program: sendmsg$TIPC_NL_MEDIA_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="6c9bfe71af100a5d6fc06d3c000000f29174212f3ab888b68cdbf805dab07649cdff6fa3de99242a9366842776e74e29f4d98c4ca34d9942632f42fac785935977c0ce946f00592a7a340a249be1f718d90de3f4375414f7b1702df31d7af70c9acb0621a492defcc0fac507cb2f012ea552ac0ea39eb9", @ANYRES16=0x0, @ANYBLOB="01000000000000000000030000005800018044000400200001000a00000000000000fe800000000000000000000000000013f8000000200002000a00000000000000ff020000000000000000000000000001000000000d0001007564703a73797a3000000000"], 0x6c}}, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$kcm(0x10, 0x2, 0x4) close(r1) r2 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000011c0)=[{&(0x7f0000000140)="5c00000013006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514001ac004000202080002001500050004000400eab556a705251e618294ff0051f60a84c9f4d4938037e786a6d0001000000e4509c5bbcd72c6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) ioctl$sock_SIOCBRDELBR(r2, 0x89a1, &(0x7f0000000100)='caif0\x00') r3 = socket(0x200000000000011, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x7) r4 = socket(0x11, 0x800000003, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000600)={'team0\x00', 0x0}) r6 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r6, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000800)=@newqdisc={0xa4, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r5, {0x0, 0xffff}, {0xffff, 0xffff}, {0xfff1}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x74, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x8, 0x4, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], [0x0, 0x8]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x4000000}]}]}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8, 0x5, 0x80000000}]}}]}, 0xa4}}, 0x0) syz_mount_image$bcachefs(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x1a18404, &(0x7f00000001c0)=ANY=[@ANYRES32=r6], 0x1, 0x59a2, &(0x7f000000b5c0)="$eJzs3X+QHNV9IPDXM7Pa0a5+rAQEGcxqESghEFsrfhW2U7aSS+wUEEouUg7iZMOCVkT2SqgkEUCQIBLwQQEunHIqwckfxIWpw5ZdVIENMmXMj5M4G5vi7KOuMHf2HfYfvsIcKgM6yuXzXu1Ov9FM7/T27OysfvH5lLQ9/abn+16/ftMz3ze9OwEAAIB3hX23bz9wyUl/+r2/G337lj/71uZbQ395srwaNxhIlzccrhZyKPVWlk0us+Pi9276ys+Hrv7j7z7c9+V39m44deOP/+S4q5/49IV77vuXp99a+OhvXy2KG8fTmQfXk9eTEKrf3v+Pn937/IkTZUkIoZwM7AphSbL06SVJJsTwr0MIG9KVZZk7H3n7nI0Ty1vv6m0qX5zZznh/d6um42zngevPCj/5o3W3/WD517/Ws/u1XQc3SaoN4ymERVc2Pr4nhDA//T8hjrY4HuOgXRtC6Gt43AUF7Tqtzfavylk/OV3OS5f9BXHi/Ssy66XMdtn1qCez7Cuob7by2tHpdkUWZNazJ6OGeyqdxM9rZyxfki4fS5dnzjB+Of5PQikJlXrzx5KDYyQ0HLckJJPHslpfL9WPbUj3P7OeZNZLmfVyT2a/JutNB1o5SZrL43aZ8ng6rqTlpzaeq1u4NKf8Pemymj5R34nrIXujpn/Kjfp+TYrt2j9NWw6FUsM5qFV5/cCnB6M/LetPlk55zHijx/775CLet3fd3SvL65/ZN5DTjuThJI2ftBc/Fe/b+f0lCz711Tuvy76u1+NfWUrjlzqK/9OLXnjj8ju/9MXc+PfG+OWO4p/9ZN/rFz17+4rc/tkf+6fSUfyRV5+7Z/nxV+3Obf/9MX61o/hr9rzQu/DAk0/ltn849s/8juK/8qGP/uyhlx5/LTd+iPH7Ooq/fs/Wz/UOHjijMf7fN8Z/KvZPf2fj583d5788OPiLobz2vxjjL+wo/oO77vvgA4vvujD3+K6N/TPQUfyLT3/itgUHHj+l+TR38MyR3N+tV06Ad6fj0vdYd6TrneaZ9Y06bEdDvvDPQ5VanAXp/4Udxmwp8+Zzop5F3YwPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACGEE876zx/7X58YeL2SrvemN14p1ZaxfF4IyfwQwvYdI9t2bNpyzdCnr71u25aRsaGRHUOjW3Zsu3Ho3D8Y2ja6dWzkxol7h993Tu1xS0NSWyanTKm7d3x8vDTQXBbr+3en7/7Jygv+9y9DGD7hR4OV3Pavum/zA8e3+JmRrBn/yObrLvnRef+W7tdA2q6BFu0aHx8fDznt+j+X/eaBf9j/8zNCGP6d6dr13Csf/k5TgyYLDsZJlXpDrUG9SV/LdtRbnbYn9ldl46ax0eHp+3fi8eWc/fj3N7326403fP43tf6t5u5Hm/07f834WOmf1l38//7p5lpBUbsO13Ev6u+4F7F9sf+qaX8vSvdrUc5+VXL26/YfPPXSt0+6861dYbjy5vKpdRftV086AHqS97RVb6yhL1nSVF5Nt49HPD5u1Y7NW1dtv3Hn+zZtHrlm9JrRLR9Yfe7q84fPO/+8VZN7vqrL+x/r/9029//QjKfFf73rsfizvfFU1K6i/phoV3F/NLYo7/nXd+lnv/CB+569pFZQNM7j1vXzSbrsmzjOq0PDeJvaV632q6gfQghDrfrhjbcuDCf+t023FZ2HGo9M48+MZM348yt+9W8X/OuyP6wVHJLzfGODOjzP11t9sD2T/VVNj8f4Edq/vaGc7ld/y3atfv7Znrv3/fJv6u2bNy/cMLJjx7bVtZ8L0pYuSE5u2a5sadyv5ZM/yyHtllAfpi3G64SeUGtf9vwZN8/2an96X3+ytOV+ZcX79q67e2V5/TP78no6ebhW4/ywsLZM3jux0sJY5oHleoNb1X+kPv+Kxsfgx/710U88+s1zp4yPs2s/i/Yrydmvr7/04Be+/Pn/8M3u7dfHPvzCwK/+x1+trB3qo+W8Elsd25M0nlfODqHo+bc8tN6P3OdfqfX+FD3/svUc3L51vKHMen8od/R8PfvJvtcvevb2FdXw5K5W9ST7WzxfW7q5aa1c8Hw9UsZP9vmVVJrbMXfPr6aBkqwZ/+4dx+16+pa1J9UKisZ1fetW4/qcNvKPnP36zuUvD1479Pf/tXvnja/8wSNX/Hhkzd/WCjo/7rEt3Tnu1bR/qzn9W291zDsb+/f9V187tqFWfuS+/02XBflPPJVsv3HnZ0bGxka3bW9vv9p9PY31ZHu509fTeHZbWrBfpSn7NXc3mvprSm/N7PkW27+h4/5qfr71h6Sj14Wd31+y4FNfvfO6gRb7M1nRlaU0fqmj+D+96IU3Lr/zS1/MjX9vjF/pKP7Iq8/ds/z4q3bnxr8/SeNXO4q/Zs8LvQsPPPlUbvzh2P75HcV/5UMf/dlDLz3+Wm78EOP3d9b/b+4+/+XBwV/kxn8xSeuZeI8UwiNvn7Oxtp6EnvT5FtvR09SukF1PMuulzHq5cb1Um2utV1BOkubyuF1afmpDW1r5y5zy+C6suqy2fCeuh+yN6cuPNKWGc3+r8qL3qQAAx7r4+X98Dxo//x9N3yjlzzTAQbPNw5blxI152MH5nHlN9y9L48fHx3nAwfeH4YnlrUO1N/oz/RwhPh+y85yxnjNOa47R6Txn0fz7isx6bFdtvrzSkIempuY1ldDG/PvUeqaff8/sfvH8+NAdU5o11DBvlT1+PemMWavrHTLtrUxEyBsf2XmxeD3H4KKwdrK+NsdH9jqaeByy19HEek7KnDg7vY5mtuMjNnua8THZ5OLPN6YevzBN/x48fq2jZY/fDI53dWL7uf58tgvzhi1PaYdu3nC2n4flxN8f+8e8ZMv46RPsSJ83jOVxPyptzid+Iqe8W/OJ8XQR27V/mrYcCuYTgWNF9twe8//4GjGR/0+8Af+/me2K3odm3zXGeLnXCZVbt68o75h6nV5fR6/j6/ds/Vzv4IEzct/nPNXudT9bm9b6Cq77KerHlZn1wn7MmaApyvey9RT1e/a6jP6wsKN+f3DXfR98YPFdF+b2+9raC2lxv3+haW1hQb8fBflC6/jyhcOTL9yaxj9KrmMomj87bPlIeuHTXOUjf5FTPtN8pG/Kjfp+TTrq8pGeQ9suAODoEfP/+udnaf7/P+MG6fuIorz1zMx6jJebt+a8P8nLW/88Xd6Q2b4//Y2Kmb5vvvj0J25bcODxU3LzlvvbzUP/Y9PaQGEeOru8OTePWNud68Vz84h6njW7PDG3/fU8cXZ5em78ep4+uzw6t3/qefTs5gFy49fnAY7uz8UK5+sylcXVdufrjtk8Ov312bnKoy/NKZ9pHt0/5UZ9vyYdGXn0LZM/5dEAwLtRzP/j27iY/z+b2W62n7Pn5gVdet+e/Xsg9fgvHqq8sjDva7Eyk7xvrvPWuc7r53pe4mjPi+d6Xmhu58mO0rw46VpenFbaSV5cPWLyYp8vAwAc62L+H/8EbX7+P7v8pFX+1tOUnxz2/LxlfPm5/DwcE/NfHeT/5WM+//e5eIb8HwDg2Bbz//hrj/Hv//2ndD37d+uL8/RKaJWnyNPl6eHw5emVovhHTp7e/Xm2MPU6gJ7gOoBJh2QeoOH7vcwDAABwOPRMZkpTf8/+k+ky+3v2eb+Xf3nO9u2qpG+Pr9qxbXT0iuu2bhjZMXrFlms3jG6/4vptm3bsGN1S2262eWNu3pLmjT2hkvZH6+2yedvi9O8hLM75ewjZ7WPYkydvTP17CNlq5xf8HYGDx6+99uYdv9I027caH3nHOy/+X+ZsH9WP/9V/dfYVG7dfsWnLph2bRsY27Rxt3m4ia+2bwfdmxm6Z0felZn40G5vsrJl+f2d32pH548KlyQQ+9/hPtCPJtGNJ2pIled9/kNPu7/2Xf/jr08d/81AIwyeU3zub/gvJmvFvXDb65zv2/WjrRPtL07b/GxNP2Ikt03YVfV9pPXL8Ptj4vfZj127fcdbGa6/bkv1Gyc7E+YxSfb3r8xm17yFOn/7lNucn1ueUz/Q6hfKUG0emtucnAABoEj//j+9n4+eHn0/fQMXy9vP02X1+nJunD7eXp2e/l6woT89uH/e33Ty9Oss8PVt/UZ7eavtWeXpe3p0X/y9ytp+p9sfJ7K7zyB0nV7Y3TrLfZ1A0TrLbz3ScJLMcJ9n6i8ZJq+1bjZO8454X/+M52+fJHQ8TdzaNh9ldl5M7Hu5tbzz8fma9aDxkt5/peCjNcjxk6y8aD622bzUe8o5vXvxLcrZvV/P4mBgYk+eJ0Suuv3bbZxq2m+vvv5h9++b2+z861X775/a6r7lv/9xeVzb37Z/ddWW57X9xdjNh7bd/br/fpVOHYL62dp1ZerFZ0fVnRfO463LKZzqPO2/KjSOTeVw4fGL+Hz/uifn/Xemy2x8DHf3fk9bF17kPN8Q/Zq6/n9v3Me+e1/PmZ57XcwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBjS29l2eRy3+3bD1xy0p9+7+9G377lz761+dbfu+krPx+6+o+/+3Dfl9/Zu+HUjT/+k+OufuLTF+6571+efmvho799tTDwwOTPypnpajWE5PUkhOq39//jZ/c+f+JEWRJCKCcDu0JYkix9ekmSiTD86xDChno7m+985O1zNk4sb72rt6l8cSZIdr9Cfzm2p7GdIdxQuEccharpONt54Pqzwk/+aN1tP1j+9a/17H5t18FNkmrDeAph0ZWNj+8JIcxP/0+Io21ZfHC6XBtC6Gt43AUF7Tqtzfavylk/OV3OS5f9BXHi/Ssy66XMdtn1qCez7Cuob7by2tHpdkUWZNazJ6PZymtnLF+SLh9Ll2fOMH45/k9CKQmVevPHkoNjJDQctyQkk8eyWl8v1Y9tSPc/s55k1kuZ9XJPZr8m600HWjlJmsvjdpnyeDqupOWnNp6rW7g0p/w96bKaPlHfieshe6Omf8qN+n5Niu3aP01bDoVSwzmoVXn9wKcHoz8t60+WTnnMeAvxvr3r7l5ZXv/MvoGcdiQPJ2n8pKP4O7+/ZMGnvnrndcvy4l9ZSuOXOor/04teeOPyO7/0xdz498b45Y7in/1k3+sXPXv7itz+2R/7p9JR/JFXn7tn+fFX7c5t//0xfrWj+Gv2vNC78MCTT+W2fzj2z/yO4r/yoY/+7KGXHn8tN36I8fs6ir9+z9bP9Q4eOCM3/lOxf/o7Gz9v7j7/5cHBXwzlxX8xxl/YUfwHd933wQcW33Vh7vFdG/tnoKP4F5/+xG0LDjx+St65M7m/W6+cAO9Ox6Xvse5I1zvNM2erIV/456FK7T3fgvT/wm5WlDFRz6LmosocVgcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwDHihzef+8nLPvLxdaEUQpKzzfh4aTwr3leet2bNUAf1jrz63D3Lj79qd2PZsg7iAAAAAMViHl6ql1TDsnB9Mj+c3HL7OEdwclxLmsuzcwgxTnaOoNM4pS7FKXcpTqVLcXq6FGdel+L0dilOtSBONbQXZ/40cSoNk1dFcfqmbU/7cfq7FGdBl+IsbC9Okr0/G2dRl9qzuEtxBqaN0/44XNKlOEu7FOe4LsU5vktxTuhSnN/pUpwTuxQnO6c803G4MN3ypLw4kzfKhXEqSbl+x5TJ9PHx8RPTek6ZZT39BfUsLHo9brOe+W3Wc1rmcaUZ1lNts57fnWU9SZv1/P4s6ykV1BPH7Q3Z9sV64lqb4//GLsXZ2aU4N3Upzs1divM3XYrzt12Kc8ss4wC0K+b/B/O9gdBb+cPQl55xsrMAMd9dPvlz6utd3gkpxntvpnxeUbxsop6Jt3ym7ctOIGTirciU9zTFq9TzkWniVRvjrczcWbi/2QmFTPvOzJT3FsXLTiwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBz64c3nfvKyj3x8XUjCxL+WxluI95XnrVkz1EG9e9fdvbK8/pl9jWW9lQ4CAQAAAIViHt5TL6mG3srq0JvMa9qums4DVNP18kBtObgorJ1YJkOlyfW+ZMm0j6ukj1u1Y/PWVdtv3Pm+TZtHrhm9ZnTLB1afu/r84fPOP2/Vxk1jo8O1nyH0FsQLIUxOP2y/cednRsbGRrdtrxVm278sfdyydD1JHzf4/jA8sbz1hHjH9PWVptQ3dzeKjh0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8P/ZtbsQuc76D+DPmZmdmW6bf+ZP36ah2Qx5KVGLJnErqZbOAcFCm4QsBZmpriXYBIubJrRJiXVsA7Y1QRFaAiGSCyOx2Fq86YstYl8IRGo04MYgbdFe6IXSaiUtuZCUkezOmZ2ZndlZh9pt4+dzMWfmeX7P8zvPXCx8zw4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQZusjY5XymPV4SiEqEdNvYtkLp2N49IAfb/8/M7v50bOrm4dy2UG2AgAAADoK8nhQ82RfMhl0iEdrpr6tDy0TISZ3A8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzvmayNjlfKY9WLoxCiHjX1LpK5dDaOS3O3mNo22zH4xjtPfubVkZG/to4VBz4FAAAAMJckh6eaI/lQDCvCUHRVW13ybGBJx/rOumSfpfOs63x20KtuxTzrrpln3cf61G1qXPcEAAAA+OhL8n+mOVIIucyinvm/X65P6pZ11KUb1z6/FQAAAAD+C5L8n2uOFEMuU2zm9fnm/eUddcn6fv+3T9av6rG+3//zNzau/k8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8dk7XR8Up5rJqOQoh61NS7SObS2TguDdB33QvDf7/l2EPLW8dymQE2AgAAAPpKcvhM9M6HXGY4DIWLp3L/yE2Hn/7i08+OhhCmY342G/Zs2bXr7nXTr0nd2hPHhr53/K1vzapbO/26YAcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADeN5O10fFKeax6URRC1KOm3kUyl87GcWmAvq9/7gt/fvz0c2+2jhUH2AcAAADoL8nhM9k/H4ohG7LhiqlPrVn/vFTH+l7PDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIALxz3fuO/rWyYmtt7tjTfeeNN8s9B/mQAAgPfbshCF+n/oys0LfdcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCHwWRtdLxSHqvmoxCiHjX1LpK5dDaOSwP0jZ8/mVt09oWXWseKA+wDAAAA9Jfk8Jnsnw/FMBSGwuVTn7o9E5jK/4UP8CYBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAD5XJ2uh4pTxWXRSFEPWoqXeRzKWzcVzqtig1d9/H9h767NHF3725dSyXGegIAAAAQB9JDs82R/Ihl/l4yIWrG58n2hdE6ca1+3OBmXU725YNz3tdrW1det7r9nWcLNM4zfS6fLJfYfraXFeava7Usq4Ymu1LbevCgbZVi/rcZwAAAIAFlOT/XHOkEHKZXEvO/UlbfUHOBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB6mKyNjlfKY9UoCiHqUVPvIplLZ+O4NEDf+37z/5d85af7d7eOFQfYBwAAAOgvyeEz2T8fimFp+L+wdCr3h0J7fVL3j8q5o4/+8y+rQ1hzxamRTOe2P0ze/Or1G1/sfAkh1V6dCmFxo1/Uo9+vf/fovSvr5x4PYc3l6atn9Qtz92vfMq4/U9m6cdfxUzv7fDkAAABwgUjy/1BzpBBymbt65v8keffJ/01TAXzxvXt/flnjtZHIO1akCo1+qR79Pr/yyT+tWv+3t87n/7n6ferQ9qOXtTWcHukQxfXy9t2bTl13JJWcerp/uqN/8r186Ztv/mvbnkfOTffPh3xjfEmmW//Zrx0uiusTqYPVDe8drLX3z/Q4/0O/fen0L5fsf/d8/3eWDTf7XzPH+efuP3zrwweuP3RsU3v/EEKpW/+33705XPmHOx/sPP9wx8at33zra4corp9YfubI+sPFG9r7Rx39k+//Z6cfO/DjR77zbNI/+a3I6hXz7Z/q6P/Kvkv3vvzA5iXt/VM9zv/iba+O7Ch9+/ed57+jbddMz7uYff4nrn3q9te2xPd3TgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFxYJmuj45XyWDUVhRB1mc+GEOpdJPPpbByXBuj7xi0n375t/49+0DpWHOgEAAAAQD9JDp/J/vlQDNmQDcNTuf+ZytaNu46f2hkK07NR45qZ2HHPrk9s27H7rjsW6M4BAACA+Uryf6Y5Ugi5zMow1Mj/5e27N5267kgqyf+pJP9vu3Ni65rQrHtl36V7X35g85Lmc4IQpn4WkD9f9+mZuptuPFk488evrepat26m7sTyM0fWHy7ekNSF1rq1ofl84olrn7r9tS3x/c37a6375Fd3TDQeTyT7Dt/68IHrDx3b1DxH4zrc2Depm0gdrG5472AtqUs3rvnGuQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA2SZro+OV8lg1pEOIetTUu0jm0tk4Lg3Qd8PKXzx4ydnnlraO5TIDbAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/JsdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7NdPaBxVHAfw93azzXY3aZNWMCqmaVWUerAoiOhFRUVakYKnSpFqaw+iIIgo9WAqrViq4kWweimighqloGBjsbRKKv4rXjyooFA9CKUY0C7Fg0p2ZzabyU63ndSD+vlAePPevPnOb2bezmYBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgX6W/b6TZHtn5SOPOC2/9/Kn7Tz55+4cPbb/8ibd+Htt882f7aq+fmtqycut3tyzffOCBtZN7Xjn8++D7fx7rGfx4q1mddKshxBMxhOpH0y8+PfXF+TNjMYRQjkPjIQzHZYeHYyZhzR8hhC3tOufufO/kNVtn2u27++eML82EZK8r1MtpPS1Dc+vlv6WarLNtjceuDD/ctGHHVyvefacycXx8dkqsdqynEJZs6jy+EkJYnPzNSFfbSHpw0q4PIdQ6jruuR12XnGH9V+X0L0raRUlb75GT7l+V6Zcy87L9VCXT1nqcb6Hy6ig6r5eBTD/7MlqovDrT8eGk/SBpV59NeGV2sxxDKYa+dvkPxtk1EjqeWwyxeVi13S91xjSvP9OPmX4p0y9XMtfVPG89rSvOHU/nZcbT13FfMr6y813dxV054xckbTX5oJ5K+yG70VKft9G+rqa0runT1NKpfIbzzlap4x3Ubbz94JOHUU/G6nHZvGP+6iLdN7Xh2cvKGz8+MpRTR9wXk/xYKH/bl8MD97y969GRvPxNpSS/VCj/x3VHf71716sv5+a/kOaXC+VffbB2Yt0nO1fl3p/p9P70tfIXzZ9zuvx7j3363Irz7pvo9qyb+XvT/Gqh+m+cPNo/2Dh4KLf+Nen9WVwo//sbbvvpzW/2H8/ND2l+rVD+xsmHn+8fbVyRm3+o9VGoN1dogfXz28S1346O/jKWl/91ev8Hu+THnvlvjO+5/rWlu9fmrs/16f0ZKlT/HZce2DHQ2H9x3rsz7j1X35wA/0/Lk/+xnkn6RX9nLlTH74WXxvpa30ADyd/guTxRxsx5lvyD+QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwNztwQAIAAAAg6P/rdgQKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwVAAD//+6fII0=") ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="2000000072000103000000000000000007000000", @ANYRES32=r7, @ANYBLOB="080001"], 0x20}, 0x1, 0xf00}, 0x0) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x8, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x9, 0x1, 0x58}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) [ 77.078310][ T1312] ieee802154 phy0 wpan0: encryption failed: -22 [ 77.080990][ T1312] ieee802154 phy1 wpan1: encryption failed: -22 [ 77.084451][ T5307] Bluetooth: hci0: command tx timeout [ 77.338477][ T5325] loop0: detected capacity change from 0 to 32768 [ 77.484554][ T5325] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names [ 77.491117][ T5325] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 77.494450][ T5325] bcachefs (loop0): Version upgrade required: [ 77.494450][ T5325] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 77.494450][ T5325] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.25: extent_flags [ 77.494450][ T5325] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 77.532282][ T5325] bcachefs (loop0): running explicit recovery pass check_topology (2), currently at recovery_pass_empty (0) [ 77.537147][ T5325] bcachefs (loop0): bcachefs (loop0): error validating btree node on loop0 at btree extents level 0/0 [ 77.537164][ T5325] u64s 11 type btree_ptr_v2 18446744073707239423:U64_MAX:U32_MAX len 0 ver 0: seq c6c25c03258c59c5 written 16 min_key POS_MIN durability: 1 ptr: 0:27:0 gen 0 [ 77.537173][ T5325] node offset 0/16 bset u64s 0: incorrect max key SPOS_MAX, btree topology error: [ 77.551414][ T5325] bcachefs (loop0): flagging btree extents lost data [ 77.554152][ T5325] bcachefs (loop0): running explicit recovery pass scan_for_btree_nodes (1), currently at recovery_pass_empty (0) [ 77.562123][ T5325] bcachefs (loop0): error reading btree root btree=extents level=0: btree_node_read_error, fixing [ 77.571322][ T5325] bcachefs (loop0): bcachefs (loop0): error validating btree node on loop0 at btree dirents level 0/0 [ 77.571340][ T5325] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0 [ 77.571350][ T5325] node offset 0/24: incorrect min_key: got 25769803776:0:0 should be POS_MIN, btree topology error: [ 77.585457][ T5325] bcachefs (loop0): flagging btree dirents lost data [ 77.590575][ T5325] bcachefs (loop0): error reading btree root btree=dirents level=0: btree_node_read_error, fixing [ 77.596801][ T5325] bcachefs (loop0): bcachefs (loop0): error validating btree node on loop0 at btree alloc level 0/0 [ 77.596815][ T5325] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0 [ 77.596825][ T5325] node offset 0/24 bset u64s 0: incorrect btree id, btree topology error: [ 77.609696][ T5325] bcachefs (loop0): flagging btree alloc lost data [ 77.614146][ T5325] bcachefs (loop0): error reading btree root btree=alloc level=0: btree_node_read_error, fixing [ 77.621688][ T5325] bcachefs (loop0): bcachefs (loop0): error validating btree node on loop0 at btree lru level 0/0 [ 77.621702][ T5325] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 28f61e078e70b95c written 16 min_key 0:562640715776:0 durability: 1 ptr: 0:28:0 gen 0 [ 77.621711][ T5325] node offset 0/16: incorrect min_key: got POS_MIN should be 0:562640715776:0, btree topology error: [ 77.635356][ T5325] bcachefs (loop0): flagging btree lru lost data [ 77.639530][ T5325] bcachefs (loop0): error reading btree root btree=lru level=0: btree_node_read_error, fixing [ 77.644984][ T5325] bcachefs (loop0): invalid bkey in btree_node btree=freespace level=0: u64s 5 type deleted 0:32:0 len 16777216 ver 0 [ 77.645002][ T5325] size != 0, deleting [ 77.651145][ T5325] bcachefs (loop0): flagging btree freespace lost data [ 77.654320][ T5325] bcachefs (loop0): error reading btree root btree=freespace level=0: btree_node_read_error, fixing [ 77.660491][ T5325] bcachefs (loop0): bcachefs (loop0): error validating btree node on loop0 at btree backpointers level 0/0 [ 77.660506][ T5325] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 4a8b0fa43a9980a6 written 24 min_key POS_MIN durability: 1 ptr: 0:37:0 gen 0 [ 77.660514][ T5325] node offset 0/24 bset u64s 0: invalid bkey format: field 2 too large: 4294967295 + 512 > 4294967295 [ 77.660522][ T5325] u64s 3 fields 64:0, 64:0, 32:512, 0:0, 0:0, 0:0, btree topology error: [ 77.678339][ T5325] bcachefs (loop0): flagging btree backpointers lost data [ 77.682208][ T5325] bcachefs (loop0): error reading btree root btree=backpointers level=0: btree_node_read_error, fixing [ 77.687726][ T5325] bcachefs (loop0): bcachefs (loop0): error validating btree node on loop0 at btree deleted_inodes level 0/0 [ 77.687740][ T5325] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 1db8f60c84bb244c written 8 min_key 0:1970324836974592:0 durability: 1 ptr: 0:42:0 gen 0 [ 77.687749][ T5325] node offset 0/8: incorrect min_key: got POS_MIN should be 0:1970324836974592:0, btree topology error: [ 77.702124][ T5325] bcachefs (loop0): flagging btree deleted_inodes lost data [ 77.706135][ T5325] bcachefs (loop0): error reading btree root btree=deleted_inodes level=0: btree_node_read_error, fixing [ 77.711516][ T5325] bcachefs (loop0): scan_for_btree_nodes... [ 77.724044][ T5335] bcachefs (loop0): invalid bkey in btree_node btree=dirents level=0: u64s 8 type dirent 4096:8130059955150870709:U32_MAX len 0 ver 0: lost+found -> 4097 type dir [ 77.724063][ T5335] key before start of btree node, deleting [ 77.742816][ T5325] bcachefs (loop0): btree node scan found 7 nodes after overwrites [ 77.746232][ T5325] done [ 77.748853][ T5325] bcachefs (loop0): check_topology... [ 77.750202][ T5325] bcachefs (loop0): btree root extents unreadable, must recover from scan [ 77.756064][ T5325] bcachefs (loop0): bch2_get_scanned_nodes(): recovery btree=extents level=0 POS_MIN - SPOS_MAX [ 77.760498][ T5325] bcachefs (loop0): bch2_get_scanned_nodes(): recovering u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c6c25c03258c59c5 written 16 min_key POS_MIN durability: 1 ptr: 0:27:0 gen 0 [ 77.771477][ T38] bcachefs (loop0): bcachefs (loop0): error validating btree node at btree extents level 0/0 [ 77.771489][ T38] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c6c25c03258c59c5 written 16 min_key POS_MIN durability: 1 ptr: 0:27:0 gen 0 [ 77.771495][ T38] node offset 8/16 bset u64s 49 bset byte offset 288: bad k->u64s 0 (min 5 max 255), shutting down [ 77.771499][ T38] inconsistency detected - emergency read only at journal seq 10 [ 77.790833][ T5325] bcachefs (loop0): Topology repair: unreadable btree node at [ 77.790851][ T5325] btree=extents level=0 u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c6c25c03258c59c5 written 16 min_key POS_MIN durability: 1 ptr: 0:27:0 gen 0, fixing [ 77.802455][ T5325] bcachefs (loop0): empty interior btree node at btree=extents level=1 [ 77.802468][ T5325] u64s 5 type btree_ptr SPOS_MAX len 0 ver 0, fixing [ 77.808823][ T5325] bcachefs (loop0): empty btree root extents [ 77.812495][ T5325] bcachefs (loop0): btree root dirents unreadable, must recover from scan [ 77.816889][ T5325] bcachefs (loop0): no nodes found for btree dirents, shutting down [ 77.820371][ T5325] bcachefs (loop0): bch2_fs_recovery(): error fsck_errors_not_fixed [ 77.824231][ T5325] bcachefs (loop0): bch2_fs_start(): error starting filesystem fsck_errors_not_fixed [ 77.829699][ T5325] bcachefs (loop0): shutting down [ 77.854045][ T5325] bcachefs (loop0): shutdown complete [ 77.859218][ T3038] ================================================================== [ 77.862330][ T3038] BUG: KASAN: slab-use-after-free in percpu_ref_put+0xda/0x250 [ 77.865437][ T3038] Read of size 8 at addr ffff8880413540b0 by task kworker/u4:11/3038 [ 77.868630][ T3038] [ 77.869594][ T3038] CPU: 0 UID: 0 PID: 3038 Comm: kworker/u4:11 Not tainted 6.14.0-syzkaller-12886-ga1b5bd45d4ee #0 PREEMPT(full) [ 77.869608][ T3038] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 77.869617][ T3038] Workqueue: loop0 loop_workfn [ 77.869636][ T3038] Call Trace: [ 77.869642][ T3038] [ 77.869648][ T3038] dump_stack_lvl+0x241/0x360 [ 77.869664][ T3038] ? __pfx_dump_stack_lvl+0x10/0x10 [ 77.869677][ T3038] ? __virt_addr_valid+0x183/0x530 [ 77.869690][ T3038] ? rcu_is_watching+0x15/0xb0 [ 77.869701][ T3038] ? __virt_addr_valid+0x183/0x530 [ 77.869713][ T3038] ? lock_release+0x4e/0x3e0 [ 77.869724][ T3038] ? __virt_addr_valid+0x183/0x530 [ 77.869737][ T3038] ? __virt_addr_valid+0x183/0x530 [ 77.869748][ T3038] print_report+0x16e/0x5b0 [ 77.869761][ T3038] ? __virt_addr_valid+0x183/0x530 [ 77.869773][ T3038] ? __virt_addr_valid+0x183/0x530 [ 77.869785][ T3038] ? __virt_addr_valid+0x45f/0x530 [ 77.869797][ T3038] ? __phys_addr+0xba/0x170 [ 77.869808][ T3038] ? percpu_ref_put+0xda/0x250 [ 77.869820][ T3038] kasan_report+0x143/0x180 [ 77.869833][ T3038] ? percpu_ref_put+0xda/0x250 [ 77.869845][ T3038] ? percpu_ref_put+0x1f/0x250 [ 77.869857][ T3038] percpu_ref_put+0xda/0x250 [ 77.869870][ T3038] blk_update_request+0x5e5/0x1160 [ 77.869884][ T3038] blk_mq_end_request+0x3e/0x70 [ 77.869899][ T3038] loop_process_work+0x1bdf/0x21d0 [ 77.869921][ T3038] ? __pfx_loop_process_work+0x10/0x10 [ 77.869932][ T3038] ? update_curr_dl_se+0x10e/0x8d0 [ 77.869947][ T3038] ? do_raw_spin_lock+0x151/0x370 [ 77.869963][ T3038] ? do_raw_spin_unlock+0x58/0x8b0 [ 77.869977][ T3038] ? look_up_lock_class+0x7b/0x170 [ 77.870035][ T3038] ? register_lock_class+0x54/0x330 [ 77.870046][ T3038] ? __lock_acquire+0xad5/0xd80 [ 77.870055][ T3038] ? lockdep_hardirqs_on+0x9d/0x150 [ 77.870069][ T3038] ? process_scheduled_works+0x9cb/0x18e0 [ 77.870080][ T3038] process_scheduled_works+0xac3/0x18e0 [ 77.870098][ T3038] ? __pfx_process_scheduled_works+0x10/0x10 [ 77.870111][ T3038] ? assign_work+0x367/0x3d0 [ 77.870122][ T3038] worker_thread+0x870/0xd50 [ 77.870131][ T3038] ? __kthread_parkme+0x1a8/0x200 [ 77.870140][ T3038] ? __pfx_worker_thread+0x10/0x10 [ 77.870147][ T3038] kthread+0x7b7/0x940 [ 77.870156][ T3038] ? __pfx_worker_thread+0x10/0x10 [ 77.870163][ T3038] ? __pfx_kthread+0x10/0x10 [ 77.870172][ T3038] ? __pfx_kthread+0x10/0x10 [ 77.870180][ T3038] ? __pfx_kthread+0x10/0x10 [ 77.870188][ T3038] ? __pfx_kthread+0x10/0x10 [ 77.870196][ T3038] ? _raw_spin_unlock_irq+0x23/0x50 [ 77.870205][ T3038] ? lockdep_hardirqs_on+0x9d/0x150 [ 77.870213][ T3038] ? __pfx_kthread+0x10/0x10 [ 77.870225][ T3038] ret_from_fork+0x4b/0x80 [ 77.870235][ T3038] ? __pfx_kthread+0x10/0x10 [ 77.870247][ T3038] ret_from_fork_asm+0x1a/0x30 [ 77.870261][ T3038] [ 77.870265][ T3038] [ 77.978410][ T3038] Allocated by task 5325: [ 77.980672][ T3038] kasan_save_track+0x3f/0x80 [ 77.983056][ T3038] __kasan_kmalloc+0x9d/0xb0 [ 77.985352][ T3038] __kmalloc_cache_noprof+0x236/0x370 [ 77.987518][ T3038] __bch2_dev_alloc+0x57/0xa60 [ 77.989529][ T3038] bch2_dev_alloc+0xd6/0x180 [ 77.991577][ T3038] bch2_fs_open+0x315f/0x32a0 [ 77.993613][ T3038] bch2_fs_get_tree+0x77b/0x18f0 [ 77.995698][ T3038] vfs_get_tree+0x90/0x2b0 [ 77.997565][ T3038] do_new_mount+0x2cf/0xb70 [ 77.999482][ T3038] __se_sys_mount+0x38c/0x400 [ 78.001393][ T3038] do_syscall_64+0xf3/0x230 [ 78.003070][ T3038] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 78.005230][ T3038] [ 78.006214][ T3038] Freed by task 5325: [ 78.007738][ T3038] kasan_save_track+0x3f/0x80 [ 78.009444][ T3038] kasan_save_free_info+0x40/0x50 [ 78.011074][ T3038] __kasan_slab_free+0x59/0x70 [ 78.012729][ T3038] kfree+0x198/0x430 [ 78.014247][ T3038] kobject_put+0x22f/0x480 [ 78.015900][ T3038] bch2_fs_free+0x27b/0x3c0 [ 78.017667][ T3038] deactivate_locked_super+0xc4/0x130 [ 78.019608][ T3038] bch2_fs_get_tree+0x11b4/0x18f0 [ 78.021484][ T3038] vfs_get_tree+0x90/0x2b0 [ 78.023168][ T3038] do_new_mount+0x2cf/0xb70 [ 78.025058][ T3038] __se_sys_mount+0x38c/0x400 [ 78.026924][ T3038] do_syscall_64+0xf3/0x230 [ 78.028811][ T3038] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 78.031329][ T3038] [ 78.032205][ T3038] The buggy address belongs to the object at ffff888041354000 [ 78.032205][ T3038] which belongs to the cache kmalloc-4k of size 4096 [ 78.037483][ T3038] The buggy address is located 176 bytes inside of [ 78.037483][ T3038] freed 4096-byte region [ffff888041354000, ffff888041355000) [ 78.042888][ T3038] [ 78.043801][ T3038] The buggy address belongs to the physical page: [ 78.046355][ T3038] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x41350 [ 78.049352][ T3038] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 78.052345][ T3038] flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff) [ 78.054982][ T3038] page_type: f5(slab) [ 78.056436][ T3038] raw: 04fff00000000040 ffff88801b042140 dead000000000100 dead000000000122 [ 78.059853][ T3038] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 78.063247][ T3038] head: 04fff00000000040 ffff88801b042140 dead000000000100 dead000000000122 [ 78.066586][ T3038] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 78.069935][ T3038] head: 04fff00000000003 ffffea000104d401 00000000ffffffff 00000000ffffffff [ 78.073415][ T3038] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 78.076807][ T3038] page dumped because: kasan: bad access detected [ 78.079275][ T3038] page_owner tracks the page as allocated [ 78.081541][ T3038] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4737, tgid 4737 (udevd), ts 42218298321, free_ts 42209116270 [ 78.089245][ T3038] post_alloc_hook+0x1f4/0x240 [ 78.091172][ T3038] get_page_from_freelist+0x352b/0x36c0 [ 78.093244][ T3038] __alloc_frozen_pages_noprof+0x211/0x5b0 [ 78.095479][ T3038] alloc_pages_mpol+0x339/0x690 [ 78.097421][ T3038] allocate_slab+0x8f/0x3a0 [ 78.099168][ T3038] ___slab_alloc+0xc3b/0x1500 [ 78.100956][ T3038] __slab_alloc+0x58/0xa0 [ 78.102578][ T3038] __kmalloc_noprof+0x2ea/0x4d0 [ 78.104381][ T3038] tomoyo_realpath_from_path+0xcf/0x5e0 [ 78.106539][ T3038] tomoyo_path_perm+0x2be/0x640 [ 78.108413][ T3038] security_inode_getattr+0x130/0x330 [ 78.110537][ T3038] vfs_statx_path+0x23/0x2b0 [ 78.112326][ T3038] vfs_statx+0x13a/0x200 [ 78.113983][ T3038] vfs_fstatat+0xdc/0x150 [ 78.115675][ T3038] __x64_sys_newfstatat+0x11f/0x1a0 [ 78.117733][ T3038] do_syscall_64+0xf3/0x230 [ 78.119525][ T3038] page last free pid 4738 tgid 4738 stack trace: [ 78.121998][ T3038] __free_frozen_pages+0xde8/0x10a0 [ 78.124003][ T3038] __put_partials+0x160/0x1c0 [ 78.125794][ T3038] put_cpu_partial+0x17e/0x250 [ 78.127616][ T3038] __slab_free+0x294/0x390 [ 78.129391][ T3038] qlist_free_all+0x9a/0x140 [ 78.131170][ T3038] kasan_quarantine_reduce+0x14f/0x170 [ 78.133284][ T3038] __kasan_slab_alloc+0x23/0x80 [ 78.135169][ T3038] kmem_cache_alloc_noprof+0x1e1/0x390 [ 78.137241][ T3038] getname_flags+0xb6/0x530 [ 78.138921][ T3038] __x64_sys_symlink+0x5d/0x90 [ 78.140743][ T3038] do_syscall_64+0xf3/0x230 [ 78.142538][ T3038] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 78.144860][ T3038] [ 78.145730][ T3038] Memory state around the buggy address: [ 78.147900][ T3038] ffff888041353f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 78.150918][ T3038] ffff888041354000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 78.153863][ T3038] >ffff888041354080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 78.156820][ T3038] ^ [ 78.158848][ T3038] ffff888041354100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 78.162009][ T3038] ffff888041354180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 78.165184][ T3038] ================================================================== [ 78.197508][ T3038] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 78.200487][ T3038] CPU: 0 UID: 0 PID: 3038 Comm: kworker/u4:11 Not tainted 6.14.0-syzkaller-12886-ga1b5bd45d4ee #0 PREEMPT(full) [ 78.204873][ T3038] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 78.209259][ T3038] Workqueue: loop0 loop_workfn [ 78.211642][ T3038] Call Trace: [ 78.212958][ T3038] [ 78.214034][ T3038] dump_stack_lvl+0x241/0x360 [ 78.215702][ T3038] ? __pfx_dump_stack_lvl+0x10/0x10 [ 78.217743][ T3038] ? __pfx__printk+0x10/0x10 [ 78.219582][ T3038] ? vscnprintf+0x5d/0x90 [ 78.221145][ T3038] panic+0x349/0x880 [ 78.222698][ T3038] ? check_panic_on_warn+0x21/0xb0 [ 78.224661][ T3038] ? __pfx_panic+0x10/0x10 [ 78.226464][ T3038] ? _raw_spin_unlock_irqrestore+0x134/0x140 [ 78.228848][ T3038] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 78.231301][ T3038] ? print_report+0x519/0x5b0 [ 78.233096][ T3038] check_panic_on_warn+0x86/0xb0 [ 78.235114][ T3038] ? percpu_ref_put+0xda/0x250 [ 78.237079][ T3038] end_report+0x77/0x160 [ 78.238725][ T3038] kasan_report+0x154/0x180 [ 78.240621][ T3038] ? percpu_ref_put+0xda/0x250 [ 78.242562][ T3038] ? percpu_ref_put+0x1f/0x250 [ 78.244530][ T3038] percpu_ref_put+0xda/0x250 [ 78.246371][ T3038] blk_update_request+0x5e5/0x1160 [ 78.248423][ T3038] blk_mq_end_request+0x3e/0x70 [ 78.250384][ T3038] loop_process_work+0x1bdf/0x21d0 [ 78.252291][ T3038] ? __pfx_loop_process_work+0x10/0x10 [ 78.254617][ T3038] ? update_curr_dl_se+0x10e/0x8d0 [ 78.256764][ T3038] ? do_raw_spin_lock+0x151/0x370 [ 78.258853][ T3038] ? do_raw_spin_unlock+0x58/0x8b0 [ 78.260974][ T3038] ? look_up_lock_class+0x7b/0x170 [ 78.262943][ T3038] ? register_lock_class+0x54/0x330 [ 78.265064][ T3038] ? __lock_acquire+0xad5/0xd80 [ 78.267039][ T3038] ? lockdep_hardirqs_on+0x9d/0x150 [ 78.269204][ T3038] ? process_scheduled_works+0x9cb/0x18e0 [ 78.271637][ T3038] process_scheduled_works+0xac3/0x18e0 [ 78.273780][ T3038] ? __pfx_process_scheduled_works+0x10/0x10 [ 78.276170][ T3038] ? assign_work+0x367/0x3d0 [ 78.278140][ T3038] worker_thread+0x870/0xd50 [ 78.279871][ T3038] ? __kthread_parkme+0x1a8/0x200 [ 78.281944][ T3038] ? __pfx_worker_thread+0x10/0x10 [ 78.283818][ T3038] kthread+0x7b7/0x940 [ 78.285404][ T3038] ? __pfx_worker_thread+0x10/0x10 [ 78.287317][ T3038] ? __pfx_kthread+0x10/0x10 [ 78.288996][ T3038] ? __pfx_kthread+0x10/0x10 [ 78.290577][ T3038] ? __pfx_kthread+0x10/0x10 [ 78.292204][ T3038] ? __pfx_kthread+0x10/0x10 [ 78.293808][ T3038] ? _raw_spin_unlock_irq+0x23/0x50 [ 78.295557][ T3038] ? lockdep_hardirqs_on+0x9d/0x150 [ 78.297404][ T3038] ? __pfx_kthread+0x10/0x10 [ 78.299143][ T3038] ret_from_fork+0x4b/0x80 [ 78.300866][ T3038] ? __pfx_kthread+0x10/0x10 [ 78.302445][ T3038] ret_from_fork_asm+0x1a/0x30 [ 78.304233][ T3038] [ 78.305796][ T3038] Kernel Offset: disabled [ 78.307580][ T3038] Rebooting in 86400 seconds..