program: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)=ANY=[@ANYBLOB="c40100003a00010327bd7000000000000700000008005500000000009f004c8008004a00", @ANYRES32=r0, @ANYBLOB="04004000ca0b0e437fe3a4cdbc0a890924e4a53c27008afb35b248d30255d1708d30ce90286929bcb2b5da1fa255a232b41e6a51e7757e89df49fd34910312408cee21da739b89529acfa75cdd8951b47e6544b33bcab14924d2ee39e9404a9f44a8995867615a3d0e9709564a3fa46620529f3bd87a035d4a164db63d291370a7609ea562df595e675c8b9356a648e85bd6b70007012380addd784ed3447567807b8eb851399c0d9a3f132f51f3181b1369a8d52531298f0d64965fa2887ab1817bfa8c869534af88243543721e57584638d80103e3c4f0b37c8f49c0b363efb76baf5f44fddc3cb3be6cbb1cba03cf9afa43f3c843d8b8a0a84b46bd615cf374dd2765f99e13fce3c648b0f578e4382b97a3290d1486179473502f65f7e352f020e56959aeb064bae575938f43524e2ff386ef0595dca3c627ce363a743e2a1fbd3fc5cdc6d11349a55f318e5b62ea37397f3e5b220782f7404a5201049c6f03c3d6aeead82df8f774fe87a19f9681d52fa14dd293f0f6934b7d173055b1b41d84a28e55d6d8bb1e4d2362ce881f9e466a7608005300", @ANYRES32=0x0, @ANYBLOB="e9ab43d2aa09385968878d1af08395b87e0faf7dd5dbfca121f85c6f5ff83f3e36390fe231df3614305e8019fa3eb96207364cb829c9640d58801308ceea150e6bc9624619b01daeed77c3235a27ec2f7393e5186ee06c9dfd98ca301df7b53b7f047586aa5b241e18b5dee4724eb5fa3c1f38c3126cc6038b8ced518ab2e7ec8acf0074783bc480a06ed5277deb91b8860d3e3f3ac2907d3f86b1375cff1cdc0c20b388e65c"], 0x1c4}, 0x1, 0x0, 0x0, 0x81}, 0x4004000) r1 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x4d8, 0xdd, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0xa0, 0x8, [{{0x9, 0x4, 0x0, 0xfe, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0xffff, 0xfd, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x8, 0x3, 0x0, 0xfd}}}}}]}}]}}, 0x0) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) connect$bt_l2cap(r2, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe) r3 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) ioctl$sock_bt_hidp_HIDPCONNADD(r3, 0x400448c8, &(0x7f00000000c0)={r2, r2, 0x206, 0x0, 0x0, 0x2, 0x72, 0x1, 0x3, 0x7, 0x0, 0x8, 'syz1\x00'}) ioctl$sock_bt_hidp_HIDPCONNDEL(r3, 0x400448c9, &(0x7f0000000000)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x1}) syz_mount_image$jfs(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x2010880, &(0x7f0000000400)=ANY=[@ANYBLOB='iocharset=cp869,discard=0x0000000000000009,gid=', @ANYRESHEX=0x0, @ANYBLOB=',integrity,errors=continue,discard,errors=remount-ro\x00iocharset=cp737,grpquota,usrquota,gid=', @ANYRES64=0x0, @ANYBLOB=',quota,g\x00\x00=', @ANYRESDEC, @ANYRES32, @ANYRESHEX, @ANYRESOCT, @ANYRESDEC=0x0, @ANYBLOB="2c000100000000000000"], 0x5, 0x6170, &(0x7f00000066c0)="$eJzs3b2PHGcdB/Dfvt5LiHNKEQULoYsTXkKIX4MxBEhSQEGTArlFti6XyMIBZBvkRBY+dA0FFX8BCIkSIUpEwR+QgpaOiopINhIoFYPm7nl8s+td75nz7ezd8/lI65nfPLO7z9x3Z1+8M/sEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABDf/c73znUi4spP04K1iE9FL6IbsVLX6xGxsr6W1+9HxPOx0xzPRcRgKaK+/s4/z0S8FhEfnYi4d//ORr34/D778e0//O2333/q7b/+fnDmP3+81Xt92nq3b//y33+6e7BtBgAAgNJUVVV10sf8k+nzfbftTgEAc5Ff/6skL1+YuntIt/+rf7z950XYPrVarVar51g3VZPdbRYRsdW8Tv2ewdfxAHDEbMUnbXeBFsm/aP2IeKrtTgALrdN2BzgU9+7f2eikfDvN14P13fZ8LMhI/ludB+d3TJvOMn6MybweX9vRi2en9GdlTn1YJDn/7nj+V3bbh2m9w85/XqblP9w99ak4Of/eeP5jjk/+3Yn5lyrn33+s/HvyBwAAAACABZb//3+t5e9/lw6+KfvyqO9/1+fUBwAAAAAAAAB40g46/t8Dxv8DAACAhVV/Vq/9+sTesmm/xVYvv9yJeHpsfaAw6WSZ1bb7AQAAAAAAAAAAAAAl6e8ew3u5EzGIiKdXV6uqqi9N4/XjOuj1j7rStx9K1vaTPAAA7ProxNi5/J2I5Yi4nH7rb7C6ulpVyyur1Wq1spTfzw6XlquVxufaPK2XLQ338Ya4P6zqG1tuXK9p1uflWe3jt1ff17Dq7aNjT8gg/TWnNLcUNgAku69G97wiHTNV9cy0Nx8wwv5//Nj/2Y+2H6cAAADA4auqquqkn/M+mb7z77bdKQBgLvLr//j3AodSRxzu7avVarVarX5k3VRNdrdZRMRW8zr1ewbD8QPAEbMVn7TdBVok/6L1I+L5tjsBLLRO2x3gUNy7f2ejk/LtNF8P0vju+ViQkfy3OjvXy9efNJ1l/BiTeT2+tqMXz07pz3Nz6sMiyfl3x/O/sts+TOsddv7zMi3/ejvXWuhP23L+vfH8xxyf/LsT8y9Vzr//WPn35A8AAAAAAAss////mu9/8yYDAAAAAAAAwJFz7/6djXzea/7+/zMT1nP+5/GU8+/Iv0g5/+5Y/l8cW6/XmP/4rb38/3X/zsbvbv3z03m63/yX8kwnPbI66RHRSffU6afpQbbuYduD3rC+p0Gn2+unY36qwbtxLa7HZpwdWbeb/h577edG2uueDkbaz4+09x9qvzDSPki/O1Ct5PbTsRE/iuvxzk573bY0Y/uXZ7RXM9pz/j37f5Fy/v3Gpc5/NbV3xqbR2DWb+31zOul+3rz22V+cPeRt2Y/t6D3YtqZ6+0610J+dv8lTw/jJzc0bp29fvXXrxrlIk5Gl5yNNnrCc/2DnsrT3/P/ibnt+3m/urx//fPjQ8/6s/BfFdvSn5v9iY77e3pfn3Lc25PyH6ZLzfye1T9r/j3b+0/f/V1roDwAAAAAAAAAAAAAAADxKVVU7p4i+GREX0/k/bZ2bCQDMV379r5K8XK1Wq9Vq9fGrm6rJ3mgWEfGX5nXq9ww/m3RjAMAi+29E/L3tTtAa+Rcs/95fPX2p7c4Ac3Xzgw9/cPX69c0bN9vuCQAAAAAAAADw/8rjf643xn9+KSLWxtYbGf/1rVg/6Pif/TzzYIDRJzzQ9xTb3WGv2xhu/IXYGZ/79LTxv0/Fo8f/7s+4v8GM9uGM9qUZ7csTl+6lNfFEj4ac/wuN8c7r/E+ODb9ewviv42PelyDnf6rxeK7z/8LYes38q98sXP5b+11xO7oj+Z+59f6Pz9z84MNXr71/9b3N9zZ/eOHcubMXLl68dOnSmXevXd88u/vv4fR6AeT889jXjgMtS84/Zy7/suT8P5dq+Zcl5//5VMu/LDn//H5P/mXJ+efPPvIvS87/5VTLvyw5/y+lWv5lyfm/kmr5lyXn/+VUy78sOf9XUy3/suT8T6da/mXJ+Z9J9T7y9/Pwx0jOP3/DZf8vS84/H9kg/7Lk/M+nWv5lyflfSLX8y5Lzfy3V8i9Lzv8rqZZ/WXL+F1Mt/7Lk/L+aavmXJed/KdXyL0vO/2upln9Zcv5fT7X8y5Lzfz3V8i9Lzv8bqZZ/WXL+30y1/MuS8/9WquVflpz/G6mWf1n2fv/fjBkzZvJM289MAAAAAAAAAAAAAMC4eRxO3PY2AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/9iBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFfbuNUaus74f+Jm92GuHEAMhOPkbsklMCMmSXduJL/zrYsK1AUqBhEIv2K53bRZ8w2uXQJFsGiiRMCqqqJq+oAWE2khVhVVRiVaU5kXVy6vSvqBvKqpKSI2qgAISUktptpo5z/N4ZnZ2zq49Xs+e5/OR4p935sycM2fOzO53ne8cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaHfHG+Y+0yiKovlf648tRfGC5t83TW5pXfba672FAAAAwNX639afz92ULjiwghu1LfN3r/jHry8uLi4W7xv93fEvLC6mKyaLYnxjUbSuiy79+/sb7csEjxcTjZG2r0cqVj9acf1YxfXjFddvqLh+Y8X1ExXXL9kBS2wqfx/TurPtrb9uKXdpcXMx3rpue49bPd7YODISf5fT0mjdZnH8aDFfHC/mipmO5ctlG63lv3lHc11vLeK6RtrWta15hPzwE0fiNjTCPt7esa7L9xl9//XF5I9++Ikjf3T22Vt7zcrd0HF/5Xbec2dzOz8VLim3tVFsTPskbudI23Zu6/GcjHZsZ6N1u+bfu7fzuRVu5+jlzVxT3c/5RDHS+vu3W/tprP3Xemk/bQuX/dddRVFcuLzZ3cssWVcxUmzuuGTk8vMzUR6RzftoHkovLsZWdZzesYLjtDlnt3cep92vifj83xFuN7bMNrQ/Td//5IYlz/tqj9Oo+aiXe610H4ODfq0MyzEYj4tvtx70Ez2Pwe3h8X/i7uWPwZ7HTo9jMD3utmPwzqpjcGTDaGub05PQaN3m8jG4o2P50daaGq35zN39j8HpsydOTy987OOvmT9x+NjcsbmTu3bsmNm1e/fevXunj84fn5sp/7zCvT38Nhcj6TVwZ9h38TXwqq5l2w/VxS8P7nU40ed1uKVr2UG/Dse6H1xjbV6QS4/p8rXxSHOnT1wcKZZ5jbWen3uv/nWYHnfb63Cs7XXY83tKj9fh2Apeh81lTt+7sp9Zxtr+67UN1+p7wZa2Y7D755HuY3DQP48MyzE4EY6Lf713+e8F28L2PjG12p9HRpccg+nhhvee5iXp5/2Jva3R67i8rXnFDRuKcwtzZ+5/7PDZs2d2FGGsiZe0HSvdx+vmtsdULDleR1Z9vB6Yf8UTt/W4fEvYVxOvaf4xsexz1Vzmgfv7P1et726992fHpTuLMAZsrfdnr+/mzf2ZsmSf/dlc5lPTV/+zeMqlbe+/48u8/8bc/3y5vnRXj4+Oj5Wv39G0d8Y73o87n6qx1ntXo7Xu56ZX9n48Hv5b6/fjm/u8H2/tWnbQ78fj3Q8uvh83qn7bcXW6n8+JcJwcn+n/ftxcZuvO1R6TY33fj+8KsxH2/6tDUki5qO3YWe64TesaGxsPj2ssrqHzON3Vsfx4yGbNdT2188qO03vuKu9rND26y9bqOJ3sWnbQx2l6v1ruOG1U/fbtynQ/nxPhuLh5V//jtLnM0w9c/XvnpvjXtvfODVXH4PjohuY2j6eDsHy/X9wUj8H7iyPFqeJ4Mdu6dkPreGq01jX14MqOwQ3hv7V+r9za5xi8p2vZQR+D6fvYcsdeY2zpgx+A7udzIhwXTz7Y/xhsLvPGPYP92fWecElapu1n1+7fry33O6/bunbTtfydV3M7/2ZP/9/NNpc5vne1ObP/frovXHJDj/3U/fpd7jU1W6zNftoatvPZvcvvp+b2NJf5wr4VHk8HiqI4/5GHWr/vDf++8mfnvvP1jn936fVvOuc/8tAPbjz6t6vZfgDWv+fLsbn8Xtf2L1Mr+fd/AAAAYF2IuX8kzET+BwAAgNqIuT/+X+GJ/A8AAAC1EXP/WJhJJvl/6xufnX/+fJGa+YtBvD7thofL5WLHdSZ8Pbl4WfPyh7469+O/PL+ydY8URfHTh3+j5/JbH47bVZoM23npTZ2XL73h+RWt/9Cjl5dr769/Kdx/fDz9DoP2zzHrVcGdKYrimzd9rrWeyfdfbM2nHz7Umu++8MTjzWWe21d+HW//zEvK5b8Yyr8Hjh7uuP0zYT98L8yZt/XeH/F2X7v46m173nt5ffF2jTtf2HrYT36gvN/4OTmff7xcPu7n5bb/rz771Neayz/2yt7bf36k9/Y/Fe73q2H+98vL5dufg+bX8XafDtsf1xdvd/9XvtVz+y99plz+9JvL5Q6FGdd/T/h6+5ufnW/fX481Dnc8ruIt5XJx/TPf+e3W9fH+4v13b//EwYsd+6P7+Hj6n8v7me5aPl4e1xP9Rdf6m/fTfnzG9T/1W4c69nPV+i+9+5mXN++3e/33dS032nX77k9s+oNPf67n+uL2HPjT0x2P58C7wus4rP/JD4TjMVz/k0uf61hvdOhdne8/cfkvbTnf8Xiit/6oXP+l1x1rzf+Y/PHv3/CCG1944fbmviuKb7+nvL+q9R/7w1Md2//lW+5tPR/x+tjR717/cuL6z3x06uSphXPzs217tfXZOW8vt2fjxKbNze29Kby3dn998NTZD86dmZyZnCmKyfp+hN4V+0qYPyjHhdXe/t5Hw/N52+99c/Pd//TZePm/PFJefvFt5fetV4XlPh8u31I+f4uNq1z/k3fc0np9N54uv+7osQ/Atu3/uXdFC4bH3/1zQTzeT7/0g6390Lyu9X0jvq6vcvu/O1vezzfCfl0Mn8x85y2X19e+fPxshIvvKV/vV73/wttcfF7/ODzf7/heef9xu+Lj/W74OeZbWzvf7+Lx8Y3zI9333/oUjwvh/aS4UF4fl4r7++Jzt/TcvPg5JMWFW1tf/066n1tX9TCXs/Cxhenj8yfPPTZ9dm7h7PTCxz5+8MSpcyfPHmx9lufBD1Xd/vL70+bW+9Ps3O4HiplNRVGcKmbW4A3r2mx/828r2/7Tjx6Z3TNz9+zc0cPnjp599PTcmWNHFhaOzM0u3H346NG5j1bdfn52/46d+3bt2Tl1bH52/959+3btm5o/eaq5GeVGVdg98+Gpk2cOtm6ysP+BfTsefPCBmakTp2bn9u+ZmZk6V3X71vemqeatf33qzNzxw2fnT8xNLcx/fG7/jn27d++s/DTAE6ePLkxOnzl3cvrcwtyZ6fKxTJ5tXdz83ld1e+pp4d/Kn2e7NcoP4iveed/u9PmsTV/95LJ3VS7S9QGiz4bPovmHF53eu5KvY+4fDzPJJP8DAABADmLu3xBmIv8DAABAbcTcvzHMRP4HAACA2oi5fyLMJJP8r/9/5f3/dvXv/5fX6//n1f8//ZGyVxpv39ViXTf9/9if1//Pw3Xu/1/1+vX/9f/r1/9feX9+vW+//r/+P0sNW/8/5v5NRZFl/gcAAIAcxNy/OcxE/gcAAIDaiLn/hjAT+R8AAABqI+b+F4SZZJL/9f9X1P/fWVW4qn//3/n/9f+L9Xn+//jk6P9nY9X9+/c+0vGl/n+g/6//r/+v/6//z1UbX/aa69X/j7n/xjCTTPI/AAAA5CDm/heGmcj/AAAAUBsx998UZiL/AwAAQG3E3L8lzCST/K//7/z/+v/6/7Xu/1/t+f/bNkb/f31w/v/+evT/b++5oP7/Kvv/E/r/67H/Pz7Y7R/u/n/l5uv/c00M2/n/Y+5/UZhJJvkfAAAAchBz/4vDTOR/AAAAqI2Y+18SZiL/AwAAQG3E3H9zmEkm+V//X/9f/1//X/+/9/qrz/9f/k3/f7jo//fn/P8VnP8/r/7/gLd/uPv/gz7///ibum+v/08vw9b/j7n/pWEmmeR/AAAAyEHM/beEmcj/AAAAUBsx978szET+BwAAgNqIuX9rmEkm+V//X/9f/1//X/+/9/qr+/8l/f/hov/f36D7/6Ndl+v/l/T/9f9r3//v8cOv/j+9DFv/P+b+W8NMMsn/AAAAkIOY+28LM5H/AQAAoDZi7v9/YSbyPwAAANRGzP3bwkwyyf/6//r/+v959f/v26D/r/9fb/r//Tn/fwX9f/1//f8Vnv9/qdX0/zdW3Rm1MWz9/5j7Xx5mkkn+BwAAgBzE3P+KMJMV5/+5L16DzQIAAAAGKOb+28NM/Ps/AAAA1EbM/ZNhJpnkf/3/evX//+Svn7y90P/X/69Yf037//Ew0P/PnP5/f/r/FfT/9f/1/9ek/08+hq3/H3P/HWEmmeR/AAAAyEHM/XeGmcj/AAAAUBsx998VZiL/AwAAQG3E3L89zCST/K//X6/+f6T/r//fb/3Xpv+/KV3u/P+96f+vDf3/HtreFPT/K+j/6/9n3/+PP/3q/zMYw9b/j7n/lWEmmeR/AAAAyEHM/XeHmcj/AAAAUBsx978qzET+BwAAgNqIuf+eMJNM8r/+v/6//r/+f03O/5/o/+dN/78//f8K+v/6/9n3/53/n8Eatv5/zP2vDjPJJP8DAABADmLuvzfMRP4HAACA2oj//2b5/73K/wAAAFBHMfdPhZlkkv/1//X/c+r/N/T/9f/1/2tP/78//f8K+v/6//r/+v8M1LD1/2Puf02YSSb5HwAAAHIQc//9YSbyPwAAANRGzP3TYSbyPwAAANRGzP0zYSaZ5H/9f/3/nPr/zv/f0f+fKAr9f/3/+tH/70//v4L+v/5/3fr/RaH/z3U1bP3/mPt3hJlkkv8BAAAgBzH37wwzkf8BAACgNmLu3xVmIv8DAABAbcTc/0CYSSb5X/9f/1//P9v+v/P/6//Xkv5/f/r/FfT/9f/r1v93/n+us2Hr/8fc/2CYSSb5HwAAAHIQc//uMBP5HwAAAGoj5v49YSbyPwAAANRGzP17w0wyyf/6/zXp///m33esW/9f/7/f+gfT/9+k/x+m/v9wqWn/v/tlccX0/yvo/+v/6//r/zNQw9b/j7l/X5hJJvkfAAAAchBz/2vDTOR/AAAAqI2Y+/9/mIn8DwAAALURc//PhJlkkv/1/2vS/++i/6//32/9zv+v/19nNe3/D4z+fwX9f/1//X/9fwbq2vf/499W1v+PuX9/mEkm+R8AAAByEHP/z4aZyP8AAABQGzH3vy7MRP4HAACA2oi5/0CYSSb5X/9f/1//X///2vT/X1d0G8b+f/Pg0f+vF/3//vT/K+j/6//r/+v/M1DDdv7/mPtfH2aSSf4HAACAHMTc/1CYifwPAAAAtRFz/xvCTOR/AAAAWM82tX8Rc/8bw0wyyf/6//r/+v/6/9X9/3gPzv+v/z/89P/70/+voP+v/6//r//PQA1b/z/m/jeFmWSS/wEAACAHMfe/OcxE/gcAAIDaiLn/LWEm8j8AAADURsz9bw0zyST/6//r/+v/6/9fm/P/17H/v/g/zdvr/w83/f/+9P8r6P/r/+v/6/8zUMPW/4+5/+fCTDLJ/wAAAJCDmPsfDjOR/wEAAKA2Yu5/W5iJ/A8AAAC1EXP/28NMMsn/+v/6//r/+v/6/73X7/z/65P+f3/6/xWGoP/f/J6m/78+t1//X/+fpYat/x9z/zvCTDLJ/wAAAJCDmPt/PsxE/gcAAIDaiLn/nWEm8j8AAADURsz9vxBmkkn+1//X/9f/1//Pov/fvJH+fxb0//vT/29309KLevT/Nzr/v/6//r/+P1ds2Pr/Mfe/K8wkk/wPAAAAOYi5/91hJvI/AAAA1EbM/e8JM5H/AQAAoDZi7n8kzCST/K//n2X/Pz1k/f+S/n8G/X/n/8+G/n9/+v8VhuD8//r/63f79f/1/1lq2Pr/Mfc/GmaSSf4HAACAHMTc/94wE/kfAAAAaiPm/l8MM5H/AQAAoDZi7n9fmEkm+b8G/f+fdBT79P87buf8/9e7/z/WcXzk1P+faHs+03Gp/6//vwb0//vT/6+g/6//P8z9/3A0b1rm9vr/DKNh6//H3P/+MJNM8j8AAADkIOb+Xwozkf8BAACgNmLu/+UwE/kfAAAAaiPm/l8JM8kk/9eg/991Q/3/Qv9/iPr/ncdHTv1/5/9fSv9/bej/96f/X0H/X/9/mPv/FfT/GUbD1v+Puf9Xw0wyyf8AAACQg5j7PxBmIv8DAABAbcTcfzDMRP4HAACA2oi5/1CYSSb5X/+/u/8fz6iq/6//r/+v/6//vx4Nrv//shuLYkX9/z9vXq//r/+v/6//r/+v/89Sw9b/j7n/cJhJJvkfAAAAchBz/6+Fmcj/AAAAUBsx9x8JM5H/AQAAoDZi7p8NM8kk/+v/O///oPr/P9X/1/8P9P970/9fG87/35/+fwX9f/1//X/9fwZq2Pr/MffPhZlkkv8BAACgxtKvg2PuPxpmIv8DAABAbcTcfyzMRP4HAACA2oi5/4NhJpnkf/1//X/n/78e/f+xjuX1/0v6//r/g6D/35/+fwX9f/1//X/9fwZq2Pr/MffPh5lkkv8BAAAgBzH3fyjMRP4HAACA2oi5/8NhJvI/AAAA1EbM/cfDTDLJ//r/+v+59/8bRXHB+f/1/3utX/9/fdL/70//v4L+v/6//r/+PwM1bP3/mPtPhJlkkv8BAAAgBzH3nwwzkf8BAACgNv6PvftokvOu9jjedtmWVHdx70u467u6S1jBS2DLjirWFMnkYEzOYHIOJpiMCSYHk3PO2eQcTTRUiWLmnCONpvW0pGlPP8//fD6bw6g0dI81CP2s+taTu/+ecYv9DwAAAMPI3X+vuKXJ/tf/d+v//0v/P4vn/x/8+fr/ffp//f82HOrvr7i4zz9v////d7j6bvp//b/+f5L+X/+v/+dcc+v/c/ffO25psv8BAACgg9z994lb7H8AAAAYRu7++8Yt9j8AAAAMI3f/1XFLk/2v/+/W/3v+v/5/Q/9/s/5f/79snv8/Tf+/gf5f/6//1/+zVXPr/3P33y9uabL/AQAAoIPc/fePW+x/AAAAGEbu/gfELfY/AAAADCN3/wPjlib7X/+v/9f/6/89/3/96+v/l0n/P03/v4H+X/+v/9f/s1Vz6/9z9z8obmmy/wEAAKCD3P0PjlvsfwAAABhG7v6HxC32PwAAAAwjd/9D45Ym+1//r//X/+v/9f/rX1//v0zXr878nqD/P0z/v8GG/n+10v9PueB+fv2Xt5z3fx76f/0/h82t/8/d/7C4pcn+BwAAgA5y9z88brH/AQAAYBi5+6+JW+x/AAAAGEbu/kfELU32v/5f/6//1//r/9e/vv5/mTz/f9rR+///+5973L1v/+/5/9M8/1//r//nXHPr/3P3Xxu3NNn/AAAA0EHu/kfGLfY/AAAADCN3/6PiFvsfAAAAhpG7/9FxS5P9r/9v0//v1S76f/2//l//Pzr9/zTP/99g77e5U/Wh/l//r//X/3M0c+v/c/c/Jm5psv8BAACgg9z9j41b7H8AAAAYRu7+x8Ut9j8AAAAMI3f/4+OWJvtf/9+m//f8f/2//l//34L+f5r+f4NRnv9/id81u+7nj2rX71//r//nsLn1/7n7nxC3NNn/AAAA0EHu/ifGLfY/AAAADCN3/5PiFvsfAAAAhpG7/8lxS5P9r//X/y+j/89X0P/r//X/+v9p+v9p+v8NRun/L9Gu+/mlv3/9v/6fw+bW/+fuf0rc0mT/AwAAQAe5+58at9j/AAAAMIzc/U+LW+x/AAAAGEbu/qfHLU32v/5f/7+M/t/z//X/+n/9/4XR/0/T/2+g/9f/6//1/2zV3Pr/3P3XxS1N9j8AAAB0kLv/GXGL/Q8AAADDyN3/zLjF/gcAAIBh5O5/VtzSZP/r//X/+n/9v/5//evr/5dJ/z9N/7+B/l//r//X/7NVM+r/z/qsk6tnxy1N9j8AAAB0kLv/OXGL/Q8AAADDyN3/3LjF/gcAAIBh5O5/Xtwy+P6/LPIJ/f9s+v+9nG+s/v/UarXS/6+a9v+nzvr1rO9L/b/+/xjo/6fp/zfQ/+v/9f/6f7ZqRv3/3se5+58ftwy+/wEAAKCT3P0viFvsfwAAABhG7v4Xxi32PwAAAAwjd/+L4pYm+1//P5v+f89Y/b/n/5/7/dGp//f8/8P0/8dD/z9N/7+B/l//r//X/7NVc+v/c/e/OG666spL/hIBAACAmcnd/5K4pcnf/wMAAEAHuftfGrfY/wAAALBQ1x36kdz9L4tbmux//f92+/+rzvox/b/+/9zvD/2//l//f/vT/0/T/2+g/9f/6//1/2zV3Pr/3P0vj1ua7H8AAADoIHf/9XGL/Q8AAADDyN3/irjF/gcAAIBh5O5/ZdzSZP/r/z3/X/+v/9f/r399/f8y6f+nzbv/P12/nej/9f9LfP9b6P9PnPmP+n/GcBH9/+nTp6+53fv/3P2vilua7H8AAADoIHf/q+MW+x8AAACGkbv/hrjF/gcAAIBh5O5/TdzSZP/r/5v2//mtrv/fo//X/697ff3/Mun/p827//f8f/3/st+/5//r/zlsbs//z93/2rilyf4HAACADnL3vy5usf8BAABgGLn7Xx+32P8AAAAwjNz9b4hbmux//X/T/t/z//X/+v/j7v9vW23q/y9f6f+3YBH9/6nzv/7c+/9r9f/6/wnt+v+73PHAh/p//T+Hza3/z93/xrilyf4HAACADnL3vylusf8BAABgGLn73xy32P8AAAAwjNz9N8ZNVzTZ//p//b/+X/+v/1//+sf8/P+rViv9/zYsov+fMPf+3/P/9f9T2vX/59D/6/85bG79f+7+t8QtTfY/AAAAdJC7/61xi/0PAAAAw8jd/7a4xf4HAACAYeTuf3vc0mT/6//1//p//f/w/f+1i+j/V6vox/X/R6P/n6b/30D/r//X/+v/ORa76v9z998UtzTZ/wAAANBB7v53xC32PwAAAAwjd/874xb7HwAAAIaRu/9dcUuT/a//1//r//X/J2bX/5888N/X5Pn/+v8t2WH/f+eV/l//H/T/+v8F9//X6f/Zprk9/z93/7vjlib7HwAAADrI3f+euPWvbu1/AAAAGEbu/vfGLfY/AAAADCN3//vilib7X/+v/9f/6/+Hf/6//r8Vz/+fpv/fQP+v/9f/e/4/WzW3/j93//vjlib7HwAAADrI3f+BuMX+BwAAgGHk7v9g3GL/AwAAwDBy998ctzTZ//p//b/+X/+v/9//NdT/j0H/P+14+v9T+n/9f/Xzl8X/CvT/+v9Nn8+Y5tb/5+7/UNzSZP8DAABAB7n7Pxy32P8AAAAwjNz9H4lb7H8AAABYpCvW/Fju/o/GLU32v/5f/6//1//r/9e/vv5/mfT/0zz/fwP9/0X28/974KOlPf//3P//0v/r/9m+3ff/+39iy49z938sbmmy/wEAAKCD3P0fj1vsfwAAABhG7v5PxC32PwAAAAwjd/8n45Ym+1//r//X/+v/9f/rX1//v0z6/2n6/w30/zt9fv7S37/+X//PYbvv/w9+nLv/U3FLk/0PAAAAHeTu/3TcYv8DAADAMHL3fyZusf8BAABgGHu7P+Oyhvtf/6//1//r//X/619f/79M+v9p+v8N9P/6f/2//p+tmlv//9m9zzq5+lzc0mT/AwAAQAe5+z8ft9j/AAAAMIzc/V+IW+x/AAAAGEbu/i/GLU32f4P+/8S6n6b/X1r/f/r06Wv0//r/g1/Pmf7/Fv0/Rf8/Tf+/gf5f/6//1/+zVXPr/3P3fyluabL/AQAAoIPc/V+OW+x/AAAAGEbu/q/ELfY/AAAADCN3/1fjlib7v0H/v9as+v+T+n/P/9f/rzz/X/+/Jfr/afr/DUbs/09e+Je/637+qHb9/vX/+n8Om1v/n7v/a3FLk/0PAAAAHeTu/3rcYv8DAADAMHL3fyNusf8BAABgGLn7vxm3NNn/+v/j6///88+uy/P/T63Wv3/9v/5f/6//v73p/6fp/zcYsf+/CLvu55f+/vX/+n8Om1v/n7v/W3FLk/0PAAAAHeTu/3bcYv8DAADAMHL3fydusf8BAABgGLn7vxu3NNn/+v8ZPP9/wP7f8//Xf3/o/2fd/1+u/x+D/n/acP3/DftX/6//n8P71/+f3f/nd7P+v7u59f+5+78XtzTZ/wAAANBB7v7vxy32PwAAAAwjd/8P4hb7HwAAAIaRu/+WuOWs/b+u7R6F/l//r//X/+v/17++/n+Z9P/TLrT/P7E6Wv+fPP9f/6//79r/e/4/++bW/+fu/2Hc4u//AQAAYHGuPM+P5+7/Udxi/wMAAMAwcvf/OG6x/wEAAGAYuft/Erfcevmu3tKx0v/r//X/+n/9//rX1/8vk/5/2nDP/4+r/59V/38n/f8Y/f9qpf/n6ObW/+fu/2nc4u//AQAAYBi5+38Wt9j/AAAAMIzc/T+PW+x/AAAAGEbu/l/ELU32v/5f/3/E/n8vzdT/79P/79P/r6f/Px76/2n6/w30/57/r//3/H+2am79f+7+X8YtTfY/AAAAdJC7/1dxi/0PAAAAw8jd/+u4xf4HAACAYeTu/03c0mT/76z/j3/U+v/F9/+e/6//1//r/2dF/z9N/7+B/l//r//X/7NVc+v/c/f/Nm5psv8BAACgg9z9v4tb7H8AAAAYRu7+38ct9j8AAAAMI3f/H+KWJvvf8//1/zPq/2+68Zz3r//X/6/0//r/i6T/n6b/X69+ofT/+n/9v/6frZpb/5+7/49xS5P9DwAAAB3k7v9T3GL/AwAAwDBy998at9j/AAAAMIzc/X+OW5rsf/2//n9G/f8ez/8/83n6/31r+v+9BlL/r/9fR/8/bZf9/13/e/PLev7/zvv/fAv6f/2//p+tmFv/n7v/L3FLk/0PAAAAHeTu/2vcYv8DAADAMHL3/y1usf8BAABgGLn7/x63NNn/G/r/E/UT9f+T9P8H37/+f/33h/7/yP3/qZXn/+v/N9D/T+vy/P8br7y019f/e/6//l//z3btvv/f++NjfZy7/x9xS5P9DwAAAB3k7r8tbrH/AQAAYBi5+/8Zt9j/AAAAMIzc/f+KW5rsf8//1//r//X/C+r/D3w9+n/9/zr6/2ld+n/P/780u+7nl/7+9f/6fw7bff9/8OPc/f8OAAD//ykxU+A=") r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x40, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) r7 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) close(0x5) close(0x4) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = syz_kvm_setup_syzos_vm$x86(r8, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$x86(r9, &(0x7f00000000c0)={0x0, 0x0}) ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r6, 0x4068aea3, &(0x7f0000000180)={0xbe, 0x0, 0x1}) ioctl$KVM_SET_MSRS(r6, 0xc008ae88, &(0x7f0000000080)={0x1, 0x0, [{0x4b564d07}]}) r10 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r10, 0x400448ca, 0x0) ioctl$sock_bt_hci(0xffffffffffffffff, 0x400448c9, 0x0) socket$key(0xf, 0x3, 0x2) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e0402030c"], 0x7) syz_usb_connect(0x0, 0x3d, 0x0, 0x0) rename(&(0x7f00000003c0)='./file1\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') syz_usb_control_io$hid(r1, 0x0, 0x0) syz_usb_control_io(r1, &(0x7f0000000040)={0x2c, &(0x7f00000012c0)={0x40, 0x3, 0x5, {0x5, 0x4, "26ed60"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) [ 73.592427][ T4664] Bluetooth: hci0: command tx timeout [ 73.876646][ T788] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 74.027968][ T788] usb 5-1: Using ep0 maxpacket: 8 [ 74.032859][ T788] usb 5-1: config 0 interface 0 has no altsetting 0 [ 74.035483][ T788] usb 5-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 74.039728][ T788] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 74.054172][ T788] usb 5-1: config 0 descriptor?? [ 74.303077][ T5316] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input5 [ 74.815723][ T5317] loop0: detected capacity change from 0 to 32768 [ 74.974096][ T788] usbhid 5-1:0.0: can't add hid device: -71 [ 74.994979][ T788] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 75.025784][ T788] usb 5-1: USB disconnect, device number 2 [ 75.089354][ T5317] [ 75.090215][ T5317] ====================================================== [ 75.092409][ T5317] WARNING: possible circular locking dependency detected [ 75.094957][ T5317] syzkaller #0 Not tainted [ 75.096895][ T5317] ------------------------------------------------------ [ 75.099650][ T5317] syz.0.0/5317 is trying to acquire lock: [ 75.101806][ T5317] ffff888038be2040 ((work_completion)(&(&conn->info_timer)->work)){+.+.}-{0:0}, at: __flush_work+0x100/0xc50 [ 75.106919][ T5317] [ 75.106919][ T5317] but task is already holding lock: [ 75.110152][ T5317] ffff888038be22f8 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x7b/0x5c0 [ 75.114105][ T5317] [ 75.114105][ T5317] which lock already depends on the new lock. [ 75.114105][ T5317] [ 75.118513][ T5317] [ 75.118513][ T5317] the existing dependency chain (in reverse order) is: [ 75.122879][ T5317] [ 75.122879][ T5317] -> #1 (&conn->lock#2){+.+.}-{4:4}: [ 75.125880][ T5317] __mutex_lock+0x19f/0x1300 [ 75.128204][ T5317] l2cap_info_timeout+0x60/0xa0 [ 75.130707][ T5317] process_scheduled_works+0xb02/0x1830 [ 75.132956][ T5317] worker_thread+0xa50/0xfc0 [ 75.135161][ T5317] kthread+0x388/0x470 [ 75.137162][ T5317] ret_from_fork+0x51e/0xb90 [ 75.139321][ T5317] ret_from_fork_asm+0x1a/0x30 [ 75.141455][ T5317] [ 75.141455][ T5317] -> #0 ((work_completion)(&(&conn->info_timer)->work)){+.+.}-{0:0}: [ 75.145438][ T5317] __lock_acquire+0x15a5/0x2cf0 [ 75.147586][ T5317] lock_acquire+0xf0/0x2e0 [ 75.149612][ T5317] __flush_work+0x700/0xc50 [ 75.151754][ T5317] __cancel_work_sync+0xbe/0x110 [ 75.154007][ T5317] l2cap_conn_del+0x40f/0x5c0 [ 75.156330][ T5317] hci_conn_hash_flush+0x10d/0x260 [ 75.158930][ T5317] hci_dev_close_sync+0x821/0x10e0 [ 75.161309][ T5317] hci_dev_close+0x108/0x260 [ 75.163219][ T5317] sock_do_ioctl+0x101/0x320 [ 75.164872][ T5317] sock_ioctl+0x5c6/0x7f0 [ 75.166444][ T5317] __se_sys_ioctl+0xfc/0x170 [ 75.168496][ T5317] do_syscall_64+0x14d/0xf80 [ 75.170572][ T5317] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.173053][ T5317] [ 75.173053][ T5317] other info that might help us debug this: [ 75.173053][ T5317] [ 75.177013][ T5317] Possible unsafe locking scenario: [ 75.177013][ T5317] [ 75.179714][ T5317] CPU0 CPU1 [ 75.181697][ T5317] ---- ---- [ 75.183767][ T5317] lock(&conn->lock#2); [ 75.185373][ T5317] lock((work_completion)(&(&conn->info_timer)->work)); [ 75.189373][ T5317] lock(&conn->lock#2); [ 75.192444][ T5317] lock((work_completion)(&(&conn->info_timer)->work)); [ 75.195384][ T5317] [ 75.195384][ T5317] *** DEADLOCK *** [ 75.195384][ T5317] [ 75.198983][ T5317] 5 locks held by syz.0.0/5317: [ 75.200809][ T5317] #0: ffff88801cb98ec0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_dev_close+0x100/0x260 [ 75.204466][ T5317] #1: ffff88801cb980c0 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x640/0x10e0 [ 75.208173][ T5317] #2: ffffffff8fd5a0e8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa1/0x260 [ 75.212065][ T5317] #3: ffff888038be22f8 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x7b/0x5c0 [ 75.216019][ T5317] #4: ffffffff8e7602e0 (rcu_read_lock){....}-{1:3}, at: __flush_work+0x100/0xc50 [ 75.219921][ T5317] [ 75.219921][ T5317] stack backtrace: [ 75.222483][ T5317] CPU: 0 UID: 0 PID: 5317 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 75.222498][ T5317] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 75.222507][ T5317] Call Trace: [ 75.222514][ T5317] [ 75.222518][ T5317] dump_stack_lvl+0xe8/0x150 [ 75.222538][ T5317] print_circular_bug+0x2e1/0x300 [ 75.222557][ T5317] check_noncircular+0x12e/0x150 [ 75.222576][ T5317] __lock_acquire+0x15a5/0x2cf0 [ 75.222590][ T5317] ? do_raw_spin_lock+0x12b/0x2f0 [ 75.222601][ T5317] ? do_raw_spin_unlock+0x4d/0x210 [ 75.222613][ T5317] lock_acquire+0xf0/0x2e0 [ 75.222627][ T5317] ? __flush_work+0x100/0xc50 [ 75.222644][ T5317] ? __flush_work+0x100/0xc50 [ 75.222658][ T5317] __flush_work+0x700/0xc50 [ 75.222672][ T5317] ? __flush_work+0x100/0xc50 [ 75.222692][ T5317] ? __flush_work+0x100/0xc50 [ 75.222707][ T5317] ? __pfx___flush_work+0x10/0x10 [ 75.222723][ T5317] ? __pfx_wq_barrier_func+0x10/0x10 [ 75.222738][ T5317] ? __cancel_work_sync+0x5c/0x110 [ 75.222748][ T5317] __cancel_work_sync+0xbe/0x110 [ 75.222760][ T5317] l2cap_conn_del+0x40f/0x5c0 [ 75.222769][ T5317] ? __pfx_l2cap_disconn_cfm+0x10/0x10 [ 75.222776][ T5317] hci_conn_hash_flush+0x10d/0x260 [ 75.222785][ T5317] hci_dev_close_sync+0x821/0x10e0 [ 75.222793][ T5317] ? __pfx_hci_dev_close_sync+0x10/0x10 [ 75.222800][ T5317] ? lockdep_hardirqs_on+0x7a/0x110 [ 75.222813][ T5317] ? enable_work+0x1fd/0x230 [ 75.222830][ T5317] hci_dev_close+0x108/0x260 [ 75.222843][ T5317] sock_do_ioctl+0x101/0x320 [ 75.222860][ T5317] ? __pfx_sock_do_ioctl+0x10/0x10 [ 75.222874][ T5317] ? do_futex+0x333/0x420 [ 75.222890][ T5317] sock_ioctl+0x5c6/0x7f0 [ 75.222903][ T5317] ? __pfx_sock_ioctl+0x10/0x10 [ 75.222916][ T5317] ? __fget_files+0x2a/0x420 [ 75.222928][ T5317] ? __fget_files+0x3a0/0x420 [ 75.222939][ T5317] ? __fget_files+0x2a/0x420 [ 75.222951][ T5317] ? bpf_lsm_file_ioctl+0x9/0x20 [ 75.222963][ T5317] ? __pfx_sock_ioctl+0x10/0x10 [ 75.222977][ T5317] __se_sys_ioctl+0xfc/0x170 [ 75.222993][ T5317] do_syscall_64+0x14d/0xf80 [ 75.223009][ T5317] ? trace_irq_disable+0x3b/0x150 [ 75.223023][ T5317] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.223034][ T5317] ? clear_bhb_loop+0x40/0x90 [ 75.223047][ T5317] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.223060][ T5317] RIP: 0033:0x7f339d59c139 [ 75.223074][ T5317] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 75.223084][ T5317] RSP: 002b:00007f339e3f5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 75.223095][ T5317] RAX: ffffffffffffffda RBX: 00007f339d816090 RCX: 00007f339d59c139 [ 75.223106][ T5317] RDX: 0000000000000000 RSI: 00000000400448ca RDI: 000000000000000c [ 75.223113][ T5317] RBP: 00007f339d6327e0 R08: 0000000000000000 R09: 0000000000000000 [ 75.223120][ T5317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 75.223162][ T5317] R13: 00007f339d816128 R14: 00007f339d816090 R15: 00007ffd29541818 [ 75.223174][ T5317] [ 75.382787][ T5316] JFS: Invalid file type 02001 for inode 4. [ 75.385490][ T5316] jfs_lookup: iget failed on inum 4 [ 75.626663][ T5295] Bluetooth: hci0: command tx timeout [ 77.707496][ T5295] Bluetooth: hci0: command tx timeout [ 79.786809][ T5295] Bluetooth: hci0: command tx timeout