program: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, 0x0, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) syz_mount_image$jfs(&(0x7f0000000400), &(0x7f00000000c0)='./bus\x00', 0x1c802, &(0x7f0000002740)=ANY=[], 0x1, 0x5f52, &(0x7f000000ef80)="$eJzs3V1vHFcZB/BnX7x+KU2jClUh4iJNobSU5j2B8taUCy4ACSSUaxK5bhVIASUB0SoirnKBuODlI8BNb7joFylfAfEBiBRzVQnKoLHPScbjddZp4p1dn99PcmaePTveM/l7PDuemT0BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMT3vvvj072IuPzr9MDhiM/EIKIfsVzXx6KeuZifP4yII7HZHM9FxGAxol5+859nIs5FxEeHIu5t3FqtHz6zx36cP3Xz+iff/84/fvenO0d++uZPPmi3/+izZz/8/e2Iwz987cNPbj+ZdQcAAIBSVFVV9dJh/tF0fN/vulMAwFTk/X+V5MfVarVa/UTrP/Znqz/qQuumarzbzSIi1pvL1O8ZnI4HgDmzHh933QU6JP+iDSPiqa47Acy0XtcdYF/c27i12kv59pr7g2Nb7fnvlNvyX+/dv79jt+kk7WtMpvXzdScG8ewu/VmeUh9mSc6/387/8lb7KD1vv/Oflt3yH23d+lScnP+gnX/Ltvz/HBFzm39/bP6lyvkPHyX/9cEcb//yBwAAAADg4Mt//z/c8fnfxcdflT152PnfY1PqAwAAAAAAAAA8aY87/t99xv8DAACAmVUfq9f+cujBY7t9Hmh9iH+pF/F06/lAYdLNMitd9wMAAAAAAAAAAAAASjLcuob3Ui9iISKeXlmpqqr+amrXj+pxl593pa8/lKzrX/IAALDlo0Ote/l7EUsRcSl91t/CyspKVS0tr1Qr1fJifj87WlyqlhvHtXlaP7Y42sMb4uGoqr/ZUmO5pknHy5Pa29+vfq1RNdhDx6ajw8ABICK29kb37JEOmKp6Jrp+l8N8sP0fPLZ/9qLrn1MAAABg/1VVVfXSx3kfTef8+113CgCYhqW8/2+fF1Cr1Wq1Wn3w6qZqvNvNIiLWm8vU7xkMxw8Ac2Y9Pu66C3RI/kUbRsSRrjsBzLRe1x1gX9zbuLXaS/n2mvuDNL57vhZkW/7rvc3l8vLjppO0rzGZ1s/XnRjEs7v057kp9WGW5Pz77fwvb7WP0vP2O/9p2S3/ej0Pd9CfruX8B+38Ww5O/v2x+Zcq5z98pPwH8gcAAAAAgBmW//5/2PnfvMoAAAAAAAAAMHfubdxazfe95vP/nx/zvF5zzv2fB0bOv7fn/N3/e5Dk/Pvt/FsX5Awa83ffeJD/vzdurX5w81+fy9OZz39hMKpfe6HXHwzTNT/VwltxNa7FWpza8fzhtvbTO9oXtrWfmdB+dkf7qG5fzu0nYjV+EdfizfvtixMujFqa0F5NaM/5D2z/Rcr5Dxtfdf4rqb3Xmtbuvt/fsd03p+Ne5+Lf/vvizq1r+u7E4P66NdXrd7yD/mz+nzw1il/dWLt+4jdXbt68fjrSZNujZyJNnrCc/0L6yvm/9MJWe/6939xe774/euT8Z8WdGO6a/wuN+Xp9X55y37qQ8x+lr5x/3gON3/7nOf/dt/9XOugPAAAAAAAAAAAAAAAAPExVVZu3iF6MiAvp/p+u7s0EAKbqDz9IM1USarVarVarD2zdVI33erOIpe3LXIiI3477ZgDALPtfRPyz607QGfkXLH/eXz39QtedAabqxrvv/ezKtWtr12903RMAAAAAAAAA4NPK438ea4z/vHkdUGvc6G3jv74Rx+Z2/M/+aLA51nlaoefj4eN/H4+Hj/89nPB6CxPaRxPaFye0L01oH3ujR0PO//mUcc7/aFqxksZ/famD/nQt5388jfWc8/9S63nN/Ku/znP+/W35n7z5zi9P3nj3vVevvnPl7bW3135++tSFc2fPnzt7/vzJt65eWzu19W+HPd5fOf889rXrQMuS88+Zy78sOf8vplr+Zcn5v5hq+Zcl55/f78m/LDn/fOwj/7Lk/F9OtfzLkvP/cqrlX5ac/yupln9Zcv5fSbX8y5LzfzXV8i9Lzv9EquVflpz/yVTLvyw5/3yGS/5lyfnnKxvkX5ac/5lUy78sOf+zqZZ/WXL+51It/7Lk/M+nWv5lyflfSLX8y5Lz/2qq5V+WnP/XUi3/suT8X0u1/MuS8/96quVflpz/N1It/7Lk/L+ZavmXJef/rVTLvyw5/2+nWv5lyfm/nmr5l+XB5/+bmfLMf/4eMQPdMGNm3EzXv5kAAAAAAAAAAAAAgLZpXE7c9ToCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/ZwcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2Lu7GLnK+wzgZ7/stSHBDYSvOLA2Bgws3l1/gUMMJgkpJW1KSUibltQ49tps4q961wkgVJZCW6IgFam9oBfNl9IoUluBokhNJRohNVJzV64ScRO1EheWCpWDkkqpAludOe/77szs7Mx6vYtnzvn9EP57Z87MvHPmzOw+az0zAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1Nv00cm/7MuyLP+/9seGLLs4//u6bF/+5ezuC71CAAAA4Hy9XfvzHy9JJ+xbwoXqtvn3a/7j+3Nzc3PZ5986885fz82lM0aybGBtltXOi378q1/O1W8TPJ0N9/XXfd3f4eYHOpw/2OH8oQ7nr+lw/toO5w93OH/BDlhgXfH7mNqVban9dUOxS7PLsqHaeVtaXOrpvrX9/fF3OTV9tcvMDR3OprKj2WQ2vuAyfbX/suzlTflt3ZvF2+qvu62NWZad/fkTB+Ma+sI+3pI13FhN/WP35t3ZyFs/f+Lgd2beuKrV7LgbFqw0y7Zuztf5TJbN/7oq68vWpn0S19lft86NLdY50LDOvtrl8r83r/PsEtcZ7/dwWOerbda5MZz26HVZls1mi27T7OmsP1vfdKtpfw8XR0R+HflD+b5s8JyOk01LOE7yy7x+XeNx0nxMxv2/KeyTwUXWUP9wvPnUmgX7fbnHSX6vu+FYza/7/vxGh4frf7XacKzm2zxx/eLHQMvHrsUxkI7lumNgc6djoH/NQO0Y6J9f8+aGY2BiwWX6s77abZ25vv0xMDZz7OTY9GOP3zp17MCRySOTxyfGd+/csWvnjl27xg5PHZ0cL/48t13aQ9Zn/ekY3Bxea+IxeGPTtvWH5Nw3V+55MNwlz4P8vn/6hnxBF/dnixzj+TbPbD3/50H6vl/3PBisex60fE1t8TwYXMLzIN/m7Nalfc8crPu/1RpW67VwQ90xcCG/H+a3+dBNi78Wbgzrevbmc/1+OLDgGIh3qy889/JT0s97w7eH/bLwuLg6P+OiNdnp6clT2x49MDNzaiIL411xad1j1Xy8rK+7T9mC46X/nI+Xff/w6xuubnH6hrCvhm9p/1jl2+wcbf9Y1V7dG/fnmqzYnw2nbs/CWGHv9v5s9d0s358pS7TZn/k2z9x6/j8LplxS9/o31On1b2BosHj9G0h7Y6jh9W/hQzNQW1mWnb11aa9/Q+H/d/v177Iuef3L99VD29ofA/k2z46d6zEw2Pb177ow+8J6bgqJYbgu979TO3+2OEzrHsuOx83g4FA4bgbjLTYeNzsWXCa/tvy2t44v77jZel3jY9Xwc0sJj5t8X/3NePvjJt/mlYnzf+1YF/9a99qxptMxMDSwJl/vUDoIite7uXXxGNiWHcxOZEezQ+ky+aOc39bo9qUdA2vC/+/2a8eVXXIM5Pvqhe3tj4F8mx/tWNmfnbaGU9I2dT87Nf9+YbHMf/Xg/PU177aVzvz5Oj/2k0+m01pliHybN3aea85ov59uCadc1GI/NT9/FjumD2Xvzn66Mqzz6K72v5vKt7ls9xKPp31Zlr028Vrt913h97vfO/2T7zf83rfV75Rfm3jtvrEHfnou6wcAYPneqf05u6b4WbPuX6yX8u//AAAAQE+Iub8/zET+BwAAgNKIuX8gzET+BwAAgNKIuX8wzKQi+f+R2/e8+PaTWXo3wLkgnh93w/13FtvFjvds+Hpkbl5++ke+PfTiV55c2m33Z1n26/s+0HL7R+6M6yqcjOv8UOPpC1x57ZJu/+EH57erf/+Es3uK64/3Z6mHQewqvzy2vXa9I49N1OYr92W1+cDss08X1198Hbc/s6PY/u/Cm5bsO9zXcPmtYT1bwhwJ7ylz/775/ZDPeLkXN17zb5d+Zv724uX6Nr+3djdf+NPieuN7RD1/abF9vN+Lrf9fv/rdF/PtH72+9fqf7G+9/jPhel8P81d7i+3r9/lX6tb/52H98fbi5bZ964ct1//SFcX2L4Xj4hthNq//7r/64NutHq94O/vuKC4Xb3/8f3fWLhevL15/8/qHn5xo2B/N1//KW8X17P3SLwbqt4+nx9uJHr6j8fjuC49vQ488y7Lv/kXWsJ+zDxeX+5em9cfrO3lH6/Xf0rTOk33X1i4/f382NNyvr/399pb3N65n3z9taLg/z98T9t9bYz/Kr/fMA+F4DOf/36vF9TW/l+lL9zS+3sTtv7GheN7G6xtrWv/zTeufvTbfd53Xf+9bxfpfumttw/r3fTwcT/cWs9P6j3z9kobLf/M7xeNx6sujx09Mn546VLdX65/Ha4fXrb/o4ve895LwWtr89f4TM49MnhoZHxnPspEefMvA1V7/t8L8n2LMrvwtFH76i+K4e+4TxfetG39ZfP18OP3h8HjG749f+9uhhuO1+XGfvauY57v+m8M6luqKr/7XtUva8MznXj79z3/2RvPPBfH+nHz/cO3+vbDp8tp5fa8U5ze/XnXyn+9vfF7/bHC8Nn8Q9utceGfmzZcXt9d8/fG9SZ77VPH8jT/JxctnTe8nsmGg8X6c7/p/Fn6O+eGVja9/8fj4wZNN7+a8IevLlzAbXh+y2eL8uFXc38+dvbzl7cX34clmrzqXZS5q+rHpsaNTx08/OjYzOT0zNv3Y4/uPnTh9fGZ/7b1L93+h0+Xnn9/ra8/vQ5O7d2a1Z/uJYqyyC73+kw8ePHTb+A2HJg8fOH145sGTk6eOHJyePjh5aPqGA4cPT3650+WnDu2d2L5nx23bR49MHdp7+549O/aMTh0/kS+jWFQHu8e/OHr81P7aRab37twzsWvXzvHRYycOTe69bXx89HSny9e+N43ml/7S6KnJowdmpo5Njk5PPT65d2LP7t3bO77747GTh6dHxk6dPj52enry1FhxX0Zmaifn3/s6XZ5qmD4RXu+a9IWfzj97y+70/ri5bz+16FUVmzT+eJq9Gd4LKn5/6/R1zP1DYSYVyf8AAABQBTH3hzf+nz9D/gcAAIDSiLl/bZiJ/A8AAAClEXN/kfyH08e/VyX/r1T//yn9/xr9f/3/bAX6//1116P/r/+v/9+e/r/+f6b/v2wXuj/f6+vX/9f/p7Nu6/+H3J+tyzL//g8AAAAlFXP/+jAT+R8AAABKI+b+i8JM5H8AAAAojZj7Lw4zqUj+9/n/+v/6/+36/3Fbn/+f6f93Q/9/y3/r/y+g/6//n+n/L9uF7s/3+vq7sP+/Tv+fbtNt/f+Y+98TZlKR/A8AAABVEHP/e8NM5H8AAAAojZj7Lwkzkf8BAACgNGLu3xBmUpH8r/+v/6//332f/19/Pfr/+v8+/789/X/9/0z/f9kudH++19ffhf1/n/9P1+m2/n/M/b8RZlKR/A8AAABVEHP/+8JM5H8AAAAojZj7Lw0zkf8BAACgNGLuvyzMpCL5v5r9/9ezLNP/z/T/9f+b1qn/r/+/GvT/9f/b0f/X/+/l9ev/6//TWbf1/2Puf3+YSUXyPwAAAFRBzP2Xh5nI/wAAAFAaMfdfEWYi/wMAAEBpxNx/ZZhJRfJ/Nfv/Pv9f/7+g/9+4Tv1//f/VoP+v/9+O/r/+fy+vX/9f/5/Ouq3/H3P/VWEmFcn/AAAAUAUx918dZiL/AwAAQGnE3P+BMBP5HwAAAEoj5v6NYSYVyf9N/f+39f/1//X/9f/1/wv6/yujt/r//Yueo/9f0P9vtHL9/9n5Bej/98z69f/1/+ms2/r/Mfd/MMykIvkfAAAAqiDm/mvCTOR/AAAAKI2Y+68NM5H/AQAAoDRi7h8JM6lI/vf5//r/+v/6//r/+v+rqbf6/4vT/y/o/zfy+f/6//r/+v+01239/5j7N4WZVCT/AwAAQBXE3L85zET+BwAAgNKIuf+6MBP5HwAAAEoj5v4tYSYVyf/6//r/bfv/Px7IMv1//f9A/1//fzn0//X/29H/1//v5fXr/+v/01m39f9j7r8+zKQi+R8AAACqIOb+G8JM5H8AAAAojZj7bwwzkf8BAACgNGLu3xpmUpH8r/+v/+/z/3u4/z+g/5/p/3c9/X/9/3b0//X/e3n9+v/6/3TWbf3/mPtvCjOpSP4HAACAKoi5/+YwE/kfAAAASiPm/lvCTOR/AAAAKI2Y+0fDTCqS//X/9f/1/3u4/+/z/xvWr//fnfT/9f/b0f/X/+/l9ev/6//TWbf1/2PuvzXMpCL5HwAAAKog5v5tYSbyPwAAAJRGzP1jYSbyPwAAAJRGzP3jYSYVyf/6//r/+v/6//r/+v+rSf9f/78d/X/9/15ev/6//j+ddVv/P+b+iTCTiuR/AAAAqIKY+7eHmcj/AAAAUBox9+8IM5H/AQAAoDRi7t8ZZlKR/N8j/f9tqQCl/6//r/+v/6//31P0//X/29H/1//v5fXr/+v/06i/xWnd1v+PuX9XmElF8j8AAABUQcz9u8NM5H8AAAAojZj7bwszkf8BAACgNGLuvz3MpCL5v0f6/z7/X/9f/7+O/r/+fy/R/9f/b2cF+v+1H970/5fnQvfne339+v/6/3TWbf3/mPv3hJlUJP8DAABAFcTc/6EwE/kfAAAASiPm/jvCTOR/AAAA6CmtPocwirn/w2EmFcn/+v9l7//PrdX/1//X/2+/fv3/1aX/r//fjs//1//v5fXr/+v/01m39f9j7t8bZlKR/A8AAABVEHP/nWEm8j8AAACURsz9d4WZyP8AAABQGjH37wszqUj+1/8ve//f5//r/+v/d1q//v/q0v/X/29H/783+//hxxb9/y7q/+fHkP4/3ajb+v8x998dZlKR/A8AAABVEHP/R8JM5H8AAAAojZj7PxpmIv8DAABAacTc/7Ewk4rkf/1//X/9f/1//X/9/9Wk/79q/f/aS6H+f0H/f3kudH++19ffTf1/n/9Pt+q2/n/M/feEmVQk/wMAAEAVxNz/8TAT+R8AAABKI+b+3wwzkf8BAACgNGLuvzfMpCL5X/9f/1//X/9f/1//fzXp//v8/3b0//X/e3n9+v/6/3TWbf3/mPt/K8ykIvkfAAAAqiDm/vvCTOR/AAAAKI2Y+z8RZiL/AwAAQI9Zs+g5Mff/dphJRfJ/7/X/R3qy/9+frl//X/9f/1//X/9/Jen/6/9n+v/LdqH7872+fv1//X8667b+f8z9vxNmUpH8DwAAAFUQc/8nw0zkfwAAACiNmPt/N8xE/gcAAIDSiLn//jCTiuT/le7/N1++HZ//r/+f6f/r/+v/6/+fJ/1//f9M/3/ZLnR/vtfXr/+v/09n3db/j7n/98JMKpL/AQAAoApi7n8gzET+BwAAgC71yDlfIub+T4WZyP8AAABQGjH3fzrMpCL5v/c+/1//X/9f/1//X/+/l+j/6/+3o/+v/9/L69f/1/+ns27r/8fc/2CYSUXyPwAAAFRBzP2fCTOR/wEAAKA0Yu7//TAT+R8AAABKI+b+PwgzqUj+1//X/9f/1//X/9f/X036/wv7//lrmP5/Qf9f/7+X16//r/9PZ93W/4+5/7NhJhXJ/wAAAFAFMff/YZiJ/A8AAAClEXP/H4WZyP8AAABQGjH3PxRmUpH8r/+v/6//r/+v/6//v5r0/33+fzv6//r/vbx+/X/9fzrrtv5/zP2fCzOpSP4HAACAKoi5/4/DTOR/AAAAKI2Y+/eHmcj/AAAAUBox9z8cZlKR/K//v7T+f3NfuJn+f+v16//r/+v/6//r/+v/t6P/r//fy+vX/9f/p7Nu6//H3H8gzGRf480AAAAAvSvm/s+HmVTk3/8BAACgCmLuPxhmIv8DAABAacTcfyjMpCL5X//f5//r/+v/6//r/68m/X/9/3b0//X/e3n9+v/6/3TWbf3/mPsnw0wqkv8BAACgCmLuPxxmIv8DAABAacTcfyTMRP4HAACA0oi5/5Ewk4rkf/1//X/9/8r2/1/9XtM69f/1/1eD/r/+fzv6//r/vbx+/X/9fzrrtv5/zP1TYSYVyf8AAABQBTH3fyHMRP4HAACA0oi5/4thJvI/AAAAlEbM/UfDTCqS//X/9f/1/yvb/1/a5/+vm79d/X/9/+XQ/9f/b0f/X/+/l9ev/6//T2fd1v+Puf9YmElF8j8AAABUQcz9x8NM5H8AAAAojZj7T4SZyP8AAABQGjH3nwwzqUj+1/8/t/5/3yLdwKX0/78+pP+v/9+D/f86+v/6/8uh/6//347+v/5/L69f/1//n866rf8fc/+fhJlUJP8DAABAFcTcfyrMRP4HAACA0oi5fzrMRP4HAACA0oi5fybMpCL5X//f5//r/+v/6//r/68m/X/9/3b0//X/e3n9+v/6/3T2/+zd545eVxXH4RcHQyLEPeQWuAIugWtA4hboLaGHDqH3FnoLHULvvffeeyD0KoEyXmsFD55zxva8nn32ep4PWTBGyo5iPvyV/HRG6/9z9983bmmy/wEAAKCD3P33i1vsfwAAAJhG7v77xy32PwAAAEwjd/8D4pYm+1//r//X/+v/9f/6/33S/+v/l+j/9f9bfr/+X//PutH6/9z9D4xbmux/AAAA6CB3/4PiFvsfAAAAppG7/8Fxi/0PAAAA08jd/5C4pcn+1//r//X/+n/9v/5/n/T/+v8l+n/9/5bfr//X/7NutP4/d/9D45Ym+x8AAAA6yN3/sLjF/gcAAIBp5O5/eNxi/wMAAMA0cvdfF7c02f/6f/2//n+D/f+d9f/6/+3Q/+v/l+j/9f9bfr/+X//PutH6/9z918ctTfY/AAAAdJC7/xFxi/0PAAAA08jd/8i4xf4HAACAaeTuf1Tc0mT/6//1//r/Dfb/vv+v/98Q/b/+f4n+X/+/5ffr//X/rBut/8/d/+i4pcn+BwAAgA5y9z8mbrH/AQAAYBq5+x8bt9j/AAAAMI3c/Y+LW5rsf/2//l//r//X/+v/90n/r/9fov/X/2/5/fp//T/r9t7/3+uGg3vc/j93/w1xS5P9DwAAAB3k7n983GL/AwAAwDRy9z8hbrH/AQAAYBq5+58YtzTZ//p//f8d/f9/7qT/1//r/+/4uf7/ZOj/9f9L9P/6/y2/X/+v/2fd3vv/ld7/8H/P3f+kuKXJ/gcAAIAOcvc/OW6x/wEAAGAaufufErfY/wAAADCN3P1PjVua7H/9v/7f9//1//p//f8+6f+H7f8P/1/vfPr/Y9H/6/+P6v/veYz36//pYLT+P3f/0+KWJvsfAAAAOsjd//S4xf4HAACAaeTuvzFusf8BAABgGrn7nxG3NNn/+n/9v/5f/39+/3+mZf9/+8/0//uh/x+2/1+m/z8W/b/+3/f/9f8sG63/z93/zLilyf4HAACADnL3Pytusf8BAABgGrn7nx232P8AAAAwjdz9z4lbmux//b/+X/+v/7+s7/9fNUf/7/v/+6P/1/8v0f/r/7f8fv2//p91o/X/ufufG7c02f8AAAAwvTO72v3Pi1vsfwAAAJhG7v7nxy32PwAAAEwjd/8L4pYm+1//r//X/+v/L6v/n+T7//r//dH/6/+XHLf/3+n/669F/z/O+/X/+n/Wjdb/5+5/YdzSZP8DAABAB7n7XxS32P8AAAAwjdz9L45b7H8AAACYRu7+l8QtTfa//l//r//X/+v/9f/7pP/X/y/x/X/9/5bfr//X/7NutP4/d/9L45Ym+x8AAAA6yN3/srjF/gcAAIBp5O5/edxi/wMAAMA0cve/Im45vP/PXMlXXTn6f/2//l//r//X/++T/l//v0T/f+H+/+oj/nz6/7Her//X/7NutP4/d/9NcYt//g8AAADTyN3/yrjF/gcAAIBp5O5/Vdxi/wMAAMA0cve/Om5psv+P6v9vu9u5X9f/H4/+/8Lv1//r//X/+n/9v/5/if7f9/+3/H79v/6fdaP1/7n7XxO3NNn/AAAA0EHu/tfGLfY/AAAATCN3/+viFvsfAAAAppG7//VxS5P9f/Lf/79W/6//1//H1f/r//X/+n/9/zL9v/5/y+/X/+v/WTda/5+7/w1xS5P9DwAAAB3k7n9j3GL/AwAAwDRy978pbrH/AQAAYBq5+98ctzTZ/yff//v+v/7/Ivv/M/r/pP+Pv6/6f/3/RdD/6/93+v9Ldtr9/Nbfr//X/7NutP4/d//NB1Ov3/4HAACADm4++OPVu7fELfY/AAAATCN3/1vjFvsfAAAAppG7/21xS5P9r//X/596/+/7/0X/H39f9f/6/4ug/9f/7/T/l+y0+/mtv1//r/9n3Wj9f+7+t8ctTfY/AAAAdJC7/x1xi/0PAAAA04jdf+5ffrf/AQAAYErvPPjj1bt3xS1N9n/j/v/ay+3/r/mf/6z/v/D79f8n0v/ffPj3nv5f/78l+n/9/xL9v/5/y+8fp/+PH1yn/2c8o/X/ufvfHbc02f8AAADQQe7+98Qt9j8AAABMI3f/LXGL/Q8AAADTyN3/3rilyf5v3P9P8v3/e98aL9D/z9v/+/5/XP2//v9C9P/6/53+/5Kddj+/9feP0//7/j/jGq3/z93/vrilyf4HAACADnL3vz9usf8BAABgGrn7PxC32P8AAAAwjdz9H4xbmux//f/W+3/f/9f/6//1/2PT/+v/l+j/9f9bfr/+X//PutH6/9z9H4pbmux/AAAA6CB3/4fjFvsfAAAAppG7/yNxi/0PAAAA08jd/9G4pcn+1//r//fV/9/+J9H/N+n/r9f/7/T/R9L/6/+X6P/1/1t+v/5f/8+60fr/3P0fi1ua7H8AAADoIHf/x+MW+x8AAACmkbv/E3GL/Q8AAADTyN3/ybjhHnc/vSedrLNH/Dx6c/2//t/3//X/vv+v/98n/b/+f4n+X/+/5ffr//X/rBut/8/d/6m4xT//BwAAgGnk7v903GL/AwAAwDRy938mbrH/AQAAYBq5+z8btzTZ//p//b/+f7P9/zX6//Pfr/8fk/5f/79E/6//3/L79f/6f9aN1v/n7v9c3NJk/wMAAEAHufs/H7fY/wAAADCN3P1fiFvsfwAAAJhG7v4vxi1N9r/+X/+v/99s/+/7/4fer/8fk/5f/79E/6//3/L79f/6f9aN1v/n7v9S3NJk/wMAAEAHufu/HLfY/wAAADCN3P1fiVvsfwAAAJhG7v6vxi1N9r/+X/+v/9f/6//1//uk/9f/L9H/6/+3/H79v/6fdaP1/7n7vxa3NNn/AAAA0EHu/q/HLfY/AAAATCN3/zfiFvsfAAAAppG7/5txS5P9P3P/v/Q/0/+fo//X/+/0//r/PdP/6/+X6P/1/1t+v/5f/8+60fr/3P3filua7H8AAADoIHf/t+MW+x8AAACmkbv/O3GL/Q8AAADTyN3/3bilyf6fuf9fov8/R/+v/9/p//X/e6b/1/8v0f/r/7f8fv2//p91p9T/n90d0f/n7v9e3NJk/wMAAEAHufu/H7fY/wAAADCN3P0/iFvsfwAAAJhG7v4fxi3z7P/73LLwi/r/E+//D34T6f/1/zv9v/5f/39A/6//X6L/1/9v+f36f/0/60b7/n/u/h/FLfPsfwAAAGgvd/+P4xb7HwAAAKaRu/8ncYv9DwAAANPI3f/TuKXJ/r+S/f/h5nbS/t/3//X/I/f/V+30//r/K0z/r/9fov/X/2/5/fp//T/rRuv/c/f/LG5psv8BAACgg9z9P49b7H8AAACYRu7+X8Qt9j8AAABMI3f/L+OWJvvf9//1//r/Vv2/7//r/684/b/+f4n+X/+/5fdn/5+/7/T/+n/+32j9f+7+X8UtTfY/AAAAdJC7/9dxi/0PAAAA08jd/5u4xf4HAACAaeTu/23c0mT/6//1//p//b/+X/+/T/p//f8S/b/+f8vv9/1//T/rRuv/c/ffGrc02f8AAADQQe7+38Ut9j8AAABMI3f/7+MW+x8AAACmkbv/trilyf7X/+v/p+z/76r/1//r/0eh/9f/L9H/6/+3/H79v/6fdaP1/7n7/xC3NNn/AAAA0EHu/j/GLfY/AAAATCN3/5/iFvsfAAAAppG7/89xS5P9r//X/198/3+2/rqH7f99/1//r/8fxrz9/130//r/y+7/b7zp3I/1/9t8v/5f/8+60fr/3P1/iVua7H8AAADoIHf/X+MW+x8AAACmkbv/b3GL/Q8AAADTyN3/97ilyf7X/+v/p/z+v/5f/6//H8a8/b/v/+v/ff9f/6//1/+zZrT+P3f/P+KWJvsfAAAAZnF24ddy9/8zbrH/AQAAYBq5+/8Vt9j/AAAAMI3c/f+OW5rsf/2//l//r//X/+v/90n/r/9fov/X/2/5/fp//T/rRuv/c/f/NwAA//81KzOQ") mkdir(&(0x7f0000000000)='./control\x00', 0x0) rmdir(&(0x7f0000000040)='./control\x00') r2 = creat(&(0x7f0000000040)='./file1\x00', 0x44) write$cgroup_type(r2, &(0x7f0000000200), 0x175d9003) openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x48942, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40820}, 0x24040084) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = socket$unix(0x1, 0x1, 0x0) r8 = socket$kcm(0x11, 0x3, 0x0) r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r9) socket$inet_tcp(0x2, 0x1, 0x0) ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r10 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000640)=@delqdisc={0x1a4, 0x25, 0x100, 0x70bd27, 0x25dfdbfe, {0x0, 0x0, 0x0, r11, {0xa, 0x6}, {0x2, 0x10}, {0x7, 0xfff2}}, [@qdisc_kind_options=@q_mq={0x7}, @TCA_RATE={0x6, 0x5, {0x1, 0x6}}, @TCA_STAB={0x158, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x1, 0x9, 0xc000, 0x80, 0x2, 0xffffffff, 0x6, 0x1}}, {0x6, 0x2, [0x5]}}, {{0x1c, 0x1, {0x2, 0x81, 0x8001, 0x4, 0x2, 0x6, 0xe, 0x1}}, {0x6, 0x2, [0x84]}}, {{0x1c, 0x1, {0x84, 0x4, 0x7ff, 0x3, 0x1, 0x9, 0x4}}, {0x4}}, {{0x1c, 0x1, {0x2, 0x9, 0x7, 0x5, 0x0, 0x3, 0xfffffff7, 0x2}}, {0x8, 0x2, [0x3, 0xf]}}, {{0x1c, 0x1, {0x3, 0xc, 0xe1, 0x1, 0x0, 0x6, 0x8, 0x3}}, {0xa, 0x2, [0x5, 0x9, 0x2]}}, {{0x1c, 0x1, {0x40, 0x6, 0x7, 0x4, 0x0, 0x2, 0x80, 0x1}}, {0x6, 0x2, [0x0]}}, {{0x1c, 0x1, {0x2, 0x9, 0x1, 0x3, 0x2, 0x4be46409, 0x40, 0x3}}, {0xa, 0x2, [0x1, 0xd, 0x0]}}, {{0x1c, 0x1, {0xc, 0x3, 0x3, 0xffff, 0x0, 0x1, 0x5c1, 0x2}}, {0x8, 0x2, [0xffc0, 0x95]}}, {{0x1c, 0x1, {0xc, 0x40, 0x9, 0x6, 0x2, 0x3, 0x8, 0x7}}, {0x12, 0x2, [0x1, 0x7, 0x3, 0x0, 0xfffb, 0x3, 0x0]}}]}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x4}, @TCA_INGRESS_BLOCK={0x8}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x6ae740f0}]}, 0x1a4}, 0x1, 0x0, 0x0, 0x8004}, 0x20000000) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) setsockopt$sock_attach_bpf(r8, 0x107, 0xf, &(0x7f0000000600), 0x56) sendmsg$kcm(r8, &(0x7f0000000280)={&(0x7f0000000440)=@xdp={0x2c, 0x0, r12, 0x3e}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000180)="27030200000214000e00002fb96dffff1144ee163cddcb000000800000827600000000000000", 0x26}, {&(0x7f00000004c0)="f058050000007f8f", 0x300}], 0x2}, 0x5) bind$can_raw(r0, &(0x7f0000000080), 0x10) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x2, 0x7fff7ffc}]}) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x200000000000000) [ 81.564003][ T5336] loop0: detected capacity change from 0 to 32768 [ 81.579631][ T4681] Bluetooth: hci0: command tx timeout [ 81.599770][ T1328] ieee802154 phy0 wpan0: encryption failed: -22 [ 81.604036][ T1328] ieee802154 phy1 wpan1: encryption failed: -22 [ 81.946293][ T5336] ================================================================== [ 81.949774][ T5336] BUG: KASAN: slab-use-after-free in release_metapage+0x738/0xaa0 [ 81.953085][ T5336] Read of size 8 at addr ffff88800033c120 by task syz.0.0/5336 [ 81.956202][ T5336] [ 81.957184][ T5336] CPU: 0 UID: 0 PID: 5336 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 81.957201][ T5336] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 81.957211][ T5336] Call Trace: [ 81.957217][ T5336] [ 81.957223][ T5336] dump_stack_lvl+0xe8/0x150 [ 81.957251][ T5336] print_address_description+0x55/0x1e0 [ 81.957271][ T5336] ? release_metapage+0x738/0xaa0 [ 81.957284][ T5336] print_report+0x58/0x70 [ 81.957297][ T5336] kasan_report+0x117/0x150 [ 81.957312][ T5336] ? release_metapage+0x738/0xaa0 [ 81.957324][ T5336] release_metapage+0x738/0xaa0 [ 81.957338][ T5336] diAllocAG+0x1740/0x1db0 [ 81.957358][ T5336] ? __pfx_diAllocAG+0x10/0x10 [ 81.957372][ T5336] ? dbNextAG+0x52e/0x640 [ 81.957387][ T5336] ? do_raw_spin_lock+0x12b/0x2f0 [ 81.957406][ T5336] diAlloc+0x1d8/0x1680 [ 81.957420][ T5336] ? do_raw_spin_unlock+0x4d/0x210 [ 81.957432][ T5336] ? new_inode+0x150/0x170 [ 81.957447][ T5336] ialloc+0x8c/0x8f0 [ 81.957457][ T5336] jfs_mkdir+0x1e1/0xb00 [ 81.957470][ T5336] ? __pfx_jfs_mkdir+0x10/0x10 [ 81.957486][ T5336] ? make_vfsuid+0x49/0xa0 [ 81.957499][ T5336] ? generic_permission+0x2e4/0x690 [ 81.957517][ T5336] ? inode_permission+0x346/0x5f0 [ 81.957532][ T5336] ? bpf_lsm_inode_mkdir+0x9/0x20 [ 81.957545][ T5336] vfs_mkdir+0x413/0x630 [ 81.957558][ T5336] filename_mkdirat+0x285/0x510 [ 81.957571][ T5336] ? __pfx_filename_mkdirat+0x10/0x10 [ 81.957583][ T5336] ? do_getname+0x151/0x250 [ 81.957625][ T5336] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 81.957640][ T5336] __se_sys_mkdir+0x34/0x150 [ 81.957656][ T5336] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 81.957668][ T5336] do_syscall_64+0x15f/0xf80 [ 81.957719][ T5336] ? trace_irq_disable+0x3b/0x140 [ 81.957731][ T5336] ? clear_bhb_loop+0x40/0x90 [ 81.957741][ T5336] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 81.957750][ T5336] RIP: 0033:0x7fb84159c819 [ 81.957760][ T5336] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 81.957767][ T5336] RSP: 002b:00007fb8424adfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 81.957779][ T5336] RAX: ffffffffffffffda RBX: 00007fb841815fa0 RCX: 00007fb84159c819 [ 81.957785][ T5336] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000 [ 81.957791][ T5336] RBP: 00007fb841632c91 R08: 0000000000000000 R09: 0000000000000000 [ 81.957797][ T5336] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 81.957802][ T5336] R13: 00007fb841816038 R14: 00007fb841815fa0 R15: 00007ffc8cdf0598 [ 81.957811][ T5336] [ 81.957814][ T5336] [ 82.067892][ T5336] Allocated by task 5336: [ 82.069683][ T5336] kasan_save_track+0x3e/0x80 [ 82.071760][ T5336] __kasan_slab_alloc+0x6c/0x80 [ 82.073965][ T5336] kmem_cache_alloc_noprof+0x2bc/0x650 [ 82.076229][ T5336] mempool_alloc_noprof+0x1ce/0x300 [ 82.078551][ T5336] __get_metapage+0x50c/0xe20 [ 82.080635][ T5336] diAllocAG+0x165d/0x1db0 [ 82.082593][ T5336] diAlloc+0x1d8/0x1680 [ 82.084456][ T5336] ialloc+0x8c/0x8f0 [ 82.086223][ T5336] jfs_mkdir+0x1e1/0xb00 [ 82.088062][ T5336] vfs_mkdir+0x413/0x630 [ 82.089952][ T5336] filename_mkdirat+0x285/0x510 [ 82.092147][ T5336] __se_sys_mkdir+0x34/0x150 [ 82.094310][ T5336] do_syscall_64+0x15f/0xf80 [ 82.096461][ T5336] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 82.099160][ T5336] [ 82.100239][ T5336] Freed by task 75: [ 82.101992][ T5336] kasan_save_track+0x3e/0x80 [ 82.104176][ T5336] kasan_save_free_info+0x46/0x50 [ 82.106431][ T5336] __kasan_slab_free+0x5c/0x80 [ 82.108530][ T5336] kmem_cache_free+0x182/0x650 [ 82.110675][ T5336] mempool_free+0xec/0x130 [ 82.112660][ T5336] metapage_release_folio+0x46c/0x5b0 [ 82.115100][ T5336] shrink_folio_list+0x2249/0x52a0 [ 82.117397][ T5336] evict_folios+0x4998/0x5ac0 [ 82.119578][ T5336] try_to_shrink_lruvec+0xbca/0x1050 [ 82.121937][ T5336] shrink_one+0x25c/0x710 [ 82.123860][ T5336] shrink_node+0x31bf/0x3ae0 [ 82.125990][ T5336] kswapd+0x1736/0x2de0 [ 82.127850][ T5336] kthread+0x388/0x470 [ 82.129585][ T5336] ret_from_fork+0x514/0xb70 [ 82.131668][ T5336] ret_from_fork_asm+0x1a/0x30 [ 82.133887][ T5336] [ 82.135026][ T5336] The buggy address belongs to the object at ffff88800033c0f8 [ 82.135026][ T5336] which belongs to the cache jfs_mp of size 184 [ 82.140776][ T5336] The buggy address is located 40 bytes inside of [ 82.140776][ T5336] freed 184-byte region [ffff88800033c0f8, ffff88800033c1b0) [ 82.146810][ T5336] [ 82.147935][ T5336] The buggy address belongs to the physical page: [ 82.150521][ T5336] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x33c [ 82.154212][ T5336] flags: 0x7ff00000000000(node=0|zone=0|lastcpupid=0x7ff) [ 82.157385][ T5336] page_type: f5(slab) [ 82.159268][ T5336] raw: 007ff00000000000 ffff88800027ab40 dead000000000122 0000000000000000 [ 82.162943][ T5336] raw: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000 [ 82.166631][ T5336] page dumped because: kasan: bad access detected [ 82.169630][ T5336] page_owner tracks the page as allocated [ 82.172030][ T5336] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xd2cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 7194112107, free_ts 0 [ 82.180668][ T5336] post_alloc_hook+0x231/0x280 [ 82.183281][ T5336] get_page_from_freelist+0x24ba/0x2540 [ 82.186098][ T5336] __alloc_frozen_pages_noprof+0x18d/0x380 [ 82.188738][ T5336] allocate_slab+0x77/0x660 [ 82.190626][ T5336] refill_objects+0x339/0x3d0 [ 82.192477][ T5336] __pcs_replace_empty_main+0x321/0x720 [ 82.194688][ T5336] kmem_cache_alloc_noprof+0x37d/0x650 [ 82.196929][ T5336] mempool_init_node+0x1ea/0x4d0 [ 82.199348][ T5336] mempool_create_node_noprof+0xb8/0x150 [ 82.202252][ T5336] metapage_init+0xed/0x150 [ 82.204382][ T5336] init_jfs_fs+0xfd/0x4e0 [ 82.206286][ T5336] do_one_initcall+0x250/0x870 [ 82.208346][ T5336] do_initcall_level+0x104/0x190 [ 82.210777][ T5336] do_initcalls+0x59/0xa0 [ 82.213038][ T5336] kernel_init_freeable+0x2a6/0x3e0 [ 82.215824][ T5336] kernel_init+0x1d/0x1d0 [ 82.218084][ T5336] page_owner free stack trace missing [ 82.220343][ T5336] [ 82.221444][ T5336] Memory state around the buggy address: [ 82.224013][ T5336] ffff88800033c000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 82.227827][ T5336] ffff88800033c080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fa [ 82.231783][ T5336] >ffff88800033c100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 82.235693][ T5336] ^ [ 82.239891][ T5336] ffff88800033c180: fb fb fb fb fb fb fc fc fc fc fc fc fc fc 00 00 [ 82.243780][ T5336] ffff88800033c200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 82.247383][ T5336] ================================================================== [ 82.371400][ T5336] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 82.374827][ T5336] CPU: 0 UID: 0 PID: 5336 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 82.378879][ T5336] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 82.383693][ T5336] Call Trace: [ 82.385342][ T5336] [ 82.386790][ T5336] vpanic+0x56c/0xa60 [ 82.388668][ T5336] ? __pfx_vpanic+0x10/0x10 [ 82.390795][ T5336] ? __pfx___schedule+0x10/0x10 [ 82.393162][ T5336] panic+0xc5/0xd0 [ 82.395071][ T5336] ? __pfx_panic+0x10/0x10 [ 82.397221][ T5336] ? preempt_schedule_thunk+0x16/0x30 [ 82.400048][ T5336] ? release_metapage+0x738/0xaa0 [ 82.402246][ T5336] check_panic_on_warn+0x89/0xb0 [ 82.404397][ T5336] ? release_metapage+0x738/0xaa0 [ 82.406558][ T5336] end_report+0x73/0x170 [ 82.408501][ T5336] ? release_metapage+0x738/0xaa0 [ 82.410785][ T5336] kasan_report+0x128/0x150 [ 82.412905][ T5336] ? release_metapage+0x738/0xaa0 [ 82.415417][ T5336] release_metapage+0x738/0xaa0 [ 82.417772][ T5336] diAllocAG+0x1740/0x1db0 [ 82.419809][ T5336] ? __pfx_diAllocAG+0x10/0x10 [ 82.422070][ T5336] ? dbNextAG+0x52e/0x640 [ 82.424190][ T5336] ? do_raw_spin_lock+0x12b/0x2f0 [ 82.426907][ T5336] diAlloc+0x1d8/0x1680 [ 82.428838][ T5336] ? do_raw_spin_unlock+0x4d/0x210 [ 82.431311][ T5336] ? new_inode+0x150/0x170 [ 82.433370][ T5336] ialloc+0x8c/0x8f0 [ 82.435322][ T5336] jfs_mkdir+0x1e1/0xb00 [ 82.437808][ T5336] ? __pfx_jfs_mkdir+0x10/0x10 [ 82.440583][ T5336] ? make_vfsuid+0x49/0xa0 [ 82.442098][ T5336] ? generic_permission+0x2e4/0x690 [ 82.444187][ T5336] ? inode_permission+0x346/0x5f0 [ 82.445885][ T5336] ? bpf_lsm_inode_mkdir+0x9/0x20 [ 82.447836][ T5336] vfs_mkdir+0x413/0x630 [ 82.449653][ T5336] filename_mkdirat+0x285/0x510 [ 82.451628][ T5336] ? __pfx_filename_mkdirat+0x10/0x10 [ 82.453769][ T5336] ? do_getname+0x151/0x250 [ 82.455577][ T5336] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 82.457964][ T5336] __se_sys_mkdir+0x34/0x150 [ 82.459783][ T5336] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 82.462159][ T5336] do_syscall_64+0x15f/0xf80 [ 82.463888][ T5336] ? trace_irq_disable+0x3b/0x140 [ 82.465700][ T5336] ? clear_bhb_loop+0x40/0x90 [ 82.467532][ T5336] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 82.469892][ T5336] RIP: 0033:0x7fb84159c819 [ 82.471753][ T5336] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 82.480332][ T5336] RSP: 002b:00007fb8424adfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 82.485096][ T5336] RAX: ffffffffffffffda RBX: 00007fb841815fa0 RCX: 00007fb84159c819 [ 82.489296][ T5336] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000 [ 82.493205][ T5336] RBP: 00007fb841632c91 R08: 0000000000000000 R09: 0000000000000000 [ 82.496311][ T5336] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 82.499203][ T5336] R13: 00007fb841816038 R14: 00007fb841815fa0 R15: 00007ffc8cdf0598 [ 82.502096][ T5336] [ 82.503438][ T5336] Kernel Offset: disabled [ 82.504978][ T5336] Rebooting in 86400 seconds..