program: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000240)={0x2, 0x4e20, @multicast1}, 0x10) r1 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "5d9bc136c963254c661fb620148b6f72ca6ae2a44829bfa79ec13499f8ec9077d85d879711d98bb1687ad36dfe5f14a7b0ce15c1e6be0e7ecabfdfde0dfa00b1"}, 0x48, 0xffffffffffffffff) pipe2$watch_queue(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) keyctl$KEYCTL_WATCH_KEY(0x20, r1, r2, 0x0) pipe2$watch_queue(&(0x7f0000000140)={0xffffffffffffffff}, 0x80) keyctl$KEYCTL_WATCH_KEY(0x20, r1, r3, 0x0) keyctl$KEYCTL_WATCH_KEY(0x20, r1, r3, 0xfffffffdffffffff) connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20, @local}, 0x10) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001a00)=ANY=[@ANYBLOB="18000000030000000000000026d0000095002b000000000093adff012255f674412d02000000880b5f04596a5e99fce658be2f200c699223886d8be4b50000005ab527ee3697f98125f30e6326996a3cfee33025a30b45bdcf2c69d105e5e55a1d273683623f1a5dc6e3c7e20eb7a98ecf3bd2cf898e924abe26ac296f660e69ba982fd76e00dcff7f0000ca6b78ad833488cfe4109eaf009eddcf21f5c63cde2f00150200000001000000520a0000151d010000000100bf00000000cc587424363da52001a3cdf2000000db74596fd72c002a60c1bc7dc8c38b7d2e13c50424b9dd1145d03ff45f70685c6bd9ff41c69b7de406e89dcbb7677e65a88a8407a9e7f9c0e91028b0856eb1ed9474480737a55ebb0bd701f7fb21135c6172eba7eb8a341f07e5a2d1e88b3cfc22df01e4bac9d97328fa2a82b5e8741e02056d93a433f50479387467824262852c7939db5672d07cdbe8e14abf56497e5d56dbe37551b870b2851c3f0a1a9ebfcba105a6ccdd01b0f04edb256c0200000073f6db43661bd7f0e2536ffbfe5ca31b4083145531458b7d1e341c6b351ebc5223f54d6bec93f4ef088e5d1be2515226988d664709ff03f1aa3dc7f1580ace9bf2afd28d0700000000000000d6eb372713255012e028cb2654d493a0b43bf21375709f348f5eda2967199cc936859a538100070000000000dc10e13ef227f627a40000ad1fa253d33fa74f172d3407ae4e1e347c0c6ef9dd2b6bb700000000000000000c586272c3f4d79bc36315745cb149f3cb385e6add14652003c7cdd3324f07d134d3a6c718bbd1aafe1140cff0be4c6f8df084c5e9734ae30aa9af030025f01ab03a9b1074407136bc506031f0916a39d3057d55183612b39e73ae8e6dc30356886a831836469e2051d937eb85f3f2d5ae2c1dca476b97419a3b76ed62409d004d7fbe362145d19605d760df4c5124ca325d374b371867a79b35c6617fc3327191fbf514573f0e30d1d60be2168fffc2f3dccd599a2cb77f124e22f87673675805494db821f39b50d938d5fd8c6b2a3a324c257bc9110971b749ccd74089ed6b86f81ca3ba47d8f71d290ed1b1a11f7a67125170c88c3b6a50692cc0064fc6bbd312536ac15016c85c6332226401b110da9c786eeca22debc99335587b54c13c3107008fa069af8223b38ced735c2d906551004d8dc10d88738488da01ffa4add56474573c964a270000f2f16625c0c10200000000c7a5ca60fdad159f2e44171f39638410020000004825d081f2d987f05c534187738655d7dc958f2046fa0c1619a6554b82d9c162eb61ca74f1ffdaccf0ea5f06e0fca8b27ff3983ab74fd3d560700a1fab44e77e312b3b129e000302d613916c9bcf9f0000fac73a5b6bfb27f88dba816020be760f7b45e001efada8000000000000fdaf4660402f7b3b79a433e08074ea2462974a00040000eb01352638f56dae0249d15ba8767259658878b7492cfbacde9b57cf4de00788adce638190f3570e0b4c80ef682df22201270955afb6008846557ee3bc09fda6dbb6550d597300eb82a184c96ffde5a30e5433e866665b98ca2002c804c22ff2634b7bfbf5c0d586cda5b45fd00dede1e88a4d41dee7cc76d7a23d06acb1d2d4c58faea84158bb440df2a694f4cdcaa4f65c22efffffffffffdd00000000d503d79986958115ae07b70f991430b7fb475d77b869ee02000000000000000000001ffff0ef89b2a68d2b05c995445d8a7700bcdfbec74fb2dd163e863315e84498dfb52bb93f6c9084659ce777ddac563c8596c2b1d8180289a61faa95a82bf1cfb7f2fd7252e9322abe282c33445d443a67467893b9bf0d1c8130ae6b226900000635376413c29f7c6f7b7e29b9a0c64e68328661f0c06e21f7d7dc22174ea4447a6f60edef3a4168d40200fbc71104512efe8e5d7d934aa289b4bd2b870000000000000000000007000000002000000000009b777883a02f0593dfc4cb4114b9f9cf4ad155110cc6ace2b322ac31bfa27847c799c8009a1ea5b98e525e6383ad7fd9795170e7b11e247603c2ff49a11459c7f606d729d3979676bffb3049166bb84a0f061991bd57c2566c10c282352aba05b6164ef876915a3f2491e4793e590dcc71de10da96366c1e992c0068c940dd4422c9882d3aa0f8a797b8fea6efcfb5276b7679f15559edaa977504cc0b2f777acb907ebf5fc14add71d0bca37405ded69b77ab4a3d7487fd04000000de17e1e13b93669b79556abb722d9c085b189b5fd1f30e8dc813f608830b110001732135e8e7262f290000923bfb6b41ff3792cee2fc37eee739c3e36a4bc80112968ec0d8902eced1fe552018014a463abbbf7ccd6a92a5734e3ebfca9b6e88e031f31de2183652e77c164c646a1cfd3710aa4205d8d4d4f974133ccb1e49feb42664eccd809c0ba8917eda87489e8946d5c8156197bcb66fd5606c63e3389ee9e8552381646365066ef9a36a449c96485c22ad1aa423b7b89efbc6cd54000bb0ea5f4f1e8773144fb6ac9a44d43593d77e66aa7ed7f3d4e7b211590c738888d02b2dbb0b2ba73ec72e1d8d7360a128499dd19e1e7b9b0671f4f58515b45ecb9964f3c4ddb8234391d514f8d996d8d6dd7f8fadfee2d7a0035638ce27c2936cb04b30a0eb0cde0000000000000040000000ec3c12ecee8fc3a40000000000000000e215b00ce2570b930723cbadb4033d1b8aaa2cfb3fb89e4a6e89737fd6232218a9e0c099d1eb59d60b3cca089785642f327139bc4394fb6d547a9b3c22599e780c1da7433fb47615d372e3fffe9703e37d5c87d513165278650738efcc04d27b766cf7f60066edd292f6c8a2174f391ed164bb1816819ceb3e378e776d422bc946cd9501accebeac3a5b31d8abc68ae537cd44a04e6bc21c35a7beab2610c51e593676bf635a20f597f4631b91454d182f826071f5210bd6d93173589929b23801e63c2266fde13b5a04b8d48be057c752bc415a756ea9b4d34156c4f73dd5e5924ef101a5fcdaf37c7ba2c4a9de9b000000000000000000000000000000a73b862e4b63c245616b522345587d0ee65a6902bdd0abd941e8aba37510b222ae544f395edd1b92ad53fc68f08ea00edc5e10d768836169dd296d56b306e8b75778c37571792a6c3d8b02ef378ebd59422cdd008bef6f80a80a68641ea5ed4f1126bb676098c10bf663eb3fb8c839364d28fd046dc64b35f9c3397ce6f4ad357b0000000000090000000088c7a8e2638f650a6f04a6f33a090f59414d6ebcbc687e66d600000000bd0a58ea6d36fc2cf9b9a71c137a2a22adb1006f371d4faf47285fd66fe0389afb96854bb360edcdf11b4ff6dd578bba93e949d240cde9b5836cb46032484dc19c93db7b6e5afa10547c78e76a3111557346e52566df196fd630561bb908fff4d2e19562aabd43742a26a43799f8636fa04ceb40c9e4ca1cfbbc7b949cd245a3ee118fd0d4f639444539af8766028d4ac4d4c548e290199e0dacbb4f6796b39bf32934d941ba2f88e3ebd0cf8e24f99eca86e4ca9b2cd2b54044a7fc4631572a6378a32df288785f146275c1f548e2a0c1016744e05f9de5044373d7650125027547eefe7b2d8c8871bb65395fae99d8456883705bfdfb00001854b2e5efa8aaf25827d659f592b1575281ec125de7fb91cd81d91dcb19f5cdf1e1e2b4a8a1389753a09110538689e38e07fb2dc72bd4fd11d7bc16aac5d85c6101bb722895248e463a5fb45ce0e564e90cb19d5993b471687ae4165e29cf2f58082115f5f8569896eedfd798733223e6d6584997510c374912ab798bd4af4654c01bb2c411bc36468ddd62b4eba5cfc8953526e0e5b1359797956152d0098ce47c62c3fe5a23219389622b7f65bf03527d25c3941b9cf1ffeedf6d99082bb57ea871c12213cc40900f83033bc18c529171fae324c315bc6ce358831d0230412212acfd5fc8d5cb0d028cf568e8bb40e27befe2ff01f7c6674a4d86d900633ea36641e0a781ea0ea7f2d928b8b22e2f97dd13348927375baea6863bef4acf4299096ada5cdd2a0eaafaa760a79d102d1e0c0000000000000000007926653b8d79ce16a432f124786a0bc3c5b7d196822492ae1ccf91aeac16406ad6f9cd3d96d57fceba8360ae49f73351814c9c2972f11064aaf3739d9100f9c0e4d0cb17d50c82e305ba7d62cf1cc6da26e34982a8c74dd8122cf5b5e7c34fd2712a0cef05e4d8ec7dd363219676bd9b19943185b132eb35a695e208dfa5cecdb1d6425c8879063c0f11bd64291a4209ee6dc1d9e9010013f6148c603e6a335e298efd6ab5cccc47a2c568c6afec54f8251bd840752addf200371361c9eedf05ed98585cf6d99e9e56055064bda2d373369761238c278147cd0eb7799f6b9c9fcaa3fd282154994f5b25420c86db9b6401e885de1c615a719a1c83e8fbbb181282dbaf3313a4e4a4877e9f37607e2cd6da0cf6371ec06a75f5a4206b2418ad8897ae149085d63f01f22eca44033234b3930b4d5da756669a1d59d69e7de54abf439988ed7ec33c2d0a901bb0985a24878984d8a4340fa9a356d100926fb5f2ef9976366a61b8cc2bcb1c072b0e9c564852388e1edff10d75b3832792e471cc15b40380f94d834243080158603fbc9134d6983c540525447478984611c0d9666941bfc0a30db47a8828b6e5c51aee2094599b4ce52795750e1764f1657ca8c5633c71287239dddf5c651496f7bbd148c937f083d2e4e0197dbc6ff0649c749707b17399b1d7efad23abb8b40b38704737e15662ae4913a4a001cd3b71c7af75b5ffad9780650c800a40ca80ddc41987919142fd28dbf22db5f4c435415a03455e1d55d1783ccef97d7e4655cf839d06f06e137bbe462a03b3100231914b19739dd57b4f12d026ad0c7fd3"], &(0x7f00002bf000)='GPL\x00', 0x4, 0x436, &(0x7f0000000040)=""/183, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffc95, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) keyctl$KEYCTL_WATCH_KEY(0x20, r1, r3, 0x2c) r5 = socket$kcm(0x29, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r5, 0x89e0, &(0x7f0000000180)={r0, r4}) sendmmsg$inet(r5, &(0x7f0000001500)=[{{0x0, 0xffffffcf, &(0x7f0000000b00)=[{&(0x7f00000002c0)="89", 0x34000}, {0x0}], 0x2, &(0x7f0000000e40)=ANY=[], 0xd0}}, {{0x0, 0x28, 0x0}}], 0x2, 0x4004050) syz_mount_image$jfs(&(0x7f00000011c0), &(0x7f0000000040)='./bus\x00', 0x0, &(0x7f0000001000)=ANY=[@ANYRES8=0x0], 0xfa, 0x61e4, &(0x7f00000073c0)="$eJzs3c1vHGcdB/DfvvolNLV6qEqEkJuWl1KaxEkJgQJtD3Dg0gPKFSVy3SoiBZQElFYWceULB078BSAkjghxRBz4A3rgyo0TJyLZSKCeGLT288Szm93aqe2dtZ/PR3JmfvPM2s/sd2dfMjP7BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQ3//eD1ZaEXHj52nBUsRnohPRjlgY1MsRsbC8lNfvRsRzsdMcz0ZEby5icPudf56OeDUiPjobsbW9vjpYfPmA/fjuH//+ux+eeetvf+hd/O+f7nVem7Te/fu/+s+fHxxumwEAAKA0VVVVrfQx/1z6fN9uulMAwFTk1/8qyctPff3rf771l1nqj1qtVqvVU6jrqvEe1IuI2KjfZvCeweF4ADhhNuLjprtAg+RftG5EnGm6E8BMazXdAY7F1vb6aivl26q/HizvtudzQYby32g9ur5j0nQ/o+eYTOvxtRmdeGZCfxam1IdZkvNvj+Z/Y7e9n9Y77vynZVL+/d1Ln4qT8++M5j/i9OTfHpt/qXL+3SfKvyN/AAAAAACYYfn//5caPv47d/hNOZBPOv67PKU+AAAAAAAAAMBRO+z4f48Y/w8AAABm1uCz+sBvzu4tm/RdbIPl11sRT42sDxQmXSyz2HQ/AAAAAAAAAAAAAKAk3d1zeK+3InoR8dTiYlVVg5+60fpJHfb2J13p2w8la/pJHgAAdn10duRa/lbEfERcT9/111tcXKyq+YXFarFamMvvZ/tz89VC7XNtng6WzfUP8Ia4268Gv2y+dru6/T4v79c++vsGf6tfdQ7QsSPSS/fmhOaGwgaAZPfVaMsr0ilTVU9PevMBQ+z/p9BSLDX9uGL2Nf0wBQAAAI5fVVVVK32d97l0zL/ddKcAgKnIr/+jxwUOVbcntEccze9Xq9VqtVr9qeq6arwH9SIiNuq3GbxnMBw/AJwwG/Fx012gQfIvWjcinmu6E8BMazXdAY7F1vb6aivl26q/HqTx3fO5IEP5b7R2bpdvP266n9FzTKb1+NqMTjwzoT/PTqkPsyTn3x7N/8Zuez+td9z5T8uk/Ps7l8yVJ+ffGc1/xOnJvz02/1Ll/LtPlH9H/gAAAAAAMMPy//8vOf6bNxkAAAAAAAAATpyt7fXVfN1rPv7/uTHruf7zdMr5t540/4U0L/8TLeffHsn/yyPrdWrzD9/c2///vb2++vt7//psnh40/7k800qPrFZ6RLTSX2p10/QwW/e4zV6nP/hLvVa7003n/FS9d+JW3I61uDS0bjvdH3vtK0Ptg572htovD7V3H2u/MtTeS987UC3k9guxGj+J2/H2Tnt/+G4fa36f+6fapz3n3/H8X6Scf7f2M8h/MbW3RqYDDz9sP7bf16fj/s4btz7/y0vHvzn72ozOo22rG2zf+Qb6s3OfnOnHz+6u3blw/+a9e3dWIk2Gll6ONDliOf/ezs/c3vP/C7vt+Qmovr8+/LD/xPnPis3oTsz/hdr8YHtfmnLfmpDz76efnP/bqX38/n+S85+8/7/cQH8AAAAAAAAAAAAAAADgk1RVtXOJ6BsRcTVd/9PUtZkAwHTl1/8qycvVarVarS617sRs9eco67pqvNfrRUT8tX6bwXuGX4z7ZQDALPtfRPyj6U7QGPkXLH/f32D6YtOdAabq7vsf/Ojm7dtrd+423RMAAAAAAAAA4NPK438u18Z/fjEilkbWGxr/9c1YPuz4n90882iA0SMe6HuCzXa/064NN/587IzPfWHS+N/n4/Hxv/OYuJ36dkzQ26e9v0/73D7t82OX7qU19kKPmpz/87Xxzgf5nxsZfr2E8V9Hx7wvQc7/fO3xPMj/SyPr1fOvfjtz+W8cdMXNaA/lf/Heez+9ePf9D1659d7Nd9feXfvxlZWVS1euXr127drFd27dXru0++/x9HoG5Pzz2NfOAy1Lzj9nLv+y5Py/kGr5lyXn/8VUy78sOf/8fk/+Zcn5588+8i9Lzv+lVMu/LDn/r6Ra/mXZ2l6fG+T/cqrlX5a8/3811fIvS87/lVTLvyw5/wupln9Zcv4XU32A/H09/CmS889HuOz/Zcn5r6Ra/mXJ+V9OtfzLkvO/kmr5lyXn/2qq5V+WnP/XUi3/suT8r6Za/mXJ+X891fIvS87/WqrlX5ac/zdSLf+y5Py/mWr5lyXn/1qq5V+WnP+3Ui3/suT8v51q+Zcl5/+dVMu/LDn/11Mt/7Lsff+/GTNmzOSZpp+ZAAAAAAAAAAAAAIBR0ziduOltBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/swMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7N1bjFx3fQfwM3vz2iHEQAhOamCTGGOcJbu+xBdaFxOuDVAKJBR6wXa9a7PgG167hBTJpoESCSNQRdX0oS0g1EaqKqyKB1pRmoeql6fSPtCXiqoSUqMqoICKRCuareac///vmdnZmV3veH32nM9Hsn+7M2fmnDlzZna/a3/3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECru984+5lGlmXNP/lfm7PsBc2PN05szi973c3eQgAAAGC1/i//+7nb0gWHl3GjlmX+/hX/9PWFhYWF7P3Dvzf6xYWFdMVElo1uyLL8uujqf3yg0bpM8Hg23hhq+Xyoz+qH+1w/0uf60T7Xj/W5fkOf68f7XL9oByyysfh5TH5n2/IPNxe7NLs9G82v29blVo83NgwNxZ/l5Br5bRZGT2Rz2alsNptuW75YtpEv/827m+t6WxbXNdSyrq3NI+SHnzget6ER9vG2tnVdu8/o+2/IJn70w08c/5MLz97ZbfbdDW33V2znjnua2/mpcEmxrY1sQ9oncTuHWrZza5fnZLhtOxv57Zofd27nc8vczuFrm7mmOp/z8Wwo//jb+X4aaf2xXtpPW8NlP7k3y7LL1za7c5lF68qGsk1tlwxde37GiyOyeR/NQ+nF2ciKjtO7l3GcNufMtvbjtPM1EZ//u8PtRpbYhtan6fufHFv0vK/0OI2aj3qp10rnMTjo10pZjsF4XHw7f9BPdD0Gt4XH/4ntSx+DXY+dLsdgetwtx+A9/Y7BobHhfJvTk9DIb3PtGNzVtvxwvqZGPp/Z3vsYnLpw+tzU/Mcfe+3c6WMnZ0/Ontmza9f0nn37Dhw4MHVi7tTsdPH3de7t8tuUDaXXwD1h38XXwKs7lm09VBe+PLjX4XiP1+HmjmUH/Toc6XxwjbV5QS4+povXxsPNnT5+ZShb4jWWPz87V/86TI+75XU40vI67Po1pcvrcGQZr8PmMud2Lu97lpGWP9224UZ9Ldjccgx2fj/SeQwO+vuRshyD4+G4+LedS38t2Bq294nJlX4/MrzoGEwPN7z3NC9J3++PH8hHt+PyruYVt4xlF+dnz9//6LELF87vysJYEy9pOVY6j9dNLY8pW3S8Dq34eD0894on7upy+eawr8Zf2/xrfMnnqrnM3vt7P1f5V7fu+7Pt0t1ZGAO21vuz21fz5v5MWbLH/mwu86mp1X8vnnJpy/vv6BLvvzH3P1+sL93V48OjI8XrdzjtndG29+P2p2okf+9q5Ot+bmp578ej4c9avx/f3uP9eEvHsoN+Px7tfHDx/bjR76cdq9P5fI6H4+TUdO/34+YyW3av9Jgc6fl+fG+YjbD/XxOSQspFLcfOUsdtWtfIyGh4XCNxDe3H6Z625UdDNmuu66nd13ec7ri3uK/h9OiuWavjdKJj2UEfp+n9aqnjtNHvp2/Xp/P5HA/Hxe17eh+nzWWe3rv6986N8cOW986xfsfg6PBYc5tH00FYvN8vbIzH4P3Z8exsdiqbya8dy4+nRr6uyQeWdwyOhT9r/V65pccxuKNj2UEfg+nr2FLHXmNk8YMfgM7nczwcF08+0PsYbC7zpv2D/d51R7gkLdPyvWvnz9eW+pnXXR276Ub+zKu5nX+7v/fPZpvLnDqw0pzZez/dFy65pct+6nz9LvWamsnWZj9tCdv57IGl91Nze5rLfPHgMo+nw1mWXfrog/nPe8O/r/zFxe98ve3fXbr9m86ljz74g1tP/N1Kth+A9e/5Ymwqvta1/MvUcv79HwAAAFgXYu4fCjOR/wEAAKAyYu6P/ys8kf8BAACgMmLuHwkzqUn+3/KmZ+eev5SlZv5CEK9Pu+GhYrnYcZ0On08sXNO8/MGvzv74ry4tb91DWZb99KHf6rr8lofidhUmwnZefXP75YtveGlZ6z/6yLXlWvvrXwr3Hx/Pcg+DbhXc6SzLvnnb5/L1THzgSj6ffuhoPt9z+YnHm8s8d7D4PN7+mZcUy/9hKP8ePnGs7fbPhP3wvTCn3959f8Tbfe3Ka7buf9+19cXbNe55Yf6wn/xgcb/x9+R84fFi+bifl9r+v/7sU19rLv/oq7pv/6Wh7tv/VLjfr4b5Py8vlm99Dpqfx9t9Omx/XF+83f1f+VbX7b/6mWL5c28pljsaZlz/jvD5trc8O9e6vx5tHGt7XNlbi+Xi+qe/8/n8+nh/8f47t3/8yJW2/dF5fDz9L8X9THUsHy+P64n+smP9zftpPT7j+p/6naNt+7nf+q++55mXN++3c/33dSw33HH7zt/Y9Eef/lzX9cXtOfzn59oez+F3h9dxWP+THwzHY7j+f69+rm290dF3t7//xOW/tPlS2+OJ3vajYv1XX38yn/858eM/uOUFt77w8iub+y7Lvv3e4v76rf/kH59t2/4v37Ezfz7i9bGj37n+pcT1n//Y5Jmz8xfnZlr2av67c95RbM+G8Y2bmtt7W3hv7fz8yNkLH5o9PzE9MZ1lE9X9FXrX7Sth/qAYl1d6+52PhOfzrt//5qbt//zZePm/PlxcfuXtxdetV4flvhAu31w8fwuNVa7/ybvvyF/fjaeLz9t67AOwddt/HVjWguHxd35fEI/3cy/9UL4fmtflXzfi63qV2//dmeJ+vhH260L4zcz33HFtfa3Lx9+NcOW9xet91fsvvM3F5/VPw/P9zu8V9x+3Kz7e74bvY761pf39Lh4f37g01Hn/+W/xuBzeT7LLxfVxqbi/rzx3R9fNi7+HJLt8Z/7576b7uXNFD3Mp8x+fnzo1d+bio1MXZucvTM1//LEjp89ePHPhSP67PI98uN/tr70/bcrfn2Zm9+3NpjdmWXY2m16DN6wbs/3Nj5a3/eceOT6zf3r7zOyJYxdPXHjk3Oz5k8fn54/PzsxvP3bixOzH+t1+bubQrt0H9+zfPXlybubQgYMH9xycnDtztrkZxUb1sW/6I5Nnzh/JbzJ/aO/BXQ88sHd68vTZmdlD+6enJy/2u33+tWmyeevfnDw/e+rYhbnTs5Pzc4/NHtp1cN++3X1/G+DpcyfmJ6bOXzwzdXF+9vxU8VgmLuQXN7/29bs91TT/78X3s50axS/iy9513770+1mbvvrJJe+qWKTjF4g+G34XzT++6NyB5Xwec/9omElN8j8AAADUQcz9Y2Em8j8AAABURsz9G8JM5H8AAACojJj7x8NMapL/9f/1/5fX/y+u1/+vV///3EeLXul67//H/rz+fz3c5P7/qtev/6//X73+//L78+t9+/X/9f9ZrGz9/5j7N2ZZLfM/AAAA1EHM/ZvCTOR/AAAAqIyY+28JM5H/AQAAoDJi7n9BmElN8r/+/7L6/7v7Fa6q3/93/n/9/2x99v/jk6P/Xxsr7t+/7+G2T/X/A/1//X/9f/1//X9WbXTJa25W/z/m/ltbfgtgrib5HwAAAOrg1vzv8eyFYSbyPwAAAFRGzP23hZnI/wAAAFAZMfdvDjOpSf7X/3f+f/1//f9K9/9Xe/7/lo3R/18fnP+/txX3/zfo/y+v/z+u/78e+/+jg93+cvf/+26+/j83RNnO/x9z/4vCTGqS/wEAAKAOYu5/cZiJ/A8AAACVEXP/S8JM5H8AAACojJj7bw8zqUn+1//X/9f/1//X/+++/v7n/y8+utH9/8c+r/+/Evr/vTn/fx/O/1+v/v+At7/c/f9Bn/9/9M2dt9f/p5uy9f9j7n9pmElN8j8AAADUQcz9d4SZyP8AAABQGTH3vyzMRP4HAACAyoi5f0uYSU3yv/6//r/+v/6//n/39ffv/xec/79c9P970//vQ/9f/1//f3n9/y7f/Or/003Z+v8x998ZZlKT/A8AAAB1EHP/XWEm8j8AAABURsz9PxNmIv8DAABAZcTcvzXMpCb5X/9f/1//v179//vG9P/1/6tN/783/f8+ytf/v7X15vr/5d7+WvX/u1hJ/39DvzujMsrW/4+5/+VhJjXJ/wAAAFAHMfe/IsxE/gcAAIDKiLn/lWEm8j8AAABURsz9E2EmNcn/+v/V6v//2d88+cpM/1//v8/6K9r/j4eB/n/N6f/3pv/fR/n6/230/8u9/fr/zv/PYmXr/8fcf3eYSU3yPwAAANRBzP33hJnI/wAAAFAZMfffG2Yi/wMAAEBlxNy/LcykJvlf/79a/f9I/1//v9f6K9r/T/T/603/v4uWF6n+fx/6//r/te//x+9+9f8ZjLL1/2Puf1WYSU3yPwAAANRBzP3bw0zkfwAAAKiMmPtfHWYi/wMAAEBlxNy/I8ykJvlf/1//X/9f/1//v/v69f/XJ/3/3lba/x/T/9f/1/+vWf/f+f8ZrLL1/2Puf02YSU3yPwAAANRBzP07w0zkfwAAAKiM+P83i//3Kv8DAABAFcXcPxlmUpP8r/+v/1+n/n9D//8G9v8n0uX6/93p/68N/f/enP+/D/1//X/9f/1/Bqps/f+Y+18bZlKT/A8AAAB1EHP//WEm8j8AAABURsz9U2Em8j8AAABURsz902EmNcn/+v/6/3Xq/zv/v/P/6/9Xn/5/b/r/fej/6/9Xrf+fZfr/3FRl6//H3L8rzKQm+R8AAADqIOb+3WEm8j8AAABURsz9e8JM5H8AAACojJj794aZ1CT/6/9Xtf+/kOn/r7z/n2X6/5n+v/7/Oqf/35v+fx/6//r/Vev/O/8/N1nZ+v8x9z8QZlKT/A8AAAB1EHP/vjAT+R8AAAAqI+b+/WEmIf93+3/dAAAAwPoSc/+BMJOa/Pu//n9F+v+//Q9t63b+f+f/77X+wfT/N+r/h6n/Xy4V7f93viyum/5/H/r/+v/6//r/DFTZ+v8x9x8MM6lJ/gcAAIA6iLn/dWEm8j8AAABURsz9PxtmIv8DAABAZcTc/3NhJjXJ//r/Fen/d9D/1//vtX7n/9f/r7KK9v8HplL9/yH9f/3/cm2//r/+P4vd+P5//Gh5/f+Y+w+FmdQk/wMAAEAdxNz/82Em8j8AAABURsz9rw8zkf8BAACgMmLuPxxmUpP8r/+v/6//r/9/Y/r/r886lbH/3zx49P+rRf+/t0r1/53/X/+/ZNuv/6//z2I3oP//k9YLV3r+/5j73xBmUpP8DwAAAHUQc/+DYSbyPwAAAFRGzP1vDDOR/wEAAKAyYu5/U5hJTfK//r/+v/6//r/z/3dfv/7/+qT/35v+fx/6//r/+v/6/wzUDej/t1lp/z/m/jeHmdQk/wMAAEAdxNz/ljAT+R8AAAAqI+b+t4aZyP8AAABQGTH3vy3MpCb5X/9f/1//X///evr/Y/r/+v8lpf/f23rq/4+0XK7/X9D/L/f26//r/7NY2fr/Mff/QphJTfI/AAAA1EHM/Q+Fmcj/AAAAUBkx9789zET+BwAAgMqIuf8dYSY1yf/6//r/+v/6/87/3339+v/rk/5/b+up/+/8/4vp/5d7+/X/9f9ZrGz9/5j73xlmUpP8DwAAAHUQc/8vhpnI/wAAAFAZMfe/K8xE/gcAAIDKiLn/l8JMapL/9f/1/8vV/1+41Ho7/X/9/2xQ/f/mjfT/a0H/vzf9/z669P836P/r/+v/6/9z3crW/4+5/91hJjXJ/wAAAFAHMfe/J8xE/gcAAIDKiLn/vWEm8j8AAABURsz9D4eZ1CT/6//Xsv+fHnL5+v/O/6//7/z/+v+ro//fm/5/H87/v7g/P57p/+v/6/9z3crW/4+5/5Ewk5rkfwAAAKiDmPvfF2Yi/wMAAEBlxNz/y2Em8j8AAABURsz97w8zqUn+1/+vZf+/xOf/r1r/f6Tt+KhT/3+85flMx6X+v/7/GtD/703/vw/9f+f/L3P/PxzNG5e4vf4/ZVS2/n/M/R8IM6lJ/gcAAIA6iLn/V8JM5H8AAACojJj7fzXMRP4HAACAyoi5/9fCTGqS//X/Y+fu03mVV/9f/z+/wPn/nf9f/3/d0v/vTf+/D/1//f8y9//70P+njMrW/4+5/9fDTJYMfj/472U8TAAAAKBEYu7/YJhJTf79HwAAAOog5v4jYSbyPwAAAFRGzP1Hw0xqkv/1/zvP/x/PqKr/r/+v/6//r/+/Hg2u//+yW7NM/1//X/9f/38t+/9D+v9UTtn6/zH3HwszqUn+BwAAgDqIuf83wkzkfwAAAKiMmPuPh5nI/wAAAFAZMffPhJlUMf93lmpvbv9/tJz9f+f/v97+/0/1//X/A/3/7vT/14bz//em/9+H/r/+v/P/6/8zUGXr/8fcPxtmUsX8DwAAAPWSfhwcc/+JMBP5HwAAACoj5v6TYSbyPwAAAFRGzP0fCjOpSf53/n/9f+f/vxn9/5G25fX/C/r/+v+DoP/fm/5/H/r/+v/6//r/DFTZ+v8x98+FmdQk/wMAAEAdxNz/4TAT+R8AAAAqI+b+j4SZyP8AAABQGTH3nwozqUn+1//X/697/7+RZZed/1//v9v69f/XJ/3/3vT/+9D/1//X/9f/Z6DK1v+Puf90mElN8j8A/8/efTzJdVZ9HO/Xr5U2QLFmwZoVS1iZP4EVVeyoYk02OdgmZzA5B5NzzsmYYHLO0eQcTTRUidLonCPNTOtezcxV973P8/lsDlJJdI/dMvVj6usLAEAPcvffO26x/wEAAKAZufvvE7fY/wAAANCM3P33jVs62f/6f/1/7/3/aivP/9/96/X/Z+n/9f9T2NffX77+110oCr9g/3/HO115D/2//l//P0j/r//X/7PX3Pr/3P33i1s62f8AAADQg9z9949b7H8AAABoRu7+B8Qt9j8AAAA0I3f/lXFLJ/tf/6//1//r/3f1/9fr//X/y+b5/8P0/yP0//p//b/+n0nNrf/P3f/AuKWT/Q8AAAA9yN3/oLjF/gcAAIBm5O5/cNxi/wMAAEAzcvc/JG7pZP/r//X/+v/D9v+3O7ZabbL/P+75/3u+Hv2//n8d/f8w/f8I/b/+X/+v/2dSc+v/c/c/NG7pZP8DAABAD3L3Pyxusf8BAACgGbn7Hx632P8AAADQjNz9j4hbOtn/+n/9v/7f8//1/+tfX/+/TNetzv0zYdP9//EJ/v0D+v959/+rlf5/yEX38+u/vOW8/wvQ/+v/2W9u/X/u/kfGLXdZrY4f9osEAAAAZiV3/6Pilk6+/w8AAAA9yN1/Vdxi/wMAAEAzcvdfHbd0sv/1//p//b/+X/+//vX1/8vk+f/Djt7/3+E297pnv/2/5/8P8/z/qfv/M58M/T/LNrf+P3f/NXFLJ/sfAAAAepC7/9Fxi/0PAAAAzcjd/5i4xf4HAACAZuTuf2zc0sn+1/+31v///67fd17/v1O76P/1//p//X/r9P/DPP9/xM4/5k7VD/X/+n/P/9f/czRz6/9z9z8ubulk/wMAAEAPcvc/Pm6x/wEAAKAZufufELfY/wAAANCM3P1PjFsOtP8PnPfNhv6/tf5/9+/z/H/9/7rX1//r/1um/x+m/x/RyvP/D/mp2XY/f1Tbfv/6f/0/+82t/8/d/6S4xff/AQAAoBm5+58ct9j/AAAA0Izc/U+JW+x/AAAAaEbu/qfGLZ3sf/2//n8Z/X++gv5f/3/p+/+k/18m/f8w/f+IVvr/Q9p2P7/096//1/+z39z6/9z9T4tbOtn/AAAA0IPc/U+PW+x/AAAAaEbu/mfELfY/AAAANCN3/zPjlk72v/5f/7+M/t/z//X/nv+v/784+v9h+v8R+n/9v/5f/8+k5tb/5+6/Nm7pZP8DAABAD3L3Pytusf8BAACgGbn7nx232P8AAADQjNz9z4lbOtn/+n/9v/5f/6//X//6+v9l0v8P0/+P0P/r//X/+n8mNaP+/7zfdXL13Lilk/0PAAAAPcjd/7y4xf4HAACAZuTuf37cYv8DAABAM3L3vyBu6WT/6/9n0//v5Hxt9f+nVquV/n/Vaf9/6ry/n/W51P/r/zdA/z9M/z9C/6//1//r/5nUZvv/M//MH/73AeTuf2Hc0sn+BwAAgB7k7n9R3GL/AwAAQDNy9784brH/AQAAoBm5+18St3Sy//X/s+n/d7TV/3v+/97PR0/9v+f/76f/3wz9/zD9/wj9v/6/jf7/tqvVSv/PLGy2/x//ce7+l8ZNx48d+ksEAAAAZiZ3/8vilk6+/w8AAAA9yN3/8rjF/gcAAICFunbfz+Tuf0Xc0sn+1/9P2/8fP+/n9P/6/72fD/2//l//f+np/4fp/0fo//X/bfT/nv/PbMyt/8/d/8q4pZP9DwAAAD3I3X9d3GL/AwAAQDNy978qbrH/AQAAoBm5+18dt3Sy//X/nv+v/9f/6//Xv77+f5n0/8P0/yP0//r/7fb/J879R/0/bThA/3/69OmrLnn/n7v/NXFLJ/sfAAAAepC7/7Vxi/0PAAAAzcjd/7q4xf4HAACAZuTuf33c0sn+1/932v/nR31Z/f/Vq5X+X/+v/9f/D9P/D9P/j9D/6/89/1//z6Tm9vz/3P1viFs62f8AAADQg9z9b4xb7H8AAABoRu7+N8Ut9j8AAAA0I3f/m+OWTva//r/T/t/z//X/+v9N9/+3rPT/G7GI/v/UhV9/7v3/Nfp//f+A7vr/u9551w/1//p/9ptb/5+7/y1xSyf7HwAAAHqQu/+tcYv9DwAAAM3I3f+2uMX+BwAAgGbk7n973HR5J/tf/6//33D/v/NB0//v/vX6/7Ma7//Hnv9/fLVa6f8nsIj+f8Dc+/9pnv+/90/5Ofp//f+S37/+X//PfnPr/3P3vyNu6WT/AwAAQA9y978zbrH/AQAAoBm5+98Vt9j/AAAA0Izc/e+OWzrZ//p//b/n/+v/m+//r1lE/+/5/xPR/w/bXP9/490O8/71//r/Jb9//b/+n4u3rf4/d/974pZO9j8AAAD0IHf/e+MW+x8AAACakbv/fXGL/Q8AAADNyN3//rilk/2v/9f/H6T/z/ep/2+r/z8xu/7/5K7/vk6e/6//n4j+f9g8nv9/Yfp//f+S338j/f+1+n+mNLfn/+fu/0Dc0sn+BwAAgB7k7v9g3Pq/bu1/AAAAaEbu/g/FLfY/AAAANCN3/4fjlk72v/5f/+/5//r/5p//r//viv5/mP5/hP5f/6//9/x/JjW3/j93/0filk72PwAAAPQgd/9H4xb7HwAAAJqRu/9jcYv9DwAAAM3I3X993NLJ/tf/6//1//p//f/Zv4f6/zbo/4dtpv8/pf/X/1c//3/xp0D/r/8f+/20aW79f+7+j8ctnex/AAAA6EHu/hviFvsfAAAAmpG7/xNxi/0PAAAAi3T5mp/L3f/JuKWT/a//1//r//X/+v/1r6//X6at9P/5odD/e/5/6Kf/v/2uHy3t+f97//dL/6//Z3pz6/9z938qbulk/wMAAEAPcvd/Om6x/wEAAKAZuftvjFvsfwAAAGhG7v7PxC2d7H/9v/5f/6//1/+vf339/zJ5/v8w/f8I/f9Wn5+/9Pev/9f/s9/c+v/c/Z+NWzrZ/wAAANCD3P2fi1vsfwAAAGhG7v7Pxy32PwAAADRjZ/dnXNbh/tf/6//1//p//f/619f/L5P+f5j+f4T+X/+v/9f/M6m59f9f2PldJ1dfjFs62f8AAADQg9z9X4pb7H8AAABoRu7+L8ct9j8AAAA0I3f/V+KWTva//l//v4z+//Tp01fp//X/u7+ec/3/Tfp/iv5/mP5/hP5f/6//1/8zqbn1/7n7vxq3dLL/AQAAoAe5+78Wt9j/AAAA0Izc/V+PW+x/AAAAaEbu/m/ELZ3sf/3/DPr/k/p/z//X/688/1//PxH9/zD9/4gW+/+TF//lb7ufP6ptv3/9v/6f/ebW/+fu/2bc0sn+BwAAgB7k7v9W3GL/AwAAQDNy9387brH/AQAAoBm5+78Tt3Sy//X/m+v/z/y16+X5/6dW69+//l//r//X/19q+v9h+v8RLfb/B7Dtfn7p71//r/9nv7n1/7n7vxu37B5+xw72VQIAAABzkrv/e3FLJ9//BwAAgB7k7v9+3GL/AwAAQDNy9/8gbulk/+v/Z/D8/wb7f8//X//50P/Puv+/TP/fBv3/MP3/CP2//l//P1H/n59m/X/v5tb/5+7/YdzSyf4HAACAHuTu/1HcYv8DAABAM3L3/zhusf8BAACgGbn7b4pbztv/69ruVuj/9f/6f/2//n/96+v/l0n/P+xi+/8Tq6P1/0n/v9n+/4ZbHeir3Wfb/fxRbfv96/89/5/95tb/5+7/Sdzi+/8AAACwOMcu8PO5+38at9j/AAAA0Izc/T+LW+x/AAAAaEbu/p/HLTdftq23tFH6f/2//l//r/9f//r6/2XS/w/z/P8RC+//j2qifv4K/X8b/f9qpf/n6ObW/+fu/0Xc4vv/AAAA0Izc/b+MW+x/AAAAaEbu/l/FLfY/AAAANCN3/6/jlk72v/5f/3/E/n8nzdT/n6X/P0v/v57+fzP0/8P0/yP0/57/r//3/H8mNbf+P3f/b+KWTvY/AAAA9CB3/2/jFvsfAAAAmpG7/3dxi/0PAAAAzcjd//u4pZP9v7X+P/5S6/8X3//v+uut/78U/f+Zr07/r//X/18s/f8w/f8I/b/+X/+v/2dSc+v/c/f/IW7pZP8DAABAD3L3/zFusf8BAACgGbn7/xS32P8AAADQjNz9f45bOtn/nv+v/5+i//f8/7M8//8s/f96+v/N0P8P0/+vV3+j9P/6f/2//p9Jza3/z93/l7ilk/0PAAAAPcjd/9e4xf4HAACAZuTuvzlusf8BAACgGbn7/xa3dLL/9f/6f/2//l//v/719f/LpP8fts3+/+63Hn9Zz//fev+fb0H/r//X/zOJufX/ufv/Hrd0sv8BAACgB7n7/xG32P8AAADQjNz9/4xb7H8AAABoRu7+f8Utnez/kf7/RP1C/f8g/f/u96//X//50P/r//X/l57+f9hw/3/en+bOnv9f9P+e/6//1/8zqbn1/7n7/x23dLL/AQAAoAe5+2+JW+x/AAAAaEbu/v/ELfY/AAAANCN3/3/jlk72v+f/L6n/v0L/r//X/+v/9f8j9P/DDv38//iDov/X/w/R/+v/9f/sNbf+P3f//wIAAP//sbFNMQ==") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='.\x00', 0x0, 0x0) getdents64(r6, &(0x7f0000000400)=""/153, 0x99) unshare(0x2040400) r7 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000340)={@cgroup, r7, 0x24, 0x0, 0xffffffffffffffff, @void, @value}, 0x14) sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, 0x0, 0x400, 0x70bd2b, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x7a, 0x71}}}}, [@NL80211_ATTR_SCAN_FREQUENCIES={0xc, 0x2c, 0x0, 0x1, [{0x8, 0x0, 0x40}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24000800}, 0x4840) [ 59.722949][ T5316] Bluetooth: hci0: command tx timeout [ 59.857975][ T5333] loop0: detected capacity change from 0 to 32768 [ 59.895774][ T5333] ================================================================== [ 59.898648][ T5333] BUG: KASAN: slab-out-of-bounds in dtReadFirst+0x512/0xc50 [ 59.901620][ T5333] Read of size 4 at addr ffff88804522c028 by task syz.0.0/5333 [ 59.904400][ T5333] [ 59.905329][ T5333] CPU: 0 UID: 0 PID: 5333 Comm: syz.0.0 Not tainted 6.12.0-syzkaller-10681-g65ae975e97d5 #0 [ 59.909088][ T5333] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 59.912906][ T5333] Call Trace: [ 59.914182][ T5333] [ 59.915288][ T5333] dump_stack_lvl+0x241/0x360 [ 59.917128][ T5333] ? __pfx_dump_stack_lvl+0x10/0x10 [ 59.919046][ T5333] ? __pfx__printk+0x10/0x10 [ 59.920860][ T5333] ? _printk+0xd5/0x120 [ 59.922541][ T5333] ? __virt_addr_valid+0x183/0x530 [ 59.924606][ T5333] ? __virt_addr_valid+0x183/0x530 [ 59.926746][ T5333] print_report+0x169/0x550 [ 59.928448][ T5333] ? __virt_addr_valid+0x183/0x530 [ 59.930201][ T5333] ? __virt_addr_valid+0x183/0x530 [ 59.932205][ T5333] ? __virt_addr_valid+0x45f/0x530 [ 59.933916][ T5333] ? __phys_addr+0xba/0x170 [ 59.935531][ T5333] ? dtReadFirst+0x512/0xc50 [ 59.937289][ T5333] kasan_report+0x143/0x180 [ 59.939017][ T5333] ? dtReadFirst+0x512/0xc50 [ 59.941053][ T5333] dtReadFirst+0x512/0xc50 [ 59.942869][ T5333] jfs_readdir+0x7ef/0x3c50 [ 59.944727][ T5333] ? __pfx_jfs_readdir+0x10/0x10 [ 59.946765][ T5333] ? __pfx_lock_acquire+0x10/0x10 [ 59.948647][ T5333] ? down_write+0x18c/0x220 [ 59.950414][ T5333] ? __pfx_down_write+0x10/0x10 [ 59.952356][ T5333] ? __might_fault+0xaa/0x120 [ 59.954251][ T5333] ? __pfx_jfs_readdir+0x10/0x10 [ 59.956163][ T5333] wrap_directory_iterator+0x91/0xd0 [ 59.958273][ T5333] iterate_dir+0x571/0x800 [ 59.960070][ T5333] __se_sys_getdents64+0x1e2/0x4b0 [ 59.962054][ T5333] ? __pfx___se_sys_getdents64+0x10/0x10 [ 59.964209][ T5333] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 59.966556][ T5333] ? __pfx_filldir64+0x10/0x10 [ 59.968432][ T5333] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 59.970741][ T5333] ? do_syscall_64+0x100/0x230 [ 59.972593][ T5333] ? do_syscall_64+0xb6/0x230 [ 59.974457][ T5333] do_syscall_64+0xf3/0x230 [ 59.976168][ T5333] ? clear_bhb_loop+0x35/0x90 [ 59.978038][ T5333] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 59.980319][ T5333] RIP: 0033:0x7f64d2580809 [ 59.982091][ T5333] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 59.989357][ T5333] RSP: 002b:00007f64d334b058 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9 [ 59.992382][ T5333] RAX: ffffffffffffffda RBX: 00007f64d2745fa0 RCX: 00007f64d2580809 [ 59.995144][ T5333] RDX: 0000000000000099 RSI: 0000000020000400 RDI: 000000000000000c [ 59.998121][ T5333] RBP: 00007f64d25f393e R08: 0000000000000000 R09: 0000000000000000 [ 60.000976][ T5333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 60.003843][ T5333] R13: 0000000000000000 R14: 00007f64d2745fa0 R15: 00007ffea2dc4c48 [ 60.006700][ T5333] [ 60.007842][ T5333] [ 60.008774][ T5333] Allocated by task 5333: [ 60.010420][ T5333] kasan_save_track+0x3f/0x80 [ 60.012229][ T5333] __kasan_slab_alloc+0x66/0x80 [ 60.014130][ T5333] kmem_cache_alloc_lru_noprof+0x1dd/0x390 [ 60.016409][ T5333] jfs_alloc_inode+0x28/0x70 [ 60.018105][ T5333] alloc_inode+0x65/0x1a0 [ 60.019663][ T5333] new_inode+0x22/0x1d0 [ 60.021174][ T5333] ialloc+0x4c/0x900 [ 60.022641][ T5333] jfs_create+0x1be/0xbb0 [ 60.024125][ T5333] path_openat+0x1c03/0x3590 [ 60.025842][ T5333] do_filp_open+0x27f/0x4e0 [ 60.027493][ T5333] do_sys_openat2+0x13e/0x1d0 [ 60.029172][ T5333] __x64_sys_openat+0x247/0x2a0 [ 60.030899][ T5333] do_syscall_64+0xf3/0x230 [ 60.032466][ T5333] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 60.034505][ T5333] [ 60.035371][ T5333] The buggy address belongs to the object at ffff88804522b750 [ 60.035371][ T5333] which belongs to the cache jfs_ip of size 2232 [ 60.039850][ T5333] The buggy address is located 32 bytes to the right of [ 60.039850][ T5333] allocated 2232-byte region [ffff88804522b750, ffff88804522c008) [ 60.044940][ T5333] [ 60.045796][ T5333] The buggy address belongs to the physical page: [ 60.048172][ T5333] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x45228 [ 60.051313][ T5333] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 60.054462][ T5333] flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff) [ 60.057299][ T5333] page_type: f5(slab) [ 60.058753][ T5333] raw: 04fff00000000040 ffff88801f2ef3c0 dead000000000122 0000000000000000 [ 60.061822][ T5333] raw: 0000000000000000 00000000800d000d 00000001f5000000 0000000000000000 [ 60.064867][ T5333] head: 04fff00000000040 ffff88801f2ef3c0 dead000000000122 0000000000000000 [ 60.067960][ T5333] head: 0000000000000000 00000000800d000d 00000001f5000000 0000000000000000 [ 60.071804][ T5333] head: 04fff00000000003 ffffea0001148a01 ffffffffffffffff 0000000000000000 [ 60.074881][ T5333] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 60.077943][ T5333] page dumped because: kasan: bad access detected [ 60.080349][ T5333] page_owner tracks the page as allocated [ 60.082483][ T5333] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0xd2050(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_RECLAIMABLE), pid 5333, tgid 5332 (syz.0.0), ts 59869982413, free_ts 0 [ 60.089910][ T5333] post_alloc_hook+0x1f3/0x230 [ 60.091642][ T5333] get_page_from_freelist+0x3649/0x3790 [ 60.093644][ T5333] __alloc_pages_noprof+0x292/0x710 [ 60.095421][ T5333] alloc_pages_mpol_noprof+0x3e8/0x680 [ 60.097331][ T5333] alloc_slab_page+0x6a/0x140 [ 60.099017][ T5333] allocate_slab+0x5a/0x2f0 [ 60.100637][ T5333] ___slab_alloc+0xcd1/0x14b0 [ 60.102319][ T5333] __slab_alloc+0x58/0xa0 [ 60.103981][ T5333] kmem_cache_alloc_lru_noprof+0x26c/0x390 [ 60.106150][ T5333] jfs_alloc_inode+0x28/0x70 [ 60.107830][ T5333] alloc_inode+0x65/0x1a0 [ 60.109291][ T5333] new_inode+0x22/0x1d0 [ 60.110759][ T5333] jfs_fill_super+0x570/0xd90 [ 60.112538][ T5333] get_tree_bdev_flags+0x48c/0x5c0 [ 60.114301][ T5333] vfs_get_tree+0x90/0x2b0 [ 60.116006][ T5333] do_new_mount+0x2be/0xb40 [ 60.117631][ T5333] page_owner free stack trace missing [ 60.119558][ T5333] [ 60.120423][ T5333] Memory state around the buggy address: [ 60.122383][ T5333] ffff88804522bf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 60.125189][ T5333] ffff88804522bf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 60.128021][ T5333] >ffff88804522c000: 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 60.130537][ T5333] ^ [ 60.132351][ T5333] ffff88804522c080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 60.135224][ T5333] ffff88804522c100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 60.138096][ T5333] ================================================================== [ 60.163690][ T5333] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 60.166379][ T5333] CPU: 0 UID: 0 PID: 5333 Comm: syz.0.0 Not tainted 6.12.0-syzkaller-10681-g65ae975e97d5 #0 [ 60.169898][ T5333] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 60.173634][ T5333] Call Trace: [ 60.174888][ T5333] [ 60.175954][ T5333] dump_stack_lvl+0x241/0x360 [ 60.177609][ T5333] ? __pfx_dump_stack_lvl+0x10/0x10 [ 60.179508][ T5333] ? __pfx__printk+0x10/0x10 [ 60.181145][ T5333] ? preempt_schedule+0xe1/0xf0 [ 60.182967][ T5333] ? vscnprintf+0x5d/0x90 [ 60.184534][ T5333] panic+0x349/0x880 [ 60.185971][ T5333] ? check_panic_on_warn+0x21/0xb0 [ 60.187911][ T5333] ? __pfx_panic+0x10/0x10 [ 60.189532][ T5333] ? _raw_spin_unlock_irqrestore+0x130/0x140 [ 60.191650][ T5333] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 60.193965][ T5333] ? print_report+0x502/0x550 [ 60.195651][ T5333] check_panic_on_warn+0x86/0xb0 [ 60.197403][ T5333] ? dtReadFirst+0x512/0xc50 [ 60.199044][ T5333] end_report+0x77/0x160 [ 60.200562][ T5333] kasan_report+0x154/0x180 [ 60.202130][ T5333] ? dtReadFirst+0x512/0xc50 [ 60.203766][ T5333] dtReadFirst+0x512/0xc50 [ 60.205366][ T5333] jfs_readdir+0x7ef/0x3c50 [ 60.207094][ T5333] ? __pfx_jfs_readdir+0x10/0x10 [ 60.208959][ T5333] ? __pfx_lock_acquire+0x10/0x10 [ 60.210816][ T5333] ? down_write+0x18c/0x220 [ 60.212446][ T5333] ? __pfx_down_write+0x10/0x10 [ 60.214213][ T5333] ? __might_fault+0xaa/0x120 [ 60.215912][ T5333] ? __pfx_jfs_readdir+0x10/0x10 [ 60.217709][ T5333] wrap_directory_iterator+0x91/0xd0 [ 60.219655][ T5333] iterate_dir+0x571/0x800 [ 60.221292][ T5333] __se_sys_getdents64+0x1e2/0x4b0 [ 60.223221][ T5333] ? __pfx___se_sys_getdents64+0x10/0x10 [ 60.225348][ T5333] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 60.227599][ T5333] ? __pfx_filldir64+0x10/0x10 [ 60.229416][ T5333] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 60.231772][ T5333] ? do_syscall_64+0x100/0x230 [ 60.233543][ T5333] ? do_syscall_64+0xb6/0x230 [ 60.235162][ T5333] do_syscall_64+0xf3/0x230 [ 60.236865][ T5333] ? clear_bhb_loop+0x35/0x90 [ 60.238437][ T5333] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 60.240490][ T5333] RIP: 0033:0x7f64d2580809 [ 60.242130][ T5333] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 60.249453][ T5333] RSP: 002b:00007f64d334b058 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9 [ 60.252421][ T5333] RAX: ffffffffffffffda RBX: 00007f64d2745fa0 RCX: 00007f64d2580809 [ 60.255061][ T5333] RDX: 0000000000000099 RSI: 0000000020000400 RDI: 000000000000000c [ 60.257749][ T5333] RBP: 00007f64d25f393e R08: 0000000000000000 R09: 0000000000000000 [ 60.260306][ T5333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 60.263129][ T5333] R13: 0000000000000000 R14: 00007f64d2745fa0 R15: 00007ffea2dc4c48 [ 60.266042][ T5333] [ 60.267448][ T5333] Kernel Offset: disabled [ 60.268929][ T5333] Rebooting in 86400 seconds..