program: syz_mount_image$jfs(&(0x7f0000000400), &(0x7f00000000c0)='./bus\x00', 0x1c802, &(0x7f0000002740)=ANY=[], 0x1, 0x5f16, &(0x7f0000009040)="$eJzs3V1vHFcZB/BnX7x+KU2jClUh4iJNobSU5j2B8taUCy4ACSSUaxK5bhVIASUB0SoirnKBuODlI8BNb7joFylfAfEBiBRzVQnKoLHPScbjddZp4p1dn99PcmaePTPeM/l7PLuemT0BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMT3vvvj072IuPzr9MDhiM/EIKIfsVzXx6KeuZiXH0bEkdhsjuciYrAYUa+/+c8zEeci4qNDEfc2bq3WD5/ZYz/On7p5/ZPvf+cfv/vTnSM/ffMnH7Tbf/TZsx/+/nbE4R++9uEnt5/MtgMAAEApqqqqeult/tH0/r7fdacAgKnIx/8qyY+r1Wq1+onWf+zPVn/UhdZN1Xi3m0VErDfXqV8zOB0PAHNmPT7uugt0SP5FG0bEU113Aphpva47wL64t3FrtZfy7TWPB8e22vPfKbflv967f3/HbtNJ2teYTOvn604M4tld+rM8pT7Mkpx/v53/5a32UVpuv/Oflt3yH23d+lScnP+gnX/Ltvz/HBFzm39/bP6lyvkPHyX/9cEc7//yBwAAAADg4Mt//z/c8fnfxcfflD152PnfY1PqAwAAAAAAAAA8aY87/t99xv8DAACAmVW/V6/95dCDx3b7LLb68Uu9iKdbywOFSTfLrHTdDwAAAAAAAAAAAAAoyXDrGt5LvYiFiHh6ZaWqqvqrqV0/qsddf96Vvv1Qsq5/yQMAwJaPDrXu5e9FLEXEpfRZfwsrKytVtbS8Uq1Uy4v59exocalabryvzdP6scXRHl4QD0dV/c2WGus1TXq/PKm9/f3q5xpVgz10bDo6DBwAImLraHTPEemAqapnoutXOcwH+//BY/9nL7r+OQUAAAD2X1VVVS99nPfRdM6/33WnAIBpWMrH//Z5AbVarVar1QevbqrGu90sImK9uU79msFw/AAwZ9bj4667QIfkX7RhRBzpuhPATOt13QH2xb2NW6u9lG+veTxI47vna0G25b/e21wvrz9uOkn7GpNp/XzdiUE8u0t/nptSH2ZJzr/fzv/yVvsoLbff+U/LbvnX23m4g/50Lec/aOffcnDy74/Nv1Q5/+Ej5T+QPwAAAAAAzLD89//Dzv/mTQYAAAAAAACAuXNv49Zqvu81n////Jjles05938eGDn/3p7zd//vQZLz77fzb12QM2jM333jQf7/3ri1+sHNf30uT2c+/4XBqH7uhV5/MEzX/FQLb8XVuBZrcWrH8sNt7ad3tC9saz8zof3sjvZR3b6c20/EavwirsWb99sXJ1wYtTShvZrQnvMf2P+LlPMfNr7q/FdSe681rd19v79jv29Oxz3Pxb/998Wde9f03YnB/W1rqrfveAf92fw/eWoUv7qxdv3Eb67cvHn9dKTJtkfPRJo8YTn/hfSV83/pha32/Hu/ub/efX/0yPnPijsx3DX/Fxrz9fa+POW+dSHnP0pfOf98BBq//89z/rvv/6900B8AAAAAAAAAAAAAAAB4mKqqNm8RvRgRF9L9P13dmwkATNUffpBmqiTUarVarVYf2LqpGu/1ZhFL29e5EBG/HffNAIBZ9r+I+GfXnaAz8i9Y/ry/evqFrjsDTNWNd9/72ZVr19au3+i6JwAAAAAAAADAp5XH/zzWGP958zqg1rjR28Z/fSOOze34n/3RYHOs87RBz8fDx/8+Hg8f/3s44fkWJrSPJrQvTmhfmtA+9kaPhpz/8ynjnP/RtGEljf/6Ugf96VrO/3ga6znn/6XWcs38q7/Oc/79bfmfvPnOL0/eePe9V6++c+XttbfXfn761IVzZ8+fO3v+/Mm3rl5bO7X1b4c93l85/zz2tetAy5Lzz5nLvyw5/y+mWv5lyfm/mGr5lyXnn1/vyb8sOf/83kf+Zcn5v5xq+Zcl5//lVMu/LDn/V1It/7Lk/L+SavmXJef/aqrlX5ac/4lUy78sOf+TqZZ/WXL++QyX/MuS889XNsi/LDn/M6mWf1ly/mdTLf+y5PzPpVr+Zcn5n0+1/MuS87+QavmXJef/1VTLvyw5/6+lWv5lyfm/lmr5lyXn//VUy78sOf9vpFr+Zcn5fzPV8i9Lzv9bqZZ/WXL+3061/MuS83891fIvy4PP/zcz5Zn//D1iBrphxsy4ma5/MwEAAAAAAAAAAAAAbdO4nLjrbQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP7PDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1Eaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwd3cxcpX3GcDPftlrQ4IbCCHECWtjwMDi3fUXOMRgkpBS0qaUhLRpSY1jr40Tf9W7TgChshTaEgWpSO0FvWiaRGkUqa1AUaSmEo2QGqm9K1eJuIlaiQtLhcpBSaVUga3OnPd9d2Z2dmb9sXjOOb8fwn/vzJmZd86cmd1nrWcGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAZhs+Nv3nA1mW5f83/liXZZfmf1+T7cm/nNt5sVcIAAAAnK+3Gn/+w2XphD3LuFDTNv/2of/4/vz8/Hz2hTdPv/2X8/PpjLEsG1qdZY3zon//5S/mm7cJnspGBwabvh7scfNDPc4f7nH+SI/zV/U4f3WP80d7nL9oByyypvh9TOPKNjX+uq7YpdkV2UjjvE0dLvXUwOrBwfi7nIaBxmXmRw5mh7Mj2XQ2uegyA43/suylDflt3ZPF2xpsuq31WZad+dnj++MaBsI+3pS13FhD82P3xl3Z2Js/e3z/d2Zff3+n2XM3LFpplm3emK/z6Sxb+HVVNpCtTvskrnOwaZ3rO6xzqGWdA43L5X9vX+eZZa4z3u/RsM5XuqxzfTjtkWuzLJvLltym3VPZYLa27VbT/h4tjoj8OvKH8j3Z8FkdJxuWcZzkl3nt2tbjpP2YjPt/Q9gnw0usofnheOPJVYv2+7keJ/m97odjNb/u+/IbHR1t/tVqy7Gab/P4dUsfAx0fuw7HQDqWm46Bjb2OgcFVQ41jYHBhzRtbjoGpRZcZzAYat3X6uu7HwMTs0RMTM48+dsvho/sOTR+aPjY1uXP7th3bt+3YMXHw8JHpyeLPs9ulJbI2G0zH4MbwWhOPwRvatm0+JOe/eeGeB6N98jzI7/tnrs8XdOlgtsQxnm/z9Obzfx6k7/tNz4PhpudBx9fUDs+D4WU8D/Jtzmxe3vfM4ab/O61hpV4L1zUdAxfz+2F+mw/euPRr4fqwrmduOtvvh0OLjoF4twbCcy8/Jf28N3pb2C+Lj4ur8zMuWZWdmpk+ueWRfbOzJ6eyMN4Rlzc9Vu3Hy9qm+5QtOl4Gz/p42fP3v7r+6g6nrwv7avTm7o9Vvs328e6PVePVvXV/rsqK/dly6tYsjAvsnd6fnb6b5fszZYku+zPf5ulbzv9nwZRLml7/Rnq9/g2NDBevf0Npb4y0vP4tfmiGGivLsjO3LO/1byT8/06//l3RJ69/+b56cEv3YyDf5pmJsz0Ghru+/l0b5kBYz40hMYw25f63G+fPFYdp02PZ87gZHh4Jx81wvMXW42bbosvk15bf9ubJcztuNl/b+li1/NxSweMm31d/Ndn9uMm3eXnq/F871sS/Nr12rOp1DIwMrcrXO5IOguL1bn5NPAa2ZPuz49mR7EC6TP4o57c1vnV5x8Cq8P87/dpxVZ8cA/m+en5r92Mg3+ZH2y7sz06bwylpm6afndp/v7BU5r96eOH62nfbhc78+To//uNPpdM6ZYh8m9e3n23O6L6fbg6nXNJhP7U/f5Y6pg9k78x+uiqs88iO7r+byre5Yucyj6c9WZa9OvVq4/dd4fe73zv14++3/N630++UX5169d6J+39yNusHAODcvd34c25V8bNm079YL+ff/wEAAIBSiLl/MMxE/gcAAIDKiLl/KMxE/gcAAIDKiLl/OMykJvn/4dt2vfDWE1l6N8D5IJ4fd8N9dxTbxY73XPh6bH5BfvpHvz3ywlefWN5tD2ZZ9qt7P9Bx+4fviOsqnIjr/HDr6Ytcdc2ybv+hBxa2a37/hDO7iuuP92e5h0HsKr80sbVxvWOPTjXmy/dmjXn/3DNPFddffB23P72t2P5vwpuW7Dk40HL5zWE9m8IcC+8pc9+ehf2Qz3i5F9Z/6F8v/+zC7cXLDWx8d+NuPv/HxfXG94h67vJi+3i/l1r/v3ztuy/k2z9yXef1PzHYef2nw/W+FuYvdxfbN+/zrzat/0/D+uPtxctt+dYPO67/xfcV278YjotvhNm+/rv+4oNvdXq84u3sub24XLz9yf/d3rhcvL54/e3rH31iqmV/tF//y28W17P7yz8fat4+nh5vJ3ro9tbjeyA8vi098izLvvtnWct+zj5SXO6f29Yfr+/E7Z3Xf3PbOk8MXNO4/ML9Wddyv77+d1s73t+4nj3/uK7l/jx3d9h/b078KL/e0/eH4zGc/3+vFNfX/l6mL97d+noTt//GuuJ5G69vom39z7Wtf+6afN/1Xv89bxbrf/HO1S3r3/OJcDzdU8xe6z/0t5e1XP6b3ykej5NfGT92fObU4QNNe7X5ebx6dM3aSy5917svC6+l7V/vPT778PTJscmxySwbK+FbBq70+r8V5v8UY+7C30LhJz8vjrtnP1l837rhF8XXz4XTHwqPZ/z++PW/Hmk5Xtsf97k7i3m+678prGO53ve1/7pmWRue/vxLp/7pT15v/7kg3p8T7x1t3L/nN1zZOG/g5eL89terXv7zva3P658OTzbmD8J+nQ/vzLzxyuL22q8/vjfJs58unr/xJ7l4+azt/UTWDbXej/Nd/0/DzzE/vKr19S8eHz94ou3dnNdlA/kS5sLrQzZXnB+3ivv72TNXdry9+D482dz7z2aZS5p5dGbiyOFjpx6ZmJ2emZ2YefSxvUePnzo2u7fx3qV7v9jr8gvP77WN5/eB6Z3bs8az/XgxVtjFXv+JB/YfuHXy+gPTB/edOjj7wInpk4f2z8zsnz4wc/2+gwenv9Lr8ocP7J7aumvbrVvHDx0+sPu2Xbu27Ro/fOx4voxiUT3snPzS+LGTexsXmdm9fdfUjh3bJ8ePHj8wvfvWycnxU70u3/jeNJ5f+svjJ6eP7Js9fHR6fObwY9O7p3bt3Lm157s/Hj1xcGZs4uSpYxOnZqZPThT3ZWy2cXL+va/X5amHmePh9a7NQPjp/HM370zvj5v79pNLXlWxSeuPp9kb4b2g4ve3Xl/H3D8SZlKT/A8AAAB1EHN/eOP/hTPkfwAAAKiMmPtXh5nI/wAAAFAZMfcXyX80ffx7XfL/her/P6n/36D/r/+f6f8n+v/6/5n+v/5/D/r/+v9lXr/+v/4/vfVb/z/k/mxNlvn3fwAAAKiomPvXhpnI/wAAAFAZMfdfEmYi/wMAAEBlxNx/aZhJTfK/z//X/9f/79b/j9vq/2f6//3Q/9/03/r/i+j/6/9n+v/n7GL358u+/j7s/6/R/6ff9Fv/P+b+d4WZ1CT/AwAAQB3E3P/uMBP5HwAAACoj5v7LwkzkfwAAAKiMmPvXhZnUJP/r/+v/6//7/H/9/9L0/33+fwf6//r/mf7/ObvY/fmyr78P+/8+/5++02/9/5j7fy3MpCb5HwAAAOog5v73hJnI/wAAAFAZMfdfHmYi/wMAAEBlxNx/RZhJTfJ/Pfv/r2VZpv+f6f/r/7etU/9f/38l6P/r/3ej/6//X+b16//r/9Nbv/X/Y+5/b5hJTfI/AAAA1EHM/VeGmcj/AAAAUBkx978vzET+BwAAgMqIuf+qMJOa5P969v99/r/+f0H/v3Wd+v/6/ytB/1//vxv9f/3/Mq9f/1//n976rf8fc//7w0xqkv8BAACgDmLuvzrMRP4HAACAyoi5/wNhJvI/AAAAVEbM/evDTGqS//X/9f/1//X/9f/1/1dSufr/g0ueo/9f0P9vdeH6/3MLC9D/L8369f/1/+mt3/r/Mfd/MMykJvkfAAAA6iDm/g+Fmcj/AAAAUBkx918TZiL/AwAAQGXE3D8WZlKT/K//r/+v/6//r/+v/7+SytX/X5r+f0H/v5XP/9f/1//X/6e7fuv/x9y/IcykJvkfAAAA6iDm/o1hJvI/AAAAVEbM/deGmcj/AAAAUBkx928KM6lJ/tf/1//X/9f/1//X/19J+v/6/93o/+v/l3n9+v/6//TWb/3/mPuvCzOpSf4HAACAOoi5//owE/kfAAAAKiPm/hvCTOR/AAAAqIyY+zeHmdQk/+v/6//r/5e4/z+k/5/p//c9/X/9/270//X/y7x+/X/9f3rrt/5/zP03hpnUJP8DAABAHcTcf1OYifwPAAAAlRFz/81hJvI/AAAAVEbM/eNhJjXJ//r/+v/6/yXu//v8/5b16//3J/1//f9u9P/1/8u8fv1//X9667f+f8z9t4SZ1CT/AwAAQB3E3L8lzET+BwAAgMqIuX8izET+BwAAgMqIuX8yzKQm+V//X/9f/1//X/9f/38l6f/r/3ej/6//X+b16//r/9Nbv/X/Y+6fCjOpSf4HAACAOoi5f2uYifwPAAAAlRFz/7YwE/kfAAAAKiPm/u1hJjXJ/yXp/29JBSj9f/1//X/9f/3/UtH/1//vRv9f/7/M69f/1/+n1WCH0/qt/x9z/44wk5rkfwAAAKiDmPt3hpnI/wAAAFAZMfffGmYi/wMAAEBlxNx/W5hJTfJ/Sfr/Pv9f/1//v4n+v/5/mej/6/93o/+v/1/m9ev/6//TW7/1/2Pu3xVmUpP8DwAAAHUQc/+Hw0zkfwAAAKiMmPtvDzOR/wEAAKBUOn0OYRRz/0fCTGqS//X/q97/n1+t/6//r//fff36/ytL/1//vxv9f/3/Mq9f/1//n976rf8fc//uMJOa5H8AAACog5j77wgzkf8BAACgMmLuvzPMRP4HAACAyoi5f0+YSU3yv/5/1fv/Pv9f/1//v9f69f9Xlv6//n83+v/l7P+HH1v0//uo/58fQ/r/9KN+6//H3H9XmElN8j8AAADUQcz9Hw0zkf8BAACgMmLu/1iYifwPAAAAlRFz/8fDTGqS//X/9f/1//X/9f/1/1eS/v+K9f8bL4X6/wX9/3NzsfvzZV9/P/X/ff4//arf+v8x998dZlKT/A8AAAB1EHP/J8JM5H8AAACojJj7fz3MRP4HAACAyoi5/54wk5rkf/1//X/9f/1//X/9/5Wk/+/z/7vR/9f/L/P69f/1/+mt3/r/Mff/RphJTfI/AAAA1EHM/feGmcj/AAAAUBkx938yzET+BwAAgJJZteQ5Mff/ZphJTfJ/+fr/Y6Xs/w+m69f/1//X/9f/1/+/kPT/9f8z/f9zdrH782Vfv/6//j+99Vv/P+b+3wozqUn+BwAAgDqIuf9TYSbyPwAAAFRGzP2/HWYi/wMAAEBlxNx/X5hJTfL/he7/t1++G5//r/+f6f/r/+v/6/+fJ/1//f9M//+cXez+fNnXr/+v/09v/db/j7n/d8JMapL/AQAAoA5i7r8/zET+BwAAgD718FlfIub+T4eZyP8AAABQGTH3fybMpCb5v3yf/6//r/+v/6//r/9fJvr/+v/d6P/r/5d5/fr/+v/01m/9/5j7HwgzqUn+BwAAgDqIuf+zYSbyPwAAAFRGzP2/G2Yi/wMAAEBlxNz/e2EmNcn/+v/6//r/+v/6//r/K0n/f3H/P38N0/8v6P/r/5d5/fr/+v/01m/9/5j7PxdmUpP8DwAAAHUQc//vh5nI/wAAAFAZMff/QZiJ/A8AAACVEXP/g2EmNcn/+v/6//r/+v/6//r/K0n/3+f/d6P/r/9f5vXr/+v/01u/9f9j7v98mElN8j8AAADUQcz9fxhmIv8DAABAZcTcvzfMRP4HAACAyoi5/6Ewk5rkf/1//X/9f/1//X/9/5Wk/6//343+v/5/mdev/6//T2/91v+PuX9fmMme1psBAAAAyivm/i+EmdTk3/8BAACgDmLu3x9mIv8DAABAZcTcfyDMpCb5X/9f/1//X/9f/1//fyXp/+v/d6P/r/9f5vXr/+v/01u/9f9j7p8OM6lJ/gcAAIA6iLn/YJiJ/A8AAACVEXP/oTAT+R8AAAAqI+b+h8NMapL/9f/1//X/a9v/f+V7bevU/9f/Xwn6//r/3ej/6/+Xef36//r/9NZv/f+Y+w+HmdQk/wMAAEAdxNz/xTAT+R8AAAAqI+b+L4WZyP8AAABQGTH3HwkzqUn+1//X/9f/r23/f3mf/79m4Xb1//X/z4X+v/5/N/r/+v9lXr/+v/4/vfVb/z/m/qNhJjXJ/wAAAFAHMfcfCzOR/wEAAKAyYu4/HmYi/wMAAEBlxNx/IsykJvlf///s+v8DS3QD9f87r1//vwL9/yb6//r/50L/X/+/G/1//f8yr1//X/+f3vqt/x9z/x+FmdQk/wMAAEAdxNx/MsxE/gcAAIDKiLl/JsxE/gcAAIDKiLl/NsykJvlf/9/n/+v/6//r/+v/ryT9f/3/bvT/9f/LvH79f/1/euu3/n/M/afCTGqS/wEAAKAO/p+9+8zV66riOPziYHCEmEOmwAgYAmNAYgz0ktBDh9B7C72ZDqH33nvvPRB6lUC5XmsFO77nXNv39d1nr+f5kAU3SNlRzIe/nJ9O7v77xy32PwAAAEwjd/8D4hb7HwAAAKaRu/+BcUuT/a//1//r//X/+n/9/z7p//X/S/T/+v8tv1//r/9n3Wj9f+7+B8UtTfY/AAAAdJC7/8Fxi/0PAAAA08jd/5C4xf4HAACAaeTuf2jc0mT/6//1//p//b/+X/+/T/p//f8S/b/+f8vv1//r/1k3Wv+fu/9hcUuT/Q8AAAAd5O5/eNxi/wMAAMA0cvc/Im6x/wEAAGAaufuvj1ua7H/9v/5f/7/B/v+u+n/9/3bo//X/S/T/+v8tv1//r/9n3Wj9f+7+G+KWJvsfAAAAOsjd/8i4xf4HAACAaeTuf1TcYv8DAADANHL3PzpuabL/9f/6f/3/Bvt/3//X/2+I/l//v0T/r//f8vv1//p/1o3W/+fuf0zc0mT/AwAAQAe5+x8bt9j/AAAAMI3c/Y+LW+x/AAAAmEbu/sfHLU32v/5f/6//1//r//X/+6T/1/8v0f/r/7f8fv2//p91e+//73PjwT1q/5+7/8a4pcn+BwAAgA5y9z8hbrH/AQAAYBq5+58Yt9j/AAAAMI3c/U+KW5rsf/2//v+O/v+/d9H/6//1/3f8XP9/PPT/+v8l+n/9/5bfr//X/7Nu7/3/Su9/4X/P3f/kuKXJ/gcAAIAOcvc/JW6x/wEAAGAaufufGrfY/wAAADCN3P1Pi1ua7H/9v/7f9//1//p//f8+6f+H7f8v/L/e+fT/R6L/1/8f1v/f+wjv1//TwWj9f+7+p8ctTfY/AAAAdJC7/xlxi/0PAAAA08jdf1PcYv8DAADANHL3PzNuabL/9f/6f/2//v/8/v9Uy/7/9p/p//dD/z9s/79M/38k+n/9v+//6/9ZNlr/n7v/WXFLk/0PAAAAHeTuf3bcYv8DAADANHL3Pydusf8BAABgGrn7nxu3NNn/+n/9v/5f/39F3/+/Zo7+3/f/90f/r/9fov/X/2/5/fp//T/rRuv/c/c/L25psv8BAABgeqd2tfufH7fY/wAAADCN3P0viFvsfwAAAJhG7v4Xxi1N9r/+X/+v/9f/X1H/P8n3//X/+6P/1/8vOWr/v9P/19+L/n+c9+v/9f+sG63/z93/orilyf4HAACADnL3vzhusf8BAABgGrn7XxK32P8AAAAwjdz9L41bmux//b/+X/+v/9f/6//3Sf+v/1/i+//6/y2/X/+v/2fdaP1/7v6XxS1N9j8AAAB0kLv/5XGL/Q8AAADTyN3/irjF/gcAAIBp5O5/Zdxy4f4/dTVfdfXo//X/+n/9v/5f/79P+n/9/xL9/8X7/zOH/PX0/2O9X/+v/2fdaP1/7v6b4xa//w8AAADTyN3/qrjF/gcAAIBp5O5/ddxi/wMAAMA0cve/Jm5psv8P6/9vu8e5P6//Pxr9/8Xfr//X/+v/9f/6f/3/Ev2/7/9v+f36f/0/60br/3P3vzZuabL/AQAAoIPc/a+LW+x/AAAAmEbu/tfHLfY/AAAATCN3/xvilib7//i//3+d/l//r/+Pq//X/+v/9f/6/2X6f/3/lt+v/9f/s260/j93/xvjlib7HwAAADrI3f+muMX+BwAAgGnk7n9z3GL/AwAAwDRy978lbmmy/4+///f9f/3/Jfb/p/T/Sf8f/1z1//r/S6D/1//v9P+X7aT7+a2/X/+v/2fdaP1/7v6zB1Ov3/4HAACADs4e/PHM7q1xi/0PAAAA08jd/7a4xf4HAACAaeTuf3vc0mT/6//1/yfe//v+f9H/xz9X/b/+/xLo//X/O/3/ZTvpfn7r79f/6/9ZN1r/n7v/HXFLk/0PAAAAHeTuf2fcYv8DAADANGL3n/uX3+1/AAAAmNK7Dv54ZvfuuKXJ/m/c/193pf3/tf/3n/X/F3+//v9Y+v+zF/7a0//r/7dE/6//X6L/1/9v+f3j9P/xg+v1/4xntP4/d/974pYm+x8AAAA6yN3/3rjF/gcAAIBp5O6/JW6x/wEAAGAaufvfF7c02f+N+/9Jvv9/31vjBfr/eft/3/+Pq//X/1+M/l//v9P/X7aT7ue3/v5x+n/f/2dco/X/ufvfH7c02f8AAADQQe7+D8Qt9j8AAABMI3f/B+MW+x8AAACmkbv/Q3FLk/2v/996/+/7//p//b/+f2z6f/3/Ev2//n/L79f/6/9ZN1r/n7v/w3FLk/0PAAAAHeTu/0jcYv8DAADANHL3fzRusf8BAABgGrn7Pxa3NNn/+n/9/776/9v/Ivr/Jv3/Dfr/nf7/UPp//f8S/b/+f8vv1//r/1k3Wv+fu//jcUuT/Q8AAAAd5O7/RNxi/wMAAMA0cvd/Mm6x/wEAAGAaufs/FTfc654n96TjdfqQn0dvrv/X//v+v/7f9//1//uk/9f/L9H/6/+3/H79v/6fdaP1/7n7Px23+P1/AAAAmEbu/s/ELfY/AAAATCN3/2fjFvsfAAAAppG7/3NxS5P9r//X/+v/N9v/X6v/P//9+v8x6f/1/0v0//r/Lb9f/6//Z91o/X/u/s/HLU32PwAAAHSQu/8LcYv9DwAAANPI3f/FuMX+BwAAgGnk7v9S3NJk/+v/9f/6/832/77/f8H79f9j0v/r/5fo//X/W36//l//z7rR+v/c/V+OW5rsfwAAAOggd/9X4hb7HwAAAKaRu/+rcYv9DwAAANPI3f+1uKXJ/tf/6//1//p//b/+f5/0//r/Jfp//f+W36//1/+zbrT+P3f/1+OWJvsfAAAAOsjd/424xf4HAACAaeTu/2bcYv8DAADANHL3fytuabL/Z+7/l/5n+v9z9P/6/53+X/+/Z/p//f8S/b/+f8vv1//r/1k3Wv+fu//bcUuT/Q8AAAAd5O7/Ttxi/wMAAMA0cvd/N26x/wEAAGAaufu/F7c02f8z9/9L9P/n6P/1/zv9v/5/z/T/+v8l+n/9/5bfr//X/7PuhPr/07tD+v/c/d+PW5rsfwAAAOggd/8P4hb7HwAAAKaRu/+HcYv9DwAAANPI3f+juGWe/X+/Wxb+pP7/2Pv/g19E+n/9/07/r//X/x/Q/+v/l+j/9f9bfr/+X//PutG+/5+7/8dxyzz7HwAAANrL3f+TuMX+BwAAgGnk7v9p3GL/AwAAwDRy9/8sbmmy//X/vv+v/2/V/1+z0//r/68y/b/+f4n+X/+/5ffr//X/rBut/8/d//O4pcn+BwAAgA5y9/8ibrH/AQAAYBq5+38Zt9j/AAAAMI3c/b+KW5rsf/2//l//36r/9/1//f9Vp//X/y/R/+v/t/z+7P/z153+X//PnY3W/+fu/3Xc0mT/AwAAQAe5+38Tt9j/AAAAMI3c/b+NW+x/AAAAmEbu/t/FLU32v/5f/6//1//r//X/+6T/1/8v0f/r/7f8ft//1/+zbrT+P3f/rXFLk/0PAAAAHeTu/33cYv8DAADANHL3/yFusf8BAABgGrn7b4tbmux//b/+f8r+/+76f/2//n8U+n/9/xL9v/5/y+/X/+v/WTda/5+7/49xS5P9DwAAAB3k7v9T3GL/AwAAwDRy9/85brH/AQAAYBq5+/8StzTZ//p//f+l9/+n6+972P7f9//1//r/Yczb/99N/6//v+L+/6abz/1Y/7/N9+v/9f+sG63/z93/17ilyf4HAACADnL3/y1usf8BAABgGrn7/x632P8AAAAwjdz9/4hbmux//b/+f8rv/+v/9f/6/2HM2//7/r/+3/f/9f/6f/0/a0br/3P3/zNuabL/AQAAoIPc/f+KW+x/AAAAmEbu/n/HLfY/AAAATCN3/3/ilib7X/+v/9f/6//1//r/fdL/6/+X6P/1/1t+v/5f/8+60fr/3P3/CwAA//8gszKL") mkdir(&(0x7f0000000a00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x94) r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x80044940, &(0x7f0000001980)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a4243c, &(0x7f0000001b80)=ANY=[@ANYRES16=r4, @ANYRES64=r3, @ANYBLOB="12a4095a2aac12f0bfcb206d982e44066381388d27f14002d8d7431d3947f6399c7ff9f5193fc0398653e5a67bbb319f02bf4ac6f6ccd5acbfe1350cc3a6d2d48cf6c089ddf67171ffb3b15988e7b394c5daf3e12ca05e4dbdad7edd45f10cbc296a53a530d4c2d203ee650d5fff3a9b5aae78794fe84327e508172cdd72eeff5af4d6db9379bef20dde8e64b91d31a84ce8a7598bb78cc85108874811fc650f0520a5", @ANYRES32=0x0, @ANYRESDEC=r1, @ANYRESHEX=r2, @ANYRES8=r3, @ANYBLOB="9a7f40ad4c7145903a868b9020e1e8899ed5747db23004fc9d248900abcaa6b065cf0800930a71dcd8b8955d93c78b9d4e5e06d8d5c9ac9b75d177754d6eba23e6d2be546c0dfecdf61baf732950a5729c01fbdc11e36cb411be200a9135657acd97d21ee46aac313ebdddd9265af16558dd3e5ba4836659a6abfe08aad84276acf949bdaa34bdf7f7b2dfb2fe8b9d6d225dcecebeb6e15f649994728842bd99fc94897d24315ac2d17bf6c2acfbfa8464d80f36304f88b906b78ab359be3479db5b0e7555f04416807c2202d6551f2425440be741dbe053e0bfeb845623e722a9293843f1cf0a71119dcadf7e353af4da52aed3086d6e5a095774248be9a1b1418dec1c03a2cb0ece0840ebeaaf7b67867da45943b700e2d6dad775ae6f33e55aa86ca84c336c91e3b7d7224f7a9a10d5b45a6ce0769d875415bea136b5508e5e0a88290792da3b11b2284a3d757c301cec78b55d3fcfa073615ccb089f66c5b9a5c84f6c1bb78c3370c4687eab260711fa05525687c7709e15cddea061f70798cbf940ad929eb80f33ad8bb4fcd322dd0558f111d7d01351147976b425a27e573402490055054cf3d80bebde6a89f3086170633740f08780aac3a73f17eaeda8deb642c2887962596b4d78c0ffffb28d0e64073b0641f89cf83a69afaaea03ba6070838fdbdaccb81630a6fdaa77fc10146013b9fd79e965a320daf81c1a51f032a3f462f2740e579eb116cad80b4e233326bf94fea52184517accf608b1fbfb395942869841b9ca0f314beff6b2dc0a74d7599012274b24775f0382e72907c1f0c571b994f048c0266feb775d893fec84e5733cd66a96cd45b60f63743b17b05d99c427a2d00a27fef17cadf128059a2e227b80701755b0bc706f32255c8cd619fa995cc7649f28337361a62cff46669fa4cf095a2d148987a9fafa6e1fb9f59b5ac5ff10a4c62e0187a3c75a983f7f5211142c6c09170a13e29c2044e5568bda8055cee4722e445e83ea01307c42cbe63a5bc529e1200e5874f7500275abacd6cc0e3bf8fd38ab7bab39f54d180d60892e2e3a713a3e654c89b8e9ba4474909991844514c04b655c66ccd6f2a17e29ff69d343ebac7ac5e1510ad4ff52e6a932a97bb0d814259da6545022152dd63f06219a1d66ec2278b694876ed6195b0543b8c9289b8438e8ee57dd38bcdb045a6fc4cede28effaa0354afbd4190fcbccd9a0e91508e4399e0e30a0bfdedcc19454b6dd7c2785a6e4fe74a0ece1d683ad07d76eafec02fb0d88debfeacd3531413185da0ffa4fb9b5e6d5a916f7bb5d51efc8ab61e4953fc6b2d1e670769f3ca56d51b804ceb118278acc90422e1f51e448a27d2fe4f93c88cf7c6148474bf650902dd6dd96541044113d244cf938150ec426e7ed63e1f153bbe328f4232552b104c8dee60b0c4e4c25f2605e97cc6f4263d32e8340be2d167137682373ae4cd501fdc9c5359b40f52803a5e4c0e04a5de0412c5cbd4d05e6135a1209d4b2dff50d39e481f1d1b01ed71004fb0c18e736af8ab176f833a439a85c9132e6d2296f665771c6a284eadc08c94ffa520dcc37fd6426c152364699514b15d4df6732fff39834e8ba29688b19db27a970d9d7fbee973c76bee04fb6164963969ebde0f785606781d63726736d8b60a713d5f72207a23f6f00420fdf24d14c069f36a7e236620481cc7a63857cc1355bac8d4f9a3f32785ad4d9d81719077a816b33b98006c322ee473aa9f8f83fae86a4d421104b298a9e42357c44b773e3504b3f9eb5b29330411b776b78fdb6dd9713dd1aee0cc9c7ee8bd23a50d4c8babaf6d74bc25377009a8c57c941f80e58ac08c93a275656cbad3864df9e791305d66103ab30983b07553ede5b5d5b0aab157f805eb6c11c75dd7f297c2cc9110551131a797164dec422b13799f1c261464c765a62c201eb9c8686eee94642d59f429cd137cba0d1a8126dcdfc28ea5c201526c61164a86f480dfde0c60fdf6afd3cd64719de1d89b5a362e058054a9db73aaffac324b04e8903060e1f14ca4ac31c82183066e6d581685efbe3452a20a665166b03808220770d66051971b61d8114376e22a4511cae9fdf7bbed68bb9f45b57eee1c15775730ef1434731d7b82a7cbcd6155396263984edfcea62196189da0ba9908d7d5ef514d75a3e1d4ae42654365083873fc4ce969fa4fac51d640be8d948bb9464d1a7e494c8df98bd5a569ff7fe1aca542c34610148a8f1dc9d60ff0f761270577f286a362f32164184ffce3ad132637e9f0381e9ce76a11f296f9d1e835cdc44926104e1df4d0a282a84b9fbc23064bfcab0d221c6e3124ae8ba6022e62f170dcc2d655f73b40f83fd65f5c705bc1f9e8df13adeadff9e1fe4660a55be7dc969cfffaed607190162dcd09d0cd86a297b22142b88f0eb28dd1a45152a4f4f2dca0d96d39fa594349040f486cd486af619b7083236cf90324cddc6f1ed0f6a103c8d936d7f2f31d420ef50931838e66721bff7494617b6b4bc385f3e51b3f81cf5d6953ac7fddc0f3466682911b38bc7f082e0c18e3ae0badf7f3fd3e186ebc2bab71fa26f77bb14cd97e6761c93c8c25887c0ef1f3dc1d8d86ce0fb73190f66f4deca77977e8d6064bfeeac3fad2bc50488c144e2a1a82fcc1e1c12ac54bf3e2d468e8f53241e4a6ad9e466746a45b053452ded5caa20461881d78d8235e986ba8b77e83601655d2650bf1b64ce17c75314216b43bbd1101a2e12e57525bb7d3b136a70635bdac8af24367a24ce2fe2a72ef2b0e56ff8dc62a82946f86f9b6b1418a89b1971372dfe7d5ce2e6611befff721f04a19bce7f90b1551a4cdead136662c50513fdde6f9d4a199c3907ed8799f231f54dd8347c71d829ff8ddc5d96b5aac2fe58652c81ff7f54e2568119dff2763ef435aa420630dacc7e9414340ee8688f46c7a8ab96d860937641042b3cdf6857ff1d2d4e47cec1f23e65fe541f38cb96b132666f999002e89cd1896ca58c2e63b87382e1a6c1ee9afa56cf3ba923fa9c989e20bff313f37252632fdcff03fbdd2d334ee93baf75c1bdae30feaa81fb2ac1b63c42dda06f20ce8c9d003eb3efed7931def342fb874fce92763f6f477c7f589b75d2129419fc4cb7a8893a1d3f94533ed9fdf9f21fc254fd80aa74750833d390327a2107e761240928d35a36c5eaca61fd848116b8dd7ec8157928bc2dd87f7756aa517cf6a61d2009fd4ba0579ca3b3129cfd5403546f5ab6d0575799a008fc67da9658427636d8f806d9b8cad64aee438d0a9b45957f31a5afe3ed894add9acadfd347246099c6ff0b4ec6f19ac61557daf8739e528185ab1468ca72d6d72e4f026e371e540b774b6576df3014dcc9e91b2cd1f0403a4fcaa6627b22682bb54f92150c2917acaee1972b2b03bc2bd37fdb9e7352c654d94ef196b7229e4da5ee62b7d395ecdd5177f2563242ea49ff78151a4a816a94e89b03f41c7e6684f8be3e5802e9338e7cbd3b43f708c062f944a59f31b02ca9a177e6b681accee8785d2467d2d78636be4330febaa3f6907db07992a2de74e459f3ae8ee6adae20cbc75aabd2d5d3424de0ddcc3ddd981c3a4966c57f8fdb1c42db87395f0bc800ff8ddb4c228a7d793d8a997885494a8578f5433d3f82886ea573641bf16065efbc25718c88f7277ce04c94af560d8deb7968496f849d3fad78741272b08bf7aec3f3c777428d3b8b897333ae5afb6823af63cb7347601ee2e8d4e21b21a12e6d42f66a1aac26d296bc68a998d8ba179ed5f756c2efd8a7acc0e3f08093bb4a83d37f15b4fe07c90858058ad1ff0e21bb7bf4363079c5d452dba5972b21c8f41daf6f11a51d321d3c1d544190238036d907d965ff469ce4895eb7675f3e94a15f83b837b892a40390d87d76e9b15eda02366299d3dd93943466bceeb2f9e465adccc08e1a02c3ac01815931627ed327e0ffbe09563221a365b88c4f2449bd3634920d5bfbde7cdc92c4cb16a579f35f07dafc87ce6ce4de7bf9e8ff0e80b81cdab8f2164a25a0a6929679ce9ae0dc2ac7ed41a787446676f091597551dc2e8c054224bac6652bba5fb675c0b2c94d2faac160f11b7b96fc96415aca8a47fa03658b8afa24b6bd97f7dbeead9ae5f7ec1cb0d000055f41a5043c6c4c97212398b168b5cb9ee650726eabcc31b6712e815fdaae77885350884fb36d6d5444d5e5500a7d636d4eced14b9d411c765b36a4be06ca9be2965d6d6c06c3b6bcb38babeb2999ee71295d48926bf6e39363fabf74de5e57aa0b59f9dddeca142d0c50ab7ff198196c69c971e6ab591220f4e42d6525e2dbd99b6c57949c854e4ee0e4581f9e3e160b3f66b01f23f4d0472c0a1f307837ac8dac0a257d09ab82975148dcd764fe6359a5f21b9cbe2ae7b9b277489a8b3285b8289a84ff854508b4488ffcf68f47ec7a5c18a8c3d06e26b32f754ac74ea8e93a554147fd3b3daf1fbe924e2e389cac13a5f80f3a21dbd250d3917f7b5acfc739a63f2b3d6b3f099efb4be7a842215c89fc87bd8550d11ba2a4af0f111ab124503b26feeae3be3ee24168dd4553a226b9168edb11c3e61bc850adf995b4d6f1aace6db0b91f805c3d1789a3e6b470e5470968f429d5b05c8f76ca2981e37f5bde4ad00a09755c76774ead7d93f3f41255b1d56152e3699b133b2e0b277427c992323d1b4d8c438434e9e901ddd43788f80cb9a975e9dd1671ce16be5ff8033d5da824f00fd78b540edbcd69a2e9aff03e31af9afefb809434f52b4a1239fdd241ed3a268258addde19d1724155a1a4c877bd59b0659b7a786886f6ffcb5999d1f9c007d615020926f7165a9ddd4aaa3c7b631d30cc951e328131d99282ac06a18f88373092320ea5308f06c376e711aecda4cd1c2b639d9ea7a2613d4e9eaa9a0ef72774fdec622f7d131b45135d577897bf686b460a371083070139ea544bda15012251d6c8e7163c25412841faefba76765648ca7cd1b423403a654b6b5754588ae6c309621477db20f7c9236af1e422ebd3fb6d6a712e7a6d00d58416b7d65a53a2514bf51bedfe9207f16a4d79418600389b98ea8b9e06b8da708a86f191e567925af39a09ac9fd7902e8f8e77567baf1b75c05ba1eb7089b424801405afc982a8d79c80fada184a1ab3bab526a3b0a5e20d2dc6bcdd2c5cb7c49f735f3e8f4d36a388ca805876ae08f0e3acca5dd864c1fa1552068bf799095221480374fd2dcaeddb74be93470eff4fe278e190f0a131f32340ada9cca518af769f42943875f4c5707beee2179771da21cd66405b9973648bd047a516d1cf902fa1f0fcdcbc3f4c1f20fc22f9a7e9f4c3a52576399604c46f83ede44f542d06d54e6e8a1e693a2cfcbb16c178d1bace976133e72cc4533bd02b1c4ec2cc22097435aff5a682ca7227414895450831560fa682493f4814ce8fbdb190f8ce2b533ed9582638511bda93aeae5d0690f745b788db622864ba3fb60952f119427fbe66754c5c038c5fb2cb87c326d65862e353c14950bd1fa7c70e36323e9cf90c81f6275e59c7926acac1560a0b6bbc7a850817f2effa19d485315a219d49e293f871278294d02765cf72caa2f438de3337ed205bf68ff6ddaaa5e4b80de5fba022dfcf9cf074a319678df11eb77b3ef66e512b67ba5182265a60eaf457691e973d23cbaf6000537f886695074ebb616f9cdad9de7c6fe9ecfbd13d537d64c34a7c90ca56b50e60d6a7067e391e63561793edf6ed3c2eeb8555909a59ce73da1f096d41fb42de44494128324a9", @ANYRES8, @ANYRESOCT], 0x0, 0x0, &(0x7f0000000000)) r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) lseek(r5, 0x8001, 0x0) getdents(r5, 0x0, 0x58) [ 58.362662][ T4667] Bluetooth: hci0: command tx timeout [ 58.502489][ T5317] loop0: detected capacity change from 0 to 32768 [ 58.551300][ T5317] ================================================================== [ 58.554167][ T5317] BUG: KASAN: slab-use-after-free in jfs_readdir+0x14a0/0x3da0 [ 58.557023][ T5317] Read of size 8 at addr ffff8880341996f8 by task syz.0.0/5317 [ 58.559730][ T5317] [ 58.560717][ T5317] CPU: 0 UID: 0 PID: 5317 Comm: syz.0.0 Not tainted 6.14.0-syzkaller-05877-g1a9239bb4253 #0 PREEMPT(full) [ 58.560729][ T5317] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 58.560735][ T5317] Call Trace: [ 58.560739][ T5317] [ 58.560744][ T5317] dump_stack_lvl+0x241/0x360 [ 58.560757][ T5317] ? __pfx_dump_stack_lvl+0x10/0x10 [ 58.560766][ T5317] ? __virt_addr_valid+0x183/0x530 [ 58.560776][ T5317] ? rcu_is_watching+0x15/0xb0 [ 58.560783][ T5317] ? __virt_addr_valid+0x183/0x530 [ 58.560791][ T5317] ? lock_release+0x4e/0x3e0 [ 58.560806][ T5317] ? __virt_addr_valid+0x183/0x530 [ 58.560817][ T5317] ? __virt_addr_valid+0x183/0x530 [ 58.560829][ T5317] print_report+0x16e/0x5b0 [ 58.560843][ T5317] ? __virt_addr_valid+0x183/0x530 [ 58.560854][ T5317] ? __virt_addr_valid+0x183/0x530 [ 58.560866][ T5317] ? __virt_addr_valid+0x45f/0x530 [ 58.560878][ T5317] ? __phys_addr+0xba/0x170 [ 58.560890][ T5317] ? jfs_readdir+0x14a0/0x3da0 [ 58.560899][ T5317] kasan_report+0x143/0x180 [ 58.560910][ T5317] ? jfs_readdir+0x14a0/0x3da0 [ 58.560921][ T5317] jfs_readdir+0x14a0/0x3da0 [ 58.560936][ T5317] ? __pfx_jfs_readdir+0x10/0x10 [ 58.560945][ T5317] ? __lock_acquire+0xad5/0xd80 [ 58.560962][ T5317] ? down_write+0x18d/0x220 [ 58.561010][ T5317] ? __pfx_down_write+0x10/0x10 [ 58.561024][ T5317] ? wrap_directory_iterator+0x52/0xd0 [ 58.561039][ T5317] ? __pfx_jfs_readdir+0x10/0x10 [ 58.561049][ T5317] wrap_directory_iterator+0x91/0xd0 [ 58.561063][ T5317] iterate_dir+0x5a9/0x760 [ 58.561075][ T5317] __se_sys_getdents+0x1ff/0x4e0 [ 58.561084][ T5317] ? __pfx___se_sys_getdents+0x10/0x10 [ 58.561092][ T5317] ? __pfx_filldir+0x10/0x10 [ 58.561102][ T5317] ? do_syscall_64+0xb6/0x230 [ 58.561110][ T5317] do_syscall_64+0xf3/0x230 [ 58.561117][ T5317] ? clear_bhb_loop+0x45/0xa0 [ 58.561124][ T5317] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 58.561131][ T5317] RIP: 0033:0x7fbd2e58d169 [ 58.561140][ T5317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 58.561146][ T5317] RSP: 002b:00007fbd2f31f038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e [ 58.561156][ T5317] RAX: ffffffffffffffda RBX: 00007fbd2e7a5fa0 RCX: 00007fbd2e58d169 [ 58.561161][ T5317] RDX: 0000000000000058 RSI: 0000000000000000 RDI: 0000000000000006 [ 58.561165][ T5317] RBP: 00007fbd2e60e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 58.561169][ T5317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 58.561173][ T5317] R13: 0000000000000000 R14: 00007fbd2e7a5fa0 R15: 00007ffe6da02138 [ 58.561179][ T5317] [ 58.561182][ T5317] [ 58.666504][ T5317] Allocated by task 5317: [ 58.668261][ T5317] kasan_save_track+0x3f/0x80 [ 58.670144][ T5317] __kasan_slab_alloc+0x66/0x80 [ 58.672067][ T5317] kmem_cache_alloc_noprof+0x1e1/0x390 [ 58.674071][ T5317] mempool_alloc_noprof+0x199/0x5a0 [ 58.676110][ T5317] __get_metapage+0x5f4/0xdc0 [ 58.677937][ T5317] dtSplitRoot+0x2b3/0x1900 [ 58.679615][ T5317] dtInsert+0x1424/0x6f00 [ 58.681198][ T5317] jfs_mkdir+0x805/0xbb0 [ 58.682875][ T5317] vfs_mkdir+0x2f9/0x500 [ 58.684942][ T5317] do_mkdirat+0x273/0x3f0 [ 58.686741][ T5317] __x64_sys_mkdir+0x6c/0x80 [ 58.688635][ T5317] do_syscall_64+0xf3/0x230 [ 58.690431][ T5317] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 58.692743][ T5317] [ 58.693708][ T5317] Freed by task 5317: [ 58.695322][ T5317] kasan_save_track+0x3f/0x80 [ 58.697283][ T5317] kasan_save_free_info+0x40/0x50 [ 58.699281][ T5317] __kasan_slab_free+0x59/0x70 [ 58.701062][ T5317] kmem_cache_free+0x197/0x410 [ 58.703005][ T5317] release_metapage+0x831/0xa90 [ 58.704908][ T5317] jfs_readdir+0x1170/0x3da0 [ 58.706733][ T5317] wrap_directory_iterator+0x91/0xd0 [ 58.708517][ T5317] iterate_dir+0x5a9/0x760 [ 58.710199][ T5317] __se_sys_getdents+0x1ff/0x4e0 [ 58.712113][ T5317] do_syscall_64+0xf3/0x230 [ 58.713810][ T5317] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 58.715937][ T5317] [ 58.716760][ T5317] The buggy address belongs to the object at ffff8880341996c8 [ 58.716760][ T5317] which belongs to the cache jfs_mp of size 184 [ 58.721567][ T5317] The buggy address is located 48 bytes inside of [ 58.721567][ T5317] freed 184-byte region [ffff8880341996c8, ffff888034199780) [ 58.727903][ T5317] [ 58.728962][ T5317] The buggy address belongs to the physical page: [ 58.731733][ T5317] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x34199 [ 58.735190][ T5317] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 58.737959][ T5317] page_type: f5(slab) [ 58.739606][ T5317] raw: 04fff00000000000 ffff8880335a1a00 dead000000000122 0000000000000000 [ 58.743145][ T5317] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 58.746511][ T5317] page dumped because: kasan: bad access detected [ 58.749021][ T5317] page_owner tracks the page as allocated [ 58.751207][ T5317] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xd2800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5317, tgid 5316 (syz.0.0), ts 58537011623, free_ts 56681715386 [ 58.757489][ T5317] post_alloc_hook+0x1f4/0x240 [ 58.759202][ T5317] get_page_from_freelist+0x3695/0x37e0 [ 58.761114][ T5317] __alloc_frozen_pages_noprof+0x2c5/0x7b0 [ 58.763072][ T5317] alloc_pages_mpol+0x339/0x690 [ 58.765045][ T5317] allocate_slab+0x8f/0x3a0 [ 58.767278][ T5317] ___slab_alloc+0xc3b/0x1500 [ 58.769472][ T5317] __slab_alloc+0x58/0xa0 [ 58.771409][ T5317] kmem_cache_alloc_noprof+0x270/0x390 [ 58.773750][ T5317] mempool_alloc_noprof+0x199/0x5a0 [ 58.776084][ T5317] __get_metapage+0x5f4/0xdc0 [ 58.778146][ T5317] diWriteSpecial+0x1a5/0x440 [ 58.780018][ T5317] diSync+0x4d2/0x700 [ 58.781484][ T5317] diAllocAG+0x1abc/0x2100 [ 58.783155][ T5317] diAlloc+0x1db/0x1680 [ 58.784995][ T5317] ialloc+0x8f/0x8c0 [ 58.786985][ T5317] jfs_mkdir+0x1c7/0xbb0 [ 58.788985][ T5317] page last free pid 15 tgid 15 stack trace: [ 58.791416][ T5317] free_frozen_pages+0xe16/0x10f0 [ 58.793384][ T5317] __tlb_remove_table+0x36b/0x460 [ 58.795473][ T5317] tlb_remove_table_rcu+0x79/0xf0 [ 58.797529][ T5317] rcu_core+0xaac/0x17a0 [ 58.799500][ T5317] handle_softirqs+0x2d6/0x9b0 [ 58.801433][ T5317] run_ksoftirqd+0xcf/0x130 [ 58.803424][ T5317] smpboot_thread_fn+0x544/0xa30 [ 58.805539][ T5317] kthread+0x7a9/0x920 [ 58.807233][ T5317] ret_from_fork+0x4b/0x80 [ 58.809138][ T5317] ret_from_fork_asm+0x1a/0x30 [ 58.811059][ T5317] [ 58.812037][ T5317] Memory state around the buggy address: [ 58.814198][ T5317] ffff888034199580: 00 00 fc fc fc fc fc fc fc fc 00 00 00 00 00 00 [ 58.817327][ T5317] ffff888034199600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 58.820510][ T5317] >ffff888034199680: 00 fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 58.823746][ T5317] ^ [ 58.826847][ T5317] ffff888034199700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 58.830033][ T5317] ffff888034199780: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 58.833126][ T5317] ================================================================== [ 58.851189][ T5317] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 58.854055][ T5317] CPU: 0 UID: 0 PID: 5317 Comm: syz.0.0 Not tainted 6.14.0-syzkaller-05877-g1a9239bb4253 #0 PREEMPT(full) [ 58.858488][ T5317] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 58.862795][ T5317] Call Trace: [ 58.864211][ T5317] [ 58.865341][ T5317] dump_stack_lvl+0x241/0x360 [ 58.867219][ T5317] ? __pfx_dump_stack_lvl+0x10/0x10 [ 58.869444][ T5317] ? __pfx__printk+0x10/0x10 [ 58.871363][ T5317] ? vscnprintf+0x5d/0x90 [ 58.873072][ T5317] panic+0x349/0x880 [ 58.874616][ T5317] ? check_panic_on_warn+0x21/0xb0 [ 58.876644][ T5317] ? __pfx_panic+0x10/0x10 [ 58.878261][ T5317] ? _raw_spin_unlock_irqrestore+0x134/0x140 [ 58.880388][ T5317] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 58.882739][ T5317] ? print_report+0x519/0x5b0 [ 58.884458][ T5317] check_panic_on_warn+0x86/0xb0 [ 58.886236][ T5317] ? jfs_readdir+0x14a0/0x3da0 [ 58.887872][ T5317] end_report+0x77/0x160 [ 58.889427][ T5317] kasan_report+0x154/0x180 [ 58.891239][ T5317] ? jfs_readdir+0x14a0/0x3da0 [ 58.893208][ T5317] jfs_readdir+0x14a0/0x3da0 [ 58.895480][ T5317] ? __pfx_jfs_readdir+0x10/0x10 [ 58.897497][ T5317] ? __lock_acquire+0xad5/0xd80 [ 58.899264][ T5317] ? down_write+0x18d/0x220 [ 58.901158][ T5317] ? __pfx_down_write+0x10/0x10 [ 58.902932][ T5317] ? wrap_directory_iterator+0x52/0xd0 [ 58.905179][ T5317] ? __pfx_jfs_readdir+0x10/0x10 [ 58.907406][ T5317] wrap_directory_iterator+0x91/0xd0 [ 58.909761][ T5317] iterate_dir+0x5a9/0x760 [ 58.911631][ T5317] __se_sys_getdents+0x1ff/0x4e0 [ 58.913440][ T5317] ? __pfx___se_sys_getdents+0x10/0x10 [ 58.915467][ T5317] ? __pfx_filldir+0x10/0x10 [ 58.917291][ T5317] ? do_syscall_64+0xb6/0x230 [ 58.919302][ T5317] do_syscall_64+0xf3/0x230 [ 58.921238][ T5317] ? clear_bhb_loop+0x45/0xa0 [ 58.923047][ T5317] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 58.925263][ T5317] RIP: 0033:0x7fbd2e58d169 [ 58.926872][ T5317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 58.933568][ T5317] RSP: 002b:00007fbd2f31f038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e [ 58.936552][ T5317] RAX: ffffffffffffffda RBX: 00007fbd2e7a5fa0 RCX: 00007fbd2e58d169 [ 58.939477][ T5317] RDX: 0000000000000058 RSI: 0000000000000000 RDI: 0000000000000006 [ 58.942611][ T5317] RBP: 00007fbd2e60e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 58.945818][ T5317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 58.948915][ T5317] R13: 0000000000000000 R14: 00007fbd2e7a5fa0 R15: 00007ffe6da02138 [ 58.952491][ T5317] [ 58.954043][ T5317] Kernel Offset: disabled [ 58.955890][ T5317] Rebooting in 86400 seconds..