last executing test programs:

5.404807043s ago: executing program 3 (id=1520):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000240)={@hyper})
ioctl$IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, &(0x7f00000000c0)={&(0x7f0000000580)={{@host, 0x25}, {@any, 0x3}, 0x400, "aeea1ea85a41da879334f9645997ed883389fdb8ca00ceb5c2eea759defec7f238fecce95f5c3c82dbeb546e2941f7a64414134b15e50caf8ba125a385bda4b7190bf6ab7e9271f843098f796ab0036d1af7acb2a5663daa1141093b05ea4554ba8c5cbac98ecd2eb66c816f6650fa7c2269cc9a2fe96e2ace878492d346b7a813ce49880ab3facdb45537340ca981b6e3840496c9af773840518efaa1114a374488ff329bf2c768ac6c03c577bc1b8563a14113134061660065cb72a010bf65366ff9ebcd4fe2a6cea7dd025e659e99e58b9af9d41b908b7d608d24bfe4d9b113fc6d7b25b9a5de8554c9627cfe79b2b879fcdf652fefd155bc9bb1cbee8e1bac5e484f944943ea81c4d83ba3d265f0dfa1e34809d67ef43e53327bbe12a8b1a6899c87f2ba219f832d0758dbabf51a8685ef3e18dd286ac0d28f6cf41fe1c541a759c5c4c36a054146e2b7ce5aa6c86560731deab60c3102e38cd9b0581118013ef99eae21ade0a471fcabfe807260b4ad9f4b327811214e95d4ed35af7c13d9b924ff27a014fcbe292d9ab5adb965df19269fb2a977eca7e713ba76a53e4d7c09652def3062e1aa7dfa5220390bb7d56eb046c8b882c4a547f60054fb34dbc597f551aff2e2adddd971cb768b5b73d000ed5ac61b7346ec5622a332f5c26db52eb6f4256922a078238945a7ab03351e2800e4406761f7da2a677e11e74ca894143c84562982eb567f7a404ae23782b71518123e2cd324aa5a7543fc6888963a7008cf732f394fabf6a16e2158f219f82aac0064f83e77c9553ae5f08ad65ea17b16b260c8f95fa69057cbf672f94188db85508367569e68c670e585f21154b38408cd5ec43ea065fb48e5709de045a1fef7c39f7cd76fce4b1a2a719073ab5e8096fea76efbed0da303fe2e2c56c028ec053ae53350a09ee3ccb2585a65d271d5c4a53224a1bbf537607e6a7913594429bb0a932cdb7322b3b8003c658ec543312979d495e7383127b75d514e7757459131243a1d1db134616b45122e336f411a89f80ec0e8289b248a2f4cb4aca6f2bac480a39da162f1071e2b57f1e348be1d5b9cd607d00e63deefdf3b2d6daf49d5284fc4b890835122f11a5009486df2b000e66121d3a1cb885dd4a99a016d21d569dcea03bab6af391a6052fb09051665a6d1ba0ad6c4cb93b8b7e4693c8fd89e5a7bb4029a4f1b414122ba858da59fd02b1a99c752d763410213b7eae2f1f696cc11a4dcb87cf3987707f8194e86ce3d85ea7ec11c5a9cd5a4f6d566aaf9304ebeafdbd0d8bbbf9c10f81d0ff2976881b1c9fd4f3991e7809b9b0dfe22cb32e4f3ae5b3e56a39e821111d67c9115973ec7692b400d7f346d268181afc64273e27d5bf2e6b735cd0614ec0ccd6251116a9159c54f1adbda61fc21f3cb93128868b93ba285ad900fafde00d48a0128"}, 0x418, 0x6})

5.340533383s ago: executing program 3 (id=1522):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000740)=@updpolicy={0xc0, 0x19, 0x1, 0x0, 0x10, {{@in=@multicast1=0xe0000002, @in=@rand_addr=0x64010102, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x80, 0x6}, {0x0, 0x0, 0x1abe1019, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffd}, {}, 0x0, 0x6e6bb8, 0x0, 0x1, 0x0, 0x1}, [@XFRMA_IF_ID={0x8, 0x1f, 0x1}]}, 0xc0}, 0x1, 0x0, 0x0, 0x4008011}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000c40)=ANY=[@ANYBLOB="d40000001b001d0328bd7000fcdbdf25ffffffff000000000000000000000000fe8000000000000000000000000000264e2000014e2404000200000087000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="08000000000000000100010000000000f4ffffffffffffff04000000000000000200000000000000ba410000000091ad07000000000000000000008000000000ffffff7f0000000003000000000000000400000000000000080000000000000003000000b86b6e000000030100000000040000000000000008001f0001"], 0xd4}}, 0x0)

5.274308124s ago: executing program 2 (id=1523):
syz_mount_image$jfs(&(0x7f0000000080), &(0x7f00000000c0)='./bus\x00', 0x200000, &(0x7f0000000000)=ANY=[@ANYRES64=0x0, @ANYRES32], 0x1, 0x6353, &(0x7f0000008480)="$eJzs3c1vHGcdB/DfvvqltDU9VKVCyE3KSylN4qSEQIC2Bzhw6QHlihK5bhWRAkoCSiuLOPKFAyf+AhASR4Q4Ig78AT1w5QYXTkSykUA9MWjt54nHm93Yru2dtZ/PR3JmfvPMrp/xd2dfMjP7BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQ3/vu95daEXH9Z2nBQsSnohPRjpgb1IsRMbe4kNfvRsQLsdUczz+I6M1EDG6/9c+zEa9HxEfPRGxsri4PFl/cZz++84e//fYHT73919/3zv/3j3fHr3fv3i//86f7h9liAAAAKE9VVVUrfcx/MX2+bzfdKQBgIvLrf5Xk5ae+/tU/3/7zNPVHrVar1eoJ1HXVaPfrRUSs1W8zeM/gcDwAnDBr8XHTXaBB8i9aNyKearoTwFRrNd0BjsXG5upyK+Xbqr8eLG6353NBduW/1np0fce46V6GzzGZ1ONrPTrx3Jj+zE2oD9Mk598ezv/6dns/rXfc+U/KuPz725c+FSfn3xnOf8jpyb89Mv9S5fy7B8q/I38AAAAAAJhi+f//Fxo+/jtz+E3Zlycd/12cUB8AAAAAAAAA4Kgdavy/+h0d6fh/navj1jP+HwAAABzc4LP6wK+f2Vk27rvYBsuvtSKeHlofKEy6WGa+6X4AAAAAAAAAAAAAQEm62+fwXmtF9CLi6fn5qqoGP3XD9UEd9vYnXenbDyVr+kkeAAC2ffTM0LX8rYjZiLiWvuuvNz8/X1Wzc/PVfDU3k9/P9mdmq7na59o8HSyb6e/jDXG3Xw3ubLZ2u7q9Pi/v1T58f4Pf1a86++jYEemlv+aY5obCBoBk+9VowyvSKVNVz4578wG72P9PoYVYaPpxxfRr+mEKAAAAHL+qqqpW+jrvF9Mx/3bTnQIAJiK//g8fFzhU3R7THnE0969Wq9VqtfoT1XXVaPfrRUSs1W8zeM9gOH4AOGHW4uOmu0CD5F+0bkS80HQngKnWaroDHIuNzdXlVsq3VX89SOO753NBduW/1tq6Xb79qOlehs8xmdTjaz068dyY/jw/oT5Mk5x/ezj/69vt/bTecec/KePy729dMleenH9nOP8hpyf/9sj8S5Xz7x4o/478AQAAAABgiuX//18o+vivKxgAAAAAAAAAONk2NleX83Wv+fj/Z0es5/rP0ynn3zpo/nNpXv4nWs6/PZT/l4bW69TmH761s///e3N1+Xd3//WZPN1v/jN5ppUeWa30iGil39Tqpulhtu5x671Of/Cbeq12p5tOc6p678bNuBUrcWHXuu3099hpX9rVPuhpb1f7xV3t3cfaL+1q76XvHajmcvu5WI4fx614Z6t90Dazx/bP7tFe7dGe8+94/i9Szr9b+xnkP5/aW0PTgYcP2o/t9/XpqN/z5s3P/eLC8W/Ontaj82jb6gbbd6aB/mz9TZ7qx0/vrNw+d+/G3bu3lyJNdi29GGlyxHL+va2fmZ3n/7Pb7fl5v76/PnzQP3D+02I9umPzP1ubH2zvKxPuWxNy/v30k/N/J7WP3v9Pav5Xz/7j0+P3/1cb6BEAAAAAAAAAAAAAAAA8SVVVW5eIvhkRl9P1P01dmwkATFZ+/a+SvFytLrqOhenqTzF1Z8r6o1afvrquGu2NehERf6nfph0RPx91ZwDANPtfRPy96U7QGPkXLH/f32D6ctOdASbqzgcf/vDGrVsrt+803RMAAAAAAAAA4JPK438u1sZ/fjkiFobW2zX+61uxeNjxP7t55tEAo0c80PcY6+1+p10bbvyl2Bqf+9y48b/PxOPjf+cxcTv17Rijt0d7f4/2mT3aZ0cu3Ulr5IUeNTn/l2rjnQ/yf3Fo+PXTMf7rk8d/Hh7zvgQ5/zO1x/Mg/y8OrVfPv/rN1OW/tt8V16O9K//zd9//yfk7H3z42s33b7y38t7Kjy4tLV24dPnylStXzr9789bKhe1/j6fXUyDnn8e+dh5oWXL+OXP5lyXn//lUy78sOf8vpFr+Zcn55/d78i9Lzj9/9pF/WXL+r6Ra/mXJ+X851fIvy8bm6swg/1dTLf+y5P3/K6mWf1ly/q+lWv5lyfmfS7X8y5LzP5/qfeTv6+FPkZx/PsJl/y9Lzn8p1fIvS87/YqrlX5ac/6VUy78sOf/XUy3/suT8v5pq+Zcl53851fIvS87/a6mWf1ly/ldSLf+y5Py/nmr5lyXn/41Uy78sOf+rqZZ/WXL+30y1/MuS8/9WquVflpz/t1Mt/7Lk/N9ItfzLsvP9/2bMmDGTZ5p+ZgIAAAAAAAAAAAAAhk3idOKmtxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgp79xoj11nfD/zM3rx2EmIgBCd/A5vEhJBssutLfOFfFxOuDVAKJDT0gu1612apb3jtEiiSTQMlEkZFFRXpi7aAUBupqrAqXtCK0lSqenlVWlX0TUVbCalRFVBARWormq3mnOd5dmZ2busdr2fP+Xwk+7czc86cZ848c3Z+u/udAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANDojjfOf7qWZVn9X/7f1iy7sf715qmt+XWvu94jBAAAANbqf/P/n785XXGoj5UalvnrV/7d15aWlpayx0Z/a/zzS0vphqksG9+UZflt0ZV/e3+tcZngiWyyNtJweaTH5kd73D7W4/bxHrdP9Lh9U4/bJ3vcvmIHrLC5+HlMfmc78i+3Frs0uyUbz2/b0WatJ2qbRkbiz3JytXydpfHj2UJ2MpvPZpuWL5at5ct/4476tt6WxW2NNGxre32G/ODjx+IYamEf72ja1vJ9Rt97Qzb1wx98/Njvn3/utna1525our9inPfcWR/nJ8M1xVhr2aa0T+I4RxrGub3NczLaNM5avl7969ZxPt/nOEeXh7muWp/zyWwk//pb+X4aa/yxXtpP28N1/3VXlmWXlofdusyKbWUj2Zama0aWn5/JYkbW76M+lV6SjTXP05HOY65/dUcf87Re53Y0z9PW10R8/u8I6411eK00Pk3f+8TEiud9tfM0qj/qTq+V1jk46NfKsMzBOC++lT/oJ9vOwR3h8X/87s5zsO0xrs0cTI+7YQ7e2W4ONt7PyMRoPub0JNTydZbn4M6m5UfzLdXy+uzd3efgzPlTZ2cWP/qx+xdOHT0xf2L+9O6dO2d37927f//+meMLJ+dni/+vcm8Pvy3ZSHoN3Bn2XXwNvKZl2capuvSlwb0OJ7u8Dre2LDvo1+FY64Orrc8LcuWcLl4bj9R3+uTlkazDayx/fu5d++swPe6G1+FYw+uw7feUNq/DsfQOrPPrsH6/Z+/t7z3LWMO/dmO4Vt8LtjbMwdb3I61zcNDvR4ZlDk6GefHP93b+XrA9jPfJ6dW+HxldMQfTww3Hnvo16f3+5P68tJuXt9dvuGEiu7A4f+6Bx4+eP39uZxbKunhpw1xpna9bGh5TtmK+jqx6vh5aeOWTt7e5fmvYV5P31/+b7Phc1ZfZ80D35yr/7tZ+fzZduysLZbD+MTzn67Y/2303r+/P1Et22Z/1ZT45s/b34qkvbTj+jnc4/sa+/4Vie+munhgdHytev6Np74w3vS9qfqrG8mNXLd/28zP9HY/Hw7/1Ph7f0uV4vK1l2UEfj8dbH1w8Htd6/bRjbVqfz8kwT07Odj8e15fZtmu1c3Ks6/H4rlBrYf+/NnQKqS9qmDud5m3a1tjYeHhcY3ELzfN0d9Py46E3q2/r6V1XN0/vuau4r9H06Jat1zydall20PM0Ha86zdNar5++XZ3W53MyzItbdnefp/Vlntmz9mPn5vhlw7FzotccHB+dqI95PE3C4ni/tDnOwQeyY9mZ7GQ2l986kc+nWr6t6Qf7m4MT4d96Hyu3dZmD97QsO+g5mL6PdZp7tbGVD34AWp/PyTAvnnqw+xysL/OmfYN973pPuCYt0/DetfXna51+5nV7y266lj/zqo/zL/d1/9lsfZmT+1fbZ3bfT/eFa25os59aX7+dXlNz2frsp21hnM/t77yf6uOpL/P5A33Op0NZll388EP5z3vD71f++MK3v9b0e5d2v9O5+OGHvn/T8b9azfgB2PheKMqW4ntdw2+m+vn9PwAAALAhxL5/JNRE/w8AAAClEfv++Ffhif4fAAAASiP2/WOhJhXp/7e96bmFFy5mKZm/FMTb0254uFguZlxnw+WppWX16x/6yvyP/vRif9seybLsxw//atvltz0cx1WYCuO88ubm61eueLGv7R95dHm5xvz6F8P9x8fT7zRoF8GdzbLsGzd/Nt/O1Psv5/WZh4/k9T2XnnyivszzB4rLcf1nX1os/zsh/Hvo+NGm9Z8N++G7oc6+vf3+iOt99fJrt+973/L24nq1O1+UP+ynPlDcb/ycnM89USwf93On8f/ZZ57+an35x1/dfvwXR9qP/+lwv18J9b9fUSzf+BzUL8f1PhXGH7cX13vgy99sO/4rny6WP/uWYrkjocbt3xMu73jLcwuN++vx2tGmx5W9tVgubn/227+R3x7vL95/6/gnD19u2h+t8+OZfyjuZ6Zl+Xh93E70Jy3br99P4/yM23/614807ede27/ynmdfUb/f1u3f17LcaMv6rZ/Y9Luf+mzb7cXxHPqjs02P59C7w+s4bP+pD4T5GG7/nyufbdpudOTdzcefuPwXt15sejzR235YbP/K60/k9d+nfvTbN9x404suvaq+77LsW+8t7q/X9k/83pmm8X/p1nvz5yPeHjP6rdvvJG7/3EemT59ZvLAw17BX88/OeUcxnk2Tm7fUx3tzOLa2Xj585vwH589NzU7NZtlUeT9C76p9OdTvF+XSate/99HwfN7+hW9sufvvPxOv/6dHiusvv734vvWasNznwvVbi+dvqbbG7T91x63567v2THG5Kcc+ANt3/Mf+vhYMj7/1fUGc72df9sF8P9Rvy79vxNf1Gsf/nbnifr4e9utS+GTmO29d3l7j8vGzES6/t3i9r3n/hcNcfF7/IDzf7/xucf9xXPHxfie8j/nmtubjXZwfX7840nr/+ad4XArHk+xScXtcKu7vy8/f2nZ48XNIsku35Zd/M93Pbat6mJ0sfnRx5uTC6QuPz5yfXzw/s/jRjx0+debC6fOH88/yPPyhXusvH5+25Menufm9e7LZzVmWnclm1+GAdW3GX/+qv/GfffTY3L7Zu+fmjx+9cPz8o2fnz504trh4bH5u8e6jx4/Pf6TX+gtzB3fuOrB7367pEwtzB/cfOLD7wPTC6TP1YRSD6mHv7C9Pnz53OF9l8eCeAzsffHDP7PSpM3PzB/fNzk5f6LV+/r1pur72r0yfmz959PzCqfnpxYWPzR/ceWDv3l09Pw3w1Nnji1Mz5y6cnrmwOH9upngsU+fzq+vf+3qtTzkt/kvxfrZVrfggvuxd9+1Nn89a95VPdLyrYpGWDxB9LnwWzd+++Oz+fi7Hvn881KQi/T8AAABUQez7J0JN9P8AAABQGrHv3xRqov8HAACA0oh9/2SoSUX6f/l/+f/+8v/F7fL/1cr/n/1wkSvd6Pn/mJ+X/6+G65z/X/P25f/l/8uX/+8/P7/Rxy//L//PSsOW/499/+Ysq2T/DwAAAFUQ+/4toSb6fwAAACiN2PffEGqi/wcAAIDSiH3/jaEmFen/5f/7yv/v6hW4Kn/+3/n/5f+zjZn/j0+O/H9lrDp//75Hmi7K/wfy//L/8v/y//L/rNl4x1uuV/4/9v03hZpUpP8HAACAKoh9/4tCTfT/AAAAUBqx77851ET/DwAAAKUR+/6toSYV6f/l/53/X/5f/r/U+f+1nv+/YTDy/xuD8/93t8b8f4zjy/+vyP9Pyv9vxPz/+GDHv575/6XWb5Y98/89hy//zzUxbOf/j33/i0NNKtL/AwAAQBXEvv8loSb6fwAAACiN2Pe/NNRE/w8AAAClEfv+W0JNKtL/y//L/w9X/v8L99f3vPx/Qf6/cC3y/5MDOf9/8ZX8/3CR/+/O+f97cP7/auX/Bzz+ap3/f/zNrevL/9POsOX/Y9//slCTivT/AAAAUAWx77811ET/DwAAAKUR+/6Xh5ro/wEAAKA0Yt+/LdSkIv2//L/8/yry/xPO/y//32gj5//7Pv9/1/x/Qf5/uMj/dyf/34P8v/y//H9/+f82b37l/2ln2PL/se+/LdSkIv0/AAAAVEHs+28PNdH/AwAAQGnEvv//hZro/wEAAKA0Yt+/PdSkIv2//L/8/3Cd/1/+/1rn/++bkP+X/y83+f/u5P97kP+X/5f/PzNXn4Q9z/+/0mry/5t63RmlMWz5/9j3vyLUpCL9PwAAAFRB7PtfGWqi/wcAAIDSiH3/q0JN9P8AAABQGrHvnwo1qUj/L/9frvz/H/75U6/K5P/l/3tsv6T5/zgN5P8rTv6/O/n/HuT/5f/l//s7/38bzv9PO8OW/499/x2hJhXp/wEAAKAKYt9/Z6iJ/h8AAABKI/b9d4Wa6P8BAACgNGLfvyPUpCL9v/x/ufL/kfy//H+37Zc0/5/I/1eb/H8bDS9S+f8e5P/l/yuf/4/vfuX/GYxhy//Hvv/VoSYV6f8BAACgCmLff3eoif4fAAAASiP2/a8JNdH/AwAAQGnEvv+eUJOK9P/y//L/8v/y//L/7bcv/78xyf93t9r8/4T8v/y//H/F8v/O/89gXf/8f/HOLV6Off9rQ00q0v8DAABAFcS+/95QE/0/AAAAlEb8+83i7171/wAAAFBGse+fDjWpSP8v/y//X6X8f03+X/5f/r/05P+7c/7/HuT/5f/bjn8yHqm7kv+X/2el65//b74c+/77Q00q0v8DAABAFcS+/4FQE/0/AAAAlEbs+2dCTfT/AAAAUBqx758NNcn7//HrNKr1M4z5/xH5f/l/5//Pyf8X5P/l/1dD/r87+f8e5P/l/8t2/v8sk//nuhq2/H/s+3eGmvj9PwAAAJRG7Pt3hZro/wEAAKA0Yt+/O9RE/w8AAAClEfv+PaEmFen/hzH/n8n/y//L/+fk/wvy//L/qyH/3538fw/y//L/Zcv/O/8/19mw5f9j3/9gqElF+n8AAACogtj37w010f8DAABAacS+f1+oSej/2/1dNwAAALCxxL5/f6hJRX7/L/8/RPn/2hry/7/2N03bLnv+fyST/8+ue/5/s/x/qPL/w2U5f5/P17Lk/1tfFldN/r8H+X/5f/n/1eT/xxsvyP/TzrDl/2PffyDUpCL9PwAAAFRB7PtfF2qi/wcAAIDSiH3//w810f8DAABAacS+/ydCTSrS/8v/D1H+3/n/c87/v7zecOf/nf9f/n84Of9/d6XK/4/I/8v/D9f4K5j/byL/Tzt95v8/cfX5//hVf/n/2PcfDDWpSP8PAAAAVRD7/p8MNdH/AwAAQGnEvv/1oSb6fwAAACiN2PcfCjWpSP8v/y//L/8v/39t8v+vz1oNY/6/Pnnk/8tF/r+7UuX/nf9f/n/Ixi//L//PSsN2/v/Y978h1KQi/T8AAABUQez7Hwo10f8DAABAacS+/42hJvp/AAAAKI3Y978p1KQi/b/8v/y//L/8v/P/t9++/P/GNMj8f61hdsv/F+T/5f+7kf+X/5f/p9Ww5f9j3//mUJOK9P8AAABQBbHvf0uoif4fAAAASiP2/W8NNdH/AwAAQGnEvv9toSYV6f/l/+X/5f/l/+X/22+/3/x/9q/y/8Okwuf/H+9noUHk/w/J/8v/dyD/L/8v/0+rYcv/x77/p0JNKtL/AwAAQBXEvv/hUBP9PwAAAJRG7PvfHmrS3P/X2v19NwAAALAxxL7/HaEm/fz+/7FrNar1I/8v/1+1/P9oNfL/f9Ft+/L/zv9fZhXO//fF+f97kP+X/5f/l/9noIYt/x/7/neGmvj7fwAAACiN2Pf/dKiJ/h8AAABKI/b97wo10f8DAADA8FrlB/XFvv9nQk0q0v/L/8v/D1f+f+li43rO/+/8/9mg8v/1leT/K0H+vzv5/x7a5P83yf/L/8v/y/9z1YYt/x/7/neHmlSk/wcAAIAqiH3/e0JN9P8AAABQGrHvf2+oif4fAAAASiP2/Y+EmlSk/5f/r2T+Pz3k4cv/X/vz/8v/VzT/7/z/lSH/3538fw/O/z+g/PyN8v/y//L/5IYt/x/7/kdDTSrS/wMAAEAVxL7/faEm+n8AAAAojdj3/2yoif4fAAAASiP2/Y/l+ffq9f8lz/+3i+XnKp7/H+Lz/5ct/z/WND+qlP+fbHg+07yU/5f/Xwfy/91tlPz/1nXJ/29aeZX8/8Y8///kcIz/muf/w2ze3GF9+X+G0bDl/x/L15rM3h9qUpH+HwAAAKog9v0/F2qi/wcAAIDSiB3/zzdd0v8DAABAmcS+/xdCTSrS/5c8/9+R/L/8f+P+cv5/5/9vt335/41J/r+7jZL/d/5/+f+NOH7n/5f/Z6Vhy//Hvv8XQ006Nn7f/88+HiYAAAAwRGLf/4FQk4r8/h8AAACqIPb9h0NN9P8AAABQGrHvPxJqUpH+X/6/Nf8fz6gq/y//L/8v/y//vxENLv//8puyTP5f/l/+X/5f/l/+n7UYtvx/7PuPhppUpP8HAACAKoh9/y+Fmuj/AQAAoDRi338s1ET/DwAAAKUR+/65UJOK9P/XMf8/Ppz5f+f/v9r8/4/l//M8fX3myP/L/7cj/78+nP+/O/n/HsJh7sfjWSb/L/8v/y//z9oNW/4/9v3zoSYV6f8BAACgxNKPg2PffzzURP8PAAAApRH7/hOhJvp/AAAAKI3Y938w1KQi/b/z/8v/O///9Tj//1jT8vL/Bfl/+f9BkP/vTv6/B+f/l/+X/5f/Z6CGLf8f+/6FUJOK9P8AAABQBbHv/1Coif4fAAD4P/bu48muM63j+JGQ1OoVLqrYsGINGy9hQZk/gS07qliCiSYHyeQMJudgTM45g8nZ5JxMxqQJnuiZGk2p+3meVve9fU63+vS957zv57N5xhqZvvK0jX+Y77xAM3L3f0TcYv8DAABAM3L3f2Tc0sn+1//r/3vv/28Mw/3d9/+nf77+/5j+/wL9/239/xT9/zj9/wT9v/5f/6//Z1ZL6/9z9z8dt3Sy/wEAAKAHufs/Km6x/wEAAKAZufs/Om6x/wEAAKAZufs/Jm7pZP/r//X/2/r/mx31/8Ne3v8//fP1/8f0/97/n8NGf39r+887Lwo/t/9/8gOe+TD9v/5/nv7/oH5b/z+rfX9+/b/+n01L6/9z939s3NLJ/gcAAIAe5O7/uLjF/gcAAIBm5O7/+LjF/gcAAIBm5O5/Jm7pZP/30f9vxp9H/f/dk8+R9P/9vf8/XL3/f6Kp/v9F/b/+f928/z9O/z/B+//6f/2//p9ZLa3/z93/CXFLJ/sfAAAAepC7/xPjFvsfAAAAmpG7/5PiFvsfAAAAmpG7/5Pjlk72fx/9/ybv/zfc/99s9f3/O97/P/Pr0f/r/7fR/4/T/09YU///4N4y+/8P0v/r//X/nFha/5+7/1Pilk72PwAAAPQgd/+nxi32PwAAADQjd/+nxS32PwAAADQjd/+nxy2d7H/9v/5/X/1//tnWwPv/O+r/d/T+v/5f/79yzw8nf03Q/2/S/0+Y6P+HYUH9/5rf/9/+y1vP5z+H/l//z6al9f+5+z8jbvngYbjzuL9IAAAAYFFy939m3NLJP/8HAACAHuTuvxe32P8AAADQjNz99+OWTva//l//39z7//p//b/+v2ve/x939f7//Z54+sPX2f9fqOtc0/v/a+7/r8m+P//8/f/D7wz9P+u2tP4/d/+zcUsn+x8AAAB6kLv/s+IW+x8AAACakbv/s+MW+x8AAACakbv/c+KWTva//r+1/v89Tv1+j/T/R7WL/n+s/39S/3/m5+n/F9P/Hwz6/wvT/4/z/v+Eo7/MHdZv6v/1/52////whx/p/8f/WzT0/2yztP4/d//nxi2d7H8AAADoQe7+z4tb7H8AAABoRu7+z49b7H8AAABoRu7+L4hbOtn/u+n/twf5+n/v/y+r//f+v/5/sf2/9/8vod/+//BCP0v/P6GV9/8f8781Yt/9/FXt+/M32P97/58rW1r/n7v/C+OWTvY/AAAA9CB3/xfFLfY/AAAANCN3/xfHLfY/AAAANCN3/5fELZ3sf+//6//X0f/nV9D/6/+vv/9P+v91mr//P/4OWX7/fzH6/wmt9P+Pad/9/No/v/5f/8+mpfX/ufu/NG7pZP8DAABAD3L3f1ncYv8DAABAM3L3f3ncYv8DAABAM3L3f0Xc0sn+1//r/9fR/3v/X//v/X/9/8X0+/7/xej/J+j/9f/6f/0/s1pa/5+7/7m4pZP9DwAAAD3I3f+VcYv9DwAAAM3I3f9VcYv9DwAAAM3I3f/VcUsn+1//r//X/+v/9f/bv77+f530/+P0/xP0//p//b/+n1ktqP9/5Pe6O3xN3NLJ/gcAAIAe5O7/2rjF/gcAAIBm5O7/urjF/gcAAIBm5O7/+rilk/2v/19M/3+U87XV/x8Ow6D/Hzrt/w8f+c+zvi/1//r/HdhV/x9Zegf9/ysvHH/nHtP/6//H6P/1//p/zlpQ/3/027n7vyFu6WT/AwAAQA9y939j3GL/AwAAQDNy939T3GL/AwAAQDNy939z3NLJ/tf/L6b/P9JW/+/9/7PfHz31/97/36T/3w3v/4/z/v+Envv/O/vv569q359f/6//Z9PS+v/c/d8SN925/di/RAAAAGBhcvd/a9zSyT//BwAAgB7k7v+2uMX+BwAAgJV6buNHcvd/e9zSyf7X/8/b/9955Mf0//r/s98f+n/9v/7/+un/x+n/J/Tc/y+gn1/759f/6//ZNHv///6nf/Cy/X/u/u+IWzrZ/wAAANCD3P3Pxy32PwAAADQjd/93xi32PwAAADQjd/8LcUsn+1//7/1//b/+X/+//evr/9dJ/z9O/z+hqf7/1qV+6cOZfv59DodB/7/z/v/g5F/q/1mDs3/XtukS/f+DBw/uTff/p/929NL9f+7+74pbOtn/AAAA0IPc/d8dt9j/AAAA0Izc/d8Tt9j/AAAA0Izc/d8bt3Sy//X/nfb/+a2+rv7//jDo//X/+n/9/zj9/zj9/4Sm+v/L23c/v/bP7/1//T+bZn///4r9f+7+74tbOtn/AAAA0IPc/d8ft9j/AAAA0Izc/T8Qt9j/AAAA0Izc/T8Yt3Sy//X/nfb/3v/X/+v/d93/vzbo/3diFf3/4flff+n9/7OL7f8P9P8z2Hc/v7rP/yEfeOo39f/6fzYtrf/P3f9DcUsn+x8AAAB6kLv/h+MW+x8AAACakbv/R+IW+x8AAACakbv/R+OmW53sf/2//l//r//X/2//+jt+///OMAz6/xmsov8fsfT+f573/8/+WX7C+//6/zV/fv2//p9NS+v/c/f/WNzSyf4HAACAHuTu//G4xf4HAACAZuTu/4m4xf4HAACAZuTu/8m4pZP9r//X/+v/5+v/b5zz/aD/j++HffX/z66i//f+/0yu1t8f6P/Ttfb/59P/6//X/Pn1//p/Lm5f/X/u/p+KWzrZ/wAAANCD3P0/HbfY/wAAANCM3P0/E7fY/wAAANCM3P0/G7d0sv/1//r/y/T/+Tn1/229/3+wuP7/7qn/eZ28/6//n4n3/8fp/yfo//X/+v/n9P/MaWnv/+fu/7m4pZP9DwAAAD3I3f/zcev/dGv/AwAAQDNy9/9C3GL/AwAAQDNy9/9i3NLJ/tf/6/+9/6//b/79f/1/V/T/4/T/E/T/19DPP/zU+v8V9f/e/2dWS+v/c/f/UtzSyf4HAACAHuTu/+W4xf4HAACAZuTu/5W4xf4HAACAZuTufzFu6WT/6//1//r/Bfb/73X87+v/j+2i/7+p/2+G/n/cbvr/Q/2//r/6+RvxZ4H+X/8/9fvTpqX1/7n7fzVu6WT/AwAAQA9y9/9a3GL/AwAAQDNy9/963GL/AwAAwCrd2vJjuft/I27pZP/r//X/+v8F9v9B/3/M+//6/8vYS/+f3xT6f+//h376//c99VtX7ed3/fnP/u8v/b/+n/ktrf/P3f+bcUsn+x8AAAB6kLv/t+IW+x8AAACakbv/t+MW+x8AAACakbv/d+KWTva//n8d/X9+Z+r/9f/6f/2//n+c9//H6f8n6P/3+n7+2j+//l//z6al9f+5+383bulk/wMAAEAPcvf/Xtxi/wMAAEAzcvf/ftxi/wMAAEAzjnZ/xmUd7n/9/zr6f+//6//1//p//f/F6P/H6f8n6P/1//p//T+zWlr//wdHv9fd4Q/jlk72PwAAAPQgd/9LcYv9DwAAAIt0/v+rwPly9/9R3GL/AwAAQDNy9/9x3NLJ/tf/6//X0f8/ePDgnv5f/3/613PS/7+s/6fo/8fp/yfo//X/+n/9P7NaWv+fu/9P4pZO9j8AAAD0IHf/n8Yt9j8AAAA0I3f/n8Ut9j8AAAA0I3f/n8ctnex//f8C+v+7+n/v/+v/B+//6/9nov8fp/+f0GL/f/fiv/x99/NXte/Pr//X/7PpdP//3vXj++r/c/f/RdzSyf4HAACAHuTu/8u4xf4HAACAZuTu/6u4xf4HAACAZuTu/+u4pZP9r//fXf//8I9dL+//Hw7bP7/+X/+v/9f/Xzf9/zj9/4QW+/9L2Hc/v/bPr//X/7PpQu//3z758evu/3P3/03ccnr43b7MrxEAAABYltz9fxu3dPLP/wEAAKAHufv/Lm6x/wEAAKAZufv/Pm7pZP/r/xfw/n+D/b/3/7d/f+j/F93/39T/t0H/P07/P0H/r//X/8/U/+d3s/6/dxfq/x/5+7vr7v9z9/9D3NLJ/gcAAIAe5O7/x7jF/gcAAIBm5O7/p7jF/gcAAIBm5O5/OW55ZP9va7tbof/X/+v/9f/6/+1fX/+/Tvr/cRft/w+Gq/X/Sf+v/9f/99r/e/+fY0vr/3P3/3Pc4p//AwAAwOrcPufHc/f/S9xi/wMAAEAzcvf/a9xi/wMAAEAzcvf/W9zy6s19faSd0v/r/1vt/+/o/8/9+vp//X/L9P/jvP8/Qf8/Rz//lP6/jf5/GPT/XMI5f7VdWv+fu//f4xb//B8AAACakbv/P+IW+x8AAADW5KWxfzN3/3/GLfY/AAAANCN3/3/FLZ3s/xvDcF//f0L/f+n+/yjNXGL/7/3/87++/l//3zL9/zj9/wT9v/f/9f/e/2dWS+v/c/e/Erd0sv8BAACgB7n7/ztusf8BAACgGbn7/ydusf8BAACgGbn7/zdu6WT/7+39//hDfdz/P7X5ua6h/3/Xiyf/Wv/f/vv/+v/zv77+X//fMv3/uMv1/3fr7wzyh/X/+v8x+n/9v/6fs5bW/+fu/7+4pZP9DwAAAD3I3f//cYv9DwAAAM3I3f+6uMX+BwAAgGbk7n993NLJ/t9b/9/M+//HgYr+//Tn1/+fpv+P7wf9v/5/B/T/47z/v139B6X/1//r//X/zGpp/X/u/jfELZ3sfwAAAOhB7v43xi32PwAAADQjd/+rcYv9DwAAAM3I3f+muKWT/a//9/6//l//r//f/vX1/+uk/x+3z/7/Q99z+st6/3/v/X9+BP2//l//zyyW1v/n7n9z3NLJ/gcAAIAe5O5/S9xi/wMAAEAzcve/NW6x/wEAAKAZufvfFrd0sv8n+v+D+olX6P+3tfGD/l//r//X/+v/64+q/n8++v9x3v+foP/3/r/+f47+/96g/ycsrf/P3f/2uKWT/Q8AAAA9yN3/Wtxi/wMAAEAzcve/I26x/wEAAKAZufvfGbd0sv+9/7+m/v8p/b/+X/+v/9f/T9D/j9P/T9D/6//1/97/Z1ZL6/9z9787AAD//7xJOzA=")
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x20, 0x0)
symlink(&(0x7f0000001640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', &(0x7f0000000e40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000240)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x2b1245d, 0x0, 0xfc, 0x0, &(0x7f00000000c0))

5.081309026s ago: executing program 3 (id=1525):
r0 = syz_open_dev$media(&(0x7f0000001a80), 0x3, 0x0)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0xa4242, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x13, r1, 0x8b6f3000)
ioctl$MEDIA_IOC_ENUM_LINKS(r0, 0xc0287c02, &(0x7f00000002c0)={0x80000000, 0x0, &(0x7f0000002c40)})

4.886344969s ago: executing program 3 (id=1529):
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000340)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@allow_other}]}})
listxattr(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)

4.344627618s ago: executing program 2 (id=1533):
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000080)={0xffffffff, "5e5c3446aa0ecd604c893eba3198600b1891109654fe9676d14574be70b6225c", <r1=>0xffffffffffffffff})
ioctl$SYNC_IOC_FILE_INFO(r1, 0xc0383e04, &(0x7f0000000140)={""/32, 0x0, 0x0, 0x51, 0x0, 0xffffffffffffffff})

4.028408561s ago: executing program 2 (id=1535):
syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000005140)='./file0\x00', 0x0, &(0x7f0000005180), 0x11, 0x5109, &(0x7f000000f400)="$eJzs3U+IVVUcB/Dz5o8zKcw8QcighS3chhQtVIYeYZCL9KUQtDAnF0EIMtguwWxEEIwaCaSsQAuG3MgDIUGYEBe1CTRJEFqY4KaVQrtaFO/de968d67vvueojennEzP3nvu759zzHncx35fnvgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhhDVv194vq09tvHJh4eyWg7MHGsdvzh89EkKldbyS13e/8tqOd3fufn08dph+I9tWq72GzLr+njVWdB1s9uv+eSeEMJoMMJxvXx0ujNq5u784YKlrx/adnj25fdPCmvVTl3bNnyu+dJrGl3sCyyW/r24t3ku11u+h5Ix2u+PWq3Tdoln/9Ib7T14EAHBPNtRbm/afo/mfuO32obSetGtJey5px78Q5jobS5GNu6LXPNel9WWaZy2LCmM955nU8/e/3a6n/ZN2EjXuYZ7dp+aRZrzXPGeS+nLNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBRcqb2wday+tTGKxcWzm45OHugcfzm/NEjIVRbxytZufL07RMjY9e3/fDRja9PvrT66t/Deb+4Hek4OVyPOxsnQ9jTUbkVh/1jIoR6d6HVDF8UC++1drbGAgAAAI+TZ1q/h9rtLA6OdrUrrTRZaf0XZWHx2rF9p2dPbt+0sGb91KVd8+eWPl69x3i1u47XblcXfyodwTjG33S8xXo8dX9hnHLpiGmeP//Ltq/K+hfyf7U8/8d3Tv4HAADgfsj/6Tjl+uX/PZufnSnrX8j/67ouWcj/ccYx/w+FpeV/AAAAeJQ97PxfK4xTrl/+f/Hwm9+X9S/k/w2D5f+RzmnHgz/HCe+dDGFDv6kDAAAAPcT/77740ULM69knB2lev/rNU7+WjVfI/7XB8v/oA31VAAAAwP3YXr3xfFm9kP/rg+X/sYc6awAAAOBefF75ZLasXsj/04Pl/5X5Nl/5kHX6Mf4rhM8mQxhv7sxkhZ/C3MvtAgAAAPCAxJz+6cffXi47r5D/Z8qf/x+fdBDX/3c9/6+w/r+jkD31b7MHAwAAAPAkKq7nj4/Hz765oNf37w+6/n/i5u3vyq5fyP+HBsv/w53bB/n9fwAAALAE/7fv/3urME65fs///2von4tl/Qv5f26w/B+3qzpf3sX4/hyeDGFtcyd/muCZeLm9SaEx2lFoqSc9dsYeeaEx1lFomUl6vDAZwnPNnUNJYXUszCWFOxN54VRSuBwL+f3QLpxNChfjnXZiIp9uWjgfC/kCi0ZcQbGqvSQi6fFnrx7Nwl17/Na+OAAAwBMlhuc8y452N0MaZRuVfies7HfCUL8ThvudMJKckJ7Y63iY7i7E4x/uOP1lKFHI/6cGy//xrViRbXqt/w9x/X/+vYbt9f/TsVBNCo1YqKdPDKjHa2Rh91i8RrWe97iztl0AAACAx1r8XGB4mecBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/7J3rzFyXfUBwM8+Z3e93l0TpASKYAElIZW8Xm+wpZAgbKAEgQSbynyoUISNvUk33iTGDwmHh9YOQaAUNSkpCShQuxUUf0lWVIhHgVioGFVN1SiVkNOURwgUIUFNSJSKOpGrmXvP7J1zdx6Odx1v+vtJ3jkz//O8c2c85947ZwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP8fjt3xhotaxd981SPf/u4Db//44Y8s3P3EVz51RwjTtce7snDXxac+11s5+Z7vHfrpF7+wad2jp/vzcnk8rKn+6c7vfCLW+ou1IXyjK4TeNLB+OAv05feHY32vGg5hXVgM1EvMDGUl0obDDwZDOBIWA/WqvjUYwnAhsO3R7z/0mWrinsEQLg0hVNI2flzJ2hhMA5f1Z4GhNHBrbxb4nzOZeuCb3VkAzll8MdR3+oXpxgxjS5drsv/1LVvHXlzp8HpiYqx5vt9uXeFOFfSnD0yf09NWqo4VUXp5HPdqWwWvttJ2vsvTVvwglX9CObMYqoTuXTM37Dgwtz8+0h0mJnqa1bRCz/NjT31059mkV81+GDswtiz74b2f//nHvvTktfff98l3XP/gM78fP9dunixs0mJ6pVVCvs+tmucx2uL9ZBW8/EqfksbbPm21Ii/xD12f/tnf/kmreGn+P9Z6/h9353jb3ZA71np6JJubx0eGY+LUSDY3BwAAgFVjNRw1nf/K1VOt6ivN/8c7O/8fT/nnk/lstMdD2FJL3D4awiW1x7PAsdjcB0dDeG0tNd0Y2JoEjofwilriinpVSYmBWGI8CfxqJA9sSQInYmA6CXw5Bu5KAp+IgYUksDMGjieBt8ZAmG0cxx+P5OPoODAYA9uzjbgQr0J4eiS2lmyrx+tVAQAALJN8dtjXeLdwrcO5ZojTy4XBdhniFdhNM1SSGtIZbH1a1bSG3nY1dLeroT7u+dbDL9Xc1a7m0mUYXY0Z9n70d38WWijN/ydbz/8rS3Skq3T+P4Tran9j7u48MlePb59uyAAAAACcgzVbb9nWKl6a/2/p7Pr/eEykp5A5PBwPQ+weDWGyMZBVe3U5kJ31XpMHAAAAYDWon4+vnwufzW+zS7TT+XQ5//RZ5o8n/rcsmf/X73zTTa36W5r/T3d2/f9Q423WiROxF58dDWGgEPhh7GU1UDMeAz97S2MgH/+JuAHujFXlFybUq7ozltgeA5NJ4EizEo/US1zSGMifrHrjt9fHMZuXKAQAAADgvIuHA+J5+Xj9/2MHTr6tVbnS/H/72V3/X5sHly7vn1sTwobeEHrSLwY8PJQtDBgDw1154rtDWV09aVWHhkK4pjqwtKon8vX/e9M1Bh8dzKqKgUte99WnLqsm/m4whA3FwI/ef3RTNbE/CdQbf99gCK+pjjZt/OsDWeN9aeP3DoTw6kKgXtUHB0KoNtafVvX9Sv47BmlVD1ZCuKgQqFe1uRLCwQDAKhX/K91VfHDfwdt275ibm9m7gol4DH8w3DA7NzOx89a5XZUmfdqV9LlhGaND5TE1XQ4p8Xi+RNGx564a6SRd/57gZLEv+XH80oWD+f34WaivNs6pvoa7V6ZDfsPry02EwiepF2vIQ8VKFp/EUv0xf39YEwYO7JvZO/HhHfv3792Y/e00+1T2Nw4q21Yb0201tFTfLoDd4/JiJRv237xnw76Dt62fvXnHjTM3ztwyNfnGTZs3TU1u3ryhOqrJ7G+boV6+VNXJUM8cPf9DfWVvoZLz8a4hISGx2hLztx9d0+rtpzT/39N6/h/fdeI7f74+Q7Pz/2PxNH/2+OJp/u0xcKTT8/9jzc7m1y8MGE8C8zEw7zQ/AAAALw3xcGQ87BiPWvcfvfI3rcqV5v/znX3/f5nW/68vXf+uZsv8XxFLTDZb/z9d5r++/v98s/X/02X+6+v/H3kR1v8/UA8km+Rp6/8DAAAvBedv/f+2y/unPxBQytB2ef/0BwJKGdou49/pDwSc9fr/Uzf99BehhdL8/67O5v8W7gcAAIALx93/9NRrWsVL8/8jnc3/z//6f6HZ9f/jzQLTzRYGtP4fAAAAq1Sz9f/OjP7F+1qVK83/Fzqb/8fLLrobcsdaT49ka9qFdE27UyP1rwwAAADA6tAdJib6OszbsDLq1hfe5mP5UqCt0kU/vPq/bmxVX2n+f7yz+X/D9zLu/fzPP/alJ6+9//R9n3zH9Q8+8/vxxfP/AAAAwMrp9LgEAAAAAAAAAAAAAADw4jvwgX891Spe+v5/uK72eLPv/8ff/YvfL3h5Q+5Ya/v1//L72979wMHakoUPj4Tw+mJg9+Hd60L+2/yXFwMPXX/FxdXE4bTEd37y1l9WEx9IA+9c/7Jnq4lrksD2uEjiK9JA/FXFZ9cmgbi84r+ngbg9FtJAfx749NpsHF3ptvr1cLatutJt9R/DIYwWAvVt9Y3hrI2udID3JIH6AD+UBuIA35MHutNePbAm61UMDMeif7Mm6xUAABes+CmwL9wwOzczGT/Cx9tX9jbeRg1Llh0qV9vTYfOP50uTHXvuqpFO0j3pZ9HF3xrvC5XqEDaWPq4Ws3TVRrk8tbTZdC9vMuR2q72t1Kbrbz6iwWxEEztvndvV13bgV7bPMtXbNsvG0mSnmKW7tkk7qKWDvnQwog63TQddjve7w8RET5LrTTE4Fhq02yM6/b5+cZ2/ZntBMc+hub7nW9VXmv+PdTb/rxTH9Wz+YwDz8Zf1/nLUMv8AAACwsj699Q/3xX/fGX3vf7bKW5r/j3c2/48HxvJTwdnRjuPx9/9vHw2h9tP6Y1ngWGzug6MhvLaWmo4lsh/Uf1csMZkFjsUDJlfEEtunG6saiIGFJPCrkTxwPAmciIH8KMVXQ34o5+6REDbVUtc1ltgTS4wlgffGwHgSmIiBySSwNga2JIHfrM0D00ngX2IgzDZuq39Ym28rAACAs5HPs/oa74Z0nrfQ2y5DV7sMQ+0ydLfLUGmXodko4v2vxQx9xfPxeYb4UF9a62BSSylD/DH8s+5XKUN4pDFnWrDUdP1KkrHGnDHDtoXDa0MLpfn/ZGfz/6HG26z1E3H+v/j7f1ngh7F7n42Xjo/HwM/e0hjIDwyciJPdO+tVTecl8kn7nbHElhgYTwJ7YmBLEth+XR44cnFjIJ9p1xu/vd74bF6iEAAAAIDzLh4giIdp4vz/vwee/+tW5Urz/y2dzf9je2uKjX0i1vqLtSF8o2uxN/XA+uEsEI9jDMevx79qOIR1hQMc9RIzQ1mJ/qTh8IPB7Bvq/WlV3xrMvnwQ72979PsPfaaauGcwhEsLR1/qbfy4krUxmAYu688CQ2ng1t4sEI/81APf7M4CcM7qRwXjDpVf6lI3tnS5JvvfS+U3QdPhlY6BLpFvqe9crZRK+kB+TLXu7J62UnWsjHT7H/dqWw2vtufz/4Pr/fJqK36QOpNsnuoQu3fN3LDjwNz++Ejxm6wlK/Q8F7+l2kl6GfbD+Rfe26i7aaSSdmAyefuYXLrc0vthV6zu3s///GNfevLa++/75Duuf/CZ34+362C7/Td+UfiWm/535GRh8660Ssj3uQv+/SR9YNr7yWr4byB9YNzTFkK4Y+GSp1vFS/P/6c7m/73Jbc0f4sbcNxrCGwob9+G4+d82mr0PFgLZu+RF5UB2yv3JkabvnAAAALDc6oc76scLZvPb7ILwdJ5czj99lvnj8YotS+bvtN8fufTSf2wVL83/t7ee/w8k3XT+3/l/Vojz/0u60A9FD6QPzJ/ToehSdayI0svD+f+wCl5tpTM1zv8H5/+X7N8ynP9vzvn/lpz/X90u9Ket9Clpjw9dIYTBr1/9SKt4af6/p7P5v/X/ll60r77+3/Zm6//tabb+37z1/wAAgBXVZKG5dJ5XWr2vlCFdva+Uoe0CgW2XGLT+31mv/zf0V+//XWihNP+f72z+H3eHNcXWV8v6f+PXNanqrhjYY2FAAAAALkTNDhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw4vrVyaG3t4q/+apHvv3dB97+8cMfWbj7ia986o4QZmuPd2XhrotPfa63cvI93zv00y9+YdO6R09X8nJ9+e0fNeSOtZ4eCeFI4ZHhmDg1Ur2zGNj27gcO9lYTD4+E8PpiYPfh3euqiS+PhHB5MfDQ9VdcXE0cTkt85ydv/WU18YE08M71L3u2mrgmD3Sl3b1/bdbdrrS7n1kbwmghUO/uTWsbq6q3cW0e6E7b+PvhrI0YGI5F7xvO2oiBuVhidiCEDb0h9KRV/XMlq6onrerblayqnrSqj1dCuCaE0JtW9ZP+rKredOT/1p9VFQOXvO6rT11WTRzpD2FDMfCj9x/dVE18KAnUG//T/hBeU91l0sa/1pc13pc2fk9fCK8OIfSnJZ7pzUr0pyWe6A3hokKg3vif94ZwMPCSEN98dhUf3Hfwtt075uZm9q5goj9vazDcMDs3M7Hz1rldlaRPzXQV0mcOlePdHY798ac+urN6e+y5q0Y6Sffm5fpqXZ7qa7h75XL1vmuFeh/7NVSsZPH5KNUf8/eHNWHgwL6ZvRMf3rF//96N2d9Os09lf3vyaLatNi7XturUC91Wlxcr2bD/5j0b9h28bf3szTtunLlx5papyTdu2rxpanLz5g3VUU1mf5djqEfL8Z4VHuorewuVnI83AAkJidWW6G54d5u80P/LLn3QX+xoX6jU3qBL04pilq7aKJdj0Ftbx89y0NUeNf+c0nZEG0sTh1KWqfZZrixNJhazDGZZap/rSpPDYk3dtU0a73eHiYmm/9ONNd4tbr7fLrF5O/VYvuk6TQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwf+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwLAAAAAAgzN86jJ4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA///jqU04")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x40441, 0x106)
copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f00000000c0)=0xf000, 0x863, 0x0)
ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000540)=ANY=[@ANYBLOB="f8ffffff00000000eaff"])

3.884649165s ago: executing program 3 (id=1536):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000106a05310300000000000109022400010000800009040002010300010009210000000122f80409058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, &(0x7f00000005c0)={0x44, &(0x7f00000002c0)={0x60, 0x1, 0x33, "6155eddc60887a156e164605c83840d2161617ada36952d6aba68e192f68ae4695ed521b9c68d71e289cadc4aaa4147c842a6a"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, &(0x7f0000000140)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220508"], 0x0}, 0x0)

2.785299667s ago: executing program 2 (id=1542):
sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000005fc0)={&(0x7f0000000000)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16, @ANYBLOB="01002dbd0600ffdbdb252100000020000300", @ANYBLOB="0600eb00000800"], 0x44}}, 0x28000)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000180)={0x0, 0x0, 0x0, 'queue0\x00'})
write$sndseq(r0, &(0x7f0000000000)=[{0x22, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32={[0x0, 0x0, 0x95ffffff]}}], 0xffc8)

2.264757364s ago: executing program 2 (id=1546):
syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000000040)='./file1\x00', 0x800810, &(0x7f0000000140)={[{@nossd_spread}, {@nodatasum}, {@compress_force}, {@compress_algo={'compress', 0x3d, 'lzo'}}, {@flushoncommit}, {@autodefrag}, {@max_inline={'max_inline', 0x3d, [0x30, 0x37, 0x65]}}, {@nodiscard}]}, 0xfb, 0x510a, &(0x7f000000d000)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTtRq2fvz3mQI6xdW8rsJfhMPtyspzI8VCh2tpMe22CMvzI8XCh1zSY/NkyE8uLCyPyn8PxbaSeHK2rxwJCmcjoX8fOgWjiWFE/FM+3xtPt208H0s5BdYzMcrKNZ0L4lIelzt12OhcMMeZ7sHBwAAuKfE8Jxn2bHeZkij7Hxt0A6rB+0wMmiH+qAdRpMd0h37bQ+zvYW4vX1m49Ke/39kuPwf34pV2aLf9f8hXv+fP9ewe/3/bCw0ksJ8LLTSOwa04jGysPtxPEajlfe4sr5bAAAAgLta/F6gvsLzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5h795j5Lrqw4Gf2dd4H97dBH4i5IfAQB3jgtdrOzzUpmKdpioKpaxLSlQhio29Dos32NhOwREgxwalKIKmJRL80SiOEKrzR1KLBAWaRHEjYRQ1D5SqEUmUiLROEFFoGkChEIlUs/ee2Tvn7jw23nW84fORvHNmvud55+E59945FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfjcc/9Jn/rZV/N7fXvToE5dOfPLQ5kuf/fxFZz8YwuTs45UsXBm4+vqJn9984S2H7th4w20nL357X14uj4fB2p+u/M4XY60nV4ZweyWEnjSwbigL9Ob3h2J9bxgK4awwF6iXmBrISqQNh+/3h3AkzAXqVX2vP4ShQuCSh+65+yu1xHX9IawOIVTTNh6vZm30p4Hz+rLAQBrY3ZMFfvVSph74blcWgFMW3wz1F/2xycYMo/OXa/L66120jr2y0uF1x8Ro83w/27zEnSroSx+YPKWnrVQdS6L09jju3bYM3m2l7Xytp634RSr/hvLSXKgaunZM7dx2xcz++EhXGBvrblbTEj3Pjzz/ue0LSS+b12HswOiivA6/+sDqm7vXfuD+29atfvroOw4/c6rd/FFhkxbTS60a8tfcsnkeowmfJ8vg7Vf6lrTKl64Qws5P/N4HW8VL8//R1vP/+HKOt10NuWOtLw5nc/P4yFBMPDeczc1b6VnoGAEAAGDxdRVSZ/5e091jd72nUHykmtRXmv+v6uz4f9wK+WQ+G+3xECZmE4dHQjhn9vEscFNs7uMjIbx5NjXZGNicBI6H8PrZxNp6VUmJFbHEqiTwk+E8MJEETsTAZBL4VgxcmwS+GAPHksD2GDieBC6MgTDdOI7fH87H0XGgPwa2ZhvxWDwL4RfDsbVkWz1WrwoAAGCR5LPD3sa7hXMdTjVDnF4e62+XIZ6B3TRDNakhncHWp1VNa+hpV0NXuxrq4z7Yevilmivtai6dhlFpzHD9L//mQ6GF0vx/vPX8vzpPRyql4/8hbJn9G3N35ZGZenzrZEMGAAAA4BQM/u+T32wVL83/Jzo7/z/uE+kuZA73xd0Qu0ZCGG8MZNX+YTmQHfUezAMAAACwHNSPx9ePhU/nt9kp2ul8upx/coH544H/iXnz9x2/c2ur/pbm/5Odnf8/0HibdeJE7MXXRkJYUQj8IPayFpi1KgZ+/N7GQD7+E3EDXBOryk9MqFd1TSyxNQbGk8CRZiV+WC9xTmMgf7LqjR+uj2M6L1EIAAAAwGkXdwfE4/Lx/P+3/GbjZ1qVK83/ty7s/P/ZeXDp9P6ZwRDW94TQnf4w4L6BbGHAGBiq5Im7BrK6utOqrhoI4YLawNKqnszX/+9J1xh8qD+rKgbOecvR58+rJb7ZH8L6YuDhj9z4zlpifxKoN/6X/SG8qTbatPHvrMga700b//qKEN5YCNSr+viKEGqN9aVV3VPNr2OQVvXP1RBeUwjUq3pXNYQDAYBlKv5XuqP44L4DV+7aNjMztXcJE3Effn/YOT0zNbZ998yOapM+7Uj63LCM0VXlMXV65ZvH8iWKPnzrlqFO0vXfCY4X28r345dOHMzvx+9CvbPj3NjbcHdTOuS3vbXcRGhY72n+IXct8ZAHipXMPYml+mP+vjAYVlyxb2rv2Ge37d+/d0P2t9PsG7O/8TBTtq02pNtqYL6+dfDyaLpaVuLlbqs1xUrW7798z/p9B65cN335tsumLpv61IZ3bRw/f3zT+LvPX18b1Xj2t81Q18xXdTLUl27scFyLONRzi8tkn45PDQkJieWW2D24puX/yaX5/57W8//4qRM/+fP1GZod/x+Nh/mzx+cO82+NgSOdHv8fbXY0v35iwKokcDAGDjrMDwAAwKtDnOTHvZlxr/RP137n6VblSvP/g539/n+R1v+vL11/cbNl/tfGEuPN1v9Pl/mvr/9/sNn6/+ky//X1/4+8Auv/X1EPJJvkF9b/BwAAXg1O3/r/bZf3Ty8QUMrQdnn/9AIBpQxtl/Hv9AIBC17///H//Kv/Di2U5v/Xdjb/t3A/AAAAnDm+8Gef+X+t4qX5/5HO5v+nf/2/0Oz8/1XNApPNFga0/h8AAADLVLP1/0avHvhYq3Kl+f+xzub/8bSLrobcsdYXh7M17UK6pt1zw/WfDAAAAMDy0BXGxno7zNuwMurml9/mI/lSoK3SRU/+ycmFnf9/vLP5f8PvMr76wOqbu9d+4P4Xb1u3+umj7zj8zNzxfwAAAGDpdLpfAgAAAAAAAAAAAAAAeOU9+R+HNrWKl37/H7bMPt7s9//xun/x9wWvbcgda22//l9+/5L333JgdsnC+4ZDeGsxsOvQrrNCfm3+NcXA3R9d+7pa4lBa4s4nLnyqlvhYGnjfurNfqCUuSAJb4yKJr08D8aqKL6xMAnF5xX9PA3F7HEsDfXngyyuzcVTSbfXToWxbVdJt9ehQCCOFQH1b3T6UtVFJB3hdEqgP8NNpIA7wz/NAV9qrWwazXsXAUCx6w2DWKwAAzljxW2Bv2Dk9MzUev8LH23N7Gm+jhiXLripXW+mw+cfypck+fOuWoU7S3el30blrjfeGam0IG0pfV4tZKrOjXJxa2my61zYZcrvV3rqalEstdNP1NR9Rfzaise27Z3b0th34pvZZNva0zbKhNNkpZuma3aQd1NJBXzoYUYfbpoMux/tdYWysO8n1BzE4Ghq0e0V0+nv94jp/zV4FxTyfOnn4V63qK83/Rzub/1eL43ohvxjAwXhlvb8bscw/AAAALK0vb/71N+K/D11978Ot8pbm/6s6m//HPVj5oeBsb8fxeP3/wyMhzF5afzQL3BSb+/hICG+eTU3GEtkF9S+OJcazwE1xh8naWGLrZGNVK2LgWBL4yXAeOJ4ETsRAvpfiaMh35fz9cAjvnE1taSyxJ5YYTQIfjIFVSWAsBsaTwMoYmEgCz67MA5NJ4N9iIEw3bqtbV+bbCgAAYCHyeVZv492QzvOO9bTLUGmXYaBdhq52GartMjQbRbz/7ZihNzl5pVLI1JvW2p/UUsoQL4a/4H6VMoQfNuZMC5aajucf1M83qDRmuOM9PdXQQmn+P97Z/H+g8TZr/USc/89d/y8L/CB272vx1PFVMfDj9zYG8h0DJ+Jk95p6VZN5iXzSfk0sMREDq5LAnhiYSAJbt+SBI69rDOQz7Xrjh+uNT+clCgEAAAA47eIOgribJs7/b9j3pcFW5Urz/4nO5v+xvcFiY1+MtZ5cGcLtlbne1APrhrJA3I8xFH8e/4ahEM4q7OCol5gayEr0JQ2H7/dnv1DvS6v6Xn/244N4/5KH7rn7K7XEdf0hrC7sfam38Xg1a6M/DZzXlwUG0sDuniwQ9/zUA9/tygJwyup7BeMLKj/VpW50/nJNXn+vlmuCpsMr7QOdJ998v7laKqUdrvk+1bqFPW0t99+yaEpvj+Pebcvx3Tbq3Vb8IpV/Q3lpLlQNXTumdm67YmZ/fKT4S9aSJXqei79S7SS9CK/Dgy+/t+1V0w6MJx8f4/OXm/91WInVffWB1Td3r/3A/betW/300XccfqbjbjQRfyh8z+f/dehHhc271Kohf80tu8+TSZ8ny+K/gYOFTs2dmV33u/m0bXn269e0ipfm/5Odzf97kttZv44bc99ICG8rbNz74ub/45Hsc7AQyD4lX1MOZIfc/2u46ScnAAAALLb6noX6/oLp/DY7ITydJ5fzTy4wf9xfMTFv/k77PfDXH13dKl6a/29tPf9fkXTT8X/H/1kijv/P60zfFb0ifeDgKe2KLlXHknD8f15n+rvN8f95Of7v+P98HP9vw/H/eZ3pT1vpW9IeX7pCCE//0V2PtoqX5v97Opv/W/9v/kX76uv/bW22/t+eZuv/HbT+HwAAsKSaLDSXzvNKq/eVMqSr95UytF0gsO0Sg9b/W/D6f0+d+/hvQgul+f/Bzub/8eUwWGx9uaz/t2pLk6qujYE9FgYEAADgTNRsBwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACvrDv+4X92tIrf+9uLHn3i0olPHtp86bOfv+jsB0OYnn28koUrA1dfP/Hzmy+85dAdG2+47eTFb6/m5Xrz2//fkDvW+uJwCEcKjwzFxHPDtTtzgUvef8uBnlrivuEQ3loM7Dq066xa4lvDIawpBu7+6NrX1RKH0hJ3PnHhU7XEx9LA+9ad/UItcUEeqKTd/ceVWXcraXe/sjKEkUKg3t1Prmysqt7Gn+aBrrSNfxrK2oiBoVj0G0NZGzEwE0tMrwhhfU8I3WlV91azqrrTqv6lmlXVnVb1hWoIF4QQetKqnujLqupJR/5gX1ZVDJzzlqPPn1dLHOkLYX0x8PBHbnxnLfHpJFBv/C/6QnhT7SWTNv7t3qzx3rTx63pDeGMIoS8t8cuerERfWuLJnhBeUwjUG/9ETwgHAq8K8cOn4RNt34Erd22bmZnau4SJvryt/rBzemZqbPvumR3VpE/NVArpl656+WN/7PnPba/dfvjWLUOdpHvycr2zXd7Y23B305ne+9ivgWIlc89Hqf6Yvy8MhhVX7JvaO/bZbfv3792Q/e00+8bsb3cezbbVhuWyrdYUK1m///I96/cduHLd9OXbLpu6bOpTG961cfz88U3j7z5/fW1U49nfxRjqjad/qOf2FCo5HR8AEhISyy3R1fDpNn6mf5CXvujPdbQ3VGc/oAvTir5SlsrsKBdj0JtP36BLU5LCiPoa+zbvdqlkX2/KWa5qzLKpNJmYq6U/yzL7va40OSw21jW7SeP9rjA21t1sO4w23i1u3p+dwuZ9JN90naYBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP6PHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhB44FAAAAAIT5W4fRswEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXAoAAP//PTUiXg==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x20)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0x40305829, &(0x7f0000000240)={0x17c04, 0xffffffffffffffff, 0x6c7e, 0x100000022, 0x1000000000000000, 0x44})
truncate(&(0x7f0000000000)='./file1\x00', 0x442dc)

1.832398496s ago: executing program 3 (id=1549):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x88c0, &(0x7f0000000600)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030332c726573765f6c6576656c3d30303030303030303030303030303030303030362c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c636f686572656e63793d66756c6c2c6e6f61636c2c004c98065b85e5b137d63b2211c62c402045083da9bddc3b0d88d44ecd24ba5288d428197284f332858b83349af2c7646f1e07e91120d7f23ce20389bbc031d81d654f1ca08f61c92d90e6ea478843c1ad942c7c25959ff5348dd038e947775991ad90f8861dada21d5fa2de7042b5e2cbbcd1ada2b568e375812eb0bc448e68eda4c70cf1d5adf566142ed45924fe72a1eb1a914faf754b9d94bf0fdc1f98c708bd89940b5ef96e328240c39559b35bc83c15c15104f3b3fe1945f0278c34e2399dadcd9776ac659afcbb239569140ab408ad87f15b353941"], 0x1, 0x442a, &(0x7f0000004480)="$eJzs3c9vVNUeAPBzb/seLQ94LY8FLzFxEkk0apqWlVoSSymUFioGhRg3w7QdoDrtkHZqXLCoOxJXJi6MC6KJu65IF27xT3DjEtckunBjQkKsmZk7be/tTDrWTivk80nonXt+z3znnjl3cTlxonJ7bik3t5QrLOTKMzeXTuc+KZeW54sh3icH3T/t6UScxP7gXDl34b3rp0P4Yfanx+vr6+uhqjs0NbTl9e+/3Z3ZemyIM3Wq7TZvba98GEI4sW1cVV0hhA++DyEKIZxN0kaTY28I4Vio512/+/mN3B6N5sGj4pn806l7a8OnJlfvr7V+71EIX5f+//qt+V9e6hr++dU96h4AAAAAAAAAAAAAAAAAgGfc+NUr194dHAoPo9C9Gm1/Xnc8ObZ6PnZ9z7zY1nifJKX/7vsGAAAAAAAAAAAAAAAAAACAf5LN5/9z0fEmz/+PJceRFvXX3+78GOmciXeujJ0fHEr2f4+25b+RJP16tiv0N9n3Pbv/+9lM/eb7v2/vZ7ca42v02xeieCB1HscDAyF8m2z8fjI6HJfKS5XXbpaXF2b3bBjPrHT867v3p6KTbOjfbvxHM+13fv///237NlXPb+zdV+y5lo5/V8ty330WtRX/c5l6+xF/di8d/+5aWu/WAiP1CaAa/y+6d47/WKb9TsX/WAghF1XHmkvNANU1TDW91XqFtHT8/1VLS02dyQfZ6vp/kon/+Uz7BzX/r2R/iGgqHf9/19J6UiU2r//+eOfr/0Km/YOIf3X8K37/25KO/6F6YneqSO2TbHf+H8+036n4X4uTcR6LUt+A1aie3ur/qyMtHf+ebfmb939xW+u/i5n6+3X/1+i3cf/XmP5fier3fzSXjn9vy3LtXv8TmXqdnv9Haus/disd/8O1tPTaua/2t934T2ba71T8a6uSnkb8N+eTPw7V07+x/mtLOv7/qSfGW0us1P7W1n/Rzuv/S5n2D2L9Vx3/StzZXp8X6fgfaVmuGv8f2/j9v5yp1/n4hzBorb9r6fgfbVmudv337Bz/qUy9Tsf/5U42DgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAMGE2OfSGKB1LncTwwEMK55PxkOBxNF2bz06XyzMdLIYwl6blwPLpVKk8XSvm5hfJsMV8olcozIZxP8k+EnmipVK7k5wt3Lmy01RvdLhYWK9PFQiWEMJ6kvxCONtqanqvMF+6EEC5u5P03Li/euV1YyM/OLb41ODg4GCY2xtAfFT+tFBcq9d7ruSFMbtTti7YMrpZ9aWMsR6KPysuLC4VSLf3yljql8kyhtKXOVJL3ZeiPKovLCzOFSjFfKt9q9HeQRpLj2MTV969eHtqWfyOqH0f3d1gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/EUPh9/8KoTQXT+LQwi5KHkRJf9SHjwqnsk/nbq3NnxqcvX+2uNmZQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiTHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzSP0oDQRQH4DdjoaXHsFp2O9sVRbRwRfAEegwPo0fxEt7BIkXaFCGQzELYP7BNUn1f82B+zLwH8wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACWe3zr3l/rJiLF1fYy4vfz7/84fy71+276/sUZZuR0nl66+4e6Kf+eRvltOVq1eZ9u1l8fMVF7P4M9Ge7TwbjP0Ny+zc3X972OlKuIaEt+k3KuqmVvAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOzYgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCwAAAAAI87eOom8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4FcAAAD//0OnJ0Q=")
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x2368810, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

1.259292851s ago: executing program 1 (id=1552):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000200)={0x38, r1, 0x101, 0x0, 0xfffffffc, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}]}, 0x38}, 0x1, 0x0, 0x0, 0x4010}, 0x0)

1.036514918s ago: executing program 1 (id=1553):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x6c, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x2c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2=0xe0000001}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x2}]}, 0x6c}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000c80)={0x78, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2, 0x0, 0x6}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2=0xe0000001}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x14, 0x6, 0x0, 0x1, [@CTA_NAT_V4_MINIP={0x8, 0x1, @multicast1}, @CTA_NAT_V4_MAXIP={0x8, 0x2, @multicast2}]}]}, 0x78}}, 0x0)

820.611274ms ago: executing program 1 (id=1555):
mknod(&(0x7f0000000040)='./file0\x00', 0x1000, 0x1)
r0 = open$dir(&(0x7f0000000180)='./file0\x00', 0x7e, 0x0)
fcntl$setstatus(r0, 0x4, 0x6400)
vmsplice(r0, &(0x7f0000000380)=[{&(0x7f0000000000)="9b", 0x1}], 0x1, 0x6)

672.454989ms ago: executing program 2 (id=1556):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000080)='./file2\x00', 0x400410, &(0x7f0000000280)={[{@nodiscard}, {@nocheckpoint_merge}, {@jqfmt_vfsv1}, {@nogc_merge}, {@flush_merge}, {@noinline_data}, {@acl}, {@disable_roll_forward}, {@compress_cache}, {}, {@noextent_cache}, {@grpjquota}, {@checkpoint_diasble}]}, 0x4, 0x550c, &(0x7f00000089c0)="$eJzs3M1rI2UYAPAn7Xa/XYt48LYDi9DKJjT9WPRWdRc/sEtZ9eBJ0yQN2U0ypUnT2pMHj+LB/0QUPHn0b/Dg2Zt4ULwJSmYmuvUDhKaN3f5+MHnmffPmmecNy8IzUxLAuTWf/PJTKW7ElYiYjYjrEdl5qTgy63l4LiJuRsTMY0epmP9j4mJEXI2IG6Pkec5S8dZnt4e31n588+evv7104drnX303vV0D0/Z8RHR38vP9bh7TVh4fFvO1YTuL3dVhEfM3uo+KcZrH/eZWlmG/Nl5Xy+JKK1+f7uz1R3G7U6uPYqu9nc3v9PIL9oetcZ7sAw9ru9m40dzKYrufZrF1mNd1cJj/33bYH+R5GkW+D7P0MRiMYz7fPGjm+9l5lMV6b1DM53nTRvNgFIdFLC4X9bTTyOrYOs43/f/2Vru3d5AMm7v9dtpL1irVFyvVO+XqbtpoDpqr5Vq3cWc1WWh1RsvKg2atu95K01anWamn3cVkoVWvl6vVZOFuc6td6yXVamWlslReWyzObiev3X836TSShVF8pd3bG7Q7/WQ73U3yTywmy5WVlxaTW9Xk7Y3NZPPBvXsbm++8f/e9+y9vvPFqsehvZb0Qy0vLy+XqUnm5uniO9v9xUXSyMLH9w7GUpl0AwNmj/wem4eT6/90HESff/4f+fyLOVP87LmuC/e953z8ci/4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODc+n7ui9ezk/l8fK2Yf6qYeqYYlyJiJiJ++wezcfFIztkiz9y/rJ/7Sw3flCLLMLrGpeK4GhHrxfHr0yf9LQAAAMCT68uPbn6ad+v5y/y0C+I05TdtZq5/MKF8pYiYm/9hQtlmRi/PTihZ9u/7QhxMKFt2A+vyhJLlt9wuTCrbfzJ7JFx+LJTyMHOq5QAAAKfiaCdwul0IAAAAp+mTaRfAdJRi/Chz/Cw4+8v7Px8IXjkyAgAAAM6g0rQLAAAAAE5c1v/7/T8AAAB4suW//wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzOzv3cJg5EcQB+Nnhh/2nRau/byt6gjC1hj3uMKCBNUEAOpIU0QA3klhIiiPA4BCIOkTy2lej7JGcylvnxBsFhZqQBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALt1X68Xt1e/rtjm7fTt5RgMAAABcsq3Wi/qfWep/be5/b279bPpFRJQRcWnuPopPZ5mjJqd6ef7m9PnqVQ13EXXC4T0mzfUlIv401+OPrj8FAAAA+Lg2y9U8zdbTn9nQBdGntGhTfvubKa+IiGr2kCmtPOT9yhRWf7/H8T9TWr2ANc0UlpbcxrnS3qT+uR9X7aYnTZGa8uLLjkVmGzsAANCj0VnT7ywEAACAPv0bugCGUcTzVuZxK3CSmmZ77/NZDwAAAHiHiqELAAAAADpXz/97Ov9v7/w/AAAAGEY6/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAubav1YrNczdvm7Pbt5BkNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwxP68o0AIhEEY7F3fmcz9DysNmpqaVIHw8TcGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJvf/eX/xNQ4k8y9NpaeR5K1U2Pr1Ng7N47+ML5+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX+/OSAiEQBFEwZ/zvpO9/WEnQM4gQAQ2PKmrRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwRb/75f/E1DiTzJ02lo5HkrWrxtZVY+9B4+jBePs3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXO/fzGkcVBwD8zc7OxlbFNcoeIqLgQS92u62tvYkHJXjwTxBCuq2xW3+0OdhSxFy8Sc69iB5FBCXe+j/0nEAu8ZbDHiJ4jszszO7kB7j+6Mwm+XzgzfvuMMz7vlkI+c57CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBh+O4kjtNDexQ38nObew+W037rUJ96tL69kLY0jqpM+mR4ufwh6ozDvTqSAQAA4GyIi/o+hLCTbCymfaOd1f9JcU1a83//7Cgu6vnDdX/RF7V/2n77dffF8UDt0TjpTW+sDPoXj6bSfHKznG3P/e0VzezJZ+9e4uwLaXyw9sIwyZ5n9O3jx++1snCuimwBgH/jQtHnQfH7UNr36kwMgDOjWSq8i/o/btebEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAVhmvh6SKOQggLzUmc2tp7sHxc/2h9e6FoVx8+XA9fT+6Z3iIJIdxYGfQvVjqb2Xb33v1bS4NB/071wSshhLpGfyef/q2Pprg4hFqej+D/Cfbn8i97RvI5IUGNP5QAADiVkryldf1OsrGYnovmQ9j/4WD9/3opDlPW/7sfX90sj1Wu/3uVzXD2dVdvf969e+/+myu3l272b/Y/fetS7+3e5WtXrlzrZu9Kut6YAAAA8N+08lau/xvzR9f/z5fiMGX9/8V3va/KY8Xq/2NNFv3qzgQAAOBse/7VP/+IjjkftVrhy6XV1Tu90XH8+dLoWEOq/9hc3sr1fzxfd1YAAABAFYZr0YH1/+ulOEy5/v/Mjy/9XL5nHEI4l6//X1j+bHC9uunMtCr+nLjuOQIAAFCvc3krr/8n2f7/xnjLQyOE8MZrozj/N4BT1f/x+9/8VB6rvP//cnVTnEmNzuh5ZH0nhGan7owAAAA4zZ7KW1rs/55sLH7yy/kPW/b/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFTtrwAAAP//RAE/8A==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='net_prio.prioidx\x00', 0x275a, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x18, 0x0, 0xfffffffe})
fstat(r0, &(0x7f0000004ac0))

637.160194ms ago: executing program 0 (id=1557):
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)={0x6, 0x26, 0x2, 0x87, 0xffffffff, 0x2})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x15, 0x0, &(0x7f00000003c0)="e300000400f53601fd85b69fff8a0000ec67838717", 0x0, 0x403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x3}, 0x50)
r0 = syz_open_dev$sg(&(0x7f00000000c0), 0x6f5e, 0x2)
ioctl$FIBMAP(r0, 0x1, &(0x7f0000000040)=0x85)

636.880474ms ago: executing program 1 (id=1558):
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f00000000c0)='cgroup.kill\x00', 0x275a, 0x0)
write$cgroup_int(r1, &(0x7f0000000040)=0xfffffffffffffff, 0x12)

509.110346ms ago: executing program 0 (id=1559):
r0 = syz_io_uring_setup(0xf00, &(0x7f0000000080)={0x0, 0x0, 0xc00, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0, &(0x7f0000000180)=<r3=>0x0)
syz_io_uring_submit(r1, r2, r3, &(0x7f00000002c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000200)={0x42}, &(0x7f0000000280)='./file1\x00', 0x18, 0x0, 0x12345})
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000180)={{{@in=@rand_addr=0x64010100, @in=@loopback, 0x0, 0x7, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0xfffffffffffffffc, 0x1, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffff190}, {0x3, 0x80000, 0x80, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {{@in=@local, 0x0, 0x32}, 0x0, @in=@broadcast, 0x0, 0x4, 0x1, 0x0, 0xf000000}}, 0xe8)
io_uring_enter(r0, 0x1, 0x1, 0x1, 0x0, 0x0)

388.920186ms ago: executing program 0 (id=1560):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000140)={0x2c, r2, 0x1, 0x70bd24, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_SCAN_FLAGS={0x8, 0x9e, 0x3807}, @NL80211_ATTR_IE={0x6, 0x2a, [@random={0x5}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24014804}, 0x9590f6cc3aa711f2)

366.903159ms ago: executing program 0 (id=1561):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x400000001, &(0x7f0000000300)={<r1=>0xffffffffffffffff}, 0x13f, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x4e21, 0x0, @loopback}, {0xa, 0x0, 0xfffffffe, @empty}, r1}}, 0x48)
write$RDMA_USER_CM_CMD_QUERY(r0, &(0x7f0000000040)={0x13, 0x10, 0xfa00, {&(0x7f0000000780), r1, 0x2}}, 0x18)

277.187355ms ago: executing program 1 (id=1562):
socket$packet(0x11, 0x3, 0x300)
r0 = socket$inet6(0xa, 0x3, 0x100)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x2, 0x3, @mcast2, 0x9}, 0x1c)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x33, &(0x7f0000000100)=[{&(0x7f0000000000)=',', 0x588}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)

168.444572ms ago: executing program 0 (id=1563):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000200)={0x15, 0x0, <r1=>0x0})
ioctl$IOMMU_VFIO_IOAS$SET(r0, 0x3b88, &(0x7f00000002c0)={0xc, r1})
ioctl$IOMMU_VFIO_IOMMU_GET_INFO(r0, 0x3b70, &(0x7f0000000100)={0x28})

28.894555ms ago: executing program 0 (id=1564):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000028c0)={'wlan0\x00', &(0x7f0000000100)=@ethtool_gstrings={0x1b, 0x1}})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000040)=[0x0], 0x1})
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="043e1301"], 0x16)

0s ago: executing program 1 (id=1565):
syz_usb_connect$midi(0x5, 0x40, &(0x7f0000000280)=ANY=[@ANYBLOB="120110030000002030144b4740000102030109022e00010118100409040000020103000609058e0b20000fd702052501012709058c0200066df780052501013a"], &(0x7f0000000640)={0xa, &(0x7f0000000080)={0xa, 0x6, 0x200, 0x9, 0x9, 0xe, 0x40, 0x40}, 0x8, &(0x7f00000000c0)=ANY=[@ANYBLOB="050f08000103100b3d797dda9cb253ede8d06a432fac1e81be175e2c74d61a346d06d7cde9adea62b4f973ec0efc64fb72c3dafe092a81f9fc6dcd98c0e8013ac69765a4c4a48e641cdf954190a5f32346775e90aa8572db8140209476acc2784069260c352d0d7a54eabfa351812878a691ae4601000000cee491859a1857ba2d54ea6de5090c6a1ab1034f2de74a33a10a6e7459c82f87820545527fded64b567edb8a8ab5b6a78c257c21ab9589169d019cb76f789a31606263b9da99e65d0e17e686df3f58c83b06c45f2eb26f6cfa6ce40a9917354a3890ea0f0f8bbb845897a6e0659f4463284d0ba94671a907dfeb332c737efa86a75e4716991dc31969d8213ca4f0518741473361c42f93f34ab785008103843169c43f"], 0x60})
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x72, 0x0, 0x7fff0000}]})
openat$sequencer(0xffffff9c, &(0x7f0000000040), 0x1c3142, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

][ T7344] netlink: 'syz.1.511': attribute type 2 has an invalid length.
[  152.484018][ T7344] netlink: 8 bytes leftover after parsing attributes in process `syz.1.511'.
[  152.653388][    T9] usb 4-1: Using ep0 maxpacket: 32
[  152.662831][    T9] usb 4-1: config 0 has an invalid interface number: 51 but max is 0
[  152.687027][    T9] usb 4-1: config 0 has no interface number 0
[  152.709680][    T9] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  152.731015][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  152.759757][    T9] usb 4-1: Product: syz
[  152.765771][    T9] usb 4-1: Manufacturer: syz
[  152.771266][    T9] usb 4-1: SerialNumber: syz
[  152.795356][    T9] usb 4-1: config 0 descriptor??
[  152.814686][    T9] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  153.043138][    T9] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  153.074821][ T7354] loop1: detected capacity change from 0 to 40427
[  153.089233][    T9] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  153.094013][ T7354] F2FS-fs (loop1): invalid crc value
[  153.131174][ T7354] F2FS-fs (loop1): Found nat_bits in checkpoint
[  153.304695][ T7354] F2FS-fs (loop1): Start checkpoint disabled!
[  153.316802][ T7354] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  153.421563][ T7356] loop2: detected capacity change from 0 to 32768
[  153.474002][    C0] usb 4-1: qt2_read_bulk_callback - non-zero urb status: -71
[  153.497679][    T9] usb 4-1: USB disconnect, device number 7
[  153.517328][ T7356] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  153.530113][    T9] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  153.579537][    T9] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  153.607371][    T9] quatech2 4-1:0.51: device disconnected
[  153.649087][   T59] kworker/u4:4: attempt to access beyond end of device
[  153.649087][   T59] loop1: rw=2049, sector=40960, nr_sectors = 40 limit=40427
[  153.713115][   T59] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  153.724260][   T59] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  153.742896][   T59] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  153.743358][ T7356] XFS (loop2): Ending clean mount
[  153.803136][   T59] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  153.811265][   T59] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  154.034934][ T6088] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  154.228496][ T7373] loop3: detected capacity change from 0 to 1024
[  154.291028][ T7373] EXT4-fs: Ignoring removed bh option
[  154.435417][ T7377] netlink: 28 bytes leftover after parsing attributes in process `syz.1.520'.
[  154.450613][ T7373] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  154.559758][ T7379] netlink: 'syz.2.521': attribute type 8 has an invalid length.
[  154.681603][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.273143][ T5958] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  155.461710][ T7403] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  155.480223][ T5958] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  155.503069][ T5958] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  155.533089][ T5958] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  155.571643][ T5958] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  155.610086][ T5958] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  155.624379][ T5958] usb 2-1: Product: syz
[  155.631857][ T5958] usb 2-1: Manufacturer: syz
[  155.642886][ T5958] usb 2-1: SerialNumber: syz
[  155.724721][ T7399] loop3: detected capacity change from 0 to 32768
[  155.751529][ T7399] (syz.3.530,7399,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  155.789299][ T7399] (syz.3.530,7399,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  155.852714][ T7399] JBD2: Ignoring recovery information on journal
[  155.938295][ T5958] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 10 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  155.983984][ T7399] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  156.182145][ T5958] usb 2-1: USB disconnect, device number 10
[  156.197499][ T5958] usblp0: removed
[  156.218268][ T7423] loop2: detected capacity change from 0 to 128
[  156.268929][ T7423] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  156.310634][ T7423] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  156.326019][ T5767] ocfs2: Unmounting device (7,3) on (node local)
[  156.951033][ T7434] loop2: detected capacity change from 0 to 512
[  157.004313][ T7436] loop3: detected capacity change from 0 to 1764
[  157.596749][ T7453] program syz.1.555 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  157.616682][ T7454] loop3: detected capacity change from 0 to 128
[  157.723842][ T7456] netlink: 64 bytes leftover after parsing attributes in process `syz.0.557'.
[  158.493129][  T966] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  158.582180][ T7462] loop2: detected capacity change from 0 to 32768
[  158.599975][ T7477] loop1: detected capacity change from 0 to 8192
[  158.676776][ T7462] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  158.687909][  T966] usb 4-1: Using ep0 maxpacket: 16
[  158.768803][  T966] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  158.805719][  T966] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  158.826680][  T966] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00
[  158.842505][  T966] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  158.886653][ T7462] XFS (loop2): Ending clean mount
[  158.926573][ T7462] XFS (loop2): Quotacheck needed: Please wait.
[  158.979457][  T966] usb 4-1: config 0 descriptor??
[  159.017364][ T7462] XFS (loop2): Quotacheck: Done.
[  159.451667][ T6088] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  159.490631][  T966] konepure 0003:1E7D:2DB4.0008: unknown main item tag 0x0
[  159.514899][  T966] konepure 0003:1E7D:2DB4.0008: unknown main item tag 0x0
[  159.669155][  T966] konepure 0003:1E7D:2DB4.0008: hidraw0: USB HID v0.00 Device [HID 1e7d:2db4] on usb-dummy_hcd.3-1/input0
[  159.824591][  T966] usb 4-1: USB disconnect, device number 8
[  159.938494][ T7493] fido_id[7493]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  159.979636][ T7496] loop1: detected capacity change from 0 to 64
[  160.027019][ T7496] BFS-fs: bfs_fill_super(): loop1 is unclean, continuing
[  160.347674][ T5754] kernel write not supported for file /input/mice (pid: 5754 comm: kworker/1:3)
[  160.473663][ T5098] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  160.671464][ T5098] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  160.702315][ T5098] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  160.728854][ T5098] usb 3-1: config 0 descriptor??
[  160.745921][ T5098] cp210x 3-1:0.0: cp210x converter detected
[  161.208068][ T7532] loop3: detected capacity change from 0 to 512
[  161.234485][ T7532] EXT4-fs: Ignoring removed bh option
[  161.240456][ T7532] EXT4-fs: Ignoring removed nomblk_io_submit option
[  161.302717][ T7532] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  161.348379][ T5098] cp210x 3-1:0.0: failed to get vendor val 0x000e size 678: -71
[  161.368567][ T5098] cp210x 3-1:0.0: GPIO initialisation failed: -71
[  161.397528][ T5098] usb 3-1: cp210x converter now attached to ttyUSB0
[  161.415939][ T5098] usb 3-1: USB disconnect, device number 6
[  161.434533][ T5098] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  161.436496][ T7532] EXT4-fs (loop3): 1 truncate cleaned up
[  161.443575][ T5098] cp210x 3-1:0.0: device disconnected
[  161.491787][ T7532] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  161.550715][ T7532] EXT4-fs warning (device loop3): ext4_block_to_path:107: block 1057052516 > max in inode 18
[  161.633344][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.754012][ T7525] loop1: detected capacity change from 0 to 40427
[  161.785219][ T7543] loop3: detected capacity change from 0 to 16
[  161.799447][ T7525] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  161.831229][ T7525] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  161.859831][ T7525] F2FS-fs (loop1): Found nat_bits in checkpoint
[  161.870504][ T7543] erofs: (device loop3): mounted with root inode @ nid 36.
[  161.961343][ T7543] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -2 in[1, 1416] out[3560]
[  161.991668][ T7543] erofs: (device loop3): erofs_readdir: fail to readdir of logical block 80 of nid 36
[  162.027680][ T7525] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  162.049360][ T7525] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  162.554112][ T5958] usb 4-1: new full-speed USB device number 9 using dummy_hcd
[  162.755276][ T5958] usb 4-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid maxpacket 4361, setting to 64
[  162.790782][ T5958] usb 4-1: config 0 interface 0 has no altsetting 0
[  162.815089][ T5958] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  162.833471][ T5958] usb 4-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  162.854021][ T5958] usb 4-1: Product: syz
[  162.858410][ T5958] usb 4-1: Manufacturer: syz
[  162.884542][ T5958] usb 4-1: SerialNumber: syz
[  162.924194][ T5958] usb 4-1: config 0 descriptor??
[  162.938421][ T7564] loop2: detected capacity change from 0 to 256
[  162.939788][ T7555] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  162.980841][ T5958] usb 4-1: selecting invalid altsetting 0
[  163.016500][ T7564] FAT-fs (loop2): Directory bread(block 64) failed
[  163.035139][ T7564] FAT-fs (loop2): Directory bread(block 65) failed
[  163.052230][ T7564] FAT-fs (loop2): Directory bread(block 66) failed
[  163.074837][ T7564] FAT-fs (loop2): Directory bread(block 67) failed
[  163.089043][ T7564] FAT-fs (loop2): Directory bread(block 68) failed
[  163.098527][ T7564] FAT-fs (loop2): Directory bread(block 69) failed
[  163.131241][ T7564] FAT-fs (loop2): Directory bread(block 70) failed
[  163.141263][ T7564] FAT-fs (loop2): Directory bread(block 71) failed
[  163.163512][ T7564] FAT-fs (loop2): Directory bread(block 72) failed
[  163.202773][ T7564] FAT-fs (loop2): Directory bread(block 73) failed
[  163.379512][  T966] usb 4-1: USB disconnect, device number 9
[  163.407062][ T7574] 9pnet_fd: Insufficient options for proto=fd
[  163.590610][ T7578] veth1_vlan: left allmulticast mode
[  163.599684][ T7578] macvlan0: entered promiscuous mode
[  163.608475][ T7578] macvlan0: left allmulticast mode
[  163.632017][ T7578] netlink: 'syz.2.608': attribute type 1 has an invalid length.
[  163.659456][ T7578] netlink: 'syz.2.608': attribute type 2 has an invalid length.
[  163.879677][ T7588] tun0: tun_chr_ioctl cmd 1074025677
[  163.898112][ T7588] tun0: linktype set to 0
[  165.296503][ T7631] loop2: detected capacity change from 0 to 2048
[  165.358108][ T7631] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  165.858442][ T7627] loop3: detected capacity change from 0 to 32768
[  165.953879][ T7627] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  165.978371][ T7629] loop1: detected capacity change from 0 to 32768
[  166.040858][ T7629] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  166.105134][ T7646] loop2: detected capacity change from 0 to 4096
[  166.113818][ T7658] netlink: 16 bytes leftover after parsing attributes in process `syz.0.640'.
[  166.114060][ T7627] XFS (loop3): Ending clean mount
[  166.242352][ T7629] XFS (loop1): Ending clean mount
[  166.270627][ T7629] XFS (loop1): Quotacheck needed: Please wait.
[  166.436471][ T7629] XFS (loop1): Quotacheck: Done.
[  166.455916][ T5767] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  166.588254][   T28] kauditd_printk_skb: 8 callbacks suppressed
[  166.588269][   T28] audit: type=1800 audit(1776216770.596:30): pid=7629 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.633" name="file1" dev="loop1" ino=6150 res=0 errno=0
[  166.876327][ T5768] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  167.073527][ T7672] netlink: 'syz.3.643': attribute type 3 has an invalid length.
[  167.110059][ T7670] loop2: detected capacity change from 0 to 4096
[  167.110669][ T7672] netlink: 4344 bytes leftover after parsing attributes in process `syz.3.643'.
[  167.629111][ T7686] loop3: detected capacity change from 0 to 512
[  167.699452][ T7686] FAT-fs (loop3): Directory bread(block 199916) failed
[  167.728169][ T7686] FAT-fs (loop3): Directory bread(block 199917) failed
[  167.745720][ T7686] FAT-fs (loop3): Directory bread(block 199918) failed
[  167.770031][ T7686] FAT-fs (loop3): Directory bread(block 199919) failed
[  167.793155][ T7686] FAT-fs (loop3): Directory bread(block 199920) failed
[  167.812514][ T7686] FAT-fs (loop3): Directory bread(block 199921) failed
[  167.842675][ T7686] FAT-fs (loop3): Directory bread(block 199922) failed
[  167.875716][ T7686] FAT-fs (loop3): Directory bread(block 199923) failed
[  167.934591][ T7686] FAT-fs (loop3): Directory bread(block 199916) failed
[  167.953509][ T7686] FAT-fs (loop3): Directory bread(block 199917) failed
[  168.459293][   T28] audit: type=1326 audit(1776216772.466:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7703 comm="syz.3.660" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f391199c819 code=0x0
[  168.529470][ T7684] loop2: detected capacity change from 0 to 40427
[  168.545722][ T7684] F2FS-fs (loop2): heap/no_heap options were deprecated
[  168.565464][ T7684] F2FS-fs (loop2): build fault injection attr: rate: 19, type: 0x7ffff
[  168.575847][ T7684] F2FS-fs (loop2): build fault injection attr: rate: 0, type: 0x77e8c
[  168.589496][ T7684] F2FS-fs (loop2): invalid crc value
[  168.610169][ T7684] F2FS-fs (loop2): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_ra_meta_pages+0x21d/0x9b0
[  168.640492][ T7684] F2FS-fs (loop2): Found nat_bits in checkpoint
[  168.647417][ T5098] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  168.720104][ T7684] F2FS-fs (loop2): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_submit_page_bio+0x134/0x650
[  168.768395][    C1] F2FS-fs (loop2): inject read IO error in f2fs_read_end_io of blk_update_request+0x597/0xe40
[  168.805292][ T7684] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  168.853378][ T5098] usb 2-1: Using ep0 maxpacket: 32
[  168.861473][ T7690] Invalid ELF header magic: != ELF
[  168.871564][ T5098] usb 2-1: config 0 has an invalid interface number: 2 but max is 0
[  168.891270][ T5098] usb 2-1: config 0 has no interface number 0
[  168.903681][ T5098] usb 2-1: config 0 interface 2 altsetting 2 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  168.918831][ T7684] F2FS-fs (loop2): inject no more block in inc_valid_node_count of f2fs_new_node_page+0x187/0x910
[  168.932825][ T5098] usb 2-1: config 0 interface 2 has no altsetting 0
[  168.958533][ T5098] usb 2-1: New USB device found, idVendor=086a, idProduct=0003, bcdDevice=f0.3f
[  168.977758][ T5098] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  168.990526][ T7684] F2FS-fs (loop2): inject checkpoint error in f2fs_balance_fs of f2fs_convert_inline_inode+0x792/0x800
[  169.010684][ T5098] usb 2-1: Product: syz
[  169.015474][ T5098] usb 2-1: Manufacturer: syz
[  169.021090][ T5098] usb 2-1: SerialNumber: syz
[  169.033355][ T7684] F2FS-fs (loop2): Stopped filesystem due to reason: 1
[  169.036176][ T5098] usb 2-1: config 0 descriptor??
[  169.260719][ T5098] usb 2-1: Quirk or no altest; falling back to MIDI 1.0
[  169.846579][ T7722] loop2: detected capacity change from 0 to 4096
[  170.016433][ T7723] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  170.264561][ T2178] usb 2-1: USB disconnect, device number 11
[  170.603437][ T7735] IPv6: NLM_F_CREATE should be specified when creating new route
[  170.843580][ T2178] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  171.043244][ T2178] usb 2-1: Using ep0 maxpacket: 16
[  171.049556][ T7750] loop2: detected capacity change from 0 to 4096
[  171.065482][ T2178] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  171.082049][ T2178] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  171.106187][ T2178] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  171.123100][ T2178] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  171.132752][ T7750] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  171.134856][ T2178] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  171.165924][ T2178] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  171.176573][ T2178] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  171.185834][ T2178] usb 2-1: Manufacturer: syz
[  171.194601][ T2178] usb 2-1: config 0 descriptor??
[  171.247732][ T7750] EXT4-fs (loop2): shut down requested (2)
[  171.265410][ T5754] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  171.305176][ T6088] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.478737][ T5754] usb 4-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  171.503809][ T5754] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  171.520215][ T5754] usb 4-1: Product: syz
[  171.525777][ T5754] usb 4-1: Manufacturer: syz
[  171.533603][ T2178] rc_core: IR keymap rc-hauppauge not found
[  171.535443][ T5754] usb 4-1: SerialNumber: syz
[  171.548419][ T2178] Registered IR keymap rc-empty
[  171.556230][ T5754] usb 4-1: config 0 descriptor??
[  171.570954][ T2178] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  171.583213][ T7759] loop2: detected capacity change from 0 to 2048
[  171.607258][ T7759] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  171.618842][ T2178] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  171.655306][ T2178] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[  171.697632][ T2178] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input15
[  171.746608][ T2178] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  171.793495][ T2178] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  171.833520][ T2178] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  171.863359][ T2178] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  171.904375][ T2178] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  171.942918][ T2178] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  171.974314][ T2178] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  172.013644][ T2178] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  172.053523][ T2178] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  172.093419][ T2178] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  172.127452][ T2178] mceusb 2-1:0.0: Registered  with mce emulator interface version 1
[  172.149945][ T7770] syz.0.687 uses obsolete (PF_INET,SOCK_PACKET)
[  172.153356][ T2178] mceusb 2-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  172.184002][ T2178] usb 2-1: USB disconnect, device number 12
[  172.392447][ T5754] usb 4-1: Firmware version (0.0) predates our first public release.
[  172.416336][   T28] audit: type=1800 audit(1776216776.426:32): pid=7759 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.682" name="file1" dev="loop2" ino=1415 res=0 errno=0
[  172.438952][ T5754] usb 4-1: Please update to version 0.2 or newer
[  172.497076][ T5754] usb 4-1: USB disconnect, device number 10
[  172.905841][ T7788] loop2: detected capacity change from 0 to 256
[  173.233465][ T7796] bridge0: port 2(bridge_slave_1) entered disabled state
[  173.834948][ T5754] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  174.043445][ T5754] usb 3-1: Using ep0 maxpacket: 32
[  174.079347][ T5754] usb 3-1: unable to get BOS descriptor or descriptor too short
[  174.105440][ T5754] usb 3-1: unable to read config index 0 descriptor/start: -71
[  174.114669][ T5754] usb 3-1: can't read configurations, error -71
[  174.687037][ T7831] loop1: detected capacity change from 0 to 8192
[  174.712232][ T7831] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  174.727530][ T7831] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal
[  174.757017][ T7831] REISERFS (device loop1): using ordered data mode
[  174.773645][ T7831] reiserfs: using flush barriers
[  174.831449][ T7831] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  174.887820][ T7831] REISERFS (device loop1): checking transaction log (loop1)
[  174.923801][ T7831] REISERFS (device loop1): Using r5 hash to sort names
[  174.998116][ T7831] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage.
[  175.523669][ T7852] netlink: 4 bytes leftover after parsing attributes in process `syz.1.722'.
[  175.589816][ T7858] loop2: detected capacity change from 0 to 128
[  175.606280][ T7858] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  175.625538][ T7858] hpfs: filesystem error: improperly stopped
[  175.671175][ T7858] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  175.702176][ T7858] hpfs: You really don't want any checks? You are crazy...
[  175.727349][ T7858] hpfs: hpfs_map_sector(): read error
[  175.742604][ T7858] hpfs: code page support is disabled
[  175.760880][ T7858] hpfs: hpfs_map_4sectors(): unaligned read
[  175.778045][ T7862] netlink: 8 bytes leftover after parsing attributes in process `syz.1.728'.
[  175.790303][ T7858] hpfs: hpfs_map_4sectors(): unaligned read
[  175.800497][ T7858] hpfs: filesystem error: unable to find root dir
[  175.910255][ T7868] fuse: Bad value for 'fd'
[  176.052629][ T7870] loop1: detected capacity change from 0 to 2048
[  176.088553][ T7870] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  176.121227][ T7870] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  176.124049][ T7876] loop2: detected capacity change from 0 to 256
[  176.162402][ T7876] exfat: Deprecated parameter 'utf8'
[  176.229375][ T7876] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  176.668112][ T7892] loop1: detected capacity change from 0 to 128
[  176.725004][ T7892] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  176.728577][ T7895] loop3: detected capacity change from 0 to 128
[  176.756000][ T7892] ext4 filesystem being mounted at /192/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  176.780510][ T7895] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  176.811865][ T7892] fscrypt (loop1, inode 12): Direct key flag not allowed with different contents and filenames modes
[  176.813806][ T7895] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  176.894737][ T7895] hpfs: You really don't want any checks? You are crazy...
[  176.909602][ T5768] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  176.922457][ T7895] hpfs: hpfs_map_sector(): read error
[  176.935900][ T7895] hpfs: code page support is disabled
[  176.942650][ T7895] hpfs: hpfs_map_4sectors(): unaligned read
[  176.969159][ T7895] hpfs: hpfs_map_4sectors(): unaligned read
[  176.976215][ T7895] hpfs: filesystem error: unable to find root dir
[  177.278034][ T7904] netlink: 20 bytes leftover after parsing attributes in process `syz.1.746'.
[  177.298393][ T7904] netlink: 12 bytes leftover after parsing attributes in process `syz.1.746'.
[  177.328455][ T7907] netlink: 20 bytes leftover after parsing attributes in process `syz.1.746'.
[  177.366630][ T7907] netlink: 12 bytes leftover after parsing attributes in process `syz.1.746'.
[  177.626490][ T7917] netlink: 8 bytes leftover after parsing attributes in process `syz.0.750'.
[  177.654589][ T7917] n: the hash_elasticity option has been deprecated and is always 16
[  177.663083][ T7917] n: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  177.698640][ T7919] netlink: 8 bytes leftover after parsing attributes in process `syz.0.750'.
[  177.730427][ T7919] n: the hash_elasticity option has been deprecated and is always 16
[  177.763139][ T7919] n: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  178.351491][ T7940] loop1: detected capacity change from 0 to 4096
[  178.399271][ T7943] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  178.823077][ T7953] capability: warning: `syz.2.766' uses deprecated v2 capabilities in a way that may be insecure
[  179.118894][ T7961] batadv1: entered allmulticast mode
[  179.164539][ T7961] 8021q: adding VLAN 0 to HW filter on device batadv1
[  179.172382][ T7961] bridge0: port 3(batadv1) entered blocking state
[  179.213213][ T7961] bridge0: port 3(batadv1) entered disabled state
[  179.234672][ T7961] batadv1: entered promiscuous mode
[  179.255638][ T7961] bridge0: port 3(batadv1) entered blocking state
[  179.265080][ T7961] bridge0: port 3(batadv1) entered forwarding state
[  179.333589][ T7951] loop1: detected capacity change from 0 to 32768
[  179.402655][ T7951] JBD2: Ignoring recovery information on journal
[  179.508458][ T7955] loop3: detected capacity change from 0 to 40427
[  179.523308][ T7955] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  179.531738][ T7951] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  179.539746][ T7955] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  179.571639][ T7955] F2FS-fs (loop3): invalid crc value
[  179.588532][ T7955] F2FS-fs (loop3): Found nat_bits in checkpoint
[  179.615829][   T59] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[  179.627330][   T59] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[  179.800503][ T7955] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  179.849674][ T7955] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  179.907068][ T7951] (syz.1.765,7951,1):ocfs2_rename:1284 ERROR: status = -2
[  179.938687][ T7951] (syz.1.765,7951,1):ocfs2_rename:1690 ERROR: status = -2
[  179.946474][ T7974] net_ratelimit: 44 callbacks suppressed
[  179.946490][ T7974] Set syz1 is full, maxelem 14 reached
[  180.013794][ T7963] loop2: detected capacity change from 0 to 32768
[  180.026302][   T28] audit: type=1800 audit(1776217040.031:33): pid=7955 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.767" name="file1" dev="loop3" ino=10 res=0 errno=0
[  180.057702][ T7963] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 9
[  180.156834][ T5768] ocfs2: Unmounting device (7,1) on (node local)
[  180.282454][ T5755] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 9
[  180.307782][ T7978] bond0: entered promiscuous mode
[  180.348522][ T7978] bond_slave_0: entered promiscuous mode
[  180.378620][ T7978] bond_slave_1: entered promiscuous mode
[  180.422037][ T7978] mac80211_hwsim hwsim8 wlan1: entered promiscuous mode
[  180.442309][ T7978] bond0: left promiscuous mode
[  180.461759][ T7978] bond_slave_0: left promiscuous mode
[  180.494500][ T7978] bond_slave_1: left promiscuous mode
[  180.523671][ T7978] mac80211_hwsim hwsim8 wlan1: left promiscuous mode
[  180.795930][ T7988] loop1: detected capacity change from 0 to 128
[  180.849424][ T7988] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  180.890122][ T7988] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  181.072937][ T7994] loop2: detected capacity change from 0 to 256
[  181.120977][ T7998] program syz.3.778 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  181.150588][ T7994] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x0726f69c, utbl_chksum : 0xe619d30d)
[  181.241072][ T7994] exFAT-fs (loop2): error, tried to truncate zeroed cluster.
[  181.263580][ T7994] exFAT-fs (loop2): Filesystem has been set read-only
[  181.814863][ T8014] tap0: tun_chr_ioctl cmd 2148553947
[  182.127843][ T8026] loop1: detected capacity change from 0 to 164
[  182.270183][ T8030] loop2: detected capacity change from 0 to 512
[  182.306162][ T8030] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  182.371484][ T8030] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  182.407111][ T8030] ext4 filesystem being mounted at /134/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  182.463215][ T5754] usb 4-1: new full-speed USB device number 11 using dummy_hcd
[  182.602379][   T28] audit: type=1800 audit(1776217042.601:34): pid=8030 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.799" name="file2" dev="loop2" ino=16 res=0 errno=0
[  182.675651][ T5754] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  182.686655][ T5754] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  182.699655][ T5754] usb 4-1: config 0 descriptor??
[  182.734354][ T6088] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.170438][ T8045] loop1: detected capacity change from 0 to 32768
[  183.178753][ T5754] [drm] Initialized udl 0.0.1 20120220 for 4-1:0.0 on minor 2
[  183.197012][ T5754] [drm] Initialized udl on minor 2
[  183.229289][ T8045] 
[  183.229289][ T8045]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  183.229289][ T8045] 
[  183.291254][   T28] audit: type=1800 audit(1776217043.291:35): pid=8045 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.805" name="file1" dev="loop1" ino=4 res=0 errno=0
[  183.359666][ T8045] 
[  183.359666][ T8045]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  183.359666][ T8045] 
[  183.388925][ T8045] 
[  183.388925][ T8045]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  183.388925][ T8045] 
[  183.434595][  T112] 
[  183.434595][  T112]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  183.434595][  T112] 
[  183.514978][ T5768] 
[  183.514978][ T5768]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  183.514978][ T5768] 
[  183.538632][ T5754] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 1 failed err ffffffb9
[  183.549023][ T5768] 
[  183.549023][ T5768]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  183.549023][ T5768] 
[  183.607087][ T5754] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[  183.676036][ T5958] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  183.686334][ T5754] usb 4-1: USB disconnect, device number 11
[  183.719548][ T5958] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[  183.760684][ T8063] loop2: detected capacity change from 0 to 512
[  183.796481][ T8063] EXT4-fs: Ignoring removed i_version option
[  183.844943][ T8063] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  183.900381][ T8063] EXT4-fs (loop2): 1 truncate cleaned up
[  183.964110][ T8063] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  184.176042][ T6088] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  184.374406][ T3492] Bluetooth: hci4: Frame reassembly failed (-84)
[  184.395422][ T8081] loop3: detected capacity change from 0 to 128
[  184.396423][ T8078] autofs4:pid:8078:autofs_fill_super: could not open pipe file descriptor
[  184.634688][ T8085] loop1: detected capacity change from 0 to 512
[  184.656093][ T8085] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  184.695131][ T8085] EXT4-fs error (device loop1): ext4_orphan_get:1404: inode #15: comm syz.1.821: inode has both inline data and extents flags
[  184.716198][ T8085] EXT4-fs error (device loop1): ext4_orphan_get:1409: comm syz.1.821: couldn't read orphan inode 15 (err -117)
[  184.737913][ T8085] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  184.824844][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  185.003369][ T8101] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  185.049661][ T8101] netlink: 'syz.3.825': attribute type 13 has an invalid length.
[  185.059057][ T8101] netlink: 'syz.3.825': attribute type 17 has an invalid length.
[  185.101708][ T8101] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  185.213953][ T8104] loop3: detected capacity change from 0 to 1024
[  185.271746][ T8104] hfsplus: can't free extent
[  185.759504][ T8121] loop3: detected capacity change from 0 to 164
[  185.862793][ T8123] netlink: 8 bytes leftover after parsing attributes in process `syz.1.835'.
[  186.323197][ T5754] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  186.383684][ T5775] Bluetooth: hci4: command 0x1003 tx timeout
[  186.391606][ T5771] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  186.561236][ T5754] usb 2-1: Using ep0 maxpacket: 16
[  186.593439][ T5754] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  186.657749][ T5754] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  186.720814][ T5754] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  186.787080][ T5754] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  186.841736][ T5754] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  186.884489][ T5754] usb 2-1: config 0 descriptor??
[  187.311098][ T8157] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  187.347323][ T5754] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[  187.401757][ T8144] loop3: detected capacity change from 0 to 131072
[  187.401800][ T5754] microsoft 0003:045E:07DA.0009: ignoring exceeding usage max
[  187.436328][ T8144] F2FS-fs (loop3): invalid crc value
[  187.474478][ T8144] F2FS-fs (loop3): Found nat_bits in checkpoint
[  187.488850][ T5754] microsoft 0003:045E:07DA.0009: ignoring exceeding usage max
[  187.538435][ T8144] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  187.539923][ T5754] microsoft 0003:045E:07DA.0009: No inputs registered, leaving
[  187.634240][ T5754] microsoft 0003:045E:07DA.0009: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0
[  187.667641][ T5754] microsoft 0003:045E:07DA.0009: no inputs found
[  187.681479][ T5754] microsoft 0003:045E:07DA.0009: could not initialize ff, continuing anyway
[  187.717959][ T5754] usb 2-1: USB disconnect, device number 13
[  187.876472][ T8170] fido_id[8170]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  188.135160][ T8177] loop2: detected capacity change from 0 to 512
[  188.166045][ T8175] loop3: detected capacity change from 0 to 4096
[  188.169063][ T8177] EXT4-fs: Ignoring removed bh option
[  188.220196][ T8177] EXT4-fs: Ignoring removed oldalloc option
[  188.258513][ T8177] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  188.289675][ T8177] EXT4-fs (loop2): invalid journal inode
[  188.319029][ T8177] EXT4-fs (loop2): can't get journal size
[  188.350978][ T8177] EXT4-fs (loop2): 1 truncate cleaned up
[  188.362410][ T8177] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  188.569804][ T8181] loop1: detected capacity change from 0 to 4096
[  188.641314][ T8181] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  188.729498][ T6088] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.987572][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.116022][ T8217] loop1: detected capacity change from 0 to 4096
[  190.976303][ T8252] loop1: detected capacity change from 0 to 512
[  191.056033][ T8252] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  191.093379][ T8252] ext4 filesystem being mounted at /230/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  191.155091][ T8260] loop2: detected capacity change from 0 to 512
[  191.208704][ T8260] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  191.262880][ T8252] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm syz.1.887: bg 0: block 217: padding at end of block bitmap is not set
[  191.321190][ T8259] loop3: detected capacity change from 0 to 8192
[  191.328193][ T8260] EXT4-fs error (device loop2): ext4_orphan_get:1404: inode #15: comm syz.2.890: inode has both inline data and extents flags
[  191.332751][ T8260] EXT4-fs error (device loop2): ext4_orphan_get:1409: comm syz.2.890: couldn't read orphan inode 15 (err -117)
[  191.386565][ T8252] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6655: Corrupt filesystem
[  191.394908][ T8260] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  191.539970][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.673588][ T6088] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.783976][ T8267] netlink: 132 bytes leftover after parsing attributes in process `syz.1.892'.
[  192.263550][ T8285] loop1: detected capacity change from 0 to 512
[  192.272035][ T8285] EXT4-fs: Ignoring removed orlov option
[  192.390620][ T8285] EXT4-fs (loop1): 1 truncate cleaned up
[  192.400656][ T8285] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  192.442230][ T8291] openvswitch: netlink: Actions may not be safe on all matching packets
[  192.633906][   T28] audit: type=1800 audit(1776217052.641:36): pid=8285 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.900" name="file1" dev="loop1" ino=13 res=0 errno=0
[  192.720097][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.757376][ T8295] loop2: detected capacity change from 0 to 4096
[  192.777616][ T8295] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512).
[  193.860211][ T8303] loop1: detected capacity change from 0 to 32768
[  193.909829][ T8303] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.908 (8303)
[  193.958444][ T8303] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  194.023444][ T8303] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  194.063375][ T8303] BTRFS info (device loop1): using free space tree
[  194.139667][ T8338] loop2: detected capacity change from 0 to 512
[  194.188359][ T8338] EXT4-fs: Ignoring removed oldalloc option
[  194.251623][ T8303] BTRFS info (device loop1): enabling ssd optimizations
[  194.260597][ T8303] BTRFS info (device loop1): auto enabling async discard
[  194.386703][ T8338] EXT4-fs error (device loop2): ext4_xattr_inode_iget:437: comm syz.2.922: Parent and EA inode have the same ino 15
[  194.457255][ T8354] bridge0: port 1(bridge_slave_0) entered blocking state
[  194.465189][ T8354] bridge0: port 1(bridge_slave_0) entered forwarding state
[  194.493918][ T8338] EXT4-fs error (device loop2): ext4_xattr_inode_iget:437: comm syz.2.922: Parent and EA inode have the same ino 15
[  194.602725][ T8338] EXT4-fs (loop2): 1 orphan inode deleted
[  194.624157][ T5768] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  194.650027][ T8338] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  194.748544][ T8338] EXT4-fs error (device loop2): ext4_rename:3859: inode #15: comm syz.2.922: target of rename is already freed
[  194.792570][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[  194.882391][ T1286] ieee802154 phy1 wpan1: encryption failed: -22
[  194.932800][ T8361] loop3: detected capacity change from 0 to 1024
[  195.042900][ T6088] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.135734][ T8361] hfsplus: xattr searching failed
[  195.266812][ T5755] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 10 /dev/loop1 scanned by udevd (5755)
[  195.990846][ T8376] loop2: detected capacity change from 0 to 8192
[  196.036326][ T8376] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  196.156118][ T8376] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal
[  196.221851][ T8368] loop3: detected capacity change from 0 to 32768
[  196.227921][ T8376] REISERFS (device loop2): using ordered data mode
[  196.269159][ T8376] reiserfs: using flush barriers
[  196.286606][ T8376] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  196.360997][ T8376] REISERFS (device loop2): checking transaction log (loop2)
[  196.422450][ T8368] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  196.478991][ T8376] REISERFS (device loop2): Using r5 hash to sort names
[  196.545719][ T8376] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage.
[  196.577350][ T8387] loop1: detected capacity change from 0 to 512
[  196.604993][ T8368] (syz.3.931,8368,0):ocfs2_double_lock:1190 ERROR: status = -2
[  196.620257][ T8387] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  196.642721][ T8368] (syz.3.931,8368,0):ocfs2_rename:1299 ERROR: status = -2
[  196.664409][ T8368] (syz.3.931,8368,0):ocfs2_rename:1690 ERROR: status = -2
[  196.686793][ T8376] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [2 2 0x0 SD] (nlink == 1) not found (pos 0)
[  196.711113][ T8387] EXT4-fs (loop1): 1 orphan inode deleted
[  196.731318][ T8376] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [2 2 0x0 SD] (nlink == 1) not found (pos 0)
[  196.748926][ T8376] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [2 2 0x0 SD] (nlink == 1) not found (pos 0)
[  196.765815][ T8376] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [2 2 0x0 SD] (nlink == 1) not found (pos 0)
[  196.781984][ T8376] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [2 2 0x0 SD] (nlink == 1) not found (pos 0)
[  196.791751][ T8387] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  196.807678][ T8389] REISERFS error (device loop2): vs-7000 search_by_entry_key: search_by_key returned item position == 0
[  196.838646][ T8389] REISERFS (device loop2): Remounting filesystem read-only
[  196.849852][ T8389] REISERFS error (device loop2): zam-7001 reiserfs_find_entry: io error
[  196.949623][ T5775] Bluetooth: hci1: command 0x0406 tx timeout
[  196.956669][ T5775] Bluetooth: hci2: command 0x0406 tx timeout
[  196.963421][ T5766] Bluetooth: hci0: command 0x0406 tx timeout
[  196.993596][ T5767] ocfs2: Unmounting device (7,3) on (node local)
[  197.244020][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.653257][ T5098] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  197.733260][ T5754] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  197.846145][ T5098] usb 3-1: Using ep0 maxpacket: 16
[  197.859039][ T5098] usb 3-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  197.872936][ T5098] usb 3-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  197.899732][ T5098] usb 3-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  197.920578][ T5098] usb 3-1: config 1 interface 0 has no altsetting 0
[  197.931500][ T5098] usb 3-1: New USB device found, idVendor=0521, idProduct=b1a8, bcdDevice= 0.40
[  197.943368][ T5754] usb 2-1: Using ep0 maxpacket: 16
[  197.956493][ T5098] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  197.967865][ T5754] usb 2-1: config 0 interface 0 altsetting 64 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  197.987189][ T5098] usb 3-1: Product: syz
[  197.991785][ T5754] usb 2-1: config 0 interface 0 has no altsetting 0
[  198.013140][ T5098] usb 3-1: Manufacturer: syz
[  198.025977][ T5754] usb 2-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  198.035994][ T5098] usb 3-1: SerialNumber: syz
[  198.057134][ T5754] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  198.079642][ T5754] usb 2-1: config 0 descriptor??
[  198.281707][ T5098] usblp 3-1:1.0: usblp0: USB Unidirectional printer dev 9 if 0 alt 255 proto 1 vid 0x0521 pid 0xB1A8
[  198.536246][ T5098] usb 3-1: USB disconnect, device number 9
[  198.558036][ T5754] mcp2221 0003:04D8:00DD.000A: USB HID v0.01 Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0
[  198.571872][ T5098] usblp0: removed
[  199.048301][ T5098] usb 2-1: USB disconnect, device number 14
[  199.528153][ T8449] netlink: 56 bytes leftover after parsing attributes in process `syz.0.967'.
[  199.838488][ T8441] loop3: detected capacity change from 0 to 32768
[  199.888910][ T8441] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.962 (8441)
[  199.959764][ T8441] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  199.982635][ T8441] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  200.001290][ T8441] BTRFS info (device loop3): setting nodatasum
[  200.019081][ T8441] BTRFS info (device loop3): force zlib compression, level 3
[  200.074107][ T8441] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_LZO (0x8)
[  200.105851][ T8441] BTRFS info (device loop3): use lzo compression, level 0
[  200.123243][ T8441] BTRFS info (device loop3): turning on flush-on-commit
[  200.142486][ T8441] BTRFS info (device loop3): enabling auto defrag
[  200.164611][ T8441] BTRFS info (device loop3): max_inline at 4096
[  200.198941][ T8463] loop1: detected capacity change from 0 to 512
[  200.200910][ T8441] BTRFS info (device loop3): using free space tree
[  200.245303][ T8463] EXT4-fs error (device loop1): ext4_iget_extra_inode:4739: inode #15: comm syz.1.973: corrupted in-inode xattr: invalid ea_ino
[  200.299243][ T8463] EXT4-fs error (device loop1): ext4_orphan_get:1409: comm syz.1.973: couldn't read orphan inode 15 (err -117)
[  200.349238][ T8451] loop2: detected capacity change from 0 to 32768
[  200.358605][ T8463] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  200.473730][ T8451] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  200.518927][ T8441] BTRFS info (device loop3): enabling ssd optimizations
[  200.619336][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.680622][ T8451] XFS (loop2): Ending clean mount
[  200.730147][    T9] XFS (loop2): Metadata CRC error detected at xfs_inobt_read_verify+0x42/0xd0, xfs_finobt block 0x10 
[  200.764324][    T9] XFS (loop2): Unmount and run xfs_repair
[  200.770738][    T9] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  200.786088][    T9] 00000000: 46 49 42 33 00 00 00 01 ff ff ff ff ff ff ff ff  FIB3............
[  200.799853][    T9] 00000010: 00 00 00 00 00 00 00 10 00 00 00 01 00 00 00 10  ................
[  200.841484][    T9] 00000020: d7 dc 42 4e 79 90 42 cb 9f 91 9c b7 20 0a 10 1d  ..BNy.B..... ...
[  200.883633][    T9] 00000030: 00 00 00 00 0f 8d d2 a2 00 00 18 00 00 00 40 37  ..............@7
[  200.917718][    T9] 00000040: ff ff ff ff ff ff fe 00 00 00 00 00 00 00 00 00  ................
[  200.945192][ T5771] Bluetooth: hci1: command 0x0406 tx timeout
[  200.946037][    T9] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  201.040030][    T9] 00000060: 00 00 00 00 00 f0 00 00 00 00 00 00 00 00 00 00  ................
[  201.113348][    T9] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  201.152543][ T5767] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  201.156592][ T8451] XFS (loop2): metadata I/O error in "xfs_btree_read_buf_block+0x1df/0x2e0" at daddr 0x10 len 4 error 74
[  201.230462][ T8451] XFS (loop2): Failed to initialize disk quotas.
[  201.918218][ T6088] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  201.948178][  T966] XFS (loop2): Metadata CRC error detected at xfs_inobt_read_verify+0x42/0xd0, xfs_finobt block 0x10 
[  202.003391][  T966] XFS (loop2): Unmount and run xfs_repair
[  202.011293][  T966] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  202.073170][  T966] 00000000: 46 49 42 33 00 00 00 01 ff ff ff ff ff ff ff ff  FIB3............
[  202.103287][  T966] 00000010: 00 00 00 00 00 00 00 10 00 00 00 01 00 00 00 10  ................
[  202.160090][  T966] 00000020: d7 dc 42 4e 79 90 42 cb 9f 91 9c b7 20 0a 10 1d  ..BNy.B..... ...
[  202.198708][  T966] 00000030: 00 00 00 00 0f 8d d2 a2 00 00 18 00 00 00 40 37  ..............@7
[  202.219198][  T966] 00000040: ff ff ff ff ff ff fe 00 00 00 00 00 00 00 00 00  ................
[  202.243349][  T966] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  202.273081][  T966] 00000060: 00 00 00 00 00 f0 00 00 00 00 00 00 00 00 00 00  ................
[  202.303284][  T966] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  202.316862][    T9] XFS (loop2): metadata I/O error in "xfs_btree_read_buf_block+0x1df/0x2e0" at daddr 0x10 len 4 error 74
[  202.408530][    T9] XFS (loop2): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x519/0x8b0 (fs/xfs/xfs_trans_buf.c:296).  Shutting down filesystem.
[  202.440344][    T9] XFS (loop2): Please unmount the filesystem and rectify the problem(s)
[  202.550468][ T8516] lo: entered promiscuous mode
[  202.559774][ T8515] lo: left promiscuous mode
[  203.158304][ T8527] loop2: detected capacity change from 0 to 4096
[  203.187114][ T8527] ntfs: (device loop2): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  203.300400][ T8527] ntfs: (device loop2): ntfs_read_locked_inode(): Corrupt standard information attribute in inode.
[  203.320976][ T8527] ntfs: (device loop2): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  203.353110][ T8527] ntfs: (device loop2): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  203.353225][  T966] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  203.412074][ T8527] ntfs: volume version 3.1.
[  203.586188][  T966] usb 4-1: too many configurations: 9, using maximum allowed: 8
[  203.609911][  T966] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  203.643363][  T966] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  203.683359][  T966] usb 4-1: config 0 interface 0 has no altsetting 0
[  203.709964][ T8526] loop1: detected capacity change from 0 to 32768
[  203.728440][  T966] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  203.740384][ T6088] ntfs: (device loop2): ntfs_put_super(): Volume has errors.  Leaving volume marked dirty.  Run chkdsk.
[  203.764898][ T8526] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop1 scanned by syz.1.990 (8526)
[  203.780348][  T966] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  203.811070][  T966] usb 4-1: config 0 interface 0 has no altsetting 0
[  203.836420][  T966] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  203.854982][ T8526] BTRFS info (device loop1): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  203.873423][  T966] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  203.906159][ T8526] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  203.925668][  T966] usb 4-1: config 0 interface 0 has no altsetting 0
[  203.943105][ T8526] BTRFS info (device loop1): using free space tree
[  203.954532][  T966] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  203.970860][  T966] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  203.985166][  T966] usb 4-1: config 0 interface 0 has no altsetting 0
[  203.996562][  T966] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  204.022374][  T966] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  204.048888][  T966] usb 4-1: config 0 interface 0 has no altsetting 0
[  204.058267][  T966] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  204.073693][ T8526] BTRFS info (device loop1): enabling ssd optimizations
[  204.078470][  T966] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  204.100576][ T8526] BTRFS info (device loop1): auto enabling async discard
[  204.156282][  T966] usb 4-1: config 0 interface 0 has no altsetting 0
[  204.216847][  T966] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  204.253329][  T966] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  204.283246][ T5098] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  204.303176][  T966] usb 4-1: config 0 interface 0 has no altsetting 0
[  204.332320][  T966] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  204.373136][  T966] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  204.431327][  T966] usb 4-1: config 0 interface 0 has no altsetting 0
[  204.437435][   T28] audit: type=1800 audit(1776217064.431:37): pid=8526 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.990" name="file1" dev="loop1" ino=260 res=0 errno=0
[  204.454666][  T966] usb 4-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  204.493184][ T5098] usb 3-1: Using ep0 maxpacket: 32
[  204.512485][ T5098] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  204.516070][  T966] usb 4-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  204.537800][ T5098] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  204.567563][ T5098] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  204.591783][  T966] usb 4-1: Product: syz
[  204.611826][  T966] usb 4-1: Manufacturer: syz
[  204.632219][ T5098] usb 3-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[  204.645415][  T966] usb 4-1: SerialNumber: syz
[  204.662024][ T5098] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  204.684553][  T966] usb 4-1: config 0 descriptor??
[  204.685218][ T5098] usb 3-1: config 0 descriptor??
[  204.769491][  T966] yurex 4-1:0.0: USB YUREX device now attached to Yurex #0
[  204.931829][ T5768] BTRFS info (device loop1): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  205.161221][ T8535] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  205.211762][ T8535] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  205.257005][    C0] usb 4-1: yurex_control_callback - control failed: -71
[  205.260893][ T5826] usb 4-1: USB disconnect, device number 12
[  205.302225][ T5826] yurex 4-1:0.0: USB YUREX #0 now disconnected
[  205.346309][ T5098] input: HID 0458:5011 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0458:5011.000B/input/input16
[  205.520859][ T5098] input: HID 0458:5011 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0458:5011.000B/input/input17
[  205.698763][ T5098] kye 0003:0458:5011.000B: input,hiddev0,hidraw0: USB HID v0.04 Device [HID 0458:5011] on usb-dummy_hcd.2-1/input0
[  205.787794][ T5098] usb 3-1: USB disconnect, device number 10
[  205.888362][ T8564] fido_id[8564]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/3-1/report_descriptor': No such file or directory
[  206.573643][    T9] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  206.793564][    T9] usb 2-1: Using ep0 maxpacket: 32
[  206.809087][    T9] usb 2-1: config 0 has an invalid interface number: 196 but max is 0
[  206.833663][    T9] usb 2-1: config 0 has no interface number 0
[  206.853080][    T9] usb 2-1: config 0 interface 196 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 528
[  206.882454][ T8590] loop2: detected capacity change from 0 to 1024
[  206.885152][    T9] usb 2-1: config 0 interface 196 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  206.919842][ T8590] EXT4-fs: Ignoring removed bh option
[  206.950133][    T9] usb 2-1: config 0 interface 196 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  206.996287][ T8590] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback.
[  207.015398][    T9] usb 2-1: config 0 interface 196 has no altsetting 0
[  207.022241][ T8590] EXT4-fs (loop2): shut down requested (2)
[  207.071454][    T9] usb 2-1: New USB device found, idVendor=05ac, idProduct=7700, bcdDevice=eb.3a
[  207.084623][ T6088] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  207.113997][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  207.179170][    T9] usb 2-1: Product: syz
[  207.216155][    T9] usb 2-1: Manufacturer: syz
[  207.221439][    T9] usb 2-1: SerialNumber: syz
[  207.271907][    T9] usb 2-1: config 0 descriptor??
[  207.305665][ T8575] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  207.322057][ T8582] loop3: detected capacity change from 0 to 32768
[  207.378407][ T8582] XFS: attr2 mount option is deprecated.
[  207.492310][ T8582] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  207.644002][ T5098] IPVS: starting estimator thread 0...
[  207.681977][ T8582] XFS (loop3): Ending clean mount
[  207.775590][ T8609] IPVS: using max 20 ests per chain, 48000 per kthread
[  207.790943][ T8582] XFS (loop3): Quotacheck needed: Please wait.
[  207.918531][ T8582] XFS (loop3): Quotacheck: Done.
[  207.954890][    T9] ipheth 2-1:0.196: ipheth_enable_ncm: usb_control_msg: 0
[  207.977921][    T9] ipheth 2-1:0.196: Apple iPhone USB Ethernet device attached
[  208.126506][ T5767] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  208.311599][    T9] usb 2-1: USB disconnect, device number 15
[  208.491538][    T9] ipheth 2-1:0.196: Apple iPhone USB Ethernet now disconnected
[  209.093422][ T8648] loop1: detected capacity change from 0 to 4096
[  209.101592][ T8648] ntfs: (device loop1): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  209.170127][ T8648] ntfs: (device loop1): ntfs_read_locked_inode(): Corrupt standard information attribute in inode.
[  209.197845][ T8648] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  209.220365][ T8648] ntfs: (device loop1): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  209.255603][ T8648] ntfs: volume version 3.1.
[  209.542150][ T8661] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  209.572895][   T49] ntfs: (device loop1): ntfs_write_block(): Writing beyond initialized size is not supported yet. Sorry.
[  209.588104][ T5768] ntfs: (device loop1): ntfs_put_super(): Volume has errors.  Leaving volume marked dirty.  Run chkdsk.
[  210.053136][    T9] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  210.263313][    T9] usb 3-1: Using ep0 maxpacket: 8
[  210.271292][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  210.293062][    T9] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  210.313174][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  210.336719][    T9] usb 3-1: config 0 descriptor??
[  210.439638][ T8676] loop3: detected capacity change from 0 to 40427
[  210.464428][ T8676] F2FS-fs (loop3): build fault injection attr: rate: 690, type: 0x7ffff
[  210.475705][ T8676] F2FS-fs (loop3): Image doesn't support compression
[  210.497302][ T8676] F2FS-fs (loop3): Image doesn't support compression
[  210.546370][ T8676] F2FS-fs (loop3): invalid crc value
[  210.590515][    T9] iowarrior 3-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  210.605785][ T8676] F2FS-fs (loop3): Found nat_bits in checkpoint
[  210.795702][ T8676] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  210.885321][    T9] usb 3-1: USB disconnect, device number 11
[  210.895239][ T8676] F2FS-fs (loop3): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_page+0x1d7/0x910
[  211.058054][ T8698] 9p: Unknown access argument : -22
[  211.134474][ T5767] syz-executor: attempt to access beyond end of device
[  211.134474][ T5767] loop3: rw=2049, sector=45096, nr_sectors = 24 limit=40427
[  211.177036][ T5767] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  211.219547][ T5767] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  211.246814][ T5767] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  211.473390][ T8707] bridge_slave_0: default FDB implementation only supports local addresses
[  212.246720][ T8736] loop1: detected capacity change from 0 to 512
[  212.309966][ T8736] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000e018, mo2=0002]
[  212.322374][ T8736] System zones: 1-12
[  212.331351][ T8736] EXT4-fs error (device loop1): ext4_xattr_inode_iget:441: inode #12: comm syz.1.1057: missing EA_INODE flag
[  212.356242][ T8736] EXT4-fs error (device loop1): ext4_xattr_inode_iget:446: comm syz.1.1057: error while reading EA inode 12 err=-117
[  212.415362][ T8736] EXT4-fs (loop1): 1 orphan inode deleted
[  212.434610][ T8736] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  212.488868][ T8742] 9pnet_fd: Insufficient options for proto=fd
[  212.516006][   T28] audit: type=1800 audit(1776217072.521:38): pid=8736 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1057" name="file1" dev="loop1" ino=15 res=0 errno=0
[  212.700473][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  212.949644][ T8756] netlink: 'syz.0.1064': attribute type 2 has an invalid length.
[  212.961079][ T8756] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1064'.
[  213.332774][ T8764] (null): rxe_set_mtu: Set mtu to 1024
[  213.361109][ T8764] syzkaller0 speed is unknown, defaulting to 1000
[  213.385178][ T8764] syzkaller0 speed is unknown, defaulting to 1000
[  213.428288][ T8764] syzkaller0 speed is unknown, defaulting to 1000
[  213.545127][ T8752] loop1: detected capacity change from 0 to 32768
[  213.572850][ T8752] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.1062 (8752)
[  213.625931][ T8752] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  213.673308][ T8752] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  213.692661][ T8752] BTRFS info (device loop1): enabling auto defrag
[  213.704148][ T8752] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  213.717885][ T8752] BTRFS info (device loop1): use zstd compression, level 3
[  213.731073][ T8752] BTRFS info (device loop1): turning on async discard
[  213.758204][ T8752] BTRFS warning (device loop1): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  213.768273][ T8771] input: syz0 as /devices/virtual/input/input18
[  213.773289][ T8752] BTRFS info (device loop1): trying to use backup root at mount time
[  213.788539][ T8752] BTRFS warning (device loop1): the 'inode_cache' option is deprecated and has no effect since 5.11
[  213.821362][ T8752] BTRFS info (device loop1): enabling ssd optimizations
[  213.851866][ T8752] BTRFS info (device loop1): using spread ssd allocation scheme
[  213.873270][ T8752] BTRFS info (device loop1): force zlib compression, level 3
[  213.905702][ T8752] BTRFS info (device loop1): using free space tree
[  214.016789][    T9] syzkaller0 speed is unknown, defaulting to 1000
[  214.029573][ T8764] infiniband syz2: set down
[  214.040696][ T8764] infiniband syz2: added syzkaller0
[  214.074032][ T2108] BTRFS warning (device loop1): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0
[  214.162460][ T8752] BTRFS error (device loop1): failed to load root extent
[  214.193732][ T8752] BTRFS warning (device loop1): try to load backup roots slot 1
[  214.215115][ T2942] BTRFS warning (device loop1): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0
[  214.259661][ T8752] BTRFS warning (device loop1): couldn't read tree root
[  214.272567][ T8752] BTRFS warning (device loop1): try to load backup roots slot 2
[  214.324867][ T2942] BTRFS error (device loop1): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  214.368191][ T8752] BTRFS warning (device loop1): couldn't read tree root
[  214.389591][ T8752] BTRFS warning (device loop1): try to load backup roots slot 3
[  214.429737][ T8764] RDS/IB: syz2: added
[  214.447478][ T8764] smc: adding ib device syz2 with port count 1
[  214.470257][ T8764] smc:    ib device syz2 port 1 has pnetid 
[  214.480233][ T8752] BTRFS info (device loop1): rebuilding free space tree
[  214.485204][ T2178] syzkaller0 speed is unknown, defaulting to 1000
[  214.519625][ T8764] syzkaller0 speed is unknown, defaulting to 1000
[  214.649845][ T8752] BTRFS info (device loop1): checking UUID tree
[  215.101019][ T5768] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  215.187423][ T8764] syzkaller0 speed is unknown, defaulting to 1000
[  215.580327][ T8801] loop3: detected capacity change from 0 to 32768
[  215.716252][ T8801] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  215.896640][ T8801] XFS (loop3): Ending clean mount
[  215.921909][ T5098] XFS (loop3): Metadata CRC error detected at xfs_inobt_read_verify+0x42/0xd0, xfs_finobt block 0x10 
[  216.011921][ T8764] syzkaller0 speed is unknown, defaulting to 1000
[  216.019734][ T5098] XFS (loop3): Unmount and run xfs_repair
[  216.028998][ T5098] XFS (loop3): First 128 bytes of corrupted metadata buffer:
[  216.038943][ T5098] 00000000: 46 49 42 33 00 00 00 01 ff ff ff ff ff ff ff ff  FIB3............
[  216.091641][ T5098] 00000010: 00 00 00 00 00 00 00 10 00 00 00 01 00 00 00 10  ................
[  216.111452][ T5098] 00000020: d7 dc 42 4e 79 90 42 cb 9f 91 9c b7 20 0a 10 1d  ..BNy.B..... ...
[  216.150897][ T8830] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1085'.
[  216.161305][ T5098] 00000030: 00 00 00 00 0f 8d d2 a2 00 00 18 00 00 00 40 37  ..............@7
[  216.164722][ T8830] netem: unknown loss type 11
[  216.193115][ T5098] 00000040: ff ff ff ff ff ff fe 00 00 00 00 00 00 00 00 00  ................
[  216.197405][ T8830] netem: change failed
[  216.230804][ T5098] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  216.253246][ T5098] 00000060: 00 00 00 00 00 f0 00 00 00 00 00 00 00 00 00 00  ................
[  216.273215][ T5098] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  216.290148][ T8801] XFS (loop3): metadata I/O error in "xfs_btree_read_buf_block+0x1df/0x2e0" at daddr 0x10 len 4 error 74
[  216.304597][ T8801] XFS (loop3): Failed to initialize disk quotas.
[  216.487369][ T8764] syzkaller0 speed is unknown, defaulting to 1000
[  216.516790][ T5958] XFS (loop3): Metadata CRC error detected at xfs_inobt_read_verify+0x42/0xd0, xfs_finobt block 0x10 
[  216.538174][ T5767] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  216.549612][ T5958] XFS (loop3): Unmount and run xfs_repair
[  216.556804][ T5958] XFS (loop3): First 128 bytes of corrupted metadata buffer:
[  216.565827][ T5958] 00000000: 46 49 42 33 00 00 00 01 ff ff ff ff ff ff ff ff  FIB3............
[  216.576949][ T5958] 00000010: 00 00 00 00 00 00 00 10 00 00 00 01 00 00 00 10  ................
[  216.587415][ T5958] 00000020: d7 dc 42 4e 79 90 42 cb 9f 91 9c b7 20 0a 10 1d  ..BNy.B..... ...
[  216.597060][ T5958] 00000030: 00 00 00 00 0f 8d d2 a2 00 00 18 00 00 00 40 37  ..............@7
[  216.607984][ T5958] 00000040: ff ff ff ff ff ff fe 00 00 00 00 00 00 00 00 00  ................
[  216.618589][ T5958] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  216.628964][ T5958] 00000060: 00 00 00 00 00 f0 00 00 00 00 00 00 00 00 00 00  ................
[  216.638747][ T5958] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  216.648942][ T5098] XFS (loop3): metadata I/O error in "xfs_btree_read_buf_block+0x1df/0x2e0" at daddr 0x10 len 4 error 74
[  216.687324][ T5098] XFS (loop3): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x519/0x8b0 (fs/xfs/xfs_trans_buf.c:296).  Shutting down filesystem.
[  216.703838][ T5098] XFS (loop3): Please unmount the filesystem and rectify the problem(s)
[  216.717277][    T9] XFS (loop3): xfs_difree: xfs_ialloc_read_agi() returned error -5.
[  217.080603][ T8837] program syz.1.1090 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  217.268004][ T8845] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1093'.
[  217.429774][ T8853] loop3: detected capacity change from 0 to 512
[  217.454317][ T8853] EXT4-fs: Ignoring removed bh option
[  217.497854][ T8853] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended
[  217.533794][ T8853] EXT4-fs (loop3): 1 truncate cleaned up
[  217.589927][ T8853] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  217.783393][ T8853] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  217.839200][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  217.948024][ T8872] syzkaller0 speed is unknown, defaulting to 1000
[  218.193100][ T5098] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  218.413060][ T5098] usb 3-1: Using ep0 maxpacket: 16
[  218.427249][ T5098] usb 3-1: config 0 has no interfaces?
[  218.498085][ T5098] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  218.530729][ T5098] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  218.552002][ T5098] usb 3-1: Manufacturer: syz
[  218.604861][ T5098] usb 3-1: config 0 descriptor??
[  218.687763][ T8876] loop3: detected capacity change from 0 to 32768
[  218.745980][ T8876] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  218.797673][ T8876] XFS (loop3): Ending clean mount
[  218.820228][ T8876] XFS (loop3): Quotacheck needed: Please wait.
[  218.864679][    T9] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  218.941309][ T8876] XFS (loop3): Quotacheck: Done.
[  218.969203][ T8872] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  219.002397][ T5098] usb 3-1: USB disconnect, device number 12
[  219.055838][    T9] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  219.067096][    T9] usb 2-1: config 0 has no interface number 0
[  219.076292][ T5767] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  219.078970][    T9] usb 2-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  219.106338][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  219.123454][    T9] usb 2-1: Product: syz
[  219.129207][    T9] usb 2-1: Manufacturer: syz
[  219.136471][    T9] usb 2-1: SerialNumber: syz
[  219.146416][    T9] usb 2-1: config 0 descriptor??
[  219.373571][    T9] usb 2-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[  219.416911][    T9] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  219.446706][    T9] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[  219.459180][    T9] usb 2-1: media controller created
[  219.508952][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  219.730257][ T8908] loop2: detected capacity change from 0 to 256
[  219.755979][ T8906] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  219.766889][ T8906] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  219.776798][ T8906] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  219.787014][ T8906] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  220.331409][ T8920] loop3: detected capacity change from 0 to 512
[  220.426452][ T8920] EXT4-fs error (device loop3): ext4_orphan_get:1404: inode #15: comm syz.3.1120: inode has both inline data and extents flags
[  220.492757][ T8920] EXT4-fs error (device loop3): ext4_orphan_get:1409: comm syz.3.1120: couldn't read orphan inode 15 (err -117)
[  220.628053][    T9] i2c i2c-1: ec100: i2c rd failed=-110 reg=33
[  220.656249][ T8920] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  220.839231][    T9] usb 2-1: USB disconnect, device number 16
[  220.910694][ T8929] EXT4-fs: Ignoring removed bh option
[  220.973330][ T8920] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  220.991176][ T8929] EXT4-fs (loop3): changing journal_checksum during remount not supported; ignoring
[  221.014294][ T8929] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  221.039940][ T8929] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  221.102513][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.451682][ T8942] loop3: detected capacity change from 0 to 512
[  221.524072][ T8942] EXT4-fs error (device loop3): ext4_orphan_get:1404: inode #15: comm syz.3.1128: iget: bad i_size value: 38620345925642
[  221.577567][ T8942] EXT4-fs error (device loop3): ext4_orphan_get:1409: comm syz.3.1128: couldn't read orphan inode 15 (err -117)
[  221.625348][ T8942] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  221.766950][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.833190][ T2178] usb 2-1: new full-speed USB device number 17 using dummy_hcd
[  221.881335][ T8951] loop3: detected capacity change from 0 to 128
[  221.911407][ T8951] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  221.939348][ T8951] hpfs: filesystem error: improperly stopped
[  221.946544][ T8951] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  221.955477][ T8951] hpfs: You really don't want any checks? You are crazy...
[  221.964936][ T8951] hpfs: hpfs_map_sector(): read error
[  221.970758][ T8951] hpfs: code page support is disabled
[  221.976704][ T8951] hpfs: hpfs_map_4sectors(): unaligned read
[  221.991014][ T8951] hpfs: hpfs_map_4sectors(): unaligned read
[  221.998634][ T8951] hpfs: filesystem error: unable to find root dir
[  222.037668][ T2178] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  222.051251][ T8951] hpfs: hpfs_map_4sectors(): unaligned read
[  222.067735][ T8951] hpfs: hpfs_map_sector(): read error
[  222.074224][ T2178] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  222.097641][ T2178] usb 2-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  222.108551][ T2178] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  222.133900][ T2178] usb 2-1: config 0 descriptor??
[  222.578374][ T2178] isku 0003:1E7D:319C.000C: unknown main item tag 0x0
[  222.603297][ T2178] isku 0003:1E7D:319C.000C: unknown main item tag 0x0
[  222.611743][ T2178] isku 0003:1E7D:319C.000C: unknown main item tag 0x0
[  222.623425][ T2178] isku 0003:1E7D:319C.000C: unknown main item tag 0x0
[  222.631449][ T2178] isku 0003:1E7D:319C.000C: unknown main item tag 0x0
[  222.653055][ T2178] isku 0003:1E7D:319C.000C: unknown main item tag 0x0
[  222.660233][ T2178] isku 0003:1E7D:319C.000C: unknown main item tag 0x0
[  222.686573][ T2178] isku 0003:1E7D:319C.000C: hidraw0: USB HID v0.00 Device [HID 1e7d:319c] on usb-dummy_hcd.1-1/input0
[  223.029315][ T5826] usb 2-1: USB disconnect, device number 17
[  223.210632][ T8966] loop2: detected capacity change from 0 to 64
[  223.679689][ T8976] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1142'.
[  223.704045][ T8976] macvlan0: left promiscuous mode
[  223.710603][ T8976] netlink: 'syz.2.1142': attribute type 1 has an invalid length.
[  223.743494][ T8976] netlink: 'syz.2.1142': attribute type 2 has an invalid length.
[  224.075411][ T8984] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1146'.
[  224.178369][ T8965] loop3: detected capacity change from 0 to 40427
[  224.206427][ T8965] F2FS-fs (loop3): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  224.240287][ T8965] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  224.291623][ T8965] F2FS-fs (loop3): invalid crc value
[  224.317469][ T8965] F2FS-fs (loop3): Found nat_bits in checkpoint
[  224.527686][ T8965] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  224.536299][ T8965] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  224.648608][ T8980] loop1: detected capacity change from 0 to 40427
[  224.675404][ T8980] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0x7
[  224.695569][ T8980] F2FS-fs (loop1): invalid crc value
[  224.710724][ T8980] F2FS-fs (loop1): Found nat_bits in checkpoint
[  224.745447][ T5767] syz-executor: attempt to access beyond end of device
[  224.745447][ T5767] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  224.813482][ T5767] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  224.873889][ T8980] F2FS-fs (loop1): Start checkpoint disabled!
[  224.904520][ T8980] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  225.130924][ T8980] syz.1.1144: attempt to access beyond end of device
[  225.130924][ T8980] loop1: rw=2049, sector=77824, nr_sectors = 136 limit=40427
[  225.424064][   T49] kworker/u4:3: attempt to access beyond end of device
[  225.424064][   T49] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  225.480399][   T49] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  225.523551][   T49] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  226.008183][ T9017] loop3: detected capacity change from 0 to 4096
[  226.058915][ T9020] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  226.363675][ T9030] netlink: 'syz.1.1164': attribute type 3 has an invalid length.
[  227.314558][ T9057] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1177'.
[  227.484011][ T9059] @: renamed from vlan0 (while UP)
[  227.616181][ T9065] loop3: detected capacity change from 0 to 128
[  227.659795][ T9065] FAT-fs (loop3): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  227.733914][ T9065] FAT-fs (loop3): error, invalid FAT chain (i_pos 548, last_block 8)
[  227.754244][ T9071] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  227.775225][    C1] vkms_vblank_simulate: vblank timer overrun
[  227.804098][ T9065] FAT-fs (loop3): Filesystem has been set read-only
[  227.828418][ T9072] FAT-fs (loop3): error, invalid FAT chain (i_pos 548, last_block 8)
[  227.932717][ T9070] loop2: detected capacity change from 0 to 8192
[  227.966918][ T9070] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  227.983509][ T9070] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal
[  228.035136][ T9070] REISERFS (device loop2): using ordered data mode
[  228.042578][ T9070] reiserfs: using flush barriers
[  228.201176][ T9070] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  228.272384][ T9070] REISERFS (device loop2): checking transaction log (loop2)
[  228.311500][ T9070] REISERFS (device loop2): Using r5 hash to sort names
[  228.343924][ T9070] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage.
[  228.672168][ T9096] loop1: detected capacity change from 0 to 1024
[  229.109507][ T9101] loop3: detected capacity change from 0 to 4096
[  229.136034][ T9101] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512).
[  229.387003][ T9101] ntfs3: loop3: ino=1b, "file0" directory corrupted
[  229.697315][ T9107] loop3: detected capacity change from 0 to 1024
[  229.770729][ T9107] syz.3.1199: attempt to access beyond end of device
[  229.770729][ T9107] loop3: rw=0, sector=393220, nr_sectors = 2 limit=1024
[  229.773964][ T9099] loop2: detected capacity change from 0 to 32768
[  229.897765][   T28] audit: type=1800 audit(1776217089.901:39): pid=9099 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1196" name="file1" dev="loop2" ino=4 res=0 errno=0
[  230.019926][ T9111] fuse: Bad value for 'fd'
[  230.483146][ T5826] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  230.685209][ T5826] usb 4-1: config 220 has an invalid interface number: 76 but max is 2
[  230.696569][ T5826] usb 4-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  230.716455][ T5826] usb 4-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  230.746485][ T5826] usb 4-1: config 220 has no interface number 2
[  230.768245][ T5826] usb 4-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  230.815687][ T5826] usb 4-1: config 220 interface 0 has no altsetting 0
[  230.833098][ T5826] usb 4-1: config 220 interface 76 has no altsetting 0
[  230.845691][ T5826] usb 4-1: config 220 interface 1 has no altsetting 0
[  230.866946][ T5826] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  230.877399][ T5826] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  230.889557][ T5826] usb 4-1: Product: syz
[  230.898628][ T5826] usb 4-1: Manufacturer: syz
[  230.906916][ T5826] usb 4-1: SerialNumber: syz
[  231.180168][ T5826] usb 4-1: selecting invalid altsetting 0
[  231.222463][ T5826] usb 4-1: Found UVC 7.01 device syz (8086:0b07)
[  231.243368][ T5826] usb 4-1: No valid video chain found.
[  231.262254][ T5826] usb 4-1: selecting invalid altsetting 0
[  231.279989][ T5826] usbtest: probe of 4-1:220.1 failed with error -22
[  231.311805][ T5826] usb 4-1: USB disconnect, device number 13
[  231.793129][ T5825] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  231.990729][ T5825] usb 2-1: too many configurations: 9, using maximum allowed: 8
[  232.016330][ T5825] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  232.026458][ T5825] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  232.039257][ T5825] usb 2-1: config 0 interface 0 has no altsetting 0
[  232.050294][ T5825] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  232.060345][ T5825] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  232.080644][ T5825] usb 2-1: config 0 interface 0 has no altsetting 0
[  232.087302][ T9161] Bluetooth: MGMT ver 1.22
[  232.090793][ T5825] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  232.109970][ T5825] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  232.128788][ T5825] usb 2-1: config 0 interface 0 has no altsetting 0
[  232.138310][ T5825] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  232.152264][ T5825] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  232.166762][ T5825] usb 2-1: config 0 interface 0 has no altsetting 0
[  232.182646][ T5825] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  232.218485][ T5825] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  232.243379][ T5825] usb 2-1: config 0 interface 0 has no altsetting 0
[  232.252596][ T5825] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  232.277339][ T5825] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  232.292559][ T5825] usb 2-1: config 0 interface 0 has no altsetting 0
[  232.301675][ T5825] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  232.323486][ T5825] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  232.346724][ T5825] usb 2-1: config 0 interface 0 has no altsetting 0
[  232.356183][ T5825] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  232.372569][ T5825] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  232.387029][ T5825] usb 2-1: config 0 interface 0 has no altsetting 0
[  232.398869][ T5825] usb 2-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  232.413102][ T2178] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  232.421835][ T5825] usb 2-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  232.443362][ T5825] usb 2-1: Product: syz
[  232.447865][ T5825] usb 2-1: Manufacturer: syz
[  232.471953][ T5825] usb 2-1: SerialNumber: syz
[  232.484360][ T5825] usb 2-1: config 0 descriptor??
[  232.499727][ T5825] yurex 2-1:0.0: USB YUREX device now attached to Yurex #0
[  232.610324][ T2178] usb 4-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00
[  232.632042][ T2178] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  232.641559][ T2178] usb 4-1: Product: syz
[  232.647195][ T2178] usb 4-1: Manufacturer: syz
[  232.658243][ T2178] usb 4-1: SerialNumber: syz
[  232.660577][ T9166] loop2: detected capacity change from 0 to 32768
[  232.736305][    T9] usb 2-1: USB disconnect, device number 18
[  232.760623][    T9] yurex 2-1:0.0: USB YUREX #0 now disconnected
[  232.958032][ T2178] rtl8150 4-1:1.0: couldn't reset the device
[  232.974548][ T2178] rtl8150: probe of 4-1:1.0 failed with error -5
[  232.999842][ T2178] usb 4-1: USB disconnect, device number 14
[  233.170425][ T9175] loop2: detected capacity change from 0 to 256
[  233.179091][ T9175] exfat: Unknown parameter 'zero_size_dir'
[  233.873939][ T9196] netlink: 188 bytes leftover after parsing attributes in process `syz.1.1242'.
[  233.998328][ T9180] loop2: detected capacity change from 0 to 32768
[  234.036583][ T9180] 
[  234.036583][ T9180]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  234.036583][ T9180] 
[  234.129761][ T9180] read_mapping_page failed!
[  234.143427][ T9180] ERROR: (device loop2): txCommit: 
[  234.143427][ T9180] 
[  234.170319][ T9180] ERROR: (device loop2): remounting filesystem as read-only
[  234.193678][ T9203] ERROR: (device loop2): diWrite: ixpxd invalid
[  234.193678][ T9203] 
[  234.205813][ T9203] ERROR: (device loop2): txCommit: 
[  234.205813][ T9203] 
[  234.297685][ T2178] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  234.496428][ T2178] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  234.514434][ T2178] usb 2-1: config 0 has no interface number 0
[  234.557064][ T2178] usb 2-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  234.580586][ T2178] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  234.590949][ T2178] usb 2-1: Product: syz
[  234.609302][ T2178] usb 2-1: Manufacturer: syz
[  234.615841][ T2178] usb 2-1: SerialNumber: syz
[  234.636979][ T2178] usb 2-1: config 0 descriptor??
[  234.880097][ T2178] usb 2-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[  234.899826][ T2178] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  234.913982][ T2178] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[  234.930275][ T2178] usb 2-1: media controller created
[  234.970091][ T2178] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  236.063927][ T2178] i2c i2c-1: ec100: i2c rd failed=-110 reg=33
[  236.156433][ T2178] usb 2-1: USB disconnect, device number 19
[  236.397721][ T9244] nbd0: detected capacity change from 0 to 127
[  236.424668][ T5771] block nbd0: Receive control failed (result -104)
[  236.440183][   T96] block nbd0: Dead connection, failed to find a fallback
[  236.453206][   T96] block nbd0: shutting down sockets
[  236.459551][   T96] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 2 prio class 2
[  236.472771][   T96] Buffer I/O error on dev nbd0, logical block 2, async page read
[  236.481185][   T96] Buffer I/O error on dev nbd0, logical block 3, async page read
[  236.888680][ T9242] loop2: detected capacity change from 0 to 40427
[  236.917359][ T9242] F2FS-fs (loop2): Small segment_count (9 < 1 * 24)
[  236.943207][ T9242] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  236.984000][ T9242] F2FS-fs (loop2): Found nat_bits in checkpoint
[  237.186297][ T9242] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  237.213560][ T9242] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  237.743438][ T5825] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  237.902529][ T6088] syz-executor: attempt to access beyond end of device
[  237.902529][ T6088] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  237.924939][ T6088] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  237.945153][ T5825] usb 2-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  237.963428][ T5825] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  237.990498][ T5825] usb 2-1: config 0 descriptor??
[  238.007125][ T5825] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  238.125155][ T9284] loop3: detected capacity change from 0 to 2048
[  238.153650][ T9284] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  238.181475][ T9284] NILFS (loop3): mounting unchecked fs
[  238.204706][ T6505] udevd[6505]: incorrect nilfs2 checksum on /dev/loop3
[  238.227128][ T9284] NILFS (loop3): recovery complete
[  238.252472][ T9285] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  238.827976][ T5825] usb 2-1: USB disconnect, device number 20
[  239.012378][ T9304] loop3: detected capacity change from 0 to 256
[  239.045753][ T9306] loop2: detected capacity change from 0 to 256
[  239.166361][ T9304] FAT-fs (loop3): Directory bread(block 64) failed
[  239.183664][ T9304] FAT-fs (loop3): Directory bread(block 65) failed
[  239.210017][ T9304] FAT-fs (loop3): Directory bread(block 66) failed
[  239.226178][ T9304] FAT-fs (loop3): Directory bread(block 67) failed
[  239.253145][ T9304] FAT-fs (loop3): Directory bread(block 68) failed
[  239.260893][ T9304] FAT-fs (loop3): Directory bread(block 69) failed
[  239.280197][ T9304] FAT-fs (loop3): Directory bread(block 70) failed
[  239.286885][ T9310] loop2: detected capacity change from 0 to 64
[  239.292223][ T9304] FAT-fs (loop3): Directory bread(block 71) failed
[  239.302674][ T9304] FAT-fs (loop3): Directory bread(block 72) failed
[  239.310449][ T9304] FAT-fs (loop3): Directory bread(block 73) failed
[  239.452263][ T9312] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1294'.
[  239.509593][ T9312] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1294'.
[  239.554043][ T9312] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1294'.
[  239.575815][ T9312] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1294'.
[  239.613199][ T9312] netlink: 'syz.2.1294': attribute type 6 has an invalid length.
[  239.656190][ T9318] (unnamed net_device) (uninitialized): option ad_user_port_key: invalid value (65535)
[  239.683205][ T9318] (unnamed net_device) (uninitialized): option ad_user_port_key: allowed values 0 - 1023
[  239.760232][ T9325] loop2: detected capacity change from 0 to 256
[  240.411496][ T9323] loop1: detected capacity change from 0 to 32768
[  240.735984][ T9331] loop2: detected capacity change from 0 to 32768
[  240.764167][ T9331] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  240.828665][ T9331] XFS (loop2): Ending clean mount
[  240.862313][ T5826] XFS (loop2): Corruption warning: Metadata has LSN (2:16) ahead of current LSN (1:112). Please unmount and run xfs_repair (>= v4.3) to resolve.
[  240.913072][  T966] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  240.913326][ T5826] XFS (loop2): Metadata CRC error detected at xfs_inobt_read_verify+0x42/0xd0, xfs_finobt block 0x20 
[  240.991136][ T5826] XFS (loop2): Unmount and run xfs_repair
[  241.023008][ T5826] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  241.031483][ T5826] 00000000: 46 49 42 33 00 00 00 01 ff ff ff ff ff ff ff ff  FIB3............
[  241.063240][ T5826] 00000010: 00 00 00 00 00 00 00 20 00 00 00 02 00 00 00 10  ....... ........
[  241.072556][ T5826] 00000020: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb  ...^T.Lr......N.
[  241.105607][  T966] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  241.113044][ T5826] 00000030: 00 00 00 00 ca b4 20 ce 00 00 11 40 00 00 40 37  ...... ....@..@7
[  241.135494][  T966] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  241.143049][ T5826] 00000040: ff ff ff ff ff ff fe 00 00 00 00 00 00 00 00 00  ................
[  241.166674][  T966] usb 4-1: config 0 descriptor??
[  241.178856][ T5826] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  241.206002][ T5826] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  241.233266][ T5826] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  241.242615][ T9331] XFS (loop2): metadata I/O error in "xfs_btree_read_buf_block+0x1df/0x2e0" at daddr 0x20 len 8 error 74
[  241.278358][ T9331] XFS (loop2): Failed to initialize disk quotas.
[  241.384124][  T966] [drm] vendor descriptor length:6 data:06 5f 01 01 00 00 00 00 00 00 00
[  241.418734][  T966] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[  241.432749][ T9357] loop1: detected capacity change from 0 to 512
[  241.440971][ T6088] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  241.510625][ T9357] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  241.597327][  T966] [drm:udl_init] *ERROR* Selecting channel failed
[  241.658683][  T966] [drm] Initialized udl 0.0.1 20120220 for 4-1:0.0 on minor 2
[  241.687787][  T966] [drm] Initialized udl on minor 2
[  241.723628][  T966] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  241.765238][  T966] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[  241.778497][ T5825] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  241.843776][ T5825] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  241.865079][  T966] usb 4-1: USB disconnect, device number 15
[  241.883486][ T5825] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[  242.132786][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  242.704711][ T9377] loop2: detected capacity change from 0 to 1024
[  242.775538][ T9377] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  242.836940][ T9382] loop3: detected capacity change from 0 to 128
[  242.896073][ T6088] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  243.409591][ T9373] loop1: detected capacity change from 0 to 32768
[  243.477113][ T9373] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  243.617826][ T9373] XFS (loop1): Ending clean mount
[  243.804140][ T5768] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  244.183155][ T2178] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  244.260703][ T9409] overlayfs: failed to resolve './file0': -2
[  244.310226][ T9411] loop1: detected capacity change from 0 to 256
[  244.368281][ T9411] exFAT-fs (loop1): failed to load upcase table (idx : 0x0001fe89, chksum : 0xc374f927, utbl_chksum : 0xe619d30d)
[  244.389219][ T2178] usb 3-1: New USB device found, idVendor=2770, idProduct=9052, bcdDevice=15.f5
[  244.414668][ T2178] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  244.441632][ T2178] usb 3-1: Product: syz
[  244.457345][ T2178] usb 3-1: Manufacturer: syz
[  244.488261][ T2178] usb 3-1: SerialNumber: syz
[  244.519105][ T2178] usb 3-1: config 0 descriptor??
[  244.556168][ T2178] gspca_main: sq905c-2.14.0 probing 2770:9052
[  245.477861][ T5958] usb 3-1: USB disconnect, device number 13
[  245.881475][ T9448] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1345'.
[  245.918899][ T9448] bond0: entered promiscuous mode
[  245.930305][ T9448] bond_slave_0: entered promiscuous mode
[  245.939065][ T9448] bond_slave_1: entered promiscuous mode
[  245.951904][ T9448] bond0: left promiscuous mode
[  245.957635][ T9448] bond_slave_0: left promiscuous mode
[  245.963807][ T9448] bond_slave_1: left promiscuous mode
[  246.582257][ T9475] "syz.2.1357" (9475) uses obsolete ecb(arc4) skcipher
[  246.917918][ T9479] loop2: detected capacity change from 0 to 1024
[  246.958849][ T9479] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  247.067682][ T9473] loop3: detected capacity change from 0 to 40427
[  247.082472][ T9473] F2FS-fs (loop3): Invalid SB checksum offset: 0
[  247.089544][ T6088] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  247.092611][ T9473] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[  247.173053][ T9473] F2FS-fs (loop3): invalid crc value
[  247.475306][ T9473] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0
[  247.482857][ T9473] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  247.693527][ T5767] syz-executor: attempt to access beyond end of device
[  247.693527][ T5767] loop3: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  247.734371][ T5767] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  247.753312][ T5767] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  247.771489][ T5767] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  247.789593][ T5767] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  247.859246][ T9501] loop1: detected capacity change from 0 to 128
[  247.897794][ T9501] FAT-fs (loop1): Directory bread(block 524322) failed
[  247.919514][ T9501] FAT-fs (loop1): Directory bread(block 524323) failed
[  247.943723][ T9501] FAT-fs (loop1): Directory bread(block 524324) failed
[  247.979764][ T9501] FAT-fs (loop1): Directory bread(block 524325) failed
[  248.007822][ T9501] FAT-fs (loop1): Directory bread(block 524326) failed
[  248.037200][ T9501] FAT-fs (loop1): Directory bread(block 524327) failed
[  248.058778][ T9501] FAT-fs (loop1): Directory bread(block 524328) failed
[  248.077881][ T9501] FAT-fs (loop1): Directory bread(block 524329) failed
[  248.553206][ T5825] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  248.733172][ T5825] usb 2-1: Using ep0 maxpacket: 32
[  248.742085][ T5825] usb 2-1: config index 0 descriptor too short (expected 156, got 27)
[  248.751412][ T5825] usb 2-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  248.763776][ T5825] usb 2-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  248.777247][ T5825] usb 2-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  248.792488][ T5825] usb 2-1: config 0 interface 0 has no altsetting 0
[  248.802222][ T5825] usb 2-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  248.812077][ T5825] usb 2-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  248.815232][ T5958] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  248.821640][ T5825] usb 2-1: Product: syz
[  248.835199][ T5825] usb 2-1: Manufacturer: syz
[  248.840578][ T5825] usb 2-1: SerialNumber: syz
[  248.847253][ T5825] usb 2-1: config 0 descriptor??
[  248.860987][ T5825] ldusb 2-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  248.872439][ T5825] ldusb 2-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  249.018720][ T5958] usb 3-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  249.028394][ T5958] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  249.037044][ T5958] usb 3-1: Product: syz
[  249.053107][ T5958] usb 3-1: Manufacturer: syz
[  249.057957][ T5958] usb 3-1: SerialNumber: syz
[  249.091240][ T5958] usb 3-1: config 0 descriptor??
[  249.450424][ T9522] ldusb 2-1:0.0: Write buffer overflow, 64804 bytes dropped
[  249.536956][ T5958] usb 3-1: Firmware: major: 50, minor: 195, hardware type: RZUSB (3)
[  249.686502][ T5098] usb 2-1: USB disconnect, device number 21
[  249.716179][ T5098] ldusb 2-1:0.0: LD USB Device #0 now disconnected
[  249.750008][ T5958] usb 3-1: failed to fetch extended address, random address set
[  249.823737][ T9532] netlink: 'syz.0.1379': attribute type 1 has an invalid length.
[  249.842556][ T9532] netlink: 'syz.0.1379': attribute type 2 has an invalid length.
[  249.873897][ T5958] usb 3-1: USB disconnect, device number 14
[  250.310472][ T9539] loop1: detected capacity change from 0 to 64
[  250.330160][ T9539] BFS-fs: bfs_fill_super(): loop1 is unclean, continuing
[  250.417693][ T9537] netlink: 'syz.0.1379': attribute type 1 has an invalid length.
[  250.440824][ T9537] netlink: 'syz.0.1379': attribute type 2 has an invalid length.
[  251.033445][ T5958] usb 3-1: new full-speed USB device number 15 using dummy_hcd
[  251.225412][ T5958] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  251.237239][ T5958] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2
[  251.246876][ T5958] usb 3-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  251.256393][ T5958] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  251.265032][ T5098] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  251.281559][ T5958] usb 3-1: config 0 descriptor??
[  251.289959][ T5958] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  251.297912][ T5958] dvb-usb: bulk message failed: -22 (3/0)
[  251.307630][ T5958] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  251.320060][ T5958] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  251.328471][ T5958] usb 3-1: media controller created
[  251.338087][ T5958] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  251.362009][ T5958] dvb-usb: bulk message failed: -22 (6/0)
[  251.371222][ T5958] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  251.381316][ T5958] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input19
[  251.404578][ T5958] dvb-usb: schedule remote query interval to 150 msecs.
[  251.415733][ T5958] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  251.465708][ T5098] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  251.475563][ T5098] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  251.494570][ T5098] usb 4-1: config 0 descriptor??
[  251.505696][ T5098] cp210x 4-1:0.0: cp210x converter detected
[  251.545464][ T9541] dibusb: i2c wr: len=90 is too big!
[  251.545464][ T9541] 
[  251.564904][ T5958] usb 3-1: USB disconnect, device number 15
[  251.610616][ T5958] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  251.908165][ T5098] cp210x 4-1:0.0: failed to get vendor val 0x000e size 3: -32
[  251.954986][ T5098] usb 4-1: cp210x converter now attached to ttyUSB0
[  252.156845][ T5098] usb 4-1: USB disconnect, device number 16
[  252.182168][ T5098] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  252.199048][ T9589] loop1: detected capacity change from 0 to 512
[  252.234302][ T5098] cp210x 4-1:0.0: device disconnected
[  252.254113][ T9589] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  252.274192][ T9589] ext4 filesystem being mounted at /327/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  252.375090][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.808158][ T9596] loop2: detected capacity change from 0 to 32768
[  252.834345][ T9596] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop2 scanned by syz.2.1409 (9596)
[  252.864102][ T5098] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  252.890892][ T9596] BTRFS info (device loop2): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  252.902152][ T9596] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  252.919405][ T9596] BTRFS info (device loop2): using free space tree
[  253.023060][ T9596] BTRFS info (device loop2): enabling ssd optimizations
[  253.030797][ T9596] BTRFS info (device loop2): auto enabling async discard
[  253.042840][ T9604] loop3: detected capacity change from 0 to 4096
[  253.066602][ T5098] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  253.081872][ T9604] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[  253.106302][ T5098] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  253.143808][ T5098] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  253.185462][ T5098] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[  253.223813][ T5098] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  253.236284][ T9604] ntfs3: loop3: Failed to initialize $Extend/$Reparse.
[  253.265442][ T5098] usb 2-1: config 0 descriptor??
[  253.361607][ T9604] ntfs3: loop3: ino=1b, "file0" failed to parse mft record
[  253.392283][ T9604] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  253.437716][ T9604] ntfs3: loop3: ino=1b, "file0" attr_set_size
[  253.494728][ T6088] BTRFS info (device loop2): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  253.608969][ T5767] ntfs3: loop3: ino=1a, ntfs_sync_fs failed, -22.
[  253.729610][ T5098] kovaplus 0003:1E7D:2D50.000D: item fetching failed at offset 4/5
[  253.774590][ T5098] kovaplus 0003:1E7D:2D50.000D: parse failed
[  253.781416][ T5098] kovaplus: probe of 0003:1E7D:2D50.000D failed with error -22
[  253.953448][   T27] usb 2-1: USB disconnect, device number 22
[  254.046930][ T9634] loop2: detected capacity change from 0 to 2048
[  254.071882][ T9638] pimreg: entered allmulticast mode
[  254.119684][ T9638] pimreg: left allmulticast mode
[  254.143060][ T9634] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  254.171344][ T9634] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4
[  254.236111][ T9634] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  254.680774][ T9646] loop3: detected capacity change from 0 to 16
[  254.744347][ T9646] erofs: (device loop3): mounted with root inode @ nid 36.
[  254.797598][   T28] audit: type=1800 audit(1776217114.801:40): pid=9646 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1423" name="file1" dev="loop3" ino=86 res=0 errno=0
[  255.008991][ T9654] loop2: detected capacity change from 0 to 512
[  255.065163][ T9654] EXT4-fs (loop2): Test dummy encryption mode enabled
[  255.123582][ T9654] EXT4-fs error (device loop2): ext4_orphan_get:1404: inode #15: comm syz.2.1425: inode has both inline data and extents flags
[  255.140876][ T9654] EXT4-fs error (device loop2): ext4_orphan_get:1409: comm syz.2.1425: couldn't read orphan inode 15 (err -117)
[  255.159350][ T9654] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  255.352833][ T9654] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[  255.435521][ T6088] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.730875][ T9656] loop3: detected capacity change from 0 to 40427
[  255.764575][ T9656] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  255.782195][ T9656] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  255.796034][ T9656] F2FS-fs (loop3): invalid crc value
[  255.817770][ T9656] F2FS-fs (loop3): Found nat_bits in checkpoint
[  255.920253][ T9656] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  255.944157][ T9656] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  256.066310][ T9656] syz.3.1426: attempt to access beyond end of device
[  256.066310][ T9656] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  256.188904][   T49] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  256.227516][   T49] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  256.237373][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[  256.253202][ T1286] ieee802154 phy1 wpan1: encryption failed: -22
[  256.473110][ T2178] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  256.672654][ T2178] usb 2-1: config 220 has an invalid interface number: 76 but max is 2
[  256.677370][ T9678] loop2: detected capacity change from 0 to 32768
[  256.712797][ T2178] usb 2-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  256.733062][ T9678] (syz.2.1433,9678,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  256.743427][ T2178] usb 2-1: config 220 descriptor has 1 excess byte, ignoring
[  256.766380][ T2178] usb 2-1: config 220 has no interface number 2
[  256.772894][ T9678] (syz.2.1433,9678,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  256.839544][ T2178] usb 2-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  256.878335][ T2178] usb 2-1: config 220 interface 0 has no altsetting 0
[  256.886394][ T9678] JBD2: Ignoring recovery information on journal
[  256.893286][ T2178] usb 2-1: config 220 interface 76 has no altsetting 0
[  256.911597][ T2178] usb 2-1: config 220 interface 1 has no altsetting 0
[  256.926823][ T2178] usb 2-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  256.936767][ T2178] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  256.946123][ T2178] usb 2-1: Product: syz
[  256.950655][ T9687] loop3: detected capacity change from 0 to 512
[  256.951579][ T2178] usb 2-1: Manufacturer: syz
[  256.964469][ T2178] usb 2-1: SerialNumber: syz
[  257.047154][ T9678] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  257.192737][ T2178] usb 2-1: Found UVC 7.01 device syz (8086:0b07)
[  257.220644][ T2178] usb 2-1: No valid video chain found.
[  257.243261][ T2178] usb 2-1: selecting invalid altsetting 0
[  257.299939][ T2178] usb 2-1: selecting invalid altsetting 0
[  257.317403][ T2178] usbtest: probe of 2-1:220.1 failed with error -22
[  257.357579][ T2178] usb 2-1: USB disconnect, device number 23
[  257.530367][ T6088] ocfs2: Unmounting device (7,2) on (node local)
[  257.739820][ T9697] loop3: detected capacity change from 0 to 64
[  257.946488][ T5767] hfs: node 4:3 still has 1 user(s)!
[  258.213106][ T5098] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  258.270857][ T9717] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1451'.
[  258.423171][ T5098] usb 3-1: Using ep0 maxpacket: 32
[  258.444313][ T5098] usb 3-1: config 0 interface 0 altsetting 129 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  258.463136][ T5098] usb 3-1: config 0 interface 0 altsetting 129 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  258.493073][ T5098] usb 3-1: config 0 interface 0 has no altsetting 0
[  258.513102][ T5098] usb 3-1: New USB device found, idVendor=5543, idProduct=0042, bcdDevice= 0.00
[  258.541411][ T5098] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  258.574976][ T5098] usb 3-1: config 0 descriptor??
[  259.021038][ T5098] uclogic 0003:5543:0042.000E: unknown main item tag 0x0
[  259.023357][ T2178] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  259.038856][ T5098] uclogic 0003:5543:0042.000E: unknown main item tag 0x0
[  259.081593][ T5098] uclogic 0003:5543:0042.000E: unknown main item tag 0x0
[  259.103615][ T5098] uclogic 0003:5543:0042.000E: unknown main item tag 0x0
[  259.122236][ T5098] uclogic 0003:5543:0042.000E: unknown main item tag 0x0
[  259.138902][ T9730] loop3: detected capacity change from 0 to 512
[  259.146705][ T5098] uclogic 0003:5543:0042.000E: unknown main item tag 0x0
[  259.157343][ T9730] EXT4-fs: Ignoring removed mblk_io_submit option
[  259.166427][ T5098] uclogic 0003:5543:0042.000E: unknown main item tag 0x0
[  259.183356][ T5098] uclogic 0003:5543:0042.000E: unknown main item tag 0x0
[  259.206545][ T9730] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  259.223153][ T2178] usb 2-1: Using ep0 maxpacket: 32
[  259.223533][ T5098] uclogic 0003:5543:0042.000E: collection stack underflow
[  259.240980][ T2178] usb 2-1: config 0 interface 0 altsetting 129 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  259.251323][ T5098] uclogic 0003:5543:0042.000E: item 0 0 0 12 parsing failed
[  259.264279][ T9730] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c802e028, mo2=0002]
[  259.266999][ T5098] uclogic 0003:5543:0042.000E: parse failed
[  259.280040][ T5098] uclogic: probe of 0003:5543:0042.000E failed with error -22
[  259.288954][ T2178] usb 2-1: config 0 interface 0 altsetting 129 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  259.296012][ T5098] usb 3-1: USB disconnect, device number 16
[  259.312681][ T9730] EXT4-fs (loop3): orphan cleanup on readonly fs
[  259.339113][ T9730] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.1456: bg 0: block 361: padding at end of block bitmap is not set
[  259.382706][ T2178] usb 2-1: config 0 interface 0 has no altsetting 0
[  259.397196][ T9730] EXT4-fs (loop3): Remounting filesystem read-only
[  259.411751][ T2178] usb 2-1: New USB device found, idVendor=5543, idProduct=0005, bcdDevice= 0.00
[  259.447197][ T9730] EXT4-fs (loop3): 1 truncate cleaned up
[  259.456130][ T2178] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  259.467503][ T9730] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[  259.485692][ T2178] usb 2-1: config 0 descriptor??
[  259.567518][ T9730] tipc: Started in network mode
[  259.579459][ T9730] tipc: Node identity remount-, cluster identity 4711
[  259.629420][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  259.720872][ T9725] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  259.765764][ T9725] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  260.012268][ T2178] uclogic 0003:5543:0005.000F: unknown main item tag 0x0
[  260.033461][ T2178] uclogic 0003:5543:0005.000F: unknown main item tag 0x0
[  260.045431][ T2178] uclogic 0003:5543:0005.000F: unknown main item tag 0x0
[  260.053834][ T2178] uclogic 0003:5543:0005.000F: unknown main item tag 0x0
[  260.073150][ T2178] uclogic 0003:5543:0005.000F: unknown main item tag 0x0
[  260.084776][ T2178] uclogic 0003:5543:0005.000F: unknown main item tag 0x0
[  260.092681][ T2178] uclogic 0003:5543:0005.000F: unknown main item tag 0x0
[  260.100859][ T2178] uclogic 0003:5543:0005.000F: unknown main item tag 0x0
[  260.110306][ T2178] uclogic 0003:5543:0005.000F: unknown main item tag 0x0
[  260.119668][ T2178] uclogic 0003:5543:0005.000F: unknown main item tag 0x0
[  260.129460][ T2178] uclogic 0003:5543:0005.000F: unknown main item tag 0x0
[  260.153064][ T2178] uclogic 0003:5543:0005.000F: unknown main item tag 0x0
[  260.169652][ T2178] uclogic 0003:5543:0005.000F: unknown main item tag 0x0
[  260.188334][ T2178] uclogic 0003:5543:0005.000F: unknown main item tag 0x0
[  260.208737][ T2178] uclogic 0003:5543:0005.000F: unknown main item tag 0x0
[  260.223337][ T2178] uclogic 0003:5543:0005.000F: unknown main item tag 0x0
[  260.232293][ T2178] uclogic 0003:5543:0005.000F: unknown main item tag 0x0
[  260.242237][ T2178] uclogic 0003:5543:0005.000F: unknown main item tag 0x0
[  260.250309][ T2178] uclogic 0003:5543:0005.000F: unknown main item tag 0x0
[  260.259176][ T2178] uclogic 0003:5543:0005.000F: unknown main item tag 0x0
[  260.268357][ T2178] uclogic 0003:5543:0005.000F: unknown main item tag 0x0
[  260.277219][ T9755] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1467'.
[  260.288346][ T2178] uclogic 0003:5543:0005.000F: item fetching failed at offset 35/36
[  260.309349][ T2178] uclogic 0003:5543:0005.000F: parse failed
[  260.339078][ T2178] uclogic: probe of 0003:5543:0005.000F failed with error -22
[  260.367273][ T2178] usb 2-1: USB disconnect, device number 24
[  261.380290][ T9773] loop2: detected capacity change from 0 to 32768
[  261.440609][ T9773] ocfs2: Slot 0 on device (7,2) was already allocated to this node!
[  261.484916][ T9773] JBD2: Ignoring recovery information on journal
[  261.564792][ T9773] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  261.677432][ T9796] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1485'.
[  262.026689][ T6088] ocfs2: Unmounting device (7,2) on (node local)
[  262.425808][ T9806] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1491'.
[  262.611071][ T9814] loop2: detected capacity change from 0 to 128
[  262.637418][ T9816] loop1: detected capacity change from 0 to 128
[  262.642356][ T9814] EXT4-fs: Ignoring removed i_version option
[  262.671013][ T9816] EXT4-fs: Ignoring removed nobh option
[  262.679182][ T9814] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  262.717630][ T9814] ext4 filesystem being mounted at /292/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  262.750083][ T9816] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  262.786674][ T9816] ext4 filesystem being mounted at /345/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  262.886475][ T5768] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  263.028413][ T6088] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  263.248938][ T9835] dummy0: entered allmulticast mode
[  263.264422][ T9835] dummy0: left allmulticast mode
[  263.760652][ T9853] loop1: detected capacity change from 0 to 256
[  263.896464][   T28] audit: type=1800 audit(1776217123.901:41): pid=9853 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1509" name="file2" dev="loop1" ino=1048653 res=0 errno=0
[  263.938200][ T9853] FAT-fs (loop1): error, clusters badly computed (2 != 1)
[  263.973020][ T9853] FAT-fs (loop1): Filesystem has been set read-only
[  264.044488][ T9841] loop3: detected capacity change from 0 to 32768
[  264.109825][ T9841] XFS (loop3): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  264.201848][ T9841] XFS (loop3): Ending clean mount
[  264.346727][ T5767] XFS (loop3): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  264.862712][ T9853] FAT-fs (loop1): error, fat_get_cluster: detected the cluster chain loop (i_pos 198)
[  264.883802][ T9876] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1517'.
[  264.953014][ T9878] netlink: 'syz.3.1514': attribute type 11 has an invalid length.
[  265.342309][ T9890] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1522'.
[  265.825849][ T9903] syzkaller0 speed is unknown, defaulting to 1000
[  265.968210][ T9892] loop2: detected capacity change from 0 to 32768
[  266.469771][   T55] block nbd0: Possible stuck request ffff888022050000: control (read@0,1024B). Runtime 30 seconds
[  266.484851][   T55] block nbd0: Possible stuck request ffff888022050200: control (read@1024,1024B). Runtime 30 seconds
[  266.840757][ T9914] loop1: detected capacity change from 0 to 32768
[  266.872481][ T9914] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  266.970759][ T9914] XFS (loop1): Ending clean mount
[  267.011795][ T9914] XFS (loop1): Quotacheck needed: Please wait.
[  267.037557][   T27] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  267.070596][ T9919] loop2: detected capacity change from 0 to 32768
[  267.140117][ T9919] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop2 scanned by syz.2.1535 (9919)
[  267.200197][ T9919] BTRFS info (device loop2): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  267.224563][ T9914] XFS (loop1): Quotacheck: Done.
[  267.240036][ T9919] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  267.253158][   T27] usb 4-1: Using ep0 maxpacket: 16
[  267.254987][ T9919] BTRFS info (device loop2): using free space tree
[  267.289771][   T27] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  267.346228][   T27] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  267.358876][   T27] usb 4-1: config 0 interface 0 has no altsetting 0
[  267.367019][   T27] usb 4-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  267.380433][   T27] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  267.401357][   T27] usb 4-1: config 0 descriptor??
[  267.456464][ T9919] BTRFS info (device loop2): enabling ssd optimizations
[  267.470751][ T9947] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1539'.
[  267.481233][ T9919] BTRFS info (device loop2): auto enabling async discard
[  267.504470][ T5768] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  267.718017][ T6088] BTRFS info (device loop2): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  267.859721][   T27] hid (null): unknown global tag 0xd
[  267.903957][   T27] hid (null): report_id 0 is invalid
[  268.133451][ T5754] usb 4-1: USB disconnect, device number 17
[  268.140348][ T6505] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 9 /dev/loop2 scanned by udevd (6505)
[  269.039424][ T9976] loop1: detected capacity change from 0 to 64
[  269.177133][ T9966] loop2: detected capacity change from 0 to 32768
[  269.190499][ T9966] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.1546 (9966)
[  269.238756][ T9966] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  269.270104][ T9966] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  269.303366][ T9966] BTRFS info (device loop2): setting nodatasum
[  269.310559][ T9966] BTRFS info (device loop2): force zlib compression, level 3
[  269.342450][ T9966] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_LZO (0x8)
[  269.363238][ T9966] BTRFS info (device loop2): use lzo compression, level 0
[  269.401612][ T9966] BTRFS info (device loop2): turning on flush-on-commit
[  269.434694][ T9966] BTRFS info (device loop2): enabling auto defrag
[  269.441997][ T9966] BTRFS info (device loop2): max_inline at 4096
[  269.483190][ T9966] BTRFS info (device loop2): using free space tree
[  269.674271][ T9966] BTRFS info (device loop2): enabling ssd optimizations
[  269.921804][ T9973] loop3: detected capacity change from 0 to 32768
[  269.994756][ T6088] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  270.029018][ T9973] JBD2: Ignoring recovery information on journal
[  270.249156][ T9973] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  270.528799][ T9973] overlayfs: upper fs does not support tmpfile.
[  270.601944][ T9973] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  270.647879][ T9973] 
[  270.650406][ T9973] ======================================================
[  270.660694][ T9973] WARNING: possible circular locking dependency detected
[  270.668266][ T9973] syzkaller #0 Not tainted
[  270.673830][ T9973] ------------------------------------------------------
[  270.682346][ T9973] syz.3.1549/9973 is trying to acquire lock:
[  270.689462][ T9973] ffff8880771a1818 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#3){+.+.}-{3:3}, at: ocfs2_xattr_set+0xba4/0x13e0
[  270.703882][ T9973] 
[  270.703882][ T9973] but task is already holding lock:
[  270.712675][ T9973] ffff88805c66bff8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_xattr_set+0x476/0x13e0
[  270.724479][ T9973] 
[  270.724479][ T9973] which lock already depends on the new lock.
[  270.724479][ T9973] 
[  270.736734][ T9973] 
[  270.736734][ T9973] the existing dependency chain (in reverse order) is:
[  270.746916][ T9973] 
[  270.746916][ T9973] -> #3 (&oi->ip_xattr_sem){++++}-{3:3}:
[  270.756369][ T9973]        down_read+0x46/0x2e0
[  270.761462][ T9973]        ocfs2_init_acl+0x30a/0x770
[  270.767415][ T9973]        ocfs2_mknod+0x140f/0x2300
[  270.772573][ T9973]        ocfs2_mkdir+0x196/0x430
[  270.779286][ T9973]        vfs_mkdir+0x296/0x440
[  270.785688][ T9973]        do_mkdirat+0x1dc/0x450
[  270.791364][ T9973]        __x64_sys_mkdirat+0x89/0xa0
[  270.797466][ T9973]        do_syscall_64+0x55/0xa0
[  270.803483][ T9973]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  270.811325][ T9973] 
[  270.811325][ T9973] -> #2 (&journal->j_trans_barrier){.+.+}-{3:3}:
[  270.820910][ T9973]        down_read+0x46/0x2e0
[  270.826512][ T9973]        ocfs2_start_trans+0x3a8/0x6f0
[  270.833432][ T9973]        ocfs2_shutdown_local_alloc+0x1fc/0xaa0
[  270.841851][ T9973]        ocfs2_dismount_volume+0x1e5/0x8a0
[  270.848825][ T9973]        generic_shutdown_super+0x134/0x2b0
[  270.855444][ T9973]        kill_block_super+0x44/0x90
[  270.861934][ T9973]        deactivate_locked_super+0x97/0x100
[  270.869085][ T9973]        cleanup_mnt+0x43b/0x4d0
[  270.874764][ T9973]        task_work_run+0x1d4/0x260
[  270.880528][ T9973]        exit_to_user_mode_loop+0xe6/0x110
[  270.886653][ T9973]        exit_to_user_mode_prepare+0xee/0x180
[  270.893632][ T9973]        syscall_exit_to_user_mode+0x1a/0x50
[  270.899745][ T9973]        do_syscall_64+0x61/0xa0
[  270.905862][ T9973]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  270.912487][ T9973] 
[  270.912487][ T9973] -> #1 (sb_internal#3){.+.+}-{0:0}:
[  270.920726][ T9973]        ocfs2_start_trans+0x2a9/0x6f0
[  270.927169][ T9973]        ocfs2_remove_btree_range+0x849/0x15e0
[  270.934322][ T9973]        ocfs2_commit_truncate+0xb7f/0x2280
[  270.940525][ T9973]        ocfs2_evict_inode+0x1926/0x41e0
[  270.946724][ T9973]        evict+0x4ca/0x8d0
[  270.951345][ T9973]        ocfs2_dentry_iput+0x24e/0x390
[  270.957597][ T9973]        __dentry_kill+0x431/0x650
[  270.962960][ T9973]        dentry_kill+0xb8/0x290
[  270.968738][ T9973]        dput+0xfe/0x1e0
[  270.974226][ T9973]        do_renameat2+0x8f9/0xce0
[  270.979727][ T9973]        __x64_sys_rename+0x86/0x90
[  270.985476][ T9973]        do_syscall_64+0x55/0xa0
[  270.990801][ T9973]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  270.998371][ T9973] 
[  270.998371][ T9973] -> #0 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#3){+.+.}-{3:3}:
[  271.010216][ T9973]        __lock_acquire+0x2df1/0x7d40
[  271.013347][    T9] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  271.017530][ T9973]        lock_acquire+0x19e/0x420
[  271.017560][ T9973]        down_write+0x97/0x200
[  271.017575][ T9973]        ocfs2_xattr_set+0xba4/0x13e0
[  271.017596][ T9973]        __vfs_setxattr+0x431/0x470
[  271.048629][ T9973]        __vfs_setxattr_noperm+0x12d/0x5e0
[  271.054999][ T9973]        vfs_setxattr+0x16b/0x2f0
[  271.060243][ T9973]        ovl_get_workdir+0xc62/0x17c0
[  271.066341][ T9973]        ovl_fill_super+0x13ff/0x3620
[  271.072092][ T9973]        get_tree_nodev+0xb5/0x140
[  271.078888][ T9973]        vfs_get_tree+0x8c/0x280
[  271.081784][T10015] loop2: detected capacity change from 0 to 40427
[  271.085411][ T9973]        do_new_mount+0x24b/0xa40
[  271.085437][ T9973]        __se_sys_mount+0x2e7/0x3d0
[  271.085451][ T9973]        do_syscall_64+0x55/0xa0
[  271.085464][ T9973]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  271.085480][ T9973] 
[  271.085480][ T9973] other info that might help us debug this:
[  271.085480][ T9973] 
[  271.085486][ T9973] Chain exists of:
[  271.085486][ T9973]   &ocfs2_sysfile_lock_key[args->fi_sysfile_type]#3 --> &journal->j_trans_barrier --> &oi->ip_xattr_sem
[  271.085486][ T9973] 
[  271.085527][ T9973]  Possible unsafe locking scenario:
[  271.085527][ T9973] 
[  271.085531][ T9973]        CPU0                    CPU1
[  271.085534][ T9973]        ----                    ----
[  271.085538][ T9973]   lock(&oi->ip_xattr_sem);
[  271.085546][ T9973]                                lock(&journal->j_trans_barrier);
[  271.085557][ T9973]                                lock(&oi->ip_xattr_sem);
[  271.085566][ T9973]   lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#3);
[  271.085579][ T9973] 
[  271.085579][ T9973]  *** DEADLOCK ***
[  271.085579][ T9973] 
[  271.085582][ T9973] 4 locks held by syz.3.1549/9973:
[  271.085591][ T9973]  #0: ffff888059f7a0e0 (&type->s_umount_key#68/1){+.+.}-{3:3}, at: alloc_super+0x1fa/0x920
[  271.085635][ T9973]  #1: ffff888021da4418 (sb_writers#28){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90
[  271.085684][ T9973]  #2: ffff88805c66c2d8 (&sb->s_type->i_mutex_key#33){++++}-{3:3}, at: vfs_setxattr+0x144/0x2f0
[  271.085732][ T9973]  #3: ffff88805c66bff8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_xattr_set+0x476/0x13e0
[  271.109038][T10015] F2FS-fs (loop2): Image doesn't support compression
[  271.111950][ T9973] 
[  271.111950][ T9973] stack backtrace:
[  271.111979][ T9973] CPU: 1 PID: 9973 Comm: syz.3.1549 Not tainted syzkaller #0
[  271.111997][ T9973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  271.112015][ T9973] Call Trace:
[  271.112031][ T9973]  <TASK>
[  271.132788][T10015] F2FS-fs (loop2): invalid crc value
[  271.152677][ T9973]  dump_stack_lvl+0x18c/0x250
[  271.152717][ T9973]  ? load_image+0x420/0x420
[  271.152735][ T9973]  ? show_regs_print_info+0x20/0x20
[  271.152760][ T9973]  ? print_circular_bug+0x12b/0x1a0
[  271.152780][ T9973]  check_noncircular+0x2fc/0x400
[  271.152798][ T9973]  ? look_up_lock_class+0x75/0x140
[  271.152825][ T9973]  ? print_deadlock_bug+0x5d0/0x5d0
[  271.152902][ T9973]  ? lockdep_lock+0xf5/0x230
[  271.152938][ T9973]  ? lockdep_unlock+0x146/0x2e0
[  271.152970][ T9973]  ? _find_first_zero_bit+0xd3/0x100
[  271.152991][ T9973]  __lock_acquire+0x2df1/0x7d40
[  271.153016][ T9973]  ? ocfs2_inode_lock_full_nested+0xcdf/0x1b70
[  271.153037][ T9973]  ? _raw_spin_unlock+0x40/0x40
[  271.153055][ T9973]  ? verify_lock_unused+0x140/0x140
[  271.153082][ T9973]  ? stack_trace_save+0xaa/0x100
[  271.153126][ T9973]  lock_acquire+0x19e/0x420
[  271.153148][ T9973]  ? ocfs2_xattr_set+0xba4/0x13e0
[  271.153175][ T9973]  ? __might_sleep+0xe0/0xe0
[  271.153198][ T9973]  ? read_lock_is_recursive+0x20/0x20
[  271.153218][ T9973]  ? _raw_spin_unlock+0x28/0x40
[  271.153236][ T9973]  ? ocfs2_inode_lock_tracker+0x437/0x700
[  271.153258][ T9973]  ? ocfs2_xattr_block_find+0x15b/0x4d0
[  271.153284][ T9973]  down_write+0x97/0x200
[  271.153300][ T9973]  ? ocfs2_xattr_set+0xba4/0x13e0
[  271.153325][ T9973]  ? down_read_killable+0x340/0x340
[  271.153340][ T9973]  ? ocfs2_xattr_ibody_find+0xcb/0x7c0
[  271.153363][ T9973]  ocfs2_xattr_set+0xba4/0x13e0
[  271.213245][    T9] usb 2-1: Using ep0 maxpacket: 32
[  271.215117][ T9973]  ? __ocfs2_xattr_set_handle+0xf40/0xf40
[  271.225942][    T9] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x8C has invalid maxpacket 1536, setting to 1024
[  271.232213][ T9973]  ? verify_lock_unused+0x140/0x140
[  271.232249][ T9973]  ? llist_add_batch+0x10f/0x1f0
[  271.232268][ T9973]  ? aa_get_newest_label+0xfd/0x5c0
[  271.244340][    T9] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x8C has invalid maxpacket 1024
[  271.253962][ T9973]  ? end_current_label_crit_section+0x170/0x170
[  271.254000][ T9973]  ? posix_xattr_acl+0x93/0xb0
[  271.254015][ T9973]  ? ocfs2_xattr_trusted_get+0x40/0x40
[  271.254036][ T9973]  __vfs_setxattr+0x431/0x470
[  271.254061][ T9973]  __vfs_setxattr_noperm+0x12d/0x5e0
[  271.254082][ T9973]  vfs_setxattr+0x16b/0x2f0
[  271.254105][ T9973]  ? xattr_permission+0x470/0x470
[  271.254126][ T9973]  ? up_write+0x1c3/0x410
[  271.254141][ T9973]  ? do_raw_spin_unlock+0x121/0x230
[  271.254163][ T9973]  ovl_get_workdir+0xc62/0x17c0
[  271.254187][ T9973]  ? ovl_fill_super+0x3620/0x3620
[  271.254281][ T9973]  ? __lock_acquire+0x7d40/0x7d40
[  271.254323][ T9973]  ? _raw_spin_unlock+0x28/0x40
[  271.254343][ T9973]  ? ovl_inuse_trylock+0xbd/0xd0
[  271.254367][ T9973]  ovl_fill_super+0x13ff/0x3620
[  271.254393][ T9973]  ? ida_alloc_range+0x7d4/0x860
[  271.254427][ T9973]  ? virtio_fs_zero_page_range+0x140/0x140
[  271.254444][ T9973]  ? sget_fc+0x7f0/0x8d0
[  271.254463][ T9973]  ? __lock_acquire+0x7d40/0x7d40
[  271.272259][    T9] usb 2-1: string descriptor 0 read error: -22
[  271.273422][ T9973]  ? down_write+0x16e/0x200
[  271.273449][ T9973]  ? down_read_killable+0x340/0x340
[  271.273469][ T9973]  ? sget_fc+0x7f0/0x8d0
[  271.273485][ T9973]  ? kill_litter_super+0xb0/0xb0
[  271.273498][ T9973]  ? virtio_fs_zero_page_range+0x140/0x140
[  271.273515][ T9973]  get_tree_nodev+0xb5/0x140
[  271.273532][ T9973]  vfs_get_tree+0x8c/0x280
[  271.273551][ T9973]  do_new_mount+0x24b/0xa40
[  271.273572][ T9973]  __se_sys_mount+0x2e7/0x3d0
[  271.273592][ T9973]  ? __x64_sys_mount+0xc0/0xc0
[  271.273610][ T9973]  ? lockdep_hardirqs_on+0x98/0x150
[  271.273629][ T9973]  ? __x64_sys_mount+0x20/0xc0
[  271.273646][ T9973]  do_syscall_64+0x55/0xa0
[  271.273768][ T9973]  ? clear_bhb_loop+0x40/0x90
[  271.273793][ T9973]  ? clear_bhb_loop+0x40/0x90
[  271.273813][ T9973]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  271.273834][ T9973] RIP: 0033:0x7f391199c819
[  271.273862][ T9973] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  271.273875][ T9973] RSP: 002b:00007f3912924028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  271.273892][ T9973] RAX: ffffffffffffffda RBX: 00007f3911c15fa0 RCX: 00007f391199c819
[  271.273903][ T9973] RDX: 0000200000000b80 RSI: 0000200000000100 RDI: 0000000000000000
[  271.284877][    T9] usb 2-1: New USB device found, idVendor=1430, idProduct=474b, bcdDevice= 0.40
[  271.290376][ T9973] RBP: 00007f3911a32c91 R08: 0000200000000200 R09: 0000000000000000
[  271.290396][ T9973] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000000
[  271.290406][ T9973] R13: 00007f3911c16038 R14: 00007f3911c15fa0 R15: 00007ffd8ce1f248
[  271.290425][ T9973]  </TASK>
[  271.307808][ T9973] overlayfs: upper fs missing required features.
[  271.332211][T10015] F2FS-fs (loop2): Found nat_bits in checkpoint
[  271.873573][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  271.895782][T10023] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  271.906643][    T9] usb 2-1: Quirk or no altest; falling back to MIDI 1.0
[  271.923043][    T9] usb 2-1: MIDIStreaming interface descriptor not found
[  271.987483][T10015] F2FS-fs (loop2): Start checkpoint disabled!
[  272.006345][ T5767] ocfs2: Unmounting device (7,3) on (node local)
[  272.013309][T10015] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  272.193355][ T5825] usb 2-1: USB disconnect, device number 25
[  272.279152][   T39] kworker/u4:2: attempt to access beyond end of device
[  272.279152][   T39] loop2: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  272.303307][   T39] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  272.311016][   T39] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  272.703100][ T5770] Bluetooth: hci0: command 0x0406 tx timeout