program:
syz_mount_image$udf(&(0x7f0000000180), &(0x7f0000000100)='./bus\x00', 0x1014494, &(0x7f00000001c0)=ANY=[@ANYBLOB="696f636861727365743d63703933322c706172746974696f6e3d30303030303030303030303030303030303030332c6769643d666f726765742c6769643d666f726765742c6e6f6164696e6963622c756e64656c6574652c7569643d666f726765742c00fb5ebc1bbec00aea8217b7375ace1f91cad4e856ac3ce827902dd91a9a936650ca99205dc1adee73bc464ab6ea2dad7091eea47594f5ef5227a72684b2ed98640aa52eba3e04c81c829036f312ecb1c7483575d32ed9eef652c6b7284dc45cecea6a0ae3a01c5cd7b60af90431eddc00"/225], 0xfe, 0xc24, &(0x7f0000001480)="$eJzs3UFsHNd9B+D/Gy5Fym4rJk5Uu42LTVukMmO5sqSYilW4q5pmG0CWiVDMLQBX5EpdmFoSJNXIRtrQvfTQQ4Ci6CEnAq1RIEUDoymCHtnWBZKLD0VOPREtbARFD2wRIKeAxcy+lZY0ZcmmSFH299nUbznz3ux7b5YzkqA3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAiN976cKpZ9ODbgUAcJAuTX311Gn3fwD4RLnsz/8AAAAAAAAAAAAAAHDYpSjisUixeGkzzVTfdw1fbHdu3Jwen9i92tFU1Ryoypdfw8+ePnP2S8+NnevlB9e/356IV6YuX6i/uHB9cam1vNyaq0932rMLc617PsJe6+80Wg1A/fqrN+auXl2un37mzLbdN0feG3r0+Mj5sadOPtkrOz0+MTHVV6Y2+JHf/X3uNMPjSBRxMlI8/b2fpGZEFLH3sbjLZ2e/Ha06MVp1Ynp8ourIfLvZWSl3TvYGooio91Vq9MboAM7FnjQiVsvmlw0eLbs3tdhcal6Zb9Unm0sr7ZX2QmcydVtb9qceRZxLEWsRsTH0/sMNRhG1SPGdY5vpSkQM9Mbhi9XE4Du3o9jHPt6Dsp31wYi14iE4Z4fYUBTxcqT46dtFzJZjlr/iCxEvl/mDiDfLfCEilR+MsxHv7vI54uFUiyL+vDz/5zfTXHU96F1XLn6t/pXO1YW+sr3rykN/fzhIh/zaNBxFNKsr/mb66L/ZAQAAAAAAAAAAAAAAAOB+OxpFPBEpXvr3P6rmFUc1L/3Y+bHfH/nF/jnjj9/lOGXZZyJitbi3OblH8hTiyTSZ0gOeS/xJNhxF/HGe//fGg24MAAAAAAAAAAAAAAAAAADAJ9yPI8Xz75xIa9G/pni7c61+uXllvrsqbG/t396a6VtbW1v11M1GzpmcqznXcq7n3MgZRa6fs5FzJudqzrWc6zk3csZArp+zkXMm52rOtZzrOTdyRi3Xz9nIOZNzNedazvWcGznjkKzdCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwcVJEET+PFN/+xmaKFBGNiJno5vpQrwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8CANpSK+Hynqf9C4ta0WEan6v+tE+cvZaBwp89PRGCvzhWhcyNmsstZ44wG0n70ZTEX8KFIMDb9164Tn8z/Y/e7WxyDe/Obt736l1s2B3s6R94YePX7s/NjErz1+p9dptwaMXmx3btysT49PTEz1ba7ld/9037aR/L7F/ek6EbH82uuvNufnW0ufmBdFHIpmPKgXte6LWhyS9hzUi3y9il12FYfhp6BxWAaq9+IBX5g4EOX9/91I8dvv/Efvht+7//9C97tbd/j42Z/cvv8/v/NA+3T/f6xv2/P5dyODtYjhleuLg8cjhpdfe/1k+3rzWutaq3P21Kkvj419+cypwSMRw1fb862+V3seKgAAAAAAAAAAAAAAAICDlYr43UjR/NFmqkfEzWq+1sj5sadOPjkQA9V8q23ztl6Zunyh/uLC9cWl1vJya64+3WnPLsy17vXthqvpXtPjE/vSmbs6us/tPzr84sLia0vta3+4suv+R4YvXFleWWrO7r47jkYR0ejfMlo1eHp8omr0fLvZqapO7jqZ7sMbTEX8Z6SYPVs/0tuW5//tnOG/bf7/6s4D7dP8v0/1bSvfM6UifhYpfusvHo/PV+18JN43Zrnc30SK0XOfy+XiSFmu14bucwW6MwPLsv8bKf7h59vL9uZDPna77LP3Oq4Pi/L8H4sU3/+z78av523bn/+w+/l/ZOeB9un8f6Zv2yPbnlew566Tz//JSPHCY2/Fb+RtH/T8jyK2tra+FXEiF771fI59Ov+f7ds2Et33/c37130AAAAAAAAAAICH1mAq4m8jxZMTtfRc3nYv//5vbueB9unff/1y37a5A1qvaM+DCgAAAACHxGAq4seR4trKW7fmUG+f/903//N3bq+9Pp527K3+nu+XqucG3M+//+s3kt93Zu/dBgAAAAAAAAAAAAAAAAAAgEMlpSKey+upz9xlPfX1SPHSfz+dy6XjZbneOvAj1a/DlxY6Jy/Mzy/MNleaV+Zb9anF5myrrPuZSLH515/LdYtqffXP57rdNd6Ht3prsS9Fiom/65XtrsXeW5u8ux54dy32suynIsV//f32sr11rD97u+zpsuxfRYqv/9PuZY/fLnumLPvdSPHDr9d7ZR8py/aej9p9JulwLeZbz8wuzL/vUagAAAAAAAAAAAAAAAAAAADwYQ2mIv40UvzP9bVYrab9v3FrV85ab8Ob3+xb73+Hm9U6/yPV+v93ev1R1v8fuS+9BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh0uKIl6PFIuXNtP6UPl91/DFdufGzenxid2rHU1VzYGqfPk1/OzpM2e/9NzYuV5+cP377Yl4ZeryhfqLC9cXl1rLy625+nSnPbsw17rnI+y1/u2h6xqtBqB+/dUbc1evLtdPP3Nm2+6bI+8NPXp85PzYUyef7JWdHp+YmOorUxv8EO/+oRp325Eo4i8jxdPf+0n656GIIvY+Fnf57Oy3o1UnRqtOTI9PVB2Zbzc7K+XOyd5AFBH1vkqN3hgdwLnYk0bEatn8ssGjZfemFptLzSvzrfpkc2mlvdJe6EymbmvL/tSjiHMpYi0iNob6D3QkZxGvRorvHNtM/zIUMdAbhy9emvrqqdN3bkexr728i29V7awPRqwVD8E5O8SGooh/jBQ/fftE/OtQRC26X/GFiJfL/EHEm2W+EJHKD8bZiHeHHnSruV9qUcT/lef//GZ6eyii+pGprisXv1b/SufqQl/Z3nVl5/1hKyIeqvvDQTrk16bhKOKH1RV/M/2bn2sAAAAAAAAAAAAAAACAQ6SIX40Uz79zIlXzg2/NKW53rtUvN6/Md6f19eb+9eZMb21tbdVTNxs5Z3Ku5lzLuZ5zI2cUuX7ORs6ZnKs513Ku59zIGQO5fs5GzpmcqznXcq7n3MgZtVw/ZyPnTM7VnGs513Nu5IxDMncPAAAAAAAAAAAAAAAAAAD4eCmq/1J8+xubaWuou770THRz3XqgH3v/HwAA//9wn/vk")
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r0, &(0x7f00000000c0)="04", 0x1, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)
shutdown(r0, 0x1)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000100)={&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, &(0x7f00000000c0)=""/2, 0x2, 0x0, 0x0}, &(0x7f0000000200)=0x40)
r1 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r1, 0x2007ffc)
sendfile(r1, r1, 0x0, 0x800000009)
syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x8c2b01)
r2 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCBRDELBR(r2, 0x89a2, &(0x7f0000000000)='bridge0\x00')
setxattr$trusted_overlay_upper(&(0x7f0000000300)='./bus\x00', &(0x7f0000000380), &(0x7f0000000580)={0x0, 0xfb, 0xe7, 0x4, 0x2, "308ad603fcaf524d959506988ba9db28", "fe8605768abd240e2371ae3e7e380739959e0bfe3678f321205403c245ef18a363ec5d3d620bc36a614c70ee9f406615577178a6ba1095359407841ce641b0ff2a9e3090b55facbf6b09a1d80acddf46e1d17015514450fdae7ebe22f994db50530f90892c1dc6519201ece619adf49924ad32049ef262636ff94e226c90401758b82da55129006be150650308dd6f5f812e53d734b8229624d065e14d57a311a7455e61b74ee7004b4b465f22d9d1d5b3627c32c132ad948ce0c408d6d89974b9cd45e19688bae796e5238483452d0b9c22"}, 0xe7, 0x3)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0)
r4 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x10)
r5 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r5, &(0x7f00000000c0)={0x18, 0x0, {0x2, @random="bb30c4841f4b", 'veth0_vlan\x00'}}, 0x1e)
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000680)=@broute={'broute\x00', 0x20, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000080], 0x0, 0x0, &(0x7f0000000080)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
ftruncate(r4, 0x2007ffb)
sendfile(r3, r4, 0x0, 0x1000000201005)
syz_mount_image$bcachefs(&(0x7f00000002c0), &(0x7f0000000340)='./bus\x00', 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB, @ANYRESOCT, @ANYBLOB="5a3f8fa4067a10650f26471a6ee9e9c641a62f221aacd71851d8ccee1e3265ad24d3b77aa6accfea0b3a7c6a61c75a8dac28cdad621664353a45d77ecba7895ff1351e13f469f44963edf9a76633362c9b8045bccf1a21e98a429bf90d005dc4590f9177e4efe2295c52c2c76c5837b1", @ANYRES16, @ANYRES32, @ANYRES32, @ANYRESDEC, @ANYBLOB="39287ca62b3bc2d352aea732da4208801a4fdd37620ca3929ea549314caf0a"], 0xfc, 0x5a13, &(0x7f00000088c0)="$eJzs3X+QHNV9IPDXM7Pa1a5+rAQOMpjVIqOEQGyt+FXYpOJNLrFTQCi5SDmIkw0LWhHZklDpRwBBgsiBDxXgwilSCU7+IC7gDqO4qIKLUSgTASdxNraKi4+6wtSZO+w/fEUIKgM6yuXzpnan3+xsz/T27OyskNDnU9L29Js33379+k1Pf9/M7gQAAABOCAfv3H7k8lN/77t/Pvrubb//j5tvD33lifKeWKE/Xd70frWQo6m7smximR0Xv3bLN34yeN3vfOfx3offO7D+jA0//N2Trnv6i5fse+Bvnn1n4ZO/fL0obhxPZ0+uJ28mIfR8+/BffvnAi6eMlyWLxn+WdoewJFn67JIkE2Lo5yGE9enKssydT7x73obx5e13d08pX5ypZ7yf2MaP8/jA2nXkxnPCj3577R3fX/7Nv+/a+8buySpJT914CmHRNfWP7wohzE//j4ujLY7HOGjXhBB66x53UUG7Ptpi+1flrJ+WLuely76COPH+FZn1UqZedj3qyix7C7Y3W3ntaLdekQWZ9ezJaLby2hnLl6TLb6XLs2cYv5zuQzkJpSRUas3flEyOkVB33JKQTBzLntp6qXZsQ7r/mfUks17KrJe7Mvs1sd10oJWTZGp5rJcpj6fjSlp+Rv25uokrcso/nC570ifqe3E9ZG9U9TXcqO3XhNiuw9O05Wgo1Z2DmpXXDnx6MPrSsr5kacNjxpqI9x1Ye8/K8rrnDvbntCN5PEnjJ23F3/W9JQu+8NiendnX9Vr8a0pp/FJb8V+79NBbV+35+tdy498X45fbin/uM71vXvr8nSty++dw7J9KW/FHXn/h3uUnX7s3t/0Pxvg9bcUf3neoe+GRZ/bntn8o9s/8tuK/evGnf/zoy0+9kRs/xPi9bcVft2/rV7oHjpyVG39/7J++9sbP23svfGVg4KeDefFfivEXthX/kd0PfPKhxXdfknt818T+6W8r/mVnPn3HgiNPnZ537kwe7NQrJ8CJ6aT0GuuudL3dPHO26vKFvx6sVK/5FqT/F3ZyQ5mLz/HtLOpkfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIIXzonP/2mf/zuf43K+l6d3rj1VJ1GcvnhZDMDyFs3zGybcfGLdcPfvGGndu2jGwaHNkxOLplx7abB8//jcFto1s3jdw8fu/Qx86rPm5pSKrL5PSGbXePjY2V+qeWxe39uzP3/mjlRf/3X0IY+tAPBiq57V/1wOaHTm7yMyMZHvvU5p2X/+CCv0v3qz9tV3+Tdo2NjY2FnHb965W/eOgvDv/krBCGfmW6dr3w6m/905QGTRRMxkmVukO1Qd1Jb9N21Fqdtif2V2XDxk2jQ9P37/jjyzn78e9veePnG2766i+q/duTux8t9u/84bFNpb9ae9n//6tbqwVF7Xq/jntRf8e9iO2L/deT9veidL8W5exXJWe/7vz+/pe/feqed3aHocrbyxu3XbRfXekA6Eo+3NJ24xZ6kyVTynvS+vGIx8et2rF566rtN+/62MbNI9ePXj+65ROrz1994dAFF16wamLPV3V4/+P2f7XF/T8642nxn+z+VvzZ2nia2q55M+6P8XYV90d9i/Kef71XfPn+Tzzw/OXVgqJxHmvXzifpsnf8OK8OdeOtsa+a7VfR8QkhDDbrh7feuSSc8j833lF0Hqo/MvU/M5LhsRdX/OzvLvrbZb9ZLTgq5/n6BrV5nq+1erI9E/3Vkx6PsWO0f7tDOd2vvqbtWv3i8133HPyXP621b968cNPIjh3bVld/LkhbuiA5rWm7sqVxv5ZP/CyHtFtCbZg2Ga/jukK1fdnzZ6ye7dW+9L6+ZGnT/cqK9x1Ye8/K8rrnDub1dPJ4dYvzw8LqMvlITs1NmQeWaw1utv1j9flXND4GPvO3T37uyX84v2F8nFv9WbRfSc5+ffPlR+5/+Kv/8R86t1+f+a1D/T/7X3+8slpwzJ9XytWG1FqdtiepP6+cG0LR8295aL4fuc+/UvP9KXr+ZbczWb95vMHMel8ot/V8PfeZ3jcvff7OFbnP18PTPV/rd/bWKY8rFzxfj5Xxk31+JZWp7Zi759eUgZIMj33nrpN2P3vbmlOrBUWvl7Xazcb1eS3kHzn79U9XvTJww+B/+B+dO2984zeeuPqHI8N/Vi1o/7jHtnTmuPek/duT07+1Vse8s75/P37dDZvWV8uL+vn9u/5NlwX5TzyVbL9515dGNm0a3ba9tf1q9fU0bifby83Hz77bMtUaXk/j2W1pwX6VGvZr7m600l+tPt9i+9e31F/Fz7e+kLT1urDre0sWfOGxPTv7Gx6VbuiaUhq/1Fb81y499NZVe77+tdz498X4lbbij7z+wr3LT752b278B5M0fk9b8Yf3HepeeOSZ/bnxh2L757cV/9WLP/3jR19+6o3c+On565R/be86/bW39174ysDAT3Pjv5Sk2xm/RgrhiXfP21BdT0JX+nyL7eia0q6QXU8y66XMerl+vRRnEdINlJNkanmsl5afUdeWZv4opzxehfUsqy7fi+she2P68mNNqe7c36y86DoVAOCDLr7/H69B4/v/o+mFUv5MA0zqm8i028/DluXEjXnY5HzO1PdYl6Xx4+PjPODAx8PQ+PL2weqF/kzfR4jPh+w8Z9zOWR+dGqNwnnNsYvsN85xF8+8rMuuxXdX58kpdHppqzGsqoYX598btTD//ntn94vezBu9qaNZg3bxV9vh1pTNmzT7vkGlvZTxC3vjIzovFz3MMLAprJrbX4vjIfo4mHofs52jidk7NnDjb/RxN3vjob+yHKe2K4yPWm2Z8TDS5+P3IxuMXpunfyePXPFr2+M3gePeM15/r92c7MG/Y9JR29OYN5/b9MPOSOfHTJ9ixPm8Yy+N+VFqcT/xcTnmn5hPj6SK26/A0bTkazCcCH1Qx/4+vEeP5//gF+P/L1CvKU7JXjTFe7ueEys3bU5R3NH5Or7et1/F1+7Z+pXvgyFm51zn7W/2c3tYpa70Fn/sp6seVmfXCfsyZoCnK97LbKer37Ocy+sLCtvr9kd0PfPKhxXdfktvva6ovpMX9fv+UtYUF/X4c5AvN48sXToh8Ya7nz963fCT94NNc5SN/mFM+03ykt+FGbb8mHLv5yOQL6ZR8pOvotgsAOH7E/L/2/lma///vWCG9jijKW8/OrMd4uXlrzvVJXt76B+nypkz9vvQ3KmZ63XzZmU/fseDIU6fn5i0PtpqH/ucpa/2Feejs8ubcPGJNZz4vnptH1PKs2eWJue2v5Ymzy9Nz3qaty9Nnl0fn9k8tj546D3D/odbix3mA3Pi1eYAO5rm/nKx09PLcgvm6zMbiaqvzde9LHr1o6n7OSR6d/vrsXOXRV+SUzzSP7mu4UduvCcduHj21XB4NAHxQxfw/XsbF/P/5TL3Zvs+emxd06Lo9+/dAavFfmpO8cjJ+h97/Lc775jpvneu8fq7nJY7393/nel6of+IPeM7VPNn79v7ysZIXpxuVFwMAcCyL+f/8dD0//59dftKQv3VVLyEn85PjLz+vryc/z4n/gcnPj/f5r7n9nMwJn//H9XR17MTL/3N+cwgAgGNJzP/jrz3Gv//3X9P17N+tPx7z9OB9dHn6cZOnd3ieLcav/xyAeYCj+/n4+ZP1T4B5AAAAjkFdE5lS4+/Zfz5dZn/PPu/38q/Kqd+qSnp5fO2ObaOjV+/cun5kx+jVW25YP7r96hu3bdyxY3RLtd5s88bcvCXNG7tCJe2P5vWyedvi9O8hLM75ewjZ+jHsaRM3Gv8eQnaz8wv+jsDk8WutvXnHrzRN/WbjI+9458X/o5z6Ue34X/fH5169YfvVG7ds3LFxZNPGXaNT641nrb0z+N7MJP0/o+9LzfxoUJr593fGwzO7dpQa2tGV9kfe97MnmXYsSVuyJO/7D3La/d3//hd/cubYLx4NYehD5Y/Mqv+S4bH/cuXoH+w4+IOt4+0vTdv+Ws20XUXfV5qtH/ensumG7TvO2XDDzi3Zb5RsT5zPKNXW52g+I336l1ucn1iXUz7T398vN9w4NrU8PwEAwBTx/f94PRvfP/xqegEVy1vP09t//zgJz+zPzdOHWsvTs99LVpSnZ+vH/W01T++ZZZ6e3X5Rnt6sfrM8PS/vzov/hzn1Z6r1cdLG5zxi+vnYnp254+Sa1sZJ9vsMisZJtv5Mx0kyy3GS3X7ROGlWv9k4yTvuefE/m1M/T9F4qNTGw+w+l5M7Hu5rbTz8ema9aDxk6890PJRmOR6y2y8aD83qNxsPecc3L/7lOfVbNXV8jA+MiXExevWNN2z7Ul29uf7+i9D4kYxW2jdv8rFz+/0f7Xl44mdr/Tu3n/tq12T/hzA8UZLX/rn9XNns21/U/zP4XNmi0PC5stz2vzS7mbDW2z+33++SkVe98fFHa742PRMUff6saB53bU75TOdx5zXcODY1n8ftMo8LR0HM/+PbPTH/vztddvptoOP/e9J8j1nT+B36HrOi65gT7vU8+5b7cfl67n1ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKzuyrKJ5cE7tx+5/NTf++6fj7572+//4+bbf+2Wb/xk8Lrf+c7jvQ+/d2D9GRt++LsnXff0Fy/Z98DfPPvOwid/+Xph4P6Jn5Wz09WeEJI3kxB6vn34L7984MVTxsuSEEI56d8dwpJk6bNLkkyEoZ+HENbX2jn1zifePW/D+PL2u7unlC/OBMnuV+grx/bUtzOEmwr3iONQTzrOdh258Zzwo99ee8f3l3/z77v2vrF7skrSUzeeQlh0Tf3ju0II89P/4+JoWxYfnC7XhBB66x53UUG7Ptpi+1flrJ+WLuely76COPH+FZn1UqZedj3qyix7C7Y3W3ntqBlusV6LFmTWsyej2cprZyxfki6/lS7PnmH8cvyfhFISKrXmb0omx0ioO25JSCaOZU9tvVQ7tiHd/8x6klkvZdbLXU32a3c60MpJUiuvb08pUx5Px5W0/Iz6c3UTV+SUfzhd9qRP1PfiesjeqOpruFHbrwmxXYenaUvqPxVXaV+p7hzUrLx24NOD0ZeW9SVLGx4z1kS878Dae1aW1z13sD+nHcnjSRo/aSv+ru8tWfCFx/bsXJYX/5pSGr/UVvzXLj301lV7vv613Pj3xfjltuKf+0zvm5c+f+eK3P45HPun0lb8kddfuHf5ydfuzW3/gzF+T1vxh/cd6l545Jn9ue0fiv0zv634r1786R8/+vJTb+TGDzF+b1vx1+3b+pXugSNnVeM3niGS/bF/+tobP2/vvfCVgYGfDua1/6UYf2Fb8R/Z/cAnH1p89yW5x3dN7J/+tuJfdubTdyw48tTpeefO5MFOvXICnJhOSq+x7krX280zZ6suX/jrwUr1mm9B+n9hJzeUMb6dRXMYHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAD6Z/vvX8z1/5qc+urSQhJDl1xpqI95XnDQ8PtrHdkddfuHf5ydfurS9b1kYcAAAAoFjMw0u1kp6wLNyYzA+nNa0f5whOi2vJ1PLsHEKMk50jaDdOqUmcUhtxyh1qT6VDcbo6FGdeh+J0dyhOT0GcntBanPnTxKmMj4AW29M7bXtaj9PXoTgLOhRnYYfiLOpQnMUditM/bZzWx+GSDsVZ2qE4J3UozskdivOhDsX5lQ7FOaVDcbJzyjMdhwvTmqfmxZm4US6MU0nKtTuazaefkm7n9Flup69gOwuLXo9b3M78Frfz0czjSjPcTk+L2/nVWW4naXE7vz7L7ZQKthPH7U3Z9sXtxLUWx//NHYqzq0NxbulQnFs7FOdPOxTnzzoU57ZZxgFoVcz/J/O9/tBd+c3Qm55xsrMAMd9dPvGz8fUu74QU430kUz6vKF42Uc/EWz7T9mUnEDLxVmTKu6bEq9TykWni9dTHW5m5c7r9vXi4edvq452dKe+eJt6UHQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAo+Cfbz3/81d+6rNrQxLG/zU11kS8rzxveHiwje0eWHvPyvK65w7Wl3VX2ggEAAAAFIp5eFetpCd0V1aH7mTelHo96TxAT7pe7q8uBxaFNePLZLA0sd6bLJn2cZX0cat2bN66avvNuz62cfPI9aPXj275xOrzV184dMGFF6zasHHT6FD1ZwjdBfFCCBPTD9tv3vWlkU2bRrdtrxZm278sfdyydD1JHzfw8TA0vrw9bf/Sgu2VGrY3dzeKjx4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBv7NpvqGR1+QDw58zMnRmv7s/54b9xcddhXWUrK7VraIn3QJDgn8WLEHOtmyy5knR1F90Vs0kXUlOKQFlYNnzRhkma9MY/KZF/WDDMErqbhEr5ol4UWoaKL0KZuHfmzJ2ZO+PcBtldt8/nxTlnnu/z/T7ne15ceM49AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAwbXQmJqrT8/MTiYRyZCc5gDZWL6YprUx6n7lye0/KK1/d1N3rFQYYyEAAABgpKwPn+hEylEq5CMfJy/92hBdA7Hc9wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP97FhpTc/Xpmdmjk4hkSE5zgGwsX0zT2hh1X3v74c++vH7937pj1THWAQAAAEbL+vBcJ1KOapwWE8nJi51/J5q9G1jbN7+VtyxbZ90q8/rfHQzLO22VeWesMu9jI/I2t883BwAAAHz0Zf1/oROpRKmwZkU/nPX/o/r6LO/Uvrx8+7z6bwWKq84EAAAAPljW/5c6kWqUCtVOv77afn9DX142f9T/7bP5pw+ZP+r/+Ze1z/5PDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfHQuNqbn69MxsPolIhuQ0B8jG8sU0rY1R95ynJv9xyf47NnTHSoUxFgIAAABGyvrw5da7HKXCZEzE0Ut9//qL7nv0S48+PhURrTa/WIybt+zYccM5rWOWd/YL+ye+/9wb316Rd3breMg2CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfGgWGlNz9emZ2aOSiGRITnOAbCxfTNPaGHVf/fwX//LgS0+83h2rjrEOAAAAMFrWhy/3/uWoRjGKceLSr+5ef1Gub/6wdwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAkePGb97yjS3z81tvcHFoLpr5iMPgNlwMvtgUEYfBbRyCi0P9lwkAAPiwnRpJNP9LJ11+qO8aAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HCw0pubq0zOz5SQiGZLTHCAbyxfTtDZG3fTJF0tr3n3qme5YdYx1AAAAgNGyPny59y9HNSZiIk5Y+jXoncBS/185iDcJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHFYWGlNz9emZ2TVJRDIkpzlANpYvpmltjLoP7Nr7ufuP/d7F3bFSYYyFAAAAgJGyPrzYiZSjVPh4lOKU9u/53glJvn0e/F5ged72nmmTq57X6JmXX/W8u/p2VmjvpjWvnK1XaZ0782rL83LtebWuedXolK915i09rN091daMuM+VTx4AAAAOnqz/L3UilSgVSl39/0978ivj9bnbhn1bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcORYaU3P16ZnZJIlIhuQ0B8jG8sU0rY1R95bf/v8xX/3Z3Tu7Y9Ux1gEAAABGy/rw5d6/HNVYF/8X65b6/qj05md5/6y/d/+9//rrpoizTjywvtC/7I+yi1+/euHT/YeIXG92LuLYdr1kSL3f/P7emzY233sw4qwT8qesqBcfXK93ybT5WH3rZTueO7B9xMMBAACAI0TW/090IpUoFa4f2v9nnfeI/r9jqQE/9qZdvzi+fWx35H0zcpV2vdyQel/Y+PCfTz/v728s9v8r632yc/Xpvdfdf3xPwVakT5I2p6/bufnAufty2a5b9fN99bPn8uVvvf7va26+571W/XKU2/G1fbfSqrby2Fc+0uZ8bs/spe/vafTWLwzZ/x2/e+alX629+53F+m+fOtmpf0YMqt/aeWFo/TgqbU5ecefu8/fu39xbPyJqg+q/+c7FcdIfr729f/+TfQt3P/nuY/8DSJsvbHhr33n3VS/orZ/01c+e/89femD3T+757uNZ/exbkU2nrbZ+rq/+83cdt+vZ2y5f21s/N2T/T1/58vptte/8oX//V/esWhh6Fyv3/9CZj1z1ypb01v4hAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAI8tCY2quPj0zm0sikiE5zQGysXwxTWtj1H3tkhffvPLuH/+wO1YdYx0AAABgtKwPX+79y1GNYhRjcqnvf6y+9bIdzx3YHpXWaNI+F+a33bjjE9ds23n91YfozgEAAIDVeu2SZKn/L3QilSgVNsZEu/+fvm7n5gPn7stl/X9u8ZxExDXXzm89Kzp5z9913K5nb7t8bec9QcTSZwHlxbzPLOdddOGLlbf+9PXTB+ads5z3woa39p13X/WCLC+6886OzvuJh8585KpXtqS3du6vO+9TX9s23349ka07ecWdu8/fu39zLnuP0T5PttfN8uZze2YvfX9PI1eJ0uJ4vp1Xbu8bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFhpoTE1V5+emY18RDIkp9mtHcjG8sU0rY1R99KNv7z9mHefWNcdKxXGWAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgP+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhx/5CpCr7OIA/z8zuu7M7u7qrL7QVrasVhV0oBRF1U1ERGiF0ZUhYmhdREEQUdtEaGokV3QRZNxIVVFsIBrlJosUa/ZNuuqigwLoIRFqoXaSLipl5zjh7nNPorAXV5wPDM89zzvme3znPM2d2FgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB/lL6e0Xp7ZMdDc7dfcPMnT9w7+/it7z2w7bLH3vhhfNONH+8dePXk9OblW76+aemmA/etmdr90uFfht757VjH4EcbzcrUrYQQT8QQKu/PPP/k9Kfn1cZiCKEchydCGIlLDo/EXMLqX0MIm5t1zt+4b/aqLbV2266+eeOLcyH56wrVclZPw/D8evl3qaR1tnXukSvCtzes3/75srff6p08PnFql1jbp5zWUwiLNrYe3xtC6E+vmmy1jWYHp3ZdCGGg5bhrOtR18RnWv6qgf2Fq/5faaoecbPuKXL+U2y/fz/Tm2oEO51uoojq63a+TwVw//zBaqGadq9qPj6T23dSuPMv8cvaKoRRDT7P8++OpNRJa5i2GWJ/LSrNfas5tSNef68dcv5Trl3tz11U/b1po5Rjnj2f75cazx3FPGl/e+qxu446C8fNTW0kf1JNZP+TfNFRPe9O8rrqsrpk/qeXvUGp5BrUbb058moxqGqvGJacd83sb2bbp9U9fWt7wwZHhgjri3pjyY1f5Wz8bGbzrzZ0Pjxblbyyl/FJX+d+tPfrTnTtffrEw/7ksv9xV/pUHB06s/XDHisL7M5Pdn54zyo+pn227+9hHzyz7/z2T7ea6nr8ny690Vf/1U0f7huYOHiqsf3V2f/q7yv/mulu+f/3L/ccL80OWP9BV/oapB5/tG5u7vDD/UOOjUK2v0C7Wz8+TV381NvbjeFH+F9n9H2qTHzvmvzax+9pXFu9aU7g+12X3Zzjl959V/bddcmD74Nz+i4qenXHPufrmBPiPafwbISxNf2M9lYY7/c7cN1tq+ztzoVp+L7ww3tP4BhpMr6FzeaKc2nkW/YX5AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAf7MABCQAAAICg/6/bESgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBUAAP//f+0pog==")
creat(&(0x7f0000000040)='./bus\x00', 0x0)
r7 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0)
ioctl$LOOP_SET_BLOCK_SIZE(r7, 0x4c09, 0x800)
creat(&(0x7f00000002c0)='./file1\x00', 0x11)

[   84.982955][ T5324] Bluetooth: hci0: command tx timeout
[   85.058117][ T5347] loop0: detected capacity change from 0 to 2048
[   85.097943][ T5347] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[   85.124957][ T5347] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4
[   85.133235][ T5347] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   85.156317][   T25] audit: type=1800 audit(1753230042.882:2): pid=5347 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.0" name="file1" dev="loop0" ino=1346 res=0 errno=0
[   85.835064][ T5347] getblk(): invalid block size 512 requested
[   85.837893][ T5347] logical block size: 2048
[   85.839902][ T5347] CPU: 0 UID: 0 PID: 5347 Comm: syz.0.0 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[   85.839922][ T5347] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   85.839940][ T5347] Call Trace:
[   85.839948][ T5347]  <TASK>
[   85.839954][ T5347]  dump_stack_lvl+0x189/0x250
[   85.840042][ T5347]  ? __pfx_dump_stack_lvl+0x10/0x10
[   85.840055][ T5347]  ? __pfx__printk+0x10/0x10
[   85.840077][ T5347]  ? fs_reclaim_acquire+0x7d/0x100
[   85.840130][ T5347]  bdev_getblk+0x5b0/0x690
[   85.840153][ T5347]  ? udf_get_pblock_spar15+0x2d0/0x420
[   85.840175][ T5347]  udf_setup_indirect_aext+0x190/0x800
[   85.840203][ T5347]  udf_free_blocks+0x13f2/0x17f0
[   85.840229][ T5347]  ? do_raw_spin_lock+0x121/0x290
[   85.840246][ T5347]  ? __mark_inode_dirty+0x3d6/0xdf0
[   85.840264][ T5347]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   85.840281][ T5347]  ? __pfx_udf_free_blocks+0x10/0x10
[   85.840298][ T5347]  ? __mark_inode_dirty+0x3ab/0xdf0
[   85.840317][ T5347]  ? rcu_is_watching+0x15/0xb0
[   85.840332][ T5347]  ? __mark_inode_dirty+0x3ab/0xdf0
[   85.840352][ T5347]  extent_trunc+0x35c/0x450
[   85.840369][ T5347]  ? __pfx_extent_trunc+0x10/0x10
[   85.840383][ T5347]  ? udf_current_aext+0x51f/0xad0
[   85.840404][ T5347]  udf_truncate_extents+0x5b0/0xec0
[   85.840458][ T5347]  ? __pfx_udf_truncate_extents+0x10/0x10
[   85.840485][ T5347]  ? do_raw_spin_unlock+0x4d/0x240
[   85.840502][ T5347]  udf_setsize+0x972/0x1000
[   85.840525][ T5347]  ? __pfx_udf_setsize+0x10/0x10
[   85.840537][ T5347]  ? down_write+0x162/0x1f0
[   85.840587][ T5347]  ? __pfx_down_write+0x10/0x10
[   85.840603][ T5347]  ? __pfx_current_time+0x10/0x10
[   85.840624][ T5347]  udf_setattr+0x3a1/0x5a0
[   85.840639][ T5347]  ? __pfx_udf_setattr+0x10/0x10
[   85.840653][ T5347]  notify_change+0xb36/0xe40
[   85.840674][ T5347]  do_truncate+0x1a4/0x220
[   85.840691][ T5347]  ? __pfx_do_truncate+0x10/0x10
[   85.840703][ T5347]  ? apparmor_file_truncate+0x23e/0x2d0
[   85.840732][ T5347]  path_openat+0x306c/0x3830
[   85.840745][ T5347]  ? arch_stack_walk+0xfc/0x150
[   85.840784][ T5347]  ? __pfx_path_openat+0x10/0x10
[   85.840794][ T5347]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.840821][ T5347]  do_filp_open+0x1fa/0x410
[   85.840831][ T5347]  ? __lock_acquire+0xab9/0xd20
[   85.840845][ T5347]  ? __pfx_do_filp_open+0x10/0x10
[   85.840891][ T5347]  ? _raw_spin_unlock+0x28/0x50
[   85.840911][ T5347]  ? alloc_fd+0x64c/0x6c0
[   85.840942][ T5347]  do_sys_openat2+0x121/0x1c0
[   85.840964][ T5347]  ? __pfx_do_sys_openat2+0x10/0x10
[   85.840986][ T5347]  ? rcu_is_watching+0x15/0xb0
[   85.841003][ T5347]  __x64_sys_creat+0x8f/0xc0
[   85.841017][ T5347]  do_syscall_64+0xfa/0x3b0
[   85.841030][ T5347]  ? lockdep_hardirqs_on+0x9c/0x150
[   85.841040][ T5347]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.841052][ T5347]  ? clear_bhb_loop+0x60/0xb0
[   85.841069][ T5347]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.841080][ T5347] RIP: 0033:0x7f64ecf8e9a9
[   85.841094][ T5347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   85.841104][ T5347] RSP: 002b:00007f64edd3c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[   85.841117][ T5347] RAX: ffffffffffffffda RBX: 00007f64ed1b5fa0 RCX: 00007f64ecf8e9a9
[   85.841126][ T5347] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 00002000000002c0
[   85.841134][ T5347] RBP: 00007f64ed010d69 R08: 0000000000000000 R09: 0000000000000000
[   85.841141][ T5347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   85.841148][ T5347] R13: 0000000000000000 R14: 00007f64ed1b5fa0 R15: 00007ffd208d4f38
[   85.841167][ T5347]  </TASK>
[   86.007837][ T5347] getblk(): invalid block size 512 requested
[   86.010494][ T5347] logical block size: 2048
[   86.014453][ T5347] CPU: 0 UID: 0 PID: 5347 Comm: syz.0.0 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[   86.014471][ T5347] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   86.014478][ T5347] Call Trace:
[   86.014483][ T5347]  <TASK>
[   86.014489][ T5347]  dump_stack_lvl+0x189/0x250
[   86.014515][ T5347]  ? __pfx_dump_stack_lvl+0x10/0x10
[   86.014531][ T5347]  ? __pfx__printk+0x10/0x10
[   86.014554][ T5347]  ? fs_reclaim_acquire+0x7d/0x100
[   86.014575][ T5347]  bdev_getblk+0x5b0/0x690
[   86.014594][ T5347]  ? udf_get_pblock_spar15+0x2d0/0x420
[   86.014617][ T5347]  udf_setup_indirect_aext+0x190/0x800
[   86.014653][ T5347]  udf_free_blocks+0x13f2/0x17f0
[   86.014678][ T5347]  ? do_raw_spin_lock+0x121/0x290
[   86.014696][ T5347]  ? __mark_inode_dirty+0x3d6/0xdf0
[   86.014716][ T5347]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   86.014733][ T5347]  ? __pfx_udf_free_blocks+0x10/0x10
[   86.014753][ T5347]  ? __mark_inode_dirty+0x3ab/0xdf0
[   86.014772][ T5347]  ? rcu_is_watching+0x15/0xb0
[   86.014787][ T5347]  ? __mark_inode_dirty+0x3ab/0xdf0
[   86.014807][ T5347]  extent_trunc+0x35c/0x450
[   86.014833][ T5347]  ? __pfx_extent_trunc+0x10/0x10
[   86.014847][ T5347]  ? udf_current_aext+0x51f/0xad0
[   86.014868][ T5347]  udf_truncate_extents+0x5b0/0xec0
[   86.014893][ T5347]  ? __pfx_udf_truncate_extents+0x10/0x10
[   86.014917][ T5347]  ? do_raw_spin_unlock+0x4d/0x240
[   86.014937][ T5347]  udf_setsize+0x972/0x1000
[   86.014961][ T5347]  ? __pfx_udf_setsize+0x10/0x10
[   86.014974][ T5347]  ? down_write+0x162/0x1f0
[   86.014987][ T5347]  ? __pfx_down_write+0x10/0x10
[   86.015003][ T5347]  ? __pfx_current_time+0x10/0x10
[   86.015025][ T5347]  udf_setattr+0x3a1/0x5a0
[   86.015039][ T5347]  ? __pfx_udf_setattr+0x10/0x10
[   86.015055][ T5347]  notify_change+0xb36/0xe40
[   86.015076][ T5347]  do_truncate+0x1a4/0x220
[   86.015092][ T5347]  ? __pfx_do_truncate+0x10/0x10
[   86.015104][ T5347]  ? apparmor_file_truncate+0x23e/0x2d0
[   86.015135][ T5347]  path_openat+0x306c/0x3830
[   86.015147][ T5347]  ? arch_stack_walk+0xfc/0x150
[   86.015189][ T5347]  ? __pfx_path_openat+0x10/0x10
[   86.015200][ T5347]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.015227][ T5347]  do_filp_open+0x1fa/0x410
[   86.015238][ T5347]  ? __lock_acquire+0xab9/0xd20
[   86.015252][ T5347]  ? __pfx_do_filp_open+0x10/0x10
[   86.015276][ T5347]  ? _raw_spin_unlock+0x28/0x50
[   86.015291][ T5347]  ? alloc_fd+0x64c/0x6c0
[   86.015311][ T5347]  do_sys_openat2+0x121/0x1c0
[   86.015329][ T5347]  ? __pfx_do_sys_openat2+0x10/0x10
[   86.015351][ T5347]  ? rcu_is_watching+0x15/0xb0
[   86.015367][ T5347]  __x64_sys_creat+0x8f/0xc0
[   86.015382][ T5347]  do_syscall_64+0xfa/0x3b0
[   86.015394][ T5347]  ? lockdep_hardirqs_on+0x9c/0x150
[   86.015406][ T5347]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.015416][ T5347]  ? clear_bhb_loop+0x60/0xb0
[   86.015433][ T5347]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.015444][ T5347] RIP: 0033:0x7f64ecf8e9a9
[   86.015456][ T5347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.015466][ T5347] RSP: 002b:00007f64edd3c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[   86.015512][ T5347] RAX: ffffffffffffffda RBX: 00007f64ed1b5fa0 RCX: 00007f64ecf8e9a9
[   86.015522][ T5347] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 00002000000002c0
[   86.015530][ T5347] RBP: 00007f64ed010d69 R08: 0000000000000000 R09: 0000000000000000
[   86.015538][ T5347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   86.015546][ T5347] R13: 0000000000000000 R14: 00007f64ed1b5fa0 R15: 00007ffd208d4f38
[   86.015566][ T5347]  </TASK>
[   86.015692][ T5347] ==================================================================
[   86.178558][ T5347] BUG: KASAN: slab-out-of-bounds in udf_write_aext+0x69d/0x7b0
[   86.182005][ T5347] Write of size 4 at addr ffff88804090fdd8 by task syz.0.0/5347
[   86.185382][ T5347] 
[   86.186450][ T5347] CPU: 0 UID: 0 PID: 5347 Comm: syz.0.0 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[   86.186466][ T5347] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   86.186475][ T5347] Call Trace:
[   86.186482][ T5347]  <TASK>
[   86.186489][ T5347]  dump_stack_lvl+0x189/0x250
[   86.186510][ T5347]  ? __virt_addr_valid+0x1c8/0x5c0
[   86.186528][ T5347]  ? rcu_is_watching+0x15/0xb0
[   86.186543][ T5347]  ? __pfx_dump_stack_lvl+0x10/0x10
[   86.186558][ T5347]  ? rcu_is_watching+0x15/0xb0
[   86.186574][ T5347]  ? lock_release+0x4b/0x3e0
[   86.186587][ T5347]  ? _raw_spin_lock_irqsave+0xb3/0xf0
[   86.186607][ T5347]  ? __virt_addr_valid+0x1c8/0x5c0
[   86.186622][ T5347]  ? __virt_addr_valid+0x4a5/0x5c0
[   86.186658][ T5347]  print_report+0xca/0x230
[   86.186671][ T5347]  ? udf_write_aext+0x69d/0x7b0
[   86.186689][ T5347]  kasan_report+0x118/0x150
[   86.186712][ T5347]  ? udf_write_aext+0x69d/0x7b0
[   86.186731][ T5347]  udf_write_aext+0x69d/0x7b0
[   86.186748][ T5347]  __udf_add_aext+0x2b9/0x6d0
[   86.186765][ T5347]  udf_free_blocks+0x1466/0x17f0
[   86.186781][ T5347]  ? do_raw_spin_lock+0x121/0x290
[   86.186796][ T5347]  ? __mark_inode_dirty+0x3d6/0xdf0
[   86.186812][ T5347]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   86.186825][ T5347]  ? __pfx_udf_free_blocks+0x10/0x10
[   86.186839][ T5347]  ? __mark_inode_dirty+0x3ab/0xdf0
[   86.186855][ T5347]  ? rcu_is_watching+0x15/0xb0
[   86.186868][ T5347]  ? __mark_inode_dirty+0x3ab/0xdf0
[   86.186887][ T5347]  extent_trunc+0x35c/0x450
[   86.186903][ T5347]  ? __pfx_extent_trunc+0x10/0x10
[   86.186913][ T5347]  ? udf_current_aext+0x51f/0xad0
[   86.186927][ T5347]  udf_truncate_extents+0x5b0/0xec0
[   86.186942][ T5347]  ? __pfx_udf_truncate_extents+0x10/0x10
[   86.186958][ T5347]  ? do_raw_spin_unlock+0x4d/0x240
[   86.186975][ T5347]  udf_setsize+0x972/0x1000
[   86.186992][ T5347]  ? __pfx_udf_setsize+0x10/0x10
[   86.187005][ T5347]  ? down_write+0x162/0x1f0
[   86.187019][ T5347]  ? __pfx_down_write+0x10/0x10
[   86.187032][ T5347]  ? __pfx_current_time+0x10/0x10
[   86.187050][ T5347]  udf_setattr+0x3a1/0x5a0
[   86.187063][ T5347]  ? __pfx_udf_setattr+0x10/0x10
[   86.187076][ T5347]  notify_change+0xb36/0xe40
[   86.187089][ T5347]  do_truncate+0x1a4/0x220
[   86.187104][ T5347]  ? __pfx_do_truncate+0x10/0x10
[   86.187118][ T5347]  ? apparmor_file_truncate+0x23e/0x2d0
[   86.187138][ T5347]  path_openat+0x306c/0x3830
[   86.187149][ T5347]  ? arch_stack_walk+0xfc/0x150
[   86.187169][ T5347]  ? __pfx_path_openat+0x10/0x10
[   86.187180][ T5347]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.187196][ T5347]  do_filp_open+0x1fa/0x410
[   86.187207][ T5347]  ? __lock_acquire+0xab9/0xd20
[   86.187218][ T5347]  ? __pfx_do_filp_open+0x10/0x10
[   86.187234][ T5347]  ? _raw_spin_unlock+0x28/0x50
[   86.187252][ T5347]  ? alloc_fd+0x64c/0x6c0
[   86.187268][ T5347]  do_sys_openat2+0x121/0x1c0
[   86.187287][ T5347]  ? __pfx_do_sys_openat2+0x10/0x10
[   86.187306][ T5347]  ? rcu_is_watching+0x15/0xb0
[   86.187320][ T5347]  __x64_sys_creat+0x8f/0xc0
[   86.187331][ T5347]  do_syscall_64+0xfa/0x3b0
[   86.187345][ T5347]  ? lockdep_hardirqs_on+0x9c/0x150
[   86.187356][ T5347]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.187368][ T5347]  ? clear_bhb_loop+0x60/0xb0
[   86.187381][ T5347]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.187393][ T5347] RIP: 0033:0x7f64ecf8e9a9
[   86.187405][ T5347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.187416][ T5347] RSP: 002b:00007f64edd3c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[   86.187431][ T5347] RAX: ffffffffffffffda RBX: 00007f64ed1b5fa0 RCX: 00007f64ecf8e9a9
[   86.187441][ T5347] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 00002000000002c0
[   86.187449][ T5347] RBP: 00007f64ed010d69 R08: 0000000000000000 R09: 0000000000000000
[   86.187458][ T5347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   86.187466][ T5347] R13: 0000000000000000 R14: 00007f64ed1b5fa0 R15: 00007ffd208d4f38
[   86.187479][ T5347]  </TASK>
[   86.187484][ T5347] 
[   86.364338][ T5347] Allocated by task 5347:
[   86.366300][ T5347]  kasan_save_track+0x3e/0x80
[   86.368542][ T5347]  __kasan_kmalloc+0x93/0xb0
[   86.370695][ T5347]  __kmalloc_noprof+0x27a/0x4f0
[   86.372949][ T5347]  __udf_iget+0xc66/0x3ae0
[   86.375016][ T5347]  udf_fill_partdesc_info+0x773/0x1310
[   86.377564][ T5347]  udf_process_sequence+0x1133/0x4840
[   86.379980][ T5347]  udf_check_anchor_block+0x28e/0x550
[   86.382455][ T5347]  udf_load_vrs+0x96d/0xf20
[   86.384539][ T5347]  udf_fill_super+0x5ad/0x17a0
[   86.386814][ T5347]  get_tree_bdev_flags+0x40b/0x4d0
[   86.389311][ T5347]  vfs_get_tree+0x92/0x2b0
[   86.391494][ T5347]  do_new_mount+0x24a/0xa40
[   86.393628][ T5347]  __se_sys_mount+0x317/0x410
[   86.395826][ T5347]  do_syscall_64+0xfa/0x3b0
[   86.397950][ T5347]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.400894][ T5347] 
[   86.402181][ T5347] The buggy address belongs to the object at ffff88804090fc00
[   86.402181][ T5347]  which belongs to the cache kmalloc-512 of size 512
[   86.408760][ T5347] The buggy address is located 0 bytes to the right of
[   86.408760][ T5347]  allocated 472-byte region [ffff88804090fc00, ffff88804090fdd8)
[   86.415111][ T5347] 
[   86.416265][ T5347] The buggy address belongs to the physical page:
[   86.419288][ T5347] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4090e
[   86.423152][ T5347] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   86.426922][ T5347] anon flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff)
[   86.430799][ T5347] page_type: f5(slab)
[   86.432647][ T5347] raw: 04fff00000000040 ffff88801a441c80 ffffea0000472900 0000000000000005
[   86.436362][ T5347] raw: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000
[   86.440003][ T5347] head: 04fff00000000040 ffff88801a441c80 ffffea0000472900 0000000000000005
[   86.443746][ T5347] head: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000
[   86.447480][ T5347] head: 04fff00000000001 ffffea0001024381 00000000ffffffff 00000000ffffffff
[   86.451098][ T5347] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   86.454820][ T5347] page dumped because: kasan: bad access detected
[   86.457575][ T5347] page_owner tracks the page as allocated
[   86.460111][ T5347] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5315, tgid 5315 (sh), ts 79435433841, free_ts 62679999154
[   86.468621][ T5347]  post_alloc_hook+0x240/0x2a0
[   86.470916][ T5347]  get_page_from_freelist+0x21e4/0x22c0
[   86.473497][ T5347]  __alloc_frozen_pages_noprof+0x181/0x370
[   86.476058][ T5347]  alloc_pages_mpol+0x232/0x4a0
[   86.478318][ T5347]  allocate_slab+0x8a/0x3b0
[   86.480333][ T5347]  ___slab_alloc+0xbfc/0x1480
[   86.482440][ T5347]  __kmalloc_noprof+0x305/0x4f0
[   86.484593][ T5347]  tomoyo_init_log+0x1a6e/0x1f70
[   86.486844][ T5347]  tomoyo_supervisor+0x340/0x1480
[   86.489148][ T5347]  tomoyo_path_permission+0x25a/0x380
[   86.491464][ T5347]  tomoyo_path_perm+0x392/0x4b0
[   86.493553][ T5347]  security_inode_getattr+0x12f/0x330
[   86.495898][ T5347]  __x64_sys_newfstat+0xfc/0x200
[   86.498101][ T5347]  do_syscall_64+0xfa/0x3b0
[   86.500031][ T5347]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.502460][ T5347] page last free pid 5227 tgid 5227 stack trace:
[   86.505144][ T5347]  __free_frozen_pages+0xc71/0xe70
[   86.507454][ T5347]  __put_partials+0x161/0x1c0
[   86.509617][ T5347]  put_cpu_partial+0x17c/0x250
[   86.511847][ T5347]  __slab_free+0x2f7/0x400
[   86.513874][ T5347]  qlist_free_all+0x97/0x140
[   86.515888][ T5347]  kasan_quarantine_reduce+0x148/0x160
[   86.518174][ T5347]  __kasan_slab_alloc+0x22/0x80
[   86.520288][ T5347]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[   86.522938][ T5347]  getname_flags+0xb8/0x540
[   86.525484][ T5347]  vfs_fstatat+0x43/0x170
[   86.527453][ T5347]  __x64_sys_newfstatat+0x116/0x190
[   86.529812][ T5347]  do_syscall_64+0xfa/0x3b0
[   86.531867][ T5347]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.534610][ T5347] 
[   86.535787][ T5347] Memory state around the buggy address:
[   86.538548][ T5347]  ffff88804090fc80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   86.542194][ T5347]  ffff88804090fd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   86.545747][ T5347] >ffff88804090fd80: 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc
[   86.549468][ T5347]                                                     ^
[   86.552561][ T5347]  ffff88804090fe00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   86.556288][ T5347]  ffff88804090fe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   86.560111][ T5347] ==================================================================
[   86.605847][ T5347] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   86.609131][ T5347] CPU: 0 UID: 0 PID: 5347 Comm: syz.0.0 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[   86.613446][ T5347] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   86.618114][ T5347] Call Trace:
[   86.619805][ T5347]  <TASK>
[   86.621124][ T5347]  dump_stack_lvl+0x99/0x250
[   86.623186][ T5347]  ? __asan_memcpy+0x40/0x70
[   86.625277][ T5347]  ? __pfx_dump_stack_lvl+0x10/0x10
[   86.627578][ T5347]  ? __pfx__printk+0x10/0x10
[   86.629648][ T5347]  panic+0x2db/0x790
[   86.631435][ T5347]  ? __pfx_preempt_schedule+0x10/0x10
[   86.633878][ T5347]  ? __pfx_panic+0x10/0x10
[   86.635905][ T5347]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[   86.638749][ T5347]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   86.641628][ T5347]  ? udf_write_aext+0x69d/0x7b0
[   86.643668][ T5347]  check_panic_on_warn+0x89/0xb0
[   86.645858][ T5347]  ? udf_write_aext+0x69d/0x7b0
[   86.648016][ T5347]  end_report+0x78/0x160
[   86.650039][ T5347]  kasan_report+0x129/0x150
[   86.652092][ T5347]  ? udf_write_aext+0x69d/0x7b0
[   86.654344][ T5347]  udf_write_aext+0x69d/0x7b0
[   86.656508][ T5347]  __udf_add_aext+0x2b9/0x6d0
[   86.658740][ T5347]  udf_free_blocks+0x1466/0x17f0
[   86.661127][ T5347]  ? do_raw_spin_lock+0x121/0x290
[   86.663320][ T5347]  ? __mark_inode_dirty+0x3d6/0xdf0
[   86.665625][ T5347]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   86.668111][ T5347]  ? __pfx_udf_free_blocks+0x10/0x10
[   86.670402][ T5347]  ? __mark_inode_dirty+0x3ab/0xdf0
[   86.672752][ T5347]  ? rcu_is_watching+0x15/0xb0
[   86.674964][ T5347]  ? __mark_inode_dirty+0x3ab/0xdf0
[   86.677281][ T5347]  extent_trunc+0x35c/0x450
[   86.679298][ T5347]  ? __pfx_extent_trunc+0x10/0x10
[   86.681676][ T5347]  ? udf_current_aext+0x51f/0xad0
[   86.684262][ T5347]  udf_truncate_extents+0x5b0/0xec0
[   86.686573][ T5347]  ? __pfx_udf_truncate_extents+0x10/0x10
[   86.689058][ T5347]  ? do_raw_spin_unlock+0x4d/0x240
[   86.691393][ T5347]  udf_setsize+0x972/0x1000
[   86.693511][ T5347]  ? __pfx_udf_setsize+0x10/0x10
[   86.695635][ T5347]  ? down_write+0x162/0x1f0
[   86.697552][ T5347]  ? __pfx_down_write+0x10/0x10
[   86.699489][ T5347]  ? __pfx_current_time+0x10/0x10
[   86.701703][ T5347]  udf_setattr+0x3a1/0x5a0
[   86.703674][ T5347]  ? __pfx_udf_setattr+0x10/0x10
[   86.706130][ T5347]  notify_change+0xb36/0xe40
[   86.708523][ T5347]  do_truncate+0x1a4/0x220
[   86.710467][ T5347]  ? __pfx_do_truncate+0x10/0x10
[   86.712596][ T5347]  ? apparmor_file_truncate+0x23e/0x2d0
[   86.715049][ T5347]  path_openat+0x306c/0x3830
[   86.717134][ T5347]  ? arch_stack_walk+0xfc/0x150
[   86.719474][ T5347]  ? __pfx_path_openat+0x10/0x10
[   86.721690][ T5347]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.724284][ T5347]  do_filp_open+0x1fa/0x410
[   86.726338][ T5347]  ? __lock_acquire+0xab9/0xd20
[   86.728477][ T5347]  ? __pfx_do_filp_open+0x10/0x10
[   86.730672][ T5347]  ? _raw_spin_unlock+0x28/0x50
[   86.732813][ T5347]  ? alloc_fd+0x64c/0x6c0
[   86.734749][ T5347]  do_sys_openat2+0x121/0x1c0
[   86.736774][ T5347]  ? __pfx_do_sys_openat2+0x10/0x10
[   86.739137][ T5347]  ? rcu_is_watching+0x15/0xb0
[   86.741560][ T5347]  __x64_sys_creat+0x8f/0xc0
[   86.743920][ T5347]  do_syscall_64+0xfa/0x3b0
[   86.746166][ T5347]  ? lockdep_hardirqs_on+0x9c/0x150
[   86.748977][ T5347]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.751538][ T5347]  ? clear_bhb_loop+0x60/0xb0
[   86.753724][ T5347]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.756466][ T5347] RIP: 0033:0x7f64ecf8e9a9
[   86.758510][ T5347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.766901][ T5347] RSP: 002b:00007f64edd3c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[   86.770804][ T5347] RAX: ffffffffffffffda RBX: 00007f64ed1b5fa0 RCX: 00007f64ecf8e9a9
[   86.774319][ T5347] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 00002000000002c0
[   86.777753][ T5347] RBP: 00007f64ed010d69 R08: 0000000000000000 R09: 0000000000000000
[   86.781356][ T5347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   86.784849][ T5347] R13: 0000000000000000 R14: 00007f64ed1b5fa0 R15: 00007ffd208d4f38
[   86.788381][ T5347]  </TASK>
[   86.789898][ T5347] Kernel Offset: disabled
[   86.791775][ T5347] Rebooting in 86400 seconds..