z+c+H6hh3X7rvf7EG/22f/ubtz/3fncuBt+ZyYLXhF0t9UOv3f+7yd5e/u/zd5e8uf3f5i3uH4/9vvf7/buN8dedhv9wY6dJJJtz2/R7v+9yH+vj/MN9/Of6/7YSTXDrCwFvXvevx2Te2+UAen535jZPR939zu+GPD/JA3/n47N6zzrz1/9Lx2f+n3lyr7+H3cO3/3eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/uLe4fj/tG/+HcB90y385LADoSM9tNVSC7/f432f+1Af/x/m+y/H/xdeaquHRhh467p3Pf7/xjaO4/93vjTvjh/k4/9vrtWO/9d/Uf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3lL+4djv/P/ubfARx66O4bv/n3AFePu/1J7/d43+c+rMf/e/9/b+3/3eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/uKGHf8fGO7tLb/b4wKD4///t3sH/4Xzxyz+i+SPWfwXzR+z+C+WP2bxXzx/zOK/RP6Yxf97+WMW/yXzxyz+388fs/j/IH/M4r9U/pjFf+n8MYv/MvljFv9l88cs/j/MH7P4L5c/ZvFfPn/M4v+j/DGL/wr5Yxb/FfPHLP4r5Y9Z/FfOH7P4r5I/ZvFfNX/M4r9a/pjF/8f5Yxb/1fPHLP5r5I9Z/NfMH7P4r5U/ZvFfO3/M4r9O/pjF/yf5Yxb/dfPHLP7r5Y9Z/NfPH7P4/zR/zOK/Qf6Yxf9n+WMW/w3zxyz+G+WPWfw3zh+z+P88f8zi/4v8MYv/JvljFv9N88cs/pvlj1n8N88fs/hvkT9m8d8yf8ziv1X+mMV/6/wxi/82+WMW/23zxyz+v8wfs/j/Kn/M4r9d/pjFf/v8MYv/DvljFv8d88cs/r/OH7P4/yZ/zOL/2/wxi/9O+WMW/53zxyz+v8sfs/j/Pn/M4r9L/pjF/w/5Yxb/XfPHLP675Y9Z/HfPH7P4/zF/zOL/p/wxi/8e+WMW/z3zxyz+e+WPWfz/nD9m8f9L/pjFf+/8MYv/PvljFv9988cs/n/NH7P4/y1/zOK/X/6YxX///DGL/9/zxyz+B+SPWfwPzB+z+B+UP2bxPzh/zOJ/SP6Yxf/Q/DGL/2H5Yxb/w/PHLP5H5I9Z/I/MH7P4H5U/ZvE/On/M4n9M/pjF/9j8MYv/cfljFv/j88cs/ifkj1n8T8wfs/iflD9m8T85f8zif0r+mMX/1Pwxi/9p+WMW/9Pzxyz+Z+SPWfzPzB+z+J+VP2bxPzt/zOJ/Tv6Yxf/c/DGL/3n5Yxb/8/PHLP4X5I9Z/C/MH7P4X5Q/ZvH/R/6Yxf/i/DGL/yX5Yxb/S/PHLP6X5Y9Z/C/PH7P4X5E/ZvG/Mn/M4n9V/pjF/+r8MYv/NfljFv9r88cs/tflj1n8r88fs/jfkD9m8b8xf8zif1P+mMX/5vwxi/8t+WMW/1vzxyz+t+WPWfxvzx+z+N+RP2bxvzN/zOJ/V/6Yxf/u/DGL/z35Yxb/e/PHLP735Y9Z/O/PH7P4P5A/ZvF/MH/M4v9Q/pjF/+H8MYv/I/ljFv9H88cs/o/lj1n8H88fs/g/kT9m8X8yf8zi/1T+mMX/6fwxi/8z+WMW/2fzxyz+z+WPWfyfzx+z+L+QP2bxfzF/zOL/Uv6Yxf/l/DGL/yv5Yxb/V/PHLP6v5Y9J/AcN5I9Z/Aflj1n8R8gfs/iPmD9m8R+cP2bxHyl/zOI/cv6YxX+U/DGL/5D8MYv/qPljFv/R8scs/qPnj1n8x8gfs/iPmT9m8R8rf8ziP3b+mMV/nPwxi/+4+WMW//Hyxyz+H8kfs/iPnz9m8Z8gf8zi/9H8MYv/hPljFv+J8scs/h/LH7P4fzx/zOL/ifwxi/8n88cs/p/KH7P4T5w/ZvGfJH/M4j9p/pjF/9P5Yxb/yd70H/I+jesDmsV/8tY/ZvGfIn/M4j9l/pjFf6r8MYv/Z/LHLP5T549Z/D+bP2bx/1z+mMX/8/ljFv8v5I9Z/L+YP2bx/1L+mMV/mvwxi/+0+WMW/+nyxyz+0+ePWfxnyB+z+M+YP2bx/3L+mMV/pvwxi//M+WMW/1nyxyz+s+aPWfy/kj9m8f9q/pjF/2v5Yxb/r+ePWfxnyx+z+H8jf8ziP3v+mMV/jvwxi/+c+WMW/7nyxyz+c+ePWfznyR+z+M+bP2bxny9/zOI/f/6YxX+B/DGL/zfzxyz+38ofs/gvmD9m8f92/pjFf6H8MYv/d/LHLP7fzR+z+C+cP2bxXyR/zOK/aP6YxX+x/DGL/+L5Yxb/JfLHLP7fyx+z+C+ZP2bx/37+mMX/B/ljFv+l8scs/kvnj1n8l8kfs/gvmz9m8f9h/pjFf7n8MYv/8vljFv8f5Y9Z/FfIH7P4r5g/ZvFfKX/M4r9y/pjFf5X8MYv/qvljFv/V8scs/j/OH7P4r54/ZvFfI3/M4r9m/pjFf638MYv/2vljFv918scs/j/JH7P4r5s/ZvFfL3/M4r9+/pjF/6f5Yxb/DfLHLP4/yx+z+G+YP2bx3yh/zOK/cf6Yxf/n+WMW/1/kj1n8N8kfs/hvmj9m8d8sf8ziv3n+mMV/i/wxi/+W+WMW/63yxyz+W+ePWfy3yR+z+G+bP2bx/2X+mMX/V/ljFv/t8scs/tvnj1n8d8gfs/jvmD9m8f91/pjF/zf5Yxb/3+aPWfx3yh+z+O+cP2bx/13+mMX/9/ljFv9d8scs/n/IH7P475o/ZvHfLX/M4r97/pjF/4/5Yxb/P+WPWfz3yB+z+O+ZP2bx3yt/zOL/5/wxi/9f8scs/nvnj1n898kfs/jvmz9m8f9r/pjF/2/5Yxb//fLHLP77549Z/P/+r/73/q+P6wOaxf+A1j9m8T8wf8zif1D+mMX/4Pwxi/8h+WMW/0Pzxyz+h+WPWfwPzx+z+B+RP2bxPzJ/zOJ/VP6Yxf/o/DGL/zH5Yxb/Y/PHLP7H5Y9Z/I/PH7P4n5A/ZvE/MX/M4n9S/pjF/+T8MYv/KfljFv9T88cs/qflj1n8T88fs/ifkT9m8T8zf8zif1b+mMX/7Pwxi/85+WMW/3Pzxyz+5+WPWfzPzx+z+F+QP2bxvzB/zOJ/Uf6YxP/18v/3JP6DLs4fs/hfkj9m8b80f8zif1n+mMX/8vwxi/8V+WMW/yvzxyz+V+WPWfyvzh+z+F+TP2bxvzZ/zOJ/Xf6Yxf/6/DGL/w35Yxb/G/PHLP435Y9Z/G/OH7P435I/ZvG/NX/M4n9b/pjF//b8MYv/HfljFv8788cs/nflj1n8784fs/jfkz9m8b83f8zif1/+mMX//vwxi/8D+WMW/wfzxyz+D+WPWfwfzh+z+D+SP2bxfzR/zOL/WP6Yxf/x/DGL/xP5Yxb/J/PHLP5P5Y9Z/J/OH7P4P5M/ZvF/Nn/M4v9c/pjF//n8MYv/C/mPTBda/F/MH7P4v5Q/ZvF/OX/M4v9K/pjF/9X8MYv/a/ljEv/XP83/37P4D8ofs/iPkD9m8R8xf8ziPzh/zOI/Uv6YxX/k/DGL/yj5Yxb/IfljFv9R88cs/qPlj1n8R88fs/iPkT9m8R8zf8ziP1b+mMV/7Pwxi/84+WMW/3Hzxyz+4+WPWfw/kj9m8R8/f8ziP0H+mMX/o/ljFv8J88cs/hPlj1n8P5Y/ZvH/eP6Yxf8T+WMW/0/mj1n8P5U/ZvGfOH/M4j9J/pjFf9L8MYv/p/PHLP6T5Y9Z/CfPH7P4T5E/ZvGfMn/M4j9V/pjF/zP5Yxb/qfPHLP6fzR+z+H8uf8zi//n8MYv/F/LHLP5fzB+z+H8pf8ziP03+mMV/2vyxQefsOtLAwMCH3n+6/DHL+p8+f8ziP0P+mMV/xvwxi/+X88cs/jPlj1n8Z84fs/jPkj9m8Z81f8zi/5X8MYv/V/PHLP5fyx+z+H89f8ziP1v+mMX/G/ljFv/Z88cs/nPkj1n858wfs/jPlT9m8Z87f8ziP0/+mMV/3vwxi/98+WMW//nzxyz+C+SPWfy/mT9m8f9W/pjFf8H8MYv/t/PHLP4L5Y9Z/L+TP2bx/27+mMV/4fwxi/8i+WMW/0Xzxyz+i+WPWfwXzx+z+C+RP2bx/17+mMV/yfwxi//388cs/j/IH7P4L5U/ZvFfOn/M4r9M/pjFf9n8MYv/D/PHLP7L5Y9Z/JfPH7P4/yh/zOK/Qv6YxX/F/DGL/0r5Yxb/lfPHLP6r5I9Z/FfNH7P4r5Y/ZvH/cf6YxX/1/DGL/xr5Yxb/NfPHLP5r5Y9Z/NfOH7P4r5M/ZvH/Sf6YxX/d/DGL/3r5Yxb/9fPHLP4/zR+z+G+QP2bx/1n+mMV/w/wxi/9G+WMW/43zxyz+P88fs/j/In/M4r9J/pjFf9P8MYv/ZvljFv/N88cs/lvkj1n8t8wfs/hvlT9m8d86f8ziv03+mMV/2/wxi/8v88cs/r/KH7P4b5c/ZvHfPn/M4r9D/pjFf8f8MYv/r/PHLP6/yR+z+P82f8ziv1P+mMV/5/wxi//v8scs/r/PH7P475I/ZvH/Q/6YxX/X/DGL/275Yxb/3fPHLP5/zB+z+P8pf8ziv0f+mMV/z/wxi/9e+WMW/z/nj1n8/5I/ZvHfO3/M4r9P/pjFf9/8MYv/X/PHLP5/yx+z+O+XP2bx3z9/zOL/9/wxi/8B+WMW/wPzxyz+B+WPWfwPzh+z+B+SP2bxPzR/zOJ/WP6Yxf/w/DGL/xH5Yxb/I/PHLP5H5Y9Z/I/OH7P4H5M/ZvE/Nn/M4n9c/pjF//j8MYv/CfljFv8T88cs/iflj1n8T84fs/ifkj9m8T81f8zif1r+mMX/9Pwxi/8Z+WMW/zPzxyz+Z+WPWfzPzh+z+J+TP2bxPzd/zOJ/Xv6Yxf/8/DGL/wX5Yxb/C/PHLP4X5Y9Z/P+RP2bxvzh/zOJ/Sf6Yxf/S/DGL/2X5Yxb/y/PHLP5X5I9Z/K/MH7P4X5U/ZvG/On/M4n9N/pjF/9r8MYv/dfljFv/r88cs/jfkj1n8b8wfs/jflD9m8b85f8zif0v+mMX/1vwxi/9t+WMW/9vzxyz+d+SPWfzvzB+z+N+VP2bxvzt/zOJ/T/6Yxf/e/DGL/335Yxb/+/PHLP4P5I9Z/B/MH7P4P5Q/ZvF/OH/M4v9I/pjF/9H8MYv/Y/ljFv/H88cs/k/kj1n8n8wfs/g/lT9m8X86f8zi/0z+mMX/2fwxi/9z+WMW/+fzxyz+L+SPWfxfzB+z+L+UP2bxfzl/zOL/Sv6Yxf/V/DGL/2v5YxL/EQfyxyz+g/LHLP4j5I9Z/EfMH7P4D84fs/iPlD9m8R85f8ziP0r+mMV/SP6YxX/U/DGL/2j5Yxb/0fPHLP5j5I9Z/MfMH7P4j5U/ZvEfO3/M4j9O/pjFf9z8MYv/ePljFv+P5I9Z/MfPH7P4T5A/ZvH/aP6YxX/C/DGL/0T5Yxb/j+WPWfw/nj9m8f9E/pjF/5P5Yxb/T+WPWfwnzh+z+E+SP2bxnzR/zOL/6fwxi/9k+WMW/8nzxyz+U+SPWfynzB+z+E+VP2bx/0z+mMV/6vwxi/9n88cs/p/LH7P4fz5/zOL/hfwxi/8X88cs/l/KH7P4T5M/ZvGfNn/M4j9d/pjFf/r8MYv/DPljFv8Z88cs/l/OH7P4z5Q/ZvGfOX/M4j9L/pjFf9b8MYv/V/LHLP5fzR+z+H8tf8zi//X8MYv/bPljFv9v5I9Z/GfPH7P4z5E/ZvGfM3/M4j9X/pjFf+78MYv/PPljFv9588cs/vPlj1n8588fs/gvkD9m8f9m/pjF/1v5Yxb/BfPHLP7fzh+z+C+UP2bx/07+mMX/u/ljFv+F88cs/ovkj1n8F80fs/gvlj9m8V88f8ziv0T+mMX/e/ljFv8l88cs/t/PH7P4/yB/zOK/VP6YxX/p/DGL/zL5Yxb/ZfPHLP4/zB+z+C+XP2bxXz5/zOL/o/wxi/8K+WMW/xXzxyz+K+WPWfxXzh+z+K+SP2bxXzV/zOK/Wv6Yxf/H+WMW/9Xzxyz+a+SPWfzXzB+z+K+VP2bxXzt/zOK/Tv6Yxf8n+WMW/3Xzxyz+6+WPWfzXzx+z+P80f8ziv0H+mMX/Z/ljFv8N88cs/hvlj1n8N84fs/j/PH/M4v+L/DGL/yb5Yxb/TfPHLP6b5Y9Z/DfPH7P4b5E/ZvHfMn/M4r9V/pjFf+v8MYv/NvljFv9t88cs/r/MH7P4/yp/zOK/Xf6YxX/7/DGL/w75Yxb/HfPHLP6/zh+z+P8mf8zi/9v8MYv/TvljFv+d88cs/r/LH7P4/z5/zOK/S/6Yxf8P+WMW/13zxyz+u+WPWfx3zx+z+P8xf8zi/6f8MYv/HvljFv8988cs/nvlj1n8/5w/ZvH/S/6YxX/v/DGL/z75Yxb/ffPHLP5/zR+z+P8tf8ziv1/+mMV///wxi//f88cs/gfkj1n8D8wfs/gflD9m8T84f8zif0j+mMX/0Pwxi/9h+WMW/8Pzxyz+R+SPWfyPzB+z+B+VP2bxPzp/zOJ/TP6Yxf/Y/DGL/3H5Yxb/4/PHLP4n5I9Z/E/MH7P4n5Q/ZvE/OX/M4n9K/pjF/9T8MYv/afljFv/T88cs/mfkj1n8z8wfs/iflT9m8T87f8zif07+mMX/3Pwxi/95+WMW//Pzxyz+F+SPWfwvzB+z+F+UP2bx/0f+mMX/4vwxi/8l+WMW/0vzxyz+l+WPWfwvzx+z+F+RP2bxvzJ/zOJ/Vf6Yxf/q/DGL/zX5Yxb/a/PHLP7X5Y9Z/K/PH7P435A/ZvG/MX/M4n9T/pjF/+b8MYv/LfljFv9b88cs/rflj1n8b88fs/jfkT9m8b8zf8zif1f+mMX/7vwxi/89+WMW/3vzxyz+9+WPWfzvzx+z+D+QP2bxfzB/zOL/UP6Yxf/h/DGL/yP5Yxb/R/PHLP6P5Y9Z/B/PH7P4P5E/ZvF/Mn/M4v9U/pjF/+n8MYv/M/ljFv9n88cs/s/lj1n8n88fs/i/kD9m8X8xf8zi/1L+mMX/5fwxi/8r+WMW/1fzxyz+r+WPSfwHD+SPWfwHvTf/kf/HxvUBzeI/Qusfs/iPmD9m8R+cP2bxHyl/zOI/cv6YxX+U/DGL/5D8MYv/qPljFv/R8scs/qPnj1n8x8gfs/iPmT9m8R8rf8ziP3b+mMV/nPwxi/+4+WMW//Hyxyz+H8kfs/iPnz9m8Z8gf8zi/9H8MYv/hPljFv+J8scs/h/LH7P4fzx/zOL/ifwxi/8n88cs/p/KH7P4T5w/ZvGfJH/M4j9p/pjF/9P5Yxb/yfLHLP6T549Z/KfIH7P4T5k/ZvGfKn/M4v+Z/DGL/9T5Yxb/z+aPWfw/lz9m8f98/pjF/wv5Yxb/L+aPWfy/lD9m8Z8mf8ziP23+mMV/uvwxi//0+WMW/xnyxyz+M+aPWfy/nD9m8Z8pf8ziP3P+mMV/lvwxi/+s+WMW/6/kj1n8v5o/ZvH/Wv6Yxf/r+WMW/9nyxyz+38gfs/jPnj9m8Z8jf8ziP2f+mMV/rvwxi//c+WMW/3nyxyz+8+aPWfznyx+z+M+fP2bxXyB/zOL/zfwxi/+38scs/gvmj1n8v50/ZvFfKH/M4v+d/DGL/3fzxyz+C+ePWfwXyR+z+C+aP2bxXyx/zOK/eP6YxX+J/DGL//fyxyz+S+aPWfy/nz9m8f9B/pjFf6n8MYv/0vljFv9l8scs/svmj1n8f5g/ZvFfLn/M4r98/pjF/0f5Yxb/FfLHLP4r5o9Z/FfKH7P4r5w/ZvFfJX/M4r9q/pjFf7X8MYv/j/PHLP6r549Z/NfIH7P4r5k/ZvFfK3/M4r92/pjFf538MYv/T/LHLP7r5o9Z/NfLH7P4r58/ZvH/af6YxX+D/DGL/8/yxyz+G+aPWfw3yh+z+G+cP2bx/3n+mMX/F/ljFv9N8scs/pvmj1n8N8sfs/hvnj9m8d8if8ziv2X+mMV/q/wxi//W+WMW/23yxyz+2+aPWfx/mT9m8f9V/pjFf7v8MYv/9vljFv8d8scs/jvmj1n8f50/ZvH/Tf6Yxf+3+WMW/53yxyz+O+ePWfx/lz9m8f99/pjFf5f8MYv/H/LHLP675o9Z/HfLH7P4754/ZvH/Y/6Yxf9P+WMW/z3yxyz+e+aPWfz3yh+z+P85f8zi/5f8MYv/3vljFv998scs/vvmj1n8/5o/ZvH/W/6YxX+//DGL//75Yxb/v+ePWfwPyB+z+B+YP2bxPyh/zOJ/cP6Yxf+Q/DGL/6H5Yxb/w/LHLP6H549Z/I/IH7P4H5k/ZvE/Kn/M4n90/pjF/5j8MYv/sfljFv/j8scs/sfnj1n8T8gfs/ifmD9m8T8pf8zif3L+mMX/lPwxi/+p+WMW/9Pyxyz+p+ePWfzPyB+z+J+ZP2bxPyt/zOJ/dv6Yxf+c/DGL/7n5Yxb/8/LHLP7n549Z/C/IH7P4X5g/ZvG/KH/M4v+P/DGL/8X5Yxb/S/LHLP6X5o9Z/C/LH7P4X54/ZvG/In/M4n9l/pjF/6r8MYv/1fljFv9r8scs/tfmj1n8r8sfs/hfnz9m8b8hf8zif2P+mMX/pvwxi//N+WMW/1vyxyz+t+aPWfxvyx+z+N+eP2bxvyN/zOJ/Z/6Yxf+u/DGL/935Yxb/e/LHLP735o9Z/O/LH7P4358/ZvF/IH/M4v9g/pjF/6H8MYv/w/ljFv9H8scs/o/mj1n8H8sfs/g/nj9m8X8if8zi/2T+mMX/qfwxi//T+WMW/2fyxyz+z+aPWfyfyx+z+D+fP2bxfyF/zOL/Yv6Yxf+l/DGL/8v5Yxb/V/LHLP6v5o9Z/F/LH5P4jzSQP2bxH5Q/ZvEfIX/M4j9i/pjFf3D+mMV/pPwxi//I+WMW/1Hyxyz+Q/LHLP6j5o9Z/EfLH7P4j54/ZvEfI3/M4j9m/pjFf6z8MYv/2PljFv9x8scs/uPmj1n8x8sfs/h/JH/M4j9+/pjFf4L8MYv/R/PHLP4T5o9Z/CfKH7P4fyx/zOL/8fwxi/8n8scs/p/MH7P4fyp/zOI/cf6YxX+S/DGL/6T5Yxb/T+ePWfwnyx+z+E+eP2bxnyJ/zOI/Zf6YxX+q/DGL/2fyxyz+U+ePWfw/mz9m8f9c/pjF//P5Yxb/L+SPWfy/mD9m8f9S/pjFf5r8MYv/tPljFv/p8scs/tPnj1n8Z8gfs/jPmD9m8f9y/pjFf6b8MYv/zPljFv9Z8scs/rPmj1n8v5I/ZvH/av6Yxf9r+WMW/6/nj1n8Z8sfs/h/I3/M4j97/pjFf478MYv/nPljFv+58scs/nPnj1n858kfs/jPmz9m8Z8vf8ziP3/+mMV/gfwxi/8388cs/t/KH7P4L5g/ZvH/dv6YxX+h/DGL/3fyxyz+33X5D36vG1r8F3b5v+cs/ovkj1n8F80fs/gvlj9m8V88f8ziv0T+mMX/e/ljFv8l88cs/t/PH7P4/yB/zOK/VP6YxX/p/DGL/zL5Yxb/ZfPHLP4/zB+z+C+XP2bxXz5/zOL/o/wxi/8K+WMW/xXzxyz+K+WPWfxXzh+z+K+SP2bxXzV/zOK/Wv6Yxf/H+WMW/9Xzxyz+a+SPWfzXzB+z+K+VP2bxXzt/zOK/Tv6Yxf8n+WMW/3Xzxyz+6+WPWfzXzx+z+P80f8ziv0H+mMX/Z/ljFv8N88cs/hvlj1n8N84fs/j/PH/M4v+L/DGL/yb5Yxb/TfPHLP6b5Y9Z/DfPH7P4b5E/ZvHfMn/M4r9V/pjFf+v8MYv/NvljFv9t88cs/r/MH7P4/yp/zOK/Xf6YxX/7/DGL/w75Yxb/HfPHLP6/zh+z+P8mf8zi/9v8MYv/TvljFv+d88cs/r/LH7P4/z5/zOK/S/6Yxf8P+WMW/13zxyz+u+WPWfx3zx+z+P8xf8zi/6f8MYv/HvljFv8988cs/nvlj1n8/5w/ZvH/S/6YxX/v/DGL/z75Yxb/ffPHLP5/zR+z+P8tf8ziv1/+mMV///wxi//f88cs/gfkj1n8D8wfs/gflD9m8T84f8zif0j+mMX/0Pwxi/9h+WMW/8Pzxyz+R+SPWfyPzB+z+B+VP2bxPzp/zOJ/TP6Yxf/Y/DGL/3H5Yxb/4/PHLP4n5I9Z/E/MH7P4n5Q/ZvE/OX/M4n9K/pjF/9T8MYv/afljFv/T88cs/mfkj1n8z8wfs/iflT9m8T87f8zif07+mMX/3Pwxi/95+WMW//Pzxyz+F+SPWfwvzB+z+F+UP2bx/0f+mMX/4vwxi/8l+WMW/0vzxyz+l+WPWfwvzx+z+F+RP2bxvzJ/zOJ/Vf6Yxf/q/DGL/zX5Yxb/a/PHLP7X5Y9Z/K/PH7P435A/ZvG/MX/M4n9T/pjF/+b8MYv/LfljFv9b88cs/rflj1n8b88fs/jfkT9m8b8zf8zif1f+mMX/7vwxi/89+WMW/3vzxyz+9+WPWfzvzx+z+D+QP2bxfzB/zOL/UP6Yxf/h/DGL/yP5Yxb/R/PHLP6P5Y9Z/B/PH7P4P5E/ZvF/Mn/M4v9U/pjF/+n8MYv/M/ljFv9n88cs/s/lj1n8n88fs/i/kD9m8X8xf8zi/1L+mMX/5fwxi/8r+WMW/1fzxyz+r+WPSfxHHsgfs/gPyh+z+I+QP2bxHzF/zOI/OH/M4j9S/pjFf+T8MYv/KPljFv8h+WMW/1Hzxyz+o+WPWfxHzx+z+I+RP2bxHzN/zOI/Vv6YxX/s/DGL/zj5Yxb/cfPHLP7j5Y9Z/D+SP2bxHz9/zOI/Qf6Yxf+j+WMW/wnzxyz+E+WPWfw/lj9m8f94/pjF/xP5Yxb/T+aPWfw/lT9m8Z84f8ziP0n+mMV/0vwxi/+n88cs/pPlj1n8J88fs/hPkT9m8Z8yf8ziP1X+mMX/M/ljFv+p88cs/p/NH7P4fy5/zOL/+fwxi/8X8scs/l/MH7P4fyl/zOI/Tf6YxX/a/DGL/3T5Yxb/6fPHLP4z5I9Z/GfMH7P4fzl/zOI/U/6YxX/m/DGL/yz5Yxb/WfPHLP5fyR+z+H81f8zi/7X8MYv/1/PHLP6z5Y9Z/L+RP2bxn/2/9h/lf3RcH9As/nO0/jGL/5z5Yxb/ufLHLP5z549Z/OfJH7P4z5s/ZvGfL3/M4j9//pjFf4H8MYv/N/PHLP7fyh+z+C+YP2bx/3b+mMV/ofwxi/938scs/t/NH7P4L5w/ZvFfJH/M4r9o/pjFf7H8MYv/4vljFv8l8scs/t/LH7P4L5k/ZvH/fv6Yxf8H+WMW/6Xyxz6k/oOGsx556fyxD6n/6719/S+TP2bxXzZ/zOL/w/wxi/9y+WMW/+Xzxyz+P8ofs/ivkD826JxBw2bmw+2/Yv6YZf2vlD9m8V85f8ziv0r+mMV/1fwxi/9q+WMW/x/nj1n8V88fs/ivkT9m8V8zf8ziv1b+mMV/7fwxi/86+WMW/5/kj1n8180fs/ivlz9m8V8/f8zi/9P8MYv/BvljFv+f5Y9Z/DfMH7P4b5Q/ZvHfOH/M4v/z/DGL/y/yxyz+m+SPWfw3zR+z+G+WP2bx3zx/zOK/Rf6YxX/L/DGL/1b5Yxb/rfPHLP7b5I9Z/LfNH7P4/zJ/zOL/q/wxi/92+WMW/+3zxyz+O+SPWfx3zB+z+P86f8zi/5v8MYv/b/PHLP475Y9Z/HfOH7P4/y5/zOL/+/wxi/8u+WMW/z/kj1n8d80fs/jvlj9m8d89f8zi/8f8MYv/n/LHLP575I9Z/PfMH7P475U/ZvH/c/6Yxf8v+WMW/73zxyz+++SPWfz3zR+z+P81f8zi/7f8MYv/fvljFv/988cs/n/PH7P4H5A/ZvE/MH/M4n9Q/pjF/+D8MYv/IfljFv9D88cs/oflj1n8D88fs/gfkT9m8T8yf8zif1T+mMX/6Pwxi/8x+WMW/2Pzxyz+x+WPWfyPzx+z+J+QP2bxPzF/zOJ/Uv6Yxf/k/DGL/yn5Yxb/U/PHLP6n5Y9Z/E/PH7P4n5E/ZvE/M3/M4n9W/pjF/+z8MYv/OfljFv9z88cs/uflj1n8z88fs/hfkD9m8b8wf8zif1H+mMX/H/ljFv+L88cs/pfkj1n8L80fs/hflj9m8b88f8zif0X+mMX/yvwxi/9V79F/8P/UuD6gWfyvbv1jFv9r8scs/tfmj1n8r8sfs/hfnz9m8b8hf8zif2P+mMX/pvwxi//N+WMW/1vyxyz+t+aPWfxvyx+z+N+eP2bxvyN/zOJ/Z/6Yxf+u/DGL/935Yxb/e/LHLP735o9Z/O/LH7P4358/ZvF/IH/M4v9g/pjF/6H8MYv/w/ljFv9H8scs/o/mj1n8H8sfs/g/nj9m8X8if8zi/2T+mMX/qfwxi//T+Q+MCpdZ/J/JH7P4P5s/ZvF/Ln/M4v98/pjF/4X8MYv/i/ljFv+X8scs/i/nj1n8X8kfs/i/mj9m8X8tf0ziP8pA/pjFf1D+mMV/hPwxi/+I+WMW/8H5Yxb/kfLHLP4j549Z/EfJH7P4D8kfs/iPmj9m8R8tf8ziP3r+mMV/jPwxi/+Y+WMW/7Hyxyz+Y+ePWfzHyR+z+I+b/7CG/Ms5i/94+WMW/4/kj1n8x88fs/hPkD9m8f9o/pjFf8L8MYv/RPljFv+P5Y9Z/D+eP2bx/0T+mMX/k/ljFv9P5Y9Z/CfOH7P4T5I/ZvGfNH/M4v/p/DGL/2T5Yxb/yfPHLP5T5I9Z/KfMH7P4T5U/ZvH/TP6YxX/q/DGL/2fzxyz+n8sfs/h/Pn/M4v+F/DGL/xfzxyz+X8ofs/hPkz9m8Z82f8ziP13+mMV/+vwxi/8M+WMW/xnzxyz+X84fs/jPlD9m8Z85f8ziP0v+mMV/1vwxi/9X8scs/l/NH7P4fy1/zOL/9fwxi/9s+WMW/2/kj1n8Z88fs/jPkT9m8Z8zf8ziP1f+mMV/7vwxi/88+WMW/3nzxyz+8+WPWfznzx+z+C+QP2bx/2b+mMX/W/ljFv8F88cs/t/OH7P4L5Q/ZvH/Tv6Yxf+7+WMW/4Xzxyz+i+SPWfwXzR+z+C+WP2bxXzx/zOK/RP6Yxf97+WMW/yXzxyz+388fs/j/IH/M4r9U/pjFf+n8MYv/MvljFv9l88cs/j/MH7P4L5c/ZvFfPn/M4v+j/DGL/wr5Yxb/FfPHLP4r5Y9Z/FfOH7P4r5I/ZvFfNX/M4r9a/pjF/8f5Yxb/1fPHLP5r5I9Z/NfMH7P4r5U/ZvFfO3/M4r9O/pjF/yf5Yxb/dfPHLP7r5Y9Z/NfPH7P4/zR/zOK/Qf6Yxf9n+WMW/w3zxyz+G+WPWfw3zh+z+P88f8zi/4v8MYv/JvljFv9N88cs/pvlj1n8N88fs/hvkT9m8d8yf8ziv1X+mMV/6/wxi/826N8jwuK/bdqYxf+X+WMW/1/lj1n8t8sfs/hvnz9m8d/hDf9XXnu/xvUBzeK/Y+sfs/j/On/M4v+b/DGL/2/zxyz+O+WPWfx3zh+z+P8uf8zi//v8MYv/LvljFv8/5I9Z/HfNH7P475Y/ZvHfPX/M4v/H/DGL/5/yxyz+e+SPWfz3zB+z+O+VP2bx//N78h/pf25cH9As/n9p/WMW/73zxyz+++SPWfz3zR+z+P81f8zi/7f8MYv/fvljFv/988cs/n/PH7P4H5A/ZvE/MH/M4n9Q/pjF/+D8MYv/IfljFv9D88cs/oflj1n8D88fs/gfkT9m8T8yf8zif1T+mMX/6Pwxi/8x+WMW/2Pzxyz+x+WPWfyPzx+z+J+QP2bxPzF/zOJ/Uv6Yxf/k/DGL/yn5Yxb/U/PHLP6n5Y9Z/E/PH7P4n5E/ZvE/M3/M4n9W/pjF/+z8MYv/OfljFv9z88cs/uflj1n8z88fs/hfkD9m8b8wf8zif1H+mMX/H/ljFv+L88cs/pfkj1n8L80fs/hflj9m8b88f8zif0X+mMX/yvwxi/9V+WMW/6vzxyz+1+SPWfyvzR+z+F+XP2bxvz5/zOJ/Q/6Yxf/G/DGL/035Yxb/m/PHLP635I9Z/G/NH7P435Y/ZvG/PX/M4n9H/pjF/878MYv/XfljFv+788cs/vfkj1n8780fs/jflz9m8b8/f8zi/0D+mMX/wfwxi/9D+WMW/4fzxyz+j+SPWfwfzR+z+D+WP2bxfzx/zOL/RP6Yxf/J/DGL/1P5Yxb/p/PHLP7P5I9Z/J/NH7P4P5c/ZvF/Pn/M4v9C/pjF/8X8MYv/S/ljFv+X88cs/q/kj1n8X80fs/i/lj8m8R8ykD9m8R+UP2bxHyF/zOI/Yv6YxX9w/pjFf6T8MYv/yPljFv9R8scs/kPyxyz+o+aPWfxHyx+z+I+eP2bxHyN/zOI/Zv6YxX+s/DGL/9j5Yxb/cfLHLP7j5o9Z/MfLH7P4fyR/zOI/fv6YxX+C/DGL/0fzxyz+E+aPWfwnyh+z+H8sf8zi//H8MYv/J/LHLP6fzB+z+H8qf8ziP3H+mMV/kvwxi/+k+WMW/0/nj1n8J8sfs/hPnj9m8Z8if8ziP2X+mMV/qvwxi/9n8scs/lPnj1n8P5s/ZvH/XP6Yxf/z+WMW/y/kj1n8v5g/ZvH/Uv6YxX+a/DGL/7T5Yxb/6fLHLP7T549Z/GfIH7P4z5g/ZvH/cv6YxX+m/DGL/8z5Yxb/WfLHLP6z5o9Z/L+SP2bx/+q7+u/+Pz+uD2gW/6+1/jGL/9fzxyz+s+WPWfy/kT9m8Z89f8ziP0f+mMV/zvwxi/9c+WMW/7nzxyz+8+SPWfznzR+z+M+XP2bxnz9/zOK/QP6Yxf+b+WMW/2/lj1n8F8wfs/h/O3/M4r9Q/pjF/zv5Yxb/7+aPWfwXzh+z+C+SP2bxXzR/zOK/WP6YxX/x/DGL/xL5Yxb/7+WPWfyXzB+z+H8/f8zi/4P8MYv/UvljFv+l88cs/svkj1n8l80fs/j/MH/M4r9c/pjFf/n8MYv/j/LHLP4r5I9Z/FfMH7P4r5Q/ZvFfOX/M4r9K/pjFf9X8MYv/avljFv8f549Z/FfPH7P4r5E/ZvFfM3/M4r9W/pjFf+38MYv/OvljFv+f5I9Z/NfNH7P4r5c/ZvFfP3/M4v/T/DGL/wb5Yxb/n+WPWfw3zB+z+G+UP2bx3zh/zOL/8/wxi/8v8scs/pvkj1n8N80fs/hvlj9m8d88f8ziv0X+mMV/y/wxi/9W+WMW/63zxyz+2+SPWfy3zR+z+P8yf8zi/6v8MYv/dvljFv/t88cs/jvkj1n8d8wfs/j/On/M4v+b/DGL/2/zxyz+O+WPWfx3zh+z+P8uf8zi//v8MYv/LvljFv8/5I9Z/HfNH7P475Y/ZvHfPX/M4v/H/DGL/5/yxyz+e+SPWfz3zB+z+O+VP2bx/3P+mMX/L/ljFv+988cs/vvkj1n8980fs/j/NX/M4v+3/DGL/375Yxb//fPHLP5/zx+z+B+QP2bxPzB/zOJ/UP6Yxf/g/DGL/yH5Yxb/Q/PHLP6H5Y9Z/A/PH7P4H5E/ZvE/Mn/M4n9U/pjF/+j8MYv/MfljFv9j88cs/sflj1n8j88fs/ifkD9m8T8xf8zif1L+mMX/5Pwxi/8p+WMW/1Pzxyz+p+WPWfxPzx+z+J+RP2bxPzN/zOJ/Vv6Yxf/s/DGL/zn5Yxb/c/PHLP7n5Y9Z/M/PH7P4X5A/ZvG/MH/M4n9R/pjF/x/5Yxb/i/PHLP6X5I9Z/C/NH7P4X5Y/ZvG/PH/M4n9F/pjF/8r8MYv/VfljFv+r88cs/tfkj1n8r80fs/hflz9m8b8+f8zif0P+mMX/xvwxi/9N+WMW/5vzxyz+t+SPWfxvzR+z+N+WP2bxvz1/zOJ/R/6Yxf/O/DGL/135Yxb/u/PHLP735I9Z/O/NH7P435c/ZvG/P3/M4v/Au/mP9b8wrg9oFv8HW/+Yxf+h/DGL/8P5Yxb/R/LHDP6DBg8MeTR/zOA/dP0/lj9m8X88f8zi/0T+mMX/yfwxi/9T+WMW/6fzxyz+z+SPWfyfzR+z+D+XP2bxfz5/zOL/Qv6Yxf/F/DGL/0v5Yxb/l/PHLP6v5I9Z/F/NH7P4v5Y/JvEfdSB/zOI/KH/M4j9C/pjFf8T8MYv/4Pwxi/9I+WMW/5Hzxyz+o+SPWfyH5I9Z/EfNH7P4j5Y/ZvEfPX/M4j9G/pjFf8z8MYv/WPljFv+x88cs/uPkj1n8x80fs/iPlz9m8f9I/pjFf/z8MYv/BPljFv+P5o9Z/CfMH7P4T5Q/ZvH/WP6Yxf/j+WMW/0/kj1n8P5k/ZvH/VP6YxX/i/DGL/yT5Yxb/SfPHLP6fzh+z+E+WP2bxnzx/zOI/Rf6YxX/K/DGL/1T5Yxb/z+SPWfynzh+z+H82f8zi/7n8MYv/5/PHLP5fkPlP9x63s/h/Ueb/XrP4fyl/zOI/Tf6YxX/agYHN3q8hfZCz+E/X+scs/tPnj1n8Z8gfs/jPmD9m8f9y/pjFf6b8MYv/zPljFv9Z8scs/rPmj1n8v5I/ZvH/av6Yxf9r+WMW/6/nj1n8Z8sfs/h/I3/M4j97/pjFf478MYv/nPljFv+58scs/nPnj1n858kfs/jPmz9m8Z8vf8ziP3/+mMV/gfwxi/8388cs/t/KH7P4L5g/ZvH/dv6YxX+h/DGL/3fyxyz+380fs/gvnD9m8V8kf8ziv2j+mMV/sfwxi//i+WMW/yXyxyz+38sfs/gvmT9m8f9+/pjF/wf5Yxb/pfLHLP5L549Z/JfJH7P4L5s/ZvH/Yf6YxX+5/DGL//L5Yxb/H+WPWfxXyB+z+K+YP2bxXyl/zOK/cv6YxX+V/DGL/6r5Yxb/1fLHLP4/zh+z+K+eP2bxXyN/zOK/Zv6YxX+t/DGL/9r5Yxb/dfLHLP4/yR+z+K+bP2bxXy9/zOK/fv6Yxf+n+WMW/w3yxyz+P8sfs/hvmD9m8d8of8ziv3H+mMX/5/ljFv9f5I9Z/DfJH7P4b5o/ZvHfLH/M4r95/pjFf4v8MYv/lvljFv+t8scs/lvnj1n8t8kfs/hvmz9m8f9l/pjF/1f5Yxb/7fLHLP7b549Z/HfIH7P475g/ZvH/df6Yxf83+WMW/9/mj1n8d8ofs/jvnD9m8f9d/pjF//f5Yxb/XfLHLP5/yB+z+O+aP2bx3y1/zOK/e/6Yxf+P+WMW/z/lj1n898gfs/jvmT9m8d8rf8zi/+f8MYv/X/LHLP57549Z/PfJH7P475s/ZvH/a/6Yxf9v+WMW//3yxyz+++ePWfz/nj9m8T8gf8zif2D+mMX/oPwxi//B+WMW/0Pyxyz+h+aPWfwPyx+z+B+eP2bxPyJ/zOJ/ZP6Yxf+o/DGL/9H5Yxb/Y/LHLP7H5o9Z/I/LH7P4H58/ZvE/IX/M4n9i/pjF/6T8MYv/yfljH17/PS5826WjnpI/9uH1/9f1f2r+mMX/tPwxi//p+WMW/zPyxyz+Z+aPWfzPyh+z+J+dP2bxPyd/zOJ/bv6Yxf+8/DGL//n5Yxb/C/LHLP4X5o9Z/C/KH7P4/yN/zOJ/cf6Yxf+S/DGL/6X5Yxb/y/LHLP6X549Z/K/IH7P4X5k/ZvG/Kn/M4n91/pjF/5r8MYv/tfljFv/r8scs/tfnj1n8b8gfs/jfmD9m8b8pf8zif3P+mMX/lvwxi/+t+WMW/9vyxyz+t+ePWfzvyB+z+N+ZP2bxvyt/zOJ/d/6Yxf+e/DGL/735Yxb/+/LHLP73549Z/B/IH7P4P5g/ZvF/KH/M4v9w/pjF/5H8MYv/o/ljFv/H8scs/o/nj1n8n8gfs/g/mT9m8X8qf8zi/3T+mMX/mfwxi/+z+WMW/+fyxyz+z+ePWfxfyB+z+L+YP2bxfyl/zOL/cv6Yxf+V/DGL/6v5Yxb/1/LHJP6jDeSPWfwH5Y9Z/EfIH7P4j5g/ZvEfnD9m8R8pf8ziP3L+mMV/FJX/qO95S4v/EJX/e8/iP2r+mMV/tPwxi//o+WMW/zHyxyz+Y+aPWfzHyh+z+I+dP2bxHyd/zOI/bv6YxX+8/DGL/0fyxyz+4+ePWfwnyB+z+H80f8ziP2H+mMV/ovwxi//H8scs/h/PH7P4fyJ/zOL/yfwxi/+n8scs/hPnj1n8J8kfs/hPmj9m8f90/pjFf7L8MYv/5PljFv8p8scs/lPmj1n8p8ofs/h/Jn/M4j91/pjF/7P5Yxb/z+WPWfw/nz9m8f9C/pjF/4v5Yxb/L+WPWfynyR+z+E+bP2bxny5/zOI/ff6YxX+G/DGL/4z5Yxb/L+ePWfxnyh+z+M+cP2bxnyV/zOI/a/6Yxf8r+WMW/6/mj1n8v5Y/ZvH/ev6YxX+2/DGL/zfyxyz+s+ePWfznyB+z+M+ZP2bxnyt/zOI/d/6YxX+e/DGL/7z5Yxb/+fLHLP7z549Z/BfIH7P4fzN/zOL/rfwxi/+C+WMW/2/nj1n8F8ofs/h/J3/M4v/d/DGL/8L5Yxb/RfLHLP6L5o9Z/BfLH7P4L54/ZvFfIn/M4v+9/DGL/5L5Yxb/7+ePWfx/kD9m8V8qf8ziv3T+mMV/mfwxi/+y+WMW/x/mj1n8l8sfs/gvnz9m8f9R/pjFf4X8MYv/ivljFv+V8scs/ivnj1n8V8kfs/ivmj9m8V8tf8zi/+P8MYv/6vljFv818scs/mvmj1n818ofs/ivnT9m8V8nf8zi/5P8MYv/uvljFv/18scs/uvnj1n8f5o/ZvHfIH/M4v+z/DGL/4b5Yxb/jfLHLP4b549Z/H+eP2bx/0X+mMV/k/wxi/+m+WMW/83yxyz+m+ePWfy3yB+z+G+ZP2bx3yp/zOK/df6YxX+b/DGL/7b5Yxb/X+aPWfx/lT9m8d8uf8ziv33+mMV/h/wxi/+O+WMW/1/nj1n8f5M/ZvH/bf6YxX+n/DGL/875Yxb/3+WPWfx/nz9m8d8lf8zi/4f8MYv/rvljFv/d8scs/rvnj1n8/5g/ZvH/U/6YxX+P/DGL/575Yxb/vfLHLP5/zh+z+P8lf8ziv3f+mMV/n/wxi/+++WMW/7/mj1n8/5Y/ZvHfL3/M4r9//pjF/+/5Yxb/A/LHLP4H5o9Z/A/KH7P4H5w/ZvE/JH/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi//x+WMW/xPyxyz+J+aPWfxPyh+z+J/8Nv8R3o9xfUCz+J/S+scs/qfmj1n8T8sfs/ifnj9m8T8jf8zif2b+mMX/rPwxi//Z+WMW/3Pyxyz+5+aPWfzPyx+z+J+fP2bxvyB/zOJ/Yf6Yxf+i/DGL/z/yxyz+F+ePWfwvyR+z+F+aP2bxvyx/zOJ/ef6Yxf+K/DGL/5X5Yxb/q/LHLP5X549Z/K/JH7P4X5s/ZvG/Ln/M4n99/pjF/4b8MYv/jfljFv+b8scs/jfnj1n8b8kfs/jfmj9m8b8tf8zif3v+mMX/jvwxi/+d+WMW/7vyxyz+d+ePWfzvyR+z+N+bP2bxvy9/zOJ/f/6Yxf+B/DGL/4P5Yxb/h/LHLP4P549Z/B/JH7P4P5o/ZvF/LH/M4v94/pjF/4n8MYv/k/ljFv+n8scs/k/nj1n8n8kfs/g/mz9m8X8uf8zi/3z+mMX/hfwxi/+LQv9R38M2Fv+XhP7vJYv/y/ljFv9X8scs/q/mj1n8X8sfk/iPPpA/ZvEflD9m8R8hf8ziP2L+mMV/cP6YxX+k/DGL/8j5Yxb/UfLHLP5D8scs/qPmj1n8R8sfs/iPnj9m8R8jf8ziP2b+mMV/rPwxi//Y+WMW/3Hyxyz+4+aPWfzHyx+z+H8kf8ziP37+mMV/gvwxi/9H88cs/hPmj1n8J8ofs/h/LH/M4v/x/DGL/yfyxyz+n8wfs/h/Kn/M4j9x/pjFf5L8MYv/pPljFv9P549Z/CfLH7P4T54/ZvGfIn/M4j9l/pjFf6r8MYv/Z/LHLP5T549Z/D+bP2bx/1z+mMX/8/ljFv8v5I9Z/L+YP2bx/1L+mMV/mvwxi/+0+WMW/+nyxyz+0+ePWfxnyB+z+M+YP2bx/3L+mMV/pvwxi//M+WMW/1nyxyz+s+aPWfy/kj9m8Z97SP6Uxf9rrX/M4v/1/DGL/2z5Yxb/b+SPWfxnzx+z+M+RP2bxnzN/zOI/V/6YxX/u/DGL/zz5Yxb/efPHLP7z5Y9Z/OfPH7P4L5A/ZvH/Zv6Yxf9b+WMW/wXzxyz+384fs/gvlD9m8f9O/pjF/7v5Yxb/hfPHLP6L5I9Z/BfNH7P4L5Y/ZvFfPH/M4r9E/pjF/3v5Yxb/JfPHLP7fzx+z+P8gf8ziv1T+mMV/6fwxi/8y+WMW/2Xzxyz+P8wfs/gvlz9m8V8+f8zi/6P8MYv/CvljFv8V88cs/ivlj1n8V84fs/ivkj9m8V81f8ziv1r+mMX/x/ljFv/V88cs/mvkj1n818wfs/ivlT9m8V87f8ziv07+mMX/J/ljFv9188cs/uvlj1n8188fs/j/NH/M4r9B/pjF/2f5Yxb/DfPHLP4b5Y9Z/DfOH7P4/zx/zOL/i/wxi/8m+WMW/03zxyz+m+WPWfw3zx+z+G+RP2bx3zJ/zOK/Vf6YxX/r/DGL/zb5Yxb/bfPHLP6/zB+z+P8qf8ziv13+mMV/+/wxi/8O+WMW/x3zxyz+v84fs/j/Jn/M4v/b/LEPnf/bkN/uv1P+2IfO/x3W/875Yxb/3+WPWfx/nz9m8d8lf8zi/4f8MYv/rvljFv/d8scs/rvnj1n8/5g/ZvH/U/6YxX+P/DGL/575Yxb/vfLHLP5/zh+z+P8lf8ziv3f+mMV/n/wxi/+++WMW/7/mj1n8/5Y/ZvHfL3/M4r9//pjF/+/5Yxb/A/LHLP4H5o9Z/A/KH7P4H5w/ZvE/JH/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi//x+WMW/xPyxyz+J+aPWfxPyh+z+J+cP/am/8CQgYEPs/8p+WOW9X9q/pjF/7T8MYv/6fljFv8z8scs/mfmj1n8z8ofs/ifnT9m8T8nf8zif27+mMX/vPwxi//5+WMW/wvyxyz+F+aPWfwvyh+z+P8jf8zif3H+mMX/kvwxi/+l+WMW/8vyxyz+l+ePWfyvyB+z+F+ZP2bxvyp/zOJ/df6Yxf+a/DGL/7X5Yxb/6/LHLP7X549Z/G/IH7P435g/ZvG/KX/M4n9z/pjF/5b8MYv/rfljFv/b8scs/rfnj1n878gfs/jfmT9m8b8rf8zif3f+mMX/nvwxi/+9+WMW//vyxyz+9+ePWfwfyB9z+Cf/Tjn8B0Z/qEcBZvF/OH/M4v9I/pjF/9H8MYv/Y/ljFv/H88cs/k/kj1n8n8wfs/g/lT9m8X86f8zi/0z+mMX/2fwxi/9z+WMW/+fzxyz+L+SPWfxfzB+z+L+UP2bxfzl/zOL/Sv6Yxf/V/DGL/2v5YxL/MQbyxyz+g/LHLP4j5I9Z/EfMH7P4D84fs/iPlD9m8R85f8ziP0r+mMV/SP6YxX/U/DGL/2j5Yxb/0fPHLP5j5I9Z/MfMH7P4j5U/ZvEfO3/M4j9O/pjFf9z8MYv/ePljFv+P5I9Z/MfPH7P4T5A/ZvH/aP6YxX/C/DGL/0T5Yxb/j+WPWfw/nj9m8f9E/pjF/5P5Yxb/T+WPWfwnzh+z+E+SP2bxnzR/zOL/6fwxi/9k+WMW/8nzxyz+U+SPWfynzB+z+E+VP2bx/0z+mMV/6vwxi/9n88cs/p/LH7P4fz5/zOL/hfwxi/8X88cs/l/KH7P4T5M/ZvGfNn/M4j9d/pjFf/r8MYv/DPljFv8Z88cs/l/OH7P4z5Q/ZvGfOX/M4j9L/pjFf9b8MYv/V/LHLP5fzR+z+H8tf8zi//X8MYv/bPljFv9v5I9Z/GfPH7P4z5E/ZvGfM3/M4j9X/pjFf+78MYv/PPljFv9588cs/vPlj1n8588fs/gvkD9m8f9m/pjF/1v5Yxb/BfPHLP7fzh+z+C+UP2bx/07+mMX/u/ljFv+F88cs/ovkj1n8F80fs/gvlj9m8V88f8ziv0T+mMX/e/ljFv8l88cs/t/PH7P4/yB/zOK/VP6YxX/p/DGL/zL5Yxb/ZfPHLP4/zB+z+C+XP2bxXz5/zOL/o/wxi/8K+WMW/xWN/u/hDlv8VzL6v4cs/ivnj1n8V8kfs/ivmj9m8V8tf8zi/+P8MYv/6vljFv818scs/mvmj1n818ofs/ivnT9m8V8nf8zi/5P8MYv/uvljFv/18scs/uvnj1n8f5o/ZvHfIH/M4v+z/DGL/4b5Yxb/jfLHLP4b549Z/H+eP2bx/0X+mMV/k/wxi/+m+WMW/83yxyz+m+ePWfy3yB+z+G+ZP2bx3yp/zOK/df6YxX+b/DGL/7b5Yxb/X+aPWfx/lT9m8d8uf8ziv33+mMV/h/wxi/+O+WMW/1/nj1n8f5M/ZvH/bf6YxX+n/DGL/875Yxb/3+WPWfx/nz9m8d8lf8zi/4f8MYv/rvljFv/d8scs/rvnj1n8/5g/ZvH/U/6YxX+P/DGL/575Yxb/vfLHLP5/zh+z+P8lf8ziv3f+mMV/n/wxi/+++WMW/7/mj1n8/5Y/ZvHfL3/M4r9//pjF/+/5Yxb/A/LHLP4H5o9Z/A/KH7P4H5w/ZvE/JH/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi//x+WMW/xPyxyz+J+aPWfxPyh+z+J+cP2bxPyV/zOJ/av6Yxf+0/DGL/+n5Yxb/M/LHLP5n5o9Z/M/KH7P4n50/ZvE/J3/M4n9u/pjF/7z8MYv/+fljFv8L8scs/hfmj1n8L8ofs/j/I3/M4n9x/pjF/5L8MYv/pfljFv/L8scs/pfnj1n8r8gfs/hfmT9m8b8qf8zif3X+mMX/mvwxi/+1+WMW/+vyxyz+1+ePWfxvyB+z+N+YP2bxvyl/zOJ/c/6Yxf+W/LEPt//tb146xq35Yx9u/7ca47b8MYv/7fljFv878scs/nfmj1n878ofs/jfnT9m8b8nf8zif2/+2IfUf8rhLh3jvvyxD6n/6719/d+fP2bxfyB/zOL/YP6Yxf+h/DGL/8P5Yxb/R/LHLP6P5o9Z/B/LH7P4P54/ZvF/In/M4v9k/pjF/6n8MYv/0/ljFv9n8scs/s/mj1n8n8sfs/g/nz9m8X8hf8zi/2L+mMX/pfwxi//L+WMW/1fyxyz+r+aPWfxfyx+T+I85kD9m8R+UP2bxHyF/zOI/Yv6YxX9w/pjFf6T8MYv/yPljFv9R8scs/kPyxyz+o+aPWfxHyx+z+I+eP2bxHyN/zOI/Zv6YxX+s/DGL/9j5Yxb/cfLHLP7j5o9Z/MfLH7P4fyR/zOI/fv6YxX+C/DGL/0fzxyz+E+aPWfwnyh+z+H8sf8zi//H8MYv/J/LHLP6fzB+z+H8qf8ziP3H+mMV/kvwxi/+k+WMW/0/nj1n8J8sfs/hPnj9m8Z8if8ziP2X+mMV/qvwxi/9n8scs/lPnj1n8P5s/ZvH/XP6Yxf/z+WMW/y/kj1n8v5g/ZvH/Uv6YxX+a/DGL/7T5Yxb/6fLHLP7T549Z/GfIH7P4z5g/ZvH/cv6YxX+m/DGL/8z5Yxb/WfLH/sV/2GXjvM9j+v/VO/jPmj9mWf9fyR+z+H81f8zi/7X8MYv/1/PHLP6z5Y9Z/L+RP2bxnz1/zOI/R/6YxX/O/DGL/1z5Yxb/ufPHLP7z5I9Z/OfNH7P4z5c/ZvGfP3/M4r9A/pjF/5v5Yxb/b+WPWfwXzB+z+H87f8ziv1D+mMX/O/ljFv/v5o9Z/BfOH7P4L5I/ZvFfNH/M4r9Y/pjFf/H8MYv/EvljFv/v5Y9Z/JfMH7P4fz9/zOL/g/wxi/9S+WMW/6Xzxyz+y+SPWfyXzR+z+P8wf8ziv1z+mMV/+fwxi/+P8scs/ivkj1n8V8wfs/ivlD9m8V85f8ziv0r+mMV/1fwxi/9q+WMW/x/nj1n8V88fs/ivkT9m8V8zf8ziv1b+mMV/7fwxi/86+WMW/5/kj1n8180fs/ivlz9m8V8/f8zi/9P8MYv/BvljFv+f5Y9Z/DfMH7P4b5Q/ZvHfOH/M4v/z/DGL/y/yxyz+m+SPWfw3zR+z+G+WP2bx3zx/zOK/Rf6YxX/L/DGL/1b5Yxb/rfPHLP7b5I9Z/LfNH7P4/zJ/zOL/q/wxi/92+WMW/+3zxyz+O+SPWfx3zB+z+P86f8zi/5v8MYv/b/PHLP475Y9Z/HfOH/uw+g8Zzv93+WMfVv+B4fx/nz9m8d8lf8zi/4f8MYv/rvljFv/d8scs/rvnj1n8/5g/ZvH/U/6YxX+P/DGL/575Yxb/vfLHLP5/zh+z+P8lf8ziv3f+mMV/n/wxi/+++WMW/7/mj1n8/5Y/ZvHfL3/M4r9//pjF/+/5Yxb/A/LHLP4H5o9Z/A/KH7P4H5w/ZvE/JH/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi//x+WMW/xPyxyz+J+aPWfxPyh+z+J+cP2bxPyV/zOJ/av6Yxf+0/DGL/+n5Yxb/M/LHLP5n5o9Z/M/KH7P4n50/ZvE/J3/M4n9u/pjF/7z8MYv/+fljFv8L8scs/hfmj1n8L8ofs/j/I3/M4n9x/pjF/5L8MYv/pfljFv/L8scs/pfnj1n8r8gfs/hfmT9m8b8qf8zif3X+mMX/mvwxi/+1+WMW/+vyxyz+1+ePWfxvyB+z+N+YP2bxvyl/zOJ/c/6Yxf+W/DGL/635Yxb/2/LHLP63549Z/O/IH7P435k/ZvG/K3/M4n93/pjF/578MYv/vfljFv/7hvff/H95XB/QLP73t/4xi/8D+WMW/wfzxyz+D+WPWfwfzh+z+D+SP2bxfzR/zOL/WP6Yxf/x/DGL/xP5Yxb/J/PHLP5P5Y9Z/J/OH7P4P5M/ZvF/Nn/M4v9c/pjF//n8MYv/C/ljFv8X88cs/i/lj1n8X84fs/i/kj9m8X81f8zi/1r+mMR/rIH8MYv/oPwxi/8I+WMW/xHzxyz+g/PHLP4j5Y9Z/EfOH7P4j5I/ZvEfkj9m8R81f8ziP1r+mMV/9Pwxi/8Y+WMW/zHzxyz+Y+WPWfzHzh+z+I+TP2bxHzd/zOI/Xv6Yxf8j+WMW//Hzxyz+E+SPWfw/mj9m8Z8wf8ziP1H+mMX/Y/ljFv+P549Z/D+RP2bx/2T+mMX/U/ljFv+J88cs/pPkj1n8J80fs/h/On/M4j9Z/pjFf/L8MYv/FPljFv8p88cs/lPlj1n8P5M/ZvGfOn/M4v/Z/DGL/+fyxyz+n88fs/h/IX/M4v/F/DGL/5fyxyz+0+SPWfynzR+z+E+XP2bxnz5/zOI/Q/6YxX/G/DGL/5fzxyz+M+WPWfxnzh+z+M+SP2bxnzV/zOL/lfwxi/9X88cs/l/LH7P4fz1/zOI/W/6Yxf8bav/lRn+nayz+s6v93zmL/xz5Yxb/OfPHLP5z5Y9Z/OfOH7P4z5M/ZvGfN3/M4j9f/pjFf/78MYv/AvljFv9v5o9Z/L+VP2bxXzB/zOL/7fwxi/9C+WMW/+/kj1n8v5s/ZvFfOH/M4r9I/pjFf9H8MYv/YvljFv/F88cs/kvkj1n8v5c/ZvFfMn/M4v/9/DGL/w/yxyz+S+WPWfyXzh+z+C+TP2bxXzZ/zOL/w/wxi/9y+WMW/+Xzxyz+P8ofs/ivkD9m8V8xf8ziv1L+mMV/5fwxi/8q+WMW/1Xzxyz+q+WPWfx/nD9m8V89f8ziv0b+mMV/zfwxi/9a+WMW/7Xzxyz+6+SPWfx/kj9m8V83f8ziv17+mMV//fwxi/9P88cs/hvkj1n8f5Y/ZvHfMH/M4r9R/pjFf+P8MYv/z/MfGBgY9d8usfj/In/M4r9J/pjFf9P8MYv/ZvljFv/N88cs/lvkj1n8t8wfs/hvlT9m8d86f8ziv03+mMV/2/wxi/8v88cs/r/KH7P4b5c/ZvHfPn/M4r9D/pjFf8f8MYv/r/PHLP6/yR+z+P82f8ziv1P+mMV/5/wxi//v8scs/r/PH7P475I/ZvH/Q/6YxX/X/DGL/275Yxb/3fPHLP5/zB+z+P8pf8ziv0f+mMV/z/wxi/9e+WMW/z/nj1n8/5I/ZvHfO3/M4r9P/pjFf9/8MYv/X/PHLP5/yx+z+O+XP2bx3z9/zOL/9/wxi/8B+WMW/wPzxyz+B+WPWfwPzh+z+B+SP2bxPzR/zOJ/WP6Yxf/w/DGL/xH5Yxb/I/PHLP5H5Y9Z/I/OH7P4H5M/ZvE/Nn/M4n9c/pjF//j8MYv/CfljFv8T88cs/iflj1n8T84fs/ifkj9m8T81f8zif1r+mMX/9Pwxi/8Z+WMW/zPzxyz+Z+WPWfzPzh+z+J+TP2bxPzd/zOJ/Xv6Yxf/8/DGL/wX5Yxb/C/PHLP4X5Y9Z/P+RP2bxvzh/zOJ/Sf6Yxf/S/DGL/2X5Yxb/y/PHLP5X5I9Z/K/MH7P4X5U/ZvG/On/M4n9N/pjF/9r8MYv/dfljFv/r88cs/jfkj1n8b8wfs/jflD9m8b85f8zif0v+mMX/1vwxi/9t+WMW/9vzxyz+d+SPWfzvzB+z+N+VP2bxvzt/zOJ/T/6Yxf/e/DGL/335Yxb/+/PHLP4P5I9Z/B/MH7P4P5Q/ZvF/OH/M4v9I/pjF/9H8MYv/Y/ljFv/H88cs/k/kj1n8n8wfs/g/lT9m8X86f8zi/0z+mMX/2fwxi/9z+WMW/+fzxyz+L+SPWfxfzB+z+L+UP2bxfzl/zOL/Sv6Yxf/V/DGL/2v5YxL/sQfyxyz+g/LHLP4j5I9Z/EfMH7P4D84fs/iPlD9m8R85f8ziP0r+mMV/SP6YxX/U/DGL/2j5Yxb/0fPHLP5j5I9Z/MfMH7P4j5U/ZvEfO3/M4j9O/pjFf9z8MYv/ePljFv+P5I9Z/MfPH7P4T5A/ZvH/aP7Y/8fO3Yd7Xdd3HP9xT5azT7sudWnDoTHXZiQyGrUQFcXjzSkTzbxHPQLJjdxIgCmw0Uodmy51s2ATC8ecrVricHPdrWhY1myN2FrlFNfCGHOwyJyx68A5BGdvz7XzZd+vm+/H4w/O+f2O71/K83r5+3lxXWXpf5j+oSz9D9c/lKX/z+gfytL/1fqHsvQ/Qv9Qlv5H6h/K0v81+oey9P9Z/UNZ+g/TP5Sl/1H6h7L0/zn9Q1n6D9c/lKX/0fqHsvQ/Rv9Qlv6v1T+Upf8I/UNZ+v+8/qEs/Y/VP5Sl/y/oH8rS/3X6h7L0/0X9Q1n6/5L+oSz9j9M/lKX/6/UPZek/Uv9Qlv5v0D+Upf/x+oey9B+lfyhL/xP0D2XpP1r/UJb+v6x/KEv/MfqHsvR/o/6hLP1/Rf9Qlv5j9Q9l6f8m/UNZ+r9Z/1CW/r+qfyhL/7foH8rSf5z+oSz9T9Q/lKX/eP1DWfqfpH8oS/+T9Q9l6X+K/qEs/SfoH8rS/1T9Q1n6n6Z/KEv/ifqHsvQ/Xf9Qlv5t+oey9D9D/1CW/mfqH8rS/yz9Q1n6n61/KEv/dv1DWfq/Vf9Qlv5v0z+Upf85+oey9H+7/qEs/c/VP5Sl/yT9Q1n6n6d/KEv/8/UPZen/Dv1DWfpfoH8oS/936h/K0v9C/UNZ+l+kfyhL/4v1D2Xpf4n+oSz9L9U/lKX/ZfqHsvS/XP9Qlv6T9Q9l6X+F/qEs/a/UP5Sl/1X6h7L079A/lKX/1fqHsvSfon8oS/+p+oey9J+mfyhL/3fpH8rS/xr9Q1n6T9c/lKX/DP1DWfrP1D+Upf8s/UNZ+l+rfyhL/9n6h7L0n6N/KEv/ufqHsvSfp38oS//r9A9l6T9f/1CW/u/WP5Sl/wL9Q1n6L9Q/lKX/Iv1DWfpfr38oS//36B/K0v8G/UNZ+t+ofyhL/8X6h7L0X6J/KEv/pfqHsvT/Nf1DWfr/uv6hLP2X6R/K0v+9+oey9P8N/UNZ+r9P/1CW/u/XP5Sl/036h7L0v1n/UJb+t+gfytL/N/UPZem/XP9Qlv6/pX8oS//f1j+Upf+t+oey9L9N/1CW/r+jfyhL/w/oH8rS/3b9Q1n636F/KEv/O/UPZen/u/qHsvT/Pf1DWfrfpX8oS/8P6h/K0v9D+oey9F+hfyhL/5X6h7L0/339Q1n6/4H+oSz979Y/lKX/Kv1DWfrfo38oS/8P6x/K0v8j+oey9F+tfyhL/3v1D2Xp/4f6h7L0X6N/KEv/P9I/lKX/ffqHsvT/Y/1DWfrfr38oS/+P6h/K0v9P9A9l6f8x/UNZ+n9c/1CW/p/QP5Sl/5/qH8rS/5P6h7L0f0D/UJb+a/UPZen/oP6hLP3/TP9Qlv7r9A9l6f+Q/qEs/f9c/1CW/n+hfyhL/4f1D2Xp/5f6h7L0/5T+oSz9P61/KEv/z+gfytL/s/qHsvT/nP6hLP3/Sv9Qlv6f1z+Upf8X9A9l6b9e/1CW/l/UP5Sl/1/rH8rSf4P+oSz9H9E/lKX/l/QPZen/Zf1DWfo/qn8oS/+v6B/K0v+r+oey9P8b/UNZ+j+mfyhL/6/pH8rS/2/1D2Xp/3X9Q1n6/53+oSz9N+ofytL/G/qHsvTfpH8oS/+/1z+Upf8/6B/K0v+b+oey9P9H/UNZ+n9L/1CW/t/WP5Sl/3f0D2Xp/7j+oSz9/0n/UJb+T+gfytL/Sf1DWfpv1j+Upf9T+oey9P9n/UNZ+n9X/1CW/v+ifyhL/+/pH8rSf4v+oSz9n9Y/lKX/9/UPZem/Vf9Qlv7/qn8oS/9t+oey9P83/UNZ+j+jfyhL/3/XP5Sl/3b9Q1n679A/lKX/f+gfytL/B/qHsvTfqX8oS/8f6h/K0v9Z/UNZ+v9I/1CW/s/pH8rS/z/1D2Xp/7z+oSz9f6x/KEv/XfqHkvR/ZUv/UJb+/fQPZenfX/9Qlv4D9A9l6T9Q/1CW/oP0D2XpP1j/UJb+Q/QPZek/VP9Qlv4v0z+Upf9B+oey9H+5/qEs/V+hfyhL/4P1D2Xp/1P6h7L0P0T/0EuuPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP81cxcuumby9Okdc3zjG9/4Zu83L/a/mQAAgP9tP/nQ/2L/nQAAAAAAAAAAAAAAAAAAAEBeTfzfib3Y/4wAAAAAAAAAAAAAAPD/XVv7SVsH9NvvqQH7PnjNox27v47eecHU1asfLN1fu358ZvCS/fd9sGvXrl0rnxk3oevhkFar1fm/9squx0N7Hne+/pJhKw7f86iM//ydj1866eCz5qy9beA3Vt7S/vSg3c8Oal1+9bTpHW/o32qVUwa1FnQ+OL5fq1VOG9S6tfPBqM4HEwe11nQ+OGH3g5e1PtP54PVXzpp+VecTp1f+PYOXirb2Ja0B+y22td+/Dfbd/5JhT0zt/trLS3a/2sBW1/6Hr/3SYT1+1u0F9t/9+uWknvvv8z8g8IL6tv9nN3V/7eUl/9v7/4c37FwU/eyF99/9+uVk+4f6BJ//99toz8/9PT7/HxW85N77E4duuL1z/23n3Xdk11MD/yef/3/y+uWUnvvvv9/n/87P8RO6P/8PabXKqQf42wGptLUv3drb+3/v+x/46h43/fbd/z1f2fyKzv3f+1xrWddTg/q4/wm9vf/f1OPvFeibtvZVu3q8//dh/60RwUvu3f+WtQfv/vy/+f4rD93nZ33Z/6k99z9y3oxrR85duOi4aTMmT+mY0jFz7Kgxx48eO3bMmJG7PxHs+fUAf1MgiQN7/28d1OOmX6vVsfd+/X23TOjc/7aHln2k66mhfdz/ab2+/x/l/R9Cw/u3Bg9uLZg8b96c4/f82v1w1J5f9/xlwf778N//Rx/b9Zd1/5lhv1br8L33Iy4dO6Rz/9fPLuu6nhrcx/1P7HX/4/f/s0qgbw7w/f+qHjf77f/ELTfO79z/MT941eaup/r63/+n97r/u73/w4Foa2/V+ibauf8Thiw9o9p1afPnf1CfJvY/bPutO6pdlzPsH+rTxP4nLX/zFdWuy5n2D/VpYv8PzrhsebXrcpb9Q32a2P/zP73jiGrX5Wz7h/o0sf/HvvvU6mrXpd3+oT5N7P+Dd7WfUO26vNX+oT5N7P+46344rtp1eZv9Q32a2P/VLz93TbXrco79Q32a2P8Zu04+tNp1ebv9Q32a2H+/pd9bUu26nGv/UJ8m9v/k5OWzql2XSfYP9Wli/2uGjXi22nU5z/6hPk3sf9nTb5xY7bqcb/9Qnyb2/9U7VjxW7bq8w/6hPk3s/xMXv2pFtetygf1DfZrY/4+GP3RQtevyTvuH+jSx/40b1zxQ7bpcaP9Qnyb2v3LNgOHVrstF9g/1aWL/i0+f8mi163Kx/UN9mtj/6DFfvqjadbnE/qE+Tez/8M9966lq1+VS+4f6NLH/cx+eP7fadbnM/qE+Tex//hEf/3G163K5/UN9mtj/WzqOmFrtuky2f6hPE/svtx20sdp1ucL+oT5N7P/CbavGV7suV9o/1KeJ/a875Asfq3ZdrrJ/qE8T+98+e+bYatelw/6hPk3s/zvvXfy+atflavuH+jSx/9uf+3qpdl2m2D/Up4n9bxl14cXVrstU+4f6NLH/VWc980i16zLN/qE+Tex/+brH51W7Lu+yf6hPE/tfv/7MJ6pdl2vsH+rTxP6PGTHy4GrXZbr9Q32a2P+sC5Z9qNp1mWH/UJ8m9n/K/Xe8ttp1mWn/UJ8m9j/0a+M+We26zLJ/qE8T+//0uPd/qtp1udb+oT5N7H/H+KOPrXZdZts/1KeJ/W96YNSd1a7LHPuH+jSx/w88clfF6zLX/qE+Tex/9uue31btusyzf6hPE/t/06TzF1a7LtfZP9Snif0fevfEL1a7LvPtH+rTxP4v+fb3z6l2Xd5t/1CfJvZ/9GFXHFntuiywf6hPE/ufOm3DzdWuy0L7h/o0sf8JKzeNrnZdFtk/1KeJ/R/y5Nx7ql2X6+0f6tPE/rcOOOzsatflPfYP9Wli//fe8PA3q12XG+wf6tPE/m++6aMd1a7LjfYP9Wli/5/dOXh7teuy2P4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/2IHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBYwEAAAAAYf7WQfRuAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHAUAAD//3II6Vg=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
fsync(r0)

1m7.595768358s ago: executing program 2 (id=385):
syz_mount_image$hfsplus(&(0x7f00000001c0), &(0x7f0000000400)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x4040, &(0x7f0000000340)={[{@creator={'creator', 0x3d, "0448dc1a"}}, {@barrier}, {@gid}, {@uid}, {}, {@nodecompose}, {@gid}, {@type={'type', 0x3d, "0da5b329"}}, {@nobarrier}, {@nobarrier}]}, 0x20, 0x6fe, &(0x7f0000000c00)="$eJzs3U9oXHkdAPDvm5lMMl3IztZ2t4rQsMWiW22TDIsVBKuI5LBowcteY5tuQydpSbKSFrGz6qo3PUkPe1iReNiTeBBWPIj1JgiC994LHrwVD468N+9NZvJ3Js0ksfv5wJv3e+/9/nx/33nz5k9aXgCfWHNvx1grkpi79NZ6uv1ko9F8stFYKsoRMR4RpYhKZxXJckTyOOJadJb4dLoz7y7ZbZw3n378wcVHHzU6W5V8yeqX9mq3qb3HCK18iamIKOfrIVV26+/GDv09HKrrpBt3mrALReLguLW3aQ3TfIDXLXDSPYwoj+2wvx5xKiIm8s8BkV8dSkcc3qEb6ioHAAAAJ1N5vwovP4tnsR6TRxMOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvBiSzj0Dk3wpFeWpSPL7/38nr5apVo833H18cZ/j7986okAAAAAAAAAA4PCNbRbPP4tnsR6TxXY7yf7m/3q2cSZ7fCnejdVYiJW4HOsxH2uxFisxEzE22dNndX1+bW1lZnvLX0Xast1uP8xbzkZEfVvL2RHPGQAAAAAAAABebD+KuZg87iAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBXElHurLLlTFGuR6kSERMRUU3rtSL+VJRPgvoB2/35kOMAAACAE6iWryeT/3YK7ST7zv9q9r1/It6N5ViLxViLZizEzey3gM63/tI/Wo3mk43GUrps7/jr/8p6aw8YR9ZjRJTjvV1Gns5qnO22mItvxXfjUkzF9ViJxfh+zMdaLMRU1NJJxHwkUa91fr2oF3H2x1vOu7rWF8r1rbGd37J9LoukFrdiMYvtctyoFr2VshpJnOsZ7Q/ViC0Zei/NTvK13IA5utnzfP0y/10m1355wD5Go57NfKybkek093k2Xtk594XOeXLgkWai1P0N6szmKOnm1pGKnH9vmJyfytdprn/an/PDNuRPaVszMRul/OyLeLU/5/c+9+h0f+Mv/PMv12+Xlu/cvrV6aYRTOiSVHfeOFYWtmWj0ZOK1vc++PBPNNBOtwTMxtnXHxMBzGalqno3OhW2wq+U3s9J8vN5zCt5dTh+/HNMxE1djOr4Ss9HoO8PO9uW10ljqz0n2Wittv77V9gj+wud7Kv1sn8qjsPt4aV5e6clr75Wunh3L91z7RUz3ZOn03mffQd4FKp/JC+kYP+6+45wEfZnIr81FdMUb1C6Z+HX2OWG1uXxn5fb8vQHHu5iv05ft+/3X5t8892SeS3q+nO5euLKc1IrzJT32qW60/fmq5n9x6bQrbTt2tnusHpOxGN+Ou3EzFnZ4pVbzz3Dbe+oce23HY43s2LmeY32fcuJuNLNPIVtMHU1WARjYqTdOVWtPa3+vfVj7Se127a2Jb4xfHf9sNcb+Wvlj+Xel35a+mrwRH8YPY/K4IwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgBfB6v0Hd+abzYWVERaqBxwrSvvW2XhpsA6jHrH3WEleqI46G0MXfp7fr/Dwev73xJ7ZqMWIpvP7vWdRfe4hkkhaI35S0mfiUDosbpyW7WmX9231tysRnT2VaLfbD7uHtj6VlVid2O0ZHN+sHPU7883/tPvq1KLnJQO84K6sLd27snr/wZcWl+bfWXhnYXn2anF73FuLzYXpK9njMQcJjMTq/Qfl444BAAAAAAAAAAAAGE7+r//XVkppIRn+f+lU9qlTXVndeeTzRz1VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P/U3Nsx1ookZqYvT6fbTzYazXQpyps1KxFRiojkBxHJ44hr0Vmi3tNdsts4bz79+IOLjz5qbPZVKeqX9mo3mFa+xFRElPP1/sZ36GZ7fzd6+msdKLykO8M0YReKxMFx+18AAAD//yBC8a4=")
mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='mounts\x00')
read$FUSE(r0, &(0x7f0000002140)={0x2020}, 0x2100)

1m7.005882356s ago: executing program 2 (id=392):
r0 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r0, 0x80045505, &(0x7f0000000040))
ioctl$USBDEVFS_GETDRIVER(r0, 0x41045508, &(0x7f0000000580)={0x6, "aba26ed49fba3b04f7454c5e2e7fb6ed1fb798f5da35aec570aae34c1042e70b719bd2c577ebdddc38c473974879db9762dfc0ffb144035abb1b8a62676f2088150d25c1422600fbe1abaa81e8687ea739dec1290e6a77960c223128281f4c7c2c6863add427580ef580045ff5f07e50901fc537a64eb1fd94782006fd6f184999e9e50059dca654e0c8dfcc0e7e3dae54a07ae544724153da157cd20dd6e5711485337eff9afc0369058a770db73246880e5d3f5fde72a78d8b87e6d9c6e52cf52e7431a3424fe6316218c3e071097d9c6f90b55a737ee3a78dc3beda50b410767f2b839a3bb6fa486b08e2084029e929c4eb23efa93d3817dd89cdd10dd979"})

1m6.244988213s ago: executing program 2 (id=399):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000280)={0x1, 0x0, [{0xc0010058, 0x0, 0x7ff}]})

1m5.885233792s ago: executing program 32 (id=399):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000280)={0x1, 0x0, [{0xc0010058, 0x0, 0x7ff}]})

47.270233999s ago: executing program 5 (id=568):
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f00000002c0)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
r0 = openat(0xffffffffffffff9c, &(0x7f0000004d00)='./file1\x00', 0x250942, 0x1cd)
quotactl_fd$Q_GETNEXTQUOTA(r0, 0xffffffff80000901, 0xee00, 0x0)

47.126318115s ago: executing program 5 (id=573):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), 0xffffffffffffffff)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x2d0, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'bridge0\x00'}, 0x0, 0x100, 0x128, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00', {0xff}, {}, 0x0, 0x0, 0x0, 0x4b}, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x330)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000005c0)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000014000000080016001700000018000180140002006e657464657673696d3000000000000008001500170000000800130000170000080014"], 0x4c}}, 0x0)

46.905916968s ago: executing program 5 (id=578):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x80a61, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$TUNSETVNETHDRSZ(r0, 0x400454d8, &(0x7f0000000140)=0x90)
write$tun(r0, &(0x7f0000001bc0)=ANY=[@ANYBLOB="87d19c84d6c3"], 0xfdef)

46.60178519s ago: executing program 5 (id=581):
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file0\x00', 0x2000414, &(0x7f0000000340)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0x1, 0x2a1, &(0x7f0000000540)="$eJzs3MFqE18Ux/Hzb/pv0pQ2EURQUA+60c3QxgfQIC2IAaU2RV0IUzvRkDEpM0MlIjYbcetzFJfuBPUFuhE37t0VQXDThTjiTKZN2rSmbdLE9PuBck9y7o+5bdNyUuis3339pFRwjYLpyVBCZUikJhsi6T9V3X/1dSioR6RRTS6P/fhy9s69+zezudz0rOpMdu5KRlUnzr9/+vzNhY/e2PzbiXdxWUs/WP+e+bp2au30+q+5x0VXi66WK56aulCpeOaCbeli0S0Zqrdty3QtLZZdy2nqF+zK0lJVzfLieHLJsVxXzXJVS1ZVvYp6TlXNR2axrIZh6HhSjrfhNvbkV2dnzeyubT/W0ROh60ZbPek42VrrZn71CM4EAAD6zN7zfzjr7z7/5+bDtcPzvwjzf5fUmh79Zf7HQHCcrJms//w2Y/4HAAAAAAAAAAAAAAAAAAAAAOBfsOH7Kd/3U9EafcRFJCEi0eNenxPdccDv/9UeHRcd1vCPewkR+9VyfjkfrmE/W5Ci2GLJpKTkZ/B6qAvrmRu56UkNpOWDvVLPryznYxKP8pF0q/y5E1NhXpvz/0uy8foZScnJ1tfPtMyPyKWLDXlDUvLpoVTElsXgdb2VfzGlev1Wblt+NNgHAAAAAMAgMHTTjvfvQT/YkJCd/TC/j78PbHt/PSxn2rlFJQAAAAAAODS3+qxk2rblHKCIi8gh4oNaxKQvjrGtuCYifXCMoyoSIhI+oweJf9uMt5Xy29gzLCI9/7Lso+j1byYAAAAAnbY19O8j9PllF08EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDx0+79wKL9O1pRY494w+ViR/4JAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH3kdwAAAP//R8IgDA==")
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
chroot(&(0x7f0000000340)='./file0/file0\x00')
pivot_root(&(0x7f0000000240)='./file0\x00', &(0x7f0000000000)='./file0/../file0\x00')

46.334078679s ago: executing program 5 (id=585):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x1c, 0x2, [@TCA_FQ_FLOW_DEFAULT_RATE={0x18, 0x10, 0x3}, @TCA_FQ_FLOW_MAX_RATE={0x2, 0x2}, @TCA_FQ_QUANTUM={0x2, 0x2, 0x2000000}]}}]}, 0x48}}, 0x0)

46.009066974s ago: executing program 5 (id=589):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x71, &(0x7f0000001c00)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x63, 0x2, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x4f, 0x0, @wg=@data={0x4, 0x7407, 0xfffffffffffffffd, "9c67524ed6ed152d4f775bbc411126513b67aa2818e6f3aeb55bee6ae1049f195705bc8bd9b1085cd41af77353267df8a1d4cecdb01908"}}}}}}, 0x0)
ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0))

45.676586221s ago: executing program 33 (id=589):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x71, &(0x7f0000001c00)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x63, 0x2, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x4f, 0x0, @wg=@data={0x4, 0x7407, 0xfffffffffffffffd, "9c67524ed6ed152d4f775bbc411126513b67aa2818e6f3aeb55bee6ae1049f195705bc8bd9b1085cd41af77353267df8a1d4cecdb01908"}}}}}}, 0x0)
ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0))

42.542583819s ago: executing program 1 (id=616):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x4)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000002c0)=0x31)

40.296523733s ago: executing program 1 (id=630):
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r0 = socket$kcm(0x2d, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000340)={<r1=>r0})
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000040)={r1})

40.198238384s ago: executing program 1 (id=631):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
personality(0x5400004)
remap_file_pages(&(0x7f00006ca000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x4000000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)

39.521034928s ago: executing program 1 (id=634):
socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed0044, &(0x7f0000000100)={[{@noblock_validity}, {@resuid}, {@grpquota}, {@noload}, {@nobarrier}, {@lazytime}]}, 0xfe, 0x472, &(0x7f0000000940)="$eJzs3MtvG8UfAPDvOk6a9PFLfyU8GloIFETEI2nSBz1wAYHEAQQSHIo4BSetQt0GNUGiVQSBQxDigCpxRxyR+As4wQUBJySucEeVEMqlhZPR2rtp4tohDydO8ecjbTuzu+7Md2fHnp2xG0DHGkr/SCL2R8SvEdEfEcX6E4Zqf91cmi/9tTRfSqJSee3PJH1Z3FiaL2X/RHVL7avtqFSy/J4G5S6+GTFRLk9dzvKjcxffGZ29cvWp6YsT56fOT10aP3Pm5ImjPafHT7UkzjSuG4Pvzxw5/OIb114unb321o9fp/Xdnx3P42ilodrVbejRVhfWZgdWpJNiGyvChhzI+nt3tf/3R1f0LR/rjxc+amvlgG1VqVQqjT6fMwsV4D8siXbXAGiP/IM+ff7Ntx0aeuwKfzxbewBK476ZbbUjxShk53TXPd+2Um9EnF34+4t0i22ahwAAWOnbdPzzZKPxXyHuWXHe/7I1lIMR8f+IOBQRd0XEQETcHVE9996IuG+D5devkNw+/ilc31Rg65SO/57J1rZWj//y0V8c7MpyB6rxdyfnpstTx7NrMhzde9L82KqXrPbd8798Vr/v02yafWjF+C/d0vLzsWBWj+vFugm6yYm5iZYEn8b/YcRgsVH8yfI6YBIRhyNicJNlTD/+1ZFmx/49/jW0YJ2p8mXEY7X2X4i6+HNJ0/XJsadPj58a7Y3y1PHR/K643U8/L77arPwtxd8CafvvbXj/1+JPnxGT3ojZK1cvVNdrZzdexuJvH5eSJscGNnn/9ySvV9M92b73JubmLo9F9CQvpdm+VfvHb702z+fnp/EPH2vc/w/VHs+qV+L+iEhv4qMR8UBEPJi13UMR8XBEHFsj/h+ee+TtZseat/8as/ItlMY/uUb7p295aepW+2880XXh+2+alV9ZV/ufrKaGsz3ref9bbwW3cu0AAADgTlGofgc+KYwspwuFkZHad/gHYm+hPDM798S5mXcvTda+K38wugv5TFf/ivnQsWxuOM+P1+VPZPPGn3f1VfMjpZnyZLuDhw63r0n/T/3e1e7aAdvO77Wgc+n/0Ln0f+hc+j90Lv0fOlRP490f7HQ9gLbY+Od/77bUA9h5xv/QufR/6Fz6P3Skpr+NL2zpJ/93aqK4O6rRMNG3O6qRJ6KwK6rRusQrn9S6xG6pT54orvs/s9hkYk/DQ+1+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGiNfwIAAP//RwfmeQ==")
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='configfs\x00', 0x16, 0x0)
fchownat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0xffffffffffffffff, 0x100)

38.785695225s ago: executing program 1 (id=636):
unshare(0xa000680)
r0 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
fcntl$setsig(r0, 0xa, 0x2d)
fcntl$getflags(r0, 0xb)

36.314538882s ago: executing program 1 (id=645):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_GET_MSRS_cpu(r2, 0xc008ae88, &(0x7f0000000080)={0x1, 0x0, [{0x40000093, 0x0, 0x4}]})

36.055161717s ago: executing program 34 (id=645):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_GET_MSRS_cpu(r2, 0xc008ae88, &(0x7f0000000080)={0x1, 0x0, [{0x40000093, 0x0, 0x4}]})

6.58243276s ago: executing program 6 (id=878):
r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x54c, 0x5c4, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x64, [{{0x9, 0x4, 0x0, 0x20, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x4000, 0x0, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x8, 0x0, 0x4, 0x4}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000000c0)={0x2c, &(0x7f0000000180)=ANY=[@ANYBLOB="40061c"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000100)={0x2c, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20, 0x1, 0x10, "22ed0aab663333b5160dc0abc393c4ee"}, 0x0})

5.849543233s ago: executing program 0 (id=885):
r0 = syz_usb_connect$cdc_ecm(0x0, 0x5a, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000402505a1a4400001020301090248000101570040090400000002060000052406000005240000000d240f01000800000000000000042402000905810310"], 0x0)
syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e"], 0x0)
syz_usb_disconnect(r0)
syz_usb_connect$printer(0x2, 0x2d, &(0x7f00000007c0)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x10, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0x8, 0x60, 0x4b, [{{0x9, 0x4, 0x0, 0x8, 0x1, 0x7, 0x1, 0x1, 0xc, "", {{{0x9, 0x5, 0x1, 0x2, 0x228, 0xa, 0x4, 0xe}}}}}]}}]}}, 0x0)

3.997675243s ago: executing program 6 (id=897):
r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x5)
r1 = dup(r0)
ioctl$SIOCSIFHWADDR(r1, 0x8925, &(0x7f0000002640)={'team_slave_0\x00', @random="76f64c34b99d"})

3.668521831s ago: executing program 3 (id=900):
io_setup(0x3ff, &(0x7f0000000500)=<r0=>0x0)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000006c0), 0x48200, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x15)
io_submit(r0, 0x1, &(0x7f0000000040)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])

3.578178211s ago: executing program 6 (id=902):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f0000000200), 0xfe, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
setxattr$security_ima(&(0x7f0000000100)='./file1\x00', &(0x7f0000000140), &(0x7f00000013c0)=ANY=[], 0x700, 0x0)
newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r0=>0x0, <r1=>0x0}, 0x1000)
lchown(&(0x7f00000001c0)='./file1\x00', r0, r1)

3.483538247s ago: executing program 3 (id=903):
syz_mount_image$btrfs(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x16, &(0x7f00000002c0)={[{@nobarrier}, {@noflushoncommit}, {@nossd}, {@commit={'commit', 0x3d, 0x3f}}, {@nodatasum}, {@nodiscard}, {@nobarrier}, {@compress_algo={'compress', 0x3d, 'zstd'}}, {@noacl}]}, 0x9, 0x5104, &(0x7f0000005480)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75pcNWjiAAAAQF/x/90Xv1qIeT375iDN6089evBc1Xil/N8cLv+P3dJXBQAAANyMI19sf7iqXsr/reHy//htnTUAAACwFO98OPFBVb2U/2dvnP/rSf5fnS/zKx+yTj/Fv0I4NBnCxMLKXFb4ObSf7hYAAACAWyTm9D8/3flD1X6l/D9Xff//eKeDeP1/z/3/Ctf/hzDVW8ju+vdkXgAAAIB7Svl6/nh7/OzJBf2evz/s9f8P/O/gq1XHL+X//cPl/3pxeSuf/wcAAADL8F97/t/20jjVBt3//76P3v2lqn8p/7eHy/9xuab48k7E9+e9yRDWL6zkdxP8Jh5uV1KYHysUOlpJj22xR16YHy8UOuaSHpsnQ3hwYWV/Uvh/LLSTwpW1eeFIUjgdC/n50C0cSwon4pn2+dp8umnh+1jIL7CYj1dQrOleEpH0uNqvx0Lhhj3Odg8OAABwT4nhOc+yY73NkEbZ+dqgHVYP2mFk0A71QTuMJjukO/bbHmZ7C3F7+8zGpT3//8hw+T++Fflz/vpd/x/i9f/5cw271//PxkIjKczHQiu9Y0ArHiMLux/HYzRaeY8r67sFAAAAuKvF7wXqKzwPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+Ie9e42Rq7oPAH72Od6H1wtJFUKjZJPUOG7i9domD7VUWVOqRqQ064aCqohiY6/J4gU7tikxCpGxiWiEoLRBSj4UYRRFNR+gViAiKSBcpDhC5RFRFQUQKLSGKIiUkkSkCVKoZu89s3fO3Xks9hov/f0k75yZ/3neeXjOvXfOBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/n84/JWr/rZZ/OHfnvP0cxeOX7Zv/YUvX3POqY+HMDHzeEcW7ui//tbxn9959l377lt72z1Hz/1wb14uj4eB6p/O/M51sdajS0O4tyOE7jSwajAL9OT3B2N97xkM4ZQwG6iVmOzPSqQNh+/3hXAgzAZqVX2vL4TBQuD8Jx568MZq4pa+EJaHECppG89Wsjb60sAZvVmgPw1s784Cv3ojUwt8tzMLwDGLb4bai/7QRH2G4bnLNXj99Ry3jr210uF1xcRw43w/W7/AnSroTR+YOKanrVQdC6L09jjs3bYI3m2l7Xyzp634RSr/hvLGbKgSOrdMbt105fTu+EhnGB3talTTAj3PT736pc3zSS+a12HswPBxeR3e9NjyO7tWnvfoPauWv3jwI/tfOtZu/qiwSYvphVYJ+Wtu0TyP0bjPk0Xw9it9SxrxpSuEsPXzv/eZZvHS/H+4+fw/vpzjbWdd7ljr60PZ3Dw+MhgTrwxlc3MAAABYNBbDXtPtow98oll9pfn/SHvH/+Mh/3wyn432cAjjM4n9y0I4bebxLHBHbO6SZSG8fyY1UR9YnwQOh/DumcTKWlVJiSWxxEgS+MlQHhhPAkdiYCIJfCsGbk4C18XAoSSwOQYOJ4GzYyBM1Y/j94fycbQd6IuBjdlGPBTPQvjFUGwt2VbP1KoCAAA4TvLZYU/93cK5DseaIU4vD/W1yhDPwG6YoZLUkM5ga9OqhjV0t6qhs1UNtXHvbT78Us0drWounYbRUZ/h1l/+zWdDE6X5/1jz+X9ljo50lI7/h7Bh5m/M3ZlHpmvxjRN1GQAAAIBjMPC/z3+zWbw0/x9v7/z/uE+kq5A5PBJ3Q2xbFsJYfSCr9g/Lgeyo90AeAAAAgMWgdjy+dix8Kr/NTtFO59Pl/BPzzB8P/I/Pmb/38P0bm/W3NP+faO/8//7626wTR2IvvrYshCWFwA9iL6uBGSMx8ONP1gfy8R+JG+CGWFV+YkKtqhtiiY0xMJYEDjQq8cNaidPqA/mTVWt8f20cU3mJQgAAAABOuLg7IB6Xj+f/f+A3a69qVq40/984v/P/Z+bBpdP7pwdCWN0dQlf6w4BH+rOFAWNgsCNPPNCf1dWVVnVtfwhnVQeWVvV8vv5/d7rG4BN9WVUxcNoHDr56RjXxzb4QVhcDT37u9o9WE7uTQK3xv+wL4X3V0aaNf2dJ1nhP2vjXl4Tw3kKgVtUlS0KoNtabVvVQJb+OQVrVP1dCeEchUKvqY5UQ9gQAFqn4X+mW4oO79ly9bdP09OTOBUzEffh9YevU9OTo5u3TWyoN+rQl6XPdMkbXlsfU7pVvnsmXKLrg7g2D7aRrvxMcK7aV78cvnTiY34/fhXpmxrm2p+7uunTIH/pguYlQ+CbVaMidCzzk/mIls09iqf6YvzcMhCVX7prcOfrFTbt371yT/W03+9rsbzzMlG2rNem26p+rb228PBqulpV4s9tqRbGS1bsv37F6156rV01dvunSyUsnr1jzsbVjZ46tG/v4mauroxrL/rYY6oq5qk6G+sbtbY7rOA719O5CJSfiU0NCQmKxJbYPrGj6f3Jp/r+j+fw/furET/58fYZGx/+H42H+7PHZw/wbY+BAu8f/hxsdza+dGDCSBPbGwF6H+QEAAHh7iJP8uDcz7pX+6crvvNisXGn+v7e93/8fp/X/a0vXn9tomf+VscRYo/X/02X+a+v/7220/n+6zH9t/f8Db8H6/1fWAskm+YX1/wEAgLeDE7f+f8vl/dMLBJQytFzeP71AQClDy2X8271AwLzX/3/2P//qv0MTpfn/ze3N/y3cDwAAACePL//ZVb/TLF6a/x9ob/5/4tf/C43O/x9pFJhotDCg9f8AAABYpBqt/zd8ff/FzcqV5v+H2pv/x9MuOutyx1pfH8rWtAvpmnavDNV+MgAAAACLQ2cYHe1pM2/dyqjr33ybT+VLgTZLFz3/J0fnd/7/4fbm/3W/y7jpseV3dq0879HX71m1/MWDH9n/0uzxfwAAAGDhtLtfAgAAAAAAAAAAAAAAeOs9/x/71jWLl37/HzbMPN7o9//xun/x9wXvrMsda229/l9+//xP37VnZsnCR4ZC+GAxsG3ftlNCfm3+FcXAgxetfFc1sS8tcf9zZ79QTVycBj616tTXqomzksDGuEjiu9NAvKria0uTQFxe8d/TQNweh9JAbx746tJsHB3ptvrpYLatOtJt9fRgCMsKgdq2uncwa6MjHeAtSaA2wC+kgTjAP88DnWmv7hrIehUDg7HobQNZrwAAOGnFb4E9YevU9ORY/Aofb0/vrr+N6pYsu7ZcbUebzT+TL012wd0bBttJd6XfRWevNd4TKtUhrCl9XS1m6ZgZ5fGppcWme2eDIbda7a2zQbnUfDddb+MR9WUjGt28fXpLT8uBr2udZW13yyxrSpOdYpbOmU3aRi1t9KWNEbW5bdrocrzfGUZHu5JcfxCDw6FOq1dEu7/XL67z1+hVUMxzxdH9v2pWX2n+P9ze/L9SHNdr+cUA9sYr6/3dMsv8AwAAwML66vpffyP+++z1Dz/ZLG9p/j/S3vw/7sHKDwVnezsOx+v/718Wwsyl9YezwB2xuUuWhfD+mdRELJFdUP/cWGIsC9wRd5isjCU2TtRXtSQGDiWBnwzlgcNJ4EgM5HspDoZ8V87fD4Xw0ZnUhvoSO2KJ4STwmRgYSQKjMTCWBJbGwHgSeHlpHphIAv8WA2GqflvdvTTfVgAAAPORz7N66u+GdJ53qLtVho5WGfpbZehslaHSKkOjUcT7344ZepKTVzoKmXrSWvuSWkoZ4sXw592vUobww/qcacFS0/H8g9r5Bh31Ge77RHclNFGa/4+1N//vr7/NWj8S5/+z1//LAj+I3ftaPHV8JAZ+/Mn6QL5j4Eic7N5Qq2oiL5FP2m+IJcZjYCQJ7IiB8SSwcUMeOPCu+kA+0641vr/W+FReohAAAACAEy7uIIi7aeL8/7ZdXxloVi6f/4/U5v/j7c3/Y3sDxcaui7UeXRrCvR2zvakFVg1mgbgfYzD+PP49gyGcUtjBUSsx2Z+V6E0aDt/vy36h3ptW9b2+7McH8f75Tzz04I3VxC19ISwv7H2ptfFsJWujLw2c0ZsF+tPA9u4sEPf81ALf7cwCcMxqewXjCyo/1aVmeO5yDV5/b5drgqbDK+0DnSPfXL+5WiilHa75PtWa+T1tTfffctyU3h6HvdsW47tt2Lut+EUq/4byxmyoEjq3TG7ddOX07vhI8ZesJQv0PBd/pdpO+ji8Dve++d62Vkk7MJZ8fIzNXW7u12FHrO6mx5bf2bXyvEfvWbX8xYMf2f9S291oIP5Q+KFr/nXwR4XNu9AqIX/NLbrPkwmfJ4vxv4ERT1sIYcPLX7+hWbx0/H+ivfl/d3I749dxY+5aFsKHChv3kbj5/3hZ9jlYCGSfku8oB7JD7v811PCTEwAAAI632u6O2v6Cqfw2OyE8nSeX80/MM3/cXzE+Z/52+93/1xctbxYvzf83Np//L0m66fi/4/8sEMf/53Sy74pekj6w95h2RZeqY0E4/j+nk/3d5vj/nBz/d/x/Lo7/t+D4/5xO9qet9C1phy9dIYQX/+iBp5vFS/P/He3N/63/N/eifbX1/zY2Wv9vR6P1//Za/w8AAFhQDRaaS+d5pdX7ShnS1ftKGVouENhyiUHr/817/b8XTn/2N6GJ0vx/b3vz//hyGCi2vljW/xvZ0KCqm2Ngh4UBAQAAOBk12kEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAW+u+f/ifLc3iD//2nKefu3D8sn3rL3z5mnNOfTyEqZnHO7JwR//1t47//M6z79p339rb7jl67ocrebme/PZ363LHWl8fCuFA4ZHBmHhlqHpnNnD+p+/a011NPDIUwgeLgW37tp1STXxrKIQVxcCDF618VzWxLy1x/3Nnv1BNXJwGPrXq1NeqibPyQEfa3X9cmnW3I+3ujUtDWFYI1Lp72dL6qmpt/Gke6Ezb+KfBrI0YGIxFvzGYtRED07HE1JIQVneH0JVW9XAlq6orrepfKllVXWlVX66EcFYIoTut6rnerKrudOSP92ZVxcBpHzj46hnVxIHeEFYXA09+7vaPVhNfSAK1xv+iN4T3VV8yaePf7ska70kbv6UnhPeGEHrTEr/szkr0piWe7w7hHYVArfHPd4ewJ/C2ED986j7Rdu25etum6enJnQuY6M3b6gtbp6YnRzdvn95SSfrUSEch/ca1b37sz7z6pc3V2wvu3jDYTro7L9cz0+W1PXV3153svY/96i9WMvt8lOqP+XvDQFhy5a7JnaNf3LR798412d92s6/N/nbl0WxbrVks22pFsZLVuy/fsXrXnqtXTV2+6dLJSyevWPOxtWNnjq0b+/iZq6ujGsv+Nh5qb9tDvf3ED/X07kIlJ+IDQOLEJqqvy5OgGxKLOtFZ9+k2drJ/kJe+6M92tCdUZj6gS9OKYpaOmVEej0GvT4Irjv+gR+L3lJYjWlOaOJSyrG2dZV1pMjGbpS/LMvO9rjQ5LNbUObNJ4/3OMDra1Wg7DNffLW7en6Wbdx6eyjdju2kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP9jBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgWMBAAAAAGH+1mH0bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlwIAAP//5DAgkw==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x28042, 0x194)
ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f00000000c0)={{r0}, 0x0, 0x0, 0x100000})
truncate(&(0x7f0000000000)='./file1\x00', 0x8000)

3.221890897s ago: executing program 7 (id=906):
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file1\x00', 0x4000, &(0x7f0000000480), 0x1, 0x3d0, &(0x7f00000004c0)="$eJzs3M1uG0UcAPD/br5I+mEjcUCFgyUQBAFxHQhQhEThyscFeAArSUuF21SNkWjJoSBOnDggbhz6Ahx4gKpCSEi8Ai+AKlUozQFuQWvvOm4cp7Fix2r6+0mjndkdZ/bv3axm1rsTwGOrEhHnI2IiIhYjopSvT/MUN9spq3d/c2N5a3NjOYnt7U/+SSLJ1xV/K8mXJ/LCfBqRfhfxzM3edtev3/ii3misXsvL1eblq9X16zdevXS5fnH14uqV2pvnarWlxbdqrw8t1p+ef+ncxPvnz/z8V+nO0vT0bLa/J/Nt3XEMSyUqne9kt6VhNzZm0+PeAQAADiTN+/6Trf5/KSZaubZSVDfGunMAAADAUGy/my8BAACAYywx9gcAAIBjrngO4P7mxnKRxvg4wpG7915ElHfebd7qxD8ZT+R1pkb4fmslIq6+kJSyFCN6DxkAoNudrP9zdq/+XxpPd9WbiWj1h2aH3H5lV7m3/5PeHXKTD8j6f+9ExFZP/y8tqpQn8tKpVldxKrlwqbF6NiJOR8R8TM1k5do+bXzw7y8f99uWxf97cup0kbL2s+VOjfTu5MyDn1mpN+uHibnbvW8izkzuFX/S6f8mETF3iDYmvr71dr9tD49/tLZvRby45/Hfmbkn2X9+omrrfKgWZ0Wv/7799aN+7Y87/uz4z+0ffznpnq9pffA2bn/+57P9tnWPfwY5/6eTT1v5Ylz2Vb3ZvFaLmE4+7F2/uPPZolzUz+Kff27v///i+pfkc1qdzK8Bg/r+h99eOUj8WcraL8aCRyGLf2Wg4z945o3bf3zWr/2Hx58d//YcYPP5moNc/w66g4f57gAAAOBRkbbuayTpQiefpgsL7fsdT8Vc2lhbb758Ye3LKyvt+x/lmEqLO12lrvuhtfbP6J3y4q7yaxHxZET8WJptlReW1xor4w4eAAAAHhMn+oz/M38f2VMIAAAAwMiVx70DAAAAwMgZ/wMAAMCxdph5/WRkZI5rZtxXJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEfb/wEAAP//Wt22ag==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
pwritev2(r0, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0x40305829, &(0x7f0000000000)={0x17c04, r0, 0x1008, 0x973f, 0x6, 0x1})

2.931462386s ago: executing program 6 (id=908):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000413f5f201d0650c16fce0102030109021b00010000100009043300011870f500090582020002"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
sendmsg$NL802154_CMD_GET_WPAN_PHY(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x2c}}, 0x10)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xa8, &(0x7f0000000040)=ANY=[@ANYBLOB="6b0ee0b3d41b1b"])

2.922251083s ago: executing program 0 (id=909):
r0 = socket$netlink(0x10, 0x3, 0x15)
writev(r0, &(0x7f0000000280)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025", 0x1d}, {&(0x7f0000000580)="fa21bd2b5c40cc420740358ffc7f9f4b6e68fc8d1aa2597e7b484f30", 0x1c}], 0x2)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r1, 0xffffffffffffffff, 0x0)

2.900156103s ago: executing program 7 (id=911):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@bridge_dellink={0x34, 0x13, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@IFLA_AF_SPEC={0x14, 0x1a, 0x0, 0x1, [@AF_INET={0x10, 0x5, 0x0, 0x1, {0xc, 0x5, 0x0, 0x1, [{0x8, 0x1}]}}]}]}, 0x34}}, 0x0)

2.761368949s ago: executing program 0 (id=912):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@local})
ioctl$IOCTL_VMCI_QUEUEPAIR_DETACH(r0, 0x7aa, &(0x7f0000000100)={{@any, 0x8}, 0xe5, 0x8100})

2.442380712s ago: executing program 0 (id=915):
syz_mount_image$jfs(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x2010880, &(0x7f00000000c0)=ANY=[@ANYRES16=0x0, @ANYRESHEX=0x0, @ANYBLOB=',errors=continue,noquota,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c6e687ed7cc92413591118b4c90c38ce6717086f74110d64c905e04106d03caec62ca1fecda509971eca727d8f39b9d782da9a7d0d28312cc6ed5b00392b37b96c8d4cc83a017fa5fca81fba2263b"], 0x5, 0x60a5, &(0x7f000000c4c0)="$eJzs3UuPHFfZB/Cnr3PxG2eURZTXQmjihEsI8TUYQ4AkC1iwyQJ5i2xNJpGFA8g2yIksPNFsWLDiE4CQWCLEErHgA2TBlh0rVliykUBZUahmzvFUt7vdY8bT1Z7z+0njqqdO9fSp+Xf1xVXVJwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA+O53vne2ExGXf5oWrEX8X/QiuhErdb0eESvra3n9fkS8EDvN8XxEDJYi6tvv/PNsxOsR8cnxiHv3b2/Ui8/tsx/f/v1ff/P9Y+/85XeD0//+w83eG9PWu3XrF//6452DbTMAAACUpqqqqpM+5p9In++7bXcKAJiL/PpfJXn5ka9/+fd3/rRI/VGr1Wq1eg51UzXZnWYREVvN29TvGRyOB4CnzFZ82nYXaJH8i9aPiGNtdwJYaJ22O8ChuHf/9kYn5dtpvh6s77bnc0FG8t/qPLi+Y9p0lvFzTOb1+NqOXjw3pT8rc+rDIsn5d8fzv7zbPkzrHXb+8zIt/+HupU/Fyfn3xvMfc3Ty707Mv1Q5//5j5d+TPwAAAAAALLD8//9rLR//XTr4puzLo47/rs+pDwAAAAAAAADwpB10/L8HjP8HAAAAC6v+rF771fG9ZdO+i61efqkT8czY+kBh0sUyq233AwAAAAAAAAAAAABK0t89h/dSJ2IQEc+srlZVVf80jdeP66C3f9qVvv1Qsraf5AEAYNcnx8eu5e9ELEfEpfRdf4PV1dWqWl5ZrVarlaX8fna4tFytND7X5mm9bGm4jzfE/WFV/7Llxu2aZn1entU+/vvq+xpWvX107AkZpL/mlOaWwgaAZPfV6J5XpCOmqp6d9uYDRtj/jx77P/vR9uMUAAAAOHxVVVWd9HXeJ9Ix/27bnQIA5iK//o8fFziUOuJwf79arVar1epH1k3VZHeaRURsNW9Tv2cwHD8APGW24tO2u0CL5F+0fkS80HYngIXWabsDHIp7929vdFK+nebrQRrfPZ8LMpL/Vmfndvn2k6azjJ9jMq/H13b04rkp/Xl+Tn1YJDn/7nj+l3fbh2m9w85/XqblX2/nWgv9aVvOvzee/5ijk393Yv6lyvn3Hyv/nvwBAAAAAGCB5f//X3P8N28yAAAAAAAAADx17t2/vZGve83H/z8zYT3Xfx5NOf+O/IuU8++O5f/FsfV6jfm7b+/l/8/7tzd+e/Mf/5+n+81/Kc900iOrkx4RnXRPnX6aHmTrHrY96A3rexp0ur1+OuenGrwXV+NabMaZkXW76e+x1352pL3u6WCk/dxIe/+h9vMj7YP0vQPVSm4/FRvxo7gW7+60121LM7Z/eUZ7NaM959+z/xcp599v/NT5r6b2zti0dvfj7kP7fXM66X7euvrZn585/M2ZaTt6D7atqd6+ky30Z+dvcmwYP7mxef3UrSs3b14/G2kysvRcpMkTlvMf7Pws7T3/v7Tbnp/3m/vr3Y+Hj53/otiO/tT8X2rM19v7ypz71oac/zD95PzfTe2T9/+nOf/p+/+rLfQHAAAAAAAAAAAAAAAAHqWqqp1LRN+KiAvp+p+2rs0EAOYrv/5XSV6uVqvVarX66NVN1WRvNouI+HPzNvV7hp9N+mUAwCL7T0T8re1O0Br5Fyx/3189fbntzgBzdePDj35w5dq1zes32u4JAAAAAAAAAPC/yuN/rjfGf345ItbG1hsZ//XtWD/o+J/9PPNggNEnPND3FNvdYa/bGG78xdgZn/vUtPG/T8ajx//uz7i/wYz24Yz2pRntyxOX7qU18UKPhpz/i43xzuv8T4wNv17C+K/jY96XIOd/svF4rvP/wth6zfyrXy9c/lv7XXE7uiP5n775wY9P3/jwo9eufnDl/c33N394/uzZM+cvXLh48eLp965e2zyz++/h9HoB5Pzz2NfOAy1Lzj9nLv+y5Pw/l2r5lyXn//lUy78sOf/8fk/+Zcn5588+8i9Lzv+VVMu/LDn/L6Va/mXJ+b+aavmXJef/5VTLvyw5/9dSLf+y5PxPpVr+Zcn5n071PvL39fBHSM4/H+Gy/5cl55/PbJB/WXL+51It/7Lk/M+nWv5lyfm/nmr5lyXn/5VUy78sOf8LqZZ/WXL+X021/MuS87+YavmXJef/tVTLvyw5/6+nWv5lyfm/kWr5lyXn/41Uy78sOf9vplr+Zcn5fyvV8i9Lzv/NVMu/LHvf/2/GjBkzeabtZyYAAAAAAAAAAAAAYNw8TiduexsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sgMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7N1djFxnfT/wM/tirx1CDITg5G9gk5gQkiW7thO/8K+LCa8NUAokFPqC7XrXZsFveO0SKJJNAyUSRkUVVdOLtoBQG6mqsCouaEVpLqq+XJX2gt5UVJWQGlUBBSSktqJsNXOe5/HM7OycXe94PXuez0eKf96dM3POnHlmdr/rfHcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABod+cb5z7bKIqi+V/rj21F8YLm37dMbmt97nU3+ggBAACAtfrf1p/P35I+cWgFV2rb5u9e8Y9fX1xcXCzeP/q7419cXEwXTBbF+OaiaF0WXfn3DzTatwmeKCYaI20fj1TsfrTi8rGKy8crLt9UcfnmissnKi5fcgKW2FL+PKZ1Yztbf91WntLi1mK8ddnOHtd6orF5ZCT+LKel0brO4vjxYr44WcwVMx3bl9s2Wtt/887mvt5WxH2NtO1rR3OF/PCTx+IxNMI53tmxr6u3GX3/DcXkj374yWN/fP6523vNytPQcXvlcd57V/M4Px0+Ux5ro9iczkk8zpG249zR4zEZ7TjORut6zb93H+fzKzzO0auHua66H/OJYqT192+3ztNY+4/10nnaET73X3cXRXHp6mF3b7NkX8VIsbXjMyNXH5+JckU2b6O5lF5cjK1qnd65gnXanLM7O9dp93MiPv53huuNLXMM7Q/T9z+1acnjvtp1GjXv9XLPle41OOjnyrCswbguvt2600/2XIM7w/3/5D3Lr8Gea6fHGkz3u20N3lW1Bkc2jbaOOT0IjdZ1rq7BXR3bj7b21GjNZ+/pvwanz586O73w8U+8dv7U0RNzJ+ZO79m1a2bP3r379++fPj5/cm6m/PMaz/bw21qMpOfAXeHcxefAq7u2bV+qi18e3PNwos/zcFvXtoN+Ho5137nG+jwhl67p8rnxaPOkT1weKZZ5jrUen/vW/jxM97vteTjW9jzs+TWlx/NwbAXPw+Y2Z+9b2fcsY23/9TqG6/W1YFvbGuz+fqR7DQ76+5FhWYMTYV38633Lfy3YEY73yanVfj8yumQNprsbXnuan0nf70/sb41e6/KO5gU3bSouLMyde+Dxo+fPn9tVhLEuXtK2VrrX69a2+1QsWa8jq16vh+Zf8eQdPT6/LZyridc2/5hY9rFqbvPgA/0fq9ZXt97ns+Ozu4swBmy9z2evr+bN85myZJ/z2dzm09Nr/1485dK219/xZV5/Y+7/abm/dFNPjI6Plc/f0XR2xjtejzsfqrHWa1ejte/np1f2ejwe/lvv1+Nb+7web+/adtCvx+Pddy6+HjeqftqxNt2P50RYJydn+r8eN7fZvnu1a3Ks7+vx3WE2wvl/TUgKKRe1rZ3l1m3a19jYeLhfY3EPnet0T8f24yGbNff19O5rW6f33l3e1mi6d1et1zqd7Np20Os0vV4tt04bVT99uzbdj+dEWBe37um/TpvbPPPg2l87t8S/tr12bqpag+Ojm5rHPJ4WYfl6v7glrsEHimPFmeJkMdu6dFNrPTVa+5p6aGVrcFP4b71fK7f3WYP3dm076DWYvo4tt/YaY0vv/AB0P54TYV089VD/Ndjc5k37Bvu9673hM2mbtu9du3++ttzPvO7oOk3X82dezeP8m339fzbb3Obk/tXmzP7n6f7wmZt6nKfu5+9yz6nZYn3O0/ZwnM/tX/48NY+nuc0XD6xwPR0qiuLiRx9u/bw3/PvKn1/4ztc7/t2l17/pXPzowz+4+fjfrub4Adj4flqOreXXurZ/mVrJv/8DAAAAG0LM/SNhJvI/AAAA1EbM/fH/Ck/kfwAAAKiNmPvHwkwyyf/b3/Tc/E8vFqmZvxjEy9NpeKTcLnZcZ8LHk4tXNT//8FfnfvyXF1e275GiKH7yyG/03H77I/G4SpPhOK+8ufPzS694cUX7P/LY1e3a++tfCrcf789Kl0GvCu5MURTfvOXzrf1MfuByaz7zyJHWfM+lJ59obvP8gfLjeP1nX1Ju/weh/Hvo+NGO6z8bzsP3wpx5e+/zEa/3tcuv2bHvfVf3F6/XuOuFrbv91AfL242/J+cLT5Tbx/O83PH/1eee/lpz+8df1fv4L470Pv6nw+1+Ncz/fnm5fftj0Pw4Xu8z4fjj/uL1HvjKt3oe/5XPltuffUu53ZEw4/7vDR/vfMtz8+3n6/HG0Y77Vby13C7uf+Y7v926PN5evP3u4584fLnjfHSvj2f+ubyd6a7t4+fjfqK/6Np/83ba12fc/9O/daTjPFft/8p7nn1583a7939/13ajXdfv/o1Nf/iZz/fcXzyeQ392tuP+HHp3eB6H/T/1wbAew+X/c+XzHfuNjry78/Unbv+lbRc77k/0th+V+7/y+hOt+R+TP/79m15w8wsvvbJ57ori2+8tb69q/yf+6EzH8X/5tvtaj0e8PHb0u/e/nLj/cx+bOn1m4cL8bNtZbf3unHeUx7N5YsvW5vHeEl5buz8+fOb8h+bOTc5MzhTFZH1/hd41+0qYPyjHpdVe/77HwuN5x+99c+s9//S5+Pl/ebT8/OW3l1+3Xh22+0L4/Lby8VtsrHH/T915W+v53Xim/Lijxz4AO3b+5/4VbRjuf/f3BXG9n33ph1rnoXlZ6+tGfF6v8fi/O1vezjfCeV0Mv5n5rtuu7q99+/i7ES6/t3y+r/n8hZe5+Lj+SXi83/m98vbjccX7+93wfcy3tne+3sX18Y2LI9233/otHpfC60lxqbw8bhXP9+Xnb+t5ePH3kBSXbm99/Dvpdm5f1d1czsLHF6ZPzp++8Pj0+bmF89MLH//E4VNnLpw+f7j1uzwPf7jq+ldfn7a2Xp9m5/Y+WMxsKYriTDGzDi9Y1+f4m39b2fGffezY7L6Ze2bnjh+9cPz8Y2fnzp04trBwbG524Z6jx4/Pfazq+vOzB3ftPrBn3+6pE/OzB/cfOLDnwNT86TPNwygPqsLemY9MnT53uHWVhYMPHtj10EMPzkydOjM7d3DfzMzUharrt742TTWv/etT5+ZOHj0/f2puamH+E3MHdx3Yu3d35W8DPHX2+MLk9LkLp6cvLMydmy7vy+T51qebX/uqrk89Lfxb+f1st0b5i/iKd92/N/1+1qavfmrZmyo36foFos+F30XzDy86u38lH8fcPx5mkkn+BwAAgBzE3L8pzET+BwAAgNqIuX9zmIn8DwAAALURc/9EmEkm+V//X/9/Zf3/8nL9/7z6/2c/WvZKN3r/P/bn9f/zcIP7/2vev/6//n/9+v8r789v9OPX/9f/Z6lh6//H3L+lKLLM/wAAAJCDmPu3hpnI/wAAAFAbMfffFGYi/wMAAEBtxNz/gjCTTPK//v+K+v+7qwpX9e//e/9//f9iY/b/44Oj/5+NVffv3/dox4f6/4H+v/6//r/+v/4/aza+7CU3qv8fc//NYSaZ5H8AAADIQcz9Lwwzkf8BAACgNmLuvyXMRP4HAACA2oi5f1uYSSb5X//f+//r/+v/17r/v9b3/287GP3/jcH7//en/1/hmvv/E/r/G7H/Pz7Y4x/u/n/l4ev/c10M2/v/x9z/ojCTTPI/AAAA5CDm/heHmcj/AAAAUBsx978kzET+BwAAgNqIuf/WMJNM8r/+v/6//r/+v/5/7/1Xv/9/+Tf9/+Gi/9+f/n8F7/+fV/9/wMc/3P3/Qb////ibu6+v/08vw9b/j7n/pWEmmeR/AAAAyEHM/beFmcj/AAAAUBsx978szET+BwAAgNqIuX97mEkm+V//X/9f/1//X/+/9/6r+/8l/f/hov/fn/5/Bf1//X/9/5X1/3t886v/Ty/D1v+Puf/2MJNM8j8AAADkIOb+O8JM5H8AAACojZj7/1+YifwPAAAAtRFz/44wk0zyv/6//r/+f179//s36f/r/9eb/n9/+v8V9P/1//X/V/j+/0utpv+/uerGqI1h6//H3P/yMJNM8j8AAADkIOb+V4SZyP8AAABQGzH3vzLMRP4HAACA2oi5fzLMJJP8r/9fr/7/n/71U68s9P/1/yv2X9P+f1wG+v+Z0//vT/+/gv6//r/+/7r0/8nHsPX/Y+6/M8wkk/wPAAAAOYi5/64wE/kfAAAAaiPm/rvDTOR/AAAAqI2Y+3eGmWSS//X/69X/j/T/9f/77b+m/f9E/z9v+v89tD1J9f8r6P/r/2ff/4/f/er/MxjD1v+Puf9VYSaZ5H8AAADIQcz994SZyP8AAABQGzH3vzrMRP4HAACA2oi5/94wk0zyv/6//r/+v/6//n/v/ev/b0z6//3p/1fQ/9f/z77/7/3/Gaxh6//H3P+aMJNM8j8AAADkIOb++8JM5H8AAACojfj/b5b/36v8DwAAAHUUc/9UmEkm+V//X/8/p/5/Q/9f/1//v/b0//vT/6+g/6//r/+v/89ADVv/P+b+14aZZJL/AQAAIAcx9z8QZiL/AwAAQG3E3D8dZiL/AwAAQG3E3D8TZpJJ/tf/1//Pqf/v/f/1//X/60//vz/9/wr6//r/dev/F4X+PzfUsPX/Y+7fFWaSSf4HAACAHMTcvzvMRP4HAACA2oi5f0+YifwPAAAAtRFz/4NhJpnkf/1//X/9f/1//f/e+9f/35j0//vT/6+g/6//X7f+v/f/5wYbtv5/zP0PhZlkkv8BAAAgBzH37w0zkf8BAACgNmLu3xdmIv8DAABAbcTcvz/MJJP8r/9fk/7/b/59x771//X/++1/MP3/Lfr/Yer/D5ea9v+7nxbXTP+/gv6//r/+v/4/AzVs/f+Y+w+EmWSS/wEAACAHMfe/LsxE/gcAAIDaiLn//4eZyP8AAABQGzH3/0yYSSb5X/+/Jv3/Lvr/+v/99u/9//X/66ym/f+B0f+voP+v/6//r//PQF3//n/828r6/zH3HwwzyST/AwAAQA5i7v/ZMBP5HwAAAGoj5v7Xh5nI/wAAAFAbMfcfCjPJJP/r/+v/6//r/1+f/v/ri27D2P9vLh79/3rR/+9P/7+C/r/+v/6//j8DNWzv/x9z/xvCTDLJ/wAAAJCDmPsfDjOR/wEAAKA2Yu5/Y5iJ/A8AAAC1EXP/m8JMMsn/+v/6//r/+v/e/7/3/vX/Nyb9//70/yvo/+v/6//r/zNQw9b/j7n/zWEmmeR/AAAAyEHM/W8JM5H/AQAAoDZi7n9rmIn8DwAAALURc//bwkwyyf/6//r/+v/6//r/vfev/78x6f/3p/9fQf9f/1//X/+fgRq2/n/M/T8XZpJJ/gcAAIAcxNz/SJiJ/A8AAAC1EXP/28NM5H8AAACojZj73xFmkkn+1//X/9f/1//X/++9f/3/jUn/vz/9/wr6//r/+v/6/wzUsPX/Y+5/Z5hJJvkfAAAAchBz/8+Hmcj/AAAAUBsx978rzET+BwAAgNqIuf8Xwkwyyf/6//r/+v/6/1n0/5tX0v/Pgv5/f/r/FXr0/zfr/+v/6//r/3PNhq3/H3P/u8NMMsn/AAAAkIOY+98TZiL/AwAAQG3E3P/eMBP5HwAAAGoj5v5Hw0wyyf/6/1n2/9Nd1v8v6f9n0P/3/v/Z0P/vT/+/gvf/1//X/9f/Z6CGrf8fc/9jYSaZ5H8AAADIQcz97wszkf8BAACgNmLu/8UwE/kfAAAAaiPm/veHmWSS//X/s+z/e///dev/j3Wsj5z6/xNtj2dal/r/+v/rQP+/P/3/Cvr/+v/D3P8Pq3nLMtfX/2cYDVv/P+b+D4SZZJL/AQAAIAcx9/9SmIn8DwAAALURc/8vh5nI/wAAAFAbMff/SphJJvlf/1//X//f+/97///e+9f/35j0//vT/6+g/6//P8z9/wr6/wyjYev/x9z/q2EmmeR/AAAAyEHM/R8MM5H/AQAAoDZi7j8cZiL/AwAAQG3E3H8kzCST/K//393/j++oqv+v/6//r/+v/78RDa7//7Kbi0L/X/9f/1//X/9f/5+1GLb+f8z9R8NMMsn/AAAAkIOY+38tzET+BwAAgNqIuf9YmIn8DwAAALURc/9smEkm+V//3/v/D6r//xP9f/3/QP+/N/3/9eH9//vT/6+g/6//r/+v/89ADVv/P+b+uTCTTPI/AAAA1Fj6cXDM/cfDTOR/AAAAqI2Y+0+Emcj/AAAAUBsx938ozCST/K//r//v/f9vRP9/rGN7/f+S/r/+/yDo//en/19B/1//X/9f/5+BGrb+f8z982EmmeR/AAAAyEHM/R8OM5H/AQAAoDZi7v9ImIn8DwAAALURc//JMJNM8r/+v/5/7v3/RlFc8v7/+v+99q//vzHp//en/19B/1//X/9f/5+BGrb+f8z9p8JMMsn/AAAAkIOY+0+Hmcj/AAAAUBsx958JM5H/AQAAoDZi7j8bZpJJ/tf/1//Pvf9f3JD3/+/cXv+/pP+v/z8IS/r3Y6u7/rL9//9j7z6a9DirPg4/r8u2pNXLR2DNiiWs+Aps2VHFmgVgcjAmZzA5B5NzzsnknHM2OUcTDVWiGJ1zLGked8tWa6b7Pte1OUiFeUbWYOqP6lf3He901d31//p//f8k/b/+X//P+dbW/+fuv1fc0mT/AwAAQAe5++8dt9j/AAAAMIzc/feJW+x/AAAAGEbu/qvilib7X/+v/9f/6//P6f+v1//r/7fN+//T9P8z9P/6f/2//p9Fra3/z91/37ilyf4HAACADnL33y9usf8BAABgGLn77x+32P8AAAAwjNz9D4hbmux//b/+X/+v//f+//7P1/9vk/5/mv5/hv5f/6//1/+zqLX1/7n7Hxi3NNn/AAAA0EHu/gfFLfY/AAAADCN3/4PjFvsfAAAAhpG7/yFxS5P9r//X/+v/9f/6//2fr//fput2N/8zQf9/mP5/xkz/v9vp/6dccD+//5e3na//Fuj/9f8ctrb+P3f/Q+OWJvsfAAAAOsjd/7C4xf4HAACAYeTuvzpusf8BAABgGLn7Hx63NNn/+n/9v/5f/6//3//5+v9t8v7/tIvv/+9wu3veo2//7/3/ad7/1//r/znf2vr/3P3XxC1N9j8AAAB0kLv/EXGL/Q8AAADDyN3/yLjF/gcAAIBh5O5/VNzSZP/r/9v0/we1i/5f/6//1/+PTv8/zfv/Mw7+MXeqfqj/1//r//X/XJy19f+5+x8dtzTZ/wAAANBB7v7HxC32PwAAAAwjd/9j4xb7HwAAAIaRu/9xcUuT/a//b9P/e/9f/6//1/+3oP+fpv+fMcr7/7fxu+a4+/mLddxfv/5f/89ha+v/c/c/Pm5psv8BAACgg9z9T4hb7H8AAAAYRu7+J8Yt9j8AAAAMI3f/k+KWJvtf/6//30b/n5+g/9f/6//1/9P0/9P0/zNG6f9vo+Pu57f+9ev/9f8ctrb+P3f/k+OWJvsfAAAAOsjd/5S4xf4HAACAYeTuf2rcYv8DAADAMHL3Py1uabL/9f/6/230/97/1//r//X/F0b/P03/P0P/r//X/+v/WdTa+v/c/dfGLU32PwAAAHSQu//pcYv9DwAAAMPI3f+MuMX+BwAAgGHk7n9m3NJk/+v/9f/6f/2//n//5+v/t0n/P03/P0P/r//X/+v/WdSK+v+z/qqTu2fFLU32PwAAAHSQu//ZcYv9DwAAAMPI3f+cuMX+BwAAgGHk7n9u3NJk/+v/V9P/H+R8Y/X/p3a7nf5/17T/P3XW72d9X+r/9f9HQP8/Tf8/Q/+v/9f/6/9Z1Ir6/4Mf5+5/XtzSZP8DAABAB7n7nx+32P8AAAAwjNz9L4hb7H8AAAAYRu7+F8YtTfa//n81/f+Bsfp/7/+f//3Rqf/3/v9h+v+jof+fpv+fof/X/+v/9f8sam39f+7+F8VNV15xm3+JAAAAwMrk7n9x3NLkz/8BAACgg9z9L4lb7H8AAADYqGsP/Uzu/pfGLU32v/5/2f7/yrN+Tv+v/z//+0P/r//X/196+v9p+v8Z+n/9v/5f/8+i1tb/5+5/WdzSZP8DAABAB7n7r4tb7H8AAAAYRu7+l8ct9j8AAAAMI3f/K+KWJvtf/+/9f/2//l//v//z9f/bpP+fpv+fof/X/x9v/3/i5n+p/2cMt6L/P3369NWXvP/P3f/KuKXJ/gcAAIAOcve/Km6x/wEAAGAYuftfHbfY/wAAADCM3P2viVua7H/9f9P+P7/V9f8H9P/6/32fr//fJv3/NP3/DP2//t/7//p/FrW29/9z9782bmmy/wEAAKCD3P2vi1vsfwAAABhG7v7Xxy32PwAAAAwjd/8b4pYm+1//37T/9/6//l//f9T9/007/f+R2ET/f+qWP3/t/f81+n/9/4R2/f9d73zOD/X/+n8OW1v/n7v/jXFLk/0PAAAAHeTuf1PcYv8DAADAMHL3vzlusf8BAABgGLn73xI3Xd5k/+v/9f/6f/2//n//5x/x+/9X7nY7/f8CNtH/T1h7/+/9f/3/lHb9/3n0//p/Dltb/5+7/61xS5P9DwAAAB3k7n9b3GL/AwAAwDBy9789brH/AQAAYBi5+98RtzTZ//p//b/+X/8/fP9/zSb6f+//L0T/P03/P0P/r//X/+v/ORLH1f/n7n9n3NJk/wMAAEAHufvfFbfY/wAAADCM3P3vjlvsfwAAABhG7v73xC1N9r/+X/+v/9f/n1hd/3/ynP+8Ju//6/8Xov+fpv+fof/X/+v/r9X/s6S1vf+fu/+9cUuT/Q8AAAAd5O5/X9z6v27tfwAAABhG7v73xy32PwAAAAwjd/8H4pYm+1//r//X/+v/h3//X//fiv5/mv5/hv5f/6//9/4/i1pb/5+7/4NxS5P9DwAAAB3k7v9Q3GL/AwAAwDBy9384brH/AQAAYBi5+6+PW5rsf/2//l//r//X/5/5PdT/j0H/P+1o+v9T+n/9f/Xz/xf/LdD/6//n/nrGtLb+P3f/R+KWJvsfAAAAOsjd/9G4xf4HAACAYeTu/1jcYv8DAADAJl2+5+dy9388bmmy//X/+n/9v/5f/7//8/X/26T/n+b9/xn6/1vZz9/+nB9t7f3/8//3S/+v/2d5a+v/c/d/Im5psv8BAACgg9z9n4xb7H8AAAAYRu7+T8Ut9j8AAAAMI3f/p+OWJvtf/6//1//r//X/+z9f/79N+v9p+v8Z+v9jfT9/61+//l//z2Fr6/9z938mbmmy/wEAAKCD3P2fjVvsfwAAABhG7v7PxS32PwAAAAzjYPdnXNZw/+v/9f/6f/2//n//5+v/t0n/P03/P0P/r//X/+v/WdTa+v/PH/xVJ3dfiFua7H8AAADoIHf/F+MW+x8AAACGkbv/S3GL/Q8AAADDyN3/5bilyf7X/+v/t9H/nz59+mr9v/7/3F/Pzf3/Dfp/iv5/mv5/hv5f/6//1/+zqLX1/7n7vxK3NNn/AAAA0EHu/q/GLfY/AAAADCN3/9fiFvsfAAAAhpG7/+txS5P9r/9fQf9/Uv/v/X/9/877//r/hej/p+n/Z4zY/5+88F/+cffzF+u4v379v/6fw9bW/+fu/0bc0mT/AwAAQAe5+78Zt9j/AAAAMIzc/d+KW+x/AAAAGEbu/m/HLU32v/7/6Pr///296/L+/6nd/q9f/6//1//r/y81/f80/f+MEfv/W+G4+/mtf/36f/0/h62t/8/d/524pcn+BwAAgA5y9383brH/AQAAYBi5+78Xt9j/AAAAMIzc/d+PW5rsf/3/Ct7/H7D/9/7//u8P/f+q+//L9P9j0P9P0//P0P/r//X/C/X/+d2s/+9ubf1/7v4fxC1N9j8AAAB0kLv/h3GL/Q8AAADDyN3/o7jF/gcAAIBh5O6/IW45a//va7tHof/X/+v/9f/6//2fr//fJv3/tAvt/0/sLq7/T/p//b/+v2v/7/1/zlhb/5+7/8dxiz//BwAAgM254hZ+Pnf/T+IW+x8AAACGkbv/p3GL/Q8AAADDyN3/s7jlxsuO60s6Uvp//b/+X/+v/9//+fr/bdL/T/P+/wz9/xL9/F30/2P0/7ud/p+Lt7b+P3f/z+MWf/4PAAAAw8jd/4u4xf4HAACAYeTu/2XcYv8DAADAMHL3/ypuabL/9f/6/4vs/w/STP3/Gfr/M/T/++n/j4b+f5r+f4b+3/v/+n/v/7OotfX/uft/Hbc02f8AAADQQe7+38Qt9j8AAAAMI3f/b+MW+x8AAACGkbv/d3FLk/1/bP1//K3W/2++//f+v/5f/6//XxX9/zT9/wz9v/5f/6//Z1Fr6/9z9/8+bmmy/wEAAKCD3P1/iFvsfwAAABhG7v4/xi32PwAAAAwjd/+f4pYm+9/7//p//b/+X/+///P1/9uk/5+m/9+vfqP0//p//b/+n0Wtrf/P3f/nuKXJ/gcAAIAOcvf/JW6x/wEAAGAYuftvjFvsfwAAABhG7v6/xi1N9r/+X/+v/9f/6//3f77+f5v0/9OOs/+/2//Pf6z3/4+9/88vQf+v/9f/s4i19f+5+/8WtzTZ/wAAANBB7v6/xy32PwAAAAwjd/8/4hb7HwAAAIaRu/+fcUuT/T/T/5+of6P+f5L+/9yvX/+///tD/6//1/9fevr/ad7/n6H/9/6//l//z6LW1v/n7v9X3NJk/wMAAEAHuftvilvsfwAAABhG7v5/xy32PwAAAAwjd/9/4pYm+9/7//p//b/+X/+///P1/9uk/5+m/5+h/9f/6//1/yxqbf1/7v7/BgAA//+GT2Bf")
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x804051, 0x0, 0x1, 0x0, &(0x7f0000000d40))
creat(&(0x7f0000000000)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0xa5)
unlink(&(0x7f0000000440)='\xe9\x1fq\x89Y\x1e\x923aK\x00')

2.400174303s ago: executing program 7 (id=916):
syz_open_dev$vcsu(&(0x7f0000000040), 0x33d7, 0x80002)
r0 = syz_io_uring_setup(0x231, &(0x7f0000000080)={0x0, 0x2804, 0x10100}, &(0x7f0000000540)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffff56})
io_uring_enter(r0, 0x7a98, 0xb816, 0x0, 0x0, 0x0)

2.026864024s ago: executing program 7 (id=918):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r0, &(0x7f00000007c0)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4}, 0xe)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000280)={0xfbca, 0x6, 0xb45, 0x8, 0x5, 0x0, 0xd}, 0xc)

1.961586717s ago: executing program 4 (id=919):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@local, 0x1})
ioctl$IOCTL_VMCI_CTX_ADD_NOTIFICATION(r0, 0x7af, &(0x7f0000000080)={@my=0x1, 0x100})

1.91222735s ago: executing program 3 (id=920):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000000)=0x219a, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x40000, &(0x7f0000000180)={0xa, 0x4e20, 0x8001, @loopback, 0x627bcafb}, 0x1c)
recvmmsg(r0, &(0x7f0000003680)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000740)=""/27, 0x1b}, 0x3}], 0x1, 0x12142, 0x0)

1.805058356s ago: executing program 7 (id=921):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r0, &(0x7f0000000340)="a4", 0x1, 0x4000, &(0x7f0000000400)={0xa, 0x4e20, 0x0, @private1}, 0x1c)
shutdown(r0, 0x1)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000001ec0)={0x6, 0x8209, 0x0, 0x3b3}, &(0x7f0000001f00)=0x10)

1.713895321s ago: executing program 4 (id=922):
io_submit(0x0, 0x1, &(0x7f00000000c0)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x7, 0x8000, 0xffffffffffffffff, 0x0, 0x0, 0x5, 0x0, 0x23595c11a6aa1112}])
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)

1.463106684s ago: executing program 7 (id=923):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000080)=ANY=[@ANYBLOB='acl,heartbeat=none,dir_resv_level=00003,coherency=full,coherency=full,localflocks,coherency=full,noacl,\x00'/119], 0x1, 0x4428, &(0x7f0000008940)="$eJzs3T9sG2UfAOD3Lvm+Jv3afknpUCQkLFEJBChKOgGpRJqmTZM2FBVaIRbXSdw24MRV4iCGDmGrxITEgBgqkNgyVRlYy8jIwlgmhkowsCAhVQTZPie5i62YKk5oeR6pOd/73/75Xr83XN84Ubk5t5SbW8oVFnLlmetLJ3MflUvL88UQ75H97p/2dCJOYr9/Lp05987VkyF8N/vjw/X19fVQ1R2aGtry+vffbs9sPTbEmTrVdpu3tlveDyEc2zauqq4QwnvfhhCFEE4naaPJsTeEcCTU867e/vRabpdGc+9B8VT+0dSdteETk6t311q/9yiEL0vPvnpj/pcXuoZ/enmXugcAAAAAAAAAAAAAAAAA4Ak3fvnSlbcHh8L9KHSvRtuf1x1Pjq2ej13fNc93/s0CAAAAAAAAAAAAAAAAAADAP9Tm8/+56GiT5//HkuNIi/rrb3Z+jHTOxFuXxs4ODiX7v0fb8l9Lkn493RX6m+z7nt3//XSmfvP937f387ga42v02xeieCB1HscDAyF8nWz8fjw6GJfKS5VXrpeXF2Z3bRhPrHT867v3p6KTbOi/U/x//r5ebjTTfuf3/39m27epen5t975iT7V0/Ltalvvmk6it6/9Mpt5exJ/Hl45/dy2td2uBkfoEUI3/Z907x38s036n4n8khJCLqmPNpWaA6hqmmt5qvUJaOv7/qaWlps7kg2x1/f+Rif/ZTPv7Nf+vZH+IaCod///W0npSJTav//545+v/XKb9/Yh/dfwrfv/bko7/gXpid6pI7ZNsd/4fz7TfqfhfiZNxHolS34DVqJ7e6v+rIy0d/55t+Zv3f3Fb67/zmfp7df/X6Ldx/9eY/l+K6vd/NJeOf2/Lcu1e/xOZep2e/0dq6z8eVzr+B2tp6bVzX+1vu/GfzLTfqfjXViU9jfhvzid/Hqinf2X915Z0/P9XT4y3llip/a2t/6Kd1/8XMu3vx/qvOv6VuLO9Pi3S8T/Uslw1/j+08ft/MVOv8/HfzdXEv086/odblqtd/z07x38qU6/T8X+xk40DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAFGk2NfiOKB1HkcDwyEcCY5Px4ORtOF2fx0qTzz4VIIY0l6LhyNbpTK04VSfm6hPFvMF0ql8kwIZ5P8Y6EnWiqVK/n5wq1zG231RjeLhcXKdLFQCSGMJ+nPhcONtqbnKvOFWyGE8xt5/4/Li7duFhbys3OLbwwODg6GiY0x9EfFjyvFhUq993puCJMbdfuiLYOrZV/YGMuh6IPy8uJCoVRLv7ilTqk8UyhtqTOV5H0e+qPK4vLCTKFSzJfKNxr97aeR5Dg2cfndyxeHtuVfi+rH0b0dFgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/0/3h178IIXTXz+IQQi5KXkTJv5R7D4qn8o+m7qwNn5hcvbv2sFkZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgL/YgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwi79ozQQRHEAfjMWWnoMq2W3s11RRAtXBE+gx/AwehQv4R0sUqRNEQLJLIT9A9sk1fc1D+bHzHswDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOUe37r317qJSHG1vYz4/fz7P86fS/2+m75/cYYZOZ2nl+7+oW7Kv6dRfluOVm3ep5v110dM1N7PYE+G+3Qw7jM0t29z8/V9ryPlKiLakt+knKtq2VsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwI4dOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7MCxAAAAAIAwf+so+jYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4FQAA//8KEyDQ")
openat(0xffffffffffffff9c, 0x0, 0x4c1, 0x108)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000200), 0xfea7)

1.421514475s ago: executing program 3 (id=924):
r0 = socket(0xa, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={<r1=>0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x4e20, 0x8001, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0xa}]}, &(0x7f0000000080)=0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x25, &(0x7f00000000c0)={r1, @in={{0x2, 0x4e1b, @broadcast}}, 0xfff9, 0x4}, 0x90)

1.209972317s ago: executing program 4 (id=925):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone3(&(0x7f00000015c0)={0x3002000, 0x0, 0x0, 0x0, {0x3e}, 0x0, 0x0, 0x0, 0x0}, 0x58)

1.101617433s ago: executing program 3 (id=926):
setresuid(0x0, 0xee00, 0x0)
capset(&(0x7f00000004c0)={0x20080522}, &(0x7f0000000500)={0x200002, 0x200003, 0x801, 0x0, 0x7, 0x204})
r0 = inotify_init1(0x0)
cachestat(r0, &(0x7f0000000000)={0xffff, 0x2}, 0x0, 0x0)

938.969573ms ago: executing program 0 (id=927):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15)
ioctl$TCSETS(r0, 0x40384708, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x0, 0x0, "3eccd8000200000500"})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xd)

855.228702ms ago: executing program 3 (id=928):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x0, &(0x7f0000001280)={[{@errors_remount}, {@errors_remount}, {@resgid}, {@dioread_nolock}, {@nojournal_checksum}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x400000}}, {@usrjquota}]}, 0x1, 0x788, &(0x7f0000002800)="$eJzs3M9rXOUaAOD3nGaa/si9kwt3ce+mCi20UDpJmk27Mm7ETaFQcFtDMgkhJ5mSmdQkFpq6E4TabFQE0b1Lt0Kpf4A7KSi4F0RrXKibkTOZTJt2Zjptk04bnwdO5vvOfN9533dm8uUcyJkA/rFezX8kEUMRcTEiis39aUQcbLQORaxvjdu8d20q35Ko1y/9kuTTYrNebB0raT4ejcaU+F9E3ClEnH7v0bjV1bX5ySwrLzX7I7WFKyPV1bUzcwuTs+XZ8uLY+PnRc+Pj50bHd63WE2+dP3zr2zc2Nr77qnbz2MCZJCYadUeztl0L9ICt16QQEw/tX9yLYH2U9DBm4DnkAQBAd/l5/oHmuVkhinGg21maEzgAAAB4KdUH6736s+eRAAAAwAsmiR4Hju5xIgAAAMAe2f4/gO17e/fqPthOfn49IobbxR9o3EMccSgKEXFkM9lx+0GyNQ2eyfqNiLg90ebz18sdzd2N3m8e3p0jsttu5+vPRLv1J22tP9Fm/RnY/u6EZ9R5/bsf/0CH9e9ijzG+/uz/hY7xb1RX3j/WLn7Sip90iP92j/Fvbnxwq9Nz9S8iTrb9+5PsiNXl+yFGZuaydr9arXTv/HXqbuf6I448Ej9JGlGT7vVf6bH+dzd/m1/vEv/U8e7v/1b8wR3z8s/Eh8080oi41XzM+xs7QwweX/j+m0cjJ+vb8ac7vP7t3/83W/V/3mP9P345uNLjUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGhII2IokrTUaqdpqRRxNCL+G0fSrFKtnZ6pLC9O589FDEchnZnLyqMRUdzqJ3l/rNG+3z/7UH88Iv7zw+GtoHNZuTRVyab7XTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtRyNiKJK0FBFpRPxeTNNSqd9ZAQAAALtuuN8JAAAAAHvO9T8AAADsf097/Z/sch4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAvnbxwoV8q2/euzaV96evri7PV66emS5X50sLy1OlqcrSldJspTKblUtTlYXHHS+NiLHzsbwyUitXayPV1bXLC5XlxdrluYXJ2fLlcuG5VAUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCTGmpsSVqKiLTRTtNSKeJfETEchWRmLiuPRsS/I+JusTCY98f6nTQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC7rrq6Nj+ZZeWll7tR31/l9NyIJOIFSKND45Pmu9JtTLIe0fdU02aiz3KciCeZdf0xL0u/G6/0aT0CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKC/qqtr85NZVl6q9jsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+iv9KYmIfDtZPDH08LMHkz+KjceIeOfTSx+tTNZqS2P5/l9b+2sfN/effWDi9edZAwAAAOx7rz3J4O3r9O3reAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgF5VV9fmJ7OsvLSHjbjR7yoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICn8XcAAAD//4vfuQk=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000000000)={0xffffffffffffff23, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab)
fadvise64(r0, 0x7f, 0x80000001, 0x4)

696.635608ms ago: executing program 6 (id=929):
syz_mount_image$erofs(&(0x7f00000000c0), &(0x7f0000000000)='./file2\x00', 0x0, &(0x7f00000003c0)=ANY=[], 0xfd, 0x1dc, &(0x7f0000000640)="$eJzslr+PEkEUx78zu1nAaEwsbSwkUQuX3UWNjYk0VhYm/iAWJhJZCbJKAhRCYtC/wN7EwsLef8BE2/sjLtxV13DdNdfsZXZmd+cICxwcUNz7JDy+s8y8ffPe5A0gCOLCsr93NAqRj/RlFJFTzw+MdA7X5u/mD7/8f/qk+v3N753cyC5M8xmGi7/fBPCvYqCXrD29uqi+X4An+iU47ihdBYOt9FtwvFLaB8NrpT9oui3m2/b7ZuDb79pBXQhHGFcYT5jyZHzjbwx1LT6m/d7tD1q1IPA7axTz8jeucDzS4tPrZUNG62j5c8HhKl0Gw3OlHyIX50amRNv/dTP1b8zcv4V1Z0SEcoZV165klsoCsFwYAEsc/sRK28FXdWTXeYYyhIFIxBU9J8/GhnYhDvqcOTA3nlW2WjKXqcXfx3JN/CQcynE052qGw3C44CssLJONtD+Fvxhuaf1JtpIf0VUjSljq9gd3mx9rDb/hf/K88gPnnuPc90pRI5J2Rv8rRP3pUup/6p0ksJiFz7Ver+NKm4w9aad1XB71P47bN+VYFNea8JvXNFMfEyaY7L2tP5nREwRBbI8bYMehwoyFuk2g/dd9tsUYCYIgCIIgCIIgCIJYjZMAAAD//4U6Q1I=")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000040)='./file0\x00')
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='tracefs\x00', 0x80, 0x0)

567.854235ms ago: executing program 4 (id=930):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00'}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r0, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r0, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x6, 0x3, &(0x7f0000000640)=@framed, &(0x7f0000000d40)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r1}, 0x94)

299.611732ms ago: executing program 4 (id=931):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'ip_vti0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB="180100001000010400"/20, @ANYRES32=r2, @ANYBLOB="0000000000000000f80012800800010076746900ec0002"], 0x119}}, 0x0)

142.342132ms ago: executing program 6 (id=932):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000002240)='./file0\x00', 0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="73686f72746e616d653d77696e6e742c666c7573682c646d61736b3d30303030303030303030303030303030303137373737372c73686f72746e616d653d77696e39352c636865636b3d7374726963742c73686f72746e616d653d6d697865642c6e6f6e756d7461696c3d302c757466383d312c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c756e695f786c6174653d312c726f6469722c696f636861727365743d757466382c666d61736b3d30303030303030303030303030303030303030303030342c646d61736b3d30303030303030303030303030303030303030303030372c757466383d312c726f6469722c73686f72746e616d653d77696e39352c726f6469722c00743ccfec81d6c7d05b0f2a54ddce151ec4cbbaacb9552647fd950fedfdc024b3953e7669bc9d4f66e3beaecb80fe73633280b1d3e82023d4f5c7f5a4989406c0f0d0cf537f132dc1e63d84a17532cb78ae7a368bc0029207b9b166705972f4e8dad041e6be170bf43057b456d43f100c53b471aa6c8e3751", @ANYRES16], 0x1, 0x2c2, &(0x7f00000006c0)="$eJzs3T+LI2UYAPBndpNJ7iySwkoEB7SwOm6vtckiOThMpaRQC128O5AkCHew4CkGK1sbSz+BINj5JWwEP4DgB7DzioNXJpkh2btJsoHLrX9+vyL77Lzv877POzPZPyzz7sevziZ3i7j/9Ze/R7ebxdEgBvE4i34cRS2llGJl8G0AAP9mj1OKP9PSJVMG5UsWEd3DlgYAHMje3/9/OnhJAMCBvff+B++cjkbDd4uiG7dn35yPy9/sy4/L9tP78WlM417cjF48Wf4toP5poXy9nVKat4pSP96Yzc/HZebso1+q8U/riU6iF/1FdDH/zmh4Uiyt5c/LOq5X8w/K+W9FL15umP/OaHirIT/Gebz5+lr9N6IXv34Sn8U07i6KWOV/dVIUb6fv/vriw7K8Mj+bn487i34r6fjFXRUAAAAAAAAAAAAAAAAAAAAAAP7rblR753RisX9Peajaf+f4SflJO4pa/+L+PMv8rB7oqf2B5im+T6nTihgNbxZFkaqOq/xWvNKK1tWsGgAAAAAAAAAAAAAAAAAAAP5ZHn7+aHI2nd570BD8dj1iQ9OGoN4NoH6sf0fW8aamwdqR1+LR5KyzecC1pqMq3DJpHNd9soity4lWux65v9dJ2D+4tqnmH37cd8Du7j7tbefn+QT13TU5y6KxTyfqI936mv683iePS86Vb2pKu2+/tSBvbOrtvfb8pUUw39Insm2FvfXH8sxVR7KnV5EvzmpjenttN47me6P5Wmx6pzwjW7yt8+f3xQcAAAAAAAAAAAAAAAAAALhg9dDvM03XdqQepc7BygIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAF2r1///3COZV8iU65/Hg4RUvEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP+BvwMAAP//QSRWPA==")
syz_emit_ethernet(0x86, &(0x7f0000000000)=ANY=[@ANYBLOB="bbbbbbbbbbbbecbeba5e41010800450000784400000000119078ac1414bbe000000100004e220064907802000000020700000000000087404a1521cd01f9df5ed1edadd5f225602902d238b3605ef3d3776442bc6a4af34f90b9c395844234c7cdd78918f38e876f904f4b9b8b0be78ecf3ecf498db86fce414cc0adba1f2cab5d"], 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)

141.663884ms ago: executing program 0 (id=933):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, 0x0)
r0 = syz_open_procfs$pagemap(0x0, &(0x7f0000000140))
ioctl$PAGEMAP_SCAN(r0, 0xc0606610, &(0x7f00000001c0)={0x60, 0x0, &(0x7f0000391000/0x4000)=nil, &(0x7f0000e18000/0x3000)=nil, 0x0, &(0x7f0000001500)=[{0x7, 0x0, 0x3}, {0x2, 0x5, 0x5}], 0x2, 0x2b2, 0x0, 0x0, 0x0, 0x18})

0s ago: executing program 4 (id=934):
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6000, 0x0)
r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mount$bind(0x0, &(0x7f0000000180)='./file0/file0\x00', 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r0, 0x50009405, &(0x7f0000000180))

kernel console output (not intermixed with test programs):

0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.333" name="file1" dev="loop4" ino=15 res=0 errno=0
[  103.140974][  T794] gspca_sq930x: reg_w 0105 bf00 failed -71
[  103.171382][   T24] usb 4-1: USB disconnect, device number 3
[  103.174647][ T5833] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.177663][   T29] audit: type=1800 audit(1770057584.839:20): pid=6742 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.333" name="file2" dev="loop4" ino=16 res=0 errno=0
[  103.215120][  T794] sq930x 2-1:0.0: probe with driver sq930x failed with error -71
[  103.251339][  T794] usb 2-1: USB disconnect, device number 6
[  103.414083][ T6751] netlink: 8 bytes leftover after parsing attributes in process `syz.4.336'.
[  103.860956][ T6766] set_capacity_and_notify: 2 callbacks suppressed
[  103.860974][ T6766] loop1: detected capacity change from 0 to 256
[  103.870002][ T6765] loop3: detected capacity change from 0 to 1024
[  103.944603][ T6766] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  104.153088][   T12] hfsplus: b-tree write err: -5, ino 4
[  104.435974][ T6785] loop1: detected capacity change from 0 to 4096
[  104.443965][ T6785] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512).
[  104.482190][ T6793] ucma_write: process 182 (syz.4.355) changed security contexts after opening file descriptor, this is not allowed.
[  104.512952][ T6785] ntfs3(loop1): ino=1a, mi_enum_attr
[  104.518486][ T6785] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  104.535588][ T3094] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  104.551591][   T29] audit: type=1800 audit(1770057586.269:21): pid=6785 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.352" name="file1" dev="loop1" ino=30 res=0 errno=0
[  104.611969][ T2948] ntfs3(loop1): ino=1e, ntfs3_write_inode failed, -22.
[  104.696345][ T3094] usb 4-1: Using ep0 maxpacket: 16
[  104.704759][ T3094] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  104.717726][ T3094] usb 4-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  104.727190][ T3094] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  104.735290][ T5935] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  104.745786][ T3094] usb 4-1: config 0 descriptor??
[  104.884684][ T5935] usb 1-1: Using ep0 maxpacket: 16
[  104.893953][ T5935] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 8
[  104.901666][ T6803] loop1: detected capacity change from 0 to 512
[  104.911105][ T5935] usb 1-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  104.920606][ T5935] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  104.929821][ T5935] usb 1-1: Product: syz
[  104.934293][ T5935] usb 1-1: Manufacturer: syz
[  104.940689][ T5935] usb 1-1: SerialNumber: syz
[  104.945954][ T6803] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e01c, mo2=0002]
[  104.956793][ T6803] System zones: 1-12
[  104.964363][ T5935] usb 1-1: config 0 descriptor??
[  104.971791][ T6803] EXT4-fs error (device loop1): dx_probe:791: inode #2: comm syz.1.359: Directory hole found for htree index block 0
[  104.976739][ T5935] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected
[  104.988694][ T6803] loop1: lost file I/O error report for ino 2 type 5 pos 0x0 len 0x0 error -117
[  104.994398][ T6803] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -117
[  104.994466][    C0] EXT4-fs (loop1): error count since last fsck: 1
[  104.994481][    C0] EXT4-fs (loop1): initial error at time 1770057586: dx_probe:791: inode 2
[  104.994509][    C0] EXT4-fs (loop1): last error at time 1770057586: dx_probe:791: inode 2
[  104.996471][ T5935] usb 1-1: Detected FT232R
[  105.005616][ T6803] EXT4-fs error (device loop1): dx_probe:791: inode #2: comm syz.1.359: Directory hole found for htree index block 0
[  105.056385][ T6803] loop1: lost file I/O error report for ino 2 type 5 pos 0x0 len 0x0 error -117
[  105.056816][ T6803] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117
[  105.076645][ T6803] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.098961][ T6803] EXT4-fs (loop1): shut down requested (2)
[  105.121281][ T5819] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.191907][ T3094] mcp2221 0003:04D8:00DD.0005: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.3-1/input0
[  105.222815][ T5935] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  105.457442][ T5935] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  105.539009][ T6815] loop4: detected capacity change from 0 to 4096
[  105.557377][ T6815] ntfs3(loop4): Different NTFS sector size (2048) and media sector size (512).
[  105.626604][ T5894] usb 4-1: USB disconnect, device number 4
[  105.681997][ T5935] usb 1-1: USB disconnect, device number 4
[  105.736356][ T5935] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  105.751425][ T6822] loop1: detected capacity change from 0 to 2048
[  105.773343][ T5935] ftdi_sio 1-1:0.0: device disconnected
[  105.790352][ T6822] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=2362, location=2362
[  105.827767][ T6822] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  105.866777][ T6822] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4
[  105.916549][ T6822] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  105.992472][ T6827] netlink: 8 bytes leftover after parsing attributes in process `syz.4.369'.
[  106.298424][ T6837] netlink: 36 bytes leftover after parsing attributes in process `syz.3.373'.
[  106.311802][ T6839] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  106.450142][ T6843] loop3: detected capacity change from 0 to 512
[  106.508973][ T6843] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  106.562367][ T6843] EXT4-fs (loop3): 1 truncate cleaned up
[  106.587390][ T6843] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  106.706442][ T6829] loop2: detected capacity change from 0 to 32768
[  106.749593][   T29] audit: type=1800 audit(1770057588.459:22): pid=6843 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.376" name="file1" dev="loop3" ino=15 res=0 errno=0
[  106.796568][ T6829] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  106.859515][ T6859] vcan0: tx address claim with dlc 0
[  106.881599][ T5818] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.927651][ T6829] XFS (loop2): Ending clean mount
[  106.980328][ T6866] macvtap0: entered promiscuous mode
[  106.987893][ T6829] XFS (loop2): Quotacheck needed: Please wait.
[  107.054654][ T6866] macvtap0: left promiscuous mode
[  107.066542][ T6829] XFS (loop2): Quotacheck: Done.
[  107.183898][ T5822] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  107.474816][ T6876] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  107.487642][ T6845] loop4: detected capacity change from 0 to 32768
[  107.515322][ T6845] xfs: Deprecated parameter 'noikeep'
[  107.522009][ T6845] XFS: noikeep mount option is deprecated.
[  107.583399][ T6845] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  107.633441][ T6884] loop1: detected capacity change from 0 to 2048
[  107.695109][ T6845] XFS (loop4): Ending clean mount
[  107.735822][ T6884] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  107.755573][ T6845] XFS (loop4): Quotacheck needed: Please wait.
[  107.776966][ T5822] hfsplus: bad catalog entry type
[  107.927443][ T6845] XFS (loop4): Quotacheck: Done.
[  108.110300][ T5833] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  108.267729][ T6904] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  108.331378][ T6907] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  108.379401][ T6907] EXT4-fs (loop0): 1 truncate cleaned up
[  108.396507][ T6907] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  108.426758][   T29] audit: type=1800 audit(1770057590.149:23): pid=6907 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.397" name="file1" dev="loop0" ino=15 res=0 errno=0
[  108.463340][ T2948] hfsplus: b-tree write err: -5, ino 4
[  108.650314][ T5817] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.777615][ T3026] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.878399][ T6898] XFS (loop3): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  108.908086][ T3026] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.960301][ T6925] program syz.1.402 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  108.996282][ T6898] XFS (loop3): Ending clean mount
[  109.056539][ T5830] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  109.065881][ T5830] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  109.073864][ T5830] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  109.081956][ T5830] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  109.090627][ T5830] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  109.099952][ T3026] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.151936][ T5818] XFS (loop3): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  109.339270][ T6937] set_capacity_and_notify: 4 callbacks suppressed
[  109.339287][ T6937] loop1: detected capacity change from 0 to 4096
[  109.418408][ T3026] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.465580][ T6937] ntfs3(loop1): ino=5, "/" mi_enum_attr
[  109.590701][   T12] ntfs3(loop1): ino=5, mi_enum_attr
[  109.767100][ T6946] loop4: detected capacity change from 0 to 512
[  109.820596][ T6946] EXT4-fs (loop4): 1 truncate cleaned up
[  109.865927][ T6946] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.904580][   T29] audit: type=1800 audit(1770057591.609:24): pid=6946 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.411" name="file0" dev="loop4" ino=13 res=0 errno=0
[  109.926678][ T6946] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.411: bg 0: block 465: padding at end of block bitmap is not set
[  110.037200][ T6946] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6687: Corrupt filesystem
[  110.055280][ T3026] bridge_slave_1: left allmulticast mode
[  110.074599][ T3026] bridge_slave_1: left promiscuous mode
[  110.075789][ T6946] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.411: invalid indirect mapped block 234881024 (level 0)
[  110.093875][ T3026] bridge0: port 2(bridge_slave_1) entered disabled state
[  110.148396][ T3026] bridge_slave_0: left allmulticast mode
[  110.164220][ T3026] bridge_slave_0: left promiscuous mode
[  110.173075][ T3026] bridge0: port 1(bridge_slave_0) entered disabled state
[  110.175711][ T6965] netlink: 4 bytes leftover after parsing attributes in process `syz.3.416'.
[  110.212117][ T5833] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.284815][ T3094] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  110.413339][ T6947] loop1: detected capacity change from 0 to 32768
[  110.432120][ T6947] (syz.1.410,6947,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  110.457486][ T3094] usb 1-1: Using ep0 maxpacket: 32
[  110.467723][ T6947] (syz.1.410,6947,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  110.478984][ T3094] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  110.501181][ T3094] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  110.544585][ T3094] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  110.560267][ T3094] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  110.568615][ T5880] usb 5-1: new full-speed USB device number 4 using dummy_hcd
[  110.589943][ T6947] JBD2: Ignoring recovery information on journal
[  110.603389][ T3094] usb 1-1: config 0 descriptor??
[  110.626395][ T3094] hub 1-1:0.0: USB hub found
[  110.699893][ T6947] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  110.766535][ T5880] usb 5-1: config 0 interface 0 altsetting 127 endpoint 0x81 has invalid wMaxPacketSize 0
[  110.784036][ T5880] usb 5-1: config 0 interface 0 has no altsetting 0
[  110.800532][ T5880] usb 5-1: New USB device found, idVendor=0b05, idProduct=1a30, bcdDevice= 0.00
[  110.812261][ T5880] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  110.832151][ T3094] hub 1-1:0.0: 1 port detected
[  110.852891][ T5880] usb 5-1: config 0 descriptor??
[  110.858886][ T5819] ocfs2: Unmounting device (7,1) on (node local)
[  110.886384][ T3026] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  110.925500][ T3026] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  110.969978][ T3026] bond0 (unregistering): Released all slaves
[  111.124846][ T5825] Bluetooth: hci3: command tx timeout
[  111.193296][ T6985] loop1: detected capacity change from 0 to 512
[  111.209327][ T6985] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  111.244774][ T6985] EXT4-fs (loop1): 1 truncate cleaned up
[  111.253203][ T6985] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  111.335107][ T5880] asus 0003:0B05:1A30.0006: unknown main item tag 0x0
[  111.341948][ T5880] asus 0003:0B05:1A30.0006: unknown main item tag 0x0
[  111.348814][ T5880] asus 0003:0B05:1A30.0006: unknown main item tag 0x0
[  111.359070][ T5880] asus 0003:0B05:1A30.0006: unknown main item tag 0x0
[  111.368261][ T5880] asus 0003:0B05:1A30.0006: unknown main item tag 0x0
[  111.369568][ T6929] chnl_net:caif_netlink_parms(): no params data found
[  111.376789][ T5880] asus 0003:0B05:1A30.0006: unknown main item tag 0x0
[  111.389169][ T5880] asus 0003:0B05:1A30.0006: unknown main item tag 0x0
[  111.396111][ T5880] asus 0003:0B05:1A30.0006: unknown main item tag 0x0
[  111.402972][ T5880] asus 0003:0B05:1A30.0006: unknown main item tag 0x0
[  111.413822][ T5880] asus 0003:0B05:1A30.0006: unknown main item tag 0x0
[  111.435348][ T5880] asus 0003:0B05:1A30.0006: unexpected long global item
[  111.475918][ T5880] asus 0003:0B05:1A30.0006: Asus hid parse failed: -22
[  111.482943][ T5880] asus 0003:0B05:1A30.0006: probe with driver asus failed with error -22
[  111.485017][ T6991] loop3: detected capacity change from 0 to 256
[  111.535824][ T6991] exfat: Deprecated parameter 'utf8'
[  111.541265][ T6991] exfat: Deprecated parameter 'utf8'
[  111.551864][ T5819] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.627782][ T6991] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x97423c56, utbl_chksum : 0xe619d30d)
[  111.633911][ T5880] usb 5-1: USB disconnect, device number 4
[  111.853560][ T3094] hub 1-1:0.0: hub_hub_status failed (err = -32)
[  111.874780][ T3094] hub 1-1:0.0: config failed, can't get hub status (err -32)
[  111.898545][ T7000] loop3: detected capacity change from 0 to 1024
[  111.904338][ T3094] usbhid 1-1:0.0: can't add hid device: -32
[  111.915656][ T3094] usbhid 1-1:0.0: probe with driver usbhid failed with error -32
[  111.928851][ T7002] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  111.955022][ T3094] usb 1-1: USB disconnect, device number 5
[  111.965508][ T3026] hsr_slave_0: left promiscuous mode
[  111.982621][ T7000] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  111.996288][ T3026] hsr_slave_1: left promiscuous mode
[  112.008877][ T3026] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  112.016628][ T3026] batman_adv: batadv0: Removing interface: batadv_slave_0
[  112.028450][ T3026] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  112.038999][ T3026] batman_adv: batadv0: Removing interface: batadv_slave_1
[  112.044718][ T7000] ext4 filesystem being mounted at /77/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  112.103139][ T3026] veth1_macvtap: left promiscuous mode
[  112.118785][ T3026] veth0_macvtap: left promiscuous mode
[  112.125719][ T7000] EXT4-fs error (device loop3): ext4_map_blocks:818: inode #15: block 3: comm syz.3.422: lblock 3 mapped to illegal pblock 3 (length 3)
[  112.152716][ T3026] veth1_vlan: left promiscuous mode
[  112.158767][ T3026] veth0_vlan: left promiscuous mode
[  112.187839][ T7000] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  112.224660][ T7000] EXT4-fs (loop3): This should not happen!! Data will be lost
[  112.224660][ T7000] 
[  112.420785][   T12] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm kworker/u8:0: bg 0: block 112: padding at end of block bitmap is not set
[  112.469842][   T12] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 36 with error 117
[  112.509432][   T12] EXT4-fs (loop3): This should not happen!! Data will be lost
[  112.509432][   T12] 
[  112.553570][ T5818] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  113.206603][ T5825] Bluetooth: hci3: command tx timeout
[  113.261933][ T7041] loop0: detected capacity change from 0 to 32768
[  113.278506][ T7041] 
[  113.278506][ T7041]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  113.278506][ T7041] 
[  113.376367][   T35] read_mapping_page failed!
[  113.380902][   T35] ERROR: (device loop0): txCommit: 
[  113.380902][   T35] 
[  113.390807][   T35] jfs_write_inode: jfs_commit_inode failed!
[  113.405891][ T5817] 
[  113.405891][ T5817]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  113.405891][ T5817] 
[  113.423367][ T5817] 
[  113.423367][ T5817]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  113.423367][ T5817] 
[  113.438801][ T3026] team0 (unregistering): Port device team_slave_1 removed
[  113.500958][ T3026] team0 (unregistering): Port device team_slave_0 removed
[  113.775653][ T7048] loop0: detected capacity change from 0 to 512
[  113.826647][ T7048] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.863828][ T7048] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  113.895952][ T7048] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  113.958754][ T5817] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.123765][ T6929] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.148445][ T6929] bridge0: port 1(bridge_slave_0) entered disabled state
[  114.171755][ T6929] bridge_slave_0: entered allmulticast mode
[  114.190536][ T6929] bridge_slave_0: entered promiscuous mode
[  114.212276][ T7053] warning: `syz.0.438' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  114.231508][ T7053] mac80211_hwsim hwsim3 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  114.262708][ T6929] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.270418][ T6929] bridge0: port 2(bridge_slave_1) entered disabled state
[  114.296975][ T6929] bridge_slave_1: entered allmulticast mode
[  114.344282][ T6929] bridge_slave_1: entered promiscuous mode
[  114.490815][ T6929] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  114.565774][ T6929] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  114.728701][ T6929] team0: Port device team_slave_0 added
[  114.777523][ T6929] team0: Port device team_slave_1 added
[  114.874321][ T6929] batman_adv: batadv0: Adding interface: batadv_slave_0
[  114.894165][ T6929] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  114.994820][ T6929] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  115.043169][ T7062] loop1: detected capacity change from 0 to 32768
[  115.049909][ T6929] batman_adv: batadv0: Adding interface: batadv_slave_1
[  115.072675][ T6929] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  115.100864][ T7062] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.443 (7062)
[  115.170933][ T6929] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  115.187178][ T7062] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  115.229755][ T7062] BTRFS info (device loop1): using sha256 checksum algorithm
[  115.289081][ T5825] Bluetooth: hci3: command tx timeout
[  115.453632][ T7062] BTRFS info (device loop1): rebuilding free space tree
[  115.553717][ T6929] hsr_slave_0: entered promiscuous mode
[  115.561715][ T7062] BTRFS info (device loop1): disabling free space tree
[  115.571711][ T7062] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  115.592395][ T6929] hsr_slave_1: entered promiscuous mode
[  115.597025][ T7108] loop4: detected capacity change from 0 to 256
[  115.624568][ T7062] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  115.636915][ T6929] debugfs: 'hsr0' already exists in 'hsr'
[  115.642685][ T6929] Cannot create hsr debugfs directory
[  115.657945][ T7108] exFAT-fs (loop4): failed to load upcase table (idx : 0x0001e4a3, chksum : 0x00949fb8, utbl_chksum : 0x7319d30d)
[  115.681059][ T7062] BTRFS info (device loop1): enabling ssd optimizations
[  115.704685][ T7062] BTRFS info (device loop1): turning on sync discard
[  115.735352][ T7062] BTRFS info (device loop1): force clearing of disk cache
[  115.764815][ T7062] BTRFS info (device loop1): enabling auto defrag
[  115.771297][ T7062] BTRFS info (device loop1): max_inline set to 0
[  115.842985][ T7075] loop0: detected capacity change from 0 to 40427
[  115.883660][ T7112] loop4: detected capacity change from 0 to 512
[  115.907738][ T7075] F2FS-fs (loop0): invalid crc value
[  115.944645][ T7112] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  116.004471][ T7112] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043c11c, mo2=0002]
[  116.012509][ T7112] System zones: 1-12
[  116.092338][ T7112] EXT4-fs error (device loop4): ext4_iget_extra_inode:5052: inode #15: comm syz.4.452: corrupted in-inode xattr: e_value size too large
[  116.126430][ T7112] loop4: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  116.131102][ T7112] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.452: couldn't read orphan inode 15 (err -117)
[  116.140328][    C0] EXT4-fs (loop4): error count since last fsck: 1
[  116.140351][    C0] EXT4-fs (loop4): initial error at time 1770057597: ext4_iget_extra_inode:5052: inode 15
[  116.140384][    C0] EXT4-fs (loop4): last error at time 1770057597: ext4_iget_extra_inode:5052: inode 15
[  116.200542][ T7112] loop4: lost filesystem error report for type 5 error -117
[  116.201328][ T5819] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  116.242718][ T7112] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  116.257091][ T7075] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  116.266803][ T7075] F2FS-fs (loop0): Start checkpoint disabled!
[  116.276308][ T7075] F2FS-fs (loop0): f2fs_disable_checkpoint() finish, err:0
[  116.291935][ T7075] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  116.432021][ T5833] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.480393][   T12] kworker/u8:0: attempt to access beyond end of device
[  116.480393][   T12] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  116.524572][   T12] CPU: 0 UID: 0 PID: 12 Comm: kworker/u8:0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  116.524600][   T12] Tainted: [L]=SOFTLOCKUP
[  116.524606][   T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  116.524615][   T12] Workqueue: writeback wb_workfn (flush-7:0)
[  116.524638][   T12] Call Trace:
[  116.524645][   T12]  <TASK>
[  116.524652][   T12]  dump_stack_lvl+0xe8/0x150
[  116.524678][   T12]  f2fs_handle_critical_error+0x37c/0x540
[  116.524706][   T12]  f2fs_write_end_io+0xcdb/0xff0
[  116.524748][   T12]  __submit_merged_bio+0x256/0x700
[  116.524776][   T12]  __submit_merged_write_cond+0x3c3/0x4e0
[  116.524806][   T12]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  116.524852][   T12]  f2fs_write_data_pages+0x2970/0x35e0
[  116.524922][   T12]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  116.524959][   T12]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  116.525021][   T12]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  116.525089][   T12]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  116.525113][   T12]  do_writepages+0x32e/0x550
[  116.525144][   T12]  ? reacquire_held_locks+0x104/0x190
[  116.525167][   T12]  ? writeback_sb_inodes+0x43d/0x19a0
[  116.525195][   T12]  __writeback_single_inode+0x133/0x11a0
[  116.525217][   T12]  ? do_raw_spin_unlock+0xf5/0x210
[  116.525239][   T12]  writeback_sb_inodes+0x944/0x19a0
[  116.525265][   T12]  ? ret_from_fork_asm+0x1a/0x30
[  116.525299][   T12]  ? __lock_acquire+0x6b5/0x2cf0
[  116.525326][   T12]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  116.525345][   T12]  ? do_raw_spin_lock+0x12b/0x2f0
[  116.525407][   T12]  ? rcu_is_watching+0x15/0xb0
[  116.525440][   T12]  wb_writeback+0x456/0xb70
[  116.525464][   T12]  ? queue_io+0x1f1/0x4a0
[  116.525494][   T12]  ? __pfx_wb_writeback+0x10/0x10
[  116.525512][   T12]  ? do_raw_spin_lock+0x12b/0x2f0
[  116.525548][   T12]  wb_workfn+0x414/0xf50
[  116.525568][   T12]  ? look_up_lock_class+0x57/0x110
[  116.525602][   T12]  ? __pfx_wb_workfn+0x10/0x10
[  116.525624][   T12]  ? do_raw_spin_lock+0x12b/0x2f0
[  116.525645][   T12]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  116.525688][   T12]  ? process_one_work+0x87c/0x1650
[  116.525708][   T12]  process_one_work+0x949/0x1650
[  116.525754][   T12]  ? __pfx_process_one_work+0x10/0x10
[  116.525773][   T12]  ? do_raw_spin_lock+0x12b/0x2f0
[  116.525809][   T12]  worker_thread+0xb46/0x1140
[  116.525860][   T12]  kthread+0x388/0x470
[  116.525878][   T12]  ? __pfx_worker_thread+0x10/0x10
[  116.525903][   T12]  ? __pfx_kthread+0x10/0x10
[  116.525922][   T12]  ret_from_fork+0x51e/0xb90
[  116.525947][   T12]  ? __pfx_ret_from_fork+0x10/0x10
[  116.525968][   T12]  ? __switch_to+0xc7d/0x1450
[  116.525993][   T12]  ? __pfx_kthread+0x10/0x10
[  116.526011][   T12]  ret_from_fork_asm+0x1a/0x30
[  116.526053][   T12]  </TASK>
[  116.526060][   T12] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  116.784678][   T58] wlan1: Trigger new scan to find an IBSS to join
[  117.059789][ T6929] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  117.138852][ T6929] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  117.212711][ T6929] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  117.277016][ T6929] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  117.307003][ T7144] netlink: 64 bytes leftover after parsing attributes in process `syz.1.463'.
[  117.366824][ T5825] Bluetooth: hci3: command tx timeout
[  117.414527][   T10] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  117.425193][ T7128] loop3: detected capacity change from 0 to 32768
[  117.469000][ T6929] 8021q: adding VLAN 0 to HW filter on device bond0
[  117.496622][ T6929] 8021q: adding VLAN 0 to HW filter on device team0
[  117.499476][ T7128] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  117.531776][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[  117.538999][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[  117.610767][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[  117.617986][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[  117.627903][   T10] usb 5-1: too many configurations: 9, using maximum allowed: 8
[  117.655751][   T10] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  117.669686][   T10] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  117.686498][   T10] usb 5-1: config 0 interface 0 has no altsetting 0
[  117.694790][   T10] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  117.714032][   T10] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  117.729833][   T10] usb 5-1: config 0 interface 0 has no altsetting 0
[  117.738887][   T10] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  117.748685][   T10] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  117.767940][   T10] usb 5-1: config 0 interface 0 has no altsetting 0
[  117.771580][ T7128] XFS (loop3): Ending clean mount
[  117.782302][   T10] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  117.801199][   T10] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  117.835986][   T10] usb 5-1: config 0 interface 0 has no altsetting 0
[  117.864259][   T10] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  117.883381][   T10] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  117.915126][ T5818] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  117.923746][   T10] usb 5-1: config 0 interface 0 has no altsetting 0
[  117.960252][   T10] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  117.985510][   T10] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  118.054722][   T10] usb 5-1: config 0 interface 0 has no altsetting 0
[  118.104698][   T10] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  118.131101][   T10] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  118.162942][   T10] usb 5-1: config 0 interface 0 has no altsetting 0
[  118.180063][   T10] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  118.214505][   T10] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  118.244562][   T10] usb 5-1: config 0 interface 0 has no altsetting 0
[  118.273526][   T10] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  118.297399][   T10] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  118.311587][   T10] usb 5-1: Product: syz
[  118.322695][   T10] usb 5-1: Manufacturer: syz
[  118.328207][   T10] usb 5-1: SerialNumber: syz
[  118.345265][   T10] usb 5-1: config 0 descriptor??
[  118.375049][   T10] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0
[  118.400847][ T6929] 8021q: adding VLAN 0 to HW filter on device batadv0
[  118.505296][ T7190] tap0: tun_chr_ioctl cmd 1074025681
[  118.649446][    C0] usb 5-1: yurex_control_callback - control failed: -71
[  118.659420][   T10] usb 5-1: USB disconnect, device number 5
[  118.674897][   T10] yurex 5-1:0.0: USB YUREX #0 now disconnected
[  119.163172][ T6929] veth0_vlan: entered promiscuous mode
[  119.188369][ T6929] veth1_vlan: entered promiscuous mode
[  119.293640][ T6929] veth0_macvtap: entered promiscuous mode
[  119.336361][ T6929] veth1_macvtap: entered promiscuous mode
[  119.414243][ T6929] batman_adv: batadv0: Interface activated: batadv_slave_0
[  119.459681][ T6929] batman_adv: batadv0: Interface activated: batadv_slave_1
[  119.518314][   T58] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  119.531899][   T58] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  119.556977][   T58] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  119.557436][ T7228] overlayfs: upper fs does not support file handles, falling back to index=off.
[  119.576233][   T58] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  119.576260][ T7227] program syz.3.482 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  119.587200][ T7228] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=null.
[  119.763330][ T2948] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.785105][ T2948] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  119.937898][   T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.948113][   T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  120.280983][ T7231] loop1: detected capacity change from 0 to 32768
[  120.333315][ T7231] jfs_readdir called with invalid offset!
[  120.812020][ T7258] loop3: detected capacity change from 0 to 4096
[  120.862035][ T7262] loop1: detected capacity change from 0 to 4096
[  120.935956][ T7238] loop4: detected capacity change from 0 to 40427
[  120.960904][ T7238] F2FS-fs (loop4): invalid crc value
[  120.987364][ T7269] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  121.001819][ T7266] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  121.080168][   T29] audit: type=1800 audit(1770057602.799:25): pid=7262 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.497" name="file1" dev="loop1" ino=15 res=0 errno=0
[  121.171595][   T29] audit: type=1800 audit(1770057602.799:26): pid=7262 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.497" name="file1" dev="loop1" ino=15 res=0 errno=0
[  121.193761][ T7238] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  121.247690][ T7238] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  121.390975][ T7238] F2FS-fs (loop4): Stopped filesystem due to reason: 0
[  121.593347][ T7278] netlink: 8 bytes leftover after parsing attributes in process `syz.1.501'.
[  121.603611][ T5825] Bluetooth: hci1: unexpected event for opcode 0x1407
[  121.664923][ T7278] netlink: 4 bytes leftover after parsing attributes in process `syz.1.501'.
[  121.673853][ T7278] netlink: 'syz.1.501': attribute type 18 has an invalid length.
[  121.693478][ T7256] loop0: detected capacity change from 0 to 32768
[  121.767076][ T2948] wlan1: Trigger new scan to find an IBSS to join
[  121.779759][ T7256] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  121.874568][ T7270] loop5: detected capacity change from 0 to 32768
[  121.923849][ T7256] XFS (loop0): Ending clean mount
[  121.934835][ T7270] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  121.966976][ T7256] XFS (loop0): Quotacheck needed: Please wait.
[  122.104902][ T7256] XFS (loop0): Quotacheck: Done.
[  122.189065][ T7270] XFS (loop5): Ending clean mount
[  122.224661][ T7270] XFS (loop5): Quotacheck needed: Please wait.
[  122.313321][ T5817] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  122.322692][ T7270] XFS (loop5): Quotacheck: Done.
[  122.397785][ T6929] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  122.729787][   T49] wlan1: Creating new IBSS network, BSSID 5a:ed:5e:1e:28:da
[  122.850286][ T7316] loop1: detected capacity change from 0 to 2048
[  122.892844][ T7316] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found!
[  122.931305][ T7316] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  123.278478][ T7334] input: syz1 as /devices/virtual/input/input7
[  123.579715][ T7346] loop5: detected capacity change from 0 to 512
[  123.678178][ T7346] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  123.692059][ T7346] ext4 filesystem being mounted at /7/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  123.818686][ T7346] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.524: bg 0: block 217: padding at end of block bitmap is not set
[  123.878267][ T7327] loop3: detected capacity change from 0 to 32768
[  123.898796][ T7346] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6687: Corrupt filesystem
[  123.966460][ T7332] loop0: detected capacity change from 0 to 40427
[  124.003632][ T7327] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  124.025385][ T7332] F2FS-fs: heap/no_heap options were deprecated
[  124.054274][ T6929] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.063209][ T7365] EXT4-fs: Ignoring removed bh option
[  124.070517][ T7365] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  124.110599][ T7332] F2FS-fs (loop0): build fault injection rate: 19
[  124.119630][ T7365] EXT4-fs (loop1): 1 truncate cleaned up
[  124.152172][ T7332] F2FS-fs (loop0): build fault injection type: 0x3bfe8c
[  124.156208][ T7365] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  124.215969][ T7327] XFS (loop3): Ending clean mount
[  124.237507][ T7332] F2FS-fs (loop0): invalid crc value
[  124.263739][ T5819] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.264047][ T7327] XFS (loop3): Quotacheck needed: Please wait.
[  124.345819][ T7332] F2FS-fs (loop0): inject page alloc in f2fs_grab_cache_folio of f2fs_build_free_nids+0x9d8/0x1810
[  124.409367][ T7327] XFS (loop3): Quotacheck: Done.
[  124.598944][ T7332] F2FS-fs (loop0): inject slab alloc in f2fs_kmem_cache_alloc of read_node_folio+0x221/0x410
[  124.642014][ T5818] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  124.674737][ T7332] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  124.697812][ T7332] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  124.873853][ T7332] F2FS-fs (loop0): inject page alloc in f2fs_grab_cache_folio of f2fs_get_dnode_of_data+0x911/0x2060
[  124.949073][ T7390] F2FS-fs (loop0): inject page alloc in f2fs_grab_cache_folio of f2fs_new_inode_folio+0xed/0x140
[  125.043959][    C0] F2FS-fs (loop0): inject write IO error in f2fs_write_end_io of blk_update_request+0x57e/0xe60
[  125.054592][    C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  125.054623][    C0] Tainted: [L]=SOFTLOCKUP
[  125.054631][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  125.054641][    C0] Call Trace:
[  125.054648][    C0]  <TASK>
[  125.054656][    C0]  dump_stack_lvl+0xe8/0x150
[  125.054688][    C0]  f2fs_handle_critical_error+0x37c/0x540
[  125.054718][    C0]  f2fs_write_end_io+0xcdb/0xff0
[  125.054744][    C0]  ? blk_update_request+0x57e/0xe60
[  125.054785][    C0]  blk_update_request+0x57e/0xe60
[  125.054822][    C0]  blk_mq_end_request+0x3e/0x70
[  125.054851][    C0]  blk_done_softirq+0x10a/0x160
[  125.054877][    C0]  ? smpboot_thread_fn+0x4d/0xa50
[  125.054903][    C0]  handle_softirqs+0x22a/0x870
[  125.054930][    C0]  ? schedule+0x90/0x360
[  125.054946][    C0]  ? run_ksoftirqd+0x36/0x60
[  125.054978][    C0]  ? smpboot_thread_fn+0x4d/0xa50
[  125.055003][    C0]  run_ksoftirqd+0x36/0x60
[  125.055028][    C0]  smpboot_thread_fn+0x541/0xa50
[  125.055055][    C0]  ? smpboot_thread_fn+0x4d/0xa50
[  125.055096][    C0]  kthread+0x388/0x470
[  125.055115][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  125.055138][    C0]  ? __pfx_kthread+0x10/0x10
[  125.055157][    C0]  ret_from_fork+0x51e/0xb90
[  125.055185][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  125.055208][    C0]  ? __switch_to+0xc7d/0x1450
[  125.055233][    C0]  ? __pfx_kthread+0x10/0x10
[  125.055252][    C0]  ret_from_fork_asm+0x1a/0x30
[  125.055290][    C0]  </TASK>
[  125.055297][    C0] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  125.207787][    C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  125.207815][    C0] Tainted: [L]=SOFTLOCKUP
[  125.207822][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  125.207832][    C0] Call Trace:
[  125.207840][    C0]  <TASK>
[  125.207848][    C0]  dump_stack_lvl+0xe8/0x150
[  125.207879][    C0]  f2fs_handle_critical_error+0x37c/0x540
[  125.207909][    C0]  f2fs_write_end_io+0xcdb/0xff0
[  125.207950][    C0]  blk_update_request+0x57e/0xe60
[  125.207989][    C0]  blk_mq_end_request+0x3e/0x70
[  125.208016][    C0]  blk_done_softirq+0x10a/0x160
[  125.208049][    C0]  ? smpboot_thread_fn+0x4d/0xa50
[  125.208075][    C0]  handle_softirqs+0x22a/0x870
[  125.208102][    C0]  ? schedule+0x90/0x360
[  125.208118][    C0]  ? run_ksoftirqd+0x36/0x60
[  125.208150][    C0]  ? smpboot_thread_fn+0x4d/0xa50
[  125.208176][    C0]  run_ksoftirqd+0x36/0x60
[  125.208201][    C0]  smpboot_thread_fn+0x541/0xa50
[  125.208229][    C0]  ? smpboot_thread_fn+0x4d/0xa50
[  125.208263][    C0]  kthread+0x388/0x470
[  125.208281][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  125.208305][    C0]  ? __pfx_kthread+0x10/0x10
[  125.208323][    C0]  ret_from_fork+0x51e/0xb90
[  125.208351][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  125.208374][    C0]  ? __switch_to+0xc7d/0x1450
[  125.208399][    C0]  ? __pfx_kthread+0x10/0x10
[  125.208418][    C0]  ret_from_fork_asm+0x1a/0x30
[  125.208458][    C0]  </TASK>
[  125.208465][    C0] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  125.249667][ T7377] F2FS-fs (loop4): invalid crc value
[  125.250234][    C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  125.250260][    C0] Tainted: [L]=SOFTLOCKUP
[  125.250266][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  125.250277][    C0] Call Trace:
[  125.250284][    C0]  <TASK>
[  125.250291][    C0]  dump_stack_lvl+0xe8/0x150
[  125.250321][    C0]  f2fs_handle_critical_error+0x37c/0x540
[  125.250349][    C0]  f2fs_write_end_io+0xcdb/0xff0
[  125.250388][    C0]  blk_update_request+0x57e/0xe60
[  125.250425][    C0]  blk_mq_end_request+0x3e/0x70
[  125.250452][    C0]  blk_done_softirq+0x10a/0x160
[  125.250477][    C0]  ? smpboot_thread_fn+0x4d/0xa50
[  125.250502][    C0]  handle_softirqs+0x22a/0x870
[  125.250528][    C0]  ? schedule+0x90/0x360
[  125.250543][    C0]  ? run_ksoftirqd+0x36/0x60
[  125.250574][    C0]  ? smpboot_thread_fn+0x4d/0xa50
[  125.250597][    C0]  run_ksoftirqd+0x36/0x60
[  125.250621][    C0]  smpboot_thread_fn+0x541/0xa50
[  125.250647][    C0]  ? smpboot_thread_fn+0x4d/0xa50
[  125.250680][    C0]  kthread+0x388/0x470
[  125.250697][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  125.250721][    C0]  ? __pfx_kthread+0x10/0x10
[  125.250739][    C0]  ret_from_fork+0x51e/0xb90
[  125.250765][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  125.250786][    C0]  ? __switch_to+0xc7d/0x1450
[  125.250810][    C0]  ? __pfx_kthread+0x10/0x10
[  125.250828][    C0]  ret_from_fork_asm+0x1a/0x30
[  125.250867][    C0]  </TASK>
[  125.250874][    C0] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  125.508340][    C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  125.508367][    C0] Tainted: [L]=SOFTLOCKUP
[  125.508374][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  125.508385][    C0] Call Trace:
[  125.508391][    C0]  <TASK>
[  125.508397][    C0]  dump_stack_lvl+0xe8/0x150
[  125.508425][    C0]  f2fs_handle_critical_error+0x37c/0x540
[  125.508452][    C0]  f2fs_write_end_io+0xcdb/0xff0
[  125.508486][    C0]  blk_update_request+0x57e/0xe60
[  125.508519][    C0]  blk_mq_end_request+0x3e/0x70
[  125.508544][    C0]  blk_done_softirq+0x10a/0x160
[  125.508568][    C0]  ? smpboot_thread_fn+0x4d/0xa50
[  125.508591][    C0]  handle_softirqs+0x22a/0x870
[  125.508616][    C0]  ? schedule+0x90/0x360
[  125.508631][    C0]  ? run_ksoftirqd+0x36/0x60
[  125.508660][    C0]  ? smpboot_thread_fn+0x4d/0xa50
[  125.508683][    C0]  run_ksoftirqd+0x36/0x60
[  125.508705][    C0]  smpboot_thread_fn+0x541/0xa50
[  125.508727][    C0]  ? smpboot_thread_fn+0x4d/0xa50
[  125.508759][    C0]  kthread+0x388/0x470
[  125.508777][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  125.508800][    C0]  ? __pfx_kthread+0x10/0x10
[  125.508817][    C0]  ret_from_fork+0x51e/0xb90
[  125.508842][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  125.508864][    C0]  ? __switch_to+0xc7d/0x1450
[  125.508886][    C0]  ? __pfx_kthread+0x10/0x10
[  125.508903][    C0]  ret_from_fork_asm+0x1a/0x30
[  125.508939][    C0]  </TASK>
[  125.508947][    C0] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  125.620072][ T7377] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  125.622518][    C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  125.622542][    C0] Tainted: [L]=SOFTLOCKUP
[  125.622548][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  125.622559][    C0] Call Trace:
[  125.622566][    C0]  <TASK>
[  125.622574][    C0]  dump_stack_lvl+0xe8/0x150
[  125.622604][    C0]  f2fs_handle_critical_error+0x37c/0x540
[  125.622633][    C0]  f2fs_write_end_io+0xcdb/0xff0
[  125.622671][    C0]  blk_update_request+0x57e/0xe60
[  125.622709][    C0]  blk_mq_end_request+0x3e/0x70
[  125.622735][    C0]  blk_done_softirq+0x10a/0x160
[  125.622760][    C0]  ? smpboot_thread_fn+0x4d/0xa50
[  125.622785][    C0]  handle_softirqs+0x22a/0x870
[  125.622810][    C0]  ? schedule+0x90/0x360
[  125.622826][    C0]  ? run_ksoftirqd+0x36/0x60
[  125.622856][    C0]  ? smpboot_thread_fn+0x4d/0xa50
[  125.622880][    C0]  run_ksoftirqd+0x36/0x60
[  125.622904][    C0]  smpboot_thread_fn+0x541/0xa50
[  125.622930][    C0]  ? smpboot_thread_fn+0x4d/0xa50
[  125.622962][    C0]  kthread+0x388/0x470
[  125.622980][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  125.623011][    C0]  ? __pfx_kthread+0x10/0x10
[  125.623029][    C0]  ret_from_fork+0x51e/0xb90
[  125.623055][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  125.623077][    C0]  ? __switch_to+0xc7d/0x1450
[  125.623100][    C0]  ? __pfx_kthread+0x10/0x10
[  125.623119][    C0]  ret_from_fork_asm+0x1a/0x30
[  125.623158][    C0]  </TASK>
[  125.623165][    C0] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  125.633078][ T7377] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  125.654605][ T5817] F2FS-fs (loop0): do_checkpoint failed err:-5, stop checkpoint
[  126.032782][ T5833] syz-executor: attempt to access beyond end of device
[  126.032782][ T5833] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  126.055837][ T5833] CPU: 1 UID: 0 PID: 5833 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  126.055865][ T5833] Tainted: [L]=SOFTLOCKUP
[  126.055872][ T5833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  126.055881][ T5833] Call Trace:
[  126.055889][ T5833]  <TASK>
[  126.055896][ T5833]  dump_stack_lvl+0xe8/0x150
[  126.055924][ T5833]  f2fs_handle_critical_error+0x37c/0x540
[  126.055953][ T5833]  f2fs_write_end_io+0xcdb/0xff0
[  126.055992][ T5833]  __submit_merged_bio+0x256/0x700
[  126.056019][ T5833]  __submit_merged_write_cond+0x3c3/0x4e0
[  126.056048][ T5833]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  126.056091][ T5833]  f2fs_write_data_pages+0x2970/0x35e0
[  126.056147][ T5833]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  126.056184][ T5833]  ? css_rstat_updated+0x23a/0x530
[  126.056234][ T5833]  ? rcu_is_watching+0x15/0xb0
[  126.056258][ T5833]  ? mod_memcg_lruvec_state+0x1a7/0x360
[  126.056283][ T5833]  ? __lock_acquire+0x6b5/0x2cf0
[  126.056319][ T5833]  ? __lock_acquire+0x6b5/0x2cf0
[  126.056345][ T5833]  ? do_raw_spin_lock+0x12b/0x2f0
[  126.056373][ T5833]  ? do_raw_spin_unlock+0xf5/0x210
[  126.056391][ T5833]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  126.056414][ T5833]  do_writepages+0x32e/0x550
[  126.056447][ T5833]  ? do_raw_spin_unlock+0xf5/0x210
[  126.056469][ T5833]  filemap_fdatawrite+0x1e9/0x2f0
[  126.056495][ T5833]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  126.056561][ T5833]  ? do_raw_spin_unlock+0xf5/0x210
[  126.056583][ T5833]  f2fs_sync_dirty_inodes+0x30e/0x860
[  126.056621][ T5833]  f2fs_write_checkpoint+0x9cf/0x2680
[  126.056676][ T5833]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  126.056751][ T5833]  kill_f2fs_super+0x314/0x720
[  126.056780][ T5833]  ? __pfx_kill_f2fs_super+0x10/0x10
[  126.056816][ T5833]  ? lockdep_hardirqs_on+0x7a/0x110
[  126.056848][ T5833]  deactivate_locked_super+0xbc/0x130
[  126.056874][ T5833]  cleanup_mnt+0x437/0x4d0
[  126.056890][ T5833]  ? _raw_spin_unlock_irq+0x23/0x50
[  126.056911][ T5833]  task_work_run+0x1d9/0x270
[  126.056933][ T5833]  ? __pfx_task_work_run+0x10/0x10
[  126.056961][ T5833]  exit_to_user_mode_loop+0xed/0x480
[  126.056980][ T5833]  ? rcu_is_watching+0x15/0xb0
[  126.057007][ T5833]  do_syscall_64+0x32d/0xf80
[  126.057024][ T5833]  ? trace_irq_disable+0x3b/0x150
[  126.057047][ T5833]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.057064][ T5833]  ? clear_bhb_loop+0x40/0x90
[  126.057085][ T5833]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.057102][ T5833] RIP: 0033:0x7f532b99c117
[  126.057137][ T5833] Code: a2 c7 05 7c 94 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  126.057150][ T5833] RSP: 002b:00007fffd77b6d08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  126.057173][ T5833] RAX: 0000000000000000 RBX: 00007f532ba0471f RCX: 00007f532b99c117
[  126.057184][ T5833] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffd77b6dc0
[  126.057195][ T5833] RBP: 00007fffd77b6dc0 R08: 00007fffd77b7dc0 R09: 00000000ffffffff
[  126.057212][ T5833] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fffd77b7e50
[  126.057222][ T5833] R13: 00007f532ba0471f R14: 000000000001ebeb R15: 00007fffd77b7e90
[  126.057252][ T5833]  </TASK>
[  126.057259][ T5833] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  126.528645][ T7419] sp0: Synchronizing with TNC
[  126.558044][ T7418] [U] è
[  126.576884][ T7423] set_capacity_and_notify: 2 callbacks suppressed
[  126.576900][ T7423] loop0: detected capacity change from 0 to 1024
[  126.618995][ T7423] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  126.669759][ T7423] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  126.713927][ T7423] jbd2_journal_init_inode: Cannot locate journal superblock
[  126.756991][ T7423] EXT4-fs (loop0): Could not load journal inode
[  126.984987][ T7435] netlink: 36 bytes leftover after parsing attributes in process `syz.4.548'.
[  126.996145][ T7433] netlink: 28 bytes leftover after parsing attributes in process `syz.3.554'.
[  127.168211][ T7445] netlink: 8 bytes leftover after parsing attributes in process `syz.0.559'.
[  127.183830][ T7446] program syz.3.557 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  127.722858][ T7474] loop0: detected capacity change from 0 to 512
[  127.790039][ T7478] loop3: detected capacity change from 0 to 64
[  128.094135][ T7492] loop3: detected capacity change from 0 to 128
[  128.217646][ T7494] loop5: detected capacity change from 0 to 128
[  128.227181][ T7494] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  128.278561][ T7494] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  128.312478][ T7492] syz.3.579: attempt to access beyond end of device
[  128.312478][ T7492] loop3: rw=2049, sector=169, nr_sectors = 8 limit=128
[  128.379068][ T7492] syz.3.579: attempt to access beyond end of device
[  128.379068][ T7492] loop3: rw=2049, sector=185, nr_sectors = 16 limit=128
[  128.416981][ T7492] syz.3.579: attempt to access beyond end of device
[  128.416981][ T7492] loop3: rw=2049, sector=209, nr_sectors = 8 limit=128
[  128.440792][ T6929] FAT-fs (loop5): error, corrupted directory (invalid entries)
[  128.448840][ T6929] FAT-fs (loop5): Filesystem has been set read-only
[  128.452165][ T7499] loop4: detected capacity change from 0 to 2048
[  128.458468][ T6929] FAT-fs (loop5): error, corrupted directory (invalid entries)
[  128.462323][ T7492] syz.3.579: attempt to access beyond end of device
[  128.462323][ T7492] loop3: rw=2049, sector=225, nr_sectors = 8 limit=128
[  128.486834][ T7492] syz.3.579: attempt to access beyond end of device
[  128.486834][ T7492] loop3: rw=2049, sector=241, nr_sectors = 8 limit=128
[  128.502699][ T7492] syz.3.579: attempt to access beyond end of device
[  128.502699][ T7492] loop3: rw=2049, sector=257, nr_sectors = 8 limit=128
[  128.517576][ T7492] syz.3.579: attempt to access beyond end of device
[  128.517576][ T7492] loop3: rw=2049, sector=273, nr_sectors = 8 limit=128
[  128.531485][ T7492] syz.3.579: attempt to access beyond end of device
[  128.531485][ T7492] loop3: rw=2049, sector=289, nr_sectors = 8 limit=128
[  128.577149][ T7492] syz.3.579: attempt to access beyond end of device
[  128.577149][ T7492] loop3: rw=2049, sector=305, nr_sectors = 8 limit=128
[  128.615380][ T7499] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  128.633048][ T7499] ext4 filesystem being mounted at /129/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  128.658311][ T7505] netlink: 'syz.0.586': attribute type 1 has an invalid length.
[  128.674579][ T7505] netlink: 'syz.0.586': attribute type 7 has an invalid length.
[  128.682250][ T7505] netlink: 'syz.0.586': attribute type 8 has an invalid length.
[  128.694298][ T7505] netlink: 208 bytes leftover after parsing attributes in process `syz.0.586'.
[  128.728022][ T5833] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.031160][ T2948] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  129.042620][ T7513] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4)
[  129.049310][ T7513] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  129.144300][ T7513] vhci_hcd vhci_hcd.0: Device attached
[  129.225690][ T2948] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  129.274064][ T7522] netlink: 'syz.1.593': attribute type 2 has an invalid length.
[  129.284733][ T5830] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  129.296067][ T1212] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  129.311918][ T5830] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  129.322521][ T5830] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  129.350350][ T7529] process 'syz.1.597' launched './file0' with NULL argv: empty string added
[  129.359478][ T5830] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  129.368903][ T5830] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  129.369682][ T2948] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  129.376427][ T5880] usb 39-1: new low-speed USB device number 2 using vhci_hcd
[  129.467981][ T1212] usb 4-1: config 0 has no interfaces?
[  129.482662][ T1212] usb 4-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5
[  129.525173][ T1212] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.543680][ T1212] usb 4-1: config 0 descriptor??
[  129.551349][ T2948] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  129.616362][ T7534] loop4: detected capacity change from 0 to 256
[  129.782963][ T7534] FAT-fs (loop4): Directory bread(block 64) failed
[  129.790295][ T7514] vhci_hcd: connection closed
[  129.791140][ T1212] usb 4-1: USB disconnect, device number 5
[  129.803358][ T7534] FAT-fs (loop4): Directory bread(block 65) failed
[  129.804867][   T35] vhci_hcd vhci_hcd.3: stop threads
[  129.824795][ T7534] FAT-fs (loop4): Directory bread(block 66) failed
[  129.831343][ T7534] FAT-fs (loop4): Directory bread(block 67) failed
[  129.863464][   T35] vhci_hcd vhci_hcd.3: release socket
[  129.878824][   T35] vhci_hcd vhci_hcd.3: disconnect device
[  129.885899][ T7542] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  129.902181][ T7534] FAT-fs (loop4): Directory bread(block 68) failed
[  129.914563][ T5880] usb 39-1: device descriptor read/64, error -71
[  129.925568][ T7534] FAT-fs (loop4): Directory bread(block 69) failed
[  129.955842][ T7534] FAT-fs (loop4): Directory bread(block 70) failed
[  129.962577][ T7534] FAT-fs (loop4): Directory bread(block 71) failed
[  130.019504][ T7534] FAT-fs (loop4): Directory bread(block 72) failed
[  130.041439][ T7534] FAT-fs (loop4): Directory bread(block 73) failed
[  130.111179][ T5880] vhci_hcd vhci_hcd.3: vhci_device speed not set
[  130.191678][ T7524] chnl_net:caif_netlink_parms(): no params data found
[  130.366857][ T2948] bridge_slave_1: left allmulticast mode
[  130.378103][ T2948] bridge_slave_1: left promiscuous mode
[  130.388325][ T7562] loop1: detected capacity change from 0 to 512
[  130.395358][ T2948] bridge0: port 2(bridge_slave_1) entered disabled state
[  130.412998][ T2948] bridge_slave_0: left allmulticast mode
[  130.450992][ T7562] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  130.464533][   T24] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  130.472124][ T2948] bridge_slave_0: left promiscuous mode
[  130.493616][ T2948] bridge0: port 1(bridge_slave_0) entered disabled state
[  130.517486][ T7568] netlink: 'syz.4.608': attribute type 2 has an invalid length.
[  130.540863][ T7562] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.555803][ T7568] netlink: 14 bytes leftover after parsing attributes in process `syz.4.608'.
[  130.584689][ T7562] ext4 filesystem being mounted at /132/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  130.632268][   T29] audit: type=1800 audit(1770057612.349:27): pid=7562 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.606" name="file2" dev="loop1" ino=16 res=0 errno=0
[  130.656164][   T24] usb 1-1: Using ep0 maxpacket: 32
[  130.671510][   T24] usb 1-1: config index 0 descriptor too short (expected 35577, got 27)
[  130.697098][ T5819] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.701126][   T24] usb 1-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  130.714877][   T24] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 92
[  130.733061][   T24] usb 1-1: config 1 has no interface number 0
[  130.740383][   T24] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  130.782625][   T24] usb 1-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  130.843619][   T24] usb 1-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  130.869983][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  130.937130][   T24] snd_usb_pod 1-1:1.1: Line 6 Pocket POD found
[  131.143418][   T24] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now attached
[  131.289118][ T2948] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  131.309035][ T2948] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  131.331378][ T2948] bond0 (unregistering): Released all slaves
[  131.460199][ T5830] Bluetooth: hci3: command tx timeout
[  131.587976][   T10] usb 1-1: USB disconnect, device number 6
[  131.617770][   T10] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now disconnected
[  132.013891][ T7598] loop4: detected capacity change from 0 to 2048
[  132.028724][ T7524] bridge0: port 1(bridge_slave_0) entered blocking state
[  132.045478][ T7524] bridge0: port 1(bridge_slave_0) entered disabled state
[  132.061858][ T7524] bridge_slave_0: entered allmulticast mode
[  132.079814][ T7598] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  132.106975][ T7524] bridge_slave_0: entered promiscuous mode
[  132.141618][ T7524] bridge0: port 2(bridge_slave_1) entered blocking state
[  132.214795][ T7524] bridge0: port 2(bridge_slave_1) entered disabled state
[  132.222111][ T7524] bridge_slave_1: entered allmulticast mode
[  132.287743][ T7524] bridge_slave_1: entered promiscuous mode
[  132.367650][ T5833] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1315: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  132.388575][ T7609] Bluetooth: hci5: received HCILL_GO_TO_SLEEP_ACK in state 2
[  132.434790][ T2948] hsr_slave_0: left promiscuous mode
[  132.444112][ T5833] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.465555][ T2948] hsr_slave_1: left promiscuous mode
[  132.484201][ T2948] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  132.514168][ T2948] batman_adv: batadv0: Removing interface: batadv_slave_0
[  132.556285][ T2948] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  132.579458][ T2948] batman_adv: batadv0: Removing interface: batadv_slave_1
[  132.639967][   T24] kernel read not supported for file /media2 (pid: 24 comm: kworker/1:0)
[  132.645612][ T2948] veth1_macvtap: left promiscuous mode
[  132.656916][ T2948] veth0_macvtap: left promiscuous mode
[  132.662611][ T2948] veth1_vlan: left promiscuous mode
[  132.669782][ T2948] veth0_vlan: left promiscuous mode
[  132.734867][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  132.741275][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  132.815615][ T7622] loop3: detected capacity change from 0 to 4096
[  132.837253][ T7622] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512).
[  132.856483][ T7622] ntfs3(loop3): RAW NTFS volume: Filesystem size 0.00 Gb > volume size 0.00 Gb. Mount in read-only.
[  132.901836][ T7622] ntfs3(loop3): ino=19, mi_enum_attr
[  132.939107][ T7622] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  132.962160][ T7622] ntfs3(loop3): ino=20, mi_enum_attr
[  133.262060][ T7627] sctp: [Deprecated]: syz.3.623 (pid 7627) Use of struct sctp_assoc_value in delayed_ack socket option.
[  133.262060][ T7627] Use struct sctp_sack_info instead
[  133.374000][ T7623] loop4: detected capacity change from 0 to 32768
[  133.401263][ T7623] XFS (loop4): DAX unsupported by block device. Turning off DAX.
[  133.419938][ T7623] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  133.460508][ T7623] XFS (loop4): Ending clean mount
[  133.473932][ T7623] XFS (loop4): Quotacheck needed: Please wait.
[  133.513003][ T7623] XFS (loop4): Quotacheck: Done.
[  133.535233][ T5825] Bluetooth: hci3: command tx timeout
[  133.621539][ T5833] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  133.783470][ T7629] loop3: detected capacity change from 0 to 32768
[  133.831882][ T7629] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  133.899628][ T7629] XFS (loop3): Ending clean mount
[  133.936424][ T7629] XFS (loop3): Quotacheck needed: Please wait.
[  133.961852][ T2948] team0 (unregistering): Port device team_slave_1 removed
[  133.991309][ T7629] XFS (loop3): Quotacheck: Done.
[  134.071180][ T5818] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  134.080326][ T2948] team0 (unregistering): Port device team_slave_0 removed
[  134.117231][ T7652] loop4: detected capacity change from 0 to 512
[  134.137088][ T7652] EXT4-fs: Ignoring removed nomblk_io_submit option
[  134.184109][ T7652] EXT4-fs error (device loop4): ext4_iget_extra_inode:5052: inode #15: comm syz.4.628: corrupted in-inode xattr: e_value size too large
[  134.261297][ T7652] loop4: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  134.268607][    C0] EXT4-fs (loop4): error count since last fsck: 1
[  134.284213][    C0] EXT4-fs (loop4): initial error at time 1770057615: ext4_iget_extra_inode:5052: inode 15
[  134.294164][    C0] EXT4-fs (loop4): last error at time 1770057615: ext4_iget_extra_inode:5052: inode 15
[  134.307594][ T7652] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.628: couldn't read orphan inode 15 (err -117)
[  134.325277][ T7652] loop4: lost filesystem error report for type 5 error -117
[  134.327278][ T7652] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  134.405260][ T5830] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  134.438668][ T5833] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.580849][ T7662] mmap: syz.1.631 (7662) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  134.784770][ T1212] usb 4-1: new full-speed USB device number 6 using dummy_hcd
[  134.892180][ T7524] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  134.916984][ T7524] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  134.966974][ T1212] usb 4-1: unable to get BOS descriptor or descriptor too short
[  134.978469][ T1212] usb 4-1: not running at top speed; connect to a high speed hub
[  134.995269][ T1212] usb 4-1: config 1 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  135.008903][ T1212] usb 4-1: config 1 interface 0 has no altsetting 0
[  135.019633][ T1212] usb 4-1: New USB device found, idVendor=046d, idProduct=c087, bcdDevice= 0.40
[  135.032761][ T1212] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  135.063082][ T1212] usb 4-1: Product: syz
[  135.087512][ T1212] usb 4-1: Manufacturer: syz
[  135.092139][ T1212] usb 4-1: SerialNumber: syz
[  135.122972][ T7524] team0: Port device team_slave_0 added
[  135.143455][ T7524] team0: Port device team_slave_1 added
[  135.191920][ T7668] loop4: detected capacity change from 0 to 512
[  135.253675][ T7524] batman_adv: batadv0: Adding interface: batadv_slave_0
[  135.291126][ T7524] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  135.319869][ T7668] EXT4-fs (loop4): 1 orphan inode deleted
[  135.327650][ T7668] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.347880][ T7524] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  135.360880][ T7668] ext4 filesystem being mounted at /142/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  135.367180][ T1212] usbhid 4-1:1.0: can't add hid device: -71
[  135.372324][ T3026] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  135.381222][ T7524] batman_adv: batadv0: Adding interface: batadv_slave_1
[  135.394257][ T1212] usbhid 4-1:1.0: probe with driver usbhid failed with error -71
[  135.422153][ T7524] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  135.433013][ T3026] EXT4-fs error (device loop4): ext4_release_dquot:7042: comm kworker/u8:8: Failed to release dquot type 1
[  135.452324][ T1212] usb 4-1: USB disconnect, device number 6
[  135.519567][ T7677] loop1: detected capacity change from 0 to 512
[  135.522565][ T7524] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  135.604645][ T5830] Bluetooth: hci3: command tx timeout
[  135.620948][ T7524] hsr_slave_0: entered promiscuous mode
[  135.629086][ T7524] hsr_slave_1: entered promiscuous mode
[  135.649667][ T7524] debugfs: 'hsr0' already exists in 'hsr'
[  135.655705][ T7524] Cannot create hsr debugfs directory
[  135.666629][ T7677] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.634: Invalid inode bitmap blk 4 in block_group 0
[  135.715086][ T7677] loop1: lost filesystem error report for type 5 error -117
[  135.718083][ T5833] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.734441][    C1] EXT4-fs (loop1): error count since last fsck: 1
[  135.734462][    C1] EXT4-fs (loop1): initial error at time 1770057617: ext4_read_inode_bitmap:139
[  135.734484][    C1] EXT4-fs (loop1): last error at time 1770057617: ext4_read_inode_bitmap:139
[  135.784325][ T7677] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.968648][ T5819] EXT4-fs error (device loop1): ext4_readdir:265: inode #11: block 20: comm syz-executor: path /138/file0/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=393216, rec_len=1024, size=1024 fake=0
[  136.033826][ T5819] EXT4-fs error (device loop1): ext4_empty_dir:3118: inode #11: block 20: comm syz-executor: bad entry in directory: inode out of bounds - offset=6144, inode=393216, rec_len=1024, size=1024 fake=0
[  136.099796][ T5819] EXT4-fs error (device loop1): ext4_readdir:265: inode #11: block 20: comm syz-executor: path /138/file0/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=393216, rec_len=1024, size=1024 fake=0
[  136.177392][ T5819] EXT4-fs error (device loop1): ext4_empty_dir:3118: inode #11: block 20: comm syz-executor: bad entry in directory: inode out of bounds - offset=6144, inode=393216, rec_len=1024, size=1024 fake=0
[  136.250052][ T5819] EXT4-fs error (device loop1): ext4_readdir:265: inode #11: block 20: comm syz-executor: path /138/file0/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=393216, rec_len=1024, size=1024 fake=0
[  136.345917][ T5819] EXT4-fs error (device loop1): ext4_empty_dir:3118: inode #11: block 20: comm syz-executor: bad entry in directory: inode out of bounds - offset=6144, inode=393216, rec_len=1024, size=1024 fake=0
[  136.406642][ T5819] EXT4-fs error (device loop1): ext4_readdir:265: inode #11: block 20: comm syz-executor: path /138/file0/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=393216, rec_len=1024, size=1024 fake=0
[  136.495143][ T5819] EXT4-fs error (device loop1): ext4_empty_dir:3118: inode #11: block 20: comm syz-executor: bad entry in directory: inode out of bounds - offset=6144, inode=393216, rec_len=1024, size=1024 fake=0
[  136.585931][ T5819] EXT4-fs error (device loop1): ext4_readdir:265: inode #11: block 20: comm syz-executor: path /138/file0/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=393216, rec_len=1024, size=1024 fake=0
[  136.627975][ T7524] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  136.685103][ T5819] EXT4-fs error (device loop1): ext4_empty_dir:3118: inode #11: block 20: comm syz-executor: bad entry in directory: inode out of bounds - offset=6144, inode=393216, rec_len=1024, size=1024 fake=0
[  136.686760][ T7697] loop3: detected capacity change from 0 to 32768
[  136.755833][ T7697] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  136.759633][ T7524] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  136.764196][ T7697] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  136.811236][ T7697] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[  136.830440][ T5880] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  136.838028][ T5880] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  136.864320][ T7524] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  136.920863][ T5880] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 82ms
[  136.930226][ T5880] gfs2: fsid=syz:syz.0: jid=0: Done
[  136.939806][ T7697] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  136.960182][ T7524] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  137.169551][ T7687] loop4: detected capacity change from 0 to 32768
[  137.271270][ T7687] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  137.355382][ T7700] loop0: detected capacity change from 0 to 32768
[  137.376444][ T7700] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.641 (7700)
[  137.468464][ T7687] XFS (loop4): Ending clean mount
[  137.479848][ T7700] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  137.502446][ T7700] BTRFS info (device loop0): using crc32c checksum algorithm
[  137.541872][ T7687] XFS (loop4): Quotacheck needed: Please wait.
[  137.666360][ T7687] XFS (loop4): Quotacheck: Done.
[  137.684955][ T5830] Bluetooth: hci3: command tx timeout
[  137.695317][ T7700] BTRFS info (device loop0): turning off barriers
[  137.701768][ T7700] BTRFS info (device loop0): turning on async discard
[  137.711389][ T7524] 8021q: adding VLAN 0 to HW filter on device bond0
[  137.776500][ T7700] BTRFS info (device loop0): enabling free space tree
[  137.783319][ T7700] BTRFS info (device loop0): use zstd compression, level 3
[  137.842447][ T7524] 8021q: adding VLAN 0 to HW filter on device team0
[  137.900606][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[  137.907827][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[  137.954570][ T5833] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  137.992382][ T2948] bridge0: port 2(bridge_slave_1) entered blocking state
[  137.999608][ T2948] bridge0: port 2(bridge_slave_1) entered forwarding state
[  138.139696][ T5817] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  138.329505][ T5819] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.606955][   T35] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.839278][ T7761] netlink: 16 bytes leftover after parsing attributes in process `syz.0.647'.
[  138.861657][ T7762] loop4: detected capacity change from 0 to 8
[  138.906906][   T35] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.918314][ T7762] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  139.026145][ T7761] netlink: 16 bytes leftover after parsing attributes in process `syz.0.647'.
[  139.148967][ T5825] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  139.159178][ T5825] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  139.176016][ T5825] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  139.196719][ T5825] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  139.217323][ T5825] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  139.254760][ T7774] loop0: detected capacity change from 0 to 2048
[  139.282822][   T35] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  139.332919][ T7778] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  139.430125][ T7780] loop3: detected capacity change from 0 to 2048
[  139.493416][ T7780] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  139.557606][ T5837] udevd[5837]: incorrect nilfs2 checksum on /dev/loop3
[  139.579166][ T7788] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  139.630999][   T35] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  139.661040][   T29] audit: type=1800 audit(1770057621.379:28): pid=7780 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.652" name="file1" dev="loop3" ino=15 res=0 errno=0
[  139.661831][ T7792] NILFS (loop3): DAT doesn't have a block to manage vblocknr = 3044605952
[  139.736298][ T7792] NILFS error (device loop3): nilfs_bmap_truncate: broken bmap (inode number=15)
[  139.793043][ T7792] Remounting filesystem read-only
[  139.804486][ T7792] NILFS (loop3): error -5 truncating bmap (ino=15)
[  140.005638][ T7524] 8021q: adding VLAN 0 to HW filter on device batadv0
[  140.052798][ T5818] NILFS (loop3): disposed unprocessed dirty file(s) when detaching log writer
[  140.497321][   T35] bridge_slave_1: left allmulticast mode
[  140.502994][   T35] bridge_slave_1: left promiscuous mode
[  140.565695][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  140.601532][   T35] bridge_slave_0: left allmulticast mode
[  140.617664][   T35] bridge_slave_0: left promiscuous mode
[  140.636277][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  140.671782][   T35] tipc: Resetting bearer <eth:xfrm0>
[  140.751384][ T7809] loop3: detected capacity change from 0 to 32768
[  140.826436][ T7809] JBD2: Ignoring recovery information on journal
[  140.898959][ T7809] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  141.107682][   T35] tipc: Disabling bearer <eth:xfrm0>
[  141.166258][ T5818] ocfs2: Unmounting device (7,3) on (node local)
[  141.287845][ T5825] Bluetooth: hci2: command tx timeout
[  141.491879][ T7837] loop3: detected capacity change from 0 to 256
[  141.519738][ T7837] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  141.567803][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  141.597163][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  141.620968][   T35] bond0 (unregistering): Released all slaves
[  141.735300][ T7841] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  141.818284][   T35] tipc: Left network mode
[  141.864230][ T7768] chnl_net:caif_netlink_parms(): no params data found
[  141.995472][ T7847] erspan0: entered promiscuous mode
[  142.414077][ T7850] loop0: detected capacity change from 0 to 32768
[  142.444860][ T7850] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.663 (7850)
[  142.540523][ T7850] BTRFS info (device loop0): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  142.572868][ T7850] BTRFS info (device loop0): using blake2b checksum algorithm
[  142.666725][ T7850] BTRFS info (device loop0): enabling ssd optimizations
[  142.684500][ T7850] BTRFS info (device loop0): turning on async discard
[  142.691296][ T7850] BTRFS info (device loop0): enabling free space tree
[  142.714490][ T7850] BTRFS info (device loop0): use zstd compression, level 3
[  142.785670][ T7768] bridge0: port 1(bridge_slave_0) entered blocking state
[  142.799908][ T7768] bridge0: port 1(bridge_slave_0) entered disabled state
[  142.804699][  T794] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  142.808437][ T7768] bridge_slave_0: entered allmulticast mode
[  142.836481][ T7768] bridge_slave_0: entered promiscuous mode
[  142.883582][ T7768] bridge0: port 2(bridge_slave_1) entered blocking state
[  142.892860][ T7768] bridge0: port 2(bridge_slave_1) entered disabled state
[  142.901546][ T7768] bridge_slave_1: entered allmulticast mode
[  142.910262][ T7768] bridge_slave_1: entered promiscuous mode
[  142.963901][   T35] hsr_slave_0: left promiscuous mode
[  142.986004][ T5817] BTRFS info (device loop0): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  143.011311][   T35] hsr_slave_1: left promiscuous mode
[  143.014705][  T794] usb 4-1: Using ep0 maxpacket: 16
[  143.032389][  T794] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  143.042698][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  143.062634][  T794] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  143.073888][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  143.088251][  T794] usb 4-1: New USB device found, idVendor=17ef, idProduct=7309, bcdDevice= 0.00
[  143.117614][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  143.124681][  T794] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  143.146335][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  143.167876][  T794] usb 4-1: config 0 descriptor??
[  143.192257][  T794] hub 4-1:0.0: USB hub found
[  143.302969][   T35] veth1_macvtap: left promiscuous mode
[  143.303697][ T7904] loop4: detected capacity change from 0 to 128
[  143.321161][   T35] veth0_macvtap: left promiscuous mode
[  143.331381][   T35] veth1_vlan: left promiscuous mode
[  143.344556][   T35] veth0_vlan: left promiscuous mode
[  143.362738][ T7904] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  143.364523][ T5825] Bluetooth: hci2: command tx timeout
[  143.393248][  T794] hub 4-1:0.0: 7 ports detected
[  143.405306][  T794] hub 4-1:0.0: insufficient power available to use all downstream ports
[  143.452239][ T7904] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  143.586046][  T794] hub 4-1:0.0: hub_hub_status failed (err = -71)
[  143.592745][  T794] hub 4-1:0.0: config failed, can't get hub status (err -71)
[  143.665584][  T794] usb 4-1: USB disconnect, device number 7
[  144.104755][ T7906] loop0: detected capacity change from 0 to 32768
[  144.115894][ T7906] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.676 (7906)
[  144.135869][ T7906] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  144.147806][ T7906] BTRFS info (device loop0): using sha256 checksum algorithm
[  144.251758][ T7922] netlink: 152 bytes leftover after parsing attributes in process `syz.3.679'.
[  144.286110][ T7906] BTRFS info (device loop0): rebuilding free space tree
[  144.354712][ T7906] BTRFS info (device loop0): disabling free space tree
[  144.374913][ T7906] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  144.413710][ T7906] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  144.453625][ T7906] BTRFS info (device loop0): setting nodatasum
[  144.459976][ T7906] BTRFS info (device loop0): setting nodatacow
[  144.470881][ T7906] BTRFS info (device loop0): turning off barriers
[  144.495324][ T7906] BTRFS info (device loop0): force clearing of disk cache
[  144.654352][   T35] team0 (unregistering): Port device team_slave_1 removed
[  144.766041][   T35] team0 (unregistering): Port device team_slave_0 removed
[  144.878414][ T5817] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  145.102787][ T7934] loop0: detected capacity change from 0 to 2048
[  145.160955][ T7934] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  145.191643][ T7934] ext4 filesystem being mounted at /143/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  145.321064][ T7938] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.681: bg 0: block 345: padding at end of block bitmap is not set
[  145.337306][ T7938] EXT4-fs (loop0): Remounting filesystem read-only
[  145.357130][ T3488] EXT4-fs warning (device loop0): ext4_convert_unwritten_extents:5039: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[  145.394337][ T7524] veth0_vlan: entered promiscuous mode
[  145.451648][ T5825] Bluetooth: hci2: command tx timeout
[  145.470058][ T7768] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  145.491296][ T7768] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  145.546901][ T5817] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.621936][ T7524] veth1_vlan: entered promiscuous mode
[  145.643443][ T7768] team0: Port device team_slave_0 added
[  145.669192][ T7768] team0: Port device team_slave_1 added
[  145.832986][ T7768] batman_adv: batadv0: Adding interface: batadv_slave_0
[  145.854916][ T7942] loop4: detected capacity change from 0 to 8192
[  145.869712][ T7768] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  145.991707][ T7768] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  146.065025][ T7768] batman_adv: batadv0: Adding interface: batadv_slave_1
[  146.072030][ T7768] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  146.168590][ T7768] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  146.300713][ T7524] veth0_macvtap: entered promiscuous mode
[  146.359582][ T7768] hsr_slave_0: entered promiscuous mode
[  146.389797][ T7768] hsr_slave_1: entered promiscuous mode
[  146.414808][ T7963] loop4: detected capacity change from 0 to 4096
[  146.423324][ T7768] debugfs: 'hsr0' already exists in 'hsr'
[  146.455646][ T7768] Cannot create hsr debugfs directory
[  146.499557][ T7524] veth1_macvtap: entered promiscuous mode
[  146.512103][ T7971] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  146.575152][ T7963] NILFS error (device loop4): nilfs_check_folio: bad entry in directory #2: rec_len is smaller than minimal - offset=4096, inode=0, rec_len=0, name_len=0
[  146.632476][ T7963] Remounting filesystem read-only
[  146.690263][ T7963] NILFS error (device loop4): nilfs_readdir: bad page in #2
[  146.761918][ T7524] batman_adv: batadv0: Interface activated: batadv_slave_0
[  146.834132][ T7524] batman_adv: batadv0: Interface activated: batadv_slave_1
[  146.853228][ T7975] loop0: detected capacity change from 0 to 1024
[  147.013839][ T7975] hfsplus: inconsistency in B*Tree (31095,1,255,1,0)
[  147.036367][ T7975] hfsplus: xattr search failed
[  147.066957][ T7979] io-wq is not configured for unbound workers
[  147.073487][   T35] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  147.128405][   T35] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  147.232074][   T35] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  147.270499][   T35] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  147.524908][ T5825] Bluetooth: hci2: command tx timeout
[  147.590959][ T7768] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  147.602491][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  147.615735][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  147.634993][ T7768] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  147.676999][ T7768] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  147.711181][ T7768] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  147.798170][ T8000] loop4: detected capacity change from 0 to 2048
[  147.838825][ T8000] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a842c128, mo2=0003]
[  147.862542][ T3488] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  147.872907][ T8000] System zones: 0-7
[  147.883038][ T3488] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  147.901883][ T8000] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  148.042057][ T8000] EXT4-fs error (device loop4): ext4_find_extent:941: inode #2: comm syz.4.698: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  148.114842][ T8000] EXT4-fs (loop4): Remounting filesystem read-only
[  148.281850][ T7768] 8021q: adding VLAN 0 to HW filter on device bond0
[  148.286377][ T5833] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.381183][ T7768] 8021q: adding VLAN 0 to HW filter on device team0
[  148.449066][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[  148.456297][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[  148.486896][ T8025] loop6: detected capacity change from 0 to 4096
[  148.570220][ T8025] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512).
[  148.574281][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[  148.586367][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[  148.654177][ T8039] loop3: detected capacity change from 0 to 1024
[  148.678168][ T8039] EXT4-fs (loop3): stripe (32769) is not aligned with cluster size (16), stripe is disabled
[  148.808363][   T29] audit: type=1800 audit(1770057630.529:29): pid=8046 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.592" name="file2" dev="loop6" ino=31 res=0 errno=0
[  148.815963][ T8039] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  149.038241][ T5818] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.514017][ T7768] 8021q: adding VLAN 0 to HW filter on device batadv0
[  149.704700][ T1212] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  149.880354][ T8052] loop4: detected capacity change from 0 to 32768
[  149.884494][ T1212] usb 4-1: Using ep0 maxpacket: 32
[  149.908134][ T1212] usb 4-1: config 0 has an invalid interface number: 184 but max is 0
[  149.935241][ T1212] usb 4-1: config 0 has no interface number 0
[  149.967633][ T1212] usb 4-1: config 0 interface 184 has no altsetting 0
[  149.973426][ T8052] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  149.998323][ T1212] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  150.008017][ T1212] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  150.031602][ T1212] usb 4-1: Product: syz
[  150.035864][ T1212] usb 4-1: Manufacturer: syz
[  150.040551][ T1212] usb 4-1: SerialNumber: syz
[  150.047835][ T1212] usb 4-1: config 0 descriptor??
[  150.113486][ T8052] XFS (loop4): Ending clean mount
[  150.147213][ T7768] veth0_vlan: entered promiscuous mode
[  150.203166][ T7768] veth1_vlan: entered promiscuous mode
[  150.331792][ T8070] loop6: detected capacity change from 0 to 32768
[  150.457425][ T5833] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  150.464121][ T7768] veth0_macvtap: entered promiscuous mode
[  150.507585][ T7768] veth1_macvtap: entered promiscuous mode
[  150.610777][ T8070] ERROR: (device loop6): dbFindCtl: Corrupt dmapctl page
[  150.610777][ T8070] 
[  150.631443][ T7768] batman_adv: batadv0: Interface activated: batadv_slave_0
[  150.667794][ T8070] ERROR: (device loop6): remounting filesystem as read-only
[  150.728519][ T7768] batman_adv: batadv0: Interface activated: batadv_slave_1
[  150.736758][ T8070] jfs_mkdir: dtInsert returned -EIO
[  150.742284][ T8070] ERROR: (device loop6): jfs_mkdir: 
[  150.742284][ T8070] 
[  150.840359][ T3488] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  150.876518][ T3488] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  150.894645][ T1212] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -71
[  150.910000][ T8070] ERROR: (device loop6): dbFindCtl: Corrupt dmapctl page
[  150.910000][ T8070] 
[  150.924521][ T3488] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  150.934890][ T1212] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  150.970954][ T1212] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  151.014672][ T3488] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  151.032626][ T1212] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  151.096022][ T1212] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  151.119768][ T1212] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  151.154535][ T1212] smsc75xx 4-1:0.184: probe with driver smsc75xx failed with error -71
[  151.180658][ T1212] usb 4-1: USB disconnect, device number 8
[  151.254049][ T3026] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  151.284963][ T3026] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  151.352559][ T3026] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  151.388089][ T3026] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  152.482223][ T8155] loop4: detected capacity change from 0 to 64
[  152.653060][ T8160] netlink: 40 bytes leftover after parsing attributes in process `syz.3.735'.
[  152.782000][   T49] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  152.881535][ T8166] loop3: detected capacity change from 0 to 65
[  152.934166][ T8166] BFS-fs: bfs_fill_super(): NOTE: filesystem loop3 was created with 512 inodes, the real maximum is 511, mounting anyway
[  153.003233][ T8166] BFS-fs: bfs_iget(): Unknown vtype=458754 loop3:00000002
[  153.194492][ T3094] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  153.372920][ T3094] usb 1-1: Using ep0 maxpacket: 16
[  153.397062][ T3094] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  153.427164][ T3094] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  153.469789][ T3094] usb 1-1: New USB device found, idVendor=054c, idProduct=05c4, bcdDevice= 0.00
[  153.501105][ T3094] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  153.532564][ T3094] usb 1-1: config 0 descriptor??
[  153.873169][ T8195] loop4: detected capacity change from 0 to 4096
[  153.964542][ T8195] ntfs3(loop4): Different NTFS sector size (1024) and media sector size (512).
[  154.031743][ T3094] playstation 0003:054C:05C4.0007: hidraw0: USB HID v0.00 Device [HID 054c:05c4] on usb-dummy_hcd.0-1/input0
[  154.188463][ T3094] playstation 0003:054C:05C4.0007: Invalid byte count transferred, expected 16 got 0
[  154.208336][ T3094] playstation 0003:054C:05C4.0007: Failed to retrieve DualShock4 pairing info: -22
[  154.276205][ T3094] playstation 0003:054C:05C4.0007: Failed to get MAC address from DualShock4
[  154.290165][ T8195] ntfs3(loop4): ino=1d, mi_enum_attr
[  154.307056][ T8195] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  154.321371][ T3094] playstation 0003:054C:05C4.0007: Failed to create dualshock4.
[  154.355026][ T8195] ntfs3(loop4): ino=1d, mi_enum_attr
[  154.369751][ T8195] ntfs3(loop4): ino=1d, mi_enum_attr
[  154.378983][ T3094] playstation 0003:054C:05C4.0007: probe with driver playstation failed with error -22
[  154.430369][ T3094] usb 1-1: USB disconnect, device number 7
[  154.748433][ T8200] loop3: detected capacity change from 0 to 32768
[  154.784723][ T8200] XFS (loop3): Mounting V5 filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 in no-recovery mode. Filesystem will be inconsistent.
[  154.846777][ T8200] XFS (loop3): ro->rw transition prohibited on norecovery mount
[  154.915381][ T8230] loop6: detected capacity change from 0 to 128
[  154.961604][ T5818] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  155.299465][ T8236] loop6: detected capacity change from 0 to 2048
[  155.368504][ T8239] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  155.483757][   T29] audit: type=1800 audit(1770057637.199:30): pid=8241 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.759" name="file1" dev="loop6" ino=15 res=0 errno=0
[  155.637213][ T8249] kvm: kvm [8248]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010004) = 0x5
[  155.752448][ T8254] netlink: 'syz.7.765': attribute type 11 has an invalid length.
[  155.774486][ T8254] netlink: 20 bytes leftover after parsing attributes in process `syz.7.765'.
[  155.820317][ T8254] bond0: option primary: mode dependency failed, not supported in mode balance-rr(0)
[  156.276421][ T8267] loop0: detected capacity change from 0 to 32768
[  156.389121][ T8267] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  156.448702][ T8276] sch_tbf: burst 20480 is lower than device lo mtu (65550) !
[  156.495564][ T8267] XFS (loop0): Metadata corruption detected at xfs_dinode_verify+0x1a9/0x1590, inode 0x2441 dinode
[  156.506487][ T8267] XFS (loop0): Unmount and run xfs_repair
[  156.512209][ T8267] XFS (loop0): First 128 bytes of corrupted metadata buffer:
[  156.519708][ T8267] 00000000: 49 4e 80 00 03 02 00 00 00 00 00 00 00 00 00 00  IN..............
[  156.528782][ T8267] 00000010: 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  156.537695][ T8267] 00000020: 1d cd 65 00 00 00 00 00 34 f7 58 68 80 32 be 88  ..e.....4.Xh.2..
[  156.546680][ T8267] 00000030: 34 f7 58 68 80 32 be 88 00 00 00 00 00 00 00 00  4.Xh.2..........
[  156.555576][ T8267] 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  156.564448][ T8267] 00000050: 00 00 00 02 00 00 00 00 00 91 00 04 00 00 00 00  ................
[  156.574542][ T8267] 00000060: ff ff ff ff 52 7a c8 f1 00 00 00 00 00 00 00 02  ....Rz..........
[  156.584238][ T8267] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08  ................
[  156.593138][ T8267] loop0: lost file I/O error report for ino 0 type 5 pos 0x0 len 0x0 error -117
[  156.593268][ T8267] XFS (loop0): metadata inode 0x2441 type 5 is corrupt
[  156.609213][ T8267] loop0: lost filesystem error report for type 5 error -117
[  156.609259][ T8267] loop0: lost filesystem error report for type 5 error -117
[  156.616625][ T8267] XFS (loop0): failed to read RT inodes
[  156.632467][ T8267] XFS (loop0): Uncorrected metadata errors detected; please run xfs_repair.
[  156.963225][ T8268] loop7: detected capacity change from 0 to 131072
[  156.988715][ T8268] F2FS-fs (loop7): invalid crc value
[  157.131136][ T8290] netlink: 60 bytes leftover after parsing attributes in process `syz.3.777'.
[  157.183912][ T8268] F2FS-fs (loop7): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  157.197432][ T8268] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e4
[  157.259476][ T8268] F2FS-fs (loop7): access invalid blkaddr:36
[  157.265980][ T8268] CPU: 1 UID: 0 PID: 8268 Comm: syz.7.772 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  157.266008][ T8268] Tainted: [L]=SOFTLOCKUP
[  157.266016][ T8268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  157.266027][ T8268] Call Trace:
[  157.266035][ T8268]  <TASK>
[  157.266042][ T8268]  dump_stack_lvl+0xe8/0x150
[  157.266074][ T8268]  __f2fs_is_valid_blkaddr+0xe52/0x14f0
[  157.266116][ T8268]  f2fs_get_read_data_folio+0x699/0xa60
[  157.266149][ T8268]  ? __pfx_f2fs_get_read_data_folio+0x10/0x10
[  157.266178][ T8268]  ? __filemap_get_folio_mpol+0x9b0/0xb00
[  157.266203][ T8268]  ? f2fs_empty_dir+0x160/0x370
[  157.266229][ T8268]  f2fs_find_data_folio+0x3a6/0x6a0
[  157.266257][ T8268]  f2fs_empty_dir+0x160/0x370
[  157.266286][ T8268]  ? __pfx_f2fs_empty_dir+0x10/0x10
[  157.266308][ T8268]  ? down_write+0x16d/0x200
[  157.266330][ T8268]  ? __pfx_down_write+0x10/0x10
[  157.266363][ T8268]  f2fs_rmdir+0x3f/0x70
[  157.266385][ T8268]  vfs_rmdir+0x3fd/0x6e0
[  157.266414][ T8268]  filename_rmdir+0x292/0x520
[  157.266441][ T8268]  ? __pfx_filename_rmdir+0x10/0x10
[  157.266470][ T8268]  ? do_getname+0x151/0x250
[  157.266495][ T8268]  __se_sys_rmdir+0x2e/0x140
[  157.266520][ T8268]  do_syscall_64+0x14d/0xf80
[  157.266539][ T8268]  ? trace_irq_disable+0x3b/0x150
[  157.266566][ T8268]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.266584][ T8268]  ? clear_bhb_loop+0x40/0x90
[  157.266608][ T8268]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.266627][ T8268] RIP: 0033:0x7f668879aeb9
[  157.266646][ T8268] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  157.266662][ T8268] RSP: 002b:00007f66895dc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000054
[  157.266683][ T8268] RAX: ffffffffffffffda RBX: 00007f6688a15fa0 RCX: 00007f668879aeb9
[  157.266697][ T8268] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000280
[  157.266710][ T8268] RBP: 00007f6688808c1f R08: 0000000000000000 R09: 0000000000000000
[  157.266722][ T8268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  157.266733][ T8268] R13: 00007f6688a16038 R14: 00007f6688a15fa0 R15: 00007ffc08a8b308
[  157.266765][ T8268]  </TASK>
[  157.702214][ T8304] netlink: 12 bytes leftover after parsing attributes in process `syz.4.784'.
[  157.727627][ T8302] loop3: detected capacity change from 0 to 256
[  157.775225][ T8302] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  157.829272][ T8302] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  157.881584][ T8310] xt_hashlimit: size too large, truncated to 1048576
[  158.058704][ T8311] 8021q: adding VLAN 0 to HW filter on device batadv1
[  158.265582][ T8320] loop6: detected capacity change from 0 to 512
[  158.313394][ T8320] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  158.482046][ T8320] EXT4-fs (loop6): 1 orphan inode deleted
[  158.545869][ T8320] EXT4-fs (loop6): 1 truncate cleaned up
[  158.574110][ T8320] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  158.749057][ T7524] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.932121][ T8339] netlink: 8 bytes leftover after parsing attributes in process `syz.4.798'.
[  158.987770][ T8339] netem: unknown loss type 0
[  158.992759][ T8339] netem: change failed
[  158.997954][ T8342] loop7: detected capacity change from 0 to 256
[  159.034369][ T8343] netlink: 40 bytes leftover after parsing attributes in process `syz.3.800'.
[  159.057848][ T8342] exFAT-fs (loop7): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d)
[  159.075647][ T8309] loop0: detected capacity change from 0 to 40427
[  159.112936][ T8309] F2FS-fs (loop0): build fault injection rate: 25
[  159.133929][ T8309] F2FS-fs (loop0): invalid crc value
[  159.141007][ T8342] exFAT-fs (loop7): failed to test first cluster bit of root dir(5)
[  159.219914][ T8351] exFAT-fs (loop7): start_clu is invalid cluster(0x400)
[  159.413300][ T8309] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  159.480144][ T8309] F2FS-fs (loop0): Start checkpoint disabled!
[  159.503588][ T8309] F2FS-fs (loop0): f2fs_disable_checkpoint() finish, err:0
[  159.553891][ T8309] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  159.715614][ T3488] bio_check_eod: 99 callbacks suppressed
[  159.715631][ T3488] kworker/u8:9: attempt to access beyond end of device
[  159.715631][ T3488] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  159.758474][ T3488] CPU: 0 UID: 0 PID: 3488 Comm: kworker/u8:9 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  159.758502][ T3488] Tainted: [L]=SOFTLOCKUP
[  159.758508][ T3488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  159.758519][ T3488] Workqueue: writeback wb_workfn (flush-7:0)
[  159.758544][ T3488] Call Trace:
[  159.758551][ T3488]  <TASK>
[  159.758559][ T3488]  dump_stack_lvl+0xe8/0x150
[  159.758585][ T3488]  f2fs_handle_critical_error+0x37c/0x540
[  159.758615][ T3488]  f2fs_write_end_io+0xcdb/0xff0
[  159.758659][ T3488]  __submit_merged_bio+0x256/0x700
[  159.758688][ T3488]  __submit_merged_write_cond+0x3c3/0x4e0
[  159.758719][ T3488]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  159.758767][ T3488]  f2fs_write_data_pages+0x2970/0x35e0
[  159.758836][ T3488]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  159.758874][ T3488]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  159.758936][ T3488]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  159.759006][ T3488]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  159.759031][ T3488]  do_writepages+0x32e/0x550
[  159.759062][ T3488]  ? reacquire_held_locks+0x104/0x190
[  159.759086][ T3488]  ? writeback_sb_inodes+0x43d/0x19a0
[  159.759114][ T3488]  __writeback_single_inode+0x133/0x11a0
[  159.759137][ T3488]  ? do_raw_spin_unlock+0xf5/0x210
[  159.759161][ T3488]  writeback_sb_inodes+0x944/0x19a0
[  159.759188][ T3488]  ? ret_from_fork_asm+0x1a/0x30
[  159.759222][ T3488]  ? __lock_acquire+0x6b5/0x2cf0
[  159.759251][ T3488]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  159.759269][ T3488]  ? do_raw_spin_lock+0x12b/0x2f0
[  159.759332][ T3488]  ? rcu_is_watching+0x15/0xb0
[  159.759366][ T3488]  wb_writeback+0x456/0xb70
[  159.759391][ T3488]  ? queue_io+0x1f1/0x4a0
[  159.759421][ T3488]  ? __pfx_wb_writeback+0x10/0x10
[  159.759439][ T3488]  ? do_raw_spin_lock+0x12b/0x2f0
[  159.759476][ T3488]  wb_workfn+0x414/0xf50
[  159.759497][ T3488]  ? look_up_lock_class+0x57/0x110
[  159.759531][ T3488]  ? __pfx_wb_workfn+0x10/0x10
[  159.759554][ T3488]  ? do_raw_spin_lock+0x12b/0x2f0
[  159.759575][ T3488]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  159.759619][ T3488]  ? process_one_work+0x87c/0x1650
[  159.759640][ T3488]  process_one_work+0x949/0x1650
[  159.759687][ T3488]  ? __pfx_process_one_work+0x10/0x10
[  159.759706][ T3488]  ? do_raw_spin_lock+0x12b/0x2f0
[  159.759745][ T3488]  worker_thread+0xb46/0x1140
[  159.759783][ T3488]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  159.759817][ T3488]  kthread+0x388/0x470
[  159.759836][ T3488]  ? __pfx_worker_thread+0x10/0x10
[  159.759856][ T3488]  ? __pfx_kthread+0x10/0x10
[  159.759876][ T3488]  ret_from_fork+0x51e/0xb90
[  159.759902][ T3488]  ? __pfx_ret_from_fork+0x10/0x10
[  159.759923][ T3488]  ? __switch_to+0xc7d/0x1450
[  159.759949][ T3488]  ? __pfx_kthread+0x10/0x10
[  159.759968][ T3488]  ret_from_fork_asm+0x1a/0x30
[  159.760011][ T3488]  </TASK>
[  159.760019][ T3488] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  160.453033][ T8362] loop3: detected capacity change from 0 to 32768
[  160.520400][ T8362] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  160.576432][ T8362] XFS (loop3): Ending clean mount
[  160.793230][ T5818] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  160.868577][ T8411] loop0: detected capacity change from 0 to 1024
[  160.925133][ T8411] hfsplus: bad catalog entry type
[  160.944537][ T3094] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  161.011816][ T8414] loop3: detected capacity change from 0 to 1024
[  161.021591][ T2948] hfsplus: b-tree write err: -5, ino 4
[  161.115359][ T3094] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  161.164533][ T3094] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  161.231122][ T3094] usb 8-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  161.281217][ T3094] usb 8-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  161.312595][ T3094] usb 8-1: Manufacturer: syz
[  161.353190][   T49] hfsplus: b-tree write err: -5, ino 4
[  161.420268][ T3094] usb 8-1: config 0 descriptor??
[  161.549894][ T8428] loop4: detected capacity change from 0 to 4096
[  161.692710][ T8430] loop3: detected capacity change from 0 to 2048
[  161.823446][ T8430] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  161.835984][ T8430] ext4 filesystem being mounted at /174/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  161.849549][ T3094] hid_parser_main: 438 callbacks suppressed
[  161.849571][ T3094] pyra 0003:1E7D:2CF6.0008: unknown main item tag 0x0
[  161.863611][ T3094] pyra 0003:1E7D:2CF6.0008: unknown main item tag 0x0
[  161.871666][ T3094] pyra 0003:1E7D:2CF6.0008: unknown main item tag 0x0
[  161.878716][ T3094] pyra 0003:1E7D:2CF6.0008: unknown main item tag 0x0
[  161.885732][ T3094] pyra 0003:1E7D:2CF6.0008: unknown main item tag 0x0
[  161.892595][ T3094] pyra 0003:1E7D:2CF6.0008: unknown main item tag 0x0
[  161.902910][ T3094] pyra 0003:1E7D:2CF6.0008: unknown main item tag 0x0
[  161.912994][ T3094] pyra 0003:1E7D:2CF6.0008: hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.7-1/input0
[  162.118611][ T5818] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.264775][ T3094] pyra 0003:1E7D:2CF6.0008: couldn't init struct pyra_device
[  162.272636][ T8441] loop4: detected capacity change from 0 to 512
[  162.333010][ T3094] pyra 0003:1E7D:2CF6.0008: couldn't install mouse
[  162.387669][ T3094] pyra 0003:1E7D:2CF6.0008: probe with driver pyra failed with error -71
[  162.440371][ T3094] usb 8-1: USB disconnect, device number 2
[  162.530995][ T8451] netlink: 16 bytes leftover after parsing attributes in process `syz.3.838'.
[  162.581272][ T8454] ALSA: mixer_oss: invalid OSS volume 'PHOõfiЧaEEAKER'
[  162.600411][ T8454] ALSA: mixer_oss: invalid OSS volume 'Â'
[  162.643801][ T8452] fido_id[8452]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.7/usb8/report_descriptor': No such file or directory
[  162.649928][ T8456] program syz.0.840 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  162.751523][ T8459] loop3: detected capacity change from 0 to 64
[  162.774994][ T8460] netlink: 104 bytes leftover after parsing attributes in process `syz.4.842'.
[  162.848249][ T8462] netlink: 12 bytes leftover after parsing attributes in process `syz.6.843'.
[  162.940734][ T8464] program syz.0.844 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  163.180314][ T8477] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  163.197340][ T8476] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  163.258804][ T8477] EXT4-fs (loop0): 1 truncate cleaned up
[  163.308105][ T8477] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  163.340591][ T8476] EXT4-fs (loop6): 1 truncate cleaned up
[  163.356259][ T8476] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  163.490388][ T8490] EXT4-fs error (device loop6): __ext4_iget:5405: inode #12: block 2: comm syz.6.848: invalid block
[  163.671334][ T8490] EXT4-fs (loop6): Remounting filesystem read-only
[  163.751841][ T5817] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.804044][ T8470] set_capacity_and_notify: 2 callbacks suppressed
[  163.804059][ T8470] loop3: detected capacity change from 0 to 32768
[  163.805446][ T7524] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.868013][ T8470] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  163.919224][ T8470] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  164.042050][ T8470] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[  164.081115][ T3094] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  164.094754][ T8500] loop6: detected capacity change from 0 to 2048
[  164.104532][ T3094] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  164.151151][ T8500] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  164.322823][ T3094] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 218ms
[  164.362919][ T3094] gfs2: fsid=syz:syz.0: jid=0: Done
[  164.372825][ T8470] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  164.610309][ T8497] loop0: detected capacity change from 0 to 32768
[  164.672342][ T8497] JBD2: Ignoring recovery information on journal
[  164.719786][ T8497] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  164.894638][ T8497] (syz.0.854,8497,0):ocfs2_file_write_iter:2453 ERROR: status = -27
[  165.079083][ T5817] ocfs2: Unmounting device (7,0) on (node local)
[  165.376114][ T8533] netlink: 8 bytes leftover after parsing attributes in process `syz.7.864'.
[  165.385763][ T8533] sit0: Master is either lo or non-ether device
[  165.393388][ T8533] netlink: 8 bytes leftover after parsing attributes in process `syz.7.864'.
[  165.403176][ T8533] sit0: Master is either lo or non-ether device
[  165.439534][ T8521] loop6: detected capacity change from 0 to 32768
[  165.492883][ T8521] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.860 (8521)
[  165.662790][ T8521] BTRFS info (device loop6): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  165.701093][ T8521] BTRFS info (device loop6): using crc32c checksum algorithm
[  166.055756][ T8521] BTRFS info (device loop6): turning off barriers
[  166.062225][ T8521] BTRFS info (device loop6): enabling free space tree
[  166.098706][ T8521] BTRFS info (device loop6): use zstd compression, level 3
[  166.528509][ T7524] BTRFS info (device loop6): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  166.574583][ T8540] loop7: detected capacity change from 0 to 40427
[  166.583595][ T8540] F2FS-fs (loop7): Invalid Fs Meta Ino: node(1) meta(2) root(1)
[  166.591561][ T8540] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  166.602580][ T8540] F2FS-fs (loop7): invalid crc value
[  166.847465][ T8536] loop0: detected capacity change from 0 to 40427
[  166.867955][ T8536] F2FS-fs: heap/no_heap options were deprecated
[  166.929189][ T8540] F2FS-fs (loop7): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  166.958505][ T8536] F2FS-fs (loop0): build fault injection rate: 19
[  166.994541][ T8536] F2FS-fs (loop0): build fault injection type: 0x3bfe8c
[  167.020892][ T8540] F2FS-fs (loop7): Start checkpoint disabled!
[  167.039380][ T8536] F2FS-fs (loop0): invalid crc value
[  167.077433][ T8540] F2FS-fs (loop7): f2fs_disable_checkpoint() finish, err:0
[  167.117321][ T8540] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[  167.120989][ T8536] F2FS-fs (loop0): inject page alloc in f2fs_grab_cache_folio of f2fs_build_free_nids+0x9d8/0x1810
[  167.174580][ T8540] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6
[  167.368187][ T8536] F2FS-fs (loop0): inject slab alloc in f2fs_kmem_cache_alloc of read_node_folio+0x221/0x410
[  167.455661][ T8536] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  167.514816][ T8536] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  167.865362][ T8580] loop3: detected capacity change from 0 to 32768
[  167.897037][ T8580] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.871 (8580)
[  167.953309][ T8580] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  167.994545][ T8580] BTRFS info (device loop3): using xxhash64 checksum algorithm
[  168.105726][ T8580] BTRFS info (device loop3): enabling ssd optimizations
[  168.122902][ T8580] BTRFS info (device loop3): turning on async discard
[  168.133024][ T8580] BTRFS info (device loop3): enabling free space tree
[  168.439487][ T8599] loop4: detected capacity change from 0 to 32768
[  168.444811][ T5818] BTRFS info (device loop3): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  168.556826][ T8599] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  168.604511][ T3094] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  168.777189][ T8599] XFS (loop4): Ending clean mount
[  168.817234][ T3094] usb 7-1: config 0 interface 0 altsetting 32 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  168.840813][ T8599] XFS (loop4): Quotacheck needed: Please wait.
[  168.866896][ T3094] usb 7-1: config 0 interface 0 has no altsetting 0
[  168.873541][ T3094] usb 7-1: New USB device found, idVendor=054c, idProduct=05c4, bcdDevice= 0.00
[  168.946045][ T3094] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  168.978677][ T8599] XFS (loop4): Quotacheck: Done.
[  169.058634][ T3094] usb 7-1: config 0 descriptor??
[  169.135129][ T5833] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  169.265029][ T5935] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  169.422928][ T8672] loop3: detected capacity change from 0 to 1024
[  169.457089][ T5935] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  169.475397][ T8672] EXT4-fs: Ignoring removed nobh option
[  169.481011][ T8672] EXT4-fs: Ignoring removed bh option
[  169.489525][ T3094] playstation 0003:054C:05C4.0009: unknown main item tag 0x0
[  169.504926][ T5935] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  169.529470][ T3094] playstation 0003:054C:05C4.0009: unknown main item tag 0x0
[  169.551433][ T3094] playstation 0003:054C:05C4.0009: unknown main item tag 0x0
[  169.559947][ T3094] playstation 0003:054C:05C4.0009: unknown main item tag 0x0
[  169.568708][ T3094] playstation 0003:054C:05C4.0009: unknown main item tag 0x0
[  169.578390][ T5935] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  169.579623][ T8672] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  169.612395][ T5935] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  169.639338][ T3094] playstation 0003:054C:05C4.0009: unknown main item tag 0x0
[  169.647426][ T5880] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  169.659637][ T8679] loop4: detected capacity change from 0 to 512
[  169.679514][ T5935] usb 1-1: Product: syz
[  169.683707][ T5935] usb 1-1: Manufacturer: syz
[  169.693065][ T5818] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.702967][ T3094] playstation 0003:054C:05C4.0009: unknown main item tag 0x0
[  169.723878][ T5935] usb 1-1: SerialNumber: syz
[  169.752824][ T3094] playstation 0003:054C:05C4.0009: hidraw0: USB HID v40.00 Device [HID 054c:05c4] on usb-dummy_hcd.6-1/input0
[  169.771088][ T8679] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: comm syz.4.886: Parent and EA inode have the same ino 15
[  169.832406][ T8679] loop4: lost filesystem error report for type 5 error -117
[  169.844432][    C1] EXT4-fs (loop4): error count since last fsck: 1
[  169.858200][    C1] EXT4-fs (loop4): initial error at time 1770057651: ext4_xattr_inode_iget:437
[  169.867195][    C1] EXT4-fs (loop4): last error at time 1770057651: ext4_xattr_inode_iget:437
[  169.878785][ T8679] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: comm syz.4.886: Parent and EA inode have the same ino 15
[  169.895493][ T5880] usb 8-1: too many endpoints for config 0 interface 0 altsetting 0: 254, using maximum allowed: 30
[  169.906911][ T5880] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  169.917948][ T8679] loop4: lost filesystem error report for type 5 error -117
[  169.918805][ T3094] playstation 0003:054C:05C4.0009: Invalid reportID received, expected 18 got 34
[  169.933153][ T8679] EXT4-fs (loop4): 1 orphan inode deleted
[  169.938257][ T5880] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  169.952094][ T3094] playstation 0003:054C:05C4.0009: Failed to retrieve DualShock4 pairing info: -22
[  169.961490][ T3094] playstation 0003:054C:05C4.0009: Failed to get MAC address from DualShock4
[  169.979498][ T8664] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  169.992581][ T5880] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 254
[  170.010090][ T8679] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  170.022628][ T3094] playstation 0003:054C:05C4.0009: Failed to create dualshock4.
[  170.027065][ T8664] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  170.036973][ T8689] loop3: detected capacity change from 0 to 1024
[  170.052871][ T5880] usb 8-1: New USB device found, idVendor=0810, idProduct=0001, bcdDevice= 0.00
[  170.065540][ T3094] playstation 0003:054C:05C4.0009: probe with driver playstation failed with error -22
[  170.077345][ T5935] cdc_ether 1-1:1.0: probe with driver cdc_ether failed with error -22
[  170.086802][ T5880] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  170.123071][ T5935] usb 1-1: USB disconnect, device number 8
[  170.135196][ T5880] usb 8-1: config 0 descriptor??
[  170.147380][   T42] usb 7-1: USB disconnect, device number 2
[  170.313271][ T5833] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.507303][ T8701] netlink: 8 bytes leftover after parsing attributes in process `syz.3.893'.
[  170.604550][ T5935] usb 1-1: new full-speed USB device number 9 using dummy_hcd
[  170.621657][ T5880] pantherlord 0003:0810:0001.000A: hidraw0: USB HID v0.00 Device [HID 0810:0001] on usb-dummy_hcd.7-1/input0
[  170.663820][ T5880] pantherlord 0003:0810:0001.000A: no output reports found
[  170.723699][ T8710] netlink: 52 bytes leftover after parsing attributes in process `syz.3.895'.
[  170.799533][ T5935] usb 1-1: config index 0 descriptor too short (expected 301, got 72)
[  170.846426][ T5935] usb 1-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  170.857742][ T5880] usb 8-1: USB disconnect, device number 3
[  170.884667][ T5935] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  170.900714][ T8714] mkiss: ax0: crc mode is auto.
[  170.929951][ T5935] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 1024, setting to 64
[  170.976765][ T5935] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  171.009134][ T5935] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  171.033690][ T5935] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  171.265585][ T5935] usb 1-1: usb_control_msg returned -71
[  171.294524][ T5935] usbtmc 1-1:16.0: can't read capabilities
[  171.319383][ T8733] loop6: detected capacity change from 0 to 512
[  171.346578][ T5935] usb 1-1: USB disconnect, device number 9
[  171.418053][ T8733] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  171.466929][ T8741] netlink: 'syz.7.905': attribute type 1 has an invalid length.
[  171.526886][ T8733] ext4 filesystem being mounted at /41/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  171.532448][ T8744] loop7: detected capacity change from 0 to 512
[  171.582015][ T8744] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  171.906889][ T7524] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.940406][ T7768] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.992142][ T8735] loop3: detected capacity change from 0 to 32768
[  172.038496][ T8735] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.903 (8735)
[  172.119386][ T8735] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  172.145107][ T8735] BTRFS info (device loop3): using crc32c checksum algorithm
[  172.334615][ T5935] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  172.401095][ T8735] BTRFS info (device loop3): turning off barriers
[  172.454447][ T8735] BTRFS info (device loop3): enabling free space tree
[  172.485963][ T8735] BTRFS info (device loop3): use zstd compression, level 3
[  172.507239][ T5935] usb 7-1: Using ep0 maxpacket: 32
[  172.546363][ T5935] usb 7-1: config 0 has an invalid interface number: 51 but max is 0
[  172.571151][ T5935] usb 7-1: config 0 has no interface number 0
[  172.620533][ T5935] usb 7-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  172.655840][ T5935] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  172.684176][ T5935] usb 7-1: Product: syz
[  172.699728][ T5935] usb 7-1: Manufacturer: syz
[  172.719608][ T5935] usb 7-1: SerialNumber: syz
[  172.761352][ T5935] usb 7-1: config 0 descriptor??
[  172.796497][ T5935] quatech2 7-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  172.932982][ T5818] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  173.013396][ T5935] usb 7-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  173.112764][ T5935] usb 7-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  173.465881][    C1] usb 7-1: qt2_read_bulk_callback - non-zero urb status: -71
[  173.489323][ T5935] usb 7-1: USB disconnect, device number 3
[  173.525331][ T5935] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  173.562180][ T8786] loop0: detected capacity change from 0 to 32768
[  173.586893][ T5935] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  173.659212][ T5935] quatech2 7-1:0.51: device disconnected
[  174.052096][ T8833] loop3: detected capacity change from 0 to 2048
[  174.132705][ T8833] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  174.170172][ T8840] loop6: detected capacity change from 0 to 16
[  174.221564][ T8818] loop7: detected capacity change from 0 to 32768
[  174.247522][ T8833] ext4 filesystem being mounted at /196/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  174.282572][ T8818] JBD2: Ignoring recovery information on journal
[  174.301042][ T8840] erofs (device loop6): mounted with root inode @ nid 36.
[  174.472768][ T8818] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode.
[  174.481970][ T8850] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.928: bg 0: block 345: padding at end of block bitmap is not set
[  174.547569][ T8850] EXT4-fs (loop3): Remounting filesystem read-only
[  174.583877][ T3026] EXT4-fs warning (device loop3): ext4_convert_unwritten_extents:5039: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[  174.626543][ T8855] netlink: 232 bytes leftover after parsing attributes in process `syz.4.931'.
[  174.709217][ T7524] VFS_WARN_ON_INODE(strlen(link) != linklen): inode:ffff88804fdb1fc8 fs:erofs mode:120777 opflags:0x8 flags:0x0 state:0x1 count:1
[  174.768763][ T7524] ------------[ cut here ]------------
[  174.774281][ T7524] 1
[  174.774303][ T7524] WARNING: ./include/linux/fs.h:953 at erofs_iget+0x1fce/0x2c00, CPU#0: syz-executor/7524
[  174.786819][ T7524] Modules linked in:
[  174.791090][ T7524] CPU: 0 UID: 0 PID: 7524 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  174.803623][ T7524] Tainted: [L]=SOFTLOCKUP
[  174.808908][ T7524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  174.819042][ T7524] RIP: 0010:erofs_iget+0x1fce/0x2c00
[  174.824346][ T7524] Code: 0f 8c e4 e1 ff ff 48 89 df e8 be 60 dd fd e9 d7 e1 ff ff e8 94 91 73 fd 48 8b 7c 24 10 48 c7 c6 00 99 1e 8c e8 73 0f f8 fd 90 <0f> 0b 90 e9 3c fe ff ff e8 75 91 73 fd 48 8b 7c 24 10 48 c7 c6 80
[  174.844070][ T7524] RSP: 0018:ffffc90003baf1e0 EFLAGS: 00010246
[  174.850369][ T7524] RAX: e4a144fbd0fe2900 RBX: 0000000000000001 RCX: e4a144fbd0fe2900
[  174.858430][ T7524] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[  174.866490][ T7524] RBP: ffffc90003baf400 R08: ffffc90003baedc7 R09: 1ffff92000775db8
[  174.874523][ T7524] R10: dffffc0000000000 R11: fffff52000775db9 R12: 0000000000000027
[  174.882522][ T7524] R13: 1ffff11009fb6403 R14: 0000000000000027 R15: ffff88802a259500
[  174.890561][ T7524] FS:  000055557561a500(0000) GS:ffff888125472000(0000) knlGS:0000000000000000
[  174.900924][ T7524] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  174.908407][ T7524] CR2: 0000555571459a28 CR3: 00000000375e4000 CR4: 00000000003526f0
[  174.916463][ T7524] Call Trace:
[  174.919745][ T7524]  <TASK>
[  174.922675][ T7524]  ? erofs_put_metabuf+0x17a/0x290
[  174.927859][ T7524]  ? __pfx_erofs_iget+0x10/0x10
[  174.932743][ T7524]  ? __pfx_erofs_namei+0x10/0x10
[  174.937757][ T7524]  ? __pfx_d_alloc_parallel+0x10/0x10
[  174.943146][ T7524]  erofs_lookup+0x186/0x360
[  174.947725][ T7524]  __lookup_slow+0x2b7/0x410
[  174.952357][ T7524]  ? __pfx___lookup_slow+0x10/0x10
[  174.957565][ T7524]  ? down_read+0x272/0x2e0
[  174.961996][ T7524]  lookup_slow+0x53/0x70
[  174.966645][ T7524]  ovl_lookup_single+0x32f/0xea0
[  174.971611][ T7524]  ? __pfx_ovl_lookup_single+0x10/0x10
[  174.977165][ T7524]  ovl_lookup_layer+0x377/0x450
[  174.982066][ T7524]  ? __kmalloc_noprof+0x1b8/0x760
[  174.987200][ T7524]  ovl_lookup+0x9b0/0x1c80
[  174.991661][ T7524]  ? __pfx_ovl_lookup+0x10/0x10
[  174.996594][ T7524]  ? __lock_acquire+0x6b5/0x2cf0
[  175.002874][ T7524]  ? __pfx_d_alloc_parallel+0x10/0x10
[  175.009117][ T7524]  ? __raw_spin_lock_init+0x45/0x100
[  175.014513][ T7524]  ? __init_waitqueue_head+0xa9/0x150
[  175.019924][ T7524]  __lookup_slow+0x2b7/0x410
[  175.024566][ T7524]  ? __pfx___lookup_slow+0x10/0x10
[  175.029703][ T7524]  ? down_read+0x272/0x2e0
[  175.034150][ T7524]  lookup_slow+0x53/0x70
[  175.038444][ T7524]  path_lookupat+0x3f5/0x8c0
[  175.043041][ T7524]  filename_lookup+0x256/0x5d0
[  175.047936][ T7524]  ? __pfx_filename_lookup+0x10/0x10
[  175.053284][ T7524]  ? strncpy_from_user+0x150/0x2b0
[  175.058472][ T7524]  ? do_getname+0x151/0x250
[  175.062988][ T7524]  user_path_at+0x40/0x160
[  175.067499][ T7524]  __x64_sys_umount+0xf6/0x170
[  175.072275][ T7524]  ? __pfx___x64_sys_umount+0x10/0x10
[  175.077738][ T7524]  do_syscall_64+0x14d/0xf80
[  175.082361][ T7524]  ? trace_irq_disable+0x3b/0x150
[  175.087440][ T7524]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.093515][ T7524]  ? clear_bhb_loop+0x40/0x90
[  175.098270][ T7524]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.105040][ T7524] RIP: 0033:0x7f7e0af9c117
[  175.109457][ T7524] Code: a2 c7 05 7c 94 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  175.129805][ T7524] RSP: 002b:00007ffe63ba2a48 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  175.138278][ T7524] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f7e0af9c117
[  175.146313][ T7524] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe63ba2b00
[  175.154322][ T7524] RBP: 00007ffe63ba2b00 R08: 00007ffe63ba3b00 R09: 00000000ffffffff
[  175.162376][ T7524] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe63ba3bf0
[  175.170426][ T7524] R13: 00007f7e0b00471f R14: 000055557561a4e8 R15: 00007ffe63ba6ea0
[  175.178527][ T7524]  </TASK>
[  175.181559][ T7524] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  175.188825][ T7524] CPU: 0 UID: 0 PID: 7524 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  175.199825][ T7524] Tainted: [L]=SOFTLOCKUP
[  175.204133][ T7524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  175.214169][ T7524] Call Trace:
[  175.217434][ T7524]  <TASK>
[  175.220362][ T7524]  vpanic+0x56c/0xa60
[  175.224341][ T7524]  ? __pfx__printk+0x10/0x10
[  175.228912][ T7524]  ? __pfx_vpanic+0x10/0x10
[  175.233424][ T7524]  ? is_bpf_text_address+0x292/0x2b0
[  175.238691][ T7524]  ? is_bpf_text_address+0x26/0x2b0
[  175.243877][ T7524]  panic+0xc5/0xd0
[  175.247584][ T7524]  ? __pfx_panic+0x10/0x10
[  175.252000][ T7524]  __warn+0x315/0x4f0
[  175.255973][ T7524]  ? erofs_iget+0x1fce/0x2c00
[  175.260641][ T7524]  ? erofs_iget+0x1fce/0x2c00
[  175.265307][ T7524]  __report_bug+0x29a/0x540
[  175.269806][ T7524]  ? erofs_iget+0x1fce/0x2c00
[  175.274476][ T7524]  ? __pfx___report_bug+0x10/0x10
[  175.279486][ T7524]  ? strncpy_from_kernel_nofault+0x103/0x1c0
[  175.285460][ T7524]  ? dump_inode+0x379/0x450
[  175.289983][ T7524]  ? erofs_iget+0x1fce/0x2c00
[  175.294669][ T7524]  report_bug+0x16a/0x220
[  175.298999][ T7524]  ? erofs_iget+0x1fce/0x2c00
[  175.303659][ T7524]  ? erofs_iget+0x1fd0/0x2c00
[  175.308319][ T7524]  handle_bug+0x98/0x200
[  175.312561][ T7524]  exc_invalid_op+0x1a/0x50
[  175.317063][ T7524]  asm_exc_invalid_op+0x1a/0x20
[  175.321904][ T7524] RIP: 0010:erofs_iget+0x1fce/0x2c00
[  175.327176][ T7524] Code: 0f 8c e4 e1 ff ff 48 89 df e8 be 60 dd fd e9 d7 e1 ff ff e8 94 91 73 fd 48 8b 7c 24 10 48 c7 c6 00 99 1e 8c e8 73 0f f8 fd 90 <0f> 0b 90 e9 3c fe ff ff e8 75 91 73 fd 48 8b 7c 24 10 48 c7 c6 80
[  175.346767][ T7524] RSP: 0018:ffffc90003baf1e0 EFLAGS: 00010246
[  175.352821][ T7524] RAX: e4a144fbd0fe2900 RBX: 0000000000000001 RCX: e4a144fbd0fe2900
[  175.360784][ T7524] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[  175.368750][ T7524] RBP: ffffc90003baf400 R08: ffffc90003baedc7 R09: 1ffff92000775db8
[  175.376713][ T7524] R10: dffffc0000000000 R11: fffff52000775db9 R12: 0000000000000027
[  175.384675][ T7524] R13: 1ffff11009fb6403 R14: 0000000000000027 R15: ffff88802a259500
[  175.392649][ T7524]  ? erofs_put_metabuf+0x17a/0x290
[  175.397765][ T7524]  ? __pfx_erofs_iget+0x10/0x10
[  175.402608][ T7524]  ? __pfx_erofs_namei+0x10/0x10
[  175.407541][ T7524]  ? __pfx_d_alloc_parallel+0x10/0x10
[  175.412910][ T7524]  erofs_lookup+0x186/0x360
[  175.417404][ T7524]  __lookup_slow+0x2b7/0x410
[  175.421988][ T7524]  ? __pfx___lookup_slow+0x10/0x10
[  175.427097][ T7524]  ? down_read+0x272/0x2e0
[  175.431505][ T7524]  lookup_slow+0x53/0x70
[  175.435740][ T7524]  ovl_lookup_single+0x32f/0xea0
[  175.440681][ T7524]  ? __pfx_ovl_lookup_single+0x10/0x10
[  175.446132][ T7524]  ovl_lookup_layer+0x377/0x450
[  175.450971][ T7524]  ? __kmalloc_noprof+0x1b8/0x760
[  175.455982][ T7524]  ovl_lookup+0x9b0/0x1c80
[  175.460408][ T7524]  ? __pfx_ovl_lookup+0x10/0x10
[  175.465246][ T7524]  ? __lock_acquire+0x6b5/0x2cf0
[  175.470180][ T7524]  ? __pfx_d_alloc_parallel+0x10/0x10
[  175.475538][ T7524]  ? __raw_spin_lock_init+0x45/0x100
[  175.480809][ T7524]  ? __init_waitqueue_head+0xa9/0x150
[  175.486169][ T7524]  __lookup_slow+0x2b7/0x410
[  175.490752][ T7524]  ? __pfx___lookup_slow+0x10/0x10
[  175.495860][ T7524]  ? down_read+0x272/0x2e0
[  175.500267][ T7524]  lookup_slow+0x53/0x70
[  175.504501][ T7524]  path_lookupat+0x3f5/0x8c0
[  175.509089][ T7524]  filename_lookup+0x256/0x5d0
[  175.513843][ T7524]  ? __pfx_filename_lookup+0x10/0x10
[  175.519147][ T7524]  ? strncpy_from_user+0x150/0x2b0
[  175.524254][ T7524]  ? do_getname+0x151/0x250
[  175.528750][ T7524]  user_path_at+0x40/0x160
[  175.533158][ T7524]  __x64_sys_umount+0xf6/0x170
[  175.537910][ T7524]  ? __pfx___x64_sys_umount+0x10/0x10
[  175.543277][ T7524]  do_syscall_64+0x14d/0xf80
[  175.547854][ T7524]  ? trace_irq_disable+0x3b/0x150
[  175.552864][ T7524]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.558916][ T7524]  ? clear_bhb_loop+0x40/0x90
[  175.563584][ T7524]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.569461][ T7524] RIP: 0033:0x7f7e0af9c117
[  175.573864][ T7524] Code: a2 c7 05 7c 94 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  175.593454][ T7524] RSP: 002b:00007ffe63ba2a48 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  175.601854][ T7524] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f7e0af9c117
[  175.609811][ T7524] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe63ba2b00
[  175.617767][ T7524] RBP: 00007ffe63ba2b00 R08: 00007ffe63ba3b00 R09: 00000000ffffffff
[  175.625725][ T7524] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe63ba3bf0
[  175.633681][ T7524] R13: 00007f7e0b00471f R14: 000055557561a4e8 R15: 00007ffe63ba6ea0
[  175.641653][ T7524]  </TASK>
[  175.645166][ T7524] Kernel Offset: disabled
[  175.649508][ T7524] Rebooting in 86400 seconds..