program: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) prctl$PR_SET_SPECULATION_CTRL(0x3, 0x0) ioprio_set$pid(0x1, 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x4008040, 0x0) read$FUSE(r0, 0x0, 0x0) (async) read$FUSE(r0, 0x0, 0x0) openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) (async) r1 = openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) io_setup(0x9a, &(0x7f0000000100)=0x0) r3 = eventfd(0x7) io_submit(r2, 0x1, &(0x7f0000001440)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0xe8, r1, &(0x7f0000000140)="e251650c", 0x4, 0x7fff, 0x0, 0x1, r3}]) (async) io_submit(r2, 0x1, &(0x7f0000001440)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0xe8, r1, &(0x7f0000000140)="e251650c", 0x4, 0x7fff, 0x0, 0x1, r3}]) socket$inet6_tcp(0xa, 0x1, 0x0) (async) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = socket$alg(0x26, 0x5, 0x0) bind$alg(r5, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes128\x00'}, 0x58) setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, 0x0, 0x0) (async) setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, 0x0, 0x0) getsockopt$inet6_tcp_buf(r4, 0x6, 0x11, 0x0, &(0x7f0000000080)) getsockopt$inet6_IPV6_IPSEC_POLICY(r4, 0x29, 0x22, &(0x7f0000000440)={{{@in6=@remote, @in6=@private2}}, {{@in6=@mcast2}, 0x0, @in=@private}}, &(0x7f00000001c0)=0xfffffffffffffd94) (async) getsockopt$inet6_IPV6_IPSEC_POLICY(r4, 0x29, 0x22, &(0x7f0000000440)={{{@in6=@remote, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in=@private}}, &(0x7f00000001c0)=0xfffffffffffffd94) syz_mount_image$bcachefs(&(0x7f0000005d80), &(0x7f0000005dc0)='./file0\x00', 0x2010044, &(0x7f0000000380)={[{@errors_continue}, {@discard}, {@ratelimit_errors}, {@inodes_use_key_cache}], [{@euid_lt={'euid<', r6}}, {@appraise_type}, {@fowner_eq={'fowner', 0x3d, r6}}]}, 0x1, 0x5d7d, &(0x7f0000005e00)="$eJzs3X2QHOWZGPDumVntSquPlSzMCgmxGNmOuGALFIjlO0cb5+zYjmxkYQEWp5NkWGEdQhL6QCBdwlcOCCYpVUEdBOJEBxS5Sl0luHQJ4U6pkjHgi6+KQib+gyNfRwXnj/iI6ixxRHK8V7vbvTvT2+/07PSsEPbvV6WdfXufed7n6X2np3u0OxsBAADwS+GV39nz7lcu+NwP7h06ddcX/ujWe6Le6uj2njSgL7m94/2qkOm0/IdnGr6z3bX+0dvsujj/jxe+23ffmi8/tOrzP9z8J/MHly4buuo7R66+/74XP/OzFx97Yk3RPOl6unRiHP9FHEVL3z7y2P0v/+n5I9vikfnjvruj+fPjBd+dH2dSrDgdRdFN43U2fvHIqZVbR27v+VZ3w/Z5mSTW+y+3nmSdHdz0jaeO3TL48pGBXSt/cvLKnXdPhMQ9despiuZurr9/VxRFM5N/I9LV1p/eObldG0XRrLr7faqgrktarP+ywHhJcjsjue0tyJN+/eLMuNZiHbXMbXeL92tXZZrzZ2X3X/ZgNF3SPucmt88nt5dOMU81/RdHlTiqjZe/PZ5YI1Hd9y2O4tG13TM+royOo/FxlB3HmXElM652ZfoanTfZsdU4btyexmW2p4fjWrL94vpjdY51ge2Lktue5IH6XjqOsp+M6Z30yUQfUV1dJ87WwgioBB576fbx8pJvRm+yrTdeMOk+wznSr534/pYN77xx4Pm+QB3xc3GSP24r/+DQk8eevf7oov5Q/s2VJH+lrfyvVF89/czJ/tnB/IfS/NW28q//+Y8fvPea/QuD++dEun9qbeVf9vDsg6f2r+seCOU/nObvaSv/VRuXrrrw5L7bg/WvSPfPzLby/+iR5Wc2HnrhaDB/lOaf1Vb+N598ekl10aPHg/mPpfunt6381658fPWXFt/3RHD/v5bmn9NW/g3H79+866mXlgfX59p0//S1lf/06tffOtO35unQsTM+fLafYQF+sXwoOcd6MBm3e51ZVt31wuMDtbFzvtnJvzmdnCgjrrt2AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB2Pbr6399WP/7o/7l9/fH/sHRbLRl316IojqLonerYON0+I4rimVEU7dm7ZffebTtuHvitnft279iyfWDL3oGhHXt33znwt/7mwO6hXdu33Dny1RWXrRy734LRbFG0IL5wUi3Dw8PDURQN1G9L5/u9Lz73/9Y/8Zdfj6IV572+tBbs55P/9a3PLcz5mBEPDq/9F1c+cmDG/5o3tqEvqasvVFdf47a0gt7B1/7ss8+/MVLXh5vV9dir1/3fhoJGN0zkSVS6o8roJ93xrNw6xqueqGd0f9W2bts+tKJ4/8aB/fvxl/7w5L+7Y/0/Hdu/PcE+Wty/I3u1NvzQT+/9+N2fHfr0Ofx9L9rfdS2M1pfuv55kf89N+pob6KsS6Ov2gTdP/LN/+5+euTtaUfvpRZPnLuqrK1kAXfGiluZNZ5gVz2+I7Uni0+94er9P7r111yf33Hngsm23brl56OahHStXXrnq8pWXX7Fq5SdHWx/72LH+0/k/3mL/s5NMs+PFufstuzWd96LRj9UoKTu9qfukUVfUO3ab2c9peLbr3uRrvfGCSbmGc6RfO/H9LRveeePA86FHXvzc2Iwzozljt/GSQOT2zB2r4wXnzX92Hpc7f7dne/qxtcdlUV1F62qkruJ1VV9Rk+PYq5c8+NOnHvjnN7RwvKgLHa0vrXPWyMPl8qjucTt5X+X11cL3ZzBvP9x42e4/vHPbhkNFx/P670z9x4x4cPh/Lom/vG/Pn+0e23BWni/rC2rz+XK86ol6RvdXT/L9OFf3b3dUTfrqza1rXfzUZz5+69FfGa9vxozoji179+6+fOzjB7WvP58xb+G2exZfOKmvK8Y+Fh33L8qMC4/7lfz+io772Xkm4vPzDWTGvVG1reeJ9T//8YP3XrN/YfB54kSrzxO/3TCqlnyeqAQe7w/95bcH3r3ha+8Wraer9yy+a2HOx2x7g8Mv/MGvXv7p6675/NiGs3Icqi+ozePQeNVJPen+Gj0OXXHu9PH+fZ8bHojx4PBF3/nYtWdO3fbVsQ1F+3c8Om//riw+zlcDfd3Q9ZH5j/xk8Uc6t373bPqrSz4xa/Y5tn57kv3bE9i/41Un9VTr9+8nbty5/aax8bl73jamu+D6J33e2XPngVu2bN8+tHtPa321+nyazpPdy+0+n6bPHgsK+kq/XxN9Td8nreyvVh9vaf03ZXK0+3gDSE08L8xo2J49fqav+y2dG63/xAPfezUeGHu+7NTrrek8F2SemNt9vbXoOukjmXHjdVItqut7zOTrpNG7FF0nZecpuk66JDMuvo55MLeT0PevK3nmzXvdNFNvbSRDaH30J/n7k3F6vrn0E9GV1ec/+sV4sLX10er5dDrP38jsoHbPp4vWx7Iov65Or4+PZe5U/P0+lFtZT+D7UfT9XtaQaHi47HV5X6Dq9Lq8N4rbyj849OSxZ68/uiiYf3MlyV9pK/8r1VdPP3Oyf3Yw/6E0f62t/Msenn3w1P513cH8h9P909NW/qs2Ll114cl9twfzr0jrn9lW/h89svzMxkMvHA3mj9L8vW3lv3bl46u/tPi+J4L5X4uTeUYeu1F05NTKrWPjOOpK1n9aR1dDXVF2HI+PZ+T1EVXr4ytpWDJBNY4bt6dxme1pH7Vk+8V1NeZZH9iePmp7kgf2e+k4yn7SfHt6eErrOhF4/jlbKnXnHnnbi16f7JR33u7/vfpx+v//6Rroro19767I7K+i54/s0TvNF3wdNvASRtH5wuT/f5vV1uPvzSefXlJd9Ojx4Ouqx1p9XXVXw2hWweuqZesNHi+OpcfTcsej/lD+19L85Z4PgvmT54OidfbRzLhwnXXlz1e0zrLnKb3RnLb63nD8/s27nnppeXCdrR17wBevs0cbRnMK11m5/5cOrrPn4o7sj2D+tZ05rwmus+S8pmidXZoZl19njeejX05u78jE9yavEE+179OrX3/rTN+ap4Pr7HCr6+z3G0Z9heus3Plt8Ps0fn473efnH+zzz46eH46NK5lx/vlh8t+503V+uC6wfarnh72TPpnoI/ognh8GjjMA0MwPHrrzf9eP0+v/9Lk7vf7/XuZ+Za8rsz8PlerUdWUw/+HOXK8Ez1PHr1em+3prus+zp/d6y3l8IP/468jT/brQ9F5Xug5JxlH2kzGuQwAAeD9c/K+//ev14/T6f/zn3pLf/38pHWfu7zo3kP+sXedO9+skrqNz83fo5yuKXweb7teppvI6wH8+L/2a1wHyeR3g7NYFAMDUbNq6e2hoz64tNw5t2rZj297x7V2jV06Tf071bye3azN5in5+Oi9+VpP4rwbzN9bzqUB8SG30Z16j6Bs3fvOKTTcN3T7V/kPzFfWfF9+s/+z1Raj/VYH4kLL9h+Yr6j8vvln/1wTzN9bz6UB8SNn+Q/MV9Z8X36z/rwXzN9bzq4H4kLL9h+Yr6j8vvln/2d8HC/X/a4H4kLL9h+Yr6j8vvln/1wbzN9bzmUB8SNn+Q/MV9Z8X36z/64L5G+v5O4H4kLL9h+Yr6j8vvln/1wfzN9azOhAfUrb/0HxF/efFN+v/68H8jfUMBuJDyvYfmq+o/7z4Zv1vCOZvrOfvBuJDyvYfmq+o/7z4Zv3fEMzfWM9nA/EhZfsPzVfUf158s/5/I5i/sZ6/F4gPadp/bn2tzVfUf158s/43BvM31vPrgfiQst//0HxF/efFN+v/N4P5G+v5XCA+pGz/ofmK+s+Lb9b/pmD+xno+H4gPKdt/aL6i/vPim/W/OZi/sZ6/H4gPKdt/aL6i/vPim/W/JZi/sZ4vBOJDyvYfmq+o/7z4Zv1/I5i/sZ4vBuJDyvYfmq+o/7z4Zv3fGMzfWM+XAvEhZfsPzVfUf158s/6z73cY6v8fBOJDyvYfmq+o/7z4Zv0PBfM31rMmEB9Stv/QfEX958U3639rMH/++wZk40PK9h+ar6j/vPhm/d8czN9Yz1cC8SFl+w/NV9R/Xnyz/r8ZzN9Yz9WB+JCy/YfmK+o/L75Z/9uC+RvrWRuIDynbf2i+ov7z4pv1/1vB/I31fDUQH1K2/9B8Rf3nxTfr/5Zg/sZ61gXiQ8r2H5qvqP+8+Gb9bw/mb6znmkB8SNn+Q/MV9Z8X36z/W4P5G+v5WiA+pGz/I/P9q5y8Rf3n9dOs/x3B/I31rA/Eh5TtPzRfUf958c363xnM31jPtYH4kLL9h+Yr6j8vvln/u4L5G+u5LhAfUrb/0HxF/efFN+v/tmD+xnquD8SHlO0/NF9R/3nxzfrfHczfWM/XA/EhZfsPzVfUf158s/73BPM31rMhEB9Stv/QfEX958U3639vMH9jPTcE4kPK9h+ar6j/vPhm/e8L5m+s5zcC8SFl+w/NV9R/Xnyz/m8P5m+sZ2MgPqRs/6H5ivrPi2/W//5g/sZ6fjMQH1K2/9B8Rf3nxTfrP/s+kKH+NwXiQ8b737t7aGjTvl03bdk7tGnHzpuG9mzav3vb3r1DyYla2d8rC/9e0Pv8iyw01fD4GFsk23bsGdo9+fg9s+n6rV8T0eivPc0cu40/3FJ89m2v210158p674pqTffXBZnxvOT9aOcF3o82G5+mXTz6yeT3o81OWyt4H9ei41N2/tDxKW4Sn3d8DR3Pip7/pnz8K1zfPU37z27uTn6xrzs+r6X4qMnfd2ttvZb7vdPgen2ttfWafd/1ovWajZ/qeu0tuV6z84fWU6VJfLPzoVbX64ZAfKr19RkH+81bV1P9O4Np2in9ncHMh0na+FsGrT8eyv0eefDxkBRd9HjI/h530eMhGz/Vx8PMko+H7PxFj4e8+GbXx60+Hq4LxIe0vh7KvW9BcD2saG09ZP+OVdF6yMZPdT30lFwP2fmL1kNefLPXC1tdD18LxLeq9fVR7n1Fgutjc2vrI/v3JIrWRzZ+qusjLrk+svMXrY+8+ND/p0RTWB9fDcSnGp4/t+4ZvajftmX7tgOZH8DoS54/3+/nw7PyvPxXv/bn7419SOqoTKqj6HwiztQxP6lkfujvHgbqvvG//Jv13/vZA9+OohXnVZeE654oeeJDRjw4vOCuZc9e/+Hjnx2pv9K0/vHI9O8WF/y942x82k9t+849e39l6859O1r9iavm0vdDqYyPp+n9UJKN1Rbf3yT0+wRTfX+TrkmfnJtafn8TgF8Q8w4/N6d+nL7/X/p81J8c+2YmB8B0e+vn2eXeXy94nn2otfPs5dl+C86zs/Fpv62eZ1dKnmdn5y86z86Lb/Zze62eZ38lED9VjetkZIGMro+hTft37q7/mbjp/ru1na93ev+Ob/n6pvd9G9vVev3T+76Q01//9P4d4Omvf3r/znO7ztr1UvJmkUXvH1l0HRX6vfSpXkfNmPTJucl1FACc+/7J7rf/Zf04vf5PrmLHr/+/lYyrHZ5/uq+jpvu6crrPkz/4778/vddBrgeaTHYOcD0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAkO/3//t//G79uLvWP3r7yu/sefcrF3zuB/cOnbrrC3906z3n//HCd/vuW/Plh1Z9/oeb/2T+4NJlQ1d958jV99/34md+9uJjT6wpnKhv7ObSZNgTRfFfxFG09O0jj93/8p+eP7ItHpk/7rs7mj8/XvDd+XEmw4rTURTdNF5n4xePnFq5deT2nm91N2yfl0mS7Svqrab1NNQZ3VHYER9APck6O7jpG08du2Xw5SMDu1b+5OSVO++eCIl76tZTFM3dXH//riiKZib/RqSrrT+9c3K7NoqiWXX3+1RBXZe0WP9lgfGS5HZGcttbkCf9+sWZca3FOmqZ2+4W79em/1+Z3vyTZPdf9mA0XdI+5ya3zye3l04xTzX9F0eVOKqNl789nlgjUd33LY7i0bXdMz6ujI6j8XGUHceZcSUzrnZl+hqdN9mx1Thu3J7GZbanh+Nasv3i+mN1jnWB7YuS257kgfpeOo6yn4zpnfTJRB9RXV0nztbCCKgEHnvp9vHykm9Gb7KtN14w6T7DOdKvnfj+lg3vvHHg+b5AHfFzcZI/biv/4NCTx569/uii/lD+zZUkf6Wt/K9UXz39zMn+2cH8h9L81bbyr//5jx+895r9C4P750S6f2pt5V/28OyDp/av6x4I5T+c5u9pK/9VG5euuvDkvtuD9a9I98/MtvL/6JHlZzYeeuFoMH+U5p/VVv43n3x6SXXRo8eD+Y+l+6e3rfzXrnx89ZcW3/dEcP+/luaf01b+Dcfv37zrqZeWB9fn2nT/9LWV//Tq198607fm6dCxMz58tp9hAX6xfCg5x3owGbd7nVlW3fXC4wO1sXO+2cm/OZ2cKCOuu3YBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICQncPVffXjt44+dPU3/8em/1aLoygO3Gc4R/q16ozBwYE26lj28OyDp/av607HI3P3t5EHAAAAmGzxmw/cVj9Or8MryTiOeqL+aH88M1qce//0NYLF6Shu3J59DWHmRGRH8lQ6lKfaoTy1DuXp6lCeGR3K092hPD0FeXqi1vLMbJqn0nI9szqUp7dDeWZ3KM+cDuWZ236eWn2eeR2qp69pntbX4fwO5VnQoTwf6lCehR3Kc16H8ny4Q3nO71Ce7GvKU12Hc5LIC0J5Rj+pFuapxdXxL+S9np7Oc2HJeXpbnCf7mv1U55nZ4jyXlJynp8V5PlZynrjFeZZn7leZ4jyVgnnSdXtHqJ901OL6v7NDeQ50KM/BDuX57Q7l+YcdyvOPOpTnrpJ5AEJ+98VL/6B+nF7/p9efcdQXddeuiGYlR5zsqwDp9e5Fox8nP9+FDkhpviWZ7V1F+bIX2Jl8F021vuwLCJl8H2marzbpejUnX60+37IO5QMAAICp+MenDzb819zk6//+qLu2cPz69aOZ+xder2f/IzuR5ru0Q/kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/ppde42RqywfAP6endmZ+S+XLqQtU3rbtP1TCKEXmhpBhUkTSTDCFrHl0pC1wsI2LC10W6BVUwRjm00waPHC7YMFiSFEICFp0DXBgBI/2NgghovrwkrgCxGkN6DomNk9Z/fszA67jNJa/f1CzpnnnOd5n/ccEpLnLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwH++P37/b8+m48G+3vaugY7+EIXKP+MqjyO5l8mVSm0N7OOd59Ze+deXtu5O4krvfLaBhQAAAIAaj5834/R0nMzhyegdhULIZ5eGfJQbU1eMvwMU47ipdfg8Z1FYntn9/xdGpaah+OTopDF1hbiuEMeZuK5ny9br13Z3d278BH9U+lQ/R/V+ohCGPl/MOTGsWrT9mT1R2/BztEzwHE1x3eJNN9y4uGfL1rPW3bD2us7rOtcvW7b8nKXLlp59zrLF167r7lwyfAz5CdYLIZTGvpcJ/kUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMARsO23u7+Vjgf7etu7Bjr6W6IQojo15XEk9zK5UqmtgX28ct+DszIz7t6bxJXe+WwDCwEAAAA1fvX4jPPTcTKHJ6N3FAohn82FTJgxFM8bTc2GUC4n1xdUXT8SewcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI6sfQfb/5yOB/t627sGOvqPi0KI6tSUx5Hcy+RKpbYG9rF62Y/O/8LMO+5N4krvYgPrAAAAALVeOL35jnSczOFNcRyFQiiG+aE5mjGmLvk2cGrVetV5yTqzJ5lX/e2gXt78SeadNsm8MybIuzg+3xoAAADg2HNF6+9Wp+Nk/m+O4yi0hny2GDJxPNEcn3wXmFuVl9RPNN8n9fPq1E809yf11XM/AAAA/C87680nPkzHtfN/MeSzhZH5e6K/p18Un/2dHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACo59cHL/xFOh7s623vGujoz0QhRHVqyuNI7mVypVJbA/tY9Y83dtx+6S1Tk7jSO59tYCEAAACgxqO5T9+SjpM5PBm9o1AI+WxLaA7HDc39r+WmTF33zZmzQwiloYRcLty6dtOmjWcPH5O8L0W7Prfwhr4za/KWDh+P/JMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/qmWP7FyTjgf7etu7Bjr6/y8KIapTUx5Hci+TK5XaGtjHCzvPOHzVXU/1JXGld7GBdQAAAIBas7qf/ks6TubwZPaPQiEUQy7kwvShOD3rVzRVrVfvmwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw36Nny9br13Z3d270ww8//Bj5cbT/ywQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwtP1//vbfT8WBfb3vXQEd/IQohqlNTHkdyL5Mrldoa2Menrppzzuz9m29O4krvYgPrAAAAALXWvLV5fzpO5vBk9o9CIRRDc2gO0+K41tD833okdgsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABxNc0MUyh/TKSuP9q4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAT8KBF1fdl44H+3rbuwY6+k+IQojq1JTHkdzL5Eqltgb2ceXeb3/lxl3PnpHEld75bAMLAQAAADWa33zxq+k4mcOT0TsKhZDPzgr5MCu+0j12gSiTJI77XWC07utjyjKTrttRtePhnRXi7xCFkX2Goc8Oo3V3fWRdMb7a1Dq59wQAAADHsmk7Lv5GOk7m/+Y4jkJryGenpebqG8fUt0x6jr97TN0Jk6776Zi61gnq/g2vBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo0J0rnzslHQ/29bZ3DXT0R1EIUZ2a8jiSe5lcqdTWwD5Knfc9/fDlfTOSuNK72MA6AAAAQK1L3yh8Nx0nc3gy+0ehEIphdjgxzB6a+0Pr2Pok77jS719esfulK0JYMv35Odm6/X6457K3w6HPvvbe8GEoDKFpbFJTCFPiflGdflf/4ZFVz3y4/YEQlkzLzKrfb7TV6KFKVCqfvG3Bw5dP37ui7jIAAABwTCs8eOAn6TiZ/5OJOgqtIZ9dX3f+T/I+1vzf3jNz29T4GH8BqKpoao37NdXp1/vuA20H13z5YGX+f35OYeT/FTh9/tj8dKv0seqbQ1Qqz33itNWHD9x0yfCFpH+mTv81zfNO2vnWzHlJ/0J8/Zow2f6hqn9Px6H5i1qOv2Bs/xBC23j9f3zh4++vuvfdK4b713/fi/80+PmpYcMPCt3JcfhKbf+V9y/fuTX3+pSx/aM6/Rc+++T+x25ddWf185+aHa9/7bFKpWu23Lvv9oW3reg8N9W/qU7/m9teeec7P/vlQ5X+++a2jPRf+BHPP2H/PfN37Nu1/Z41Y99/qbb/beHqszY+uWXdlXdVP39L1cLpN58+1r7/V2dFF23ueXlj9S0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBjW8djHxxKx4N9ve1dAx39TVEIUZ2a8jiSe5lcqdTWwD5+k9nzwUP7i8cncaV3sYF1AAAAgFqXrHj1unSczOHJ7B+FQiiGXMiFlqG5/+RtCx6+fPreFaE1vh+fs90bejadee2GzeuvOdKPAAAAAExg13nvr0jHyfyfjeMotIZ8dkFojuf/lfcv37k19/qUZP4PIQz9uT977bruziVh5DtBT8eh+Ytajr8gycvE50Ilb9HVG7rjzwTJuk89+pml51526Uh+Uzr/7NG8uU+ctvrwgZsuGTdv2Wjeq7Oiizb3vLwxtc/SSN7S0bzefbcvvG1F57nJc0TxuRA/T5K3Z/6Ofbu237MmyWuKzy3xegAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABACCe99/evpePBvt72roGO/pAJIapTUx5Hci+TK5XaGtjHB+c/P3i49YsPJnGldz7bwEIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2QHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoK+/UTGkcVxwH8vd2t2XbTuqmFJlpDir20IBSCxR6kufgHiVoqihaKUYwXFQuiFXuwbTAU9VBQaGkvpRXPSg5F7SEWW0VBrOJBPCnoSSWHpEgqKknmbTbTDomjLaV8PjC8/b3Z+c6bt29ndwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4pj3+47219rqj1j3bnnv9xQsP3nz3FweGp16776Pn96/9eM2F5sjgA29sveeboc+7Bno3DG/5YOyh0ZEzd/155vDRwUVP9Mpcsykr6yHE32IIvT+PHR49++Xamb44c/7Y3Be6uuLqT7piLmHzdAjh6dY4F+4cm+p/Zqbd/2bHgv4bcyH56wqNahrPnObC8XJ9qWfrbO8TT50Yf3bg7Fjf7v5fJ+94Yd/8W2K9bT2FsGqo/fhlIYTl2TYjrbbudHDWbg8hrGg77s5FxnXbEsd/e0G9LmtvyNrGIjlp//pcXVviOGq5tmOJx5VVucL5efn5y9+MrpR0nauy9lTWbvqXOdW0xVCJodYa/nNxfo2Ets8thji7tuutujJbh1Yd8nXM1ZVcXV2Wu67Z82YTW41xYX96X64/3Y5rWf/69nv1Zewo6O/J2nr2Rf0j1SH/Yk7jkhfz1xHaxjVxtRZGgUrBdy/1t4aXfRiNrK8RV19yzN+XkfZNfPbkzt+/f/VUs2Ac8f2Y5cdS+QPDx8bfe+x0T3dR/lAly6+Uyj9X/Wr63cnuzsL8Qym/Wir/kb9+OXjg4T1rCudnIs1PrVT+hrc6907t2dHRV5R/POXXS+Vv2dW79dbJl14uHP/mND/LS+V/9/bGi7sOfXi6MD+k/BWl8n84dnJdteed84X542l+GqXyH+0/su3+W0aOFs7/1yl/Zan8nedHh3af+HRj4frcnuanWSp/etu3P11sDp4sunfG41f7Fxbg+nJT9h/rYFaXfc78r9qeF4701eb+83Vm28r/80Q5se3ZhX/YgWMBAAAAAGH+1l1ZbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKwAAAD//8R6ZmI=") openat$autofs(0xffffff9c, &(0x7f00000002c0), 0x1, 0x0) (async) r7 = openat$autofs(0xffffff9c, &(0x7f00000002c0), 0x1, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r7, 0xc0189372, &(0x7f0000000300)={{0x1, 0x1, 0x18, r1, {0x2}}, './file0\x00'}) openat$vcs(0xffffff9c, &(0x7f0000000080), 0x100, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2) ioctl$VIDIOC_QUERYCTRL(r9, 0xc0445624, &(0x7f00000002c0)={0x48000004, 0x0, "6a3ce4ab8ed6c54797be28dc6b7dcc8d5eba4a0f1dea455e02c75ec18cfcdbf4"}) r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_STATION(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)={0x34, r10, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r11}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_STA_FLAGS2={0xc, 0x43, {0xfffffffe}}]}, 0x34}}, 0x0) openat$mice(0xffffff9c, &(0x7f0000000340), 0x488002) open(&(0x7f0000000000)='./file0\x00', 0x17927f, 0x0) [ 73.128562][ T48] Bluetooth: hci0: command tx timeout [ 73.392525][ T5107] loop0: detected capacity change from 0 to 32768 [ 73.395273][ T5107] ======================================================= [ 73.395273][ T5107] WARNING: The mand mount option has been deprecated and [ 73.395273][ T5107] and is ignored by this kernel. Remove the mand [ 73.395273][ T5107] option from the mount to silence this warning. [ 73.395273][ T5107] ======================================================= [ 73.517981][ T5107] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,compression=lz4,nojournal_transaction_names [ 73.522798][ T5107] bcachefs (loop0): recovering from clean shutdown, journal seq 7 [ 73.525653][ T5107] bcachefs (loop0): Doing compatible version upgrade from 1.7: mi_btree_bitmap to 1.12: rebalance_work_acct_fix [ 73.525653][ T5107] running recovery passes: check_allocations [ 73.544599][ T5107] invalid bkey u64s 11 type alloc_v4 0:14:0 len 0 ver 0: [ 73.544620][ T5107] gen 0 oldest_gen 0 data_type journal [ 73.544627][ T5107] journal_seq 1 [ 73.544640][ T5107] need_discard 1 [ 73.544646][ T5107] need_inc_gen 1 [ 73.544653][ T5107] dirty_sectors 256 [ 73.544659][ T5107] stripe_sectors 0 [ 73.544665][ T5107] cached_sectors 0 [ 73.544670][ T5107] stripe 67108864 [ 73.544677][ T5107] stripe_redundancy 0 [ 73.544683][ T5107] io_time[READ] 1 [ 73.544689][ T5107] io_time[WRITE] 1 [ 73.544695][ T5107] fragmentation 0 [ 73.544701][ T5107] bp_start 8 [ 73.544707][ T5107] [ 73.544713][ T5107] invalid data type (got 2 should be 7): delete?, fixing [ 73.576665][ T5107] bcachefs (loop0): accounting_read... done [ 73.578944][ T5107] bcachefs (loop0): alloc_read... done [ 73.580768][ T5107] bcachefs (loop0): stripes_read... done [ 73.582745][ T5107] bcachefs (loop0): snapshots_read... done [ 73.585038][ T5107] bcachefs (loop0): check_allocations... [ 73.587396][ T5107] btree ptr not marked in member info btree allocated bitmap [ 73.587409][ T5107] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 75277f57b0c8c24 written 32 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0, fixing [ 73.599758][ T5107] btree ptr not marked in member info btree allocated bitmap [ 73.599772][ T5107] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 19bc58a6c09b6540 written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing [ 73.611124][ T5107] btree ptr not marked in member info btree allocated bitmap [ 73.611138][ T5107] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c18f4a4face03c6 written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing [ 73.620887][ T5107] btree ptr not marked in member info btree allocated bitmap [ 73.620900][ T5107] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7675f41d391e5d36 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing [ 73.629982][ T5107] btree ptr not marked in member info btree allocated bitmap [ 73.629995][ T5107] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq bcb9905dfb2993d5 written 16 min_key POS_MIN durability: 1 ptr: 0:32:0 gen 0, fixing [ 73.639780][ T5107] btree ptr not marked in member info btree allocated bitmap [ 73.639793][ T5107] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9a831b4a3f983356 written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing [ 73.650512][ T5107] bucket 0:14 gen 0 has wrong data_type: got free, should be journal, fixing [ 73.653946][ T5107] bucket 0:14 gen 0 data type journal has wrong dirty_sectors: got 0, should be 256, fixing [ 73.660421][ T5107] done [ 73.665025][ T5107] bcachefs (loop0): going read-write [ 73.668108][ T5107] bcachefs (loop0): journal_replay... done [ 73.757647][ T5107] bcachefs (loop0): resume_logged_ops... done [ 73.759879][ T5107] bcachefs (loop0): delete_dead_inodes... done [ 73.769399][ T5107] bcachefs (loop0): Fixed errors, running fsck a second time to verify fs is clean [ 73.772864][ T5107] bcachefs (loop0): resume_logged_ops... done [ 73.775022][ T5107] bcachefs (loop0): delete_dead_inodes... done [ 73.779279][ T5107] bcachefs (loop0): done starting filesystem [ 73.785869][ T5107] bcachefs (loop0): shutting down [ 73.787957][ T5107] bcachefs (loop0): going read-only [ 73.789795][ T5107] bcachefs (loop0): finished waiting for writes to stop [ 73.797821][ T5107] bcachefs (loop0): flushing journal and stopping allocators, journal seq 222 [ 73.801370][ T5107] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 222 [ 73.806992][ T5107] bcachefs (loop0): shutdown complete, journal seq 223 [ 73.810638][ T5107] bcachefs (loop0): marking filesystem clean [ 73.832561][ T5107] bcachefs (loop0): shutdown complete [ 73.837666][ T1028] ================================================================== [ 73.840498][ T1028] BUG: KASAN: slab-use-after-free in percpu_ref_put+0xda/0x250 [ 73.843370][ T1028] Read of size 8 at addr ffff888011c320b0 by task kworker/u4:6/1028 [ 73.846422][ T1028] [ 73.847356][ T1028] CPU: 0 UID: 0 PID: 1028 Comm: kworker/u4:6 Not tainted 6.11.0-syzkaller-11624-ge477dba5442c #0 [ 73.851142][ T1028] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 73.854800][ T1028] Workqueue: loop0 loop_rootcg_workfn [ 73.856905][ T1028] Call Trace: [ 73.858001][ T1028] [ 73.858965][ T1028] dump_stack_lvl+0x241/0x360 [ 73.860580][ T1028] ? __pfx_dump_stack_lvl+0x10/0x10 [ 73.862397][ T1028] ? __pfx__printk+0x10/0x10 [ 73.864101][ T1028] ? _printk+0xd5/0x120 [ 73.865622][ T1028] ? __virt_addr_valid+0x183/0x530 [ 73.867485][ T1028] ? __virt_addr_valid+0x183/0x530 [ 73.869411][ T1028] print_report+0x169/0x550 [ 73.871122][ T1028] ? __virt_addr_valid+0x183/0x530 [ 73.873024][ T1028] ? __virt_addr_valid+0x183/0x530 [ 73.874892][ T1028] ? __virt_addr_valid+0x45f/0x530 [ 73.876832][ T1028] ? __phys_addr+0xba/0x170 [ 73.878520][ T1028] ? percpu_ref_put+0xda/0x250 [ 73.880306][ T1028] kasan_report+0x143/0x180 [ 73.881929][ T1028] ? percpu_ref_put+0xda/0x250 [ 73.883650][ T1028] ? percpu_ref_put+0x1f/0x250 [ 73.885759][ T1028] percpu_ref_put+0xda/0x250 [ 73.887757][ T1028] blk_update_request+0x5e5/0x1160 [ 73.889917][ T1028] blk_mq_end_request+0x3e/0x70 [ 73.891815][ T1028] loop_process_work+0x1c10/0x2170 [ 73.893796][ T1028] ? __pfx_loop_process_work+0x10/0x10 [ 73.895821][ T1028] ? register_lock_class+0x102/0x980 [ 73.897811][ T1028] ? try_to_wake_up+0x5f4/0x1480 [ 73.899669][ T1028] ? do_raw_spin_lock+0x14f/0x370 [ 73.901547][ T1028] ? __pfx_register_lock_class+0x10/0x10 [ 73.903634][ T1028] ? mark_lock+0x9a/0x360 [ 73.905195][ T1028] ? __pfx_lock_acquire+0x10/0x10 [ 73.907039][ T1028] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 73.909183][ T1028] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 73.911423][ T1028] ? process_scheduled_works+0x976/0x1850 [ 73.913421][ T1028] process_scheduled_works+0xa63/0x1850 [ 73.915359][ T1028] ? __pfx_process_scheduled_works+0x10/0x10 [ 73.917512][ T1028] ? assign_work+0x364/0x3d0 [ 73.919137][ T1028] worker_thread+0x870/0xd30 [ 73.920644][ T1028] ? __kthread_parkme+0x169/0x1d0 [ 73.922413][ T1028] ? __pfx_worker_thread+0x10/0x10 [ 73.924076][ T1028] kthread+0x2f0/0x390 [ 73.925350][ T1028] ? __pfx_worker_thread+0x10/0x10 [ 73.926965][ T1028] ? __pfx_kthread+0x10/0x10 [ 73.928470][ T1028] ret_from_fork+0x4b/0x80 [ 73.930089][ T1028] ? __pfx_kthread+0x10/0x10 [ 73.931828][ T1028] ret_from_fork_asm+0x1a/0x30 [ 73.933625][ T1028] [ 73.934775][ T1028] [ 73.935677][ T1028] Allocated by task 5107: [ 73.937303][ T1028] kasan_save_track+0x3f/0x80 [ 73.938944][ T1028] __kasan_kmalloc+0x98/0xb0 [ 73.940710][ T1028] __kmalloc_cache_noprof+0x19c/0x2c0 [ 73.942872][ T1028] __bch2_dev_alloc+0x57/0xa60 [ 73.944594][ T1028] bch2_dev_alloc+0xd4/0x170 [ 73.946362][ T1028] bch2_fs_open+0x2e3f/0x2f80 [ 73.948193][ T1028] bch2_fs_get_tree+0x738/0x1710 [ 73.950127][ T1028] vfs_get_tree+0x90/0x2b0 [ 73.951871][ T1028] do_new_mount+0x2be/0xb40 [ 73.953667][ T1028] __se_sys_mount+0x2d6/0x3c0 [ 73.955413][ T1028] do_syscall_64+0xf3/0x230 [ 73.957109][ T1028] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 73.959361][ T1028] [ 73.960251][ T1028] Freed by task 5107: [ 73.961818][ T1028] kasan_save_track+0x3f/0x80 [ 73.963643][ T1028] kasan_save_free_info+0x40/0x50 [ 73.965580][ T1028] __kasan_slab_free+0x59/0x70 [ 73.967423][ T1028] kfree+0x1a0/0x440 [ 73.968982][ T1028] kobject_put+0x22f/0x480 [ 73.970627][ T1028] bch2_fs_free+0x27b/0x3c0 [ 73.972336][ T1028] deactivate_locked_super+0xc4/0x130 [ 73.974254][ T1028] cleanup_mnt+0x41f/0x4b0 [ 73.975934][ T1028] task_work_run+0x24f/0x310 [ 73.977484][ T1028] syscall_exit_to_user_mode+0x168/0x370 [ 73.979207][ T1028] do_syscall_64+0x100/0x230 [ 73.980954][ T1028] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 73.982891][ T1028] [ 73.983761][ T1028] Last potentially related work creation: [ 73.985740][ T1028] kasan_save_stack+0x3f/0x60 [ 73.987570][ T1028] __kasan_record_aux_stack+0xac/0xc0 [ 73.989715][ T1028] insert_work+0x3e/0x330 [ 73.991400][ T1028] __queue_work+0xc8b/0xf50 [ 73.993175][ T1028] queue_work_on+0x1c2/0x380 [ 73.994956][ T1028] bch2_dev_do_discards+0x17a/0x1f0 [ 73.996753][ T1028] bch2_do_discards+0x29/0x60 [ 73.998483][ T1028] journal_write_done+0x785/0xea0 [ 74.000264][ T1028] process_scheduled_works+0xa63/0x1850 [ 74.002330][ T1028] worker_thread+0x870/0xd30 [ 74.004263][ T1028] kthread+0x2f0/0x390 [ 74.005737][ T1028] ret_from_fork+0x4b/0x80 [ 74.007325][ T1028] ret_from_fork_asm+0x1a/0x30 [ 74.009086][ T1028] [ 74.009992][ T1028] Second to last potentially related work creation: [ 74.012406][ T1028] kasan_save_stack+0x3f/0x60 [ 74.014108][ T1028] __kasan_record_aux_stack+0xac/0xc0 [ 74.016046][ T1028] insert_work+0x3e/0x330 [ 74.017539][ T1028] __queue_work+0xc8b/0xf50 [ 74.019014][ T1028] queue_work_on+0x1c2/0x380 [ 74.020471][ T1028] bch2_dev_do_discards+0x17a/0x1f0 [ 74.022435][ T1028] bch2_do_discards+0x29/0x60 [ 74.024317][ T1028] journal_write_done+0x785/0xea0 [ 74.026267][ T1028] process_scheduled_works+0xa63/0x1850 [ 74.028427][ T1028] worker_thread+0x870/0xd30 [ 74.030212][ T1028] kthread+0x2f0/0x390 [ 74.031792][ T1028] ret_from_fork+0x4b/0x80 [ 74.033470][ T1028] ret_from_fork_asm+0x1a/0x30 [ 74.035325][ T1028] [ 74.036272][ T1028] The buggy address belongs to the object at ffff888011c32000 [ 74.036272][ T1028] which belongs to the cache kmalloc-4k of size 4096 [ 74.041364][ T1028] The buggy address is located 176 bytes inside of [ 74.041364][ T1028] freed 4096-byte region [ffff888011c32000, ffff888011c33000) [ 74.046307][ T1028] [ 74.047235][ T1028] The buggy address belongs to the physical page: [ 74.049668][ T1028] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11c30 [ 74.052874][ T1028] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 74.055955][ T1028] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 74.058822][ T1028] page_type: f5(slab) [ 74.060299][ T1028] raw: 00fff00000000040 ffff88801ac42140 dead000000000100 dead000000000122 [ 74.063316][ T1028] raw: 0000000000000000 0000000000040004 00000001f5000000 0000000000000000 [ 74.066322][ T1028] head: 00fff00000000040 ffff88801ac42140 dead000000000100 dead000000000122 [ 74.069276][ T1028] head: 0000000000000000 0000000000040004 00000001f5000000 0000000000000000 [ 74.072535][ T1028] head: 00fff00000000003 ffffea0000470c01 ffffffffffffffff 0000000000000000 [ 74.075719][ T1028] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 74.078994][ T1028] page dumped because: kasan: bad access detected [ 74.081470][ T1028] page_owner tracks the page as allocated [ 74.083621][ T1028] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4785, tgid 4785 (mtd_probe), ts 37005287220, free_ts 36999821051 [ 74.091151][ T1028] post_alloc_hook+0x1f3/0x230 [ 74.093037][ T1028] get_page_from_freelist+0x3045/0x3190 [ 74.095197][ T1028] __alloc_pages_noprof+0x256/0x6c0 [ 74.097256][ T1028] alloc_pages_mpol_noprof+0x3e8/0x680 [ 74.099384][ T1028] alloc_slab_page+0x6a/0x120 [ 74.101240][ T1028] allocate_slab+0x5a/0x2f0 [ 74.103014][ T1028] ___slab_alloc+0xcd1/0x14b0 [ 74.104865][ T1028] __slab_alloc+0x58/0xa0 [ 74.106643][ T1028] __kmalloc_noprof+0x25a/0x400 [ 74.108607][ T1028] tomoyo_realpath_from_path+0xcf/0x5e0 [ 74.110769][ T1028] tomoyo_check_open_permission+0x255/0x500 [ 74.113033][ T1028] security_file_open+0x777/0x990 [ 74.114964][ T1028] do_dentry_open+0x369/0x1460 [ 74.116831][ T1028] vfs_open+0x3e/0x330 [ 74.118494][ T1028] path_openat+0x2c84/0x3590 [ 74.119964][ T1028] do_filp_open+0x235/0x490 [ 74.121522][ T1028] page last free pid 4596 tgid 4596 stack trace: [ 74.123546][ T1028] free_unref_page+0xcfb/0xf20 [ 74.125373][ T1028] __put_partials+0xeb/0x130 [ 74.127151][ T1028] put_cpu_partial+0x17c/0x250 [ 74.129064][ T1028] __slab_free+0x2ea/0x3d0 [ 74.130783][ T1028] qlist_free_all+0x9a/0x140 [ 74.132596][ T1028] kasan_quarantine_reduce+0x14f/0x170 [ 74.134690][ T1028] __kasan_slab_alloc+0x23/0x80 [ 74.136498][ T1028] __kmalloc_noprof+0x1a6/0x400 [ 74.138291][ T1028] tomoyo_realpath_from_path+0xcf/0x5e0 [ 74.140230][ T1028] tomoyo_path2_perm+0x3eb/0xbb0 [ 74.141997][ T1028] tomoyo_path_rename+0x198/0x1e0 [ 74.143791][ T1028] security_path_rename+0x266/0x4e0 [ 74.145531][ T1028] do_renameat2+0x94a/0x13f0 [ 74.147004][ T1028] __x64_sys_rename+0x82/0x90 [ 74.148526][ T1028] do_syscall_64+0xf3/0x230 [ 74.149949][ T1028] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 74.152269][ T1028] [ 74.153264][ T1028] Memory state around the buggy address: [ 74.155421][ T1028] ffff888011c31f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 74.158359][ T1028] ffff888011c32000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 74.161162][ T1028] >ffff888011c32080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 74.163917][ T1028] ^ [ 74.166124][ T1028] ffff888011c32100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 74.169317][ T1028] ffff888011c32180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 74.172467][ T1028] ================================================================== [ 74.249596][ T1028] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 74.252450][ T1028] CPU: 0 UID: 0 PID: 1028 Comm: kworker/u4:6 Not tainted 6.11.0-syzkaller-11624-ge477dba5442c #0 [ 74.256314][ T1028] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 74.260524][ T1028] Workqueue: loop0 loop_rootcg_workfn [ 74.262508][ T1028] Call Trace: [ 74.263769][ T1028] [ 74.264908][ T1028] dump_stack_lvl+0x241/0x360 [ 74.266671][ T1028] ? __pfx_dump_stack_lvl+0x10/0x10 [ 74.268595][ T1028] ? __pfx__printk+0x10/0x10 [ 74.270424][ T1028] ? preempt_schedule+0xe1/0xf0 [ 74.272338][ T1028] ? vscnprintf+0x5d/0x90 [ 74.273954][ T1028] panic+0x349/0x880 [ 74.275502][ T1028] ? check_panic_on_warn+0x21/0xb0 [ 74.277516][ T1028] ? __pfx_panic+0x10/0x10 [ 74.279108][ T1028] ? _raw_spin_unlock_irqrestore+0x130/0x140 [ 74.281293][ T1028] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 74.283657][ T1028] ? print_report+0x502/0x550 [ 74.285533][ T1028] check_panic_on_warn+0x86/0xb0 [ 74.287391][ T1028] ? percpu_ref_put+0xda/0x250 [ 74.289242][ T1028] end_report+0x77/0x160 [ 74.290717][ T1028] kasan_report+0x154/0x180 [ 74.292350][ T1028] ? percpu_ref_put+0xda/0x250 [ 74.294108][ T1028] ? percpu_ref_put+0x1f/0x250 [ 74.295869][ T1028] percpu_ref_put+0xda/0x250 [ 74.297522][ T1028] blk_update_request+0x5e5/0x1160 [ 74.299387][ T1028] blk_mq_end_request+0x3e/0x70 [ 74.301125][ T1028] loop_process_work+0x1c10/0x2170 [ 74.302763][ T1028] ? __pfx_loop_process_work+0x10/0x10 [ 74.304571][ T1028] ? register_lock_class+0x102/0x980 [ 74.306506][ T1028] ? try_to_wake_up+0x5f4/0x1480 [ 74.308320][ T1028] ? do_raw_spin_lock+0x14f/0x370 [ 74.310195][ T1028] ? __pfx_register_lock_class+0x10/0x10 [ 74.312376][ T1028] ? mark_lock+0x9a/0x360 [ 74.314057][ T1028] ? __pfx_lock_acquire+0x10/0x10 [ 74.316241][ T1028] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 74.318491][ T1028] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 74.320917][ T1028] ? process_scheduled_works+0x976/0x1850 [ 74.323128][ T1028] process_scheduled_works+0xa63/0x1850 [ 74.325209][ T1028] ? __pfx_process_scheduled_works+0x10/0x10 [ 74.327467][ T1028] ? assign_work+0x364/0x3d0 [ 74.329224][ T1028] worker_thread+0x870/0xd30 [ 74.331081][ T1028] ? __kthread_parkme+0x169/0x1d0 [ 74.332999][ T1028] ? __pfx_worker_thread+0x10/0x10 [ 74.335021][ T1028] kthread+0x2f0/0x390 [ 74.336628][ T1028] ? __pfx_worker_thread+0x10/0x10 [ 74.338502][ T1028] ? __pfx_kthread+0x10/0x10 [ 74.339903][ T1028] ret_from_fork+0x4b/0x80 [ 74.341358][ T1028] ? __pfx_kthread+0x10/0x10 [ 74.342744][ T1028] ret_from_fork_asm+0x1a/0x30 [ 74.344475][ T1028] [ 74.345827][ T1028] Kernel Offset: disabled [ 74.347446][ T1028] Rebooting in 86400 seconds..