program: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r1, 0x0) (async) shutdown(r1, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)}, &(0x7f0000000300)=0x10) setsockopt$inet6_IPV6_RTHDR(r1, 0x29, 0x39, &(0x7f00000000c0)=ANY=[@ANYBLOB="84020201"], 0x18) syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x88c0, &(0x7f00000007c0)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c696e74722c6e6f61636c2c0050890e1d2cc1bbbdf08d08fe06ff2766758d8955927fab01a7ccdecfc59b2041a9461723f1db971e775e0e358c03b00c510998283ed6f1dba0502d352e58b65a28492b0a7053e14eccd84ac5b3452602d77c0ca06fcbf3756ab0c1000b6cd9257f69726afcec2859414f3e35e002dcdf2b18b581c33cd87be229bc4302b017e3c3"], 0x1, 0x442a, &(0x7f0000008940)="$eJzs3c9PHGUfAPBnBvoW+rZ9oW8PfZM3cRObaNQQ6EmliZTSUmixptrGeNkusG3RhW1gMR56wFsTTyYejIdGE2+cGg5e65/gxWM9N9GDFxOTRszuzgIz7IaVsGDr53NgmOc3+5159pnD8MSJyp25pdzcUq6wkCvP3Fo6k/u4XFqeL4Z4nzTt/9D+9U97OnGdHPS190929fzFd2+cCeH72R+frK+vr4eq7tDU0Jbff/v13szWY0OcqVNtt3lre+WDEMLJbeOq6gohvP9dCFEI4VySNpoce0MIx0I978a9z27m9mg0Dx8Xz+afTt1fGz49ufpgrfXfHoXwVel/r92e//nFruGfXtmj7gEAAAAAAAAAAAAAAAAAeMaNX7t6/Z3BofAoCt2r0fb3dceTY6v3Y9f3zAud/2MBAAAAAAAAAAAAAAAAAADgb2rz/f9cdKLJ+/9jyXGkRf31tzo/Rjpn4u2rYxcGh5L936Nt+a8nSb+c6wr9TfZ9z+7/fi5Tv/n+79v72a3G+Br99oUoHkidx/HAQAjfJBu/n4qOxKXyUuXVW+Xlhdk9G8YzKx3/+u79qegkG/q3G//RTPud3///v9uupur5zb27xJ5r6fh3tSz37adRW/E/n6m3H/Fn99Lx766l9W4tMFKfAKrx/7x75/iPZdrvVPyPhxByUXWsudQMUF3DVNNbrVdIS8f/UC0tNXUmH2Sr+//3TPwvZNo/qPl/JftFRFPp+P+rltaTKrF5//fHO9//FzPtH0T8q+Nf8f3flnT8D9cTu1NFap9ku/P/eKb9TsX/epyM83iUugJWo3p6q/9XR1o6/j3b8jef/+K21n+XMvX36/mv0W/j+a8x/b8c1Z//aC4d/96W5dq9/ycy9To9/4/U1n/sVjr+R2pp6bVzX+1nu/GfzLTfqfjXViU9jfhvzid/HK6nf23915Z0/P9dT4y3llip/ayt/6Kd1/+XM+0fxPqvOv6VuLO9Pi/S8T/aslw1/j+08f1/JVOv8/EPYdBaf9fS8T/Wslzt/u/ZOf5TmXqdjv9LnWwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Bkwmhz7QhQPpM7jeGAghPPJ+alwJJouzOanS+WZj5ZCGEvSc+FEdLtUni6U8nML5dlivlAqlWdCuJDknww90VKpXMnPF+5e3GirN7pTLCxWpouFSghhPEn/fzjWaGt6rjJfuBtCuLSR95+4vHj3TmEhPzu3+Obg4OBgmNgYQ39U/KRSXKjUe6/nhjC5Ubcv2jK4WvbljbEcjT4sLy8uFEq19Ctb6pTKM4XSljpTSd4XoT+qLC4vzBQqxXypfLvR30EaSY5jE9feu3ZlaFv+zah+HN3fYQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwFz0afuPLEEJ3/SwOIYw0fomalX/4uHg2/3Tq/trw6cnVB2tPWpUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+JMdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7NIxSgNBFAbgN2Ohdh7DatntbFcU0cIVwRPoMTyMHsVLeIcUKdKmCIFkFsJmF7ZJqu9rHszPzHswDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHme3ruPt7qJSHG1uYz4+/pfHOYvpf7cj9+/OMOMnM7za/fwWDfl39NRfleOlm3epevV92eM1N7vYE+G+7TX97menGtq36bm6/veRMpVRLQlv005V9W8twAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgyw4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24FgAAAAAQJi/dRR9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPArAAD///4CHxA=") open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111) mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0) (async) mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x40042, 0x0) pwrite64(r3, &(0x7f0000000540)="9e", 0x1, 0xfecf) (async) pwrite64(r3, &(0x7f0000000540)="9e", 0x1, 0xfecf) open(&(0x7f000001f580)='./file1\x00', 0x145142, 0x0) (async) r4 = open(&(0x7f000001f580)='./file1\x00', 0x145142, 0x0) ftruncate(r4, 0x96ef) (async) ftruncate(r4, 0x96ef) syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f0000000100)=ANY=[], 0xb, 0x0, &(0x7f0000000100)) r5 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r5, 0x4c04, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8]}) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x1ff) (async) r6 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x1ff) mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4, 0x11, r6, 0x0) (async) mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4, 0x11, r6, 0x0) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7a, &(0x7f0000000340)={r2, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84) epoll_create(0x1) (async) r8 = epoll_create(0x1) epoll_pwait2(r8, &(0x7f0000000080)=[{}], 0x1, &(0x7f00000000c0)={0x0, 0x3938700}, 0x0, 0x0) (async) epoll_pwait2(r8, &(0x7f0000000080)=[{}], 0x1, &(0x7f00000000c0)={0x0, 0x3938700}, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$bcachefs(&(0x7f0000000240), &(0x7f0000000040)='./file0\x00', 0x3000094, &(0x7f0000000000)=ANY=[@ANYRES8, @ANYRES32, @ANYRES32=r7, @ANYBLOB], 0xec, 0x5a9c, &(0x7f0000006d00)="$eJzs3X+QHFd9IPDXM7Pa0a5WWskmFjZerYWVOCaglX8VP1JBySWQsgklihSxfAJ7ba0cgSSr9CO2hRPknM2hsqEg5VRikj8cynAHVihXwQUrLhwbn+Tjl8oXznUFroOc4Q9Sjg8V2DoXxbFXO9NvdqZnent2dlaW5M+npO3pNz3ffv36TU9/X/fuBAAAAF4Vjt299+S7z/+9b/z51Esf+f1/3HlnGC7XyqtxgdF0etsrVUNOpcHK6to02y9+7cNf+NH4Tb/z9YeHPvvy0a0Xbfve755z06MfvPrI/X/zxIsjX/7lc0VxY3+6dHY+eSEJofrVE3/50aPfPG+mLFk+87N0MISVyaonViYh3NUcYuLnIYSt9ccrVmfif+mly7fNTO+8Z7ClfEVmOf391W1mPychhAMnb31D+P5vb77r22u++PcDh58/OLtIUm3qTyEsv6H59QMhhKXp/xmxt8X+mKTTTSGEoabXvbmgXq/vsv7rc+YvSKdL0ulwQZz4/NrMfCmzXHY+GshMhwrWt1B59eh1uSLLMvNJn+JGefWM5SvT6VfS6aXzjF9Ot6GchFISKo3q70hm+0ho2m9JSGr7stqYLzX2bUi3PzOfZOZLmfnyQGa7autNO1o5SVrL43KZ8ng4rqTlFzUfqzt4b9Pj5uVeG8vSN+rL2WWqrbt8uO1BY7tqYr1OzFGXU6HUdAzqVN7Y8enOGE7LhpNVba+Z7iA+d3TzvevKW752bDSnHsnDSRo/6Sn+gW+tXPaBhw7tz36uN+LfUErjl3qK/4Nrjv/kukOf+XRu/E/G+OWe4l/22NAL1zx599rc9jkR26fSU/zJ5576+JpzbzycW/8HYvxqT/E3Hjk+OHLyscdz6z8R22dpT/Gffds7fvj5Zx55Pjd+iPGHCuMPNs3H57Yc2f2JwbGTl+TGfzy2z3Bv/ednh6/67tjYj8fz4j8d44/0FP9zBwff+uCKe67O3b+bYvuM9hT/XRc/eteyk49cmHfsTB7o1ycnwKvTOek51sfS+V7zzIVqyhf+erxSP+dblv4f6eeKMief2TyhQL/TKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADOUq95w3975/9+3+gLlXR+MH3wbKk+jeVLQkiWhhD27pvcs2/7rpvHP3jL/j27JneMT+4bn9q1b8/t41f8xvieqd07Jm+feXbijZfXX7cqJPVpcmHbugenp6dLo61lcX3/7uLD31/35n/9txAmXvOdsUpu/dffv/PBczv8zEg2Tr995/53f+fKv0u3azSt12iHek1PT0+HnHr9n2t/8eBfnPjRJSFM/Mpc9Xrq2d/6p5YK1Qpm46RKg6FeocFkqGM9GrVO6xPbq7Jt+46pibnbd+b15Zzt+Pcffv7n22771C/q7VvN3Y4u23fpxukdpb/a/K7/91d31AuK6vVK7fei9o5bEesX26+atvfydLuW52xXJWe77v7248989fxDLx4ME5WfrWlfd9F2DaQdYCB5bVfrjWsYSla2lFfT5eMej69bv2/n7vV7bz/wxu07J2+eunlq11s2XLHhqokrr7pyfW3L1/d5++P6f7XL7e9/f3ruX9vXu+JPDn4l/uyuP7XWa8m822OmXsXt0VyjvPff0Hs/et9b7n/y3fWCon4el24cT9Lp0Mx+3hBm+1vbqztvV9H+CSGMd2qHn7x4dTjvf26/q+g41Lxnmn9mJBunv7n2p3/35r9d/Zv1glNynG+uUI/H+UatZ+tTa69quj+mT9P2HQzldLuGO9ZrwzefHLj32L/9aaN+S5aE2yb37duzof5zWVrTZckFHeuVLY3btab2sxzSZomTpgetBkK9ftnjZ1w826rD6XPDyaqO25UVnzu6+d515S1fO5bX0snD9TUuDSP1afK6nCV3ZF5YblS40/pP1/dfUf8Ye+fffvl9X/6HK9r6x2X1n0XbleRs1xef+dx9n/3Uf/yH/m3XO3/r+OhP/9cfr6sXnPbHlXK9Io1ap/VJmo8rl4VQ9P5bEzpvR+77r9R5e4ref9n1zC7fOd54Zn44lHt6v1722NAL1zx599rc9+uJud6vzRt7R8vrygXv19Ol/2TfX0mltR6L9/5q6SjJxumvf+ycg098ZNP59YKiz8vG0p369eVd5B852/VP13137Jbx//A/+nfc+MJvfOn6701u/LN6Qe/7PdalP/u9mrZvNad9G7WOeWdz+77pplt2bK2XF7XzK3f+m04L8p94KNl7+4EPTe7YMbVnb3fb1e3naVxPtpV7/TyNR7dVBdtVatuuxXvQTXt1+36L9d/ac3u1vt+GQ9LT58KBb61c9oGHDu0fbXtVuqIbSmn8Uk/xf3DN8Z9cd+gzn86N/8kYv9JT/Mnnnvr4mnNvPJwb/4EkjV8tjr88tMXfeOT44MjJxx7PjT8R67+0p/o/+7Z3/PDzzzzyfG78EOMP99b+Pzt81XfHxn6cG//pJF3PzDlSCF966fJt9fmklhNXm+ox0FKvkJ1PMvOlzHy5eb4URxHSFZSTpLU8LpeWX9RUl07+KKc8noVVV9enL8f5kH0wd/npptR07O9UXnSeCgBwtovX/+M5aLz+P5WeKOWPNMCsheZhq3Pixjxsdjyn9Rrr6jR+fH0cBxx7U5iYmd45Xj/Rn+91hPh+yI5zxvVc8vrWGB3HJ440r6S2/rZxzqLx97WZ+Viv+nh5pSkPTbXnNZWQO/5eabyufT1zj79nNr/4etb4x9qqNd40bpXdfwPpiFmn+x0y9a3MRMjrH9lxsXg/x9jysKm2vi77R/Y+mrgfsvfRxPWcnzlw9nofTV7/GG1vh5Z6xf4Rl5ujf9SqXHw9sn3/hTnad3b/dY6W3X/z2N/VmeUX+/psH8YNOx7STt244eJeDzstxiU7xD/F45LL2uKnb7DTfdwwlsd2qnQ5nvi+nPJ+jSfGw0Ws14k56nIqGE8EzlYx/4+fETP5/8wJ+P/NLFeUp2TPGmO83PuEyp3rU5R3tN+nN9TT5/iWI7s/MTh28pLc85zHu71Pb3fL3FDBfT9F7bguM1/YjjkDNEX3W2XXU9Tu2fsyhsNIT+3+uYP3v/XBFfdcndvum+ofpMXtfl/L3EhBu58B+ULn+PKFMy5fKL8C9zEUjZ/l5yPlRj3mykdCr/lIeuPTYuUjf5hTPt98ZKjtQWO7ajrkIzvvm6Nei6U9H5n9IG3JRzr94gYAQFP+37h+lub//xJPLNLziKK89dLMfIyXm7fmnJ/k5a1/kE5vyyw/XPuNis7B5jpvftfFj9617OQjF+bmLQ90m4f+55a50cI8dGF5c24esak/94vn5hGNPGtheWJu/Rt54sLy9JzLtE15+sLy6Nz2aeTRreMA9x2fzTTmih/HAXLjN8YB+pjn/nJ2oVN3v37BeF1mZXG22/G6U51Hz5QMLG/dzta8eKg/1/XSX59drDz6vTnl882jh9seNLar5oy7riePBgDOMjH/j6dxtfx/MIQn4wJL44OFXWfPzQv6dN6e/XsgjfhPL0peORu/T9d/i/O+xc5bFzuvX+xxidPn+u90T3nxYo8Ljdb+gOd843c7TvaK3e+6KHnxvzQedZ0XpyuVFwMAcDqL+X9M8+P1/yczyy00P2nL3wbqp5Cz+cmZl583L3cG5+fXhlOVnw+eyfn5mT7+NdpT/Fdn/j+rx+viL0+fxfl/rc7yfwCAM1LM/+OvPca///df0/ns363vMk9/IHs7r+vorqOHBeXpIyGEV0Oe3udxthi/+T6AM3gcoHxmjQPUHyydXf5sGgeoGQgGAwAAzgADtUyp/ffs359Os79nn/d7+dflLN+tSnp6fOO+PVNT1+/fvXVy39T1u27ZOrX3+lv3bN+3b6px7ryw67u5eUuaNw6EStoenZfL5m0r0r+HsCLn7yFkl49hL6g9aP97CNnVLi34OwKz+6+7+ubtv9Icy3fqH3n7Oy/+H+UsHzX2/01/fNn12/Zev33X9n3bJ3dsPzDVutxo7Tepu//ezHidcl7fl5r50aY0/+/vjLtnYfUotdVjIG2PTvt/ph5Jph4r05qszPv+g5x6f+O//8WfXDz9i8+HMPGa8us61/uehzpXPiPZOP1frp36g33HvrN7pv6lOevfWDKtV9H3lWaXj9tT2XHL3n1v2HbL/l3Zb5TsTRzPKDXmF+m+hvTtX+5yfGJLTvl8f3+/3Pbg9NT1+AQAAC3i9f94PhuvH34qPYGK5YV5+q76cgu9fpybp090l6dnv5esKE/PLh+3t9s8vbrAPD27/qI8vdPynfL0vLw7L/4f5iw/X933kx7u86ik7fDQof25/eSG7vpJ9vsMivpJdvn59pNkgf0ku/6iftJp+U79JG+/58V/T87yeYr6Q6XRHxZ2X05uf/hkd/3h1zPzRf0hu/x8+0Npgf0hu/6i/tBp+U79IW//tscvtzR5f8Z/ZzpGrV9MXX/rLXs+1LTcYn//RWi/JaOb+i2Zfe3ifv9Hr7pv38W972vh9Q9hY60kr/7x+sCSedW/29//Wnj9i9p/HveVLQ9t95Xl1v/phY2EdV//xf1+l4y8xdtff6rGa9NuV3T/WdE47uac8vmO4y5pe3B6Mo4Lr5yY/8fLPTH/vyed9vsy0Jn/PWk9fM7FY/AZ9j1mvZwnLfT++KLzmFfd53n2krvPcwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICzwmBldW167O69J999/u9948+nXvrI7//jzjt/7cNf+NH4Tb/z9YeHPvvy0a0Xbfve755z06MfvPrI/X/zxIsjX/7lc4WBR2s/K5ems9UQkheSEKpfPfGXHz36zfNmypIQQjkZPRjCymTVEyuTTISJn4cQtjbq2frkl166fNvM9M57BlvKV2SCZLcrDJdjfZrrGcJthVvEGaia9rMDJ299Q/j+b2++69trvvj3A4efPzi7SFJt6k8hLL+h+fUDIYSl6f8Zsbetji9Op5tCCENNr3tzQb1e32X91+fMX5BOl6TT4YI48fm1mflSZrnsfDSQmTZt69KCVfckrx69LldkWWY+ezBaqLx6xvKV6fQr6fTSecYvx/9JKCWh0qj+jmS2j4Sm/ZaEpLYvq435UmPfhnT7M/NJZr6UmS8PZLartt60o5WTpLU8Lpcpj4fjSlp+UfOxuoP35pS/Np1W0zfqy3E+ZB/UDbc9aGxXTazXiTnqkvpPnYsrxa/sQqnpGNSpvLHj050xnJYNJ6vaXjPdQXzu6OZ715W3fO3YaE49koeTNH7SU/wD31q57AMPHdq/Oi/+DaU0fqmn+D+45vhPrjv0mU+v7thaISSfjPHLPcW/7LGhF6558u61ue1zIrZPpaf4k8899fE15954OLd9Hojxqz3F33jk+ODIyccez63/RGyfpT3Ff/Zt7/jh55955Pnc+CHGH+op/pYjuz8xOHbyktz4j8f2Ge6t//zs8FXfHRv78Xhe/Kdj/JGe4n/u4P1vfXDFPVfn7t9NsX1Ge4r/rosfvWvZyUcuzDt2Jg/065MT4NXpnPQc62PpfK955kI15Qt/PV6pn/MtS/+P9HNFGTPrWb6I8QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODv98x1XvP/at79ncyUJIclZZrqD+Fx5ycaN4z2sd/K5pz6+5twbDzeXre4hDgAAAFAs5uGlRkk1rA63JkvDBR2Xj2MEF8S5pLU8O4YQ42THCHqNU+oQp9RDnHKf6lPpU5yBPsVZ0qc4g32KUy2IUw3dxVk6R5zKTA/osj5Dc9an+zjDfYqzrE9xRjIheo2zvE/1WdGnOKNzxum+H67sU5xVfYpzTp/inNunOK/pU5xf6VOc8/oUJzumPN9+OJIueX5enNqDcmGcSlJuPNFpPP28dD0XLnA9wwXrGSn6PO5yPUu7XM/rM68rzXM91S7X86sLXE/S5Xp+fYHrKRWsJ/bb27L1i+uJc132/9v7FOdAn+J8uE9x7uhTnD/tU5w/61Ocj4TWk9P5xgHoVsz/Z/O90TBY+c0wlB5xsqMAMd9dU/vZ/nmXd0CK8V6XKV9SFC+bqGfirZlv/bIDCJl4azPlAy3xKo18ZI541eZ46zJPzrW9b9vYuW7N8S7NlA/OEa9lAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgFPjnO654/7Vvf8/mkISZfx1NdxCfKy/ZuHG8h/Ue3XzvuvKWrx1rLhus9BAIAAAAKBTz8IFGSTUMVjaEwWRJy3LVdBygms6XR+vTseVh08w0GS/V5oeSlXO+rpK+bv2+nbvX7739wBu375y8eermqV1v2XDFhqsmrrzqyvXbtu+Ymqj/DGGwIF4IoTb8sPf2Ax+a3LFjas/eemG2/qvT161O55P0dWNvChMz0zvT+q8qWF+pbX2L96B47wEAAAAAAAAAAAAAwP9n195C5DrrAIB/Z2Z2Zrpt7Epv09Bsh1xK1KpJ3EqqpXtAsNBcyFKQ2epagk2wuGlCm5RYxzZgWxMUoSUQInkwEoutxZdebBF7IRCp0YAbg7RF86APSquVtORBUkZ2ds7cdiaznZZuEn+/h/PN/L//9/3PdwiB/5kFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4aE2VRyZKo2Pjg1EIUZecSgfJXDobx8U+6n7thW0/yg2fXt4cy2X62AgAAADoKenDB+qRfMhl0iEdrq5+WxyaJkKj7wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP7/TJVHJkqjY+MXRyFEXXIqHSRz6WwcF/uoe/Kdpz7/2vDwP5pjhT72AQAAAHpL+vBUPZIPhbAkDERXT3f+9WjybmBh2/qZvIZkn0VzzGt/d9Atb8kc866bY94neuStr407AwAAAJz/kv4/U48MhVxmwax+OOn/e/X1Sd61bXnp2lhsTjqr7FySAAAAgDlI+v9cPVIIuUyh3q/Ptd9f3AhVfzpP1vf63T5Zv6wtL1nf6/f8dbXR7/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcP6YKo9MlEbHxtNRCFGXnEoHyVw6G8fFPuquenHwX2sOP7y4OZbL9LERAAAA0FPShzda73zIZQbDQLi42vcP33Lgma8889xICGGmzc9mw86N27ffs2r6GlYleSuPHh744ZG3vjsrb+XMdd4OCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfGimyiMTpdGx8YuiEKIuOZUOkrl0No6LfdR944tf/tsTJ55/szlW6GMfAAAAoLekD2/0/vlQCNmQDVdWvzX3+tNSbeu7vTMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALhz3fvv+b22cnNx0jw/z86GSDuEcuI0P+CH553Su3M/5/yE/37cxv/8vAQAAH75rQxQq79NVG+b7rgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHPBVHlkojQ6Np6PQoi65FQ6SObS2Tgu9lE3fuFYbsHpF19ujhX62AcAAADoLenDG71/PhTCQBgIV1S/dXonUO3/h953qSjzge4UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOFdMlUcmSqNj4wuiEKIuOZUOkrl0No6LfdR9fNf+Lxy69Ae3NsdymT42AgAAAHpK+vBsPZIPucwnQy5cU/s+2bogStfGzu8FGuu2tSwbnPO6csu69NnWRZkQ6ut2t50sUzvNzLp8st/QzFivV2ysS9XWFZvWFUK9fLG+rvqw9rZUW9DjfLOfPAAAAHx0kv4/V48MhVwm19T//7w2XlQb9bkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQGdT5ZGJ0ujYeBSFEHXJqXSQzKWzcVzso+79v//4JV//xZ4dzbFCH/sAAAAAvSV9eKP3z4dCWBQ+FhZV+/4w1Jqf5P27dObQY//5+/IQVlx5fDjTvu1Pkg+/fePml9ovIaRas1MhXFqrF3Wp97s/Pnbf0sqZJ0JYcUX6mln1wtnrtW4ZV54tbVq3/cjxbT0eDgAAAFwgkv5/oB4ZCrnM3V37/6Tz7tH/11Ub8Evv2/Wry2vXWkfetiI1VKuX6lLvS0uf+uuy1f98a7r/n13v0/VPn92/5dDlLQVnIm2iuDK6Zcf64zccTCWnnqmfbqufPJevfufN/27e+eiZmfr5kK/FF7bdyky12de28iGuTKb2ja99b1+5tX6my/kf/sPLJ36zcM+70/XfuXawXv+66Uuuvf7MyTNd64eL4srgbY/svXH/4fWt9UMIxU7133731nDVn+96qP38g20bNz/55mv7A4grRxefOrj6QOGm1vpRW/3k+f/yxON7f/bo959L6id/K7J8yVzrp9rqv7r7sl2vPLhhYWv9VJfzv3T7a8Nbi9/7U/v572zZNdP1Lmaf/8nrn77j9Y3xA+1TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF5ap8shEaXRsPBWFEHXJqXSQzKWzcVzso+7JNcfevn3PT3/cHCv0sQ8AAADQW9KHN3r/fCiEbMiGwWrf/2xp07rtR45vC0Mzs1FtzExuvXf7pzZv3XH3nfN05wAAAMBcnVwTVfv/TD0yFHKZpWGg1v+Pbtmx/vgNB1NJ/5+aHqMQwua7JjetCPW8V3dftuuVBzcsrL8nCKH6ZwH56bzPNfJuufnY0Km/fHNZx7xVjbyji08dXH2gcFOSF5rzVob6+4knr3/6jtc3xg/U76857zPf2DpZez2R7Dt42yN7b9x/eH0qeY9RGwdr+yZ5k6l942vf21dODYXc9Hy6lpevnRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmG2qPDJRGh0bD+kQoi45lWa1QDKXzsZxsY+6a5f++qFLTj+/qDmWy/SxEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA/duBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrBffyFSVXEcwM+Z2W3/zK7uatBWtK5WFPagFETUS0VFaITQkyFhaT5EQRBR2ENraChW9BJkvUhUUG0hGOQmiRZr9E966aGCAushEGmhdpAeKnbm3NnZ69xGRw3KzweGs+fce7/3d+89c2YvAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPyn9HSN1NrD2x6r3n3J7Z8/8+DM03d++MiWq556++exDbd+tqf/jRNTG5du+u62xRv2P7Rqcterh34ffP/Po22Dn6w3y1O3N4R4PIbQ+9H0S89OfXHR7FgMIZTj0HgIw3HRoeGYS1j5RwhhY6PO+Rv3zly3abbdsrNn3vjCXEj+ukKlnNVTNzS/Xv5fetM821x94prwwy1rt3615L13uyeOjc/tEmf3Kaf5FMKC9c3Hd4cQ+tJnVjbbRrKDU7smhNDfdNwNbeq6/BTrXxFCNdevuTS1F6S20iYn274s1y/l9sv3M93N7fb513ouFNXR6X7tDOT6+cXoTDXqXNF6fDi1H6R2+Wnml7NPDKUYuhrlPxzn5kioz9HaShpDrD3LbB2ModR4xiFdf64fc/1Srl/uzl1X7bxpopVjnD+e7Zcbz5bjrjS+tHmtbuGegvGLU9ubvqgnsn7I/1FXOemPxnXVZHVN/0Mt/4ZS0xrUajzV23j+ldSpxEUnHfNXC9m2qbXPXVle9/HhoYI64p6Y8mNH+Zu/HB64750dj48U5a8vpfxSR/k/rj7y6707XnulMP/FLL/cUf61B/qPr/5k27LC+zM9t4KcSn5M/Wzb/Uc/fX7JhQ9MtHrWtczd2f3v7aj+myeP9AxWDxwsrH9ldn/6Osr//qY7fnrrm33HCvNDlt/fUf66yUdf6BmtXl2Yf7D+HajUZmgH8+e3ieu/HR39Zawo/+vs/g+2yI9t898c33Xj6wt3riqcn2uy+zOU8vtOq/67rti/daC677KitTPuPlu/nADnp8Xpf6ztqd/uPXPvTKnle+aZanpfeHmsq/4LNJA+g2fzRDmz51lwDvMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAv9mBAxIAAAAAQf9ftyNQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4KgAA//8w2BFq") r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0) write$binfmt_script(r9, &(0x7f000000e0c0), 0x10010) r10 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) sendmmsg$inet(r10, &(0x7f0000003b00)=[{{&(0x7f0000000880)={0x2, 0x0, @empty}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x0, @empty=0x3000000}, 0x3, 0x0}}], 0x2, 0x0) recvmmsg(r0, &(0x7f00000086c0)=[{{0x0, 0x0, 0x0}, 0x8101}, {{0x0, 0x0, 0x0}, 0x10000}, {{0x0, 0x0, 0x0}, 0x1}, {{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000380)=""/188, 0xbc}, {&(0x7f0000000840)=""/245, 0xf5}, {&(0x7f0000000940)=""/4096, 0x1000}, {&(0x7f0000000100)=""/74, 0x4a}, {&(0x7f00000006c0)=""/243, 0xf3}], 0x5}, 0x80000000}], 0x4, 0x20, 0x0) [ 84.884524][ T4701] Bluetooth: hci0: command tx timeout [ 85.199037][ T5356] loop0: detected capacity change from 0 to 32768 [ 85.210550][ T5356] ======================================================= [ 85.210550][ T5356] WARNING: The mand mount option has been deprecated and [ 85.210550][ T5356] and is ignored by this kernel. Remove the mand [ 85.210550][ T5356] option from the mount to silence this warning. [ 85.210550][ T5356] ======================================================= [ 85.279303][ T5356] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 85.328080][ T5358] (syz.0.0,5358,0):ocfs2_check_set_options:1244 ERROR: Invalid heartbeat mount options [ 85.346084][ T5356] loop0: detected capacity change from 32768 to 64 [ 85.370189][ T5358] (syz.0.0,5358,0):ocfs2_read_blocks:239 ERROR: status = -12 [ 85.373712][ T5358] (syz.0.0,5358,0):ocfs2_assign_bh:2417 ERROR: status = -12 [ 85.386947][ T5358] (syz.0.0,5358,0):ocfs2_inode_lock_full_nested:2512 ERROR: status = -12 [ 85.390673][ T5358] (syz.0.0,5358,0):ocfs2_inode_lock_atime:2602 ERROR: status = -12 [ 85.394189][ T5358] (syz.0.0,5358,0):ocfs2_mmap_prepare:170 ERROR: status = -12 [ 85.401622][ T5356] (syz.0.0,5356,0):ocfs2_read_blocks:239 ERROR: status = -12 [ 85.404789][ T5356] (syz.0.0,5356,0):ocfs2_get_clusters:627 ERROR: status = -12 [ 85.410124][ T5366] (syz.0.0,5366,0):ocfs2_read_blocks:239 ERROR: status = -12 [ 85.413688][ T5366] (syz.0.0,5366,0):ocfs2_assign_bh:2417 ERROR: status = -12 [ 85.417141][ T5366] (syz.0.0,5366,0):ocfs2_inode_lock_full_nested:2512 ERROR: status = -12 [ 85.420652][ T5366] (syz.0.0,5366,0):ocfs2_inode_lock_atime:2602 ERROR: status = -12 [ 85.424231][ T5356] (syz.0.0,5356,0):ocfs2_extent_map_get_blocks:681 ERROR: status = -12 [ 85.429702][ T5356] (syz.0.0,5356,0):ocfs2_get_block:153 ERROR: get_blocks() failed, inode: 0xffff888042fdcfb8, block: 0 [ 85.434638][ T5366] (syz.0.0,5366,0):ocfs2_mmap_prepare:170 ERROR: status = -12 [ 85.439989][ T5356] (syz.0.0,5356,0):ocfs2_read_blocks:239 ERROR: status = -12 [ 85.443980][ T5356] (syz.0.0,5356,0):ocfs2_get_clusters:627 ERROR: status = -12 [ 85.450072][ T5356] (syz.0.0,5356,0):ocfs2_extent_map_get_blocks:681 ERROR: status = -12 [ 85.453623][ T5356] (syz.0.0,5356,0):ocfs2_get_block:153 ERROR: get_blocks() failed, inode: 0xffff888042fdcfb8, block: 0 [ 85.459037][ T5356] (syz.0.0,5356,0):ocfs2_read_blocks:239 ERROR: status = -12 [ 85.463648][ T5356] (syz.0.0,5356,0):ocfs2_get_clusters:627 ERROR: status = -12 [ 85.467941][ T5356] (syz.0.0,5356,0):ocfs2_extent_map_get_blocks:681 ERROR: status = -12 [ 85.471563][ T5356] (syz.0.0,5356,0):ocfs2_get_block:153 ERROR: get_blocks() failed, inode: 0xffff888042fdcfb8, block: 1 [ 85.478492][ T5356] (syz.0.0,5356,0):ocfs2_read_blocks:239 ERROR: status = -12 [ 85.483329][ T5356] (syz.0.0,5356,0):ocfs2_get_clusters:627 ERROR: status = -12 [ 85.489040][ T5356] (syz.0.0,5356,0):ocfs2_extent_map_get_blocks:681 ERROR: status = -12 [ 85.492680][ T5356] (syz.0.0,5356,0):ocfs2_get_block:153 ERROR: get_blocks() failed, inode: 0xffff888042fdcfb8, block: 2 [ 85.498007][ T5356] (syz.0.0,5356,0):ocfs2_read_blocks:239 ERROR: status = -12 [ 85.503241][ T5356] (syz.0.0,5356,0):ocfs2_get_clusters:627 ERROR: status = -12 [ 85.508017][ T5356] (syz.0.0,5356,0):ocfs2_extent_map_get_blocks:681 ERROR: status = -12 [ 85.511438][ T5356] (syz.0.0,5356,0):ocfs2_get_block:153 ERROR: get_blocks() failed, inode: 0xffff888042fdcfb8, block: 3 [ 85.517041][ T5356] (syz.0.0,5356,0):ocfs2_read_blocks:239 ERROR: status = -12 [ 85.520164][ T5356] (syz.0.0,5356,0):ocfs2_get_clusters:627 ERROR: status = -12 [ 85.523453][ T5356] (syz.0.0,5356,0):ocfs2_extent_map_get_blocks:681 ERROR: status = -12 [ 85.528977][ T5356] (syz.0.0,5356,0):ocfs2_get_block:153 ERROR: get_blocks() failed, inode: 0xffff888042fdcfb8, block: 4 [ 85.534216][ T5356] (syz.0.0,5356,0):ocfs2_read_blocks:239 ERROR: status = -12 [ 85.538067][ T5356] (syz.0.0,5356,0):ocfs2_get_clusters:627 ERROR: status = -12 [ 85.541480][ T5356] (syz.0.0,5356,0):ocfs2_extent_map_get_blocks:681 ERROR: status = -12 [ 85.544844][ T5356] (syz.0.0,5356,0):ocfs2_get_block:153 ERROR: get_blocks() failed, inode: 0xffff888042fdcfb8, block: 5 [ 85.550918][ T5356] (syz.0.0,5356,0):ocfs2_read_blocks:239 ERROR: status = -12 [ 85.554049][ T5356] (syz.0.0,5356,0):ocfs2_get_clusters:627 ERROR: status = -12 [ 85.558719][ T5356] (syz.0.0,5356,0):ocfs2_extent_map_get_blocks:681 ERROR: status = -12 [ 85.563318][ T5356] (syz.0.0,5356,0):ocfs2_get_block:153 ERROR: get_blocks() failed, inode: 0xffff888042fdcfb8, block: 6 [ 85.569185][ T5356] (syz.0.0,5356,0):ocfs2_read_blocks:239 ERROR: status = -12 [ 85.572493][ T5356] (syz.0.0,5356,0):ocfs2_get_clusters:627 ERROR: status = -12 [ 85.575973][ T5356] (syz.0.0,5356,0):ocfs2_extent_map_get_blocks:681 ERROR: status = -12 [ 85.579679][ T5356] (syz.0.0,5356,0):ocfs2_get_block:153 ERROR: get_blocks() failed, inode: 0xffff888042fdcfb8, block: 7 [ 85.584824][ T5358] (syz.0.0,5358,0):ocfs2_read_blocks:239 ERROR: status = -12 [ 85.588899][ T5358] (syz.0.0,5358,0):ocfs2_get_clusters:627 ERROR: status = -12 [ 85.592099][ T5356] ================================================================== [ 85.595879][ T5356] BUG: KASAN: slab-use-after-free in ocfs2_fault+0xd3/0x3f0 [ 85.599273][ T5356] Read of size 8 at addr ffff888043992918 by task syz.0.0/5356 [ 85.602453][ T5356] [ 85.603563][ T5356] CPU: 0 UID: 0 PID: 5356 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 85.603579][ T5356] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 85.603585][ T5356] Call Trace: [ 85.603592][ T5356] [ 85.603598][ T5356] dump_stack_lvl+0x189/0x250 [ 85.603615][ T5356] ? __kasan_check_byte+0x12/0x40 [ 85.603631][ T5356] ? __pfx_dump_stack_lvl+0x10/0x10 [ 85.603643][ T5356] ? lock_release+0x4b/0x3e0 [ 85.603660][ T5356] ? __virt_addr_valid+0x4a5/0x5c0 [ 85.603675][ T5356] print_report+0xca/0x240 [ 85.603685][ T5356] ? ocfs2_fault+0xd3/0x3f0 [ 85.603699][ T5356] kasan_report+0x118/0x150 [ 85.603712][ T5356] ? ocfs2_fault+0xd3/0x3f0 [ 85.603727][ T5356] ocfs2_fault+0xd3/0x3f0 [ 85.603741][ T5356] ? __pfx_ocfs2_fault+0x10/0x10 [ 85.603756][ T5356] __do_fault+0x138/0x390 [ 85.603771][ T5356] __handle_mm_fault+0x3611/0x5440 [ 85.603785][ T5356] ? __pfx___handle_mm_fault+0x10/0x10 [ 85.603801][ T5356] ? find_vma+0xe7/0x160 [ 85.603811][ T5356] ? __pfx_find_vma+0x10/0x10 [ 85.603821][ T5356] handle_mm_fault+0x40a/0x8e0 [ 85.603834][ T5356] do_user_addr_fault+0x764/0x1390 [ 85.603853][ T5356] exc_page_fault+0x76/0xf0 [ 85.603916][ T5356] asm_exc_page_fault+0x26/0x30 [ 85.603928][ T5356] RIP: 0010:strncpy_from_user+0xb7/0x290 [ 85.603940][ T5356] Code: 00 00 4c 89 f6 e8 69 7e bf fc 49 83 fe 07 0f 86 9d 00 00 00 48 89 1c 24 4c 89 74 24 08 48 c7 c5 f8 ff ff ff 45 31 e4 4c 89 fb <4f> 8b 34 27 48 b8 ff fe fe fe fe fe fe fe 4d 8d 3c 06 4d 89 f5 49 [ 85.603950][ T5356] RSP: 0018:ffffc9000d307d30 EFLAGS: 00050246 [ 85.603960][ T5356] RAX: ffffffff850041b7 RBX: 0000200000000080 RCX: ffff8880330b8000 [ 85.603966][ T5356] RDX: 0000000000000000 RSI: 0000000000000fe0 RDI: 0000000000000007 [ 85.603970][ T5356] RBP: fffffffffffffff8 R08: ffff8880339cd3ff R09: 1ffff11006739a7f [ 85.603975][ T5356] R10: dffffc0000000000 R11: ffffed1006739a80 R12: 0000000000000000 [ 85.603980][ T5356] R13: dffffc0000000000 R14: 0000000000000fe0 R15: 0000200000000080 [ 85.603989][ T5356] ? strncpy_from_user+0x97/0x290 [ 85.604002][ T5356] getname_flags+0xf3/0x540 [ 85.604019][ T5356] do_sys_openat2+0xbc/0x1c0 [ 85.604034][ T5356] ? __pfx_do_sys_openat2+0x10/0x10 [ 85.604051][ T5356] ? rcu_is_watching+0x15/0xb0 [ 85.604063][ T5356] __x64_sys_openat+0x138/0x170 [ 85.604078][ T5356] do_syscall_64+0xfa/0x3b0 [ 85.604093][ T5356] ? lockdep_hardirqs_on+0x9c/0x150 [ 85.604106][ T5356] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.604116][ T5356] ? clear_bhb_loop+0x60/0xb0 [ 85.604126][ T5356] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.604135][ T5356] RIP: 0033:0x7f47bcf8ebe9 [ 85.604147][ T5356] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 85.604155][ T5356] RSP: 002b:00007f47bde8c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 85.604166][ T5356] RAX: ffffffffffffffda RBX: 00007f47bd1b5fa0 RCX: 00007f47bcf8ebe9 [ 85.604174][ T5356] RDX: 0000000000105042 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 85.604185][ T5356] RBP: 00007f47bd011e19 R08: 0000000000000000 R09: 0000000000000000 [ 85.604195][ T5356] R10: 00000000000001ff R11: 0000000000000246 R12: 0000000000000000 [ 85.604204][ T5356] R13: 00007f47bd1b6038 R14: 00007f47bd1b5fa0 R15: 00007ffe1a7d0708 [ 85.604217][ T5356] [ 85.604221][ T5356] [ 85.741338][ T5356] Allocated by task 5358: [ 85.743234][ T5356] kasan_save_track+0x3e/0x80 [ 85.745268][ T5356] __kasan_slab_alloc+0x6c/0x80 [ 85.747394][ T5356] kmem_cache_alloc_noprof+0x1c1/0x3c0 [ 85.749665][ T5356] vm_area_alloc+0x24/0x140 [ 85.751616][ T5356] mmap_region+0xdc7/0x20c0 [ 85.753519][ T5356] do_mmap+0xc45/0x10d0 [ 85.755358][ T5356] vm_mmap_pgoff+0x2a6/0x4d0 [ 85.757358][ T5356] ksys_mmap_pgoff+0x51f/0x760 [ 85.759395][ T5356] do_syscall_64+0xfa/0x3b0 [ 85.761340][ T5356] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.763965][ T5356] [ 85.764996][ T5356] Freed by task 5356: [ 85.766679][ T5356] kasan_save_track+0x3e/0x80 [ 85.768670][ T5356] kasan_save_free_info+0x46/0x50 [ 85.770733][ T5356] __kasan_slab_free+0x5b/0x80 [ 85.772804][ T5356] slab_free_after_rcu_debug+0x129/0x2a0 [ 85.775322][ T5356] rcu_core+0xcab/0x1770 [ 85.777206][ T5356] handle_softirqs+0x283/0x870 [ 85.779281][ T5356] __irq_exit_rcu+0xca/0x1f0 [ 85.781248][ T5356] irq_exit_rcu+0x9/0x30 [ 85.783229][ T5356] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 85.785599][ T5356] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 85.788028][ T5356] [ 85.789053][ T5356] Last potentially related work creation: [ 85.791405][ T5356] kasan_save_stack+0x3e/0x60 [ 85.793423][ T5356] kasan_record_aux_stack+0xbd/0xd0 [ 85.795843][ T5356] kmem_cache_free+0x2f6/0x400 [ 85.797846][ T5356] vms_complete_munmap_vmas+0x626/0x8a0 [ 85.800152][ T5356] mmap_region+0x11db/0x20c0 [ 85.802153][ T5356] do_mmap+0xc45/0x10d0 [ 85.804072][ T5356] vm_mmap_pgoff+0x2a6/0x4d0 [ 85.806056][ T5356] ksys_mmap_pgoff+0x51f/0x760 [ 85.808044][ T5356] do_syscall_64+0xfa/0x3b0 [ 85.809980][ T5356] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.812433][ T5356] [ 85.813455][ T5356] The buggy address belongs to the object at ffff8880439928c0 [ 85.813455][ T5356] which belongs to the cache vm_area_struct of size 256 [ 85.819325][ T5356] The buggy address is located 88 bytes inside of [ 85.819325][ T5356] freed 256-byte region [ffff8880439928c0, ffff8880439929c0) [ 85.824833][ T5356] [ 85.825915][ T5356] The buggy address belongs to the physical page: [ 85.828618][ T5356] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x43992 [ 85.832605][ T5356] memcg:ffff88803e247101 [ 85.834483][ T5356] ksm flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 85.837758][ T5356] page_type: f5(slab) [ 85.839502][ T5356] raw: 04fff00000000000 ffff888030407b40 ffffea00010e5940 dead000000000003 [ 85.843063][ T5356] raw: 0000000000000000 00000000800c000c 00000000f5000000 ffff88803e247101 [ 85.846601][ T5356] page dumped because: kasan: bad access detected [ 85.849198][ T5356] page_owner tracks the page as allocated [ 85.851642][ T5356] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5082, tgid 5082 (dhcpcd-run-hook), ts 51424464157, free_ts 39854711889 [ 85.859812][ T5356] post_alloc_hook+0x240/0x2a0 [ 85.861933][ T5356] get_page_from_freelist+0x21e4/0x22c0 [ 85.864420][ T5356] __alloc_frozen_pages_noprof+0x181/0x370 [ 85.866959][ T5356] alloc_pages_mpol+0x232/0x4a0 [ 85.869111][ T5356] allocate_slab+0x8a/0x370 [ 85.870996][ T5356] ___slab_alloc+0xbeb/0x1410 [ 85.873104][ T5356] kmem_cache_alloc_noprof+0x283/0x3c0 [ 85.875458][ T5356] vm_area_alloc+0x24/0x140 [ 85.877416][ T5356] mmap_region+0xdc7/0x20c0 [ 85.879381][ T5356] do_mmap+0xc45/0x10d0 [ 85.881159][ T5356] vm_mmap_pgoff+0x2a6/0x4d0 [ 85.883136][ T5356] do_syscall_64+0xfa/0x3b0 [ 85.885116][ T5356] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.887587][ T5356] page last free pid 15 tgid 15 stack trace: [ 85.890065][ T5356] __free_frozen_pages+0xbc4/0xd30 [ 85.892254][ T5356] __tlb_remove_table+0x2d2/0x3b0 [ 85.894405][ T5356] tlb_remove_table_rcu+0x85/0x100 [ 85.896621][ T5356] rcu_core+0xcab/0x1770 [ 85.898498][ T5356] handle_softirqs+0x283/0x870 [ 85.900580][ T5356] run_ksoftirqd+0x9b/0x100 [ 85.902571][ T5356] smpboot_thread_fn+0x53f/0xa60 [ 85.904917][ T5356] kthread+0x70e/0x8a0 [ 85.906763][ T5356] ret_from_fork+0x3f9/0x770 [ 85.908646][ T5356] ret_from_fork_asm+0x1a/0x30 [ 85.910597][ T5356] [ 85.911652][ T5356] Memory state around the buggy address: [ 85.914019][ T5356] ffff888043992800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 85.917395][ T5356] ffff888043992880: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 85.920725][ T5356] >ffff888043992900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 85.924081][ T5356] ^ [ 85.926178][ T5356] ffff888043992980: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 85.929479][ T5356] ffff888043992a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 85.932736][ T5356] ================================================================== [ 85.944032][ T5358] (syz.0.0,5358,0):ocfs2_extent_map_get_blocks:681 ERROR: status = -12 [ 85.966257][ T5358] (syz.0.0,5358,0):ocfs2_get_block:153 ERROR: get_blocks() failed, inode: 0xffff888042fdcfb8, block: 0 [ 85.970933][ T5358] (syz.0.0,5358,0):ocfs2_read_blocks:239 ERROR: status = -12 [ 85.982525][ T5358] (syz.0.0,5358,0):ocfs2_get_clusters:627 ERROR: status = -12 [ 85.987701][ T5358] (syz.0.0,5358,0):ocfs2_extent_map_get_blocks:681 ERROR: status = -12 [ 85.991205][ T5358] (syz.0.0,5358,0):ocfs2_get_block:153 ERROR: get_blocks() failed, inode: 0xffff888042fdcfb8, block: 1 [ 85.997023][ T5358] (syz.0.0,5358,0):ocfs2_read_blocks:239 ERROR: status = -12 [ 86.000452][ T5358] (syz.0.0,5358,0):ocfs2_get_clusters:627 ERROR: status = -12 [ 86.003672][ T5358] (syz.0.0,5358,0):ocfs2_extent_map_get_blocks:681 ERROR: status = -12 [ 86.007859][ T5358] (syz.0.0,5358,0):ocfs2_get_block:153 ERROR: get_blocks() failed, inode: 0xffff888042fdcfb8, block: 2 [ 86.012794][ T5358] (syz.0.0,5358,0):ocfs2_read_blocks:239 ERROR: status = -12 [ 86.017025][ T5358] (syz.0.0,5358,0):ocfs2_get_clusters:627 ERROR: status = -12 [ 86.020217][ T5358] (syz.0.0,5358,0):ocfs2_extent_map_get_blocks:681 ERROR: status = -12 [ 86.023642][ T5358] (syz.0.0,5358,0):ocfs2_get_block:153 ERROR: get_blocks() failed, inode: 0xffff888042fdcfb8, block: 3 [ 86.028999][ T5358] (syz.0.0,5358,0):ocfs2_read_blocks:239 ERROR: status = -12 [ 86.032185][ T5358] (syz.0.0,5358,0):ocfs2_get_clusters:627 ERROR: status = -12 [ 86.038822][ T5358] (syz.0.0,5358,0):ocfs2_extent_map_get_blocks:681 ERROR: status = -12 [ 86.042344][ T5358] (syz.0.0,5358,0):ocfs2_get_block:153 ERROR: get_blocks() failed, inode: 0xffff888042fdcfb8, block: 4 [ 86.048530][ T5358] (syz.0.0,5358,0):ocfs2_read_blocks:239 ERROR: status = -12 [ 86.051487][ T5358] (syz.0.0,5358,0):ocfs2_get_clusters:627 ERROR: status = -12 [ 86.054492][ T5358] (syz.0.0,5358,0):ocfs2_extent_map_get_blocks:681 ERROR: status = -12 [ 86.059212][ T5358] (syz.0.0,5358,0):ocfs2_get_block:153 ERROR: get_blocks() failed, inode: 0xffff888042fdcfb8, block: 5 [ 86.063865][ T5358] (syz.0.0,5358,0):ocfs2_read_blocks:239 ERROR: status = -12 [ 86.067719][ T5358] (syz.0.0,5358,0):ocfs2_get_clusters:627 ERROR: status = -12 [ 86.071834][ T5358] (syz.0.0,5358,0):ocfs2_extent_map_get_blocks:681 ERROR: status = -12 [ 86.077624][ T5358] (syz.0.0,5358,0):ocfs2_get_block:153 ERROR: get_blocks() failed, inode: 0xffff888042fdcfb8, block: 6 [ 86.082411][ T5358] (syz.0.0,5358,0):ocfs2_read_blocks:239 ERROR: status = -12 [ 86.086149][ T5358] (syz.0.0,5358,0):ocfs2_get_clusters:627 ERROR: status = -12 [ 86.089309][ T5358] (syz.0.0,5358,0):ocfs2_extent_map_get_blocks:681 ERROR: status = -12 [ 86.092931][ T5358] (syz.0.0,5358,0):ocfs2_get_block:153 ERROR: get_blocks() failed, inode: 0xffff888042fdcfb8, block: 7 [ 86.098733][ T5356] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 86.101784][ T5356] CPU: 0 UID: 0 PID: 5356 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 86.105631][ T5356] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 86.110275][ T5356] Call Trace: [ 86.111781][ T5356] [ 86.113120][ T5356] dump_stack_lvl+0x99/0x250 [ 86.115245][ T5356] ? __asan_memcpy+0x40/0x70 [ 86.117357][ T5356] ? __pfx_dump_stack_lvl+0x10/0x10 [ 86.119771][ T5356] ? __pfx__printk+0x10/0x10 [ 86.121832][ T5356] vpanic+0x281/0x750 [ 86.123546][ T5356] ? preempt_schedule+0xae/0xc0 [ 86.125731][ T5356] ? __pfx_vpanic+0x10/0x10 [ 86.127761][ T5356] ? preempt_schedule_common+0x83/0xd0 [ 86.130165][ T5356] ? preempt_schedule+0xae/0xc0 [ 86.132313][ T5356] ? __pfx_preempt_schedule+0x10/0x10 [ 86.134702][ T5356] panic+0xb9/0xc0 [ 86.136504][ T5356] ? __pfx_panic+0x10/0x10 [ 86.138565][ T5356] ? _raw_spin_unlock_irqrestore+0xfd/0x110 [ 86.141111][ T5356] ? ocfs2_fault+0xd3/0x3f0 [ 86.143198][ T5356] check_panic_on_warn+0x89/0xb0 [ 86.145422][ T5356] ? ocfs2_fault+0xd3/0x3f0 [ 86.147490][ T5356] end_report+0x78/0x160 [ 86.149579][ T5356] kasan_report+0x129/0x150 [ 86.151616][ T5356] ? ocfs2_fault+0xd3/0x3f0 [ 86.153621][ T5356] ocfs2_fault+0xd3/0x3f0 [ 86.155558][ T5356] ? __pfx_ocfs2_fault+0x10/0x10 [ 86.157584][ T5356] __do_fault+0x138/0x390 [ 86.159445][ T5356] __handle_mm_fault+0x3611/0x5440 [ 86.161650][ T5356] ? __pfx___handle_mm_fault+0x10/0x10 [ 86.164098][ T5356] ? find_vma+0xe7/0x160 [ 86.165964][ T5356] ? __pfx_find_vma+0x10/0x10 [ 86.168113][ T5356] handle_mm_fault+0x40a/0x8e0 [ 86.170280][ T5356] do_user_addr_fault+0x764/0x1390 [ 86.172526][ T5356] exc_page_fault+0x76/0xf0 [ 86.174549][ T5356] asm_exc_page_fault+0x26/0x30 [ 86.176702][ T5356] RIP: 0010:strncpy_from_user+0xb7/0x290 [ 86.179230][ T5356] Code: 00 00 4c 89 f6 e8 69 7e bf fc 49 83 fe 07 0f 86 9d 00 00 00 48 89 1c 24 4c 89 74 24 08 48 c7 c5 f8 ff ff ff 45 31 e4 4c 89 fb <4f> 8b 34 27 48 b8 ff fe fe fe fe fe fe fe 4d 8d 3c 06 4d 89 f5 49 [ 86.187426][ T5356] RSP: 0018:ffffc9000d307d30 EFLAGS: 00050246 [ 86.190321][ T5356] RAX: ffffffff850041b7 RBX: 0000200000000080 RCX: ffff8880330b8000 [ 86.193907][ T5356] RDX: 0000000000000000 RSI: 0000000000000fe0 RDI: 0000000000000007 [ 86.197406][ T5356] RBP: fffffffffffffff8 R08: ffff8880339cd3ff R09: 1ffff11006739a7f [ 86.200836][ T5356] R10: dffffc0000000000 R11: ffffed1006739a80 R12: 0000000000000000 [ 86.204335][ T5356] R13: dffffc0000000000 R14: 0000000000000fe0 R15: 0000200000000080 [ 86.207886][ T5356] ? strncpy_from_user+0x97/0x290 [ 86.210114][ T5356] getname_flags+0xf3/0x540 [ 86.212151][ T5356] do_sys_openat2+0xbc/0x1c0 [ 86.214146][ T5356] ? __pfx_do_sys_openat2+0x10/0x10 [ 86.216516][ T5356] ? rcu_is_watching+0x15/0xb0 [ 86.218641][ T5356] __x64_sys_openat+0x138/0x170 [ 86.221027][ T5356] do_syscall_64+0xfa/0x3b0 [ 86.223064][ T5356] ? lockdep_hardirqs_on+0x9c/0x150 [ 86.225381][ T5356] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.228053][ T5356] ? clear_bhb_loop+0x60/0xb0 [ 86.230150][ T5356] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.232835][ T5356] RIP: 0033:0x7f47bcf8ebe9 [ 86.234949][ T5356] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 86.243512][ T5356] RSP: 002b:00007f47bde8c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 86.247394][ T5356] RAX: ffffffffffffffda RBX: 00007f47bd1b5fa0 RCX: 00007f47bcf8ebe9 [ 86.250847][ T5356] RDX: 0000000000105042 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 86.254346][ T5356] RBP: 00007f47bd011e19 R08: 0000000000000000 R09: 0000000000000000 [ 86.257797][ T5356] R10: 00000000000001ff R11: 0000000000000246 R12: 0000000000000000 [ 86.261369][ T5356] R13: 00007f47bd1b6038 R14: 00007f47bd1b5fa0 R15: 00007ffe1a7d0708 [ 86.265093][ T5356] [ 86.266830][ T5356] Kernel Offset: disabled [ 86.268799][ T5356] Rebooting in 86400 seconds..