program:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="5c0000000206050800000000000000000000000005000400000000000900020073797a30000000001400078008001340000000000800064000000000050005000000000005000100060000000d000300686173683a6d6163"], 0x5c}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000340)={0x44, 0x9, 0x6, 0x5, 0x0, 0x0, {0x1, 0x0, 0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x1}, @IPSET_ATTR_ADT={0x14, 0x8, 0x0, 0x1, [{0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_ETHER={0xa, 0x11, @local}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x44000)
syz_mount_image$bcachefs(&(0x7f00000000c0), &(0x7f0000000080)='./file1\x00', 0x818001, &(0x7f0000000480)=ANY=[@ANYBLOB='inodes_32bit,shard_inode_numbers,errors=continue,inline_data,directOio,nochanges,prjquota,recovery_pass_last=delete_dead_inodes,version_upgrade=incompatible,\x00'], 0x1, 0x5968, &(0x7f000000b5c0)="$eJzs3X+QXFW9IPBzu3synZn8mAR4RJDJEMh7PHiaCT9SKK+eeW/f01fAo2LxykfYKAxkwosmIZUEIQEluOBCARZaWor6B1pILRotqmCVSIn82IRVlGJ1qS2kVnfRrXILWVICWcpyna2ZvqfTc6fv3J7unpDA51PJ3L6nb3/P9557+vY9p3umAwAAAG8L+2/ZfvCiE/7hx58aff3Gf/z+5ptCf3mivBo3GEiX171ZGXI49VaWTCyz/eIvrv/mb4au/LsfPdD3jTf2rT95wy/+/pgrH/no+Xvv/srjr81/6E8vFsWN/en0Q+vJy0kI1R8c+MKn9z19/HhZEkIoJwO7Q1iULH58UZIJMfyHEML6dKVcmXzng6+ftWF8edPtvZPKF2aC6O9vb9W0n+06eO0Z4Zd/u/bmny79zrd79ry0+9AmSbWhP4Ww4PLGx/ek/+em67G3LYkPTpdrQgh9DY87tyCvU1rMf0XO+onpck667C+IE+9fllkvZbbLrkc9mWVfQX2dysuj3e2KzMusZ09GncrLM5YvSpffS5enzzB+Of5PQikJlXr6m5JDfSQ0HLckJBPHslpfL9WPbUj3P7OeZNZLmfVyT2a/JupNO1o5SSaXx+0y5fF0XEnLT248VzdxcU75O9JlNX2ivhHXQ/ZGTf+UG/X9mhDzOjBNLodDqeEc1Ky83s/Sg9GflvUni6c8ZqyJeN++tXcsL697Yv9ATh7JA0kaP5loo5nG3/WTRfM+8q3brlmSF//yUhq/1Fb8X13wzCuX3vb1L+fGvyvGL7cV/8xH+16+4MlbluW1T+xe/aHSVvyRF5+6c+mxV+zJzf+e2P7Vto7v6r3P9M4/+Ohjucd3OLbP3Lbyf+G89//6/ucefik3fojx+9qKv27v1s/0Dh48LTf+Y7F9+tvrP6/uWfX84OBvh/LiPxvjz28r/n27737vvQtvPz/3+K6J7TPQVvwLT33k5nkHHz4p79yZ3NOtV06At6dj0musW9P16caZvdOMMzvVMF740lCldt06L/0/v5sVZS4+x+tZ0M34AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABBCOO6M//yB//mhgZcr6XpveuOFUm0Zy+eEkMwNIWzfMbJtx8YtVw199Oprtm0Z2TQ0smNodMuObTuHzv6roW2jWzeN7By/d/hdZ9UetzgktWVy0pS6e8fGxkoDk8tiff/m1D2/XH7u//5dCMPH/Xywkpv/irs333tsk58Zyeqx922+5qKfn/O1dL8G0rwGmuQ1NjY2FnLy+j+X/PHezx34zWkhDP/ZdHk99cLf/HBSQhMFh+KkSr2hllBv0tc0j3rWaT6xvSobNm4aHZ6+fccfX87Zj397/Ut/2HDdZ/9Ya99q7n602L5zV49tKn1x7YX/74s31AqK8qrvRyav2T7uRe0d9yLmF9uvmrb3gnS/FuTsVyWnvW/56WPP/eCE217bHYYrry6dWnfRfvWkHaAneUdL9cYa+pJFk8qr6fbxiMfHrdixeeuK7Tt3vWvj5pGrRq8a3fKelWevXDV8zqpzVkzs+You73+s/89b3P9W+1O23pn1p4Uf3/29+LO1/lSUV1F7jOdV3B6NGWXymj/xc+7qsb6LP/3599z95EW14qJ+HreuPw/TZd/4cV4ZGvrb1LZqtl9F7RBCGGrWDq+8dn44/r9tvLnoPNR4ZBp/ZiSrx55e9vuvnfvVJX9dKzgs5/nGhNo8z9ezPpTPRHtV0+MxdoS2b28op/vV3zSvlU8/2XPH/t99op7fnDnhupEdO7atrP2cl2Y6LzmxaV7Z0rhfSyd+lkPaLKHeTZv013E9oZZf9vwZN8+2an96X3+yuOl+ZcX79q29Y3l53RP781o6eaBW49z4xE3embPlpswDy/WEm9V/pD7/ivrH4Ae++tCHHvru2VP6x5m1n0X7leTs13eeu+/z3/jsv/9u9/brA3/zzMDv//u/Lq8VHC3nlXrWaT5J43nlzBCKnn9LQ/P9yH3+lZrvT9HzL1vPoe2bxxvKrPeHcvHztRqmPF/PfLTv5QuevGVZ7vP1QKvP1xsmrZULnq9HSv/JPr+SyuQ8Zu/5NamjJKvHfnTrMbsfv3HNCbWCon5d37pZvz6rhfFHzn798NLnB68e+nf/tXvnjW/+1YOX/WJk9SdrBe0f95hLd457NW3fak771rOO487G9n33lVdvWl8rf9Ovf2uaXP+my4LxTzyVbN+562MjmzaNbtve2n61+noa68m2cruvp/Hstrhgv0pT9mv2brTSXq0+32L+69tur8nPt/6QtHUdt+sni+Z95Fu3XTMw5VFpRZeX0viltuL/6oJnXrn0tq9/OTf+XTF+pa34Iy8+defSY6/Ykxv/niSNX20r/uq9z/TOP/joY7nxh2P+c9uK/8J57//1/c89/FJu/BDj97fX/q/uWfX84OBvc+M/m6T1jF8jhfDg62dtqK0noSd9vsU8eiblFbLrSWa9lFkvN66XanOt9QrKSTK5PG6Xlp/ckEsz/5JTHq/CqktqyzfiesjemL78SFNqOPc3Ky+6TgUAeKuL7//Ha9D4/v9oeqGUP9MAh3Q6DluSEzeOww7N58yZdP+SNH58fJwHHHx3GB5f3jRUu9Cf6fsI8fmQneeM9Zx2yuQYM5nnLIVD85xF8+/LMusxr9p8eaVhHJqaOq6phBbm36fWM/38e2b3i+fHh26dktZQw7xV9vj1pDNmzT7vkMm3Mh4hr39k58Xi5zkGF4Q1E/W12D+yn6OJxyH7OZpYzwmZE2e7n6PptH/EtKfpHxMpF7+/MfX4hWna99Dxax4te/xmcLyr49vP9vuzXZg3bHpKO3zzhi28H9Ykfqvvh9XnJVdP3Wa6+G+Xeckjfd4wlsf9qLQ4n/ihnPJW5hMb5+Xy5hPj6SLmdWCaXA4H84nAW1Uc/8fXiPHx//gF+P/NbFd0HZq9aozxcj8nVG6eT9G4Y+rn9Praeh1ft3frZ3oHD56We53zWKuf+9k6aa2v4HM/Re24PLNe2I45EzRF471sPUXtnv1cRn+Y31a737f77vfeu/D283PbfU3thbS43T8/aW1+QbsfBeOF5vHfauMFn2OYHL9Ln2Momj9708Yj6QefZms88s855TP9fEPflBv1/Zpw1I1Heg5vXgDA0SOO/+vvn6Xj//8RN0ivI4rGradn1mO83HFrzvVJ3rj1n9LldZnt+9PfqJjpdfOFpz5y87yDD5+UO265p9Vx6H+YtDZQOA7tbNycO45Y053Pi+eOI+rjrM7Gibn518eJnY3Tc+PXx+mdjaNz26c+ju5sHiA3fn0e4Ggf5xbM12Uqi6utzte9ZcfR6a/PztY4+uKc8pmOo/un3Kjv1wTjaACAN1cc/8fLuDj+fzKzXafvs+eOC7p03Z79eyD1+M8ernHlbI/7ZnvcOtvj+tmelzjax8WzPS80u/Nkb/txcVrp229cPPew5QYAQOfi+D9exeWP/zsbnzQbv/VMGp8YnzeNb3x+hIzPj/b5L+N/74sX8744AMBbWxz/x197jH//7z+l69m/W2+cnhPfON04fbr+8+qeVfcPtDJO7/48W/A5gDd3HqDhLXLzAAAAvBl6JkZKU3/P/sPpMvt79nm/l39pzvatqqSXx1fs2DY6etk1W9eP7Bi9bMvV60e3X3btto07doxuqW3X6bgxd9ySjht7QiVtj+bbZcdtC9O/h7Aw5+8hZLePYU+cuDH17yFkq51b8HcEDh2/1vLNO36labZv1j/yjnde/H/J2T6qH/8r//XMyzZsv2zjlo07No5s2rhrdPJ246PWvhl8b2Zslhl9X2rmxxSlmX9/Z3fyKE3Joydtj7zvZ08yeSxKM1mU9/0HOXn/+L987uOnjv3x/hCGjyu/s6P2S1aP/cdLRv9px/6fbx3Pf+60+de3TPMq+r7S7PZxfyqbrt6+44wNV1+zJfuNku2J8xml+voszWekT/9yi/MT63LKZ/o5hfKUG0emlucnAACYJL7/H69n4/uHn00voGJ56+P0zt4/zh2nD08ep+f91mn2e8mKxunZ7eP+tjpOr3Y4Ts/WXzROb7Z9s3F63rg7L/4/52w/U633k84+55HbTy5vbT4n+30GRf0ku/1M+0nSYT/J1l/UT5pt36yf5B33vPgfzNk+T+v9obPP5eT2h7ta6w9/mVkv6g/Z7WfaH0od9ods/UX9odn2zfpD3vHNi39Rzvatmtw/xjvGRL8Yvezaq7d9rGG72f7+i87zm93v/2hX6/nP7ue+Zj//2f1c2ezn39nvf+Xm/2xnM2Gt5z+73+/SrsM2X5t+2Kzo82dF87hrc8pnOo87Z8qNI5N5XHjzxPF/fLsnjv9vT5fdfhvo6P+eNN9j1jR+l77HrOg6xuv5NJUdAbyeAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALSmt7JkYrn/lu0HLzrhH378qdHXb/zH72++6S+u/+Zvhq78ux890PeNN/atP3nDL/7+mCsf+ej5e+/+yuOvzX/oTy8WBh6Y+Fk5PV2thpC8nIRQ/cGBL3x639PHj5clIYRyMrA7hEXJ4scXJZkIw38IIayv5zn5zgdfP2vD+PKm23snlS/MBMnuV+gvx3wa8wzhusI94ihUTfvZroPXnhF++bdrb/7p0u98u2fPS7sPbZJUG/pTCAsub3x8Twhhbvp/XOxtS+KD0+WaEEJfw+POLcjrlBbzX5GzfmK6nJMu+wvixPuXZdZLme2y61FPZtlXUF+n8vJod7si8zLr2ZNRp/LyjOWL0uX30uXpM4xfjv+TUEpCpZ7+puRQHwkNxy0JycSxrNbXS/VjG9L9z6wnmfVSZr3ck9mviXrTjlZOksnlcbtMeTwdV9LykxvP1U1cnFP+jnRZTZ+ob8T1kL1R0z/lRn2/JsS8DkyTy+FQajgHNSuvH/j0YPSnZf3J4imPGWsi3rdv7R3Ly+ue2D+Qk0fyQJLGT9qKv+sni+Z95Fu3XbMkL/7lpTR+qa34v7rgmVcuve3rX86Nf1eMX24r/pmP9r18wZO3LMttnwOxfSptxR958ak7lx57xZ7c/O+J8attxV+995ne+QcffSw3/+HYPnPbiv/Cee//9f3PPfxSbvwQ4/e1FX/d3q2f6R08eFpu/Mdi+/S3139e3bPq+cHB3w7lxX82xp/fVvz7dt/93nsX3n5+7vFdE9tnoK34F576yM3zDj58Ut65M7mnW6+cAG9Px6TXWLem6+2OMzvVMF740lClds03L/0/v5sVZYzXs2AW4wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Nb0sxvO/vAl7/vg2koSQpKzzVgT8b7ynNWrh9qod+TFp+5ceuwVexrLlrQRBwAAACgWx+Glekk1LAnXJnPDiU23j3MEJ8a1ZHJ5dg4hxsnOEbQbp9SlOOUuxal0KU5Pl+LM6VKc3i7FqRbEqYbW4sydJk5lvFe0mE/ftPm0Hqe/S3HmdSnO/C7FWdClOAu7FGdg2jit98NFXYqzuEtxjulSnGO7FOe4LsX5sy7FOb5LcbJzyjPth/PTLU/IizNxo1wYp5KU63c0m08/Pq3npA7r6S+oZ37R63GL9cxtsZ5TMo8rzbCeaov1/HmH9SQt1vOXHdZTKqgn9tvrsvnFeuJai/1/Z5fi7Ooszv+K11vXdymfG7oU5xNdivPJLsW5scM42XWAPHH8f2i8NxB6K38d+tIzTnYWII53l078nPp6l3cCivHemSmfUxQvO1DPxFs60/yyEwiZeMsy5T2T4lXq45Fp4lUb4y3P3Fm4v9kJhUx+p2fKe4viZScWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAW/eyGsz98yfs+uDYkYfxfU2NNxPvKc1avHmqj3n1r71heXvfE/say3kobgQAAAIBCcRzeUy+pht7KytCbzJm0XTWdB6im6+WB2nJwQVgzvkyGShPrfcmiaR9XSR+3YsfmrSu279z1ro2bR64avWp0y3tWnr1y1fA5q85ZsWHjptHh2s8QegvihRAmph+279z1sZFNm0a3ba8VZvNfkj5uSbqepI8bfHcYHl/elOa/uKC+0pT6dj5/Xu2uQyVdulFw6AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/8+u3YXIedV/AD/PzOzMdNv8u3/6Ng3NdshLiVo0iVtJtXQfECy0SchSkJnqWoJNsLhpQpuUWMc2YFsTFKElECK5MBKLrcWbvtgi9oVApEYDbgzSFu2FXiitVtKSC0kZye6c2ZnJTGYdS9PGz+fieWbO+Z3zmzMXC99nBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPjATdfGJivjE9XhJISkR029iziXzadpeYC+X35+6/cLoyeXt44VcgNsBAAAAPQVc/hQc6QYCrlsyIYrZ94tPn3JNybCXO4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+90zXxiYr4xPVC5MQkh419S7iXDafpuUB+r7xzpOfeXV09K+tY6UB9gEAAAD6izk80xwphlJYEoaSK9vq4rOBhR3rO+viPovmWdf57KBX3ZJ51l0zz7qP9alb17jvCAAAAPDRF/N/rjkyEgq5BT3zf79cH+uu7qjLNu6D/FYAAAAA+O/E/F9ojpRCIVdq5vX55v3FHXVxfb//28f1y3qs7/f//LWNu//TAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBHx3RtbLIyPlHNJiEkPWrqXcS5bD5NywP0XfXC8N9vOfTQ4taxQm6AjQAAAIC+Yg6fi97FUMgNh6Fw4UzuH71p/9NffPrZsRDCbMzP58OODdu23b1q9hrrVh45NPS9w299q7lNrFs5ez0nhwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN5X07Wxycr4RPWCJISkR029iziXzadpeYC+r3/uC39+/Phzb7aOlQbYBwAAAOgv5vC57F8MpZAP+XD5zLvWrH9apmN9r2cGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPnjnm/c9/UNU1Mb7/bCCy+8aL4413+ZAACA99vVIQn1/9AV68/1pwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4Mpmtjk5XxiWoxCSHpUVPvIs5l82laHqBv+vzRwoKTL7zUOlYaYB8AAACgv5jD57J/MZTCUBgKl8286/ZMYCb/j3yAHxIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4UJmujU1WxieqC5IQkh419S7iXDafpuUB+j62c99nD1783Ztbxwq5ATYCAAAA+oo5PN8cKYZC7uOhEK5qvJ9qX5BkG/fuzwXm1m1tWzY873W1tnXZea/b1XGyXOM0s+uKcb+R2XtzXfnMdeWWdaXQbF9uWxf2tK1a0OdzBgAAADiHYv4vNEdGQiFXaMm5P2mrH5FzAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAepmtjk5XxiWqShJD0qKl3Eeey+TQtD9D3vt/8/0Vf+enu7a1jpQH2AQAAAPqLOXwu+xdDKSwK/xcWzeT+MNJeH+v+UTl18NF//mV5CCsuPzaa69z2h/HFr16/8cXOSwiZ9upMCBc3+iU9+v36d4/eu7R+6vEQVlyWveqMfuHs/ebU6+UkrT9T2bh22+FjW/t/PwAAAHA+iPl/qDkyEgq5u3rm/5i8++T/ppkAfvG9O39+aePaSOQdKzKFxu8MMj36fX7pk39atvpvb53O/2fr96l9mw9e2tZwdqRDktbHN29fd+y6A5l46tnzZjv6x+/lS99881+bdjxyarZ/MRQb4wtz3fqfee1wQVqfyuytrnlvb629f67H+R/67UvHf7lw97un+79z9XCz/zVnOf/Z+w/f+vCe6/cdWtfeP4RQ7tb/7XdvDlf84c4HO88/3LFx6zffeu2QpPUji08cWL2/dEN7/6Sjf/z+f3b8sT0/fuQ7z8b+8bciy5fMt3+mo/8ruy7Z+fID6xe298/0OP+Lt706uqX87d93nv+Otl1zPT/Fmed/4tqnbn9tQ3p/5xQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD5Zbo2NlkZn6hmkhCSHjX1LuJcNp+m5QH6vnHL0bdv2/2jH7SOlQbYBwAAAOgv5vC57F8MpZAP+TA8k/ufqWxcu+3wsa1hZHY2adxzU1vu2faJTVu233XHOfrkAAAAwHzF/J9rjoyEQm5pGGrk//HN29cdu+5AJub/TMz/m+6c2rgiNOte2XXJzpcfWL+w+ZwghJmfBRRP1316ru6mG4+OnPjj15Z1rVs1V3dk8YkDq/eXboh1obVuZWg+n3ji2qduf21Den/z87XWffKrW6YajyfivsO3Przn+n2H1jXP0bgPN/aNdVOZvdU17+2txbps415snBsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAONN0bWyyMj5RDdkQkh419S7iXDafpuUB+q5Z+osHLzr53KLWsUJugI0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODf7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWG/fkLjKPs4gD/PbvJmm03apH3BqJimVVHqwaIgohcVFWlFCp4qRaqtPYiCIKLUg6m0YqmKF8HqpYgKapSCgo3F0iqp+K948aCCQvUglGJAuxQPKtl9ZruZ7rg6qYL6+cDw5Hlm5ju/mefZ2SwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPCPMtA31mwP77i/ccs5N3z06F0nHrnpnXu3XfTwq99NbLruw72DL52c2bxiy5fXL9u0/+4107ufP/TT8Fu/HO0Z/FCrWZW6tRDi8RhC7d3ZZx6b+fisubEYQqjGkckQRuPSQ6Mxl7D65xDC5nad83e+eeLyLXPttl0D88aX5ELy9xXq1ayelpH59fLvUkvrbGvjwUvC19eu3/7p8jde7586NnnqkFjrWE8hLN7YeX5/CGFR2uZkq20sOzm160IIgx3nXdmjrvP/YP2XFvTPTe3/UlvvkZPtX5nrV3LH5fuZ/lw72ON6C1VUR9njehnK9fMvo4UqqjMbH03t26ld9Sfzq9kWQyWGvnb598RTayR0zFsMsTmXtXa/0p7bkO4/14+5fiXXr/bn7qt53bTQqjHOH8+Oy41nr+O+NL6i813dxa0F42entpY+qCezfsj/0VI/7Y/2fTVldc3+Ti1/h0rHO6jbeHvi02TU01g9Lj3tnF+7yPbNrH/iwuqG9w6PFNQR98aUH0vlb/1kdOj213Y+MFaUv7GS8iul8r9Ze+SH23a+8Fxh/tNZfrVU/mUHBo+vfX/HysLnM5s9n75S+Xcc/eDJ5f+/c6rbXDfz92T5tVL510wfGRhuHDhYWP/q7PksKpX/1dU3fvvK5/uOFeaHLH+wVP6G6fueGhhvXFyYf7D1Uag3V2iJ9fPj1BVfjI9/P1GU/1n2/Ie75Mee+S9P7r7qxSW71hSuz3XZ8xkpVf/NF+zfPtTYd17RuzPuOVPfnAD/TcvS/1iPp37Z35kL1fF74dmJvtY30FDahs/khXLmrrP4L8wHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA39iBAxIAAAAAQf9ftyNQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgqQAAAP//5S0lKg==")
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0)
ioctl$KVM_CAP_HYPERV_SYNIC2(r2, 0x4068aea3, &(0x7f0000000100))
[ 167.993809][ T45] Bluetooth: hci0: command tx timeout
[ 168.032299][ T5377] Set syz0 is full, maxelem 0 reached
[ 168.728431][ T5377] loop0: detected capacity change from 0 to 32768
[ 169.048518][ T5377] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,prjquota,nochanges,recovery_pass_last=delete_dead_inodes,nojournal_transaction_names,read_only,version_upgrade=incompatible
[ 169.048539][ T5377] allowing incompatible features above 0.0: (unknown version)
[ 169.048547][ T5377] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 169.178063][ T5377] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[ 169.196664][ T5377] bcachefs (loop0): invalid journal entry, version=1.7: mi_btree_bitmap type=clock in superblock: bad rw, fixing
[ 169.202801][ T5377] bcachefs (loop0): invalid bkey in superblock btree=xattrs level=1: u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 2285c34bed0abe32 written 16 min_key POS_MIN durability: 0 crc: c_size 1 size 1 offset 0 nonce 0 csum none 12010b:10004000b compress none
[ 169.202822][ T5377] has non ptr field, deleting
[ 169.279504][ T5377] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[ 169.283201][ T5377] bcachefs (loop0): Version upgrade from 1.3: rebalance_work to 1.7: mi_btree_bitmap incomplete
[ 169.283201][ T5377] Doing compatible version upgrade from 1.3: rebalance_work to 1.28: inode_has_case_insensitive
[ 169.283201][ T5377] running recovery passes: check_allocations,check_extents_to_backpointers,check_subvols,check_inodes,check_dirents
[ 169.389547][ T5377] bcachefs (loop0): Now allowing incompatible features up to 1.28: inode_has_case_insensitive, previously allowed up to 0.0: (unknown version)
[ 169.389547][ T5377]
[ 169.613843][ T5377] bcachefs (loop0): error reading btree root btree=inodes level=0: btree_node_read_error, fixing
[ 169.680693][ T5377] bcachefs (loop0): check_topology...
[ 169.680805][ T5377] bcachefs (loop0): btree root inodes unreadable, must recover from scan
[ 169.687838][ T5377] bcachefs (loop0): running recovery pass scan_for_btree_nodes (1), currently at check_topology (2) - rewinding
[ 169.724189][ T5377] bcachefs (loop0): bch2_check_root(): error restart_recovery
[ 169.745448][ T5377] bcachefs (loop0): scan_for_btree_nodes...
[ 169.782982][ T5377] bcachefs (loop0): btree node scan found 1 nodes after overwrites
[ 169.814738][ T5377] done
[ 169.816258][ T5377] bcachefs (loop0): check_topology...
[ 169.816352][ T5377] bcachefs (loop0): btree root inodes unreadable, must recover from scan
[ 169.843003][ T5377] bcachefs (loop0): no nodes found for btree inodes, continuing
[ 169.849161][ T5377] done
[ 169.850657][ T5377] bcachefs (loop0): accounting_read... done
[ 169.864393][ T5377] bcachefs (loop0): alloc_read... done
[ 169.868794][ T5377] bcachefs (loop0): snapshots_read... done
[ 169.872285][ T5377] bcachefs (loop0): check_allocations...
[ 169.892665][ T5377] bcachefs (loop0): bucket 0:26 data type btree ptr gen 0 missing in alloc btree
[ 169.892702][ T5377] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0, fixing
[ 169.925501][ T5377] bcachefs (loop0): bucket 0:41 data type btree ptr gen 0 missing in alloc btree
[ 169.925515][ T5377] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing
[ 169.972499][ T5377] bcachefs (loop0): bucket 0:29 data type btree ptr gen 0 missing in alloc btree
[ 169.972517][ T5377] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing
[ 169.990389][ T5377] bcachefs (loop0): bucket 0:1 gen 0 has wrong data_type: got free, should be sb, fixing
[ 170.000326][ T5377] bcachefs (loop0): bucket 0:1 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 170.028142][ T5377] bcachefs (loop0): bucket 0:2 gen 0 has wrong data_type: got free, should be sb, fixing
[ 170.033327][ T5377] bcachefs (loop0): bucket 0:2 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 170.048877][ T5377] bcachefs (loop0): bucket 0:3 gen 0 has wrong data_type: got free, should be sb, fixing
[ 170.068605][ T45] Bluetooth: hci0: command tx timeout
[ 170.090278][ T5377] bcachefs (loop0): bucket 0:3 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 170.096888][ T5377] bcachefs (loop0): bucket 0:4 gen 0 has wrong data_type: got free, should be sb, fixing
[ 170.109529][ T5377] bcachefs (loop0): bucket 0:4 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 170.118560][ T5377] bcachefs (loop0): bucket 0:5 gen 0 has wrong data_type: got free, should be sb, fixing
[ 170.125077][ T5377] bcachefs (loop0): bucket 0:5 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 170.130373][ T5377] bcachefs (loop0): bucket 0:6 gen 0 has wrong data_type: got free, should be sb, fixing
[ 170.159739][ T5377] bcachefs (loop0): bucket 0:6 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 170.172085][ T5377] bcachefs (loop0): bucket 0:7 gen 0 has wrong data_type: got free, should be sb, fixing
[ 170.191705][ T5377] bcachefs (loop0): bucket 0:7 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 170.207908][ T5377] bcachefs (loop0): bucket 0:8 gen 0 has wrong data_type: got free, should be sb, fixing
[ 170.218401][ T5377] bcachefs (loop0): bucket 0:8 gen 0 data type sb has wrong dirty_sectors: got 0, should be 8, fixing
[ 170.234252][ T5377] bcachefs (loop0): bucket 0:16 gen 0 has wrong data_type: got free, should be sb, fixing
[ 170.247061][ T5377] bcachefs (loop0): bucket 0:16 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 170.252829][ T5377] bcachefs (loop0): bucket 0:17 gen 0 has wrong data_type: got free, should be sb, fixing
[ 170.273300][ T5377] bcachefs (loop0): bucket 0:17 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 170.280797][ T5377] bcachefs (loop0): bucket 0:18 gen 0 has wrong data_type: got free, should be sb, fixing
[ 170.280814][ T5377] Ratelimiting new instances of previous error
[ 170.308747][ T5377] bcachefs (loop0): bucket 0:18 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 170.308762][ T5377] Ratelimiting new instances of previous error
[ 170.336470][ T5377] done
[ 170.341164][ T5377] bcachefs (loop0): going read-write
[ 170.549461][ T5377] bcachefs (loop0): journal_replay... done
[ 170.611265][ T5377] bcachefs (loop0): check_lrus...
[ 170.612041][ T5377] bcachefs (loop0): incorrect lru entry: lru fragmentation time 134217728
[ 170.612065][ T5377] u64s 5 type set 18446462598867058688:6597069766690:0 len 0 ver 0
[ 170.612073][ T5377] for u64s 5 type deleted 0:6597069766690:0 len 0 ver 0, fixing
[ 170.642443][ T5377] done
[ 170.651008][ T5377] bcachefs (loop0): check_backpointers_to_extents... done
[ 170.672777][ T5377] bcachefs (loop0): check_extents_to_backpointers...
[ 170.673853][ T5377] bcachefs (loop0): scanning for missing backpointers in 3/128 buckets
[ 170.681758][ T5377] done
[ 170.692487][ T5377] bcachefs (loop0): check_subvols... done
[ 170.698387][ T5377] bcachefs (loop0): check_inodes... done
[ 170.717760][ T5377] bcachefs (loop0): check_dirents...
[ 170.735660][ T5377] bcachefs (loop0): hash table key at wrong offset: should be at 8078364964390222758
[ 170.735690][ T5377] u64s 7 type dirent 4096:189491840996961599:U32_MAX len 0 ver 0: file0 -> 4098 type dir, fixing
[ 170.766565][ T5377] bcachefs (loop0): hash table key at wrong offset: should be at 5999196797717483120
[ 170.766582][ T5377] u64s 7 type dirent 4096:1896155912177158345:U32_MAX len 0 ver 0: file3 -> 536870913 type reg, fixing
[ 170.784309][ T5377] bcachefs (loop0): hash table key at wrong offset: should be at 2736862824518691792
[ 170.784324][ T5377] u64s 7 type dirent 4096:2695648408715017799:U32_MAX len 0 ver 0: file2 -> 536870913 type reg, fixing
[ 170.819507][ T5377] bcachefs (loop0): dirent points to missing inode:
[ 170.819521][ T5377] u64s 7 type dirent 4096:2736862824518691792:U32_MAX len 0 ver 0: file2 -> 536870913 type reg, fixing
[ 170.836137][ T5377] bcachefs (loop0): hash table key at wrong offset: should be at 8392546887112395999
[ 170.836152][ T5377] u64s 7 type dirent 4096:4330382808765833931:U32_MAX len 0 ver 0: file1 -> 536870912 type reg, fixing
[ 170.862653][ T5377] bcachefs (loop0): dirent points to missing inode:
[ 170.862668][ T5377] u64s 7 type dirent 4096:5999196797717483120:U32_MAX len 0 ver 0: file3 -> 536870913 type reg, fixing
[ 170.894460][ T5377] bcachefs (loop0): dirent points to missing inode:
[ 170.894474][ T5377] u64s 7 type dirent 4096:8078364964390222758:U32_MAX len 0 ver 0: file0 -> 4098 type dir, fixing
[ 170.902811][ T5377] bcachefs (loop0): hash table key at wrong offset: should be at 370319288408344083
[ 170.902825][ T5377] u64s 8 type dirent 4096:8130059955150870709:U32_MAX len 0 ver 0: lost+found -> 4097 type dir, fixing
[ 170.929915][ T5377] bcachefs (loop0): dirent points to missing inode:
[ 170.929928][ T5377] u64s 7 type dirent 4096:8392546887112395999:U32_MAX len 0 ver 0: file1 -> 536870912 type reg, fixing
[ 170.945359][ T5377] bcachefs (loop0): hash table key at wrong offset: should be at 1441912991402779174
[ 170.945377][ T5377] u64s 8 type dirent 4096:9097378837824744618:U32_MAX len 0 ver 0: file.cold -> 536870914 type reg, fixing
[ 170.972414][ T5377] bcachefs (loop0): directory with wrong i_nlink: got 0, should be 1
[ 170.972429][ T5377] (disconnected), fixing
[ 170.989991][ T5377] bcachefs (loop0): hash table key at wrong offset: should be at 2704052916692068805
[ 170.990006][ T5377] u64s 7 type dirent 4098:5675548428000973578:U32_MAX len 0 ver 0: file1 -> 4100 type lnk, fixing
[ 171.012478][ T5377] bcachefs (loop0): hash table key at wrong offset: should be at 7931299720629535196
[ 171.012494][ T5377] u64s 7 type dirent 4098:8977922886548783724:U32_MAX len 0 ver 0: file0 -> 4099 type reg, fixing
[ 171.052218][ T5377] bcachefs (loop0): check_dirents requires second pass
[ 171.060901][ T5377] bcachefs (loop0): dirent points to missing inode:
[ 171.060916][ T5377] u64s 8 type dirent 4096:370319288408344083:U32_MAX len 0 ver 0: lost+found -> 4097 type dir, fixing
[ 171.071527][ T5377] bcachefs (loop0): dirent points to missing inode:
[ 171.071540][ T5377] u64s 8 type dirent 4096:1441912991402779174:U32_MAX len 0 ver 0: file.cold -> 536870914 type reg, fixing
[ 171.086398][ T5377] bcachefs (loop0): directory with wrong i_nlink: got 1, should be 0
[ 171.086411][ T5377] (disconnected), fixing
[ 171.130435][ T5377] bcachefs (loop0): dirent points to missing inode:
[ 171.130449][ T5377] u64s 7 type dirent 4098:2704052916692068805:U32_MAX len 0 ver 0: file1 -> 4100 type lnk, fixing
[ 171.153470][ T5377] bcachefs (loop0): dirent points to missing inode:
[ 171.153484][ T5377] u64s 7 type dirent 4098:7931299720629535196:U32_MAX len 0 ver 0: file0 -> 4099 type reg, fixing
[ 171.173347][ T5377] ==================================================================
[ 171.183467][ T5377] BUG: KASAN: use-after-free in bch2_check_dirents+0x1fac/0x33f0
[ 171.186562][ T5377] Read of size 1 at addr ffff888054d43048 by task syz.0.0/5377
[ 171.192131][ T5377]
[ 171.193158][ T5377] CPU: 0 UID: 0 PID: 5377 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full)
[ 171.193176][ T5377] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 171.193184][ T5377] Call Trace:
[ 171.193192][ T5377]
[ 171.193198][ T5377] dump_stack_lvl+0x189/0x250
[ 171.193217][ T5377] ? __kasan_check_byte+0x12/0x40
[ 171.193233][ T5377] ? __pfx_dump_stack_lvl+0x10/0x10
[ 171.193247][ T5377] ? lock_release+0x4b/0x3e0
[ 171.193263][ T5377] ? __virt_addr_valid+0x4a5/0x5c0
[ 171.193278][ T5377] print_report+0xca/0x240
[ 171.193290][ T5377] ? bch2_check_dirents+0x1fac/0x33f0
[ 171.193301][ T5377] kasan_report+0x118/0x150
[ 171.193314][ T5377] ? bch2_check_dirents+0x1fac/0x33f0
[ 171.193326][ T5377] bch2_check_dirents+0x1fac/0x33f0
[ 171.193340][ T5377] ? bch2_check_dirents+0x2f1/0x33f0
[ 171.193353][ T5377] ? desc_read+0x1b8/0x3f0
[ 171.193364][ T5377] ? prb_first_seq+0xfd/0x1a0
[ 171.193374][ T5377] ? __pfx_bch2_check_dirents+0x10/0x10
[ 171.193384][ T5377] ? __pfx_prb_first_seq+0x10/0x10
[ 171.193396][ T5377] ? desc_read+0x1b8/0x3f0
[ 171.193407][ T5377] ? this_cpu_in_panic+0x4f/0x80
[ 171.193418][ T5377] ? _prb_read_valid+0xa07/0xa90
[ 171.193428][ T5377] ? console_flush_all+0x13a/0xc40
[ 171.193442][ T5377] ? up+0xde/0x150
[ 171.193495][ T5377] ? __console_unlock+0x14c/0x1a0
[ 171.193509][ T5377] ? __pfx___console_unlock+0x10/0x10
[ 171.193525][ T5377] ? prb_read_valid+0x3c/0x60
[ 171.193537][ T5377] ? console_unlock+0x21b/0x270
[ 171.193555][ T5377] ? __pfx_console_unlock+0x10/0x10
[ 171.193570][ T5377] ? vprintk_emit+0x63e/0x7a0
[ 171.193587][ T5377] ? __bch2_print+0x176/0x220
[ 171.193601][ T5377] ? bch2_check_dirents+0x2f1/0x33f0
[ 171.193612][ T5377] ? lockdep_hardirqs_on+0x9c/0x150
[ 171.193626][ T5377] __bch2_run_recovery_passes+0x3bd/0x1060
[ 171.193643][ T5377] bch2_run_recovery_passes+0x184/0x210
[ 171.193654][ T5377] bch2_fs_recovery+0x2690/0x3a50
[ 171.193668][ T5377] ? __pfx_bch2_fs_recovery+0x10/0x10
[ 171.193679][ T5377] ? __lock_acquire+0xab9/0xd20
[ 171.193695][ T5377] ? __mutex_trylock_common+0x153/0x260
[ 171.193707][ T5377] ? __lock_acquire+0xab9/0xd20
[ 171.193729][ T5377] ? __lock_acquire+0xab9/0xd20
[ 171.193749][ T5377] ? bch2_fs_start+0xa0f/0xda0
[ 171.193761][ T5377] ? up_write+0x1c4/0x420
[ 171.193771][ T5377] ? bch2_fs_start+0x5e7/0xda0
[ 171.193782][ T5377] bch2_fs_start+0xaaf/0xda0
[ 171.193793][ T5377] ? bch2_fs_start+0x5e7/0xda0
[ 171.193804][ T5377] ? __pfx_bch2_fs_start+0x10/0x10
[ 171.193821][ T5377] ? sget+0x267/0x620
[ 171.193831][ T5377] bch2_fs_get_tree+0xb39/0x1520
[ 171.193849][ T5377] ? __pfx_bch2_fs_get_tree+0x10/0x10
[ 171.193865][ T5377] ? __pfx_vfs_parse_comma_sep+0x10/0x10
[ 171.193884][ T5377] vfs_get_tree+0x92/0x2b0
[ 171.193897][ T5377] do_new_mount+0x2a2/0x9e0
[ 171.193912][ T5377] ? ns_capable+0x8a/0xf0
[ 171.193921][ T5377] ? __pfx_do_new_mount+0x10/0x10
[ 171.193933][ T5377] ? path_mount+0x61c/0xfe0
[ 171.193945][ T5377] ? user_path_at+0x44/0x60
[ 171.193957][ T5377] __se_sys_mount+0x317/0x410
[ 171.193971][ T5377] ? __pfx___se_sys_mount+0x10/0x10
[ 171.193985][ T5377] ? do_syscall_64+0xbe/0x3b0
[ 171.193999][ T5377] ? __x64_sys_mount+0x20/0xc0
[ 171.194012][ T5377] do_syscall_64+0xfa/0x3b0
[ 171.194027][ T5377] ? lockdep_hardirqs_on+0x9c/0x150
[ 171.194042][ T5377] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 171.194054][ T5377] ? clear_bhb_loop+0x60/0xb0
[ 171.194288][ T5377] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 171.194742][ T5377] RIP: 0033:0x7faeb519038a
[ 171.194816][ T5377] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 171.194864][ T5377] RSP: 002b:00007faeb5fede68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 171.194880][ T5377] RAX: ffffffffffffffda RBX: 00007faeb5fedef0 RCX: 00007faeb519038a
[ 171.194926][ T5377] RDX: 00002000000000c0 RSI: 0000200000000080 RDI: 00007faeb5fedeb0
[ 171.194934][ T5377] RBP: 00002000000000c0 R08: 00007faeb5fedef0 R09: 0000000000818001
[ 171.194942][ T5377] R10: 0000000000818001 R11: 0000000000000246 R12: 0000200000000080
[ 171.194984][ T5377] R13: 00007faeb5fedeb0 R14: 0000000000005968 R15: 0000200000000480
[ 171.194997][ T5377]
[ 171.195001][ T5377]
[ 171.524202][ T5377] The buggy address belongs to the physical page:
[ 171.532019][ T5377] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x54d43
[ 171.536452][ T5377] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 171.544264][ T5377] raw: 04fff00000000000 0000000000000000 ffffea00015350c8 0000000000000000
[ 171.560087][ T5377] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 171.564653][ T5377] page dumped because: kasan: bad access detected
[ 171.567842][ T5377] page_owner tracks the page as freed
[ 171.572653][ T5377] page last allocated via order 5, migratetype Unmovable, gfp_mask 0x42800(GFP_NOWAIT|__GFP_COMP), pid 5377, tgid 5376 (syz.0.0), ts 169642110355, free_ts 171173032728
[ 171.586400][ T5377] post_alloc_hook+0x240/0x2a0
[ 171.598961][ T5377] get_page_from_freelist+0x21e4/0x22c0
[ 171.601827][ T5377] __alloc_frozen_pages_noprof+0x181/0x370
[ 171.609440][ T5377] alloc_pages_mpol+0x232/0x4a0
[ 171.611894][ T5377] ___kmalloc_large_node+0x5f/0x1b0
[ 171.619451][ T5377] __kmalloc_large_node_noprof+0x18/0x90
[ 171.622164][ T5377] __kvmalloc_node_noprof+0x6d/0x5f0
[ 171.624884][ T5377] bch2_btree_node_read_done+0x32f6/0x5550
[ 171.627780][ T5377] btree_node_read_work+0x40e/0xe60
[ 171.630384][ T5377] bch2_btree_node_read+0x887/0x2a00
[ 171.633094][ T5377] bch2_btree_root_read+0x5f0/0x760
[ 171.648851][ T5377] read_btree_roots+0x2c6/0x840
[ 171.651080][ T5377] bch2_fs_recovery+0x261f/0x3a50
[ 171.653358][ T5377] bch2_fs_start+0xaaf/0xda0
[ 171.665661][ T5377] bch2_fs_get_tree+0xb39/0x1520
[ 171.668103][ T5377] vfs_get_tree+0x92/0x2b0
[ 171.670408][ T5377] page last free pid 5377 tgid 5376 stack trace:
[ 171.676617][ T5377] __free_pages_ok+0xa83/0xbe0
[ 171.686808][ T5377] free_large_kmalloc+0x13a/0x1f0
[ 171.689265][ T5377] btree_node_sort+0x117f/0x1760
[ 171.691758][ T5377] bch2_btree_post_write_cleanup+0x11f/0xad0
[ 171.696596][ T5377] bch2_btree_node_prep_for_write+0x337/0x650
[ 171.704791][ T5377] bch2_trans_lock_write+0x669/0xba0
[ 171.730043][ T5377] __bch2_trans_commit+0x2773/0x8870
[ 171.733836][ T5377] bch2_check_dirents+0x1c5c/0x33f0
[ 171.736311][ T5377] __bch2_run_recovery_passes+0x3bd/0x1060
[ 171.741069][ T5377] bch2_run_recovery_passes+0x184/0x210
[ 171.744217][ T5377] bch2_fs_recovery+0x2690/0x3a50
[ 171.756769][ T5377] bch2_fs_start+0xaaf/0xda0
[ 171.758921][ T5377] bch2_fs_get_tree+0xb39/0x1520
[ 171.762409][ T5377] vfs_get_tree+0x92/0x2b0
[ 171.775011][ T5377] do_new_mount+0x2a2/0x9e0
[ 171.777367][ T5377] __se_sys_mount+0x317/0x410
[ 171.779628][ T5377]
[ 171.780840][ T5377] Memory state around the buggy address:
[ 171.801638][ T5377] ffff888054d42f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 171.805527][ T5377] ffff888054d42f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 171.809809][ T5377] >ffff888054d43000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 171.813764][ T5377] ^
[ 171.816787][ T5377] ffff888054d43080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 171.820250][ T5377] ffff888054d43100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 171.823865][ T5377] ==================================================================
[ 171.871515][ T5377] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 171.878718][ T5377] CPU: 0 UID: 0 PID: 5377 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full)
[ 171.895137][ T5377] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 171.906436][ T5377] Call Trace:
[ 171.908154][ T5377]
[ 171.909822][ T5377] dump_stack_lvl+0x99/0x250
[ 171.917002][ T5377] ? __asan_memcpy+0x40/0x70
[ 171.926614][ T5377] ? __pfx_dump_stack_lvl+0x10/0x10
[ 171.929003][ T5377] ? __pfx__printk+0x10/0x10
[ 171.931181][ T5377] vpanic+0x281/0x750
[ 171.933022][ T5377] ? preempt_schedule+0xae/0xc0
[ 171.945370][ T5377] ? __pfx_vpanic+0x10/0x10
[ 171.947525][ T5377] ? preempt_schedule_common+0x83/0xd0
[ 171.950177][ T5377] ? preempt_schedule+0xae/0xc0
[ 171.952167][ T5377] ? __pfx_preempt_schedule+0x10/0x10
[ 171.954970][ T5377] panic+0xb9/0xc0
[ 171.959215][ T5377] ? __pfx_panic+0x10/0x10
[ 171.963294][ T5377] ? _raw_spin_unlock_irqrestore+0xfd/0x110
[ 171.970098][ T5377] ? bch2_check_dirents+0x1fac/0x33f0
[ 171.972460][ T5377] check_panic_on_warn+0x89/0xb0
[ 171.974762][ T5377] ? bch2_check_dirents+0x1fac/0x33f0
[ 171.977161][ T5377] end_report+0x78/0x160
[ 171.978987][ T5377] kasan_report+0x129/0x150
[ 171.981123][ T5377] ? bch2_check_dirents+0x1fac/0x33f0
[ 171.984018][ T5377] bch2_check_dirents+0x1fac/0x33f0
[ 171.986516][ T5377] ? bch2_check_dirents+0x2f1/0x33f0
[ 171.988842][ T5377] ? desc_read+0x1b8/0x3f0
[ 171.990816][ T5377] ? prb_first_seq+0xfd/0x1a0
[ 171.992963][ T5377] ? __pfx_bch2_check_dirents+0x10/0x10
[ 171.995875][ T5377] ? __pfx_prb_first_seq+0x10/0x10
[ 171.999427][ T5377] ? desc_read+0x1b8/0x3f0
[ 172.002122][ T5377] ? this_cpu_in_panic+0x4f/0x80
[ 172.004819][ T5377] ? _prb_read_valid+0xa07/0xa90
[ 172.006993][ T5377] ? console_flush_all+0x13a/0xc40
[ 172.009109][ T5377] ? up+0xde/0x150
[ 172.010689][ T5377] ? __console_unlock+0x14c/0x1a0
[ 172.012829][ T5377] ? __pfx___console_unlock+0x10/0x10
[ 172.015791][ T5377] ? prb_read_valid+0x3c/0x60
[ 172.021019][ T5377] ? console_unlock+0x21b/0x270
[ 172.025797][ T5377] ? __pfx_console_unlock+0x10/0x10
[ 172.030936][ T5377] ? vprintk_emit+0x63e/0x7a0
[ 172.035642][ T5377] ? __bch2_print+0x176/0x220
[ 172.041203][ T5377] ? bch2_check_dirents+0x2f1/0x33f0
[ 172.045557][ T5377] ? lockdep_hardirqs_on+0x9c/0x150
[ 172.050690][ T5377] __bch2_run_recovery_passes+0x3bd/0x1060
[ 172.059627][ T5377] bch2_run_recovery_passes+0x184/0x210
[ 172.061827][ T5377] bch2_fs_recovery+0x2690/0x3a50
[ 172.063838][ T5377] ? __pfx_bch2_fs_recovery+0x10/0x10
[ 172.068179][ T5377] ? __lock_acquire+0xab9/0xd20
[ 172.070454][ T5377] ? __mutex_trylock_common+0x153/0x260
[ 172.073568][ T5377] ? __lock_acquire+0xab9/0xd20
[ 172.078026][ T5377] ? __lock_acquire+0xab9/0xd20
[ 172.085891][ T5377] ? bch2_fs_start+0xa0f/0xda0
[ 172.091146][ T5377] ? up_write+0x1c4/0x420
[ 172.094132][ T5377] ? bch2_fs_start+0x5e7/0xda0
[ 172.100103][ T5377] bch2_fs_start+0xaaf/0xda0
[ 172.104314][ T5377] ? bch2_fs_start+0x5e7/0xda0
[ 172.108576][ T5377] ? __pfx_bch2_fs_start+0x10/0x10
[ 172.114408][ T5377] ? sget+0x267/0x620
[ 172.119404][ T5377] bch2_fs_get_tree+0xb39/0x1520
[ 172.126692][ T5377] ? __pfx_bch2_fs_get_tree+0x10/0x10
[ 172.135034][ T5377] ? __pfx_vfs_parse_comma_sep+0x10/0x10
[ 172.139397][ T5377] vfs_get_tree+0x92/0x2b0
[ 172.145075][ T5377] do_new_mount+0x2a2/0x9e0
[ 172.147677][ T5377] ? ns_capable+0x8a/0xf0
[ 172.150148][ T5377] ? __pfx_do_new_mount+0x10/0x10
[ 172.153009][ T5377] ? path_mount+0x61c/0xfe0
[ 172.165506][ T5377] ? user_path_at+0x44/0x60
[ 172.167452][ T5377] __se_sys_mount+0x317/0x410
[ 172.169412][ T5377] ? __pfx___se_sys_mount+0x10/0x10
[ 172.171521][ T5377] ? do_syscall_64+0xbe/0x3b0
[ 172.184556][ T5377] ? __x64_sys_mount+0x20/0xc0
[ 172.193152][ T5377] do_syscall_64+0xfa/0x3b0
[ 172.195226][ T5377] ? lockdep_hardirqs_on+0x9c/0x150
[ 172.197596][ T5377] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 172.206117][ T5377] ? clear_bhb_loop+0x60/0xb0
[ 172.208043][ T5377] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 172.216479][ T5377] RIP: 0033:0x7faeb519038a
[ 172.218272][ T5377] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 172.237621][ T5377] RSP: 002b:00007faeb5fede68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 172.241401][ T5377] RAX: ffffffffffffffda RBX: 00007faeb5fedef0 RCX: 00007faeb519038a
[ 172.251821][ T5377] RDX: 00002000000000c0 RSI: 0000200000000080 RDI: 00007faeb5fedeb0
[ 172.275327][ T5377] RBP: 00002000000000c0 R08: 00007faeb5fedef0 R09: 0000000000818001
[ 172.278416][ T5377] R10: 0000000000818001 R11: 0000000000000246 R12: 0000200000000080
[ 172.281495][ T5377] R13: 00007faeb5fedeb0 R14: 0000000000005968 R15: 0000200000000480
[ 172.296726][ T5377]
[ 172.298357][ T5377] Kernel Offset: disabled
[ 172.300343][ T5377] Rebooting in 86400 seconds..