last executing test programs:

4.682175456s ago: executing program 3 (id=3966):
r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000000000205f14120200000000000109022400010000600009040180020300000009210604000122050009058103"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000002c0)={0x2c, &(0x7f0000000040)={0x0, 0x21, 0x5, {0x5, 0xb, "de54f5"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)

3.843523368s ago: executing program 0 (id=3978):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bond0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=@newlink={0x58, 0x10, 0x401, 0x20000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8003}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x20, 0x2, 0x0, 0x1, [@IFLA_GENEVE_REMOTE6={0x14, 0x7, @rand_addr=' \x01\x00'}, @IFLA_GENEVE_ID={0x8, 0x1, 0x1}]}}}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x58}, 0x1, 0x0, 0x0, 0x20004885}, 0x4054)

3.627628712s ago: executing program 0 (id=3981):
r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000040580405500000000000010902240001000040640904000001030003000921000006012207000905810320"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000c00)={0x24, 0x0, 0x0, &(0x7f0000000b80)={0x0, 0x22, 0x7, {[@main=@item_012={0x1, 0x0, 0xb, 'z'}, @main=@item_4={0x3, 0x0, 0x9, "b5a2226e"}]}}, 0x0}, 0x0)

2.70554657s ago: executing program 3 (id=3994):
r0 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000002040))
ioctl$UFFDIO_COPY(r0, 0xc028aa03, 0x0)

2.562791045s ago: executing program 3 (id=3997):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000002800000028000000050000000400000000000001000e00000800000000000000000000030000000001"], 0x0, 0x45, 0x0, 0x1}, 0x28)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x1}, 0x28)

2.407460967s ago: executing program 3 (id=3999):
syz_mount_image$jfs(&(0x7f0000000080), &(0x7f00000024c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000001000)=ANY=[], 0xfd, 0x631c, &(0x7f00000027c0)="$eJzs3c1vHGcdB/Df7JtfQlurh6pUCLkvvJTSJE5KCBRoe4ADlx5Qj6BGrltFpIASg9LKIq584cCJvwCExBEhjogDNy49cOXGiRORbCRQTwwa7/Mks5vd2IntnY3n85Gcmd88s/Yz+53Zl8zOPgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAxHe/8721IiLe/llasBLxqehGdCKWqno1IpZWV/L6vYh4Ovab46mI6C9EVLff/+eJiFci4uPHI3b3ttarxRcO2Y9v/+Hvv/3BmTf/9vv+uf/+cbP76rT1bt785X/+dOto2wwAAABtU5ZlWaS3+c+k9/edpjsFAMxEfv4vk7z81Ne/+uebf56n/qjVarVaPYO6rpzsVr2IiO36barXDE7HA8AjZjs+aboLNEj+rdaLiDMPc8PF4+8LMFuHPddfnHA/aMbu3tZ6kfIt6s8Hq8P2vH+M5L9d3Lm+Y9r0IOP73az2r53oxpNT+rM0nP3rjLoyF3L+nfH83x62D9J6982/OHr+szIt/8Hw0qfWyfl3x/Mfc9LH/6zsRGdi/m2V8+89UP5d+QMAAAAAwBzL//+/0vD534Wjb8qh3O/87+qM+gAAAAAAAAAAx+2o4//dYfw/AAAAmFvVe/XKrx+/u2zad7FVy98qIh4bWx9omXSxzHLT/QAAAAAAAAAAAACANukNP8P7VhHRj4jHlpfLsqx+6sbrB3XU2z/q2r790A7FxKVNP8gDAMDQx4+PXctfRCxGxFvpu/76y8vLZbm4tFwul0sL+fXsYGGxXKq9r83TatnC4BAvk3uDsvpli7Xb1R30fvmg9vHfV/2tQdk9RMeOST/dm1OaGwobAJLhs9GuZ6RTpiyfmPbiA0Y4/k+hlVhper9i/jW9mwIAAAAnryzLskhf5/1MOuffabpTAMBM5Of/8fMCR6o7U9ojjuf3q9VqtVqtfqi6rpzsVr2IiO36barXDIbjB4BHzHZ80nQXaJD8W60XEU833QlgrhVNd4ATsbu3tV6kfIv680Ea3z1/FmQk/+1i/3b59pOmBxn/jMms9q+d6MaTU/rz1Iz6ME9y/p3x/N8etg/Seied/6xMy3+wf8lc++T8u+P5jzk9+Xcm5t9WOf/eA+XflT8AAAAAAMyx/P//K4c5/9tLxSk9/7s6oz4AAAAAAAAAwHHb3dtaz9e95vP/n5mwnus/T6ecf/Gg+S+lefk/0nL+nbH8vzi2Xrc2f/uNu8f/v/e21n+3+a9P5+lh81/IM0Xas4q0RxTpLxXpw0bH/MGgnX53UP2lftHp9tJnfso7nTk/sm4n3R9l/924GtdiI9ZG2que9kfaL4y09+5pvzjS3k/fO1Au5fazsR4/jmvxzn77YPRun2jxgPunPKA959/1+N9KOf9e7afKfzm1F2PTyu2POvcc9/vTGE4n/Z3Xr372F+dPfnMOtBPdO9tWV23fcw30Z/8+OTOIn97YuH725pXNzetrkSYjSy9EmhyznH9//2fh7uP/88P2/ABUP15vfzSYnP/m9PznxU70pub/fG2+2t4XZ9y3JuT8B+kn5/9Oap98/D/K+U8//l9qoD8AAAAAAAAAAAAAAABwP2VZ7l8i+npEXErX/zR1bSYAMFuvLw6f/8skL1cfe/39MxHz1B+1Wq1Wt7CuKyd7rV5ExF/qt6leM/x80i8DAObZ/yLiH013gsbIv8Xy9/1V0xea7gwwUzc++PCHV65d27h+o+meAAAAAAAAAAAPK4//uVob//mFiFgZW29k/Nc3YvWo43/28sydAUaPeaDvKXY6g26nNtz4s7E/PvfZ4fjb947//VzcO/53HhO3W9+OKfoHtA8OaF84oH1x4tK7aU280KMm5/9sbbzzKv9nxoZfb8P4r+Nj3rdBzv+52v5c5f+FsfXq+Ze/mbv8tw+74k50RvI/t/n+T87d+ODDl6++f+W9jfc2fnRxbe38xUuXLl++fO7dq9c2zg//PZlez4Gcfx772udA2yXnnzOXf7vk/D+Xavm3S87/86mWf7vk/PPrPfm3S84/v/eRf7vk/F9MtfzbJef/pVTLv11297YWqvxfSrX82yUf/19OtfzbJef/cqrl3y45/7Opln+75PzPpfoQ+ft6+FMk55/PcDn+2yXnv5Zq+bdLzv9CquXfLjn/i6mWf7vk/F9JtfzbJef/lVTLv11y/pdSLf92yfl/NdXyb5ec/+VUy79dcv5fS7X82yXn//VUy79dcv6vplr+7ZLz/0aq5d8uOf9vplr+7ZLz/1aq5d8uOf/XUi3/drn7/f9mzJgxk2eafmQCAAAAAAAAAAAAAMbN4uPETW8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPyfHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVh7+5i5Drr+4Gf2TevHZIYCMHJ38AmMSEkS3ZtJ37h3xQT3gOUAgmFvuC43rVZ6tjGa5dAkWxqKJEwKqqoml60BYTaSFWFVXFBK0pzUfXlqrQX9KaiqoTUqAooREVqK8hWM+d5np2ZnZ2z6x2vz5zz+UjJb3fmnDnPnHnO2fnt+jsHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANrd9qb5zzWyLGv+1/rf9ix7UfPrrVPbW7e9/lqPEAAAANion7b+/9yN6YZDa1ipbZm/e+U/fmNpaWkp++Do745/aWkp3TGVZeNbsqx1X3T53z/UaF8muJhNNkbavh8p2Pxowf1jBfePF9w/UXD/loL7JwvuX7EDVtia/z6m9WC7Wl9uz3dpdlM23rpvV4+1Lja2jIzE3+W0NFrrLI0fyxayE9l8NtuxfL5so7X8t25rbuvtWdzWSNu2djZnyI8+dTSOoRH28a6ObS0/ZvSDN2ZTz//oU0f/+Oyzt/Sqhbuh4/Hycd51e3Ocnwm35GNtZFvSPonjHGkb584er8loxzgbrfWaX3eP87k1jnN0eZibqvs1n8xGWl9/p7Wfxtp/rZf2085w23/fkWXZheVhdy+zYlvZSLat45aR5ddnMp+RzcdoTqWXZGPrmqe3rWGeNuvcrs552n1MxNf/trDe2CpjaH+ZfvDpiRWv+3rnadR81qsdK91zcNDHSlnmYJwX32k96Sd6zsFd4fl/6s7V52DPudNjDqbn3TYHby+agyMTo60xpxeh0VpneQ7u7lh+tLWlRqs+c2f/OThz9rHTM4uf+OTrFh47cnz++PzJvbt3z+7dt+/AgQMzxxZOzM/m/7/CvV1+27KRdAzcHvZdPAZe07Vs+1Rd+srgjsPJPsfh9q5lB30cjnU/ucbmHJAr53R+bDzc3OmTl0ayVY6x1utz98aPw/S8247DsbbjsOfPlB7H4dgajsPmMqfvXtt7lrG2/3qN4Wr9LNjeNge73490z8FBvx8pyxycDPPiX+9e/WfBzjDeJ6bX+35kdMUcTE83nHuat6T3+5MHWqXXvLy1ecd1E9m5xfkz9z5+5OzZM7uzUDbFS9vmSvd83db2nLIV83Vk3fP10MIrn7i1x+3bw76afF3zf5OrvlbNZe67t/9r1frp1nt/dty6JwtlwDZ7f/b6ad7cn6mX7LM/m8t8Zmbj78VTX9p2/h1f5fwb+/4X8u2lh7o4Oj6WH7+jae+Md5yPO1+qsda5q9Ha9nMzazsfj4f/Nvt8fFOf8/GOrmUHfT4e735y8XzcKPptx8Z0v56TYZ6cmO1/Pm4us2PPeufkWN/z8R2hNsL+f23oFFJf1DZ3Vpu3aVtjY+PheY3FLXTO070dy4+H3qy5raf2XNk8veuO/LFG07NbtlnzdKpr2UHP03S+Wm2eNop++3Zlll/PuFfzeXHT3v7ztLnM0/dt/Ny5NX7Zdu6cKJqD46MTzdGOp0mYn++XtsY5eG92NDuVncjmWvdOtOZTo7Wt6fvXNgcnwn+bfa7c0WcO3tW17KDnYPo5ttrca4ytfPID0P16ToZ58eT9/edgc5k37x/se9e7wi1pmbb3rt2/X1vtd163du2mq/k7r+Y4/2Z//9/NNpc5cWC9fWb//XRPuOW6/KaJ9v3UffyudkzNZZuzn3aEcT57YPX91BxPc5kvHVzjfDqUZdn5jz3Y+n1v+PvKn5/77jc6/u7S62865z/24A+vP/a36xk/AMPvhbxsy3/Wtf1lai1//wcAAACGQuz7R0JN9P8AAABQGbHvj/8qPNH/AwAAQGXEvn8s1KQm/f+ONz+78ML5LCXzl4J4f9oND+XLxYzrbPh+amlZ8/YHvzb/4788v7Ztj2RZ9pOHfqPn8jseiuPKTYVxXn5L5+0rVzy/pu0/+sjycu359S+Hx4/PZ63ToFcEdzbLsm/d+IXWdqY+dKlVn37o0VZ934UnLjaXee5g/n1c/5mX5sv/QQj/Hjp2pGP9Z8J++H6os+/svT/iel+/9Nqd+z+wvL24XuP2G1pP+8kP548bPyfnixfz5eN+Xm38f/X5p77eXP7xV/ce//mR3uN/Kjzu10L9n1fky7e/Bs3v43qfDeOP24vr3fvVb/cc/+XP5cuffmu+3KOhxu3fFb7f9dZnF9r31+ONIx3PK3tbvlzc/ux3f7t1f3y8+Pjd4588fKljf3TPj6f/OX+cma7l4+1xO9FfdG2/+Tjt8zNu/6nferRjPxdt//L7nnlF83G7t39P13KjXet3f2LTH372Cz23F8dz6M9OdzyfQ+8Nx3HY/pMfDvMx3P+/l7/Qsd3o0fd2nn/i8l/efr7j+URvfz7f/uU3HG/V/5j68e9f96Lrb7jwqua+y7LvvD9/vKLtH/+jUx3j/8rNd7dej3h/zOh3b381cftnPj598tTiuYW5tr3a+uycd+Xj2TK5dVtzvDeGc2v394dPnf3I/Jmp2anZLJuq7kfoXbGvhvrDvFxY7/p3PxJez1t/71vb7vynz8fb/+Xh/PZL78x/br0mLPfFcPv2/PVbamxw+0/ednPr+G48nX/fkWMfgJ27/vPAmhYMz7/7fUGc76df9pHWfmje1/q5EY/rDY7/e3P543wz7Nel8MnMt9+8vL325eNnI1x6f368b3j/hdNcfF3/JLze7/5+/vhxXPH5fi+8j/n2js7zXZwf3zw/0v34rU/xuBDOJ9mF/P64VNzfl567uefw4ueQZBduaX3/O+lxblnX01zN4icWZ04snDz3+MzZ+cWzM4uf+OThx06dO3n2cOuzPA9/tGj95fPTttb5aW5+333Z7NYsy05ls5twwhr4+NMHAq1t/KcfOTq3f/bOufljR84dO/vI6fkzx48uLh6dn1u888ixY/MfL1p/Ye6B3XsO7t2/Z/r4wtwDBw4e3HtweuHkqeZuzAdVYN/sr02fPHO4tcriA/cd3H3//ffNTj92am7+gf2zs9PnitZv/Wyabq7969Nn5k8cObvw2Pz04sIn5x/YfXDfvj2Fnwb42Olji1MzZ86dnDm3OH9mJn8uU2dbNzd/9hWtTzUt/lv+frZbI/8gvuw99+xLn8/a9LVPr/pQ+SJdHyD6bPgsmn948ekDa/k+9v3joSY16f8BAACgDmLfPxFqov8HAACAyoh9/5ZQE/0/AAAAVEbs+ydDTWrS/8v/y/+vLf+f3y//X6/8/+mP5bnSYc//x/y8/H89XOP8/4a3L/8v/1+9/H/zqyHN/69z/PL/8v+sVLb8f+z7t2ZZLft/AAAAqIPY928LNdH/AwAAQGXEvv+6UBP9PwAAAFRG7PtfFGpSk/7/auf/x/tse4jy/3uKAlfVz/+7/r/8fzac+f/44sj/18a68/cfeLjjW/n/QP5f/l/+X/5f/p8NW70bvFb5/9j3Xx9qUpP+HwAAAOog9v03hJro/wEAAKAyYt9/Y6iJ/h8AAAAqI/b920NNatL/u/6/6//L/8v/Vzr/v9Hr/7cNRv5/OLj+f3/rzv9vkf9fW/5/Uv5/GPP/44Mdf7nz/4XDl//nqijb9f9j3//iUJOa9P8AAABQB7Hvf0moif4fAAAAKiP2/S8NNdH/AwAAQGXEvv+mUJOa9P/y//L/dc7/P5V/AKj8v/x/z+0XX/8//0r+v1zk//tz/f8Crv9fr/z/gMdf7vz/oK//P/6W7vXl/+mlbPn/2Pe/LNSkJv0/AAAA1EHs+28ONdH/AwAAQGXEvv/loSb6fwAAAKiM2PfvCDWpSf8v/y//X+f8fyT/L//fa/vF+f+c/H+5yP/3J/9fYHs2Eb6S/5f/l//vl//v8eZX/p9eivL/P93k/H/s+28JNalJ/w8AAAB1EPv+W0NN9P8AAABQGbHv/3+hJvp/AAAAqIzY9+8MNalJ/y//L/8v/1+v/P89E/L/8v/VVs38/+DelMj/F3D9f/n/sub/l17oPBh72Nzr/6+0nvz/lqIHozKK8v/v2eT8f+z7XxFqbsdYXfp/AAAAqIPY978y1ET/DwAAAJUR+/5XhZro/wEAAKAyYt8/FWpSk/5f/r9a+f8//esnX5VtLP9/Uf6/2vn/Cl//P04D+f+aG8L8f0cM1vX/hyr/P5LJ/3eQ/6/R9f97cP1/eilb/j/2/beFmtSk/wcAAIA6iH3/7aEm+n8AAACojNj33xFqov8HAACAyoh9/65Qk5r0//L/1cr/R67/L//fb/sVzf8n8v/1NoT5/w5XJf/fdpDK/xdw/X/5/9rn/+O7X/l/BqNs+f/Y97861KQm/T8AAADUQez77ww10f8DAABAZcS+/zWhJvp/AAAAqIzY998ValKT/l/+X/5f/l/+X/6/9/bl/4eT/H9/683/T8j/y//L/9cs/+/6/wxW2fL/se9/bahJTfp/AAAAqIPY998daqL/BwAAgMqI/34z/3ev+n8AAACootj3T4ea1KT/vzr5/8k1bVv+X/5/s/P/Dfl/+X/5/8qT/+/P9f8LyP/L/8v/r8z/byl86i3y//RStvx/7PtfF2pSk/4fAAAA6iD2/feGmuj/AQAAoDJi3z8TaqL/BwAAgMqIff9sqElN+n/X/5f/r1P+v/zX/+/Micr/5+T/5f/XQ/6/P/n/AvL/8v9Vy/9n2RXn/3e7/j8DULb8f+z7d4eaFDR+g/55DAAAAFw9se/fE2pSk7//AwAAQB3Evn9vqIn+HwAAACoj9v33hZrUpP+X/69q/n8pk/8fxvy/6//L/8v/b5T8f3/y/wWGKf/fXEn+v1TjL2X+fxDX/5f/ZwPKlv+Pff/9oSY16f8BAACgDmLfvy/URP8PAAAAlRH7/v2hJqH/7/XvugEAAIDhEvv+A6EmNfn7v/x/RfL/v/n3Hdt2/X/5/37bH0z+f6v8f6jy/+VS0fx/92FxxeT/CwxT/t/1/0s3fvl/+X9WKlv+P/b9B0NNatL/AwAAQB3Evv/1oSb6fwAAAKiM2Pf//1AT/T8AAABURuz7fybUpCb9v/x/RfL/XeT/5f/7bd/1/+X/q6yi+f+BqVT+f0T+X/6/XOOX/5f/Z6Wrn/+PX60t/x/7/gdCTWrS/wMAAEAdxL7/Z0NN9P8AAABQGbHvf0Ooif4fAAAAKiP2/YdCTWrS/8v/y//L/8v/X538/xuybmXM/zcnj/x/tcj/91ep/L/r/8v/l2z88v/y/6xUtuv/x77/jaEmNen/AQAAoA5i3/9gqIn+HwAAACoj9v1vCjXR/wMAAEBlxL7/zaEmQ93/rz3rJv8v/y//L//v+v+9ty//P5zk//uT/y8g/y//L/8v/89AlS3/H/v+t4SaDHX/DwAAALSLff9bQ030/wAAAFAZse9/W6iJ/h8AAAAqI/b9bw81qUn/L/8v/y//L/8v/997+/L/w0n+vz/5/wLy//L/8v/y/wxU2fL/se9/R6hJTfp/AAAAqIPY9z8UaqL/BwAAgMqIff87Q030/wAAAFAZse9/V6hJTfp/+X/5f/l/+X/5/97bl/8fTvL//cn/Fxja/P/Eup7maq51fn7Yxy//L//PSmXL/8e+/92hJjXp/wEAAKAOYt//c6Em+n8AAACojNj3vyfURP8PAAAAlRH7/p8PNalJ/y//L/9frvz/0vn29eT/5f+zQeX/myutLf+fQrTy/8NJ/r8/+f8CPfL/W4Yi/+/6/2UYv/y//D8rlS3/H/v+94aa1KT/BwAAgDqIff/7Qk30/wAAAFAZse9/f6iJ/h8AAAAqI/b9D4ea1KT/v/r5/4kbVtt2tfP/W8uc/09PuXz5f9f/l/93/X/5/42R/+9P/r/A0F7/X/6/DOOX/5f/Z6Wy5f9j3/9IqMHzA/5xCwAAAFxDse//QKhJTf7+DwAAAHUQ+/5fCDXR/wMAAEBlxL7/g6EmNen/ryj/H0Ovrv+fuP5/5/jl/6OxjvlRp/z/ZNvrmeal/L/8/yaQ/+9P/r+A/L/8f5nz/2E2b11lffl/yqhs+f/Y938o1KQm/T8AAADUQez7fzHURP8PAAAAw2BxLQvFvv+XQk30/wAAAFAZse//5VCTmvT/V//6/6uT/5f/L1/+/x2u/1/f6/83T4Ly/xUg/9+f/H8B+X/5/zLn/wvI/1NGZcv/x77/V0JNVm38fvhfa3iaAAAAQInEvv/DoSY1+fs/AAAA1EHs+w+Hmuj/AQAAoDJi3/9oqElN+n/5/+78f7yiqvx/PfP/g77+f+f8kP8vdf7f9f8rYnD5/5dfn2Xy//L/8v/y/5uZ/x+R/6dyypb/j33/kVCTmvT/AAAAUAex7//VUBP9PwAAAFRG7PuPhpro/wEAAKAyYt8/F2pSxf6/O1R7bfP/4+XM/7v+/5Xm/38i/1+1/P/5TP5f/n8Iuf5/f/L/BeT/5f9d/789/7/9SvL/zXkq/09Utvx/7PvnQ02q2P8DAABAvaRfB8e+/1ioif4fAAAAKiP2/cdDTfT/AAAAUBmx7/9IqElN+v/C/H+8HH5trv8v/+/6/5uR/x/rWL6k+f8yX/+/tYr8v/x/L/L//cn/F5D/l/+X/3f9fwaqbPn/2PcvhJrUpP8HAACAOoh9/0dDTfT/8H/s3UeTHed1x+EGiDBT5Sr7I3jtlZf2iv4I3njhnau8tOlI5UBSOUtUpLJE5ZxzonLOOVM5R1KJYhVUGJxzMOGiL4Dpmdv9vs+z8BFQBGeGHNL+G/XTCwAA0Izc/f8Rt9j/AAAA0Izc/f8Zt3Sy/zf4/r/+X/8/i/7/xDDc6P3/xfX/O/T/+v9V9P/j9P9r6P/1//p//T+Tmlv/n7v/urilk/0PAAAAPcjd/19xi/0PAAAAzcjd/99xi/0PAAAAzcjd/z9xSyf7X/+v/++9/x828v7/3j9e/3+B/l//P4UD/f2p1X/cpaLwS/b/f/8P1/+b/l//r/8fpf/X/+v/2W9u/X/u/v+NWzrZ/wAAANCD3P3/F7fY/wAAANCM3P3/H7fY/wAAANCM3P3Xxy2d7H/9v/5f/6//39P/36b/1/8vm/f/x+n/19D/6//1//p/JjW3/j93/z3ilk72PwAAAPQgd/894xb7HwAAAJqRu/9ecYv9DwAAAM3I3X/vuKWT/a//b7n/39L/N9X/n/H+/76vR/+v/19F/z9O/7+G/l//r//X/zOpufX/ufvvE7d0sv8BAACgB7n77xu32P8AAADQjNz994tb7H8AAABoRu7++8ctnex//X/L/b/3/9vq/4/p/X/9v/5/4W4dLv474bj7/zMT/PcP6P/n3f8Pg/5/zGX386u/vOV8/peg/9f/c9Dc+v/c/Q+IW/5pGM5c7RcJAAAAzEru/gfGLZ38/j8AAAD0IHf/DXGL/Q8AAADNyN1/Y9zSyf7X/+v/r67/v/D9ov/X/+v/9f9z4/3/cYfv///ub6779377f+//j/P+/9T9//nvDP0/yza3/j93/01xSyf7HwAAAHqQu/9BcYv9DwAAAM3I3f/guMX+BwAAgGbk7n9I3NLJ/tf/t9b/X7Pn1+3q/3dqF+//6//1//r/1un/x3n/f42df81t1w/1//p/7//r/zmcufX/ufsfGrd0sv8BAACgB7n7Hxa32P8AAADQjNz9D49b7H8AAABoRu7+R8Qty9v/W1fzi/T/rfX/e3/d0b3/r//X/+v/D9f/D/r/I6L/H6f/X+Ny3v+/ZgH9/1V+12y6nz+sTX/++n/9PwfNrf/P3f/IuGV5+x8AAAC4hNz9j4pb7H8AAABoRu7+R8ct9j8AAAA0I3f/Y+KWTva//l//v4z+Pz+C/l//f/T9f/L+/zLp/8fp/9e4nP7f+/+XpP/X/+v/2W9u/X/u/sfGLZ3sfwAAAOhB7v7HxS32PwAAADQjd//j4xb7HwAAAJqRu/8JcUsn+1//r/9fRv/v/X/9f2vv/+v/j4r+f5z+fw39v/5f/6//Z1Jz6/9z998ct3Sy/wEAAKAHufufGLfY/wAAANCM3P1PilvsfwAAAGhG7v4nxy2d7H/9v/5f/6//1/+v/vj6/2XS/4/T/6+h/9f/6//1/0xqRv3/rl+1NTwlbulk/wMAAEAPcvc/NW6x/wEAAKAZufufFrfY/wAAANCM3P23xC2d7H/9/zT9/9aKn7vC/n8n52ur/98ehkH/P3Ta/2/v+vtZ35f6f/3/MdD/j9P/r3H+H8hzJ/T/+n/9v/6fiRxv/3/+3/nj/30AufufHrd0sv8BAACgB7n7nxG32P8AAADQjNz9z4xb7H8AAABoRu7+Z8Utnex//b/3/73/r//3/v/qj6//Xyb9/zj9/xre/z90P39y0P/v6v9P6//1/7073v5//Y9z9z87bjpz+qq/RAAAAGBmcvc/J27p5Pf/AQAAoAe5+58bt9j/AAAAsFA3H/iZ3P3Pi1s62f/6/2n7/zO7fk7/r//f//2h/9f/6/+Pnv5/nP5/Df2/9/+9/6//Z1Jz6/9z9z8/bulk/wMAAEAPcvffGrfY/wAAANCM3P0viFvsfwAAAGhG7v4Xxi2d7H/9v/f/9f/6f/3/6o+v/18m/f84/f8a+n/9/2b7/7MX/+Oq/n/8XylX0v9vr/j1+n+OwhX0/+fOnbvhyPv/3P0vils62f8AAADQg9z9L45b7H8AAABoRu7+l8Qt9j8AAAA0I3f/S+OWTva//r/T/j+/1ZfV/984DPp//b/+X/8/Tv8/Tv+/hv5f/+/9f/0/k5rb+/+5+18Wt3Sy/wEAAKAHuftfHrfY/wAAANCM3P2viFvsfwAAAGhG7v5Xxi2d7H/9f6f9v/f/9f/6/+Pu/+8a9P/HYhH9/6qHt8Pc+/+b9P/6/xHd9f///I97fqj/1/9z0Nz6/9z9r4pbOtn/AAAA0IPc/a+OW+x/AAAAaEbu/tfELfY/AAAANCN3/2vjplOd7H/9v/5f/6//1/+v/vjH/P7/mWEY9P8TWET/P2Lu/f807//v/6f8Iv2//n/Jn7/+X//PQXPr/3P3vy5u6WT/AwAAQA9y978+brH/AQAAoBm5+98Qt9j/AAAA0Izc/W+MWzrZ//p//b/+X//ffP9/0yL6f+//T+TWvT/U/+8zj/7/0vT/+v8lf/6b6P+3d/1n/T9Lsqn+P3f/m+KWTvY/AAAA9CB3/5vjFvsfAAAAmpG7/y1xi/0PAAAAzcjd/9a4pZP9r//X/19J/5+fp/6/rf7/7Oz6/609f75O3v/X/0/E+//j9P9rzLX/P3Hx6P/n+/k38v7/zfp/pjS39/9z978tbulk/wMAAEAPcve/PW79v27tfwAAAGhG7v53xC32PwAAADQjd/8745ZO9r/+X//v/X/9f/Pv/+v/u6L/H6f/X2Ou/X/Q/8/782+k//f+P5OaW/+fu/9dcUsn+x8AAAB6kLv/3XGL/Q8AAADNyN3/nrjF/gcAAIBm5O6/LW7pZP/r//X/+n/9v/7/wt9D/X8b9P/jjqf/39b/6/+rnz8R/xTo//vu/0+cWveradXc+v/c/e+NWzrZ/wAAANCD3P3vi1vsfwAAAGhG7v73xy32PwAAACzSquwkd/8H4pZO9r/+X/+v/9f/6/9Xf3z9/zJtpP/Pbwr9v/f/Qz/9/9/u+dHS3v/f/7+/9P/e/2d6c+v/c/d/MG7pZP8DAABAD3L3fyhusf8BAACgGbn7Pxy32P8AAADQjNz9H4lbOtn/+n/9v/5f/z/S/w/DLSf0/0H/vwze/x+n/19D/7/R9/OX/vnr//X/HDS3/j93/0fjlk72PwAAAPQgd//H4hb7HwAAAJqRu//jcYv9DwAAAM3Y2f0Zl3W4/6fp/0/p/1f8nP5f/7//+2OB/b/3//X/i6P/H6f/X0P/r//X/+v/mdRh+/9d/3fhJP3/J3Z+1dbwybilk/0PAAAAPcjd/6m4xf4HAACAZuTu/3TcYv8DAABAM3L3fyZu6WT/e/9f/7+M/v/cuXM36P/1/3u/nov9/+36f4r+f5z+fw39v/5f/6//Z1Jze/8/d/9n45ZO9j8AAAD0IHf/5+IW+x8AAACakbv/83GL/Q8AAADNyN3/hbilk/2v/59B/7912P5/+8DHbq//9/6//r+X9/9P6v8PSf8/Tv+/Rov9/9blf/mb7ucPa9Ofv/5f/89Bc+v/c/d/MW7pZP8DAABAD3L3fylusf8BAACgGbn7vxy32P8AAADQjNz9X4lbOtn/+v/j6//P/7Xr5f3/7WH156//1//r/73/f9T0/+P0/2u02P9fgU3380v//PX/+n8Omlv/n7v/q3HL3uF3+sq+SgAAAGBOcvd/LW7p5Pf/AQAAoAe5+78et9j/AAAA0Izc/d+IWzrZ//r/Gbz/32D/7/3/1d8f+v9Z9/8nN9T/7/xp9P/T0f+P0/+vof/X/+v/J+r/87tZ/9+7tf3/9nCs/X/u/m/GLZ3sfwAAAOhB7v5vxS32PwAAADQjd/+34xb7HwAAAJqRu//2uGXX/l/VdrdC/6//1//r//X/qz++9/+XSf8/7nL7/7PD4fr/pP/X/+v/e+3/vf/PBXN7/z93/3fiFr//DwAAAItz+hI/n7v/u3GL/Q8AAADNyN3/vbjF/gcAAIBm5O7/ftxyx8lNfUrHSv+v/9f/6//1/6s/vv5/mfT/47z/v4b+f4p+/lr9fxv9/zDo/zm8ufX/uft/ELf4/X8AAABoRu7+H8Yt9j8AAAA0I3f/j+IW+x8AAACakbv/x3FLJ/tf/6//P2T/v5Nm6v8vaLf/zz+D/n/K/v+vdv1V1f9PR/8/Tv+/hv7f+//6f+//M6m59f+5+38St3Sy/wEAAKAHuft/GrfY/wAAANCM3P0/i1vsfwAAAGhG7v6fxy2d7P+N9f/xl1r/v/j+3/v/R97/n//qNt3/p377/+01/f++wncl7/8fD/3/OP3/Gvp//X9H/f+/7Pux/p+jMLf+P3f/L+KWTvY/AAAA9CB3/y/jFvsfAAAAmpG7/1dxi/0PAAAAzcjd/+u4pZP97/1//b/+f+79/xze/0+T9//DMNLf3x13Dv3/cATv/+v/j4b+f5z+f7X6G6X/1/931P/vp//nKMyt/8/d/5u4pZP9DwAAAD3I3f/buMX+BwAAgGbk7r8jbrH/AQAAoBm5+++MWzrZ//p//b/+X//v/f/VH1//v0z6/3Gb7P//9a/Xf1jv/2+8/89PQf8/Xf9/zXD1/f/ZQf/Pws2t/79zz6/ub/8DAABAD3638z+3ht/HLfY/AAAANCN3/x/iFvsfAAAAmpG7/49xSyf7f03/f7b+QP3/KP3/3s9f/7/6+0P/r//X/x89/f+48f5/1z/Nnb3/X/T/3v/3/r/+n0nNrf/P3f+nuKWT/Q8AAAA9yN1/V9xi/wMAAEAzcvf/OW6x/wEAAKAZufvvjls62f/e/19S/3+t/l//r//X/+v/19D/j9vk+/+XQ/+v/1/y56//1/9z0Nz6/9z9fwkAAP//EtJHVQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
open_by_handle_at(r0, &(0x7f0000000080)=@shmem={0xc, 0x1, {0x20}}, 0x0)

2.40676256s ago: executing program 4 (id=4000):
r0 = syz_open_procfs(0x0, &(0x7f00000042c0)='mounts\x00')
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000140)={[{@acl}, {@heartbeat_none}, {@inode64}, {@localalloc={'localalloc', 0x3d, 0x6b2}}, {@acl}, {@localflocks}, {@coherency_full}, {@inode64}]}, 0x1, 0x4443, &(0x7f0000004480)="$eJzs3c9rHNcdAPA3I9WWXNuVXB9cKHShhpa2CMmntjJUlmXLkq26uLUpvaxX0tpWu9IaaVV6MFS9GXoK5BByMAnkppPRIVcH8g/kkqNzNiSHXAIBkw27OyvtjHbRxtm1IvP5gDU779d8d78zs28P4xcnKg9WNnIrG7nCWq68dG/jQu7f5dLmajHEr8lhH5/u9D5PUZD7w3Pz8tW/3rkQwkfLn76oVqvVUDMY2ppoef3Vl4+WWrdNcaZPbdz2o/XKP0IIZ/fFVTMQQvj7hyFEIYRLSdl0sh0OIZwOjbo7j/5/N9ejaJ4+L17Mv1x4vDN5fn77yU7n9x6F8G7pZ7+7v/r5LwcmP/tNjw4PAAAAAAAAAAAAAAAAAMARN3vr5u2/jE+EZ1EY3I72P687m2w7PR9b7Zlf9P/NAgAAAAAAAAAAAAAAAAAAwA/U3vP/uehMm+f/Z5LtVIf+1T/1P0b6Z+7PN2eujE8k679H++p/nxR9cWkgjLZZ9z27/vulTP/2678f71n8zfiaxx0JUTyW2o/jsbEQ3k8Wfj8XnYhL5Y3Kb++VN9eWexbGkZXOf2P1/tRZkCzo323+pzPj93/9/5+G7Flb27+7/1SmjXT+Bzq2++B/UVf5v5zp9zryz6tL53+wXjbc2mCqcQOo5f+twYPzP5MZv1/5Px1CyEW1WHOpO0BtDlMr7zRfIS2d/x/Vy1K3zuSD7HT9f53J/5XM+Id1/9/KfhHRVjr/x+plQ6kWe9f/aHzw9X81M/5h5L8W/5bv/66k85/MywdTTeqfZLf3/9nM+P3K/+04ifN0lDoDtqNGeaf/r460dP6H9tXv/f6Lu5r/Xcv0b5//3l2czfiax63//qtWq/9N9n8dNX7/0V46/8Md23V7/c9l+vX7/j9Vn/9151g/Azmi0vk/US9Lz51H6n+7zf98Zvx+5b8+Kxlq5n/vfvLN8Ub5ey3zv9v9COANkc7/jxuFcWuLrfrf+vwvOnj+fz0z/mHM/2rxb8X9PeqbIp3/kx3b1fL/SRff/zcy/fqf/xDGzfVfWTr/pzq2q1//QwfnfyHTr9/5/1U/BwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4AqaT7UiI4rHUfhyPjYVwOdk/F05Ei4Xl/GKpvPSvjRBmkvJcOBPdL5UXC6X8ylp5uZgvlErlpRCuJPVnw1C0USpX8quFh1d3xxqOHhQL65XFYqESQphNyn8eTjXHWlyprBYehhCu7db9JC6vP3xQWMsvr6z/cXx8fDzM7cYwGhX/UymuVRpHb9SGML/bdyRqCa5efX03lpPRP8ub62uFUr38RkufUnmpUGrps5DUvR1Go8r65tpSoVLMl8r3m8fr5ONjr5ic72Aq2c7M3frbrRsT++rvRo3tdP9DAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB7eDb5h3dCCIONvTiEkIuSF1HyL+Xp8+LF/MuFxzuT5+e3n+y8aNcGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4lh04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirs0j9KA0EUB+A3Y6Glx7BadjvbFUW0cEXwBHoMD6NH8RLewSJF2hQhkMxC2D+wTVJ9X/Ngfsy8B/MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYLnHt+79tW4iUlxtLyN+P//+j/PnUr/vpu9fnGFGTufppbt/qJvy72mU35ajVZv36Wb99RETtfcz2JPhPh2M+wzN7dvcfH3f60i5ioi25Dcp56pa9hYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADs2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAsAAAAACPO3jqJvAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB+BQAA///tOyO0")
pread64(r0, &(0x7f0000002240)=""/237, 0xed, 0x4eb)

1.789929196s ago: executing program 1 (id=4001):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=@newqdisc={0x40, 0x24, 0x3fe3aa0262d8c583, 0x70bd27, 0x25dfdbfe, {0x0, 0x0, 0x0, r1, {0x0, 0xc}, {0xffff, 0xffff}, {0xfff2, 0xffee}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x14, 0x2, [@TCA_FQ_LOW_RATE_THRESHOLD={0x8, 0xb, 0x8}, @TCA_FQ_FLOW_MAX_RATE={0x8, 0x7, 0x3}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x40840}, 0x4048000)

1.766687745s ago: executing program 3 (id=4002):
syz_mount_image$jfs(&(0x7f0000000340), &(0x7f00000002c0)='./file0\x00', 0x44, &(0x7f00000000c0)=ANY=[], 0x1, 0x624b, &(0x7f0000000f00)="$eJzs3U9vHGcdB/Df7D//CW2jHqoSIeS2AVpK87eEQIG2Bzhw4YByRYlct4pIASUBpVFEXPnCgRcBQuIIiCMnXkAPXLnxAoiUIAE9ddB4n8ceb3ezttPdWXs+H8md+c0z432m3x3vbmZmnwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4gff/9H5IiKu/jItOBnxuehGdCJWqnotIlbWTub1exHxfGw3x3MR0V+KKHLjMxGvR8RHT0c8fHRvvVp0YZ/9+N6f//H7H5/44d//2D/737/c7r4xab07d37zn7/eP/z+AgAAQBuVZVkW6WP+qfT5vtN0pwCAuciv/2WSl6sXrt5csP6o1Wq1+gjWdeV49+tFRGzWt6neMzgdDwBHzGZ83HQXaJD8W60XESea7gSw0IqmO8BMPHx0b71I+Rb114O1YXu+FmRP/pvFzv0dk6bTjF5jMq/n11Z049kJ/VmZUx8WSc6/M5r/1WH7IK036/znZVL+g+GtT62T8++O5j/i+OTfGZt/W+X8ewfKvyt/AAAAAABYYPnf/082fP536cl3ZV8ed/53bU59AAAAAAAAAIDP2pOO/7ejMP4fAAAALKrqs3rlt0/vLpv0XWzV8itFxFMj6wMtk26WWW26HwAAAAAAAAAAAADQJr3hNbxXioh+RDy1ulqWZfVTN1of1JNuf9S1ff+hzZr+Iw8AAEMfPT1yL38RsRwRV9J3/fVXV1fLcnlltVwtV5by+9nB0nK5Uvtcm6fVsqXBPt4Q9wZl9cuWa9vVTfu8PK199PdVjzUou/vo2Hw0GDgARMTw1eihV6Rjpiyfiabf5XA0OP6PH8c/+9H08xQAAACYvbIsyyJ9nfepdM6/03SnAIC5yK//o+cF1Gq1Wq0+cF3sLliI/qg/VdeV492vFxGxWd+mes9gOH4AOGI24+Omu0CD5N9qvYh4vulOAAutaLoDzMTDR/fWi5RvUX89SOO752tB9uS/WWxvl7cfN51m9BqTeT2/tqIbz07oz3Nz6sMiyfl3RvO/OmwfpPVmnf+8TMq/2s+TDfSnaTn/7mj+I45P/p2x+bdVzr93oPy78gcAAAAAgAWW//3/5EKd/x0cdnemetz537WZPSoAAAAAAAAAzNbDR/fW832v+fz/F8as5/7P4ynnX8i/lXL+6f7/nQtvXh5Zr1ubf/D2bv7/fnRv/Q+3//X5PN1v/kt5pkjPrCI9I4r0SEUvTQ+5YxNs9buD6pH6RafbS9f8lP1343rciI04t2fdTjoedtvP72mvetrfbi+7w/YLe9p7O+15+4t72vvpSqdyJbefifX4WdyId7bbq7alKfu/PKW9nNKe8+8e8vgv7+/+nnD8Hzk5/17tp8p/NbUXI9PKgw87nzru69Nxj/PW9S/++tzsd2eqreju7FtdtX8vNtCf7f8nJ+5GxMbNM3eu3b5983ykyYlB/OJWXnoh0uQzlvPvp5+c/8svDdvz3/368frgw8GB818UW9GbmP9Ltflqf1+Zc9+akPMfpJ+c/zupffzxf5Tzn3z8v9pAfwAAAAAAAAAAAAAAAOBxyrLcvkX0rYi4lO7/aereTABgvvLrf5nk5fOqu4fd/k9796Op/qvVc66LBevPXOtPysXqj3oh6/8tWH8Wrq4rx3uzXkTE3+rbVO8ZfjXulwEAi+yTiPhn052gMfJvsfx9f9X0dNOdAebq1gd3f3Ltxo2Nm7ea7gkAAAAAAAAAcFh5/M+12vjPp8syD+u8Y8/4r2/H2pOO/9nLMzsDjE4YqLp78H16nK3OoNupDTf+Qkwa/7u/M/e48b97Ux6vP6V9MKV9aUr78pT2sTd61OT8X6iNd346Ik6NDL/ehvFfR8e8b4Oc/4u153OV/1dG1qvnX/7uKOff2ZP/2dvv//zsrQ/uvnb9/Wvvbby38dOL58+fu3jp0uXLl8++e/3Gxrnhfxvs8Wzl/PPY164DbZecf85c/u2S8/9SquXfLjn/L6da/u2S88/v9+TfLjn//NlH/u2S838l1fJvl5z/V1Mt/3bJ+b+aavm3S87/a6mWf7vk/F9LtfzbJed/JtXyb5ec/9lU7zP/lVn3i/nI+eczXI7/dsn55ysb5N8uOf8LqZZ/u+T8L6Za/u2S83891fJvl5z/11Mt/3bJ+V9KtfzbJef/jVTLv11y/pdTLf92yfl/M9Xyb5ec/7dSLf92yfm/kWr5t0vO/9upln+75Py/k2r5t0vO/7upln+75PzfTLX822X3+//NmDEzo5ne0TvQmv7LBAAAAAAAAAAAAACMmsflxE3vIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwf3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhb27i5HrrO8HfmbfvHYgNhDyd/I3Ye0YY5xNdv0Sv9C6mPDa8FYSQqEv2K53bRb8htcugUa1I0OJhFFRRdtw0RYQanNTYVVc0ApQLlCrSpWgvaA3iAqVi6gNKCBVpRVkq5nzPM/OzM7O7HrHm7PnfD4S+Xlnzsw5c+aZ2f3afHcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaLb1DdOfqmVZVqvV8gs2ZdmL6nP92KbGJa99YY8PAAAAWLlfNP773MZ0wZEl3Khpm3+469tfnZubm8veN/jHw5+bm0tXjGXZ8Losa1wXXf/B+2vN2wRXs9HaQNPXAz12P9jj+qEe1w/3uH6kx/Xrelw/2uP6BSdggfVZLd3Z9sYfN+WnNLstG25ct73Dra7W1g3Uz126bVZr3GZu+GQ2k53OprPJlu3zbWuN7b++tb6vt2ZxXwNN+9pSXyE/eexEPIZaOMfbW/Y1f5/Rj16fjf30J4+d+MuLz97RafY8DS33lx/nzm314/xEuCQ/1lq2Lp2TeJwDTce5pcNzMthynLXG7ep/bj/O55Z4nIPzh7mq2p/z0Wyg8efvNM7TUC3rcJ62hMt+dneWZVfmD7t9mwX7ygayDS2XDMw/P6P5iqzfR30pvTQbWtY63bqEdVqfU9tb12n7ayI+/1vD7YYWOYbmp+lHj480Pe8/n7uRdRrVH/Vir5X2Ndjv10pR1mBcF99pPOgnOq7B7eHxP7Zj8TXYce10WIPpcTetwW291uDAyGDjmNOTUGvcZn4N7m7ZfrCxp1pjPrOj+xqcuHjm/MTsxz5+78yZ46emT02f3bt79+Te/fsPHjw4cXLm9PRk/t8bPNvFtyEbSK+BbeHcxdfAq9u2bV6qc18cWfD+e6Ovw9Eur8NNbdv2+3U41P7gaqvzgly4pvPXxnvqJ3302kC2yGus8fzsWvnrMD3uptfhUNPrsOP3lA6vw6ElvA7r25zftbSfWYaa/tfpGBb/XrCyNbipaQ22/zzSvgb7/fNIUdbgaFgX39u1+PeCLeF4nxhf7s8jgwvWYHq44b2nfkn6eX/0YGN0Wpd31q+4ZSS7NDt94b5Hj1+8eGF3FsaqeFnTWmlfrxuaHlO2YL0OLHu9Hpm564k7O1y+KZyr0Xvr/xld9Lmqb7Pvvu7PVeO7W+fz2XLpniyMPlvt89npu3n9fI5k2ee/9fhD33js829Y9HzW8+YnJlb+s3jKpU3vv8OLvP/G3P98vr90V1cHh4fy1+9gOjvDLe/HrU/VUOO9q9bY93MTS3s/Hg7/W+3349u6vB9vbtu23+/Hw+0PLr4f13r9bcfKtD+fo2GdnJ7s/n5c32bznuWuyaGu78d3h1kL5/81ISmkXNS0dhZbt2lfQ0PD4XENxT20rtO9LdsPh2xW39dTe25sne68O7+vwfTo5q3WOh1r27bf6zT93ddi67TW62/fbkz78zka1sVte7uv0/o2T+9b+Xvn+vjHpvfOkV5rcHhwpH7Mw2kRNt7vs7n1cQ3el53IzmWns6nGtSON9VRr7Gv8/qWtwZHwv9V+r9zcZQ3ubNu232swfR9bbO3VhhY++D5ofz5Hw7p48v7ua7C+zRsP9Pdn153hkrRN08+u7X+/ttjfed3Zdppu1loZCsf5rQPd/262vs3pg8vNmd3P0z3hkls6nKf21+9ir6mpbHXO0+ZwnM8eXPw81Y+nvs3nDi1xPR3JsuzyRx5o/H1v+PeVv7n03a+2/LtLp3/TufyRB3784pN/v5zjB2Dtez4fG/LvdU3/MrWUf/8HAAAA1oSY+wfCTOR/AAAAKI2Y++P/KzyR/wEAAKA0Yu4fCjOpSP7f/MZnZ56/nKVm/lwQr0+n4cF8u9hxnQxfj83Nq1/+wJen/+vvLi9t3wNZlv38wd/ruP3mB+Nx5cbCcV5/U+vluf+c/+NX713Svo89cjntt7m//oVw//HxLHUZdKrgTmZZ9vWNn2nsZ+z91xrz6QePNeZDV564Wt/muUP51/H2z7ws3/7PQvn3yMnjLbd/JpyHH4Y5+bZO52P+dl+59potB947v794u9q2WxsP+8kP5Pcbf0/OZ6/m28fzvNjxf+PTT32lvv2jr+p8/JcHOh//U+F+vxzm/7wi3775Oah/HW/3yXD8cX/xdvd96Zsdj//6p/Ltz7853+5YmHH/O8PX29/87Ezz+Xq0drzlcWVvybeL+5/87h82ro/3F++//fhHj15rOR/t6+Ppf8nvZ6Jt+3h53E/0t237r99P8/qM+3/qD461nOde+7/+0DOvqN9v+/7vadvu/Ed2NfY/f3+tv7Hpzz/5mY77i8dz5K/PtzyeI+8Or+Ow/yc/ENZjuP5/r+f31/7bFY69u/X9J27/hU2XWx5P9Naf5vu//rpTjbludP2GW1704luvvLJ+7rLsO+vy++u1/1N/ca7l+L94e34+4vWxo9++/8XE/V/46PjZc7OXZqbSWX1sY+N357w9P554vBvDe2v710fPXfzg9IWxybHJLBsr76/Qu2FfCvPH+bjSfeu5Be+gux4Jz+edf/r1DTv++dPx8n99T375tbfl37deHbb7bLh8U3j+lrf/hZ7cenvj9V17Ohzh3MLfF7wSW7b/x8ElbRgef/vPBXG9n3/5BxvnoX5d4/tGfF2v8Pi/P5Xfz9fCeZ0Lv5l52+3z+2vePv5uhGsP56/3FZ+/8DYXn9e/Cs/3O36Y3388rvh4vx9+jvnm5tb3u7g+vnZ5oP3+G7/F40p4P8mu5NfHreL5vvbc7R0PL/4ekuzKHY2v/yjdzx3LepiLmf3Y7MTpmbOXHp24OD17cWL2Yx8/eubcpbMXjzZ+l+fRD/W6/fz704bG+9PU9P59WePd6lw+brIX+vjPP3Ji6sDkjqnpk8cvnbz4yPnpC6dOzM6emJ6a3XH85Mnpj/a6/czU4d17Du09sGf81MzU4YOHDu09ND5z9lz9MPKD6mH/5IfHz1442rjJ7OF9h3bff/++yfEz56amDx+YnBy/1Ov2je9N4/Vb/+74henTxy/OnJken535+PTh3Yf279/T87cBnjl/cnZs4sKlsxOXZqcvTOSPZexi4+L6975et6ecZv8t/3m2XS3/RXzZu+7Zn34/a92XH1/0rvJN2n6B6LPhd9H840vOH1zK1zH3D4eZVCT/AwAAQBXE3D8SZiL/AwAAQGnE3L8uzET+BwAAgNKIuX80zKQi+b8c/f/mG15e0v71//X/m8+X/n/F+v8PF63/n79f6P/3x0r79/r/gf6//r/+v/6//j99ULT+f8z967OskvkfAAAAqiDm/g1hJvI/AAAAlEbM/beEmcj/AAAAUBox978ozKQi+V//X/9f/1//X/+/8/71/9cm/f/u9P970P+fyKrV/7/Sz+PX/9f/Z6Gi9f9j7n9xmElF8j8AAABUQcz9t4aZyP8AAABQGjH3bwwzkf8BAACgNGLu3xRmUpH8r//ftf/fXkNelP5/6/Hr/3deH/r/+v/6/zef/n93+v896P/7/H/9f/1/+qpo/f+Y+18SZlKR/A8AAABVEHP/S8NM5H8AAAAonqEbu1nM/S8LM1mQ/29wBwAAAMALLub+27K2InhF/v1f/9/n/xe//78uXaf/r/+fFbL/P5jp/xeH/n93+v896P/r/+v/6//TV0Xr/zdyfzaavTzMpCL5HwAAAKog5v7bw0zkfwAAACiNmPv/X5iJ/A8AAAClEXP/5jCTiuR//X/9/+L3/33+v/5/0fv/Pv+/SPT/u9P/70H/X/9f/1//n74qWv8/5v47wkwqkv8BAACgCmLuvzPMRP4HAACA0oi5//+Hmcj/AAAAUBox928JM6lI/tf/L3j/PzZH9f/1//X/9f/1/5dE/787/f8e9P/1//X/9f/pq6L1/2Puf0WYSUXyPwAAAFRBzP13hZnI/wAAAFAaMfe/MsxE/gcAAIDSiLl/LMykIvlf/7/g/f+8Bz/i8//1//X/q9f/v6r/f0P0/7vT/+9B/1//vy/9/7nL+v/6/+SK1v+PuX9rmElF8j8AAABUQcz928JM5H8AAAAojZj77w4zkf8BAACgNGLu3x5mUpH8r/+/Jvr/mf6//r/+f/X6/z7//8bo/3en/9+D/r/+v8//1/+nr4rW/4+5/1VhJhXJ/wAAAFAFMffvCDOR/wEAAKA0Yu5/dZiJ/A8AAAClEXP/zjCTiuR//X/9f/1//X/9/8771/9fm/T/u9P/70H/X/9f/1//n74qWv8/5v7XhJlUJP8DAABAFcTcvyvMRP4HAACA0oi5/54wE/kfAAAASiPm/vEwk4rkf/1//X/9f/1//f/O+9f/X5v0/7vT/+9B/1//X/9f/5++Klr/P+b+e8NMKpL/AQAAoApi7r8vzET+BwAAgNKIuX8izET+BwAAgNKIuX8yzKQi+V//X/9f/1//f1n9/1fO36/+f07/v1j0/7vT/+9B/1///wXv/w/r/1MqRev/x9y/O8ykIvkfAAAAqiDm/j1hJvI/AAAAlEbM/XvDTOR/AAAAKI2Y+/eFmVQk/+v/6//r/+v/+/z/zvvX/1+b9P+763//Pz5E/X/9f/1/n/+v/89CRev/x9x/f5hJRfI/AAAAVEHM/fvDTOR/AAAAKI2Y+w+Emcj/AAAAUBox9x8MM6lI/tf/1//X/9f/1//vvH/9/7VJ/787n//fg/6//r/+v/4/K/Tw7zd/VbT+f8z9h8JMKpL/AQAAoApi7n9tmIn8DwAAAKURc/8vhZnI/wAAAFAaMff/cphJRfK//n9L97z+cPX/9f/1//X/G/T/1yb9/+70/3vQ/9f/1//X/2e5hrtduWj/P0Tv1e7/x9x/OMykIvkfAAAAqiDm/l8JM5H/AQAAoDRi7n9dmIn8DwAAAKURc/+RMJOK5H/9f5//r/+v/6//33n/q93/H4n3q/+/Ivr/3en/96D/r/+v/6//T18V7fP/Y+5/fZhJRfI/AAAAVEHM/Q+Emcj/AAAAUBox978hzET+BwAAgNKIuf+NYSYVyf/6//r/+v/6//r/nffv8//XJv3/7vT/g7s3dj4A/X/9f/1//X/6qmj9/5j73xRmUpH8DwAAAFUQc/+bw0zkfwAAACiNmPvfEmYi/wMAAEBpxNz/1jCTiuR//X/9f/1//X/9/8771/9fm/T/u9P/70H/X/9f/1//n74qWv8/5v5fDTOpSP4HAACAKoi5/8EwE/kfAAAASiPm/reFmcj/AAAAUBox9789zKQi+V//X/9f/1//X/+/8/71/9cm/f/u1lj//xe3hsv1/3P6/8U+/uX2/4favr4p/f8fLNb/n1vXfnv9f26GovX/Y+5/R5hJRfI/AAAAVEHM/e8MM5H/AQAAoDRi7n9XmIn8DwAAAKURc/+vhZlUJP/r/9ePY769rP9f1v7/gP6//r/+f0Xo/3e3xvr/Pv+/jf5/sY/f5//r/7NQ0fr/Mfe/O8ykIvkfAAAAqiDm/ofCTOR/AAAAKI2Y+x8OM5H/AQAAoDRi7n9PmElF8r/+v8//r0b/3+f/Z/r/+v8Vof/fnf5/D/r/+v9F6///u/4/a1vR+v8x9z8SZlKR/A8AAABVEHP/e8NM5H8AAAAojZj7fz3MRP4HAACA0oi5/31hJhXJ//r/a6X/P7ZG+/+P6//fxP7/Xbfm2+n/6/8zT/+/O/3/HvT/9f+L1v/3+f+scUXr/8fc//4wk6Xn/9ElbwkAAAC8IGLu/40wk4r8+z8AAABUQcz9vxlmIv8DAABAacTc/1thJhXJ//r/a6X/7/P/M/1/n//f9nj0//X/O1m9/n9859H/1//X/4/0//X/9f9pV7T+f8z9vx1mUpH8DwAAAFUQc/8HwkzkfwAAAFgTOv1/stvF3H80zET+BwAAgNKIuf9YmElF8r/+v/6//n9B+/9/su2fvvftdx7brf+v/6//vyyr+vn/9Re/z//X/9f/T/T/9f/1/2lXtP5/zP3Hw0wqkv8BAACgCmLu/50wE/kfAAAASiPm/hNhJvI/AAAAlEbM/VNhJhXJ//r/+v/6/wXt/6/hz/+P50P/v1Xf+v/xTVf/v6O8f59W0c3t/793vieu/7/c/v9Ix0v1//X/1/Lx6//r/7NQ0fr/MfdPh5lUJP8DAABAFYTcP3Ayn/NXyP8AAABQGjH3nwozkf8BAACgNGLu/2CYSUXyv/6//r/+v/6/z//vvP9u/f/akM//L6rUv/9Z44Wi/9+mOP3/zvT/9f/X8vHr/+v/s1DR+v8x98+EmVQk/wMAAEAVxNz/oTAT+R8AAABKI+b+D4eZyP8AAABQGjH3nw4zqUj+1//X/9f/1//X/++8/8J+/r/+fwfzNfuV9u/1/wP9/2r3//9b/1//X/+f/iha/z/m/jNhJhXJ//wfe3fSpWld3nH8qaShqw9ZZJdFssg5yS4vgUWyDi8gi2yyyTk5WZAEkpBBpXEeUVScFcF5wAEEERWcB3BCURxAxVmcECdEOe2h6rqu7qq6636qup+quu////NZ9CVlF88jp083v67+egMAANCD3P0Xxy32PwAAADQjd/+/xS32PwAAADQjd/+/xy2d7H/9/7n0/6crZf3/1vc/if7/b/X/u72+/l//3zL9/zj9/xL6f8//1//r/1mpqfX/ufv/I27pZP8DAABAD3L3XxK32P8AAADQjNz9l8Yt9j8AAAA0I3f/f8Ytnez/bf3/2qLP/j8zXs//b6n/9/z/XV9f/6//b9nh9v9XPPYzn/5f/6//D/r/PfX/x3f7fP0/LZpa/5+7/7/ilk72PwAAAPQgd/9/xy32PwAAADQjd/9lcYv9DwAAAM3I3f8/cUsn+391z/8/sfHxmfb/Rf+v/9/4gP5f/6//ny3P/x/XU/9/6d0XXPzQzX9+y35eX/+v//f8f/0/qzW1/j93///GLZ3sfwAAAOhB7v7/i1vsfwAAAGhG7v7/j1vsfwAAAGhG7v7HxS2d7P/V9f+zfv5/0f/r/zc+oP/X/+v/Z0v/P66n/v9sXl//r//X/+v/Wa2p9f+5+x8ft3Sy/wEAAKAHufufELfY/wAAANCM3P2Xxy32PwAAADQjd//JuKWT/a//P/j+/1H9v/4/rv6/z/4/f2XR/x8O/f84/f8S+n/9v/5f/89KTa3/z91/RdzSyf4HAACAHuTuf2LcYv8DAABAM3L3Pylusf8BAACgGbn7nxy3dLL/9f+e/6//X97/X6L/D/p/z/+fPv3/OP3/Evr/c+3nz9P/6//1/5xpn/3/IyM/ba+k/8/d/5S4pZP9DwAAAD3I3f/UuMX+BwAAgGbk7n9a3GL/AwAAQDNy9z89bulk/+v/9f/6f8//P+v+f+cPvQ36/2H6/8Oh/x83mf5/7djgh/X/s+//Pf9f/6//Z4upPf8/d/8z4pZO9j8AAAD0IHf/M+OWkf2/79/MBwAAAI5U7v5nxS2+/g8AAACzl9VZ7v5nxy2d7H/9v/5f/6//9/z/4dcf6/9vOeP96f+nRf8/bjL9/y70//r/Ob9//b/+n52m1v/n7n9O3NLJ/gcAAIAe5O6/Mm6x/wEAAKAZufufG7fY/wAAANCM3P3Pi1s62f/D/f/p/17/vzf6/63vX/8//ONjVf1//h31/6P9/995/n+f9P/jDr//P67/3/r31/8foKN+/433/yeWfb7+nyFT6/9z918Vt3Sy/wEAAKAHufufH7fY/wAAANCM3P0viFvsfwAAAGhG7v4Xxi2d7H/P/9f/6//n1/97/v+mo3z+/+LQ+/9j+v890v+P8/z/JfT/+n/9v+f/s1JT6/9z918dt3Sy/wEAAKAHVz+82Nj9L1os7H8AAACYozP/7MD2P1Aacve/OG6x/wEAAKAZuftfErd0sv/1//p//b/+X/8//PrT6v89/3+v9P/j9P9L6P8Pop8/1lj/f81unz+F/v9y/T8Ts6X/v+30x4+q/8/d/9K4pZP9DwAAAD3I3f+yuMX+BwAAgGbk7n953GL/AwAAQDNy978ibulk/x94/39i99eeef+/pTzR/299//r/rfT/8eNB/6//PwT6/3H6/yX0/57/7/n/+n9W6nT/v/Xnw6Pq/3P3vzJu6WT/AwAAQA9y978qbrH/AQAAoBm5+6+JW+x/AAAAaEbu/lfHLZ3sf8//9/x//b/+X/8//Pr6/3nS/4/T/y+h/9f/6//1/6zUluf/n+Go+v/c/dfGLZ3sfwAAAOhB7v7r4hb7HwAAAJqRu/81cYv9DwAAAM3I3f/auKWT/a//P9j+Pz+u/9f/L/T/+n/9/6Hotv9fG/qVaKdd+v87/+XkRVs/ov/X/+v/9f/6f1ZgEv3/qdP/dpm7/3VxSyf7HwAAAHqQu//1cYv9DwAAAM3I3f+GuMX+BwAAgGbk7n9j3LLP/f+nK31Xh0f/7/n/+n/9v/5/+PX1//PUbf+/R57/v4T+X/+v/9f/s1KT6P/P+Ovc/W+KW3z9HwAAAJqRu//NcYv9DwAAAM3I3f+WuMX+BwAAgGbk7n9r3NLJ/tf/6//1/7Ps/y+M76L/n2D/v74Ypv8/HPr/cfr/JfT/+n/9v/6flZpa/5+7//q4pZP9DwAAAD3I3f+2uMX+BwAAgGbk7n973GL/AwAAQDNy978jbji/l/2v/9f/6/9n2f97/v+E+//d6P8Ph/5/3Nn2/xc9uPnhJvr/G0bewFD/f+q4/l//r//X/3OWptb/5+5/Z9zSyf4HAACAHuTuvyFusf8BAACgGbn7b4xb7H8AAABoRu7+d8Utnex//b/+X/+v/9f/D7++/n+e9P/jPP9/Cc//1//r//X/rNTU+v/c/TfFLZ3sfwAAAOhB7v6b4xb7HwAAAJqRu//dcYv9DwAAAM3I3X9L3NLJ/tf/6//1//r/A+n/T+r/t9P/H46D6/8X+n/9v/5/Cf2//l//z3aH1f8/Ej/fL+v/c/e/J27pZP8DAABAD3L33xq32P8AAADQjNz9741b7H8AAABoRu7+98Utnex//b/+X/+v//f8/+HX1//Pk+f/j9P/L6H/1//r//X/rNRh9f+79f7b/zp3//vjlk72PwAAAPQgd/9tcYv9DwAAAM3I3X973GL/AwAAQDNy938gbulk/+v/9f9b+//FQv+v/9f/bzqE/n99of9fOf3/OP3/Evr/Nvv/P1o01P+f2PXz9f9M0dT6/9z9H4xbOtn/AAAA0IPc/R+KW+x/AAAAaEbu/g/HLfY/AAAANCN3/0filpb2/6O7p2/z7/+Pb/tE/f9isbj3Ms//1/+PvL7+fzL9f/1T1f+vjv5/3F/89QP3rO/lO+r/9f8t9f+e/6//58hMrf/P3f/RuKWl/Q8AAACdy93/sbjF/gcAAIBm5O7/eNxi/wMAAEAzcvd/Im7pZP/Pv//f/on6/8U5Pf9f/7/xAf2//l//P1vn2t9fux6/prXb/3v+/xj9/9J+fm2Xf+9Z6P/1//p/Bkyt/8/d/8m4pZP9DwAAAD3I3X9H3GL/AwAAQDNy998Zt9j/AAAA0Izc/Z+KWzrZ//p//f+c+v91/X/1/+v6f/2//n/QVJ7/f+GFf3+X/l//32L/P0b/r//X/7Pd1Pr/3P2fjls62f8AAADQg9z9n4lb7H8AAABoRu7+z8Yt9j8AAAA0I3f/5+KWTvb/zv7/vMVmobppqP+PRk3/fwb9/9b37/n/wz8+PP9f/6//P3hT6f89///s3r/+X/8/5/e/r/7/L3d+vv6fFk2t/8/df1fc0sn+BwAAgB7k7v983GL/AwAAQDNy938hbrH/AQAAoBm5+++OWzrZ/57/r//X/+v/9f/Dr6//nyf9/zj9/xL6/3Pv5/NnVf3/fJ///8f6f1Znav1/7v4vxi0bw++v/uQs/2cCAAAAE5K7/0txSydf/wcAAIAe5O6/J26x/wEAAKAZufu/HLd0sv/1//p//b/+X/8//Pr6/3nS/4/T/y/RT/+/PvTBo+7nz9VRv/9m+n/P/2eFptb/5+7/StzSyf4HAACAtj288W3u/q/GLfY/AAAANCN3/9fiFvsfAAAAmpG7/964pZP9r//X/7ff//+T/n/b6+v/9f8t0//nr+jD9P9L9NP/Dzrqfn7u71//r/9np6n1/7n774tbOtn/AAAA0IPc/V+PW+x/AAAAaEbu/m/ELfY/AAAANCN3/zfjlk72v/6/r/5/bdFj/+/5//p//X9P5tP/X3ds6KOe/6//1//P9/3r//X/7DS1/j93//1rx7rc/wAAADBX//A3/3rfXr/v/Rvfri++FbfY/wAAANCM3P3fjlvsfwAAAGhG7v7vxC2d7H/9f1/9f5/P/9f/6//1/z2ZT/8/TP+v/9f/z/f999D/nz/y+fp/hkyt/8/d/9245YzhN/h/0AMAAAAcnbHflBqQu/97cUsnX/8HAACAHuTu/37csmP/n9rjn2oHAAAApiZ3/w/ilk6+/q//n3j/vzig/j++n/5/k/5f/z/0+vr/edL/jzvH/v/Umv5f/z9C/99+/z9G/8+QqfX/uftvvWnR5f4HAACARm35HYUfbny7vnggbrH/AQAAoBm5+38Ut9j/AAAA0Izc/T+OWzrZ//r/iff/Z/X8/xP1nzz/v/P+/8r1wdfX/+v/W6b/H+f5/0vo//X/+n/9Pyu1j/5/Y5AedP+fu/8ncUsn+x8AAAB6kLv/p3GL/Q8AAADNyN3/s7jF/gcAAIBm5O5/MG7pZP/r/4+g/7/q+GJxoP3/Hp7/r//vo//f5fXb6f//7IKTd/zjP994vf6f0w6z/88fC/p//b/+f5P+X/+v/2e7qT3/P3f/z+OWTvY/AAAA9CB3/0Nxi/0PAAAAzcjd/4u45bH9f/tRvSsAAABglXL3/zJu6eTr/9X/r+v/F808/3+e/X/+sz6C/v/k/Pr/bIp77/89/1//v5Pn/4/T/y+h/9f/6//1/6zU1Pr/3P2/ils62f8AAADQg9z9v45bcv+v7fu37gEAAICJyd3/m7jF1/8BAACgGbn7H45bOtn/nv+v/59K/588///053n+/yb9v/5/P/T/4/T/S+j/9f/6f/0/KzW1/j93/2/jlk72PwAAAPQgd/8jcYv9DwAAAM3I3f+7uMX+BwAAgGbk7v993NLJ/tf/6//1//p//f/w6+v/50n/P07/v4T+X/+v/9f/s1JT6/9z9/8hAAD//x/Yb0M=")
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x8042, 0x0)
lchown(&(0x7f0000000080)='./file1\x00', 0xee01, 0xee00)

1.582834796s ago: executing program 1 (id=4003):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {@quota}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@user_xattr}]}, 0x3, 0x57d, &(0x7f0000000c80)="$eJzs3c9rFFccAPDvbDYaf7RGEGl7KAEPtVg3JukPCwXtsbRSob3bJRmDZONKdiMmFdRDvfRSpFBKLaV/QO89Sv+B/hVCK0iR0B56SZnNrK5JNr/cdFf384HR92Zm/c6bN+/5nZ1dNoC+NZL9UYh4NSK+SSIOtWwrRr5xZGW/pUfXJ7MlieXlz/5KIsnXNfdP8r8P5JVXIuK3ryJOFNbGrS0szpQrlXQur4/WZ6+M1hYWT16aLU+n0+nl8YmJ0+9MjL//3rsda+ub5//5/tN7H53++tjSd788OHwnibNxMN/W2o5ncLO1MhIj+TkZjLOrdhzrQLBeknT7ANiRgXycD0Y2BxyKgXzUAy++GxGxDPSpxPiHPtXMA5r39h26D35uPPxw5QZobfuLK++NxFDj3mj/UvLUnVF2vzvcgfhZjF//vHsnW2KT9yFudCAeQNPNWxFxqlhcO/8l+fy3c6cabx5vbHWMfvv/B7rpXpb/vLVe/lN4nP/EOvnPgXXG7k5sPv4LDzoQpq0s//tg3fz38dQ1PJDXXmrkfIPJxUuV9FREvBwRx2Nwb1bf6HnO6aX7y+22teZ/2ZLFb+aC+XE8KO59+jVT5Xr5Wdrc6uGtiNee5L9JrJn/hxq57ur+z87H+S3GOJrefb3dts3b36rzGfDyzxFvrNv/T55oJRs/nxxtXA+jzatirb9vH/29Xfzttb/zsv7fv3H7h5PW57W17cf4aejftN22nV7/e5LPG+U9+bpr5Xp9bixiT/LJ2vXjT17brDf3z9p//NjG89961/++iPhii+2/feR22117of+nttX/2y/c//jLH9rF31r/v90oHc/XbGX+2+oBPsu5AwAAAAAAgF5TiIiDkRRKj8uFQqm08vmOI7G/UKnW6icuVucvT0Xju7LDMVhoPuk+1PJ5iLH887DN+viq+kREHI6Ibwf2NeqlyWplqtuNBwAAAAAAAAAAAAAAAAAAgB5xoM33/zN/DHT76IBd5ye/oX9tOv478UtPQE8a6vYBAF0j/4f+ZfxD/zL+oX8Z/9C/jH/oX8Y/9K9s/P/Y7YMAAAAAAAAAAAAAAAAAAAAAAAAAAACAF8f5c+eyZXnp0fXJrD51dWF+pnr15FRamynNzk+WJqtzV0rT1ep0JS1NVmc3+/cq1eqVsfGYvzZaT2v10drC4oXZ6vzl+oVLs+Xp9EI6+L+0CgAAAAAAAAAAAAAAAAAAAJ4vtYXFmXKlks7tXmHf7ofY3cKZaK4p5metRw5si4Vks14+kzdrRyGK3W+gwi4UujgpAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAq/wUAAP//LiIwgg==")
lsetxattr$trusted_overlay_upper(&(0x7f0000000000)='./file1\x00', &(0x7f0000000840), &(0x7f00000003c0)=ANY=[], 0x361, 0x0)
creat(&(0x7f0000000080)='./file1\x00', 0xc2)

1.507932873s ago: executing program 4 (id=4004):
r0 = syz_open_dev$vbi(&(0x7f0000000080), 0x3, 0x2)
ioctl$VIDIOC_S_OUTPUT(r0, 0xc004562f, &(0x7f0000000000)=0x1)
ioctl$VIDIOC_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000380)={0x0, @bt={0x2d0, 0x191, 0x1, 0x0, 0xdd9f83, 0x1, 0x9, 0xdc9, 0x2, 0x5, 0x722, 0x13, 0x7, 0x7f, 0x3f, 0xb763599953cb091d, {0x0, 0x6fd8e84b}, 0x3, 0xed}})

1.501702962s ago: executing program 2 (id=4005):
syz_mount_image$exfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000340)=ANY=[@ANYBLOB='gid=', @ANYRESHEX=0xee00, @ANYBLOB='\x00\x00\x00\x00\x00', @ANYRESHEX=0x0, @ANYBLOB=',fmask=00000000000000000000007,fmask=00000000000000000004301,iocharset=iso8859-2,errors=continue,allow_utime=00000000000000000000002,umask=00000000000000000000000,errors=continue,iocharset=cp437,namecase=1,\x00'], 0x1, 0x1531, &(0x7f0000001f80)="$eJzs3AucTtX6OPDnWWvtMSS9TXIZ1lrP5k1imSTJJUkuSZIkSW4JSZMcSUgMuSUNSch1SC5DSC4Tk8b9fr8kJEmTJCG5Jev/Ef7qVL9zzu/0O86neb6fz/5Yz+z9rP287/Ne1t6YbzoOqtageuV6RAT/FrzwRxIAxAJAPwC4BgACACgdVzru/P7sEpP+vZOwP9fDqVe6AnYlcf+zNu5/1sb9z9q4/1kb9z9r4/5nbdz/rI37z1hWtnFq/mt5y7ob3///66vzh3v4+/8vJLPE6C9Wl7i+E0DMP5vC/c/auP9/WcE/cxD3P2vj/mdVsVe6APZfgN//f0lNfh1m+8MDuf9ZG/efsazsSt9/vtIbRLL2c3ClX3+MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxrKGU/6i0+AVAFwKr3RdjDHGGGOMMcYY+/P4bFe6AsYYY4wxxhhjjP3fQxAgQUEAMZANYiE75AABAFdDLrgGInAtxMF1kBuuhzyQF/JBfoiHAlAQNBiwQBBCISgMUbgBisCNUBRugmJQHByUgAS4GUrCLVAKboXScBuUgduhLJSD8lAB7oCKcCdUgrugMtwNVaAqVIPqcA/UgHuhJtwHteB+qA0PQB14EOrCQ1APHob68Ag0gEehITwGjaAxNIGm0Ox/lf8idIWXoBt0hyToAT3hZegFvaEP9IV+8Ar0h1dhALwGyTAQBsHrMBjegCHwJgyFYTAc3oIRMBJGwWgYA2MhBcbBeHgbJsA7MBEmwWSYAqkwFabBuzAdZsBMeA9mwfswG+bAXJgHafABzIcFkA4fwkL4CDJgESyGJbAUlsFyWAErYRWshjWwFtbBetgAG2ETbIYtsBW2wXb4GHbAJ7ATdsFu+BT2wGf/Yv7Jv8vvhICAAgUqVBiDMRiLsZgDc2BOzIm5MBdGMIJxGIe5MTfmwTyYD/NhPMZjQSyIBg0SEhbCQhjFKBbBIlgUi2IxLIYOHSZgApbEW7AUlsLSWBrLYBksi+WwHFbAClgRK2IlrISVsTJWwSpYDavhPXgP9sCaWBNrYS2sjbUv3Z7CelgP62N9bIANsCE2xEbYCJtgE2yGzbA5NscW2AJbYStsja2xDbbBREzEttgW22E7bI/tsQN2wI7YETthZ+yc+WI2wJfwJeyOVUQP7Ik9sRcmZ+uDfbEvvoL98VV8FV/DZByIg/B1fB3fwCF4AofiMByOw7GiGImjcDSSGIspmILjcTxOwAk4ESfhJJyCqTgVp+E0nI4zcAa+h7PwfXwf5+AcnIdpmIbzcQGmYzouxJOYgYtwMS7BpbgMl+IKXIkrcDWuwdW4DtfhBtyAm3ATbsEtuA234ceoAPAT3IW7MBn34B7ci3txH+7D/bgfMzETD+ABPIgH8RAewsN4GI/gUTyGR/E4HscTeBJP4Sk8g2fwLD4f/1X9j29alQziPCWUiBExIlbEihwih8gpcopcIpeIiIiIE3Eit8gt8og8Ip/IJ+JFvCgoCgojjCARxgCAiIqoKCKKiKKiqCgmigknnEgQCaKkKClKiVKitLhNlBG3i7KinGjpKogKoqJo5SqJu0RlUVlUEVVFNVFdVBc1RA1RU9QUtUQtUVvUFnXEg6Ku6IF98GFxvjMNxEBsKAZhI9FYyIufYM3FEGwhWopW4kkxDIdiG9HcJYpnRFsxCtuJv4nR+JzoIMZiR/GC6CQ6iy7iRdFVtHDdRHcxEXuInmIK9hK9RR/RV0zHquI9nJW9mnhNJIuBYpB4XczDN8QQ8aYYKoaJ4eItMUKMFKPEaDFGjBUpYpwYL94WE8Q7YqKYJCaLKSJVTBXTxLtiupghZor3xCzxvpgt5oi5Yp5IEx+I+WKBSBcfioXiI5EhFonFYolYKpaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Cq2ie3iY7FDfCJ2il1it/hU7BGfib3ic7FPfCH2iy9FpvhKHBBfi4PiG3FIfCsOi+/EEXFUHBPfi+PiB3FCnBSnxGlxRvwozoqfxDnhBUiUQkqpZCBjZDYZK7PLHPIqmVMGF5/da2WcvE7mltfLPDKvzCfzy3hZQBaUWhppJclQFpKFZVTeIIvIG2VReZMsJotLJ0vIBHmzLClvkaXkrbK0vE2WkbfLsrKcLC8ryDtkRXmnhMiFc1SRVWU1WV3eI5PgXllT3idryftlbfmArCMflHXlQ7KefFjWl4/IBvJR2VA+JhvJxrKJbCqbycdlc/mEbCFbylbySdlaPiXbyKdlonxGtpX+4kvkOdlBPi87yhdkJ9lZdpE/yXPSy26yu4QeIHvKl2Uv2Vv2kX1lP/mK7C9flQPkazJZDpSD5OtysHxDDpFvyqFymBwu35Ij5Eg5So6WY+RYmSLHyfHybTlBviMnyklyspwiU+VU2efiTDOl/If5b/9O/oCfz75BbpSb5Ga5RW6V2+R2+bHcIXfInXKn3C13yz1yj9wr98p9cp/cL/fLTJkpD8gD8qA8KA/JQ/KwPCyPyKPytPxeHpc/yBPypDwpT8sz8ow8e/E5AIVKKKmUClSMyqZiVXaVQ12lcqqrVS51jYqoa1Wcuk7lVterPCqvyqfyq3hVQBVUWhllFalQFVKFVVTdgBdfMKqYKq6cKqES1M3/Sr4qom5URdVNv8q/VF/SH9TXTDVTzVVz1UK1UK1UK9VatVZtVBuVqBJVW9VWtVPtVHvVXnVQHVRH1VF1Up1UF9VFdVVdVTfVTSWpJNVTvax6qd6qj+qr+qlXVH/VXw1QA1SySlaD1CA1WA1WQ9QQNVQNVcPVcDVCjVCj1Cg1Ro1RKSpFjVfj1QQ1QU1UE9VkNVmlqlQ1TU1T09V0NVPNVLPULDVbzVZz1VyVptLUfDVfpat0tVAtVBlqkVqklqglaplaplaoFWqVWqXWqDVqnVqnMtRGtVFtVpvVVrVVbVfb1Q61Q+1UO9VutVvtUXvUXrVX7VP71H61X2WqTHVAHVAH1UF1SB1Sh9VhdUQdUcfUMXVcHVcn1Al1Sp1SZ9QZdVadVefUufPLvkAEIlCBCmKCmCA2iA1yBDmCnEHOIFeQK4gEkSAuiAtyB9cHeYK8Qb4gfxAfFAgKBjowgQ3ExaZHgxuCIsGNQdHgpqBYUDxwQYkgIbg5KBncEpQKbg1KB7cFZYLbg7JBuaB8UCG4I6gY3BlUCu4KKgd3B1WCqkG1oHpwT1AjuDeoGdwX1AruD2oHDwR1ggeDusFDQb3g4aB+8EjQIHg0aBg8FjQKGgdNgqZBsz91fu9P5H3CddPddZLuoXvql3Uv3Vv30X11P/2K7q9f1QP0azpZD9SD9Ot6sH5DD9Fv6qF6mB6u39Ij9Eg9So/WY/RYnaLH6fH6bT1Bv6Mn6kl6sp6iU/VUPU2/q6frGXqmfk/P0u/r2XqOnqvn6TT9gZ6vF+h0/aFeqD/SGXqRXqyX6KV6mV6uV+iVepVerdfotXqdXq836I16k96st+itepverj/WO/QneqfepXfrT/Ue/Zneqz/X+/QXer/+Umfqr/QB/bU+qL/Rh/S3+rD+Th/RR/Ux/b0+rn/QJ/RJfUqf1mf0j/qs/kmf0/784v7817tRRpkYE2NiTazJYXKYnCanyWVymYiJmDgTZ3Kb3CaPyWPymXwm3sSbgqagOY8MmUKmkImaqCliipiipqgpZooZZ5xJMAmmpClpSplSprQpbcqYMqasKWvKm/LmDnOHudPcae4yd5m7zd2mqqlqqpvqpoapYWqamqaWqWVqm9qmjqlj6pq6pp6pZ+qb+qaBaWAamoamkWlkmpgmpplpZpqb5qaFaWFamVamtWlt2pg2JtEkmramrWln2pn2pr3pYDqYjqaj6WQ6mS6mi+lquppupptJMkmmp+lpeplepo/pY/qZfqa/6W8GmAEm2SSbQWaQGWwGmyFmiBlqhpnh5xeqZqQZZUZ/O8aMNSkmxYw3480EM8FMNBPNZDPZpJpUM81MM9PNdDPTzDSzzCwz28w2c81ck2bSzHwz36SbdLPQLDQZJsMsNovNUrPULDfLzUqz0qw2q81aWGvWm/Vmo9loNpvNZqvZarab7WaH2WF2mp1mt9lt9pg9Zq/Za/aZfWa/2W8yTaY5YA6Yg+agOWQOmcPmsDlijphj5pg5bo6bE+aEOWVOmTMm78XvS29ibXabw15lc9qrbS57jf37OJ/Nb+NtAVvQapvH5v1VbKy1Re1Ntpgtbp0tYRPszb+Jy9pytrytYO+wFe2dttJv4hr2XlvT3mdr2fttdXvPr+La9gFbxz5q6yIC2Ma2vm1qG9hHbUP7mG1kG9smtqltbZ+ybezTNtE+Y9vaZ38Tz7cL7Eq7yq62a+xOu8uesqftQfuNPWN/tN1sd9vPvmL721ftAPuaTbYDfxMPt2/ZEXakHWVH2zF27G/iyXaKTbVT7TT7rp1uZ/wmTrMf2Fk23c62c+xcO+/n+HxN6fZDu9B+ZDNsAIvtErvULrPL7Yr/X+sSu86utxvsDvuJ3Wy32K12m91+aSFsd9nd9lO7x35mD9iv7T77hd1vD9lM+9XP8fnHd8h+aw/b7+wRe9Qes9/b4/YH9XPuyF4A9kf7vf3JnrPeAiEBSVIUUAxlo1jKTjnoKspJV1MuuoYidC3F0XWUm66nPJSX8lF+iqcCVJA0GbJEFFIhKkxRuoEulVeMipOjEpRAN1NJuoVK0a1Umm6jMnQ7laVyVJ4q0B1Uke6kSnQXVaa7qQpVpWpUne6hGnQv1aT7qBbdT7XpAapDD1Jdeojq0cNUnx6hBvQoNaTHqBE1pibUlJrR49ScnqAW1JJa0ZPUmp6iNvQ0JdIz1JaepXb0N2pPz1EHep460gvUiTpTF3qRutJL1I26UxL1oJ70MvWi3tSH+lI/eoX606s0gF6jZBpIg+h1Gkxv0BB6k4bSMBpOb9EIGkmjaDSNobGUQuNoPL1NE+gdmkiTaDJNoVSaStPoXZpOM2gmvUez6H2aTXNoLs2jNPqA5tMCSqcPaSF9RBm0iBbTElpKy2g5raCVtIpW0xpaS+toPW2gjbSJNtMW2krbaDt9TDvoE9pJu2g3fUp76DPaS5/TPvqC9tOXlElf0QH6mg7SN3SIvvXd6Ts6QkfpGH1Px+kHOkEn6RSdpjP0I52ln+gceYIQQxHKUIVBGBNmC2PD7GGO8KowZ3h1mCu8JoyE14Zx4XVh7vD6ME+YN8wX5g/jwwJhwVCHJrQhhWFYKCwcRsMbwiLhjWHREMNiYfHQhSXChPDmsGR4S1gqvDUsHd4WlglvD8uG5cJH768Q3hFWDO8MK4V3hZXDu8MqYdWwWlg9vCesEd4b1gzvC2uF94elwgfCOuGDYd3wobBe+HBYP3wkbBA+GjYMHwsbhY3DJmHTsFn4eNg8fCJsEbYMW4VPhq3Dp8I24dNhYvhM2DZ89uf9Dyz44/1JYY+wZ/hy+HLo/X1ybnReNC36QXR+dEE0PfphdGH0o2hGdFF0cXRJdGl0WXR5dEV0ZXRVdHV0TXRtdF10fXRD1Pvq2cChE0465QIX47K5WJfd5XBXuZzuapfLXeMi7loX565zud31Lo/L6/K5/C7eFXAFnXbGWUcudIVcYRd1N7gi7kZX1N3kirnizrkSLsE1dc1cM9fcPeFauJaulXvSPemeck+5p93T7hnX1j3r2rm/ufbuOdfBPe+edy+4Tq6z6+JedF3duFwX3pNJrqfr6Xq5Xq6P6+P6uX6uv+vvBrgBLtklu0FukBvsBrshbogb6oa64W64G+FGuFFulBvjxrgUl+LGu/FugpvgJrqJbrKb7FJdqpvmprnpbrqrOOPCWWa72W6um+vSXJqb786vGdPdQrfQZbgMt9gtdkvdUrfcLXcr3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O9wOt9Nfc2FSt8ftdXvdPrfP7Xdfukz3lTvgvnYH3TfukPvWHXbfuSPuqDvmvnfH3Q/uhDvpTrnT7oz70Z11P7lzzruUyLjI+MjbkQmRdyITI5MikyNTIqmRqZFpkXcj0yMzIjMj70VmRd6PzI7MicyNzIukRT6IzI8siKRHPowsjHwUyYgsiiyOLIksjSyLeF9gc+gL+cI+6m/wRfyNvqi/yRfzxb3zJXyCv9mX9Lf4Uv5WX9rf5sv4231ZX86X94/5Rr6xb+Kb+mb+cd/cP+Fb+Ja+lX/St/ZP+Tb+aZ/on/Ft/bO+nf+bb++f8x38876jf8F38p19F/+i7+pf8t18d5/ke/ie/mXfy/f2fXxf38+/4vv7V/0A/5pP9gP9IP+6H+zf8EP8m36oH+aHx7zlR1y6RIaxPsWP8+P9236Cf8dP9JP8ZD/Fp/qpfpp/10/3M/xM/56f5d/3s/0cP9fP82n+Az/fL/Dp/kO/0H/kM/yiSzeV/XK/wq/0q/xqv8av9ev8er/Bb/Sb/Ga/xW/12/x2/7Hf4T/xO/0uv9t/6vf4z/xe/7nf57/w+/2XPtN/5Q/4r/1B/40/5L/1h/13/og/6o/57/1x/4M/4U/6U/60P+N/9Gf9T/4c/581xhhjjLF/yrjLQ/HrPRdu5/f4nRzxi4N7AsDVW/Jn/nL/+RXl2jwXxr1FfOsIADzTvePDl7YqVZKSki4emyEhKDwH4NLfBJ0XA5fjRdAKnoJEaAklf7f+3qLzGfoH80dvA8jxi5xYuBxfnv9zAEz6nfkff3L4/DLhqbj/Yf45AEULX87JDpfjRdDq5/srLaHUH9Sft/kv64/97fzZv0gBaPGLnJxwOb5cfwI8Ac9C4q+OZIwxxhhjjDHGLugtyre/dP156V98/t71eby6nJMNLsf/6PqcMcYYY4wxxhhjV95znbs8/XhiYsv2//qg0v8q658eNIT/q5l58LsD7wEu/UQBwL85IcD5gfxPPopN/5FzJV986/z9rqWnfQD/Ha38MwZX+IOJMcYYY4wx9qe7vOj/9c/VlSqIMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLgv4Tv07sSj9GxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhj7Er7fwEAAP//nXwDKg==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f00000004c0)="c7ba00000000000000086bdbe0fa681c5a9f2e2141d04da32a70ea6c51d0f6d914d781885d52f42dbd61e081c8994c78a3c68f62caeeb9a96118761d8ddde84bac6ce8fb384e66171b0e2f358dcdf6de00cec324f74a1ad2f98aa11518474437d913d19ea7c17e1820d7b2d7160d56afc7b0f190acfa3c8c3824e085aba99c0d018283ebf045a17b4b74a33aea654ec322e274e226ce1c1c6c5ed48b5c56eda8b76d55106f41ebce3580763bef22214a7527c5f47cde06842b5f1463e9c716e9001aeafaebe4cb2a59d7c9dee42cf8ef4e988b88e0cd240326020a820f1d113fc2ecc3e471cb97f3008c604ceb55b19ba3ba7fee9e8a6eea574d8d43c7e08e36")

1.420392491s ago: executing program 1 (id=4006):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="160000000000000008000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x3, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b01010000000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x64}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x8, 0xa0, &(0x7f0000001a80)=""/160, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)

1.205160171s ago: executing program 1 (id=4007):
syz_read_part_table(0x5d4, &(0x7f0000000000)="$eJzs279r02kcB/BPqiF3OrgIBy6nDg6HHCiOZlBJoqKQi3aRGxQUETNFECIXEHTQDIoZxNFFCln6Y2qaoVNLC517pUOPQocud7RLoUtzhD5dyg0tlx4cvF7w5cPzfN/f5/N8/oBv8L82FH/1er1MRPRyEd8d8uvhdqF462z5WuV+RKZ/WPz+8w+/9N/8mBL9U/vOp/VKWn/7eqL7fvNmtr18b+vCw5nm0N51IuJ1RJwc6QwPYj6O1mh+9tSbt7XSh3r+2VKpsfZuceHu2Eah0rnTbI3fzt54nHJzqR5P9UXU41U8j0dRjWo8idqA+n9pr17aOVNqTz69ul3sfpy+nHLlfznnQfu/PPfpQatx/eLE6c9X6lPzlfVju7lq7oguAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAQI3mZ0+9eVsrfajncxGx9m5x4e7YRqHSudNsjd/O3niccnOpHk/1RdTjVTyPR1GNajyJ2t6Bvd5B2n7/D/2fLZUaa1/aq5d2zpTak0+vbhe7H6cvp1x5UAPvs7//y3OfHrQa1y9OnP58pT41X1k/tpur5o7oAgAAAAAAAAAAAAAAAAAAABARheKts+VrlfsRmfg1In7687eh/n4v/e+eSbnzqa6k/W9fT3Tfb97MtpfvbV14ONP8I+2/Ts/Jkc7wfz4Mh/Z3AAAA///sR5Sb")
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SCSI_IOCTL_GET_PCI(r0, 0x5393, &(0x7f0000000000))

981.832041ms ago: executing program 2 (id=4008):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={{0x14}, [@NFT_MSG_NEWRULE={0x80, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x54, 0x4, 0x0, 0x1, [{0x50, 0x1, 0x0, 0x1, @inner={{0xa}, @val={0x40, 0x2, 0x0, 0x1, [@NFTA_INNER_TYPE={0x8, 0x2, 0x1, 0x0, 0x84}, @NFTA_INNER_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}, @NFTA_INNER_HDRSIZE={0x8, 0x4, 0x1, 0x0, 0xf}, @NFTA_INNER_NUM={0x8}, @NFTA_INNER_EXPR={0x1c, 0x5, 0x0, 0x1, @meta={{0x9}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0x1}]}}}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0xa}}}, 0xa8}}, 0x0)

971.948836ms ago: executing program 4 (id=4009):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), r0)
sendmsg$DEVLINK_CMD_RELOAD(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x3c, r1, 0x1, 0x0, 0x0, {0x7}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0x8}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040000}, 0x0)

910.594875ms ago: executing program 1 (id=4010):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000240)={0x27800000000, 0x0, 0x1, 0xffffffffffffffff, 0x20000000})

804.544729ms ago: executing program 2 (id=4011):
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, &(0x7f0000000840)={0x2, 0x4, @loopback}, 0x10)
sendmsg$rds(r0, &(0x7f0000000300)={&(0x7f0000000040)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000000400)=[@cswp={0x58, 0x114, 0x7, {{0x88, 0x800}, &(0x7f00000000c0)=0x3b3, 0x0, 0x10001, 0x2, 0x0, 0x4, 0x21, 0x9}}], 0x58, 0x8004}, 0x0)

767.99677ms ago: executing program 4 (id=4012):
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000004540)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000380)="73fd71361e8d6c80ae1bc9953e2a4aeac7a314273066fc7f65a51969b46df1774bb0be94ccd4824f2d57ad2cd37242b1258402395481f9f07e067652e52aa8ccefcd0962ba0c48757b68d493f3ad702e65d4daa7dfc1605a173185472ae12470eea64c70ef4e64793b8a830447de0f423bef3964934eef4243cac42939ba6fa68d821b9373b5f3e2c26e7ca75ed8fb3203aef3a6637cecdd0251532b99537e02f604058f50e66c8a657d59beeed127695475f082d3d2b9790181fc987ad000ac00887d1506be89f388ecb405660b4ea196ee8f5a92b12ec43bbf49567db613d478ebe2358364f7600bf4f80ef4b2756fb13416c4fa22880cc96a03f07888575aedb001d5a74bb2f906797912b5ac080a0a3d361425f1a92ab03bbe65d5dcb235f43b5ad1162a16ebdc647baac013bf076945126cdd5a080853976a97ad55184601102fbb8df86b21aa8162858d74465c5fb7dc766602a3567f6eaf441f85ec50ca7fb3a4fdb450d1420531da25d01a412958a5e3895c59542238cf8e188e7fb5641eb24a5f1819bf8d2e9dd6c1d0e93564d723e311db9cd268bb1e477036e822b135cdbaf40f812aa7db01d22c829ab01ae24997dae96ddeed49e62d285701d5419e3f94a8b95790cf5a296ed15bffae1f71470c6a6eda872528844a2df42590d898630263cab5cccec57b7cea365ad8c91bfbe7cb419635ce6bf340a56115c0ad922b6fade9538e543bc5def2a85d35ab16d20c219c4733837be2c14ba4d3d32c3a", 0x222}], 0x1}}], 0x1, 0x240080e4)
mknod(&(0x7f00000000c0)='./file0\x00', 0x8001420, 0x0)
mount$afs(&(0x7f0000000480)=ANY=[@ANYBLOB='#'], &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)

603.765081ms ago: executing program 2 (id=4013):
syz_mount_image$hpfs(&(0x7f000000a000), &(0x7f0000009ec0)='./file1\x00', 0x3200041, &(0x7f00000000c0)={[{@eas_no}, {@chkdsk_no}, {@case_asis}, {@check_none}]}, 0x1, 0x9e15, &(0x7f000000a040)="$eJwUk1Mc34UDRZe37JZtnmzbtm375H5fG8u23VbLtm3XsrH4//wf7ut9OPfcOwc4coCjBnjXAO8e4OgB3jPAewd43wDvH+ADA3xwgA8N8OEBPjLARwf42AAfH+ATA3xygE8N8OkBPjPAZwf43ACfH+ALA3xxgC8N8OUBvjLAVwf42gBfH+AbA3xzgG8N8O0BvjPAdwf43gDfH+AHA/xwgB8N8OMBfjLATwf42QA/H+AXAxwzwC8H+NUAvx7gNwP8doDfDfD7Af4wwB8H+NMAfx7gLwP8dYC/DfD3Af4xwLED/HOAfw3w7wH+M8B/B/jfAIcEOE6A4wY4XoDjBzhBgBMGOFGAQwMcFuDEAU4S4KQBThbg5AFOEeCUAU4V4NQBThPgtAFOF+D0Ac4Q4PAAZwxwpgBnDnCWAGcNcLYAZw9wjgDnDHCuAOcOcJ4A5w1wvgDnD3CBABcMcKEAFw5wkQAXDXCxABcPcIkACXDJAJcKcOkAlwlw2QCXC3D5AFcIcMUAVwpw5QBXCXDVAFcLcPUA1whwzQDXCnDtANcJcN0A1wtw/QA3CHDDADcKcOMANwlw0wA3C3DzALcIcMsAtwpw6wC3CXDbALcLcPsAdwhwxwB3CnDnAHcJcNcAdwtw9wD3CHDPAPcKcO8A9wlw3wD3C3D/AA8I8MAADwrw4AAPCfDQAA8L8PAAjwjwyACPCvDoAI8J8NgAjwvw+ABPCPDEAA3wpABPDvCUAE8N8LQATw/wjADPDHAQYBBgGGAUYBxgEmAaYBZgHmARYBlgFWAdYBNgG2AXYB/giADPCvDsAM8J8NwAzwvw/AAvCPDCAC8K8OIALwnw0gAvC/DyAK8I8MoArwrw6gCvCfDaAK8L8PoAbwjwxgBvCvDmAG8J8NYAbwvw9gDvCPDOAEcGOCrAuwK8O8DRAd4T4L0B3hfg/QE+EOCDAT4U4MMBPhLgowE+FuDjAT4R4JMBPhXg0wE+E+CzAT4X4PMBvhDgiwG+FODLAb4S4KsBvhbg6wG+EeCbAb4V4NsBvhPguwG+F+D7AX4Q4IcBfhTgxwF+EuCnAX4W4OcBfhHgmAC/DPCrAL8O8JsAvw3wuwC/D/CHAH8M8KcAfw7wlwB/DfC3AH8P8I8Axwb4Z4B/Bfh3gP8E+G+A/wU4JMRxQhw3xPFCHD/ECUKcMMSJQhwa4rAQJw5xkhAnDXGyECcPcYoQpwxxqhCnDnGaEKcNcboQpw9xhhCHhzhjiDOFOHOIs4Q4a4izhTh7iHOEOGeIc4U4d4jzhDhviPOFOH+IC4S4YIgLhbhwiIuEuGiIi4W4eIhLhEiIS4a4VIhLh7hMiMuGuFyIy4e4QogrhrhSiCuHuEqIq4a4Woirh7hGiGuGuFaIa4e4TojrhrheiOuHuEGIG4a4UYgbh7hJiJuGuFmIm4e4RYhbhrhViFuHuE2I24a4XYjbh7hDiDuGuFOIO4e4S4i7hrhbiLuHuEeIe4a4V4h7h7hPiPuGuF+I+4d4QIgHhnhQiAeHeEiIh4Z4WIiHh3hEiEeGeFSIR4d4TIjHhnhciMeHeEKIJ4ZoiCeFeHKIp4R4aoinhXh6iGeEeGaIgxCDEMMQoxDjEJMQ0xCzEPMQixDLEKsQ6xCbENsQuxD7EEeEeFaIZ4d4TojnhnheiOeHeEGIF4Z4UYgXh3hJiJeGeFmIl4d4RYhXhnhViFeHeE2I14Z4XYjXh3hDiDeGeFOIN4d4S4i3hnhbiLeHeEeId4Y4MsRRId4V4t0hjg7xnhDvDfG+EO8P8YEQHwzxoRAfDvGREB8N8bEQHw/xiRCfDPGpEJ8O8ZkQnw3xuRCfD/GFEF8M8aUQXw7xlRBfDfG1EF8P8Y0Q3wzxrRDfDvGdEN8N8b0Q3w/xgxA/DPGjED8O8ZMQPw3xsxA/D/GLEMeE+GWIX4X4dYjfhPhtiN+F+H2IP4T4Y4g/hfhziL+E+GuIv4X4e4h/hDg2xD9D/CvEv0P8J8R/Q/wvxCERjhPhuBGOF+H4EU4Q4YQRThTh0AiHRThxhJNEOGmEk0U4eYRTRDhlhFNFOHWE00Q4bYTTRTh9hDNEODzCGSOcKcKZI5wlwlkjnC3C2SOcI8I5I5wrwrkjnCfCeSOcL8L5I1wgwgUjXCjChSNcJMJFI1wswsUjXCJCIlwywqUiXDrCZSJcNsLlIlw+whUiXDHClSJcOcJVIlw1wtUiXD3CNSJcM8K1Ilw7wnUiXDfC9SJcP8INItwwwo0i3DjCTSLcNMLNItw8wi0i3DLCrSLcOsJtItw2wu0i3D7CHSLcMcKdItw5wl0i3DXC3SLcPcI9Itwzwr0i3DvCfSLcN8L9Itw/wgMiPDDCgyI8OMJDIjw0wsMiPDzCIyI8MsKjIjw6wmMiPDbC4yI8PsITIjwxQiM8KcKTIzwlwlMjPC3C0yM8I8IzIxxEGEQYRhhFGEeYRJhGmEWYR1hEWEZYRVhH2ETYRthF2Ec4IsKzIjw7wnMiPDfC8yI8P8ILIrwwwosivDjCSyK8NMLLIrw8wisivDLCqyK8OsJrIrw2wusivD7CGyK8McKbIrw5wlsivDXC2yK8PcI7IrwzwpERjorwrgjvjnB0hPdEeG+E90V4f4QPRPhghA9F+HCEj0T4aISPRfh4hE9E+GSET0X4dITPRPhshM9F+HyEL0T4YoQvRfhyhK9E+GqEr0X4eoRvRPhmhG9F+HaE70T4boTvRfh+hB9E+GGEH0X4cYSfRPhphJ9F+HmEX0Q4JsIvI/wqwq8j/CbCbyP8LsLvI/whwh8j/CnCnyP8JcJfI/wtwt8j/CPCsRH+GeFfEf4d4T8R/hvhfxEOiXGcGMeNcbwYx49xghgnjHGiGIfGOCzGiWOcJMZJY5wsxsljnCLGKWOcKsapY5wmxmljnC7G6WOcIcbhMc4Y40wxzhzjLDHOGuNsMc4e4xwxzhnjXDHOHeM8Mc4b43wxzh/jAjEuGONCMS4c4yIxLhrjYjEuHuMSMRLjkjEuFePSMS4T47IxLhfj8jGuEOOKMa4U48oxrhLjqjGuFuPqMa4R45oxrhXj2jGuE+O6Ma4X4/oxbhDjhjFuFOPGMW4S46Yxbhbj5jFuEeOWMW4V49YxbhPjtjFuN/6QIf/nu0OMO8a4U4w7x7hLjLvGuFuMu8e4R4x7xrhXjHvHuE+M+8a4X4z7x3hAjAfGeFCMB8d4SIyHxnhYjIfHeESMR8Z4VIxHx3hMjMfGeFyMx8d4QownxmiMJ8V4coynxHhqjKfFeHqMZ8R4ZoyDGIMYwxijGOMYkxjTGLMY8xiLGMsYqxjrGJsY2xi7GPsYR8R4Voxnx3hOjOfGeF6M58d4QYwXxnhRjBfHeEmMl8Z4WYyXx3hFjFfGeFWMV8d4TYzXxnhdjNfHeEOMN8Z4U4w3x3hLjLfGeFuMt8d4R4x3xjgyxlEx3hXj3TGOjvGeGO+N8b4Y74/xgRgfjPGhGB+O8ZEYH43xsRgfj/GJGJ+M8akYn47xmRifjfG5GJ+P8YUYX4zxpRhfjvGVGF+N8bUYX4/xjRjfjPGtGN+O8Z0Y343xvRjfj/GDGD+M8aMYP47xkxg/jfGzGD+P8YsYx8T4ZYxfxfh1jN/E+G2M38X4fYw/xPhjjD/F+HOMv8T4a4y/xfh7jH/EODbGP2P8K8a/Y/wnxn9j/C/GIQmOk+C4CY6X4PgJTpDghAlOlODQBIclOHGCkyQ4aYKTJTh5glMkOGWCUyU4dYLTJDhtgtMlOH2CMyQ4PMEZE5wpwZkTnCXBWROcLcHZE5wjwTkTnCvBuROcJ8F5E5wvwfkTXCDBBRNcKMGFE1wkwUUTXCzBxRNcIkESXDLBpRJcOsFlElw2weUSXD7BFRJcMcGVElw5wVUSXDXB1RJcPcE1ElwzwbUSXDvBdRJcN8H1Elw/wQ0S3DDBjRLcOMFNEtw0wc0S3DzBLRLcMsGtEtw6wW0S3DbB7RLcPsEdEtwxwZ0S3DnBXRLcNcHdEtw9wT0S3DPBvRLcO8F9Etw3wf0S3D/BAxI8MMGDEjw4wUMSPDTBwxI8PMEjEjwywaMSPDrBYxI8NsHjEjw+wRMSPDFBEzwpwZMTPCXBUxM8LcHTEzwjwTMTHCQYJBgmGCUYJ5gkmCaYJZgnWCRYJlglWCfYJNgm2CXYJzgiwbMSPDvBcxI8N8HzEjw/wQsSvDDBixK8OMFLErw0wcsSvDzBKxK8MsGrErw6wWsSvDbB6xK8PsEbErwxwZsSvDnBWxK8NcHbErw9wTsSvDPBkQmOSvCuBO9OcHSC9yR4b4L3JXh/gg8k+GCCDyX4cIKPJPhogo8l+HiCTyT4ZIJPJfh0gs8k+GyCzyX4fIIvJPhigi8l+HKCryT4aoKvJfh6gm8k+GaCbyX4doLvJPhugu8l+H6CHyT4YYIfJfhxgp8k+GmCnyX4eYJfJDgmwS8T/CrBrxP8JsFvE/wuwe8T/CHBHxP8KcGfE/wlwV8T/C3B3xP8I8GxCf6Z4F8J/p3gPwn+m+B/CQ5JcZwUx01xvBTHT3GCFCdMcaIUh6Y4LMWJU5wkxUlTnCzFyVOcIsUpU5wqxalTnCbFaVOcLsXpU5whxeEpzpjiTCnOnOIsKc6a4mwpzp7iHCnOmeJcKc6d4jwpzpvifCnOn+ICKS6Y4kIpLpziIikumuJiKS6e4hIpkuKSKS6V4tIpLpPisikul+LyKa6Q4ooprpTiyimukuKqKa6W4uoprpHimimuleLaKa6T4roprpfi+ilukOKGKW6U4sYpbpLipiluluLmKW6R4pYpbpXi1iluk+K2KW6X4vYp7pDijinulOLOKe6S4q4p7pbi7inukeKeKe6V4t4p7pPivinul+L+KR6Q4oEpHpTiwSkekuKhKR6W4uEpHpHikSkeleLRKR6T4rEpHpfi8SmekOKJKZriSSmenOIpKZ6a4mkpnp7iGSmemeIgxSDFMMUoxTjFJMU0xSzFPMUixTLFKsU6xSbFNsUuxT7FESmeleLZKZ6T4rkpnpfi+SlekOKFKV6U4sUpXpLipSleluLlKV6R4pUpXpXi1Slek+K1KV6X4vUp3pDijSnelOLNKd6S4q0p3pbi7SnekeKdKY5McVSKd6V4d4qjU7wnxXtTvC/F+1N8IMUHU3woxYdTfCTFR1N8LMXHU3wixSdTfCrFp1N8JiV5NsXnUnw+xRdSfDHFl1J8OcVXUnw1xddSfD3FN1J8M8W3Unw7xXdSfDfF91J8P8UPUvwwxY9S/DjFT1L8NMXPUvw8xS9SHJPilyl+leLXKX6T4rcpfpfi9yn+kOKPKf6U4s8p/pLiryn+luLvKf6R4tgU/0zxrxT/TvGfFP9N8b8Uh2Q4TobjZjhehuNnOEGGE2Y4UYZDMxyW4cQZTpLhpBlOluHkGU6R4ZQZTpXh1BlOk+G0GU6X4fQZzpDh8AxnzHCmDGfOcJYMZ81wtgxnz3CODOfMcK4M585wngznzXC+DOfPcIEMF8xwoQwXznCRDBfNcLEMF89wiQzJcMkMl8pw6QyXyXDZDJfLcPkMV8hwxQxXynDlDFfJcNUMV8tw9QzXyHDNDNfKcO0M18lw3QzXy3D9DDfIcMMMN8pw4ww3yXDTDDfLcPMMt8hwywy3ynDrDLfJcNsMt8tw+wx3yHDHDHfKcOcMd8lw1wx3y3D3DPfIcM8M98pw7wz3yXDfDPfLcP8MD8jwwAwPyvDgDA/J8NAMD8vw8AyPyPDIDI/K8OgMj8nw2AyPy/D4DE/I8MQMzfCkDE/O8JQMT83wtAxPz/CMDM/McJBhkGGYYZRhnGGSYZphlmGeYZFhmWGVYZ1hk2GbYZdhn+GIDM/K8OwMz8nw3AzPy/D8DC/I8MIML8rw4gwvyfDSDC/L8PIMr8jwygyvyvDqDK/J8NoMr8vw+gxvyPDGDG/K8OYMb8nw1gxvy/D2DO/I8M4MR2Y4KsO7Mrw7w9EZ3pPhvRnel+H9GT6Q4YMZPpThwxk+kuGjGT6W4eMZPpHhkxk+leHTGT6T4bMZPpfh8xm+kOGLGb6U4csZvpLhqxm+luHrGb6R4ZsZvpXh2xm+k+G7Gb6X4fsZfpDhhxl+lOHHGX6S4acZfpbh5xl+keGYDL/M8KsMv87wmwy/zfC7DL/P8IcMf8zwpwx/zvCXDH/N8LcMf8/wjwzHZvhnhn9l+HeG/2T4b4b/ZTgkx3FyHDfH8XIcP8cJcpwwx4lyHJrjsBwnznGSHCfNcbIcJ89xihynzHGqHKfOcZocp81xuhynz3GGHIfnOGOOM+U4c46z5DhrjrPlOHuOc+Q4Z45z5Th3jvPkOG+O8+U4f44L5LhgjgvluHCOi+S4aI6L5bh4jkvkSI5L5rhUjkvnuEyOy+a4XI7L57hCjivmuFKOK+e4So6r5rhajqvnuEaOaw4dMuT/LNbOcZ0c181xvRzXz3GDHDfMcaMcN85xkxw3zXGzHDfPcYsct8xxqxy3znGbHLfNcbsct89xhxx3zHGnHHfOcZccd81xtxx3z3GPHPfMca8c985xnxz3zXG/HPfP8YAcD8zxoBwPzvGQHA/N8bAcD8/xiByPzPGoHI/O8Zgcj83xuByPz/GEHE/M0RxPyvHkHE/J8dQcT8vx9BzPyPHMHAc5BjmGOUY5xjkmOaY5ZjnmORY5ljlWOdY5Njm2OXY59jmOyPGsHM/O8Zwcz83xvBzPz/GCHC/M8aIcL87xkhwvzfGyHC/P8Yocr8zxqhyvzvGaHK/N8bocr8/xhhxvzPGmHG/O8ZYcb83xthxvz/GO/+81ZsTYkTmO+r/LQ4YM+X9G5zhkyJAh9+Z4X4735/hAjg/+3/0hQ4Y8nOMjOT6a42M5Pp7jEzk+meNTOT6d4zM5Ppvjczk+n+MLOb6Y40s5vpzjKzm+muNrOb6e4xs5vpnjWzm+neM7Ob6b43s5vp/jBzl+mONHOX6c4yc5fprjZzl+nuMXOY7J8cscv8rx6xy/yfHbHL/L8fscf8jxxxx/yvHnHH/J8dccf8vx9xz/yHFsjn/m+FeOf+f4T47/5vjf/5kUOE6B4xY4XoHjFzhBgRMWOFGBQwscVuDEBU5S4KQFTlbg5AVOUeCUBU5V4NQFTlPgtAVOV+D0Bc5Q4PACZyxwpgJnLnCWAmctcLYCZy9wjgLnLHCuAucucJ4C5y1wvgLnL3CBAhcscKECFy5wkQIXLXCxAhcvcIkCKXDJApcqcOkCNxjejF22wOUKXL7AFQpcscCVCly5wFUKXLXA1QpcvcA1ClyzwLUKXLvAdQpct8D1Clz//30FbljgRgVuXOAmBW5a4GYFbl7gFgVuWeBWBW5d4DYFblvgdgVuX+AOBe5Y4E4F7lzgLgXuWuBuBe5e4B4F7lngXgXuXeA+Be5b4H4F7l/gAQUeWOBBBR5c4CEFHlrgYQUeXuARBR5Z4FEFHl3gMQUeW+BxBR5f4AkFnligBZ5U4MkFnlLgqQWeVuDpBZ5R4JkFDgoMCgwLjAqMC0wKTAvMCswLLAosC6wKrAtsCmwL7ArsCxxR4FkFnl3gOQWeW+B5BZ5f4AUFXljgRQVeXOAlBV5a4GUFXl7gFQVeWeBVBV5d4DUFXlvgdQVeX+ANBd5Y4E0F3lzgLQXeWuBtBd5e4B0F3lngyAJHFXhXgXcXOLrAewq8t8D7Cry/wAcKfLDAhwp8uMBHCny0wMcKfLzAJwp8ssCnCny6wGcKfLbA5wp8vsAXCnyxwJcKfLnAVwp8tcDXCny9wDcKfLPAtwp8u8B3Cny3wPcKfL/ADwr8sMCPCvy4wE8K/LTAzwr8vMAvChxT4JcFflXg1wV+U+C3BX5X4PcF/lDgjwX+VODPBf5S4K8F/lbg7wX+UeDYAv8s8K8C/y7wnwL/LfC/AoeUOE6J45Y4XonjlzhBiROWOFGJQ0scVuLEJU5S4qQlTlbi5CVOUeKUJU5V4tQlTlPitCVOV+L0Jc5Q4vASZyxxphJnLnGWEmctcbYSZy9xjhLnLHGuEucucZ4S5y1xvhLnL3GBEhcscaESFy5xkRIXLXGxEhcvcYkSKXHJEpcqcekSlylx2RKXK3H5ElcoccUSVypx5RJXKXHVElcrcfUS1yhxzRLXKnHtEtcpcd0S1ytx/RI3KHHDEjcqceMSNylx0xI3K3HzErcoccsStypx6xK3KXHbErcrcfsSdyhxxxJ3KnHnEncpcdcSdytx9xL3KHHPEvcqce8S9ylx3xL3K3H/Eg8o8cASDyrx4BIPKfHQEg8r8fASjyjxyBKPKvHoEo8p8dgSjyvx+BJPKPHEEi3xpBJPLvGUEk8t8bQSTy/xjBLPLHFQYlBiWGJUYlxiUmJaYlZiXmJRYlliVWJdYlNiW2JXYl/iiBLPKvHsEs8p8dwSzyvx/BIvKPHCEi8q8eISLynx0hIvK/HyEq8o8coSryrx6hKvKfHaEq8r8foSbyjxxhJvKvHmEm8p8dYSbyvx9hLvKPHOEkeWOKrEu0q8u8TRJd5T4r0l3lfi/SU+UOKDJT5U4sMlPlLioyU+VuLjJT5R4pMlPlXi0yU+U+KzJT5X4vMlvlDiiyW+VOLLJb5S4qslvlbi6yW+UeKbJb5V4tslvlPiuyW+V+L7JX5Q4oclflTixyV+UuKnJX5W4uclflHimBK/LPGrEr8u8ZsSvy3xuxK/L/GHEn8s8acSfy7xlxJ/LfG3En8v8Y8Sx5b4Z4l/lfh3if+U+G+J/5U4pMJxKhy3wvEqHL/CCSqcsMKJKhxa4bAKJ65wkgonrXCyCievcIoKp6xwqgqnrnCaCqetcLoKp69whgqHVzhjhTNVOHOFs1Q4a4WzVTh7hXNUOGeFc1U4d4XzVDhvhfNVOH+FC1S4YIULVbhwhYtUuGiFi1W4eIVLVEiFS1a4VIVLV7hMhctWuFyFy1e4QoUrVrhShStXuEqFq1a4WoWrV7hGhWtWuFaFa1e4ToXrVrhehetXuEGFG1a4UYUbV7hJhZtWuFmFm1e4RYVbVrhVhVtXuE2F21a4XYXbV7hDhTtWuFOFO1e4S4W7VrhbhbtXuEeFe1a4V4V7V7hPhftWuF+F+1d4QIUHVnhQhQdXeEiFh1Z4WIWHV3hEhUdWeFSFR1d4TIXHVnhchcdXeEKFJ1ZohSdVeHKFp1R4aoWnVXh6hWdUeGaFgwqDCsMKowrjCpMK0wqzCvMKiwrLCqsK6wqbCtsKuwr7CkdUeFaFZ1d4ToXnVnhehedXeEGFF1Z4UYUXV3hJhZdWeFmFl1d4RYVXVnhVhVdXeE2F11Z4XYXXV3hDhTdWeFOFN1d4S4W3VnhbhbdXeEeFd1Y4ssJRFd5V4d0Vjq7wngrvrfC+Cu+v8IEKH6zwoQofrvCRCh+t8LEKH6/wiQqfrPCpCp+u8JkKn63wuQqfr/CFCl+s8KUKX67wlQpfrfC1Cl+v8I0K36zwrQrfrvCdCt+t8L0K36/wgwo/rPCjCj+u8JMKP63wswo/r/CLCsdU+GWFX1X4dYXfVPhthd9V+H2FP1T4Y4U/Vfhzhb9U+GuFv1X4e4V/VDi2wj8r/KvCvyv8p8J/K/yvwiE1jlPjuDWOV+P4NU5Q44Q1TlTj0BqH1ThxjZPUOGmNk9U4eY1T1DhljVPVOHWN09Q4bY3T1Th9jTPUOLzGGWucqcaZa5ylxllrnK3G2Wuco8Y5a5yrxrlrnKfGeWucr8b5a1ygxgVrXKjGhWtcpMZFa1ysxsVrXKJGalyyxqVqXLrGZWpctsblaly+xhVqXLHGlWpcucZValy1xtVqXL3GNWpcs8a1aly7xnVqXLfG9Wpcv8YNatywxo1q3LjGTWrctMbNaty8xi1q3LLGrWrcusZtaty2xu1q3L7GHWrcscadaty5xl1q3LXG3WrcvcY9atyzxr1q3LvGfWrct8b9aty/xgNqPLDGg2o8uMZDajy0xsNqPLzGI2o8ssajajy6xmNqPLbG42o8vsYTajyxRms8qcaTazylxlNrPK3G02s8o8YzaxzUGNQY1hjVGNeY1JjWmNWY11jUWNZY1VjX2NTY1tjV2Nc4osazajy7xnNqPLfG82o8v8YLarywxotqvLjGS2q8tMbLary8xitqvLLGq2q8usZrary2xutqvL7GG2q8scabary5xltqvLXG22q8vcY7aryzxpE1jqrxrhrvrnF0jffUeG+N99V4f40P1PhgjQ/V+HCNj9T4aI2P1fh4jU/U+GSNT9X4dI3P1Phsjc/V+HyNL9T4Yo0v1fhyja/U+GqNr9X4eo1v1PhmjW/V+HaN79T4bo3v1fh+jR/U+GGNH9X4cY2f1PhpjZ/V+HmNX9Q4psYva/yqxq9r/KbGb2v8rsbva/yhxh9r/KnGn2v8pcZfa/ytxt9r/KPGsTX+WeNfNf5d4z81/lvjfzUOaXCcBsdtcLwGx29wggYnbHCiBoc2OKzBiRucpMFJG5yswckbnKLBKRucqsGpG5ymwWkbnK7B6RucocHhDc7Y4EwNztzgLA3O2uBsDc7e4BwNztngXA3O3eA8Dc7b4HwNzt/gAg0u2OBCDS7c4CINLtrgYg0u3uASDdLgkg0u1eDSDS7T4LINLtfg8g2u0OCKDa7U4MoNrtLgqg2u1uDqDa7R4JoNrtXg2g2u0+C6Da7X4PoNbtDghg1u1ODGDW7S4KYNbtbg5g1u0eCWDW7V4NYNbtPgtg1u1+D2De7Q4I4N7tTgzg3u0uCuDe7W4O4N7tHgng3u1eDeDe7T4L4N7tfg/g0e0OCBDR7U4MENHtLgoQ0e1uDhDR7R4JENHtXg0Q0e0+CxDR7X4PENntDgiQ3a4EkNntzgKQ2e2uBpDZ7e4BkNntngoMGgwbDBqMG4waTBtMGswbzBosGywarBusGmwbbBrsG+wRENntXg2Q2e0+C5DZ7X4PkNXtDghQ1e1ODFDV7S4KUNXtbg5Q1e0eCVDV7V4NUNXtPgtQ1e1+D1Dd7Q4I0N3tTgzQ3e0uCtDd7W4O0N3tHgnQ2ObHBUg3c1eHeDoxu8p8F7G7yvwfsbfKDBBxt8qMGHG3ykwUcbfKzBxxt8osEnG3yqwacbfKbBZxt8rsHnG3yhwRcbfKnBlxt8pcFXG3ytwdcbfKPBNxt8q8G3G3ynwXcbfK/B9xv8oMEPG/yowY8b/KTBTxv8rMHPG/yiwTENftngVw1+3eA3DX7b4HcNft/gDw3+2OBPDf7c4C8N/trgbw3+3uAfDY5t8M8G/2rw7wb/afDfBv9rcEiL47Q4bovjtTh+ixO0OGGLE7U4tMVhLU7c4iQtTtriZC1O3uIULU7Z4lQtTt3iNC1O2+J0LU7f4gwtDm9xxhZnanHmFmdpcdYWZ2tx9hbnaHHOFudqce4W52lx3hbna3H+FhdoccEWF2px4RYXaXHRFhdrcfEWl2iRFpdscakWl25xmRaXbXG5FpdvcYUWV2xxpRZXbnGVFldtcbUWV29xjRbXbHGtFtducZ0W121xvRbXb3GDFjdscaMWN25xkxY3bXGzFjdvcYsWt2xxqxa3bnGbFrdtcbsWt29xhxZ3bHGnFnducZcWd21xtxZ3b3GPFvdsca8W925xnxb3bXG/Fvdv8YAWD2zxoBYPbvGQFg9t8bAWD2/xiBaPbPGoFo9u8ZgWj23xuBaPb/GEFk9s0RZPavHkFk9p8dQWT2vx9BbPaPHMFgctBi2GLUYtxi0mLaYtZi3mLRYtli1WLdYtNi22LXYt9i2OaPGsFs9u8ZwWz23xvBbPb/GCFi9s8aIWL27xkhYvbfGyFi9v8YoWr2zxqhavbvGaFq9t8boWr2/xhhZvbPGmFm9u8ZYWb23xthZvb/GOFu9scWSLo1q8q8W7Wxzd4j0t3tvifS3e3+IDLT7Y4kMtPtziIy0+2uJjLT7e4hMtPtniUy0+3eIzLT7b4nMtw/7/mxdafLHFl1p8ucVXWny1xddafL3FN1p8s8W3Wny7xXdafLfF91p8v8UPWvywxY9a/LjFT1r8tMXPWvy8xS9aHNPily1+1eLXLX7T4rctftfi9y3+0OKPLf7U4s8t/tLiry3+1uLvLf7R4tgW/2zxrxb/bvGfFv9t8b8Wh3Q4Tofjdjheh+N3OEGHE3Y4UYdDOxzW4cQdTtLhpB1O1uHkHU7R4ZQdTtXh1B1O0+G0HU7X4fQdztDh8A5n7HCmDmfucJYOZ+1wtg5n73CODufscK4O5+5wng7n7XC+DufvcIEOF+xwoQ4X7nCRDhftcLEOF+9wiQ7pcMkOl+pw6Q6X6XDZDpfrcPmOYUOGDHHFDlfqcOUOV+lw1Q5X63D1DtfocM0O1+pw7Q7X6XDdDtfrcP0ON+hwww436nDjDjfpcNMON+tw8w636HDLDrfqcOsOt+lw2w6363D7DnfocMcOd+pw5w536XDXDnfrcPcO9+hwzw736nDvDvfpcN8O9+tw/w4P6PDADg/q8OAOD+nw0A4P6/DwDo/o8MgOj+rw6A6P6fDYDo/r8PgOT+jwxA7t8KQOT+7wlA5P7fC0Dk/v8IwOz+xw0GHQYdhh1GHcYdJh2mHWYd5h0WHZYdVh3WHTYdth12Hf4YgOz+rw7A7P6fDcDs/r8PwOL+jwwg4v6vDiDi/p8NIOL+vw8g6v6PDKDq/q8OoOr+nw2g6v6/D6Dm/o8MYOb+rw5g5v6fDWDm/r8PYO7+jwzg5Hdjiqw7s6vLvD0R3e0+G9Hd7X4f0dPtDhgx0+1OHDHT7S4aMdPtbh4x0+0eGTHT7V4dMdPtPhsx0+1+HzHb7Q4YsdvtThyx2+0uGrHb7W4esdvtHhmx2+1eHbHb7T4bsdvtfh+x1+0OGHHX7U4ccdftLhpx1+1uHnHX7R4ZgOv+zwqw6/7vCbDr/t8LsOv+/whw5/7PCnDn/u8JcOf+3wtw5/7/CPDsd2+GeHf3X4d4f/dPhvh/91OKTHcXoct8fxehy/xwl6nLDHiXoc2uOwHifucZIeJ+1xsh4n73GKHqfscaoep+5xmh6n7XG6HqfvcYYeh/c4Y48z9Thzj7P0OGuPs/U4e49z9Dhnj3P1OHeP8/Q4b4/z9Th/jwv0uGCPC/W4cI+L9Lhoj4v1uHiPS/RIj0v2uFSPS/e4TI/L9rhcj8v3uEKPK/a4Uo8r97hKj6v2uFqPq/e4Ro9r9rhWj2v3uE6P6/a4Xo/r97hBjxv2uFGPG/e4SY+b9rhZj5v3uEWPW/a4VY9b97hNj9v2uF2P2/e4Q4879rhTjzv3uEuPu/a4W4+797hHj3v2uFePe/e4T4/79rhfj/v3eECPB/Z4UI8H93hIj4f2eFiPh/d4RI9H9nhUj0f3eEyPx/Z4XI/H93hCjyf2aI8n9Xhyj6f0eGqPp/V4eo9n9Hhmj4Megx7DHqMe4x6THtMesx7zHoseyx6rHusemx7bHrse+x5H9HhWj2f3eE6P5/Z4Xo/n93hBjxf2eFGPF/d4SY+X9nhZj5f3eEWPV/Z4VY9X93hNj9f2eF2P1/d4Q4839nhTjzf3eEuPt/Z4W4+393hHj3f2OLLHUT3e1ePdPY7u8Z6e/7FID0x4HgwCRVO3qW3bvbVt27btWyO138dGbSupbdu2He3szPcXzhyHD3DEAB8a4MMDfGSAjw7wsQE+PsAnBvjkAJ8a4NMDfGaAzw7wuQE+P8AXBvjiAF8a4MsDfGWArw7wtQG+PsA3BvjmAN8a4NsDfGeA7w7wvQG+P8APBvjhAD8a4McD/GSAnw7wswF+PsAvBvjlAL8a4NcD/GaA3w7wuwF+P8AfBvjjAH8a4M8D/GWAvw7wtwH+PsA/BvjnAP8a4N8D/GeA/w7wvwGOHOCoAY4e4JgBjh3gkADHCXDcAMcLcPwAJwhwwgAnCnDiACcJcGiAkwY4WYCTBzhFgFMGOFWAUwc4TYDTBjhdgNMHOEOAMwY4U4AzBzhLgLMGOFuAswc4R4BzBjhXgHMHOE+A8wY4X4DzB7hAgAsGuFCACwe4SICLBrhYgIsHuESASwa4VIAEuHSAywS4bIDLBbh8gCsEuGKAKwW4coCrBLhqgKsFuHqAawS4ZoBrBbh2gOsEuG6A6wW4foAbBLhhgBsFuHGAmwS4aYCbBbh5gFsEuGWAWwW4dYDbBLhtgNsFuH2AOwS4Y4A7BbhzgLsEuGuAuwW4e4B7BLhngHsFuHeA+wS4b4D7Bbh/gAcEeGCABwV4cICHBHhogIcFeHiARwR4ZIBHBXh0gMcEeGyAxwV4fIAnBHhigCcFeHKABnhKgKcGeFqApwd4RoBnBnhWgGcHeE6A5wY4LMDzAjw/wAsCvDDAiwK8OMBLArw0wMsCvDzAKwK8MsCrAhwEGAQYBhgFGAeYBJgGmAWYB1gEWAZYBVgH2ATYBtgF2Ad4dYDXBHhtgNcFeH2ANwR4Y4A3BXhzgLcEeGuAtwV4e4B3BHhngHcFeHeA9wR4b4D3BXh/gA8E+GCAwwMcEeBDAT4c4CMBPhrgYwE+HuATAT4Z4FMBPh3gMwE+G+BzAT4f4AsBvhjgSwG+HOArAb4a4GsBvh7gGwG+GeBbAb4d4DsBvhvgewG+H+AHAX4Y4EcBfhzgJwF+GuBnAX4e4BcBfhngVwF+HeA3AX4b4HcBfh/gDwH+GOBPAf4c4C8B/hrgbwH+HuAfAf4Z4F8B/h3gPwH+G+B/AY4McFSAowMcE+DYAIeEOE6I44Y4XojjhzhBiBOGOFGIE4c4SYhDQ5w0xMlCnDzEKUKcMsSpQpw6xGlCnDbE6UKcPsQZQpwxxJlCnDnEWUKcNcTZQpw9xDlCnDPEuUKcO8R5Qpw3xPlCnD/EBUJcMMSFQlw4xEVCXDTExUJcPMQlQlwyxKVCJMSlQ1wmxGVDXC7E5UNcIcQVQ1wpxJVDXCXEVUNcLcTVQ1wjxDVDXCvEtUNcJ8R1Q1wvxPVD3CDEDUPcKMSNQ9wkxE1D3CzEzUPcIsQtQ9wqxK1D3CbEbUPcLsTtQ9whxB1D3CnEnUPcJcRdQ9wtxN1D3CPEPUPcK8S9Q9wnxH1D3C/E/UM8IMQDQzwoxINDPCTEQ0M8LMTDQzwixCNDPCrEo0M8JsRjQzwuxONDPCHEE0M8KcSTQzTEU0I8NcTTQjw9xDNCPDPEs0I8O8RzQjw3xGEhnhfi+SFeEOKFIV4U4sUhXhLipSFeFuLlIV4R4pUhXhXiIMQgxDDEKMQ4xCTENMQsxDzEIsQyxCrEOsQmxDbELsQ+xKtDvCbEa0O8LsTrQ7whxBtDvCnEm0O8JcRbQ7wtxNtDvCPEO0O8K8S7Q7wnxHtDvC/E+0N8IMQHQxwe4ogQHwrx4RAfCfHREB8L8fEQnwjxyRCfCvHpEJ8J8dkQnwvx+RBfCPHFEF8K8eUQXwnx1RBfC/H1EN8I8c0Q3wrx7RDfCfHdEN8L8f0QPwjxwxA/CvHjED8J8dMQPwvx8xC/CPHLEL8K8esQvwnx2xC/C/H7EH8I8ccQfwrx5xB/CfHXEH8L8fcQ/wjxzxD/CvHvEP8J8d8Q/wtxZIijQhwd4pgQx4Y4JMJxIhw3wvEiHD/CCSKcMMKJIpw4wkkiHBrhpBFOFuHkEU4R4ZQRThXh1BFOE+G0EU4X4fQRzhDhjBHOFOHMEc4S4awRzhbh7BHOEeGcEc4V4dwRzhPhvBHOF+H8ES4Q4YIRLhThwhEuEuGiES4W4eIRLhHhkhEuFSERLh3hMhEuG+FyES4f4QoRrhjhShGuHOEqEa4a4WoRrh7hGhGuGeFaEa4d4ToRrhvhehGuH+EGEW4Y4UYRbhzhJhFuGuFmEW4e4RYRbhnhVhFuHeE2EW4b4XYRbh/hDhHuGOFOEe4c4S4R7hrhbhHuHuEeEe4Z4V4R7h3hPhHuG+F+Ee4f4QERHhjhQREeHOEhER4a4WERHh7hEREeGeFRER4d4TERHhvhcREeH+EJEZ4Y4UkRnhyhEZ4S4akRnhbh6RGeEeGZEZ4V4dkRnhPhuREOi/C8CM+P8IIIL4zwoggvjvCSCC+N8LIIL4/wigivjPCqCAcRBhGGEUYRxhEmEaYRZhHmERYRlhFWEdYRNhG2EXYR9hFeHeE1EV4b4XURXh/hDRHeGOFNEd4c4S0R3hrhbRHeHuEdEd4Z4V0R3h3hPRHeG+F9Ed4f4QMRPhjh8AhHRPhQhA9H+EiEj0b4WISPR/hEhE9G+FSET0f4TITPRvhchM9H+EKEL0b4UoQvR/hKhK9G+FqEr0f4RoRvRvhWhG9H+E6E70b4XoTvR/hBhB9G+FGEH0f4SYSfRvhZhJ9H+EWEX0b4VYRfR/hNhN9G+F2E30f4Q4Q/RvhThD9H+EuEv0b4W4S/R/hHhH9G+FeEf0f4T4T/RvhfhCMjHBXh6AjHRDg2wiExjhPjuDGOF+P4MU4Q44QxThTjxDFOEuPQGCeNcbIYJ49xihinjHGqGKeOcZoYp41xuhinj3GGGGeMcaYYZ45xlhhnjXG2GGePcY4Y54xxrhjnjnGeGOeNcb4Y549xgRgXjHGhGBeOcZEYF41xsRgXj3GJGJeMcakYiXHpGJeJcdkYl4tx+RhXiHHFGFeKceUYV4lx1RhXi3H1GNeIcc0Y14px7RjXiXHdGNeLcf0YN4hxwxg3inHjGDeJcdMYN4tx8xi3iHHLGLeKcesYt4lx2xi3i3H7GHeIcccYd4px5xh3iXHXGHeLcfcY94hxzxj3inHvGPeJcd8Y94tx/xgPiPHAGA+K8eAYD4nx0BgPi/HwGI+I8cgYj4rx6BiPifHYGI+L8fgYT4jxxBhPivHkGI3xlBhPjfG0GE+P8YwYz4zxrBjPjvGcGM+NcViM58V4fowXxHhhjBfFeHGMl8R4aYyXxXh5jFfEeGWMV8U4iDGIMYwxijGOMYkxjTGLMY+xiLGMsYqxjrGJsY2xi7GP8eoYr4nx2hivi/H6GG+I8cYYb4rx5hhvifHWGG+L8fYY74jxzhjvivHuGO+J8d4Y74vx/hgfiPHBGIfHOCLGh2J8OMZHYnw0xsdifDzGJ2J8MsanYnw6xmdifDbG52J8PsYXYnwxxpdifDnGV2J8NcbXYnw9xjdifDPGt2J8O8Z3Ynw3xvdifD/GD2L8MMaPYvw4xk9i/DTGz2L8PMYvYvwyxq9i/DrGb2L8NsbvYvw+xh9i/DHGn2L8OcZfYvw1xt9i/D3GP2L8M8a/Yvw7xn9i/DfG/2IcGeOoGEfHOCbGsTEOSXCcBMdNcLwEx09wggQnTHCiBCdOcJIEhyY4aYKTJTh5glMkOGWCUyU4dYLTJDhtgtMlOH2CMyQ4Y4IzJThzgrMkOGuCsyU4e4JzJDhngnMlOHeC8yQ4b4LzJTh/ggskuGCCCyW4cIKLJLhogosluHiCSyS4ZIJLJUiCSye4TILLJrhcgssnuEKCKya4UoIrJ7hKgqsmuFqCqye4RoJrJrhWgmsnuE6C6ya4XoLrJ7hBghsmuFGCGye4SYKbJrhZgpsnuEWCWya4VYJbJ7hNgtsmuF2C2ye4Q4I7JrhTgjsnuEuCuya4W4K7J7hHgnsmuFeCeye4T4L7JrhfgvsneECCByZ4UIIHJ3hIgocmeFiChyd4RIJHJnhUgkcneEyCxyZ4XILHJ3hCgicmeFKCJydogqckeGqCpyV4eoJnJHhmgmcleHaC5yR4boLDEjwvwfMTvCDBCxO8KMGLE7wkwUsTvCzByxO8IsErE7wqwUGCQYJhglGCcYJJgmmCWYJ5gkWCZYJVgnWCTYJtgl2CfYJXJ3hNgtcmeF2C1yd4Q4I3JnhTgjcneEuCtyZ4W4K3J3hHgncmeFeCdyd4T4L3Jnhfgvcn+ECCDyY4PMERCT6U4MMJPpLgowk+luDjCT6R4JMJPpXg0wk+k+CzCT6X4PMJvpDgiwm+lODLCb6S4KsJvpbg6wm+keCbCb6V4NsJvpPguwm+l+D7CX6Q4IcJfpTgxwl+kuCnCX6W4OcJfpHglwl+leDXCX6T4LcJfpfg9wn+kOCPCf6U4M8J/pLgrwn+luDvCf6R4J8J/pXg3wn+k+C/Cf6X4MgERyU4OsExCY5NcEiK46Q4borjpTh+ihOkOGGKE6U4cYqTpDg0xUlTnCzFyVOcIsUpU5wqxalTnCbFaVOcLsXpU5whxRlTnCnFmVOcJcVZU5wtxdlTnCPFOVOcK8W5U5wnxXlTnC/F+VNcIMUFU1woxYVTXCTFRVNcLMXFU1wixSVTXCpFUlw6xWVSXDbF5VJcPsUVUlwxxZVSXDnFVVJcNcXVUlw9xTVSXDPFtVJcO8V1Ulw3xfVSXD/FDVLcMMWNUtw4xU1S3DTFzVLcPMUtUtwyxa1S3DrFbVLcNsXtUtw+xR1S3DHFnVLcOcVdUtw1xd1S3D3FPVLcM8W9Utw7xX1S3DfF/VLcP8UDUjwwxYNSPDjFQ1I8NMXDUjw8xSNSPDLFo1I8OsVjUjw2xeNSPD7FE1I8McWTUjw5RVM8JcVTUzwtxdNTPCPFM1M8K8WzUzwnxXNTHJbieSmen+IFKV6Y4kUpXpziJSlemuJlKV6e4hUpXpniVSkOUgxSDFOMUoxTTFJMU8xSzFMsUixTrFKsU2xSbFPsUuxTvDrFa1K8NsXrUrw+xRtSvDHFm1K8OcVbUrw1xdtSvD3FO1K8M8W7Urw7xXtSvDfF+1K8P8UHUnwwxeEpjkjxoRQfTvGRFB9N8bEUH0/xiRSfTPGpFJ9O8ZkUn03xuRSfT/GFFF9M8aUUX07xlRRfTfG1FF9P8Y0U30zxrRTfTvGdFN9N8b0U30/xgxQ/TPGjFD9O8ZMUP03xsxQ/T/GLFL9M8asUv07xmxS/TfG7FL9P8YcUf0zxpxR/TvGXFH9N8bcUf0/xjxT/TPGvFP9O8Z8U/03xvxRHpjgqxdEpjklxbIpDMhwnw3EzHC/D8TOcIMMJM5wow4kznCTDoRlOmuFkGU6e4RQZTpnhVBlOneE0GU6b4XQZTp/hDBnOmOFMGc6c4SwZzprhbBnOnuEcGc6Z4VwZzp3hPBnOm+F8Gc6f4QIZLpjhQhkunOH7GS6a4WIZLp7hEhkumeFSGZLh0hkuk+GyGS6X4fIZrpDhihmulOHKGa6S4aoZrpbh6hmukeGaGa6V4doZrpPhuhmul+H6GW6Q4YYZbpThxhlukuGmGW6W4eYZbpHhlhluleHWGW6T4bYZbpfh9hnukOGOGe6U4c4Z7pLhrhnuluHuGe6R4Z4Z7pXh3hnuk+G+Ge6X4f4ZHpDhgRkelOHBGR6S4aEZHpbh4RkekeGRGR6V4dEZHpPhsRkel+HxGZ6Q4YkZnpThyRma4SkZnprhaRmenuEZGZ6Z4VkZnp3hORmem+GwDM/L8PwML8jwwgwvyvDiDC/J8NIML8vw8gyvyPDKDK/KcJBhkGGYYZRhnGGSYZphlmGeYZFhmWGVYZ1hk2GbYZdhn+HVGV6T4bUZXpfh9RnekOGNGd6U4c0Z3pLhrRneluHtGd6R4Z0Z3pXh3Rnek+G9Gd6X4f0ZPpDhgxkOz3BEhg9l+HCGj2T4aIaPZfh4hk9k+GSGT2X4dIbPZPhshs9l+HyGL2T4YoYvZfhyhq9k+GqGr2X4eoZvZPhmhm9l+HaG72T4bobv/e/wBxl+mOFHGX6c4ScZfprhZxl+nuEXGX6Z4VcZfp3hNxl+m+F3GX6f4Q8Z/pjhTxn+nOEvGf6a4W8Z/p7hHxn+meFfGf6d4T8Z/pvhfxmOzHBUhqMzHJPh2AyH5DhOjuPmOF6O4+c4QY4T5jhRjhPnOEmOQ3OcNMfJcpw8xylynDLHqXKcOsdpcpw2x+lynD7HGXKcMceZcpw5x1lynDXH2XKcPcc5cpwzx7lynDvHeXKcN8f5cpw/xwVyXDDHhXJcOMdFclw0x8VyXDzHJXJcMselciTHpXNcJsdlc1wux+VzXCHHFXNcKceVc1wlx1VzXC3H1XNcI8c1c1wrx7VzXCfHdXNcL8f1c9wgxw1z3CjHjXPcJMdNc9wsx81z3CLHLXPcKsetc9wmx21z3C7H7XPcIccdc9wpx51z3CXHXXPcLcfdc9wjxz1z3CvHvXPcJ8d9c9wvx/1zPCDHA3M8KMeDczwkx0NzPCzHw3M8Iscjczwqx6NzPCbHY3M8LsfjczwhxxNzPCnHk3M0x1NyPDXH03I8Pcczcjwzx7NyPDvHc3I8N8dhOZ6X4/k5XpDjhTlelOPFOV6S46U5Xpbj5TlekeOVOV6V4yDHIMcwxyjHOMckxzTHLMc8xyLHMscqxzrHJsc2xy7HPserc7wmx2tzvC7H63O8Iccbc7wpx5tzvCXHW3O8Lcfbc7wjxztzvCvHu3O8J8d7c7wvx/tzfCDHB3McnuOIHB/K8eEcH8nx0Rwfy/HxHJ/I8ckcn8rx6RyfyfHZHJ/L8fkcX8jxxRxfyvHlHF/J8dUcX8vx9RzfyPHNHN/K8e0c38nx3Rzfy/H9HD/I8cMcP8rx4xw/yfHTHD/L8fMcv8jxyxy/yvHrHL/J8dscv8vx+xx/yPHHHH/K8eccf8nx1xx/y/H3HP/I8c8c/8rx7xz/yfHfHP/LcWSOo3IcneOYHMfmOKTAcQoct8DxChy/wAkKnLDAiQqcuMBJChxa4KQFTlbg5AVOUeCUBU5V4NQFTlPgtAVOV+D0Bc5Q4IwFzlTgzAXOUuCsBc5W4OwFzlHgnAXOVeDcBc5T4LwFzlfg/AUuUOCCBS5U4MIFLlLgogUuVuDiBS5R4JIFLlUgBS5d4DIFLlvgcgUuX+AKBa5Y4EoFrlzgKgWuWuBqBa5e4BoFrlngWgWuXeA6Ba5b4HoFrl/gBgVuWOBGBW5c4CYFblrgZgVuXuAWBW5Z4FYFbl3gNgVuW+B2BW5f4A4F7ljgTgXuXOAuBe5a4G4F7l7gHgXuWeBeBe5d4D4F7lvgfgXuX+ABBR5Y4EEFHlzgIQUeWuBhBR5e4BEFHlngUQUeXeAxBR5b4HEFHl/gCQWeWOBJBZ5coAWeUuCpBZ5W4OkFnlHgmQWeVeDZBZ5T4LkFDivwvALPL/CCAi8s8KICLy7wkgIvLfCyAi8v8IoCryzwqgIHBQYFhgVGBcYFJgWmBWYF5gUWBZYFVgXWBTYFtgV2BfYFXl3gNQVeW+B1BV5f4A0F3ljgTQXeXOAtBd5a4G0F3l7gHQXeWeBdBd5d4D0F3lvgfQXeX+ADBT5Y4PACRxT4UIEPF/hIgY8W+FiBjxf4RIFPFvhUgU8X+EyBzxb4XIHPF/hCgS8W+FKBLxf4SoGvFvhaga8X+EaBbxb4VoFvF/hOge8W+F6B7xf4QYEfFvhRgR8X+EmBnxb4WYGfF/hFgV8W+FWBXxf4TYHfFvhdgd8X+EOBPxb4U4E/F/hLgb8W+FuBvxf4x//7DMW/Cvy7wH8K/LfA/wocWeCoAkcXOKbAsQUOKXGcEsctcbwSxy9xghInLHGiEicucZISh5Y4aYmTlTh5iVOUOGWJU5U4dYnTlDhtidOVOH2JM5Q4Y4kzlThzibOUOGuJs5U4e4lzlDhniXOVOHeJ85Q4b4nzlTh/iQuUuGCJC5W4cImLlLhoiYuVuHiJS5S4ZIlLlUiJS5e4TInLlrhcicuXuEKJK5a4Uokrl7hKiauWuFqJq5e4RolrlrhWiWuXuE6J65a4Xonrl7hBiRuWuFGJG5e4SYmblrhZiZuXuEWJW5a4VYlbl7hNiduWuF2J25e4Q4k7lrhTiTuXuEuJu5a4W4m7l7hHiXuWuFeJe5e4T4n7lrhfifuXeECJB5Z4UIkHl3hIiYeWeFiJh5d4RIlHlnhUiUeXeEyJx5Z4XInHl3hCiSeWeFKJJ5doiaeUeGqJp5V4eolnlHhmiWeVeHaJ55R4bonDSjyvxPNLvKDEC0u8qMSLS7ykxEtLvKzEy0u8osQrS7yqxEGJQYlhiVGJcYlJiWmJWYl5iUWJZYlViXWJTYltiV2JfYlXl3hNideWeF2J15d4Q4k3lnhTiTeXeEuJt5Z4W4m3l3hHiXeWeFeJd5d4T4n3lnhfifeX+ECJD5Y4vMQRJT5U4sMlPlLioyU+VuLjJT5R4pMlPlXi0yU+U+KzJT5X4vMlvlDiiyW+VOLLJb5S4qslvlbi6yW+UeKbJb5V4tslvlPiuyW+V+L7JX5Q4oclflTixyV+UuKnJX5W4uclflHilyV+VeLXJX5T4rclflfi9yX+UOKPJf5U4s8l/lLiryX+VuLvJf5R4p8l/lXi3yX+U+K/Jf5X4sgSR5U4usQxJY4tcUiF41Q4boXjVTh+hRNUOGGFE1U4cYWTVDi0wkkrnKzCySucosIpK5yqwqkrnKbCaSucrsLpK5yhwhkrnKnCmSucpcJZK5ytwtkrnKPCOSucq8K5K5ynwnkrnK/C+StcoMIFK1yowoUrXKTCRStcrMLFK1yiwiUrXKpCKly6wmUqXLbC5SpcvsIVKlyxwpUqXLnCVSpctcLVKly9wjUqXLPCtSpcu8J1Kly3wvUqXL/CDSrcsMKNKty4wk0q3LTCzSrcvMItKtyywq0q3LrCbSrctsLtKty+wh0q3LHCnSrcucJdKty1wt0q3L3CPSrcs8K9Kty7wn0q3LfC/Srcv8IDKjywwoMqPLjCQyo8tMLDKjy8wiMqPLLCoyo8usJjKjy2wuMqPL7CEyo8scKTKjy5Qis8pcJTKzytwtMrPKPCMys8q8KzKzynwnMrHFbheRWeX+EFFV5Y4UUVXlzhJRVeWuFlFV5e4RUVXlnhVRUOKgwqDCuMKowrTCpMK8wqzCssKiwrrCqsK2wqbCvsKuwrvLrCayq8tsLrKry+whsqvLHCmyq8ucJbKry1wtsqvL3COyq8s8K7Kry7wnsqvLfC+yq8v8IHKnywwuEVjqjwoQofrvCRCh+t8LEKH6/wiQqfrPCpCp+u8JkKn63wuQqfr/CFCl+s8KUKX67wlQpfrfC1Cl+v8I0K36zwrQrfrvCdCt+t8L0K36/wgwo/rPCjCj+u8JMKP63wswo/r/CLCr+s8KsKv67wmwq/rfC7Cr+v8IcKf6zwpwp/rvCXCn+t8LcKf6/wjwr/rPCvCv+u8J8K/63wvwpHVjiqwtEVjqlwbIVDahynxnFrHK/G8WucoMYJa5yoxolrnKTGoTVOWuNkNU5e4xQ1TlnjVDVOXeM0NU5b43Q1Tl/jDDXOWONMNc5c4yw1zlrjbDXOXuMcNc5Z41w1zl3jPDXOW+N8Nc5f4wI1LljjQjUuXOMiNS5a42I1Ll7jEjUuWeNSNVLj0jUuU+OyNS5X4/I1rlDjijWuVOPKNa5S46o1rlbj6jWuUeOaNa5V49o1rlPjujWuV+P6NW5Q44Y1blTjxjVuUuOmNW5W4+Y1blHjljVuVePWNW5T47Y1blfj9jXuUOOONe5U48417lLjrjXuVuPuNe5R45417lXj3jXuU+O+Ne5X4/41HlDjgTUeVOPBNR5S46E1Hlbj4TUeUeORNR5V49E1HlPjsTUeV+PxNZ5Q44k1nlTjyTVa4yk1nlrjaTWeXuMZNZ5Z41k1nl3jOTWeW+OwGs+r8fwaL6jxwhovqvHiGi+p8dIaL6vx8hqvqPHKGq+qcVBjUGNYY1RjXGNSY1pjVmNeY1FjWWNVY11jU2NbY1djX+PVNV5T47U1Xlfj9TXeUOONNd5U48013lLjrTXeVuPtNd5R45013lXj3TXeU+O9Nd5X4/01PlDjgzUOr3FEjQ/V+HCNj9T4aI2P1fh4jU/U+GSNT9X4dI3P1Phsjc/V+HyNL9T4Yo0v1fhyja/U+GqNr9X4eo1v1PhmjW/V+HaN79T4bo3v1fh+jR/U+GGNH9X4cY2f1PhpjZ/V+HmNX9T4ZY1f1fh1jd/U+G2N39X4fY0/1PhjjT/V+HONv9T4a42/1fh7jX/U+GeNf9X4d43/1Phvjf/VOLLGUTWOrnFMjWNrHNLgOA2O2+B4DY7f4AQNTtjgRA1O3OAkDQ5tcNIGJ2tw8ganaHDKBqdqcOoGp2lw2gana3D6BmdocMYGZ2pw5gZnaXDWBmdrcPYG52hwzgbnanDuBudpcN4G52tw/gYXaHDBBhdqcOEGF2lw0QYXa3DxBpdocMkGl2qQBpducJkGl21wuQaXb3CFBldscKUGV25wlQZXbXC1BldvcI0G12xwrQbXbnCdBtdtcL0G129wgwY3bHCjBjducJMGN21wswY3b3CLBrdscKsGt25wmwa3bXC7BrdvcIcGd2xwpwZ3bnCXBndtcLcGd29wjwb3bHCvBvducJ8G921wvwb3b/CABg9s8KAGD27wkAYPbfCwBg9v8IgGj2zwqAaPbvCYBo9t8LgGj2/whAZPbPCkBk9u0AZPafDUBk9r8PQGz2jwzAbPavDsBs9p8NwGhzV4XoPnN3hBgxc2eFGDFzd4SYOXNnhZg5c3eEWDVzZ4VYODBoMGwwajBuMGkwbTBrMG8waLBssGqwbrBpsG2wa7BvsGr27wmgavbfC6Bq9v8IYGb2zwpgZvbvCWBm9t8LYGb2/wjgbvbPCuBu9u8J4G723wvgbvb/CBBh9scHiDIxp8qMGHG3ykwUcbfKzBxxt8osEnG3yqwacbfKbBZxt8rsHnG3yhwRcbfKnBlxt8pcFXG3ytwdcbfKPBNxt8q8G3G3ynwXcbfK/B9xv8oMEPG/yowY8b/KTBTxv8rMHPG/yiwS8b/KrBrxv8psFvG/yuwe8b/KHBHxv8qcGfG/ylwV8b/K3B3xv8o8E/G/yrwb8b/KfBfxv8r8GRDY5qcHSDYxoc2+CQFsdpcdwWx2tx/BYnaHHCFidqceIWJ2lxaIuTtjhZi5O3OEWLU7Y4VYtTtzhNi9O2OF2L07c4Q4sztjhTizO3OEuLs7Y4W4uztzhHi3O2OFeLc7c4T4vztjhfi/O3uECLC7a4UIsLt7hIi4u2uFiLi7e4RItLtrhUi7S4dIvLtLhsi8u1uHyLK7S4Yosrtbhyi6u0uGqLq7W4eotrtLhmi2u1uHaL67S4bovrtbh+ixu0uGGLG7W4cYubtLhpi5u1uHmLW7S4ZYtbtbh1i9u0uG2L27W4fYs7tLhjizu1uHOLu7S4a4u7tbh7i3u0uGeLe7W4d4v7tLhvi/u1uH+LB7R4YIsHtXhwi4e0eGiLh7V4eItHtHhki0e1eHSLx7R4bIvHtXh8iye0eGKLJ7V4cou2eEqLp7Z4Wount3hGi2e2eFaLZ7d4TovntjisxfNaPL/FC1q8sMWLWry4xUtavLTFy1q8vMUrWryyxataHLQYtBi2GLUYt5i0mLaYtZi3WLRYtli1WLfYtNi22LXYt3h1i9e0eG2L17V4fYs3tHhjize1eHOLt7R4a4u3tXh7i3e0eGeLd7V4d4v3tHhvi/e1eH+LD7T4YIvDWxzR4kMtPtziIy0+2uJjLT7e4hMtPtniUy0+3eIzLT7b4nMtPt/iCy2+2OJLLb7c4istvtriay2+3uIbLb7Z4lstvt3iOy2+2+J7Lb7f4gctftjiRy1+3OInLX7a4mctft7iFy1+2eJXLX7d4jctftvidy1+3+IPLf7Y4k8t/tziLy3+2uJvLf7e4h8t/tniXy3+3eI/Lf7b4n8tjmxxVIujWxzT4tgWh3Q4Tofjdjheh+N3OEGHE3Y4UYcTdzhJh0M7nLTDyTqcvMMpOpyyw6k6nLrDaTqctsPpOpy+wxk6nLHDmTqcucNZOpy1w9k6nL3DOTqcs8O5Opy7w3k6nLfD+Tqcv8MFOlyww4U6XLjDRTpctMPFOly8wyU6XLLDpTqkw6U7XKbDZTtcrsPlO1yhwxU7XKnDlTtcpcNVO1ytw9U7XKPDNTtcq8O1O1ynw3U7XK/D9TvcoMMNO9yow4073KTDTTvcrMPNO9yiwy073KrDrTvcpsNtO9yuw+073KHDHTvcqcOdO9ylw1073K3D3Tvco8M9O9yrw7073KfDfTvcr8P9OzygwwM7PKjDgzs8pMNDOzysw8M7PKLDIzs8qsOjOzymw2M7PK7D4zs8ocMTOzypw5M7tMNTOjy1w9M6PL3DMzo8s8OzOjy7w3M6PLfDYR2e1+H5HV7Q4YUdXtThxR1e0uGlHV7W4eUdXtHhlR1e1eGgw6DDsMOow7jDpMO0w6zDvMOiw7LDqsO6w6bDtsOuw77Dqzu8psNrO7yuw+s7vKHDGzu8qcObO7ylw1s7vK3D2zu8o8M7O7yrw7s7vKfDezu8r8P7O3ygwwc7HN7hiA4f6vDhDh/p8NEOH+vw8Q6f6PDJDp/q8OkOn+nw2Q6f6/D5Dl/o8MUOX+rw5Q5f6fDVDl/r8PUO3+jwzQ7f6vDtDt/p8N0O3+vw/Q4/6PDDDj/q8OMOP+nw0w4/6/DzDr/o8MsOv+rw6w6/6fDbDr/r8PsOf+jwxw5/6vDnDn/p8NcOf+vw9w7/6PDPDv8aNsS/O/ynw387/K/DkR2O6nB0h2M6HNvhkB7H6XHcHsfrcfweJ+hxwh4n6nHiHifpcWiPk/Y4WY+T9zhFj1P2OFWPU/c4TY/T9jhdj9P3OEOPM/Y4U48z9zhLj7P2OFuPs/c4R49z9jhXj3P3OE+P8/Y4X4/z97hAjwv2uFCPC/e4SI+L9rhYj4v3uESPS/a4VI/0uHSPy/S4bI/L9bh8jyv0uGKPK/W4co+r9Lhqj6v1uHqPa/S4Zo9r9bh2j+v0uG6P6/W4fo8b9Lhhjxv1uHGPm/S4aY+b9bh5j1v0uGWPW/W4dY/b9Lhtj9v1uH2PO/S4Y4879bhzj7v0uGuPu/W4e4979Lhnj3v1uHeP+/S4b4/79bh/jwf0eGCPB/V4cI+H9Hhoj4f1eHiPR/R4ZI9H9Xh0j8f0eGyPx/V4fI8n9Hhijyf1eHKP9nhKj6f2eFqPp/d4Ro9n9nhWj2f3eE6P5/Y4rMfzejy/xwt6vLDHi3q8uMdLery0x8t6vLzHK3q8sserehz0GPQY9hj1GPeY9Jj2mPWY91j0WPZY9Vj32PTY9tj12Pd4dY/X9Hhtj9f1eH2PN/R4Y4839Xhzj7f0eGuPt/V4e4939Hhnj3f1eHeP9/R4b4/39Xh/jw/0+GCPw3sc0eP/kVyOTXwfjBZMmSa1bbtb27Zt295aqW3j/7NRt1Ft27btO8/c8w3OzuyLHTnAUQMcPcAxAxw7wIcG+PAAHxngowN8bICPD/CJAT45wKcG+PQAnxngswN8boDPD/CFAb44wJcG+PIAXxngqwN8bYCvD/CNAb45wLcG+PYA3xnguwN8b4DvD/CDAX44wI8G+PEAPxngpwP8bICfD/CLAX45wK8G+PUAvxngtwP8boDfD/CHAf44wJ8G+PMAfxngrwP8bYC/D/CPAf45wL8G+PcA/xngvwP8b4BDAhwnwHEDHC/A8QOcIMAJAxwa4EQBDgtweIATBzhJgJMGOFmAkwc4RYBTBjhVgFMHOE2A0wY4XYDTBzhDgDMGOFOAMwc4S4CzBjhbgLMHOEeAcwY4V4BzBzhPgPMGOF+A8we4QIALBrhQgAsHuEiAiwa4WICLB7hEgAS4ZIBLBbh0gMsEuGyAywW4fIArBLhigCsFuHKAqwS4aoCrBbh6gGsEuGaAawW4doDrBLhugOsFuH6AGwS4YYAbBbhxgJsEuGmAmwW4eYBbBLhlgFsFuHWA2wS4bYDbBbh9gDsEuGOAOwW4c4C7BLhrgLsFuHuAewS4Z4B7Bbh3gPsEuG+A+wW4f4AHBHhggAcFeHCAhwR4aICHBXh4gEcEeGSARwV4dIDHBHhsgMcFeHyAJwR4YoAGeFKAJwd4SoCnBnhagKcHeEaAZwZ4VoBnB3hOgCMCPDfA8wI8P8ALArwwwIsCvDjASwK8NMDLArw8wCsCvDLAqwK8OsBrArw2wOsCvD7AGwK8McCbArw5wFsCvDXA2wK8PcA7AhwEGAQYBhgFGAeYBJgGmAWYB1gEWAZYBVgH2ATYBtgF2Ad4Z4B3BXh3gPcEeG+A9wV4f4APBPhggCMDHBXg6ADHBDg2wIcCfDjARwJ8NMDHAnw8wCcCfDLApwJ8OsBnAnw2wOcCfD7AFwJ8McCXAnw5wFcCfDXA1wJ8PcA3AnwzwLcCfDvAdwJ8N8D3Anw/wA8C/DDAjwL8OMBPAvw0wM8C/DzALwL8MsCvAvw6wG8C/DbA7wL8PsAfAvwxwJ8C/DnAXwL8NcDfAvw9wD8C/DPAvwL8O8B/Avw3wP+C8RwS4jghjhvieCGOH+IEIU4Y4tAQJwpxWIjDQ5w4xElCnDTEyUKcPMQpQpwyxKlCnDrEaUKcNsTpQpw+xBlCnDHEmUKcOcRZQpw1xNlCnD3EOUKcM8S5Qpw7xHlCnDfE+UKcP8QFQlwwxIVCXDjERUJcNMTFQlw8xCVCJMQlQ1wqxKVDXCbEZUNcLsTlQ1whxBVDXCnElUNcJcRVQ1wtxNVDXCPENUNcK8S1Q1wnxHVDXC/E9UPcIMQNQ9woxI1D3CTETUPcLMTNQ9wixC1D3CrErUPcJsRtQ9wuxO1D3CHEHUPcKcSdQ9wlxF1D3C3E3UPcI8Q9Q9wrxL1D3CfEfUPcL8T9QzwgxANDPCjEg0M8JMRDQzwsxMNDPCLEI0M8KsSjQzwmxGNDPC7E40M8IcQTQzTEk0I8OcRTQjw1xNNCPD3EM0I8M8SzQjw7xHNCHBHiuSGeF+L5IV4Q4oUhXhTixSFeEuKlIV4W4uUhXhHilSFeFeLVIV4T4rUhXhfi9SHeEOKNId4U4s0h3hLirSHeFuLtId4R4iDEIMQwxCjEOMQkxDTELMQ8xCLEMsQqxDrEJsQ2xC7EPsQ7Q7wrxLtDvCfEe0O8L8T7Q3wgxAdDHBniqBBHhzgmxLEhPhTiwyE+EuKjIT4W4uMhPhHikyE+FeLTIT4T4rMhPhfi8yG+EOKLIb4U4sshvhLiqyG+FuLrIb4R4pshvhXi2yG+E+K7Ib4X4vshfhDihyF+FOLHIX4S4qchfhbi5yF+EeKXIX4V4tchfhPityF+F+L3If4Q4o8h/hTizyH+EuKvIf4W4u8h/hHinyH+FeLfIf4T4r8h/hfikAjHiXDcCMeLcPwIJ4hwwgiHRjhRhMMiHB7hxBFOEuGkEU4W4eQRThHhlBFOFeHUEU4T4bQRThfh9BHOEOGMEc4U4cwRzhLhrBHOFuHsEc4R4ZwRzhXh3BHOE+G8Ec4X4fwRLhDhghEuFOHCES4S4aIRLhbh4hEuESERLhnhUhEuHeEyES4b4XIRLh/hChGuGOFKEa4c4SoRrhrhahGuHuEaEa4Z4VoRrh3hOhGuG+F6Ea4f4QYRbhjhRhFuHOEmEW4a4WYRbh7hFhFuGeFWEW4d4TYRbhvhdhFuH+EOEe4Y4U4R7hzhLhHuGuFuEe4e4R4R7hnhXhHuHeE+Ee4b4X4R7h/hAREeGOFBER4c4SERHhrhYREeHuERER4Z4VERHh3hMREeG+FxER4f4QkRnhihEZ4U4ckRnhLhqRGeFuHpEZ4R4ZkRnhXh2RGeE+GICM+N8LwIz4/wgggvjPCiCC+O8JIIL43wsggvj/CKCK+M8KoIr47wmgivjfC6CK+P8IYIb4zwpghvjvCWCG+N8LYIb4/wjggHEQYRhhFGEcYRJhGmEWYR5hEWEZYRVhHWETYRthF2EfYR3hnhXRHeHeE9Ed4b4X0R3h/hAxE+GOHICEdFODrCMRGOjfChCB+O8JEIH43wsQgfj/CJCJ+M8KkIn47wmQifjfC5CJ+P8IUIX4zwpQhfjvCVCF+N8LUIX4/wjQjfjPCtCN+O8J0I343wvQjfj/CDCD+M8KMIP47wkwg/jfCzCD+P8IsIv4zwqwi/jvCbCL+N8LsIv4/whwh/jPCnCH+O8JcIf43wtwh/j/CPCP+M8K8I/47wnwj/jfC/CIfEOE6M48Y4XozjxzhBjBPGODTGiWIcFuPwGCeOcZIYJ41xshgnj3GKGKeMcaoYp45xmhinjXG6GKePcYYYZ4xxphhnjnGWGGeNcbYYZ49xjhjnjHGuGOeOcZ4Y541xvhjnj3GBGBeMcaEYF45xkRgXjXGxGBePcYkYiXHJGJeKcekYl4lx2RiXi3H5GFeIccUYV4px5RhXiXHVGFeLcfUY14hxzRjXinHtGNeJcd0Y14tx/Rg3iHHDGDeKceMYNxl3yJD/cdssxs1j3CLGLWPcKsatY9wmxm1j3C7G7WPcIcYdY9wpxp1j3CXGXWPcLcbdY9wjxj1j3CvGvWPcJ8Z9Y9wvxv1jPCDGA2M8KMaDYzwkxkNjPCzGw2M8IsYjYzwqxqNjPCbGY2M8LsbjYzwhxhNjNMaTYjw5xlNiPDXG02I8PcYzYjwzxrNiPDvGc2IcEeO5MZ4X4/kxXhDjhTFeFOPFMV4S46UxXhbj5TFeEeOVMV4V49UxXhPjtTFeF+P1Md4Q440x3hTjzTHeEuOtMd4W4+0x3hHjIMYgxjDGKMY4xiTGNMYsxjzGIsYyxirGOsYmxjbGLsY+xjtjvCvGu2O8J8Z7Y7wvxvtjfCDGB2McGeOoGEfHOCbGsTE+FOPDMT4S46MxPhbj4zE+EeOTMT4V49MxPhPjszE+F+PzMb4Q44sxvhTjyzG+EuOrMb4W4+sxvhHjmzG+FePbMb4T47sxvhfj+zF+EOOHMX4U48cxfhLjpzF+FuPnMX4R45cxfhXj1zF+E+O3MX4X4/cx/hDjjzH+FOPPMf4S468x/hbj7zH+EeOfMf4V498x/hPjvzH+F+OQBMdJcNwEx0tw/AQnSHDCBIcmOFGCwxIcnuDECU6S4KQJTpbg5AlOkeCUCU6V4NQJTpPgtAlOl+D0Cc6Q4IwJzpTgzAnOkuCsCc6W4OwJzpHgnAnOleDcCc6T4LwJzpfg/AkukOCCCS6U4MIJLpLgogkuluDiCS6RIAkumeBSCS6d4DIJLpvgcgkun+AKCa6Y4EoJrpzgKgmumuBqCa6e4BoJrpngWgmuneA6Ca6b4HoJrp/gBglumOBGCW6c4CYJbprgZglunuAWCW6Z4FYJbp3gNglum+B2CW6f4A4J7pjgTgnunOAuCe6a4G4J7p7gHgnumeBeCe6d4D4J7pvgfgnun+ABCR6Y4EEJHpzgIQkemuBhCR6e4BEJHpngUQkeneAxCR6b4HEJHp/gCQmemKAJnpTgySOGe0qCpyZ4WoKnJ3hGgmcmeFaCZyd4ToIjEjw3wfMSPD/BCxK8MMGLErw4wUsSvDTByxK8PMErErwywasSvDrBaxK8NsHrErw+wRsSvDHBmxK8OcFbErw1wdsSvD3BOxIcJBgkGCYYJRgnmCSYJpglmCdYJFgmWCVYJ9gk2CbYJdgneGeCdyV4d4L3JHhvgvcleH+CDyT4YIIjExyV4OgExyQ4NsGHEnw4wUcSfDTBxxJ8PMEnEnwywacSfDrBZxJ8NsHnEnw+wRcSfDHBlxJ8OcFXEnw1wdcSfD3BNxJ8M8G3Enw7wXcSfDfB9xJ8P8EPEvwwwY8S/DjBTxL8NMHPEvw8wS8S/DLBrxL8OsFvEvw2we8S/D7BHxL8McGfEvw5wV8S/DXB3xL8PcE/Evwzwb8S/DvBfxL8N8H/EhyS4jgpjpvieCmOn+IEKU6Y4tAUJ0pxWIrDU5w4xUlSnDTFyVKcPMUpUpwyxalSnDrFaVKcNsXpUpw+xRlSnDHFmVKcOcVZUpw1xdlSnD3FOVKcM8W5Upw7xXlSnDfF+VKcP8UFUlwwxYVSXDjFRVJcNMXFUlw8xSVSJMUlU1wqxaVTXCbFZVNcLsXlU1whxRVTXCnFlVNcJcVVU1wtxdVTXCPFNVNcK8W1U1wnxXVTXC/F9VPcIMUNU9woxY1T3CTFTVPcLMXNU9wixS1T3CrFrVPcJsVtU9wuxe1T3CHFHVPcKcWdU9wlxV1T3C3F3VPcI8U9U9wrxb1T3CfFfVPcL8X9UzwgxQNTPCjFg1M8JMVDUzwsxcNTPCLFI1M8KsWjUzwmxWNTPC7F41M8IcUTUzTFk1I8OcVTUjw1xdNSPD3FM1I8M8WzUjw7xXNSHJHiuSmel+L5KV6Q4oUpXpTixSlekuKlKV6W4uUpXpHilSleleLVKV6T4rUpXpfi9SnekOKNKd6U4s0p3pLirSneluLtKd6R4iDFIMUwxSjFOMUkxTTFLMU8xSLFMsUqxTrFJsU2xS7FPsU7U7wrxbtTvCfFe1O8L8X7U3wgxQdTHJniqBRHpzgmxbEpPpTiwyk+kuKjKT6W4uMpPpHikyk+leLTKT6T4rMpPpfi8ym+kOKLKb6U4sspvpLiqym+luLrKb6R4pspvpXi2ym+k+K7Kb6X4vspfpDihyl+lOLHKX6S4qcpfpbi5yl+keKXKX6V4tcpfpPityl+l+L3Kf6Q4o8p/pTizyn+kuKvKf6W4u8p/pHinyn+leLfKf6T4r8p/pfikAzHyXDcDMfLcPwMJ8hwwgyHZjhRhsMyHJ7hxBlOkuGkGU6W4eQZTpHhlBlOleHUGU6T4bQZTpfh9BnOkOGMGc6U4cwZzpLhrBnOluHsGc6R4ZwZzpXh3BnOk+G8Gc6X4fwZLpDhghkulOHCGS6S4aIZLpbh4hkukSEZLpnhUhkuneEyGS6b4XIZLp/hChmumOFKGa6c4SoZrprhahmunuEaGa6Z4VoZrp3hOhmum+F6Ga6f4QYZbpjhRhlunOEmGW6a4WYZbp7hFhlumeFWGW6d4TYZbpvhdhlun+EOGe6Y4U4Z7pzhLhnumuFuGe6e4R4Z7pnhXhnuneE+2f8CA/fLcP8MD8jwwAwPyvDgDA/J8NAMD8vw8AyPyPDIDI/K8OgMj8nw2AyPy/D4DE/I8MQMzfCkDE/O8JQMT83wtAxPz/CMDM/M8KwMz87wnAxHZHhuhudleH6GF2R4YYYXZXhxhpdkeGmGl2V4eYZXZHhlhldleHWG12R4bYbXZXh9hjdkeGOGN2V4c4a3ZHhrhrdleHuGd2Q4yDDIMMwwyjDOMMkwzTDLMM+wyLDMsMqwzrDJsM2wy7DP8M4M78rw7gzvyfDeDO/L8P4MH8jwwQxHZjgqw9EZjslwbIYPZfhwho9k+GiGj2X4eIZPZPhkhk9l+HSGz2T4bIbPZfh8hi9k+GKGL2X4coavZPhqhq9l+HqGb2T4ZoZvZfh2hu9k+G6G72X4foYfZPhhhh9l+HGGn2T4aYafZfh5hl9k+GWGX2X4dYbfZPhtht9l+H2GP2T4Y4Y/Zfhzhr9k+GuGv2X4e4Z/ZPhnhn9l+HeG/2T4b4b/ZTgkx3FyHDfH8XIcP8cJcpwwx6E5TpTjsByH5zhxjpPkOGmOk+U4eY5T5DhljlPlOHWO0+Q4bY7T5Th9jjPkOGOOM+U4c46z5DhrjrPlOHuOc+Q4Z45z5Th3jvPkOG+O8+U4f44L5LhgjgvluHCOi+S4aI6L5bh4jkvkSI5L5rhUjkvnuEyOy+a4XI7L57hCjivmuFKOK+e4So6r5rhajqvnuEaOa+a4Vo5r57hOjuvmuF6O6+e4QY4b5rhRjhvnuEmOm+a4WY6b57hFjlvmuFWOW+e4TY7b5rhdjtvnuEOOO+a4U44757hLjrvmuFuOu+e4R4575rhXjnvnuE+O++a4X47753hAjgfmeFCOB+d4SI6H5nhYjofneESOR+Z4VI5H53hMjsfmeFyOx+d4Qo4n5miOJ+V4co6n5HhqjqfleHqOZ+R4Zo5n5Xh2jufkOCLHc3M8L8fzc7wgxwtzvCjHi3O8JMdLc7wsx8tzvCLHK3O8Kserc7wmx2tzvC7H63O8Iccbc7wpx5tzvCXHW3O8Lcfbc7wjx0GOQY5hjlGOcY5JjmmOWY55jkWOZY5VjnWOTY5tjl2OfY535nhXjnfneE+O9+Z4X4735/hAjg/mODLHUTmOznFMjmNzfCjHh3N8JMdHc3wsx8dzfCLHJ3N8Ksenc3wmx2dzfC7H53N8IccXc3wpx5dzfCXHV3N8LcfXc3wjxzdzfCvHt3N8J8d3c3wvx/dz/CDHD3P8KMePc/wkx09z/CzHz3P8Iscvc/wqx69z/CbHb3P8Lsfvc/whxx9z/CnHn3P8Jcdfc/wtx99z/CPHP3P8K8e/c/wnx39z/C/HIQWOU+C4BY5X4PgFTlDghAUOLXCiAocVOLzAiQucpMBJC5yswMkLnKLAKQucqsCpC5ymwGkLnK7A6QucocAZC5ypwJkLnKXAWQucrcDZC5yjwDkLnKvAuQucp8B5C5yvwPkLXKDABQtcqMCFC1ykwEULXKzAxQtcokAKXLLApQpcusBlCly2wOUKXL7AFQpcscCVCly5wFUKXLXA1QpcvcA1ClyzwLUKXLvAdQpct8D1Cly/wA0K3LDAjQrcuMBNCty0wM0K3LzALQrcssCtCty6wG0K3LbA7QrcvsAdCtyxwJ0K3LnAXQrctcDdCty9wD0K3LPAvQrcu8B9Cty3wP0K3L/AAwo8sMCDCjy4wEMKPLTAwwo8vMAjCjyywKMKPLrAYwo8tsDjCjy+wBMKPLFACzypwJMLPKXAUws8rcDTCzyjwDMLPKvAsws8p8ARBZ5b4HkFnl/gBQVeWOBFBV5c4CUFXlrgZQVeXuAVBV5Z4FUFXl3gNQVeW+B1BV5f4A0F3ljgTQXeXOAtBd5a4G0F3l7gHQUOCgwKDAuMCowLTApMC8wKzAssCiwLhg4ZMsS6wKbAtsCuwL7AOwu8q8C7C7ynwHsLvK/A+wt8oMAHCxxZ4KgCRxc4psCxBT5U4MMFPlLgowU+VuDjBT5R4JMFPlXg0wU+U+CzBT5X4PMFvlDgiwW+VODLBb5S4KsFvlbg6wW+UeCbBb5V4NsFvlPguwW+V+D7BX5Q4IcFflTgxwV+UuCnBX5W4OcFflHglwV+VeDXBX5T4LcFflfg9wX+UOCPBf5U4M8F/lLgrwX+VuDvBf5R4J8F/lXg3wX+U+C/Bf5X4JASxylx3BLHK3H8EicoccISh5Y4UYnDShxe4sQlTlLipCVOVuLkJU5R4pQlTlXi1CVOU+K0JU5X4vQlzlDijCXOVOLMJc5S4qwlzlbi7CXOUeKcJc5V4twlzlPivCXOV+L8JS5Q4oIlLlTiwiUuUuKiJS5W4uIlLlEiJS5Z4lIlLl3iMiUuW+JyJS5f4golrljiSiWuXOIqJa5a4molrl7iGiWuWeJaJa5d4jolrlvieiWuX+IGJW5Y4kYlblziJiVuWuJmJW5e4hYlblniViVuXeI2JW5b4nYlbl/iDiXuWOJOJe5c4i4l7lribiXuXuIeJe5Z4l4l7l3iPiXuW+J+Je5f4gElHljiQSUeXOIhJR5a4mElHl7iESUeWeJRJR5d4jElHlvicSUeX+IJJZ5YoiWeVOLJJZ5S4qklnlbi6SWeUeKZJZ5V4tklnlPiiBLPLfG8Es8v8YISLyzxohIvLvGSEi8t8bISLy/xihKvLPGqEq8u8ZoSry3xuhKvL/GGEm8s8aYSby7xlhJvLfG2Em8v8Y4SByUGJYYlRiXGJSYlpiVmJeYlFiWWJVYl1iU2JbYldiX2Jd5Z4l0l3l3iPSXeW+J9Jd5f4gMlPljiyBJHlTi6xDElji3xoRIfLvGREh8t8bESHy/xiRKfLPGpEp8u8ZkSny3xuRKfL/GFEl8s8aUSXy7xlRJfLfG1El8fNuT/V+JbJb5d4jslvlvieyW+X+IHJX5Y4kclflziJyV+WuJnJX5e4hclflniVyV+XeI3JX5b4nclfl/iDyX+WOJPJf5c4i8l/lribyX+XuIfJf5Z4l8l/l3iPyX+W+J/JQ6pcJwKx61wvArHr3CCCiescGiFE1U4rMLhFU5c4SQVTlrhZBVOXuEUFU5Z4VQVTl3hNBVOW+F0FU5f4QwVzljhTBXOXOEsFc5a4WwVzl7hHBXOWeFcFc5d4TwVzlvhfBXOX+ECFS5Y4UIVLlzhIhUuWuFiFS5e4RIVUuGSFS5V4dIVLlPhshUuV+HyFa5Q4YoVrlThyhWuUuGqFa5W4eoVrlHhmhWuVeHaFa5T4boVrlfh+hVuUOGGFW5U4cYVblLhphVuVuHmFW5R4ZYVblXh1hVuU+G2FW5X4fYV7lDhjhXuVOHOFe5S4a4V7lbh7hXuUeGeFe5V4d4V7lPhvhXuV+H+FR5Q4YEVHlThwRUeUuGhFR5W4eEVHlHhkRUeVeHRFR5T4bEVHlfh8RWeUOGJFVrhSRWeXOEpFZ5a4WkVnl7hGRWeWeFZFZ5d4TkVjqjw3ArPq/D8Ci+o8MIKL6rw4govqfDSCi+r8PIKr6jwygqvqvDqCq+p8NoKr6vw+gpvqPDGCm+q8OYKb6nw1gpvq/D2Cu+ocFBhUGFYYVRhXGFSYVphVmFeYVFhWWFVYV1hU2FbYVdhX+GdFd5V4d0V3lPhvRXeV+H9FT5Q4YMVjqxwVIWjKxxT4dgKH6rw4QofqfDRCh+r8PEKn6jwyQqfqvDpCp+p8NkKn6vw+QpfqPDFCl+q8OUKX6nw1Qpfq/D1Ct+o8M0K36rw7QrfqfDdCt+r8P0KP6jwwwo/qvDjCj+p8NMKP6vw8wq/qPDLCr+q8OsKv6nw2wq/q/D7Cn+o8McKf6rw5wp/qfDXCn+r8PcK/6jwzwr/qvDvCv+p8N8K/6twSI3j1DhujePVOH6NE9Q4YY1Da5yoxmE1Dq9x4honqXHSGiercfIap6hxyhqnqnHqGqepcdoap6tx+hpnqHHGGmeqceYaZ6lx1hpnq3H2Gueocc4a56px7hrnqXHeGuercf4aF6hxwRoXqnHhGhepcdEaF6tx8RqXqJEal6xxqRqXrnGZGpetcbkal69xhRpXrHGlGleucZUaV61xtRpXr3GNGtesca0a165xnRrXrXG9GtevcYMaN6xxoxo3rnGTGjetcbMaN69xixq3rHGrGreucZsat61xuxq3r3GHGnescacad65xlxp3rXG3GnevcY8a96xxrxr3rnGfGvetcb8a96/xgBoPrPGgGg+u8ZAaD63xsBoPr/GIGo+s8agaj67xmBqPrfG4Go+v8YQaT6zRGk+q8eQaT6nx1BpPq/H0Gs+o8cwaz6rx7BrPqXFEjefWeF6N59d4QY0X1nhRjRfXeEmNl9Z4WY2X13hFjVfWeFWNV9d4TY3X1nhdjdfXeEONN9Z4U40313hLjbfWeFuNt9d4R42DGoMawxqjGuMakxrTGrMa8xqLGssaqxrrGpsa2xq7Gvsa76zxrhrvrvGeGu+t8b4a76/xgRofrHFkjaNqHF3jmBrH1vhQjQ/X+EiNj9b4WI2P1/hEjU/W+FSNT9f4TI3P1vhcjc/X+EKNL9b4Uo0v1/hKja/W+FqNr9f4Ro1v1vhWjW/X+E6N79b4Xo3v1/hBjR/W+FGNH9f4SY2f1vhZjZ/X+EWNX9b4VY1f1/hNjd/W+F2N39f4Q40/1vhTjT/X+EuNv9b4W42/1/hHjX/W+FeNf9f4T43/1vhfjUMaHKfBcRscr8HxG5ygwQkbHNrgRA0Oa3B4gxM3OEmDkzY4WYOTNzhFg1M2OFWDUzc4TYPTNjhdg9M3OEODMzY4U4MzNzhLg7M2OFuDszc4R4NzNjhXg3M3OE+D8zY4X4PzN7hAgws2uFCDCze4SIOLNrhYg4s3uESDNLhkg0s1uHSDyzS4bIPLNbh8gys0uGKDKzW4coOrNLhqg6s1uHqDazS4ZoNrNbh2g+s0uG6D6zW4foMbNLhhgxs1uHGDmzS4aYObNbh5g1s0uGWDWzW4dYPbNLhtg9s1uH2DOzS4Y4M7Nbhzg7s0uGuDuzW4e4N7NLhng3s1uHeD+zS4b4P7Nbh/gwc0eGCDBzV4cIOHNHhog4c1eHiDRzR4ZINHNXh0g8c0eGyDxzV4fIMnNHhigzZ4UoMnN3hKg6c2eFqDpzd4RoNnNnhWg2c3eE6DIxo8t8HzGjy/wQsavLDBixq8uMFLGry0wcsavLzBKxq8ssGrGry6wWsavLbB6xq8vsEbGryxwZsavLnBWxq8tcHbGry9wTsaHDQYNBg2GDUYN5g0mDaYNZg3WDRYNlg1WDfYNNg22DXYN3hng3c1eHeD9zR4b4P3NXh/gw80+GCDIxsc1eDoBsc0OLbBhxp8uMFHGny0wccafLzBJxp8ssGnGny6wWcafLbB5xp8vsEXGnyxwZcafLnBVxp8tcHXGny9wTcafLPBtxp8u8F3Gny3wfcafL/BDxr8sMGPGvy4wU8a/LTBzxr8vMEvGvyywa8a/LrBbxr8tsHvGvy+wR8a/LHBnxr8ucFfGvy1wd8a/L3BPxr8s8G/Gvy7wX8a/LfB/xoc0uI4LY7b4ngtjt/iBC1O2OLQFidqcViLw1ucuMVJWpy0xclanLzFKVqcssWpWpy6xWlanLbF6VqcvsUZWpyxxZlanLnFWVqctcXZWpy9xTlanLPFuVqcu8V5Wpy3xflanL/FBVpcsMWFWly4xUVaXLTFxVpcvMUlWqTFJVtcqsWlW1ymxWVbXK7F5VtcocUVW1ypxZVbXKXFVVtcrcXVW1yjxTVbXKvFtVtcp8V1W1yvxfVb3KDFDVvcqMWNW9ykxU1b3KzFzVvcosUtW9yqxa1b3KbFbVvcrsXtW9yhxR1b3KnFnVvcpcVdW9ytxd1b3KPFPVvcq8W9W9ynxX1b3K/F/Vs8oMUDWzyoxYNbPKTFQ1s8rMXDWzyixSNbPKrFo1s8psVjWzyuxeNbPKHFE1u0xZNaPLnFU1o8tcXTWjy9xTNaPLPFs1o8u8VzWhzR4rktntfi+S1e0OKFLV7U4sUtXtLipS1e1uLlLV7R4pUtXtXi1S1e0+K1LV7X4vUt3tDijS3e1OLNLd7S4q0t3tbi7S3e0eKgxaDFsMWoxbjFpMW0xazFvMWixbLFqsW6xabFtsWuxb7FO1u8q8W7W7ynxXtbvK/F+1t8oMUHWxzZ4qgWR7c4psWxLT7U4sMtPtLioy0+1uLjLT7R4pMtPtX+vy/PtPhsi8+1+HyLL7T4Yosvtfhyi6+0+GqLr7X4eotvtPhmi2+1+HaL77T4bovvtfh+ix+0+GGLH7X4cYuftPhpi5+1+HmLX7T4ZYtftfh1i9+0+G2L37X4fYs/tPhjiz+1+HOLv7T4a4u/tfh7i3+0+GeLf7X4d4v/tPhvi//970+H43Q4bofjdTh+hxN0OGGHQzucqMNhHQ7vcOIOJ+lw0g4n63DyDqfocMoOp+pw6g6n6XDaDqfrcPoOZ+hwxg5n6nDmDmfpcNYOZ+tw9g7n6HDODufqcO4O5+lw3g7n63D+DhfocMEOF+pw4Q4X6XDRDhfrcPEOl+iQDpfscKkOl+5wmQ6X7XC5DpfvcIUOV+xwpQ5X7nCVDlftcLUOV+9wjQ7X7HCtDtfucJ0O1+1wvQ7X73CDDjfscKMON+5wkw437XCzDjfvcIsOt+xwqw637nCbDrftcLsOt+9whw537HCnDnfucJcOd+1wtw5373CPDvfscK8O9+5wnw737XC/Dvfv8IAOD+zwoA4P7vCQDg/t8LAOD+/wiA6P7PCoDo/u8JgOj+3wuA6P7/CEDk/s0A5P6vDkDk/p8NQOT+vw9A7P6PDMDs/q8OwOz+lwRIfndnheh+d3eEGHF3Z4UYcXd3hJh5d2eFmHl3d4RYdXdnhVh1d3eE2H13Z4XYfXd3hDhzd2eFOHN3d4S4e3dnhbh7d3eEeHgw6DDsMOow7jDpMO0w6zDvMOiw7LDqsO6w6bDtsOuw77Du/s8K4O7+7wng7v7fC+Du/v8IEOH+xwZIejOhzd4ZgOx3b4UIcPd/hIh492+FiHj3f4RIdPdvhUh093+EyHz3b4XIfPd/hChy92+FKHL3f4Soevdvhah693+EaHb3b4Vodvd/hOh+92+F6H73f4QYcfdvhRhx93+EmHn3b4WYefd/hFh192+FWHX3f4TYffdvhdh993+EOHP3b4U4c/d/hLh792+FuHv3f4R4d/dvhXh393+E+H/3b4X4dDehynx3F7HK/H8XucoMcJexza40Q9DutxeI8T9zhJj5P2OFmPk/c4RY9T9jhVj1P3OE2P0/Y4XY/T9zhDjzP2OFOPM/c4S4+z9jhbj7P3OEePc/Y4V49z9zhPj/P2OF+P8/e4QI8L9rhQjwv3uEiPi/a4WI+L97hEj/S4ZI9L9bh0j8v0uGyPy/W4fI8r9Lhijyv1uHKPq/S4ao+r9bh6j2v0uGaPa/W4do/r9Lhuj+v1uH6PG/S4YY8b9bhxj5v0uGmPm/W4eY9b9Lhlj1v1uHWP2/S4bY/b9bh9jzv0uGOPO/W4c4+79Lhrj7v1uHuPe/S4Z4979bh3j/v0uG+P+/W4f48H9Hhgjwf1eHCPh/R4aI+H9Xh4j0f0eGSPR/V4dI/H9Hhsj8f1eHyPJ/R4Yo/2eFKPJ/d4So+n9nhaj6f3eEaPZ/Z4Vo9n93hOjyN6PLfH83o8v8cLerywx4t6vLjHS3q8tMfLery8xyt6vLLHq3q8usdrery2x+t6vL7HG3q8scebery5x1t6vLXH23q8vcc7ehz0GPQY9hj1GPeY9Jj2mPWY91j0WPZY9Vj32PTY9tj12Pd4Z4939Xh3j/f0eG+P9/V4f48P9PhgjyN7HNXj6B7H9Di25/9YtOc2vgtAgeJbtWrZtl0n27Zt2z7Ztm17v6+NbBvLNlat7T73ufe8h/Pfx26A/QCfHOBTA3x6gM8M8NkBPjfA5wf4wgBfHOBLA3x5gK8M8NUBvjbA1wf4xgDfHOBbA3x7gO8M8N0BvjfA9wf4wQA/HOBHA/x4gJ8McOQAPx3gZwP8fIBfDPDLAX41wK8H+M0Avx3gdwP8foA/DPDHAf40wJ8H+MsAfx3gbwP8fYB/DPDPAf41wFED/HuA/wzw3wGOHuB/AxwzwLEDHBLg0ADHCXDcAMcLcFiA4wc4QYATBjg8wIkCnDjASQKcNMDJApw8wCkCnDLAqQKcOsBpApw2wOkCnD7AGQKcMcCZApw5wFkCnDXA2QKcPcA5ApwzwLkCnDvAeQKcN8D5Apw/wAUCXDDAhQJcOMBFAlw0wMUCXDzAJQIkwCUDXCrApQNcJsBlA1wuwOUDXCHAFQNcKcCVA1wlwFUDXC3A1QNcI8A1A1wrwLUDXCfAdQNcL8D1A9wgwA0D3CjAjQPcJMBNA9wswM0D3CLALQPcKsCtA9wmwG0D3C7A7QPcIcAdA9wpwJ0D3CXAXQPcLcDdA9wjwD0D3CvAvQPcJ8B9A9wvwP0DPCDAAwM8KMCDAzwkwEMDPCzAwwM8IsAjAzwqwKMDPCbAYwM8LsDjAzwhwBMDNMCTAjw5wFMCPDXA0wI8PcAzAjwzwLMCPDvAcwI8N8DzAjw/wAsCvDDAiwK8OMBLArw0wMsCvDzAKwK8MsCrArw6wGsCvDbA6wK8PsAbArwxwJsCvDnAWwK8NcDbArw9wDsCvDPAuwK8O8B7Arw3wPsCvD/ABwJ8MMCHAnw4wEcCfDTAxwJ8PMAnAhwR4CDAIMAwwCjAOMAkwDTALMA8wCLAMsAqwDrAJsA2wC7APsAnA3wqwKcDfCbAZwN8LsDnA3whwBcDfCnAlwN8JcBXA3wtwNcDfCPANwN8K8C3A3wnwHcDfC/A9wP8IMAPA/wowI8D/CTAkQF+GuBnAX4e4BcBfhngVwF+HeA3AX4b4HcBfh/gDwH+GOBPAf4c4C8B/hrgbwH+HuAfAf4Z4F8Bjgrw7wD/CfDfAEcH+F+AYwIcG+CQEIeGOE6I44Y4XojDQhw/xAlCnDDE4SFOFOLEIU4S4qQhThbi5CFOEeKUIU4V4tQhThPitCFOF+L0Ic4Q4owhzhTizCHOEuKsIc4W4uwhzhHinCHOFeLcIc4T4rwhzhfi/CEuEOKCIS4U4sIhLhLioiEuFuLiIS4RIiEuGeJSIS4d4jIhLhviciEuH+IKIa4Y4kohrhziKiGuGuJqIa4e4hohrhniWiGuHeI6Ia4b4nohrh/iBiFuGOJGIW4c4iYhbhriZiFuHuIWIW4Z4lYhbh3iNiFuG+J2IW4f4g4h7hjiTiHuHOIuIe4a4m4h7h7iHiHuGeJeIe4d4j4h7hvifiHuH+IBIR4Y4kEhHhziISEeGuJhIR4e4hEhHhniUSEeHeIxIR4b4nEhHh/iCSGeGKIhnhTiySGeEuKpIZ4W4ukhnhHimSGeFeLZIZ4T4rkhnhfi+SFeEOKFIV4U4sUhXhLipSFeFuLlIV4R4pUhXhXi1SFeE+K1IV4X4vUh3hDijSHeFOLNId4S4q0h3hbi7SHeEeKdId4V4t0h3hPivSHeF+L9IT4Q4oMhPhTiwyE+EuKjIT4W4uMhPhHiiBAHIQYhhiFGIcYhJiGmIWYh5iEWIZYhViHWITYhtiF2IfYhPhniUyE+HeIzIT4b4nMhPh/iCyG+GOJLIb4c4ishvhriayG+HuIbIb4Z4lshvh3iOyG+G+J7Ib4f4gchfhjiRyF+HOInIY4M8dMQPwvx8xC/CPHLEL8K8esQvwnx2xC/C/H7EH8I8ccQfwrx5xB/CfHXEH8L8fcQ/wjxzxD/CnFUiH+H+E+I/4Y4OsT/QhwT4tgQh0Q4NMJxIhw3wvEiHBbh+BFOEOGEEQ6PcKIIJ45wkggnjXCyCCePcIoIp4xwqginjnCaCKeNcLoIp49whghnjHCmCGeOcJYIZ41wtghnj3COCOeMcK4I545wngjnjXC+COePcIEIF4xwoQgXjnCRCBeNcLEIF49wiQiJcMkIl4pw6QiXiXDZCJeLcPkIV4hwxQhXinDlCFeJcNUIV4tw9QjXiHDNCNeKcO0I1xn2/2YjwvUj3CDCDSPcKMKNI9wkwk0j3CzCzSPcIsItI9wqwq0j3CbCbSPcLsLtI9whwh0j3CnCnSPcJcJdI9wtwt0j3CPCPSPcK8K9I9wnwn0j3C/C/SM8IMIDIzwowoMjPCTCQyM8LMLDIzwiwiMjPCrCoyM8JsJjIzwuwuMjPCHCEyM0wpMiPDnCUyI8NcLTIjw9wjMiPDPCsyI8O8JzIjw3wvMiPD/CCyK8MMKLIrw4wksivDTCyyK8PMIrIrwywqsivDrCayK8NsLrIrw+whsivDHCmyK8OcJbIrw1wtsivD3COyK8M8K7Irw7wnsivDfC+yK8P8IHInwwwocifDjCRyJ8NMLHInw8wiciHBHhIMIgwjDCKMI4wiTCNMIswjzCIsIywirCOsImwjbCLsI+wicjfCrCpyN8JsJnI3wuwucjfCHCFyN8KcKXI3wlwlcjfC3C1yN8I8I3I3wrwrcjfCfCdyN8L8L3I/wgwg8j/CjCjyP8JMKREX4a4WcRfh7hFxF+GeFXEX4d4TcRfhvhdxF+H+EPEf4Y4U8R/hzhLxH+GuFvEf4e4R8R/hnhXxGOivDvCP+J8N8IR0f4X4RjIhwb4ZAYh8Y4TozjxjhejMNiHD9m1Nj/y+ExThTjxDFOEuOkMU4W4+QxThHjlDFOFePUMU4T47QxThfj9DHOEOOMMc4U48wxzhLjrDHOFuPsMc4R45wxzhXj3DHOE+O8Mc4X4/wxLhDjgjEuFOPCMS4S46IxLhbj4jEuESMxLhnjUjEuHeMyMS4b43IxLh/jCjGuGONKMa4c4yoxrhrjajGuHuMaMa4Z41oxrh3jOjGuG+N6Ma4f4wYxbhjjRjFuHOMmMW4a42Yxbh7jFjFuGeNWMW4d4zYxbhvjdjFuH+MOMe4Y404x7hzjLjHuGuNuMe4e4x4x7hnjXjHuHeM+Me4b434x7h/jATEeGONBMR4c4yExHhrjYTEeHuMRMR4Z41ExHh3jMTEeG+NxMR4f4wkxnhijMZ4U48kxnhLjqTGeFuPpMZ4R45kxnhXj2TGeE+O5MZ4X4/kxXhDjhTFeFOPFMV4S46UxXhbj5TFeEeOVMV4V49UxXhPjtTFeF+P1Md4Q440x3hTjzTHeEuOtMd4W4+0x3hHjnTHeFePdMd4T470x3hfj/TE+EOODMT4U48MxPhLjozE+FuPjMT4R44gYBzEGMYYxRjHGMSYxpjFmMeYxFjGWMVYx1jE2MbYxdjH2MT4Z41MxPh3jMzE+G+NzMT4f4wsxvhjjSzG+HOMrMb4a42sxvh7jGzG+GeNbMb4d4zsxvhvjezG+H+MHMX4Y40cxfhzjJzGOjPHTGD+L8fMYv4jxyxi/ivHrGL+J8dsYv4vx+xh/iPHHGH+K8ecYf4nx1xh/i/H3GP+I8c8Y/4pxVIx/x/hPjP/GODrG/2IcE+PYGIckODTBcRIcN8HxEhyW4PgJTpDghAkOT3CiBCdOcJIEJ01wsgQnT3CKBKdMcKoEp05wmgSnTXC6BKdPcIYEZ0xwpgRnTnCWBGdNcLYEZ09wjgTnTHCuBOdOcJ4E501wvgTnT3CBBBdMcKEEF05wkQQXTXCxBBdPcIkESXDJBJdKcOkEl0lw2QSXS3D5BFdIcMUEV0pw5QRXSXDVBFdLcPUE10hwzQTXSnDtBNdJcN0E10tw/QQ3SHDDBDdKcOMEN0lw0wQ3S3DzBLdIcMsEt0pw6wS3SXDbBLdLcPsEd0hwxwR3SnDnBHdJcNcEd0tw9wT3SHDPBPdKcO8E90lw3wT3S3D/BA9I8MAED0rw4AQPSfDQBA9L8PAEj0jwyASPSvDoBI9J8NgEj0vw+ARPSPDEBE3wpARPTvCUBE9N8LQET0/wjATPTPCsBM9O8JwEz03wvATPT/CCBC9M8KIEL07wkgQvTfCyBC9P8IoEr0zwqgSvTvCaBK9N8LoEr0/whgRvTPCmBG9O8JYEb03wtgRvT/COBO9M8K4E707wngTvTfC+BO9P8IEEH0zwoQQfTvCRBB9N8LEEH0/wiQRHJDhIMEgwTDBKME4wSTBNMEswT7BIsEywSrBOsEmwTbBLsE/wyQSfSvDpBJ9J8NkEn0vw+QRfSPDFBF9K8OUEX0nw1QRfS/D1BN9I8M0E30rw7QTfSfDdBN9L8P0EP0jwwwQ/SvDjBD9JcGSCnyb4WYKfJ/hFgl8m+FWCXyf4TYLfJvhdgt8n+EOCPyb4U4I/J/hLgr8m+FuCvyf4R4J/JvhXgqMS/DvBfxL8N8HRCf6X4JgExyY4JMWhKY6T4rgpjpfisBTHT3GCFCdMcXiKE6U4cYqTpDhpipOlOHmKU6Q4ZYpTpTh1itOkOG2K06U4fYozpDhjijOlOHOKs6Q4a4qzpTh7inOkOGeKc6U4d4rzpDhvivOlOH+KC6S4YIoLpbhwioukuGiKi6W4eIpLpEiKS6a4VIpLp7hMisumuFyKy6e4QoorprhSiiunuEqKq6a4Woqrp7hGimumuFaKa6e4TorrprheiuunuEGKG6a4UYobp7hJipumuFmKm6e4RYpbprhVilunuE2K26a4XYrbp7hDijumuFOKO6e4S4q7prhbirunuEeKe6a4V4p7p7hPivumuF+K+6d4QIoHpnhQigeneEiKh6Z4WIqHp3hEikemeFSKR6d4TIrHpnhciseneEKKJ6ZoiieleHKKp6R4aoqnpXh6imekeGaKZ6V4dornpHhuiueleH6KF6R4YYoXpXhxipekeGmKl6V4eYpXpHhlileleHWK16R4bYrXpXh9ijekeGOKN6V4c4q3pHhrireleHuKd6R4Z4p3pXh3ivekeG+K96V4f4oPpPhgig+l+HCKj6T4aIqPpfh4ik+kOCLFQYpBimGKUYpxikmKaYpZinmKRYplilWKdYpNim2KXYp9ik+m+FSKT6f4TIrPpvhcis+n+EKKL6b4Uoovp/hKiq+m+FqKr6f4RopvpvhWim+n+E6K76b4Xorvp/hBih+m+FGKH6f4SYojU/w0xc9S/DzFL1L8MsWvUvw6xW9S/DbF71L8PsUfUvwxxZ9S/DnFX1L8NcXfUvw9xT9S/DPFv1IcleLfKf6T4r8pjk7xvxTHpDg2xSEZDs1wnAzHzXC8DIdlOH6GE2Q4YYbDM5wow4kznCTDSTOcLMPJM5wiwykznCrDqTOcJsNpM5wuw+kznCHDGTOcKcOZM5wlw1kznC3D2TOcI8M5M5wrw7kznCfDeTOcL8P5M1wgwwUzXCjDhTNcJMNFM1wsw8UzXCJDMlwyw6UyXDrDZTJcNsPlMlw+wxUyXDHDlTJcOcNVMlw1w9UyXD3DNTJcM8O1Mlw7w3UyXDfD9TJcP8MNMtwww40y3DjDTTLcNMPNMtw8wy0y3DLDrTLcOsNtMtw2w+0y3D7DHTLcMcOdMtw5w10y3DXD3TLcPcM9Mtwzw70y3DvDfTLcN8P9Mtw/wwMyPDDDgzI8OMNDMjw0w8MyPDzDIzI8MsOjMjw6w2MyPDbD4zI8PsMTMjwxQzM8KcOTMzwlw1MzPC3D0zM8I8MzMzwrw7MzPCfDczM8L8PzM7wgwwszvCjDizO8JMNLM7wsw8szvCLDKzO8KsOrM7wmw2szvC7D6zO8IcMbM7wpw5szvCXDWzO8LcPbM7wjwzszvCvDuzO8J8N7M7wvw/szfCDDBzN8KMOHM3wkw0czfCzDxzN8IsMRGQ4yDDIMM4wyjDNMMkwzzDLMMywyLDOsMqwzbDJsM+wy7DN8MsOnMnw6w2cyfDbD5zJ8PsMXMnwxw5cyfDnDVzJ8NcPXMnw9wzcyfDPDtzJ8O8N3Mnw3w/cyfD/DDzL8MMOPMvw4w08yHJnhpxl+luHnGX6R4ZcZfpXh1xl+k+G3GX6X4fcZ/pDhjxn+lOHPGf6S4a8Z/pbh7xn+keGfGf6V4agM/87wnwz/zXB0hv9lOCbDsRkOyXFojuPkOG6O4+U4LMfxc5wgxwlzHJ7jRDlOnOMkOU6a42Q5Tp7jFDlOmeNUOU6d4zQ5TpvjdDlOn+MMOc6Y40w5zpzjLDnOmuNsOc6e4xw5zpnjXDnOneM8Oc6b43w5zp/jAjkumONCOS6c4yI5LprjYjkunuMSOZLjkjkulePSOS6T47I5Lpfj8jmukOOKOa6U48o5rpLjqjmuluPqOa6R45o5rpXj2jmuk+O6Oa6X4/o5bpDjhjlulOPGOW6S46Y5bpbj5jlukeOWOW6V49Y5bpPjtjlul+P2Oe6Q44457pTjzjnukuOuOe6W4+457pHjnjnulePeOe6T47457pfj/jkekOOBOR6U48E5HpLjoTkeluPhOR6R45E5HpXj0Tkek+OxOR6X4/E5npDjiTma40k5npzjKTmemuNpOZ6e4xk5npnjWTmeneM5OZ6b43k5np/jBTlemONFOV6c4yU5XprjZTlenuMVOV6Z41U5Xp3jNTlem+N1OV6f4w053pjjTTnenOMtOd6a42053p7jHTnemeNdOd6d4z053pvjfTnen+MDOT6Y40M5PpzjIzk+muNjOT6e4xM5jshxkGOQY5hjlGOcY5JjmmOWY55jkWOZY5VjnWOTY5tjl2M/fMiQ/33iqRyfzvGZHJ/N8bkcn8/xhRxfzPGlHF/O8ZUcX83xtRxfz/GNHN/M8a0c387xnRzfzfG9HN/P8YMcP8zxoxw/zvGTHEfm+GmOn+X4eY5f5Phljl/l+HWO3+T4bY7f5fh9jj/k+GOOP+X4c46/5Phrjr/l+HuOf+T4Z45/5Tgqx79z/CfHf3McneN/OY7JcWyOQwocWuA4BY5b4HgFDitw/AInKHDCAocXOFGBExc4SYGTFjhZgZMXOEWBUxY4VYFTFzhNgdMWOF2B0xc4Q4EzFjhTgTMXOEuBsxY4W4GzFzhHgXMWOFeBcxc4T4HzFjhfgfMXuECBCxa4UIELF7hIgYsWuFiBixe4RIEUuGSBSxW4dIHLFLhsgcsVuHyBKxS4YoErFbhygasUuGqBqxW4eoFrFLhmgWsVuHaB6xS4boHrFbh+gRsUuGGBGxW4cYGbFLhpgZsVuHmBWxS4ZYFbFbh1gdsUuG2B2xW4fYE7FLhjgTsVuHOBuxS4a4G7Fbh7gXsUuGeBexW4d4H7FLhvgfsVuH+BBxR4YIEHFXhwgYcUeGiBhxV4eIFHFHhkgUcVeHSBxxR4bIHHFXh8gScUeGKBFnhSgScXeEqBpxZ4WoGnF3hGgWcWeFaBZxd4ToHnFnhegecXeEGBFxZ4UYEXF3hJgZcWeFmBlxd4RYFXFnhVgVcXeE2B1xZ4XYHXF3hDgTcWeFOBNxd4S4G3FnhbgbcXeEeBdxZ4V4F3F3hPgfcWeF+B9xf4QIEPFvhQgQ8X+EiBjxb4WIGPF/hEgSMKHBQYFBgWGBUYF5gUmBaYFZgXWBRYFlgVWBfYFNgW2BXYF/hkgU8V+HSBzxT4bIHPFfh8gS8U+GKBLxX4coGvFPhqga8V+HqBbxT4ZoFvFfh2ge8U+G6B7xX4foEfFPhhgR8V+HGBnxQ4ssBPC/yswM8L/KLALwv8qsCvC/ymwG8L/K7A7wv8ocAfC/ypwJ8L/KXAXwv8rcDfC/yjwD8L/KvAUQX+XeA/Bf5b4OgC/ytwTIFjCxxS4tASxylx3BLHK3FYieOXOEGJE5Y4vMSJSpy4xElKnLTEyUqcvMQpSpyyxKlKnLrEaUqctsTpSpy+xBlKnLHEmUqcucRZSpy1xNlKnL3EOUqcs8S5Spy7xHlKnLfE+Uqcv8QFSlywxIVKXLjERUpctMTFSly8xCVKpMQlS1yqxKVLXKbEZUtcrsTlS1yhxBVLXKnElUtcpcRVS1ytxNVLXKPENUtcq8S1S1ynxHVLXK/E9UvcoMQNS9yoxI1L3KTETUvcrMTNS9yixC1L3KrErUvcpsRtS9yuxO1L3KHEHUvcqcSdS9ylxF1L3K3E3Uvco8Q9S9yrxL1L3KfEfUvcr8T9SzygxANLPKjEg0s8pMRDSzysxMNLPKLEI0s8qsSjSzymxGNLPK7E40s8ocQTS7TEk0o8ucRTSjy1xNNKPL3EM0o8s8SzSjy7xHNKPLfE80o8v8QLSrywxItKvLjES0q8tMTLSry8xCtKvLLEq0q8usRrSry2xOtKvL7EG0q8scSbSry5xFtKvLXE20q8vcQ7SryzxLtKvLvEe0q8t8T7Sry/xAdKfLDEh0p8uMRHSny0xMdKfLzEJ0ocUeKgxKDEsMSoxLjEpMS0xKzEvMSixLLEqsS6xKbEtsSuxL7EJ0t8qsSnS3ymxGdLfK7E50t8ocQXS3ypxJdLfKXEV0t8rcTXS3yjxDdLfKvEt0t8p8R3S3yvxPdL/KDED0v8qMSPS/ykxJElflriZyV+XuIXJX5Z4lclfl3iNyV+W+J3JX5f4g8l/ljiTyX+XOIvJf5a4m8l/l7iHyX+WeJfJY4q8e8S/ynx3xJHl/hfiWNKHFvikAqHVjhOheNWOF6Fwyocv8IJKpywwuEVTlThxBVOUuGkFU5W4eQVTlHhlBVOVeHUFU5T4bQVTlfh9BXOUOGMFc5U4cwVzlLhrBXOVuHsFc5R4ZwVzlXh3BXOU+G8Fc5X4fwVLlDhghUuVOHCFS5S4aIVLlbh4hUuUSEVLlnhUhUuXeEyFS5b4XIVLl/hChWuWOFKFa5c4SoVrlrhahWuXuEaFa5Z4VoVrl3hOhWuW+F6Fa5f4QYVbljhRhVuXOEmFW5a4WYVbl7hFhVuWeFWFW5d4TYVblvhdhVuX+EOFe5Y4U4V7lzhLhXuWuFuFe5e4R4V7lnhXhXuXeE+Fe5b4X4V7l/hARUeWOFBFR5c4SEVHlrhYRUeXuERFR5Z4VEVI0cMGeIxFR5b4XEVHl/hCRWeWKEVnlThyRWeUuGpFZ5W4ekVnlHhmRWeVeHZFZ5T4bkVnlfh+RVeUOGFFV5U4cUVXlLhpRVeVuHlFV5R4ZUVXlXh1RVeU+G1FV5X4fUV3lDhjRXeVOHNFd5S4a0V3lbh7RXeUeGdFd5V4d0V3lPhvRXeV+H9FT5Q4YMVPlThwxU+UuGjFT5W4eMVPlHhiAoHFQYVhhVGFcYVJhWmFWYV5hUWFZYVVhXWFTYVthV2FfYVPlnhUxU+XeEzFT5b4XMVPl/hCxW+WOFLFb5c4SsVvlrhaxW+XuEbFb5Z4VsVvl3hOxW+W+F7Fb5f4QcVfljhRxV+XOEnFY6s8NMKP6vw8wq/qPDLCr+q8OsKv6nw2wq/q/D7Cn+o8McKf6rw5wp/qfDXCn+r8PcK/6jwzwr/qnBUhX9X+E+F/1Y4usL/KhxT4dgKh9Q4tMZxahy3xvFqHFbj+DVOUOOENQ6vcaIaJ65xkhonrXGyGievcYoap6xxqhqnrnGaGqetcboap69xhhpnrHGmGmeucZYaZ61xthpnr3GOGuesca4a565xnhrnrXG+GuevcYEaF6xxoRoXrnGRGhetcbEaF69xiRqpcckal6px6RqXqXHZGpercfkaV6hxxRpXqnHlGlepcdUaV6tx9RrXqHHNGteqce0a16lx3RrXq3H9GjeoccMaN6px4xo3qXHTGjercfMat6hxyxq3qnHrGrepcdsat6tx+xp3qHHHGneqcecad6lx1xp3q3H3Gveocc8a96px7xr3qXHfGvercf8aD6jxwBoPqvHgGg+p8dAaD6vx8BqPqPHIGo+q8egaj6nx2BqPq/H4Gk+o8cQarfGkGk+u8ZQaT63xtBpPr/GMGs+s8awaz67xnBrPrfG8Gs+v8YIaL6zxohovrvGSGi+t8bIaL6/xihqvrPGqGq+u8Zoar63xuhqvr/GGGm+s8aYab67xlhpvrfG2Gm+v8Y4a76zxrhrvrvGeGu+t8b4a76/xgRofrPGhGh+u8ZEaH63xsRofr/GJGkfUOKgxqDGsMaoxrjGpMa0xqzGvsaixrLGqsa6xqbGtsauxr/HJGp+q8ekan6nx2Rqfq/H5Gl+o8cUaX6rx5RpfqfHVGl+r8fUa36jxzRrfqvHtGt+p8d0a36vx/Ro/qPHDGj+q8eMaP6lxZI2f1vhZjZ/X+EWNX9b4VY1f1/hNjd/W+F2N39f4Q40/1vhTjT/X+EuNv9b4W42/1/hHjX/W+FeNo2r8u8Z/avy3xtE1/lfjmBrH1jikwaENjtPguA2O1+CwBsdvcIIGJ2xweIMTNThxg5M0OGmDkzU4eYNTNDhlg1M1OHWD0zQ4bYPTNTh9gzM0OGODMzU4c4OzNDhrg7M1OHuDczQ4Z4NzNTh3g/M0OG+D8zU4f4MLNLhggws1uHCDizS4aIOLNbh4g0s0SINLNrhUg0s3uEyDyza4XIPLN7hCgys2uFKDKze4SoOrNrhag6s3uEaDaza4VoNrN7hOg+s2uF6D6ze4QYMbNrhRgxs3uEmDmza4WYObN7hFg1s2uFWDWze4TYPbNrhdg9s3uEODOza4U4M7N7hLg7s2uFuDuze4R4N7NrhXg3s3uE+D+za4X4P7N3hAgwc2eFCDBzd4SIOHNnhYg4c3eESDRzZ4VINHN3hMg8c2eFyDxzd4QoMnNmiDJzV4coOnNHhqg6c1eHqDZzR4ZoNnNXh2g+c0eG6D5zV4foMXNHhhgxc1eHGDlzR4aYOXNXh5g1c0eGWDVzV4dYPXNHhtg9c1eH2DNzR4Y4M3NXhzg7c0eGuDtzV4e4N3NHhng3c1eHeD9zR4b4P3NXh/gw80+GCDDzX4cIOPNPhog481+HiDTzQ4osFBg0GDYYNRg3GDSYNpg1mDeYNFg2WDVYN1g02DbYNdg32DTzb4VINPN/hMg882+FyDzzf4QoMvNvhSgy83+EqDrzb4WoOvN/hGg282+FaDbzf4ToPvNvheg+83+EGDHzb4UYMfN/hJgyMb/LTBzxr8vMEvGvyywa8a/LrBbxr8tsHvGvy+wR8a/LHBnxr8ucFfGvy1wd8a/L3BPxr8s8G/GhzV4N8N/tPgvw2ObvC/Bsc0OLbBIS0ObXGcFsdtcbwWh7U4fosTtDhhi8NbnKjFiVucpMVJW5ysxclbnKLFKVucqsWpW5ymxWlbnK7F6VucocUZW5ypxZlbnKXFWVucrcXZW5yjxTlbnKvFuVucp8V5W5yvxflbXKDFBVtcqMWFW1ykxUVbXKzFxVtcokVaXLLFpUYPdekWl2lx2RaXa3H5FldoccUWV2px5RZXaXHVFldrcfUW12hxzRbXanHtFtdpcd0W12tx/RY3aHHDFjdqceMWN2lx0xY3a3HzFrdoccsWt2px6xa3aXHbFrdrcfsWd2hxxxZ3anHnFndpcdcWd2tx9xb3aHHPFvdqce8W92lx3xb3a3H/Fg9o8cAWD2rx4BYPafHQFg9r8fAWj2jxyBaPavHoFo9p8dgWj2vx+BZPaPHEFm3xpBZPbvGUFk9t8bQWT2/xjBbPbPGsFs9u8ZwWz23xvBbPb/GCFi9s8aIWL27xkhYvbfGyFi9v8YoWr2zxqhavbvGaFq9t8boWr2/xhhZvbPGmFm9u8ZYWb23xthZvb/GOFu9s8a4W727xnhbvbfG+Fu9v8YEWH2zxoRYfbvGRFh9t8bEWH2/xiRZHtDhoMWgxbDFqMW4xaTFtMWsxb7FosWyxarFusWmxbbFrsW/xyRafavHpFp9p8dkWn2vx+RZfaPHFFl9q8eUWX2nx1RZfa/H1Ft9o8c0W32rx7RbfafHdFt9r8f0WP2jxwxY/avHjFj9pcWSLn7b4WYuft/hFi1+2+FWLX7f4TYvftvhdi9+3+EOLP7b4U4s/t/hLi7+2+FuLv7f4R4t/tvhXi6Na/LvFf1r8t8XRLf7X4pgWx7Y4pMOhHY7T4bgdjtfhsA7H73CCDifscHiHE3U4cYeTdDhph5N1OHmHU3Q4ZYdTdTh1h9N0OG2H03U4fYczdDhjhzN1OHOHs3Q4a4ezdTh7h3N0OGeHc3U4d4fzdDhvh/N1OH+HC3S4YIcLdbhwh4t0uGiHi3W4eIdLdEiHS3a4VIdLd7hMh8t2uFyHy3e4QocrdrhShyt3uEqHq3a4Woerd7hGh2t2uFaHa3e4Tofrdrheh+t3uEGHG3a4UYcbd7hJh5t2uFmHm3e4RYdbdrhVh1t3uE2H23a4XYfbd7hDhzt2uFOHO3e4S4e7drhbh7t3uEeHe3a4V4d7d7hPh/t2uF+H+3d4QIcHdnhQhwd3eEiHh3Z4WIeHd3hEh0d2eFSHR3d4TIfHdnhch8d3eEKHJ3Zohyd1eHKHp3R4aoendXh6h2d0eGaHZ3V4dofndHhuh+d1eH6HF3R4YYcXdXhxh5d0eGmHl3V4eYdXdHhlh1d1eHWH13R4bYfXdXh9hzd0eGOHN3V4c4e3dHhrh7d1eHuHd3R4Z4d3dXh3h/d0eG+H93V4f4cPdPhghw91+HCHj3T4aIePdfh4h090OKLDQYdBh2GHUYdxh0mHaYdZh3mHRYdlh1WHdYdNh22HXYd9h092+FSHT3f4TIfPdvhch893+EKHL3b4Uocvd/hKh692+FqHr3f4RodvdvhWh293+E6H73b4Xofvd/hBhx92+FGHH3f4SYcjO/y0w886/LzDLzr8ssOvOvy6w286/LbD7zr8vsMfOvyxw586/LnDXzr8tcPfOvy9wz86/LPDvzoc1eHfHf7T4b8dju7wvw7HdDi2wyE9Du1xnB7H7XG8Hof1OH6PE/Q4YY/De5yox4l7nKTHSXucrMfJe5yixyl7nKrHqXucpsdpe5yux+l7nKHHGXucqceZe5ylx1l7nK3H2Xuco8c5e5yrx7l7nKfHeXucr8f5e1ygxwV7XKjHhXtcpMdFe1ysx8V7XKJHelyyx6V6XLrHZXpctsflely+xxV6XLHHlXpcucdVely1x9V6XL3HNXpcs8e1ely7x3V6XLfH9Xpcv8cNetywx4163LjHTXrctMfNety8xy163LLHrXrcusdtety2x+163L7HHXrcscedety5x1163LXH3Xrcvcc9etyzx7163LvHfXrct8f9ety/xwN6PLDHg3o8uMdDejy0x8N6PLzHI3o8ssejejy6x2N6PLbH43o8vscTejyxR3s8qceTezylx1N7PK3H03s8o8czezyrx7N7PKfHc3s8r8fze7ygxwt7vKjHi3u8pMdLe7ysx8t7vKLHK3u8qsere7ymx2t7vK7H63u8occbe7ypx5t7vKXHW3u8rcfbe7yjxzt7vKvHu3u8p8d7e7yvx/t7fKDHB3t8qMeHe3ykx0d7fKzHx3t8oscRPQ56/J8AAAD//8P52+I=")
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
lseek(r0, 0x10001, 0x0)

515.584353ms ago: executing program 1 (id=4014):
syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000000), 0x0, &(0x7f00000005c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r0}})

506.410603ms ago: executing program 0 (id=4015):
add_key$keyring(&(0x7f00000101c0), 0x0, 0x0, 0x0, 0xfffffffffffffffd)
r0 = request_key(&(0x7f0000000340)='id_legacy\x00', &(0x7f0000000380)={'syz', 0x0}, &(0x7f00000003c0)='/dev/vsock\x00', 0xfffffffffffffffe)
request_key(&(0x7f00000008c0)='id_legacy\x00', &(0x7f0000000900)={'syz', 0x0}, 0x0, r0)

474.142166ms ago: executing program 4 (id=4016):
r0 = openat$sysfs(0xffffff9c, &(0x7f0000000080)='/sys/power/pm_test', 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x2)
syz_clone3(&(0x7f00000000c0)={0x385000080, 0x0, 0x0, 0x0, {0x33}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0x58)

295.11347ms ago: executing program 0 (id=4017):
syz_mount_image$exfat(&(0x7f00000009c0), &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000001140)={[{@utf8}, {@umask={'umask', 0x3d, 0x7ffd}}, {@uid={'uid', 0x3d, 0xee01}}, {@iocharset={'iocharset', 0x3d, 'euc-jp'}}, {@errors_remount}, {@utf8}, {@iocharset={'iocharset', 0x3d, 'maccroatian'}}, {@dmask={'dmask', 0x3d, 0x3}}, {@time_offset={'time_offset', 0x3d, 0x6}}, {@errors_remount}, {@umask={'umask', 0x3d, 0x6}}, {@errors_remount}]}, 0x1, 0x152b, &(0x7f0000002f80)="$eJzs3AmYjtXbAPD7Puc8Y0zS2yTLcM65H95kOSZJsiTJkiRJkmRLSJrkLwmJIVvSkIRkGZJlCMkyMWns+74kJEmTJCHZkvNdir/66r8vvuub+3ddzzXnfs9zn+c87/0+8yyzfNN5SI1GNas2ICL4l+AvX5IBIBYABgDANQAQAEDZ+LLxF/pzSkz+1zbC/r0eSrvSM2BXEtc/e+P6Z29c/+yN65+9cf2zN65/9sb1z964/oxlZ5umFbiWl+y78PP/7IzP//+PZJUa88WaUtd3AYj5e1O4/tkb1///reDvWYnrn71x/bOr2Cs9AfZ/AB//2UGOv9jD9c/euP6MZWdX+vnzf36Rf7UfItnhPfgr+88YY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjP0XnPaXKQC41L7S82KMMcYYY4wxxti/j89xpWfAGGOMMcYYY4yx/zwEARIUBBADOSAWckIcCAC4GnLDNRCBayEeroM8cD3khXyQHwpAAhSEQqDBgAWCEApDEYjCDVAUboRiUBxKQElwUAoS4SYoDTdDGbgFysKtUA5ug/JQASpCJbgdKsMdUAXuhKpwF1SD6lADasLdUAvugdpwL9SB+6Au3A/14AGoDw9CA3gIGsLD0AgegcbwKDSBptAMmkOLfyr/BegOL0IP6AnJ0At6w0vQB/pCP+gPA+BlGAivwCB4FVJgMAyB12AovA7D4A0YDiNgJLwJo+AtGA1jYCyMg1QYDxPgbZgI78AkmAxTYCqkwTSYDu/CDJgJs+A9mA3vwxyYC/NgPqTDB7AAFkIGfAiL4CPIhMWwBJbCMlgOK2AlrILVsAbWwjpYDxtgI2yCzbAFtsI22A474GPYCZ/ALtgNe/5cv38k/9Sv8j+FvdAFAQEFClSoMAZjMBZjMQ7jMBfmwtyYGyMYwXiMxzyYB/NiXsyP+TEBE7AQFkKDBgkJC2NhjGIUi2JRLIbFsASWQIcOEzERS+PNWAbLYFksi+WwHJbHClgBK2ElrIyVsQpWwapYFathNayBNfBuvBt7YW2sjXWwDtbFupceT2EDbIANsSE2wkbYGBtjE2yCzbAZtsAW2BJbYitshW2wDbbFttgO22ESJmF7bI8dsAN2xI7YCTthZ+yMXbArds16IQfgi/gi9sRqohf2xt7YB1Ny9MP+2B9fxoH4Cr6Cr2IKDsYh+Bq+hq/jMDyJw3EEjsSRWFm8haNxDJIYh6mYihNwAk7EiTgJJ+NknIppOA2n43ScgTNxJr6Hs/F9fB/n4lycj+mYjgtwIWZgBi7CU5iJi3EJLsVluByX4UpchStxDa7FNbge1+NG3IibcTNuxa24Hbfjx6gA8BPcjbsxBffiXtyH+3A/7scDeACzMAsP4kE8hIfwMB7GI3gEj+IxPI7H8ASewJN4Ck/jaTyLZ/EcPpfwVcOPi69OAXGBEkrEiBgRK2JFnIgTuUQukVvkFhEREfEiXuQReURekVfkF/lFgkgQhUQhYYQRJMIYABBRERVFRVFRTBQTJUQJ4YQTiSJRlBalRRlRRpQVt4py4jZRXlQQrV0lUUlUFm1cFXGnqCqqimqiuqghaoqaopaoJWqL2qKOqCPqirqinnhA1Be9sB8+JC5UppEYjI3FEGwimgp58QhoKYZhK9FatBFPiBE4HNuJli5JPC3ai9HYQfxJjMFnRScxDjuL50UX0VV0Ey+I7qKV6yF6iknYS/QWU7GP6Cv6if5iBlYX7+HsnDXEqyJFDBZDxGtiPr4uhok3xHAxQowUb4pR4i0xWowRY8U4kSrGiwnibTFRvCMmicliipgq0sQ0MV28K2aImWKWeE/MFu+LOWKumCfmi3TxgVggFooM8aFYJD4SmWKxWCKWimViuVghVopVYrVYI9aKdWK92CA2ik1is9gitoptYrvYIT4WO8UnYpfYLfaIT8Ve8ZnYJz4X+8UX4oD4UmSJr8RB8bU4JL4Rh8W34oj4ThwVx8Rx8b04IX4QJ8UpcVqcEWfFj+Kc+EmcF16ARCmklEoGMkbmkLEyp4yTV8lcMrj47l4r4+V1Mo+8XuaV+WR+WUAmyIKykNTSSCtJhrKwLCKj8gZZVN4oi8nisoQsKZ0sJRPlTbK0vFmWkbfIsvJWWU7eJsvLCrKirCRvl5XlHRIiv2yjmqwua8ia8m6ZDPfI2vJeWUfeJ+vK+2U9+YCsLx+UDeRDsqF8WDaSj8jG8lHZRDaVzWRz2UI+JlvKx2Ur2Vq2kU/ItvJJ2U4+JZPk07K99Bc/Is/KTvI52Vk+L7vIrrKb/Emel172kD0l9ALZW74k+8i+sp/sLwfIl+VA+YocJF+VKXKwHCJfk0Pl63KYfEMOlyPkSPmmHCXfkqPlGDlWjpOpcrycIN+WE+U7cpKcLKfIqTJNTpP9Lo40S8q/mf/2r/MvnHrlNDno561vlJvkZrlFbpXb5Ha5Q34sd8qdcpfcJffIPXKv3Cv3yX1yv9wvD8gDMktmyYPyoDwkD8nD8rA8Io/Io/KYPCO/lyfkD/KkPCVPyTPyrDwrz118D0ChEkoqpQIVo3KoWJVTxamrVC51tcqtrlERda2KV9epPOp6lVflU/lVAZWgCqpCSiujrCIVqsKqiIqqG/DiB0aVUCWVU6VUorrpH8lXRdWNqpgq/pv8S/NL/gvza6FaqJaqpWqlWqk2qo1qq9qqdqqdSlJJqr1qrzqoDqqj6qg6qU6qs+qsuqguqpvqprqr7qqH6qGSVbLqrV5SfVRf1U/1VwPUy2qgGqgGqUEqRaWoIWqIGqqGqmFqmBquhquRaqQapUap0Wq0GqvGqlSVqiaoCWqimqgmqUlqipqi0lSamq6mqxlqhpqlZqnZaraao+aoeWqeSlfpaoFaoDJUhlqkFqlMtVgtVkvVUrVcLVcr1Uq1Wq1Wa9VatV6tV5lqk9qktqgtapvapnaoHWqn2ql2qV1qj9qj9qq9ap/ap/ar/eqAOqCyVJY6qA6qQ+qQOqwOqyPqiDqqjqrj6rg6oU6ok+qkOq1Oq7PqrDqnzqnz6ryCQIAIRKACFcQEMUFsEBvEBXFBriBXkDvIHUSCSBAfxAd5guuDvEG+IH9QIEgICgaFAh2YwAbiYtGjwQ1B0eDGoFhQPCgRlAxcUCpIDG4KSgc3B2WCW4Kywa1BueC2oHxQIagYVApuDyoHdwRVgjuDqsFdQbWgelAjqBncHdQK7glqB/cGdYL7grrB/UG94IGgfvBg0CB4KGgYPBw0Ch4JGgePBk2CpkGzoHnQ4t86vvcn8z3ueuieOln30r31S7qP7qv76f56gH5ZD9Sv6EH6VZ2iB+sh+jU9VL+uh+k39HA9Qo/Ub+pR+i09Wo/RY/U4narH6wn6bT1Rv6Mn6cl6ip6q0/Q0PV2/q2fomXqWfk/P1u/rOXqunqfn63T9gV6gF+oM/aFepD/SmXqxXqKX6mV6uV6hV+pVerVeo9fqdXq93qA36k16s96it+pterveoT/WO/UnepferffoT/Ve/Znepz/X+/UX+oD+Umfpr/RB/bU+pL/Rh/W3+oj+Th/Vx/Rx/b0+oX/QJ/UpfVqf0Wf1j/qc/kmf1/7Cxf2F07tRRpkYE2NiTayJM3Eml8llcpvcJmIiJt7Emzwmj8lr8pr8Jr9JMAmmkClkLiBDprApbKImaoqaoqaYKWZKmBLGGWcSTaIpbUqbMqaMKWvKmnKmnClvypuKpqK53dxu7jB3mDvNneYuc5epbqqbmqamqWVqmdqmtqlj6pi6pq6pZ+qZ+qa+aWAamIamoWlkGpnGprFpYpqYZqaZaWFamJampWllWpk2po1pa9qadqadSTJJpr1pbzqYDqaj6Wg6mU6ms+lsupguppvpZrqb7qaH6WGSTbLpbXqbPqaP6Wf6mQFmgBloBppBZpBJMSlmiBlihpqhZpgZZoabEWbkhQtV85YZbcaYsWacSTWpZoKZYCaaiWaSmWSmmCkmzaSZ6Wa6mWFmmFlmlpltZps5Zo6ZZ+aZdJNuFpgFJsNkmEVmkck0mWaJWWKWmWVmhVlhVplVZo1ZY9bBOrPBbDCbzCazxWwx28w2s8PsMDvNTrPL7DJ7zB6z1+w1+8w+s9/sNwfMAZNlssxBc9AcMofMYXPYHDFHzFFz1Bw3x80Jc8KcNCfNaXPanDX5Lp4vvYm1OW2cvcrmslfb3PYa+7/j/LaATbAFbSGrbV6b7zexsdYWs8VtCVvSOlvKJtqbfheXtxVsRVvJ3m4r2ztsld/Ftew9tra919ax99ma9u7fxHXt/baefcTWRwSwTW1D29w2so/YxvZR28Q2tc1sc9vWPmnb2adskn3atrfP/C5eYBfaVXa1XWPX2l12tz1tz9hD9ht71v5oe9iedoB92Q60r9hB9lWbYgf/Lh5p37Sj7Ft2tB1jx9pxv4un2Kk2zU6z0+27doad+bs43X5gZ9sMO8fOtfPs/J/jC3PKsB/aRfYjm2kDWGKX2mV2uV1hV/55rkvtervBbrQ77Sd2i91qt9ntdselC2G72+6xn9q99jN70H5t99sv7AF72GbZr36OL+zfYfutPWK/s0ftMXvcfm9P2B/UpewL+/69/cmet94CIQFJUhRQDOWgWMpJcXQV5aKrKTddQxG6luLpOspD11Neykf5qQAlUEEqRJoMWSIKqTAVoSjdQJemV4JKkqNSlEg3UWm6mcrQLVSWbqVydBuVpwpUkSrR7VSZ7qAqdCdVpbuoGlWnGlST7qZadA/VpnupDt1Hdel+qkcPUH16kBrQQ9SQHqZG9Ag1pkepCTWlZtScWtBj1JIep1bUmtrQE9SWnqR29BQl0dPUnp6hDvQn6kjPUid6jjrT89SFulI3eoG604vUg3pSMvWi3vQS9aG+1I/60wB6mQbSKzSIXqUUGkxD6DUaSq/TMHqDhtMIGklv0ih6i0bTGBpL4yiVxtMEepsm0js0iSbTFJpKaTSNptO7NINm0ix6j2bT+zSH5tI8mk/p9AEtoIWUQR/SIvqIMmkxLaGltIyW0wpaSatoNa2htbSO1tMG2kibaDNtoa20jbbTDvqYdtIntIt20x76lPbSZ7SPPqf99AUdoC8pi76ig/Q1HaJv6DB963vSd3SUjtFx+p5O0A90kk7RaTpDZ+lHOkc/0XnyBCGGIpShCoMwJswRxoY5w7jwqjBXeHWYO7wmjITXhvHhdWGe8Powb5gvzB8WCBPCgmGhUIcmtCGFYVg4LBJGwxvCouGNYbGweFgiLBm6sFSYGN4Ulg5vDsuEt4Rlw1vDcuFtYfmwQvjIfZXC28PK4R1hlfDOsGp4V1gtrB7WCGuGd4e1wnvC2uG9YZ3wvrBMeH9YL3wgrB8+GDYIHwobhg+HjcJHwsbho2GTsGnYLGwetggfC1uGj4etwtZhm/CJsG34ZNgufCpMCp8O24fP/Nx//8K/3J8c9gp7hy+FL4Xe3yvnRedH06MfRBdEF0Yzoh9GF0U/imZGF0eXRJdGl0WXR1dEV0ZXRVdH10TXRtdF10c3RDdGva+ZAxw64aRTLnAxLoeLdTldnLvK5XJXu9zuGhdx17p4d53L4653eV0+l98VcAmuoCvktDPOOnKhK+yKuKi7wRV1N7pirrgr4Uo650q5RNfctXAtXEv3uGvlWrs27gn3hHvSPemeck+5p11794zr4P7kOrpnXSf3nHvOPe+6uK6um3vBdXfjc/9yTCa73q636+P6uH6unxvgBriBbqAb5Aa5FJfihrghbqgb6oa5YW64G+5GupFulBvlRrvRbqwb61JdqpvgJriJbqKb5Ca5KW6KS3Npbrqb7ma4Ga7yzF+2MsfNcfPcPJfu0t0Cd+GaMcMtcotcpst0S9wSt8wtcyvcCrfKrXJr3Bq3zq1zG9wGt8ltclvcFrfNbXM73A630+10u/w1vwzq9rp9bp/b7/a7A+5Ll+W+cgfd1+6Q+8Yddt+6I+47d9Qdc8fd9+6E+8GddKfcaXfGnXU/unPuJ3feeZcaGR+ZEHk7MjHyTmRSZHJkSmRqJC0yLTI98m5kRmRmZFbkvcjsyPuROZG5kXmR+ZH0yAeRBZGFkYzIh5FFkY8imZHFkSWRpZFlkeUR7wtuCX1hX8RH/Q2+qL/RF/PFfQlf0jtfyif6m3xpf7Mv42/xZf2tvpy/zZf3FXxF/6hv4pv6Zr65b+Ef8y39476Vb+3b+Cd8W/+kb+ef8kn+ad/eP+M7+D/5jv5Z38k/5zv7530X39V38y/47v5F38P39Mm+l+/tX/J9fF/fz/f3A/zLfqB/xQ/yr/oUP9gP8a/5of51P8y/4Yf7EX5kzJt+1KVbZBjnU/14P8G/7Sf6d/wkP9lP8VN9mp/mp/t3/Qw/08/y7/nZ/n0/x8/18/x8n+4/8Av8Qp/hP/SL/Ec+0y++9FDSr/Ar/Sq/2q/xa/06v95v8Bv9Jr/Zb/Fb/Ta/3e/wH/ud/hO/y+/2e/ynfq//zO/zn/v9/gt/wH/ps/xX/qD/2h/y3/jD/lt/xH/nj/pj/rj/3p/wP/iT/pQ/7c/4s/5Hf87/5M/z36wxxhhjjP1dxl9uit/2/PI4v9cf5IhfrdwbAK7eWiDr1/0XrijX5f2l3VcktI0AwNM9Oz90aalWLTk5+eK6mRKCInMBLv0k6IIYuBwvhjbwJCRBayj9h/PvK7qepb8xfvRWgLhf5cTC5fjy+J8DYPIfjP/YEyMXlAtPx/+V8ecCFCtyOScnXI4XQ5ufn6+0hjJ/Yf75Wv6N+ef8IhWg1a9ycsHl+PL8E+FxeAaSfrMmY4wxxhhjjDH2i76iYsdL95+XfuPzj+7PE9TlnBxwOf5b9+eMMcYYY4wxxhi78p7t2u2px5KSWnf8xxtV/qmsv7vRGP5TI3PjDxveA1x6RQHAvzggwIWG/G/uxeb/yrZSLh46/7tr2RkfwP+NUv7zjbF/fuUKf2NijDHGGGOM/dtdvvr/7evqSk2IMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLhv4b/1fsSu8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdqX9TwAAAP//HmP+kg==")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0xe8)
getdents(r0, &(0x7f0000000280)=""/237, 0xed)

222.872124ms ago: executing program 0 (id=4018):
unshare(0x600)
r0 = socket(0x11, 0x2, 0x0)
setsockopt(r0, 0x107, 0x7, 0x0, 0x0)

198.348961ms ago: executing program 4 (id=4019):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='dctcp', 0x5)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x32}}, 0x3f}, 0x1c)

150.795472ms ago: executing program 2 (id=4020):
r0 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$USBDEVFS_CONTROL(r1, 0xc0105500, &(0x7f0000000000)={0x80, 0x14, 0x9, 0xf8, 0xfffffffffffffe08, 0x0, 0x0})

69.857774ms ago: executing program 0 (id=4021):
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
unshare(0x24020400)
getsockopt$inet_buf(r0, 0x118, 0x27, 0x0, &(0x7f0000000000))

16.98632ms ago: executing program 2 (id=4022):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001080)={&(0x7f0000000540)=ANY=[@ANYBLOB="4800000010000305000000000000000000cf0000", @ANYRES32=0x0, @ANYBLOB="03000000000000002000128008000100677265001400028008000600ac14142e08000700e000030a08000a00", @ANYRES32], 0x48}, 0x1, 0x0, 0x0, 0x24040000}, 0x2000800)
sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0)

0s ago: executing program 3 (id=4023):
r0 = socket$kcm(0x11, 0x2, 0x300)
ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x8907, 0x0)
recvmsg$kcm(r0, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0)

kernel console output (not intermixed with test programs):

_merged_bio+0x256/0x700
[  333.054234][ T1323]  __submit_merged_write_cond+0x3c9/0x4e0
[  333.054262][ T1323]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  333.054306][ T1323]  f2fs_write_data_pages+0x2975/0x35e0
[  333.054368][ T1323]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  333.054402][ T1323]  ? __lock_acquire+0x6b5/0x2cf0
[  333.054462][ T1323]  ? do_raw_spin_lock+0x12b/0x2f0
[  333.054499][ T1323]  ? trace_hrtimer_start+0x82/0x230
[  333.054542][ T1323]  ? finish_task_switch+0x41f/0xbe0
[  333.054567][ T1323]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  333.054591][ T1323]  do_writepages+0x32e/0x550
[  333.054617][ T1323]  ? reacquire_held_locks+0x104/0x190
[  333.054633][ T1323]  ? writeback_sb_inodes+0x477/0x1a20
[  333.054659][ T1323]  __writeback_single_inode+0x133/0x11a0
[  333.054678][ T1323]  ? do_raw_spin_unlock+0xf5/0x210
[  333.054701][ T1323]  writeback_sb_inodes+0x992/0x1a20
[  333.054750][ T1323]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  333.054766][ T1323]  ? do_raw_spin_lock+0x12b/0x2f0
[  333.054829][ T1323]  ? rcu_is_watching+0x15/0xb0
[  333.054874][ T1323]  wb_writeback+0x456/0xb70
[  333.054896][ T1323]  ? queue_io+0x1f1/0x4a0
[  333.054924][ T1323]  ? __pfx_wb_writeback+0x10/0x10
[  333.054939][ T1323]  ? do_raw_spin_lock+0x12b/0x2f0
[  333.054977][ T1323]  wb_workfn+0x414/0xf50
[  333.055003][ T1323]  ? look_up_lock_class+0x57/0x110
[  333.055036][ T1323]  ? __pfx_wb_workfn+0x10/0x10
[  333.055063][ T1323]  ? do_raw_spin_lock+0x12b/0x2f0
[  333.055087][ T1323]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  333.055131][ T1323]  ? process_one_work+0x87c/0x1650
[  333.055154][ T1323]  process_one_work+0x949/0x1650
[  333.055203][ T1323]  ? __pfx_process_one_work+0x10/0x10
[  333.055224][ T1323]  ? do_raw_spin_lock+0x12b/0x2f0
[  333.055263][ T1323]  worker_thread+0xb46/0x1140
[  333.055297][ T1323]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  333.055339][ T1323]  kthread+0x388/0x470
[  333.055359][ T1323]  ? __pfx_worker_thread+0x10/0x10
[  333.055380][ T1323]  ? __pfx_kthread+0x10/0x10
[  333.055401][ T1323]  ret_from_fork+0x51e/0xb90
[  333.055429][ T1323]  ? __pfx_ret_from_fork+0x10/0x10
[  333.055451][ T1323]  ? __switch_to+0xc7d/0x1450
[  333.055475][ T1323]  ? __pfx_kthread+0x10/0x10
[  333.055493][ T1323]  ret_from_fork_asm+0x1a/0x30
[  333.055525][ T1323]  </TASK>
[  333.058491][ T1323] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  334.460627][T13823] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3028'.
[  334.645294][T13829] loop4: detected capacity change from 0 to 512
[  334.739352][T13829] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  334.823970][T13829] EXT4-fs error (device loop4): ext4_xattr_block_find:1879: inode #15: comm syz.4.3031: corrupted xattr block 33: invalid ea_ino
[  334.838124][T13829] EXT4-fs (loop4): Remounting filesystem read-only
[  334.988200][ T6982] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  335.005612][   T58] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  335.037661][   T58] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  335.073930][   T58] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  335.098235][T13846] netlink: 'syz.0.3035': attribute type 4 has an invalid length.
[  335.124228][T13846] netlink: 224 bytes leftover after parsing attributes in process `syz.0.3035'.
[  335.369256][T13811] loop3: detected capacity change from 0 to 40427
[  335.408723][T13811] F2FS-fs (loop3): Image doesn't support compression
[  335.435236][T13811] F2FS-fs (loop3): build fault injection rate: 684
[  335.440703][T13825] loop1: detected capacity change from 0 to 32768
[  335.466918][T13811] F2FS-fs (loop3): build fault injection type: 0x35f7
[  335.513655][T13811] F2FS-fs (loop3): invalid crc value
[  335.607386][T13825] read_mapping_page failed!
[  335.629786][T13825] ERROR: (device loop1): txCommit: 
[  335.629786][T13825] 
[  335.792276][T13811] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  335.825750][T13811] F2FS-fs (loop3): Start checkpoint disabled!
[  335.848881][T13811] F2FS-fs (loop3): f2fs_disable_checkpoint() finish, err:0
[  335.881936][T13811] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  335.952404][   T30] kauditd_printk_skb: 15 callbacks suppressed
[  335.952422][   T30] audit: type=1800 audit(335.919:2903): pid=13811 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.3024" name="file1" dev="loop3" ino=10 res=0 errno=0
[  336.042449][   T58] kworker/u8:4: attempt to access beyond end of device
[  336.042449][   T58] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  336.067301][   T58] CPU: 1 UID: 0 PID: 58 Comm: kworker/u8:4 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  336.067337][   T58] Tainted: [L]=SOFTLOCKUP
[  336.067344][   T58] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  336.067356][   T58] Workqueue: writeback wb_workfn (flush-7:3)
[  336.067389][   T58] Call Trace:
[  336.067396][   T58]  <TASK>
[  336.067404][   T58]  dump_stack_lvl+0xe8/0x150
[  336.067431][   T58]  f2fs_handle_critical_error+0x37c/0x540
[  336.067461][   T58]  f2fs_write_end_io+0xcdb/0xff0
[  336.067521][   T58]  __submit_merged_bio+0x256/0x700
[  336.067549][   T58]  __submit_merged_write_cond+0x3c9/0x4e0
[  336.067580][   T58]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  336.067625][   T58]  f2fs_write_data_pages+0x2975/0x35e0
[  336.067649][   T58]  ? unwind_next_frame+0xa5/0x23c0
[  336.067704][   T58]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  336.067741][   T58]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  336.067800][   T58]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  336.067847][   T58]  ? __lock_acquire+0x6b5/0x2cf0
[  336.067890][   T58]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  336.067915][   T58]  do_writepages+0x32e/0x550
[  336.067942][   T58]  ? reacquire_held_locks+0x104/0x190
[  336.067959][   T58]  ? writeback_sb_inodes+0x477/0x1a20
[  336.067991][   T58]  __writeback_single_inode+0x133/0x11a0
[  336.068009][   T58]  ? do_raw_spin_unlock+0xf5/0x210
[  336.068033][   T58]  writeback_sb_inodes+0x992/0x1a20
[  336.068070][   T58]  ? __lock_acquire+0x6b5/0x2cf0
[  336.068095][   T58]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  336.068110][   T58]  ? do_raw_spin_lock+0x12b/0x2f0
[  336.068165][   T58]  ? rcu_is_watching+0x15/0xb0
[  336.068199][   T58]  wb_writeback+0x456/0xb70
[  336.068220][   T58]  ? queue_io+0x1f1/0x4a0
[  336.068246][   T58]  ? __pfx_wb_writeback+0x10/0x10
[  336.068261][   T58]  ? do_raw_spin_lock+0x12b/0x2f0
[  336.068300][   T58]  wb_workfn+0x414/0xf50
[  336.068326][   T58]  ? look_up_lock_class+0x57/0x110
[  336.068360][   T58]  ? __pfx_wb_workfn+0x10/0x10
[  336.068388][   T58]  ? do_raw_spin_lock+0x12b/0x2f0
[  336.068411][   T58]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  336.068456][   T58]  ? process_one_work+0x87c/0x1650
[  336.068479][   T58]  process_one_work+0x949/0x1650
[  336.068527][   T58]  ? __pfx_process_one_work+0x10/0x10
[  336.068548][   T58]  ? do_raw_spin_lock+0x12b/0x2f0
[  336.068587][   T58]  worker_thread+0xb46/0x1140
[  336.068639][   T58]  kthread+0x388/0x470
[  336.068659][   T58]  ? __pfx_worker_thread+0x10/0x10
[  336.068681][   T58]  ? __pfx_kthread+0x10/0x10
[  336.068703][   T58]  ret_from_fork+0x51e/0xb90
[  336.068729][   T58]  ? __pfx_ret_from_fork+0x10/0x10
[  336.068751][   T58]  ? __switch_to+0xc7d/0x1450
[  336.068777][   T58]  ? __pfx_kthread+0x10/0x10
[  336.068797][   T58]  ret_from_fork_asm+0x1a/0x30
[  336.068833][   T58]  </TASK>
[  336.354301][   T58] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  336.378488][T13855] loop2: detected capacity change from 0 to 32768
[  336.425299][T13855] ocfs2: Slot 0 on device (7,2) was already allocated to this node!
[  336.444982][T13855] JBD2: Ignoring recovery information on journal
[  336.500694][T13880] loop4: detected capacity change from 0 to 4096
[  336.508078][T13880] ntfs3: Unknown parameter 'noprealloc'
[  336.537400][T13880] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3050'.
[  336.709464][T13889] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3054'.
[  336.728100][T13855] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  336.762062][T13889] netlink: 'syz.0.3054': attribute type 2 has an invalid length.
[  336.788082][T13889] netlink: 'syz.0.3054': attribute type 1 has an invalid length.
[  336.812410][T13889] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3054'.
[  337.098758][T13893] loop1: detected capacity change from 0 to 4096
[  337.124689][T13893] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512).
[  337.265144][ T5825] ocfs2: Unmounting device (7,2) on (node local)
[  337.276213][   T30] audit: type=1800 audit(337.239:2904): pid=13893 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3057" name="file1" dev="loop1" ino=30 res=0 errno=0
[  338.144255][T13938] binder: 13935:13938 ioctl 40046205 0 returned -22
[  338.158801][T13938] binder: 13935:13938 ioctl c0306201 200000000300 returned -11
[  339.372368][T13992] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3103'.
[  339.396740][T13992] netlink: 7 bytes leftover after parsing attributes in process `syz.4.3103'.
[  339.410629][    T9] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  339.585247][T13979] loop3: detected capacity change from 0 to 40427
[  339.597349][    T9] usb 3-1: Using ep0 maxpacket: 32
[  339.611059][    T9] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  339.636938][T13979] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  339.652441][    T9] usb 3-1: New USB device found, idVendor=0eef, idProduct=72c4, bcdDevice= 0.00
[  339.668419][T13979] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  339.688867][T13979] F2FS-fs (loop3): invalid crc value
[  339.691434][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  339.728276][    T9] usb 3-1: config 0 descriptor??
[  339.757845][    T9] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  339.939997][T13979] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  339.975721][T13979] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  339.987711][   T24] usb 3-1: USB disconnect, device number 12
[  339.995221][T13979] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  340.440701][   T24] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  340.629719][   T24] usb 3-1: Using ep0 maxpacket: 8
[  340.642087][   T24] usb 3-1: New USB device found, idVendor=16ca, idProduct=1502, bcdDevice=a5.79
[  340.660189][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  340.675185][   T24] usb 3-1: config 0 descriptor??
[  340.691741][   T24] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  340.839985][   T10] usb 4-1: new full-speed USB device number 13 using dummy_hcd
[  340.900727][   T24] usb 3-1: USB disconnect, device number 13
[  341.011559][   T10] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  341.042237][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  341.070362][   T10] usb 4-1: config 0 descriptor??
[  341.085869][   T10] cp210x 4-1:0.0: cp210x converter detected
[  341.132969][T14036] netlink: 'syz.4.3122': attribute type 3 has an invalid length.
[  341.367931][T14045] loop4: detected capacity change from 0 to 1024
[  341.382124][T14045] EXT4-fs: Ignoring removed nomblk_io_submit option
[  341.405012][T14045] EXT4-fs (loop4): orphan cleanup on readonly fs
[  341.412715][T14045] EXT4-fs error (device loop4): ext4_quota_enable:7188: comm syz.4.3126: Bad quota inum: 20, type: 1
[  341.424168][T14045] loop4: lost filesystem error report for type 5 error -117
[  341.424659][T14045] EXT4-fs warning (device loop4): ext4_enable_quotas:7236: Failed to enable quota tracking (type=1, err=-117, ino=20). Please run e2fsck to fix.
[  341.432037][    C0] EXT4-fs (loop4): error count since last fsck: 1
[  341.432063][    C0] EXT4-fs (loop4): initial error at time 341: ext4_quota_enable:7188
[  341.432087][    C0] EXT4-fs (loop4): last error at time 341: ext4_quota_enable:7188
[  341.474115][T14045] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  341.482960][T14045] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  341.515567][   T10] usb 4-1: cp210x converter now attached to ttyUSB0
[  341.623157][ T6982] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  341.717099][   T24] usb 4-1: USB disconnect, device number 13
[  341.775630][   T24] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  341.835668][   T24] cp210x 4-1:0.0: device disconnected
[  341.863150][T14054] netlink: 'syz.4.3130': attribute type 2 has an invalid length.
[  342.219512][T14064] loop1: detected capacity change from 0 to 512
[  342.336253][T14064] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  342.462023][T14064] EXT4-fs error (device loop1): ext4_map_blocks:776: inode #2: block 3: comm syz.1.3134: lblock 8 mapped to illegal pblock 3 (length 26)
[  342.477978][T14052] loop2: detected capacity change from 0 to 32768
[  342.495828][T14075] vlan0: entered promiscuous mode
[  342.510881][T14075] syz_tun: entered promiscuous mode
[  342.705695][ T5820] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  342.730990][   T10] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  342.905130][   T10] usb 4-1: too many configurations: 9, using maximum allowed: 8
[  342.925215][T14087] loop4: detected capacity change from 0 to 128
[  342.950862][   T10] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  342.970964][T14087] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  342.986154][   T10] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  343.011175][   T10] usb 4-1: config 0 interface 0 has no altsetting 0
[  343.024615][T14087] hpfs: filesystem error: improperly stopped
[  343.036841][   T10] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  343.060742][   T10] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  343.074512][T14087] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  343.094701][   T10] usb 4-1: config 0 interface 0 has no altsetting 0
[  343.102648][T14087] hpfs: You really don't want any checks? You are crazy...
[  343.112868][T14087] hpfs: hpfs_map_sector(): read error
[  343.118524][T14087] hpfs: code page support is disabled
[  343.124389][   T10] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  343.134452][T14087] hpfs: hpfs_map_4sectors(): unaligned read
[  343.140552][   T10] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  343.153595][T14087] hpfs: hpfs_map_4sectors(): unaligned read
[  343.161576][   T10] usb 4-1: config 0 interface 0 has no altsetting 0
[  343.168293][T14087] hpfs: filesystem error: unable to find root dir
[  343.192643][   T10] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  343.206367][   T10] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  343.220815][T14095] loop2: detected capacity change from 0 to 256
[  343.229050][   T10] usb 4-1: config 0 interface 0 has no altsetting 0
[  343.246948][   T10] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  343.275731][   T10] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  343.302440][T14095] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3967cd3a, utbl_chksum : 0xe619d30d)
[  343.315297][   T10] usb 4-1: config 0 interface 0 has no altsetting 0
[  343.337200][   T10] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  343.353762][   T10] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  343.369276][   T10] usb 4-1: config 0 interface 0 has no altsetting 0
[  343.382803][T14095] exFAT-fs (loop2): valid_size(150994954) is greater than size(10)
[  343.403436][   T10] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  343.434126][   T10] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  343.477957][   T10] usb 4-1: config 0 interface 0 has no altsetting 0
[  343.509316][   T10] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  343.528436][   T10] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  343.552020][   T10] usb 4-1: config 0 interface 0 has no altsetting 0
[  343.566841][   T10] usb 4-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  343.587081][   T10] usb 4-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  343.605318][   T10] usb 4-1: Product: syz
[  343.614181][   T10] usb 4-1: Manufacturer: syz
[  343.624795][   T10] usb 4-1: SerialNumber: syz
[  343.643732][   T10] usb 4-1: config 0 descriptor??
[  343.680287][   T10] yurex 4-1:0.0: USB YUREX device now attached to Yurex #0
[  343.982881][T14115] macvlan0: entered promiscuous mode
[  343.984503][   T10] usb 4-1: USB disconnect, device number 14
[  344.026490][   T10] yurex 4-1:0.0: USB YUREX #0 now disconnected
[  344.128314][T14117] loop2: detected capacity change from 0 to 4096
[  344.251573][T14117] ntfs3(loop2): ino=b, mi_enum_attr
[  344.261751][T14117] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  344.280966][T14117] ntfs3(loop2): Failed to load $Extend (-22).
[  344.289942][T14117] ntfs3(loop2): Failed to initialize $Extend.
[  344.747383][T14134] xt_hashlimit: size too large, truncated to 1048576
[  344.998535][T14091] loop1: detected capacity change from 0 to 65536
[  345.041817][T14144] loop2: detected capacity change from 0 to 4096
[  345.061799][T14091] XFS (loop1): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  345.089137][T14144] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512).
[  345.166268][T14091] XFS (loop1): Ending clean mount
[  345.513757][T14138] loop4: detected capacity change from 0 to 32768
[  345.519028][ T5820] XFS (loop1): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  345.556875][T14138] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  345.712899][T14138] XFS (loop4): Ending clean mount
[  345.807515][ T6982] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  346.259743][   T10] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  346.458630][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  346.492836][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  346.534601][   T10] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  346.561945][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  346.595617][   T10] usb 5-1: config 0 descriptor??
[  346.656414][T14177] loop3: detected capacity change from 0 to 32768
[  347.049467][   T10] keytouch 0003:0926:3333.000D: fixing up Keytouch IEC report descriptor
[  347.096385][   T10] input: HID 0926:3333 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0926:3333.000D/input/input21
[  347.417064][T14210] loop2: detected capacity change from 0 to 256
[  347.455281][T14210] exfat: Deprecated parameter 'utf8'
[  347.486454][T14210] exfat: Deprecated parameter 'utf8'
[  347.516992][   T10] keytouch 0003:0926:3333.000D: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.4-1/input0
[  347.538785][T14210] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x22bddf5f, utbl_chksum : 0xe619d30d)
[  347.555182][   T10] usb 5-1: USB disconnect, device number 13
[  347.730749][T14213] fido_id[14213]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/5-1/report_descriptor': No such file or directory
[  347.808117][T14198] loop1: detected capacity change from 0 to 40427
[  347.842595][T14198] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  347.876682][T14198] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  347.923812][T14198] F2FS-fs (loop1): invalid crc value
[  348.206520][T14198] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  348.261039][T14198] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  348.295772][T14198] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  348.438684][T14215] loop3: detected capacity change from 0 to 32768
[  348.464220][T14215] BTRFS: device fsid c6b85f58-0c7e-41ca-a553-c8d9f94f6663 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.3195 (14215)
[  348.487296][T14215] BTRFS info (device loop3): first mount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663
[  348.498694][T14215] BTRFS info (device loop3): using blake2b checksum algorithm
[  348.617408][T14215] BTRFS info (device loop3): enabling ssd optimizations
[  348.641335][T14215] BTRFS info (device loop3): turning on async discard
[  348.667014][T14215] BTRFS info (device loop3): enabling free space tree
[  348.955216][T14235] loop2: detected capacity change from 0 to 32768
[  349.163496][T14235] syz.2.3204: attempt to access beyond end of device
[  349.163496][T14235] loop2: rw=2049, sector=2621792, nr_sectors = 8 limit=32768
[  349.215936][ T5833] BTRFS info (device loop3): last unmount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663
[  349.324322][  T111] blkno = 5002c, nblocks = 1
[  349.334161][  T111] ERROR: (device loop2): dbUpdatePMap: blocks are outside the map
[  349.334161][  T111] 
[  349.394086][  T111] ERROR: (device loop2): remounting filesystem as read-only
[  349.452555][T14273] netlink: 144 bytes leftover after parsing attributes in process `syz.1.3214'.
[  350.273843][   T30] audit: type=1326 audit(350.239:2905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14298 comm="syz.1.3225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb95b59c799 code=0x7ffc0000
[  350.326581][   T30] audit: type=1326 audit(350.239:2906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14298 comm="syz.1.3225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb95b59c799 code=0x7ffc0000
[  350.357308][T14301] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3215'.
[  350.385666][   T30] audit: type=1326 audit(350.269:2907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14298 comm="syz.1.3225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7fb95b59c799 code=0x7ffc0000
[  350.443203][   T30] audit: type=1326 audit(350.279:2908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14298 comm="syz.1.3225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb95b59c799 code=0x7ffc0000
[  350.484316][T14307] loop4: detected capacity change from 0 to 1024
[  350.490958][ T5910] usb 4-1: new full-speed USB device number 15 using dummy_hcd
[  350.494859][   T30] audit: type=1326 audit(350.279:2909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14298 comm="syz.1.3225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb95b59c799 code=0x7ffc0000
[  350.533476][   T30] audit: type=1326 audit(350.279:2910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14298 comm="syz.1.3225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=31 compat=0 ip=0x7fb95b59c799 code=0x7ffc0000
[  350.592063][   T30] audit: type=1326 audit(350.279:2911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14298 comm="syz.1.3225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb95b59c799 code=0x7ffc0000
[  350.615868][   T30] audit: type=1326 audit(350.279:2912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14298 comm="syz.1.3225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb95b59c799 code=0x7ffc0000
[  350.653577][T14307] hfsplus: bad catalog entry type
[  350.693443][ T5910] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  350.712988][ T5910] usb 4-1: config 0 has no interface number 0
[  350.724554][ T5910] usb 4-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[  350.734945][ T5910] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  350.743358][   T36] hfsplus: b-tree write err: -5, ino 25
[  350.752068][   T30] audit: type=1326 audit(350.709:2913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14312 comm="syz.1.3231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb95b59c799 code=0x7ffc0000
[  350.755873][ T5910] usb 4-1: config 0 descriptor??
[  350.781967][   T36] hfsplus: b-tree write err: -5, ino 4
[  350.800530][   T36] hfsplus: b-tree write err: -5, ino 2
[  350.841947][ T5910] usb 4-1: selecting invalid altsetting 1
[  350.854442][   T30] audit: type=1326 audit(350.709:2914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14312 comm="syz.1.3231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb95b59c799 code=0x7ffc0000
[  350.887984][T14313] loop1: detected capacity change from 0 to 2048
[  350.899343][ T5910] dvb_ttusb_budget: ttusb_init_controller: error
[  350.929654][ T5910] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[  350.935864][T14313] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  351.122958][ T5910] DVB: Unable to find symbol cx22700_attach()
[  351.171913][T14324] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  351.198936][ T5910] DVB: Unable to find symbol tda10046_attach()
[  351.212428][ T5910] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[  351.243530][ T5910] usb 4-1: USB disconnect, device number 15
[  351.749841][    T9] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  351.820454][T14335] loop4: detected capacity change from 0 to 32768
[  351.827836][T14351] loop3: detected capacity change from 0 to 256
[  351.837799][T14335] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.3242 (14335)
[  351.864456][T14351] exfat: Deprecated parameter 'utf8'
[  351.882416][T14351] exfat: Deprecated parameter 'utf8'
[  351.896761][T14335] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  351.908852][T14335] BTRFS info (device loop4): using crc32c checksum algorithm
[  351.923704][    T9] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  351.946836][T14351] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[  351.969782][    T9] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  351.984541][    T9] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  352.007556][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  352.033659][    T9] usb 2-1: SerialNumber: syz
[  352.070140][T14335] BTRFS info (device loop4): enabling ssd optimizations
[  352.080825][T14335] BTRFS info (device loop4): turning on async discard
[  352.087739][T14335] BTRFS info (device loop4): enabling free space tree
[  352.262934][    T9] usb 2-1: 0:2 : does not exist
[  352.332296][T14377] loop3: detected capacity change from 0 to 256
[  352.389219][T14377] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  352.452912][    T9] usb 2-1: USB disconnect, device number 21
[  352.601474][T14380] loop2: detected capacity change from 0 to 256
[  352.609568][ T6074] udevd[6074]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  352.630335][ T6982] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  352.642821][T14380] exfat: Deprecated parameter 'utf8'
[  352.650342][T14380] exfat: Deprecated parameter 'utf8'
[  352.655918][T14380] exfat: Deprecated parameter 'utf8'
[  352.676415][T14380] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d)
[  352.948857][T14390] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3260'.
[  353.857573][T14398] loop4: detected capacity change from 0 to 32768
[  353.877342][T14398] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.3264 (14398)
[  353.930683][T14418] netlink: 'syz.3.3274': attribute type 1 has an invalid length.
[  353.938559][T14398] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  353.960087][T14398] BTRFS info (device loop4): using crc32c checksum algorithm
[  353.990133][T14398] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  354.013339][T14402] loop2: detected capacity change from 0 to 32768
[  354.223621][T14398] BTRFS info (device loop4): rebuilding free space tree
[  354.360865][T14437] bond1: entered allmulticast mode
[  354.400580][T14398] BTRFS info (device loop4): disabling free space tree
[  354.446606][T14398] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  354.494976][T14398] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  354.583593][T14398] BTRFS info (device loop4): enabling ssd optimizations
[  354.614318][T14398] BTRFS info (device loop4): enabling disk space caching
[  354.639399][T14398] BTRFS info (device loop4): force clearing of disk cache
[  354.668479][T14398] BTRFS info (device loop4): force zstd compression, level 3
[  354.793786][T14398] BTRFS info (device loop4): balance: start -sprofiles=data|raid1c4
[  354.831338][T14398] BTRFS info (device loop4): balance: ended with status: 0
[  354.873146][T14455] loop1: detected capacity change from 0 to 2048
[  354.923659][T14455] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  354.988894][T10951] udevd[10951]: incorrect nilfs2 checksum on /dev/loop1
[  354.997831][T14462] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  355.011478][ T6982] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  355.273806][T14446] loop3: detected capacity change from 0 to 32768
[  355.308710][T14446] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.3280 (14446)
[  355.352808][T14470] loop2: detected capacity change from 0 to 1024
[  355.375285][T14446] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  355.392626][T14470] hfsplus: bad catalog entry type
[  355.402321][T14446] BTRFS info (device loop3): using sha256 checksum algorithm
[  355.552968][  T280] hfsplus: b-tree write err: -5, ino 25
[  355.595056][  T280] hfsplus: b-tree write err: -5, ino 4
[  355.639129][  T280] hfsplus: b-tree write err: -5, ino 2
[  355.658171][T14446] BTRFS info (device loop3): enabling ssd optimizations
[  355.692523][T14446] BTRFS info (device loop3): turning on async discard
[  355.728911][T14446] BTRFS info (device loop3): enabling free space tree
[  355.962283][ T5833] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  355.982975][T14495] loop4: detected capacity change from 0 to 4096
[  356.005688][T14495] ntfs3(loop4): Different NTFS sector size (1024) and media sector size (512).
[  356.156864][T14495] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  356.308060][T14502] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3298'.
[  356.312650][T14495] ntfs3(loop4): ino=5, "/" ntfs_readdir
[  356.683654][T14472] F2FS-fs (loop1): Small segment_count (9 < 1 * 24)
[  356.719922][T14472] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  357.057316][T14472] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  357.083371][T14472] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  357.103556][T14472] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  357.243484][ T5820] syz-executor: attempt to access beyond end of device
[  357.243484][ T5820] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  357.293640][ T5820] CPU: 0 UID: 0 PID: 5820 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  357.293671][ T5820] Tainted: [L]=SOFTLOCKUP
[  357.293678][ T5820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  357.293689][ T5820] Call Trace:
[  357.293704][ T5820]  <TASK>
[  357.293712][ T5820]  dump_stack_lvl+0xe8/0x150
[  357.293743][ T5820]  f2fs_handle_critical_error+0x37c/0x540
[  357.293773][ T5820]  f2fs_write_end_io+0xcdb/0xff0
[  357.293817][ T5820]  __submit_merged_bio+0x256/0x700
[  357.293846][ T5820]  __submit_merged_write_cond+0x3c9/0x4e0
[  357.293878][ T5820]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  357.293927][ T5820]  f2fs_write_data_pages+0x2975/0x35e0
[  357.293990][ T5820]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  357.294030][ T5820]  ? css_rstat_updated+0x23a/0x530
[  357.294083][ T5820]  ? rcu_is_watching+0x15/0xb0
[  357.294110][ T5820]  ? mod_memcg_lruvec_state+0x1b8/0x360
[  357.294142][ T5820]  ? __lock_acquire+0x6b5/0x2cf0
[  357.294184][ T5820]  ? __lock_acquire+0x6b5/0x2cf0
[  357.294213][ T5820]  ? do_raw_spin_lock+0x12b/0x2f0
[  357.294246][ T5820]  ? do_raw_spin_unlock+0xf5/0x210
[  357.294268][ T5820]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  357.294292][ T5820]  do_writepages+0x32e/0x550
[  357.294324][ T5820]  ? do_raw_spin_unlock+0xf5/0x210
[  357.294349][ T5820]  filemap_fdatawrite+0x1e9/0x2f0
[  357.294374][ T5820]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  357.294449][ T5820]  ? do_raw_spin_unlock+0xf5/0x210
[  357.294474][ T5820]  f2fs_sync_dirty_inodes+0x30e/0x860
[  357.294516][ T5820]  f2fs_write_checkpoint+0x9df/0x26a0
[  357.294579][ T5820]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  357.294666][ T5820]  kill_f2fs_super+0x314/0x720
[  357.294696][ T5820]  ? __pfx_kill_f2fs_super+0x10/0x10
[  357.294741][ T5820]  ? lockdep_hardirqs_on+0x7a/0x110
[  357.294776][ T5820]  deactivate_locked_super+0xbc/0x130
[  357.294800][ T5820]  cleanup_mnt+0x437/0x4d0
[  357.294822][ T5820]  ? _raw_spin_unlock_irq+0x23/0x50
[  357.294852][ T5820]  task_work_run+0x1d9/0x270
[  357.294877][ T5820]  ? __pfx_task_work_run+0x10/0x10
[  357.294911][ T5820]  exit_to_user_mode_loop+0xed/0x480
[  357.294933][ T5820]  ? rcu_is_watching+0x15/0xb0
[  357.294963][ T5820]  do_syscall_64+0x32d/0xf80
[  357.294980][ T5820]  ? trace_irq_disable+0x3b/0x150
[  357.294999][ T5820]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  357.295018][ T5820]  ? clear_bhb_loop+0x40/0x90
[  357.295042][ T5820]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  357.295060][ T5820] RIP: 0033:0x7fb95b59d9d7
[  357.295077][ T5820] Code: a2 c7 05 1c ed 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  357.295092][ T5820] RSP: 002b:00007ffea1bcc598 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  357.295111][ T5820] RAX: 0000000000000000 RBX: 00007fb95b631f90 RCX: 00007fb95b59d9d7
[  357.295121][ T5820] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffea1bcc650
[  357.295131][ T5820] RBP: 00007ffea1bcc650 R08: 00007ffea1bcd650 R09: 00000000ffffffff
[  357.295143][ T5820] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffea1bcd6e0
[  357.295152][ T5820] R13: 00007fb95b631f90 R14: 0000000000057331 R15: 00007ffea1bcd720
[  357.295180][ T5820]  </TASK>
[  357.298751][ T5820] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  357.367438][T14520] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3305'.
[  357.424003][T14523] program syz.2.3306 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  357.624828][T14529] program syz.2.3306 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  357.651795][   T30] kauditd_printk_skb: 54 callbacks suppressed
[  357.651811][   T30] audit: type=1326 audit(357.619:2969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14524 comm="syz.3.3308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44c879c799 code=0x7ffc0000
[  357.698812][   T30] audit: type=1326 audit(357.619:2970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14524 comm="syz.3.3308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44c879c799 code=0x7ffc0000
[  357.728396][T14529] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  357.728746][   T30] audit: type=1326 audit(357.629:2971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14524 comm="syz.3.3308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44c879c799 code=0x7ffc0000
[  357.776790][   T30] audit: type=1326 audit(357.629:2972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14524 comm="syz.3.3308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44c879c799 code=0x7ffc0000
[  357.810569][   T30] audit: type=1326 audit(357.629:2973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14524 comm="syz.3.3308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f44c879c799 code=0x7ffc0000
[  357.837744][T14532] set_capacity_and_notify: 1 callbacks suppressed
[  357.837761][T14532] loop4: detected capacity change from 0 to 4096
[  357.927679][   T30] audit: type=1326 audit(357.629:2974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14524 comm="syz.3.3308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44c879c799 code=0x7ffc0000
[  358.003490][T14537] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  358.046196][   T30] audit: type=1326 audit(357.639:2975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14524 comm="syz.3.3308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44c879c799 code=0x7ffc0000
[  358.131503][   T30] audit: type=1326 audit(357.639:2976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14524 comm="syz.3.3308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44c879c799 code=0x7ffc0000
[  358.212188][   T30] audit: type=1326 audit(357.639:2977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14524 comm="syz.3.3308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=328 compat=0 ip=0x7f44c879c799 code=0x7ffc0000
[  358.242920][   T30] audit: type=1326 audit(357.639:2978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14524 comm="syz.3.3308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44c879c799 code=0x7ffc0000
[  358.371260][T14548] netlink: 252 bytes leftover after parsing attributes in process `syz.1.3307'.
[  358.710269][ T5910] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  358.868883][T14578] loop4: detected capacity change from 0 to 256
[  358.876868][ T5910] usb 4-1: Using ep0 maxpacket: 16
[  358.884450][ T5910] usb 4-1: config 0 interface 0 altsetting 8 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  358.907393][ T5910] usb 4-1: config 0 interface 0 altsetting 8 endpoint 0x81 has invalid wMaxPacketSize 0
[  358.918113][ T5910] usb 4-1: config 0 interface 0 altsetting 8 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  358.940001][ T5910] usb 4-1: config 0 interface 0 has no altsetting 0
[  358.951111][ T5910] usb 4-1: New USB device found, idVendor=04d8, idProduct=00df, bcdDevice= 0.00
[  358.963886][T14578] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d)
[  358.987342][ T5910] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  359.015503][ T5910] usb 4-1: config 0 descriptor??
[  359.359332][T14582] loop1: detected capacity change from 0 to 40427
[  359.374309][T14582] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  359.401809][T14582] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  359.416827][T14582] F2FS-fs (loop1): invalid crc value
[  359.447422][ T5910] mcp2200 0003:04D8:00DF.000E: USB HID v0.00 Device [HID 04d8:00df] on usb-dummy_hcd.3-1/input0
[  359.648522][T14582] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  359.652767][ T5910] usb 4-1: USB disconnect, device number 16
[  359.688087][T14582] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  359.717845][T14582] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  360.277245][T14608] loop1: detected capacity change from 0 to 2048
[  360.315064][T14608] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  360.428730][T14608] [syz.1.3340/14608] FS: loop1 File: /file1 would truncate fibmap result
[  360.893177][T14639] sp0: Synchronizing with TNC
[  360.929988][T14644] sp0: Found TNC
[  360.934113][T14641] loop1: detected capacity change from 0 to 2048
[  360.967897][T14641] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  361.573598][    T9] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  361.751328][    T9] usb 2-1: Using ep0 maxpacket: 32
[  361.769207][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  361.797324][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  361.828272][    T9] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  361.870205][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  361.904857][T14658] loop2: detected capacity change from 0 to 32768
[  361.911158][    T9] usb 2-1: config 0 descriptor??
[  362.028058][T14684] netlink: 52 bytes leftover after parsing attributes in process `syz.4.3380'.
[  362.050070][T14684] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3380'.
[  362.238947][T14693] loop4: detected capacity change from 0 to 256
[  362.263375][T14695] loop3: detected capacity change from 0 to 64
[  362.345304][    T9] savu 0003:1E7D:2D5A.000F: unknown main item tag 0x0
[  362.391108][    T9] savu 0003:1E7D:2D5A.000F: unknown main item tag 0x0
[  362.416553][    T9] savu 0003:1E7D:2D5A.000F: unknown main item tag 0x0
[  362.445184][    T9] savu 0003:1E7D:2D5A.000F: unknown main item tag 0x0
[  362.468248][    T9] savu 0003:1E7D:2D5A.000F: unknown main item tag 0x0
[  362.501548][    T9] savu 0003:1E7D:2D5A.000F: unbalanced collection at end of report description
[  362.536236][    T9] savu 0003:1E7D:2D5A.000F: parse failed
[  362.562835][    T9] savu 0003:1E7D:2D5A.000F: probe with driver savu failed with error -22
[  362.576575][T14701] loop4: detected capacity change from 0 to 256
[  362.606729][T14704] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3388'.
[  362.614657][    T9] usb 2-1: USB disconnect, device number 22
[  362.639356][T14701] exfat: Deprecated parameter 'utf8'
[  362.705849][T14701] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[  363.180339][T14720] loop4: detected capacity change from 0 to 1024
[  363.258160][   T30] kauditd_printk_skb: 5 callbacks suppressed
[  363.258178][   T30] audit: type=1800 audit(363.219:2984): pid=14720 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3397" name="file1" dev="loop4" ino=20 res=0 errno=0
[  363.385583][  T280] hfsplus: b-tree write err: -5, ino 25
[  363.392145][  T280] hfsplus: b-tree write err: -5, ino 4
[  363.416378][  T280] hfsplus: b-tree write err: -5, ino 2
[  363.433947][  T280] hfsplus: b-tree write err: -5, ino 20
[  363.750878][    T9] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  363.924037][    T9] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  363.944662][    T9] usb 4-1: config 0 has no interface number 0
[  363.962828][    T9] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  363.998406][    T9] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  364.024138][    T9] usb 4-1: config 0 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  364.067703][    T9] usb 4-1: New USB device found, idVendor=04f2, idProduct=1421, bcdDevice= 0.00
[  364.093540][    T9] usb 4-1: New USB device strings: Mfr=0, Product=64, SerialNumber=0
[  364.111466][    T9] usb 4-1: Product: syz
[  364.126794][    T9] usb 4-1: config 0 descriptor??
[  364.615512][    T9] chicony 0003:04F2:1421.0010: collection stack underflow
[  364.651013][    T9] chicony 0003:04F2:1421.0010: item 0 0 0 12 parsing failed
[  364.675029][    T9] chicony 0003:04F2:1421.0010: Chicony hid parse failed: -22
[  364.712908][    T9] chicony 0003:04F2:1421.0010: probe with driver chicony failed with error -22
[  364.725599][T14753] loop2: detected capacity change from 0 to 32768
[  364.784884][T14753] 
[  364.784884][T14753]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  364.784884][T14753] 
[  364.884340][    T9] usb 4-1: USB disconnect, device number 17
[  364.926234][ T5825] 
[  364.926234][ T5825]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  364.926234][ T5825] 
[  364.973432][ T5825] 
[  364.973432][ T5825]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  364.973432][ T5825] 
[  366.059970][   T29] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  366.251727][   T29] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  366.272943][   T29] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  366.284788][T14787] loop4: detected capacity change from 0 to 40427
[  366.298778][   T29] usb 3-1: config 0 descriptor??
[  366.317493][   T29] cp210x 3-1:0.0: cp210x converter detected
[  366.327841][T14787] F2FS-fs (loop4): invalid crc value
[  366.583455][T14787] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  366.613250][T14787] F2FS-fs (loop4): Start checkpoint disabled!
[  366.657998][T14787] F2FS-fs (loop4): f2fs_disable_checkpoint() finish, err:0
[  366.682017][T14787] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  366.845029][  T280] kworker/u8:6: attempt to access beyond end of device
[  366.845029][  T280] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  366.880681][  T280] CPU: 0 UID: 0 PID: 280 Comm: kworker/u8:6 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  366.880712][  T280] Tainted: [L]=SOFTLOCKUP
[  366.880719][  T280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  366.880730][  T280] Workqueue: writeback wb_workfn (flush-7:4)
[  366.880762][  T280] Call Trace:
[  366.880770][  T280]  <TASK>
[  366.880777][  T280]  dump_stack_lvl+0xe8/0x150
[  366.880803][  T280]  f2fs_handle_critical_error+0x37c/0x540
[  366.880830][  T280]  f2fs_write_end_io+0xcdb/0xff0
[  366.880882][  T280]  __submit_merged_bio+0x256/0x700
[  366.880910][  T280]  __submit_merged_write_cond+0x3c9/0x4e0
[  366.880941][  T280]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  366.880988][  T280]  f2fs_write_data_pages+0x2975/0x35e0
[  366.881052][  T280]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  366.881090][  T280]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  366.881154][  T280]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  366.881195][  T280]  ? __lock_acquire+0x6b5/0x2cf0
[  366.881245][  T280]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  366.881270][  T280]  do_writepages+0x32e/0x550
[  366.881298][  T280]  ? reacquire_held_locks+0x104/0x190
[  366.881315][  T280]  ? writeback_sb_inodes+0x477/0x1a20
[  366.881340][  T280]  __writeback_single_inode+0x133/0x11a0
[  366.881361][  T280]  ? do_raw_spin_unlock+0xf5/0x210
[  366.881387][  T280]  writeback_sb_inodes+0x992/0x1a20
[  366.881439][  T280]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  366.881455][  T280]  ? do_raw_spin_lock+0x12b/0x2f0
[  366.881521][  T280]  ? rcu_is_watching+0x15/0xb0
[  366.881557][  T280]  wb_writeback+0x456/0xb70
[  366.881579][  T280]  ? queue_io+0x1f1/0x4a0
[  366.881607][  T280]  ? __pfx_wb_writeback+0x10/0x10
[  366.881622][  T280]  ? do_raw_spin_lock+0x12b/0x2f0
[  366.881661][  T280]  wb_workfn+0x414/0xf50
[  366.881687][  T280]  ? look_up_lock_class+0x57/0x110
[  366.881722][  T280]  ? __pfx_wb_workfn+0x10/0x10
[  366.881749][  T280]  ? do_raw_spin_lock+0x12b/0x2f0
[  366.881772][  T280]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  366.881819][  T280]  ? process_one_work+0x87c/0x1650
[  366.881847][  T280]  process_one_work+0x949/0x1650
[  366.881881][  T280]  ? irqentry_exit+0x61a/0x700
[  366.881910][  T280]  ? __pfx_process_one_work+0x10/0x10
[  366.881931][  T280]  ? do_raw_spin_lock+0x12b/0x2f0
[  366.881971][  T280]  worker_thread+0xb46/0x1140
[  366.882007][  T280]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  366.882053][  T280]  kthread+0x388/0x470
[  366.882073][  T280]  ? __pfx_worker_thread+0x10/0x10
[  366.882094][  T280]  ? __pfx_kthread+0x10/0x10
[  366.882116][  T280]  ret_from_fork+0x51e/0xb90
[  366.882145][  T280]  ? __pfx_ret_from_fork+0x10/0x10
[  366.882167][  T280]  ? __switch_to+0xc7d/0x1450
[  366.882195][  T280]  ? __pfx_kthread+0x10/0x10
[  366.882216][  T280]  ret_from_fork_asm+0x1a/0x30
[  366.882253][  T280]  </TASK>
[  366.883993][  T280] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  366.939958][   T29] cp210x 3-1:0.0: failed to get vendor val 0x3711 size 2: -71
[  367.399837][   T29] cp210x 3-1:0.0: GPIO initialisation failed: -71
[  367.438547][   T29] usb 3-1: cp210x converter now attached to ttyUSB0
[  367.473585][   T29] usb 3-1: USB disconnect, device number 14
[  367.487345][T14826] loop4: detected capacity change from 0 to 128
[  367.504473][   T29] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  367.545831][   T29] cp210x 3-1:0.0: device disconnected
[  367.551500][T14826] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  367.578621][T14826] hpfs: filesystem error: improperly stopped
[  367.589762][T14826] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  367.636317][T14826] hpfs: You really don't want any checks? You are crazy...
[  367.666147][T14826] hpfs: hpfs_map_sector(): read error
[  367.696688][T14826] hpfs: code page support is disabled
[  367.724508][T14826] hpfs: hpfs_map_4sectors(): unaligned read
[  367.753910][T14826] hpfs: hpfs_map_4sectors(): unaligned read
[  367.782993][T14826] hpfs: filesystem error: unable to find root dir
[  368.196826][T14850] loop1: detected capacity change from 0 to 64
[  368.274539][   T30] audit: type=1800 audit(368.239:2985): pid=14852 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3458" name="file1" dev="tmpfs" ino=3216 res=0 errno=0
[  368.473029][T14859] loop1: detected capacity change from 0 to 736
[  368.605392][T14857] loop2: detected capacity change from 0 to 4096
[  368.645596][T14857] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[  368.684341][T14818] loop3: detected capacity change from 0 to 32768
[  368.746206][T14818] XFS (loop3): DAX unsupported by block device. Turning off DAX.
[  368.758708][T14857] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  368.763864][T14818] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  368.766918][T14857] ntfs3(loop2): mft corrupted
[  368.779311][T14857] ntfs3(loop2): Failed to load $Extend (-22).
[  368.786294][T14857] ntfs3(loop2): Failed to initialize $Extend.
[  368.845327][T14871] loop4: detected capacity change from 0 to 1024
[  368.871501][T14857] ntfs3(loop2): ino=1e, mi_enum_attr
[  368.877010][T14818] XFS (loop3): Ending clean mount
[  368.908267][T14857] ntfs3(loop2): ino=1e, mi_enum_attr
[  368.918387][T14871] EXT4-fs: Ignoring removed orlov option
[  368.924917][T14818] XFS (loop3): Quotacheck needed: Please wait.
[  368.945308][T14857] ntfs3(loop2): ino=1e, "file1" mi_enum_attr
[  368.998890][T14857] ntfs3(loop2): ino=1e, "file1" mi_enum_attr
[  369.042821][T14871] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  369.077193][T14857] ntfs3(loop2): ino=1e, "file1" mi_enum_attr
[  369.418781][T14818] XFS (loop3): Quotacheck: Done.
[  369.525434][ T6982] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  369.596090][ T5833] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  370.066383][T14908] loop1: detected capacity change from 0 to 4096
[  370.119463][T14908] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512).
[  370.359234][   T12] ntfs3(loop1): ino=1e, ntfs3_write_inode failed, -22.
[  370.432783][   T12] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  370.637368][T14938] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3488'.
[  370.880237][T14917] loop4: detected capacity change from 0 to 32768
[  370.894225][T14917] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.3483 (14917)
[  370.997058][T14917] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  371.034504][T14917] BTRFS info (device loop4): using sha256 checksum algorithm
[  371.201234][T14917] BTRFS info (device loop4): rebuilding free space tree
[  371.350680][T14973] loop3: detected capacity change from 0 to 256
[  371.373429][T14917] BTRFS info (device loop4): disabling free space tree
[  371.397449][T14917] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  371.429144][T14917] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  371.485213][T14917] BTRFS info (device loop4): setting nodatasum
[  371.511939][T14917] BTRFS info (device loop4): setting nodatacow
[  371.540052][T14917] BTRFS info (device loop4): turning off barriers
[  371.576886][T14917] BTRFS info (device loop4): force clearing of disk cache
[  371.696002][ T6982] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  372.483253][T14978] loop3: detected capacity change from 0 to 32768
[  372.486415][T14998] loop4: detected capacity change from 0 to 256
[  372.544346][T14978] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  372.727042][T14998] FAT-fs (loop4): Directory bread(block 64) failed
[  372.774380][T14998] FAT-fs (loop4): Directory bread(block 65) failed
[  372.795641][T14978] XFS (loop3): Ending clean mount
[  372.807078][T14998] FAT-fs (loop4): Directory bread(block 66) failed
[  372.840493][T14998] FAT-fs (loop4): Directory bread(block 67) failed
[  372.863908][T14998] FAT-fs (loop4): Directory bread(block 68) failed
[  372.891450][T14998] FAT-fs (loop4): Directory bread(block 69) failed
[  372.909850][T14998] FAT-fs (loop4): Directory bread(block 70) failed
[  372.925580][T14998] FAT-fs (loop4): Directory bread(block 71) failed
[  372.952899][T14998] FAT-fs (loop4): Directory bread(block 72) failed
[  372.960941][ T5833] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  372.975030][T14998] FAT-fs (loop4): Directory bread(block 73) failed
[  373.239176][T15018] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3519'.
[  374.000210][T15053] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  374.084476][T15058] loop1: detected capacity change from 0 to 512
[  374.123259][T15058] EXT4-fs: Ignoring removed mblk_io_submit option
[  374.167637][T15058] EXT4-fs (loop1): orphan cleanup on readonly fs
[  374.187405][T15058] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13
[  374.214398][T15058] EXT4-fs error (device loop1): ext4_clear_blocks:876: inode #13: comm syz.1.3533: attempt to clear invalid blocks 2 len 1
[  374.305580][T15058] loop1: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117
[  374.309666][    C1] EXT4-fs (loop1): error count since last fsck: 1
[  374.323272][T15058] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1315: group 0, 
[  374.325346][    C1] EXT4-fs (loop1): initial error at time 374: ext4_clear_blocks:876: inode 13
[  374.325376][    C1] EXT4-fs (loop1): last error at time 374: ext4_clear_blocks:876: inode 13
[  374.354119][T15058] block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  374.407707][T15058] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.3533: invalid indirect mapped block 1819239214 (level 0)
[  374.454499][T15058] loop1: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117
[  374.490639][T15058] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.3533: invalid indirect mapped block 1819239214 (level 1)
[  374.537415][T15058] loop1: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117
[  374.542476][T15058] EXT4-fs (loop1): 1 truncate cleaned up
[  374.641594][T15077] loop2: detected capacity change from 0 to 128
[  374.648130][T15058] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  374.673132][T15055] loop4: detected capacity change from 0 to 40427
[  374.703280][T15055] F2FS-fs (loop4): invalid crc value
[  374.840358][T15058] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[  374.936807][T15055] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  374.991123][ T5820] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  374.991989][T15055] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  375.272478][ T6982] syz-executor: attempt to access beyond end of device
[  375.272478][ T6982] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  375.302638][ T6982] CPU: 0 UID: 0 PID: 6982 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  375.302670][ T6982] Tainted: [L]=SOFTLOCKUP
[  375.302676][ T6982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  375.302687][ T6982] Call Trace:
[  375.302694][ T6982]  <TASK>
[  375.302701][ T6982]  dump_stack_lvl+0xe8/0x150
[  375.302732][ T6982]  f2fs_handle_critical_error+0x37c/0x540
[  375.302760][ T6982]  f2fs_write_end_io+0xcdb/0xff0
[  375.302801][ T6982]  __submit_merged_bio+0x256/0x700
[  375.302829][ T6982]  __submit_merged_write_cond+0x3c9/0x4e0
[  375.302858][ T6982]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  375.302899][ T6982]  f2fs_write_data_pages+0x2975/0x35e0
[  375.302919][ T6982]  ? is_bpf_text_address+0x26/0x2b0
[  375.302972][ T6982]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  375.303009][ T6982]  ? do_raw_spin_lock+0x12b/0x2f0
[  375.303056][ T6982]  ? do_raw_spin_unlock+0xf5/0x210
[  375.303081][ T6982]  ? __lock_acquire+0x6b5/0x2cf0
[  375.303119][ T6982]  ? __lock_acquire+0x6b5/0x2cf0
[  375.303145][ T6982]  ? do_raw_spin_lock+0x12b/0x2f0
[  375.303187][ T6982]  ? do_raw_spin_unlock+0xf5/0x210
[  375.303208][ T6982]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  375.303230][ T6982]  do_writepages+0x32e/0x550
[  375.303257][ T6982]  ? do_raw_spin_unlock+0xf5/0x210
[  375.303280][ T6982]  filemap_fdatawrite+0x1e9/0x2f0
[  375.303301][ T6982]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  375.303372][ T6982]  ? do_raw_spin_unlock+0xf5/0x210
[  375.303393][ T6982]  f2fs_sync_dirty_inodes+0x30e/0x860
[  375.303428][ T6982]  f2fs_write_checkpoint+0x9df/0x26a0
[  375.303479][ T6982]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  375.303547][ T6982]  kill_f2fs_super+0x314/0x720
[  375.303579][ T6982]  ? __pfx_kill_f2fs_super+0x10/0x10
[  375.303611][ T6982]  ? lockdep_hardirqs_on+0x7a/0x110
[  375.303640][ T6982]  deactivate_locked_super+0xbc/0x130
[  375.303662][ T6982]  cleanup_mnt+0x437/0x4d0
[  375.303682][ T6982]  ? _raw_spin_unlock_irq+0x23/0x50
[  375.303710][ T6982]  task_work_run+0x1d9/0x270
[  375.303733][ T6982]  ? __pfx_task_work_run+0x10/0x10
[  375.303765][ T6982]  exit_to_user_mode_loop+0xed/0x480
[  375.303786][ T6982]  ? rcu_is_watching+0x15/0xb0
[  375.303815][ T6982]  do_syscall_64+0x32d/0xf80
[  375.303833][ T6982]  ? trace_irq_disable+0x3b/0x150
[  375.303850][ T6982]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  375.303868][ T6982]  ? clear_bhb_loop+0x40/0x90
[  375.303890][ T6982]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  375.303908][ T6982] RIP: 0033:0x7f1a9bf9d9d7
[  375.303926][ T6982] Code: a2 c7 05 1c ed 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  375.303942][ T6982] RSP: 002b:00007ffe4f747548 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  375.303962][ T6982] RAX: 0000000000000000 RBX: 00007f1a9c031f90 RCX: 00007f1a9bf9d9d7
[  375.303974][ T6982] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe4f747600
[  375.303985][ T6982] RBP: 00007ffe4f747600 R08: 00007ffe4f748600 R09: 00000000ffffffff
[  375.303997][ T6982] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe4f748690
[  375.304008][ T6982] R13: 00007f1a9c031f90 R14: 000000000005b980 R15: 00007ffe4f7486d0
[  375.304038][ T6982]  </TASK>
[  375.308899][ T6982] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  375.859427][T15122] loop3: detected capacity change from 0 to 164
[  375.943300][T15122] rock: directory entry would overflow storage
[  375.971145][T15122] rock: sig=0x4d4e, size=5, remaining=4
[  375.982588][T15122] isofs: isofs_export_get_parent(): child directory not normalized!
[  376.191255][T15129] comedi comedi3: 8255: I/O port conflict (0x4f29,4)
[  376.490142][T15139] loop2: detected capacity change from 0 to 1024
[  376.510599][T15139] EXT4-fs: inline encryption not supported
[  376.532543][T15139] EXT4-fs: Ignoring removed i_version option
[  376.590432][T15139] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  376.620762][T15123] loop1: detected capacity change from 0 to 40427
[  376.660880][T15123] F2FS-fs (loop1): invalid crc value
[  376.744961][ T5825] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  376.954749][T15123] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  376.999113][T15123] F2FS-fs (loop1): Start checkpoint disabled!
[  377.015001][T15123] F2FS-fs (loop1): f2fs_disable_checkpoint() finish, err:0
[  377.040538][T15123] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  377.137049][   T58] kworker/u8:4: attempt to access beyond end of device
[  377.137049][   T58] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  377.163212][   T58] CPU: 0 UID: 0 PID: 58 Comm: kworker/u8:4 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  377.163242][   T58] Tainted: [L]=SOFTLOCKUP
[  377.163248][   T58] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  377.163260][   T58] Workqueue: writeback wb_workfn (flush-7:1)
[  377.163291][   T58] Call Trace:
[  377.163299][   T58]  <TASK>
[  377.163306][   T58]  dump_stack_lvl+0xe8/0x150
[  377.163334][   T58]  f2fs_handle_critical_error+0x37c/0x540
[  377.163373][   T58]  f2fs_write_end_io+0xcdb/0xff0
[  377.163417][   T58]  __submit_merged_bio+0x256/0x700
[  377.163446][   T58]  __submit_merged_write_cond+0x3c9/0x4e0
[  377.163477][   T58]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  377.163525][   T58]  f2fs_write_data_pages+0x2975/0x35e0
[  377.163587][   T58]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  377.163623][   T58]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  377.163682][   T58]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  377.163730][   T58]  ? __lock_acquire+0x6b5/0x2cf0
[  377.163774][   T58]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  377.163798][   T58]  do_writepages+0x32e/0x550
[  377.163825][   T58]  ? reacquire_held_locks+0x104/0x190
[  377.163843][   T58]  ? writeback_sb_inodes+0x477/0x1a20
[  377.163867][   T58]  __writeback_single_inode+0x133/0x11a0
[  377.163887][   T58]  ? do_raw_spin_unlock+0xf5/0x210
[  377.163912][   T58]  writeback_sb_inodes+0x992/0x1a20
[  377.163953][   T58]  ? __lock_acquire+0x6b5/0x2cf0
[  377.163980][   T58]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  377.163996][   T58]  ? do_raw_spin_lock+0x12b/0x2f0
[  377.164059][   T58]  ? rcu_is_watching+0x15/0xb0
[  377.164095][   T58]  wb_writeback+0x456/0xb70
[  377.164116][   T58]  ? queue_io+0x1f1/0x4a0
[  377.164142][   T58]  ? __pfx_wb_writeback+0x10/0x10
[  377.164158][   T58]  ? do_raw_spin_lock+0x12b/0x2f0
[  377.164194][   T58]  wb_workfn+0x414/0xf50
[  377.164218][   T58]  ? look_up_lock_class+0x57/0x110
[  377.164256][   T58]  ? __pfx_wb_workfn+0x10/0x10
[  377.164283][   T58]  ? do_raw_spin_lock+0x12b/0x2f0
[  377.164305][   T58]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  377.164342][   T58]  ? process_one_work+0x87c/0x1650
[  377.164373][   T58]  process_one_work+0x949/0x1650
[  377.164408][   T58]  ? irqentry_exit+0x590/0x700
[  377.164434][   T58]  ? __pfx_process_one_work+0x10/0x10
[  377.164453][   T58]  ? do_raw_spin_lock+0x12b/0x2f0
[  377.164493][   T58]  worker_thread+0xb46/0x1140
[  377.164543][   T58]  kthread+0x388/0x470
[  377.164562][   T58]  ? __pfx_worker_thread+0x10/0x10
[  377.164583][   T58]  ? __pfx_kthread+0x10/0x10
[  377.164604][   T58]  ret_from_fork+0x51e/0xb90
[  377.164630][   T58]  ? __pfx_ret_from_fork+0x10/0x10
[  377.164651][   T58]  ? __switch_to+0xc7d/0x1450
[  377.164674][   T58]  ? __pfx_kthread+0x10/0x10
[  377.164693][   T58]  ret_from_fork_asm+0x1a/0x30
[  377.164728][   T58]  </TASK>
[  377.438560][   T58] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  377.493907][T15167] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3572'.
[  377.522071][T15167] netlink: 'syz.3.3572': attribute type 22 has an invalid length.
[  377.558791][T15167] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3572'.
[  377.572506][T15171] loop2: detected capacity change from 0 to 8
[  377.776023][T15171] SQUASHFS error: xz decompression failed, data probably corrupt
[  377.788616][T15171] SQUASHFS error: Failed to read block 0xa8: -5
[  377.846321][T15171] SQUASHFS error: xz decompression failed, data probably corrupt
[  377.869002][T15171] SQUASHFS error: Failed to read block 0xa8: -5
[  377.887800][   T30] audit: type=1800 audit(377.849:2986): pid=15171 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3574" name="file0" dev="loop2" ino=3 res=0 errno=0
[  378.002968][T15155] loop4: detected capacity change from 0 to 40427
[  378.010348][T15155] F2FS-fs (loop4): Fix alignment : internally, start(4096) end(16896) block(12288)
[  378.011411][T15155] F2FS-fs (loop4): invalid crc value
[  378.251772][T15155] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  378.273752][T15155] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  378.633729][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  378.644569][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  378.672043][ T5891] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  378.839921][ T5891] usb 2-1: Using ep0 maxpacket: 16
[  378.848148][ T5891] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  378.868227][T15206] netlink: 64 bytes leftover after parsing attributes in process `syz.0.3588'.
[  378.869670][ T5891] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  378.888996][ T5891] usb 2-1: New USB device found, idVendor=05ac, idProduct=024b, bcdDevice= 0.00
[  378.900696][ T5891] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  378.912718][ T5891] usb 2-1: config 0 descriptor??
[  378.944861][T15198] loop3: detected capacity change from 0 to 32768
[  379.162361][T15213] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3592'.
[  379.340847][ T5891] apple 0003:05AC:024B.0011: unknown main item tag 0x0
[  379.359097][ T5891] apple 0003:05AC:024B.0011: unknown main item tag 0x0
[  379.381132][ T5891] apple 0003:05AC:024B.0011: unknown main item tag 0x0
[  379.411424][ T5891] apple 0003:05AC:024B.0011: unknown main item tag 0x0
[  379.435473][ T5891] apple 0003:05AC:024B.0011: unknown main item tag 0x0
[  379.460202][ T5891] apple 0003:05AC:024B.0011: unknown main item tag 0x0
[  379.481989][ T5891] apple 0003:05AC:024B.0011: unknown main item tag 0x0
[  379.505523][ T5891] apple 0003:05AC:024B.0011: unknown main item tag 0x0
[  379.534936][ T5891] apple 0003:05AC:024B.0011: unknown main item tag 0x0
[  379.566276][ T5891] apple 0003:05AC:024B.0011: unknown main item tag 0x0
[  379.629219][ T5891] apple 0003:05AC:024B.0011: hidraw0: USB HID v0.00 Device [HID 05ac:024b] on usb-dummy_hcd.1-1/input0
[  379.667296][T15231] netlink: 'syz.2.3600': attribute type 1 has an invalid length.
[  379.678184][ T5891] usb 2-1: USB disconnect, device number 23
[  379.715196][T15231] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3600'.
[  379.749908][T15231] netlink: 658 bytes leftover after parsing attributes in process `syz.2.3600'.
[  379.783968][T15231] netlink: 'syz.2.3600': attribute type 1 has an invalid length.
[  379.831182][T15232] fido_id[15232]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  379.962166][T15244] loop2: detected capacity change from 0 to 256
[  380.034909][T15247] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3608'.
[  380.045206][T15244] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  380.367866][T15255] loop1: detected capacity change from 0 to 4096
[  380.441628][T15264] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  381.064123][T15280] loop1: detected capacity change from 0 to 4096
[  381.162251][T15287] loop4: detected capacity change from 0 to 2048
[  381.260518][T15287] CIFS: iocharset name too long
[  381.417928][T15295] program syz.0.3629 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  381.423890][T15296] loop2: detected capacity change from 0 to 256
[  381.446134][T15296] exfat: Deprecated parameter 'namecase'
[  381.473419][T15296] exfat: Deprecated parameter 'utf8'
[  381.529874][T15296] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[  381.535501][T15298] bridge0: port 1(bridge_slave_0) entered disabled state
[  381.574469][T15298] bridge0: port 1(bridge_slave_0) entered blocking state
[  381.581818][T15298] bridge0: port 1(bridge_slave_0) entered forwarding state
[  382.630479][T15342] loop1: detected capacity change from 0 to 4096
[  382.651324][T15342] ntfs3(loop1): Different NTFS sector size (2048) and media sector size (512).
[  382.774499][T15350] netlink: 3 bytes leftover after parsing attributes in process `syz.4.3654'.
[  382.786926][T15350] netlink: 3 bytes leftover after parsing attributes in process `syz.4.3654'.
[  383.035889][T15357] loop4: detected capacity change from 0 to 512
[  383.052664][T15357] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  383.135903][T15357] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1315: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  383.169615][    C0] EXT4-fs (loop4): error count since last fsck: 1
[  383.176125][    C0] EXT4-fs (loop4): initial error at time 383: ext4_mb_generate_buddy:1315
[  383.184710][    C0] EXT4-fs (loop4): last error at time 383: ext4_mb_generate_buddy:1315
[  383.250260][T15357] EXT4-fs (loop4): 1 truncate cleaned up
[  383.272360][T15357] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  383.320704][T15363] loop3: detected capacity change from 0 to 256
[  383.320720][T15358] loop1: detected capacity change from 0 to 32768
[  383.333669][T15363] exfat: Deprecated parameter 'utf8'
[  383.338530][T15358] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3656 (15358)
[  383.355710][T15363] exfat: Deprecated parameter 'namecase'
[  383.370123][T15358] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  383.381090][T15358] BTRFS info (device loop1): using sha256 checksum algorithm
[  383.382451][T15357] EXT4-fs error (device loop4): ext4_inlinedir_to_tree:1324: inode #12: block 7: comm syz.4.3658: path /651/bus/file0: bad entry in directory: directory entry overrun - offset=80, inode=2147483648, rec_len=1024, size=60 fake=0
[  383.413225][T15363] exfat: Deprecated parameter 'namecase'
[  383.433476][T15363] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x200001de, utbl_chksum : 0xe619d30d)
[  383.489369][T15358] BTRFS info (device loop1): enabling ssd optimizations
[  383.521494][T15358] BTRFS info (device loop1): enabling free space tree
[  383.532329][T15358] BTRFS info (device loop1): enabling auto defrag
[  383.540531][T15358] BTRFS info (device loop1): use lzo compression, level 1
[  383.547801][T15358] BTRFS info (device loop1): max_inline set to 3
[  383.566658][ T6982] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  383.644472][ T5820] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  383.821546][T15384] netlink: 140 bytes leftover after parsing attributes in process `syz.4.3661'.
[  384.173320][T15396] loop1: detected capacity change from 0 to 128
[  384.238255][T15396] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  384.352781][T15396] EXT4-fs warning (device loop1): ext4_group_extend:1861: can't shrink FS - resize aborted
[  384.584815][ T5820] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  384.969817][    T9] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  385.052586][T15390] loop2: detected capacity change from 0 to 40427
[  385.131446][    T9] usb 2-1: Using ep0 maxpacket: 16
[  385.148469][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  385.188905][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  385.224118][    T9] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  385.268808][    T9] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  385.300535][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  385.324385][T15390] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  385.345029][    T9] usb 2-1: config 0 descriptor??
[  385.370782][T15390] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  385.433249][T15430] syz.4.3682 (15430) used obsolete PPPIOCDETACH ioctl
[  385.448593][T15432] loop3: detected capacity change from 0 to 512
[  385.477843][T15432] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  385.526863][ T5825] syz-executor: attempt to access beyond end of device
[  385.526863][ T5825] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  385.527956][T15432] EXT4-fs error (device loop3): ext4_orphan_get:1417: comm syz.3.3683: bad orphan inode 131083
[  385.572008][ T5825] CPU: 0 UID: 0 PID: 5825 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  385.572038][ T5825] Tainted: [L]=SOFTLOCKUP
[  385.572045][ T5825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  385.572054][ T5825] Call Trace:
[  385.572061][ T5825]  <TASK>
[  385.572069][ T5825]  dump_stack_lvl+0xe8/0x150
[  385.572100][ T5825]  f2fs_handle_critical_error+0x37c/0x540
[  385.572127][ T5825]  f2fs_write_end_io+0xcdb/0xff0
[  385.572169][ T5825]  __submit_merged_bio+0x256/0x700
[  385.572197][ T5825]  __submit_merged_write_cond+0x3c9/0x4e0
[  385.572226][ T5825]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  385.572270][ T5825]  f2fs_write_data_pages+0x2975/0x35e0
[  385.572330][ T5825]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  385.572366][ T5825]  ? css_rstat_updated+0x23a/0x530
[  385.572414][ T5825]  ? rcu_is_watching+0x15/0xb0
[  385.572440][ T5825]  ? mod_memcg_lruvec_state+0x1b8/0x360
[  385.572471][ T5825]  ? __lock_acquire+0x6b5/0x2cf0
[  385.572509][ T5825]  ? __lock_acquire+0x6b5/0x2cf0
[  385.572537][ T5825]  ? do_raw_spin_lock+0x12b/0x2f0
[  385.572568][ T5825]  ? do_raw_spin_unlock+0xf5/0x210
[  385.572588][ T5825]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  385.572612][ T5825]  do_writepages+0x32e/0x550
[  385.572642][ T5825]  ? do_raw_spin_unlock+0xf5/0x210
[  385.572666][ T5825]  filemap_fdatawrite+0x1e9/0x2f0
[  385.572689][ T5825]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  385.572748][ T5825]  ? do_raw_spin_unlock+0xf5/0x210
[  385.572780][ T5825]  f2fs_sync_dirty_inodes+0x30e/0x860
[  385.572820][ T5825]  f2fs_write_checkpoint+0x9df/0x26a0
[  385.572876][ T5825]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  385.572951][ T5825]  kill_f2fs_super+0x314/0x720
[  385.572980][ T5825]  ? __pfx_kill_f2fs_super+0x10/0x10
[  385.573016][ T5825]  ? lockdep_hardirqs_on+0x7a/0x110
[  385.573046][ T5825]  deactivate_locked_super+0xbc/0x130
[  385.573067][ T5825]  cleanup_mnt+0x437/0x4d0
[  385.573087][ T5825]  ? _raw_spin_unlock_irq+0x23/0x50
[  385.573113][ T5825]  task_work_run+0x1d9/0x270
[  385.573136][ T5825]  ? __pfx_task_work_run+0x10/0x10
[  385.573166][ T5825]  exit_to_user_mode_loop+0xed/0x480
[  385.573188][ T5825]  ? rcu_is_watching+0x15/0xb0
[  385.573212][ T5825]  do_syscall_64+0x32d/0xf80
[  385.573226][ T5825]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  385.573241][ T5825]  ? clear_bhb_loop+0x40/0x90
[  385.573261][ T5825]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  385.573277][ T5825] RIP: 0033:0x7f4ba6d9d9d7
[  385.573293][ T5825] Code: a2 c7 05 1c ed 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  385.573306][ T5825] RSP: 002b:00007fff062d59d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  385.573323][ T5825] RAX: 0000000000000000 RBX: 00007f4ba6e31f90 RCX: 00007f4ba6d9d9d7
[  385.573334][ T5825] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff062d5a90
[  385.573344][ T5825] RBP: 00007fff062d5a90 R08: 00007fff062d6a90 R09: 00000000ffffffff
[  385.573355][ T5825] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff062d6b20
[  385.573364][ T5825] R13: 00007f4ba6e31f90 R14: 000000000005e197 R15: 00007fff062d6b60
[  385.573391][ T5825]  </TASK>
[  385.576196][ T5825] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  385.618462][T15432] loop3: lost filesystem error report for type 5 error -117
[  385.723032][T15440] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  385.749648][    C1] EXT4-fs (loop3): error count since last fsck: 1
[  385.847015][    T9] microsoft 0003:045E:07DA.0012: unbalanced collection at end of report description
[  385.854079][    C1] EXT4-fs (loop3): initial error at time 385: ext4_orphan_get:1417
[  385.854111][    C1] EXT4-fs (loop3): last error at time 385: ext4_orphan_get:1417
[  385.856305][T15432] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  385.894059][    T9] microsoft 0003:045E:07DA.0012: parse failed
[  385.991689][    T9] microsoft 0003:045E:07DA.0012: probe with driver microsoft failed with error -22
[  386.062934][ T5833] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  386.170733][    T9] usb 2-1: USB disconnect, device number 24
[  386.451357][T15450] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3691'.
[  386.508743][T15438] loop4: detected capacity change from 0 to 32768
[  386.539065][T15438] xfs: Deprecated parameter 'attr2'
[  386.561168][T15438] XFS: attr2 mount option is deprecated.
[  386.624489][T15454] mkiss: ax0: crc mode is auto.
[  386.652239][T15438] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  386.717655][T15438] XFS (loop4): Ending clean mount
[  386.787536][T15438] XFS (loop4): Quotacheck needed: Please wait.
[  387.067088][T15438] XFS (loop4): Quotacheck: Done.
[  387.185464][ T6982] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  387.425824][T15483] netlink: 'syz.1.3704': attribute type 8 has an invalid length.
[  387.628302][T15487] loop1: detected capacity change from 0 to 256
[  387.658530][T15487] exfat: Deprecated parameter 'utf8'
[  387.685789][T15487] exfat: Deprecated parameter 'utf8'
[  387.698632][T15487] exfat: Deprecated parameter 'utf8'
[  387.730886][T15487] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d)
[  387.904399][T15496] loop4: detected capacity change from 0 to 128
[  387.944481][T15496] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  388.017870][ T5910] kernel write not supported for file /uinput (pid: 5910 comm: kworker/1:5)
[  388.164137][ T6982] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  388.191014][T15481] loop2: detected capacity change from 0 to 32768
[  388.750585][T15515] loop1: detected capacity change from 0 to 1024
[  388.955601][   T58] hfsplus: b-tree write err: -5, ino 25
[  388.986445][   T58] hfsplus: b-tree write err: -5, ino 4
[  389.015296][   T58] hfsplus: b-tree write err: -5, ino 2
[  389.315919][T15525] loop4: detected capacity change from 0 to 512
[  389.406262][T15525] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  389.454133][T15525] EXT4-fs: Ignoring sb option on remount
[  389.460836][T15525] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  389.525249][T15525] EXT4-fs (loop4): can't disable delalloc during remount
[  389.664115][T15535] loop1: detected capacity change from 0 to 16
[  389.698401][T15535] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  389.711368][ T6982] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  389.737165][T15510] loop3: detected capacity change from 0 to 65536
[  389.836197][T15510] XFS (loop3): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  389.928377][T15510] XFS (loop3): Ending clean mount
[  389.942831][T15510] XFS (loop3): Quotacheck needed: Please wait.
[  389.954732][T15548] netlink: 'syz.0.3729': attribute type 31 has an invalid length.
[  389.977683][T15547] exfat: Deprecated parameter 'utf8'
[  390.026023][T15547] exFAT-fs (loop4): failed to load upcase table (idx : 0x0001043e, chksum : 0xdd084882, utbl_chksum : 0xe619d30d)
[  390.133371][  T280] XFS (loop3): Metadata corruption detected at xfs_dinode_verify+0x1a9/0x1590, inode 0x26 dinode
[  390.167815][  T280] XFS (loop3): Unmount and run xfs_repair
[  390.176319][  T280] XFS (loop3): First 128 bytes of corrupted metadata buffer:
[  390.187289][  T280] 00000000: 49 4e 81 ed 03 02 00 00 00 00 00 00 00 00 00 00  IN..............
[  390.222942][  T280] 00000010: 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  390.255963][  T280] 00000020: 34 f7 58 68 7a bb 44 4d 34 f7 58 68 7a bb 44 4d  4.Xhz.DM4.Xhz.DM
[  390.286917][  T280] 00000030: 34 f7 58 68 7a bb 44 4d 00 00 00 00 00 00 00 0a  4.Xhz.DM........
[  390.318428][  T280] 00000040: 00 00 00 00 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  390.350891][  T280] 00000050: 00 00 25 01 00 00 00 00 00 00 00 00 38 7c 45 d7  ..%.........8|E.
[  390.369662][  T280] 00000060: ff ff ff ff da a2 56 a4 00 00 00 00 00 00 00 08  ......V.........
[  390.402688][  T280] 00000070: 00 00 00 01 00 00 00 10 00 00 00 00 00 00 00 08  ................
[  390.430002][  T280] loop3: lost filesystem error report for type 5 error -117
[  390.463944][T15527] set_capacity_and_notify: 1 callbacks suppressed
[  390.463963][T15527] loop2: detected capacity change from 0 to 32768
[  390.501124][T15510] XFS (loop3): Quotacheck: Unsuccessful (Error -117): Disabling quotas.
[  390.503227][T15527] (syz.2.3724,15527,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  390.510033][T15510] loop3: lost filesystem error report for type 5 error -117
[  390.594286][T15527] (syz.2.3724,15527,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  390.732049][ T5833] XFS (loop3): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  390.757953][T15527] JBD2: Ignoring recovery information on journal
[  390.802400][T15568] comedi comedi3: comedi_parport: I/O port conflict (0x4f27,3)
[  390.822245][T15555] loop4: detected capacity change from 0 to 40427
[  390.842825][T15555] F2FS-fs (loop4): Invalid SB checksum offset: 0
[  390.852017][ T5833] XFS (loop3): Uncorrected metadata errors detected; please run xfs_repair.
[  390.852755][T15555] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[  390.881555][T15555] F2FS-fs (loop4): invalid crc value
[  390.929211][T15527] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  391.202939][T15555] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  391.266137][ T5825] ocfs2: Unmounting device (7,2) on (node local)
[  391.281895][T15555] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[  391.299674][T15555] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  391.477189][ T6982] syz-executor: attempt to access beyond end of device
[  391.477189][ T6982] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  391.500733][ T6982] CPU: 1 UID: 0 PID: 6982 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  391.500765][ T6982] Tainted: [L]=SOFTLOCKUP
[  391.500772][ T6982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  391.500782][ T6982] Call Trace:
[  391.500790][ T6982]  <TASK>
[  391.500797][ T6982]  dump_stack_lvl+0xe8/0x150
[  391.500828][ T6982]  f2fs_handle_critical_error+0x37c/0x540
[  391.500857][ T6982]  f2fs_write_end_io+0xcdb/0xff0
[  391.500902][ T6982]  __submit_merged_bio+0x256/0x700
[  391.500929][ T6982]  __submit_merged_write_cond+0x3c9/0x4e0
[  391.500959][ T6982]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  391.501003][ T6982]  f2fs_write_data_pages+0x2975/0x35e0
[  391.501062][ T6982]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  391.501100][ T6982]  ? css_rstat_updated+0x23a/0x530
[  391.501148][ T6982]  ? rcu_is_watching+0x15/0xb0
[  391.501174][ T6982]  ? mod_memcg_lruvec_state+0x1b8/0x360
[  391.501205][ T6982]  ? __lock_acquire+0x6b5/0x2cf0
[  391.501240][ T6982]  ? __lock_acquire+0x6b5/0x2cf0
[  391.501267][ T6982]  ? do_raw_spin_lock+0x12b/0x2f0
[  391.501296][ T6982]  ? do_raw_spin_unlock+0xf5/0x210
[  391.501316][ T6982]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  391.501339][ T6982]  do_writepages+0x32e/0x550
[  391.501367][ T6982]  ? do_raw_spin_unlock+0xf5/0x210
[  391.501392][ T6982]  filemap_fdatawrite+0x1e9/0x2f0
[  391.501413][ T6982]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  391.501485][ T6982]  ? do_raw_spin_unlock+0xf5/0x210
[  391.501510][ T6982]  f2fs_sync_dirty_inodes+0x30e/0x860
[  391.501551][ T6982]  f2fs_write_checkpoint+0x9df/0x26a0
[  391.501609][ T6982]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  391.501686][ T6982]  kill_f2fs_super+0x314/0x720
[  391.501715][ T6982]  ? __pfx_kill_f2fs_super+0x10/0x10
[  391.501751][ T6982]  ? lockdep_hardirqs_on+0x7a/0x110
[  391.501782][ T6982]  deactivate_locked_super+0xbc/0x130
[  391.501805][ T6982]  cleanup_mnt+0x437/0x4d0
[  391.501826][ T6982]  ? _raw_spin_unlock_irq+0x23/0x50
[  391.501855][ T6982]  task_work_run+0x1d9/0x270
[  391.501880][ T6982]  ? __pfx_task_work_run+0x10/0x10
[  391.501912][ T6982]  exit_to_user_mode_loop+0xed/0x480
[  391.501933][ T6982]  ? rcu_is_watching+0x15/0xb0
[  391.501963][ T6982]  do_syscall_64+0x32d/0xf80
[  391.501980][ T6982]  ? trace_irq_disable+0x3b/0x150
[  391.501999][ T6982]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  391.502017][ T6982]  ? clear_bhb_loop+0x40/0x90
[  391.502039][ T6982]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  391.502058][ T6982] RIP: 0033:0x7f1a9bf9d9d7
[  391.502077][ T6982] Code: a2 c7 05 1c ed 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  391.502092][ T6982] RSP: 002b:00007ffe4f747548 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  391.502114][ T6982] RAX: 0000000000000000 RBX: 00007f1a9c031f90 RCX: 00007f1a9bf9d9d7
[  391.502127][ T6982] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe4f747600
[  391.502139][ T6982] RBP: 00007ffe4f747600 R08: 00007ffe4f748600 R09: 00000000ffffffff
[  391.502152][ T6982] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe4f748690
[  391.502164][ T6982] R13: 00007f1a9c031f90 R14: 000000000005f8c3 R15: 00007ffe4f7486d0
[  391.502197][ T6982]  </TASK>
[  391.502545][ T6982] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  391.747103][T15583] netlink: 332 bytes leftover after parsing attributes in process `syz.0.3745'.
[  391.768499][T15584] loop3: detected capacity change from 0 to 64
[  391.847602][T15583] netlink: 'syz.0.3745': attribute type 9 has an invalid length.
[  391.878932][T15583] netlink: 108 bytes leftover after parsing attributes in process `syz.0.3745'.
[  391.896252][T15583] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3745'.
[  391.961806][T15584] Trying to free block not in datazone
[  391.995588][T15587] gfs2: path_lookup on c::;��N���L���;o$: returned error -2
[  392.241614][T15597] vivid-000: disconnect
[  392.270467][T15591] vivid-000: reconnect
[  392.347244][T15578] loop1: detected capacity change from 0 to 32768
[  392.430515][T15578] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  392.526748][T15578] XFS (loop1): Ending clean mount
[  392.544664][T15578] XFS (loop1): Quotacheck needed: Please wait.
[  392.754089][T15578] XFS (loop1): Quotacheck: Done.
[  393.232881][T15644] comedi comedi3: pcl726: I/O port conflict (0x4f29,16)
[  393.240034][T15578] XFS (loop1): User initiated shutdown received.
[  393.260183][T15578] XFS (loop1): Metadata I/O Error (0x4) detected at xfs_fs_goingdown+0x105/0x150 (fs/xfs/xfs_fsops.c:456).  Shutting down filesystem.
[  393.314438][T15578] XFS (loop1): Please unmount the filesystem and rectify the problem(s)
[  393.436161][T15649] cifs: Unknown parameter 'h}#��
[  393.436161][T15649] �[���b����IT�&��:���"����1:���ӭ'�4,�Zz-#F�<��]%gC��
[  393.436161][T15649] S�Ș�ȞZ�6��'
[  393.474956][ T5820] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  393.569117][T15628] loop4: detected capacity change from 0 to 32768
[  393.651245][T15628] XFS (loop4): DAX unsupported by block device. Turning off DAX.
[  393.720679][T15628] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  393.848782][T15628] XFS (loop4): Ending clean mount
[  393.893143][T15628] XFS (loop4): Quotacheck needed: Please wait.
[  394.008336][T15675] comedi comedi3: das16m1: I/O port conflict (0x4f26,16)
[  394.049985][ T5910] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  394.115819][T15678] comedi comedi3: pcl726: I/O port conflict (0x4f29,16)
[  394.142193][   T29] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  394.220686][T15681] loop2: detected capacity change from 0 to 64
[  394.227426][ T5910] usb 4-1: Using ep0 maxpacket: 32
[  394.239376][T15628] XFS (loop4): Quotacheck: Done.
[  394.246485][ T5910] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[  394.277485][ T5910] usb 4-1: config 0 interface 0 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 0
[  394.312837][   T29] usb 2-1: Using ep0 maxpacket: 32
[  394.328398][ T5910] usb 4-1: config 0 interface 0 has no altsetting 0
[  394.343200][   T29] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 102, changing to 10
[  394.366609][ T6982] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  394.372537][ T5910] usb 4-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  394.396830][   T29] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24624, setting to 1024
[  394.432823][ T5910] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  394.441324][ T5910] usb 4-1: Product: syz
[  394.445659][   T29] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  394.467049][ T5910] usb 4-1: Manufacturer: syz
[  394.475744][ T5910] usb 4-1: SerialNumber: syz
[  394.487413][   T29] usb 2-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[  394.530694][ T5910] usb 4-1: config 0 descriptor??
[  394.538795][   T29] usb 2-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[  394.586700][   T29] usb 2-1: Product: syz
[  394.595318][   T29] usb 2-1: Manufacturer: syz
[  394.609762][   T29] usb 2-1: SerialNumber: syz
[  394.678860][   T29] input: appletouch as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/input/input23
[  394.967412][ T5910] gs_usb 4-1:0.0: Configuring for 1 interfaces
[  394.977828][   T29] usb 2-1: USB disconnect, device number 25
[  394.977824][    C0] appletouch 2-1:1.0: atp_complete: usb_submit_urb failed with result -19
[  395.078677][T15697] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3779'.
[  395.141804][   T29] appletouch 2-1:1.0: input: appletouch disconnected
[  395.171694][ T5910] gs_usb 4-1:0.0: Couldn't get bit timing const for channel 0 (-EPROTO)
[  395.202905][ T5910] gs_usb 4-1:0.0: probe with driver gs_usb failed with error -71
[  395.280412][ T5910] usb 4-1: USB disconnect, device number 18
[  395.970568][T15722] can0: slcan on ttyS3.
[  395.999712][    T9] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  396.101425][T15721] can0 (unregistered): slcan off ttyS3.
[  396.162151][T15701] loop2: detected capacity change from 0 to 32768
[  396.189525][    T9] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  396.205221][    T9] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  396.237447][    T9] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  396.277140][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  396.310314][    T9] usb 2-1: SerialNumber: syz
[  396.636575][    T9] usb 2-1: 0:2 : does not exist
[  396.787749][T15724] loop3: detected capacity change from 0 to 32768
[  396.804217][    T9] usb 2-1: USB disconnect, device number 26
[  396.824073][T15724] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.3789 (15724)
[  396.905147][ T6987] udevd[6987]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  396.927157][T15724] BTRFS info (device loop3): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  396.969652][T15724] BTRFS info (device loop3): using blake2b checksum algorithm
[  397.017473][T15755] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3798'.
[  397.124662][T15724] BTRFS info (device loop3): enabling ssd optimizations
[  397.150106][T15724] BTRFS info (device loop3): turning on async discard
[  397.167270][T15724] BTRFS info (device loop3): enabling free space tree
[  397.188725][T15724] BTRFS info (device loop3): use lzo compression, level 1
[  397.208985][T15724] BTRFS info (device loop3): max_inline set to 0
[  397.326064][   T30] audit: type=1800 audit(397.289:2987): pid=15724 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.3789" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop3" ino=263 res=0 errno=0
[  397.429470][T15740] loop4: detected capacity change from 0 to 32768
[  397.456473][T15740] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.3794 (15740)
[  397.544954][T15740] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  397.590087][T15740] BTRFS info (device loop4): using crc32c checksum algorithm
[  397.737973][ T5833] BTRFS info (device loop3): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  397.792141][T15740] BTRFS info (device loop4): setting nodatasum
[  397.843321][T15740] BTRFS info (device loop4): setting nodatacow
[  397.871778][T15740] BTRFS info (device loop4): turning on async discard
[  397.896578][T15740] BTRFS info (device loop4): enabling free space tree
[  397.943542][T15740] BTRFS info (device loop4): enabling auto defrag
[  397.972443][T15797] loop1: detected capacity change from 0 to 256
[  397.974151][T15740] BTRFS info (device loop4): max_inline set to 0
[  398.148342][T15797] FAT-fs (loop1): Directory bread(block 64) failed
[  398.176432][T15797] FAT-fs (loop1): Directory bread(block 65) failed
[  398.215658][T15797] FAT-fs (loop1): Directory bread(block 66) failed
[  398.266212][T15797] FAT-fs (loop1): Directory bread(block 67) failed
[  398.310014][T15797] FAT-fs (loop1): Directory bread(block 68) failed
[  398.361574][T15797] FAT-fs (loop1): Directory bread(block 69) failed
[  398.406156][T15797] FAT-fs (loop1): Directory bread(block 70) failed
[  398.439711][T15797] FAT-fs (loop1): Directory bread(block 71) failed
[  398.439818][T15797] FAT-fs (loop1): Directory bread(block 72) failed
[  398.499831][T15797] FAT-fs (loop1): Directory bread(block 73) failed
[  398.792897][ T6982] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  398.819432][T15817] program syz.0.3808 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  399.120136][    C1] sd 0:0:1:0: [sda] tag#9898 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  399.130670][    C1] sd 0:0:1:0: [sda] tag#9898 CDB: Write(6) 0a 00 00 00 00 00
[  399.879851][   T10] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  400.064800][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  400.101711][T15861] loop4: detected capacity change from 0 to 64
[  400.118621][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  400.154955][   T10] usb 3-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af
[  400.199655][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  400.236889][   T10] usb 3-1: config 0 descriptor??
[  400.283324][T15866] loop3: detected capacity change from 0 to 256
[  400.328543][T15866] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x4f516b14, utbl_chksum : 0xe619d30d)
[  400.398371][T15866] netlink: 5476 bytes leftover after parsing attributes in process `syz.3.3829'.
[  400.617792][T15870] loop3: detected capacity change from 0 to 256
[  400.661809][T15870] exfat: Deprecated parameter 'utf8'
[  400.706340][T15870] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d)
[  400.760901][   T10] playstation 0003:054C:0DF2.0013: hidraw0: USB HID v1.01 Device [HID 054c:0df2] on usb-dummy_hcd.2-1/input0
[  400.880262][T15875] loop4: detected capacity change from 0 to 256
[  400.931576][T15851] loop1: detected capacity change from 0 to 40427
[  400.946310][   T10] playstation 0003:054C:0DF2.0013: Failed to retrieve feature with reportID 9: -71
[  400.985593][T15875] FAT-fs (loop4): Directory bread(block 64) failed
[  400.994433][   T10] playstation 0003:054C:0DF2.0013: Failed to retrieve DualSense pairing info: -71
[  401.018104][T15875] FAT-fs (loop4): Directory bread(block 65) failed
[  401.042349][   T10] playstation 0003:054C:0DF2.0013: Failed to get MAC address from DualSense
[  401.061535][T15875] FAT-fs (loop4): Directory bread(block 66) failed
[  401.083167][   T10] playstation 0003:054C:0DF2.0013: Failed to create dualsense.
[  401.101321][T15875] FAT-fs (loop4): Directory bread(block 67) failed
[  401.137674][T15875] FAT-fs (loop4): Directory bread(block 68) failed
[  401.145009][   T10] playstation 0003:054C:0DF2.0013: probe with driver playstation failed with error -71
[  401.171613][T15875] FAT-fs (loop4): Directory bread(block 69) failed
[  401.204567][   T10] usb 3-1: USB disconnect, device number 15
[  401.212650][T15875] FAT-fs (loop4): Directory bread(block 70) failed
[  401.242992][T15875] FAT-fs (loop4): Directory bread(block 71) failed
[  401.268520][T15851] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  401.271892][T15875] FAT-fs (loop4): Directory bread(block 72) failed
[  401.301840][T15851] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  401.323880][T15875] FAT-fs (loop4): Directory bread(block 73) failed
[  401.433849][ T5820] syz-executor: attempt to access beyond end of device
[  401.433849][ T5820] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  401.462217][ T5820] CPU: 1 UID: 0 PID: 5820 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  401.462249][ T5820] Tainted: [L]=SOFTLOCKUP
[  401.462255][ T5820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  401.462266][ T5820] Call Trace:
[  401.462274][ T5820]  <TASK>
[  401.462282][ T5820]  dump_stack_lvl+0xe8/0x150
[  401.462314][ T5820]  f2fs_handle_critical_error+0x37c/0x540
[  401.462343][ T5820]  f2fs_write_end_io+0xcdb/0xff0
[  401.462384][ T5820]  __submit_merged_bio+0x256/0x700
[  401.462411][ T5820]  __submit_merged_write_cond+0x3c9/0x4e0
[  401.462441][ T5820]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  401.462486][ T5820]  f2fs_write_data_pages+0x2975/0x35e0
[  401.462546][ T5820]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  401.462613][ T5820]  ? kernel_text_address+0xa5/0xe0
[  401.462640][ T5820]  ? __lock_acquire+0x6b5/0x2cf0
[  401.462679][ T5820]  ? __lock_acquire+0x6b5/0x2cf0
[  401.462709][ T5820]  ? do_raw_spin_lock+0x12b/0x2f0
[  401.462740][ T5820]  ? do_raw_spin_unlock+0xf5/0x210
[  401.462761][ T5820]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  401.462786][ T5820]  do_writepages+0x32e/0x550
[  401.462815][ T5820]  ? do_raw_spin_unlock+0xf5/0x210
[  401.462840][ T5820]  filemap_fdatawrite+0x1e9/0x2f0
[  401.462863][ T5820]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  401.462934][ T5820]  ? do_raw_spin_unlock+0xf5/0x210
[  401.462959][ T5820]  f2fs_sync_dirty_inodes+0x30e/0x860
[  401.462999][ T5820]  f2fs_write_checkpoint+0x9df/0x26a0
[  401.463056][ T5820]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  401.463135][ T5820]  kill_f2fs_super+0x314/0x720
[  401.463170][ T5820]  ? __pfx_kill_f2fs_super+0x10/0x10
[  401.463206][ T5820]  ? lockdep_hardirqs_on+0x7a/0x110
[  401.463239][ T5820]  deactivate_locked_super+0xbc/0x130
[  401.463263][ T5820]  cleanup_mnt+0x437/0x4d0
[  401.463285][ T5820]  ? _raw_spin_unlock_irq+0x23/0x50
[  401.463315][ T5820]  task_work_run+0x1d9/0x270
[  401.463338][ T5820]  ? __pfx_task_work_run+0x10/0x10
[  401.463370][ T5820]  exit_to_user_mode_loop+0xed/0x480
[  401.463392][ T5820]  ? rcu_is_watching+0x15/0xb0
[  401.463422][ T5820]  do_syscall_64+0x32d/0xf80
[  401.463439][ T5820]  ? trace_irq_disable+0x3b/0x150
[  401.463457][ T5820]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.463477][ T5820]  ? clear_bhb_loop+0x40/0x90
[  401.463500][ T5820]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.463518][ T5820] RIP: 0033:0x7fb95b59d9d7
[  401.463541][ T5820] Code: a2 c7 05 1c ed 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  401.463556][ T5820] RSP: 002b:00007ffea1bcc598 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  401.463576][ T5820] RAX: 0000000000000000 RBX: 00007fb95b631f90 RCX: 00007fb95b59d9d7
[  401.463588][ T5820] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffea1bcc650
[  401.463600][ T5820] RBP: 00007ffea1bcc650 R08: 00007ffea1bcd650 R09: 00000000ffffffff
[  401.463613][ T5820] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffea1bcd6e0
[  401.463625][ T5820] R13: 00007fb95b631f90 R14: 0000000000061fd1 R15: 00007ffea1bcd720
[  401.463657][ T5820]  </TASK>
[  401.469245][ T5820] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  401.520754][   T10] kernel write not supported for file /1446/uid_map (pid: 10 comm: kworker/0:1)
[  401.843795][T15889] xt_hashlimit: size too large, truncated to 1048576
[  401.878193][T15891] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3840'.
[  402.153622][T15884] loop3: detected capacity change from 0 to 32768
[  402.198680][T15884] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  402.286256][T15884] XFS (loop3): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  402.322717][T15884] XFS (loop3): Starting recovery (logdev: internal)
[  402.399486][T15884] XFS (loop3): Ending recovery (logdev: internal)
[  402.573556][ T5833] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  402.621458][T15919] loop1: detected capacity change from 0 to 128
[  402.672908][T15919] EXT4-fs (loop1): Test dummy encryption mode enabled
[  402.756809][T15919] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  403.053557][ T5820] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  403.214825][T15939] loop4: detected capacity change from 0 to 1024
[  403.348496][  T280] hfsplus: b-tree write err: -5, ino 25
[  403.361748][  T280] hfsplus: b-tree write err: -5, ino 4
[  403.383482][  T280] hfsplus: b-tree write err: -5, ino 2
[  403.420643][ T5910] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  403.590338][ T5910] usb 3-1: Using ep0 maxpacket: 16
[  403.598724][ T5910] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  403.617454][T15952] loop3: detected capacity change from 0 to 1024
[  403.631409][   T29] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  403.642163][ T5910] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  403.665391][ T5910] usb 3-1: config 0 interface 0 has no altsetting 0
[  403.682644][ T5910] usb 3-1: New USB device found, idVendor=0458, idProduct=0138, bcdDevice= 0.00
[  403.709904][ T5910] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  403.744856][   T13] hfsplus: b-tree write err: -5, ino 25
[  403.746349][ T5910] usb 3-1: config 0 descriptor??
[  403.761997][   T13] hfsplus: b-tree write err: -5, ino 4
[  403.773692][   T13] hfsplus: b-tree write err: -5, ino 2
[  403.834051][   T29] usb 2-1: Using ep0 maxpacket: 8
[  403.845926][   T29] usb 2-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  403.876118][   T29] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  403.888797][T15958] loop3: detected capacity change from 0 to 256
[  403.904014][T15958] exfat: Deprecated parameter 'utf8'
[  403.905672][   T29] usb 2-1: Product: syz
[  403.933788][   T29] usb 2-1: Manufacturer: syz
[  403.948328][   T29] usb 2-1: SerialNumber: syz
[  403.965326][T15958] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d)
[  403.980975][   T29] usb 2-1: config 0 descriptor??
[  404.012818][   T29] gspca_main: se401-2.14.0 probing 047d:5003
[  404.226918][ T5910] hid_parser_main: 59 callbacks suppressed
[  404.226942][ T5910] kye 0003:0458:0138.0014: unknown main item tag 0x0
[  404.290459][ T5910] kye 0003:0458:0138.0014: unknown main item tag 0x0
[  404.304815][ T5910] kye 0003:0458:0138.0014: unknown main item tag 0x0
[  404.320132][ T5910] kye 0003:0458:0138.0014: unknown main item tag 0x0
[  404.337105][ T5910] kye 0003:0458:0138.0014: unknown main item tag 0x0
[  404.349974][ T5910] kye 0003:0458:0138.0014: unknown main item tag 0x0
[  404.367027][ T5910] kye 0003:0458:0138.0014: unknown main item tag 0x0
[  404.381328][ T5910] kye 0003:0458:0138.0014: unknown main item tag 0x0
[  404.398271][ T5910] kye 0003:0458:0138.0014: unknown main item tag 0x0
[  404.409989][ T5910] kye 0003:0458:0138.0014: unknown main item tag 0x0
[  404.419452][ T5910] kye 0003:0458:0138.0014: unexpected long global item
[  404.429036][   T29] gspca_se401: Wrong descriptor type
[  404.435694][ T5910] kye 0003:0458:0138.0014: parse failed
[  404.447147][ T5910] kye 0003:0458:0138.0014: probe with driver kye failed with error -22
[  404.495771][ T5910] usb 3-1: USB disconnect, device number 16
[  404.647280][   T29] usb 2-1: USB disconnect, device number 27
[  404.718886][T15966] loop4: detected capacity change from 0 to 32768
[  404.729097][T15966] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.3872 (15966)
[  404.749001][T15966] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  404.770201][T15966] BTRFS info (device loop4): using sha256 checksum algorithm
[  404.892621][T15966] BTRFS info (device loop4): enabling ssd optimizations
[  404.913250][T15966] BTRFS info (device loop4): turning on async discard
[  404.920590][T15966] BTRFS info (device loop4): enabling free space tree
[  405.157213][T15966] BTRFS info (device loop4): device stats zeroed by syz.4.3872 (15966)
[  405.273605][ T6982] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  405.367812][T16014] IPVS: dh: FWM 3 0x00000003 - no destination available
[  405.823833][T16024] loop4: detected capacity change from 0 to 4096
[  405.841123][T16030] mkiss: ax0: crc mode is auto.
[  405.888455][T16032] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3895'.
[  405.934080][T16034] netlink: 'syz.0.3896': attribute type 5 has an invalid length.
[  405.959685][T16034] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3896'.
[  405.983684][T16037] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  406.180870][T16041] loop3: detected capacity change from 0 to 256
[  406.280080][T16041] FAT-fs (loop3): Directory bread(block 64) failed
[  406.294364][T16041] FAT-fs (loop3): Directory bread(block 65) failed
[  406.308488][T16041] FAT-fs (loop3): Directory bread(block 66) failed
[  406.318097][T16041] FAT-fs (loop3): Directory bread(block 67) failed
[  406.339776][T16041] FAT-fs (loop3): Directory bread(block 68) failed
[  406.350004][T16041] FAT-fs (loop3): Directory bread(block 69) failed
[  406.371462][T16041] FAT-fs (loop3): Directory bread(block 70) failed
[  406.381810][T16041] FAT-fs (loop3): Directory bread(block 71) failed
[  406.402928][T16041] FAT-fs (loop3): Directory bread(block 72) failed
[  406.409707][T16043] loop1: detected capacity change from 0 to 4096
[  406.421192][T16041] FAT-fs (loop3): Directory bread(block 73) failed
[  406.515784][T16043] NILFS (loop1): bad btree root (ino=2): level = 0, flags = 0x9, nchildren = 0
[  406.517453][T16052] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  406.543117][T16043] NILFS (loop1): error -5 getting root inode
[  406.796952][T16058] loop3: detected capacity change from 0 to 64
[  407.342157][T16047] set_capacity_and_notify: 1 callbacks suppressed
[  407.342177][T16047] loop2: detected capacity change from 0 to 40427
[  407.606746][T16057] loop1: detected capacity change from 0 to 32768
[  407.616003][T16047] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  407.639170][T16047] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  407.669337][T16057] XFS (loop1): DAX unsupported by block device. Turning off DAX.
[  407.703885][T16057] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  407.753112][ T5825] syz-executor: attempt to access beyond end of device
[  407.753112][ T5825] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  407.809831][T16057] XFS (loop1): Ending clean mount
[  407.834928][ T5825] CPU: 1 UID: 0 PID: 5825 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  407.834961][ T5825] Tainted: [L]=SOFTLOCKUP
[  407.834968][ T5825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  407.834978][ T5825] Call Trace:
[  407.834986][ T5825]  <TASK>
[  407.834993][ T5825]  dump_stack_lvl+0xe8/0x150
[  407.835024][ T5825]  f2fs_handle_critical_error+0x37c/0x540
[  407.835054][ T5825]  f2fs_write_end_io+0xcdb/0xff0
[  407.835098][ T5825]  __submit_merged_bio+0x256/0x700
[  407.835127][ T5825]  __submit_merged_write_cond+0x3c9/0x4e0
[  407.835157][ T5825]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  407.835205][ T5825]  f2fs_write_data_pages+0x2975/0x35e0
[  407.835269][ T5825]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  407.835310][ T5825]  ? css_rstat_updated+0x23a/0x530
[  407.835363][ T5825]  ? rcu_is_watching+0x15/0xb0
[  407.835390][ T5825]  ? mod_memcg_lruvec_state+0x1b8/0x360
[  407.835424][ T5825]  ? __lock_acquire+0x6b5/0x2cf0
[  407.835466][ T5825]  ? __lock_acquire+0x6b5/0x2cf0
[  407.835503][ T5825]  ? do_raw_spin_lock+0x12b/0x2f0
[  407.835536][ T5825]  ? do_raw_spin_unlock+0xf5/0x210
[  407.835557][ T5825]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  407.835582][ T5825]  do_writepages+0x32e/0x550
[  407.835613][ T5825]  ? do_raw_spin_unlock+0xf5/0x210
[  407.835639][ T5825]  filemap_fdatawrite+0x1e9/0x2f0
[  407.835664][ T5825]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  407.835734][ T5825]  ? do_raw_spin_unlock+0xf5/0x210
[  407.835759][ T5825]  f2fs_sync_dirty_inodes+0x30e/0x860
[  407.835801][ T5825]  f2fs_write_checkpoint+0x9df/0x26a0
[  407.835863][ T5825]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  407.835948][ T5825]  kill_f2fs_super+0x314/0x720
[  407.835981][ T5825]  ? __pfx_kill_f2fs_super+0x10/0x10
[  407.836020][ T5825]  ? lockdep_hardirqs_on+0x7a/0x110
[  407.836056][ T5825]  deactivate_locked_super+0xbc/0x130
[  407.836079][ T5825]  cleanup_mnt+0x437/0x4d0
[  407.836103][ T5825]  ? _raw_spin_unlock_irq+0x23/0x50
[  407.836133][ T5825]  task_work_run+0x1d9/0x270
[  407.836157][ T5825]  ? __pfx_task_work_run+0x10/0x10
[  407.836191][ T5825]  exit_to_user_mode_loop+0xed/0x480
[  407.836213][ T5825]  ? rcu_is_watching+0x15/0xb0
[  407.836243][ T5825]  do_syscall_64+0x32d/0xf80
[  407.836264][ T5825]  ? trace_irq_disable+0x3b/0x150
[  407.836283][ T5825]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  407.836302][ T5825]  ? clear_bhb_loop+0x40/0x90
[  407.836326][ T5825]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  407.836345][ T5825] RIP: 0033:0x7f4ba6d9d9d7
[  407.836364][ T5825] Code: a2 c7 05 1c ed 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  407.836380][ T5825] RSP: 002b:00007fff062d59d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  407.836400][ T5825] RAX: 0000000000000000 RBX: 00007f4ba6e31f90 RCX: 00007f4ba6d9d9d7
[  407.836413][ T5825] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff062d5a90
[  407.836425][ T5825] RBP: 00007fff062d5a90 R08: 00007fff062d6a90 R09: 00000000ffffffff
[  407.836438][ T5825] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff062d6b20
[  407.836449][ T5825] R13: 00007f4ba6e31f90 R14: 0000000000063885 R15: 00007fff062d6b60
[  407.836481][ T5825]  </TASK>
[  407.892977][ T5825] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  408.204380][T16057] XFS (loop1): Quotacheck needed: Please wait.
[  408.295572][T16057] XFS (loop1): Quotacheck: Done.
[  408.502667][ T5820] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  408.891237][T16088] loop4: detected capacity change from 0 to 40427
[  408.924688][T16088] F2FS-fs (loop4): Wrong CP boundary, start(512) end(1536) blocks(263168)
[  408.963032][T16088] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[  409.017133][T16088] F2FS-fs (loop4): invalid crc value
[  409.255176][T16088] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  409.291274][T16088] F2FS-fs (loop4): Start checkpoint disabled!
[  409.315415][T16088] F2FS-fs (loop4): f2fs_disable_checkpoint() finish, err:0
[  409.341467][T16088] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[  409.366067][T16088] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  409.436812][T16088] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=81000000, run fsck to fix.
[  410.409676][T16117] loop3: detected capacity change from 0 to 32768
[  410.422890][T16117] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.3928 (16117)
[  410.473921][T16117] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  410.521119][T16117] BTRFS info (device loop3): using sha256 checksum algorithm
[  410.623761][T16117] BTRFS info (device loop3): rebuilding free space tree
[  410.697361][T16117] BTRFS info (device loop3): disabling free space tree
[  410.719931][T16117] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  410.749723][T16117] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  410.786691][T16117] BTRFS info (device loop3): enabling ssd optimizations
[  410.817341][T16117] BTRFS info (device loop3): turning on async discard
[  410.847271][T16117] BTRFS info (device loop3): force clearing of disk cache
[  410.872211][T16117] BTRFS info (device loop3): enabling auto defrag
[  410.897956][T16117] BTRFS info (device loop3): max_inline set to 4096
[  411.121489][ T5833] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  411.153238][T16176] sp0: Synchronizing with TNC
[  411.231103][ T5828] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  411.410172][ T5828] usb 5-1: Using ep0 maxpacket: 16
[  411.458711][ T5828] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  411.495617][ T5828] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  411.536155][ T5828] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  411.556622][ T5828] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  411.584920][ T5828] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  411.649271][ T5828] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  411.670355][ T5828] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  411.678540][ T5828] usb 5-1: Manufacturer: syz
[  411.784585][ T5828] usb 5-1: config 0 descriptor??
[  412.085314][T16214] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3956'.
[  412.138401][T16214] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3956'.
[  412.202807][ T5828] rc_core: IR keymap rc-hauppauge not found
[  412.245056][ T5828] Registered IR keymap rc-empty
[  412.261944][ T5828] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  412.304027][ T5828] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  412.355073][ T5828] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  412.444301][ T5828] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input24
[  412.507466][ T5828] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  412.581271][ T5828] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  412.620262][ T5828] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  412.670648][ T5828] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  412.719810][ T5828] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  412.780263][ T5828] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  412.820954][ T5828] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  412.874030][ T5828] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  412.921976][ T5828] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  412.969922][ T5828] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  413.005325][ T5828] mceusb 5-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  413.025155][ T5828] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  413.055162][ T5828] usb 5-1: USB disconnect, device number 14
[  413.203206][   T29] usb 4-1: new full-speed USB device number 19 using dummy_hcd
[  413.374013][   T29] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  413.402837][   T29] usb 4-1: config 0 has no interface number 0
[  413.432205][   T29] usb 4-1: config 0 interface 1 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  413.455723][T16263] rdma_op ffff88807b3fb9f0 conn xmit_rdma 0000000000000000
[  413.470075][   T29] usb 4-1: config 0 interface 1 altsetting 128 endpoint 0x81 has invalid wMaxPacketSize 0
[  413.489692][   T29] usb 4-1: config 0 interface 1 altsetting 128 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  413.522798][   T29] usb 4-1: config 0 interface 1 has no altsetting 0
[  413.522850][   T29] usb 4-1: New USB device found, idVendor=145f, idProduct=0212, bcdDevice= 0.00
[  413.522876][   T29] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  413.537671][   T29] usb 4-1: config 0 descriptor??
[  413.669740][ T5828] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  413.842703][ T5828] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  413.871118][ T5828] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  413.901558][ T5828] usb 3-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[  413.919797][ T5828] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  413.937378][ T5828] usb 3-1: Product: syz
[  413.949709][ T5828] usb 3-1: Manufacturer: syz
[  413.954525][ T5828] usb 3-1: SerialNumber: syz
[  413.977373][ T5828] usb 3-1: config 0 descriptor??
[  414.059366][T16272] loop4: detected capacity change from 0 to 32768
[  414.082216][T16272] ocfs2: Slot 0 on device (7,4) was already allocated to this node!
[  414.100609][T16272] JBD2: Ignoring recovery information on journal
[  414.162316][   T29] uclogic 0003:145F:0212.0015: failed retrieving string descriptor #100: -71
[  414.172291][   T29] uclogic 0003:145F:0212.0015: failed retrieving pen parameters: -71
[  414.185608][   T29] uclogic 0003:145F:0212.0015: pen probing failed: -71
[  414.199738][   T29] uclogic 0003:145F:0212.0015: failed probing parameters: -71
[  414.202958][T16272] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  414.207360][   T29] uclogic 0003:145F:0212.0015: probe with driver uclogic failed with error -71
[  414.236943][   T29] usb 4-1: USB disconnect, device number 19
[  414.250298][T16264] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  414.306976][T16264] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  414.361407][ T5828] usb 3-1: USB disconnect, device number 17
[  414.434162][ T6982] ocfs2: Unmounting device (7,4) on (node local)
[  414.710145][ T5828] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  414.865326][ T5828] usb 2-1: config 0 has an invalid descriptor of length 112, skipping remainder of the config
[  414.886295][ T5828] usb 2-1: New USB device found, idVendor=050d, idProduct=011b, bcdDevice=6f.a4
[  414.900760][ T5828] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  414.922698][ T5828] usb 2-1: config 0 descriptor??
[  414.936769][ T5828] usb 2-1: bad CDC descriptors
[  415.143307][   T29] usb 2-1: USB disconnect, device number 28
[  415.426785][T16313] loop2: detected capacity change from 0 to 32768
[  415.440194][T16313] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.3995 (16313)
[  415.511004][T16313] BTRFS info (device loop2): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  415.541071][T16313] BTRFS info (device loop2): using blake2b checksum algorithm
[  415.588534][T16323] loop4: detected capacity change from 0 to 32768
[  415.613452][T16321] loop3: detected capacity change from 0 to 32768
[  415.701174][T16323] JBD2: Ignoring recovery information on journal
[  415.743703][T16313] BTRFS info (device loop2): enabling ssd optimizations
[  415.765902][T16313] BTRFS info (device loop2): turning on async discard
[  415.786070][T16313] BTRFS info (device loop2): enabling free space tree
[  415.812761][T16313] BTRFS info (device loop2): use zstd compression, level 3
[  415.846963][T16323] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  416.107097][ T6982] ocfs2: Unmounting device (7,4) on (node local)
[  416.152877][ T5825] BTRFS info (device loop2): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  416.799994][T16363] atomic_op ffff88803488e998 conn xmit_atomic 0000000000000000
[  416.834021][T16365] kAFS: unable to lookup cell '�
էK��yy��
[  416.834021][T16365] 
[  416.834021][T16365] =6%�*�;�e�ܲ5�;Z�*��d{���iEl�ZS�j��UF
/���k!��b��tF\_��vf�Vn�D��P�����P�B1�%�A)X��\YT"8ώ��d�J_��.�����5d�#�ۜ�h�Gp6�"�5ͺ��*��
�,����I���m��I�-(W
�A�?���W��Z)n�[��qGjnڇ%(�J-�%�ؘccʵ���{|�6Z�����A�5�k�@�a���+o��S�T;���]5��!�G3�{��K���,'
[  417.004249][T16367] loop2: detected capacity change from 0 to 128
[  417.059475][T16367] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  417.115251][T16367] hpfs: filesystem error: improperly stopped
[  417.140029][T16367] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  417.168546][T16367] hpfs: You really don't want any checks? You are crazy...
[  417.197060][T16367] hpfs: hpfs_map_sector(): read error
[  417.209636][T16367] hpfs: code page support is disabled
[  417.219790][T16367] hpfs: hpfs_map_4sectors(): unaligned read
[  417.236034][T16367] hpfs: hpfs_map_4sectors(): unaligned read
[  417.252878][T16367] hpfs: filesystem error: unable to find root dir
[  417.383450][T16361] loop3: detected capacity change from 0 to 32768
[  417.420987][T16361] 
[  417.420987][T16361]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  417.420987][T16361] 
[  417.525519][   T12] 
[  417.525519][   T12]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  417.525519][   T12] 
[  417.581130][   T12] 
[  417.581130][   T12]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  417.581130][   T12] 
[  417.595455][ T5833] 
[  417.595455][ T5833]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  417.595455][ T5833] 
[  417.607232][ T5833] 
[  417.607232][ T5833]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  417.607232][ T5833] 
[  417.635493][  T112] ==================================================================
[  417.643614][  T112] BUG: KASAN: slab-use-after-free in _raw_spin_lock_irqsave+0x40/0x60
[  417.651790][  T112] Read of size 1 at addr ffff88803483c0d8 by task jfsCommit/112
[  417.659432][  T112] 
[  417.661773][  T112] CPU: 1 UID: 0 PID: 112 Comm: jfsCommit Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  417.661803][  T112] Tainted: [L]=SOFTLOCKUP
[  417.661810][  T112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  417.661822][  T112] Call Trace:
[  417.661830][  T112]  <TASK>
[  417.661838][  T112]  dump_stack_lvl+0xe8/0x150
[  417.661868][  T112]  print_report+0xba/0x230
[  417.661887][  T112]  ? _raw_spin_lock_irqsave+0x40/0x60
[  417.661911][  T112]  kasan_report+0x117/0x150
[  417.661937][  T112]  ? _raw_spin_lock_irqsave+0x40/0x60
[  417.661973][  T112]  __kasan_check_byte+0x2a/0x40
[  417.661996][  T112]  lock_acquire+0x79/0x2e0
[  417.662021][  T112]  ? rcu_is_watching+0x15/0xb0
[  417.662048][  T112]  _raw_spin_lock_irqsave+0x40/0x60
[  417.662071][  T112]  ? __mutex_lock+0x3cb/0x1300
[  417.662089][  T112]  __mutex_lock+0x3cb/0x1300
[  417.662112][  T112]  ? jfs_syncpt+0x25/0x90
[  417.662132][  T112]  ? do_raw_spin_lock+0x12b/0x2f0
[  417.662153][  T112]  ? __pfx___mutex_lock+0x10/0x10
[  417.662179][  T112]  jfs_syncpt+0x25/0x90
[  417.662198][  T112]  txEnd+0x2e5/0x530
[  417.662220][  T112]  jfs_lazycommit+0x5b8/0xaa0
[  417.662244][  T112]  ? __pfx_jfs_lazycommit+0x10/0x10
[  417.662265][  T112]  ? __pfx_default_wake_function+0x10/0x10
[  417.662289][  T112]  ? __kthread_parkme+0x7a/0x1f0
[  417.662316][  T112]  kthread+0x388/0x470
[  417.662334][  T112]  ? __pfx_jfs_lazycommit+0x10/0x10
[  417.662355][  T112]  ? __pfx_kthread+0x10/0x10
[  417.662373][  T112]  ret_from_fork+0x51e/0xb90
[  417.662398][  T112]  ? __pfx_ret_from_fork+0x10/0x10
[  417.662420][  T112]  ? __switch_to+0xc7d/0x1450
[  417.662442][  T112]  ? __pfx_kthread+0x10/0x10
[  417.662460][  T112]  ret_from_fork_asm+0x1a/0x30
[  417.662484][  T112]  </TASK>
[  417.662491][  T112] 
[  417.831543][  T112] Allocated by task 16361:
[  417.835949][  T112]  kasan_save_track+0x3e/0x80
[  417.840617][  T112]  __kasan_kmalloc+0x93/0xb0
[  417.845197][  T112]  __kmalloc_cache_noprof+0x31c/0x660
[  417.850559][  T112]  lmLogOpen+0x2d1/0xfa0
[  417.854791][  T112]  jfs_mount_rw+0xee/0x670
[  417.859193][  T112]  jfs_fill_super+0x754/0xd80
[  417.863862][  T112]  get_tree_bdev_flags+0x431/0x4f0
[  417.868967][  T112]  vfs_get_tree+0x92/0x2a0
[  417.873368][  T112]  do_new_mount+0x341/0xd30
[  417.877859][  T112]  __se_sys_mount+0x31d/0x420
[  417.882525][  T112]  do_syscall_64+0x14d/0xf80
[  417.887105][  T112]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  417.892999][  T112] 
[  417.895309][  T112] Freed by task 5833:
[  417.899269][  T112]  kasan_save_track+0x3e/0x80
[  417.903940][  T112]  kasan_save_free_info+0x46/0x50
[  417.908949][  T112]  __kasan_slab_free+0x5c/0x80
[  417.913702][  T112]  kfree+0x1c1/0x630
[  417.917583][  T112]  lmLogClose+0x297/0x520
[  417.921898][  T112]  jfs_umount+0x2ef/0x3c0
[  417.926221][  T112]  jfs_put_super+0x8c/0x190
[  417.930717][  T112]  generic_shutdown_super+0x13d/0x2d0
[  417.936075][  T112]  kill_block_super+0x44/0x90
[  417.940740][  T112]  deactivate_locked_super+0xbc/0x130
[  417.946098][  T112]  cleanup_mnt+0x437/0x4d0
[  417.950501][  T112]  task_work_run+0x1d9/0x270
[  417.955080][  T112]  exit_to_user_mode_loop+0xed/0x480
[  417.960351][  T112]  do_syscall_64+0x32d/0xf80
[  417.964932][  T112]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  417.970811][  T112] 
[  417.973122][  T112] The buggy address belongs to the object at ffff88803483c000
[  417.973122][  T112]  which belongs to the cache kmalloc-1k of size 1024
[  417.987162][  T112] The buggy address is located 216 bytes inside of
[  417.987162][  T112]  freed 1024-byte region [ffff88803483c000, ffff88803483c400)
[  418.001035][  T112] 
[  418.003350][  T112] The buggy address belongs to the physical page:
[  418.009759][  T112] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888034838800 pfn:0x34838
[  418.019827][  T112] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  418.028321][  T112] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[  418.036815][  T112] page_type: f5(slab)
[  418.040787][  T112] raw: 00fff00000000240 ffff88801b02fdc0 ffffea0000a04010 ffffea0000a7d610
[  418.049358][  T112] raw: ffff888034838800 000000080010000e 00000000f5000000 0000000000000000
[  418.057942][  T112] head: 00fff00000000240 ffff88801b02fdc0 ffffea0000a04010 ffffea0000a7d610
[  418.066617][  T112] head: ffff888034838800 000000080010000e 00000000f5000000 0000000000000000
[  418.075284][  T112] head: 00fff00000000003 ffffea0000d20e01 00000000ffffffff 00000000ffffffff
[  418.083943][  T112] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  418.092597][  T112] page dumped because: kasan: bad access detected
[  418.099008][  T112] page_owner tracks the page as allocated
[  418.104708][  T112] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5821, tgid 5821 (kworker/0:3), ts 81653235692, free_ts 81615238469
[  418.125359][  T112]  post_alloc_hook+0x231/0x280
[  418.130121][  T112]  get_page_from_freelist+0x23a1/0x2440
[  418.135658][  T112]  __alloc_frozen_pages_noprof+0x18d/0x380
[  418.141466][  T112]  allocate_slab+0x77/0x660
[  418.145973][  T112]  refill_objects+0x331/0x3c0
[  418.150649][  T112]  __pcs_replace_empty_main+0x2cd/0x650
[  418.156187][  T112]  __kmalloc_noprof+0x474/0x760
[  418.161030][  T112]  ieee802_11_parse_elems_full+0x159/0x2ab0
[  418.166916][  T112]  ieee80211_inform_bss+0x161/0x1160
[  418.172190][  T112]  cfg80211_inform_single_bss_data+0xd08/0x1b70
[  418.178421][  T112]  cfg80211_inform_bss_data+0x266/0x3c40
[  418.184042][  T112]  cfg80211_inform_bss_frame_data+0x3c7/0x760
[  418.190099][  T112]  ieee80211_bss_info_update+0x794/0xa40
[  418.195723][  T112]  ieee80211_scan_rx+0x552/0xa40
[  418.200647][  T112]  ieee80211_rx_list+0x29e3/0x3710
[  418.205750][  T112]  ieee80211_rx_napi+0x1b1/0x3e0
[  418.210677][  T112] page last free pid 5944 tgid 5944 stack trace:
[  418.216987][  T112]  __free_frozen_pages+0xbe2/0xd60
[  418.222090][  T112]  __slab_free+0x263/0x2b0
[  418.226494][  T112]  qlist_free_all+0x97/0x100
[  418.231076][  T112]  kasan_quarantine_reduce+0x148/0x160
[  418.236531][  T112]  __kasan_slab_alloc+0x22/0x80
[  418.241407][  T112]  kmem_cache_alloc_node_noprof+0x384/0x690
[  418.247293][  T112]  __alloc_skb+0x27d/0x7d0
[  418.251701][  T112]  netlink_sendmsg+0x5d4/0xb40
[  418.256454][  T112]  sock_sendmsg_nosec+0x18f/0x1d0
[  418.261466][  T112]  ____sys_sendmsg+0x589/0x8c0
[  418.266221][  T112]  ___sys_sendmsg+0x2a5/0x360
[  418.270896][  T112]  __x64_sys_sendmsg+0x1bd/0x2a0
[  418.275856][  T112]  do_syscall_64+0x14d/0xf80
[  418.280450][  T112]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  418.286341][  T112] 
[  418.288659][  T112] Memory state around the buggy address:
[  418.294277][  T112]  ffff88803483bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  418.302333][  T112]  ffff88803483c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  418.310385][  T112] >ffff88803483c080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  418.318428][  T112]                                                     ^
[  418.325346][  T112]  ffff88803483c100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  418.333397][  T112]  ffff88803483c180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  418.341443][  T112] ==================================================================
[  418.349492][  T112] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  418.356689][  T112] CPU: 1 UID: 0 PID: 112 Comm: jfsCommit Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  418.367355][  T112] Tainted: [L]=SOFTLOCKUP
[  418.371668][  T112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  418.381715][  T112] Call Trace:
[  418.384988][  T112]  <TASK>
[  418.387913][  T112]  vpanic+0x56c/0xa60
[  418.391911][  T112]  ? __pfx_vpanic+0x10/0x10
[  418.396423][  T112]  panic+0xc5/0xd0
[  418.400140][  T112]  ? __pfx_panic+0x10/0x10
[  418.404551][  T112]  ? _raw_spin_lock_irqsave+0x40/0x60
[  418.409917][  T112]  ? rcu_is_watching+0x15/0xb0
[  418.414682][  T112]  ? _raw_spin_lock_irqsave+0x40/0x60
[  418.420057][  T112]  ? _raw_spin_lock_irqsave+0x40/0x60
[  418.425428][  T112]  check_panic_on_warn+0x89/0xb0
[  418.430360][  T112]  ? _raw_spin_lock_irqsave+0x40/0x60
[  418.435732][  T112]  end_report+0x73/0x180
[  418.439972][  T112]  ? _raw_spin_lock_irqsave+0x40/0x60
[  418.445340][  T112]  kasan_report+0x128/0x150
[  418.449841][  T112]  ? _raw_spin_lock_irqsave+0x40/0x60
[  418.455213][  T112]  __kasan_check_byte+0x2a/0x40
[  418.460059][  T112]  lock_acquire+0x79/0x2e0
[  418.464474][  T112]  ? rcu_is_watching+0x15/0xb0
[  418.469233][  T112]  _raw_spin_lock_irqsave+0x40/0x60
[  418.474431][  T112]  ? __mutex_lock+0x3cb/0x1300
[  418.479197][  T112]  __mutex_lock+0x3cb/0x1300
[  418.483786][  T112]  ? jfs_syncpt+0x25/0x90
[  418.488114][  T112]  ? do_raw_spin_lock+0x12b/0x2f0
[  418.493134][  T112]  ? __pfx___mutex_lock+0x10/0x10
[  418.498167][  T112]  jfs_syncpt+0x25/0x90
[  418.502321][  T112]  txEnd+0x2e5/0x530
[  418.506210][  T112]  jfs_lazycommit+0x5b8/0xaa0
[  418.510880][  T112]  ? __pfx_jfs_lazycommit+0x10/0x10
[  418.516073][  T112]  ? __pfx_default_wake_function+0x10/0x10
[  418.521876][  T112]  ? __kthread_parkme+0x7a/0x1f0
[  418.526815][  T112]  kthread+0x388/0x470
[  418.530892][  T112]  ? __pfx_jfs_lazycommit+0x10/0x10
[  418.536087][  T112]  ? __pfx_kthread+0x10/0x10
[  418.540669][  T112]  ret_from_fork+0x51e/0xb90
[  418.545257][  T112]  ? __pfx_ret_from_fork+0x10/0x10
[  418.550372][  T112]  ? __switch_to+0xc7d/0x1450
[  418.555045][  T112]  ? __pfx_kthread+0x10/0x10
[  418.559626][  T112]  ret_from_fork_asm+0x1a/0x30
[  418.564386][  T112]  </TASK>
[  418.567746][  T112] Kernel Offset: disabled
[  418.572065][  T112] Rebooting in 86400 seconds..