program: syz_mount_image$jfs(&(0x7f0000000400), &(0x7f00000017c0)='./file1\x00', 0x1c880, &(0x7f0000000000)=ANY=[], 0xf9, 0x6082, &(0x7f00000084c0)="$eJzs3cuOHFcZB/CvL9NzCbGtCEXGYuE4EBJCfLch3OKwYAFIIKGssTWZRAYHkG0QiSw8kReIBZdHgE02LPIiYcca8QBYsllFglCops+xq9s902M809U95/eTZqq+PlXTp/yfmu5yVfUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACC+8+0fnulExOVfpgeORHwqehHdiNW6Ph71zKW8fD8ijsZWczwbEb3liHr9rW+HI85HxEeHIu7dv7VeP3x2l/24cPrm9U+++62//+YPd47++M0ffTDe/oNPn/vwt7cjjnz/1Q8/ub032w4AAAClqKqq6qTD/GNb34fH9gDAwTd8/R++H6jlx9VqtbqgenMGz/f77vxsr7rguqma7HaziIjN5jr1ewan4wFgwWzGx213gRbJv2j9iHiq7U4Ac63TdgfYF/fu31rvpHw7zdeD4aUgD64FGcl/s/Pg/o7tptOMX2Myq9+vO9GLZ7bpz+qM+jBPcv7d8fwvD9sHabn9zn9Wtst/MLz1qTg5/954/mNG8v9jRCxs/t2J+Zcq599/nPw3ewu8/8sfAAAAAICDL////5GWz/8uP/mm7MpO53+Pz6gPAAAAAAAAALDXnnT8vweM/wcAAABzqz5Wr/3p0MPHOhF/Ozxh2foQ/41OxNNjywOFSTfLlPiZeQAAAAAAAAAAAADQmn7EWrqufykinl5bq6qq/moarx/Xk66/6ErffihZ23/kAQBg6KND6V7+uyvDBzoR9dwb6bP+ltbW1qpqZXWtWqtWl/P72cHySrXaOK7N0/qx5cEu3hD3B1X9w1Ya6zVNO16e1j7+8+rnGlS9XXRsNtpOHYDSDV+N7nlFOmCq6nC0/S6HxWD/P3js/+xG27+nAAAAwP6rqqrqpI/zPpbO+Xfb7hQAMAsr+fV//LyAWq1Wq9Xqg1c3VZPdbhYRsdlcp37PYDh+AFgwm/Fx212gRfIvWj8ijrbdCWCuddruAPvi3v1b652Ub6f5epDGd8/Xgozkv9nZWi+vP2k6zfg1JrP6/boTvXhmm/48O6M+zJOcf3c8/8vD9kFabr/zn5Xt8q+380gL/Wlbzr83nv+Yg5N/d2L+pcr59x8r/578AQAAAABgjuX//z/i/G/eZAAAAAAAAABYOPfu31rP973m8/+fnbBcpznn/s8DI+ff2XX+7v89SHL+3fH8xy7I6TXm777+MP9/3b+1/sHNf34mT+c+/6XeoH7upU6310/X/FRLb8XVuBYbcfqR5fsj7WceaV8aaT87pf3cI+2Dun01t5+M9fhZXIs3H7QvT7kwamVKezWlPeff25P9f3nnJ2uw/8+HnH+/8VXnv5baO2PT2t33u4/s983ppOe59Jf/vPDo3rXXBlOXuBO9B9vWVG/fiX3p0862/k2eGsQvbmxcP/mrKzdvXj8TaTLy6NlIkz2W819KXzn/F58ftue/+8399e77g8fOf17cif62+T/fmK+396UZ960NOf9B+sr551egyfv/Iue//f7/cgv9AQAAAAAAAAAAAAAAgJ1UVbV1i+iliLiY7v9p695MAGCmfve9NFMloVar1Wq1eq/q/pz1Z0Q12WvNIlZG17kYEb+e9MMAgHn234j4R9udoDXyL1j+vL96+rm2OwPM1I133/vJlWvXNq7faLsnAAAAAAAAAMD/K4//ebwx/vPWdUBj40aPjP/6ehxf2PE/u4Pe1ljnaYOei53H/z4RO4//3Z/yfEtT2qeNWDxtRO2VKe0Tb/RoyPk/lzLO+R9LG1bS+K8vttCftuX8T6SxnnP+Xxhbrpl/9edFzr87kv+pm+/8/NSNd9975eo7V97eeHvjp2dOXzx/7sL5cxcunHrr6rWN08PvLfZ4f+X889jXrgMtS84/Zy7/suT8P59q+Zcl5/9CquVflpx/fr8n/7Lk/POxj/zLkvN/KdXyL0vO/4upln9Zcv4vp1r+Zcn5fynV8i9Lzv+VVMu/LDn/k6mWf1ly/qdSLf+y5PzzGS75lyXnn69skH9Zcv5nUy3/suT8z6Va/mXJ+Z9PtfzLkvO/kGr5lyXnfzHV8i9Lzv/LqZZ/WXL+X0m1/MuS83811fIvS87/q6mWf1ly/l9LtfzLkvP/eqrlX5ac/zdSLf+y5Py/mWr5lyXn/1qq5V+Wh5//b2bGM//+a8QcdGM/ZqqqquagG2aeYKbtv0wAAAAAAAAAAAAAwLhZXE7c9jYCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8jx04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirswIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYe/eYuS66zuAn73Zu0kgLgkhBEPWjhMM2Xh3fUtMMJhLaBoKTQOhpQ11jL12DL7Va0MSRWTTpG0QkRqpfUgfyk0UoV6UCCGVSimKVKT2rXkC5QW1Uh4sNalMBJWoSLY6c/7//87Mzs6s7V37zDmfD4p/3rn+58yZ2f2u+c4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABotuEjM38+kGVZ/l/jj3VZdkX+97FsT/7l3M5LvUIAAADgQr3e+PMfrkwn7FnGlZou82/v+o8fzM/Pz2eff+3MG385P5/OGM+yobVZ1jgv+vdf/XK++TLB49nowGDT14M97n6ox/nDPc4f6XH+mh7nr+1x/miP8xdtgEXGit/HNG5sU+Ov64pNml2djTTO29ThWo8PrB0cjL/LaRhoXGd+5GB2ODuSzWRTi64z0Phflj2/Ib+vO7N4X4NN97U+y7KzP39kf1zDQNjGm7KWO2tofu5e/VA2/trPH9n/3VOvvL3T7LkZFq00yzZvzNf5RJYt/LoqG8jWpm0S1znYtM71HdY51LLOgcb18r+3r/PsMtcZH/doWOeLXda5Ppz24A1Zls1lS16m3ePZYHZZ272m7T1a7BH5beRP5Vuy4XPaTzYsYz/Jr/PyDa37Sfs+Gbf/hrBNhpdYQ/PT8epjaxZt9/PdT/JHXYZ9Nb/tu/M7HR1t/tVqy76aX+aRG5feBzo+dx32gbQvN+0DG3vtA4Nrhhr7wODCmje27APTi64zmA007uvMjd33gclTR09Mzj708C2Hj+47NHNo5tj01M7t23Zs37Zjx+TBw0dmpoo/z22T9pHLssG0D24M7zVxH3x322Wbd8n5b63c62C0JK+D/LF/+qZ8QVcMZkvs4/llnth84a+D9H2/6XUw3PQ66Pie2uF1MLyM10F+mbObl/c9c7jpv05rWK33wnVN+8Cl/H6Y3+d971n6vXB9WNeT7z3X74dDi/aB+LAGwmsvPyX9vDd6W9gui/eL6/IzLl+TnZ6dObnlwX2nTp2czsK4KK5qeq7a95fLmh5Ttmh/GTzn/WXP3//6pus6nL4ubKvRm7s/V/lltk90f64a7+6t23NNVmzPllO3ZmGssIu9PTt9N8u3Z8oSXbZnfpknbrnwnwVTLml6/xvp9f43NDJcvP8Npa0x0vL+t/ipGWqsLMvO3rK897+R8N/Ffv+7uiTvf/m2um9L930gv8yTk+e6Dwx3ff+7IcyBsJ73hMQw2pT732icP1fspk3PZc/9Znh4JOw3w/EeW/ebbYuuk99aft+bp85vv9l8Q+tz1fJzSwX3m3xb/dVU9/0mv8wL0xf+3jEW/9r03rGm1z4wMrQmX+9I2gmK97v5sbgPbMn2Z8ezI9mBdJ38Wc7va2Lr8vaBNeG/i/3ecW1J9oF8Wz2ztfs+kF/mx9tW9menzeGUdJmmn53af7+wVOa/bnjh9to320pn/nydH/3JJ9NpnTJEfplXtp9rzui+nW4Op1zeYTu1v36W2qcPZBdnO10b1nlkR/ffTeWXuXrnMvenPVmWvTT9UuP3XeH3u98//ZMftPzet9PvlF+afumuyXt+ei7rBwDg/L3R+HNuTfGzZtO/WC/n3/8BAACAvhBz/2CYifwPAAAAlRFz/1CYifwPAAAAlRFz/3CYSU3y/wO37Xr29Uez9GmA80E8P26Guz9QXC52vOfC1+PzC/LTP/ydkWe/+ujy7nswy7Jf3/WOjpd/4ANxXYUTcZ3vaz19kWuvX9b933/vwuWaPz/h7K7i9uPjWe5uELvKz09ubdzu+EPTjfnCXVlj3jP35OPF7Rdfx8uf2VZc/m/Ch5bsOTjQcv3NYT2bwhwPnylz956F7ZDPeL1n17/rX6/6zML9xesNbHxz42E+85XiduNnRD19VXH5+LiXWv+/fO17z+aXf/DGzut/dLDz+s+E2305zF/tLi7fvM2/2rT+Pw3rj/cXr7fl2z/quP7n3lZc/rmwX3wzzPb1f+gv3vl6p+cr3s+e24vrxfuf+t/tjevF24u3377+0UenW7ZH++2/8FpxO7u/9Iuh5svH0+P9RPff3rp/D4Tnt6VHnmXZ9/4sa9nO2fuL6/1z2/rj7Z24vfP6b25b54mB6xvXX3g861oe19f/dmvHxxvXs+cf17U8nqfvCNvvtckf57d75p6wP4bz/+/F4vbaP8v0uTta32/i5b+5rnjdxtubbFv/023rn7s+33a913/na8X6n/vg2pb17/lY2J/uLGav9R/6xpUt1//Wd4vn4+SXJ44dnz19+EDTVm1+Ha8dHbvs8ive9OYrw3tp+9d7j596YObk+NT4VJaN9+FHBq72+r8d5v8UY27l76Hw018U+91THy++b737l8XXT4fT7w/PZ/z++PW/HmnZX9uf97kPFvNC1//esI7letvX/uv6ZV3wzOeeP/1Pf/JK+88F8fGceOto4/E9s+GaxnkDLxTnt79f9fKfb219Xf9seKoxfxi263z4ZOaN1xT313778bNJnvpU8fqNP8nF62dtnyeybqj1cVzo+n8Wfo750bWt739x//jho22f5rwuG8iXMBfeH7K54vx4qbi9nzp7Tcf7i5/Dk829/VyWuaTZh2Ynjxw+dvrByVMzs6cmZx96eO/R46ePndrb+OzSvV/odf2F1/dljdf3gZmd27PGq/14MVbZpV7/iXv3H7h16qYDMwf3nT546t4TMycP7Z+d3T9zYPamfQcPzny51/UPH9g9vXXXtlu3Thw6fGD3bbt2bds1cfjY8XwZxaJ62Dn1xYljJ/c2rjK7e/uu6R07tk9NHD1+YGb3rVNTE6d7Xb/xvWkiv/aXJk7OHNl36vDRmYnZww/P7J7etXPn1p6f/nj0xMHZ8cmTp49Nnp6dOTlZPJbxU42T8+99va5PPcweD+93bQbCT+efvXln+nzc3HceW/Kmiou0/niavRo+Cyp+f+v1dcz9I2EmNcn/AAAAUAcx94cP/l84Q/4HAACAyoi5f22YifwPAAAAlRFzf5H8R9Ph3+uS/1eq//+Y/n+D/r/+f6b/n+j/6/9n+v/6/z3o/+v/9/P69f/1/+mtbP3/kPuzsSzz7/8AAABQUWPxH74b5H8AAACoouL/WDOaXR5mIv8DAABAZcTcf0WYSU3yv+P/6//r/3fr/8fL6v9n+v9l6P9v+m/9/0X0//X/M/3/83ap+/P9vv4S9v/H9P8pm7L1/2Puf1OYSU3yPwAAANRBzP1vDjOR/wEAAKAyYu6/MsxE/gcAAIDKiLl/XZhJTfK//r/+v/6/4//r//dN/9/x/zvQ/1/9/n/zt1X9/1b6//r/Jev/O/4/pVO2/n/M/b8RZlKT/A8AAAB1EHP/W8JM5H8AAACojJj7rwozkf8BAACgMmLuvzrMpCb5v579/5ezLNP/z/T/+7D/P9b4U/9f/7+f6P/3f//f8f+Xpv+v/6//r/9Pd2Xr/8fc/9Ywk5rkfwAAAKiDmPuvCTOR/wEAAKAyYu5/W5iJ/A8AAACVEXP/tWEmNcn/9ez/O/6//n+h//r/hYr1/7+i/6//fyH0//X/s/r0/8f0/8u1fv1//X96K1v/P+b+t4eZ1CT/AwAAQB3E3H9dmIn8DwAAAJURc/87wkzkfwAAAKiMmPvXh5nUJP/r/+v/6//r/zv+v/7/auqv/v/gkufo/xf0/1utXP9/bmEBjv/fN+vX/9f/p7ey9f9j7n9nmElN8j8AAADUQcz97wozkf8BAACgMmLuvz7MRP4HAACAyoi5fzzMpCb5X/9f/1//X/9f/1//fzX1V/9/afr/Bf3/Vhf5+P/6/yVbv/6//j+9la3/H3P/hjCTmuR/AAAAqIOY+zeGmcj/AAAAUBkx998QZiL/AwAAQGXE3L8pzKQm+V//X/9f/1//X/9f/3816f/r/3ej/6//38/r1//X/6e3svX/Y+6/McykJvkfAAAA6iDm/pvCTOR/AAAAqIyY+98dZiL/AwAAQGXE3L85zKQm+V//X/9f/7+P+/9D+v+Z/n/p6f/r/3ej/1+u/v+w/r/+v/4/K6xs/f+Y+98TZlKT/A8AAAB1EHP/e8NM5H8AAACojJj7bw4zkf8BAACgMmLunwgzqUn+1//X/9f/7+P+v+P/t6x/Bfr/I82n6/+vDP1//f9u9P/L1f93/H/9f/1/VlrZ+v8x998SZlKT/A8AAAB1EHP/ljAT+R8AAAAqI+b+yTAT+R8AAAAqI+b+qTCTmuR//f+L2f9vbGP9f/1//f9wfgn7/47/vwr0//X/u9H/1//v5/Xr/+v/01vZ+v8x90+HmdQk/wMAAEAdxNy/NcxE/gcAAIDKiLl/W5iJ/A8AAACVEXP/9jCTmuT/Pun/b0kFqL7u/zv+v/5/X/b/08tA/1///3zo/+v/d6P/r//fz+vX/9f/p9Vgh9PK1v+PuX9HmElN8j8AAADUQcz9O8NM5H8AAACojJj7bw0zkf8BAACgMmLuvy3MpCb5v0/6/xU5/r/+v/5/X/b/k6I/P6T/v8T69f870//X/+9G/1//v5/Xr/+v/09vZev/x9y/K8ykJvkfAAAA6iDm/veFmcj/AAAAUBkx998eZiL/AwAAQF/pdBzCKOb+94eZ1CT/6/9Xvf8/v1b/X/9/Zfv/jv+v/39u9P/1/7vR/9f/7+f16//r/9Nb2fr/MffvDjOpSf4HAACAOoi5/wNhJvI/AAAAVEbM/R8MM5H/AQAAoDJi7t8TZlKT/K//X/X+f22O/984X/9f/1//v3z0//X/u9H/78/+f/ixRf+/RP3/fB/S/6eMytb/j7n/Q2EmNcn/AAAAUAcx9384zET+BwAAgMqIuf8jYSbyPwAAAFRGzP0fDTOpSf7X/9f/r0j/3/H/9f/1/0tK/3/V+v+Nt0L9/8KS/f8x/f9uFvrzVzr+f5/3/x3/n7IqW/8/5v47wkxqkv8BAACgDmLu/1iYifwPAAAAlRFz/2+Gmcj/AAAAUBkx998ZZlKT/K//r/+v/6//r/+v/7+a9P8d/78bx/8vS///0vTn+339+v/6//RWtv5/zP2/FWZSk/wPAAAAdRBz/11hJvI/AAAAVEbM/R8PM5H/AQAAoM+sWfKcmPt/O8ykJvm///r/433Z/x9Mt6//r/+v/6//r/+/kvT/9f8z/f/zdqn78/2+fv1//X96K1v/P+b+T4SZ1CT/AwAAQB3E3P/JMBP5HwAAACoj5v7fCTOR/wEAAKAyYu6/O8ykJvl/pfv/7dfvxvH/9f8z/X/9f/1//f8L1E/9/xH9/0X0//X/+3n9+v/6//RWtv5/zP2/G2ZSk/wPAAAAdRBz/z1hJvI/AAAAlNQD53yNmPs/FWYi/wMAAEBlxNz/6TCTmuT//jv+f//1//Pb1//X/8/0//X/m7aq/v/K6d6f/8YnVup+HP+/oP/fSv+/v/r/Yyu8fv1//X96K1v/P+b+e8NMapL/AQAAoA5i7v9MmIn8DwAAAJURc//vhZnI/wAAAFAZMff/fphJTfK//n/P/v/fLeexOP5/5/Xr/+v/6//r/zv+/+L+f/4epv9f0P/X/+/n9ev/6//TW9n6/zH3fzbMpCb5HwAAAOog5v4/CDOR/wEAAKAyYu7/wzAT+R8AAAAqI+b++8JMapL/9f9X//j/+v/6//r/+v/6//r/jv/fmf6//n8/r1//X/+f3srW/4+5/3NhJjXJ/wAAAFAHMff/UZiJ/A8AAACVEXP/3jAT+R8AAAD6QHujtLOY++8PM6lJ/tf/1//X/9f/1//X/19N+v/6/93o/+v/9/P69f/1/+mtbP3/mPv3hZnsab0bAAAAoH/F3P/5MJOa/Ps/AAAA1EHM/fvDTOR/AAAAqIyY+w+EmdQk/+v/6//r/+v/6//r/68m/X/9/270//X/+3n9+v/6//RWtv5/zP0zYSY1yf8AAABQBzH3Hwwzkf8BAACgMmLuPxRmIv8DAABAZcTc/0CYSU3yv/6//r/+f237/y9+v22d+v/6/6tB/1//vxv9f/3/fl6//r/+P72Vrf8fc//hMJOa5H8AAACog5j7vxBmIv8DAABAZcTc/8UwE/kfAAAAKiPm/iNhJjXJ//r/+v/6/7Xt/y/v+P9jC/er/6//fz70//X/u9H/1//v5/Xr/+v/09t59v/XdLipFen/x9x/NMykJvkfAAAA6iDm/mNhJvI/AAAAVEbM/cfDTOR/AAAAqIyY+0+EmdQk/+v/n1v/f2CJbqD+f+f16/9XoP/fRP9f//986P/r/3dzEfr/bzRfRf+/1aXuz6/i+ocy/X/9f0qhFMf/H1n4Oub+Pw4zqUn+BwAAgDqIuf9kmIn8DwAAAJURc/9smP/P3n0tWVpWcRzeNgwMRek1cAtegZfgsZ5Z5R1gjmDGrJhzwpwwK+accw6YsyhmUau06F5rDT0zvXdPT+/p93vX8xywoGmZr2ta5V8zv/qK/Q8AAADTyN3/gLilyf7X/3v/v/5f/6//1/9vk/5f/7+O9//r/5f8/Pp//T+bDdH/3+Wvc/c/MG5psv8BAACgg9z9D4pb7H8AAACYRu7+B8ct9j8AAABMI3f/Q+KWJvtf/6//1//r//X/+v9t0v/r/w+S/1uk/9f/L/X59f/6fzYbrf/P3f/QuKXJ/gcAAIAOcvc/LG6x/wEAAGAaufsfHrfY/wAAADCN3P2PiFua7H/9v/5f/6//1//r/7dJ/6//X8f7//X/S35+/b/+n81G6/9z9z8ybmmy/wEAAKCD3P2PilvsfwAAAJhG7v5Hxy32PwAAAEwjd/91cUuL/X+5/l//r/9fYv9/uf5f/7/n2tX49P/6/3X0//r/JT+//l//z2aj9f+5+6+PW1rsfwAAAOghd/9j4hb7HwAAABZg51Cflbv/sXGL/Q8AAADTyN3/uLilyf7X/+v/9f8L7P+9/1//vyD6f/3/Ovp//f+Sn1//r/9ns9H6/9z9j49bmux/AAAA6CB3/xPiFvsfAAAAppG7/4lxi/0PAAAA08jd/6S4pcn+1//r//X/+n/9v/5/m/T/+v91ltz/5+fq//X/+n/9Pwfbev9/7xt272H7/9z9N8QtTfY/AAAAdJC7/8lxi/0PAAAA08jd/5S4xf4HAACAaeTuf2rc0mT/6//1/2f6///dTf+v/9f/n/m4/v946P/1/+ssuf9fef+//l//r/9no633/xt6/7P/Onf/0+KWJvsfAAAAOsjd//S4xf4HAACAaeTuf0bcYv8DAADANHL3PzNuabL/9f/6f+//1//r//X/26T/H7b/P/u/evvp/w9F/6//P6j/v9chnl//Twej9f+5+58VtzTZ/wAAANBB7v5nxy32PwAAAEwjd/+NcYv9DwAAANPI3f+cuKXJ/tf/6//1//r//f3/Tsv+/86P6f+3Q/8/bP+/nv7/UPT/+n/v/9f/s95o/X/u/ufGLU32PwAAAHSQu/95cYv9DwAAANPI3f/8uMX+BwAAgGnk7n9B3NJk/+v/9f8X1f9fqf+fr/+/wPf/XzZH/+/9/9uj/9f/r6P/1/8v+fn1//p/Nhut/8/d/8K4pcn+BwAAgOntrGr3vyhusf8BAABgGrn7Xxy32P8AAAAwjdz9L4lbmux//b/+3/v/9f8X1f9P8v7/ZfT/V+n/z0P/36P/X+n/62vR/4/z/Pp//T+bjdb/5+5/adzSZP8DAABAB7n7Xxa32P8AAAAwjdz9L49b7H8AAACYRu7+V8QtTfa//l//r//X/+v/l9L/e///+ej/e/T/3v9/5mvR/4/z/Pp//T+bjdb/5+5/ZdzSZP8DAABAB7n7XxW32P8AAAAwjdz9r45b7H8AAACYRu7+18QtZ+//nUv5VJeO/l//r//X/+v/9f/bpP/X/6+j/z9//3/6gB9P/z/W8+v/9f9sNlr/n7v/prjFr/8DAADANHL3vzZusf8BAABgGrn7Xxe32P8AAAAwjdz9r49bmuz/g/r/26/e+/v6/8PR/5//+fX/+v/D9v933HrmP6f/1/9fCP2//n81Yf/v/f/LeH79v/6fzUbr/3P3vyFuabL/AQAAoIPc/W+MW+x/AAAAmEbu/jfFLfY/AAAATCN3/5vjlib7//jf/3+N/l//r/+Pq//3/n/9v/7/0vX/pw71+fr//V+H/v/a+1yx96f6f/2//p+tOJ7+/7LVcfX/ufvfErc02f8AAADQQe7+t8Yt9j8AAABMI3f/2+IW+x8AAACmkbv/7XFLk/1//P2/9//r/y+w/9/R/yf9f/y86v/1/xdA/+/9/yv9/5GddD+/9OfX/+v/2Wy09//n7r95d+r12/8AAADQwc27fzy9ekfcYv8DAADANHL3vzNusf8BAABgGrn73xW3NNn/+n/9/4n3/97/X/T/8fOq/9f/XwD9v/5/pf8/spPu55f+/Pp//T+bjdb/5+5/d9zSZP8DAABAB7n73xO32P8AAAAwjdj9e7/53f4HAACAKb1394+nV++LW5rs/8b9/zUX2/9fdZc/1/+f//n1/8fS/9989vee/l//vyT6f/3/Ovp//f+Sn3+c/j8+cJ3+n/GM1v/n7n9/3NJk/wMAAEAHufs/ELfY/wAAADCN3P23xC32PwAAACzVOV1d7v4Pxi1N9n/j/n+S9//f77Z4Av3/vP2/9//HXVT/f7v+P+n/9f/r6P/1/0t+/nH6f+//Z1yj9f+5+z8UtzTZ/wAAANBB7v4Pxy32PwAAAEwjd/9H4hb7HwAAAKaRu/+jcUuT/a//X3r/7/3/+n/9/5D9v/f/F/2//n8d/f/O7r+J6P+X+fz6f/0/m43W/+fu/1jc0mT/AwAAQAe5+z8et9j/AAAAMI3c/Z+IW+x/AAAAmEbu/k/GLU32v/5f/7+t/v/OH0T/36T/v17/v9L/H0j/r/9fR//v/f9Lfn79v/6fzUbr/3P3fypuabL/AQAAoIPc/Z+OW+x/AAAAmEbu/s/ELfY/AAAATCN3/2fjhnve/eQe6XidOuDj0Zvr//X/Dd7/f1r/7/3/655f/79dl67/3/3/cP3/Bvr//V+H/l//r//X/7Ndo/X/ufs/F7f49X8AAACYRu7+z8ct9j8AAABMI3f/F+IW+x8AAACmkbv/i3FLk/2v/9f/N+j/Z33//1X6//3Pr/8fk/f/6//X0f/r/5f8/Pp//T+bjdb/5+7/UtzSZP8DAABAB7n7vxy32P8AAAAwjdz9X4lb7H8AAACYRu7+r8YtTfa//l//r/9fbP/v/f9nPb/+f0z6f/3/Ovp//f+Sn1//r/9ns9H6/9z9X4tbmux/AAAA6CB3/9fjFvsfAAAAppG7/xtxi/0PAAAA08jd/824pcn+1//r//X/+n/9v/5/m/T/+v919P/6/2N4/vw20f/r/xnQaP1/7v5vxS1N9j8AAAB0kLv/23GL/Q8AAACjO/u3dx4od/934hb7HwAAAKaRu/+7cUuT/T9z/7/u0/T/e/T/+v+V/l//v2X6/6P3/4f5YvT/e/T/RzNJ/+/9//p/BjZa/5+7/3txS5P9DwAAAB3k7v9+3GL/AwAAwDRy9/8gbrH/AQAAYBq5+38YtzTZ/zP3/+vo//fo//X/K/2//n/L9P/e/7+O/l//v+Tn1//r/9nshPr/U6sD+v/c/T+KW5rsfwAAAOggd/+tcYv9DwAAANPI3f/juMX+BwAAgGnk7v9J3DLP/r//LWv+pv7/2Pv/3W8i/b/+f6X/1//r/3fp//X/6+j/9f9Lfn79v/6fzUZ7/3/u/p/GLfPsfwAAAGgvd//P4hb7HwAAAKaRu//ncYv9DwAAANPI3f+LuKXJ/tf/j/H+/3wG/b/+f8v9/2Ur/b/+/xLT/+v/19H/6/+X/Pz6f/0/m43W/+fu/2Xc0mT/AwAAQAe5+38Vt9j/AAAAMI3c/b+OW+x/AAAAmEbu/t/ELU32/0X3/xlq6P93HbX/v7j3/5+pp/X/J9n/75zzzx+w//f+f/3/Jaf/1/+vo//X/y/5+bP/z+87/b/+n3ON1v/n7v9t3NJk/wMAAEAHuft/F7fY/wAAADCN3P2/j1vsfwAAAJhG7v4/xC1N9r/3/8/Q/3v//xj9/7n/fP3/9vr/Oz+m/18G/b/+fx39v/5/yc/v/f/6fzYbrf/P3X9b3NJk/wMAAEAHufv/GLfY/wAAADCN3P1/ilvsfwAAAJhG7v7b45Ym+1//r/+fsv+/Uv8/e//v/f/LMVb/v3PkH0f/v0f/v5/+X/+v/9f/s95o/X/u/j/HLU32PwAAAHSQu/8vcYv9DwAAANPI3f/XuMX+BwAAgGnk7v9b3NJk/+v/9f8X3v+fqq972P7f+//1//r/YYzV/x/duf3/Ffp//f9F9/833rT3Yf3/Mp9f/6//Z7PR+v/c/X+PW5rsfwAAAOggd/8/4hb7HwAAAKaRu/+fcYv9DwAAANPI3f+vuKXJ/p+9/7/vAZ+m/98z7fv/9f/6f/3/MObt/4d8///V99jw+fr//V/HSff/3v+/7OfX/+v/2Wy0/j93/x1xS5P9DwAAAB3k7v933GL/AwAAwNg2/ea3u8jd/5+4xf4HAACAaeTu/2/c0mT/z97/H0T/v0f/r/9f6f/1/1um//f+/3X0//r/JT+//l//z2aj9f+5+/8fAAD//9bOI+k=") mkdir(&(0x7f00000004c0)='./bus\x00', 0x0) (async) r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f00000055c0), 0x880, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0x7) (async) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000180)=0x81) (async) ioctl$TIOCOUTQ(r0, 0x5411, &(0x7f0000005600)) ioctl$TCSETSW(r1, 0x5403, &(0x7f00000056c0)={0x7, 0x401, 0x8, 0x7, 0x8, "48bcdfc1f25d55ba0b1f824f78c2500dd80dc2"}) (async) r2 = socket$nl_route(0x10, 0x3, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000080)=""/221, 0xdd}, {&(0x7f00000002c0)=""/194, 0xc2}, {&(0x7f00000001c0)=""/2, 0x2}], 0x3, &(0x7f0000000240)=""/17, 0x11}, 0x3}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f00000003c0)=""/221, 0xdd}, {&(0x7f00000004c0)=""/65, 0x41}, {&(0x7f0000000540)=""/194, 0xc2}], 0x3, &(0x7f0000000680)=""/96, 0x60}, 0xe317}, {{&(0x7f0000000700)=@l2tp6={0xa, 0x0, 0x0, @private1}, 0x80, &(0x7f0000000800)=[{&(0x7f0000000780)=""/99, 0x63}], 0x1, &(0x7f0000000840)=""/5, 0x5}, 0x28000}, {{&(0x7f0000000880)=@pppoe={0x18, 0x0, {0x0, @multicast}}, 0x80, &(0x7f0000000cc0)=[{&(0x7f0000000900)=""/91, 0x5b}, {&(0x7f0000000980)=""/235, 0xeb}, {&(0x7f0000000a80)=""/182, 0xb6}, {&(0x7f0000000b40)=""/140, 0x8c}, {&(0x7f0000000c00)=""/49, 0x31}, {&(0x7f0000001cc0)=""/4096, 0x1000}, {&(0x7f0000000c40)=""/79, 0x4f}], 0x7, &(0x7f0000000d40)=""/168, 0xa8}, 0x6}, {{0x0, 0x0, &(0x7f0000002d40)=[{&(0x7f0000000e00)=""/41, 0x29}, {&(0x7f0000002cc0)=""/102, 0x66}], 0x2, &(0x7f0000002d80)=""/113, 0x71}, 0x4}, {{&(0x7f0000002e00)=@l2={0x1f, 0x0, @fixed}, 0x80, &(0x7f00000052c0)=[{&(0x7f0000002e80)=""/67, 0x43}, {&(0x7f0000002f00)=""/4096, 0x1000}, {&(0x7f0000003f00)=""/214, 0xd6}, {&(0x7f0000004000)=""/4, 0x4}, {&(0x7f0000004040)=""/62, 0x3e}, {&(0x7f0000004080)=""/136, 0x88}, {&(0x7f0000004140)=""/252, 0xfc}, {&(0x7f0000004240)=""/20, 0x14}, {&(0x7f0000004280)=""/40, 0x28}, {&(0x7f00000042c0)=""/4096, 0x1000}], 0xa, &(0x7f0000005380)=""/121, 0x79}, 0xd10}], 0x6, 0x12020, &(0x7f0000005580)={0x77359400}) (async) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000040)={'vcan0\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@setlink={0x20, 0x13, 0x1, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, 0x88a2, 0x1011}}, 0x20}, 0x1, 0x0, 0x0, 0x4008844}, 0x10000016) (async) syz_mount_image$udf(&(0x7f0000000f00), &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xa00010, &(0x7f0000000e40)={[{@iocharset={'iocharset', 0x3d, 'iso8859-1'}}, {@nostrict}, {@uid_forget}, {@anchor={'anchor', 0x3d, 0x91}}, {@gid}, {@dmode={'dmode', 0x3d, 0x1}}, {@undelete}, {@partition={'partition', 0x3d, 0x1}}, {@unhide}]}, 0x1, 0xc47, &(0x7f0000001040)="$eJzs3U9sHNd9B/DfGy3FldxWTOwqThoHm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9vCRlD0wBYBAhQIGMzsW3FJkTYtkhKlfD4G9Z2deW/mvZn1jCTozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xrl0+kzaYsOhh9AYAOCBuDL65dNnt3r+AwCPravb/fkfAAAAAAAAAAAAAAA4KFIU8WSkmL2ymsarzx31y+2+23fGhoa3rnYkVTUPVeXLn/qZs+fOf+GFwQvdvNye/oD6e+1T8dro1UuNl2duzc5Nzs9PTjTGptvXZyYmd7yH3dbf7GR1Ahq3Xr89cePGfOPs8+c2bL4z8H7/E8cHLg4+e+qZbtmxoeHh0fUi9d7ytftuSMd2IzwORxGnIsVz3/lxakVEEbs/F/UHe+03O1J14mTVibGh4aojU+3W9EK5caR7IoqIRk+lZvccbX0totb3QPuwvWbEYtn8ssEny+6NzrbmWtemJhsjrbmF9kJ7ZnokdVpb9qcRRVxIEUsRsdJ/7+76oohapPjWsdV0Lb/1ozoPn68GBm/fjmIf+7gDZTsbfRFLxSNwzQ6w/iji1Ujxk3dOxPV8n6nuNZ+LeLXM70W8VeZLEan8YpyPeG+L7xGPploU8efl9b+4miaq+0H3vnL5K40vTd+Y6Snbva98xOfDPXeKh/R8OLIpH4wDfm+qRxGt6o6/mu7/NzsAAAAAAAAAAAAAAAAA7LUjUcQnI8Ur//ZH1bjiqMalH7s4+PsDv9w7ZvzpD9lPWfb5iFgsdjYm93AeGDiSRlJ6yGOJf5HVo4g/zuP/vvGwGwMAAAAAAAAAAAAAAAAAAPALrYgfRYoX3z2RlqJ3TvH29M3G1da1qc6ssN25f7tzpq+tra01UiebOcdzLuZcyrmccyVnFLl+zmbO8ZyLOZdyLudcyRmHcv2czZzjORdzLuVczrmSM2q5fs5mzvGcizmXci7nXMkZB2TuXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAx0kRRfwsUnzza6spUkQ0I8ajk8v9D7t1AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECpPxXx3UjR+IPm3XW1iP7eMifKX85H83CZH4/mYJkvRfNSzlaVteY3HnDb2b2+VMQPI0V//e1IeV0tolzu63xKd8u+9fX1T5+qdfJQd+PA+/1PHD92cXD4M09vt5y2asDJy+3p23caY0PDw6M9q2v56B/vWTeQj1vsTdeJiPk33ny9NTU1OXf/C+VXYBfVH6GFVNttT//jWMTD7oWFHS9E7UA04+H0fYP6w7pBsa/K5/97keK33/337gO/8/yvxy91Pt19wsdP/2T9+f/i5h3t8Plf21wvP//LZ/pWz/8ne9a9mH830leLqC/cmu07HlGff+PNU+1brZuTNyenz58+/cXBwS+eO913OKJ+oz012bO0J6cLAAAAAAAAAAAAAAAA4MFJRfxupGj9cDU1IuJONV5r4OLgs6eeORSHqvFWG8ZtvzZ69VLj5Zlbs3OT8/OTE42x6fb1mYnJnR6uXg33Ghsa3pfOfKgj+9z+I/WXZ2bfmGvf/MOFLbcfrV+6Nr8w17q+9eY4EkVEs3fNyarBY0PDVaOn2q3pqurIloPpP7q+VMR/Rorr5xvps3ldHv+/eYT/hvH/i5t3tIfj/z9zdH3838d6ipbHTKmIn0aK3/qLp+OzVTuPxj3nLJf7m0hx8sKnc7k4XJbrtqHzXoHOyMCy7P9Gin/42cay3fGQT66XPfORTu4joLz+xyLFd//s2/Hred3G9z9sff2Pbt7RPr3/4amedUc3vK9g110nX/9TkeKlJ9+O36jW/P8Hvv+j++6NE53C6+/n2Kfr/6s96wbycX9zrzoPAAAAAAAAAADwCOtLRfxtpPj+cC29kNft5N//TWze0T79+69P9Kyb2Jv5ij5kwexSAAAAADw++lIRP4oUNxfevjuGeuP4757xn7+zPv5zKG3aWv09369U7w3Yy7//6zWQjzu++24DAAAAAAAAAAAAAAAAAADAgZJSES/k+dTHq/H8E9vOp74cKV757+dyuXS8LNedB36g+rV+ZWb61KWpqZl6LLSuTU02Rmdb1yfLuk9FitW//nSuW1Tzq3fnm+/M8b4+F/tcpBj+u27Zzlzs3bnJn1ove6Ys+7FI8V9/v7Fsnpo6zx1dlT1blv2rSPHVf9q67PH1sufKst+OFD/4aqNb9mhZtvt+1E+sl33++oz3hQIAAAAAAAAAAAAAAAAAALB7famIP40U/3Nr6e5Y/jz/f1/Px8pbX++Z73+TO9U8/wPV/P/bLd/P/P/VewUWtzsqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8nlIU8WakmL2ympb7y88d9cvt6dt3xoaGt652JFU1D1Xly5/6mbPnzn/hhcEL3fzg+nvtk/Ha6NVLjZdnbs3OTc7PT040xqbb12cmJne8h93W3+xkdQIat16/PXHjxnzj7PPnNmy+M/B+/xPHBy4OPnvqmW7ZsaHh4dGeMrW++z76PdI26w9HEX8ZKZ77zo/T9/sjitj9ufiQ785+O1J14mTVibGh4aojU+3W9EK5caR7IoqIRk+lZvccPYBrsSvNiMWy+WWDT5bdG51tzbWuTU02RlpzC+2F9sz0SOq0tuxPI4q4kCKWImKl/97d9UURr0eKbx1bTf/cH3Goex4+f2X0y6fPbt+OYh/7uANlOxt9EUvFI3DNDrD+KOIfI8VP3jkR/9IfUYvOT3wu4tUyvxfxVnSudyq/GOcj3tvie8SjqRZF/F95/S+upnf6y/tB975y+SuNL03fmOkp272vPPLPhwfpgN+b6lHED6o7/mr6V/9fAwAAAAAAAAAAAAAAABwgRfxapHjx3ROpGh98d0xxe/pm42rr2lRnWF937F93zPTa2tpaI3WymXM852LOpZzLOVdyRpHr52yWWV9bG8+fF3Mu5VzOuZIzDuX6OZs5x3Mu5lzKuZxzJWfUcv2czZzjORdzLuVczrmSMw7I2D0AAAAAAAAAAAAAAAAAAODxUlT/pfjm11bTWn9nfunx6OSy+UAfez8PAAD//17092s=") (async) r4 = bpf$ITER_CREATE(0x21, &(0x7f0000005640), 0x8) ioctl$SIOCSIFHWADDR(r4, 0x8924, &(0x7f0000005680)={'lo\x00', @link_local}) [ 101.388742][ T4671] Bluetooth: hci0: command tx timeout [ 101.798837][ T5330] loop0: detected capacity change from 0 to 32768 [ 101.926688][ T5330] syz.0.0: attempt to access beyond end of device [ 101.926688][ T5330] loop0: rw=8388609, sector=4680032, nr_sectors = 8 limit=32768 [ 101.933016][ T5330] metapage_write_end_io: I/O error [ 101.974700][ T5331] sp0: Synchronizing with TNC [ 101.992117][ T5330] ERROR: (device loop0): release_metapage: metapage_write_one() failed [ 101.992117][ T5330] [ 102.037160][ T5330] ERROR: (device loop0): remounting filesystem as read-only [ 102.040490][ T5330] ================================================================== [ 102.044093][ T5330] BUG: KASAN: slab-use-after-free in release_metapage+0x760/0xac0 [ 102.047647][ T5330] Read of size 8 at addr ffff88804220f9d8 by task syz.0.0/5330 [ 102.051043][ T5330] [ 102.053068][ T5330] CPU: 0 UID: 0 PID: 5330 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 102.053102][ T5330] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 102.053109][ T5330] Call Trace: [ 102.053146][ T5330] [ 102.053168][ T5330] dump_stack_lvl+0xe8/0x150 [ 102.053187][ T5330] print_report+0xba/0x230 [ 102.053200][ T5330] ? release_metapage+0x760/0xac0 [ 102.053213][ T5330] kasan_report+0x117/0x150 [ 102.053225][ T5330] ? release_metapage+0x760/0xac0 [ 102.053239][ T5330] release_metapage+0x760/0xac0 [ 102.053254][ T5330] diAllocAG+0x1740/0x1db0 [ 102.053274][ T5330] ? __pfx_diAllocAG+0x10/0x10 [ 102.053287][ T5330] ? dbNextAG+0x52e/0x640 [ 102.053302][ T5330] ? do_raw_spin_lock+0x12b/0x2f0 [ 102.053317][ T5330] diAlloc+0x1d5/0x1680 [ 102.053330][ T5330] ? do_raw_spin_unlock+0x4d/0x210 [ 102.053343][ T5330] ? new_inode+0x150/0x170 [ 102.053353][ T5330] ialloc+0x8c/0x8f0 [ 102.053364][ T5330] jfs_mkdir+0x1e1/0xb00 [ 102.053376][ T5330] ? __pfx_jfs_mkdir+0x10/0x10 [ 102.053392][ T5330] ? make_vfsuid+0x49/0xa0 [ 102.053405][ T5330] ? generic_permission+0x2e4/0x690 [ 102.053417][ T5330] ? inode_permission+0x2fd/0x5f0 [ 102.053426][ T5330] ? bpf_lsm_inode_mkdir+0x9/0x20 [ 102.053442][ T5330] vfs_mkdir+0x753/0x870 [ 102.053458][ T5330] do_mkdirat+0x27d/0x4b0 [ 102.053472][ T5330] ? __pfx_do_mkdirat+0x10/0x10 [ 102.053484][ T5330] ? strncpy_from_user+0x150/0x2b0 [ 102.053563][ T5330] ? getname_flags+0x1e4/0x540 [ 102.053579][ T5330] __x64_sys_mkdir+0x6c/0x80 [ 102.053592][ T5330] do_syscall_64+0xe2/0xf80 [ 102.053685][ T5330] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 102.053697][ T5330] ? trace_irq_disable+0x37/0x100 [ 102.053708][ T5330] ? clear_bhb_loop+0x60/0xb0 [ 102.053721][ T5330] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 102.053732][ T5330] RIP: 0033:0x7fe055f9aeb9 [ 102.053760][ T5330] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 102.053769][ T5330] RSP: 002b:00007fe056dc5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 102.053782][ T5330] RAX: ffffffffffffffda RBX: 00007fe056215fa0 RCX: 00007fe055f9aeb9 [ 102.053790][ T5330] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00002000000004c0 [ 102.053796][ T5330] RBP: 00007fe056008c1f R08: 0000000000000000 R09: 0000000000000000 [ 102.053802][ T5330] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 102.053808][ T5330] R13: 00007fe056216038 R14: 00007fe056215fa0 R15: 00007ffed902a478 [ 102.053819][ T5330] [ 102.053823][ T5330] [ 102.161773][ T5330] Allocated by task 5330: [ 102.163699][ T5330] kasan_save_track+0x3e/0x80 [ 102.165745][ T5330] __kasan_slab_alloc+0x6c/0x80 [ 102.167899][ T5330] kmem_cache_alloc_noprof+0x370/0x6e0 [ 102.170176][ T5330] mempool_alloc_noprof+0x1ce/0x300 [ 102.172416][ T5330] __get_metapage+0x50c/0xde0 [ 102.174491][ T5330] diAllocAG+0x165d/0x1db0 [ 102.176471][ T5330] diAlloc+0x1d5/0x1680 [ 102.178290][ T5330] ialloc+0x8c/0x8f0 [ 102.179994][ T5330] jfs_mkdir+0x1e1/0xb00 [ 102.181592][ T5330] vfs_mkdir+0x753/0x870 [ 102.183331][ T5330] do_mkdirat+0x27d/0x4b0 [ 102.185068][ T5330] __x64_sys_mkdir+0x6c/0x80 [ 102.187040][ T5330] do_syscall_64+0xe2/0xf80 [ 102.189005][ T5330] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 102.191657][ T5330] [ 102.192774][ T5330] Freed by task 75: [ 102.194469][ T5330] kasan_save_track+0x3e/0x80 [ 102.196555][ T5330] kasan_save_free_info+0x46/0x50 [ 102.198699][ T5330] __kasan_slab_free+0x5c/0x80 [ 102.200832][ T5330] kmem_cache_free+0x195/0x610 [ 102.202975][ T5330] mempool_free+0xec/0x130 [ 102.204931][ T5330] metapage_release_folio+0x40e/0x540 [ 102.207436][ T5330] shrink_folio_list+0x2164/0x5160 [ 102.209755][ T5330] evict_folios+0x4795/0x5880 [ 102.211929][ T5330] try_to_shrink_lruvec+0x88b/0xb20 [ 102.214299][ T5330] shrink_one+0x25c/0x710 [ 102.216278][ T5330] shrink_node+0x2f8b/0x35f0 [ 102.218380][ T5330] kswapd+0x144c/0x2800 [ 102.220273][ T5330] kthread+0x726/0x8b0 [ 102.222071][ T5330] ret_from_fork+0x51b/0xa40 [ 102.224082][ T5330] ret_from_fork_asm+0x1a/0x30 [ 102.225859][ T5330] [ 102.226841][ T5330] The buggy address belongs to the object at ffff88804220f9b0 [ 102.226841][ T5330] which belongs to the cache jfs_mp of size 184 [ 102.232573][ T5330] The buggy address is located 40 bytes inside of [ 102.232573][ T5330] freed 184-byte region [ffff88804220f9b0, ffff88804220fa68) [ 102.238439][ T5330] [ 102.239558][ T5330] The buggy address belongs to the physical page: [ 102.242406][ T5330] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4220f [ 102.246263][ T5330] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 102.249287][ T5330] page_type: f5(slab) [ 102.250935][ T5330] raw: 04fff00000000000 ffff88801c921dc0 dead000000000122 0000000000000000 [ 102.254722][ T5330] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 102.258344][ T5330] page dumped because: kasan: bad access detected [ 102.261387][ T5330] page_owner tracks the page as allocated [ 102.263821][ T5330] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xd2800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5330, tgid 5329 (syz.0.0), ts 101835748516, free_ts 101527296084 [ 102.271882][ T5330] post_alloc_hook+0x228/0x280 [ 102.273993][ T5330] get_page_from_freelist+0x24dc/0x2580 [ 102.276341][ T5330] __alloc_frozen_pages_noprof+0x18d/0x380 [ 102.278960][ T5330] alloc_pages_mpol+0x232/0x4a0 [ 102.281138][ T5330] allocate_slab+0x86/0x3a0 [ 102.282976][ T5330] ___slab_alloc+0xd82/0x1760 [ 102.284870][ T5330] __slab_alloc+0x65/0x100 [ 102.286764][ T5330] kmem_cache_alloc_noprof+0x3fe/0x6e0 [ 102.289119][ T5330] mempool_alloc_noprof+0x1ce/0x300 [ 102.291416][ T5330] __get_metapage+0x50c/0xde0 [ 102.293499][ T5330] diReadSpecial+0x25b/0x710 [ 102.295536][ T5330] jfs_mount+0x73/0x870 [ 102.297379][ T5330] jfs_fill_super+0x6bc/0xd80 [ 102.299320][ T5330] get_tree_bdev_flags+0x431/0x4f0 [ 102.301554][ T5330] vfs_get_tree+0x92/0x2a0 [ 102.303631][ T5330] do_new_mount+0x329/0xa50 [ 102.305657][ T5330] page last free pid 788 tgid 788 stack trace: [ 102.308444][ T5330] __free_frozen_pages+0xbf8/0xd70 [ 102.310657][ T5330] vfree+0x25a/0x400 [ 102.312393][ T5330] delayed_vfree_work+0x55/0x80 [ 102.314522][ T5330] process_scheduled_works+0xaec/0x17a0 [ 102.316893][ T5330] worker_thread+0xda6/0x1360 [ 102.319085][ T5330] kthread+0x726/0x8b0 [ 102.320930][ T5330] ret_from_fork+0x51b/0xa40 [ 102.322954][ T5330] ret_from_fork_asm+0x1a/0x30 [ 102.325002][ T5330] [ 102.326021][ T5330] Memory state around the buggy address: [ 102.328384][ T5330] ffff88804220f880: fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 00 [ 102.332024][ T5330] ffff88804220f900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 102.335553][ T5330] >ffff88804220f980: fc fc fc fc fc fc fa fb fb fb fb fb fb fb fb fb [ 102.339002][ T5330] ^ [ 102.342016][ T5330] ffff88804220fa00: fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc [ 102.345580][ T5330] ffff88804220fa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 102.348994][ T5330] ================================================================== [ 102.443648][ T5330] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 102.446889][ T5330] CPU: 0 UID: 0 PID: 5330 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 102.450824][ T5330] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 102.455229][ T5330] Call Trace: [ 102.456627][ T5330] [ 102.457968][ T5330] vpanic+0x1e0/0x670 [ 102.459676][ T5330] panic+0xc5/0xd0 [ 102.461336][ T5330] ? __pfx_panic+0x10/0x10 [ 102.463296][ T5330] ? preempt_schedule_thunk+0x16/0x30 [ 102.465636][ T5330] ? release_metapage+0x760/0xac0 [ 102.467830][ T5330] ? preempt_schedule_thunk+0x16/0x30 [ 102.470207][ T5330] ? release_metapage+0x760/0xac0 [ 102.472418][ T5330] check_panic_on_warn+0x89/0xb0 [ 102.474676][ T5330] ? release_metapage+0x760/0xac0 [ 102.476838][ T5330] end_report+0x6f/0x140 [ 102.478707][ T5330] kasan_report+0x128/0x150 [ 102.480667][ T5330] ? release_metapage+0x760/0xac0 [ 102.482932][ T5330] release_metapage+0x760/0xac0 [ 102.485078][ T5330] diAllocAG+0x1740/0x1db0 [ 102.487047][ T5330] ? __pfx_diAllocAG+0x10/0x10 [ 102.489081][ T5330] ? dbNextAG+0x52e/0x640 [ 102.490983][ T5330] ? do_raw_spin_lock+0x12b/0x2f0 [ 102.493180][ T5330] diAlloc+0x1d5/0x1680 [ 102.495034][ T5330] ? do_raw_spin_unlock+0x4d/0x210 [ 102.497259][ T5330] ? new_inode+0x150/0x170 [ 102.499274][ T5330] ialloc+0x8c/0x8f0 [ 102.500996][ T5330] jfs_mkdir+0x1e1/0xb00 [ 102.502889][ T5330] ? __pfx_jfs_mkdir+0x10/0x10 [ 102.505040][ T5330] ? make_vfsuid+0x49/0xa0 [ 102.507044][ T5330] ? generic_permission+0x2e4/0x690 [ 102.509296][ T5330] ? inode_permission+0x2fd/0x5f0 [ 102.511477][ T5330] ? bpf_lsm_inode_mkdir+0x9/0x20 [ 102.513676][ T5330] vfs_mkdir+0x753/0x870 [ 102.515488][ T5330] do_mkdirat+0x27d/0x4b0 [ 102.517368][ T5330] ? __pfx_do_mkdirat+0x10/0x10 [ 102.519464][ T5330] ? strncpy_from_user+0x150/0x2b0 [ 102.521615][ T5330] ? getname_flags+0x1e4/0x540 [ 102.523773][ T5330] __x64_sys_mkdir+0x6c/0x80 [ 102.525805][ T5330] do_syscall_64+0xe2/0xf80 [ 102.528338][ T5330] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 102.531559][ T5330] ? trace_irq_disable+0x37/0x100 [ 102.534293][ T5330] ? clear_bhb_loop+0x60/0xb0 [ 102.536813][ T5330] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 102.539750][ T5330] RIP: 0033:0x7fe055f9aeb9 [ 102.541974][ T5330] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 102.550525][ T5330] RSP: 002b:00007fe056dc5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 102.554231][ T5330] RAX: ffffffffffffffda RBX: 00007fe056215fa0 RCX: 00007fe055f9aeb9 [ 102.557669][ T5330] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00002000000004c0 [ 102.561044][ T5330] RBP: 00007fe056008c1f R08: 0000000000000000 R09: 0000000000000000 [ 102.564500][ T5330] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 102.567908][ T5330] R13: 00007fe056216038 R14: 00007fe056215fa0 R15: 00007ffed902a478 [ 102.571089][ T5330] [ 102.572809][ T5330] Kernel Offset: disabled [ 102.574966][ T5330] Rebooting in 86400 seconds..