program: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10) syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000000140)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x18000, &(0x7f00000022c0)=ANY=[], 0x0, 0x6e3, &(0x7f0000000240)="$eJzs3c9vHGf9B/D3rNeOt98qX6dNaIQKWIlUkCISJ1YK4YJBCOVQoaocesVKnMbqJqkSF6UVAhcQnJA49A8oSL5xQEjcg8KFS7n16mMlJIQUIRH1wKKZnbV3vWt7nTh2Aq9XNJ7nmefHfOaZZ2a8dqwJ8D/r8pkcuZcil8+8drfMr6/Nt9fX5o/Uxe0kZbqRNLurFDeT4n6yUJYXfUv61kM+XL70xicP1j/t5pr1UtWf2KndCCPqrtZLZuv+Zke2nBx3F6t1eHk+yZV6PWhq3L4GKpaDdrpew6HrDFndS/O9XLfAU6b3dCq6z80hM8lzSabr7wNS3x0aBxfhk7GnuxwAAAA8oz6+ddgRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwLOnfv//QjdZvd+/XGc2Re/9/1O9bXX6KbQwds17TzQOAAAAAAAAADgYX3qYh7mbo718p6h+53+qyhzPZ53k//Ju7mQpt3M2d7OYlazkds4nmenraOru4srK7fMbLUujW14Y2fLCQR0xAAAAAAAAAPxX+mlam7//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAp0GRTHRX1XK8XmcmjWY2y7Ka/DXJ1GHHuwfF0JYv/uBQAgEAAIDHMf0Ibf7/YR7mbo728p2i+sz/uerz8nTezc2sZDkraWcpV+vP0OWn/sb62nx7fW3+RrmU+cF+v/X3PYUxVfcwUeVG7flkVaOVa1mutpzNlSqYq2l09306OdmLpy+uPh+UMRXfrI0ZWbMe1nJnvx75U4T9cm8g19ihZmszuGRjRObq2MqWx7ojUCSrk0m2jsSuZ6c5kJupep3c2NP5NDZ+8nP8CYz5c/W6PJ5fPNEx36uNkWikGokLvdlXXjM7j0Ty5T/+7s3r7ZtvX79258zTc0i7mNhm+9Y5Md83Ei890yPR3GP9uWokTmzkL+e7+X7OZDav53aW88MsZiVL6dTli/V8Lr/O7DxSCwO513eLZKo+L91zNk5Ms/lOlVrMqart0SynyK1czVJerf5dyPl8LRdzMZf6zvCJbeOujq266htbr/remf7TyOBPf6VOlHe3X27e5RZ2OuLtZud+6d77y3E91jeu3Vn/YKPWsb7rYK5vlF7ojc7kyM4f5d7Y/HydKPfxs12eEwdrph6J8gLqPSV60b3YHYlm9Swanue/6ZTt0r7Z6VxffGeb/le35F+p1+W0WvvC6Nr/Gupl9KnYX+V8eSHT9Z1kcHaUZS9u3GX6yjqbc7lbNvjELdudqMqKonelfi+3qgkwfKV2n87/7gz3dKEqe2nkXuarspN9ZQPfb+VW2rl6AOMHwKP4y5sbyZk8N9X6W+vj1ketn7eut16b/vaRrx95eSqTf578RnNu4pXGy8Uf8lF+vPn5HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeHR33nv/7cV2e+n26ERj+6KBRCtbt+zW85ZEUb/QZ2+txkksjHek+5yYTjKwpXrP0T7t4h8Zt3JraxhDic5PkoMbljrRe4ng6Dq/KhPNoRk18uQObPn9cIcf7DHC4lBmS3+iMfbJ3Z/EREZPgEO6IQEH5tzKjXfO3Xnv/a8u31h8a+mtpZuTFy9emrt08dX5c9eW20tz3a+HHSXwJGw+9A87EgAAAAAAAAAAAGBco/4w4NTzu/3RyFh/4+F/FgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD74vKZNO+lyPm5s3Nlfn1tvl0uvfRmzWaSRiMpfpQU95OFdJfM9HVX5Lf30xmxnw+XL73xyYP1Tzf7anbrJ416vb2dS5Os1ktmk0zU68cw0N+Vx+6v+GfvGMoB+6zT6Sw8XnywP/4TAAD//6Db9N0=") syz_mount_image$jfs(&(0x7f0000000400), &(0x7f0000000300)='./bus\x00', 0x1c802, &(0x7f0000002740)=ANY=[@ANYBLOB="71756f74612c646973636172642c646973636172642c696f636861727365743d6b6f69382d72752c646973636172642c00f4193eb3ba2a0d5fd0cd7374288ff89ec513a53e007345decb720900f8312da2463eb0edf52fad1a00ebd41c14b3ce75d0cffefd379624b16f7260c835713b263352e03b5cb8fa0c042bd1225ed4ded2b62e12fea4d7e61b738e40781e58d5fff112364ac140f419e5dafecd283b3fab6b142ddbc893b35a81fe9265591ef35fa2928e095fee4c10b22e4212378de59bca0307cc644b9620b63f0000007bbbd422d87856b71348b8f45398b9660b6b3e8ee8a8c32f3234cb46e2cd827ec25c1ca4d046bc004f8df7b1ee690a5e50510700d80c7fa65fa724d0e1b4369f1b64fe249a0312010000004ac983de925f52d735b03fea941b1e948ad8d19cfda5b799325fd69d14fcf6cdde7700a63150eb3699e5314e0827750e244150ec19f3f3f1d8be542c084b5e40bfaa8ad206d2a33b0ddbd7f8e07dc7d17174a4549ffaf5976949cb6d658c42ec7cd9fe8ad82852cefb04646edb3a41eb514eb6a772b3ee9f21e25822b54ec33e592d5c040946721101d53aff21f90351c95aa0f73f1853d6afcbf9448b220e988466066fa5c09e6198fc4520d199b93bdedee87c4043815aa05668a06f8da96680ccc1a139ade90f5c79af46208f9762f54e7c29088d9de69bd2d51c6b9c42209ddc3880051303b855853407d959a5777dce25201c5ea1faa084c36e3e349915ebec53435eb2910c59394ee84ba3baf9c440ae5833c23f46b0eaac543ce0c80ba0603213e53ea59755070b18bc10b9224aa082d967206115b492d825751fcc00000000000000e63d51c5bffa4f712c2d7fafb9cf506c06e1ddad4fc19038407786fedb9afdfb11a5f182676dd84c919f71d5eee2f3b740b68ee7f6518eb9d8baa26f1c3871f863b134ee942eb3af92d19e70d8268839cd7b4637f0627299f99b1873ca165e410f8bd421e1a4859fd9bd6bb34d25c07e1a52b9668a530b10b8585d797124a6975a71aedbe557a17b06bbfe547aa553c3d08b8921a4b0d938c03687bd48a9a387b4c066c056f457fba5738775b900a1e82a89aae1494b05c4bb0fc8ed1a93688bf850a4f7b0942eda1f16ecf043efa6b8c1f9e0fba31f4a58ed0031180fb1b8a00e4a86826b030000002dd1272a3d1609bebb749daef202e0412a73d545b86ca7a6bf569ed35d0000ca23b0de742f6008fdf20928370d88f8c04bc3b97b9a9e0062e8fc5fd2337d85a66bd20730f3153db2459fb34c134c06c19364e9645e83040dd16ee08f18f0ba69ac9ca3e25e15442b07000000d30d38a64613b535fa808a9b3bae00bc371271d45db200a5cbf433e2f6dd03b7c7fcc040781e5151c9badb787e7e1e2f39d60998919aa8dbd156f31a5b7fa5f9e5ec01e8c799edc322703c7fc4a81ab9bc02dd96714ee9d7e75d28d040ff3566404fd6db547a4b553197c1f316d20ea54f9459cd81351a510d101e90eabe6dc6c6ac3ffa189c073a5fb3fc382df620bf5af9e638819c77a051e6875866a849f6f578c068c0e4c7cfbc15033997efa853c96297b3201dd30ea40dc94d010a0c33da9f63a10b8f813dc789b80be3bb3f00ee58b30d5c03a6ddbf418ac1b3d4a13839e4b273c4f914bed13f8806295495d41609478798396aeec06e8d342efd8ac6b422f6c23a011b1400000000000000bc2a02094e19a1ee8bb3c3c0c088ae8efaf68c85001faf7cf5426fb7c5c367ed93eb25c48a293549d15b91b59f1b574b3f6171f8e56a402ec56bdf51d90312b3ca5398f4050000007504be21456ec953bf06f12fff20c31e7c8b55fee5c49aa939830b09995ff149258118f9aae29206f9731288b56b10de51525665fdb4e289b1c177de97af3085f82045fbd012f1dde94ffecd90b7b63d8197d9c24a6fe5915ac7d7240847f6d0bf9099ee117c83e363f2ad36a4a9f4faa5734afe9770c38c565cae87a408d0acbb2db7db9174acab60a344814ee643fa82ba41706d2360269ed276e13dd83abbc258f07b0d58ab0b65200b18b7f9f871bcb43fec5a2e3789ecd0c1069d2da80b93c86dff8933e70c2108346003ddf6b60379eee63b66e7341cdd8f87ed9f11894c9ae040976321d87405b492f419ebfa77eb367ca6e360b8f8451102f54893d7d1695c24bcc184b1e7d19940a2b6931ade8638dd2b85a86dc511dbb97f50520f91fbf7201fc9621d0aee9735d07ca024076e8581db332b1c5f135fe6b2e9d2c18c9d5d5a524d3d5b2657e4b28f1a09696bd5b076a1471c8b2ab2ca3ba57843af1d03590f4e8985e1c463c781bb03ad7ec816ea70bbe06411aae001e0ca72ee7e828ad14bb7a092d883ad000554bf7f00000000000075cc01f8a2e1802192f09e77bc488b3bd3f08a9ce88ba2e2bcc23cf5d7372b339ce1f5003db0ad70fa6e93aa908a2ced81f5514e23e2f94ff03c1c02f5a9195f4735563efd0a1fc7dafcfb3dae043fe0c172ec3a12747d7abf4382bf7453c13df994641017a0f461add956ef8f834b762af30408af6a61f317fd3c7b0816236a768601b7c6606ba52ff126eb13d33c915c5da99d118db488da3f3d7783a608282a93fcbe0910f0389c3ef91de7c84e23daa6554c42b2b3e9f70a9f790f29011a0b5102003bfeba6e52877ed8a188958e39375dd203d434bef4dc82cc8a21fc40c6e6e6a2475f70bf1503beb9555036e63bdc937f8a4d61b21d06a9d3239d1df6f2e9ef16dee590b15ac028c6d873bb2965374b733d8e11ba763ab157ed91dd871b098c0543dcbba4cf67db8c83c84369dc67735fa4faa0fdcf34b1c6a862ccae9fe4fa28746504643b57f02623a2ef34ea90f2e7f7dd771f8f75217c799d978a3533fcfab6c6f5391b626d61b400f08172fc675e2a062d06c31b85452804f7b125c291f60a02a5d62271e96fe70d64bae36e28b42e197259169ebee8f64355544fbad8b83c1c8fad02cd1a2e56a6f6e82ec7719a48a1bea803546b8af7a89faf7cef94d8ada45fc0a98a79ba90c95262f0110725c6bf7c81237534dcd6a8a113bd8ac48b7db5526ab762cec103674742476cd6b92b8c7abcfb1f8e08f0a05c1b209187049f3206bd545e8c20f8db6d8a7cdd0c9ecbb9011b611a013cd581521dfcb028d59d5c69d286fb93e4c498b3aaff7e0cdcf1f41fec65ebdbe4c2bf453140251cdd94c32b87c4634d6500000000000000000000000000000000816e6c33f92dca3e03c40000005e538c77b2b14f63d253705363846bc4e9cd3284ff329330812d2211ae34106e0306376a2b1cfe60a09becae2b05ec9adcac47612af85f598a880fa97891a7a290b6e730800542aea761aeb463f5ff5bdf5099ae8ad4afe99db9e9c4e703cb900e9ae272742fe2ff81d1a4f15668392cdafd2e1757706f47f9f84e532f25e2737cb6f6e89378f8d79ab8507b109c7f1f3653a5bc9d54ccc633de6263526eac10519274"], 0x1, 0x5f4f, &(0x7f000000ac40)="$eJzs3V1vHFcZB/BnX7x+KU2jClUh4iJNobSU5j2B8taUCy4ACSSUaxK5bhVIASUB0SoirnKBuODlI8BNb7joFylfAfEBiBRzVQnKoLHPScbjddZp4p1dn99PcmaePTPeM/l7PLuemT0BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMT3vvvj072IuPzr9MDhiM/EIKIfsVzXx6KeuZiXH0bEkdhsjuciYrAYUa+/+c8zEeci4qNDEfc2bq3WD5/ZYz/On7p5/ZPvf+cfv/vTnSM/ffMnH7Tbf/TZsx/+/nbE4R++9uEnt5/MtgMAAEApqqqqeult/tH0/r7fdacAgKnIx/8qyY+r1Wq1+onWf+zPVn/UhdZN1Xi3m0VErDfXqV8zOB0PAHNmPT7uugt0SP5FG0bEU113Aphpva47wL64t3FrtZfy7TWPB8e22vPfKbflv967f3/HbtNJ2teYTOvn604M4tld+rM8pT7Mkpx/v53/5a32UVpuv/Oflt3yH23d+lScnP+gnX/Ltvz/HBFzm39/bP6lyvkPHyX/9cEc7//yBwAAAADg4Mt//z/c8fnfxcfflD152PnfY1PqAwAAAAAAAAA8aY87/t99xv8DAACAmVW/V6/95dCDx3b7LLb68Uu9iKdbywOFSTfLrHTdDwAAAAAAAAAAAAAoyXDrGt5LvYiFiHh6ZaWqqvqrqV0/qsddf96Vvv1Qsq5/yQMAwJaPDrXu5e9FLEXEpfRZfwsrKytVtbS8Uq1Uy4v59exocalabryvzdP6scXRHl4QD0dV/c2WGus1TXq/PKm9/f3q5xpVgz10bDo6DBwAImLraHTPEemAqapnoutXOcwH+//BY/9nL7r+OQUAAAD2X1VVVS99nPfRdM6/33WnAIBpWMrH//Z5AbVarVar1QevbqrGu90sImK9uU79msFw/AAwZ9bj4667QIfkX7RhRBzpuhPATOt13QH2xb2NW6u9lG+veTxI47vna0G25b/e21wvrz9uOkn7GpNp/XzdiUE8u0t/nptSH2ZJzr/fzv/yVvsoLbff+U/LbvnX23m4g/50Lec/aOffcnDy74/Nv1Q5/+Ej5T+QPwAAAAAAzLD89//Dzv/mTQYAAAAAAACAuXNv49Zqvu81n////Jjles05938eGDn/3p7zd//vQZLz77fzb12QM2jM333jQf7/3ri1+sHNf30uT2c+/4XBqH7uhV5/MEzX/FQLb8XVuBZrcWrH8sNt7ad3tC9saz8zof3sjvZR3b6c20/EavwirsWb99sXJ1wYtTShvZrQnvMf2P+LlPMfNr7q/FdSe681rd19v79jv29Oxz3Pxb/998Wde9f03YnB/W1rqrfveAf92fw/eWoUv7qxdv3Eb67cvHn9dKTJtkfPRJo8YTn/hfSV83/pha32/Hu/ub/efX/0yPnPijsx3DX/Fxrz9fa+POW+dSHnP0pfOf98BBq//89z/rvv/6900B8AAAAAAAAAAAAAAAB4mKqqNm8RvRgRF9L9P13dmwkATNUffpBmqiTUarVarVYf2LqpGu/1ZhFL29e5EBG/HffNAIBZ9r+I+GfXnaAz8i9Y/ry/evqFrjsDTNWNd9/72ZVr19au3+i6JwAAAAAAAADAp5XH/zzWGP958zqg1rjR28Z/fSOOze34n/3RYHOs87RBz8fDx/8+Hg8f/3s44fkWJrSPJrQvTmhfmtA+9kaPhpz/8ynjnP/RtGEljf/6Ugf96VrO/3ga6znn/6XWcs38q7/Oc/79bfmfvPnOL0/eePe9V6++c+XttbfXfn761IVzZ8+fO3v+/Mm3rl5bO7X1b4c93l85/zz2tetAy5Lzz5nLvyw5/y+mWv5lyfm/mGr5lyXnn1/vyb8sOf/83kf+Zcn5v5xq+Zcl5//lVMu/LDn/V1It/7Lk/L+SavmXJef/aqrlX5ac/4lUy78sOf+TqZZ/WXL++QyX/MuS889XNsi/LDn/M6mWf1ly/mdTLf+y5PzPpVr+Zcn5n0+1/MuS87+QavmXJef/1VTLvyw5/6+lWv5lyfm/lmr5lyXn//VUy78sOf9vpFr+Zcn5fzPV8i9Lzv9bqZZ/WXL+3061/MuS83891fIvy4PP/zcz5Zn//D1iBrphxsy4ma5/MwEAAAAAAAAAAAAAbdO4nLjrbQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP7PDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1Eaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwd3cxcpX3/cDPvtlrQ4L/gRBCnLA2hjiweHf9Bg4xmCTkT0mbUhLSpiU1jr02TvxW7zoBhMpSaEsUpCK1F/SiaRKlUaS2AkWRmko0Qkqk9q5cJeImaiUuLBUqByWVUgW2OnOe59mZ2dmZ9cvac875fBD+eWfOzDxz5szsftf6zgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANBsw8em/3wgy7L8/8Yf67Ls8vzva7I9+ZdzOy/1CgEAAIDz9Vbjz3+4Ip2wZxkXatrmXz/w79+fn5+fz77w5um3/3J+Pp0xlmVDq7OscV70b7/65XzzNsFT2ejAYNPXgz1ufqjH+cM9zh/pcf6qHuev7nH+aI/zF+2ARdYUv49pXNmmxl/XFbs0uyobaZy3qcOlnhpYPTgYf5fTMNC4zPzIwexwdiSbziYXXWag8V+WvbQhv617snhbg023tT7LsjM/f3x/XMNA2MebspYba2h+7N64Kxt78+eP7//O7Ovv7TR77oZFK82yzRvzdT6dZQu/rsoGstVpn8R1Djatc32HdQ61rHOgcbn87+3rPLPMdcb7PRrW+UqXda4Ppz1yfZZlc41NXv5Rh23aPZUNZmvbbjXt79HiiMivI38o35UNn9VxsmEZx0l+mdeubz1O2o/JuP83hH0yvMQamh+ON55ctWi/n+txkt/rfjhW8+u+L7/R0dHmX622HKv5No/fkI6Bjtu063QMpGO56RjY2OsYGFw11DgGBhfWvLHlGJhadJnBbKBxW6dv6H4MTMwePTEx8+hjtxw+uu/Q9KHpY1OTO7dv27F9244dEwcPH5meLP48u11aImuzwXQMbgyvNfEY/GDbts2H5Pw3L9zzYLRPngf5ff/MjfmCLh/MljjG822e3nz+z4P0fb/peTDc9Dzo+Jra4XkwvIznQb7Nmc3L+5453PR/pzWs1GvhuqZj4FJ+P8xv88EPLf1auD6s65mblj4GOn8/HFp0DMS7NRCee/kp6ee90dvCfll8XFybn3HZquzUzPTJLY/sm509OZWFcVFc2fRYtR8va5vuU7boeBk86+Nlz9//+sZrO5y+Luyr0Zu7P1b5NtvHuz9WjVf31v25Kiv2Z8upW7MwLrCLvT87fTfL92fKEl32Z77N07ec7bG/+PUv5ZKm17+RXq9/QyPDxevfUNobIy2vf4sfmqHGyrLszC3Le/0bCf9f7Ne/q/rk9S/fVw9u6X4M5Ns8M3G2x8Bw19e/68McCOv5UEgMo025/+3G+XPFYdr0WPY8boaHR8JxMxxvsfW42bboMvm15be9efLcjpvN17c+Vi0/t1TwuMn31V9Ndj9u8m1enjr/14418a9Nrx2reh0DI0Or8vWOpIOgeL2bXxOPgS3Z/ux4diQ7kC6TP8r5bY1vXd4xsCr8f7FfO67pk2Mg31fPb+1+DOTb/Hjbhf3ZaXM4JW3T9LNT++8Xlsr81w4vXF/7brvQmT9f58d/8ql0WqcMkW/z+vazzRnd99PN4ZTLOuyn9ufPUsf0gezi7KdrwjqP7Oj+u6l8m6t2LvN42pNl2atTrzZ+3xV+v/u9Uz/5fsvvfTv9TvnVqVfvnbj/p2ezfgAAzt3bjT/nVhU/azb9i/Vy/v0fAAAAKIWY+wfDTOR/AAAAqIyY+4fCTOR/AAAAqIyY+4fDTGqS/x++bdcLbz2RpXcDnA/i+XE33HdHsV3seM+Fr8fmF+Snf/TbIy989Ynl3fZglmW/vvd9Hbd/+I64rsKJuM4Pt56+yDXXLev2H3pgYbvm9084s6u4/nh/lnsYxK7ySxNbG9c79uhUY758b9aY988981Rx/cXXcfvT24rt/ya8acmegwMtl98c1rMpzLHwnjL37VnYD/mMl3th/Qd+dOVnF24vXm5g4zsbd/P5Py6uN75H1HNXFtvH+73U+v/la999Id/+kRs6r/+Jwc7rPx2u97Uwf7W72L55n3+1af1/GtYfby9ebsu3fthx/S++p9j+xXBcfCPM9vXf9Rfvf6vT4xVvZ8/txeXi7U/+z/bG5eL1xetvX//oE1Mt+6P9+l9+s7ie3V/+xVDz9vH0eDvRQ7e3Ht8D4fFt6ZFnWfbdP8ta9nP2keJy/9y2/nh9J27vvP6b29Z5YuC6xuUX7s+6lvv19b/b2vH+xvXs+cd1LffnubvD/ntz4sf59Z6+PxyP4fz/faW4vvb3Mn3x7tbXm7j9N9YVz9t4fRNt63+ubf1z1+X7rvf673mzWP+Ld65uWf+eT4Tj6Z5i9lr/ob+9ouXy3/xO8Xic/Mr4seMzpw4faNqrzc/j1aNr1l52+TveeUV4LW3/eu/x2YenT45Njk1m2VgJ3zJwpdf/rTD/uxhzF/4WCj/9RXHcPfvJ4vvWB39ZfP1cOP2h8HjG749f/+uRluO1/XGfu7OY57v+m8I6lus9X/vP65a14enPv3Tqn/7k9fafC+L9OfHu0cb9e37D1Y3zBl4uzm9/verlP97d+rz+2fBkY/4g7Nf58M7MG68ubq/9+uN7kzz76eL5G3+Si5fP2t5PZN1Q6/043/X/LPwc88NrWl//4vHxgyfa3s15XTaQL2EuvD5kc8X5cau4v589c3XH24vvw5PNvfdslrmkmUdnJo4cPnbqkYnZ6ZnZiZlHH9t79PipY7N7G+9duveLvS6/8Pxe23h+H5jeuT1rPNuPF2OFXer1n3hg/4FbJ288MH1w36mDsw+cmD55aP/MzP7pAzM37jt4cPorvS5/+MDuqa27tt26dfzQ4QO7b9u1a9uu8cPHjufLKBbVw87JL40fO7m3cZGZ3dt3Te3YsX1y/OjxA9O7b52cHD/V6/KN703j+aW/PH5y+si+2cNHp8dnDj82vXtq186dW3u+++PREwdnxiZOnjo2cWpm+uREcV/GZhsn59/7el2eepg5Hl7v2gyEn84/d/PO9P64uW8/ueRVFZu0/niavRHeCyp+f+v1dcz9I2EmNcn/AAAAUAcx94c3/l84Q/4HAACAyoi5f3WYifwPAAAAlRFzf5H8R9PHv9cl/1+o/v+T+v8N+v/6/5n+f6L/r/+f6f/r//eg/6//X+b16//r/9Nbv/X/Q+7P1mSZf/8HAACAioq5f22YifwPAAAAlRFz/2VhJvI/AAAAVEbM/ZeHmdQk//v8f/1//f9u/f+4rf5/pv/fD/3/Tf+l/7+I/r/+f6b/f84udX++7Ovvw/7/Gv1/+k2/9f9j7n9HmElN8j8AAADUQcz97wwzkf8BAACgMmLuvyLMRP4HAACAyoi5f12YSU3yv/6//r/+v8//1/8vTf/f5/93oP+v/5/p/5+zS92fL/v6+7D/7/P/6Tv91v+Puf//hZnUJP8DAABAHcTc/64wE/kfAAAAKiPm/ivDTOR/AAAAqIyY+68KM6lJ/q9n//+1LMv0/zP9f/3/tnXq/+v/rwT9f/3/bvT/9f/LvH79f/1/euu3/n/M/e8OM6lJ/gcAAIA6iLn/6jAT+R8AAAAqI+b+94SZyP8AAABQGTH3XxNmUpP8X8/+v8//1/8v6P+3rlP/X/9/Jej/6/93o/+v/1/m9ev/6//TW7/1/2Puf2+YSU3yPwAAANRBzP3XhpnI/wAAAFAZMfe/L8xE/gcAAIDKiLl/fZhJTfK//r/+v/6//r/+v/7/SipX/39wyXP0/wv6/60uXP9/bmEB+v+lWb/+v/4/vfVb/z/m/veHmdQk/wMAAEAdxNz/gTAT+R8AAAAqI+b+68JM5H8AAACojJj7x8JMapL/9f/1//X/9f/1//X/V1K5+v9L0/8v6P+38vn/+v/6//r/dNdv/f+Y+zeEmdQk/wMAAEAdxNy/McxE/gcAAIDKiLn/+jAT+R8AAAAqI+b+TWEmNcn/+v/6//r/+v/6//r/K0n/X/+/G/1//f8yr1//X/+f3vqt/x9z/w1hJjXJ/wAAAFAHMfffGGYi/wMAAEBlxNz/wTAT+R8AAAAqI+b+zWEmNcn/+v/6//r/Je7/D+n/Z/r/fU//X/+/G/1//f8yr1//X/+f3vqt/x9z/4fCTGqS/wEAAKAOYu6/KcxE/gcAAIDKiLn/5jAT+R8AAAAqI+b+8TCTmuR//X/9f/3/Evf/ff5/y/r1//uT/r/+fzf6//r/ZV6//r/+P731W/8/5v5bwkxqkv8BAACgDmLu3xJmIv8DAABAZcTcPxFmIv8DAABAZcTcPxlmUpP8r/+v/6//r/+v/6//v5L0//X/u9H/1/8v8/r1//X/6a3f+v8x90+FmdQk/wMAAEAdxNy/NcxE/gcAAIDKiLl/W5iJ/A8AAACVEXP/9jCTmuT/kvT/t6QClP6//r/+v/6//n+p6P/r/3ej/6//X+b16//r/9NqsMNp/db/j7l/R5hJTfI/AAAA1EHM/TvDTOR/AAAAqIyY+28NM5H/AQAAoDJi7r8tzKQm+b8k/X+f/6//r//fRP9f/79M9P/1/7vR/9f/L/P69f/1/+mt3/r/MffvCjOpSf4HAACAOoi5/8NhJvI/AAAAVEbM/beHmcj/AAAAUCqdPocwirn/I2EmNcn/+v9V7//Pr9b/1//X/+++fv3/laX/r//fjf6//n+Z16//r/9Pb/3W/4+5f3eYSU3yPwAAANRBzP13hJnI/wAAAFAZMfffGWYi/wMAAEBlxNy/J8ykJvlf/7/q/X+f/6//r//fa/36/ytL/1//vxv9/3L2/8OPLfr/fdT/z48h/X/6Ub/1/2PuvyvMpCb5HwAAAOog5v6PhpnI/wAAAFAZMfd/LMxE/gcAAIDKiLn/42EmNcn/+v/6//r/+v/6//r/K0n/f8X6/42XQv3/gv7/ubnU/fmyr7+f+v8+/59+1W/9/5j77w4zqUn+BwAAgDqIuf8TYSbyPwAAAFRGzP3/P8xE/gcAAIDKiLn/njCTmuR//X/9f/1//X/9f/3/laT/7/P/u9H/1/8v8/r1//X/6a3f+v8x9/9GmElN8j8AAADUQcz994aZyP8AAABQGTH3fzLMRP4HAACAklm15Dkx9/9mmElN8n/5+v9jpez/D6br1//X/9f/1//X/7+Q9P/1/zP9/3N2qfvzZV+//r/+P731W/8/5v7fCjOpSf4HAACAOoi5/1NhJvI/AAAAVEbM/b8dZiL/AwAAQGXE3H9fmElN8v+F7v+3X74bn/+v/5/p/+v/6//r/58n/X/9/0z//5xd6v582dev/6//T2/91v+Puf93wkxqkv8BAACgDmLuvz/MRP4HAACAPvXwWV8i5v5Ph5nI/wAAAFAZMfd/JsykJvm/fJ//r/+v/6//r/+v/18m+v/6/93o/+v/l3n9+v/6//TWb/3/mPsfCDOpSf4HAACAOoi5/7NhJvI/AAAAVEbM/b8bZiL/AwAAQGXE3P97YSYd8//gRVrVxaP/r/+v/6//r/+v/7+S9P8X9//z1zD9/4L+v/5/mdev/6//T2/91v+Puf9zYSb+/R8AAAAqI+b+3w8zkf8BAACgMmLu/4MwE/kfAAAAKiPm/gfDTGqS//X/9f/1//X/9f/1/1eS/r/P/+9G/1//v8zr1//X/6e3fuv/x9z/+TCTmuR/AAAAqIOY+/8wzET+BwAAgMqIuX9vmIn8DwAAAJURc/9DYSY1yf/6//r/+v/6//r/+v8rSf9f/78b/X/9/zKvX/9f/5/e+q3/H3P/vjCTPa03AwAAAJRXzP1fCDOpyb//AwAAQB3E3L8/zET+BwAAgMqIuf9AmElN8r/+v/6//r/+v/6//v9K0v/X/+9G/1//v8zr1//X/6e3fuv/x9w/HWZSk/wPAAAAdRBz/8EwE/kfAAAAKiPm/kNhJvI/AAAAVEbM/Q+HmdQk/+v/6//r/9e2///K99rWqf+v/78S9P/1/7vR/9f/L/P69f/1/+mt3/r/MfcfDjOpSf4HAACAOoi5/4thJvI/AAAAVEbM/V8KM5H/AQAAoDJi7j8SZlKT/K//r/+v/1/b/v/yPv9/zcLt6v/r/58L/X/9/270//X/y7x+/X/9f3rrt/5/zP1Hw0xqkv8BAACgDmLuPxZmIv8DAABAZcTcfzzMRP4HAACAyoi5/0SYSU3yv/7/2fX/B5boBur/d16//n8F+v9N9P/1/8+F/r/+fzf6//r/ZV6//r/+P731W/8/5v4/CjOpSf4HAACAOoi5/2SYifwPAAAAlRFz/0yYifwPAAAAlRFz/2yYSU3yv/6/z//X/9f/1//X/19J+v/6/93o/+v/l3n9+v/6//TWb/3/mPtPhZnUJP8DAP/H3n3l6nVWcRz+cAg4Qlxxw2WmwAgYAhPgBokx0EtCDx1C7y10AqFD6L333nsPhF4lUOy1VrDjs/exz/l83v2u57nIAgcpr2WD9Jf5aQMAHeTuf0DcYv8DAADANHL3PzBusf8BAABgGrn7HxS3NNn/+n/9v/5f/6//1//vk/5f/79E/6//3/L79f/6f9aN1v/n7n9w3NJk/wMAAEAHufsfErfY/wAAADCN3P0PjVvsfwAAAJhG7v6HxS1N9r/+X/+v/9f/6//1//uk/9f/L9H/6/+3/H79v/6fdaP1/7n7Hx63NNn/AAAA0EHu/kfELfY/AAAATCN3/yPjFvsfAAAAppG7/5q4pcn+1//r//X/G+z/76z/1/9vh/5f/79E/6//3/L79f/6f9aN1v/n7r82bmmy/wEAAKCD3P2PilvsfwAAAJhG7v5Hxy32PwAAAEwjd/9j4pYm+1//r//X/2+w//f9f/3/huj/9f9L9P/6/y2/X/+v/2fdaP1/7v7Hxi1N9j8AAAB0kLv/cXGL/Q8AAADTyN3/+LjF/gcAAIBp5O5/QtzSZP/r//X/+n/9v/5f/79P+n/9/xL9v/5/y+/X/+v/Wbf3/v8+1525h+3/c/dfF7c02f8AAADQQe7+J8Yt9j8AAABMI3f/k+IW+x8AAACmkbv/yXFLk/2v/9f/397///dO+n/9v/7/9h/X/x8P/b/+f4n+X/+/5ffr//X/rNt7/7/S+5//73P3PyVuabL/AQAAoIPc/U+NW+x/AAAAmEbu/qfFLfY/AAAATCN3/9Pjlib7X/+v//f9f/2//l//v0/6/2H7//P/q3cu/f+h6P/1/wf1//c+xPv1/3QwWv+fu/8ZcUuT/Q8AAAAd5O5/Ztxi/wMAAMA0cvdfH7fY/wAAADCN3P3Pilua7H/9v/5f/6//P7f/P9Wy/7/tx/T/+6H/H7b/X6b/PxT9v/7f9//1/ywbrf/P3f/suKXJ/gcAAIAOcvc/J26x/wEAAGAaufufG7fY/wAAADCN3P3Pi1ua7H/9v/5f/6//P9L3/6+Yo//3/f/90f/r/5fo//X/W36//l//z7rR+v/c/c+PW5rsfwAAAJjeqV3t/hfELfY/AAAATCN3/wvjFvsfAAAAppG7/0VxS5P9r//X/+v/9f9H6v8n+f6//n9/9P/6/yWH7f93+v/6uej/x3m//l//z7rR+v/c/S+OW5rsfwAAAOggd/9L4hb7HwAAAKaRu/+lcYv9DwAAANPI3f+yuKXJ/tf/6//1//p//b/+f5/0//r/Jb7/r//f8vv1//p/1o3W/+fuf3nc0mT/AwAAQAe5+18Rt9j/AAAAMI3c/a+MW+x/AAAAmERWm6d3r4pbzt//py7fqy4n/b/+X/+v/9f/6//3Sf+v/1+i/79w/3/6gH+e/n+s9+v/9f+sG63/z91/Q9ziz/8BAABgGrn7Xx232P8AAAAwjdz9r4lb7H8AAACYRu7+18YtTfb/Qf3/rXc7+/f1/4ej/7/w+/X/+n/9v/5f/6//X6L/9/3/Lb9f/6//Z91o/X/u/tfFLU32PwAAAHSQu//1cYv9DwAAANPI3f+GuMX+BwAAgGnk7n9j3NJk/x//9/+v1v/r//X/cfX/+n/9v/5f/79M/6//3/L79f/6f9aN1v/n7n9T3NJk/wMAAEAHuftvjFvsfwAAAJhG7v43xy32PwAAAEwjd/9b4pYm+//4+3/f/9f/X2T/f0r/n/T/8euq/9f/XwT9v/5/p/+/ZCfdz2/9/fp//T/rRuv/c/ffdGbq9dv/AAAA0MFNZ/56evfWuMX+BwAAgGnk7n9b3GL/AwAAwDRy9789bmmy//X/+v8T7/99/7/o/+PXVf+v/78I+n/9/25f/f89zv9fpzvS/+v/9f/6f5aN1v/n7n9H3NJk/wMAAEAHufvfGbfY/wAAADCN2P1n/8/v9j8AAABM6V1n/np69+64pcn+b9z/X33U/v+q//vX+v8Lv1//fyz9/03n/97T/+v/t0T/r/9fMnT/fwj6f/3/GP1//MA1+n/GM1r/n7v/PXFLk/0PAAAAHeTuf2/cYv8DAADANHL33xy32P8AAAAwjdz974tbmuz/xv3/JN//v98t8QL9/7z9v+//x9X/6/8vRP+v/9/p/y/ZSffzW3//OP2/7/8zrtH6/9z9749bmux/AAAA6CB3/wfiFvsfAAAAppG7/4Nxi/0PAAAA08jd/6G4pcn+1/9vvf/3/X/9v/5f/z82/b/+f4n+X/+/5ffr//X/rBut/8/d/+G4pcn+BwAAgA5y938kbrH/AQAAYBq5+z8at9j/AAAAMI3c/R+LW5rsf/2//n9f/f9t/xD9f5P+/1r9/07/fyD9v/5/if5f/7/l9+v/9f+sG63/z93/8bilyf4HAACADnL3fyJusf8BAABgGrn7Pxm32P8AAAAwjdz9n4ob7nX3k3vS8brygB+P3lz/r//3/X/9v+//6//3Sf+v/1+i/9f/b/n9+n/9P+tG6/9z9386bvHn/wAAADCN3P2fiVvsfwAAAJhG7v7Pxi32PwAAAEwjd//n4pYm+1//r//X/2+2/79K/3/u+/X/Y9L/6/+X6P/1/1t+v/5f/8+60fr/3P2fj1ua7H8AAADoIHf/F+IW+x8AAACmkbv/i3GL/Q8AAADTyN3/pbilyf7X/+v/9f+b7f99//+89+v/x6T/1/8v0f/r/7f8fv2//p91o/X/ufu/HLc02f8AAADQQe7+r8Qt9j8AAABMI3f/V+MW+x8AAACmkbv/a3FLk/2v/9f/6//1//p//f8+6f/1/0v0//r/Lb9f/6//Z91o/X/u/q/HLU32PwAAAHSQu/8bcYv9DwAAANPI3f/NuMX+BwAAgGnk7v9W3NJk/8/c/y/9x/T/Z+n/9f87/b/+f8/0//r/Jfp//f+W36//1/+zbrT+P3f/t+Pe7p6X+DMEAAAARpO7/ztxS5M//wcAAIAOcvd/N26x/wEAAGAaufu/F7c02f8z9/9L9P9n6f/1/zv9v/5/z/T/+v8l+n/9/5bfr//X/7PuhPr/K3cH9P+5+78ftzTZ/wAAANBB7v4fxC32PwAAAEwjd/8P4xb7HwAAAKaRu/9Hccs8+//+Ny/8Tf3/sff/Z34T6f/1/zv9v/5f/3+G/l//v0T/r//f8vv1//p/1o32/f/c/T+OW+bZ/wAAANBe7v6fxC32PwAAAEwjd/9P4xb7HwAAAKaRu/9ncUuT/a//9/1//X+r/v+Knf5f/3+Z6f/1/0v0//r/Lb9f/6//Z91o/X/u/p/HLU32PwAAAHSQu/8XcYv9DwAAANPI3f/LuMX+BwAAgGnk7v9V3NJk/+v/9f/6/1b9v+//6/8vO/2//n+J/l//v+X3Z/+fv+/0//p/7mi0/j93/6/jlib7HwAAADrI3f+buMX+BwAAgGnk7v9t3GL/AwAAwDRy9/8ubmmy//X/+n/9v/5/7P7/Gv2//n+R/l//v9P/X7KT7ue3/v6jff//tl91/T/zG63/z91/S9zSZP8DAABAB7n7fx+32P8AAAAwjdz9f4hb7H8AAACYRu7+W+OWJvtf/6//n7L/v6v+f57+3/f/9f/L9P/6/53+/5KddD+/9fcfrf/3/X96GK3/z93/x7ilyf4HAACADnL3/ylusf8BAABgGrn7/xy32P8AAAAwjdz9f4lbmux//b/+/+L7/yvr5z1s/+/7//p//f8w5u3/76L/1/8fuf+//oazP6z/3+b79f/6f9aN1v/n7v9r3NJk/wMAAEAHufv/FrfY/wAAADCN3P1/j1vsfwAAAJhG7v5/xC1N9r/+X/8/5ff/9f/6f/3/MObt/33/X//v+//6f/2//p81o/X/ufv/Gbc02f8AAADQQe7+f8Ut9j8AAABMI3f/v+MW+x8AAACmkbv/P3FLk/2v/99W/3/fG/X/+n/9v/5/W/T/+v8l+n/9/5bfr//X/7NutP4/d///AgAA//96szP8") creat(&(0x7f0000000100)='./bus\x00', 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x42, 0x0) pwritev2(r1, &(0x7f0000000180)=[{&(0x7f0000000200)='\x00', 0x1}], 0x1, 0x7, 0x0, 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000340)='./bus\x00', 0x0, 0x1000, 0x0) r2 = open(&(0x7f00000005c0)='./bus\x00', 0x400, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x4c02, &(0x7f0000000140)) mkdirat(0xffffffffffffff9c, &(0x7f00000005c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='cdg\x00', 0x4) syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000001540)='./file1\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="6572726f72733d636f6e74696e75652c00a3a2a4e7417e941910c27d130b55ac2d5f7a61e59ec6d5de07239091924c32eeb367d16409d6d3ec1fb755f9a7989ebc4e96918e268f0b7acebf67c07bc4731250f87d27b5e9e61000e70f0c6a4e2432073d0d3e18f864e9ef64637d14e5485f36e53c821cb5898685c055a367ea51b653eff6581710f6c3824bc667bd24219163c60803099f985567be0d978e301b4f6603628606afadb04eee58f42f1853f2e8598a5e250e0f4c9a"], 0x1, 0x14fe, &(0x7f0000002ac0)="$eJzs3QuYjtX6MPB1r7UexjTxNslhWPe6H940WCZJckiSQ5IkSZJTQtIkSUJiyCkJSchxkhyGkBwmJo3z+ZBz0mRLkiSnnML6rqndtve//b/s/e39//y/Pffvutb1rvtaz72etd6beZ/nuebwQ9fhtZrUrt6IiMS/BH57SRFCxAghBgkh8gkhAiFE+fjy8dnjeRSk/GsnYf9ej6Zd6xWwa4nrn7Nx/XM2rn/OxvXP2bj+ORvXP2fj+udsXH/GcrKtMwvfwC3ntn/9+X/Mby/8/P//Q/z5n7Nx/f/TnM7zzxzN9f9Pctl7/89lcP1zNq5/zsb1z9m4/jkb1z9n4/ozlpNd6+fP3K5tu9b//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM5Qzn/BVaCPF7/1qvizHGGGOMMcYYY/8+Pve1XgFjjDHGGGOMMcb+54GQQgktApFL5BYxIo+IFdeJOHG9yCvyiYi4QcSLG0V+cZMoIAqKQqKwSBBFRFFhBAorSISimCguouJmUULcIhJFSVFKlBZOlBFJ4lZRVtwmyonbRXlxh6gg7hQVRSVRWVQRd4mq4m5RTdwjqot7RQ1RU9QStcV9oo64X9QVD4h64kFRXzwkGoiHRUPxiGgkHhWNxWOiiXhcNBVPiGaiuWghWopW/1f5r4ie4lXRS/QWKaKP6CteE/1EfzFADBSDxOtisHhDDBFviqFimBgu3hIjxNtipHhHjBKjxRjxrhgrxonxYoKYKCaJVPGemCzeF1PEB2KqmCamixkiTcwUs8SHYraYI+aKj8Q88bGYLxaIhWKRSBefiMViicgQn4ql4jORKZaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Co+F9vEdrFD7BS7xG6xR3wh9oovxT7xlcgSX/+T+Wf/S343ECBAggQNGnJBLoiBGIiFWIiDOMgLeSECEYiHeMgP+aEAFIBCUAgSIAGKQlFAQCAgKAbFIApRKAElIBESoRSUAgcOkiAJysJtUA7KQXkoDxWgAlSESlAJqkAVqApVoRpUg+pQHWpADagFteA+uA/uh7pQF+pBPagP9aEBNICG0BAaQSNoDI2hCTSBptAUmkEzaAEtoBW0gtbQGtpAG2gH7aA9tIcO0AGSIRk6QkfoBJ2gM3SGLtAFukJX6AbdoTu8Aq/Aq/Aq9IYasg/0hb7QD/rBABgIA+F1GAxvwBvwJgyFYTAc3oK34G0YCWdgFIyGMTAGqspxMB4mAMlJkAqpMBkmwxSYAlNhGkyDGZAGM2EWzILZMAfmwEcwDz6Gj2EBLIBFkA7psBiWQAZkwFI4C5mwDJbDClgJq2AlrIG1sAbWwwZYD5tgE2yBLfA5fA7bYTvshJ2wG3bDF/AFfAlfwlDIgizYD/vhAByAg3AQDsEhOAyH4QgcgaNwFI7BMTgOJ+AknIDTcBrOwFk4B+fgAlyAi3ARLsPl7P/8MpuWWuaSuWSMjJGxMlbGyTiZV+aVERmR8TJe5pf5ZQFZQBaShWSCTJBFZVGJEiXJUBaTxWRURmUJWUImykRZSpaSTjqZJJNkWVlWlpPlZHl5h6wg75QVZSXZ1lWRVWRV2c5Vk/fI6rK6rCFrylqytqwt68g6sq6sK+vJerK+rC8byIdlQ9kHBsCjMrsyTeQwaCqHQzPZXLaQLeXb8KRsLUdCG9lWtpNPy9EwCjrI1i5ZPic7yvHQSb4gJ8CLsoucBF3ly7Kb7C57yFdkT9nG9ZK95VToI/vKGdBP9pcD5EA5G2rK7IrVkm/KoXKYHC7fkovgbTlSviNHydFyjHxXjpXj5Hg5QU6Uk2SqfE9Olu/LKfIDOVVOk9PlDJkmZ8pZ8kM5W86Rc+VHcp78WM6XC+RCuUimy0/kYrlEZshP5VL5mcyUy+RyuUKulKvkarlGrpXr5Hq5QW6Um+RmuUVulZ/LbXK73CF3yl1yt9wjv5B75Zdyn/xKZsmv5X75J3lAfiMPym/lIfmdPCy/l0fkD/Ko/FEekz/J4/KEPClPydPyZ3lGnpXn5Hl5Qf4iL8pL8rL0UihQUimlVaByqdwqRuVRseo6FaeuV3lVPhVRN6h4daPKr25SBVRBVUgVVgmqiCqqjEJlFalQFVPFVVTdrEqoW1SiKqlKqdLKqTIqSd2qyqrbVDl1uyqv7lAV1J2qoqqkKqsq6i5VVd2tqql7VHV1r6qhaqpaqra6T9VR96u66gFVTz2o6quHVAP1sGqoHlGN1KOqsXpMNVGPq6bqCdVMNVctVEvVSj2pWqunVBvVVrVTT6v26hnVQT2rktVzqqN6XnVSL6jO6kXVRb2kuqqXVTfVXfVQl9Rl5VUv1VulqD6qr3pN9VP91QA1UA1Sr6vB6g01RL2phqpharh6S41Qb6uR6h01So1WY9S7aqwap8arCWqimqRS1XtqsnpfTVEfqKlqmpquZqg0NVMN+PNMc/+B/Pf/Tv6QX8++RW1Vn6ttarvaoXaqXWq32qP2qL1qr9qn9qkslaX2q/3qgDqgDqqD6pA6pA6rw+qIOqKOqqPqmDqmjqsT6rw6pU6rn9UZdVadVefVBXVBXfzzeyA0aKmV1jrQuXRuHaPz6Fh9nY7T1+u8Op+O6Bt0vL5R59c36QK6oC6kC+sEXUQX1Uajtpp0qIvp4jqqb9Yl9C06UZfUpXRp7XQZnaRv/Zfzr7a+VrqVbq1b6za6jW6n2+n2ur3uoDvoZJ2sO+qOupPupDvrzrqL7qK76q66m+6me+geuqfuqb0QIkWn6L76Nd1P99cD9EA9SL+uB+vBeogeoofqoXq4Hq5H6BF6pB6pR+lReoweo8fqsXq8Hq8n6ok6VafqyXqynqKn6Kl6qp6up+s0naZn6Vl6tp6t5+q5ep6ep+fr+XqhXqjTdbperBfrDJ2hl+qlOlMv08v0Cr1Cr9Kr9Bq9Rq/T6/QGvUFv0pt0pv79GzR36B16l96l9+g9eq/eq/fpfTpLZ+n9er8+oA/og/qgPqQP6cP6sD6ij+ij+qg+po/p4/q4PqlP6tP6tD6jz+hz+py+oC/oi/qivqwvZ1/2BTKQgQ50kCvIFcQEMUFsEBvEBXFB3iBvEAkiQXwQH+QPbgoKBAWDQkHhICEoEhQNTICBDSgIg2JB8SAa3ByUCG4JEoOSQamgdOCCMkFScGtQNrgtKBfcHpQP7ggqBHcGFYNKQeWgSnBXUDW4O6gW3BNUD+4NagQ1g1pB7eC+oE5wf1A3eCCoFzwY1A8eChoEDwcNg0eCRsGjQePgsaBJ8HjQNHgiaBY0D1oELYNW/9b5vT9T8CnXy/Q2KaaP6WteM/1MfzPADDSDzOtmsHnDDDFvmqFmmBlu3jIjzNtmpHnHjDKjzRjzrhlrxpnxZoKZaCaZVPOemWzeN1PMB2aqmWammxkmzcw0s8yHZraZY+aaj8w887GZbxaYhWaRSTefmMVmickwn5ql5jOTaZaZ5WaFWWlWmdVmjVlr1pn1ZoPZaDaZzWaL2Wo+N9vMdrPD7DS7zG6zx3xh9povzT7zlckyX5v95k/mgPnGHDTfmkPmO3PYfG+OmB/MUfOjOWZ+MsfNCXPSnDKnzc/mjDlrzpnz5oL5xVw0l8xl47Mv7rM/3lGjxlyYC2MwBmMxFuMwDvNiXoxgBOMxHvNjfiyABbAQFsIETMCiWBSzERIWw2IYxSiWwBKYiIlYCkuhQ4dJmIRlsSyWw3JYHstjBayAFbEiVsbs+5G78G68G+/Be/BevBdrYk2sjbWxDtbBulgX62E9rI/1sQE2wIbYEBthI2yMjbEJNsGm2BSbYTNsgS2wFbbC1tga22AbbIftsD22xw7YAZMxGTtiR+yEnbAzdsYu2AW7Ylfsht2wB/bAntgTe2EvTMEU7It9sR/2wwE4AAfhIByMg3EIDsGhOBSH43AcgSNwJI7EUTgax+C7OBbH4XicgBNxEqZiKk7GyTgFp+BUnIrTcTqmYRrOwlk4G2fjXJyL83Aezsf5uBAXYjqm42JcjBmYgUtxKWZiJi7H5bgSV+JqXI1rcS2ux/W4ETfiZtyMW3ErbsNtuAN34C7chXtwD+7FvbgP92EWZuF+3I8H8AAexIN4CA/hYTyMR/AIHsWjeAyP4XE8DifxJJ7G03gGz+A5PIcX8Be8iJfwMnqMsXlsrL3OxtnrbV6bz8bYPL2FEH+JC9nCNsEWsUWtsQVswb+J0VqbaEvaUra0dbaMTbK3/iGuaCvZyraKvctWtXfban+I69j7bV37gK1nH7S17X1/E9e3D9kG9nHb0D5hG9nmtrFtaZvYx21T+4RtZpvbFralbW+fsR3sszbZPmc72uf/EC+2S+xau86utxvsXvulPWfP2yP2B3vB/mJ72d52kH3dDrZv2CH2TTvUDvtDPMa+a8facXa8nWAn2kl/iKfbGTbNzrSz7Id2tp3zhzjdfmLn2Qw73y6wC+2iX+PsNWXYT+1S+5nNtMvscrvCrrSr7Gq75i9rXWE32c12i91jv7Db7Ha7w+60u+zuX+PsfeyzX9ks+7U9bL+3B+w39qA9ag/Z736Ns/d31P5oj9mf7HF7wp60p+xp+7M9Y8/+uv/svZ+yl+xl660gIEmKNAWUi3JTDOWhWLqO4uh6ykv5KEI3UDzdSPnpJipABakQFaYEKkJFyRCSJaKQilFxitLNVIJuoUQqSaWoNDkqQ0l0K5Wl26gc3U7l6Q6qQHdSRapElakK3UVV6W6qRvdQdbqXalBNqkW16T6qQ/dTXXqA6tGDVJ8eogb0MDWkR6gRPUqN6TFqQo9TU3qCmlFzakEtqRU9Sa3pKWpDbakdPU3t6RnqQM9SMj1HHel56kQvUGd6kbrQS9SVXqZu1J160CvUk16lXtSbUqgP9aXXqB/1pwE0kAbR6zSY3qAh9CYNpWE0nN6iEfQ2jaR3aBSNpjH0Lo2lcTSeJtBEmkSp9B5NpvdpCn1AU2kaTacZlEYzaRZ9SLNpDs2lj2gefUzzaQEtpEWUTp/QYlpCGfQpLaXPKJOW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lT6nbbSddtBO2kW7aQ99QXvpS9pHX1EWfU376U90gL6hg/QtHaLv6DB9T0foBzpKP9Ix+omO0wk6SafoNP1MZ+gsnaPzdIF+oYt0iS6TJxFCKEMV6jAIc4W5w5gwTxgbXhfGhdeHecN8YSS8IYwPbwzzhzeFBcKCYaGwcJgQFgmLhibE0IYUhmGxsHgYDW8OS4S3hIlhybBUWDp0YZkwKbw1LBveFpYLbw/Lh3eEFcI7w4phpbByWCW8K6wa3h1WC+8Jq4f3hjXCmmGtsHZ4X1gnvD+sGz4Q1gsfDMuFD4UNwofDhuEjYaPw0bBx+FjYJHw8bBo+ETYLm4ctwpZhq/DJsHX4VNgmbBu2C58O24fPhB3CZ8Pk8LmwY/j8VcdTwj5h3/C18LXQ+wfUwuiiaHr0k+ji6JJoRvTT6NLoZ9HM6LLo8uiK6Mroqujq6Jro2ui66ProhujG6Kbo5uiWqPe1cwsHTjrltAtcLpfbxbg8LtZd5+Lc9S6vy+ci7gYX7250+d1NroAr6Aq5wi7BFXFFnXHorCMXumKuuIu6m10Jd4tLdCVdKVfaOVfGJbmWrpVr5Vq7p1wb19a1c0+7p90z7hn3rHvWPec6uuddJ/eC6+xedF3cS+4l97Lr5rq7Hu4V19O96nq53i7Fpbi+rq/r5/q5AW6AG+QGucFusBvihrihbqgb7oa7EW6EG+lGulFulBvjxrixbqwb78a7iW6iS3WpbrKb7Ka4KW6qm+qmu+kuzaW5WW6Wm+1mu7lurpvn5rn5br5b6Ba6dJfuFrvFLsNluKVuqct0mW65W+5WupVutVvt1rq1br1b7za6jW6z2+y2uq1um9vmdrgdbpfb5fa4PW6v2+v2uX0uy2W5/W6/O+AOuIPuW3fIfecOu+/dEfeDO+p+dMfcT+64O+FOulPutPvZnXFn3Tl33l1wv7iL7pK77LxLjbwXmRx5PzIl8kFkamRaZHpkRiQtMjMyK/JhZHZkTmRu5KPIvMjHkfmRBZGFkUWR9MgnkcWRJZGMyKeRpZHPIpmRZZHlkRWRlZFVEe+LbAt9MV/cR/3NvoS/xSf6kr6UL+2dL+OT/K2+rL/Nl/O3+/L+Dl/B3+kr+kq+sn/CN/PNfQvf0rfyT/rW/infxrf17fzTvr1/xnfwz/pk/5zv6J/3nfwLvrN/0XfxL/mu/mXfzXf3Pfwrvqd/1ffyvX2K7+P7+td8P9/fD/AD/SD/uh/s3/BD/Jt+qB/mh/u3/Aj/th/p3/Gj/Gg/xr/rx/pxfryf4Cf6ST7Vv+cn+/f9FP+Bn+qn+el+hk/zM/0s/6Gf7ef4uf4jP89/7Of7BX6hX+TT/Sd+sV/iM/ynfqn/zGf6ZX65X+FX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+s/9Nr/d7/A7/S6/2+/xX/i9/ku/z3/ls/zXfr//kz/gv/EH/bf+kP/OH/bf+yP+B3/U/+iP+Z/8cX/Cn/Sn/Gn/sz/jz/pz/ry/4H/xF/0lf5l/Zo0xxhhj7B+irjLe57/JkX/u9xVCXL+98KH/Or6xwG/9/rkT2keEEM/17vro761GjZSUlD8fm6lEUHyBECJyJT+XuBIvE+3EMyJZtBVl/zIe81fn6i+7X6CrzB+9Q4jYv8rJzv89vjL/bX93//3luHlXnX+BEInFr+TkEVfiK/OX+2/mL9j6KvPn+SZViDZ/lRMnrsRX5k8ST4nnRfLfHMkYY4wxxhhjjP2mv6zc+Wr3t9n35wn6Sk5ucSX+e/fnjDHGGGOMMcYY+9/lxe49nn0yObltZ+78T3V8vt/e6v8t6+EOd/6BzrX+ysQYY4wxxhj7d7ty0X+tV8IYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjOVc/y9+ndjv57ra3xpkjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG/lP9nwAAAP//sjE7Eg==") r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0) sendmmsg$inet(r0, &(0x7f0000000980)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000680)='I', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000002080)="83", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000300)='z', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000340)="45bc4891e5", 0x5}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000007c0)="e0db87bde4", 0x5}], 0x1}}], 0x5, 0x4008095) [ 82.151288][ T5097] Bluetooth: hci0: command tx timeout [ 83.175025][ T5113] loop0: detected capacity change from 0 to 1024 [ 83.213207][ T5113] hfsplus: wrong filesystem version [ 83.648784][ T5113] loop0: detected capacity change from 0 to 32768 [ 83.781335][ T5113] loop0: detected capacity change from 32768 to 0 [ 83.790103][ T5113] syz.0.0: attempt to access beyond end of device [ 83.790103][ T5113] loop0: rw=1, sector=360, nr_sectors = 8 limit=0 [ 83.809957][ T5113] metapage_write_end_io: I/O error [ 83.813663][ T5113] ERROR: (device loop0): release_metapage: metapage_write_one() failed [ 83.813663][ T5113] [ 83.818667][ T5113] syz.0.0: attempt to access beyond end of device [ 83.818667][ T5113] loop0: rw=0, sector=64, nr_sectors = 8 limit=0 [ 83.844815][ T5113] syz.0.0: attempt to access beyond end of device [ 83.844815][ T5113] loop0: rw=0, sector=120, nr_sectors = 8 limit=0 [ 83.850120][ T5113] ERROR: (device loop0): remounting filesystem as read-only [ 83.871336][ T5113] ================================================================== [ 83.875531][ T5113] BUG: KASAN: slab-use-after-free in release_metapage+0x64b/0x960 [ 83.879474][ T5113] Read of size 8 at addr ffff88803bed2eb0 by task syz.0.0/5113 [ 83.882536][ T5113] [ 83.883680][ T5113] CPU: 0 UID: 0 PID: 5113 Comm: syz.0.0 Not tainted 6.12.0-rc3-syzkaller-00087-gc964ced77262 #0 [ 83.888518][ T5113] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 83.893479][ T5113] Call Trace: [ 83.895237][ T5113] [ 83.896647][ T5113] dump_stack_lvl+0x241/0x360 [ 83.898932][ T5113] ? __pfx_dump_stack_lvl+0x10/0x10 [ 83.900990][ T5113] ? __pfx__printk+0x10/0x10 [ 83.902824][ T5113] ? _printk+0xd5/0x120 [ 83.904588][ T5113] ? __virt_addr_valid+0x183/0x530 [ 83.906728][ T5113] ? __virt_addr_valid+0x183/0x530 [ 83.908960][ T5113] print_report+0x169/0x550 [ 83.910846][ T5113] ? __virt_addr_valid+0x183/0x530 [ 83.912974][ T5113] ? __virt_addr_valid+0x183/0x530 [ 83.915029][ T5113] ? __virt_addr_valid+0x45f/0x530 [ 83.917395][ T5113] ? __phys_addr+0xba/0x170 [ 83.919839][ T5113] ? release_metapage+0x64b/0x960 [ 83.922527][ T5113] kasan_report+0x143/0x180 [ 83.924369][ T5113] ? release_metapage+0x64b/0x960 [ 83.926488][ T5113] release_metapage+0x64b/0x960 [ 83.928472][ T5113] ? __get_metapage+0x872/0xef0 [ 83.930431][ T5113] diAllocAG+0x1762/0x1e50 [ 83.932138][ T5113] ? __pfx_diAllocAG+0x10/0x10 [ 83.933959][ T5113] ? dbNextAG+0x518/0x630 [ 83.935737][ T5113] diAlloc+0x1d2/0x1630 [ 83.937713][ T5113] ? new_inode+0x1b7/0x1d0 [ 83.939565][ T5113] ialloc+0x8f/0x900 [ 83.941309][ T5113] jfs_mkdir+0x1c5/0xba0 [ 83.943129][ T5113] ? __pfx_jfs_mkdir+0x10/0x10 [ 83.945002][ T5113] ? generic_permission+0x1e0/0x550 [ 83.947025][ T5113] ? bpf_lsm_inode_mkdir+0x9/0x10 [ 83.948836][ T5113] ? security_inode_mkdir+0xbe/0x340 [ 83.950866][ T5113] vfs_mkdir+0x2f9/0x4f0 [ 83.952447][ T5113] do_mkdirat+0x264/0x3a0 [ 83.954111][ T5113] ? __pfx_do_mkdirat+0x10/0x10 [ 83.956216][ T5113] ? getname_flags+0x1e3/0x540 [ 83.958271][ T5113] __x64_sys_mkdirat+0x87/0xa0 [ 83.960368][ T5113] do_syscall_64+0xf3/0x230 [ 83.962386][ T5113] ? clear_bhb_loop+0x35/0x90 [ 83.964265][ T5113] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 83.966405][ T5113] RIP: 0033:0x7f18c9d7dff9 [ 83.968143][ T5113] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 83.975304][ T5113] RSP: 002b:00007f18cac03038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 83.978684][ T5113] RAX: ffffffffffffffda RBX: 00007f18c9f35f80 RCX: 00007f18c9d7dff9 [ 83.982857][ T5113] RDX: 0000000000000000 RSI: 00000000200005c0 RDI: ffffffffffffff9c [ 83.987348][ T5113] RBP: 00007f18c9df0296 R08: 0000000000000000 R09: 0000000000000000 [ 83.990406][ T5113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 83.993352][ T5113] R13: 0000000000000000 R14: 00007f18c9f35f80 R15: 00007ffd69ba3f38 [ 83.996440][ T5113] [ 83.997621][ T5113] [ 83.998603][ T5113] Allocated by task 5113: [ 84.000396][ T5113] kasan_save_track+0x3f/0x80 [ 84.002364][ T5113] __kasan_slab_alloc+0x66/0x80 [ 84.004790][ T5113] kmem_cache_alloc_noprof+0x135/0x2a0 [ 84.007482][ T5113] mempool_alloc_noprof+0x197/0x5a0 [ 84.009659][ T5113] __get_metapage+0x4ed/0xef0 [ 84.011477][ T5113] diAllocAG+0x16b4/0x1e50 [ 84.013239][ T5113] diAlloc+0x1d2/0x1630 [ 84.014830][ T5113] ialloc+0x8f/0x900 [ 84.016410][ T5113] jfs_mkdir+0x1c5/0xba0 [ 84.018423][ T5113] vfs_mkdir+0x2f9/0x4f0 [ 84.020616][ T5113] do_mkdirat+0x264/0x3a0 [ 84.022704][ T5113] __x64_sys_mkdirat+0x87/0xa0 [ 84.024999][ T5113] do_syscall_64+0xf3/0x230 [ 84.026879][ T5113] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.029184][ T5113] [ 84.030141][ T5113] Freed by task 79: [ 84.031756][ T5113] kasan_save_track+0x3f/0x80 [ 84.033508][ T5113] kasan_save_free_info+0x40/0x50 [ 84.035520][ T5113] __kasan_slab_free+0x59/0x70 [ 84.037605][ T5113] kmem_cache_free+0x1a2/0x420 [ 84.039981][ T5113] metapage_release_folio+0x412/0x540 [ 84.042949][ T5113] shrink_folio_list+0x240c/0x8cc0 [ 84.045253][ T5113] evict_folios+0x549b/0x7b50 [ 84.047097][ T5113] try_to_shrink_lruvec+0x9ab/0xbb0 [ 84.049236][ T5113] shrink_one+0x3b9/0x850 [ 84.050946][ T5113] shrink_node+0x3799/0x3de0 [ 84.052775][ T5113] kswapd+0x1ca3/0x3700 [ 84.054621][ T5113] kthread+0x2f0/0x390 [ 84.056375][ T5113] ret_from_fork+0x4b/0x80 [ 84.058518][ T5113] ret_from_fork_asm+0x1a/0x30 [ 84.061044][ T5113] [ 84.062360][ T5113] The buggy address belongs to the object at ffff88803bed2e88 [ 84.062360][ T5113] which belongs to the cache jfs_mp of size 184 [ 84.067853][ T5113] The buggy address is located 40 bytes inside of [ 84.067853][ T5113] freed 184-byte region [ffff88803bed2e88, ffff88803bed2f40) [ 84.072916][ T5113] [ 84.073827][ T5113] The buggy address belongs to the physical page: [ 84.076347][ T5113] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x3bed2 [ 84.080267][ T5113] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 84.085475][ T5113] page_type: f5(slab) [ 84.087835][ T5113] raw: 04fff00000000000 ffff88801f21e280 dead000000000122 0000000000000000 [ 84.091164][ T5113] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 84.094036][ T5113] page dumped because: kasan: bad access detected [ 84.096387][ T5113] page_owner tracks the page as allocated [ 84.098654][ T5113] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xd2800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5113, tgid 5112 (syz.0.0), ts 83672187338, free_ts 83671219531 [ 84.108417][ T5113] post_alloc_hook+0x1f3/0x230 [ 84.110925][ T5113] get_page_from_freelist+0x3045/0x3190 [ 84.113402][ T5113] __alloc_pages_noprof+0x292/0x710 [ 84.115829][ T5113] alloc_pages_mpol_noprof+0x3e8/0x680 [ 84.118287][ T5113] alloc_slab_page+0x6a/0x120 [ 84.120549][ T5113] allocate_slab+0x5a/0x2f0 [ 84.122691][ T5113] ___slab_alloc+0xcd1/0x14b0 [ 84.125299][ T5113] __slab_alloc+0x58/0xa0 [ 84.127351][ T5113] kmem_cache_alloc_noprof+0x1c1/0x2a0 [ 84.129458][ T5113] mempool_alloc_noprof+0x197/0x5a0 [ 84.131562][ T5113] __get_metapage+0x4ed/0xef0 [ 84.133303][ T5113] diReadSpecial+0x25d/0x680 [ 84.134974][ T5113] jfs_mount+0x75/0x830 [ 84.136523][ T5113] jfs_fill_super+0x59c/0xc50 [ 84.138267][ T5113] mount_bdev+0x20a/0x2d0 [ 84.139962][ T5113] legacy_get_tree+0xee/0x190 [ 84.142286][ T5113] page last free pid 4599 tgid 4599 stack trace: [ 84.146329][ T5113] free_unref_page+0xcfb/0xf20 [ 84.148116][ T5113] rcu_core+0xaaa/0x17a0 [ 84.149669][ T5113] handle_softirqs+0x2c5/0x980 [ 84.151585][ T5113] __irq_exit_rcu+0xf4/0x1c0 [ 84.153445][ T5113] irq_exit_rcu+0x9/0x30 [ 84.155188][ T5113] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 84.157266][ T5113] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 84.159610][ T5113] [ 84.160802][ T5113] Memory state around the buggy address: [ 84.164155][ T5113] ffff88803bed2d80: fc fc 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 84.167355][ T5113] ffff88803bed2e00: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 84.170194][ T5113] >ffff88803bed2e80: fc fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 84.173237][ T5113] ^ [ 84.175689][ T5113] ffff88803bed2f00: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 84.179373][ T5113] ffff88803bed2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 84.182295][ T5113] ================================================================== [ 84.341249][ T5097] Bluetooth: hci0: command tx timeout [ 84.541435][ T5113] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 84.544986][ T5113] CPU: 0 UID: 0 PID: 5113 Comm: syz.0.0 Not tainted 6.12.0-rc3-syzkaller-00087-gc964ced77262 #0 [ 84.549035][ T5113] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 84.553185][ T5113] Call Trace: [ 84.554517][ T5113] [ 84.555693][ T5113] dump_stack_lvl+0x241/0x360 [ 84.557732][ T5113] ? __pfx_dump_stack_lvl+0x10/0x10 [ 84.560539][ T5113] ? __pfx__printk+0x10/0x10 [ 84.562957][ T5113] ? preempt_schedule+0xe1/0xf0 [ 84.565599][ T5113] ? vscnprintf+0x5d/0x90 [ 84.567318][ T5113] panic+0x349/0x880 [ 84.568938][ T5113] ? check_panic_on_warn+0x21/0xb0 [ 84.570895][ T5113] ? __pfx_panic+0x10/0x10 [ 84.572608][ T5113] ? _raw_spin_unlock_irqrestore+0x130/0x140 [ 84.574903][ T5113] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 84.577335][ T5113] ? print_report+0x502/0x550 [ 84.579478][ T5113] check_panic_on_warn+0x86/0xb0 [ 84.581923][ T5113] ? release_metapage+0x64b/0x960 [ 84.584534][ T5113] end_report+0x77/0x160 [ 84.586551][ T5113] kasan_report+0x154/0x180 [ 84.588317][ T5113] ? release_metapage+0x64b/0x960 [ 84.590203][ T5113] release_metapage+0x64b/0x960 [ 84.592012][ T5113] ? __get_metapage+0x872/0xef0 [ 84.593760][ T5113] diAllocAG+0x1762/0x1e50 [ 84.595826][ T5113] ? __pfx_diAllocAG+0x10/0x10 [ 84.597728][ T5113] ? dbNextAG+0x518/0x630 [ 84.599445][ T5113] diAlloc+0x1d2/0x1630 [ 84.601159][ T5113] ? new_inode+0x1b7/0x1d0 [ 84.603155][ T5113] ialloc+0x8f/0x900 [ 84.604822][ T5113] jfs_mkdir+0x1c5/0xba0 [ 84.606642][ T5113] ? __pfx_jfs_mkdir+0x10/0x10 [ 84.608557][ T5113] ? generic_permission+0x1e0/0x550 [ 84.610581][ T5113] ? bpf_lsm_inode_mkdir+0x9/0x10 [ 84.612502][ T5113] ? security_inode_mkdir+0xbe/0x340 [ 84.614451][ T5113] vfs_mkdir+0x2f9/0x4f0 [ 84.616208][ T5113] do_mkdirat+0x264/0x3a0 [ 84.617926][ T5113] ? __pfx_do_mkdirat+0x10/0x10 [ 84.620089][ T5113] ? getname_flags+0x1e3/0x540 [ 84.622246][ T5113] __x64_sys_mkdirat+0x87/0xa0 [ 84.624695][ T5113] do_syscall_64+0xf3/0x230 [ 84.626913][ T5113] ? clear_bhb_loop+0x35/0x90 [ 84.628833][ T5113] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.631010][ T5113] RIP: 0033:0x7f18c9d7dff9 [ 84.632664][ T5113] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 84.640145][ T5113] RSP: 002b:00007f18cac03038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 84.643752][ T5113] RAX: ffffffffffffffda RBX: 00007f18c9f35f80 RCX: 00007f18c9d7dff9 [ 84.647249][ T5113] RDX: 0000000000000000 RSI: 00000000200005c0 RDI: ffffffffffffff9c [ 84.650644][ T5113] RBP: 00007f18c9df0296 R08: 0000000000000000 R09: 0000000000000000 [ 84.653763][ T5113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 84.656865][ T5113] R13: 0000000000000000 R14: 00007f18c9f35f80 R15: 00007ffd69ba3f38 [ 84.660665][ T5113] [ 84.663144][ T5113] Kernel Offset: disabled [ 84.665223][ T5113] Rebooting in 86400 seconds..