program:
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)={0x258, 0x2d, 0x1, 0x0, 0x25dfdbfc, "", [@nested={0x248, 0xf2, 0x0, 0x1, [@typed={0xc, 0x18, 0x0, 0x0, @u64=0xfac06}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x16}}}, @nested={0x221, 0xae, 0x0, 0x1, [@generic="6e3df4d64cb542d2bb7154645be59aeea9b03ea2304bbd3c64e5f5a89c1ef25599b48df277a59defb9e03a3d93b70b6fff616ceb386837e7f0863cc819491e866b7a99045be83ed89c8937083c2909941b97f4af7fcdecbe6a05d3cc9a713d1df70f7385b00c451850144b6711b986c37c497a2eee8f2238b25b7cd6e1ac010d8d1e5ff0ef76e6c2a698ec98977569f1c75817449ffec4aeefcd85e7f116b1dde31ec80bef625fa085a178e9dad6f54a5147f188c99f91824cc8", @generic="7136115a547f15bd33b2b72938fcdf5da749cd47c801fed15aab28ecb283401397c8da9f12f689bd297c74b9954de6d6a4e2d6e7d89cf355def058dbd57d08e430e89037856c34b9271f76930c4ac623bdc8b21a1e9bc423941aa1bb6765925749b918caebb032212212d377f77718cb6c05a88960d5cb94fcef3bcb252adaecbb048b71bb81365f4aad770ce4ab90d05a9ab096046db5e29e973b56f1f2500fa28dc01629e8492a4a1cd28707de34156b2495ae96d72491f8c62d1300c95e5b012e42798e48ea4a2e102923394f8581db51030141498f9e5499abe86a2f64ddbf3c78c2e61b2cf9012759a4d24a0f6ea1cf04", @typed={0xd, 0xed, 0x0, 0x0, @str='nochanges'}, @typed={0x8, 0x124, 0x0, 0x0, @u32=0x7}, @typed={0x5, 0x150, 0x0, 0x0, @str='\x00'}, @typed={0x4d, 0xb1, 0x0, 0x0, @binary="c6241d9d0369be61d3a84094ba4665743018629121f0743137adf7d9aedd5a713f35907f08ecd2e6e72adafed088039f228c13550d30464788ed683a96f35853038b88c8cb24b67362"}]}]}]}, 0x258}], 0x1, 0x0, 0x0, 0x1}, 0x0)
syz_mount_image$bcachefs(&(0x7f00000000c0), &(0x7f0000000080)='./file1\x00', 0x818001, &(0x7f0000000480)={[{@inodes_32bit}, {@shared_inode_numbers}, {@errors_continue}, {@inline_data}, {@direct_io}, {@nochanges}, {@prjquota}, {@recovery_pass_last={'recovery_pass_last', 0x3d, 'delete_dead_inodes'}}, {@version_upgrade={'version_upgrade', 0x3d, 'incompatible'}}]}, 0x1, 0x5968, &(0x7f000000b5c0)="$eJzs3X+QXFW9IPBzu3synZn8mAR4RJDJEMh7PHiaCT9SKK+eeW/f01fAo2LxykfYKAxkwosmIZUEIQEluOBCARZaWor6B1pILRotqmCVSIn82IRVlGJ1qS2kVnfRrXILWVICWcpyna2ZvqfTc6fv3J7unpDA51Mwt8/p29/zveee7rnndE86AAAA8Law/5btBy864R9+/KnR12/8x+9vvin0lyfqq3GHgXR73ZuVIYdTb2XJxDY7Lv7i+m/+ZujKv/vRA33feGPf+pM3/OLvj7nykY+ev/furzz+2vyH/vRiUdw4nk4/VE5eTkKo/uDAFz697+njx+uSEEI5GdgdwqJk8eOLkkyI4T+EENanhXJl8p0Pvn7WhvHtTbf3TqpfmAlivL+9VdNxtuvgtWeEX/7t2pt/uvQ73+7Z89LuQ7sk1YbxFMKCyxsf35P+Pzctx9G2JD443a4JIfQ1PO7cgrxOaTH/FTnlE9PtnHTbXxAn3r8sUy5l9suWo57Mtq+gvU7l5dHufkXmZcrZF6NO5eUZ6xel2++l29NnGL8c/09CKQmVevqbkkNjJDSctyQkE+eyWi+X6uc2pMefKSeZcilTLvdkjmui3XSglZNkcn3cL1MfX44raf3Jja/VTVycU/+OdFtNn6hvxHLI3qjpn3KjflwTYl4HpsnlcCg1vAY1q6+Ps/Rk9Kd1/cniKY8ZayLet2/tHcvL657YP5CTR/JAksZPJvpopvF3/WTRvI9867Zr8s5tcnkpjV9qK/6vLnjmlUtv+/qXl+TFvyvGL7cV/8xH+16+4MlbluX1Tzyu/lBpK/7Ii0/dufTYK/bk5n9P7P9qW+d39d5neucffPSx3PM7HPtnblv5v3De+399/3MPv5QbP8T4fW3FX7d362d6Bw+elhv/sdg//e2Nn1f3rHp+cPC3Q3nxn43x57cV/77dd7/33oW3n597ftfE/hloK/6Fpz5y87yDD5+U+/y6p1u/OQHeno5Jr7FuTcvTzTN7p5lndqphvvCloUrtunVe+v/8bjaUufgcb2dBN+MDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAjhuDP+8wf+54cGXq6k5d70xgul2jbWzwkhmRtC2L5jZNuOjVuuGvro1dds2zKyaWhkx9Dolh3bdg6d/VdD20a3bhrZOX7v8LvOqj1ucUhq2+SkKW33jo2NlQYm18X2/s2pe365/Nz//bsQho/7+WAlN/8Vd2++99gmPzOS1WPv23zNRT8/52vpcQ2keQ00yWtsbGws5OT1fy75472fO/Cb00IY/rPp8nrqhb/54aSEJioOxUmVekMtod6kr2ke9azTfGJ/VTZs3DQ6PH3/jj++nHMc//b6l/6w4brP/rHWv9Xc42ixf+euHttU+uLaC//fF2+oVRTlVT+OTF6zfd6L+jseRcwv9l817e8F6XEtyDmuSk5/3/LTx577wQm3vbY7DFdeXTq17aLj6kkHQE/yjpbajS30JYsm1VfT/eMZj49bsWPz1hXbd+5618bNI1eNXjW65T0rz165avicVeesmDjyFV0+/tj+n7d4/K2Op2y7MxtPCz+++3vxZ2vjqSivov4Yz6u4PxozyuQ1f+Ln3NVjfRd/+vPvufvJi2rVReM87l1/HqbbvvHzvDI0jLepfdXsuIr6IYQw1KwfXnnt/HD8f9t4c9HrUOOZafyZkawee3rZ77927leX/HWt4rC8zjcm1ObrfD3rQ/lM9Fc1PR9jR2j/9oZyelz9TfNa+fSTPXfs/90n6vnNmROuG9mxY9vK2s95aabzkhOb5pWtjce1dOJnOaTdEurDtMl4HdcTavllXz/j7tle7U/v608WNz2urHjfvrV3LC+ve2J/Xk8nD9RanBufuMk7c/bclHlguZ5ws/aP1Odf0fgY/MBXH/rQQ989e8r4OLP2s+i4kpzj+s5z933+G5/999/t3nF94G+eGfj9f//X5bWKo+V1pZ51mk/S+LpyZghFz7+loflx5D7/Ss2Pp+j5l23n0P7N4w1lyv2hXPx8rYYpz9czH+17+YInb1mW+3w90Orz9YZJpXLB8/VIGT/Z51dSmZzH7D2/Jg2UZPXYj249ZvfjN645oVZRNK7rezcb12e1MP/IOa4fXvr84NVD/+6/du9145t/9eBlvxhZ/claRfvnPebSnfNeTfu3mtO/9azjvLOxf9995dWb1tfq3/Tr35om17/ptmD+E19Ktu/c9bGRTZtGt21v7bha/X0a28n2cru/T+Or2+KC4ypNOa7Zu9FKf7X6fIv5r2+7vyY/3/pD0tZ13K6fLJr3kW/dds3AlEelDV1eSuOX2or/qwueeeXS277+5dz4d8X4lbbij7z41J1Lj71iT278e5I0frWt+Kv3PtM7/+Cjj+XGH475z20r/gvnvf/X9z/38Eu58UOM399e/7+6Z9Xzg4O/zY3/bJK2M36NFMKDr5+1oVZOQk/6fIt59EzKK2TLSaZcypTLjeVSba213kA5SSbXx/3S+pMbcmnmX3Lq41VYdUlt+0Ysh+yN6euPNKWG1/5m9UXXqQAAb3Xx/f94DRrf/x9NL5TyVxrgkE7nYUty4sZ52KH1nDmT7l+Sxo+Pj+uAg+8Ow+Pbm4ZqF/ozfR8hPh+y65yxndNOmRxjJuucpXBonbNo/X1Zphzzqq2XVxrmoamp85pKaGH9fWo706+/Zw6/eH186NYpaQ01rFtlz19PumLW7PMOmXwr4xHyxkd2XSx+nmNwQVgz0V6L4yP7OZp4HrKfo4ntnJB54Wz3czSdjo+Y9jTjYyLl4vc3pp6/ME3/Hjp/zaNlz98Mznd1fP/Zfn+2C+uGTV/SDt+6YQvvhzWJ3+r7YfV1ydVT95ku/ttlXfJIXzeM9fE4Ki2uJ34op76V9cTGdbm89cT4chHzOjBNLoeD9UTgrSrO/+PviPH5//gF+P/N7Fd0HZq9aozxcj8nVG6eT9G8Y+rn9Pra+j2+bu/Wz/QOHjwt9zrnsVY/97N1Uqmv4HM/Rf24PFMu7MecBZqi+V62naJ+z34uoz/Mb6vf79t993vvXXj7+bn9vqb2i7S43z8/qTS/oN+PgvlC8/hvtfmCzzFMjt+lzzEUrZ+9afOR9INPszUf+eec+pl+vqFvyo36cU046uYjPYc3LwDg6BHn//X3z9L5//+IO6TXEUXz1tMz5Rgvd96ac32SN2/9p3R7XWb//vQvKmZ63XzhqY/cPO/gwyflzlvuaXUe+h8mlQYK56GdzZtz5xFruvN58dx5RH2e1dk8MTf/+jyxs3l6bvz6PL2zeXRu/9Tn0Z2tA+TGr68DHO3z3IL1ukxjsdjqet1bdh6d/vnsbM2jL86pn+k8un/KjfpxTTCPBgB4c8X5f7yMi/P/JzP7dfo+e+68oEvX7dl/D6Qe/9nDNa+c7XnfbM9bZ3teP9vrEkf7vHi214Vmd53sbT8vTht9+82L5x623AAA6Fyc/8eruPz5f2fzk2bzt55J8xPz86bxzc+PkPn50b7+Zf7vffFi3hcHAHhri/P/+GeP8d//+09pOfvv1pun58Q3TzdPn278vLpn1f0DrczTu7/OFnwO4M1dB2h4i9w6AAAAb4aeiZnS1L+z/3C6zf6dfd7f5V+as3+rKunl8RU7to2OXnbN1vUjO0Yv23L1+tHtl127beOOHaNbavt1Om/Mnbek88aeUEn7o/l+2XnbwvTfQ1iY8+8hZPePYU+cuDH130PINju34N8ROHT+Wss37/yVptm/2fjIO9958f8lZ/+ofv6v/NczL9uw/bKNWzbu2DiyaeOu0cn7jc9a+2bwvZmxW2b0famZH1OUZv79nd3JozQlj560P/K+nz3J5LEozWRR3vcf5OT94//yuY+fOvbH+0MYPq78zo76L1k99h8vGf2nHft/vnU8/7nT5l/fM82r6PtKs/vH46lsunr7jjM2XH3Nluw3SrYnrmeU6uVZWs9In/7lFtcn1uXUz/RzCuUpN45MLa9PAAAwSXz/P17PxvcPP5teQMX61ufpnb1/nDtPH548T8/7q9Ps95IVzdOz+8fjbXWeXu1wnp5tv2ie3mz/ZvP0vHl3Xvx/ztl/plofJ519ziN3nFze2npO9vsMisZJdv+ZjpOkw3GSbb9onDTbv9k4yTvvefE/mLN/ntbHQ2efy8kdD3e1Nh7+MlMuGg/Z/Wc6Hkodjods+0Xjodn+zcZD3vnNi39Rzv6tmjw+xgfGxLgYvezaq7d9rGG/2f7+i87zm93v/2hX6/nP7ue+Zj//2f1c2ezn39nff+Xm/2xnK2Gt5z+73+/SrsO2Xpt+2Kzo82dF67hrc+pnuo47Z8qNI5N1XHjzxPl/fLsnzv9vT7fdfhvo6P+eNN9j1jR+l77HrOg6xu/zaRo7Avh9DgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANCa3sqSie3+W7YfvOiEf/jxp0Zfv/Efv7/5pr+4/pu/Gbry7370QN833ti3/uQNv/j7Y6585KPn7737K4+/Nv+hP71YGHhg4mfl9LRYDSF5OQmh+oMDX/j0vqePH69LQgjlZGB3CIuSxY8vSjIRhv8QQlhfz3PynQ++ftaG8e1Nt/dOql+YCZI9rtBfjvk05hnCdYVHxFGomo6zXQevPSP88m/X3vzTpd/5ds+el3Yf2iWpNoynEBZc3vj4nhDC3PT/cXG0LYkPTrdrQgh9DY87tyCvU1rMf0VO+cR0Oyfd9hfEifcvy5RLmf2y5agns+0raK9TeXm0u1+ReZly9sWoU3l5xvpF6fZ76fb0GcYvx/+TUEpCpZ7+puTQGAkN5y0JycS5rNbLpfq5DenxZ8pJplzKlMs9meOaaDcdaOUkmVwf98vUx5fjSlp/cuNrdRMX59S/I91W0yfqG7Ecsjdq+qfcqB/XhJjXgWlyORxKDa9BzerrJz49Gf1pXX+yeMpjxpqI9+1be8fy8ron9g/k5JE8kKTxk7bi7/rJonkf+dZt1yzJi395KY1faiv+ry545pVLb/v6l3Pj3xXjl9uKf+ajfS9f8OQty3L750Dsn0pb8UdefOrOpcdesSc3/3ti/Gpb8VfvfaZ3/sFHH8vNfzj2z9y24r9w3vt/ff9zD7+UGz/E+H1txV+3d+tnegcPnpYb/7HYP/3tjZ9X96x6fnDwt0N58Z+N8ee3Ff++3Xe/996Ft5+fe37XxP4ZaCv+hac+cvO8gw+flPfamdzTrd+cAG9Px6TXWLem5XbnmZ1qmC98aahSu+abl/4/v5sNZYy3s2AW4wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Nb0sxvO/vAl7/vg2koSQpKzz1gT8b7ynNWrh9pod+TFp+5ceuwVexrrlrQRBwAAACgW5+Glek01LAnXJnPDiU33j2sEJ8ZSMrk+u4YQ42TXCNqNU+pSnHKX4lS6FKenS3HmdClOb5fiVAviVENrceZOE6cyPipazKdv2nxaj9PfpTjzuhRnfpfiLOhSnIVdijMwbZzWx+GiLsVZ3KU4x3QpzrFdinNcl+L8WZfiHN+lONk15ZmOw/npnifkxZm4US6MU0nK9Tuaracfn7ZzUoft9Be0M7/o93GL7cxtsZ1TMo8rzbCdaovt/HmH7SQttvOXHbZTKmgnjtvrsvnFdmKpxfG/s0txdnUW53/F663ru5TPDV2K84kuxflkl+Lc2GGcbBkgT5z/H5rvDYTeyl+HvvQVJ7sKEOe7Syd+Tv19l/cCFOO9M1M/pyhedqKeibd0pvllFxAy8ZZl6nsmxavU5yPTxKs2xlueubPweLMLCpn8Ts/U9xbFyy4sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAs+tkNZ3/4kvd9cG1Iwvh/TY01Ee8rz1m9eqiNdvetvWN5ed0T+xvreittBAIAAAAKxXl4T72mGnorK0NvMmfSftV0HaCalssDte3ggrBmfJsMlSbKfcmiaR9XSR+3YsfmrSu279z1ro2bR64avWp0y3tWnr1y1fA5q85ZsWHjptHh2s8QegvihRAmlh+279z1sZFNm0a3ba9VZvNfkj5uSVpO0scNvjsMj29vSvNfXNBeaUp7O58/r3bXoZou3Sg4dQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/2fX7kLkvOo/gJ9nZnZmum3+3T99m4ZmO+SlRC2axK2kWroPCBbaJGQpyEx1LcEmWNw0oU1KrGMbsK0JitASCJFcGInF1uJNX2wR+0IgUqMBNwZpi/ZCL5RWK2nJhaSMZHfO7MxkJrOOpWnj53PxPDPn/M75zZmLhe+zAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHzgpmtjk5XxiepwEkLSo6beRZzL5tO0PEDfLz+/9fuF0ZPLW8cKuQE2AgAAAPqKOXyoOVIMhVw2ZMOVM+8Wn77kGxNhLvcDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/e6ZrY5OV8YnqhUkISY+aehdxLptP0/IAfd9458nPvDo6+tfWsdIA+wAAAAD9xRyeaY4UQyksCUPJlW118dnAwo71nXVxn0XzrOt8dtCrbsk8666ZZ93H+tSta9x3BAAAAPjoi/k/1xwZCYXcgp75v1+uj3VXd9RlG/dBfisAAAAA/Hdi/i80R0qhkCs18/p88/7ijrq4vt//7eP6ZT3W9/t//trG3f/pAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCjY7o2NlkZn6hmkxCSHjX1LuJcNp+m5QH6rnph+O+3HHpocetYITfARgAAAEBfMYfPRe9iKOSGw1C4cCb3j960/+kvPv3sWAhhNubn82HHhm3b7l41e411K48cGvre4be+1dwm1q2cvZ6TwwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO+r6drYZGV8onpBEkLSo6beRZzL5tO0PEDf1z/3hT8/fvy5N1vHSgPsAwAAAPQXc/hc9i+GUsiHfLh85l1r1j8t07G+1zMDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Pxxzzfu+/qGqamNd3vhhRdeNF+c679MAADA++3qkIT6f+iK9ef6UwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8G07Wxycr4RLWYhJD0qKl3Eeey+TQtD9A3ff5oYcHJF15qHSsNsA8AAADQX8zhc9m/GEphKAyFy2bedXsmMJP/Rz7ADwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8qEzXxiYr4xPVBUkISY+aehdxLptP0/IAfR/bue+zBy/+7s2tY4XcABsBAAAAfcUcnm+OFEMh9/FQCFc13k+1L0iyjXv35wJz67a2LRue97pa27rsvNft6jhZrnGa2XXFuN/I7L25rnzmunLLulJoti+3rQt72lYt6PM5AwAAAJxDMf8XmiMjoZArtOTcn7TVj8i5AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAP07Wxycr4RDVJQkh61NS7iHPZfJqWB+h732/+/6Kv/HT39tax0gD7AAAAAP3FHD6X/YuhFBaF/wuLZnJ/GGmvj3X/qJw6+Og//7I8hBWXHxvNdW77w/jiV6/f+GLnJYRMe3UmhIsb/ZIe/X79u0fvXVo/9XgIKy7LXnVGv3D2fnPq9XKS1p+pbFy77fCxrf2/HwAAADgfxPw/1BwZCYXcXT3zf0zeffJ/00wAv/jenT+/tHFtJPKOFZlC43cGmR79Pr/0yT8tW/23t07n/7P1+9S+zQcvbWs4O9IhSevjm7evO3bdgUw89ex5sx394/fypW+++a9NOx45Ndu/GIqN8YW5bv3PvHa4IK1PZfZW17y3t9beP9fj/A/99qXjv1y4+93T/d+5erjZ/5qznP/s/YdvfXjP9fsOrWvvH0Iod+v/9rs3hyv+cOeDnecf7ti49ZtvvXZI0vqRxScOrN5fuqG9f9LRP37/Pzv+2J4fP/KdZ2P/+FuR5Uvm2z/T0f+VXZfsfPmB9Qvb+2d6nP/F214d3VL+9u87z39H2665np/izPM/ce1Tt7+2Ib2/cwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD8Ml0bm6yMT1QzSQhJj5p6F3Eum0/T8gB937jl6Nu37f7RD1rHSgPsAwAAAPQXc/hc9i+GUsiHfBieyf3PVDau3Xb42NYwMjubNO65qS33bPvEpi3b77rjHH1yAAAAYL5i/s81R0ZCIbc0DDXy//jm7euOXXcgE/N/Jub/TXdObVwRmnWv7Lpk58sPrF/YfE4QwszPAoqn6z49V3fTjUdHTvzxa8u61q2aqzuy+MSB1ftLN8S60Fq3MjSfTzxx7VO3v7Yhvb/5+VrrPvnVLVONxxNx3+FbH95z/b5D65rnaNyHG/vGuqnM3uqa9/bWYl22cS82zg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnGm6NjZZGZ+ohmwISY+aehdxLptP0/IAfdcs/cWDF518blHrWCE3wEYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBvduBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrBfP6FxlH0cwJ9nN3mzzSZt0r5gVEzTqij1YFEQ0YuKirQiBU+VItXWHkRBEFHqwVRasVTFi2D1UkQFNUpBwcZiaZVU/Fe8eFBBoXoQSjGgXYoHlew+s91Md1ydVEH9fGB48jwz853fzPPsbBYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPhHGegba7aHd9zfuOWcGz569K4Tj9z0zr3bLnr41e8mNl334d7Bl07ObF6x5cvrl23af/ea6d3PH/pp+K1fjvYMfqjVrErdWgjxeAyh9u7sM4/NfHzW3FgMIVTjyGQIo3HpodGYS1j9cwhhc7vO+TvfPHH5lrl2266BeeNLciH5+wr1alZPy8j8evl3qaV1trXx4CXh62vXb/90+Ruv908dmzx1SKx1rKcQFm/sPL8/hLAobXOy1TaWnZzadSGEwY7zruxR1/l/sP5LC/rnpvZ/qa33yMn2r8z1K7nj8v1Mf64d7HG9hSqqo+xxvQzl+vmX0UIV1ZmNj6b27dSu+pP51WyLoRJDX7v8e+KpNRI65i2G2JzLWrtfac9tSPef68dcv5LrV/tz99W8blpo1Rjnj2fH5caz13FfGl/R+a7u4taC8bNTW0sf1JNZP+T/aKmf9kf7vpqyumZ/p5a/Q6XjHdRtvD3xaTLqaawel552zq9dZPtm1j9xYXXDe4dHCuqIe2PKj6Xyt34yOnT7azsfGCvK31hJ+ZVS+d+sPfLDbTtfeK4w/+ksv1oq/7IDg8fXvr9jZeHzmc2eT1+p/DuOfvDk8v/fOdVtrpv5e7L8Wqn8a6aPDAw3DhwsrH919nwWlcr/6uobv33l833HCvNDlj9YKn/D9H1PDYw3Li7MP9j6KNSbK7TE+vlx6oovxse/nyjK/yx7/sNd8mPP/Jcnd1/14pJdawrX57rs+YyUqv/mC/ZvH2rsO6/o3Rn3nKlvToD/pmXpf6zHU7/s78yF6vi98OxEX+sbaChtw2fyQjlz11n8F+YDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAb+zAAQkAAACAoP+v2xEoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwVAAAAP//fjwlGg==")
[ 76.129478][ T5336] Bluetooth: hci0: command tx timeout
[ 76.380874][ T1316] ieee802154 phy0 wpan0: encryption failed: -22
[ 76.384828][ T1316] ieee802154 phy1 wpan1: encryption failed: -22
[ 76.935291][ T5357] loop0: detected capacity change from 0 to 32768
[ 77.335950][ T5357] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,prjquota,nochanges,recovery_pass_last=delete_dead_inodes,nojournal_transaction_names,read_only,version_upgrade=incompatible
[ 77.335969][ T5357] allowing incompatible features above 0.0: (unknown version)
[ 77.335976][ T5357] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 77.529654][ T5357] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[ 77.560772][ T5357] bcachefs (loop0): invalid journal entry, version=1.7: mi_btree_bitmap type=clock in superblock: bad rw, fixing
[ 77.619184][ T5357] bcachefs (loop0): invalid bkey in superblock btree=xattrs level=1: u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 2285c34bed0abe32 written 16 min_key POS_MIN durability: 0 crc: c_size 1 size 1 offset 0 nonce 0 csum none 12010b:10004000b compress none
[ 77.619210][ T5357] has non ptr field, deleting
[ 77.729255][ T5357] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[ 77.733705][ T5357] bcachefs (loop0): Version upgrade from 1.3: rebalance_work to 1.7: mi_btree_bitmap incomplete
[ 77.733705][ T5357] Doing compatible version upgrade from 1.3: rebalance_work to 1.28: inode_has_case_insensitive
[ 77.733705][ T5357] running recovery passes: check_allocations,check_extents_to_backpointers,check_subvols,check_inodes,check_dirents
[ 77.782253][ T5357] bcachefs (loop0): Now allowing incompatible features up to 1.28: inode_has_case_insensitive, previously allowed up to 0.0: (unknown version)
[ 77.782253][ T5357]
[ 78.092651][ T5357] bcachefs (loop0): accounting_read... done
[ 78.132745][ T5357] bcachefs (loop0): alloc_read... done
[ 78.136752][ T5357] bcachefs (loop0): snapshots_read... done
[ 78.144329][ T5357] bcachefs (loop0): check_allocations...
[ 78.146706][ T5357] bcachefs (loop0): bucket 0:26 data type btree ptr gen 0 missing in alloc btree
[ 78.146730][ T5357] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0, fixing
[ 78.208482][ T5336] Bluetooth: hci0: command tx timeout
[ 78.219952][ T5357] bcachefs (loop0): bucket 0:38 data type btree ptr gen 0 missing in alloc btree
[ 78.219970][ T5357] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7589ab5e0c11cc7a written 8 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing
[ 78.265726][ T5357] bcachefs (loop0): bucket 0:41 data type btree ptr gen 0 missing in alloc btree
[ 78.265744][ T5357] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing
[ 78.325658][ T5357] bcachefs (loop0): bucket 0:29 data type btree ptr gen 0 missing in alloc btree
[ 78.325676][ T5357] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing
[ 78.372040][ T5357] bcachefs (loop0): bucket 0:1 gen 0 has wrong data_type: got free, should be sb, fixing
[ 78.386041][ T5357] bcachefs (loop0): bucket 0:1 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 78.409746][ T5357] bcachefs (loop0): bucket 0:2 gen 0 has wrong data_type: got free, should be sb, fixing
[ 78.416297][ T5357] bcachefs (loop0): bucket 0:2 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 78.447124][ T5357] bcachefs (loop0): bucket 0:3 gen 0 has wrong data_type: got free, should be sb, fixing
[ 78.474397][ T5357] bcachefs (loop0): bucket 0:3 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 78.483019][ T5357] bcachefs (loop0): bucket 0:4 gen 0 has wrong data_type: got free, should be sb, fixing
[ 78.501466][ T5357] bcachefs (loop0): bucket 0:4 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 78.515903][ T5357] bcachefs (loop0): bucket 0:5 gen 0 has wrong data_type: got free, should be sb, fixing
[ 78.530034][ T5357] bcachefs (loop0): bucket 0:5 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 78.551233][ T5357] bcachefs (loop0): bucket 0:6 gen 0 has wrong data_type: got free, should be sb, fixing
[ 78.566613][ T5357] bcachefs (loop0): bucket 0:6 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 78.583213][ T5357] bcachefs (loop0): bucket 0:7 gen 0 has wrong data_type: got free, should be sb, fixing
[ 78.598062][ T5357] bcachefs (loop0): bucket 0:7 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 78.626866][ T5357] bcachefs (loop0): bucket 0:8 gen 0 has wrong data_type: got free, should be sb, fixing
[ 78.654057][ T5357] bcachefs (loop0): bucket 0:8 gen 0 data type sb has wrong dirty_sectors: got 0, should be 8, fixing
[ 78.664570][ T5357] bcachefs (loop0): bucket 0:16 gen 0 has wrong data_type: got free, should be sb, fixing
[ 78.669638][ T5357] bcachefs (loop0): bucket 0:16 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 78.687901][ T5357] bcachefs (loop0): bucket 0:17 gen 0 has wrong data_type: got free, should be sb, fixing
[ 78.694989][ T5357] bcachefs (loop0): bucket 0:17 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 78.772592][ T5357] bcachefs (loop0): bucket 0:18 gen 0 has wrong data_type: got free, should be sb, fixing
[ 78.772609][ T5357] Ratelimiting new instances of previous error
[ 78.805187][ T5357] bcachefs (loop0): bucket 0:18 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 78.805205][ T5357] Ratelimiting new instances of previous error
[ 78.859793][ T5357] done
[ 78.876540][ T5357] bcachefs (loop0): going read-write
[ 79.266553][ T5357] bcachefs (loop0): journal_replay... done
[ 79.292473][ T5357] bcachefs (loop0): check_extents_to_backpointers...
[ 79.295426][ T5357] bcachefs (loop0): scanning for missing backpointers in 4/128 buckets
[ 79.325156][ T5357] done
[ 79.330344][ T5357] bcachefs (loop0): check_subvols... done
[ 79.349376][ T5357] bcachefs (loop0): check_inodes... done
[ 79.352631][ T5357] bcachefs (loop0): check_dirents...
[ 79.354424][ T5357] bcachefs (loop0): key in missing inode, found keys:
[ 79.354460][ T5357] u64s 7 type dirent 4096:189491840996961599:U32_MAX len 0 ver 0: file0 -> 4098 type dir
[ 79.354470][ T5357] u64s 7 type dirent 4096:1896155912177158345:U32_MAX len 0 ver 0: file3 -> 536870913 type reg
[ 79.354479][ T5357] u64s 7 type dirent 4096:2695648408715017799:U32_MAX len 0 ver 0: file2 -> 536870913 type reg
[ 79.354489][ T5357] u64s 7 type dirent 4096:4330382808765833931:U32_MAX len 0 ver 0: file1 -> 536870912 type reg
[ 79.354498][ T5357] u64s 8 type dirent 4096:8130059955150870709:U32_MAX len 0 ver 0: lost+found -> 4097 type dir
[ 79.354509][ T5357] u64s 8 type dirent 4096:9097378837824744618:U32_MAX len 0 ver 0: file.cold -> 536870914 type reg
[ 79.354518][ T5357] , fixing
[ 79.432150][ T5357] bcachefs (loop0): hash table key at wrong offset: should be at 1132226937396782985
[ 79.432170][ T5357] u64s 7 type dirent 4096:189491840996961599:U32_MAX len 0 ver 0: file0 -> 4098 type dir, fixing
[ 79.459687][ T5357] bcachefs (loop0): dirent points to missing inode:
[ 79.459722][ T5357] u64s 7 type dirent 4096:1132226937396782985:U32_MAX len 0 ver 0: file0 -> 4098 type dir, fixing
[ 79.495593][ T5357] bcachefs (loop0): hash table key at wrong offset: should be at 4619620999990752199
[ 79.495612][ T5357] u64s 7 type dirent 4096:1896155912177158345:U32_MAX len 0 ver 0: file3 -> 536870913 type reg, fixing
[ 79.527157][ T5357] bcachefs (loop0): hash table key at wrong offset: should be at 1441897911863333706
[ 79.527175][ T5357] u64s 7 type dirent 4096:2695648408715017799:U32_MAX len 0 ver 0: file2 -> 536870913 type reg, fixing
[ 79.574945][ T5357] bcachefs (loop0): hash table key at wrong offset: should be at 4974531906603331457
[ 79.574961][ T5357] u64s 7 type dirent 4096:4330382808765833931:U32_MAX len 0 ver 0: file1 -> 536870912 type reg, fixing
[ 79.628742][ T5357] bcachefs (loop0): dirent points to missing inode:
[ 79.628759][ T5357] u64s 7 type dirent 4096:4619620999990752199:U32_MAX len 0 ver 0: file3 -> 536870913 type reg, fixing
[ 79.673521][ T5357] bcachefs (loop0): dirent points to missing inode:
[ 79.673539][ T5357] u64s 7 type dirent 4096:4974531906603331457:U32_MAX len 0 ver 0: file1 -> 536870912 type reg, fixing
[ 79.696535][ T5357] bcachefs (loop0): hash table key at wrong offset: should be at 6248773070948308804
[ 79.696554][ T5357] u64s 8 type dirent 4096:8130059955150870709:U32_MAX len 0 ver 0: lost+found -> 4097 type dir, fixing
[ 79.735599][ T5357] bcachefs (loop0): hash table key at wrong offset: should be at 4257503789321871446
[ 79.735615][ T5357] u64s 8 type dirent 4096:9097378837824744618:U32_MAX len 0 ver 0: file.cold -> 536870914 type reg, fixing
[ 79.749245][ T5357] bcachefs (loop0): directory with wrong i_nlink: got 0, should be 1
[ 79.749263][ T5357] (disconnected), fixing
[ 79.779149][ T5357] bcachefs (loop0): key in missing inode, found keys:
[ 79.779164][ T5357] u64s 7 type dirent 4098:5675548428000973578:U32_MAX len 0 ver 0: file1 -> 4100 type lnk
[ 79.779174][ T5357] u64s 7 type dirent 4098:8977922886548783724:U32_MAX len 0 ver 0: file0 -> 4099 type reg
[ 79.779183][ T5357] , fixing
[ 79.846136][ T5357] bcachefs (loop0): key in missing inode, found keys:
[ 79.846697][ T5357] u64s 7 type dirent 4098:8977922886548783724:U32_MAX len 0 ver 0: file0 -> 4099 type reg
[ 79.846711][ T5357] , fixing
[ 79.896849][ T5357] bcachefs (loop0): check_dirents requires second pass
[ 79.918146][ T5357] bcachefs (loop0): dirent points to missing inode:
[ 79.918163][ T5357] u64s 7 type dirent 4096:1441897911863333706:U32_MAX len 0 ver 0: file2 -> 536870913 type reg, fixing
[ 79.940571][ T5357] ==================================================================
[ 79.956733][ T5357] BUG: KASAN: use-after-free in bch2_check_dirents+0x1fac/0x33f0
[ 79.960680][ T5357] Read of size 1 at addr ffff8880556c00c0 by task syz.0.0/5357
[ 79.975127][ T5357]
[ 79.976257][ T5357] CPU: 0 UID: 0 PID: 5357 Comm: syz.0.0 Not tainted 6.17.0-rc1-syzkaller-00004-g53e760d89498 #0 PREEMPT(full)
[ 79.976277][ T5357] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 79.976286][ T5357] Call Trace:
[ 79.976297][ T5357]
[ 79.976304][ T5357] dump_stack_lvl+0x189/0x250
[ 79.976326][ T5357] ? __kasan_check_byte+0x12/0x40
[ 79.976346][ T5357] ? __pfx_dump_stack_lvl+0x10/0x10
[ 79.976357][ T5357] ? lock_release+0x4b/0x3e0
[ 79.976373][ T5357] ? __virt_addr_valid+0x4a5/0x5c0
[ 79.976387][ T5357] print_report+0xca/0x240
[ 79.976398][ T5357] ? bch2_check_dirents+0x1fac/0x33f0
[ 79.976414][ T5357] kasan_report+0x118/0x150
[ 79.976426][ T5357] ? bch2_check_dirents+0x1fac/0x33f0
[ 79.976441][ T5357] bch2_check_dirents+0x1fac/0x33f0
[ 79.976458][ T5357] ? bch2_check_dirents+0x2f1/0x33f0
[ 79.976473][ T5357] ? desc_read+0x1b8/0x3f0
[ 79.976484][ T5357] ? prb_first_seq+0xfd/0x1a0
[ 79.976493][ T5357] ? __pfx_bch2_check_dirents+0x10/0x10
[ 79.976507][ T5357] ? __pfx_prb_first_seq+0x10/0x10
[ 79.976517][ T5357] ? desc_read+0x1b8/0x3f0
[ 79.976527][ T5357] ? this_cpu_in_panic+0x4f/0x80
[ 79.976538][ T5357] ? _prb_read_valid+0xa07/0xa90
[ 79.976549][ T5357] ? console_flush_all+0x13a/0xc40
[ 79.976565][ T5357] ? up+0xde/0x150
[ 79.976629][ T5357] ? __console_unlock+0x14c/0x1a0
[ 79.976639][ T5357] ? __pfx___console_unlock+0x10/0x10
[ 79.976651][ T5357] ? prb_read_valid+0x3c/0x60
[ 79.976661][ T5357] ? console_unlock+0x21b/0x270
[ 79.976673][ T5357] ? __pfx_console_unlock+0x10/0x10
[ 79.976687][ T5357] ? vprintk_emit+0x63e/0x7a0
[ 79.976704][ T5357] ? __bch2_print+0x176/0x220
[ 79.976716][ T5357] ? bch2_check_dirents+0x2f1/0x33f0
[ 79.976731][ T5357] ? lockdep_hardirqs_on+0x9c/0x150
[ 79.976745][ T5357] __bch2_run_recovery_passes+0x3ba/0x1060
[ 79.976761][ T5357] bch2_run_recovery_passes+0x184/0x210
[ 79.976771][ T5357] bch2_fs_recovery+0x2690/0x3a50
[ 79.976791][ T5357] ? __pfx_bch2_fs_recovery+0x10/0x10
[ 79.976806][ T5357] ? __lock_acquire+0xab9/0xd20
[ 79.976820][ T5357] ? __mutex_trylock_common+0x153/0x260
[ 79.976831][ T5357] ? __lock_acquire+0xab9/0xd20
[ 79.976844][ T5357] ? __lock_acquire+0xab9/0xd20
[ 79.976861][ T5357] ? bch2_fs_start+0xa0f/0xda0
[ 79.976873][ T5357] ? up_write+0x1c4/0x420
[ 79.976883][ T5357] ? bch2_fs_start+0x5e7/0xda0
[ 79.976895][ T5357] bch2_fs_start+0xaaf/0xda0
[ 79.976907][ T5357] ? bch2_fs_start+0x5e7/0xda0
[ 79.976917][ T5357] ? __pfx_bch2_fs_start+0x10/0x10
[ 79.976933][ T5357] ? sget+0x267/0x620
[ 79.976946][ T5357] bch2_fs_get_tree+0xb39/0x1520
[ 79.976968][ T5357] ? __pfx_bch2_fs_get_tree+0x10/0x10
[ 79.976987][ T5357] ? __pfx_vfs_parse_comma_sep+0x10/0x10
[ 79.977004][ T5357] vfs_get_tree+0x8f/0x2b0
[ 79.977016][ T5357] do_new_mount+0x2a2/0x9e0
[ 79.977030][ T5357] ? ns_capable+0x8a/0xf0
[ 79.977040][ T5357] ? __pfx_do_new_mount+0x10/0x10
[ 79.977061][ T5357] ? path_mount+0x61c/0xfe0
[ 79.977071][ T5357] ? user_path_at+0x44/0x60
[ 79.977083][ T5357] __se_sys_mount+0x317/0x410
[ 79.977097][ T5357] ? __pfx___se_sys_mount+0x10/0x10
[ 79.977110][ T5357] ? do_syscall_64+0xbe/0x3b0
[ 79.977125][ T5357] ? __x64_sys_mount+0x20/0xc0
[ 79.977138][ T5357] do_syscall_64+0xfa/0x3b0
[ 79.977151][ T5357] ? lockdep_hardirqs_on+0x9c/0x150
[ 79.977164][ T5357] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 79.977173][ T5357] ? clear_bhb_loop+0x60/0xb0
[ 79.977185][ T5357] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 79.977196][ T5357] RIP: 0033:0x7f457939038a
[ 79.977211][ T5357] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 79.977220][ T5357] RSP: 002b:00007f457a137e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 79.977235][ T5357] RAX: ffffffffffffffda RBX: 00007f457a137ef0 RCX: 00007f457939038a
[ 79.977243][ T5357] RDX: 00002000000000c0 RSI: 0000200000000080 RDI: 00007f457a137eb0
[ 79.977249][ T5357] RBP: 00002000000000c0 R08: 00007f457a137ef0 R09: 0000000000818001
[ 79.977255][ T5357] R10: 0000000000818001 R11: 0000000000000246 R12: 0000200000000080
[ 79.977260][ T5357] R13: 00007f457a137eb0 R14: 0000000000005968 R15: 0000200000000480
[ 79.977269][ T5357]
[ 79.977274][ T5357]
[ 80.440509][ T5357] The buggy address belongs to the physical page:
[ 80.453810][ T5357] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x556c0
[ 80.457447][ T5357] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 80.461027][ T5357] page_type: f0(buddy)
[ 80.473237][ T5357] raw: 04fff00000000000 ffffea000155c808 ffff88805ffd6f08 0000000000000000
[ 80.477311][ T5357] raw: 0000000000000000 0000000000000005 00000000f0000000 0000000000000000
[ 80.481118][ T5357] page dumped because: kasan: bad access detected
[ 80.498690][ T5357] page_owner tracks the page as freed
[ 80.500902][ T5357] page last allocated via order 5, migratetype Unmovable, gfp_mask 0x42800(GFP_NOWAIT|__GFP_COMP), pid 5357, tgid 5356 (syz.0.0), ts 79845260673, free_ts 79940471025
[ 80.508254][ T5357] post_alloc_hook+0x240/0x2a0
[ 80.514669][ T5357] get_page_from_freelist+0x21e4/0x22c0
[ 80.517056][ T5357] __alloc_frozen_pages_noprof+0x181/0x370
[ 80.527074][ T5357] alloc_pages_mpol+0x232/0x4a0
[ 80.530252][ T5357] ___kmalloc_large_node+0x5f/0x1b0
[ 80.536570][ T5357] __kmalloc_large_node_noprof+0x18/0x90
[ 80.545576][ T5357] __kvmalloc_node_noprof+0x6d/0x5f0
[ 80.548130][ T5357] btree_node_sort+0x666/0x1760
[ 80.554965][ T5357] bch2_btree_post_write_cleanup+0x11f/0xad0
[ 80.558606][ T5357] bch2_btree_node_prep_for_write+0x337/0x650
[ 80.562953][ T5357] bch2_trans_lock_write+0x669/0xba0
[ 80.566523][ T5357] __bch2_trans_commit+0x2773/0x8870
[ 80.568768][ T5357] bch2_check_dirents+0x811/0x33f0
[ 80.570936][ T5357] __bch2_run_recovery_passes+0x3ba/0x1060
[ 80.581737][ T5357] bch2_run_recovery_passes+0x184/0x210
[ 80.584361][ T5357] bch2_fs_recovery+0x2690/0x3a50
[ 80.586787][ T5357] page last free pid 5357 tgid 5356 stack trace:
[ 80.589706][ T5357] __free_pages_ok+0xa83/0xbe0
[ 80.591897][ T5357] free_large_kmalloc+0x13a/0x1f0
[ 80.596324][ T5357] btree_node_sort+0x117f/0x1760
[ 80.611220][ T5357] bch2_btree_post_write_cleanup+0x11f/0xad0
[ 80.615246][ T5357] bch2_btree_node_prep_for_write+0x337/0x650
[ 80.618528][ T5357] bch2_trans_lock_write+0x669/0xba0
[ 80.623044][ T5357] __bch2_trans_commit+0x2773/0x8870
[ 80.627399][ T5357] bch2_check_dirents+0x1c5c/0x33f0
[ 80.629673][ T5357] __bch2_run_recovery_passes+0x3ba/0x1060
[ 80.632102][ T5357] bch2_run_recovery_passes+0x184/0x210
[ 80.654659][ T5357] bch2_fs_recovery+0x2690/0x3a50
[ 80.657131][ T5357] bch2_fs_start+0xaaf/0xda0
[ 80.659290][ T5357] bch2_fs_get_tree+0xb39/0x1520
[ 80.661588][ T5357] vfs_get_tree+0x8f/0x2b0
[ 80.664984][ T5357] do_new_mount+0x2a2/0x9e0
[ 80.668148][ T5357] __se_sys_mount+0x317/0x410
[ 80.671777][ T5357]
[ 80.673156][ T5357] Memory state around the buggy address:
[ 80.689155][ T5357] ffff8880556bff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 80.709963][ T5357] ffff8880556c0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 80.715695][ T5357] >ffff8880556c0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 80.724111][ T5357] ^
[ 80.729800][ T5357] ffff8880556c0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 80.738210][ T5357] ffff8880556c0180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 80.755931][ T5357] ==================================================================
[ 80.820410][ T5336] Bluetooth: hci0: command tx timeout
[ 80.854780][ T5357] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 80.860063][ T5357] CPU: 0 UID: 0 PID: 5357 Comm: syz.0.0 Not tainted 6.17.0-rc1-syzkaller-00004-g53e760d89498 #0 PREEMPT(full)
[ 80.869377][ T5357] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 80.876518][ T5357] Call Trace:
[ 80.878129][ T5357]
[ 80.879613][ T5357] dump_stack_lvl+0x99/0x250
[ 80.882639][ T5357] ? __asan_memcpy+0x40/0x70
[ 80.886363][ T5357] ? __pfx_dump_stack_lvl+0x10/0x10
[ 80.889318][ T5357] ? __pfx__printk+0x10/0x10
[ 80.891944][ T5357] vpanic+0x281/0x750
[ 80.894504][ T5357] ? preempt_schedule+0xae/0xc0
[ 80.897232][ T5357] ? __pfx_vpanic+0x10/0x10
[ 80.900173][ T5357] ? preempt_schedule_common+0x83/0xd0
[ 80.904259][ T5357] ? preempt_schedule+0xae/0xc0
[ 80.907139][ T5357] ? __pfx_preempt_schedule+0x10/0x10
[ 80.910055][ T5357] panic+0xb9/0xc0
[ 80.912008][ T5357] ? __pfx_panic+0x10/0x10
[ 80.914334][ T5357] ? _raw_spin_unlock_irqrestore+0xfd/0x110
[ 80.917325][ T5357] ? bch2_check_dirents+0x1fac/0x33f0
[ 80.920378][ T5357] check_panic_on_warn+0x89/0xb0
[ 80.923127][ T5357] ? bch2_check_dirents+0x1fac/0x33f0
[ 80.936518][ T5357] end_report+0x78/0x160
[ 80.939383][ T5357] kasan_report+0x129/0x150
[ 80.942511][ T5357] ? bch2_check_dirents+0x1fac/0x33f0
[ 80.955979][ T5357] bch2_check_dirents+0x1fac/0x33f0
[ 80.959080][ T5357] ? bch2_check_dirents+0x2f1/0x33f0
[ 80.962600][ T5357] ? desc_read+0x1b8/0x3f0
[ 80.975229][ T5357] ? prb_first_seq+0xfd/0x1a0
[ 80.977838][ T5357] ? __pfx_bch2_check_dirents+0x10/0x10
[ 80.981969][ T5357] ? __pfx_prb_first_seq+0x10/0x10
[ 80.985245][ T5357] ? desc_read+0x1b8/0x3f0
[ 80.994891][ T5357] ? this_cpu_in_panic+0x4f/0x80
[ 80.997040][ T5357] ? _prb_read_valid+0xa07/0xa90
[ 81.000344][ T5357] ? console_flush_all+0x13a/0xc40
[ 81.003079][ T5357] ? up+0xde/0x150
[ 81.007091][ T5357] ? __console_unlock+0x14c/0x1a0
[ 81.010757][ T5357] ? __pfx___console_unlock+0x10/0x10
[ 81.020864][ T5357] ? prb_read_valid+0x3c/0x60
[ 81.024357][ T5357] ? console_unlock+0x21b/0x270
[ 81.027757][ T5357] ? __pfx_console_unlock+0x10/0x10
[ 81.030769][ T5357] ? vprintk_emit+0x63e/0x7a0
[ 81.033527][ T5357] ? __bch2_print+0x176/0x220
[ 81.037170][ T5357] ? bch2_check_dirents+0x2f1/0x33f0
[ 81.044698][ T5357] ? lockdep_hardirqs_on+0x9c/0x150
[ 81.050262][ T5357] __bch2_run_recovery_passes+0x3ba/0x1060
[ 81.072565][ T5357] bch2_run_recovery_passes+0x184/0x210
[ 81.081810][ T5357] bch2_fs_recovery+0x2690/0x3a50
[ 81.089179][ T5357] ? __pfx_bch2_fs_recovery+0x10/0x10
[ 81.094867][ T5357] ? __lock_acquire+0xab9/0xd20
[ 81.097339][ T5357] ? __mutex_trylock_common+0x153/0x260
[ 81.100790][ T5357] ? __lock_acquire+0xab9/0xd20
[ 81.105435][ T5357] ? __lock_acquire+0xab9/0xd20
[ 81.110049][ T5357] ? bch2_fs_start+0xa0f/0xda0
[ 81.115162][ T5357] ? up_write+0x1c4/0x420
[ 81.119424][ T5357] ? bch2_fs_start+0x5e7/0xda0
[ 81.126994][ T5357] bch2_fs_start+0xaaf/0xda0
[ 81.145206][ T5357] ? bch2_fs_start+0x5e7/0xda0
[ 81.147835][ T5357] ? __pfx_bch2_fs_start+0x10/0x10
[ 81.150585][ T5357] ? sget+0x267/0x620
[ 81.164753][ T5357] bch2_fs_get_tree+0xb39/0x1520
[ 81.171234][ T5357] ? __pfx_bch2_fs_get_tree+0x10/0x10
[ 81.181718][ T5357] ? __pfx_vfs_parse_comma_sep+0x10/0x10
[ 81.187561][ T5357] vfs_get_tree+0x8f/0x2b0
[ 81.190345][ T5357] do_new_mount+0x2a2/0x9e0
[ 81.192780][ T5357] ? ns_capable+0x8a/0xf0
[ 81.196991][ T5357] ? __pfx_do_new_mount+0x10/0x10
[ 81.200781][ T5357] ? path_mount+0x61c/0xfe0
[ 81.208142][ T5357] ? user_path_at+0x44/0x60
[ 81.215275][ T5357] __se_sys_mount+0x317/0x410
[ 81.218827][ T5357] ? __pfx___se_sys_mount+0x10/0x10
[ 81.222807][ T5357] ? do_syscall_64+0xbe/0x3b0
[ 81.226258][ T5357] ? __x64_sys_mount+0x20/0xc0
[ 81.241313][ T5357] do_syscall_64+0xfa/0x3b0
[ 81.243537][ T5357] ? lockdep_hardirqs_on+0x9c/0x150
[ 81.296820][ T5357] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 81.300757][ T5357] ? clear_bhb_loop+0x60/0xb0
[ 81.305099][ T5357] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 81.308151][ T5357] RIP: 0033:0x7f457939038a
[ 81.314860][ T5357] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 81.337342][ T5357] RSP: 002b:00007f457a137e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 81.354282][ T5357] RAX: ffffffffffffffda RBX: 00007f457a137ef0 RCX: 00007f457939038a
[ 81.361019][ T5357] RDX: 00002000000000c0 RSI: 0000200000000080 RDI: 00007f457a137eb0
[ 81.372945][ T5357] RBP: 00002000000000c0 R08: 00007f457a137ef0 R09: 0000000000818001
[ 81.376547][ T5357] R10: 0000000000818001 R11: 0000000000000246 R12: 0000200000000080
[ 81.380034][ T5357] R13: 00007f457a137eb0 R14: 0000000000005968 R15: 0000200000000480
[ 81.383838][ T5357]
[ 81.387743][ T5357] Kernel Offset: disabled
[ 81.389620][ T5357] Rebooting in 86400 seconds..