program:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$TUNGETVNETBE(r0, 0x800454df, &(0x7f0000000100))
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f00000002c0)={@val={0x0, 0x86dd}, @val={0x3, 0x0, 0xa, 0x0, 0x8d}, @mpls={[], @ipv6=@icmpv6={0xc, 0x6, "2c6eab", 0x67, 0x3a, 0xff, @ipv4={'\x00', '\xff\xff', @empty}, @mcast2, {[], @time_exceed={0x3, 0x1, 0x0, 0x8, '\x00', {0x7, 0x6, ';Y]', 0x7fff, 0x62, 0xff, @empty, @loopback, [], "167c9765ca2aa937874b0fd8804a6fee7d028775a52a4d14cb31adbbc25c50d8542d09b75620b06d0576f52f34ecb8502fbab0d2a517d3"}}}}}}, 0x9d)
r2 = syz_open_dev$vcsu(&(0x7f0000000000), 0x200, 0x240)
ioctl$FIOCLEX(r2, 0x5451)
syz_mount_image$bcachefs(&(0x7f00000000c0), &(0x7f0000000080)='./file1\x00', 0x818001, &(0x7f0000000480)={[{@inodes_32bit}, {@shared_inode_numbers}, {@errors_continue}, {@inline_data}, {@direct_io}, {@nochanges}, {@prjquota}, {@recovery_pass_last={'recovery_pass_last', 0x3d, 'delete_dead_inodes'}}, {@version_upgrade={'version_upgrade', 0x3d, 'incompatible'}}]}, 0x1, 0x5968, &(0x7f000000b5c0)="$eJzs3X+QXFW9IPBzu3synZn8mAR4RJDJEMh7PHiaCT9SKK+eeW/f01fAo2LxykfYKAxkwosmIZUEIQEluOBCARZaWor6B1pILRotqmCVSIn82IRVlGJ1qS2kVnfRrXILWVICWcpyna2ZvqfTc6fv3J7unpDA51Mwt8/p29/zveee7rnndE86AAAA8Law/5btBy864R9+/KnR12/8x+9vvin0lyfqq3GHgXR73ZuVIYdTb2XJxDY7Lv7i+m/+ZujKv/vRA33feGPf+pM3/OLvj7nykY+ev/furzz+2vyH/vRiUdw4nk4/VE5eTkKo/uDAFz697+njx+uSEEI5GdgdwqJk8eOLkkyI4T+EENanhXJl8p0Pvn7WhvHtTbf3TqpfmAlivL+9VdNxtuvgtWeEX/7t2pt/uvQ73+7Z89LuQ7sk1YbxFMKCyxsf35P+Pzctx9G2JD443a4JIfQ1PO7cgrxOaTH/FTnlE9PtnHTbXxAn3r8sUy5l9suWo57Mtq+gvU7l5dHufkXmZcrZF6NO5eUZ6xel2++l29NnGL8c/09CKQmVevqbkkNjJDSctyQkE+eyWi+X6uc2pMefKSeZcilTLvdkjmui3XSglZNkcn3cL1MfX44raf3Jja/VTVycU/+OdFtNn6hvxHLI3qjpn3KjflwTYl4HpsnlcCg1vAY1q6+Ps/Rk9Kd1/cniKY8ZayLet2/tHcvL657YP5CTR/JAksZPJvpopvF3/WTRvI9867Zr8s5tcnkpjV9qK/6vLnjmlUtv+/qXl+TFvyvGL7cV/8xH+16+4MlbluX1Tzyu/lBpK/7Ii0/dufTYK/bk5n9P7P9qW+d39d5neucffPSx3PM7HPtnblv5v3De+399/3MPv5QbP8T4fW3FX7d362d6Bw+elhv/sdg//e2Nn1f3rHp+cPC3Q3nxn43x57cV/77dd7/33oW3n597ftfE/hloK/6Fpz5y87yDD5+U+/y6p1u/OQHeno5Jr7FuTcvTzTN7p5lndqphvvCloUrtunVe+v/8bjaUufgcb2dBN+MDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAjhuDP+8wf+54cGXq6k5d70xgul2jbWzwkhmRtC2L5jZNuOjVuuGvro1dds2zKyaWhkx9Dolh3bdg6d/VdD20a3bhrZOX7v8LvOqj1ucUhq2+SkKW33jo2NlQYm18X2/s2pe365/Nz//bsQho/7+WAlN/8Vd2++99gmPzOS1WPv23zNRT8/52vpcQ2keQ00yWtsbGws5OT1fy75472fO/Cb00IY/rPp8nrqhb/54aSEJioOxUmVekMtod6kr2ke9azTfGJ/VTZs3DQ6PH3/jj++nHMc//b6l/6w4brP/rHWv9Xc42ixf+euHttU+uLaC//fF2+oVRTlVT+OTF6zfd6L+jseRcwv9l817e8F6XEtyDmuSk5/3/LTx577wQm3vbY7DFdeXTq17aLj6kkHQE/yjpbajS30JYsm1VfT/eMZj49bsWPz1hXbd+5618bNI1eNXjW65T0rz165avicVeesmDjyFV0+/tj+n7d4/K2Op2y7MxtPCz+++3vxZ2vjqSivov4Yz6u4PxozyuQ1f+Ln3NVjfRd/+vPvufvJi2rVReM87l1/HqbbvvHzvDI0jLepfdXsuIr6IYQw1KwfXnnt/HD8f9t4c9HrUOOZafyZkawee3rZ77927leX/HWt4rC8zjcm1ObrfD3rQ/lM9Fc1PR9jR2j/9oZyelz9TfNa+fSTPXfs/90n6vnNmROuG9mxY9vK2s95aabzkhOb5pWtjce1dOJnOaTdEurDtMl4HdcTavllXz/j7tle7U/v608WNz2urHjfvrV3LC+ve2J/Xk8nD9RanBufuMk7c/bclHlguZ5ws/aP1Odf0fgY/MBXH/rQQ989e8r4OLP2s+i4kpzj+s5z933+G5/999/t3nF94G+eGfj9f//X5bWKo+V1pZ51mk/S+LpyZghFz7+loflx5D7/Ss2Pp+j5l23n0P7N4w1lyv2hXPx8rYYpz9czH+17+YInb1mW+3w90Orz9YZJpXLB8/VIGT/Z51dSmZzH7D2/Jg2UZPXYj249ZvfjN645oVZRNK7rezcb12e1MP/IOa4fXvr84NVD/+6/du9145t/9eBlvxhZ/claRfvnPebSnfNeTfu3mtO/9azjvLOxf9995dWb1tfq3/Tr35om17/ptmD+E19Ktu/c9bGRTZtGt21v7bha/X0a28n2cru/T+Or2+KC4ypNOa7Zu9FKf7X6fIv5r2+7vyY/3/pD0tZ13K6fLJr3kW/dds3AlEelDV1eSuOX2or/qwueeeXS277+5dz4d8X4lbbij7z41J1Lj71iT278e5I0frWt+Kv3PtM7/+Cjj+XGH475z20r/gvnvf/X9z/38Eu58UOM399e/7+6Z9Xzg4O/zY3/bJK2M36NFMKDr5+1oVZOQk/6fIt59EzKK2TLSaZcypTLjeVSba213kA5SSbXx/3S+pMbcmnmX3Lq41VYdUlt+0Ysh+yN6euPNKWG1/5m9UXXqQAAb3Xx/f94DRrf/x9NL5TyVxrgkE7nYUty4sZ52KH1nDmT7l+Sxo+Pj+uAg+8Ow+Pbm4ZqF/ozfR8hPh+y65yxndNOmRxjJuucpXBonbNo/X1Zphzzqq2XVxrmoamp85pKaGH9fWo706+/Zw6/eH186NYpaQ01rFtlz19PumLW7PMOmXwr4xHyxkd2XSx+nmNwQVgz0V6L4yP7OZp4HrKfo4ntnJB54Wz3czSdjo+Y9jTjYyLl4vc3pp6/ME3/Hjp/zaNlz98Mznd1fP/Zfn+2C+uGTV/SDt+6YQvvhzWJ3+r7YfV1ydVT95ku/ttlXfJIXzeM9fE4Ki2uJ34op76V9cTGdbm89cT4chHzOjBNLoeD9UTgrSrO/+PviPH5//gF+P/N7Fd0HZq9aozxcj8nVG6eT9G8Y+rn9Pra+j2+bu/Wz/QOHjwt9zrnsVY/97N1Uqmv4HM/Rf24PFMu7MecBZqi+V62naJ+z34uoz/Mb6vf79t993vvXXj7+bn9vqb2i7S43z8/qTS/oN+PgvlC8/hvtfmCzzFMjt+lzzEUrZ+9afOR9INPszUf+eec+pl+vqFvyo36cU046uYjPYc3LwDg6BHn//X3z9L5//+IO6TXEUXz1tMz5Rgvd96ac32SN2/9p3R7XWb//vQvKmZ63XzhqY/cPO/gwyflzlvuaXUe+h8mlQYK56GdzZtz5xFruvN58dx5RH2e1dk8MTf/+jyxs3l6bvz6PL2zeXRu/9Tn0Z2tA+TGr68DHO3z3IL1ukxjsdjqet1bdh6d/vnsbM2jL86pn+k8un/KjfpxTTCPBgB4c8X5f7yMi/P/JzP7dfo+e+68oEvX7dl/D6Qe/9nDNa+c7XnfbM9bZ3teP9vrEkf7vHi214Vmd53sbT8vTht9+82L5x623AAA6Fyc/8eruPz5f2fzk2bzt55J8xPz86bxzc+PkPn50b7+Zf7vffFi3hcHAHhri/P/+GeP8d//+09pOfvv1pun58Q3TzdPn278vLpn1f0DrczTu7/OFnwO4M1dB2h4i9w6AAAAb4aeiZnS1L+z/3C6zf6dfd7f5V+as3+rKunl8RU7to2OXnbN1vUjO0Yv23L1+tHtl127beOOHaNbavt1Om/Mnbek88aeUEn7o/l+2XnbwvTfQ1iY8+8hZPePYU+cuDH130PINju34N8ROHT+Wss37/yVptm/2fjIO9958f8lZ/+ofv6v/NczL9uw/bKNWzbu2DiyaeOu0cn7jc9a+2bwvZmxW2b0famZH1OUZv79nd3JozQlj560P/K+nz3J5LEozWRR3vcf5OT94//yuY+fOvbH+0MYPq78zo76L1k99h8vGf2nHft/vnU8/7nT5l/fM82r6PtKs/vH46lsunr7jjM2XH3Nluw3SrYnrmeU6uVZWs9In/7lFtcn1uXUz/RzCuUpN45MLa9PAAAwSXz/P17PxvcPP5teQMX61ufpnb1/nDtPH548T8/7q9Ps95IVzdOz+8fjbXWeXu1wnp5tv2ie3mz/ZvP0vHl3Xvx/ztl/plofJ519ziN3nFze2npO9vsMisZJdv+ZjpOkw3GSbb9onDTbv9k4yTvvefE/mLN/ntbHQ2efy8kdD3e1Nh7+MlMuGg/Z/Wc6Hkodjods+0Xjodn+zcZD3vnNi39Rzv6tmjw+xgfGxLgYvezaq7d9rGG/2f7+i87zm93v/2hX6/nP7ue+Zj//2f1c2ezn39nff+Xm/2xnK2Gt5z+73+/SrsO2Xpt+2Kzo82dF67hrc+pnuo47Z8qNI5N1XHjzxPl/fLsnzv9vT7fdfhvo6P+eNN9j1jR+l77HrOg6xu/zaRo7Avh9DgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANCa3sqSie3+W7YfvOiEf/jxp0Zfv/Efv7/5pr+4/pu/Gbry7370QN833ti3/uQNv/j7Y6585KPn7737K4+/Nv+hP71YGHhg4mfl9LRYDSF5OQmh+oMDX/j0vqePH69LQgjlZGB3CIuSxY8vSjIRhv8QQlhfz3PynQ++ftaG8e1Nt/dOql+YCZI9rtBfjvk05hnCdYVHxFGomo6zXQevPSP88m/X3vzTpd/5ds+el3Yf2iWpNoynEBZc3vj4nhDC3PT/cXG0LYkPTrdrQgh9DY87tyCvU1rMf0VO+cR0Oyfd9hfEifcvy5RLmf2y5agns+0raK9TeXm0u1+ReZly9sWoU3l5xvpF6fZ76fb0GcYvx/+TUEpCpZ7+puTQGAkN5y0JycS5rNbLpfq5DenxZ8pJplzKlMs9meOaaDcdaOUkmVwf98vUx5fjSlp/cuNrdRMX59S/I91W0yfqG7Ecsjdq+qfcqB/XhJjXgWlyORxKDa9BzerrJz49Gf1pXX+yeMpjxpqI9+1be8fy8ron9g/k5JE8kKTxk7bi7/rJonkf+dZt1yzJi395KY1faiv+ry545pVLb/v6l3Pj3xXjl9uKf+ajfS9f8OQty3L750Dsn0pb8UdefOrOpcdesSc3/3ti/Gpb8VfvfaZ3/sFHH8vNfzj2z9y24r9w3vt/ff9zD7+UGz/E+H1txV+3d+tnegcPnpYb/7HYP/3tjZ9X96x6fnDwt0N58Z+N8ee3Ff++3Xe/996Ft5+fe37XxP4ZaCv+hac+cvO8gw+flPfamdzTrd+cAG9Px6TXWLem5XbnmZ1qmC98aahSu+abl/4/v5sNZYy3s2AW4wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Nb0sxvO/vAl7/vg2koSQpKzz1gT8b7ynNWrh9pod+TFp+5ceuwVexrrlrQRBwAAACgW5+Glek01LAnXJnPDiU33j2sEJ8ZSMrk+u4YQ42TXCNqNU+pSnHKX4lS6FKenS3HmdClOb5fiVAviVENrceZOE6cyPipazKdv2nxaj9PfpTjzuhRnfpfiLOhSnIVdijMwbZzWx+GiLsVZ3KU4x3QpzrFdinNcl+L8WZfiHN+lONk15ZmOw/npnifkxZm4US6MU0nK9Tuaracfn7ZzUoft9Be0M7/o93GL7cxtsZ1TMo8rzbCdaovt/HmH7SQttvOXHbZTKmgnjtvrsvnFdmKpxfG/s0txdnUW53/F663ru5TPDV2K84kuxflkl+Lc2GGcbBkgT5z/H5rvDYTeyl+HvvQVJ7sKEOe7Syd+Tv19l/cCFOO9M1M/pyhedqKeibd0pvllFxAy8ZZl6nsmxavU5yPTxKs2xlueubPweLMLCpn8Ts/U9xbFyy4sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAs+tkNZ3/4kvd9cG1Iwvh/TY01Ee8rz1m9eqiNdvetvWN5ed0T+xvreittBAIAAAAKxXl4T72mGnorK0NvMmfSftV0HaCalssDte3ggrBmfJsMlSbKfcmiaR9XSR+3YsfmrSu279z1ro2bR64avWp0y3tWnr1y1fA5q85ZsWHjptHh2s8QegvihRAmlh+279z1sZFNm0a3ba9VZvNfkj5uSVpO0scNvjsMj29vSvNfXNBeaUp7O58/r3bXoZou3Sg4dQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/2fX7kLkvOo/gJ9nZnZmum3+3T99m4ZmO+SlRC2axK2kWroPCBbaJGQpyEx1LcEmWNw0oU1KrGMbsK0JitASCJFcGInF1uJNX2wR+0IgUqMBNwZpi/ZCL5RWK2nJhaSMZHfO7MxkJrOOpWnj53PxPDPn/M75zZmLhe+zAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHzgpmtjk5XxiepwEkLSo6beRZzL5tO0PEDfLz+/9fuF0ZPLW8cKuQE2AgAAAPqKOXyoOVIMhVw2ZMOVM+8Wn77kGxNhLvcDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/e6ZrY5OV8YnqhUkISY+aehdxLptP0/IAfd9458nPvDo6+tfWsdIA+wAAAAD9xRyeaY4UQyksCUPJlW118dnAwo71nXVxn0XzrOt8dtCrbsk8666ZZ93H+tSta9x3BAAAAPjoi/k/1xwZCYXcgp75v1+uj3VXd9RlG/dBfisAAAAA/Hdi/i80R0qhkCs18/p88/7ijrq4vt//7eP6ZT3W9/t//trG3f/pAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCjY7o2NlkZn6hmkxCSHjX1LuJcNp+m5QH6rnph+O+3HHpocetYITfARgAAAEBfMYfPRe9iKOSGw1C4cCb3j960/+kvPv3sWAhhNubn82HHhm3b7l41e411K48cGvre4be+1dwm1q2cvZ6TwwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO+r6drYZGV8onpBEkLSo6beRZzL5tO0PEDf1z/3hT8/fvy5N1vHSgPsAwAAAPQXc/hc9i+GUsiHfLh85l1r1j8t07G+1zMDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Pxxzzfu+/qGqamNd3vhhRdeNF+c679MAADA++3qkIT6f+iK9ef6UwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8G07Wxycr4RLWYhJD0qKl3Eeey+TQtD9A3ff5oYcHJF15qHSsNsA8AAADQX8zhc9m/GEphKAyFy2bedXsmMJP/Rz7ADwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8qEzXxiYr4xPVBUkISY+aehdxLptP0/IAfR/bue+zBy/+7s2tY4XcABsBAAAAfcUcnm+OFEMh9/FQCFc13k+1L0iyjXv35wJz67a2LRue97pa27rsvNft6jhZrnGa2XXFuN/I7L25rnzmunLLulJoti+3rQt72lYt6PM5AwAAAJxDMf8XmiMjoZArtOTcn7TVj8i5AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAP07Wxycr4RDVJQkh61NS7iHPZfJqWB+h732/+/6Kv/HT39tax0gD7AAAAAP3FHD6X/YuhFBaF/wuLZnJ/GGmvj3X/qJw6+Og//7I8hBWXHxvNdW77w/jiV6/f+GLnJYRMe3UmhIsb/ZIe/X79u0fvXVo/9XgIKy7LXnVGv3D2fnPq9XKS1p+pbFy77fCxrf2/HwAAADgfxPw/1BwZCYXcXT3zf0zeffJ/00wAv/jenT+/tHFtJPKOFZlC43cGmR79Pr/0yT8tW/23t07n/7P1+9S+zQcvbWs4O9IhSevjm7evO3bdgUw89ex5sx394/fypW+++a9NOx45Ndu/GIqN8YW5bv3PvHa4IK1PZfZW17y3t9beP9fj/A/99qXjv1y4+93T/d+5erjZ/5qznP/s/YdvfXjP9fsOrWvvH0Iod+v/9rs3hyv+cOeDnecf7ti49ZtvvXZI0vqRxScOrN5fuqG9f9LRP37/Pzv+2J4fP/KdZ2P/+FuR5Uvm2z/T0f+VXZfsfPmB9Qvb+2d6nP/F214d3VL+9u87z39H2665np/izPM/ce1Tt7+2Ib2/cwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD8Ml0bm6yMT1QzSQhJj5p6F3Eum0/T8gB937jl6Nu37f7RD1rHSgPsAwAAAPQXc/hc9i+GUsiHfBieyf3PVDau3Xb42NYwMjubNO65qS33bPvEpi3b77rjHH1yAAAAYL5i/s81R0ZCIbc0DDXy//jm7euOXXcgE/N/Jub/TXdObVwRmnWv7Lpk58sPrF/YfE4QwszPAoqn6z49V3fTjUdHTvzxa8u61q2aqzuy+MSB1ftLN8S60Fq3MjSfTzxx7VO3v7Yhvb/5+VrrPvnVLVONxxNx3+FbH95z/b5D65rnaNyHG/vGuqnM3uqa9/bWYl22cS82zg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnGm6NjZZGZ+ohmwISY+aehdxLptP0/IAfdcs/cWDF518blHrWCE3wEYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBvduBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrBfP6FxlH0cwJ9nN3mzzSZt0r5gVEzTqij1YFEQ0YuKirQiBU+VItXWHkRBEFHqwVRasVTFi2D1UkQFNUpBwcZiaZVU/Fe8eFBBoXoQSjGgXYoHlew+s91Md1ydVEH9fGB48jwz853fzPPsbBYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPhHGegba7aHd9zfuOWcGz569K4Tj9z0zr3bLnr41e8mNl334d7Bl07ObF6x5cvrl23af/ea6d3PH/pp+K1fjvYMfqjVrErdWgjxeAyh9u7sM4/NfHzW3FgMIVTjyGQIo3HpodGYS1j9cwhhc7vO+TvfPHH5lrl2266BeeNLciH5+wr1alZPy8j8evl3qaV1trXx4CXh62vXb/90+Ruv908dmzx1SKx1rKcQFm/sPL8/hLAobXOy1TaWnZzadSGEwY7zruxR1/l/sP5LC/rnpvZ/qa33yMn2r8z1K7nj8v1Mf64d7HG9hSqqo+xxvQzl+vmX0UIV1ZmNj6b27dSu+pP51WyLoRJDX7v8e+KpNRI65i2G2JzLWrtfac9tSPef68dcv5LrV/tz99W8blpo1Rjnj2fH5caz13FfGl/R+a7u4taC8bNTW0sf1JNZP+T/aKmf9kf7vpqyumZ/p5a/Q6XjHdRtvD3xaTLqaawel552zq9dZPtm1j9xYXXDe4dHCuqIe2PKj6Xyt34yOnT7azsfGCvK31hJ+ZVS+d+sPfLDbTtfeK4w/+ksv1oq/7IDg8fXvr9jZeHzmc2eT1+p/DuOfvDk8v/fOdVtrpv5e7L8Wqn8a6aPDAw3DhwsrH919nwWlcr/6uobv33l833HCvNDlj9YKn/D9H1PDYw3Li7MP9j6KNSbK7TE+vlx6oovxse/nyjK/yx7/sNd8mPP/Jcnd1/14pJdawrX57rs+YyUqv/mC/ZvH2rsO6/o3Rn3nKlvToD/pmXpf6zHU7/s78yF6vi98OxEX+sbaChtw2fyQjlz11n8F+YDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAb+zAAQkAAACAoP+v2xEoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwVAAAAP//fjwlGg==")
[ 86.367776][ T5342] Bluetooth: hci0: command tx timeout
[ 86.455830][ T5366] syz.0.0 uses obsolete (PF_INET,SOCK_PACKET)
[ 86.678056][ T9] cfg80211: failed to load regulatory.db
[ 86.875472][ T5366] loop0: detected capacity change from 0 to 32768
[ 87.206726][ T5366] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,prjquota,nochanges,recovery_pass_last=delete_dead_inodes,nojournal_transaction_names,read_only,version_upgrade=incompatible
[ 87.206749][ T5366] allowing incompatible features above 0.0: (unknown version)
[ 87.206767][ T5366] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 87.366007][ T5366] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[ 87.439801][ T5366] bcachefs (loop0): invalid journal entry, version=1.7: mi_btree_bitmap type=clock in superblock: bad rw, fixing
[ 87.501418][ T5366] bcachefs (loop0): invalid bkey in superblock btree=xattrs level=1: u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 2285c34bed0abe32 written 16 min_key POS_MIN durability: 0 crc: c_size 1 size 1 offset 0 nonce 0 csum none 12010b:10004000b compress none
[ 87.501444][ T5366] has non ptr field, deleting
[ 87.524724][ T5366] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[ 87.530066][ T5366] bcachefs (loop0): Version upgrade from 1.3: rebalance_work to 1.7: mi_btree_bitmap incomplete
[ 87.530066][ T5366] Doing compatible version upgrade from 1.3: rebalance_work to 1.28: inode_has_case_insensitive
[ 87.530066][ T5366] running recovery passes: check_allocations,check_extents_to_backpointers,check_subvols,check_inodes,check_dirents
[ 87.572999][ T5366] bcachefs (loop0): Now allowing incompatible features up to 1.28: inode_has_case_insensitive, previously allowed up to 0.0: (unknown version)
[ 87.572999][ T5366]
[ 87.666202][ T5366] bcachefs (loop0): accounting_read... done
[ 87.670134][ T5366] bcachefs (loop0): alloc_read... done
[ 87.687024][ T5366] bcachefs (loop0): snapshots_read... done
[ 87.704513][ T5366] bcachefs (loop0): check_allocations...
[ 87.727793][ T5366] bcachefs (loop0): bucket 0:26 data type btree ptr gen 0 missing in alloc btree
[ 87.727825][ T5366] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0, fixing
[ 87.753228][ T5366] bcachefs (loop0): bucket 0:38 data type btree ptr gen 0 missing in alloc btree
[ 87.753249][ T5366] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7589ab5e0c11cc7a written 8 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing
[ 87.776240][ T5366] bcachefs (loop0): bucket 0:41 data type btree ptr gen 0 missing in alloc btree
[ 87.776258][ T5366] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing
[ 87.812104][ T5366] bcachefs (loop0): bucket 0:29 data type btree ptr gen 0 missing in alloc btree
[ 87.812122][ T5366] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing
[ 87.851053][ T5366] bcachefs (loop0): bucket 0:1 gen 0 has wrong data_type: got free, should be sb, fixing
[ 87.861259][ T5366] bcachefs (loop0): bucket 0:1 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 87.866769][ T5366] bcachefs (loop0): bucket 0:2 gen 0 has wrong data_type: got free, should be sb, fixing
[ 87.874180][ T5366] bcachefs (loop0): bucket 0:2 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 87.882445][ T5366] bcachefs (loop0): bucket 0:3 gen 0 has wrong data_type: got free, should be sb, fixing
[ 87.894295][ T5366] bcachefs (loop0): bucket 0:3 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 87.905013][ T5366] bcachefs (loop0): bucket 0:4 gen 0 has wrong data_type: got free, should be sb, fixing
[ 87.911538][ T5366] bcachefs (loop0): bucket 0:4 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 87.916799][ T5366] bcachefs (loop0): bucket 0:5 gen 0 has wrong data_type: got free, should be sb, fixing
[ 87.924914][ T5366] bcachefs (loop0): bucket 0:5 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 87.933444][ T5366] bcachefs (loop0): bucket 0:6 gen 0 has wrong data_type: got free, should be sb, fixing
[ 87.944808][ T5366] bcachefs (loop0): bucket 0:6 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 87.961427][ T5366] bcachefs (loop0): bucket 0:7 gen 0 has wrong data_type: got free, should be sb, fixing
[ 87.972364][ T5366] bcachefs (loop0): bucket 0:7 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 87.997346][ T5366] bcachefs (loop0): bucket 0:8 gen 0 has wrong data_type: got free, should be sb, fixing
[ 88.057743][ T5366] bcachefs (loop0): bucket 0:8 gen 0 data type sb has wrong dirty_sectors: got 0, should be 8, fixing
[ 88.065578][ T5366] bcachefs (loop0): bucket 0:16 gen 0 has wrong data_type: got free, should be sb, fixing
[ 88.077566][ T5366] bcachefs (loop0): bucket 0:16 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 88.092967][ T5366] bcachefs (loop0): bucket 0:17 gen 0 has wrong data_type: got free, should be sb, fixing
[ 88.102483][ T5366] bcachefs (loop0): bucket 0:17 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 88.109876][ T5366] bcachefs (loop0): bucket 0:18 gen 0 has wrong data_type: got free, should be sb, fixing
[ 88.109892][ T5366] Ratelimiting new instances of previous error
[ 88.127077][ T5366] bcachefs (loop0): bucket 0:18 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 88.127094][ T5366] Ratelimiting new instances of previous error
[ 88.159452][ T5366] done
[ 88.166357][ T5366] bcachefs (loop0): going read-write
[ 88.207473][ T5366] bcachefs (loop0): journal_replay... done
[ 88.266399][ T5366] bcachefs (loop0): check_extents_to_backpointers...
[ 88.271511][ T5366] bcachefs (loop0): scanning for missing backpointers in 4/128 buckets
[ 88.289292][ T5366] done
[ 88.291269][ T5366] bcachefs (loop0): check_subvols... done
[ 88.309168][ T5366] bcachefs (loop0): check_inodes... done
[ 88.313425][ T5366] bcachefs (loop0): check_dirents...
[ 88.314684][ T5366] bcachefs (loop0): key in missing inode, found keys:
[ 88.314713][ T5366] u64s 7 type dirent 4096:189491840996961599:U32_MAX len 0 ver 0: file0 -> 4098 type dir
[ 88.314722][ T5366] u64s 7 type dirent 4096:1896155912177158345:U32_MAX len 0 ver 0: file3 -> 536870913 type reg
[ 88.314730][ T5366] u64s 7 type dirent 4096:2695648408715017799:U32_MAX len 0 ver 0: file2 -> 536870913 type reg
[ 88.314738][ T5366] u64s 7 type dirent 4096:4330382808765833931:U32_MAX len 0 ver 0: file1 -> 536870912 type reg
[ 88.314746][ T5366] u64s 8 type dirent 4096:8130059955150870709:U32_MAX len 0 ver 0: lost+found -> 4097 type dir
[ 88.314754][ T5366] u64s 8 type dirent 4096:9097378837824744618:U32_MAX len 0 ver 0: file.cold -> 536870914 type reg
[ 88.314762][ T5366] , fixing
[ 88.438813][ T4706] Bluetooth: hci0: command tx timeout
[ 88.458390][ T5366] bcachefs (loop0): hash table key at wrong offset: should be at 586503108576659238
[ 88.458407][ T5366] u64s 7 type dirent 4096:189491840996961599:U32_MAX len 0 ver 0: file0 -> 4098 type dir, fixing
[ 88.499156][ T5366] bcachefs (loop0): dirent points to missing inode:
[ 88.499186][ T5366] u64s 7 type dirent 4096:586503108576659238:U32_MAX len 0 ver 0: file0 -> 4098 type dir, fixing
[ 88.535956][ T5366] bcachefs (loop0): hash table key at wrong offset: should be at 8235762070275309902
[ 88.535975][ T5366] u64s 7 type dirent 4096:1896155912177158345:U32_MAX len 0 ver 0: file3 -> 536870913 type reg, fixing
[ 88.560319][ T5366] bcachefs (loop0): hash table key at wrong offset: should be at 3846070043834498861
[ 88.560334][ T5366] u64s 7 type dirent 4096:2695648408715017799:U32_MAX len 0 ver 0: file2 -> 536870913 type reg, fixing
[ 88.584282][ T5366] bcachefs (loop0): dirent points to missing inode:
[ 88.584298][ T5366] u64s 7 type dirent 4096:3846070043834498861:U32_MAX len 0 ver 0: file2 -> 536870913 type reg, fixing
[ 88.599691][ T5366] bcachefs (loop0): hash table key at wrong offset: should be at 1142574378198834580
[ 88.599709][ T5366] u64s 7 type dirent 4096:4330382808765833931:U32_MAX len 0 ver 0: file1 -> 536870912 type reg, fixing
[ 88.629946][ T5366] bcachefs (loop0): hash table key at wrong offset: should be at 3909548179165629373
[ 88.629963][ T5366] u64s 8 type dirent 4096:8130059955150870709:U32_MAX len 0 ver 0: lost+found -> 4097 type dir, fixing
[ 88.654815][ T5366] bcachefs (loop0): dirent points to missing inode:
[ 88.654831][ T5366] u64s 7 type dirent 4096:8235762070275309902:U32_MAX len 0 ver 0: file3 -> 536870913 type reg, fixing
[ 88.677410][ T5366] bcachefs (loop0): hash table key at wrong offset: should be at 5334373995125008193
[ 88.677426][ T5366] u64s 8 type dirent 4096:9097378837824744618:U32_MAX len 0 ver 0: file.cold -> 536870914 type reg, fixing
[ 88.699339][ T5366] bcachefs (loop0): directory with wrong i_nlink: got 0, should be 1
[ 88.699356][ T5366] (disconnected), fixing
[ 88.724651][ T5366] bcachefs (loop0): key in missing inode, found keys:
[ 88.724677][ T5366] u64s 7 type dirent 4098:5675548428000973578:U32_MAX len 0 ver 0: file1 -> 4100 type lnk
[ 88.724692][ T5366] u64s 7 type dirent 4098:8977922886548783724:U32_MAX len 0 ver 0: file0 -> 4099 type reg
[ 88.724707][ T5366] , fixing
[ 88.760400][ T5366] bcachefs (loop0): key in missing inode, found keys:
[ 88.760418][ T5366] u64s 7 type dirent 4098:8977922886548783724:U32_MAX len 0 ver 0: file0 -> 4099 type reg
[ 88.760427][ T5366] , fixing
[ 88.776395][ T5366] bcachefs (loop0): check_dirents requires second pass
[ 88.800276][ T5366] bcachefs (loop0): dirent points to missing inode:
[ 88.800293][ T5366] u64s 7 type dirent 4096:1142574378198834580:U32_MAX len 0 ver 0: file1 -> 536870912 type reg, fixing
[ 88.827821][ T5366] bcachefs (loop0): dirent points to missing inode:
[ 88.827840][ T5366] u64s 8 type dirent 4096:3909548179165629373:U32_MAX len 0 ver 0: lost+found -> 4097 type dir, fixing
[ 88.848994][ T5366] bcachefs (loop0): dirent points to missing inode:
[ 88.849010][ T5366] u64s 8 type dirent 4096:5334373995125008193:U32_MAX len 0 ver 0: file.cold -> 536870914 type reg, fixing
[ 88.885966][ T5366] ==================================================================
[ 88.894858][ T5366] BUG: KASAN: use-after-free in bch2_check_dirents+0x1fac/0x33f0
[ 88.905799][ T5366] Read of size 1 at addr ffff888055340118 by task syz.0.0/5366
[ 88.912531][ T5366]
[ 88.916374][ T5366] CPU: 0 UID: 0 PID: 5366 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full)
[ 88.916867][ T5366] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 88.916879][ T5366] Call Trace:
[ 88.916890][ T5366]
[ 88.916941][ T5366] dump_stack_lvl+0x189/0x250
[ 88.917010][ T5366] ? __kasan_check_byte+0x12/0x40
[ 88.917032][ T5366] ? __pfx_dump_stack_lvl+0x10/0x10
[ 88.917097][ T5366] ? lock_release+0x4b/0x3e0
[ 88.917941][ T5366] ? __virt_addr_valid+0x4a5/0x5c0
[ 88.918016][ T5366] print_report+0xca/0x240
[ 88.918036][ T5366] ? bch2_check_dirents+0x1fac/0x33f0
[ 88.918049][ T5366] kasan_report+0x118/0x150
[ 88.918141][ T5366] ? bch2_check_dirents+0x1fac/0x33f0
[ 88.918156][ T5366] bch2_check_dirents+0x1fac/0x33f0
[ 88.918222][ T5366] ? bch2_check_dirents+0x2f1/0x33f0
[ 88.918238][ T5366] ? desc_read+0x1b8/0x3f0
[ 88.918251][ T5366] ? prb_first_seq+0xfd/0x1a0
[ 88.918262][ T5366] ? __pfx_bch2_check_dirents+0x10/0x10
[ 88.918320][ T5366] ? __pfx_prb_first_seq+0x10/0x10
[ 88.918574][ T5366] ? desc_read+0x1b8/0x3f0
[ 88.918632][ T5366] ? this_cpu_in_panic+0x4f/0x80
[ 88.918646][ T5366] ? _prb_read_valid+0xa07/0xa90
[ 88.918658][ T5366] ? console_flush_all+0x13a/0xc40
[ 88.918766][ T5366] ? up+0xde/0x150
[ 88.918927][ T5366] ? __console_unlock+0x14c/0x1a0
[ 88.918941][ T5366] ? __pfx___console_unlock+0x10/0x10
[ 88.918956][ T5366] ? prb_read_valid+0x3c/0x60
[ 88.919012][ T5366] ? console_unlock+0x21b/0x270
[ 88.919065][ T5366] ? __pfx_console_unlock+0x10/0x10
[ 88.919080][ T5366] ? vprintk_emit+0x63e/0x7a0
[ 88.919098][ T5366] ? __bch2_print+0x176/0x220
[ 88.919155][ T5366] ? bch2_check_dirents+0x2f1/0x33f0
[ 88.919172][ T5366] ? lockdep_hardirqs_on+0x9c/0x150
[ 88.919233][ T5366] __bch2_run_recovery_passes+0x3bd/0x1060
[ 88.919255][ T5366] bch2_run_recovery_passes+0x184/0x210
[ 88.919310][ T5366] bch2_fs_recovery+0x2690/0x3a50
[ 88.919367][ T5366] ? __pfx_bch2_fs_recovery+0x10/0x10
[ 88.919390][ T5366] ? __lock_acquire+0xab9/0xd20
[ 88.919454][ T5366] ? __mutex_trylock_common+0x153/0x260
[ 88.919510][ T5366] ? __lock_acquire+0xab9/0xd20
[ 88.919530][ T5366] ? __lock_acquire+0xab9/0xd20
[ 88.919594][ T5366] ? bch2_fs_start+0xa0f/0xda0
[ 88.919652][ T5366] ? up_write+0x1c4/0x420
[ 88.919851][ T5366] ? bch2_fs_start+0x5e7/0xda0
[ 88.919925][ T5366] bch2_fs_start+0xaaf/0xda0
[ 88.919939][ T5366] ? bch2_fs_start+0x5e7/0xda0
[ 88.919992][ T5366] ? __pfx_bch2_fs_start+0x10/0x10
[ 88.920051][ T5366] ? sget+0x267/0x620
[ 88.920066][ T5366] bch2_fs_get_tree+0xb39/0x1520
[ 88.920084][ T5366] ? __pfx_bch2_fs_get_tree+0x10/0x10
[ 88.920140][ T5366] ? __pfx_vfs_parse_comma_sep+0x10/0x10
[ 88.920204][ T5366] vfs_get_tree+0x92/0x2b0
[ 88.920219][ T5366] do_new_mount+0x2a2/0x9e0
[ 88.920235][ T5366] ? ns_capable+0x8a/0xf0
[ 88.920291][ T5366] ? __pfx_do_new_mount+0x10/0x10
[ 88.920304][ T5366] ? path_mount+0x61c/0xfe0
[ 88.920317][ T5366] ? user_path_at+0x44/0x60
[ 88.920368][ T5366] __se_sys_mount+0x317/0x410
[ 88.920662][ T5366] ? __pfx___se_sys_mount+0x10/0x10
[ 88.920678][ T5366] ? do_syscall_64+0xbe/0x3b0
[ 88.920765][ T5366] ? __x64_sys_mount+0x20/0xc0
[ 88.920779][ T5366] do_syscall_64+0xfa/0x3b0
[ 88.920794][ T5366] ? lockdep_hardirqs_on+0x9c/0x150
[ 88.920852][ T5366] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.920863][ T5366] ? clear_bhb_loop+0x60/0xb0
[ 88.920917][ T5366] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.920929][ T5366] RIP: 0033:0x7ff3e6d9038a
[ 88.920941][ T5366] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 88.920951][ T5366] RSP: 002b:00007ff3e7cb9e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 88.921005][ T5366] RAX: ffffffffffffffda RBX: 00007ff3e7cb9ef0 RCX: 00007ff3e6d9038a
[ 88.921014][ T5366] RDX: 00002000000000c0 RSI: 0000200000000080 RDI: 00007ff3e7cb9eb0
[ 88.921022][ T5366] RBP: 00002000000000c0 R08: 00007ff3e7cb9ef0 R09: 0000000000818001
[ 88.921072][ T5366] R10: 0000000000818001 R11: 0000000000000246 R12: 0000200000000080
[ 88.921079][ T5366] R13: 00007ff3e7cb9eb0 R14: 0000000000005968 R15: 0000200000000480
[ 88.921091][ T5366]
[ 88.921095][ T5366]
[ 89.328813][ T5366] The buggy address belongs to the physical page:
[ 89.332301][ T5366] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x55340
[ 89.336585][ T5366] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 89.340285][ T5366] page_type: f0(buddy)
[ 89.357305][ T5366] raw: 04fff00000000000 ffff88805ffd6f08 ffff88805ffd6f08 0000000000000000
[ 89.361657][ T5366] raw: 0000000000000000 0000000000000005 00000000f0000000 0000000000000000
[ 89.365260][ T5366] page dumped because: kasan: bad access detected
[ 89.367865][ T5366] page_owner tracks the page as freed
[ 89.381222][ T5366] page last allocated via order 5, migratetype Unmovable, gfp_mask 0x42800(GFP_NOWAIT|__GFP_COMP), pid 5366, tgid 5365 (syz.0.0), ts 88775563607, free_ts 88885866929
[ 89.399793][ T5366] post_alloc_hook+0x240/0x2a0
[ 89.417727][ T5366] get_page_from_freelist+0x21e4/0x22c0
[ 89.421706][ T5366] __alloc_frozen_pages_noprof+0x181/0x370
[ 89.435176][ T5366] alloc_pages_mpol+0x232/0x4a0
[ 89.440778][ T5366] ___kmalloc_large_node+0x5f/0x1b0
[ 89.452949][ T5366] __kmalloc_large_node_noprof+0x18/0x90
[ 89.455972][ T5366] __kvmalloc_node_noprof+0x6d/0x5f0
[ 89.458245][ T5366] btree_node_sort+0x666/0x1760
[ 89.460257][ T5366] bch2_btree_post_write_cleanup+0x11f/0xad0
[ 89.487878][ T5366] bch2_btree_node_prep_for_write+0x337/0x650
[ 89.490703][ T5366] bch2_trans_lock_write+0x669/0xba0
[ 89.493139][ T5366] __bch2_trans_commit+0x2773/0x8870
[ 89.495558][ T5366] bch2_check_dirents+0x811/0x33f0
[ 89.497825][ T5366] __bch2_run_recovery_passes+0x3bd/0x1060
[ 89.500391][ T5366] bch2_run_recovery_passes+0x184/0x210
[ 89.517435][ T5366] bch2_fs_recovery+0x2690/0x3a50
[ 89.520029][ T5366] page last free pid 5366 tgid 5365 stack trace:
[ 89.534048][ T5366] __free_pages_ok+0xa83/0xbe0
[ 89.536830][ T5366] free_large_kmalloc+0x13a/0x1f0
[ 89.539550][ T5366] btree_node_sort+0x117f/0x1760
[ 89.541671][ T5366] bch2_btree_post_write_cleanup+0x11f/0xad0
[ 89.544650][ T5366] bch2_btree_node_prep_for_write+0x337/0x650
[ 89.547480][ T5366] bch2_trans_lock_write+0x669/0xba0
[ 89.549911][ T5366] __bch2_trans_commit+0x2773/0x8870
[ 89.552369][ T5366] bch2_check_dirents+0x1c5c/0x33f0
[ 89.554587][ T5366] __bch2_run_recovery_passes+0x3bd/0x1060
[ 89.557295][ T5366] bch2_run_recovery_passes+0x184/0x210
[ 89.560666][ T5366] bch2_fs_recovery+0x2690/0x3a50
[ 89.563967][ T5366] bch2_fs_start+0xaaf/0xda0
[ 89.566811][ T5366] bch2_fs_get_tree+0xb39/0x1520
[ 89.570416][ T5366] vfs_get_tree+0x92/0x2b0
[ 89.573680][ T5366] do_new_mount+0x2a2/0x9e0
[ 89.577890][ T5366] __se_sys_mount+0x317/0x410
[ 89.580504][ T5366]
[ 89.582617][ T5366] Memory state around the buggy address:
[ 89.586716][ T5366] ffff888055340000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 89.593790][ T5366] ffff888055340080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 89.598399][ T5366] >ffff888055340100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 89.603422][ T5366] ^
[ 89.606601][ T5366] ffff888055340180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 89.613475][ T5366] ffff888055340200: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 89.617232][ T5366] ==================================================================
[ 89.638833][ T5366] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 89.663688][ T5366] CPU: 0 UID: 0 PID: 5366 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full)
[ 89.669518][ T5366] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 89.694194][ T5366] Call Trace:
[ 89.695801][ T5366]
[ 89.713232][ T5366] dump_stack_lvl+0x99/0x250
[ 89.715191][ T5366] ? __asan_memcpy+0x40/0x70
[ 89.717311][ T5366] ? __pfx_dump_stack_lvl+0x10/0x10
[ 89.720507][ T5366] ? __pfx__printk+0x10/0x10
[ 89.723017][ T5366] vpanic+0x281/0x750
[ 89.724933][ T5366] ? preempt_schedule+0xae/0xc0
[ 89.727209][ T5366] ? __pfx_vpanic+0x10/0x10
[ 89.733470][ T5366] ? preempt_schedule_common+0x83/0xd0
[ 89.736073][ T5366] ? preempt_schedule+0xae/0xc0
[ 89.738256][ T5366] ? __pfx_preempt_schedule+0x10/0x10
[ 89.740932][ T5366] panic+0xb9/0xc0
[ 89.753063][ T5366] ? __pfx_panic+0x10/0x10
[ 89.755400][ T5366] ? _raw_spin_unlock_irqrestore+0xfd/0x110
[ 89.758098][ T5366] ? bch2_check_dirents+0x1fac/0x33f0
[ 89.760551][ T5366] check_panic_on_warn+0x89/0xb0
[ 89.772975][ T5366] ? bch2_check_dirents+0x1fac/0x33f0
[ 89.775220][ T5366] end_report+0x78/0x160
[ 89.777127][ T5366] kasan_report+0x129/0x150
[ 89.779529][ T5366] ? bch2_check_dirents+0x1fac/0x33f0
[ 89.798301][ T5366] bch2_check_dirents+0x1fac/0x33f0
[ 89.800669][ T5366] ? bch2_check_dirents+0x2f1/0x33f0
[ 89.803269][ T5366] ? desc_read+0x1b8/0x3f0
[ 89.805480][ T5366] ? prb_first_seq+0xfd/0x1a0
[ 89.807854][ T5366] ? __pfx_bch2_check_dirents+0x10/0x10
[ 89.813931][ T5366] ? __pfx_prb_first_seq+0x10/0x10
[ 89.823791][ T5366] ? desc_read+0x1b8/0x3f0
[ 89.826144][ T5366] ? this_cpu_in_panic+0x4f/0x80
[ 89.828583][ T5366] ? _prb_read_valid+0xa07/0xa90
[ 89.834160][ T5366] ? console_flush_all+0x13a/0xc40
[ 89.842276][ T5366] ? up+0xde/0x150
[ 89.844145][ T5366] ? __console_unlock+0x14c/0x1a0
[ 89.846575][ T5366] ? __pfx___console_unlock+0x10/0x10
[ 89.849444][ T5366] ? prb_read_valid+0x3c/0x60
[ 89.851916][ T5366] ? console_unlock+0x21b/0x270
[ 89.877381][ T5366] ? __pfx_console_unlock+0x10/0x10
[ 89.879752][ T5366] ? vprintk_emit+0x63e/0x7a0
[ 89.881871][ T5366] ? __bch2_print+0x176/0x220
[ 89.883856][ T5366] ? bch2_check_dirents+0x2f1/0x33f0
[ 89.886098][ T5366] ? lockdep_hardirqs_on+0x9c/0x150
[ 89.888321][ T5366] __bch2_run_recovery_passes+0x3bd/0x1060
[ 89.891637][ T5366] bch2_run_recovery_passes+0x184/0x210
[ 89.894227][ T5366] bch2_fs_recovery+0x2690/0x3a50
[ 89.910599][ T5366] ? __pfx_bch2_fs_recovery+0x10/0x10
[ 89.913159][ T5366] ? __lock_acquire+0xab9/0xd20
[ 89.915447][ T5366] ? __mutex_trylock_common+0x153/0x260
[ 89.917948][ T5366] ? __lock_acquire+0xab9/0xd20
[ 89.933721][ T5366] ? __lock_acquire+0xab9/0xd20
[ 89.936034][ T5366] ? bch2_fs_start+0xa0f/0xda0
[ 89.938250][ T5366] ? up_write+0x1c4/0x420
[ 89.940111][ T5366] ? bch2_fs_start+0x5e7/0xda0
[ 89.942314][ T5366] bch2_fs_start+0xaaf/0xda0
[ 89.945172][ T5366] ? bch2_fs_start+0x5e7/0xda0
[ 89.947991][ T5366] ? __pfx_bch2_fs_start+0x10/0x10
[ 89.953554][ T5366] ? sget+0x267/0x620
[ 89.956737][ T5366] bch2_fs_get_tree+0xb39/0x1520
[ 89.959940][ T5366] ? __pfx_bch2_fs_get_tree+0x10/0x10
[ 89.963829][ T5366] ? __pfx_vfs_parse_comma_sep+0x10/0x10
[ 89.971524][ T5366] vfs_get_tree+0x92/0x2b0
[ 90.003144][ T5366] do_new_mount+0x2a2/0x9e0
[ 90.005498][ T5366] ? ns_capable+0x8a/0xf0
[ 90.007801][ T5366] ? __pfx_do_new_mount+0x10/0x10
[ 90.010531][ T5366] ? path_mount+0x61c/0xfe0
[ 90.036155][ T5366] ? user_path_at+0x44/0x60
[ 90.048700][ T5366] __se_sys_mount+0x317/0x410
[ 90.052163][ T5366] ? __pfx___se_sys_mount+0x10/0x10
[ 90.067618][ T5366] ? do_syscall_64+0xbe/0x3b0
[ 90.072810][ T5366] ? __x64_sys_mount+0x20/0xc0
[ 90.075325][ T5366] do_syscall_64+0xfa/0x3b0
[ 90.077438][ T5366] ? lockdep_hardirqs_on+0x9c/0x150
[ 90.079848][ T5366] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 90.092807][ T5366] ? clear_bhb_loop+0x60/0xb0
[ 90.094966][ T5366] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 90.097405][ T5366] RIP: 0033:0x7ff3e6d9038a
[ 90.099297][ T5366] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 90.108689][ T5366] RSP: 002b:00007ff3e7cb9e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 90.112517][ T5366] RAX: ffffffffffffffda RBX: 00007ff3e7cb9ef0 RCX: 00007ff3e6d9038a
[ 90.116612][ T5366] RDX: 00002000000000c0 RSI: 0000200000000080 RDI: 00007ff3e7cb9eb0
[ 90.121685][ T5366] RBP: 00002000000000c0 R08: 00007ff3e7cb9ef0 R09: 0000000000818001
[ 90.126753][ T5366] R10: 0000000000818001 R11: 0000000000000246 R12: 0000200000000080
[ 90.132830][ T5366] R13: 00007ff3e7cb9eb0 R14: 0000000000005968 R15: 0000200000000480
[ 90.138714][ T5366]
[ 90.142220][ T5366] Kernel Offset: disabled
[ 90.146419][ T5366] Rebooting in 86400 seconds..