program:
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$MRT6_FLUSH(r0, 0x29, 0xd4, &(0x7f0000000040)=0x14, 0x4)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r1, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
r2 = socket$inet6(0xa, 0x80003, 0x6)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000340)={{{@in=@broadcast, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x4}, {0x0, 0x4, 0x0, 0xa78a}, 0xfffffffe, 0x0, 0x1}, {{@in=@private, 0x0, 0x33}, 0x0, @in=@rand_addr=0x64010101, 0x0, 0x3, 0x1, 0x7}}, 0xe8)
sendmmsg(r2, &(0x7f0000000480), 0x2e9, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000540)=ANY=[@ANYBLOB="02060200020000000600000000000000"], 0x10}}, 0x0)
connect$inet6(r2, &(0x7f0000000180)={0xa, 0x4e20, 0xffffffff, @empty, 0x5}, 0x1c)
syz_mount_image$bcachefs(&(0x7f0000000000), &(0x7f0000000080)='./file1\x00', 0x818001, &(0x7f00000001c0)=ANY=[@ANYBLOB="726174656c696d69745f657272baf7732c6e6f6368616e6765732c6572726f72733d636f6e74696e75652c696e6c696e655f646174612c726174656c696d69745f6572726f72732c766572626f766572715f706173735f6c6173743d636865636b5f696e6f646573434965636f6e7374727d63745f616c6c6f052c6e6f636f772c008b45cc106ca0f293a4c72fc56d70b8c52fca7313b31dd6fcc079989268bd9967f752f6b590f606a584fe61ed93646e4500000000000000"], 0x1, 0x596d, &(0x7f0000005c40)="$eJzs3X+QHFW9KPDTM7PZyW5+bAJIBNksgSiCmg2/CuWVRp+/CpCKhaWEF4WFbDCahFQShASU4AMfFGChpaWof6CF1EOjRRU8JVIiP17CU5Ti6aVuIXX1XvRWeQu5pARyKcvr3tqdPpPZ3unt2dnZkMDnU7A9fabne06fPtPb3zOdnQAAAMBrwp7rt+w796j3/eLzwy9d88GfbLg29JbHyqtxg750eeUr1UIOpO7KorFldly86arv/XHgkvf8/O6e7768e82xa3/73sMuuf9TZ+267ZsPvTj33r8/UxQ3jqcT968nzyUhVH+696tf2P3YkaNlSQihnPTtCGFBsvChBUkmxOBfQwhr0pXDKuOfvOelU9aOLq+9qXtc+fxMEOP9ta2ajrPt+644Kfzu3auu+9XiH/6ga+ezO/ZvklQbxlMI8y5qfH1XCGF2+v+oOAwXpctj0+XKEEJPw+vOKGjXcS22f1nO+tHpcla67C2IE59fklkvZbbLrkdd6TK+H3sK6puuvHa0u12ROZn17MlouvLaGcsXpMsfp8sTpxi/HP9PQikJlXrz1yf7x0hoOG5JSMaOabW+Xqof45Duf2Y9yayXMuvlrsx+jdWbDrRykowvj9tlyuPpuJKWH9t4rm7ivJzy16fLavpGfTmuh+yDmt4JD+r7NSa2a+8kbTkQSg3noGx5d+M4Sw9Gb7oPvcnCCa8ZaSI+t3vVzUvLqx/e05fTjuTuJI2ftBV/+y8XzPnE92+8fFFe/ItKafxSW/F/f/bjz19w43e+kRv/1hi/3Fb8kx/oee7sR65fktc/cXj1hkpb8YeeefSWxYdfvDO3/beP9X93b6i2FX/Frse75+574MHc4zsY+2d2W/GfPvP9f7jryfuezY0fYvyetuKv3rXpi939+07Ijf9gHJ+97Y2fF3ae/lR//58G8uI/EePPbSv+nTtue8cd8286K/f4roz909dW/HOOv/+6OfvuOybv3Jnc3qnfnACvTYel11g3pOuT5Zndk+SZ09WQL3x9oFK75puT/j+3kxWNn24Zq2deJ+MDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAjhiJP+3wf+5aN9z1XS9e70wdOl2jKWzwohmR1C2LJ1aPPWdRsvHfjUZZdv3ji0fmBo68Dwxq2btw2c+paBzcOb1g9tG3128K2n1F63MCS1ZXLMhLq7R0ZGSn3jy2J9//34nb9besa//TmEwSN+01/Jbf+y2zbccXiTnxnJipF3bbj83N+c9u10v/rSdvU1adfIyMhIyGnXv5//tzu+vPePJ4Qw+LrJ2vXo0+/82bgGjRXsj5MqdYdag7qTnqbtqLc6bU/sr8radeuHByfv39HXl3P2439c9exf1175pb/V+reaux8t9u/sFSPrS19bdc5/fu3qWkFRu+r7kWnXTB/3ov6OexHbF/uvmvb3vHS/5uXsVyWnv6//1YNP/vSoG1/cEQYrLyyeWHfRfnWlA6AreX1L9cYaepIF48qr6fbxiMfXLdu6YdOyLdu2v3XdhqFLhy8d3vj25acuP33wtNNPWza258s6vP+x/je2uP+tjqdsvVMbT/M/s+PH8Wdr46moXUX9Mdqu4v5obFHe+6/nvC985e23PXJuraBonMet6+/DdNkzepyXh4bxNrGvmu1XUT+EEAaa9cPzL54VjvzHddcVnYcaj0zjz4xkxchjS/7y7TO+tei/1QoOyHm+sUFtnufrrd7fnrH+qqbHY+Qg7d/uUE73q7dpu5Y/9kjXzXv+/Nl6+2bNClcObd26eXnt55y0pXOSo5u2K1sa92vx2M9ySLsl1Idpk/E6qivU2pc9f8bNs73amz7Xmyxsul9Z8bndq25eWl798J68nk7urtU4O8ytLZM35Gy5PvPCcr3Bzeo/WN9/ReOj/wPfuvej9/7o1Anj4+Taz6L9SnL264dP3vmV737pf/2oc/v1gXc+3veXf/rk0lrBoXJeqbc6bU/SeF45OYSi99/i0Hw/ct9/peb7U/T+y9azf/vm8QYy672hXPx+rYYJ79eTH+h57uxHrl+S+37d2+r79epxa+WC9+vBMn6y76+kMr4dM/f+GjdQkhUjP7/hsB0PXbPyqFpB0biub91sXJ/SQv6Rs18/u+Cp/ssG/uc/dO688b233HPhb4dWfK5W0P5xj23pzHGvpv1bzenfeqtj3tnYv2+75LL1a2rlB+/1b7osyH/iqWTLtu2fHlq/fnjzltb2q9Xfp7GebC+3+/s0nt0WFuxXacJ+zdyDVvqr1fdbbP+atvtr/PutNyRtXcdt/+WCOZ/4/o2X9014VVrRRaU0fqmt+L8/+/HnL7jxO9/IjX9rjF9pK/7QM4/esvjwi3fmxr89SeNX24q/Ytfj3XP3PfBgbvzB2P7ZbcV/+sz3/+GuJ+97Njd+/fdHb3v9/8LO05/q7/9TbvwnkrSe0WukEO556ZS1tfUkdKXvt9iOrnHtCtn1JLNeyqyXG9dLtbnWegXlJBlfHrdLy49taEszH8spj1dh1UW15ctxPWQfTF5+sCk1nPublRddpwIAvNrFz//jNWj8/H84vVDKn2mA/XqnmYctyokb87D98zmzxj2/KI0fXx/nAfvfFgZHl9cO1C70p/o5Qnw/ZOc5Yz0nHDc+RrvznEXz70sy67FdtfnySkMempqY11RCC/PvE+uZfP49s/vF8+MDN0xo1kDDvFX2+HWlM2bN7nfItLcyGiFvfGTnxeL9HP3zwsqx+locH9n7aOJxyN5HE+s5KnPibPc+mumOj9jsScbHWJOLP9+YePzCJP27//g1j5Y9flM43tXR7Wf689kOzBs2PaUduHnDFj4PaxK/1c/D6vOSKyZuM1n818q85ME+bxjL435UWpxP/GhOeSvziY3zcnnzifF0Edu1d5K2HAjmE4FXq5j/x98Ro/n/6AX4f2S2K7oOzV41xni59wmVm7enKO+YeJ9eT1u/x1fv2vTF7v59J+Re5zzY6n0/m8at9RTc91PUj0sz64X9mDNBU5TvZesp6vfsfRm9YW5b/X7njtveccf8m87K7feVtV+kxf3+lXFrcwv6/RDIF5rHf7XlC+5jGB8/7O//MIPzZ69YPpLe+DRT+chHcp6f6v0NPRMe1PdrzCGXj3Qd2HYBAIeOmP/XPz9L8/9/jhuk1xFFeeuJmfUYLzdvzbk+yctbP5Qur8xs35v+i4qpXjefc/z9183Zd98xuXnL7a3mof973FpfYR46vbw5N49Y2Zn7xXPziHqeNb08Mbf99Txxenl6bvx6nj69PDq3f+p59PTmAXLj1+cBDvU8t2C+LlNZXG11vm6m70OZ6Tw6m4DW8+X0n8/OVB59Xk75VPPo3gkPauTRAAAHh5j/x8u4mP8/ktluup+z5+YFHbpuz/49kHr8Jw5UXjnTed9M560zndfP9LzEoZ4Xz/S80MzOk71iny8fLHlxWqm8GACAg1nM/2en6/n5//Tyk2b5W9e4/ER+3jS+/Pwgyc8P9fkv+b/PxYvJ/wEAXt1i/h/vOo1//+//puvZv1v/aszTu1qIL0+Xp4cDkqd3fp4tuA/glZ0HmL1/e/MAAAC8ErrGMqWJ/87+4+ky++/s8/5d/gU527eqkl4eX7x18/DwhZdvWjO0dfjCjZetGd5y4RWb123dOryxtt1088bcvCXNG7tCJe2P5ttl87b56d9DmJ/z9xCy28ewR489mPj3ELLVzi74OwL7j19r7c07fqVJtm82PvKOd178j+VsH9WP/yWfPPnCtVsuXLdx3dZ1Q+vXbR8ev91o1tozhe/NjN0ype9LzfyYoDT17+/sTDtKE9rRlfZH3vezJ5l2LEhbsiDv+w9y2v2L///lzxw/8re7Qhg8ovyGafVfsmLk/5w//KGte36zabT9sydtf33LtF1F31ea3T7uT2X9ZVu2nrT2sss3Zr9Rsj1xPqNUX5+h+Yz07V9ucX5idU75VO9TKE94cHBqeX4CAIBx4uf/8Xo2fn74pfQCKpa3nqdP7/Pj3Dx9sLU8Pfu9ZEV5enb7uL+t5unVaebp2fqL8vRm2zfL0/Py7rz4H8nZfqpaHyfTu88jd5xc1No4yX6fQdE4yW4/1XGSTHOcZOsvGifNtm82TvKOe178D+dsn6f18TC9fz+TOx5ubW08vDmzXjQestvHXLTV8VCa5njI1l80Hppt32w85B3fvPjn5mzfqvHjY3RgjI2L4QuvuGzzpxu2m+nvv5h++2b2+z/a1Xr7Z/a+r5lv/8zeVzbz7Z/efWW57X9iejNhrbd/Zr/fpV0HbL42vdms6P6zonncVTnlU53HnTXhwcHJPC68cmL+Hz/uifn/Temy0x8DHfrfk+Z7zJrGr99/P7PXMX6fT1LZQcDvcwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDWdFcWjS33XL9l37lHve8Xnx9+6ZoP/mTDtW+66nt/HLjkPT+/u+e7L+9ec+za3773sEvu/9RZu2775kMvzr33788UBu4b+1k5MV2thpA8l4RQ/ener35h92NHjpYlIYRy0rcjhAXJwocWJJkIg38NIaypt3P8k/e8dMra0eW1N3WPK5+fCZLdr9Bbju1pbGcIVxbuEYegajrOtu+74qTwu3evuu5Xi3/4g66dz+7Yv0lSbRhPIcy7qPH1XSGE2en/o+JoWxRfnC5XhhB6Gl53RkG7jmux/cty1o9Ol7PSZW9BnPj8ksx6KbNddj3qyix7Cuqbrrx2tLtdkTmZ9ezJaLry2hnLF6TLH6fLE6cYvxz/T0IpCZV689cn+8dIaDhuSUjGjmW1vl6qH9uQ7n9mPcmslzLr5a7Mfo3Vmw60cpKML4/bZcrj6biSlh/beK5u4ryc8teny2r6Rn05rofsg5reCQ/q+zUmtmvvJG05EEoN56Bm5fUDnx6M3rSsN1k44TUjTcTndq+6eWl59cN7+nLakdydpPGTtuJv/+WCOZ/4/o2XL8qLf1EpjV9qK/7vz378+Qtu/M43cuPfGuOX24p/8gM9z539yPVLcvtnb+yfSovxq+PiDz3z6C2LD794Z277b4/xq5PGz9YSn1ux6/HuufseeDC3/YOxf2a31T9Pn/n+P9z15H3P5sYPMX5PW/FX79r0xe7+fSfkxn8w9k9ve+PnhZ2nP9Xf/6eBvPhPxPhz24p/547b3nHH/JvOyj2+K2P/9LUV/5zj779uzr77jsk7dya3d+o3J8Br02HpNdYN6Xq7eeZ0NeQLXx+o1K755qT/z+1kRRmj9cybwfgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALw6/frqUz9+/rs+vKqShJDkbDPSRHyuPGvFioE26h165tFbFh9+8c7GskVtxAEAAACKxTy8VC+phkXhimR2OLrp9nGO4Oi4lowvz84hxDjZOYJ245Q6FKfcoTiVDsXp6lCcWR2K092hONWCONXQWpzZk8SpjI6KFtvTM2l7Wo/T26E4czoUZ26H4szrUJz5HYrTN2mc1sfhgg7FWdihOId1KM7hHYpzRIfivK5DcY7sUJzsnPJUx+HcdMuj8uKMPSgXxqkk5foTzebTj0zrOWaa9fQW1DO36Pdxi/XMbrGe4zKvK02xnmqL9bxxmvUkLdbz5mnWUyqoJ47bK7Pti/XEtRbH/7YOxdk+vTj/Gq+3rupQe67uUJzPdijO5zoU55ppxgFoVcz/03yvnmb1pGec7CxAzHcXj/2c+Psu74QU470hUz6rKF42Uc/EWzzV9mUnEDLxlmTKu8bFq9TzkUniVRvjLc08Wbi/2QmFTPtOzJR3F8XLTiwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwAz69dWnfvz8d314VUjC6H9NjTQRnyvPWrFioI16d6+6eWl59cN7Gsu6K20EAgAAAArFPLyrXlIN3ZXloTuZNW67ajoPUE3Xy31ji1P754WVow+SgdJYQU+yYNLXVWqvC8u2bti0bMu27W9dt2Ho0uFLhze+ffmpy08fPO3005atXbd+eLD2M4TugnghhLHphy3btn96aP364c1baoXZ9i9KX7coXU/S1/W/LQyOLq9N27+woL7ShPq2PXVm7an9JR16UHTsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOC/2LW7GDmr+g/g55mZnRkW+mf/4W1o6HbSF1KVaFsXU5SwT2IiCbRNNyRmFl1JI20kbmkDLak4QhMB22hMII1NTS+sqQSQeMOLECMvaVKD1SZubQwQ5UIvNKCYQnphSsZ0d87szOxMZx0Jhfr5XDzPzDm/c35z5mKT77MDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8EGbqo5MVEbHxgeTEJIuNbUO4lw2n6blPvp++flt3y8Mn1rRPFbI9bERAAAA0FPM4QONkWIo5LIhG66cfrfkzCVfnwizuR8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPjfM1UdmaiMjo1fmISQdKmpdRDnsvk0LffR9413nvzMq8PDf20eK/WxDwAAANBbzOGZxkgxlMLSMJBc2VIXnw0sbFvfXhf3WTTPuvZnB93qls6z7uo5dT94rFPdx3rst75+3xkAAADgoy/m/1xjZCgUcgu65v9euT7WLW6ry9bv/fxWAAAAAPjvxPxfaIyUQiFXauT1+eb9JW11cX2v/9vH9cu7rJ/7//zW9evqd/+nBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICPjqnqyERldGw8m4SQdKmpdRDnsvk0LffRd/ULg3+/+fCDS5rHCrk+NgIAAAB6ijl8NnoXQyE3GAbChdO5f/jGA09/8elnR0IIMzE/nw87N27fftfqmWusW3X08MD3jrz1rcY2sW7VzPWcHA4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhfTVVHJiqjY+MXJCEkXWpqHcS5bD5Ny330ff1zX/jz4yeee7N5rNTHPgAAAEBvMYfPZv9iKIV8yIfLp981Z/0zMm3ruz0zAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM4fd3/j3q9vnJzcdJcXXnjhRePFuf7LBAAAvN8WhyTU/kNXbDjXnxoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPgwmKqOTFRGx8aLSQhJl5paB3Eum0/Tch990+ePFRaceuGl5rFSH/sAAAAAvcUcPpv9i6EUBsJAuGz6XadnAtP5f+gD/JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAh8pUdWSiMjo2viAJIelSU+sgzmXzaVruo++ju/Z/9tDF372peayQ62MjAAAAoKeYw/ONkWIo5D4eCuGq+vvJ1gVJtn7v/Fxgdt22lmWD815XbVmXnfe63W0ny9VPM7OuGPcbmrk31pXnris3rSuFRvtyy7qwt2XVgh6fMwAAAMA5FPN/oTEyFAq5QlPOfaylfkjOBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC6mKqOTFRGx8aTJISkS02tgziXzadpuY++9/7m/y/6yk/37GgeK/WxDwAAANBbzOGz2b8YSmFR+L+waDr3h6HW+lj3j8rpQ4/88y8rQlh5+fHhXPu2P4ovfvX6DS+2X0LItFZnQrg4LJp+0pB06ffr3z1yz7La6cdDWHlZ9qo5/cLZ+7VumdaeqWxat/3I8W09vhwAAAA4T8T8P9AYGQqF3J1d839M3j3yf8N0AL/4nl0/v7R+rSfythWZoXq/TJd+n1/25J+Wr/nbW2fy/9n6fWr/lkOXtjScGWmTpLXRLTvWH7/2YCaeeqZ/tq1//F6+9M03/7V558OnZ/oXQ7E+vjDXqf/ca5sL0tpkZt/42vf2VVv757qc/8HfvnTilwv3vHum/zuLBxv9rz7L+c/ef/CWh/Zet//w+tb+IYRyp/5vv3tTuOIPdzzQfv7Bto2bv/nma5skrR1dcvLgmgOl61v7J2394/f/sxOP7v3Jw995NvaPvxVZsXS+/TNt/V/Zfcmul+/fsLC1f6bL+V+89dXhreVv/779/Le37Jrr+inmnv+Ja5667bWN6X3tUwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOeXqerIRGV0bDyThJB0qal1EOey+TQt99H3jZuPvX3rnh//sHms1Mc+AAAAQG8xh89m/2IohXzIh8Hp3P9MZdO67UeObwtDM7NJ/Z6b3Hr39k9s3rrjztvP0ScHAAAA5ivm/9z0uySEMBQKuWVhoJ7/R7fsWH/82oOZmP8zMf9vvmNy08rQqHtl9yW7Xr5/w8LGc4IQpn8WUDxT9+nZuhtvODZ08o9fW96xbvVs3dElJw+uOVC6PtaF5rpVofF84olrnrrttY3pfY3P11z3ya9unaw/noj7Dt7y0N7r9h9e3zhH/T5Y3zfWTWb2ja99b1811mXr92L93AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAXFPVkYnK6Nh4yIaQdKmpdRDnsvk0LffRd+2yXzxw0annFjWPFXJ9bAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8mx04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirs109oHFUcB/D3dhOzzSZt0gpGxTStilIPFgURvURRkVak4KlSpNragygIIko9mEorlqp4EaxeiqigRiko2FgsrZKK/4oXDyooVA9CKQa0oXhQyebNdjPZceukCtrPBzZv35uZ7/xm3tvZLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8p/R0DTXawzsemr79gps/feLeE4/f+v4D2y577I0fRzbd+Mne3ldPTm5eseWbm5Zt2n/fmondLx36tf/d3492DH50tlmVurUQ4vEYQu2DqeefnPzsvJmxGEKoxoGxEAbj0kODMZew+rcQwuZmnXM3vnPi6i0z7bZdPXPGl+RC8tcV6tWsnlkDc+vl/6WW1tnW6UeuCN/dsH77F8vffqt7/NjYqV1irWU9hbB4Y+vx3SGERek1I1ttQ9nBqV0XQuhtOe7aDnVdfJr1X1nQvzC156S23iEn274y16/k9sv3M925trfD+RaqqI6y+3XSl+vnH0YLVVRnNj6Y2vdSu+pv5lezVwyVGLqa5d8fT62R0DJvMcTGXNaa/UpzbkO6/lw/5vqVXL/anbuuxnnTQqvGOHc82y83nj2Ou9L4itZndRt3FIyfn9pa+qCezPoh/2ZWfd6b5nU1ZHVN/UUt/4ZKyzOo3Xhz4tNk1NNYPS6dd8wfbWTbJtc/fWl1w4eHBwrqiHtjyo+nkT86L3/r54N9d7258+GhovyNlZRfKVX/92uP/HznzpdfLMx/Lsuvlsq/6kDv8bUf7VhZeH+msvvTVSr/7qMfP7P83HvG2811I39Pll8rlT86caSnf/rAwcL6V2f3Z1Gp/G+vv+WH17/ad6wwP2T5vaXyN0w8+GzP8PTlhfkHZz8K9cYKLbF+fhm/5uvh4Z9GivK/zO5/f5v82DH/tbHd172yZNeawvW5Lrs/A6Xqv+2S/dv7pvddVPTsjHvO1DcnwNlpWfof66nUL/s7c6Fafi+8MNI1+w3Ul179Z/JETaONvzPnWfyP5AMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/sgMHJAAAAACC/r9uR6AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBWAAAA//+nlCAS")

[  116.607911][ T4667] Bluetooth: hci0: command tx timeout
[  116.847251][ T5338] loop0: detected capacity change from 0 to 32768
[  116.940297][ T5338] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nochanges,nojournal_transaction_names,read_only,nocow
[  116.940315][ T5338]   allowing incompatible features above 0.0: (unknown version)
[  116.940322][ T5338]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  116.983978][ T5338] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[  116.988889][ T5338] bcachefs (loop0): invalid journal entry, version=1.7: mi_btree_bitmap type=clock in superblock: bad rw, fixing
[  117.016564][ T5338] bcachefs (loop0): invalid bkey in superblock btree=xattrs level=1: u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 2285c34bed0abe32 written 16 min_key POS_MIN durability: 0 crc: c_size 1 size 1 offset 0 nonce 0 csum none 12010b:10004000b  compress none
[  117.016584][ T5338]   has non ptr field, deleting
[  117.046890][ T5338] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[  117.050726][ T5338] bcachefs (loop0): Version upgrade from 1.19: autofix_errors to 1.7: mi_btree_bitmap incomplete
[  117.050726][ T5338] Doing compatible version upgrade from 1.19: autofix_errors to 1.28: inode_has_case_insensitive
[  117.050726][ T5338]   running recovery passes: check_extents_to_backpointers,check_inodes
[  117.078518][ T5338] bcachefs (loop0): btree node read error at btree extents level 0/0
[  117.078556][ T5338]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c6c25c03258c59c5 written 16 min_key POS_MIN durability: 1 ptr: 0:27:0 gen 0
[  117.078564][ T5338]   loop0 node offset 0/16 bset u64s 0: first btree node bset has blacklisted journal seq (0)
[  117.078572][ T5338]   loop0 node offset 0/16 bset u64s 0: found blacklisted bset (journal seq 0) in btree node at offset 0-8/16
[  117.078579][ T5338]   node offset 8/16 bset u64s 49 bset byte offset 96: keys out of order: u64s 7 type extent 3746994889972256771:8:U32_MAX len 8 ver 0 > u64s 10 type inline_data 4100:8:U32_MAX len 8 ver 0
[  117.078589][ T5338]   repair success (rewriting node)
[  117.111728][ T5338] bcachefs (loop0): btree node read error at btree inodes level 0/0
[  117.111743][ T5338]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7589ab5e0c11cc7a written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0
[  117.111782][ T5338]   loop0 node offset 0/24 bset u64s 0: first btree node bset has blacklisted journal seq (0)
[  117.111790][ T5338]   loop0 node offset 0/24 bset u64s 0: found blacklisted bset (journal seq 0) in btree node at offset 0-8/24
[  117.111798][ T5338]   repair success (rewriting node)
[  117.135863][ T5338] bcachefs (loop0): btree node read error at btree dirents level 0/0
[  117.135877][ T5338]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0
[  117.135886][ T5338]   loop0 node offset 0/24 bset u64s 0: first btree node bset has blacklisted journal seq (0)
[  117.135893][ T5338]   loop0 node offset 0/24 bset u64s 0: found blacklisted bset (journal seq 0) in btree node at offset 0-8/24
[  117.135906][ T5338]   repair success (rewriting node)
[  117.159201][ T5338] bcachefs (loop0): btree node read error at btree alloc level 0/0
[  117.159215][ T5338]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 7
[  117.159223][ T5338]   loop0 node offset 0/24 bset u64s 0: first btree node bset has blacklisted journal seq (0)
[  117.159230][ T5338]   loop0 node offset 0/24 bset u64s 0: found blacklisted bset (journal seq 0) in btree node at offset 0-8/24
[  117.159235][ T5338]   node offset 8/24 bset u64s 375 bset byte offset 184: keys out of order: u64s 11 type alloc_v4 0:32:0 len 0 ver 0 > u64s 11 type alloc_v4 0:2:0 len 0 ver 0
[  117.159243][ T5338]   loop0 node offset 16/24 bset u64s 0: unsupported bset version 0.0
[  117.159249][ T5338]   flagging btree alloc lost data
[  117.159254][ T5338]   running recovery pass check_topology (2), currently at recovery_pass_empty (0)
[  117.159261][ T5338]   running recovery pass check_allocations (8), currently at recovery_pass_empty (0)
[  117.159267][ T5338]   running recovery pass check_lrus (14), currently at recovery_pass_empty (0)
[  117.159273][ T5338]   running recovery pass check_backpointers_to_extents (16), currently at recovery_pass_empty (0)
[  117.159280][ T5338]   running recovery pass check_alloc_info (13), currently at recovery_pass_empty (0)
[  117.159286][ T5338]   ret btree_node_read_err_incompatible
[  117.217208][ T5338] bcachefs (loop0): error reading btree root btree=alloc level=0: btree_node_read_error, fixing
[  117.223315][ T5338] bcachefs (loop0): btree node read error at btree subvolumes level 0/0
[  117.223328][ T5338]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c0bef60d07ceb940 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0
[  117.223336][ T5338]   loop0 node offset 0/16 bset u64s 0: first btree node bset has blacklisted journal seq (0)
[  117.223343][ T5338]   loop0 node offset 0/16 bset u64s 0: found blacklisted bset (journal seq 0) in btree node at offset 0-8/16
[  117.223351][ T5338]   repair success (rewriting node)
[  117.248067][ T5338] bcachefs (loop0): btree node read error at btree snapshots level 0/0
[  117.248082][ T5338]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ebb8d5a9e3463bdb written 16 min_key POS_MIN durability: 1 ptr: 0:32:0 gen 0
[  117.248092][ T5338]   loop0 node offset 0/16 bset u64s 0: first btree node bset has blacklisted journal seq (0)
[  117.248100][ T5338]   loop0 node offset 0/16 bset u64s 0: found blacklisted bset (journal seq 0) in btree node at offset 0-8/16
[  117.248108][ T5338]   repair success (rewriting node)
[  117.268248][ T5338] bcachefs (loop0): btree node read error at btree lru level 0/0
[  117.268262][ T5338]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 28f61e078e70b95c written 16 min_key POS_MIN durability: 1 ptr: 0:28:0 gen 0
[  117.268270][ T5338]   loop0 node offset 0/16 bset u64s 0: first btree node bset has blacklisted journal seq (0)
[  117.268277][ T5338]   loop0 node offset 0/16 bset u64s 0: found blacklisted bset (journal seq 0) in btree node at offset 0-8/16
[  117.268284][ T5338]   repair success (rewriting node)
[  117.290763][ T5338] bcachefs (loop0): btree node read error at btree freespace level 0/0
[  117.290776][ T5338]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0
[  117.290785][ T5338]   loop0 node offset 0/32 bset u64s 0: first btree node bset has blacklisted journal seq (0)
[  117.290792][ T5338]   loop0 node offset 0/32 bset u64s 0: found blacklisted bset (journal seq 0) in btree node at offset 0-8/32
[  117.290800][ T5338]   repair success (rewriting node)
[  117.314620][ T5338] bcachefs (loop0): btree node read error at btree backpointers level 0/0
[  117.314630][ T5338]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 4a8b0fa43a9980a6 written 24 min_key POS_MIN durability: 1 ptr: 0:37:0 gen 0
[  117.314636][ T5338]   loop0 node offset 0/24 bset u64s 0: first btree node bset has blacklisted journal seq (0)
[  117.314640][ T5338]   loop0 node offset 0/24 bset u64s 0: found blacklisted bset (journal seq 0) in btree node at offset 0-8/24
[  117.314645][ T5338]   repair success (rewriting node)
[  117.337237][ T5338] bcachefs (loop0): btree node read error at btree deleted_inodes level 0/0
[  117.337251][ T5338]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 1db8f60c84bb244c written 8 min_key POS_MIN durability: 1 ptr: 0:42:0 gen 0
[  117.337260][ T5338]   loop0 node offset 0/8 bset u64s 0: first btree node bset has blacklisted journal seq (0)
[  117.337268][ T5338]   loop0 node offset 0/8 bset u64s 0: found blacklisted bset (journal seq 0) in btree node at offset 0-8/8
[  117.337276][ T5338]   repair success (rewriting node)
[  117.360043][ T5338] bcachefs (loop0): check_topology... done
[  117.364713][ T5338] bcachefs (loop0): accounting_read... done
[  117.368311][ T5338] bcachefs (loop0): alloc_read... done
[  117.370912][ T5338] bcachefs (loop0): snapshots_read... done
[  117.374200][ T5338] bcachefs (loop0): check_allocations...
[  117.376344][ T5338] bcachefs (loop0): bucket 0:34 data type user ptr gen 0 missing in alloc btree
[  117.376368][ T5338]   while marking u64s 7 type extent 3746994889972256771:8:U32_MAX len 8 ver 0: durability: 1 crc: c_size 8 size 8 offset 0 nonce 0 csum none 0:0  compress incompressible ptr: 0:34:0 gen 0, fixing
[  117.393107][ T5338] bcachefs (loop0): bucket 0:34 gen 0 different types of data in same bucket: journal, user
[  117.393120][ T5338]   while marking u64s 7 type extent 3746994889972256771:8:U32_MAX len 8 ver 0: durability: 1 crc: c_size 8 size 8 offset 0 nonce 0 csum none 0:0  compress incompressible ptr: 0:34:0 gen 0, fixing
[  117.406988][ T5338] bcachefs (loop0): btree ptr not marked in member info btree allocated bitmap
[  117.407003][ T5338]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c6c25c03258c59c5 written 16 min_key POS_MIN durability: 1 ptr: 0:27:0 gen 0, fixing
[  117.417109][ T5338] bcachefs (loop0): bucket 0:27 data type btree ptr gen 0 missing in alloc btree
[  117.417123][ T5338]   while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c6c25c03258c59c5 written 16 min_key POS_MIN durability: 1 ptr: 0:27:0 gen 0, fixing
[  117.427940][ T5338] bcachefs (loop0): bucket 0:27 gen 0 different types of data in same bucket: journal, btree
[  117.427953][ T5338]   while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c6c25c03258c59c5 written 16 min_key POS_MIN durability: 1 ptr: 0:27:0 gen 0, fixing
[  117.440918][ T5338] bcachefs (loop0): btree ptr not marked in member info btree allocated bitmap
[  117.440932][ T5338]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7589ab5e0c11cc7a written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing
[  117.452827][ T5338] bcachefs (loop0): bucket 0:38 data type btree ptr gen 0 missing in alloc btree
[  117.452840][ T5338]   while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7589ab5e0c11cc7a written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing
[  117.465653][ T5338] bcachefs (loop0): bucket 0:38 gen 0 different types of data in same bucket: journal, btree
[  117.465667][ T5338]   while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7589ab5e0c11cc7a written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing
[  117.477952][ T5338] bcachefs (loop0): btree ptr not marked in member info btree allocated bitmap
[  117.477962][ T5338]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing
[  117.488420][ T5338] bcachefs (loop0): bucket 0:41 data type btree ptr gen 0 missing in alloc btree
[  117.488429][ T5338]   while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing
[  117.499102][ T5338] bcachefs (loop0): bucket 0:41 gen 0 different types of data in same bucket: journal, btree
[  117.499116][ T5338]   while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing
[  117.512491][ T5338] bcachefs (loop0): btree ptr not marked in member info btree allocated bitmap
[  117.512506][ T5338]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c0bef60d07ceb940 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing
[  117.524990][ T5338] bcachefs (loop0): bucket 0:35 data type btree ptr gen 0 missing in alloc btree
[  117.525015][ T5338]   while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c0bef60d07ceb940 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing
[  117.535547][ T5338] bcachefs (loop0): bucket 0:35 gen 0 different types of data in same bucket: journal, btree
[  117.535562][ T5338]   while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c0bef60d07ceb940 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing
[  117.550877][ T5338] bcachefs (loop0): btree ptr not marked in member info btree allocated bitmap
[  117.550893][ T5338]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ebb8d5a9e3463bdb written 16 min_key POS_MIN durability: 1 ptr: 0:32:0 gen 0, fixing
[  117.562668][ T5338] bcachefs (loop0): bucket 0:32 data type btree ptr gen 0 missing in alloc btree
[  117.562682][ T5338]   while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ebb8d5a9e3463bdb written 16 min_key POS_MIN durability: 1 ptr: 0:32:0 gen 0, fixing
[  117.574729][ T5338] bcachefs (loop0): bucket 0:32 gen 0 different types of data in same bucket: journal, btree
[  117.574743][ T5338]   while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ebb8d5a9e3463bdb written 16 min_key POS_MIN durability: 1 ptr: 0:32:0 gen 0, fixing
[  117.587263][ T5338] bcachefs (loop0): btree ptr not marked in member info btree allocated bitmap
[  117.587277][ T5338]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 28f61e078e70b95c written 16 min_key POS_MIN durability: 1 ptr: 0:28:0 gen 0, fixing
[  117.598206][ T5338] bcachefs (loop0): bucket 0:28 data type btree ptr gen 0 missing in alloc btree
[  117.598222][ T5338]   while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 28f61e078e70b95c written 16 min_key POS_MIN durability: 1 ptr: 0:28:0 gen 0, fixing
[  117.609779][ T5338] bcachefs (loop0): bucket 0:28 gen 0 different types of data in same bucket: journal, btree
[  117.609794][ T5338]   while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 28f61e078e70b95c written 16 min_key POS_MIN durability: 1 ptr: 0:28:0 gen 0, fixing
[  117.621720][ T5338] bcachefs (loop0): btree ptr not marked in member info btree allocated bitmap
[  117.621737][ T5338]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing
[  117.643205][ T5338] bcachefs (loop0): bucket 0:29 data type btree ptr gen 0 missing in alloc btree
[  117.643220][ T5338]   while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing
[  117.656258][ T5338] bcachefs (loop0): bucket 0:29 gen 0 different types of data in same bucket: journal, btree
[  117.656272][ T5338]   while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing
[  117.669340][ T5338] bcachefs (loop0): btree ptr not marked in member info btree allocated bitmap
[  117.669355][ T5338]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 4a8b0fa43a9980a6 written 24 min_key POS_MIN durability: 1 ptr: 0:37:0 gen 0, fixing
[  117.680160][ T5338] bcachefs (loop0): bucket 0:37 data type btree ptr gen 0 missing in alloc btree
[  117.680175][ T5338]   while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 4a8b0fa43a9980a6 written 24 min_key POS_MIN durability: 1 ptr: 0:37:0 gen 0, fixing
[  117.691011][ T5338] bcachefs (loop0): bucket 0:37 gen 0 different types of data in same bucket: journal, btree
[  117.691024][ T5338]   while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 4a8b0fa43a9980a6 written 24 min_key POS_MIN durability: 1 ptr: 0:37:0 gen 0, fixing
[  117.703506][ T5338] bcachefs (loop0): btree ptr not marked in member info btree allocated bitmap
[  117.704488][ T5338]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 1db8f60c84bb244c written 8 min_key POS_MIN durability: 1 ptr: 0:42:0 gen 0, fixing
[  117.716068][ T5338] bcachefs (loop0): bucket 0:42 data type btree ptr gen 0 missing in alloc btree
[  117.716082][ T5338]   while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 1db8f60c84bb244c written 8 min_key POS_MIN durability: 1 ptr: 0:42:0 gen 0, fixing
[  117.727048][ T5338] bcachefs (loop0): bucket 0:42 gen 0 different types of data in same bucket: journal, btree
[  117.727062][ T5338]   while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 1db8f60c84bb244c written 8 min_key POS_MIN durability: 1 ptr: 0:42:0 gen 0, fixing
[  117.747886][ T5338]  done
[  117.749593][ T5338] bcachefs (loop0): going read-write
[  117.775626][ T1035] bcachefs (loop0): u64s 13 type alloc_v4 0:25:0 len 0 ver 0: 
[  117.775650][ T1035]     gen 0 oldest_gen 0 data_type journal
[  117.775656][ T1035]     journal_seq_nonempty 0
[  117.775661][ T1035]     journal_seq_empty    0
[  117.775666][ T1035]     need_discard         0
[  117.775671][ T1035]     need_inc_gen         0
[  117.775676][ T1035]     dirty_sectors        256
[  117.775681][ T1035]     stripe_sectors       0
[  117.775686][ T1035]     cached_sectors       0
[  117.775691][ T1035]     stripe               0
[  117.775696][ T1035]     stripe_redundancy    0
[  117.775701][ T1035]     io_time[READ]        0
[  117.775707][ T1035]     io_time[WRITE]       0
[  117.775712][ T1035]     fragmentation     0
[  117.775717][ T1035]     bp_start          8
[  117.775722][ T1035]   
[  117.775727][ T1035]   incorrectly set at freespace:0:25:0 (free 0, genbits 0 should be 0), fixing
[  117.795243][ T5338] bcachefs (loop0): journal_replay...
[  117.819983][ T1035] bcachefs (loop0): u64s 13 type alloc_v4 0:30:0 len 0 ver 0: 
[  117.820004][ T1035]     gen 0 oldest_gen 0 data_type journal
[  117.820011][ T1035]     journal_seq_nonempty 0
[  117.820017][ T1035]     journal_seq_empty    0
[  117.820023][ T1035]     need_discard         0
[  117.820028][ T1035]     need_inc_gen         0
[  117.820034][ T1035]     dirty_sectors        256
[  117.820040][ T1035]     stripe_sectors       0
[  117.820045][ T1035]     cached_sectors       0
[  117.820051][ T1035]     stripe               0
[  117.820056][ T1035]     stripe_redundancy    0
[  117.820062][ T1035]     io_time[READ]        0
[  117.820068][ T1035]     io_time[WRITE]       0
[  117.820074][ T1035]     fragmentation     0
[  117.820079][ T1035]     bp_start          8
[  117.820085][ T1035]   
[  117.820090][ T1035]   incorrectly set at freespace:0:30:0 (free 0, genbits 0 should be 0), fixing
[  117.863261][ T1035] ==================================================================
[  117.866479][ T1035] BUG: KASAN: slab-use-after-free in bch2_bucket_alloc_trans+0x1aa0/0x2410
[  117.869676][ T1035] Read of size 8 at addr ffff88803efe8120 by task kworker/u4:5/1035
[  117.872775][ T1035] 
[  117.873754][ T1035] CPU: 0 UID: 0 PID: 1035 Comm: kworker/u4:5 Not tainted 6.16.0-rc3-syzkaller-00057-g92ca6c498a5e #0 PREEMPT(full) 
[  117.873764][ T1035] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  117.873770][ T1035] Workqueue: btree_node_rewrite async_btree_node_rewrite_work
[  117.873785][ T1035] Call Trace:
[  117.873790][ T1035]  <TASK>
[  117.873794][ T1035]  dump_stack_lvl+0x189/0x250
[  117.873805][ T1035]  ? __virt_addr_valid+0x1c8/0x5c0
[  117.873811][ T1035]  ? rcu_is_watching+0x15/0xb0
[  117.873821][ T1035]  ? __kasan_check_byte+0x12/0x40
[  117.873828][ T1035]  ? __pfx_dump_stack_lvl+0x10/0x10
[  117.873837][ T1035]  ? rcu_is_watching+0x15/0xb0
[  117.873845][ T1035]  ? lock_release+0x4b/0x3e0
[  117.873854][ T1035]  ? __virt_addr_valid+0x1c8/0x5c0
[  117.873860][ T1035]  ? __virt_addr_valid+0x4a5/0x5c0
[  117.873867][ T1035]  print_report+0xd2/0x2b0
[  117.873875][ T1035]  ? bch2_bucket_alloc_trans+0x1aa0/0x2410
[  117.873883][ T1035]  kasan_report+0x118/0x150
[  117.873889][ T1035]  ? bch2_bucket_alloc_trans+0x1aa0/0x2410
[  117.873898][ T1035]  bch2_bucket_alloc_trans+0x1aa0/0x2410
[  117.873909][ T1035]  ? bch2_bucket_alloc_trans+0xcb4/0x2410
[  117.873919][ T1035]  ? __pfx_bch2_bucket_alloc_trans+0x10/0x10
[  117.873928][ T1035]  ? bch2_bucket_alloc_trans+0xcb4/0x2410
[  117.873936][ T1035]  ? bch2_bucket_alloc_set_trans+0x1eb/0xe70
[  117.873945][ T1035]  bch2_bucket_alloc_set_trans+0x5a6/0xe70
[  117.873954][ T1035]  ? bch2_bucket_alloc_set_trans+0x1eb/0xe70
[  117.873962][ T1035]  ? __open_bucket_add_buckets+0x783/0x1e40
[  117.873972][ T1035]  __open_bucket_add_buckets+0x1437/0x1e40
[  117.873984][ T1035]  open_bucket_add_buckets+0x2ee/0x440
[  117.873998][ T1035]  bch2_alloc_sectors_start_trans+0xd26/0x1e80
[  117.874007][ T1035]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  117.874057][ T1035]  bch2_btree_reserve_get+0x641/0x1810
[  117.874071][ T1035]  ? __pfx_bch2_btree_reserve_get+0x10/0x10
[  117.874077][ T1035]  ? rcuwait_wake_up+0x1c/0x230
[  117.874084][ T1035]  ? rcuwait_wake_up+0x1c/0x230
[  117.874094][ T1035]  ? __pfx___bch2_disk_reservation_add+0x10/0x10
[  117.874103][ T1035]  ? bch2_btree_update_start+0xadb/0x1dc0
[  117.874112][ T1035]  bch2_btree_update_start+0x147e/0x1dc0
[  117.874120][ T1035]  ? bch2_btree_path_traverse_one+0x91e/0x21d0
[  117.874132][ T1035]  ? bch2_btree_node_rewrite+0x17e/0x1120
[  117.874141][ T1035]  ? __pfx_bch2_btree_update_start+0x10/0x10
[  117.874151][ T1035]  ? bch2_btree_path_traverse_one+0x91e/0x21d0
[  117.874160][ T1035]  ? async_btree_node_rewrite_work+0x1e1/0x840
[  117.874170][ T1035]  ? bch2_btree_iter_peek_node+0x566/0xbe0
[  117.874176][ T1035]  ? bch2_btree_iter_verify+0x1d/0x360
[  117.874182][ T1035]  bch2_btree_node_rewrite+0x17e/0x1120
[  117.874198][ T1035]  async_btree_node_rewrite_work+0x370/0x840
[  117.874213][ T1035]  ? __pfx_async_btree_node_rewrite_work+0x10/0x10
[  117.874228][ T1035]  ? async_btree_node_rewrite_work+0x1d2/0x840
[  117.874241][ T1035]  ? _raw_spin_unlock_irq+0x23/0x50
[  117.874252][ T1035]  ? process_scheduled_works+0x9ef/0x17b0
[  117.874261][ T1035]  ? process_scheduled_works+0x9ef/0x17b0
[  117.874270][ T1035]  process_scheduled_works+0xae1/0x17b0
[  117.874282][ T1035]  ? __pfx_process_scheduled_works+0x10/0x10
[  117.874293][ T1035]  worker_thread+0x8a0/0xda0
[  117.874305][ T1035]  kthread+0x70e/0x8a0
[  117.874312][ T1035]  ? __pfx_worker_thread+0x10/0x10
[  117.874321][ T1035]  ? __pfx_kthread+0x10/0x10
[  117.874328][ T1035]  ? _raw_spin_unlock_irq+0x23/0x50
[  117.874335][ T1035]  ? lockdep_hardirqs_on+0x9c/0x150
[  117.874344][ T1035]  ? __pfx_kthread+0x10/0x10
[  117.874350][ T1035]  ret_from_fork+0x3fc/0x770
[  117.874359][ T1035]  ? __pfx_ret_from_fork+0x10/0x10
[  117.874368][ T1035]  ? __pfx_kthread+0x10/0x10
[  117.874374][ T1035]  ret_from_fork_asm+0x1a/0x30
[  117.874384][ T1035]  </TASK>
[  117.874386][ T1035] 
[  118.021671][ T1035] Allocated by task 1035:
[  118.023435][ T1035]  kasan_save_track+0x3e/0x80
[  118.025515][ T1035]  __kasan_kmalloc+0x93/0xb0
[  118.027482][ T1035]  __kmalloc_node_track_caller_noprof+0x271/0x4e0
[  118.030200][ T1035]  krealloc_noprof+0x124/0x340
[  118.032125][ T1035]  __bch2_trans_kmalloc+0x26c/0xc80
[  118.034270][ T1035]  bch2_alloc_sectors_start_trans+0x1d59/0x1e80
[  118.036924][ T1035]  bch2_btree_reserve_get+0x641/0x1810
[  118.039150][ T1035]  bch2_btree_update_start+0x147e/0x1dc0
[  118.041460][ T1035]  bch2_btree_node_rewrite+0x17e/0x1120
[  118.043819][ T1035]  async_btree_node_rewrite_work+0x370/0x840
[  118.046320][ T1035]  process_scheduled_works+0xae1/0x17b0
[  118.048691][ T1035]  worker_thread+0x8a0/0xda0
[  118.050633][ T1035]  kthread+0x70e/0x8a0
[  118.052394][ T1035]  ret_from_fork+0x3fc/0x770
[  118.054429][ T1035]  ret_from_fork_asm+0x1a/0x30
[  118.056425][ T1035] 
[  118.057434][ T1035] Freed by task 1035:
[  118.059135][ T1035]  kasan_save_track+0x3e/0x80
[  118.060876][ T1035]  kasan_save_free_info+0x46/0x50
[  118.062922][ T1035]  __kasan_slab_free+0x62/0x70
[  118.064929][ T1035]  kfree+0x18e/0x440
[  118.066613][ T1035]  krealloc_noprof+0x1cd/0x340
[  118.068794][ T1035]  __bch2_trans_kmalloc+0x26c/0xc80
[  118.070967][ T1035]  __bch2_trans_subbuf_alloc+0x2da/0x460
[  118.073416][ T1035]  bch2_trans_log_str+0xd5/0x3c0
[  118.075563][ T1035]  __bch2_fsck_err+0xc11/0xfb0
[  118.077583][ T1035]  bch2_check_discard_freespace_key+0x71b/0xce0
[  118.080110][ T1035]  bch2_bucket_alloc_trans+0x1333/0x2410
[  118.082520][ T1035]  bch2_bucket_alloc_set_trans+0x5a6/0xe70
[  118.084953][ T1035]  __open_bucket_add_buckets+0x1437/0x1e40
[  118.087426][ T1035]  open_bucket_add_buckets+0x2ee/0x440
[  118.089683][ T1035]  bch2_alloc_sectors_start_trans+0xd26/0x1e80
[  118.092259][ T1035]  bch2_btree_reserve_get+0x641/0x1810
[  118.094489][ T1035]  bch2_btree_update_start+0x147e/0x1dc0
[  118.096777][ T1035]  bch2_btree_node_rewrite+0x17e/0x1120
[  118.099045][ T1035]  async_btree_node_rewrite_work+0x370/0x840
[  118.101488][ T1035]  process_scheduled_works+0xae1/0x17b0
[  118.103897][ T1035]  worker_thread+0x8a0/0xda0
[  118.105998][ T1035]  kthread+0x70e/0x8a0
[  118.107762][ T1035]  ret_from_fork+0x3fc/0x770
[  118.109624][ T1035]  ret_from_fork_asm+0x1a/0x30
[  118.111513][ T1035] 
[  118.112622][ T1035] The buggy address belongs to the object at ffff88803efe8000
[  118.112622][ T1035]  which belongs to the cache kmalloc-512 of size 512
[  118.118183][ T1035] The buggy address is located 288 bytes inside of
[  118.118183][ T1035]  freed 512-byte region [ffff88803efe8000, ffff88803efe8200)
[  118.123721][ T1035] 
[  118.124744][ T1035] The buggy address belongs to the physical page:
[  118.127540][ T1035] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x3efe8
[  118.131105][ T1035] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  118.134744][ T1035] flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff)
[  118.138041][ T1035] page_type: f5(slab)
[  118.139818][ T1035] raw: 04fff00000000040 ffff88801a441c80 dead000000000100 dead000000000122
[  118.143477][ T1035] raw: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000
[  118.147191][ T1035] head: 04fff00000000040 ffff88801a441c80 dead000000000100 dead000000000122
[  118.150930][ T1035] head: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000
[  118.154606][ T1035] head: 04fff00000000001 ffffea0000fbfa01 00000000ffffffff 00000000ffffffff
[  118.158385][ T1035] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[  118.162195][ T1035] page dumped because: kasan: bad access detected
[  118.164940][ T1035] page_owner tracks the page as allocated
[  118.167499][ T1035] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 24849265286, free_ts 0
[  118.175952][ T1035]  post_alloc_hook+0x240/0x2a0
[  118.178132][ T1035]  get_page_from_freelist+0x21e4/0x22c0
[  118.180568][ T1035]  __alloc_frozen_pages_noprof+0x181/0x370
[  118.183136][ T1035]  alloc_pages_mpol+0x232/0x4a0
[  118.185121][ T1035]  allocate_slab+0x8a/0x3b0
[  118.186964][ T1035]  ___slab_alloc+0xbfc/0x1480
[  118.188846][ T1035]  __kmalloc_node_track_caller_noprof+0x2f8/0x4e0
[  118.191470][ T1035]  krealloc_noprof+0x124/0x340
[  118.193281][ T1035]  add_sysfs_param+0xc9/0xa20
[  118.195206][ T1035]  kernel_add_sysfs_param+0xb4/0x130
[  118.197449][ T1035]  param_sysfs_builtin+0x1de/0x290
[  118.199547][ T1035]  param_sysfs_builtin_init+0x32/0x40
[  118.201756][ T1035]  do_one_initcall+0x233/0x820
[  118.203723][ T1035]  do_initcall_level+0x137/0x1f0
[  118.205819][ T1035]  do_initcalls+0x69/0xd0
[  118.207388][ T1035]  kernel_init_freeable+0x3d9/0x570
[  118.209569][ T1035] page_owner free stack trace missing
[  118.211812][ T1035] 
[  118.212966][ T1035] Memory state around the buggy address:
[  118.215326][ T1035]  ffff88803efe8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  118.218738][ T1035]  ffff88803efe8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  118.222191][ T1035] >ffff88803efe8100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  118.225766][ T1035]                                ^
[  118.227970][ T1035]  ffff88803efe8180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  118.231368][ T1035]  ffff88803efe8200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  118.234706][ T1035] ==================================================================
[  118.256765][ T1035] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  118.259943][ T1035] CPU: 0 UID: 0 PID: 1035 Comm: kworker/u4:5 Not tainted 6.16.0-rc3-syzkaller-00057-g92ca6c498a5e #0 PREEMPT(full) 
[  118.265187][ T1035] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  118.269731][ T1035] Workqueue: btree_node_rewrite async_btree_node_rewrite_work
[  118.272926][ T1035] Call Trace:
[  118.274568][ T1035]  <TASK>
[  118.275902][ T1035]  dump_stack_lvl+0x99/0x250
[  118.277968][ T1035]  ? __asan_memcpy+0x40/0x70
[  118.280035][ T1035]  ? __pfx_dump_stack_lvl+0x10/0x10
[  118.282279][ T1035]  ? __pfx__printk+0x10/0x10
[  118.284259][ T1035]  panic+0x2db/0x790
[  118.285958][ T1035]  ? __pfx_panic+0x10/0x10
[  118.287919][ T1035]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  118.290399][ T1035]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  118.293146][ T1035]  ? print_memory_metadata+0x314/0x400
[  118.295457][ T1035]  ? bch2_bucket_alloc_trans+0x1aa0/0x2410
[  118.297965][ T1035]  check_panic_on_warn+0x89/0xb0
[  118.300134][ T1035]  ? bch2_bucket_alloc_trans+0x1aa0/0x2410
[  118.302648][ T1035]  end_report+0x78/0x160
[  118.304440][ T1035]  kasan_report+0x129/0x150
[  118.306400][ T1035]  ? bch2_bucket_alloc_trans+0x1aa0/0x2410
[  118.308877][ T1035]  bch2_bucket_alloc_trans+0x1aa0/0x2410
[  118.311242][ T1035]  ? bch2_bucket_alloc_trans+0xcb4/0x2410
[  118.313692][ T1035]  ? __pfx_bch2_bucket_alloc_trans+0x10/0x10
[  118.316248][ T1035]  ? bch2_bucket_alloc_trans+0xcb4/0x2410
[  118.318703][ T1035]  ? bch2_bucket_alloc_set_trans+0x1eb/0xe70
[  118.321325][ T1035]  bch2_bucket_alloc_set_trans+0x5a6/0xe70
[  118.323911][ T1035]  ? bch2_bucket_alloc_set_trans+0x1eb/0xe70
[  118.326471][ T1035]  ? __open_bucket_add_buckets+0x783/0x1e40
[  118.328969][ T1035]  __open_bucket_add_buckets+0x1437/0x1e40
[  118.331430][ T1035]  open_bucket_add_buckets+0x2ee/0x440
[  118.333698][ T1035]  bch2_alloc_sectors_start_trans+0xd26/0x1e80
[  118.336291][ T1035]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  118.338619][ T1035]  bch2_btree_reserve_get+0x641/0x1810
[  118.340934][ T1035]  ? __pfx_bch2_btree_reserve_get+0x10/0x10
[  118.343404][ T1035]  ? rcuwait_wake_up+0x1c/0x230
[  118.345438][ T1035]  ? rcuwait_wake_up+0x1c/0x230
[  118.347650][ T1035]  ? __pfx___bch2_disk_reservation_add+0x10/0x10
[  118.350415][ T1035]  ? bch2_btree_update_start+0xadb/0x1dc0
[  118.352865][ T1035]  bch2_btree_update_start+0x147e/0x1dc0
[  118.355307][ T1035]  ? bch2_btree_path_traverse_one+0x91e/0x21d0
[  118.358256][ T1035]  ? bch2_btree_node_rewrite+0x17e/0x1120
[  118.361184][ T1035]  ? __pfx_bch2_btree_update_start+0x10/0x10
[  118.363870][ T1035]  ? bch2_btree_path_traverse_one+0x91e/0x21d0
[  118.366487][ T1035]  ? async_btree_node_rewrite_work+0x1e1/0x840
[  118.369137][ T1035]  ? bch2_btree_iter_peek_node+0x566/0xbe0
[  118.371540][ T1035]  ? bch2_btree_iter_verify+0x1d/0x360
[  118.373795][ T1035]  bch2_btree_node_rewrite+0x17e/0x1120
[  118.376187][ T1035]  async_btree_node_rewrite_work+0x370/0x840
[  118.378779][ T1035]  ? __pfx_async_btree_node_rewrite_work+0x10/0x10
[  118.381571][ T1035]  ? async_btree_node_rewrite_work+0x1d2/0x840
[  118.384376][ T1035]  ? _raw_spin_unlock_irq+0x23/0x50
[  118.386772][ T1035]  ? process_scheduled_works+0x9ef/0x17b0
[  118.389895][ T1035]  ? process_scheduled_works+0x9ef/0x17b0
[  118.392774][ T1035]  process_scheduled_works+0xae1/0x17b0
[  118.395132][ T1035]  ? __pfx_process_scheduled_works+0x10/0x10
[  118.397740][ T1035]  worker_thread+0x8a0/0xda0
[  118.399676][ T1035]  kthread+0x70e/0x8a0
[  118.401242][ T1035]  ? __pfx_worker_thread+0x10/0x10
[  118.403213][ T1035]  ? __pfx_kthread+0x10/0x10
[  118.405149][ T1035]  ? _raw_spin_unlock_irq+0x23/0x50
[  118.407239][ T1035]  ? lockdep_hardirqs_on+0x9c/0x150
[  118.409391][ T1035]  ? __pfx_kthread+0x10/0x10
[  118.411023][ T1035]  ret_from_fork+0x3fc/0x770
[  118.412793][ T1035]  ? __pfx_ret_from_fork+0x10/0x10
[  118.415114][ T1035]  ? __pfx_kthread+0x10/0x10
[  118.417171][ T1035]  ret_from_fork_asm+0x1a/0x30
[  118.419236][ T1035]  </TASK>
[  118.420941][ T1035] Kernel Offset: disabled
[  118.422859][ T1035] Rebooting in 86400 seconds..