program: syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x4000, &(0x7f00000000c0)=ANY=[], 0xff, 0x5fc4, &(0x7f0000006400)="$eJzs3U9vHGcdB/Df/vHacds0qlAVIg5uyp+W0vxPoPxryoEDHEBCPZPIdauUFFASEK0i4soHxAV4CXDphUPfAi+grwHxAoiU9NQDZdDYz+OMN+usTeKZXT+fj7SZ+c2z430m3x3PrGdmJwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA+NEPf3a2FxFXfpsmHIt4OgYR/Ygjdb0S9cjl/PxhRByPzeZ4PiIGixH1/Jv/PBtxISI+ORpx7/7t1XryuT324+KZWzc+//EP/vmHP28cf/etn3803v7TL5z/+I93Io795LWPP7/zZJYdAAAASlFVVdVLH/NPpM/3/a47BQC0Im//qyRPV6vVavUTrf/U38/zn36q6/6qD2ndVE12p1lExHpznnqfweF4AJgz6/FZ112gQ/Iv2jAinuq6E8BM63XdAQ7Evfu3V3sp315ze7Cy1Z7/Trkj//Xe9vUduw2nGT/HpK3310YM4rld+nOkpT7Mkpx/fzz/K1vto/S8g86/LbvlP9q69Kk4Of/BeP5jduT/l4iY2/z7E/MvVc5/uJ/81wdzvP7LHwAAAACAwy///f9Yx8d/Fx9/UfbkUcd/V1rqAwAAAAAAAAA8aY97/79t7v8HAAAAM6v+rF7769EH03b7LrZ6+pu9iGfGng8UZqXx5YAAAAAAAAAAAAAAQDuGEcvpvP6FiHhmebmqqvrRNF7v1+POP+9KX34oWde/5AEAYMsnR8eu5e9FLEXEm+m7/haWl5eraiEilqsji3l/drS4VB1pfK7Nw3ra4mgPO8TDUVX/sKXGfE3TPi9Pax//efVrjarBHjrWjg4DB4CI2Noa3bNFOmSq6tnoei+H+WD9P3ys/+xF1+9TAAAA4OBVVVX10td5n0jH/PtddwoAaEXe/o8fF1Cr1epi6k+3Js5Mf9TqA6ybqsnuNIuIWG/OU+8zuB0/AMyZ9fis6y7QIfkXbRgRx7vuBDDTel13gANx7/7t1V7Kt9fcHqxstedzQXbkv97bnC/PP2k4zfg5Jm29vzZiEM/t0p/nW+rDLMn598fzv7LVnm/xv53P0sHk35bd8q+X81gH/elazn8wnv+Yg17/27IR/Yn5lyrnP9xX/gP5AwAAAADADMt//z/m+G9eZAAAAAAAAACYO/fu317N173m4/9fmvC8XnPM9Z+HRs6/t+f8Xf97mOT8++P5j52QM2iM333jQf6f3r+9+tGtf38xD2c+/4XBqH7thV5/MEzn/FQLb8e1uB5rceah5w93tJ99qH1hR/u5Ke3nH2of1e1HcvupWI1fxfV4a7t9ccqJUUtT2qsp7Tn/gfW/SDn/YeNR57+c2ntjw9rdD/sPrffN4aTXufz3/3z14bWrDcMd1UYMtpet4Wj9z8nW+vTA5v/JU6P4zc21G6d+d/XWrRtnIw12TD0XafCE5fwX0iPn/9KLW+35935zfb374Wjf+c+KjRhOyn/z/f1iY7xe3pdb7lsXcv6j9Mj55y3Q5PV/nvOfuP5vLt8rHfQHAAAAAAAAAAAAAAAAHqWqqs1LRC9HxKV0/U9X12YCAO3K2/8qydPVarVarVYfvrqpmuz1ZhER/2jOU+8z/H7SDwMAZtl/I+JfXXeCzsi/YPn7/urhl7vuDNCqm+9/8Iur16+v3bjZdU8AAAAAAAAAgP9Xvv/nSuP+z5vnAY3dN3rH/V/fiJW5vf9nfzTYvNd5WqAX4tH3/z4Zj77/93DK6y1MaR9NaV+c0r40pX3ihR4NOf8XUsY5/xNpwUq6/+tLHfSnazn/k+lezzn/r409r5l/9bd5zr+/I//Tt9779emb73/w6rX3rr6z9s7aL8+euXTh/MUL5y9ePP32tetrZ7b+7bDHByvnn+997TzQsuT8c+byL0vO/yupln9ZUv7bu6HyL0te//P+nvzLkvPPn33kX5ac/8upln9Zcv5fT7X8y5LzfyXV8i9Lzv8bqZZ/WXL+r6Za/mXJ+Z9KtfzLkvM/nWr5lyXnn49wyb8sOf98ZoP8y5LzP5dq+Zcl538+1fIvS87/QqrlX5ac/8VUy78sOf9LqZZ/WXL+30y1/MuS8/9WquVflpz/a6mWf1ly/t9OtfzLkvP/TqrlX5ac/3dT/aj8322xX7Qj5/+9VFv/y5Lz/36q5V+WnP/rqZZ/WR58/7+RfY8sz0Y3jBh58iNd/2YCAAAAAAAAAAAAAMa1cTpx18sIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwP3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhb17jZGrvO8HfvZmrw0B/8OdOGCbm4GF3fUNHGIwScifkl4oCWnTkhrHXhsnvtW7TgChsim0JQpSkdoX9EXTJEqiSG0FqiI1lWiE1Ejtm6p51QhVilopUl0JKgcllVIFtjpznufZmdnZmbW9a5855/OJ8M/eOWfmmTNnZve70XcGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg2cYPT/3RQJZl+X+NP9Zl2cX539dku/N/zu640CsEAAAAztU7jT//6tL0hd1L2Klpm3+87l++Mzc3N5d95u1T7/7J3Fy6YEOWDa3OssZl0T/9/GdzzdsEz2WjA4NN/x7scfNDPS4f7nH5SI/LV/W4fHWPy0d7XL7gACywpvh9TOPKbmz8dV1xSLPLs5HGZTd22Ou5gdWDg/F3OQ0DjX3mRg5kh7LD2VQ2sWCfgcb/suy1jfltPZjF2xpsuq31WZad/skz++IaBsIxvjFrubGG5sfurfuzDW//5Jl935p585pOs+dhWLDSLNu8KV/n81k2/+uqbCBbnY5JXOdg0zrXd1jnUMs6Bxr75X9vX+fpJa4z3u/RsM4fdFnn+vC1J2/Ismw2W3Sbds9lg9natltNx3u0OCPy68gfyvdmw2d0nmxcwnmS7/PjG1rPk/ZzMh7/jeGYDC+yhuaH460vrlpw3M/2PMnvdRnO1fy6H85vdHS0+VerLedqvs0zNy1+DnR87DqcA+lcbjoHNvU6BwZXDTXOgcH5NW9qOQcmF+wzmA00buvUTd3PgfGZI8fHp596+o5DR/YenDo4dXRyYse2rdu3bd2+ffzAocNTE8WfZ3ZI+8jabDCdg5vCa008B29p27b5lJz72vI9D0ZL8jzI7/snbs4XdPFgtsg5nm/z/OZzfx6k7/tNz4PhpudBx9fUDs+D4SU8D/JtTm9e2vfM4ab/Oq1hpV4L1zWdAxfy+2F+m4/duvhr4fqwrhduO9Pvh0MLzoF4twbCcy//Svp5b/TucFwWnhfX5hdctCo7OT114s4n987MnJjMwjgvLmt6rNrPl7VN9ylbcL4MnvH5svsvf3HztR2+vi4cq9Hb5x+rVR0eh3ybbWPdH6vGq3vn49ny1S1ZGMvsfB/PTt/N8uOZskSXcz/f5vk7zv1nwZRLml7/Rnq9/g2NDBevf0PpaIy0vP4tfGiGGivLstN3LO31byT8d75f/y4vyetffqweu7P7OZBv88L4mZ4Dw11f/24IcyCs59aQGEabcv+7jctni9O06bHsed4MD4+E82Y43mLrebN1wT75teW3vXni7M6bzTe0PlYtP7dU8LzJj9WfTnQ/b/JtXp8899eONfGvTa8dq3qdAyNDq/L1jqSToHi9m1sTz4E7s33Zsexwtj/tkz/K+W2NbVnaObAq/He+XzuuLsk5kB+rl7d0Pwfybb6/dXl/dtocvpK2afrZqf33C4tl/muH56+v/bAtd+bP1/mRbd1/N5Rv8+a2M80Z3Y/T7eErF3U4Tu3Pn8XO6f3Z+TlOV4d1Ht7e/XdT+TaX71ji+bQ7y7I3Jt9o/L4r/H73b07+63dafu/b6XfKb0y+8dD4Iz88k/UDAHD23m38Obuq+Fmz6f+xXsr//w8AAAD0hZj7B8NM5H8AAACojJj7h8JM5H8AAACojJj7h8NMapL/n7h75yvvPJuldwOcC+Ll8TA8fG+xXex4z4Z/b5ibl3/9Q98YeeVLzy7ttgezLPvFQ+/ruP0T98Z1FY7HdX6g9esLXH39km7/8Ufnt2t+/4TTO4vrj/dnqadB7Cq/Nr6lcb0bnppszNcfyhrzkdkXniuuv/h33P7U1mL7Pw9vWrL7wEDL/pvDem4Mc0N4T5mHd88fh3zG/V5Zf90/XPbJ+duL+w1suqRxN1/+veJ643tEvXRZsX2834ut/++//O1X8u2fvKnz+p8d7Lz+U+F6fxzmz3cV2zcf8y81rf8Pwvrj7cX97vz69zqu/9Wriu1fDefFV8NsX//9f/z+dzo9XvF2dt9T7Bdvf+J/tjX2i9cXr799/aPPTrYcj/brf/3t4np2ff6nQ83bx6/H24kev6f1/B4Ij29LjzzLsm//YdZynLMPFvv9Xdv64/Udv6fz+m9vW+fxgesb+8/fn3Ut9+sr39zS8f7G9ez+63Ut9+elB8Lxe3v8+/n1nnoknI/h8v/9QXF97e9l+uoDra83cfuvriuet/H6xtvW/1Lb+mevz49d7/U/+Hax/lfvW92y/t0fDefTg8Xstf6Df3Fpy/5f+1bxeJz4wtjRY9MnD+0Pd2Zd2/N49eiatRdd/J5LLg2vpe3/3nNs5ompExsmNkxk2YY+fMvAlV7/18P872LMLv8tFH740+K8e/FjxfetW35W/Pul8PXHw+MZvz9+5c9GWs7X9sd99r5inuv6bwvrWKqrvvwf13f48n8ueM/fU59+7eTf/v6b7T8XxPtz/IrRxv17eeOVjcsGXi8ub3+96uXfr2h9Xv9oeKIxvxuO61x4Z+ZNVxa313798b1JXvx48fyNP8nF/bO29xNZN9R6P851/T8KP8d87+rW1794fnz32bZ3c16XDeRLmA2vD9lscXncKh7vF09f2fH24vvwZLPXnMkyFzX91PT44UNHTz45PjM1PTM+/dTTe44cO3l0Zk/jvUv3fLbX/vPP77WN5/f+qR3bssaz/VgxVtiFXv/xR/ftv2vi5v1TB/aePDDz6PGpEwf3TU/vm9o/ffPeAwemvtBr/0P7d01u2bn1ri1jBw/t33X3zp1bd44dOnosX0axqB52THxu7OiJPY1dpndt2zm5ffu2ibEjx/ZP7bprYmLsZK/9G9+bxvK9Pz92Yurw3plDR6bGpg89PbVrcueOHVt6vvvjkeMHpjeMnzh5dPzk9NSJ8eK+bJhpfDn/3tdrf+ph+lh4vWszEH46/9TtO9L74+a+8cVFr6rYpPXH0+yt8F5Q8ftbr3/H3D8SZlKT/A8AAAB1EHN/eOP/+QvkfwAAAKiMmPtXh5nI/wAAAFAZMfePhpnUJP/r/+v/6//r/+v/n8f+f6b/v9z0/5el/7+Q/v+S6P/r/+v/6//TXdn6/zH3r8myWuZ/AAAAqIOY+9eGmcj/AAAAUBkx918UZiL/AwAAQGXE3H9xmEk98v9I+1/1//X/9f+b+/9xW/3/TP9f//8s6f/r/3ej/6//38/rL2H/f43+P2VTtv5/zP3vCTOpR/4HAACAWoi5/5IwE/kfAAAAKiPm/kvDTOR/AAAAqIyY+9eFmdQk//v8f/1//X+f/6//r/+/kvT/9f+70f/X/+/n9Zew/+/z/ymdsvX/Y+7/f2EmNcn/AAAAUAcx9783zET+BwAAgMqIuf+yMBP5HwAAACoj5v7Lw0xqkv/1//X/9f/1//X/9f9Xkv6//n83+v/6//28fv1//X96K1v/P+b+K8JMapL/AQAAoA5i7r8yzET+BwAAgMqIuf+qMBP5HwAAACoj5v6rw0xqkv/1//X/9f/1//X/9f9Xkv6//n83+v/6//28fv1//X96K1v/P+b+a8JMapL/AQAAoA5i7r82zET+BwAAgMqIuf99YSbyPwAAAFRGzP3rw0xqkv/1//X/S9//H9T/1/8v6P/r/3eyvP3/wUUv0f8v6P+30v/X/9f/1/+nu7L1/2Puf3+YSU3yPwAAANRBzP3XhZnI/wAAAFAZMfdfH2Yi/wMAAEBlxNy/IcykJvlf/1//v/T9f5//r/8fZu36/zMD+v9L4PP/9f8z/f+zdqH78/2+fv1//X96K1v/P+b+jWEmNcn/AAAAUAcx928KM5H/AQAAoDJi7r8hzET+BwAAgMqIuf/GMJOa5H/9/7Ps/69p/af+f+f16//r/+v/+/x//X/9/270//X/+3n9+v9L6/+v6nVFVFrZ+v8x998UZlKT/A8AAAB1EHP/zWEm8j8AAABURsz9t4SZyP8AAABQGTH3bw4zqUn+1//3+f/6//r/+v/6/ytJ/3/J/f81Z7Mu/f+C/v/ZudD9+X5ffz/1/0c77O/z/zkfytb/j7n/1jCTmuR/AAAAqIOY+28LM5H/AQAAoDJi7r89zET+BwAAgMqIuX8szKQm+V//X/9f/1//X/9f/38lVbX/n15Hff6//r/+v/7/Cvf/v7nI/v3y+f/UW9n6/zH33xFmUpP8DwAAAHUQc/+dYSbyPwAAAFRGzP3jYSbyPwAAAFRGzP0TYSY1yf/6//r/+v/6//r/+v8rqar9//bP/8+yTP9f/z/R/9f/L9vn/3ei/8/5ULb+f8z9k2EmNcn/AAAAUAcx928JM5H/AQAAoDJi7t8aZiL/AwAAQGXE3L8tzKQm+V//X/9f/1//X/9f/38l1aX/7/P/i8v1/wv6//r/+v/6/3U02OFrZev/x9y/PcykJvkfAAAA6iDm/h1hJvI/AAAAVEbM/XeFmcj/AAAAUBkx998dZlKT/K//r/+v/6//X97+f+vtr1z//7/0/1eQ/r/+fzf6//r//bx+/X/9f3pb3v7/pefc/4+5f2eYSU3yPwAAANRBzP0fCDOR/wEAAKAyYu6/J8xE/gcAAIC+0ulzCKOY+z8YZlKT/K//X/X+/9xq/X/9//7t/7ceT5//r//fSXj51P9fonr1/9csuD39/1YXuj/f7+vX/9f/p7fl7f8v+PH0jPv/MffvCjOpSf4HAACAOoi5/94wE/kfAAAAKiPm/vvCTOR/AAAAqIyY+3eHmdQk/+v/V73/X77P/x/I9P/1/wv6//r/y8Hn/+v/Zz7//6ydbX8+vu+G/n95+v/5OaT/TxmVrf8fc//9YSY1yf8AAABQBzH3fyjMRP4HAACAyoi5/8NhJvI/AAAAVEbM/R8JM6lJ/tf/1//3+f/6//r/+v8rSf9f/78b/f/+7P9H+v/l6f/7/H/Kqmz9/5j7HwgzqUn+BwAAgDqIuf+jYSbyPwAAAFRGzP3/P8xE/gcAAIDKiLn/wTCTmuR//X/9f/1//X/9f/3/laT/r//fjf6//n8/r1//X/+f3srW/4+5/5fCTGqS/wEAAKAOYu5/KMxE/gcAAIDKiLn/Y2Em8j8AAABURsz9vxxmUpP8r/9/fvr/g+n69f/1//X/9f/1/5dTn/b/R/X/C/r/+v/9vH79f/1/eitb/z/m/l8JM6lJ/gcAAIA6iLn/V8NM5H8AAACojJj7fy3MRP4HAACAyoi5/+Ewk5rkf/1/n/+v/6//X9r+/3Dr8dT/1//vpE/7/z7/P9D/1//v5/Xr/+v/01vZ+v8x9/96mElN8j8AAADUQcz9j4SZyP8AAABQGTH3fzzMRP4HAACAyoi5/xNhJjXJ//r/+v/6//r/pe3/tx1P/f+y9v//reul+v/6/93o/+v/9/P69f/1/+mtbP3/mPsfDTOpSf4HAACAOoi5/5NhJvI/AAAAVEbM/b8RZiL/AwAAQGXE3P+bYSb9mf8Hz3QH/X/9f/1//X/9f/3/laT/v7D/n7+GXcj+/6qlbKj/vyT6//r/+v/6/3RXtv5/zP2fCjPpz/wPAAAAdBBz/2+Fmcj/AAAAUBkx9/92mIn8DwAAAJURc/9jYSY1yf/6//r/+v/6//r/+v8rSf/f5/93o/+v/9/P69f/1/+nt7L1/2Pu/3SYSU3yPwAAANRBzP2/E2Yi/wMAAEBlxNy/J8xE/gcAAIDKiLn/8TCTmuR//X/9f/1//f/l6f/P6f/r/3ek/6//343+v/5/P69f/1//n97K1v+PuX9vmElN8j8AAADUQcz9nwkzkf8BAACgMmLu3xdmIv8DAABAZcTcvz/MpCb5X/9f/1//X//f5//r/68k/X/9/270//X/+3n9+v/6//RWtv5/zP1TYSY1yf8AAABQBzH3Hwgzkf8BAACgMmLuPxhmIv8DAABAZcTc/0SYSU3yv/6//r/+v/6//r/+/0rS/9f/70b/X/+/n9ev/6//T2/L1///52Xp/8fcfyjMpCb5HwAAAOog5v7PhpnI/wAAAFAZMfd/LsxE/gcAAIDKiLn/cJhJTfK//r/+v/5/Bfv/w/r/mf5/aej/6/93o/+v/9/P69f/1/+nt+Xr/2fL0v+Puf9ImElN8j8AAADUQcz9R8NM5H8AAACojJj7j4WZyP8AAABQGTH3Hw8zqUn+1//X/9f/r2D/3+f/N+j/l4P+v/5/N/r/+v/9vH79f/1/eitb/z/m/t8NM6lJ/gcAAIA6iLn/RJiJ/A8AAACVEXP/dJiJ/A8AAACVEXP/TJhJTfK//r/+v/6//r/+v/7/StL/1//vRv+/f/r/Ix321//X//8/9u6jyY676uP41WPLksr1FCv2vAV27OAd+DWwYUuxIOeMAZNzzjnnaHLOOZick0FkMFSZsu45x5Y16h6N5+p2/8/ns/DxyGOpramS61dT32r9P3OW1v/n7r9v3NJk/wMAAEAHufvvF7fY/wAAADCM3P33j1vsfwAAABhG7v4HxC1N9r/+X/+v/19M/7/t/PT/+n/9/yXR/+v/N/vu/8/EB4P3/wfR/+v/9f/MWVr/n7v/gXFLk/0PAAAAHeTuf1DcYv8DAADAMHL3Pzhusf8BAABgGLn7HxK3NNn/+n/9/7j9/6m19f/e/59f1xH7/xO3/rL6/+Ol/9f/b/bd/zd5//9B9P/6f/0/c5bW/+fuf2jc0mT/AwAAQAe5+x8Wt9j/AAAAMIzc/Q+PW+x/AAAAGEbu/kfELU32v/5f/z9u/7+69//r//PrOkT/f6Z+Hu//1//r/y9O/6//X/Pz6//1/8xbWv+fu/+RcUuT/Q8AAAAd5O5/VNxi/wMAAMAwcvc/Om6x/wEAAGAYufsfE7c02f/6f/2//l//r/+/DO//1//r//X/B9L/6//X/Pz6f/0/85bW/+fuf2zc0mT/AwAAQAe5+x8Xt9j/AAAAMIzc/Y+PW+x/AAAAGEbu/ifELU32v/5f/6//1//r//X/u6T/1/9P0f/r/9f8/Pp//T/zdt7/X3PtuXvY/j93/7VxS5P9DwAAAB3k7n9i3GL/AwAAwDBy9z8pbrH/AQAAYBi5+58ctzTZ/wf0/1ds9P9N+/+bT+j/9f/L7P9vij9l9P/6/wutu/8/rf/X/5/74eX1/4f7ndD/6//1/8zZef8/0/vf/uPc/dfFLU32PwAAAHSQu/8pcYv9DwAAAMPI3f/UuMX+BwAAgGHk7n9a3NJk/3v/v/7/ON//nz+v/n9L/+/9//p//b/3/0/bYf9/r/zN1P9f3L77+bU//1T/f/dDPL/+nw6W1v/n7n963NJk/wMAAEAHufufEbfY/wAAADCM3P3PjFvsfwAAABhG7v5nxS0N9v+V+v96jqT/9/7/Q/X/Z7b/vv7//OfR/+v/D6L/1/9P8f5//f+an9/7/+f7/6vnfhKGt7T+P3f/s+OWBvsfAAAAusjd/5y4xf4HAACAYeTuf27cYv8DAADAMHL3Py9uabL/9f/6f/2/9//fof7/Cv2//n+a/l//P0X/r/9f8/Pr/73/n3lL6/9z9z8/bqnhd+UR/isBAACAJcnd/4K4pcn3/wEAAKCD3P0vjFvsfwAAABhG7v4XxS1N9r/+X/+v/9f/e/+//n+X9P/D9f8n9P+30v/r//X/+n+mLa3/z93/4rilyf4HAACADnL3vyRusf8BAABgGLn7Xxq32P8AAAAwjNz9L4tbmux//b/+X/+v/9f/6/93Sf8/XP/v/f+3of/X/+v/9f9MW1r/n7v/5XFLk/0PAAAAHeTuf0XcYv8DAADAMHL3vzJusf8BAABgGLn7XxW3NNn/+n/9v/5f/6//1//v0vL7/5OH+iz9/5b+/3y76v9PX+TX0/8v6/mPp//Pr77+nzEtoP+/x20/zt3/6rilyf4HAACADnL3vyZusf8BAABgGLn7Xxu32P8AAAAwjNz9r4tbmuz/i/X/Z6/e/vOZ/j9/w/T/cfX/+v+N/r/o//X/m1X0/4ej/9/S/5/P+//1/97/r/9n2gL6//M+zt3/+rilyf4HAACADnL3vyFusf8BAABgGLn73xi32P8AAAAwjNz9b4pbmux/7//X/+v/9f/6f/3/Lun/9f9TVtT/nzroB/X/+n/9v/6faUvr/3P3vzluabL/AQAAoIPc/W+JW+x/AAAAGEbu/rfGLfY/AAAADCN3/9vilib7X/+v/997//9/+v+k/4+vq/5f/38J9P/6/433/x/Zvvv5tT+//l//z7yl9f+5+98etzTZ/wAAANBB7v53xC32PwAAAAwjd/874xb7HwAAAIaRu/9dcUuT/a//1//vvf/3/v+i/4+vq/5f/38J9P/6/43+/8j23c+v/fn1//p/5i2t/8/d/+64pcn+BwAAgA5y978nbrH/AQAAYBi5+98bt9j/AAAAMIzc/e+LW5rsf/2//l//r//X/+v/d0n/r/+fcnn7/+vO6v/Pt+9+fu3Pr//X/zNvaf1/7v73xy1N9j8AAAB0kLv/A3GL/Q8AAADDyN3/wbjF/gcAAIBh5O7/UNzSZP/r/9fe/9/zxniCpfX/+Sn6f/2//l//r//X/1/Uct//f/s/KQ6m/9f/6//1/0y7bP3/va+5z91u+ZuZ/j93/4fjlib7HwAAADrI3X993GL/AwAAwDBy938kbrH/AQAAYBi5+z8atzTZ/z36/5MXfNo4/b/3/+v/F93/5x+q+n/9v/5f/3+g5fb/h6P/1//r//X/TFva+/9z938sbmmy/wEAAKCD3P0fj1vsfwAAABhG7v5PxC32PwAAAAwjd/8n45Ym+79H/38h/f/Wsff/N99J/6//L97/r//f6P/1/zP0//r/NT//0P3/iY3+n2OxtP4/d/+n4pYm+x8AAAA6yN3/6bjF/gcAAIBh5O7/TNxi/wMAAMAwcvd/Nm646//v75EuK/2//t/7//X/+n/9/y7p/4/Q/5+48tDPpf/f0v8fzb77+bU//9D9v/f/c0yW1v/n7v9c3OL7/wAAADCM3P2fj1vsfwAAABhG7v4vxC32PwAAAAxg27vn7v9i3NJk/+v/9f/6f/2//l//v0v6f+//n6L/1/+v+fn1//p/5i2t/8/d/6W4pcn+BwAAgA5y9385brH/AQAAYBi5+78St9j/AAAAMIzc/V+NW5rsf/2//l//r//X/+v/d0n/r/+fov/X/6/5+fX/+n/mLa3/z93/tbilyf4HAACADnL3fz1usf8BAABgGLn7vxG32P8AAAAwjNz934xbmux//b/+X/+v/9f/773/P7nR/x+Z/l//v9H/H9m++/m1P7/+X//PvKX1/7n7vxW3NNn/AAAA0EHu/m/HLfY/AAAADCN3/3fiFvsfAAAAhpG7/7txS5P9P3L/P/Vp+v8t/b/+f6P/X0L/7/3/d4D+X/+/0f8f2b77+bU/v/5f/8+8pfX/ufu/F7c02f8AAADQQe7+78ct9j8AAAAMI3f/DZvN9fY/AAAAjOmGc389vflB3NJk/4/c/0/R/2/p//X/G/2//n/H9P/6/yn6f/3/mp9f/6//Z97S+v/c/T+MW5rsfwAAAOggd/+P4hb7HwAAAIaRu//HcYv9DwAAAMPI3f+TuKXJ/tf/6//1//p//b/+f5f0//r/Kfp//f+an1//r/9n3tL6/9z9P41bmux/AAAA6CB3/8/iFvsfAAAAhpG7/+dxi/0PAAAAw8jd/4u4pcn+1//r//X/+n/9v/5/l/T/+v8p+n/9/5qfX/+v/2fe0vr/3P2/jFua7H8AAADoIHf/r+IW+x8AAACGkbv/13GL/Q8AAADDyN3/m7ilyf7X/+v/9f/6f/2//n+X2vb/t/xvVf8/S/+v/1/z8+v/9f/MW1r/n7v/t3FLk/0PAAAAHeTu/13cYv8DAADAMHL3/z5usf8BAABgGLn7/xC3NNn/+n/9v/5f/7+O/v8q/b/+/0CL7f+9//9Q9P/6/zU/v/5f/8+8pfX/uftvjFua7H8AAADoIHf/H+MW+x8AAACGkbv/T3GL/Q8AAADDyN1/Nm5psv/1//r/Ifv/U/r/8fp/7/9fZf9/F/2//n+a/l//v+bn1//r/5m3tP4/d/+f45Ym+x8AAAA6yN3/l7jF/gcAAIBh5O7/a9xi/wMAAMAwcvf/LW5psv/1//r/Ift/7//X/+v/F0P/r/+fov/X/6/5+fX/+n/mLa3/z93/97ilyf4HAACADnL3/yNusf8BAABgGLn7/xm32P8AAAAwjNz9/4pbmux//b/+X/+v/9f/6/93Sf+/3v7/qo3+f47+X/+v/9f/M21p/X/u/n/HLU32PwAAAHSQu/+muOXA/X/ny/RUAAAAwHHK3f+fuMX3/wEAAGAYufv/G7c02f/6f/2//l//r//X/++S/n+9/b/3/8/T/+v/9f/6f6Ytrf/P3f+/AAAA///XHBWv") mkdir(&(0x7f0000000480)='./bus\x00', 0x0) setxattr$system_posix_acl(&(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='system.posix_acl_default\x00', &(0x7f0000000300)={{}, {0x1, 0x2}, [], {0x4, 0x4}, [], {0x10, 0x4}, {0x20, 0x2}}, 0x24, 0x2) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) chdir(&(0x7f0000000200)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0) r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) ioctl$USBDEVFS_RELEASE_PORT(r2, 0x8008550e, 0x0) mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0) syz_mount_image$nilfs2(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x1080c, &(0x7f0000000180)=ANY=[], 0x1, 0xa53, &(0x7f0000000bc0)="$eJzs3U2MW0cdAPBn73rzWeKUhIa0tAmFtgK62+yG8BFBUzUXoqbiVqniEqVpiUgDIpWgVQ5JTtxoFYUb4kOceqkAIdELinriUolG4tJT4cCBKEiROEBLYhTvjNf+x+6zk9196/XvJ43H783YM8/7/PZ53puZAphY9fZjo/146e2Lh//5yD823Xr+ZCdHs/043bV0K3ctLU+H9/tgajG+cf3s8X5xrZhvP+bl4tlrndduKYriXLGnuFw0i92Xrrzx7vwzR88fubD3vTcPXl2JbQcAgEnz7csH9+/821/u3/7hWw8eKjZ01ufz82Za3prO+w+lE/98/l8vepdrXaHbTMg3nUI95Jvqk6+7nEbOt7H3dbH8mfC+jQH5NpSUP9W1rt92wzjL+3GzqNVne5br9dnZxd/kRft3/Uxt9vTJUy+eqaiiwLL790NFUewRhEkLrW2dL0HldakudH0KAJWK1wtvcy62LNydzrtND1f+tafq/V8Py2C193/lx/fvrcdql1+2/b8574jD8hl+b9q4ovVYbnm78vdoa1qO1xHi/UujHn/y+02F92sMWc9B1xHG5frCoHpOrXI97tSg+sf9Yr36Rorz5/DNkN79/Yl/03H5GwP9/WfNtf9vWqpc5XUZKWwc03oLExxa1Rx2gDEQ75trJTk93tcX0zeUpG8sSd9Ukr65JH1LSTpMst+/8tPi9drS7/z4m/7G9bPtL8uw7WG5ne2eFH9ixPrE9shR2+Pifb+jutvy4/3EsJb98dhzJ776wvNXFu//r3X2/5tpf9+Tlpvpu3U5ZcjthbFdvXPvf7O3nPqAfPeG+tzTJ3/7+Y7efLUdS+9TdB1nbqvHrt7XbRuU74HefM2Qb1MK8SpIPD/ZHF6Xzz/ycTV/XtNhexthO2ZCPfJxZXuKx+tqDGtV3h8H3f+f989dRaP24slTJ55Iy3k//fNUY8Ot9ftWud7A3Ru2/8+uorf/z9bO+ka9+7iwbWl9rfu40Azr5wesX0jL+f/cd6c2tdfPHv/+qReWe+Nhwp159bXvHTt16sQPPfHEE086T6o+MgErbe6Vl38wd+bV1x4/+fKxl068dOL0woEDC/PzB762sH+ufV4/1312D6wnS//0q64JAAAAAAAAAAAAMKwfHTl85a/vfOX9xf7/S/3/cv//fOdv7v//k9D/P/aTz/3gcz/A7X3S23nCAKszIV8jhU+G+u4I5ewMr/tUijvz+KX+/7m4OK5rrs99YX0cvzfnC8MJ3DZeykwYgyTOF/jZFF9I8a8LqFDt5/1Xp7hsfOu8r+fxKYxLMZ7y3y2PZ5LHMcn9vweN65SP/9tXoY4sv9XoTlj1NgL9/WvNjf+93kPXL4bK6yKstXCj1WqtZnmtllk8gLWh6vk/c7tnjk//6Vsbb4Wc7dpTvcfLOH4p3I2q57+srPzcsDip2z9k+cs9/2dn/ruhj39hxrzmnZX7319cfb+r2GL3sOXH7c/jQO8YrfwPU/l5ax4thiu/9atQfrwgNKSPQvmbhyw/bv/FUQtOBf4vlZ8/tsceHrb8xTeo1XvrEduN8/W/2G6c3Qjbn8f2HPnvf4cTNd5M5cMkG5d5Zkc1LvP/DhLvw/hyWs4HwnyfQ5zvZNT65/sr8v+BneH9ayX/38z/O96+nuKy70Oe/zfvj80+y/Wu5Uafz3a9HmtgXH3g+p8w5qF9RrMG6jGOodVqrWyDVolKC6fyz7/q3wlVl1/1518mzv8bz+Hj/L8xPc7/G9Pj/L8xvd2u+NHSpL0xPc7/Gz/POP9vTL8vlBvnB95Vkv7pkvTdJen3l6Q/UJL+mZL0vSXpD5akP1SSfm9J+sMl6Z8rSf98SfojJemPfXz6wo9LXr/e5f4ok7r9MMli/zzff5gc+frPoO//jpJ0YHz97K19Tz//u+80F/v/z3TaQ/J1vENpuZF+O8ffS7H9ZCqlvZOW/x7S13p7B0ySOH5G/P/+aEk6ML7yfV6+3zCBav1H7Bl23KpB5/mMly+k+Isp/lKKH0/xbIrnUrwvxfOrVD9WxtO//cPB12tLv/e3hfRh7yeP/YHiOFELQ9Yntg+Mej97HMdvVHdb/h12BwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKhMvf24f/+uWlFcevvi4eeOnpy7tebJTo5m+3G6a6nReV1RPJHiqRT/Mj25cf3s8e74ZoprxXxRK2qd9cWz1zolbSmK4lyxp7hcNIvdl6688e78M0fPH7mw9703D15duU8AAAAA1r//BwAA///3txjh") symlink(&(0x7f0000001640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', &(0x7f0000000e40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x8000, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CHECK_EXTENSION_VM(r4, 0xae03, 0x4a) r5 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r5, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0x1c, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]}) mkdirat(r0, &(0x7f0000000200)='./bus/file0\x00', 0x0) r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x14d802, 0x0) r7 = dup(r6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000002, 0x28011, r7, 0x2c93a000) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15) mincore(&(0x7f000020b000/0x2000)=nil, 0x2000, &(0x7f00000000c0)=""/162) socket$nl_route(0x10, 0x3, 0x0) ioctl$IOMMU_VFIO_IOAS$GET(r1, 0x3b88, &(0x7f0000000180)={0xc, 0x0}) ioctl$IOMMU_OPTION$IOMMU_OPTION_HUGE_PAGES(r1, 0x3b87, &(0x7f00000001c0)={0x18, 0x1, 0x1, 0x0, r8, 0x400}) r9 = socket$inet6_sctp(0xa, 0x1, 0x84) shutdown(r9, 0x0) recvmmsg(r9, &(0x7f0000005000)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=""/19, 0x13}, 0x3}], 0x4000169, 0x60, 0x0) sendmmsg$inet6(r9, &(0x7f0000007680)=[{{&(0x7f0000004080)={0xa, 0x4e20, 0x2000002, @local, 0x6}, 0x1c, &(0x7f0000004280)=[{&(0x7f00000040c0)='8', 0x1}], 0x1}}], 0x1, 0x8085) [ 87.500346][ T4680] Bluetooth: hci0: command tx timeout [ 88.064763][ T5336] loop0: detected capacity change from 0 to 32768 [ 88.351724][ T5336] loop0: detected capacity change from 32768 to 64 [ 88.355254][ T3688] kworker/u4:23: attempt to access beyond end of device [ 88.355254][ T3688] loop0: rw=1, sector=352, nr_sectors = 8 limit=64 [ 88.379848][ T3688] metapage_write_end_io: I/O error [ 88.384270][ T3688] kworker/u4:23: attempt to access beyond end of device [ 88.384270][ T3688] loop0: rw=1, sector=360, nr_sectors = 8 limit=64 [ 88.410507][ T3688] metapage_write_end_io: I/O error [ 88.412709][ T3688] kworker/u4:23: attempt to access beyond end of device [ 88.412709][ T3688] loop0: rw=1, sector=368, nr_sectors = 8 limit=64 [ 88.418218][ T3688] metapage_write_end_io: I/O error [ 88.423933][ T5336] syz.0.0: attempt to access beyond end of device [ 88.423933][ T5336] loop0: rw=1, sector=408, nr_sectors = 8 limit=64 [ 88.428952][ T5336] metapage_write_end_io: I/O error [ 88.459372][ T3688] kworker/u4:23: attempt to access beyond end of device [ 88.459372][ T3688] loop0: rw=1, sector=376, nr_sectors = 8 limit=64 [ 88.464891][ T3688] metapage_write_end_io: I/O error [ 88.467404][ T3688] kworker/u4:23: attempt to access beyond end of device [ 88.467404][ T3688] loop0: rw=1, sector=264, nr_sectors = 8 limit=64 [ 88.484233][ T5336] ERROR: (device loop0): release_metapage: metapage_write_one() failed [ 88.484233][ T5336] [ 88.488991][ T5336] ERROR: (device loop0): remounting filesystem as read-only [ 88.522940][ T5336] syz.0.0: attempt to access beyond end of device [ 88.522940][ T5336] loop0: rw=1, sector=416, nr_sectors = 8 limit=64 [ 88.528531][ T5336] metapage_write_end_io: I/O error [ 88.532171][ T3688] metapage_write_end_io: I/O error [ 88.534505][ T3688] kworker/u4:23: attempt to access beyond end of device [ 88.534505][ T3688] loop0: rw=2049, sector=30752, nr_sectors = 8 limit=64 [ 88.546054][ T3688] lbmIODone: I/O error in JFS log [ 88.560725][ T103] jfsCommit: attempt to access beyond end of device [ 88.560725][ T103] loop0: rw=0, sector=264, nr_sectors = 8 limit=64 [ 88.565788][ T103] Read error 10 at 0x1000 [ 88.579534][ T5336] ERROR: (device loop0): release_metapage: metapage_write_one() failed [ 88.579534][ T5336] [ 88.584780][ T103] read_mapping_page failed! [ 88.610289][ T3688] kworker/u4:23: attempt to access beyond end of device [ 88.610289][ T3688] loop0: rw=1, sector=160, nr_sectors = 8 limit=64 [ 88.615486][ T3688] metapage_write_end_io: I/O error [ 88.617774][ T3688] metapage_write_end_io: I/O error [ 88.621307][ T5336] ================================================================== [ 88.624602][ T5336] BUG: KASAN: slab-use-after-free in release_metapage+0x760/0xac0 [ 88.627697][ T5336] Read of size 8 at addr ffff888040b4abc8 by task syz.0.0/5336 [ 88.630854][ T5336] [ 88.631934][ T5336] CPU: 0 UID: 0 PID: 5336 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 88.631948][ T5336] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 88.631955][ T5336] Call Trace: [ 88.631963][ T5336] [ 88.631969][ T5336] dump_stack_lvl+0x189/0x250 [ 88.631987][ T5336] ? __virt_addr_valid+0x1c8/0x5c0 [ 88.632003][ T5336] ? rcu_is_watching+0x15/0xb0 [ 88.632018][ T5336] ? __kasan_check_byte+0x12/0x40 [ 88.632029][ T5336] ? __pfx_dump_stack_lvl+0x10/0x10 [ 88.632041][ T5336] ? rcu_is_watching+0x15/0xb0 [ 88.632053][ T5336] ? lock_release+0x4b/0x3b0 [ 88.632065][ T5336] ? __virt_addr_valid+0x1c8/0x5c0 [ 88.632078][ T5336] ? __virt_addr_valid+0x4a5/0x5c0 [ 88.632092][ T5336] print_report+0xca/0x240 [ 88.632103][ T5336] ? release_metapage+0x760/0xac0 [ 88.632117][ T5336] kasan_report+0x118/0x150 [ 88.632127][ T5336] ? release_metapage+0x760/0xac0 [ 88.632143][ T5336] release_metapage+0x760/0xac0 [ 88.632159][ T5336] ea_write+0x658/0xdd0 [ 88.632172][ T5336] ? __pfx_ea_write+0x10/0x10 [ 88.632182][ T5336] ? __jfs_setxattr+0x7d7/0x1120 [ 88.632193][ T5336] __jfs_setxattr+0x908/0x1120 [ 88.632207][ T5336] ? __pfx___jfs_setxattr+0x10/0x10 [ 88.632219][ T5336] ? posix_acl_to_xattr+0x359/0x3e0 [ 88.632232][ T5336] __jfs_set_acl+0x121/0x1c0 [ 88.632244][ T5336] jfs_init_acl+0x202/0x3c0 [ 88.632256][ T5336] ? __pfx_jfs_init_acl+0x10/0x10 [ 88.632268][ T5336] ? ialloc+0x631/0x8f0 [ 88.632281][ T5336] jfs_mkdir+0x229/0xa70 [ 88.632295][ T5336] ? __pfx_jfs_mkdir+0x10/0x10 [ 88.632308][ T5336] ? from_kgid+0x1b0/0x650 [ 88.632327][ T5336] ? generic_permission+0x359/0x690 [ 88.632341][ T5336] ? inode_permission+0x2fd/0x5f0 [ 88.632353][ T5336] ? bpf_lsm_inode_mkdir+0x9/0x20 [ 88.632367][ T5336] vfs_mkdir+0x512/0x5b0 [ 88.632383][ T5336] do_mkdirat+0x276/0x4b0 [ 88.632398][ T5336] ? __pfx_do_mkdirat+0x10/0x10 [ 88.632413][ T5336] ? getname_flags+0x1e5/0x540 [ 88.632425][ T5336] __x64_sys_mkdirat+0x87/0xa0 [ 88.632440][ T5336] do_syscall_64+0xfa/0xf80 [ 88.632505][ T5336] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.632517][ T5336] ? clear_bhb_loop+0x60/0xb0 [ 88.632530][ T5336] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.632542][ T5336] RIP: 0033:0x7f17ee58f7c9 [ 88.632553][ T5336] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 88.632570][ T5336] RSP: 002b:00007f17ef353038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 88.632584][ T5336] RAX: ffffffffffffffda RBX: 00007f17ee7e5fa0 RCX: 00007f17ee58f7c9 [ 88.632592][ T5336] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000004 [ 88.632600][ T5336] RBP: 00007f17ee613f91 R08: 0000000000000000 R09: 0000000000000000 [ 88.632606][ T5336] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 88.632613][ T5336] R13: 00007f17ee7e6038 R14: 00007f17ee7e5fa0 R15: 00007fff7dc6fcf8 [ 88.632623][ T5336] [ 88.632627][ T5336] [ 88.751588][ T5336] Allocated by task 5336: [ 88.753321][ T5336] kasan_save_track+0x3e/0x80 [ 88.755245][ T5336] __kasan_slab_alloc+0x6c/0x80 [ 88.757820][ T5336] kmem_cache_alloc_noprof+0x37d/0x710 [ 88.760830][ T5336] mempool_alloc_noprof+0x1c9/0x2f0 [ 88.763499][ T5336] __get_metapage+0x50c/0xde0 [ 88.765557][ T5336] ea_write+0x5e6/0xdd0 [ 88.767331][ T5336] __jfs_setxattr+0x908/0x1120 [ 88.769363][ T5336] __jfs_set_acl+0x121/0x1c0 [ 88.771311][ T5336] jfs_init_acl+0x202/0x3c0 [ 88.773220][ T5336] jfs_mkdir+0x229/0xa70 [ 88.774914][ T5336] vfs_mkdir+0x512/0x5b0 [ 88.776712][ T5336] do_mkdirat+0x276/0x4b0 [ 88.778524][ T5336] __x64_sys_mkdirat+0x87/0xa0 [ 88.780515][ T5336] do_syscall_64+0xfa/0xf80 [ 88.782367][ T5336] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.784683][ T5336] [ 88.785633][ T5336] Freed by task 72: [ 88.787257][ T5336] kasan_save_track+0x3e/0x80 [ 88.789134][ T5336] kasan_save_free_info+0x46/0x50 [ 88.791245][ T5336] __kasan_slab_free+0x5c/0x80 [ 88.793229][ T5336] kmem_cache_free+0x197/0x620 [ 88.795172][ T5336] mempool_free+0xec/0x130 [ 88.797096][ T5336] metapage_release_folio+0x40e/0x540 [ 88.799150][ T5336] shrink_folio_list+0x20a9/0x4a10 [ 88.801179][ T5336] evict_folios+0x471e/0x57c0 [ 88.803151][ T5336] try_to_shrink_lruvec+0x8a3/0xb50 [ 88.805262][ T5336] shrink_one+0x25c/0x720 [ 88.807007][ T5336] shrink_node+0x2f7d/0x35b0 [ 88.809118][ T5336] kswapd+0x145a/0x2820 [ 88.810878][ T5336] kthread+0x711/0x8a0 [ 88.812564][ T5336] ret_from_fork+0x599/0xb30 [ 88.814432][ T5336] ret_from_fork_asm+0x1a/0x30 [ 88.816398][ T5336] [ 88.817462][ T5336] The buggy address belongs to the object at ffff888040b4aba0 [ 88.817462][ T5336] which belongs to the cache jfs_mp of size 184 [ 88.823181][ T5336] The buggy address is located 40 bytes inside of [ 88.823181][ T5336] freed 184-byte region [ffff888040b4aba0, ffff888040b4ac58) [ 88.828470][ T5336] [ 88.829301][ T5336] The buggy address belongs to the physical page: [ 88.831763][ T5336] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x40b4a [ 88.834924][ T5336] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 88.837746][ T5336] page_type: f5(slab) [ 88.839307][ T5336] raw: 04fff00000000000 ffff8880001f3c80 dead000000000122 0000000000000000 [ 88.843376][ T5336] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 88.847881][ T5336] page dumped because: kasan: bad access detected [ 88.850736][ T5336] page_owner tracks the page as allocated [ 88.853029][ T5336] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xd2800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5336, tgid 5335 (syz.0.0), ts 88148347598, free_ts 88050164091 [ 88.860485][ T5336] post_alloc_hook+0x234/0x290 [ 88.862443][ T5336] get_page_from_freelist+0x2365/0x2440 [ 88.864808][ T5336] __alloc_frozen_pages_noprof+0x181/0x370 [ 88.867179][ T5336] alloc_pages_mpol+0x232/0x4a0 [ 88.869276][ T5336] allocate_slab+0x86/0x3b0 [ 88.871194][ T5336] ___slab_alloc+0xf2b/0x1960 [ 88.873187][ T5336] __slab_alloc+0x65/0x100 [ 88.874917][ T5336] kmem_cache_alloc_noprof+0x40f/0x710 [ 88.877113][ T5336] mempool_alloc_noprof+0x1c9/0x2f0 [ 88.879239][ T5336] __get_metapage+0x50c/0xde0 [ 88.881230][ T5336] diWrite+0x401/0x1f40 [ 88.883041][ T5336] txCommit+0x852/0x5430 [ 88.884797][ T5336] jfs_mkdir+0x856/0xa70 [ 88.886523][ T5336] vfs_mkdir+0x512/0x5b0 [ 88.888313][ T5336] do_mkdirat+0x276/0x4b0 [ 88.890140][ T5336] __x64_sys_mkdir+0x6c/0x80 [ 88.892142][ T5336] page last free pid 15 tgid 15 stack trace: [ 88.894687][ T5336] __free_frozen_pages+0xbc8/0xd30 [ 88.896833][ T5336] tlb_remove_table_rcu+0x85/0x100 [ 88.899102][ T5336] rcu_core+0xd70/0x1870 [ 88.900840][ T5336] handle_softirqs+0x27d/0x850 [ 88.902665][ T5336] run_ksoftirqd+0x9b/0x100 [ 88.904557][ T5336] smpboot_thread_fn+0x542/0xa60 [ 88.906486][ T5336] kthread+0x711/0x8a0 [ 88.908200][ T5336] ret_from_fork+0x599/0xb30 [ 88.910137][ T5336] ret_from_fork_asm+0x1a/0x30 [ 88.912113][ T5336] [ 88.913046][ T5336] Memory state around the buggy address: [ 88.915176][ T5336] ffff888040b4aa80: fc fc fc fc fc fa fb fb fb fb fb fb fb fb fb fb [ 88.918271][ T5336] ffff888040b4ab00: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 88.921305][ T5336] >ffff888040b4ab80: fc fc fc fc fa fb fb fb fb fb fb fb fb fb fb fb [ 88.924352][ T5336] ^ [ 88.926892][ T5336] ffff888040b4ac00: fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc [ 88.930007][ T5336] ffff888040b4ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 88.933411][ T5336] ================================================================== [ 88.937399][ T3688] metapage_write_end_io: I/O error [ 88.940174][ T3688] metapage_write_end_io: I/O error [ 89.059401][ T5336] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 89.062605][ T5336] CPU: 0 UID: 0 PID: 5336 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 89.066253][ T5336] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 89.070436][ T5336] Call Trace: [ 89.071763][ T5336] [ 89.072974][ T5336] dump_stack_lvl+0x99/0x250 [ 89.074820][ T5336] ? __asan_memcpy+0x40/0x70 [ 89.076549][ T5336] ? __pfx_dump_stack_lvl+0x10/0x10 [ 89.078545][ T5336] ? __pfx__printk+0x10/0x10 [ 89.080379][ T5336] vpanic+0x237/0x6d0 [ 89.081965][ T5336] ? __pfx_vpanic+0x10/0x10 [ 89.083802][ T5336] ? preempt_schedule_common+0x83/0xd0 [ 89.085997][ T5336] ? preempt_schedule+0xae/0xc0 [ 89.087940][ T5336] panic+0xb9/0xc0 [ 89.089401][ T5336] ? __pfx_panic+0x10/0x10 [ 89.091120][ T5336] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 89.093650][ T5336] ? release_metapage+0x760/0xac0 [ 89.095795][ T5336] check_panic_on_warn+0x89/0xb0 [ 89.098065][ T5336] ? release_metapage+0x760/0xac0 [ 89.100143][ T5336] end_report+0x6f/0x140 [ 89.101850][ T5336] kasan_report+0x129/0x150 [ 89.103652][ T5336] ? release_metapage+0x760/0xac0 [ 89.105765][ T5336] release_metapage+0x760/0xac0 [ 89.107808][ T5336] ea_write+0x658/0xdd0 [ 89.109678][ T5336] ? __pfx_ea_write+0x10/0x10 [ 89.111650][ T5336] ? __jfs_setxattr+0x7d7/0x1120 [ 89.113723][ T5336] __jfs_setxattr+0x908/0x1120 [ 89.115652][ T5336] ? __pfx___jfs_setxattr+0x10/0x10 [ 89.117803][ T5336] ? posix_acl_to_xattr+0x359/0x3e0 [ 89.120004][ T5336] __jfs_set_acl+0x121/0x1c0 [ 89.122090][ T5336] jfs_init_acl+0x202/0x3c0 [ 89.124048][ T5336] ? __pfx_jfs_init_acl+0x10/0x10 [ 89.126023][ T5336] ? ialloc+0x631/0x8f0 [ 89.127752][ T5336] jfs_mkdir+0x229/0xa70 [ 89.129281][ T5336] ? __pfx_jfs_mkdir+0x10/0x10 [ 89.130999][ T5336] ? from_kgid+0x1b0/0x650 [ 89.132806][ T5336] ? generic_permission+0x359/0x690 [ 89.134837][ T5336] ? inode_permission+0x2fd/0x5f0 [ 89.136876][ T5336] ? bpf_lsm_inode_mkdir+0x9/0x20 [ 89.138873][ T5336] vfs_mkdir+0x512/0x5b0 [ 89.140611][ T5336] do_mkdirat+0x276/0x4b0 [ 89.142312][ T5336] ? __pfx_do_mkdirat+0x10/0x10 [ 89.144075][ T5336] ? getname_flags+0x1e5/0x540 [ 89.145875][ T5336] __x64_sys_mkdirat+0x87/0xa0 [ 89.147731][ T5336] do_syscall_64+0xfa/0xf80 [ 89.149554][ T5336] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 89.151972][ T5336] ? clear_bhb_loop+0x60/0xb0 [ 89.153943][ T5336] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 89.156503][ T5336] RIP: 0033:0x7f17ee58f7c9 [ 89.158403][ T5336] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 89.165932][ T5336] RSP: 002b:00007f17ef353038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 89.169236][ T5336] RAX: ffffffffffffffda RBX: 00007f17ee7e5fa0 RCX: 00007f17ee58f7c9 [ 89.172401][ T5336] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000004 [ 89.175612][ T5336] RBP: 00007f17ee613f91 R08: 0000000000000000 R09: 0000000000000000 [ 89.178640][ T5336] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 89.181949][ T5336] R13: 00007f17ee7e6038 R14: 00007f17ee7e5fa0 R15: 00007fff7dc6fcf8 [ 89.185183][ T5336] [ 89.186702][ T5336] Kernel Offset: disabled [ 89.188397][ T5336] Rebooting in 86400 seconds..