program:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a34000000000a4f1c0000000000000000020000000900010073797a300000000008000240000000020900010073797a310000000014000000110001"], 0x5c}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x34, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x4}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWCHAIN={0x30, 0x3, 0xa, 0x801, 0x0, 0x0, {0x2}, [@NFTA_CHAIN_ID={0x8}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x4}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x14}}, 0x58}}, 0x0)
syz_mount_image$bcachefs(&(0x7f00000000c0), &(0x7f0000000180)='./file1\x00', 0x818001, &(0x7f0000000100)=ANY=[@ANYBLOB='discard,acl,errors=continue,inline_data,fsck,nochanges,nocow,nocow_e\\abled,fix_errors=no,\x00'], 0x1, 0x5964, &(0x7f0000005b80)="$eJzs3X+QXFW9IPBzu3synZn8mAR4RJDJEMh7PHiaCb8K5dUz762/CpCKhaWEjcJAJhhNQioJQgJKcMGFAiy0tBT1D7SQWjRSVMEqkRL5sQmrKMXqUltIra7oVrmFLCmBSFmuszUz9/T03Ok7t6e7JyTw+RTM7XP69Pece+7pO/ecvpkOAAAAvCnsu3HbgfOPec9PPzv86nXv/+Gm60NveSy/Ggv0pdurX68WcjB1V5aMbbPj4h+u+c7vBy77t5/c1/Pt1/auO379r959xGUPfeKcPXd8/dFX5j/wt+eL4sbxdPJEOnkxCaH6o/1f/tzeJ48ezUtCCOWkb1cIi5LFjy5KMiEG/xJCWJcmfrtw8pP3v3ra+tHt9bd0T8rPFDPe3+Sq6TjbeeCqU8Kv/3XNDT9feu/3una/sGuiSFKtG08hLLik/vVd6f9z03QcbUvii9Pt6hBCT93rzipo1wlNtn9FTvrYdDsn3fYWxInPL8ukS5ly2XTUldn2FNTXrrx2tFquyLxMOnsyaldeO2P+onT7g3R78gzjl+P/SSgloVJr/sZkYoyEuuOWhGTsWFZr6VLt2IZ0/zPpJJMuZdLlrsx+jdWbDrRykkzOj+Uy+fF0XEnzj68/VzdwQU7+W9JtNX2jvhbTIftgXO+UB7X9GhPbtX+athwMpbpzUKP82jhLD0ZvmtebLJ7ympEG4nN719y6vLz2sX19Oe1I7kvS+MnYuJtp/J0/WzTvY9+9+colefEvKaXxS2PHYKbxf3PuUy9ddPO3vpYb//YYv9xS/FMf7nnx3MdvXJbXP3F49YZKS/GHnn/itqVHXro7t/13xv6vtnR8V+15qnv+gYcfyT2+g7F/5rYU/7mz3/u7e5558IXc+CHG72mpf9bu2fL57v4DJ+XGfyT2T29r4+fl3Wc+29//h4G8+E/H+PNbin/3rjveedfCW87JPb6rY//0tRT/vBMfumHegQePyzt3Jnd26jcnwJvTEek11k1perp5Zvc088x21c0XvjpQGb9unZf+P7+TFWUuPkfrWdDJ+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQQjjqlP/6vt9+uO/FSpruTh88Vxrfxvw5ISRzQwjbtg9t3b5h8+UDn7jiyq2bhzYODG0fGN68feuOgdP/aWDr8JaNQztGnx1822njr1sckvFtctyUurtHRkZKfZPzYn3/7sTdv15+1v/5YwiDR/2yv5Lb/hV3bLrryAY/M5JVI+/adOX5vzzjm+l+9aXt6mvQrpGRkZGQ067/e+Ff7/ri/t+fFMLg303Xriee+5cfT2rQWMZEnFSpO4w3qDvpadiOWqvT9sT+qqzfsHF4cPr+HX19OWc//v01L/xl/dVf+Ot4/1Zz96PJ/p27amRj6Strzvt/X7l2PKOoXbX9yLRrto97UX/HvYjti/1XTft7QbpfC3L2q5LT3zf+/JFnfnTMza/sCoOVl5dOrbtov7rSAdCVvKWpemMNPcmiSfnVtHw84vF1K7Zv2rJi246db9uwaejy4cuHN79j5ekrzxw848wzVozt+YoO73+s/++b3P9mx1O23pmNp4Wf2vWD+LO58VTUrqL+GG1XcX/Utyjv/ddzwee+9I47Hj9/PKNonMfStfdhuu0ZPc4rQ914m9pXjfarqB9CCAON+uGlV84JR/+PDTcUnYfqj0z9z4xk1ciTy/70zbO+seSfxzMOynm+vkEtnudrrZ5oz1h/VdPjMXKI9m93KKf71duwXSuffLzr1n1//HStfXPmhKuHtm/funL857y0pfOSYxu2K5sb92vp2M9ySLsl1IZpg/E6qiuMty97/ozFs73amz7XmyxuuF9Z8bm9a25dXl772L68nk7uG69xbpg/vk3emlNyY+aF5VqDG9V/qL7/Go6Pvol29b/vGw98+IHvnz5lfJw6/rNov5Kc/br3mbu/9O0v/Mfvd26/3vcvT/X96X9+fHnchcPjvFJrddqepP68cmoIRe+/paHxfuS+/0qN96fo/ZetZ6J843gDmXRvKBe/X6thyvv11Id7Xjz38RuX5b5f9zf7fr12Uqpc8H49VMZP9v2VVCa3Y/beX5MGSrJq5Cc3HbHr0etWHzOeUTSua6UbjevTmph/5OzXjy96tv+Kgf/w3zt33vjOP91/8a+GVn1mPKP14x7b0pnjXk37t5rTv7VWx3lnff++/bIrNq4bzz90r3/TbcH8J55Ktu3Y+cmhjRuHt25rbr+a/X0a68n2cqu/T+PZbXHBfpWm7NfsPWimv5p9v8X2r2u5vya/33pD0tJ13M6fLZr3se/efGXflFelFV1SSuOXWor/m3Ofeumim7/1tdz4t8f4lZbiDz3/xG1Lj7x0d278O5M0frWl+Kv2PNU9/8DDj+TGH4ztn9tS/OfOfu/v7nnmwRdy44cYv7e1/n9595nP9vf/ITf+00laz+g1Ugj3v3ra+vF0ErrS91tsR9ekdoVsOsmkS5l0uT5dGltrrdQqKCdJXX5duTT/+Lq2NPKRnPx4FVZdMr59LaZD9sH0+YeaUt25v1F+0XUqAMAbXfz8P16Dxs//h9MLpfyVBpjQ7jxsSU7cOA+bWM+ZM+n5JWn8+Pq4Dtj/9jA4ur1+YPxCf6afI8T3Q3adM9Zz0gmTY7S6zlm0/r4sk47tGl8vr9TNQ1NT5zWV0MT6+9R6pl9/z+x+8fr4wE1TmjVQt26VPX5d6YpZo/sdMu2tjEbIGx/ZdbF4P0f/grB6rL4mx0f2Ppp4HLL30cR6jsmcOFu9j6bd8RGbPc34GGty8ecbU49fmKZ/J45f42jZ4zeD410dLT/bn892YN2w4Snt4K0bNvF5WIP4zX4eVluXXDW1zHTx3yzrkq/PumFoet0w5sf9qDS5nvjhnPxm1hPr1+Xy1hPj6SK2a/80bTkYrCcCb1Rx/h9/R4zO/0cvwP+cKVd0HZq9aozxcu8TKjduT9G8Y+p9ej0t/R5fu2fL57v7D5yUe53zSLP3/WyZlOopuO+nqB+XZ9KF/ZizQNNovvfneydel62nqN+z92X0hvkt9fvdu+54510Lbzknt99Xj/8iLe73L01KzS/o98NgvtA4/httvuA+hsnxO3QfQ9H62es2H0lvfJqt+ciHcvJnen9Dz5QHtf0ac9jNR7oObrsAgMNHnP/XPj9L5///KxZIryOK5q0nZ9IxXu68Nef6JO9zyg+k26sz5XvTf1Ex0+vm80586IZ5Bx48Lnfecmez89D/NCnVVzgPbW/enDuPWN2Z+8Vz5xG1eVZ788Tc9tfmie3N03Pj1+bp7c2jc/unNo9ubx0gN35tHeBwn+cWrNdlKovJZtfr3rDz6PSfz87WPPqCnPyZzqN7pzyo7dcY82gAgNdXnP/Hy7g4/388U67dz9lz5wUdum7P/j2QWvynD9a8crbnfbM9b53tef1sr0sc7vPi2V4Xmt11sjf9vDit1LwYAIBDWZz/z03T+fP/9uYnjeZvXZPmJ+bnDeObnx8i8/PDff3L/N/n4sXM/wEA3tji/D/+s8f49//+S5rO/t168/Sc+Obp5unTjZ+m5+mdX2cL7gN4fdcB5k6Utw4AAMDroWtspjT139l/NN1m/5193r/LvyinfLMq6eXxpdu3Dg9ffOWWdUPbhy/efMW64W0XX7V1w/btw5vHy7U7b8ydt6Tzxq5QSfujcbnsvG1h+vcQFub8PYRs+Rj22LEHU/8eQrbauQV/R2Di+DXX3rzjV5qmfKPxkXe88+J/JKd8VDv+l3381IvXb7t4w+YN2zcMbdywc3hyudFZa88MvjczdsuMvi8182OK0sy/v7Mz7ShNaUdX2h9538+eZNqxKG3JorzvP8hp90//2xc/deLIX+8JYfCo8lvb6r9k1ch/vnD4A9v3/XLLaPvnTtv+Wsm0XUXfV5otH/ensvGKbdtPWX/FlZuz3yjZmrieUaqlZ2k9I337l5tcn1ibkz/T+xTKUx4cmppenwAAYJL4+X+8no2fH34hvYCK+c3P09v7/Dh3nj7Y3Dw9+71kRfP0bPm4v83O06ttztOz9RfN0xuVbzRPz5t358X/UE75mWp+nLR3n0fuOLmkuXGS/T6DonGSLT/TcZK0OU6y9ReNk0blG42TvOOeF/+DOeXzND8e2rsvJ3c83N7cePjHTLpoPGTLz3Q8lNocD9n6i8ZDo/KNxkPe8c2Lf35O+WZNHh+jA2NsXAxffNUVWz9ZV262v/+i/fbN7vd/tKr59s/ufV+z3/6Gnw8kebsQCzR7X9nst7+9+8py2/90eythzbd/dr/fpVUHbb02vdms6P6zonXcNTn5M13HnTPlwaHJOi68fuL8P37cE+f/t6TbTn8MdPh/T5rvMWsYv0PfY1Z0HeP3+TSVHQL8PgcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoTndlydh2343bDpx/zHt++tnhV697/w83Xf8P13zn9wOX/dtP7uv59mt71x2//lfvPuKyhz5xzp47vv7oK/Mf+NvzhYH7xn5WTk6T1RCSF5MQqj/a/+XP7X3y6NG8JIRQTvp2hbAoWfzooiQTYfAvIYR1tXZOfvL+V09bP7q9/pbuSfkLM0Gy+xV6y7E99e0M4erCPeIwVE3H2c4DV50Sfv2va274+dJ7v9e1+4VdE0WSat14CmHBJfWv7wohzE3/HxVH25L44nS7OoTQU/e6swradUKT7V+Rkz423c5Jt70FceLzyzLpUqZcNh11ZbY9BfW1K68drZYrMi+Tzp6M2pXXzpi/KN3+IN2ePMP45fh/EkpJqNSavzGZGCOh7rglIRk7ltVaulQ7tiHd/0w6yaRLmXS5K7NfY/WmA62cJJPzY7lMfjwdV9L84+vP1Q1ckJP/lnRbTd+or8V0yD4Y1zvlQW2/xsR27Z+mLQdDqe4c1Ci/duDTg9Gb5vUmi6e8ZqSB+NzeNbcuL699bF9fTjuS+5I0ftJS/J0/WzTvY9+9+colefEvKaXxSy3F/825T7100c3f+lpu/Ntj/HJL8U99uOfFcx+/cVlu/+yP/VNpKf7Q80/ctvTIS3fntv/OGL/aUvxVe57qnn/g4Udy2z8Y+2duS/GfO/u9v7vnmQdfyI0fYvyeluKv3bPl8939B07Kjf9I7J/e1sbPy7vPfLa//w8DefGfjvHntxT/7l13vPOuhbeck3t8V8f+6Wsp/nknPnTDvAMPHpd37kzu7NRvToA3pyPSa6yb0nSr88x21c0XvjpQGb/mm5f+P7+TFWWM1rNgFuMDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDG9ItrT//ohe/64JpKEkKSU2akgfhcec6qVQMt1Dv0/BO3LT3y0t31eUtaiAMAAAAUi/PwUi2nGpaEq5K54diG5eMawbExlUzOz64hxDjZNYJW45Q6FKfcoTiVDsXp6lCcOR2K092hONWCONXQXJy508SpjI6KJtvTM217mo/T26E48zoUZ36H4izoUJyFHYrTN22c5sfhog7FWdyhOEeMJ7vajXNkh9pzVIfi/F2H4hzdoTjZNeWZjsP5aclj8uKMPSgXxqkk5doTjdbTj07rOa7NenoL6plf9Pu4yXrmNlnPCZnXlWZYT7XJev6+zXqSJuv5xzbrKRXUE8ft1dn2xXpiqsnxv6NDcXa2F+d/x+utazrUnms7FOfTHYrzmQ7Fua7NOADNivP/ifleX+iu/HPoSc842VWAON9dOvZz6u+7vBNSjPfWTP6conjZiXom3tKZti+7gJCJtyyT3zUpXqU2H5kmXrU+3vLMk4X7m11QyLTv5Ex+d1G87MICAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMyiX1x7+kcvfNcH14QkjP7X0EgD8bnynFWrBlqod++aW5eX1z62rz6vu9JCIAAAAKBQnId31XKqobuyMnQncyaVq6brANU0Xe4b3/YvCKtHt8lAaSzdkyya9nWV9HUrtm/asmLbjp1v27Bp6PLhy4c3v2Pl6SvPHDzjzDNWrN+wcXhw/GcI3QXxQghjyw/bduz85NDGjcNbt41nZtu/JH3dkjSdpK/rf3sYHN1en7Z/cUF9pSn17Xj27PGnJnI69KDg0AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/H927S5EzquMA/h5Z2ZnptvGrPRrGprNkI8StWgSt5Jq6b4gWGiTkKUgs9W1BJtgcdOENimxjk3AtiYoQksgRHJhJBZbizf9sEXsB4FIjQbcGKQt2gu9UFqtpCUXkjKS3TmzM5OZzDqWpk1/v4v3nTnnOeeZMxcL/3cHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3ndT1ZGJyujY+GASQtKlptZBnMvm07TcR9+vPrf1h4XhU8ubxwq5PjYCAAAAeoo5fKAxUgyFXDZkw1XT7xafueTrE2E29wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB89U9WRicro2PjFSQhJl5paB3Eum0/Tch99X3/7ic+9Mjz89+axUh/7AAAAAL3FHJ5pjBRDKSwJA8lVLXXx2cCCtvXtdXGfhXOsa3920K1uyRzrrplj3Sd61K2r33cEAAAA+PCL+T/XGBkKhdy8rvm/V66PdYva6rL1ez+/FQAAAAD+PzH/FxojpVDIlRp5vXPe39l4H/P+4ra6uL7X/+3j+mVd1vf6f/7a+t3/6QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgw2OqOjJRGR0bzyYhJF1qah3EuWw+Tct99F31/OA/bzn84OLmsUKuj40AAACAnmIOn43exVDIDYaBcPF07h++6cBTX37qmZEQwkzMz+fDjg3btt29auYa61YePTzwgyNvfqexTaxbOXM9L4cDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADeU1PVkYnK6Nj4RUkISZeaWgdxLptP03IffV/7wpf++tiJZ99oHiv1sQ8AAADQW8zhs9m/GEohH/Lhiul3zVn/jEzb+m7PDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIALxz3fuu+bGyYnN97thRdeeNF4cb7/MgEAAO+1RSEJtf/RlevP96cGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+CKaqIxOV0bHxYhJC0qWm1kGcy+bTtNxH3/S5Y4V5p55/sXms1Mc+AAAAQG8xh89m/2IohYEwEC6fftfpmcB0/h96Hz8kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8IEyVR2ZqIyOjc9LQki61NQ6iHPZfJqW++j76K79nz80//s3N48Vcn1sBAAAAPQUc3i+MVIMhdwnQyFcXX8/2bogydbvnZ8LzK7b2rJscM7rqi3rsnNet7vtZLn6aWbWFeN+QzP3xrry2evKTetKodG+3LIu7G1ZNa/H5wwAAABwHsX8X2iMDIVCrtCUc3/WUj8k5wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXUxVRyYqo2PjSRJC0qWm1kGcy+bTtNxH3/t+9/FLvvbzPdubx0p97AMAAAD0FnP4bPYvhlJYGD4WFk7n/jDUWh/r/lU5feiRf/9teQgrrjg+nGvf9sfxxW9eu/GF9ksImdbqTAjz6/2SLv1++4dH7l1aO/1YCCsuz159Vr9w7n6zarVyktaermxcu+3I8a29vx8AAAC4EMT8P9AYGQqF3F1d839M3j3yf8N0AJ9/765fXla/1hN524rMUL1fpku/Ly594i/LVv/jzTP5/1z9PrN/86HLWhrOjLRJ0tro5u3rjl93MBNPPdM/29Y/fi9f+fYb/9m04+HTM/2LoVgfX5Dr1P/sa5uL0tpkZt/4mnf3VVv757qc/8Hfv3ji1wv2vHOm/9uLBhv9rznH+c/df/DWh/Zev//wutb+IYRyp/5vvXNzuPJPdz7Qfv7Bto2bv/nma5skrR1dfPLg6gOlG1r7J2394/f/ixOP7v3pw997JvaPvxVZvmSu/TNt/V/efemul3auX9DaP9Pl/C/c9srwlvJ3/9h+/jtads11/RRnn//xa5+8/dUN6f3tUwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABeWqerIRGV0bDyThJB0qal1EOey+TQt99H39VuOvXXbnp/8qHms1Mc+AAAAQG8xh89m/2IohXzIh8Hp3P90ZePabUeObw1DM7NJ/Z6b3HLPtk9t2rL9rjvO0ycHAAAA5irm/1xjZCgUckvDQD3/j27evu74dQczMf9nYv7fdOfkxhWhUffy7kt3vbRz/YLGc4IQpn8WUDxT99nZuptuPDZ08s/fWNaxbtVs3dHFJw+uPlC6IdaF5rqVofF84vFrn7z91Q3p/Y3P11z36a9vmaw/noj7Dt760N7r9x9e1zhH/T5Y3zfWTWb2ja95d1811mXr92L93AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA2aaqIxOV0bHxkA0h6VJT6yDOZfNpWu6j75qlv3rgklPPLmweK+T62AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4L/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYb9+QuMo+ziAP89u8mabTdqkfcGomKZVUerBoiCiFxUVaUUKnipFqq09iIIgotSDqbRiqYoXweqliApqlIKCjcXSKqn4r3jxoIJC9SCUYkC7FA8q2X1mu5nuuDqpgvr5wPDkeWbmO7+Z59nZLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP8oA31jzfbwjvsbt5xzw0eP3nXikZveuXfbRQ+/+t3Epus+3Dv40smZzSu2fHn9sk37714zvfv5Qz8Nv/XL0Z7BD7WaValbCyEejyHU3p195rGZj8+aG4shhGocmQxhNC49NBpzCat/DiFsbtc5f+ebJy7fMtdu2zUwb3xJLiR/X6FezeppGZlfL/8utbTOtjYevCR8fe367Z8uf+P1/qljk6cOibWO9RTC4o2d5/eHEBalbU622sayk1O7LoQw2HHelT3qOv8P1n9pQf/c1P4vtfUeOdn+lbl+JXdcvp/pz7WDPa63UEV1lD2ul6FcP/8yWqiiOrPx0dS+ndpVfzK/mm0xVGLoa5d/Tzy1RkLHvMUQm3NZa/cr7bkN6f5z/ZjrV3L9an/uvprXTQutGuP88ey43Hj2Ou5L4ys639Vd3FowfnZqa+mDejLrh/wfLfXT/mjfV1NW1+zv1PJ3qHS8g7qNtyc+TUY9jdXj0tPO+bWLbN/M+icurG547/BIQR1xb0z5sVT+1k9Gh25/becDY0X5Gyspv1Iq/5u1R364becLzxXmP53lV0vlX3Zg8Pja93esLHw+s9nz6SuVf8fRD55c/v87p7rNdTN/T5ZfK5V/zfSRgeHGgYOF9a/Ons+iUvlfXX3jt698vu9YYX7I8gdL5W+Yvu+pgfHGxYX5B1sfhXpzhZZYPz9OXfHF+Pj3E0X5n2XPf7hLfuyZ//Lk7qteXLJrTeH6XJc9n5FS9d98wf7tQ4195xW9O+OeM/XNCfDftCz9j/V46pf9nblQHb8Xnp3oa30DDaVt+ExeKGfuOov/wnwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDf2IEDEgAAAABB/1+3I1AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeCgAA//9L2SYy")
[ 85.307302][ T45] Bluetooth: hci0: command tx timeout
[ 85.385519][ T5346] nftables ruleset with unbound chain
[ 85.853035][ T5346] loop0: detected capacity change from 0 to 32768
[ 86.106769][ T5346] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,fsck,fix_errors=no,nochanges,nojournal_transaction_names,read_only,nocow
[ 86.106788][ T5346] allowing incompatible features above 0.0: (unknown version)
[ 86.106795][ T5346] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 86.143096][ T5346] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[ 86.151922][ T5346] bcachefs (loop0): invalid journal entry, version=1.7: mi_btree_bitmap type=clock in superblock: bad rw, fixing
[ 86.161719][ T5346] bcachefs (loop0): invalid journal entry, version=1.7: mi_btree_bitmap type=blacklist in superblock: invalid journal seq blacklist entry: bad size, fixing
[ 86.173374][ T5346] bcachefs (loop0): invalid bkey in superblock btree=xattrs level=1: u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 2285c34bed0abe32 written 16 min_key POS_MIN durability: 0 crc: c_size 1 size 1 offset 0 nonce 0 csum none 12010b:10004000b compress none
[ 86.173392][ T5346] has non ptr field, deleting
[ 86.203082][ T5346] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[ 86.416091][ T5346] bcachefs (loop0): error reading btree root btree=alloc level=0: btree_node_read_error, fixing
[ 86.515386][ T11] cfg80211: failed to load regulatory.db
[ 86.577919][ T5346] bcachefs (loop0): check_topology... done
[ 86.647983][ T5346] bcachefs (loop0): accounting_read... done
[ 86.670588][ T5346] bcachefs (loop0): alloc_read... done
[ 86.694812][ T5346] bcachefs (loop0): snapshots_read... done
[ 86.701084][ T5346] bcachefs (loop0): check_allocations...
[ 86.710200][ T5346] bcachefs (loop0): btree ptr not marked in member info btree allocated bitmap
[ 86.710227][ T5346] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing
[ 86.759928][ T5346] bcachefs (loop0): bucket 0:41 data type btree ptr gen 0 missing in alloc btree
[ 86.759943][ T5346] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing
[ 86.808172][ T5346] bcachefs (loop0): btree ptr not marked in member info btree allocated bitmap
[ 86.808187][ T5346] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 28f61e078e70b95c written 16 min_key POS_MIN durability: 1 ptr: 0:28:0 gen 0, fixing
[ 86.846143][ T5346] bcachefs (loop0): bucket 0:28 data type btree ptr gen 0 missing in alloc btree
[ 86.846159][ T5346] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 28f61e078e70b95c written 16 min_key POS_MIN durability: 1 ptr: 0:28:0 gen 0, fixing
[ 86.897213][ T5346] bcachefs (loop0): key version number higher than recorded 0
[ 86.897228][ T5346] u64s 5 type set 0:34:0 len 1 ver 8323072, not fixing
[ 86.915846][ T5346] bcachefs (loop0): btree ptr not marked in member info btree allocated bitmap
[ 86.915861][ T5346] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing
[ 86.956497][ T5346] bcachefs (loop0): bucket 0:29 data type btree ptr gen 0 missing in alloc btree
[ 86.956512][ T5346] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing
[ 86.972181][ T5346] bcachefs (loop0): btree ptr not marked in member info btree allocated bitmap
[ 86.972199][ T5346] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 4a8b0fa43a9980a6 written 24 min_key POS_MIN durability: 1 ptr: 0:37:0 gen 0, fixing
[ 87.016026][ T5346] bcachefs (loop0): bucket 0:37 data type btree ptr gen 0 missing in alloc btree
[ 87.016041][ T5346] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 4a8b0fa43a9980a6 written 24 min_key POS_MIN durability: 1 ptr: 0:37:0 gen 0, fixing
[ 87.044658][ T5346] bcachefs (loop0): btree ptr not marked in member info btree allocated bitmap
[ 87.044675][ T5346] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 1db8f60c84bb244c written 8 min_key POS_MIN durability: 1 ptr: 0:42:0 gen 0, fixing
[ 87.071341][ T5346] bcachefs (loop0): bucket 0:42 data type btree ptr gen 0 missing in alloc btree
[ 87.071357][ T5346] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 1db8f60c84bb244c written 8 min_key POS_MIN durability: 1 ptr: 0:42:0 gen 0, fixing
[ 87.126655][ T5346] done
[ 87.146849][ T5346] bcachefs (loop0): going read-write
[ 87.154796][ T5346] bcachefs (loop0): journal_replay... done
[ 87.241400][ T5346] bcachefs (loop0): check_alloc_info...
[ 87.242526][ T5346] bcachefs (loop0): hole in alloc btree missing in freespace btree
[ 87.242549][ T5346] device 0 buckets 9-16, fixing
[ 87.281631][ T5346] bcachefs (loop0): hole in alloc btree missing in freespace btree
[ 87.281647][ T5346] device 0 buckets 24-25, fixing
[ 87.301348][ T5346] bcachefs (loop0): hole in alloc btree missing in freespace btree
[ 87.301361][ T5346] device 0 buckets 26-28, fixing
[ 87.320080][ T5346] bcachefs (loop0): hole in alloc btree missing in freespace btree
[ 87.320094][ T5346] device 0 buckets 31-33, fixing
[ 87.335030][ T5346] bcachefs (loop0): hole in alloc btree missing in freespace btree
[ 87.335044][ T5346] device 0 buckets 34-36, fixing
[ 87.357396][ T4692] Bluetooth: hci0: command tx timeout
[ 87.370347][ T5346] bcachefs (loop0): hole in alloc btree missing in freespace btree
[ 87.370360][ T5346] device 0 buckets 38-39, fixing
[ 87.416086][ T5346] done
[ 87.418404][ T5346] bcachefs (loop0): check_lrus...
[ 87.419345][ T5346] bcachefs (loop0): incorrect lru entry: lru fragmentation time 134217728
[ 87.419361][ T5346] u64s 5 type set 18446462598867058688:6597069766690:0 len 0 ver 0
[ 87.419369][ T5346] for u64s 5 type deleted 0:6597069766690:0 len 0 ver 0, fixing
[ 87.477477][ T5346] done
[ 87.483502][ T5346] bcachefs (loop0): check_btree_backpointers...
[ 87.488680][ T5346] bcachefs (loop0): backpointer for nonexistent alloc key: 0:27:0
[ 87.488698][ T5346] u64s 9 type backpointer 0:7077888:0 len 0 ver 0: bucket=0:27:0 btree=extents level=1 data_type=btree suboffset=0 len=256 gen=0 pos=SPOS_MAX, fixing
[ 87.551020][ T5346] bcachefs (loop0): backpointer for nonexistent alloc key: 0:31:0
[ 87.551034][ T5346] u64s 9 type backpointer 0:8126464:0 len 0 ver 0: bucket=0:31:0 btree=xattrs level=1 data_type=btree suboffset=0 len=256 gen=0 pos=SPOS_MAX, fixing
[ 87.624676][ T5346] bcachefs (loop0): backpointer for nonexistent alloc key: 0:34:0
[ 87.624695][ T5346] u64s 9 type backpointer 0:8912896:0 len 0 ver 0: bucket=0:34:0 btree=extents level=0 data_type=user suboffset=0 len=8 gen=0 pos=4099:8:U32_MAX, fixing
[ 87.654348][ T5346] bcachefs (loop0): backpointer for nonexistent alloc key: 0:34:0
[ 87.654361][ T5346] u64s 9 type backpointer 0:8921088:0 len 0 ver 0: bucket=0:34:8 btree=extents level=0 data_type=user suboffset=0 len=8 gen=0 pos=536870913:24:U32_MAX, fixing
[ 87.693662][ T5346] done
[ 87.699355][ T5346] bcachefs (loop0): check_backpointers_to_extents... done
[ 87.713464][ T5346] bcachefs (loop0): check_extents_to_backpointers...
[ 87.714737][ T5346] bcachefs (loop0): scanning for missing backpointers in 2/128 buckets
[ 87.733727][ T5346] done
[ 87.735548][ T5346] bcachefs (loop0): check_alloc_to_lru_refs... done
[ 87.745830][ T5346] bcachefs (loop0): check_snapshot_trees... done
[ 87.759241][ T5346] bcachefs (loop0): check_snapshots... done
[ 87.762104][ T5346] bcachefs (loop0): check_subvols... done
[ 87.765764][ T5346] bcachefs (loop0): check_subvol_children... done
[ 87.779875][ T5346] bcachefs (loop0): delete_dead_snapshots... done
[ 87.782796][ T5346] bcachefs (loop0): check_inodes... done
[ 87.786262][ T5346] bcachefs (loop0): check_extents... done
[ 87.789321][ T5346] bcachefs (loop0): check_indirect_extents... done
[ 87.792498][ T5346] bcachefs (loop0): check_dirents...
[ 87.792875][ T5346] bcachefs (loop0): key in missing snapshot dirents u64s 7 type dirent 4096:189491840996961599:U32_MAX len 0 ver 0: file0 -> 4098 type dir, not deleting
[ 87.806081][ T5346] bcachefs (loop0): key in missing inode, found keys:
[ 87.806095][ T5346] u64s 7 type dirent 4096:189491840996961599:U32_MAX len 0 ver 0: file0 -> 4098 type dir
[ 87.806103][ T5346] u64s 7 type dirent 4096:1896155912177158345:U32_MAX len 0 ver 0: file3 -> 536870913 type reg
[ 87.806111][ T5346] u64s 7 type dirent 4096:2695648408715017799:U32_MAX len 0 ver 0: file2 -> 536870913 type reg
[ 87.806132][ T5346] u64s 7 type dirent 4096:4330382808765833931:U32_MAX len 0 ver 0: file1 -> 536870912 type reg
[ 87.806139][ T5346] u64s 8 type dirent 4096:8130059955150870709:U32_MAX len 0 ver 0: lost+found -> 4097 type dir
[ 87.806147][ T5346] u64s 8 type dirent 4096:9097378837824744618:U32_MAX len 0 ver 0: file.cold -> 536870914 type reg
[ 87.806154][ T5346] , fixing
[ 87.912750][ T5346] bcachefs (loop0): hash table key at wrong offset: should be at 4937826038822822694
[ 87.912766][ T5346] u64s 7 type dirent 4096:189491840996961599:U32_MAX len 0 ver 0: file0 -> 4098 type dir, fixing
[ 87.932789][ T5346] bcachefs (loop0): key in missing snapshot dirents u64s 7 type dirent 4096:1896155912177158345:U32_MAX len 0 ver 0: file3 -> 536870913 type reg, not deleting
[ 87.956866][ T5346] bcachefs (loop0): hash table key at wrong offset: should be at 9057550619070527505
[ 87.956914][ T5346] u64s 7 type dirent 4096:1896155912177158345:U32_MAX len 0 ver 0: file3 -> 536870913 type reg, fixing
[ 87.979879][ T5346] bcachefs (loop0): key in missing snapshot dirents u64s 7 type dirent 4096:2695648408715017799:U32_MAX len 0 ver 0: file2 -> 536870913 type reg, not deleting
[ 87.995084][ T5346] bcachefs (loop0): hash table key at wrong offset: should be at 259505621270485314
[ 87.995101][ T5346] u64s 7 type dirent 4096:2695648408715017799:U32_MAX len 0 ver 0: file2 -> 536870913 type reg, fixing
[ 88.009856][ T5346] bcachefs (loop0): key in missing snapshot dirents u64s 7 type dirent 4096:4330382808765833931:U32_MAX len 0 ver 0: file1 -> 536870912 type reg, not deleting
[ 88.028853][ T5346] bcachefs (loop0): hash table key at wrong offset: should be at 3078665112670770627
[ 88.028868][ T5346] u64s 7 type dirent 4096:4330382808765833931:U32_MAX len 0 ver 0: file1 -> 536870912 type reg, fixing
[ 88.047486][ T5346] bcachefs (loop0): key in missing snapshot dirents u64s 7 type dirent 4096:4937826038822822694:U32_MAX len 0 ver 0: file0 -> 4098 type dir, not deleting
[ 88.068583][ T5346] bcachefs (loop0): dirent points to missing inode:
[ 88.068629][ T5346] u64s 7 type dirent 4096:4937826038822822694:U32_MAX len 0 ver 0: file0 -> 4098 type dir, fixing
[ 88.090643][ T5346] ==================================================================
[ 88.101207][ T5346] BUG: KASAN: use-after-free in bch2_check_dirents+0x1fac/0x33f0
[ 88.105940][ T5346] Read of size 1 at addr ffff8880555e3098 by task syz.0.0/5346
[ 88.110779][ T5346]
[ 88.112263][ T5346] CPU: 0 UID: 0 PID: 5346 Comm: syz.0.0 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full)
[ 88.112281][ T5346] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 88.112289][ T5346] Call Trace:
[ 88.112297][ T5346]
[ 88.112303][ T5346] dump_stack_lvl+0x189/0x250
[ 88.112322][ T5346] ? __virt_addr_valid+0x1c8/0x5c0
[ 88.112337][ T5346] ? rcu_is_watching+0x15/0xb0
[ 88.112351][ T5346] ? __kasan_check_byte+0x12/0x40
[ 88.112365][ T5346] ? __pfx_dump_stack_lvl+0x10/0x10
[ 88.112376][ T5346] ? rcu_is_watching+0x15/0xb0
[ 88.112388][ T5346] ? lock_release+0x4b/0x3e0
[ 88.112401][ T5346] ? __virt_addr_valid+0x1c8/0x5c0
[ 88.112415][ T5346] ? __virt_addr_valid+0x4a5/0x5c0
[ 88.112429][ T5346] print_report+0xd2/0x2b0
[ 88.112439][ T5346] ? bch2_check_dirents+0x1fac/0x33f0
[ 88.112452][ T5346] kasan_report+0x118/0x150
[ 88.112467][ T5346] ? bch2_check_dirents+0x1fac/0x33f0
[ 88.112480][ T5346] bch2_check_dirents+0x1fac/0x33f0
[ 88.112495][ T5346] ? bch2_check_dirents+0x2f1/0x33f0
[ 88.112508][ T5346] ? desc_read+0x1b8/0x3f0
[ 88.112521][ T5346] ? prb_first_seq+0xfd/0x1a0
[ 88.112533][ T5346] ? __pfx_bch2_check_dirents+0x10/0x10
[ 88.112546][ T5346] ? __pfx_prb_first_seq+0x10/0x10
[ 88.112559][ T5346] ? desc_read+0x1b8/0x3f0
[ 88.112572][ T5346] ? this_cpu_in_panic+0x4f/0x80
[ 88.112625][ T5346] ? _prb_read_valid+0xa07/0xa90
[ 88.112637][ T5346] ? console_flush_all+0x13a/0xc40
[ 88.112653][ T5346] ? up+0xde/0x150
[ 88.112726][ T5346] ? __console_unlock+0x14c/0x1a0
[ 88.112742][ T5346] ? __pfx___console_unlock+0x10/0x10
[ 88.112756][ T5346] ? bch2_trans_put+0x961/0x1220
[ 88.112771][ T5346] ? kfree+0x4d/0x440
[ 88.112789][ T5346] ? prb_read_valid+0x3c/0x60
[ 88.112802][ T5346] ? console_unlock+0x21b/0x270
[ 88.112816][ T5346] ? __pfx_console_unlock+0x10/0x10
[ 88.112831][ T5346] ? vprintk_emit+0x63e/0x7a0
[ 88.112850][ T5346] ? __bch2_print+0x176/0x220
[ 88.112873][ T5346] ? bch2_check_dirents+0x2f1/0x33f0
[ 88.112887][ T5346] ? _raw_spin_unlock_irq+0x23/0x50
[ 88.112902][ T5346] ? lockdep_hardirqs_on+0x9c/0x150
[ 88.112920][ T5346] __bch2_run_recovery_passes+0x395/0x1010
[ 88.112941][ T5346] bch2_run_recovery_passes+0x184/0x210
[ 88.112955][ T5346] bch2_fs_recovery+0x2690/0x3a50
[ 88.112967][ T5346] ? check_noncircular+0xe0/0x160
[ 88.112986][ T5346] ? __pfx_bch2_fs_recovery+0x10/0x10
[ 88.113002][ T5346] ? __lock_acquire+0xab9/0xd20
[ 88.113016][ T5346] ? __lock_acquire+0xab9/0xd20
[ 88.113028][ T5346] ? __lock_acquire+0xab9/0xd20
[ 88.113045][ T5346] ? bch2_fs_start+0xa0f/0xda0
[ 88.113059][ T5346] ? up_write+0x1c4/0x420
[ 88.113073][ T5346] ? bch2_fs_start+0x5e7/0xda0
[ 88.113087][ T5346] bch2_fs_start+0xaaf/0xda0
[ 88.113101][ T5346] ? bch2_fs_start+0x5e7/0xda0
[ 88.113115][ T5346] ? __pfx_bch2_fs_start+0x10/0x10
[ 88.113133][ T5346] ? sget+0x267/0x620
[ 88.113146][ T5346] bch2_fs_get_tree+0xb39/0x1520
[ 88.113272][ T5346] ? __pfx_bch2_fs_get_tree+0x10/0x10
[ 88.113289][ T5346] ? aa_get_newest_label+0xf7/0x5d0
[ 88.113306][ T5346] ? vfs_parse_monolithic_sep+0x2df/0x310
[ 88.113323][ T5346] ? apparmor_capable+0x137/0x1b0
[ 88.113336][ T5346] vfs_get_tree+0x92/0x2b0
[ 88.113350][ T5346] do_new_mount+0x24a/0xa40
[ 88.113367][ T5346] __se_sys_mount+0x317/0x410
[ 88.113383][ T5346] ? __pfx___se_sys_mount+0x10/0x10
[ 88.113399][ T5346] ? do_syscall_64+0xbe/0x3b0
[ 88.113409][ T5346] ? __x64_sys_mount+0x20/0xc0
[ 88.113423][ T5346] do_syscall_64+0xfa/0x3b0
[ 88.113433][ T5346] ? lockdep_hardirqs_on+0x9c/0x150
[ 88.113448][ T5346] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.113459][ T5346] ? clear_bhb_loop+0x60/0xb0
[ 88.113472][ T5346] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.113482][ T5346] RIP: 0033:0x7ff2c3b900ca
[ 88.113495][ T5346] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 88.113505][ T5346] RSP: 002b:00007ff2c4a30e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 88.113519][ T5346] RAX: ffffffffffffffda RBX: 00007ff2c4a30ef0 RCX: 00007ff2c3b900ca
[ 88.113527][ T5346] RDX: 00002000000000c0 RSI: 0000200000000180 RDI: 00007ff2c4a30eb0
[ 88.113535][ T5346] RBP: 00002000000000c0 R08: 00007ff2c4a30ef0 R09: 0000000000818001
[ 88.113542][ T5346] R10: 0000000000818001 R11: 0000000000000246 R12: 0000200000000180
[ 88.113550][ T5346] R13: 00007ff2c4a30eb0 R14: 0000000000005964 R15: 0000200000000100
[ 88.113562][ T5346]
[ 88.113566][ T5346]
[ 88.392817][ T5346] The buggy address belongs to the physical page:
[ 88.395547][ T5346] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x555e3
[ 88.399203][ T5346] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 88.402728][ T5346] raw: 04fff00000000000 0000000000000000 ffffea00015578c8 0000000000000000
[ 88.406593][ T5346] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 88.412628][ T5346] page dumped because: kasan: bad access detected
[ 88.415630][ T5346] page_owner tracks the page as freed
[ 88.418207][ T5346] page last allocated via order 5, migratetype Unmovable, gfp_mask 0x42800(GFP_NOWAIT|__GFP_COMP), pid 5346, tgid 5345 (syz.0.0), ts 86380404342, free_ts 88087027119
[ 88.425829][ T5346] post_alloc_hook+0x240/0x2a0
[ 88.428270][ T5346] get_page_from_freelist+0x21e4/0x22c0
[ 88.431148][ T5346] __alloc_frozen_pages_noprof+0x181/0x370
[ 88.434089][ T5346] __alloc_pages_noprof+0xa/0x30
[ 88.436476][ T5346] ___kmalloc_large_node+0x85/0x210
[ 88.439354][ T5346] __kmalloc_large_node_noprof+0x18/0x90
[ 88.443005][ T5346] __kvmalloc_node_noprof+0x6d/0x5f0
[ 88.445849][ T5346] bch2_btree_node_read_done+0x3305/0x5520
[ 88.448738][ T5346] btree_node_read_work+0x426/0xe30
[ 88.451370][ T5346] bch2_btree_node_read+0x887/0x2a00
[ 88.453834][ T5346] bch2_btree_root_read+0x5f0/0x760
[ 88.456219][ T5346] read_btree_roots+0x2c6/0x840
[ 88.458555][ T5346] bch2_fs_recovery+0x261f/0x3a50
[ 88.461266][ T5346] bch2_fs_start+0xaaf/0xda0
[ 88.463583][ T5346] bch2_fs_get_tree+0xb39/0x1520
[ 88.465925][ T5346] vfs_get_tree+0x92/0x2b0
[ 88.467910][ T5346] page last free pid 5346 tgid 5345 stack trace:
[ 88.471637][ T5346] __free_pages_ok+0xa44/0xc20
[ 88.474420][ T5346] __folio_put+0x21b/0x2c0
[ 88.476510][ T5346] free_large_kmalloc+0x145/0x200
[ 88.478869][ T5346] btree_node_sort+0x117f/0x1760
[ 88.483286][ T5346] bch2_btree_post_write_cleanup+0x11f/0xad0
[ 88.486057][ T5346] bch2_btree_node_prep_for_write+0x337/0x650
[ 88.489209][ T5346] bch2_trans_lock_write+0x669/0xba0
[ 88.492059][ T5346] __bch2_trans_commit+0x2773/0x8870
[ 88.494838][ T5346] bch2_check_dirents+0x1c5c/0x33f0
[ 88.497372][ T5346] __bch2_run_recovery_passes+0x395/0x1010
[ 88.500759][ T5346] bch2_run_recovery_passes+0x184/0x210
[ 88.504041][ T5346] bch2_fs_recovery+0x2690/0x3a50
[ 88.507382][ T5346] bch2_fs_start+0xaaf/0xda0
[ 88.509886][ T5346] bch2_fs_get_tree+0xb39/0x1520
[ 88.530012][ T5346] vfs_get_tree+0x92/0x2b0
[ 88.538151][ T5346] do_new_mount+0x24a/0xa40
[ 88.540326][ T5346]
[ 88.541520][ T5346] Memory state around the buggy address:
[ 88.554000][ T5346] ffff8880555e2f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 88.557249][ T5346] ffff8880555e3000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 88.560575][ T5346] >ffff8880555e3080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 88.565155][ T5346] ^
[ 88.575563][ T5346] ffff8880555e3100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 88.582879][ T5346] ffff8880555e3180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 88.588328][ T5346] ==================================================================
[ 88.617412][ T5346] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 88.622616][ T5346] CPU: 0 UID: 0 PID: 5346 Comm: syz.0.0 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(full)
[ 88.628184][ T5346] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 88.636674][ T5346] Call Trace:
[ 88.638251][ T5346]
[ 88.639634][ T5346] dump_stack_lvl+0x99/0x250
[ 88.642004][ T5346] ? __asan_memcpy+0x40/0x70
[ 88.644184][ T5346] ? __pfx_dump_stack_lvl+0x10/0x10
[ 88.646619][ T5346] ? __pfx__printk+0x10/0x10
[ 88.649399][ T5346] panic+0x2db/0x790
[ 88.651325][ T5346] ? __pfx_panic+0x10/0x10
[ 88.653567][ T5346] ? _raw_spin_unlock_irqrestore+0xfd/0x110
[ 88.656198][ T5346] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 88.659633][ T5346] ? print_memory_metadata+0x314/0x400
[ 88.662435][ T5346] ? bch2_check_dirents+0x1fac/0x33f0
[ 88.667983][ T5346] check_panic_on_warn+0x89/0xb0
[ 88.673387][ T5346] ? bch2_check_dirents+0x1fac/0x33f0
[ 88.693863][ T5346] end_report+0x78/0x160
[ 88.695623][ T5346] kasan_report+0x129/0x150
[ 88.697582][ T5346] ? bch2_check_dirents+0x1fac/0x33f0
[ 88.699792][ T5346] bch2_check_dirents+0x1fac/0x33f0
[ 88.703634][ T5346] ? bch2_check_dirents+0x2f1/0x33f0
[ 88.708098][ T5346] ? desc_read+0x1b8/0x3f0
[ 88.714164][ T5346] ? prb_first_seq+0xfd/0x1a0
[ 88.718937][ T5346] ? __pfx_bch2_check_dirents+0x10/0x10
[ 88.721552][ T5346] ? __pfx_prb_first_seq+0x10/0x10
[ 88.724911][ T5346] ? desc_read+0x1b8/0x3f0
[ 88.728146][ T5346] ? this_cpu_in_panic+0x4f/0x80
[ 88.732644][ T5346] ? _prb_read_valid+0xa07/0xa90
[ 88.737551][ T5346] ? console_flush_all+0x13a/0xc40
[ 88.740650][ T5346] ? up+0xde/0x150
[ 88.743050][ T5346] ? __console_unlock+0x14c/0x1a0
[ 88.746143][ T5346] ? __pfx___console_unlock+0x10/0x10
[ 88.749399][ T5346] ? bch2_trans_put+0x961/0x1220
[ 88.752144][ T5346] ? kfree+0x4d/0x440
[ 88.755346][ T5346] ? prb_read_valid+0x3c/0x60
[ 88.758271][ T5346] ? console_unlock+0x21b/0x270
[ 88.763092][ T5346] ? __pfx_console_unlock+0x10/0x10
[ 88.766548][ T5346] ? vprintk_emit+0x63e/0x7a0
[ 88.770576][ T5346] ? __bch2_print+0x176/0x220
[ 88.773717][ T5346] ? bch2_check_dirents+0x2f1/0x33f0
[ 88.777452][ T5346] ? _raw_spin_unlock_irq+0x23/0x50
[ 88.780488][ T5346] ? lockdep_hardirqs_on+0x9c/0x150
[ 88.786777][ T5346] __bch2_run_recovery_passes+0x395/0x1010
[ 88.796650][ T5346] bch2_run_recovery_passes+0x184/0x210
[ 88.802885][ T5346] bch2_fs_recovery+0x2690/0x3a50
[ 88.808116][ T5346] ? check_noncircular+0xe0/0x160
[ 88.814476][ T5346] ? __pfx_bch2_fs_recovery+0x10/0x10
[ 88.818402][ T5346] ? __lock_acquire+0xab9/0xd20
[ 88.821783][ T5346] ? __lock_acquire+0xab9/0xd20
[ 88.827644][ T5346] ? __lock_acquire+0xab9/0xd20
[ 88.848100][ T5346] ? bch2_fs_start+0xa0f/0xda0
[ 88.866872][ T5346] ? up_write+0x1c4/0x420
[ 88.871553][ T5346] ? bch2_fs_start+0x5e7/0xda0
[ 88.873744][ T5346] bch2_fs_start+0xaaf/0xda0
[ 88.875816][ T5346] ? bch2_fs_start+0x5e7/0xda0
[ 88.889426][ T5346] ? __pfx_bch2_fs_start+0x10/0x10
[ 88.892501][ T5346] ? sget+0x267/0x620
[ 88.894442][ T5346] bch2_fs_get_tree+0xb39/0x1520
[ 88.899503][ T5346] ? __pfx_bch2_fs_get_tree+0x10/0x10
[ 88.909272][ T5346] ? aa_get_newest_label+0xf7/0x5d0
[ 88.917667][ T5346] ? vfs_parse_monolithic_sep+0x2df/0x310
[ 88.920545][ T5346] ? apparmor_capable+0x137/0x1b0
[ 88.928795][ T5346] vfs_get_tree+0x92/0x2b0
[ 88.931028][ T5346] do_new_mount+0x24a/0xa40
[ 88.933846][ T5346] __se_sys_mount+0x317/0x410
[ 88.937722][ T5346] ? __pfx___se_sys_mount+0x10/0x10
[ 88.940727][ T5346] ? do_syscall_64+0xbe/0x3b0
[ 88.943539][ T5346] ? __x64_sys_mount+0x20/0xc0
[ 88.946479][ T5346] do_syscall_64+0xfa/0x3b0
[ 88.949418][ T5346] ? lockdep_hardirqs_on+0x9c/0x150
[ 88.961371][ T5346] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.966575][ T5346] ? clear_bhb_loop+0x60/0xb0
[ 88.972894][ T5346] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.977410][ T5346] RIP: 0033:0x7ff2c3b900ca
[ 88.980630][ T5346] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 89.000317][ T5346] RSP: 002b:00007ff2c4a30e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 89.007989][ T5346] RAX: ffffffffffffffda RBX: 00007ff2c4a30ef0 RCX: 00007ff2c3b900ca
[ 89.020781][ T5346] RDX: 00002000000000c0 RSI: 0000200000000180 RDI: 00007ff2c4a30eb0
[ 89.029333][ T5346] RBP: 00002000000000c0 R08: 00007ff2c4a30ef0 R09: 0000000000818001
[ 89.037837][ T5346] R10: 0000000000818001 R11: 0000000000000246 R12: 0000200000000180
[ 89.043853][ T5346] R13: 00007ff2c4a30eb0 R14: 0000000000005964 R15: 0000200000000100
[ 89.048190][ T5346]
[ 89.050102][ T5346] Kernel Offset: disabled
[ 89.052284][ T5346] Rebooting in 86400 seconds..