program:
syz_mount_image$jfs(&(0x7f00000011c0), &(0x7f0000000040)='./bus\x00', 0x0, &(0x7f0000000240)=ANY=[@ANYRES8=0x0], 0xfa, 0x61be, &(0x7f00000073c0)="$eJzs3c1vHGcdB/Df7JtfQlOrh6pECLlpoZTSJE5KCBRoe4ADlx5QriiR61YRKS9JQGllEVe+cODEXwBCcESII+LAH9ADV26cOBHJRgL1xFRjP088u9mtnTreWXs+H8mZ+c0zaz+z3519yczsEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAfO+7318pIuLaz9OCpYjPRDeiE7FQ1csRsbC8lNfvRcQzsdMcT0dEfy6iuv3OP09GvBIRH56O2NpeX60WXzxgP77zp3/87gen3vz7H/vn//fnO91XJ6139+6v/vuXe4fbZgAAAGibsizLIn3MP5M+33ea7hQAMBX59b9M8vITX//6X2/+dZb6o1arZ7TuPlg6G/1Rqw9X15Xj3asXEbFRv031nsHheAA4Zjbio6a7QIPk32q9iDjVdCeAmVY03QGOxNb2+mqR8i3qrwfLu+35XJCh/DeKB9d3TJruZ/Qck2k9vjajG09N6M/ClPowS3L+ndH8r+22D9J6R53/tEzKf7B76VPr5Py7o/mPODn5d8bm31Y5/94j5d+VPwAAAAAAzLD8//9LDR//nTv8phzIJx3/XZ5SHwAAAAAAAADgcTvs+H8PGP8PAAAAZlb1Wb3ym9N7yyZ9F1u1/GoR8cTI+kDLpItlFpvuBwAAAAAAAAAAAAC0SW/3HN6rRUQ/Ip5YXCzLsvqpG60f1WFvf9y1ffuhzZp+kgcAgF0fnh65lr+ImI+Iq+m7/vqLi4tlOb+wWC6WC3P5/exgbr5cqH2uzdNq2dzgAG+Ie4Oy+mXztdvV7fd5eb/20d9X/a1B2T1Axx6Tfro3JzQ3FDYAJLuvRltekU6Ysnxy0psPGGL/P4GWYqnpxxWzr+mHKQAAAHD0yrIsi/R13mfSMf9O050CAKYiv/6PHhc4VN2Z0B7xeH6/Wq1Wq9XqT1XXlePdqxcRsVG/TfWewXD8AHDMbMRHTXeBBsm/1XoR8UzTnQBmWtF0BzgSW9vrq0XKt6i/HqTx3fO5IEP5bxQ7t8u3Hzfdz+g5JtN6fG1GN56a0J+np9SHWZLz74zmf223fZDWO+r8p2VS/oOdS+baJ+ffHc1/xMnJvzM2/7bK+fceKf9uzrkjfwAAAAAAmD35//+XHP/NmwwAAAAAAAAAx87W9vpqvu41H///3Jj1XP95MuX8i0fNfyHNy/9Yy/l3RvL/0sh63dr8/Tf29v//bK+v/uHOvz+bpwfNfy7PFOmRVaRHRJH+UtFL08Ns3cM2+91B9Zf6RafbS+f8lP2340bcjLW4MLRuJ90fe+0rQ+1VT/tD7ReH2nsPtV8aau+n7x0oF3L7uViNH8fNeGunfTB8t481v8/9U+7TnvPvev5vpZx/r/ZT5b+Y2ouRaeX+B52H9vv6dNzfef3G53954eg3Z1+b0X2wbXXV9p1toD8798mpQfzs9tqtc3ev37lzayXSZGjpxUiTxyzn39/5mdt7/n9utz0/AdX31/sfDB45/1mxGb2J+T9Xm6+298Up960JOf9B+sn5v5Xax+//xzn/yfv/Sw30BwAAAAAAAAAAAAAAAD5JWZY7l4i+HhGX0/U/TV2bCQBMV379L5O8XK1Wq9Vq9cmr68rxXqsXEfG3+m2q9wy/GPfLAIBZ9v+I+GfTnaAx8m+x/H1/1fT5pjsDTNXt997/4fWbN9du3W66JwAAAAAAAADAp5XH/1yujf/8fEQsjaw3NP7rG7F82PE/e3nmwQCjj3mg7wk2O4Nupzbc+LOxMz73uUnjf5+Nh8f/zmPiduvbMUF/n/bBPu1z+7TPj126l9bYCz1qcv7P1sY7r/I/MzL8ehvGfx0d874Ncv5na4/nKv8XYjj0ev7lb2cu/42DrrgZnaH8z9959yfnb7/3/ss33r3+zto7az+6tLJy4dLly1euXDn/9o2baxd2/z2aXs+AnH8e+9p5oO2S88+Zy79dcv5fSLX82yXn/8VUy79dcv4vpFr+7ZLzz5995N8uOf8XUy3/dsn5fznV8m+Xre31uSr/l1It/3bJ+/9XUi3/dsn5v5xq+bdLzv9cquXfLjn/86k+QP6+Hv4EyfnnI1z2/3bJ+a9ExE9/L/+2yflfTLX82yXnfynV8m+XnP8rqZZ/u+T8v5pq+bdLzv9yquXfLjn/r6Va/u2S87+Savm3S87/66mWf7vk/L+Ravm3S87/1VTLv11y/t9MtfzbJef/rVTLv11y/t9OtfzbJef/Wqrl3y573/9vxowZM3mm6WcmAAAAAAAAAAAAAGDUNE4nbnobAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgY3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhb17i5HrvusAfmYv9tppGrdNUye4zdpxHcfZZNeX+FIwcdMkDUlLyZWGS2zjXTvb+havTZMQyS5paaQ6okJFhAegrSKIhFAt1IeCQskD4vJE4KG8oCKkSkQojdKKSoBKFs2c///vmdnZmVnveD17zucj2b/dmTNzzpw5M7vftb97AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoN76j019qZJlWfVP7a81Wfau6serRtfULvvIld5CAAAAYLH+r/b329ekC/Z1caO6Zf7uQ//4rdnZ2dns04O/O/zV2dl0xWiWDa/Mstp10YV/f7xSv0zwfDZSGaj7fKDD6gc7XD/U4frhDtev6HD9yg7Xj3S4fs4OmGNV/vOY2p1trH24Jt+l2bXZcO26jS1u9Xxl5cBA/FlOTaV2m9nhw9l0djSbyiYals+XrdSWf3V9dV33ZXFdA3XrWlc9Qn743KG4DZWwjzc2rOvifUY/+Gg2+qMfPnfoj0+/eX2r2XE3NNxfvp2bN1S38wvhknxbK9nKtE/idg7Ubee6Fs/JYMN2Vmq3q37cvJ1vd7mdgxc3c0k1P+cj2UDt49dr+2mo/sd6aT+tC5f9901Zlp27uNnNy8xZVzaQrW64ZODi8zOSH5HV+6geSu/NhhZ0nK7v4jitzsmNjcdp82siPv/rw+2G5tmG+qfpB59fMed5X+hxGlUf9XyvleZjsNevlX45BuNx8XrtQb/Q8hjcGB7/c5vmPwZbHjstjsH0uOuOwQ2djsGBFYO1bU5PQqV2m4vH4NaG5Qdra6rU5hub2h+D46ePnRyfeebZ26aPHTwydWTq+PatWye279y5e/fu8cPTR6cm8r8vcW/3v9XZQHoNbAj7Lr4Gbm5atv5Qnf16716HI21eh2ualu3163Co+cFVluYFOfeYzl8bj1R3+sj5gWye11jt+dmy+Ndhetx1r8Ohutdhy68pLV6HQ128DqvLnNzS3fcsQ3V/Wm3D5fpasKbuGGz+fqT5GOz19yP9cgyOhOPiX7fM/7VgXdjeF8YW+v3I4JxjMD3c8N5TvSR9vz+yuzZaHZc3VK+4akV2Zmbq1O1PHzx9+tTWLIwl8b66Y6X5eF1d95iyOcfrwIKP133TH3rhhhaXrwn7auS26l8j8z5X1WV23N7+uap9dWu9Pxsu3ZaF0WNLvT9bfTWv7s+UJdvsz+oyXxhf/PfiKZfWvf8Oz/P+G3P/O/n60l09Pzg8lL9+B9PeGW54P258qoZq712V2rrfHu/u/Xg4/Fnq9+Nr27wfr21attfvx8PNDy6+H1c6/bRjcZqfz5FwnBydaP9+XF1m7baFHpNDbd+PbwqzEvb/LSEppFxUd+zMd9ymdQ0NDYfHNRTX0Hicbm9Yfjhks+q6Xtl2acfp5pvy+xpMj+6ipTpOR5uW7fVxmt6v5jtOK51++nZpmp/PkXBcXLu9/XFaXea1HYt/71wVP6x771zR6RgcHlxR3ebhdBDm7/ezq+IxeHt2KDuRHc0ma9euqB1Pldq6xu7o7hhcEf4s9Xvl2jbH4OamZXt9DKavY/Mde5WhuQ++B5qfz5FwXLx0R/tjsLrM3bt6+73r5nBJWqbue9fmn6/N9zOvG5p20+X8mVd1O/9mV/ufzVaXObp7oTmz/X66NVxyVYv91Pz6ne81NZktzX5aG7bzzd3z76fq9lSX+eqeLo+nfVmWnX3qrtrPe8O/r/z5me9+q+HfXVr9m87Zp+566+rDf7uQ7Qdg+XsnH6vzr3V1/zLVzb//AwAAAMtCzP0DYSbyPwAAABRGzP3xf4Un8j8AAAAURsz9Q2EmJcn/a+9+c/qds1lq5s8G8fq0G+7Pl4sd14nw+ejsRdXL73p56sd/eba7dQ9kWfaT+3+j5fJr74/blRsN23nhnsbL597wbFfrP/DoxeXq++tfC/cfH0+3h0GrCu5ElmWvXvNibT2jj5+vzdfuP1CbD5174fnqMm/vyT+Pt3/jffnyfxDKv/sOH2y4/RthP3w/zIkHWu+PeLtvnr9l3a7HLq4v3q6y4d21h/3SE/n9xt+T85Xn8+Xjfp5v+//qy698s7r80x9uvf1nB1pv/yvhfl8O838+mC9f/xxUP4+3+2LY/ri+eLvbv/Gdltt/4Uv58ifvzZc7EGZc/+bw+cZ735yu319PVw42PK7s4/lycf0T3/3t2vXx/uL9N2//yP7zDfuj+fh47Z/z+xlvWj5eHtcT/UXT+qv3U398xvW/8lsHGvZzp/VfeOiND1bvt3n9tzYtN9h0++bf2PSHX3yx5fri9uz7s5MNj2ffg+F1HNb/0hPheAzX/++FFxvWGx14sPH9Jy7/tTVnGx5PdN+P8vVfuPNIbf7H6I9//6p3Xf3uczdW912Wvf5wfn+d1n/kj040bP/Xr9tSez7i9bGj37z++cT1n/rc2PETM2emJ+v2au1353wi356VI6tWV7f3mvDe2vz5/hOnn5w6NToxOpFlo8X9FXqX7BthvpWPcwu9/ZZHw/N5w++9unrTP305Xv4vj+SXn38g/7p1c1juK+HyNfnzN1tZ5PpfWn9d7fVdeS3/vKHH3gPrNv7n7q4WDI+/+fuCeLyffP+Ttf1Qva72dSO+rhe5/d+bzO/n22G/zobfzLzhuovrq18+/m6E8w/nr/dF77/wNhef1z8Jz/cnv5/ff9yu+Hi/F76P+c7axve7eHx8++xA8/3XfovHufB+kp3Lr49Lxf19/u3rWm5e/D0k2bnra5//Trqf6xf0MOcz88zM+NHp42eeHj89NXN6fOaZZ/cfO3Hm+On9td/luf8znW5/8f1pde39aXJq545sYlWWZSeyiSV4w7o821/9qLvtP/noocldE5smpw4fPHP49KMnp04dOTQzc2hqcmbTwcOHpz7X6fbTk3u3btuzfde2sSPTk3t379mzfc/Y9PET1c3IN6qDnROfHTt+an/tJjN7d+zZescdOybGjp2YnNq7a2Ji7Eyn29e+No1Vb/3rY6emjh48PX1samxm+tmpvVv37Ny5reNvAzx28vDM6PipM8fHz8xMnRrPH8vo6drF1a99nW5PMc38W/79bLNK/ov4sk/dujP9ftaqlz8/713lizT9AtE3w++i+Yf3nNzdzecx9w+HmZQk/wMAAEAZxNy/IsxE/gcAAIDCiLl/ZZiJ/A8AAACFEXP/SJhJSfK//r/+f3f9//x6/f9y9f9PPpX3Spd7/z/25/X/y+EK9/8XvX79f/3/4vX/u+/PL/ft1//X/2euXvf/BxbZ/4+5f1WWlTL/AwAAQBnE3L86zET+BwAAgMKIuf+qMBP5HwAAAAoj5v53hZmUJP/r/3fV/9/WqXBV/P6/8//r/2fLs/8fnxz9/9JYcP/+sUcaPtX/D/T/9f/1//X/9f9ZtOF5r7nU/n+2yP5/zP1Xh5mUJP8DAABAGcTc/+4wE/kfAAAACiPm/mvCTOR/AAAAKIyY+9eEmZQk/+v/O/+//r/+f6H7/4s9/3/dxuj/Lw/O/9/egvv/K/X/u+v/j+j/L8f+/3Bvt7+/+/8dN1//n8ui1+f/X2z/P+b+94SZlCT/AwAAQBnE3P/eMBP5HwAAAAoj5v73hZnI/wAAAFAYMfdfG2ZSkvzfP/3/xoqk/n/+uf6//r/+/xXu/7c9/3/+kf5/f9H/j4ZaXur8/x04/3+5+v893v7+7v/3+vz/w/c0317/n1b6rf8fc//7w0xKkv8BAACgDGLuvy7MRP4HAACAwoi5/wNhJvI/AAAAFEbM/WvDTEqS//un/9+0Xfr/Nfr/+v/6//3c/8/p//cX/f/29P870P/X/9f/767/3+KbX/1/Wum3/n/M/deHmZQk/wMAAEAZxNx/Q5iJ/A8AAACFEXP/T4WZyP8AAABQGDH3rwszKUn+1//X/9f/L1f//9YV+v/6/8Wm/9+e/n8H+v/6//r/XZ7/f66F9P9XdrozCqPf+v8x938wzKQk+R8AAADKIOb+D4WZyP8AAABQGDH33xhmIv8DAABAYcTcPxpmUpL8r/9frP7/n/71Szdm+v/6/x3WX9D+fzwM9P9LTv+/Pf3/DvT/9f/1/5ek/0959Fv/P+b+9WEmJcn/AAAAUAYx928IM5H/AQAAoDBi7r8pzET+BwAAgMKIuX9jmElJ8r/+f7H6/5H+v/5/u/UXtP+f6P+Xm/5/C3UvUv3/DvT/9f9L3/+P3/3q/9Mb/db/j7n/w2EmJcn/AAAAUAYx928KM5H/AQAAoDBi7r85zET+BwAAgMKIuX9zmElJ8r/+v/6//r/+v/5/6/Xr/y9P+v/tLbT/v0L/X/9f/79k/X/n/6e3+q3/H3P/LWEmJcn/AAAAUAYx928JM5H/AQAAoDDi/9/M/9+r/A8AAABFFHP/WJhJSfK//r/+f5n6/xX9f/1//f/C0/9vz/n/O9D/1//X/9f/p6f6rf8fc/9tYSYlyf8AAABQBjH33x5mIv8DAABAYcTcPx5mIv8DAABAYcTcPxFmUpL8r/+v/1+m/r/z/+v/6/8Xn/5/e/r/Hej/6/8Xrf+fZfr/XFH91v+PuX9rmElJ8j8AAACUQcz928JM5H8AAAAojJj7t4eZyP8AAABQGDH37wgzKUn+1/8vav9/NtP/1/+fb/36//r/Rab/357+fwf6//r/Rev/O/8/V1i/9f9j7r8jzKQk+R8AAADKIOb+nWEm8j8AAAAURsz9u8JMQv5v9f+6AQAAgOUl5v7dYSYl+fd//f+C9P9/8+8b1u38//r/7dbfm/7/Kv3/MPX/+0tB+//NL4tLpv/fgf6//r/+v/4/PdVv/f+Y+/eEmZQk/wMAAEAZxNz/kTAT+R8AAAAKI+b+nw4zkf8BAACgMGLu/5kwk5Lkf/3/gvT/m+j/6/+3W7/z/+v/F1lB+/89U6j+/4D+v/5/f22//r/+P3Nd/v5//Ki7/n/M/XvDTEqS/wEAAKAMYu7/2TAT+R8AAAAKI+b+O8NM5H8AAAAojJj794WZlCT/6//r/+v/6/9fnv7/nVmzfuz/Vw8e/f9i0f9vr1D9f+f/1//vs+3X/9f/Z65+O/9/zP0fDTMpSf4HAACAMoi5/64wE/kfAAAACiPm/o+Fmcj/AAAAUBgx998dZlKS/K//r/9/5fr/Ff3/Qvf/nf+/Wbf9/9lwx/r/l0b/vz39/w70//X/9f/1/+mpfuv/x9x/T5hJSfI/AAAAlEHM/feGmcj/AAAAUBgx9388zET+BwAAgMKIuf++MJOS5H/9f/1/5//X/9f/b71+5/9fnvT/29P/70D/X/9f/1//n57qt/5/zP0/F2ZSkvwPAAAAZRBz//1hJvI/AAAAFEbM/Q+Emcj/AAAAUBgx938izKQk+V//X/9f/1//X/+/9fr1/5cn/f/29P870P/X/9f/1/+np/qt/x9z/yfDTEqS/wEAAKAMYu7/+TAT+R8AAAAKI+b+T4WZyP8AAABQGDH3/0KYSUnyv/6//n9/9f9nz9bfTv9f/z/rVf+/eiP9/1LQ/29P/7+DFv3/lfr/+v/6//r/XLJ+6//H3P9gmElJ8j8AAACUQcz9D4WZyP8AAABQGDH3PxxmIv8DAABAYcTc/0iYSUnyv/5/Kfv/6SH3X//f+f/1/53/X/9/cfT/29P/78D5//X/9f/1/+mpfuv/x9z/aJhJSfI/AAAAlEHM/Y+Fmcj/AAAAUBgx9/9imIn8DwAAAIURc/+nw0xKkv/1/0vZ/+/j8/8Xrf8/1HB8lKn/P1L3fKbjUv9f/38J6P+3p//fgf6//n8/9//D0bxqntvr/9OP+q3/H3P/42EmJcn/AAAAUAYx9/9SmIn8DwAAAIURc/8vh5nI/wAAAFAYMff/SphJSfK//r/+v/6/8/87/3/r9ev/L0/6/+3p/3eg/6//38/9/w70/+lH/db/j7n/V8NM5g1+b/1XFw8TAAAA6CMx9z8RZlKSf/8HAACAMoi5f3+YifwPAAAAhRFz/4Ewk5Lkf/3/5v5/PKOq/r/+v/6//r/+/3LUu/7/B67OMv1//X/9f/3/pez/D+j/Uzj91v+Puf9gmElJ8j8AAACUQcz9vxZmIv8DAABAYcTcfyjMRP4HAACAwoi5fzLMpIj5v7lUe2X7/8P92f93/v9L7f//RP9f/z/Q/29N/39pOP9/e/r/HVze/v+g/v/ldaW33/n/9f+Zq9/6/zH3T4WZFDH/AwAAQLmkHwfH3H84zET+BwAAgMKIuf9ImIn8DwAAAIURc/+TYSYlyf/O/6//7/z/V6L/P9SwvP5/Tv9f/78X9P/b0//vwPn/9f/1//X/6al+6//H3D8dZlKS/A8AAABlEHP/Z8JM5H8AAAAojJj7PxtmIv8DAABAYcTcfzTMpCT5X/9f/7/s/f9Klp1z/n/9/1br1/9fnvT/29P/70D/X/9f/1//n57qt/5/zP3HwkxKkv8BAAD+n727aLLrTu84fuPIgvLCeQlZZ5VlsnJeQrbZpSqVZdhhsB3mxMMMHmZm8jAzs4cZPeiZKk2p9TyP1OqrcwVHfc/5P5/P5olUat/bVkup33R9faCD3P1/GLfY/wAAADCM3P1/FLfY/wAAADCM3P1/HLc02f/6f/1/9/5/s5fn/x/+9fr/8/T/+v85HOnvT2z/dZeLwi/b///6b9z+u/p//b/+f5L+X/+v/+dSS+v/c/f/SdzSZP8DAABAB7n7/zRusf8BAABgGLn7/yxusf8BAABgGLn7b49bmux//b/+X/+/6v7/ltn7/3v1//r/dfP8/2n6/x30//p//b/+n1ktrf/P3f/ncUuT/Q8AAAAd5O7/i7jF/gcAAIBh5O7/y7jF/gcAAIBh5O7/q7ilyf7X/+v/9f9r6f9Pev7/JZ+P/l//v43+f5r+fwf9v/5f/6//Z1ZL6/9z9/913NJk/wMAAEAHufv/Jm6x/wEAAGAYufv/Nm6x/wEAAGAYufv/Lm5psv/1//p//f9a+v+tz//X/+v/ucQ9mwt/J8ze/5+Z7v9PzvDfH9D/L7v/32z0/1OuuJ/f/umt5/1fhv5f/89RS+v/c/f/fdzyW5vNyWv9JAEAAIBFyd3/D3FLk+//AwAAQAe5+++IW+x/AAAAGEbu/jvjlib7X/+v/9f/6//1/9tfX/+/Tp7/P+36+/9f+5U/+L2+/b/n/0/z/P+5+/9zXxn6f9Ztaf1/7v674pYm+x8AAAA6yN3/j3GL/Q8AAADDyN3/T3GL/Q8AAADDyN3/z3FLk/2v/x+t///lQx93Uf9/ULvo//X/+n/9/+j0/9M8/3+Hg7/mztQP9f/6f8//1/9zfZbW/+fu/5e4pcn+BwAAgA5y9/9r3GL/AwAAwDBy9/9b3GL/AwAAwDBy9/973NJk/+v/R+v/D3+c5//r/7e9vv5f/z8y/f80/f8Oozz//xq/avbdz1+vfb9//b/+n6OW1v/n7v+PuKXJ/gcAAIAOcvf/Z9xi/wMAAMAwcvf/V9xi/wMAAMAwcvf/d9zSZP/r//X/6+j/8xX0//r/G9//J/3/Oun/p+n/dxil/79G++7n1/7+9f/6f45aWv+fu/9/4pYm+x8AAAA6yN3/v3GL/Q8AAADDyN3/f3GL/Q8AAADDyN3//3FLk/2v/9f/r6P/7/f8/xP6/+L5//r/q6H/n6b/30H/r//X/+v/mdXS+v/c/XfHLU32PwAAAHSQu/9BcYv9DwAAAMPI3f/guMX+BwAAgGHk7n9I3NJk/+v/9f/6/2X2/xv9f9H/6/+vhv5/mv5/B/2//n/u/v/39f/6/94W1P9f9FGnNw+NW5rsfwAAAOggd//D4hb7HwAAAIaRu//hcYv9DwAAAMPI3f+IuKXJ/tf/L6b/P8j5xur/z2w2G/3/pmn/f+ai38/6utT/6/+Pgf5/mv5/B/2//t/z//X/zOp4+/9zf+dP//cAcvc/Mm5psv8BAACgg9z9j4pb7H8AAAAYRu7+R8ct9j8AAAAMI3f/Y+KWJvtf/7+Y/v/AWP2/5/9f+vXRqf/3/P+j9P/HQ/8/Tf+/g/5f/6//1/8zq+Pt/3f/OHf/Y+Omkzdf86cIAAAALEzu/sfFLU2+/w8AAAAd5O5/fNxi/wMAAMBK3X3kZ3L3PyFuabL/9f/z9v8nL/o5/b/+/9KvD/2//l//f+Pp/6fp/3fQ/+v/9f/6f2a1tP4/d/8T45Ym+x8AAAA6yN1/T9xi/wMAAMAwcvc/KW6x/wEAAGAYufufHLc02f/6f8//1//r//X/219f/79O+v9p+v8d9P/6//32/6cu/J/6f8ZwFf3/2bNn77jh/X/u/qfELU32PwAAAHSQu/+pcYv9DwAAAMPI3f+0uMX+BwAAgGHk7n963NJk/+v/m/b/+aW+rv7/zs1G/6//1//r/6fp/6fp/3fQ/+v/Pf9f/8+slvb8/9z9z4hbmux/AAAA6CB3/zPjFvsfAAAAhpG7/1lxi/0PAAAAw8jd/+y4pcn+1/837f89/1//r/8/7v7/gY3+/1isov8/c/nXX3r/f5f+X/8/oV3//9u/eeiHjfr/W7Z9vP6fbZbW/+fuf07c0mT/AwAAQAe5+58bt9j/AAAAMIzc/c+LW+x/AAAAGEbu/ufHTSea7H/9v/5f/6//1/9vf/1jfv7/yc1mcwX9/62bzUb/P2UV/f+Epff/8zz//9I/5Rfo//X/a37/jfr/rfT/bLO0/j93/wvilib7HwAAADrI3f/CuMX+BwAAgGHk7n9R3GL/AwAAwDBy9784bmmy//X/+n/9v/5/+P7/rlX0/57/PxP9/7Rl9P+Xp//X/6/5/ev/9f9cuX31/7n7XxK3NNn/AAAA0EHu/pfGLfY/AAAADCN3/8viFvsfAAAAhpG7/+VxS5P9r//X/19N/5/vU/8/Vv9/anH9/+lD/7wmz//X/89E/z9N/7+D/l//r/+/W//PnJb2/P/c/a+IW5rsfwAAAOggd/8r49b/dGv/AwAAwDBy978qbrH/AQAAYBi5+18dtzTZ//p//b/n/+v/h3/+v/6/Ff3/NP3/Dvp//b/+3/P/mdXS+v/c/a+JW5rsfwAAAOggd/9r4xb7HwAAAIaRu/91cYv9DwAAAMPI3X9v3NJk/+v/9f/6f/2//v/876H+fwz6/2nH0/+f0f/r/6uf/6X4U6D/1//v+njGtLT+P3f/6+OWJvsfAAAAOsjd/4a4xf4HAACAYeTuf2PcYv8DAADAKp3Y8nO5+98UtzTZ//p//b/+X/+v/9/++vr/ddpL/59fFPp/z/8Pffr/Xz30o139/KlZ3uV87//S//+l/9f/M7+l9f+5+98ctzTZ/wAAANBB7v63xC32PwAAAAwjd/9b4xb7HwAAAIaRu/9tcUuT/a//1//r//X/+v/tr6//XyfP/5+m/99B/7/X5+ev/f3r//X/HLW0/j93/9vjlib7HwAAADrI3f+OuMX+BwAAgGHk7n9n3GL/AwAAwDAOdn/GZQ33v/5f/6//1//r/7e/vv5/nfT/0/T/O+j/9f/6f/0/s1pa//+ug486vXl33NJk/wMAAEAHufvfE7fY/wAAADCM3P3vjVvsfwAAABhG7v73xS1N9r/+X/+/jv7/7Nmzd+j/9f+HP58L/f99+n+K/n+a/n8H/b/+X/+v/2dWS+v/c/e/P25psv8BAACgg9z9H4hb7H8AAAAYRu7+D8Yt9j8AAAAMI3f/h+KWJvtf/7+A/v+0/t/z//X/G8//1//PRP8/Tf+/w4j9/+kr//T33c9fr32/f/2//p+jltb/5+7/cNzSZP8DAABAB7n7PxL3wAn7HwAAAEaSu/+jcYv9DwAAAMPI3f+xuKXJ/tf/H1//f+7fXZfn/5/ZbH//+n/9v/5f/3+j6f+n6f93GLH/vwr77ufX/v71//p/jlpa/5+7/+Nxy+Hhd/PVfZYAAADAkuTu/0Tc0uT7/wAAANBB7v5Pxi32PwAAAAwjd/+n4pYm+1//v4Dn/w/Y/3v+//avD/3/ovv/m/T/Y9D/T9P/76D/1//r/2fq//OrWf/f3dL6/9z9n45bmux/AAAA6CB3/2fiFvsfAAAAhpG7/7Nxi/0PAAAAw8jdf1/cctH+39Z2j0L/r//X/+v/9f/bX1//v076/2lX2v+f2lxf/5/0//p//X/X/t/z/zlvaf1/7v7PxS2+/w8AAACrc/Nlfj53/+fjFvsfAAAAhpG7/wtxi/0PAAAAw8jd/8W45f6b9vWWjpX+X/+v/9f/6/+3v77+f530/9M8/38H/f8c/fxt+v8x+v/NRv/P9Vta/5+7/0txi+//AwAAwDBy9385brH/AQAAYBi5+78St9j/AAAAMIzc/V+NW5rsf/2//v86+/+DNFP/f57+/zz9/3b6/+Oh/5+m/99B/+/5//p/z/9nVkvr/3P3fy1uabL/AQAAoIPc/V+PW+x/AAAAGEbu/m/ELfY/AAAADCN3/zfjlib7f2/9f/yr1v+vvv/3/P8b3v+f++z0//p//f+V0v9P0//voP/X/+v/9f/Mamn9f+7+b8UtTfY/AAAAdJC7/9txi/0PAAAAw8jd/524xf4HAACAYeTu/27c0mT/e/6//l//v/T+3/P/9f/6/6uh/5+m/9+ufqP0//p//b/+n1ktrf/P3f+9uKXJ/gcAAIAOcvd/P26x/wEAAGAYufvvj1vsfwAAABhG7v4fxC1N9r/+X/+v/9f/6/+3v77+f530/9P22f//zq27X9bz//fe/+db0P/r//X/zGJp/X/u/h/GLU32PwAAAHSQu/9HcYv9DwAAAMPI3f/juMX+BwAAgGHk7v9J3NJk/+/o/0/VL9T/p1Pb/nn6/8PvX/+//etD/6//1//fePr/adP9/0V/mps9/7/o/z3/X/+v/2dWS+v/c/f/NG5psv8BAACgg9z9D8Qt9j8AAAAMI3f/z+IW+x8AAACGkbv/53FLk/3v+f9rev7/bfp//b/+X/+v/99B/z9tn8//vxL6f/3/mt+//l//z1FL6/9z9/8iAAD//2eESko=")
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x81, 0xfffffffb})
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="1201fb0009030320d812010079de01ec020109021b0001000003000904000001785ecc00090585020004"], 0x0)
syz_open_dev$usbfs(&(0x7f0000000180), 0x10000001d, 0x8041)
getsockopt$EBT_SO_GET_INIT_INFO(r1, 0x0, 0x82, 0x0, &(0x7f0000000300))
r2 = memfd_create(&(0x7f0000000000)='/dev/loop#\x00', 0x6)
fcntl$addseals(r2, 0x409, 0x4)
fallocate(r2, 0x0, 0x0, 0x4)
close(r0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x200000, &(0x7f0000000040)={[{@grpquota}]}, 0x1, 0xbaf, &(0x7f0000002f00)="$eJzs3M1rXOUaAPDnnEy+c5v0crn3tggGpCqK07QpFbpqXYsKunDZmExKyPTDJIIJXaR1ry5EXBSkf4Lg3m5cCS7qQutfUMQiRTdtFyNnPtKxk5mm6cwcE38/eHPe97wn8zxPTmfOe2BOA/jHms5+pBGHIuJsEjFZ359GxFC1NxKxWTvu/t3L81lLolJ5+7ckkoi4d/fyfOO1kvp2vD4YiYibryXx749a466ubyzPlcullfr46Nr5S0dX1zdeWTo/d650rnThxOyrJ2ZPzs52sdbbl9774pkf3nj+6vWPZ978/MB3SZyOifpccx3dMh3TW3+TZoWImOt2sJwM1OtprjMp5JgQAAAdpU1ruP/GZAzEw8XbZHz7Y67JAQAAAF1RGYioAAAAAPtc4v4fAAAA9rnG9wDu3b0832j5fiOhv+6ciYipWv2N55trM4XYrG5HYjAixn5Povmx1qT2a09tOov09felrEWPnkPuZPNKRPx/u/OfVOufqj7F3Vp/GhEzXYg//ch4L9V/ugvxn6z+4S5EBICIG2dqF7LW61+6tf6Jba5/hW2uXbuR9/W/sf6737L+e1j/QJv131s7jHH4wUs32801r//e/eTnhSx+tn2qop7AnSsRhwvb1Z9s1Z+0qf/sDmOMz9++1m4uqz+rt9H6XX/lesSR6mqutf6GpNP/T3R0calcmqn93Ob11092jt98/rOWxW/cC/RDdv7HYnfn/9IOY0z979dD7eYeX3/6y1DyTrU3VN/z4dza2sqxiKHk9db9xzvn0jim8RpZ/S8+1/n9v1392WfCZv3vkP3ruVLfZuOrj8QcP3L8q93X31tZ/Qu7PP+f7jDGl99ce7/dXN71AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALA3pBExEUla3OqnabEYMR4R/4mxtHxxde3lxYsfXFjI5iKmYjBdXCqXZiJisjZOsvGxav/h+Pgj49mIOBgRn02OVsfF+YvlhbyLBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYMt4RExEkhYjIo2IPybTtFjMOysAAACg66byTgAAAADoOff/AAAAsP+13P8X/jIa6WcuAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7EsHn71xK4mIzVOj1ZYZqs8N5poZ0Gvpzg4b63UeQP8N5J0AkJtCU79SqVRyTAXoM/f4QPKY+ZG2M8NdzwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAv68XDt24lUTE5qnRassM1ecGc80M6LU07wSA3Ax0mkweuwPYwwp5JwDkxj0+UFvZP6jUtM6PtP3N4aeOCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDeMVFtSVqMiLTaT9NiMeJfETEVg8niUrk0ExEHIuKnycHhbHws76QBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoutX1jeW5crm0oqOj08XOaPQt1mj9zdzmmOH2Ux06OX8wAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQi9X1jeW5crm0spp3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDeVtc3lufK5dJKDzt51wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH7+DAAA///6CAm5")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000440)={'#! ', './file1'}, 0xb)
fchown(r4, 0x0, 0xee01)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f0000000080)={0x32, 0x0, &(0x7f0000000400)=[@increfs], 0xfffffcb0, 0x0, 0x0})
r8 = dup3(r1, 0xffffffffffffffff, 0x80000)
r9 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r9, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r8, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r8, 0xc0306201, &(0x7f0000000180)={0x8, 0x0, &(0x7f00000001c0)=[@increfs={0x40046304, 0x1}], 0x0, 0x0, 0x0})
listen(r3, 0x4)
r10 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r10, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
[ 96.173083][ T10] cfg80211: failed to load regulatory.db
[ 96.183189][ T5294] Bluetooth: hci0: command tx timeout
[ 96.832859][ T5316] loop0: detected capacity change from 0 to 32768
[ 96.898727][ T5316] capability: warning: `syz.0.0' uses deprecated v2 capabilities in a way that may be insecure
[ 97.153589][ T10] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[ 97.303549][ T10] usb 5-1: Using ep0 maxpacket: 32
[ 97.309352][ T10] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[ 97.315918][ T10] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 97.319820][ T10] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 97.323293][ T10] usb 5-1: Product: syz
[ 97.326686][ T10] usb 5-1: Manufacturer: syz
[ 97.328752][ T10] usb 5-1: SerialNumber: syz
[ 97.342844][ T10] usb 5-1: config 0 descriptor??
[ 97.346789][ T5316] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 97.356853][ T10] hub 5-1:0.0: bad descriptor, ignoring hub
[ 97.359603][ T10] hub 5-1:0.0: probe with driver hub failed with error -5
[ 97.680106][ T5316] ==================================================================
[ 97.683740][ T5316] BUG: KASAN: slab-out-of-bounds in dtSearch+0x1683/0x21b0
[ 97.687178][ T5316] Read of size 1 at addr ffff8880558ac908 by task syz.0.0/5316
[ 97.690600][ T5316]
[ 97.692042][ T5316] CPU: 0 UID: 0 PID: 5316 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full)
[ 97.692059][ T5316] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 97.692067][ T5316] Call Trace:
[ 97.692074][ T5316]
[ 97.692080][ T5316] dump_stack_lvl+0xe8/0x150
[ 97.692101][ T5316] print_report+0xba/0x230
[ 97.692114][ T5316] ? dtSearch+0x1683/0x21b0
[ 97.692125][ T5316] kasan_report+0x117/0x150
[ 97.692139][ T5316] ? dtSearch+0x1683/0x21b0
[ 97.692151][ T5316] dtSearch+0x1683/0x21b0
[ 97.692169][ T5316] jfs_lookup+0x1b0/0x420
[ 97.692179][ T5316] ? __pfx_jfs_lookup+0x10/0x10
[ 97.692186][ T5316] ? d_alloc_parallel+0x14c7/0x1610
[ 97.692203][ T5316] ? __lock_acquire+0x6b5/0x2cf0
[ 97.692216][ T5316] ? __pfx_d_alloc_parallel+0x10/0x10
[ 97.692233][ T5316] ? __raw_spin_lock_init+0x45/0x100
[ 97.692246][ T5316] ? __init_waitqueue_head+0xa9/0x150
[ 97.692259][ T5316] __lookup_slow+0x2b7/0x410
[ 97.692274][ T5316] ? __pfx___lookup_slow+0x10/0x10
[ 97.692290][ T5316] ? down_read+0x272/0x2e0
[ 97.692344][ T5316] lookup_slow+0x53/0x70
[ 97.692359][ T5316] link_path_walk+0xd1e/0x18d0
[ 97.692379][ T5316] path_openat+0x2c3/0x3860
[ 97.692394][ T5316] ? arch_stack_walk+0xfb/0x150
[ 97.692414][ T5316] ? __pfx_stack_trace_save+0x10/0x10
[ 97.692426][ T5316] ? stack_depot_save_flags+0x33/0x810
[ 97.692471][ T5316] ? __pfx_path_openat+0x10/0x10
[ 97.692488][ T5316] ? __x64_sys_openat+0x138/0x170
[ 97.692501][ T5316] ? do_syscall_64+0x14d/0xf80
[ 97.692518][ T5316] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 97.692531][ T5316] ? __lock_acquire+0x6b5/0x2cf0
[ 97.692545][ T5316] do_file_open+0x23e/0x4a0
[ 97.692561][ T5316] ? __pfx_do_file_open+0x10/0x10
[ 97.692580][ T5316] ? _raw_spin_unlock+0x28/0x50
[ 97.692593][ T5316] ? alloc_fd+0x64b/0x6c0
[ 97.692608][ T5316] do_sys_openat2+0x113/0x200
[ 97.692621][ T5316] ? __se_sys_futex+0x3a8/0x450
[ 97.692635][ T5316] ? __pfx_do_sys_openat2+0x10/0x10
[ 97.692648][ T5316] ? rcu_is_watching+0x15/0xb0
[ 97.692665][ T5316] __x64_sys_openat+0x138/0x170
[ 97.692680][ T5316] do_syscall_64+0x14d/0xf80
[ 97.692695][ T5316] ? trace_irq_disable+0x3b/0x150
[ 97.692711][ T5316] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 97.692722][ T5316] ? clear_bhb_loop+0x40/0x90
[ 97.692734][ T5316] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 97.692746][ T5316] RIP: 0033:0x7f85fed9c629
[ 97.692759][ T5316] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 97.692769][ T5316] RSP: 002b:00007f85ffcfd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 97.692783][ T5316] RAX: ffffffffffffffda RBX: 00007f85ff015fa0 RCX: 00007f85fed9c629
[ 97.692791][ T5316] RDX: 0000000000000000 RSI: 0000200000000380 RDI: ffffffffffffff9c
[ 97.692799][ T5316] RBP: 00007f85fee32b39 R08: 0000000000000000 R09: 0000000000000000
[ 97.692807][ T5316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 97.692814][ T5316] R13: 00007f85ff016038 R14: 00007f85ff015fa0 R15: 00007ffcf57d0638
[ 97.692827][ T5316]
[ 97.692831][ T5316]
[ 97.823573][ T5316] Allocated by task 5316:
[ 97.825419][ T5316] kasan_save_track+0x3e/0x80
[ 97.827447][ T5316] __kasan_slab_alloc+0x6c/0x80
[ 97.829506][ T5316] kmem_cache_alloc_lru_noprof+0x2b8/0x640
[ 97.832001][ T5316] jfs_alloc_inode+0x28/0x70
[ 97.834085][ T5316] alloc_inode+0x6a/0x1b0
[ 97.835807][ T5316] new_inode+0x22/0x170
[ 97.837393][ T5316] diReadSpecial+0x52/0x710
[ 97.839360][ T5316] jfs_mount+0x3d1/0x870
[ 97.841157][ T5316] jfs_fill_super+0x6bc/0xd80
[ 97.843245][ T5316] get_tree_bdev_flags+0x431/0x4f0
[ 97.845479][ T5316] vfs_get_tree+0x92/0x2a0
[ 97.847365][ T5316] do_new_mount+0x341/0xd30
[ 97.849236][ T5316] __se_sys_mount+0x31d/0x420
[ 97.851238][ T5316] do_syscall_64+0x14d/0xf80
[ 97.853812][ T5316] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 97.857122][ T5316]
[ 97.858388][ T5316] The buggy address belongs to the object at ffff8880558ac018
[ 97.858388][ T5316] which belongs to the cache jfs_ip of size 2216
[ 97.864278][ T5316] The buggy address is located 72 bytes to the right of
[ 97.864278][ T5316] allocated 2216-byte region [ffff8880558ac018, ffff8880558ac8c0)
[ 97.870134][ T5316]
[ 97.871175][ T5316] The buggy address belongs to the physical page:
[ 97.873922][ T5316] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8880558aede0 pfn:0x558a8
[ 97.878022][ T5316] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 97.881349][ T5316] memcg:ffff8880558af709
[ 97.883075][ T5316] flags: 0x4fff00000000240(workingset|head|node=1|zone=1|lastcpupid=0x7ff)
[ 97.886452][ T5316] page_type: f5(slab)
[ 97.888222][ T5316] raw: 04fff00000000240 ffff888000b04a00 ffff8880316f9048 ffff8880316f9048
[ 97.892070][ T5316] raw: ffff8880558aede0 00000008000d000c 00000000f5000000 ffff8880558af709
[ 97.895635][ T5316] head: 04fff00000000240 ffff888000b04a00 ffff8880316f9048 ffff8880316f9048
[ 97.899657][ T5316] head: ffff8880558aede0 00000008000d000c 00000000f5000000 ffff8880558af709
[ 97.903392][ T5316] head: 04fff00000000003 ffffea0001562a01 00000000ffffffff 00000000ffffffff
[ 97.907084][ T5316] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[ 97.910751][ T5316] page dumped because: kasan: bad access detected
[ 97.913441][ T5316] page_owner tracks the page as allocated
[ 97.915781][ T5316] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0xd2050(__GFP_RECLAIMABLE|__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5316, tgid 5315 (syz.0.0), ts 96852943026, free_ts 0
[ 97.924219][ T5316] post_alloc_hook+0x231/0x280
[ 97.926321][ T5316] get_page_from_freelist+0x24dc/0x2580
[ 97.928586][ T5316] __alloc_frozen_pages_noprof+0x18d/0x380
[ 97.930988][ T5316] allocate_slab+0x77/0x660
[ 97.933036][ T5316] refill_objects+0x331/0x3c0
[ 97.935108][ T5316] refill_sheaf+0x29/0x50
[ 97.937315][ T5316] __pcs_replace_empty_main+0x3ef/0x620
[ 97.939798][ T5316] kmem_cache_alloc_lru_noprof+0x37c/0x640
[ 97.942421][ T5316] jfs_alloc_inode+0x28/0x70
[ 97.944492][ T5316] alloc_inode+0x6a/0x1b0
[ 97.946441][ T5316] new_inode+0x22/0x170
[ 97.948166][ T5316] jfs_fill_super+0x569/0xd80
[ 97.950282][ T5316] get_tree_bdev_flags+0x431/0x4f0
[ 97.953036][ T5316] vfs_get_tree+0x92/0x2a0
[ 97.955279][ T5316] do_new_mount+0x341/0xd30
[ 97.957349][ T5316] __se_sys_mount+0x31d/0x420
[ 97.959671][ T5316] page_owner free stack trace missing
[ 97.962009][ T5316]
[ 97.963068][ T5316] Memory state around the buggy address:
[ 97.965594][ T5316] ffff8880558ac800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 97.969195][ T5316] ffff8880558ac880: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[ 97.972713][ T5316] >ffff8880558ac900: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[ 97.976579][ T5316] ^
[ 97.978473][ T5316] ffff8880558ac980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 97.981876][ T5316] ffff8880558aca00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 97.985238][ T5316] ==================================================================
[ 97.994664][ T5316] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 97.997898][ T5316] CPU: 0 UID: 0 PID: 5316 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full)
[ 98.001739][ T5316] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 98.005925][ T5316] Call Trace:
[ 98.007409][ T5316]
[ 98.008650][ T5316] vpanic+0x56c/0xa60
[ 98.010357][ T5316] ? __pfx_vpanic+0x10/0x10
[ 98.012362][ T5316] panic+0xc5/0xd0
[ 98.014075][ T5316] ? __pfx_panic+0x10/0x10
[ 98.016061][ T5316] ? preempt_schedule_thunk+0x16/0x30
[ 98.018386][ T5316] ? dtSearch+0x1683/0x21b0
[ 98.020460][ T5316] ? preempt_schedule_thunk+0x16/0x30
[ 98.022906][ T5316] ? dtSearch+0x1683/0x21b0
[ 98.024969][ T5316] check_panic_on_warn+0x89/0xb0
[ 98.027215][ T5316] ? dtSearch+0x1683/0x21b0
[ 98.029309][ T5316] end_report+0x73/0x180
[ 98.031267][ T5316] ? dtSearch+0x1683/0x21b0
[ 98.033403][ T5316] kasan_report+0x128/0x150
[ 98.035444][ T5316] ? dtSearch+0x1683/0x21b0
[ 98.037366][ T5316] dtSearch+0x1683/0x21b0
[ 98.039207][ T5316] jfs_lookup+0x1b0/0x420
[ 98.040983][ T5316] ? __pfx_jfs_lookup+0x10/0x10
[ 98.043022][ T5316] ? d_alloc_parallel+0x14c7/0x1610
[ 98.045145][ T5316] ? __lock_acquire+0x6b5/0x2cf0
[ 98.047161][ T5316] ? __pfx_d_alloc_parallel+0x10/0x10
[ 98.049275][ T5316] ? __raw_spin_lock_init+0x45/0x100
[ 98.051474][ T5316] ? __init_waitqueue_head+0xa9/0x150
[ 98.053583][ T5316] __lookup_slow+0x2b7/0x410
[ 98.055449][ T5316] ? __pfx___lookup_slow+0x10/0x10
[ 98.057557][ T5316] ? down_read+0x272/0x2e0
[ 98.059420][ T5316] lookup_slow+0x53/0x70
[ 98.061164][ T5316] link_path_walk+0xd1e/0x18d0
[ 98.063284][ T5316] path_openat+0x2c3/0x3860
[ 98.065301][ T5316] ? arch_stack_walk+0xfb/0x150
[ 98.067438][ T5316] ? __pfx_stack_trace_save+0x10/0x10
[ 98.069563][ T5316] ? stack_depot_save_flags+0x33/0x810
[ 98.071757][ T5316] ? __pfx_path_openat+0x10/0x10
[ 98.073970][ T5316] ? __x64_sys_openat+0x138/0x170
[ 98.075978][ T5316] ? do_syscall_64+0x14d/0xf80
[ 98.077907][ T5316] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 98.080413][ T5316] ? __lock_acquire+0x6b5/0x2cf0
[ 98.082409][ T5316] do_file_open+0x23e/0x4a0
[ 98.084262][ T5316] ? __pfx_do_file_open+0x10/0x10
[ 98.086486][ T5316] ? _raw_spin_unlock+0x28/0x50
[ 98.088621][ T5316] ? alloc_fd+0x64b/0x6c0
[ 98.090247][ T5316] do_sys_openat2+0x113/0x200
[ 98.092211][ T5316] ? __se_sys_futex+0x3a8/0x450
[ 98.094305][ T5316] ? __pfx_do_sys_openat2+0x10/0x10
[ 98.096531][ T5316] ? rcu_is_watching+0x15/0xb0
[ 98.098688][ T5316] __x64_sys_openat+0x138/0x170
[ 98.100769][ T5316] do_syscall_64+0x14d/0xf80
[ 98.102680][ T5316] ? trace_irq_disable+0x3b/0x150
[ 98.105047][ T5316] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 98.107619][ T5316] ? clear_bhb_loop+0x40/0x90
[ 98.109579][ T5316] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 98.112010][ T5316] RIP: 0033:0x7f85fed9c629
[ 98.113920][ T5316] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 98.122459][ T5316] RSP: 002b:00007f85ffcfd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 98.126024][ T5316] RAX: ffffffffffffffda RBX: 00007f85ff015fa0 RCX: 00007f85fed9c629
[ 98.129471][ T5316] RDX: 0000000000000000 RSI: 0000200000000380 RDI: ffffffffffffff9c
[ 98.132864][ T5316] RBP: 00007f85fee32b39 R08: 0000000000000000 R09: 0000000000000000
[ 98.136010][ T5316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 98.139428][ T5316] R13: 00007f85ff016038 R14: 00007f85ff015fa0 R15: 00007ffcf57d0638
[ 98.142714][ T5316]
[ 98.144497][ T5316] Kernel Offset: disabled
[ 98.146573][ T5316] Rebooting in 86400 seconds..