program: r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x181080, 0x0) keyctl$dh_compute(0x17, &(0x7f0000001340), 0x0, 0x0, 0x0) ioctl$IOMMU_DESTROY$stdev(r0, 0x3b80, &(0x7f00000000c0)={0x8}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) r4 = socket$alg(0x26, 0x5, 0x0) setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000180)="61921a47ccb2538d419ff247e2b6ce5c18439cc98c869b18a262a7b52927a73c12660ad0ee781660bb77f8ac69cae38fc6823f6b717b8dc538125a537db40ccaf0c4ef1ea29f961efe05bba059bae0bbf5e01060de3143415c99e11e123d9b73ce3271818c555b9cd55c8fb68727936764c5b32a110088529dd6b2f2081a", 0x7e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="0000000000000000000000f97d36991a000000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r6}, 0x10) add_key(&(0x7f0000000040)='asymmetric\x00', 0x0, &(0x7f0000000300)="303e3002a0001f14000000d190c937dc6914243b0402d6dcb70ad80851956fe6727ae888746b02cee670a5882a0ad79716584e6b04b7f62edac751478af9c62f", 0x40, 0xfffffffffffffffc) syz_mount_image$bcachefs(&(0x7f0000005b00), &(0x7f0000005b40)='./file2\x00', 0x0, &(0x7f00000003c0)={[{@metadata_checksum={'metadata_checksum', 0x3d, 'none'}}, {@data_checksum={'data_checksum', 0x3d, 'xxhash'}}, {@metadata_checksum={'metadata_checksum', 0x3d, 'crc64'}}, {@str_hash={'str_hash', 0x3d, 'crc32c'}}, {@version_upgrade={'version_upgrade', 0x3d, 'none'}}], [{@subj_type={'subj_type', 0x3d, '/(/{'}}, {@obj_user={'obj_user', 0x3d, '\x00'}}, {@smackfshat={'smackfshat', 0x3d, 'crc32c'}}]}, 0x1, 0x5b2b, &(0x7f000000b6c0)="$eJzs3Q+MHNX9GPCZ3Tvfnc82ZwjgmD8+wLiGBjhjUsAiykEVIE1MCCQmCQTbwWdzxH/AZ8fghNgghUSEUkutEhopCKFEokKItKhp/jQyUQlRQ6NYSqlJ25QIEjW0Io4IJP5hFP90tzN7u3PzdvZ294wNn4/gZmf27fe975t3czNvx7sRAAAA7wrPfmXsr9cs/NAv7h15Y9fVP9p0T9RfntjemxYYSJZ3vl0t5Ejq6VowscyOiz3Ds5794AMffeHbn/3uSy/PX7rsO7ddeeiOOSvvv3/41xcf+uXf7y6Km46ncybX41fjKDrtV0u/cd/Pnjt5fFscRVE5HtgdRfPj0k/nx5kQQ29GUbQuWTkh8+RTbyxfP77c/fWeuu3HZcoZ7+9uvck4++pPtpz6x/OvfGHvb654Y6j3za27J4vEvTXjKYrmral9fXcURX3R5NBMR9uC9MXJ8tooioZrXndJQbvObLL95wXWFybLWcmyvyBO+vwZmfXuJtvRlVn2Nvm6VpVmOH4q3X9zZrj+7MEtW8/8ZPn9ZHnONOOX0//jqBRHXdXqNsaTYySq2W9xFE/s+8n1Ut1YiDNjI46iOLNeyqyXuzN5TdSbDLRyHNdvT8tltg8m27uS7WcUjLXrA9vfm+ab/KIezOSfDdo/5UE1rwlpu37XoC1HQilznKnd3lPT3t5kZ/Qnz/XHx095zeEc6XOrXn7wyZd2Prx4INCO+HtxEj+eqHO68Z/fdOn+JTt/e2BBKP6aUhK/1FL8sfNfe+KV635+cjD+njR+uaX4L1605Js/3rXjYLB//pz2T1dL8csrzj207N6hVcH2P5LG720p/qNXPP6tee9/5olg+4fS/ulrrX9Gt79142MnHgjGj9L4s1uKf/nrJ529YsvjG4Lxn077p7+l+M+Nja6879ZFOwZD8fel8ee2FP/M39904979Iy8G2z+c9s9AS/E/sPjya1ce2PxA6NgZ7z5Sf2EB3plOSM6xvpast3qd2a6a64WHBuLKeeCc5P+5nawoY7yeecnjrhmsBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB3l0cH1o38/Yenv9WVrPckD04vV5bp9llRFPdFUTS2be3WbaObNwzetmX71s1rNw6u3TY4snnb1rsGL3rf4NaR2zeuvWv82aHzllded3wUV5bxaVPqPnz48OHSQP22tL7PX/yvnxo8ff//jKKhE399elew/R+7e+E/n5/zMyMePrzxX5198ytz/uv2yoaBpF0DgXZFgXZd9tirK/74o75/GUVDJzVq1/9detXP6ho0sWEyTqLUE5UmHvTEs3PbUW110p60v7rWj24cGSru33Igjz8c/A+f3DF2y+5K//YG82iyf/uGD/9t8w+evuWynddWNhyt+72ov9Ms0val/deb9Pe8JK95gby6Anndd/YZ/+d//NtNr+6Ohrr+smhq3UV5dScDoDt+b1P1pjXMjuv7pDcpn+7x9HUXbNt0+wVjd+08b3TT2g0jG0Y2L1++/JKLll948YX/7IKJ1Cs/O5Z/Wv8/aTL/IzOetlw8PJr+bG48FbWrqD/G21XcH7UtCv3+vecTV/2ve/7jnusqG4rGeVq6ejxJlrPHd/OyqGa8Te2rvLyK+qE70A8bru//d68PbvmHouNQ7Z6p/ZkRDx/+y+h/++CcvWfdXNlwRI7ztQ1q8ThfbXXSnu7a486yo7d/e6Jykld/brvOuve1T/33H8aD1fbNmhXduXbbtq3LKj+PUF7vuf5Lnc3rkiX//46da+6ZPyWvCys/5yQtnROfktuu7NY0r0UTP8tR0i3pIuot5efXHVXal/27kL4u26v9yXP98fG5eWWlz616+cEnX9r58OJQT8ffq9TYF82tLONTAyU3Zl5YrjY4r/6i8RFF0ZrabWk/Pv2DfzO49xfzNxWOj8rImPIzm97w4S9fOucPYzfsW1nZcGSOKzUNavG4Um31ZHsm+mviuHLh0ZPH27ef636x4uHDe09934bl/3lb8mtf1L/V0nn9uzyKio4DizLrM3UcyNYzWT4/3mBmvT8qt3TcePGiJd/88a4dB4PHjT83e9z4Ut1auc3jRhwYT/u//O//9sX9z3+4c8eNDy8pf+Z/L1qedOjR8vvWm4zr3sC4rrY6aU9cO67Pv2XLxnWV7Ufv+W+yLLj+Sf9+j9218/NrN24c2TrWXF7Nnpek9WR7udXzkvS37/iCvNL9NZnXzD1opr+a/X1L278u218t/r5Bnv4obunv2fObLt2/ZOdvDwwE4sZrSkn8Ukvxx85/7YlXrvv5ycH4e9L4XS3FL68499Cye4dWBeM/Eifxe1uK/+gVj39r3vufeSIYfyhtf19r5xOj29+68bETw/0fpfH7W4r/3NjoyvtuXbQjGH9fnNQzfm4XRU+9sXx9ZT2OupPjcNqO7rp2Rdn1OLNeyqyXa9dLlTn4agXlOK7fnpZLtp9R05Y8NwS2p2ePvQsqy4PpepR90Hj70aZUc06Qt73o/BoA3knS9//Tc430/f9FyR/Emvf/K8t4Vt3rFyTnUwsmN01c590zWPlDOt15vbQd2Xm9NP7Ss+pjtDqvVzQvd2ZmPW3XoqRX0vY0OG+YEzUxLze1nsbzcpn0i+fNBr+W2dA1MbcX2m/dyUxF3vvMmfbOGY/Q7nn2gvxWV8+zQ+MuO9+Rvk8fNznusvdFpPs3e19EGn9hZgKt1fsi2h136bRGg3E3kVnxfOrUcRE16NfJcZEfLTsupjGOBirjaGbflzr2r/dndv7dfEIgfvJ35Gi/3k+3p8eHribnAVYFtndqHiA9XKTt+l2DthwJ5gEAYPL6Pz2nGL/+H/9bPZg5zy+6bsleZaTxgvexlPPbU3T9O/V+ttktnfdd/vpJZ6/Y8viG4Hnx083el3J73drsgvtSivpxcWa9sB8Dt4IUzTssyZTvj+a21I9n/v6mG/fuH3kx2I/DlROp4n7cU7c2t81+XJpZL+zH7vxWFfVjtp6i8XtOZr0/uSNouv3+gcWXX7vywOYHgv2+u9l+f6RubaCg312nB+If69fp342S+Mf2dfpMz0e+bfMAybz1TM0DXB/YPt15gP4pD6p5TTjm5gECfxcA4FiWXv9X75dPrv//S6Zcu9eHwfO24c7czxo8b6u+/9TeeXmw/dXz8vaui4Lxq9dF7V23BPunet3S3nVXMH71uqu9eZpg/zyd9k975/2hfy6Qnvcf+9dFMzvP4LooWY+yDypcFwEAcDRIr//T09X0/v9nkvXsufHMX+fO9HXoTF9Hz/Q8w0zPkxzr17nH+jzDTM+zvV3zALOS580D1D+o5jXBPAAAAJ30oWR5c5PluybuIY6iz91y64Wr1418YfX6rSMjY7evvWVk9ejm0W3Vct0TV15T75MO1Vd0n3Re+dkNyq8Oxq9vz5WB8iHt5h+qryj/vPKN8l8TjF/fnqsC5UPazT9UX1H+eeUb5b82GL++PVcHyoe0m3+ovqL888o3yv9zwfj17flwoHxIu/mH6ivKP698o/xvCcavb8+/CJQPaTf/UH1F+eeVb5R/9vMyQ/l/JFA+pN38Q/UV5Z9XvlH+I8H49e35aKB8SLv5h+oryj+vfKP81wfj17dnZaB8SLv5h+oryj+vfKP8NwTj17fnmkD5kHbzD9VXlH9e+Ub53xqMX9+ejwXKh7Sbf6i+ovzzyjfKfzQYv7491wbKh7Sbf6i+ovzzytfl31f//G3B+PXt+XigfEi7+YfqK8o/r3yj/f/5YPz69lwXKB/Sbv6h+oryzyvfKP+Nwfj17bk+UD6k3fxD9RXln1e+Uf6bgvHr2/OJQPmQdvMP1VeUf175RvlvDsavb88nA+VD2s0/VF9R/nnlG+W/JRi/vj2rAuVDMvnHye0RTecfqq8o/7zyjfK/PRi/vj03BMqHtLv/Q/UV5Z9XvlH+dwTj17fnU4HyIXn5p295NpN/qL6i/PPKN8p/azB+fXs+HSgf0u7+D9VXlH9e+Ub5jwXj17fnM4HyIe3mH6qvKP+88o3y3xaMX9+eGwPlQ9rNP1RfUf555Rvlvz0Yv749NwXKh7Sbf6i+ovzzyjfK/wvB+PXt+WygfEi7+YfqK8o/r3yj/HcE49e35+ZA+ZB28w/VV5R/XvlG+d8ZjF/fntWB8iHV/LdtHRlZvf32dWu3jazevGXdyNjqHVtHt20bSU7U2r0vMXhfWXJfYnfU1TD/hZn145LPBzou8PlA2fJp2FMmHkz9fKBstV0Fn5NTtL+y9Rd9zlBe+bzxFtq/RceDZsdDVt3vR2WQjG4eG9k69fjd17A/asdENHHbXGWCozc+qany2Y/rDFRTqPl8ehvmk93ck9wI2BOf2FT5KPB9cNPVfD5xMJ+8dkz3e+zSsNP6HrvMjylyPqO1Lt/1YxMH6dG1G0d3jkxt/+yjoP1vTz+WprSjaP/HmXbMT1oyP/R9b4F27/j+/3v0T3/6Tx+JoqETy6e21X/x8OE1B0/63K8u67lgvP2lhu2vlky/V7ng+w+z5dN8ujZuGdv2T9dv2b45/x209H7nUnV9hu53TvIsN3n/cuh+j+nevxxPeXB0avb+ZQAAgHeL9N//p9erC5J/gzo/M0XQ/Dxwe/8+OjgPvK+5eeDsbETRPHC2fJp2s/PA/W3OA2frD83TlhqUb/S+S7PzwJ8JlJ+u5sdJe58DEBwnSU8VjZPsv8MvGifZ8tMdJ31tjpNs/UXjJK98o/enmx0nNwTKhzQ/Htr73IngeBhqbjxkv1ezaDxky093PPS2OR6y9ReNh7zyje7XaXY8fCJQvlnNj4/2PhcmOD7WNDc+st+XUjQ+suWnOz7iNsdHtv6i8ZFXvtH9jM2Oj48Hyqea3//tfW5PcP/vaW7/Z7+3pWj/Z8tPd/+X2tz/2fqL9n9e+Ub3cze7/68JlE/V7//xHT+x30dW79iytfYe6Cb3/6zQ/i/63paQ5ts3s99b06rm2z+zn/s08+2f2c+Vmvn2t3fdFGz/vvbe6Wq+/TP7/cGtOmLvxyYfNlX0+VNF79N+OrB9uu/Tzpry4OjkfVoAAACYeen7/+nX8aefD//1ZBn4mv6WHfvf7z2z81zH/ufvz+w8pvm8BpUdBcznAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdEZP14KJ5bNfGfvrNQs/9It7R97YdfWPNt2zZ3jWsx984KMvfPuz333p5flLl33ntisP3TFn5f33D//64kO//PvdhYEHKotzktXeKIpfjaPotF8t/cZ9P3vu5PFtcRRF5XhgdxTNj0s/nR9nIgy9GUXRumo765986o3l68eXu7/eU7f9uEyQbF5RfzltT107ozsLM+IY1JuMs6/+ZMupfzz/yhf2/uaKN4Z639y6e7JI3FsznqJo3pra13dHUdSX/D8uHW0L0hcny2ujKJpd87pLCtp1ZpPtPy+wvjBZzkqW/QVx0ufPyKx3N9mOrsyyt8nXtao0w/FT6f6bM8P1Zw9u2XrmJ8vvJ8tzphm/nP4fR6U46qpWtzGeHCNRzX6Lo3hi30+ul+rGQpwZG3EUxZn1Uma93J3Ja6LeZKCV47h+e1ous30w2d6VbD+jYKxdH9j+3jTf5Bf1YCb/bND+KQ+qeU1I2/W7Bm05Eko1x6C87Wl7e5Od0Z9s64+Pn/KawznS51a9/OCTL+18ePFAoB3x9+IkftxS/Oc3Xbp/yc7fHlgQir+mlMQvtRR/7PzXnnjlup+fHIy/J41fbin+ixct+eaPd+04GOyfP6f909VS/PKKcw8tu3doVbD9j6Txe1uK/+gVj39r3vufeSLY/qG0f/pa65/R7W/d+NiJB4LxozT+7JbiX/76SWev2PL4hmD8p9P+6W8p/nNjoyvvu3XRjsFQ/H1p/LktxT/z9zfduHf/yIvB9g+n/TPQUvwPLL782pUHNj8QOnbGu4/UX1iAd6YTknOsryXrrV5ntqvmeuGhgbhyzjcn+X9uJyvKGK9n3gzGBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgnWnkqod2XbVv9dVdcRTFgTKHc6TPlWcNDw+2UG95xbmHlt07tKp224IW4gAAAADF0uvwUnVLb7Qg2hH3Rafklk/nCE5J1+L67dk5hL7Jkh2JU+pQnHKH4nR1KE53h+LM6lCcng7F6S2I0xs1F6evYZxS0+2Z3aE4/R2KM6dDceZ2KM68wjj1M4ChOMd1qD0DDeM0Pw7ndyjO8R2Kc0KH4rynQ3FO7FCckzoU5+QOxcnOKU93HM5NSi4MxZl4UC6M0xWXq0/kzaen9ZyWeV1pmvX0N1lPds5+uvX0NVnPWW3W09tkPUvarCdusp5z2qynVFBPOm7vzLYvrSdda3L839WhODs7FOeLHYrzpQ7FubtDcb7coTi72owD0Kz0+n/yunEg6um6LJqdHHGyswDp9e6iyqunHI96sxfoiTTeqZnts4riZS/UM/EWdbh9Z2a2d9fF66qeNzWIN1Abb3HmycJ8sxMKmfYtnW687MQCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMygkase2nXVvtVXR3E0/l+uwznS58qzhocHW6h31csPPvnSzocX127r6WohEAAAAFAovQ7vrm7pjXq6LvhHdu0vRq6qDAD4uTuzM8O24NRAHUihI6UrRqSli/InNVz0YZYYlABGA6a7pQzrhu0ustsUVmStD8QHDSSauPpkeMIQHtSgqCTLg8agJGyi2ERQXiSKBkiAhJqYjNmde+dfZ3bWEW3B3+/h3HvP+c757pltmnxnJuSiXFtcITkHKCTPmWL9GpWH1q8j0bYN47NJ/J6Fw3ftmb938cPThw9OVaeqs2NjY1dePrbvin0f3XPH9Ex1b70N+T7rDSfrzd+7eOfBmZnq3fP15873LiXzSs2uybXmWPLe7+2TJ0rim3n+ezf9/1oAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBqVSvLS5XVifGRKISoR0yti3Qsk4vj8gB5r31z++6r5x6dau3LZwdYCAAAAOgrrcOHGz2FkM9mQiacu/50YTO0GEKz7gcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP7/VCvLS5XVifEtUQhRj5haF+lYJhfH5QHy/mZ++voHvrDzaGtfaYB1AAAAgP7SOnyo0VMIpbArDEfntsWlZwPndczvjEvXOX+TcZ1nB73idm0ybnSTcR/sE/ep5HpPAAAAgHe+tP7PNnqKIZ89s2f936+uT+N2dsRlkusgvxUAAAAA/jNp/Z9r9JRCPltq1Oubrfcv7IhL5/f73j6d3+97+zTu4h55Or/PBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABOX9XK8lJldWI8E4UQ9YipdZGOZXJxXB4g74uXj37750tHT7T25bMDLAQAAAD0ldbhzdK7EPLZkTActqzX/VeO/v2Li5PHtg0Xk+FcLtxzcGHh7n31No3b9dXXP/e7n0blk+Iuq7enZHMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDbqlpZXqqsToyfEYUQ9YipdZGOZXJxXB4g74vTR/556yPnvNbaVxpgHQAAAKC/tA5v1v6FUAq5kAvb159aa/01nWcEvc4MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHeP+XsX7zw4M1O9240bN24aN6f6fyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB0Ua0sL1VWJ8YLUQhRj5haF+lYJhfH5QHyPvzxR7971kd+8VhrX2mAdQAAAID+0jq8WfsXQikMh+FwzvpTtzOB9fq/+D98SQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4LRQrSwvVVYnxs+MQoh6xNS6SMcyuTguD5D3wj9//taV49UXW/vy2QEWAgAAAPpK6/Bco6cQ8tnLQj7sSJ5n2idEmeTa/VygOe+utmkjm553X9u8zKbnfa1jZ9lkN/V5hXS9Yv3amFc+eV45hFBK5pWaA5Nt88JDbbPO3PR7fq9tXrHPvAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACnoWpleamyOjEeRSFEPWJqXaRjmVwclwfI+9zhq46PLv7xtda+0gDrAAAAAP2ldXiz9i+EUjg/nBXOX6/7Q7E9Po3b/8grV//1Z2d8I4S92397Qbbn+n+5uPLLziaEofagoRDek+SLeuQ7+uO/Pfzqqz/5ZAh7z8ns+HfztS8Z1yZPbL/t2f35PRt8MAAAAPAuktb/w42eYshnZ3vW/2nlvXH93zxNWC/A586+6b5tSZtU5B0zhopJvqEe+e684ps/Kl9w/A9r9f9G5w2f/vJ5n9gW5q6Ip9O23tP5gnFt5sHdB17e+vSRdNf1/JmO/Onn8tKJH37m6Pyhr9TzF0Ih6T8v2y3/yW2HM+LaW7NPPHVo/+IN7fmzPfb/wO73/+n33zn8ylr+N3aONPJ/YIP9b5z/7Jsrzx97/KEb2/MP98g/ddOW779ZnvtH5/5HOhZOPvn6H7zlr9AhimtvTD9zzdaVXQfa84cQJlsD08//qSe+VV759bbDaf70tyIX7+rI3/JPrbXtOHOK4trKjkumxp5c2NKeP+rIn+7/+P0/eOtLx5+7rnP/t3fuv2f+zv1fN5q55YWdY4P8eAYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4B2gWlleqqxOjIdMCFGPmFoX6VgmF8flAfJ+7KJrb7j+tdmvt/blswMsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALxtqpXlpcrqxPhQFELUI6bWRTqWycVxeYC885e+/tjLN/7qfa19pQHWAQAAAPpL6/Bm7V8IpZALuTCyXvdPnth+27P783tCsT4aJdfszNz8wofumDsye/spenMAAABgs9L6P9voKYZ89qIwnNT/KzsumRp7cmFLWv+HECbXmsId0zPVsdA4J7huNHPLCzvHyo1zgta4Sw/NzSTHBOm691+19aX5z65e33Xdfc24N6afuWbryq4Dadxwcl2Pu6wZN/Pg7gMvb336SBo3lJ5TrMXtbca9NfvEU4f2L96Qjmda12uJO/vmyvPHHn/oxsY6yXUkyQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMC/2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsJ+HYVYVcRxAJ65d1ev3nXbLcpNilRMNEhWKiohWoWkhzakwBcLfMjKyKSWMIRwE7IwCZ8qgiKiIBApCHoowoIySKIgQnsIQ3uoh9iINsSNit2d2b179LTbqVWQ74PDOHPu+c3/zBnP3gsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwfs1t6xlrDz898Pudi277fPeW4V23v7/tqf19cw7fuu+OY6/c++aJk90rVr/x0PqRRzv69+7t+/rGkS/+fHLa4CfGm5Wp2wgh/hxDuPLLFS/s+fTIwtGxGEKox67BELpj7ePuWEjoPR1CuG+izqkn3x2+7v7RdvC5uVPGLyqEFO8rNOu5nnFdU+vlwtJI++yZD7df8eOq9ccOfbtuuLdx+rHByY/ERst+CqFzc+v17SGEeekYlXdbT744tRtCCPNbrrtpmrqWzrD+a0v6i1I7J7XNaXLy+SWFfvsM62grtI0ZXldVbZbzs/z8OmZ5/uLLrThPd2rfS+3Kf5lfz0cMtRjaJqZ7OE7ukdDy3GKIY89+sl+bshdiYW/EEGKhXyv06+2F+xqbN220eoxTx/PnCuOL03hbGl8yzV67u2T88ny/6T/qqcL9F0ObZ/xj4r7G5Lq+/4dazoVayzvobOO53kZ6GM001owXn3HNX2eRz208+fzbJ3a+uqyrpI74Tkz5sVL+N9tuPrp853dDPWX5m2spv1Ypf2DVrwd/uuuzhaX5+3N+vVL+8euXv/jBrh2nStfnl7w+bZXy62uuGVm9u3djaf2v5fxGpfzX1x14ufOGTw6W1t+b12detfXZ+vgfm966dKg0P+T8+ZXy1/522dVrth94oDT/o7w+zUr5Rwa29u958Kodi8vyv8r5CyrlL/3hnk2Hjm45Xlp/X16frkr5tyxbu6F/6JF9Ze/OOHiu/sICXJguSd+xnk39qr8z/6uW3wsvdcXx73wd6Vjwf05UMDpP5yzmAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA3O3BAAgAAACDo/+t2BAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8FQAAAD//8kCV50=") r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff) r9 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="0100000000000000000007000000080001006e00000008000300", @ANYRES32=r10, @ANYBLOB="0c0099000000000000000000050053000100000014000400776c616e310000000000000000000000140006"], 0x60}}, 0x0) r11 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r11, 0x84, 0x6b, &(0x7f0000000240)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}], 0x10) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r11, 0x84, 0x6f, &(0x7f0000000780)={0x0, 0x1c, &(0x7f0000000280)=[@in6={0xa, 0x4e1c, 0x3, @ipv4={'\x00', '\xff\xff', @loopback}, 0x8}]}, &(0x7f0000000000)=0x10) shutdown(r11, 0x1) setsockopt$inet_sctp_SCTP_ASSOCINFO(r11, 0x84, 0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x90}, 0x14) [ 70.868317][ T5095] Bluetooth: hci0: command tx timeout [ 72.355280][ T5110] loop0: detected capacity change from 0 to 32768 [ 72.583884][ T5110] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=crc64,data_checksum=xxhash,str_hash=crc32c,nojournal_transaction_names,version_upgrade=none [ 72.590828][ T5110] bcachefs (loop0): recovering from clean shutdown, journal seq 8 [ 72.593893][ T5110] bcachefs (loop0): Version upgrade required: [ 72.593893][ T5110] Version upgrade from 0.19: freespace to 1.7: mi_btree_bitmap incomplete [ 72.593893][ T5110] Doing incompatible version upgrade from 0.19: freespace to 1.12: rebalance_work_acct_fix [ 72.593893][ T5110] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_subvolume_structure,check_directory_structure,check_nlinks,delete_dead_inodes,set_fs_needs_rebalance [ 72.627793][ T5110] bcachefs (loop0): insufficient writeable journal devices available: have 0, need 1 [ 72.627793][ T5110] rw journal devs: loop0 [ 72.654115][ T5110] bcachefs (loop0): accounting_read... done [ 72.656840][ T5110] bcachefs (loop0): alloc_read... done [ 72.659297][ T5110] bcachefs (loop0): stripes_read... done [ 72.661381][ T5110] bcachefs (loop0): snapshots_read... done [ 72.664197][ T5110] bcachefs (loop0): check_allocations... [ 72.675958][ T5110] bucket 0:9 gen 0 has wrong data_type: got journal, should be need_discard, fixing [ 72.683328][ T5110] bucket 0:9 gen 0 data type need_discard has wrong dirty_sectors: got 256, should be 0, fixing [ 72.688479][ T5110] bucket 0:10 gen 0 has wrong data_type: got journal, should be need_discard, fixing [ 72.692284][ T5110] bucket 0:10 gen 0 data type need_discard has wrong dirty_sectors: got 256, should be 0, fixing [ 72.696415][ T5110] bucket 0:11 gen 0 has wrong data_type: got journal, should be need_discard, fixing [ 72.700111][ T5110] bucket 0:11 gen 0 data type need_discard has wrong dirty_sectors: got 256, should be 0, fixing [ 72.704398][ T5110] bucket 0:12 gen 0 has wrong data_type: got journal, should be need_discard, fixing [ 72.708203][ T5110] bucket 0:12 gen 0 data type need_discard has wrong dirty_sectors: got 256, should be 0, fixing [ 72.712215][ T5110] bucket 0:13 gen 0 has wrong data_type: got journal, should be need_discard, fixing [ 72.716120][ T5110] bucket 0:13 gen 0 data type need_discard has wrong dirty_sectors: got 256, should be 0, fixing [ 72.719992][ T5110] bucket 0:14 gen 0 has wrong data_type: got journal, should be need_discard, fixing [ 72.723396][ T5110] bucket 0:14 gen 0 data type need_discard has wrong dirty_sectors: got 4294902016, should be 0, fixing [ 72.727657][ T5110] bucket 0:14 gen 0 data type need_discard has wrong cached_sectors: got 4294967295, should be 0, fixing [ 72.732088][ T5110] bucket 0:15 gen 0 has wrong data_type: got journal, should be need_discard, fixing [ 72.735749][ T5110] bucket 0:15 gen 0 data type need_discard has wrong dirty_sectors: got 256, should be 0, fixing [ 72.740695][ T5110] bucket 0:24 gen 0 has wrong data_type: got journal, should be need_discard, fixing [ 72.744677][ T5110] bucket 0:24 gen 0 data type need_discard has wrong dirty_sectors: got 256, should be 0, fixing [ 72.748792][ T5110] bucket 0:27 gen 0 has wrong data_type: got btree, should be need_discard, fixing [ 72.752092][ T5110] bucket 0:27 gen 0 data type need_discard has wrong dirty_sectors: got 256, should be 0, fixing [ 72.756548][ T5110] bucket 0:34 gen 0 has wrong data_type: got user, should be need_discard, fixing [ 72.759886][ T5110] bucket 0:34 gen 0 data type need_discard has wrong dirty_sectors: got 32, should be 0, fixing [ 72.763725][ T5110] bucket 0:34 gen 0 data type need_discard has wrong fragmentation_lru: got 268435456, should be 0, fixing [ 72.769646][ T5110] done [ 72.775045][ T5110] bcachefs (loop0): going read-write [ 72.778233][ T5110] bcachefs (loop0): journal_replay... [ 72.778297][ T5110] bcachefs (loop0): bch2_journal_replay(): error erofs_journal_err [ 72.783222][ T5110] bcachefs (loop0): bch2_fs_recovery(): error erofs_journal_err [ 72.786300][ T5110] bcachefs (loop0): bch2_fs_start(): error starting filesystem erofs_journal_err [ 72.789768][ T5110] bcachefs (loop0): shutting down [ 72.791737][ T5110] bcachefs (loop0): going read-only [ 72.793653][ T5110] bcachefs (loop0): flushing journal and stopping allocators, journal seq 8 [ 72.796574][ T5110] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 8 [ 72.800786][ T5110] bcachefs (loop0): unshutdown complete, journal seq 8 [ 72.805320][ T5110] bcachefs (loop0): finished waiting for writes to stop [ 72.808072][ T5110] bcachefs (loop0): done going read-only, filesystem not clean [ 72.822140][ T5110] bcachefs (loop0): shutdown complete [ 72.827747][ T26] ================================================================== [ 72.830436][ T26] BUG: KASAN: slab-use-after-free in percpu_ref_put+0xda/0x250 [ 72.833219][ T26] Read of size 8 at addr ffff8880339b80b0 by task kworker/u4:2/26 [ 72.835676][ T26] [ 72.836603][ T26] CPU: 0 UID: 0 PID: 26 Comm: kworker/u4:2 Not tainted 6.11.0-syzkaller-11728-gad46e8f95e93 #0 [ 72.840391][ T26] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 72.844186][ T26] Workqueue: loop0 loop_rootcg_workfn [ 72.846156][ T26] Call Trace: [ 72.847413][ T26] [ 72.848504][ T26] dump_stack_lvl+0x241/0x360 [ 72.850344][ T26] ? __pfx_dump_stack_lvl+0x10/0x10 [ 72.852601][ T26] ? __pfx__printk+0x10/0x10 [ 72.854484][ T26] ? _printk+0xd5/0x120 [ 72.856158][ T26] ? __virt_addr_valid+0x183/0x530 [ 72.858190][ T26] ? __virt_addr_valid+0x183/0x530 [ 72.860106][ T26] print_report+0x169/0x550 [ 72.861897][ T26] ? __virt_addr_valid+0x183/0x530 [ 72.863637][ T26] ? __virt_addr_valid+0x183/0x530 [ 72.865538][ T26] ? __virt_addr_valid+0x45f/0x530 [ 72.867287][ T26] ? __phys_addr+0xba/0x170 [ 72.869051][ T26] ? percpu_ref_put+0xda/0x250 [ 72.870673][ T26] kasan_report+0x143/0x180 [ 72.872266][ T26] ? percpu_ref_put+0xda/0x250 [ 72.874268][ T26] ? percpu_ref_put+0x1f/0x250 [ 72.876066][ T26] percpu_ref_put+0xda/0x250 [ 72.877923][ T26] blk_update_request+0x5e5/0x1160 [ 72.879848][ T26] blk_mq_end_request+0x3e/0x70 [ 72.881629][ T26] loop_process_work+0x1c10/0x2170 [ 72.883566][ T26] ? __pfx_loop_process_work+0x10/0x10 [ 72.885715][ T26] ? register_lock_class+0x102/0x980 [ 72.887648][ T26] ? __pfx_register_lock_class+0x10/0x10 [ 72.889714][ T26] ? mark_lock+0x9a/0x360 [ 72.891430][ T26] ? debug_object_deactivate+0x2d5/0x390 [ 72.893584][ T26] ? __pfx_lock_acquire+0x10/0x10 [ 72.895470][ T26] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 72.897798][ T26] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 72.900232][ T26] ? process_scheduled_works+0x976/0x1850 [ 72.902428][ T26] process_scheduled_works+0xa63/0x1850 [ 72.904467][ T26] ? __pfx_process_scheduled_works+0x10/0x10 [ 72.906703][ T26] ? assign_work+0x364/0x3d0 [ 72.908322][ T26] worker_thread+0x870/0xd30 [ 72.910028][ T26] ? __kthread_parkme+0x169/0x1d0 [ 72.911949][ T26] ? __pfx_worker_thread+0x10/0x10 [ 72.913924][ T26] kthread+0x2f0/0x390 [ 72.915310][ T26] ? __pfx_worker_thread+0x10/0x10 [ 72.917208][ T26] ? __pfx_kthread+0x10/0x10 [ 72.918969][ T26] ret_from_fork+0x4b/0x80 [ 72.920448][ T26] ? __pfx_kthread+0x10/0x10 [ 72.922140][ T26] ret_from_fork_asm+0x1a/0x30 [ 72.923828][ T26] [ 72.924912][ T26] [ 72.925807][ T26] Allocated by task 5110: [ 72.927466][ T26] kasan_save_track+0x3f/0x80 [ 72.929364][ T26] __kasan_kmalloc+0x98/0xb0 [ 72.931150][ T26] __kmalloc_cache_noprof+0x19c/0x2c0 [ 72.933111][ T26] __bch2_dev_alloc+0x57/0xa60 [ 72.934826][ T26] bch2_dev_alloc+0xd4/0x170 [ 72.936545][ T26] bch2_fs_open+0x2e3f/0x2f80 [ 72.938325][ T26] bch2_fs_get_tree+0x738/0x1710 [ 72.940342][ T26] vfs_get_tree+0x90/0x2b0 [ 72.942065][ T26] do_new_mount+0x2be/0xb40 [ 72.943684][ T26] __se_sys_mount+0x2d6/0x3c0 [ 72.945347][ T26] do_syscall_64+0xf3/0x230 [ 72.946939][ T26] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 72.949076][ T26] [ 72.949975][ T26] Freed by task 5110: [ 72.951398][ T26] kasan_save_track+0x3f/0x80 [ 72.953048][ T26] kasan_save_free_info+0x40/0x50 [ 72.954839][ T26] __kasan_slab_free+0x59/0x70 [ 72.956526][ T26] kfree+0x1a0/0x440 [ 72.957967][ T26] kobject_put+0x22f/0x480 [ 72.959608][ T26] bch2_fs_free+0x27b/0x3c0 [ 72.961458][ T26] bch2_fs_get_tree+0xd9f/0x1710 [ 72.963354][ T26] vfs_get_tree+0x90/0x2b0 [ 72.965080][ T26] do_new_mount+0x2be/0xb40 [ 72.966817][ T26] __se_sys_mount+0x2d6/0x3c0 [ 72.968559][ T26] do_syscall_64+0xf3/0x230 [ 72.970277][ T26] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 72.972409][ T26] [ 72.973339][ T26] Last potentially related work creation: [ 72.975451][ T26] kasan_save_stack+0x3f/0x60 [ 72.977176][ T26] __kasan_record_aux_stack+0xac/0xc0 [ 72.979203][ T26] insert_work+0x3e/0x330 [ 72.980903][ T26] __queue_work+0xc8b/0xf50 [ 72.982554][ T26] queue_work_on+0x1c2/0x380 [ 72.984175][ T26] bch2_dev_do_invalidates+0x17a/0x1f0 [ 72.986205][ T26] bch2_do_invalidates+0x29/0x60 [ 72.987984][ T26] __bch2_fs_read_write+0x34c/0x370 [ 72.989895][ T26] bch2_run_recovery_pass+0xf0/0x1e0 [ 72.991868][ T26] bch2_run_recovery_passes+0x387/0x870 [ 72.994019][ T26] bch2_fs_recovery+0x24f9/0x38b0 [ 72.995887][ T26] bch2_fs_start+0x356/0x5b0 [ 72.997599][ T26] bch2_fs_get_tree+0xd68/0x1710 [ 72.999464][ T26] vfs_get_tree+0x90/0x2b0 [ 73.001085][ T26] do_new_mount+0x2be/0xb40 [ 73.002769][ T26] __se_sys_mount+0x2d6/0x3c0 [ 73.004420][ T26] do_syscall_64+0xf3/0x230 [ 73.006067][ T26] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 73.008118][ T26] [ 73.008987][ T26] Second to last potentially related work creation: [ 73.011677][ T26] kasan_save_stack+0x3f/0x60 [ 73.013150][ T26] __kasan_record_aux_stack+0xac/0xc0 [ 73.014933][ T26] insert_work+0x3e/0x330 [ 73.016401][ T26] __queue_work+0xc8b/0xf50 [ 73.018194][ T26] queue_work_on+0x1c2/0x380 [ 73.019945][ T26] bch2_dev_do_discards+0x17a/0x1f0 [ 73.021948][ T26] bch2_do_discards+0x29/0x60 [ 73.023447][ T26] __bch2_fs_read_write+0x344/0x370 [ 73.025156][ T26] bch2_run_recovery_pass+0xf0/0x1e0 [ 73.026582][ T26] bch2_run_recovery_passes+0x387/0x870 [ 73.028081][ T26] bch2_fs_recovery+0x24f9/0x38b0 [ 73.029499][ T26] bch2_fs_start+0x356/0x5b0 [ 73.030787][ T26] bch2_fs_get_tree+0xd68/0x1710 [ 73.032263][ T26] vfs_get_tree+0x90/0x2b0 [ 73.033723][ T26] do_new_mount+0x2be/0xb40 [ 73.035198][ T26] __se_sys_mount+0x2d6/0x3c0 [ 73.036773][ T26] do_syscall_64+0xf3/0x230 [ 73.038298][ T26] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 73.040192][ T26] [ 73.041069][ T26] The buggy address belongs to the object at ffff8880339b8000 [ 73.041069][ T26] which belongs to the cache kmalloc-4k of size 4096 [ 73.045775][ T26] The buggy address is located 176 bytes inside of [ 73.045775][ T26] freed 4096-byte region [ffff8880339b8000, ffff8880339b9000) [ 73.050680][ T26] [ 73.051537][ T26] The buggy address belongs to the physical page: [ 73.053902][ T26] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x339b8 [ 73.057039][ T26] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 73.059968][ T26] anon flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff) [ 73.062590][ T26] page_type: f5(slab) [ 73.064027][ T26] raw: 04fff00000000040 ffff88801ac42140 0000000000000000 dead000000000001 [ 73.066999][ T26] raw: 0000000000000000 0000000000040004 00000001f5000000 0000000000000000 [ 73.069849][ T26] head: 04fff00000000040 ffff88801ac42140 0000000000000000 dead000000000001 [ 73.073320][ T26] head: 0000000000000000 0000000000040004 00000001f5000000 0000000000000000 [ 73.076626][ T26] head: 04fff00000000003 ffffea0000ce6e01 ffffffffffffffff 0000000000000000 [ 73.080081][ T26] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 73.083316][ T26] page dumped because: kasan: bad access detected [ 73.085716][ T26] page_owner tracks the page as allocated [ 73.087829][ T26] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 9538331265, free_ts 9497110077 [ 73.095411][ T26] post_alloc_hook+0x1f3/0x230 [ 73.097229][ T26] get_page_from_freelist+0x3045/0x3190 [ 73.099320][ T26] __alloc_pages_noprof+0x256/0x6c0 [ 73.101298][ T26] alloc_pages_mpol_noprof+0x3e8/0x680 [ 73.103295][ T26] alloc_slab_page+0x6a/0x120 [ 73.105021][ T26] allocate_slab+0x5a/0x2f0 [ 73.106639][ T26] ___slab_alloc+0xcd1/0x14b0 [ 73.108431][ T26] __slab_alloc+0x58/0xa0 [ 73.109995][ T26] __kmalloc_cache_noprof+0x1d5/0x2c0 [ 73.111934][ T26] kobject_uevent_env+0x28b/0x8e0 [ 73.113801][ T26] device_add+0x63b/0xbf0 [ 73.115356][ T26] device_create+0x257/0x2e0 [ 73.117095][ T26] bdi_register_va+0x8b/0x760 [ 73.118858][ T26] bdi_register+0xd5/0x120 [ 73.120571][ T26] device_add_disk+0x859/0x1000 [ 73.122552][ T26] brd_alloc+0x4da/0x770 [ 73.124425][ T26] page last free pid 1 tgid 1 stack trace: [ 73.126796][ T26] register_dummy_stack+0x8a/0xe0 [ 73.128527][ T26] init_page_owner+0x3e/0x970 [ 73.130347][ T26] page_ext_init+0x731/0x790 [ 73.132012][ T26] mm_core_init+0x4c/0x60 [ 73.133721][ T26] [ 73.134721][ T26] Memory state around the buggy address: [ 73.136843][ T26] ffff8880339b7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 73.139324][ T26] ffff8880339b8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 73.142110][ T26] >ffff8880339b8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 73.145223][ T26] ^ [ 73.147379][ T26] ffff8880339b8100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 73.150465][ T26] ffff8880339b8180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 73.153631][ T26] ================================================================== [ 73.209301][ T5095] Bluetooth: hci0: command tx timeout [ 73.516412][ T26] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 73.518972][ T26] CPU: 0 UID: 0 PID: 26 Comm: kworker/u4:2 Not tainted 6.11.0-syzkaller-11728-gad46e8f95e93 #0 [ 73.522430][ T26] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 73.526560][ T26] Workqueue: loop0 loop_rootcg_workfn [ 73.528572][ T26] Call Trace: [ 73.530060][ T26] [ 73.531105][ T26] dump_stack_lvl+0x241/0x360 [ 73.532823][ T26] ? __pfx_dump_stack_lvl+0x10/0x10 [ 73.534753][ T26] ? __pfx__printk+0x10/0x10 [ 73.536515][ T26] ? preempt_schedule+0xe1/0xf0 [ 73.538310][ T26] ? vscnprintf+0x5d/0x90 [ 73.539915][ T26] panic+0x349/0x880 [ 73.541450][ T26] ? check_panic_on_warn+0x21/0xb0 [ 73.543298][ T26] ? __pfx_panic+0x10/0x10 [ 73.544968][ T26] ? _raw_spin_unlock_irqrestore+0x130/0x140 [ 73.547189][ T26] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 73.549593][ T26] ? print_report+0x502/0x550 [ 73.551393][ T26] check_panic_on_warn+0x86/0xb0 [ 73.553323][ T26] ? percpu_ref_put+0xda/0x250 [ 73.555093][ T26] end_report+0x77/0x160 [ 73.556738][ T26] kasan_report+0x154/0x180 [ 73.558436][ T26] ? percpu_ref_put+0xda/0x250 [ 73.560248][ T26] ? percpu_ref_put+0x1f/0x250 [ 73.562018][ T26] percpu_ref_put+0xda/0x250 [ 73.563769][ T26] blk_update_request+0x5e5/0x1160 [ 73.565721][ T26] blk_mq_end_request+0x3e/0x70 [ 73.567602][ T26] loop_process_work+0x1c10/0x2170 [ 73.569621][ T26] ? __pfx_loop_process_work+0x10/0x10 [ 73.571685][ T26] ? register_lock_class+0x102/0x980 [ 73.573699][ T26] ? __pfx_register_lock_class+0x10/0x10 [ 73.575741][ T26] ? mark_lock+0x9a/0x360 [ 73.577365][ T26] ? debug_object_deactivate+0x2d5/0x390 [ 73.579467][ T26] ? __pfx_lock_acquire+0x10/0x10 [ 73.581488][ T26] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 73.583570][ T26] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 73.585965][ T26] ? process_scheduled_works+0x976/0x1850 [ 73.588147][ T26] process_scheduled_works+0xa63/0x1850 [ 73.590268][ T26] ? __pfx_process_scheduled_works+0x10/0x10 [ 73.592619][ T26] ? assign_work+0x364/0x3d0 [ 73.594393][ T26] worker_thread+0x870/0xd30 [ 73.596080][ T26] ? __kthread_parkme+0x169/0x1d0 [ 73.597934][ T26] ? __pfx_worker_thread+0x10/0x10 [ 73.599886][ T26] kthread+0x2f0/0x390 [ 73.601451][ T26] ? __pfx_worker_thread+0x10/0x10 [ 73.603374][ T26] ? __pfx_kthread+0x10/0x10 [ 73.605106][ T26] ret_from_fork+0x4b/0x80 [ 73.606832][ T26] ? __pfx_kthread+0x10/0x10 [ 73.608606][ T26] ret_from_fork_asm+0x1a/0x30 [ 73.610423][ T26] [ 73.611868][ T26] Kernel Offset: disabled [ 73.613537][ T26] Rebooting in 86400 seconds..