program: r0 = socket(0x2a, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0) getsockname$packet(r0, &(0x7f0000000700)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000500)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=@delchain={0x68, 0x65, 0x200, 0x70bd25, 0x25dfdbff, {0x0, 0x0, 0x0, r1, {0x5, 0xfff3}, {0x6, 0x4}, {0x6, 0x3}}, [@filter_kind_options=@f_matchall={{0xd}, {0x24, 0x2, [@TCA_MATCHALL_CLASSID={0x8, 0x1, {0xfff2}}, @TCA_MATCHALL_FLAGS={0x8, 0x3, 0x6}, @TCA_MATCHALL_FLAGS={0x8, 0x3, 0x5}, @TCA_MATCHALL_CLASSID={0x8, 0x1, {0x8, 0xb}}]}}, @TCA_RATE={0x6, 0x5, {0x9, 0x9}}, @TCA_CHAIN={0x8, 0xb, 0xff}]}, 0x68}}, 0x0) (async) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@newtfilter={0x3c, 0x2c, 0xd2f, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0xfff1}, {}, {0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ENC_IPV4_DST={0x8, 0x1d, @local}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000005}, 0x40) (async) syz_mount_image$bcachefs(&(0x7f0000002340), &(0x7f0000005900)='./file0\x00', 0x10000, &(0x7f0000002300)=ANY=[], 0x1, 0x5910, &(0x7f0000016480)="$eJzs3W2QXFXdIPBzu3synZm8TAJIBJkMgSiCmglvhS+l0fWtAKlYWErYKAxkgtEkpJIgEFCCC64UYKGlpagf0EJq0WhRBatESuRlE1ZRitWltpBa3UU++BTykBLIQ1k+zlMzfU/PzJ2+c3u6e0ICv18lc/ucPv0/5557+vY9p3umAwAAAK8JIwtr2y8Ov3TNh3++6drQWx5LV2OBvnR7xSvSPA6w7sqSse3e67ftP+eoD/w6jos3XfXDZwYuft+v7ur5wct71h27/g/vP+zi+z5z5u5bv/Pgi/Pv+efTRXHjeDpxPJ08l4RQ/cW+b3xpz6NHjuYlIYRy0rczhEXJ4gcXJZkQg38PIaxLE0syd9790inrR7fX3tg9KX9hplx2v4z315ZqOs527L/8pPDH96657rdLf/Ljrl3P7hwvklQnjKcQFlw48fFdIYS56f9RcbTF8RgH7eoQQs+Ex51R0K7jmmz/ipz00el2TrrtLYgT71+WSZcy5bLpqCuz7Smor1157Wi1XJF5mXT2ZNSuvHbG/EXp9mfp9sQZxi/H/0koJaESh0XYmIyPkTDhuCUhGTuW1Xq6VD+2Id3/TDrJpEuZdLkrs19j9aYDrZwkk/NjuUx+PB1X0vxjJ56rGzg3J//16baaPlFfjumQvVHTO+VGfb/GxHbtm6YtB0JpwjmoUX593KYHozfN600WT3nMSAPxvj1rblpeXvvQ3r6cdiR3JWn8pKX4O36zaN6nfnTDZdnX9Xr8C0tp/FJL8f901mPPn3/D97+dG/+WGL/cUvyT7+957qyHr1+W2z/7Yv9UWoo/9PQjNy89/KJdue2/LcavthR/1e7Huufvv/+B3PYPxv6Z21L8p975wT/f+cS9z+bGDzF+zzWhhfhrd2/5Snf//hNy4z8Q+6e3tfHzwq7Tn+zv/8tAXvzHY/z5LcW/Y+et77h94Y1n5h7f1bF/+lqKf/bx9103b/+9x+SdO5PbOvXKCfDadFh6jfXlNN3qPLNdE+YL3xqo1K755qX/53eyoozRehbMYnwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXpuOOOl/fuj/f7zvuUqa7k5vPFWqbWP+nBCSuSGEbduHtm7fsPmSgc9cetnWzUMbB4a2Dwxv3r71yoFT3zKwdXjLxqErR+8dfOsptcctDkltmxwzpe6RkZGRUt/kvFjffzp+1x+Xn/Evfw1h8Ijf91dy27/i1k23H97gZ0ayauQ9my475/enfS/dr760XX057Qo57frX8/5x+9f2PXNCCIOvm65djzz17l9OatBYxnicVKk71BrUnfRMbO7O2JJ6q9P2xP6qrN+wcXiwuH/LOfvxn6969u/rr/jqP2r9W83djyb7d+6qkY2lb645+9+/eXUt42A97o37e7xdcS9i+2L/VdP+XpDu14Kc/ark7Nf1v33giV8cdcOLO8Ng5YWlU+su2q+udAB0Ja9vqt5YQ0+yaFJ+NS0fj3h83Irtm7as2Hbljrdu2DR0yfAlw5vfvvLUlacPnnb6aSvG9nxFh/c/1v/GJvf/wIynhZ/b+bP4s7nxVNSuov4YbVdxf0xsUd7zr+fcL3397bc+fE4to2icx9L180m67Rk9zivDhPE2ta8a7VdRP4QQBhr1w/MvnhmO/D8bris6D008MhN/ZiSrRh5d9rfvnfHdJe+qZRyQ8/zEBs3oPD/ejnqrx9sz1l/V9HgcrP3bHcrpfvU2bNfKRx/uumnvXz9fb9+cOeGKoe3bt66s/ZyXtnRecnTDdmVz434tHftZDmm3hPowbTBeR3WFWvuy589YPNurvel9vcnihvuVFe/bs+am5eW1D+3N6+nkrlqNc8P82jZ5Q07JjZkHlusNblT/oTo++j/03Xs+fs9PT50yPk6u/SzaryRnv37yxB1f/8FX/+tPO7dfH3r3Y31/+7+fXl7LOFTOK/VWp+1JJp5XTg6h6Pm3NDTej9znX6nx/hQ9/7L1jJdvHG8gk+4N5Zaeryff3/PcWQ9fvyz3+bpvwvM1fxiFEK6elCoXPF8PlvHzyj2/Jg2UZNXIr7582M4Hr1l9VC2jaFzXSzca16c0Mf/I2a9fnv9k/6UD/+V/1/br0X3jI6XZ/QqZ/frhW+6+4A9Dq75QyzhYjns17d9qTv/WWx3nnRP7920XX7pxXS3/4L3+TbcF8594Ktl25Y7PDm3cOLx1W3P71ezraawn28utvp7Gs9vigv0qTdmv2bvRTH8193wb7691LffX5Odbb0hael3Y8ZtF8z71oxsu65vyqLSiC0tp/FJL8f901mPPn3/D97+dG/+WGL/SUvyhpx+5eenhF+3KjX9bksavthR/1e7Huufvv/+B3PiDsf1zW4r/1Ds/+Oc7n7j32dz4Icbvba3/X9h1+pP9/X/Jjf94ktYzeo0Uwt0vnbK+lk5CVxi/FBhtR9ekdoVsOsmkS5l0eWK6VFtrrVdQTpLJ+bFcmn9smP6y5BM5+fEqrLqktn05pkP2xvT5B5vShHN/o/yi61QAgFe7+P5/vAaN7/8PpxdK+SsNMK7dediSnLhxHja+njNn0v1L0vjx8XEdsP9tYXB0e+1A7UJ/puuc8fmQXeeM9Zxw3OQYra5zFq2/L8ukY7tq6+WVCfPQ1NR5TSU0sf4+tZ7p198zu1/8ftbAl6c0a2DCulX2+HWlK2aNPu+QaW9lNELe+Miui8XPc/QvCKvH6mtyfGQ/RxOPQ/ZzNLGeozInzlY/R9Pu+IjNnmZ8jDW5+P3IqccvTNO/48evcbTs8ZvB8a6Olp/t92cP/XXD2X0/zLpkTvz0CXawrxvG/LgflSbXEz+ek9+p9cR4uojt2jdNWw4E64nAq1Wc/8fXiNH5/+gF+L9lyhVdh2avGmO83M8JlRu3p2jeMfVzej0tvY6v3b3lK939+0/Ivc55oNnP6W2ZlOop+NxPUT8uz6QL+zFngaZovpetp6jfs5/L6A3zW+r3O3be+o7bF954Zm6/r669kBb3+9cnpeYX9Lv5Qk5884WDYr4w2+tnr9h8JP3g02zNRz6Wkz/T+UjPlBv1/RpzyM1Hug5suwCAQ0ec/9ffP0vn//8vU65o3npiJh3j5c5bc65P8uatH0m3V2TK96a/UTHT6+azj7/vunn77z0md95yW7Pz0P82KdVXOA9tb96cO49Y3ZnPi+fOI+rzrPbmibntr88T25un58avz9Pbm0fn9k99Ht3eOkBu/Po6wKE+z53d9bpX7Tw6/fXZ2ZpHn5uTP9N5dO+UG/X9GmMeDQDwyorz/3gZF+f/D2fKtXvdnjsv6NB1e/bvgdTjP36g5pWzPe+b7XnrbM/rZ3td4lCfF8/2utDsrpMdgvPiBcG8eArzYgCAV7c4/5+bpvPn/+3NT3Lnb/X5SZyfTy0zXXzzc/PzcAi8b/3Kr3+Z/3tfvJj5PwDAq1uc/8dfe4x//+9/pOns3633PnpOfPN08/Tpxk/T8/TZXmezDmAdoJh1AACAV5eusZnS1N+z/+Q05UOD8uen2+zv5TerMvY79iFctH3r8PAFl21ZN7R9+ILNl64b3nbB5Vs3bN8+vLlWrt15Y+68JZ03doVK2h+Ny2XnbQvTv4ewMOfvIWTLx7BHj92Y+vcQstXOLfg7AuPHr7n25h2/0jTlG42PvOOdF/8TOeWj+vG/+NMnX7B+2wUbNm/YvmFo44Ydw5PLjc5ae2bwvZmxW2b0vZmZH1OUZv79nZ1pR2lKO7rS/sj7fvYk045FaUsW5X3/QU67f/2/vva540f+cWcIg0eU39BW/yWrRv77ecMf2b7391tG21+atv31kmm7ir6vNFs+7k9l46Xbtp+0/tLLNme/UbI1cT2jVE+XwtxJ93doPSN9+pebXJ9Ym5M/0/WJ8pQbB6em1ycAAJgkvv8fr2fj+4dfTS+gYn7z8/T23j/OnacPNjdPz34vWdE8PVs+7m+z8/Rqm/P0bP1F8/RG5RvN0/Pm3XnxP5ZTfqaaHyftfc4jd5xc2Nw4yX6fQdE4yZaf6ThJ2hwn2fqLxkmj8o3GSd5xz4v/0ZzyeQrGQ/0wtvu5nNzxcEtz4+HNmXTReMiWn+l4KLU5HrL1F42HRuUbjYe845sX/5yc8s2aPD5GB8bYuBi+4PJLt352QrnZ/v6L9ts3u9//0arm2z+7n/ua/fbP7ufKZr/97X2uLLf9j7e3EtZ8+2f3+11a1Wi9dlY+f5Z+2Kzo82dF67hrcvJnuo47Z8qNg5N1XHjlxPl/fLsnzv9vTLedfhvo0P+eNN9j1jB+h77HrOg6xuv5NJUdBLyeAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADSnu7JkbLv3+m37zznqA7/+4vBL13z455uufdNVP3xm4OL3/equnh+8vGfdsev/8P7DLr7vM2fuvvU7D744/55/Pl0YuK+2OTFNVkNInktCqP5i3ze+tOfRI0fzkhBCOenbGcKiZPGDi5JMhMG/hxDW1ds5+c67Xzpl/ej22hu7J+UvzATJ7lfoLcf2TGpnuKJwjzgEVdNxtmP/5SeFP753zXW/XfqTH3ftenbneJGkOmE8hbDgwomP7wohzK39nzQ+l8QHp9vVIYSeCfefUdCu45ps/4qc9NHpdk667S2IE+9flkmXMuWy6agrs+0pqK9dee1otVyReZl09mTUrrx2xvxF6fZn6fbEGcYvx/9JKCWhUm/+xmR8jIQJxy0JydixrNbTpfqxDen+Z9JJJl3KpMtdmf0aqzcdaOUkmZwfy2Xy4+m4kuYfO/Fc3cC5OfmvT7fV9In6ckyH7I2a3ik36vs1JrZr3zRtORBG+6l7mvz6gU8PRm+a15ssnvKYkQbifXvW3LS8vPahvX057UjuStL4SUvxd/xm0bxP/eiGy5bkxb+wlMYvtRT/T2c99vz5N3z/27nxb4nxyy3FP/n+nufOevj6Zbn9sy/2T6Wl+ENPP3Lz0sMv2pXb/tti/GpL8Vftfqx7/v77H8ht/2Dsn7ktxX/qnR/8851P3PtsbvwQ4/e0FH/t7i1f6e7ff0Ju/Adi//S2Nn5e2HX6k/39fxnIi/94jD+/pfh37Lz1HbcvvPHM3OO7OvZPX0vxzz7+vuvm7b/3mLxzZ3Jbp145AV6bDhs7R4/Ulx1anWeOaeOUPGG+8K2BSu2ab176f37rYQuN1rNgFuMDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDq9LurT/3kee/56JpKEkKSU2akgXhfec6qVQMt1Dv09CM3Lz38ol0T85a0EAcAAAAoFufhpXpONSwJlydzw9ENy8c1gqNjKpmcn11DiHGyawStxil1KE65Q3EqHYrT1aE4czoUp7tDcaoFcaqhuThzp41Taro9PR2K09uhOPM6FGd+h+Is6FCchR2K88y0cZofh4s6FGdxh+Ic1qE4h3cozhEdivO6DsU5skNxsmvKMx2H89OSR+XFGbtRLoxTScr1Oxqtp8d6jmmznt4m68l9PW6ynrlN1nNc5nGlGdZTbbKeN7ZZT9JkPW9us55SQT1x3F6RbV+sJ6aaHP9XdijOjg7FuapDca7uUJzP58WpTM4oivOFDrXnmjbjADQrzv/H53t9obvyrtCTnnGyqwDxtLh07OfU17u8E1KM94ZM/pxsvGyY7EQ9E2/pTNuXXUDIxFuWye+aFK8S+rLtmxqvOjHe8sydU/Y3277sgkKmfSdm8ruL4mUXFgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgFv3u6lM/ed57PromJGH0X0MjDcT7ynNWrRpood49a25aXl770N6Jed2VFgIBAAAAheI8vKueUw3dlZWhO5kzqVw1XQeopulyX23bvyCsHt0mA6WxdE+yaNrHVdLHrdi+acuKbVfueOuGTUOXDF8yvPntK09defrgaaeftmL9ho3Dg7WfIXQXxAshjC0/bLtyx2eHNm4c3rqtlplt/5L0cUvSdJI+rv9tYXB0e23a/sUF9ZWm1Dd7N4qPHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP/Brr2FyFmecQB/v5nZmXE1zRZPYzCbIQdJW2mTdC2xFeeDQgVNQhahzNhuJdSESjcmaCKpTjVQtQktBSUQUnKTkkq10hsPVUo9EEixaQPdNBSV1ov2okVbS5RclMiU7M43p8xkNhMxB3+/i/lm3vd53+d7hxD4fzsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHy8pqpjE+XSeGU4CiHqUVPrIplLZ+O4OEDfb760+Se50eNLW8dymQE2AgAAAPpKcvhQYyQfcpl0SIdrpj8tDC0ToZn7AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAT56p6thEuTReuTQKIepRU+simUtn47g4QN+333/mS2+Mjv6zdawwwD4AAABAf0kOTzVG8qEQFoWh6Jq2uuTZwLyO9Z11yT7zZ1nX+eygV92iWdZdN8u6z/SpW1O/bgsAAABw4Uvyf6YxMhJymTk983+/XJ/ULeioS9evg/xWAAAAADg7Sf7PNUYKIZcpNPL6bPP+wo66ZH2/v9sn65f0WN/v7/mr61d/pwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAC8dUdWyiXBqvpKMQoh41tS6SuXQ2josD9F3x8vC/bzvw6MLWsVxmgI0AAACAvpIc3oze+ZDLDIehcOl07h+9Ze9zX3/uhbEQwkzMz2bDtnVbtty7YuY1qVt+6MDQjw+++/1T6pbPvJ6zAwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB+ZqerYRLk0XrkkCiHqUVPrIplLZ+O4OEDft77ytb8/dfTFd1rHCgPsAwAAAPSX5PBm9s+HQsiGbLhq+lNr1j8p1bG+1zMDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4OJx3/ce+O66ycn19174b0LqLPdJnw+n8OYs3kT1f9Xny/2ch2+GwiyLz/F/TAAAwEduQYhC7QxdvfZc3zUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHA+mKqOTZRL45V8FELUo6bWRTKXzsZxcYC+8UuHc3OOv/xq61hhgH0AAACA/pIc3sz++VAIQ2EoXDn9qdszgen8P/Ix3iQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwXpmqjk2US+OVOVEIUY+aWhfJXDobx8XZNmtp8OT2PV/eP/dHt7ZO5zIDHQEAAADoI8nh2cZIPuQynw25cG3982T7gihdv4YHuz0XaK7b3LZsuLmu6/OE5rpq27r0rNft6DhZpn6amXX5ZL+RmWtjXfHUdcWWdYXQaF9sWxd2ta2a0+c+AwAAAJxDSf7PNUZGQi6Ta8m5v2irH5FzAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAepqpjE+XSeCWKQoh61NS6SObS2TguDtD3gT98+rJv/XLn1taxwgD7AAAAAP0lObyZ/fOhEOaHT4X507k/jLTXJ3X/KZ/Y/8R//7E0hGVXHRnN9Nz/d2/d/ErnSwip9qJUCHPr/aIe/X7/pyfuX1w78VQIy65MX3um/dq3jGvPl9ev3nLwyObTfDEAAABwEUny/1BjZCTkMvf0zP9J8j6j/D/3/u2/vqL+Wk/kHStSI/V+qR79vrr4mb8tWfmvd0/m/9P1+8KejfuvaGs4M9IhimuljVvXHLlhXyo59Uz/dEf/5Hv5xoPv/G/DtsdPzPTPh3x9fF6mW/9TXztcEtcmU7srqz7cXW3vn+lx/kf/+OrR387b+cHJ/u8vGG70v+405z99/+HbH9t1454Da9r7hxCK3fq/98Gt4eq/3P1I5/mHOzZu/eZbXztEce3QwmP7Vu4t3NTeP+ron3z/vzr65K6fP/7DF5L+yW9Fli6abf9UR//Xd1y+/bWH185r75/qcf5X7nhjdFPxB3/uPP9dA5//6eufvfPNdfFDnVMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXl6nq2ES5NF5JRSFEPWpqXSRz6WwcFwfo+/Zth9+7Y+fPfto6VhhgHwAAAKC/JIc3s38+FEI2ZMPwdO5/vrx+9ZaDRzaHkZnZqH7NTG66b8vnNmzaes9d5+jOAQAAgNlK8n+mMTIScpnFYaie/0sbt645csO+VJL/U0n+33D35PploVH3+o7Lt7/28Np5jecEIUz/LCB/su6Lzbpbbj48cuyv31nStW5Fs+7QwmP7Vu4t3JTUhda65aHxfOLp65+988118UON+2ut+/y3N03WH08k+w7f/tiuG/ccWNM4R/06XN83qZtM7a6s+nB3NalL16/5+rkBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgFNNVccmyqXxSkiHEPWoqXWRzKWzcVwcoO+qxb955LLjL85vHctlBtgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYb9uQuuo+jgAn3Nv8uY2N2mT9gWjYppWRakLi4KIblRUpBUpuKoUqbZ2IQqCiFIXptKKpSpuBKubIiqoUQoKNhZLq6TiV3HjQgWF6kIoxYA2FBcqSc65vZlmvDqpgvo8MJx7zsz85j9zTib3AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPCP0tM1NNMe3nH/1C3n3PDRo3edeOSmd+7ddtHDr343sum6D/f2vnRyYvOKLV9ev2zT/rvXjO9+/tBP/W/9crRj8EOzzarUbYQQj8cQGu9OPvPYxMdnTY/FEEI9DoyGMBiXHhqMhYTVP4cQNrfqnLvzzROXb5lut+3qmTO+pBBSvK/QrOd6Zg3MrZd/l0ZaZ1unHrwkfH3t+u2fLn/j9e6xY6OnDomNtvUUwuKN7ed3hxAWpW1aXm1D+eTUrgsh9Ladd2WHus7/g/VfWtI/N7X/S22zQ07ev7LQrxWOK/az7kLb2+F6C1VWR9XjOukr9Isvo4UqqzOPD6b27dSu+pP59bzFUIuhq1X+PfHUGglt8xZDnJnLRqtfa81tSPdf6MdCv1bo17sL9zVz3bTQ6jHOHc/HFcbz67grja9of1fP49aS8bNT20h/qCdzPxQ/zGqe9qF1XzNyXZO/U8vfodb2DppvvDXxaTKaaawZl552zq/zyPsm1j9xYX3De4cHSuqIe2PKj5Xyt34y2Hf7azsfGCrL31hL+bVK+d+sPfLDbTtfeK40/+mcX6+Uf9mB3uNr39+xsvT5TObn01Up/46jHzy5/P93jpXWvyfnNyrlXzN+pKd/6sDB0vpX5+ezqFL+V1ff+O0rn+87Vpofcn5vpfwN4/c91TM8dXFp/sH8fJrV1s+PY1d8MTz8/UhZ/mc5v79S/suju696ccmuNaXzuy4/n4FK+TdfsH9739S+88renXHPmfrPCfDftCx9x3o89av+zlyott8Lz450zX7n60tb/5m8UMH0dRb/hfkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC/sQMHJAAAAACC/r9uR6AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8FQAA//9jRy9Z") r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0) ioctl$FICLONERANGE(r2, 0x4020940d, &(0x7f00000000c0)={{r2}, 0x0, 0x0, 0x3000}) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x20200, 0x0) (async) r3 = socket$netlink(0x10, 0x3, 0x0) (async) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000000)='./file1\x00', 0x1000801, &(0x7f0000000140)=ANY=[], 0xff, 0x208, &(0x7f0000000780)="$eJzsmb9rFEEUx78zu7d7BhEstLA5i4ARzN7unkoai9iKICSilodZQ3STk8sWSUAw2Nj4B/iPKFxlYWcjFlYWKggWXmmj4Mj82Lu5W2917zgs8j7F8J03M2/evNm8gRwIgjiyfP70/eOzqyvrFwAcxyJ8Y//qDOdwa/6H507NyNc7Jx71xv0xAEIM++5f9vcAvFp1gMfarRA/hD2+aHyugystuQmO80bfAkOQxyokWiZguGPM9y3dOWZEmrC7nXTj3laahLKJZBPLpgWIkfj7hwwbAOpmC2bFt7t/8KCdAl0t0iQXNZHvUxiqKsryp+Jb5bhipUDe1+2nTw5lPzD20MpfBI7I6BYY1oxegY8gCBqmm0TW+c+4Q/+Ovjbr/P96kvpsiagqTi6XzskPMe8wfom5ePamuoL5CBlH9VW8UVzlVfPjTREzG7fIP+iB5XS/96a46st/Te9sQhUuAIWhdwtpet22vL1mxKkRP2ft/Fgi/wInfhK6fjAXOGfVJ9d6FZrZ9sPm7v7B8tZ2ezPZTHbiuHU5vBiGl+Kmqs26Lal/dVWfFiz/tQlzPeZhr51l3WgPyLrRoB/r1qq4ay8639Qaruofx9JPIfLnRR3b//Me6v3z9TqmekvOxOAJgiAIgiAIgiAIgiAIgiBKaLwvWPAS5n+VLP9NrIgb31CzfwcAAP//+HdjKA==") openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x40000, 0x20) fadvise64(r4, 0x0, 0x0, 0x3) (async, rerun: 64) sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) (rerun: 64) [ 68.812356][ T5317] Bluetooth: hci0: command tx timeout [ 69.147785][ T5337] loop0: detected capacity change from 0 to 32768 [ 69.374210][ T5337] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names [ 69.374226][ T5337] allowing incompatible features above 0.0: (unknown version) [ 69.374232][ T5337] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 69.391693][ T5337] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0 [ 69.396396][ T5337] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 69.401429][ T5337] bcachefs (loop0): Version upgrade required: [ 69.401429][ T5337] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 69.401429][ T5337] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive [ 69.401429][ T5337] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance [ 69.506276][ T5337] bcachefs (loop0): invalid bkey in btree_node btree=alloc level=0: u64s 12 type alloc_v4 0:28:0 len 0 ver 0: [ 69.506311][ T5337] gen 0 oldest_gen 0 data_type btree [ 69.506317][ T5337] journal_seq_nonempty 6 [ 69.506322][ T5337] journal_seq_empty 0 [ 69.506326][ T5337] need_discard 1 [ 69.506330][ T5337] need_inc_gen 1 [ 69.506334][ T5337] dirty_sectors 0 [ 69.506338][ T5337] stripe_sectors 1769482 [ 69.506343][ T5337] cached_sectors 0 [ 69.506348][ T5337] stripe 0 [ 69.506353][ T5337] stripe_redundancy 0 [ 69.506357][ T5337] io_time[READ] 1 [ 69.506363][ T5337] io_time[WRITE] 768 [ 69.506368][ T5337] fragmentation 0 [ 69.506373][ T5337] bp_start 7 [ 69.506377][ T5337] [ 69.506382][ T5337] invalid data type (got 3 should be 9), deleting [ 69.557121][ T5337] bcachefs (loop0): btree node read error at btree backpointers level 0/0 [ 69.557152][ T5337] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 4a8b0fa43a9980a6 written 24 min_key POS_MIN durability: 1 ptr: 0:37:0 gen 0 [ 69.557159][ T5337] loop0 node offset 0/24 bset u64s 0: invalid bkey format: field 4 too large: 0 + 1099511627776 > 4294967295 [ 69.557165][ T5337] u64s 3 fields 64:0, 64:0, 32:0, 0:0, 0:1099511627776, 0:0 [ 69.557170][ T5337] flagging btree backpointers lost data [ 69.557176][ T5337] ret btree_node_read_validate_error [ 69.584733][ T5337] bcachefs (loop0): error reading btree root btree=backpointers level=0: btree_node_read_error, fixing [ 69.591795][ T5337] bcachefs (loop0): check_topology... done [ 69.596907][ T5337] bcachefs (loop0): accounting_read... done [ 69.601213][ T5337] bcachefs (loop0): alloc_read... done [ 69.605484][ T5337] bcachefs (loop0): snapshots_read... done [ 69.609396][ T5337] bcachefs (loop0): check_allocations... [ 69.613760][ T5337] bcachefs (loop0): bucket 0:26 data type btree ptr gen 0 missing in alloc btree [ 69.613783][ T5337] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0, fixing [ 69.631733][ T5337] bcachefs (loop0): bucket 0:38 data type btree ptr gen 0 missing in alloc btree [ 69.631747][ T5337] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7589ab5e0c11cc7a written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing [ 69.647212][ T5337] bcachefs (loop0): bucket 0:41 data type btree ptr gen 0 missing in alloc btree [ 69.647226][ T5337] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing [ 69.661136][ T5337] bcachefs (loop0): bucket 0:35 data type btree ptr gen 0 missing in alloc btree [ 69.661151][ T5337] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c0bef60d07ceb940 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing [ 69.675813][ T5337] bcachefs (loop0): bucket 0:29 data type btree ptr gen 0 missing in alloc btree [ 69.675828][ T5337] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing [ 69.688722][ T5337] bcachefs (loop0): bucket 0:1 gen 0 has wrong data_type: got free, should be sb, fixing [ 69.693952][ T5337] bcachefs (loop0): bucket 0:1 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing [ 69.699523][ T5337] bcachefs (loop0): bucket 0:2 gen 0 has wrong data_type: got free, should be sb, fixing [ 69.704485][ T5337] bcachefs (loop0): bucket 0:2 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing [ 69.710171][ T5337] bcachefs (loop0): bucket 0:3 gen 0 has wrong data_type: got free, should be sb, fixing [ 69.716904][ T5337] bcachefs (loop0): bucket 0:3 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing [ 69.722886][ T5337] bcachefs (loop0): bucket 0:4 gen 0 has wrong data_type: got free, should be sb, fixing [ 69.727519][ T5337] bcachefs (loop0): bucket 0:4 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing [ 69.733778][ T5337] bcachefs (loop0): bucket 0:5 gen 0 has wrong data_type: got free, should be sb, fixing [ 69.738132][ T5337] bcachefs (loop0): bucket 0:5 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing [ 69.743654][ T5337] bcachefs (loop0): bucket 0:6 gen 0 has wrong data_type: got free, should be sb, fixing [ 69.747539][ T5337] bcachefs (loop0): bucket 0:6 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing [ 69.753211][ T5337] bcachefs (loop0): bucket 0:7 gen 0 has wrong data_type: got free, should be sb, fixing [ 69.757675][ T5337] bcachefs (loop0): bucket 0:7 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing [ 69.763212][ T5337] bcachefs (loop0): bucket 0:8 gen 0 has wrong data_type: got free, should be sb, fixing [ 69.767927][ T5337] bcachefs (loop0): bucket 0:8 gen 0 data type sb has wrong dirty_sectors: got 0, should be 8, fixing [ 69.773847][ T5337] bcachefs (loop0): bucket 0:9 gen 0 has wrong data_type: got free, should be journal, fixing [ 69.778453][ T5337] bcachefs (loop0): bucket 0:9 gen 0 data type journal has wrong dirty_sectors: got 0, should be 256, fixing [ 69.787486][ T5337] bcachefs (loop0): bucket 0:10 gen 0 has wrong data_type: got free, should be journal, fixing [ 69.793996][ T5337] bcachefs (loop0): bucket 0:10 gen 0 data type journal has wrong dirty_sectors: got 0, should be 256, fixing [ 69.804285][ T5337] bcachefs (loop0): bucket 0:11 gen 0 has wrong data_type: got free, should be journal, fixing [ 69.804301][ T5337] Ratelimiting new instances of previous error [ 69.813932][ T5337] bcachefs (loop0): bucket 0:11 gen 0 data type journal has wrong dirty_sectors: got 0, should be 256, fixing [ 69.813947][ T5337] Ratelimiting new instances of previous error [ 69.834490][ T5337] done [ 69.836271][ T5337] bcachefs (loop0): going read-write [ 69.844194][ T5337] bcachefs (loop0): journal_replay... done [ 69.923459][ T5337] bcachefs (loop0): check_alloc_info... [ 69.924712][ T5337] bcachefs (loop0): hole in alloc btree missing in freespace btree [ 69.924739][ T5337] device 0 buckets 28-29, fixing [ 69.940888][ T5337] bcachefs (loop0): bucket incorrectly unset in need_discard btree [ 69.940901][ T5337] u64s 13 type alloc_v4 0:37:0 len 0 ver 0: [ 69.940906][ T5337] gen 0 oldest_gen 0 data_type need_discard [ 69.940911][ T5337] journal_seq_nonempty 6 [ 69.940915][ T5337] journal_seq_empty 0 [ 69.940918][ T5337] need_discard 1 [ 69.940921][ T5337] need_inc_gen 1 [ 69.940924][ T5337] dirty_sectors 0 [ 69.940927][ T5337] stripe_sectors 0 [ 69.940930][ T5337] cached_sectors 0 [ 69.940933][ T5337] stripe 0 [ 69.940936][ T5337] stripe_redundancy 0 [ 69.940941][ T5337] io_time[READ] 1 [ 69.940946][ T5337] io_time[WRITE] 1024 [ 69.940951][ T5337] fragmentation 0 [ 69.940955][ T5337] bp_start 8 [ 69.940959][ T5337] , fixing [ 69.995437][ T5337] done [ 69.997303][ T5337] bcachefs (loop0): check_lrus... done [ 69.999711][ T5337] bcachefs (loop0): check_btree_backpointers... done [ 70.005548][ T5337] bcachefs (loop0): check_backpointers_to_extents... done [ 70.009216][ T5337] bcachefs (loop0): check_extents_to_backpointers... [ 70.010223][ T5337] bcachefs (loop0): scanning for missing backpointers in 10/128 buckets [ 70.018431][ T5337] done [ 70.020776][ T5337] bcachefs (loop0): check_alloc_to_lru_refs... [ 70.023917][ T5337] bcachefs (loop0): missing fragmentation lru entry [ 70.023929][ T5337] u64s 12 type alloc_v4 0:34:0 len 0 ver 0: [ 70.023935][ T5337] gen 0 oldest_gen 0 data_type user [ 70.023940][ T5337] journal_seq_nonempty 5 [ 70.023946][ T5337] journal_seq_empty 134217728 [ 70.023951][ T5337] need_discard 1 [ 70.023956][ T5337] need_inc_gen 1 [ 70.023962][ T5337] dirty_sectors 16 [ 70.023968][ T5337] stripe_sectors 1802251 [ 70.023973][ T5337] cached_sectors 0 [ 70.023977][ T5337] stripe 0 [ 70.023982][ T5337] stripe_redundancy 0 [ 70.023987][ T5337] io_time[READ] 1 [ 70.023992][ T5337] io_time[WRITE] 512 [ 70.023998][ T5337] fragmentation 0 [ 70.024003][ T5337] bp_start 7 [ 70.024008][ T5337] , fixing [ 70.069395][ T5337] done [ 70.071145][ T5337] bcachefs (loop0): bucket_gens_init... done [ 70.080618][ T5337] bcachefs (loop0): check_snapshot_trees... done [ 70.084277][ T5337] bcachefs (loop0): check_snapshots... [ 70.084893][ T5337] bcachefs (loop0): snapshot points to missing/incorrect tree: [ 70.084902][ T5337] u64s 8 type snapshot 0:4294967295:0 len 0 ver 0: subvol parent 0 children 0 0 subvol 1 tree 0, fixing [ 70.107726][ T5337] done [ 70.109684][ T5337] bcachefs (loop0): check_subvols... done [ 70.120022][ T5337] bcachefs (loop0): check_subvol_children... done [ 70.125955][ T5337] bcachefs (loop0): delete_dead_snapshots... done [ 70.129328][ T5337] bcachefs (loop0): check_inodes... done [ 70.146520][ T5337] bcachefs (loop0): check_extents... done [ 70.149559][ T5337] bcachefs (loop0): check_indirect_extents... done [ 70.156307][ T5337] bcachefs (loop0): check_dirents... done [ 70.159779][ T5337] bcachefs (loop0): check_xattrs... done [ 70.172127][ T5337] bcachefs (loop0): check_root... done [ 70.174692][ T5337] bcachefs (loop0): check_unreachable_inodes... done [ 70.177633][ T5337] bcachefs (loop0): check_subvolume_structure... done [ 70.180489][ T5337] bcachefs (loop0): check_directory_structure... done [ 70.202063][ T5337] bcachefs (loop0): check_nlinks... done [ 70.205154][ T5337] bcachefs (loop0): check_rebalance_work... done [ 70.208084][ T5337] bcachefs (loop0): resume_logged_ops... done [ 70.210730][ T5337] bcachefs (loop0): delete_dead_inodes... done [ 70.222643][ T5337] bcachefs (loop0): set_fs_needs_rebalance... done [ 70.261577][ T5337] bcachefs (loop0): done starting filesystem [ 70.293499][ T5337] bcachefs (loop0): requested incompat feature 1.16: reflink_p_may_update_opts currently not enabled, allowed up to 1.16: reflink_p_may_update_opts [ 70.293499][ T5337] set version_upgrade=incompat to enable [ 70.312036][ T25] audit: type=1800 audit(1751588708.855:2): pid=5337 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.0" name="file1" dev="loop0" ino=536870912 res=0 errno=0 [ 70.356076][ T5338] ------------[ cut here ]------------ [ 70.358672][ T5338] truncate spotted in mem i_size < btree i_size: 10 < 12288 [ 70.362910][ T25] audit: type=1804 audit(1751588708.925:3): pid=5338 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.0" name="/newroot/0/file0/file1" dev="loop0" ino=536870912 res=1 errno=0 [ 70.371852][ T25] audit: type=1800 audit(1751588708.925:4): pid=5338 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.0" name="file1" dev="loop0" ino=536870912 res=0 errno=0 [ 70.402558][ T5337] syz.0.0 (5337) used greatest stack depth: 14504 bytes left [ 70.405682][ T5338] WARNING: CPU: 0 PID: 5338 at fs/bcachefs/fs-io.c:474 bchfs_truncate+0xa3b/0xc20 [ 70.409405][ T5338] Modules linked in: [ 70.411204][ T5338] CPU: 0 UID: 0 PID: 5338 Comm: syz.0.0 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 70.415823][ T5338] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 70.420375][ T5338] RIP: 0010:bchfs_truncate+0xa3b/0xc20 [ 70.422957][ T5338] Code: 00 74 0a 48 8b 7c 24 20 e8 a2 fe e8 fd 4c 8b 7c 24 20 49 8b 37 48 8b 94 24 00 01 00 00 48 c7 c7 00 b7 d4 8b e8 46 24 49 fd 90 <0f> 0b 90 90 e9 95 fa ff ff e8 a7 7b 85 fd 4c 8b 7c 24 50 4c 89 ff [ 70.430838][ T5338] RSP: 0018:ffffc9000d5cf540 EFLAGS: 00010246 [ 70.433353][ T5338] RAX: bc4335e4bfe7ff00 RBX: 1ffff1100a5fd988 RCX: ffff888037230000 [ 70.436638][ T5338] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002 [ 70.441026][ T5338] RBP: ffffc9000d5cf7d0 R08: 0000000000000003 R09: 0000000000000004 [ 70.444548][ T5338] R10: dffffc0000000000 R11: fffffbfff1bfa9fc R12: ffff888052fecc40 [ 70.447900][ T5338] R13: ffff888052fecd00 R14: 000000000000000a R15: ffff888052fec7e8 [ 70.451237][ T5338] FS: 00007f80c1f786c0(0000) GS:ffff88808d21c000(0000) knlGS:0000000000000000 [ 70.455503][ T5338] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 70.458534][ T5338] CR2: 00007ff53e3fe000 CR3: 0000000044600000 CR4: 0000000000352ef0 [ 70.462275][ T5338] Call Trace: [ 70.463790][ T5338] [ 70.465124][ T5338] ? __pfx_bchfs_truncate+0x10/0x10 [ 70.467577][ T5338] ? __bch2_trans_get+0x9c2/0xd80 [ 70.469704][ T5338] ? __pfx_bch2_subvol_is_ro+0x10/0x10 [ 70.472234][ T5338] ? setattr_prepare+0x1e7/0xac0 [ 70.474370][ T5338] ? bch2_setattr+0x1a7/0x220 [ 70.476390][ T5338] ? __pfx_bch2_setattr+0x10/0x10 [ 70.478248][ T5338] notify_change+0xb33/0xe40 [ 70.480177][ T5338] do_truncate+0x1a4/0x220 [ 70.482230][ T5338] ? __pfx_do_truncate+0x10/0x10 [ 70.484370][ T5338] ? apparmor_file_truncate+0x23e/0x2d0 [ 70.486710][ T5338] path_openat+0x306c/0x3830 [ 70.488736][ T5338] ? arch_stack_walk+0xfc/0x150 [ 70.490793][ T5338] ? __pfx_path_openat+0x10/0x10 [ 70.492938][ T5338] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.495847][ T5338] do_filp_open+0x1fa/0x410 [ 70.497772][ T5338] ? __lock_acquire+0xab9/0xd20 [ 70.499765][ T5338] ? __pfx_do_filp_open+0x10/0x10 [ 70.502173][ T5338] ? _raw_spin_unlock+0x28/0x50 [ 70.504181][ T5338] ? alloc_fd+0x64c/0x6c0 [ 70.506034][ T5338] do_sys_openat2+0x121/0x1c0 [ 70.508206][ T5338] ? __pfx_do_sys_openat2+0x10/0x10 [ 70.510255][ T5338] ? exc_page_fault+0x76/0xf0 [ 70.514003][ T5338] ? do_user_addr_fault+0xc8a/0x1390 [ 70.516187][ T5338] __x64_sys_openat+0x138/0x170 [ 70.518355][ T5338] do_syscall_64+0xfa/0x3b0 [ 70.520274][ T5338] ? lockdep_hardirqs_on+0x9c/0x150 [ 70.522521][ T5338] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.525156][ T5338] ? clear_bhb_loop+0x60/0xb0 [ 70.527238][ T5338] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.529822][ T5338] RIP: 0033:0x7f80c118e929 [ 70.531743][ T5338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 70.539737][ T5338] RSP: 002b:00007f80c1f78038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 70.543460][ T5338] RAX: ffffffffffffffda RBX: 00007f80c13b6080 RCX: 00007f80c118e929 [ 70.546854][ T5338] RDX: 0000000000020200 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 70.550277][ T5338] RBP: 00007f80c1210b39 R08: 0000000000000000 R09: 0000000000000000 [ 70.553686][ T5338] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 70.557009][ T5338] R13: 0000000000000001 R14: 00007f80c13b6080 R15: 00007ffdb13a8968 [ 70.560482][ T5338] [ 70.562045][ T5338] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 70.565354][ T5338] CPU: 0 UID: 0 PID: 5338 Comm: syz.0.0 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) [ 70.570145][ T5338] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 70.574478][ T5338] Call Trace: [ 70.575914][ T5338] [ 70.577152][ T5338] dump_stack_lvl+0x99/0x250 [ 70.579041][ T5338] ? __asan_memcpy+0x40/0x70 [ 70.580972][ T5338] ? __pfx_dump_stack_lvl+0x10/0x10 [ 70.583313][ T5338] ? __pfx__printk+0x10/0x10 [ 70.585249][ T5338] panic+0x2db/0x790 [ 70.586867][ T5338] ? __pfx_panic+0x10/0x10 [ 70.588864][ T5338] ? show_trace_log_lvl+0x4fb/0x550 [ 70.591065][ T5338] __warn+0x31b/0x4b0 [ 70.592762][ T5338] ? bchfs_truncate+0xa3b/0xc20 [ 70.594854][ T5338] ? bchfs_truncate+0xa3b/0xc20 [ 70.596792][ T5338] report_bug+0x2be/0x4f0 [ 70.598567][ T5338] ? bchfs_truncate+0xa3b/0xc20 [ 70.600537][ T5338] ? bchfs_truncate+0xa3b/0xc20 [ 70.602662][ T5338] ? bchfs_truncate+0xa3d/0xc20 [ 70.604688][ T5338] handle_bug+0x84/0x160 [ 70.606536][ T5338] exc_invalid_op+0x1a/0x50 [ 70.608584][ T5338] asm_exc_invalid_op+0x1a/0x20 [ 70.610707][ T5338] RIP: 0010:bchfs_truncate+0xa3b/0xc20 [ 70.613086][ T5338] Code: 00 74 0a 48 8b 7c 24 20 e8 a2 fe e8 fd 4c 8b 7c 24 20 49 8b 37 48 8b 94 24 00 01 00 00 48 c7 c7 00 b7 d4 8b e8 46 24 49 fd 90 <0f> 0b 90 90 e9 95 fa ff ff e8 a7 7b 85 fd 4c 8b 7c 24 50 4c 89 ff [ 70.621372][ T5338] RSP: 0018:ffffc9000d5cf540 EFLAGS: 00010246 [ 70.624289][ T5338] RAX: bc4335e4bfe7ff00 RBX: 1ffff1100a5fd988 RCX: ffff888037230000 [ 70.628088][ T5338] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002 [ 70.631512][ T5338] RBP: ffffc9000d5cf7d0 R08: 0000000000000003 R09: 0000000000000004 [ 70.634791][ T5338] R10: dffffc0000000000 R11: fffffbfff1bfa9fc R12: ffff888052fecc40 [ 70.638105][ T5338] R13: ffff888052fecd00 R14: 000000000000000a R15: ffff888052fec7e8 [ 70.641629][ T5338] ? __pfx_bchfs_truncate+0x10/0x10 [ 70.643714][ T5338] ? __bch2_trans_get+0x9c2/0xd80 [ 70.645844][ T5338] ? __pfx_bch2_subvol_is_ro+0x10/0x10 [ 70.648063][ T5338] ? setattr_prepare+0x1e7/0xac0 [ 70.650129][ T5338] ? bch2_setattr+0x1a7/0x220 [ 70.652124][ T5338] ? __pfx_bch2_setattr+0x10/0x10 [ 70.654210][ T5338] notify_change+0xb33/0xe40 [ 70.656204][ T5338] do_truncate+0x1a4/0x220 [ 70.658111][ T5338] ? __pfx_do_truncate+0x10/0x10 [ 70.660211][ T5338] ? apparmor_file_truncate+0x23e/0x2d0 [ 70.662435][ T5338] path_openat+0x306c/0x3830 [ 70.664458][ T5338] ? arch_stack_walk+0xfc/0x150 [ 70.666572][ T5338] ? __pfx_path_openat+0x10/0x10 [ 70.668711][ T5338] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.671305][ T5338] do_filp_open+0x1fa/0x410 [ 70.673236][ T5338] ? __lock_acquire+0xab9/0xd20 [ 70.675375][ T5338] ? __pfx_do_filp_open+0x10/0x10 [ 70.677651][ T5338] ? _raw_spin_unlock+0x28/0x50 [ 70.679849][ T5338] ? alloc_fd+0x64c/0x6c0 [ 70.681721][ T5338] do_sys_openat2+0x121/0x1c0 [ 70.683698][ T5338] ? __pfx_do_sys_openat2+0x10/0x10 [ 70.685982][ T5338] ? exc_page_fault+0x76/0xf0 [ 70.687935][ T5338] ? do_user_addr_fault+0xc8a/0x1390 [ 70.690140][ T5338] __x64_sys_openat+0x138/0x170 [ 70.692061][ T5338] do_syscall_64+0xfa/0x3b0 [ 70.693981][ T5338] ? lockdep_hardirqs_on+0x9c/0x150 [ 70.695922][ T5338] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.698171][ T5338] ? clear_bhb_loop+0x60/0xb0 [ 70.699934][ T5338] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.702290][ T5338] RIP: 0033:0x7f80c118e929 [ 70.704170][ T5338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 70.712303][ T5338] RSP: 002b:00007f80c1f78038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 70.715814][ T5338] RAX: ffffffffffffffda RBX: 00007f80c13b6080 RCX: 00007f80c118e929 [ 70.719239][ T5338] RDX: 0000000000020200 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 70.722693][ T5338] RBP: 00007f80c1210b39 R08: 0000000000000000 R09: 0000000000000000 [ 70.726206][ T5338] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 70.729519][ T5338] R13: 0000000000000001 R14: 00007f80c13b6080 R15: 00007ffdb13a8968 [ 70.732592][ T5338] [ 70.734250][ T5338] Kernel Offset: disabled [ 70.736100][ T5338] Rebooting in 86400 seconds..