program:
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x401, 0x0)
ioctl$SNAPSHOT_ATOMIC_RESTORE(r0, 0x3304)
r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
read$msr(r1, 0x0, 0x0)
ioctl$IOMMU_VFIO_IOAS$GET(0xffffffffffffffff, 0x3b88, &(0x7f0000000280)={0xc, <r2=>0x0})
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x8, &(0x7f0000001740)=ANY=[@ANYBLOB="620af8ff0c030021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc87c8e66dcd0223d73495cbff90326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c4649dd271c896249ed85b980680b00002b435aab9ee41e118996af9cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b201768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be581b8c64c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b76bd88c1e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa370246c167b096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726642111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d763319473cefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd574d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca4f8bc2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000001090a3d6c2e13bfa000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a3b770c8c9ec8b926f5a3615ff2a730e51067d5d675d0104361c37c61a43b5afd865b60d4cae891b73220f17d25979a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad726bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc22a6b5ab46ff33cc74f61751b22ae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e64701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4faa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a2689217380400a9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b6a000000000000000000000000000020bd79e41c682139c58ac1deb039a691ad640e12c12fe11d70fe495906f2d5d71778acec7b1257cdf445da1f748e51f733bd4eee53a3996cb0de84bdb89f7d92b89bfc2b059d60c0e96a53ea44e0b293865aa68df494f87db976e36ad6c06912244d4c883c4aaa60b4a1392ce0b2f2c519663b4652ff871e264bbd483723761707bf14cfe20f6dfff9f7d34ecf04be0a58c3d53174b67d1886e34b81ad8c60da56acc64739c3acab24aa8d0ac92d465074f915608b1b60a948bad4f1b1a7fb3627bbe6c45123ed44bfdf8cc143bd1b7a663dc3d0476b8e390200fc429e41f66b1e37ae52aacaff0f1dc8ea70b68c25072e20586b19127d75fa71577f265c5100000000000000000000000014c599d02bf9d6dd42853d3912e4a56eb00e2ca36496c020cbc522ba598cdd31d787970c44cd9c6b50ae30a4221d1070d828bd29bbabcad199b39902705273888485e70e92cde398fb375e17c94caaf9c8334dc4ad2c4e03b73a72526811d4b6a61da9c676b4b2bcb52050f00071343fc809e7caca153de43cb510eca88bfda4c9323691f44563feed23bc5de83e6a583c98df156d844fe5e3e2abac9dd8a08863a3643cc4a0000000000000000000008f19c288414529c2a0583e85c6647c10c7cfd3dfc11b25a7f95864f3a4999f4ded43f04c838159e30f3e2b1356de9d3803ecfc287f2af238084a08ae578861a9ad51e46e0863fd90f9881a6dbbaf440fadf7826fde8331f050688489124d903414ad2234a2312f254d8f7f975582e2e3f4e781de54a146b3699546bb473cb3b07fe44240b53c0947ef1c20fd96b67771add42a87a44ca48423d563bfa4a5b102cf36f36539263534cc06bd9e4e37de2f0add4b66ac4d7f032fecfa295091f477fa8d5a29a1a2beb0792756c2f28f18b36a300bb9ec1fd6238ed5f95f85c0f9be98880711bcd52d20e06647a67bac10516d1260c55dc7d9ccc3b59b4ef1feff807b374c9cc2aa7d267d6a9855e21d5c43c4a2db278fa5cf0af17710e8286d31525fbfef8dd06bbc4053c33188f287a75d7a1787a139c5ad38a5a4085faa6eb7bf161ee815c5ac06780efb0516962241777351a9716fb933a99d8bd13c599fbbf1998ee9782a7b2e7e8e41efe1ff33f1a43a769894e06409225853d73efa25fa7f23466a1787624459ade8cf0f6a24b195a2e086d22c83b8544c929d49af8413f5c9b730dbdb956907c55e441566555b799a121c4e23dc78acc1a07d618ad99dd1e1615135b9e255e72bfd69138bf1db92e40fa82baa255e4cf9b74d6a216de8f2aa181db8b50a5304d88b912ec62223a152910d5d4df65f0e9ecc0139d9b73d585c39413345445c7435c19044c00032a974e463ab17753982042e5285fab72c7b82c0eba9a15d3ec73cef7a808c1674b41c71ae7443aaff021468b2431aa7872d971add5b100af07fdebceb19cbb7655d3f7693e1ec12d25d4f7f3ce0fb1c67d59eadd4cbc31717b2ae580050c7c3bcbf352a2df1457d87e95bd716cfe674a34915576c0a2ef924b8a909ce9e9366516d9149bb6c9075ad1f960d14c8090f4616d1863efb28a0f4cc4f014b5bcfbca1a83d8cd9daf97fe0372c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x49)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000140)='mm_page_alloc\x00', r3}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x10, 0x3, &(0x7f0000000000)=@framed={{0x72, 0xa, 0x0, 0xffc4, 0x0, 0x69, 0x10, 0x3e}}, &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f00000002c0)={0xc, 0x0, <r4=>0x0})
ioctl$IOMMU_IOAS_COPY$syz(r1, 0x3b83, &(0x7f0000000300)={0x28, 0x10000, r2, r4, 0x3f7f82, 0x5, 0xa, 0x12fcdb})
syz_mount_image$bcachefs(&(0x7f0000000180), &(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x800000, &(0x7f00000001c0)={[{@no_splitbrain_check}, {@btree_node_prefetch}, {@norecovery}, {@fsck}, {@norecovery}, {@fix_errors={'fix_errors', 0x3d, 'ask'}}, {@recovery_pass_last={'recovery_pass_last', 0x3d, 'check_dirents'}}, {@reconstruct_alloc}, {@shared_inode_numbers}]}, 0xfe, 0x5971, &(0x7f0000000680)="$eJzs3X2QHGX9IPCnZ2azs7t52QT4EUE2S4CfCGo2vBW+lEbPtwKkYmEp4VBYyAajSUglQSCgBA88KMBCS0tR/0ALqUOjRRWcEikR5AKnKMXpUVdIHdwhf3iFHCmBHOV57tXs9jM72zu9PTs7GxLy+VSyPc8zPd/n6e5nevr7zOxOAAAA4KDwyPVb9559xId+++WRV6/56C82Xhv6ymP11bhCf7q84vXqIftSd2Xp2DI7Lt5y1Y+eH7z4A7+5u/eHr+1ee/S6P33wkIvv/9wZu2777kOvLLj3n88VxY3j6YSJcvJiEkL1l3u++ZXdjx1eq6uNvHLSvyOExcmShxYnmRBDfw8hrE0LSzN33vPqyetqy2tv6p5UvyiznvF+cKsd59rA2r738hPDM+9fc93vl/30J107X9gxsUpSbRhPISy8sPHxXSGEnvR/TRxtcTzGQbs6hNDb8LjTC/p1TIv9X5FTPjJdzkuXfQVx4v3LM+VSZr1sOerKLHsL2putvH60u16R+Zly9mQ0W3n9jPWL0+XP0+UJM4xfrp9PQykJlXr3NyQTYyQ0HLckJGPHslovl+rHNqTbnyknmXIpUy53ZbZrrN10oJWTZHJ9XC9TH0/HlbT+6MZzdRPn5NS/KV1W0yfqa7EcsjfG9U25Ud+uMbFfe6bpy75QajgHNauvH/j0YPSldX3JkimPGW0i3rd7zc090/UjuTtJ4ydtxd/+u8XzP/PjGy/Lvq7X419YSuP/39F24j975uMvnXfjD76TG//WGL/cVv9PeqD3xTMfvn55f178PXH/VNqKP/zco7csO/Sinbn9vz3Gr7YVf9Wux7sX7H3gwdz+D8X909NW/Kff/eE/3/XkfS/kxg8xfm9b8c/ftfmr3QN7j8+N/2DcP31txX/25Z2nPTUw8JfBvPhPxPgL2op/547b3nXHopvOyD2+q+P+6W8r/lnH3n/d/L33HZV37kxu79QrJ8DB6ZD0GuuGtNxunjlbDfnCtwcr49d889P/CzrZUObis9bOwtqN0WZXpQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQnsNO/M8f+Z+f7H+xkpa70xtPl8aXsX5eCElPCGHrtuEt29ZvumTwc5detmXT8IbB4W2DI5u2bbly8JS3DW4Z2bxh+MravUNvPzmE0BXCkpCMPX5JctSUtrtHR0dL/ZPrYnv/5tidzxx3+v/6awhDh/1xoJLb/xW3bbzj0CY/M5JVo+/beNnZfzz1++l29af96m/Sr9HR0dGQ06//fe4/7vj6nuePD2HoX6br16NPv/dXkzo0VjERJ1XqDuMd6k56m/aj3uu0P3F/Vdat3zAyNP3+rT2+nLMd//aqF/6+7oqv/WN8/1Zzt2PKnn3+mWar9awa3VD61pqz/t+3rh6vKOrX63Xci/Z33IrYv7j/qun+Xphu18Kc7arkbNf1v3/wyV8eceMrO8JQ5eVlU9su2q6udAB0JW9qqd3YQm+yeFJ9NV0/HvH4uBXbNm5esfXK7W9fv3H4kpFLRja9c+UpK08bOvW0U1eMbfmKDm9/bP9fW9z+fTOeFn1hx8/jz9bGU1G/ivZHrV/F+6OxR0371bNqtPecr3zjnbc9fPZ4RdE4j2vXzyfpsrd2nFeGhvE2dV81266i/RBCGGy2H1565Yxw+H9bf13ReajxyDT+zEhWjT62/G/fP/17S98zXrFPzvONHWrzPF/v9UR/xvZXNT0eo/vp/u0O5XS7+pr2a+VjD3fd/Mhfv1jv37x54Yrhbdu2rBz/OT/t6fzkyKb9ytbG7Vo29rMc0t0S6sO0yXgNY5ci4/3Lnj/j6tm92pfe15csabpdWfG+3WtuPq58/q8fydvTyd3jLfaEBePL5M05a27IPLBc73Cz9vfX51/R+Bj4yPfu/eS9Pztlyvg4afxn0XYlOdv10yfv/MYPv/bvf9a57frIex/v/9t//+xx4xUHynml3uu0P0njeeWkEIqef8tC8+3Iff6Vmm9P0fMv287E+s3jDWbKfaHc1vP1pAd6Xzzz4euX5z5f97T6fL16Uqlc8HzdX8ZP9vmVVCb3Y+6eX5MGSrJq9Dc3HLLjoWtWHzFeUTSu62s3G9cnt5B/5GzXr857auDSwX/3Xzt33vjR2+654E/Dq740XtH+cY996cxxr6b7t5qzf+u9jnln4/59x8WXblg7Xr//Xv+my4L8J55Ktl65/fPDGzaMbNna2na1+noa28nu5XZfT+PZbUnBdpWmbNfc3Whlf7X6fIv9X9v2/pr8fOsLSVuvC9t/t3j+Z35842X9Ux6VNnRhKY1faiv+s2c+/tJ5N/7gO7nxb43xK23FH37u0VuWHXrRztz4tydp/Gpb8Vfterx7wd4HHsyNPxT739NW/Kff/eE/3/XkfS/kxg8xfl97+//lnac9NTDwl9z4TyRpO7VrpBDuefXkdePlJHSlz7fYj65J/QrZcpIplzLlcmO5ND7XWm+gnCST6+N6af3RDX1p5lM59fEqrLp0fPlaLIfsjenr9zelhnN/s/qi61QAgDe6+P5/vAaN7/+PpBdK+TMNMGG2edjSnLgxD5uYz5k36f6lafz4+DgPOPCOMFRbXjs4fqE/0/cR4vMhO88Z2zn+mMkx2p3nLJp/X54px36Nz5dXGvLQ1NS8phJamH+f2s708++ZzS+eHx+8YUq3BhvmrbLHryudMWv2eYdMfyu1CHnjIzsvFj/PMbAwrB5rr8Xxkf0cTTwO2c/RxHaOyJw4W/y8ypTP0cx2fMRuTzM+xrpc/P7G1OMXptm/E8evebTs8ZvB8a7W1p/r92c7MG/Y9JS27+YN5/b9MPOSOfHTJ9j+Pm8Y6+N2VFqcT/xkTn2n5hPj6SL2a880fdkXzCcCb1Qx/4+vEbX8v3YB/n8y6xVdh2avGmO83M8JlZv3pyjvmPo5vd62XsfP37X5q90De4/Pvc55sNXP/WyeVOot+NxP0X48LlMu3I85EzRF+V62naL9nv1cRl9Y0NZ+v3PHbe+6Y9FNZ+Tu99XjL6TF+/0bk0oLCvb7AZAvNI8vXzgo8oW5nj973fKR9INPc5WPfCKnfqb5SO+UG/XtGnPA5SNd+7ZfAMCBI+b/9ffP0vz/f8QV0uuIorz1hEw5xsvNW3OuT/Ly1o+lyysy6/elv1Ex0+vms469/7r5e+87Kjdvub3VPPQ/TCr1F+aheXlzz5T1e5rkzbl5xOrOfF48N4+o51mzyxNz+1/PE2eXp+fGr+fpTfLocnH8mEfn7p96Hj27eYDc+PV5gAM9zy2Yr8s0Foutzte9YfPo9Ndn5yqPPienfqZ5dN+UG/XtGiOPBgB4fcX8P17Gxfz/4cx6s32fPTcv6NB1e/bvgdTjP7Gv8sq5zvtm9/5vcd4613n9XM9LHOh58ew+T1E8LzS382QHfV6cNjo5L57oibwYAID9Qcz/e9Jyfv4/u/ykWf7WNSk/kZ83jX+Q5ufx10P2n/z8QJ//2q/z/w+FAz3/j+WQvTGu/fx/3/4FFvk/AMAbW8z/4689xr//95/Scvbv1svTc+IfpHl6vE+e3qk8vfPzbMHnAF7feYCeifV9DgAAgNdD11imNPX37D+dLrO/Z5/3e/nn5azfqkp6eXzRti0jIxdctnnt8LaRCzZdunZk6wWXb1m/bdvIpvH1Zps35uYtad7YFSrp/mi+XjZvW5S+L7co5+8hZNePYY8cuzH17yFkm+0p+DsCE8evtf7mHb/SNOs3Gx95xzsv/qdy1o/qx//iz550wbqtF6zftH7b+uEN67ePTF6vlrX2zuB7M+NumdH3pT769I7akBm7NfatmRmlmX9/Z5v9mPRjyh8XLtX2d5J7/Gv9SDL9WJz2ZHHe9x/k9Pu3/+XrXzh29B93hTB0WPnNM+335JCrRv/juSMf2/bIHzfX+l+atv/1NdN+FX1faXb9uD2VDZdu3Xbiuksv25T9Rsn2xPmMUr08R/MZ6dO/3OL8xPk59TP9nEJ5yo39U8vzEwAATBLf/4/Xs/H9w6+lF1CxvvU8fXbvH+fm6UOt5enZ7yUrytOz68ftbTVPr84yT8+2X5SnN1u/WZ6el3fnxf9Ezvoz1fo4md3nPHLHyYWtjZPs9xkUjZPs+jMdJ8ksx0m2/aJx0mz9ZuMk77jnxf94zvp5Wh8Ps/tcTu54uLW18fDWTLloPGTXn+l4KM1yPGTbLxoPzdZvNh7yjm9e/LNz1m/V5PFRGxhj42Lkgssv3fL5hvXm+vsvZt+/uf3+j3a13v+5/dzX3Pd/bj9XNvf9n93nynL7/8TsZsJa7//cfr9Lu/bZfG36YbOiz58VzeOuyamf6TzuvCk39k/mceH1E/P/+HZPzP9vSpedfhvowP+eNN9j1jR+h77HrOg6xuv5NI3tB7yeAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALSmu7J0bPnI9Vv3nn3Eh3775ZFXr/noLzZe+5arfvT84MUf+M3dvT98bffao9f96YOHXHz/587Yddt3H3plwb3/fK4wcP/Yz8oJabEaQvJiEkL1l3u++ZXdjx1eq0tCCOWkf0cIi5MlDy1OMhGG/h5CWFvv5+Q773n15HW15bU3dU+qX5QJkt2u0FeO/WnsZwhXFG4RB6BqOs627738xPDM+9dc9/tlP/1J184XdkysklQbxlMICy9sfHxXCKEn/V8TR9vS+OB0uTqE0NvwuNML+nVMi/1fkVM+Ml3OS5d9BXHi/csz5VJmvWw56sosewvam628frS7XpH5mXL2ZDRbef2M9YvT5c/T5QkzjF+O/5NQSkKl3v0NycQYCQ3HLQnJ2LGs1sul+rEN6fZnykmmXMqUy12Z7RprNx1o5SSZXB/Xy9TH03ElrT+68VzdxDk59W9Kl9X0ifpaLIfsjXF9U27Ut2tM7NeeafqyL5QazkHN6usHPj0YfWldX7JkymNGm4j37V5z83Hl83/9SH9OP5K7kzR+0lb87b9bPP8zP77xsqV58S8spfFLbcV/9szHXzrvxh98Jzf+rTF+ua34Jz3Q++KZD1+/PHf/7In7p9JW/OHnHr1l2aEX7czt/+0xfrWt+Kt2Pd69YO8DD+b2fyjun5624j/97g//+a4n73shN36I8Xvbin/+rs1f7R7Ye3xu/Afj/ulrb/y8vPO0pwYG/jKYF/+JGH9By/G/2TMR/84dt73rjkU3nZF7fFfH/dPfVv/POvb+6+bvve+ovHNncnunXjkBDk6HpNdYN6TldvPM2WrIF749WBm/5puf/l/QyYYyau0snMP4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8Mf3h6lM+fe77Pr6mkoSQ5Kwz2kS8rzxv1arBNtodfu7RW5YdetHOxrqlbcQBAAAAisU8vFSvqYal4fKkJxzZdP04R3BkLCWT67NzCDFOdo6g3TilDsUpdyhOpUNxujoUZ16H4nR3KE61IE41tBanZ5o4ldqoaLE/vdP2p/U4fR2KM79DcRZ0KM7CDsVZ1KE4/dPGaX0cLu5QnCUdinNIh+Ic2qE4h3Uozr90KM7hHYqTnVOe6ThckK55RF6csRvlwjiVpFy/o9l8+uFpO0fNsp2+gnYWFL0et9hOT4vtHJN5XGmG7VRbbOdfZ9lO0mI7b51lO6WCduK4vSLbv9hOLLU4/q/sUJztHYpzVYfiXN2hOF/sUJwvdSjONbOMA9CqmP9P5Hv9obvyntCbnnGyswAx31029nPq613eCSnGe3Omfl5RvGyinom3bKb9y04gZOItz9R3TYpXqecj08SrNsY7LnNn4fZmJxQy/TshU99dFC87sQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAc+gPV5/y6XPf9/E1IQm1f02NNhHvK89btWqwjXZ3r7n5uPL5v36ksa670kYgAAAAoFDMw7vqNdXQXVkZupN5k9arpvMA1bRc7h9fDiwMq2vLZLA0Vu5NFk/7uEr6uBXbNm5esfXK7W9fv3H4kpFLRja9c+UpK08bOvW0U1esW79hZGj8ZwjdzeItmiivCmFs+mHrlds/P7xhw8iWreP12f4vTfuxNC0n6eMG3hGGastr0/4vKeh/aUp7c3ej+OgBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD/Z9fuYuQqyweAv2dmdmZY6J/9h6+hocukH6Qq0bYupihhTmIiCbRNNyRmBl1JI20kbmkDLak4QhMB22hMIE2aml5YU4kg8YYPIUY+0qQG0SZubQwQ5UIvNKCYQnqhJWO6O2d2ZnZOZx0aWurvd3HOmed93vc571xs8rw7AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH66p+thEtTJeG45CiFJyGj0kY9l8HJcHqPvl57d+vzB6Ynl7rJAbYCEAAACgr6QPH2pFiqGQy4ZsuHL60+LQNhBm+34AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB/z1R9bKJaGa9dGIUQpeQ0ekjGsvk4Lg9Q9813n/zMa6Ojf22PlQZYBwAAAOgv6cMzrUgxlMKSMBRd2ZGXnA0s7JrfnZess2ieed1nB2l5S+aZd8088z7WJ29d874jAAAAwEdf0v/nWpGRUMgtSO3/+/X1Sd7VXXnZ5n2Q3woAAAAAH0zS/xdakVIo5Eqtfn2+/f7irrxkfr//2yfzl6XM7/f//LXNu//TAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBHx1R9bKJaGa9loxCilJxGo5GZfZyRjGXzcVweoO6qF4b/fsuhhxa3xwq5ARYCAAAA+kr68NnWuxgKueEwFC6cbvZHb9r/9BeffnYshDDT5ufzYceGbdvuXjVzTfJWvnpo6HuH3/7WnLyVM9eztkEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCMmaqPTVQr47ULohCilJxGD8lYNh/H5QHqvvG5L/z58WPPvdUeKw2wDgAAANBf0ofP9v7FUAr5kA+XT39q7/VPyXTNTzszAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM4f93zjvq9vmJzceLcHDx7OzEMxhHAOvMYHezjbf5kAAIAz7eoQhcZ/6Yr1Z/utAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAc8FUfWyiWhmvFaMQopScRg/JWDYfx+UB6sbPHyksOPHCS+2x0gDrAAAAAP0lffhs718MpTAUhsJl0596nQlM9/8jH+JLAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOeUqfrYRLUyXlsQhRCl5DR6SMay+Tgup65eTB15bOe+zx68+Ls3t8cKuYG2AAAAAPSR9OH5VqQYCrmPh0K4qvl5snNClG3ee58LzM7b2jFteN7z6h3zsvOet6trZ7nmbmbmJScR2ZGZe2teee68ctu8UmiVL3fMC3s6Zi3o854BAAAAzqKk/y+0IiOhkCu09bk/6cgf0ecCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACmm6mMT1cp4LYpCiFJyGj0kY9l8HJcHqHvfb/7/oq/8dPf29lhpgHUAAACA/pI+fLb3L4ZSWBT+Lyya7vvDSGd+kveP6smDj/7zL8tDWHH50dFc97I/TB5+9caNL3ZfQsh0ZmdCuLhZL0qp9+vfPXrv0sbJx0NYcVn2qjn1wunrdS4ZN56pbly77fDRrX2+HAAAADhPJP3/UCsyEgq5u1L7/6Tz7tP/t0w34Bffu/PnlzavzY68a0ZmpFkvk1Lv80uf/NOy1X97+1T/f7p6n9q3+eClHQVnIl2iuFHZvH3d0esOZJJdz9TPdtVPvpcvffOtf23a8cjJmfrFUGzGF+Z61Z977XJB3JjM7K2teX9vvbN+LmX/D/32pWO/XLj7vVP13716uFX/mtPs//T1h299eM/1+w6t66wfQij3qv/OezeHK/5w54Pd+x/uWrj9m2+/donifzcWHz+wen/phs76UVf95Pv/2bHH9vz4ke88m9RPfiuyfMl862c66zde2XXJzpcfWL+ws34mZf8v3vba6Jbyt3/fvf87OlbNpb7FnP03nrj2qdtf3xDf3z0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwfpmqj01UK+O1TBRClJLT6CEZy+bjuDxA3TdvOfLObbt/9IP2WGmAdQAAAID+kj58tvcvhlLIh3wYnu77n6luXLvt8NGtYWRmNGrec5Nb7tn2iU1btt91x1l6cwAAAGC+kv4/14qMhEJuaRhq9v+VzdvXHb3uQCbp/zNJ/7/pzsmNK0Ir75Vdl+x8+YH1C1vnBCFM/yygeCrv07N5N914ZOT4H7+2rGfeqtm8VxcfP7B6f+mGJC+0560MrfOJJ6596vbXN8T3t96vPe+TX90y2TyeSNYdvvXhPdfvO7SutY/mfbi5bpI3mdlbW/P+3nqSl23ei819AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABzTdXHJqqV8VrIhhCl5DR6SMay+TguD1B3zdJfPHjRiecWtccKuQEWAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sAMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYX9+guRqorjAH7OzG477uzqrgZZ0bpaUdhDUhBBLxUVoRFCT4aEpfkQBUFEYQ9paCRW9BL050WCgmoLoSA3SbRYo3/SSw8VFFgPgUgL5SQ9tDEz546z17lNXS2oPh8Yzpxz7/3e3733zJkZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4F9laGBpqz2044HGrefd+PFjdx9/9OZ379t2ySOvfT+58fqP9gy/fGJm0/LNX92wZOO+e1ZPP//iwZ9H3/7tSN/gh9vNytSthRCPxRBq780++/jMJ+c0x2IIoRrHtoYwHhcfHI+5hFW/hhA2deqcv/Gt41dubrbbdg3NG1+UC8lfV6hXs3raxubXy39LLc2zLY2HLgvfXLdu+2fL3nxjcOro1pO7xFrXfAph4Ybu4wdDCAvSqymbbUuzg1O7NoQw3HXc1X3quvBP1n95Qf/81J6V2nqfnGz7ily/ktsv388M5tr2tf4yNzfX58QlFdVRdr9+RnL9/GJ0uorqzMbHU/tOalf+xfxq9oqhEsNAp/x748k5ErrmaAyx9SxrnX6l82xDuv5cP+b6lVy/Opi7rtZ500Srxjh/PNsvN54txwNpfHn3Wt3DbQXj56a2lj6oJ7J+yL9pq5/ypnNdLVlds39Qyz+h0rUG9RrvPPj0MOpprB4Xn3LMXA/Ztpl1T15cXf/+obGCOuKemPJjqfwtn46P3PH6zgeXFuVvqKT8Sqn8b9cc/vH2nS+9UJj/TJZfLZV/xf7hY2s+2LGi8P7MZvdnoFT+nUc+fGrZ2XdN9XrWrfzdWX6tVP6104eHRhv7DxTWvyq7PwtK5X99zU3fvfrF3qOF+SHLHy6Vv376/qeHJhqXFuYfaH8U6q0ZWmL+/DR11ZcTEz9MFuV/nt3/0R75sW/+K83fs4t2rS6cn2uz+zNWqv5bLtq3faSx94KitTPuPlPfnAD/T0vSb6wnUr/s/8zT1fV/4bnJgfY30Eh6jZ7JE+U0z7Pwb8wHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB3duCABAAAAEDQ/9ftCBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgqQAAAP//7VUboQ==")
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(r5, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x44, r6, 0x8, 0x70bd2b, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0xf}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x6}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x7}, @NL80211_ATTR_NAN_MASTER_PREF={0x5}]}, 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x20042890)

[   78.623601][ T1311] ieee802154 phy0 wpan0: encryption failed: -22
[   78.626449][ T1311] ieee802154 phy1 wpan1: encryption failed: -22
[   78.630235][ T4666] Bluetooth: hci0: command tx timeout
[   78.725011][ T5321] random: crng reseeded on system resumption
[   79.067992][ T5321] loop0: detected capacity change from 0 to 32768
[   79.344406][ T5321] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,no_splitbrain_check,fsck,fix_errors=ask,norecovery,recovery_pass_last=check_dirents,nojournal_transaction_names,reconstruct_alloc
[   79.356459][ T5321] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[   79.360241][ T5321] bcachefs (loop0): Version upgrade required:
[   79.360241][ T5321] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[   79.360241][ T5321] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size
[   79.360241][ T5321]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance
[   79.395718][ T5321] invalid btree id 251 (max 63), fix?
[   79.399213][ T5321] bcachefs (loop0): dropping and reconstructing all alloc info
[   79.407515][ T5321] bcachefs (loop0): error validating btree node on loop0 at btree extents level 0/0
[   79.407537][ T5321]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 98c59c5 written 0 min_key POS_MIN durability: 1 ptr: 0:27:0 gen 0  
[   79.407549][ T5321]   node offset 0/0: got wrong btree node: got
[   79.407559][ T5321]   btree=extents level=0 seq c6c25c03258c59c5 1
[   79.407565][ T5321]   min: POS_MIN
[   79.407571][ T5321]   max: SPOS_MAX
[   79.428105][ T5321] bcachefs (loop0): running explicit recovery pass check_topology (2), currently at recovery_pass_empty (0)
[   79.436083][ T5321] bcachefs (loop0): flagging btree extents lost data
[   79.438984][ T5321] bcachefs (loop0): running explicit recovery pass scan_for_btree_nodes (1), currently at recovery_pass_empty (0)
[   79.447784][ T5321] error reading btree root btree=extents level=0: btree_node_read_error, fixing
[   79.456583][ T5321] bcachefs (loop0): error validating btree node on loop0 at btree xattrs level 0/0
[   79.456600][ T5321]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 2285c34bed0abe32 written 16 min_key POS_MIN durability: 1 ptr: 0:31:0 gen 0  
[   79.456610][ T5321]   node offset 0/16 bset u64s 0: incorrect max key U64_MAX:18374686479671623680:50331647
[   79.470590][ T5321] bcachefs (loop0): flagging btree xattrs lost data
[   79.474845][ T5321] error reading btree root btree=xattrs level=0: btree_node_read_error, fixing
[   79.485631][ T5321] ------------[ cut here ]------------
[   79.488014][ T5321] UBSAN: shift-out-of-bounds in fs/bcachefs/btree_cache.c:218:18
[   79.492925][ T5321] shift exponent 251 is too large for 64-bit type 'unsigned long long'
[   79.496156][ T5321] CPU: 0 UID: 0 PID: 5321 Comm: syz.0.0 Not tainted 6.14.0-rc6-syzkaller #0
[   79.496171][ T5321] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   79.496178][ T5321] Call Trace:
[   79.496183][ T5321]  <TASK>
[   79.496190][ T5321]  dump_stack_lvl+0x241/0x360
[   79.496309][ T5321]  ? __pfx_dump_stack_lvl+0x10/0x10
[   79.496322][ T5321]  ? __pfx__printk+0x10/0x10
[   79.496341][ T5321]  __ubsan_handle_shift_out_of_bounds+0x3c8/0x420
[   79.496405][ T5321]  __bch2_btree_node_hash_insert+0x1b1d/0x1b80
[   79.496429][ T5321]  ? __bch2_btree_node_hash_insert+0x20d/0x1b80
[   79.496448][ T5321]  ? __pfx___bch2_btree_node_hash_insert+0x10/0x10
[   79.496473][ T5321]  bch2_btree_node_hash_insert+0x7e/0xc0
[   79.496491][ T5321]  bch2_btree_root_read+0x5d5/0x7b0
[   79.496507][ T5321]  ? __pfx_bch2_btree_root_read+0x10/0x10
[   79.496530][ T5321]  ? bch2_current_has_btree_trans+0x142/0x180
[   79.496547][ T5321]  read_btree_roots+0x3d3/0xa70
[   79.496575][ T5321]  ? __pfx_read_btree_roots+0x10/0x10
[   79.496588][ T5321]  ? bch2_reconstruct_alloc+0x334/0x5d0
[   79.496613][ T5321]  bch2_fs_recovery+0x260f/0x3de0
[   79.496636][ T5321]  ? __pfx_bch2_fs_recovery+0x10/0x10
[   79.496674][ T5321]  ? __pfx_lock_release+0x10/0x10
[   79.496692][ T5321]  ? bch2_get_next_online_dev+0x2b/0x4f0
[   79.496706][ T5321]  ? __pfx_lock_release+0x10/0x10
[   79.496729][ T5321]  ? bch2_get_next_online_dev+0x2b/0x4f0
[   79.496743][ T5321]  ? bch2_get_next_online_dev+0x4b9/0x4f0
[   79.496754][ T5321]  ? bch2_get_next_online_dev+0x2b/0x4f0
[   79.496769][ T5321]  ? llist_reverse_order+0x72/0x90
[   79.496789][ T5321]  bch2_fs_start+0x37c/0x610
[   79.496808][ T5321]  bch2_fs_get_tree+0xdb7/0x17a0
[   79.496841][ T5321]  ? __pfx_bch2_fs_get_tree+0x10/0x10
[   79.496870][ T5321]  ? vfs_parse_monolithic_sep+0x423/0x460
[   79.496888][ T5321]  ? __pfx_vfs_parse_comma_sep+0x10/0x10
[   79.496907][ T5321]  ? rcu_is_watching+0x15/0xb0
[   79.496922][ T5321]  ? apparmor_capable+0x13b/0x1b0
[   79.496940][ T5321]  vfs_get_tree+0x90/0x2b0
[   79.496954][ T5321]  do_new_mount+0x2be/0xb40
[   79.496971][ T5321]  ? __pfx_do_new_mount+0x10/0x10
[   79.496992][ T5321]  __se_sys_mount+0x2d6/0x3c0
[   79.497011][ T5321]  ? __pfx___se_sys_mount+0x10/0x10
[   79.497026][ T5321]  ? exc_page_fault+0x590/0x8b0
[   79.497101][ T5321]  ? __x64_sys_mount+0x20/0xc0
[   79.497120][ T5321]  do_syscall_64+0xf3/0x230
[   79.497137][ T5321]  ? clear_bhb_loop+0x35/0x90
[   79.497154][ T5321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.497167][ T5321] RIP: 0033:0x7f9ea1b8e90a
[   79.497179][ T5321] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.497188][ T5321] RSP: 002b:00007f9ea2a4ae68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   79.497201][ T5321] RAX: ffffffffffffffda RBX: 00007f9ea2a4aef0 RCX: 00007f9ea1b8e90a
[   79.497208][ T5321] RDX: 0000400000000180 RSI: 0000400000000540 RDI: 00007f9ea2a4aeb0
[   79.497216][ T5321] RBP: 0000400000000180 R08: 00007f9ea2a4aef0 R09: 0000000000800000
[   79.497222][ T5321] R10: 0000000000800000 R11: 0000000000000246 R12: 0000400000000540
[   79.497228][ T5321] R13: 00007f9ea2a4aeb0 R14: 0000000000005971 R15: 00004000000001c0
[   79.497246][ T5321]  </TASK>
[   79.497251][ T5321] ---[ end trace ]---
[   79.654856][ T5321] Kernel panic - not syncing: UBSAN: panic_on_warn set ...
[   79.658085][ T5321] CPU: 0 UID: 0 PID: 5321 Comm: syz.0.0 Not tainted 6.14.0-rc6-syzkaller #0
[   79.661925][ T5321] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   79.666905][ T5321] Call Trace:
[   79.668413][ T5321]  <TASK>
[   79.669763][ T5321]  dump_stack_lvl+0x241/0x360
[   79.671886][ T5321]  ? __pfx_dump_stack_lvl+0x10/0x10
[   79.674241][ T5321]  ? __pfx__printk+0x10/0x10
[   79.676475][ T5321]  ? vscnprintf+0x5d/0x90
[   79.678431][ T5321]  panic+0x349/0x880
[   79.680192][ T5321]  ? check_panic_on_warn+0x21/0xb0
[   79.682424][ T5321]  ? __pfx_panic+0x10/0x10
[   79.684396][ T5321]  ? _printk+0xd5/0x120
[   79.686229][ T5321]  ? __pfx__printk+0x10/0x10
[   79.688293][ T5321]  check_panic_on_warn+0x86/0xb0
[   79.690438][ T5321]  __ubsan_handle_shift_out_of_bounds+0x3e7/0x420
[   79.693295][ T5321]  __bch2_btree_node_hash_insert+0x1b1d/0x1b80
[   79.696082][ T5321]  ? __bch2_btree_node_hash_insert+0x20d/0x1b80
[   79.698795][ T5321]  ? __pfx___bch2_btree_node_hash_insert+0x10/0x10
[   79.701539][ T5321]  bch2_btree_node_hash_insert+0x7e/0xc0
[   79.704044][ T5321]  bch2_btree_root_read+0x5d5/0x7b0
[   79.706313][ T5321]  ? __pfx_bch2_btree_root_read+0x10/0x10
[   79.708832][ T5321]  ? bch2_current_has_btree_trans+0x142/0x180
[   79.711584][ T5321]  read_btree_roots+0x3d3/0xa70
[   79.713765][ T5321]  ? __pfx_read_btree_roots+0x10/0x10
[   79.716151][ T5321]  ? bch2_reconstruct_alloc+0x334/0x5d0
[   79.718605][ T5321]  bch2_fs_recovery+0x260f/0x3de0
[   79.720899][ T5321]  ? __pfx_bch2_fs_recovery+0x10/0x10
[   79.723358][ T5321]  ? __pfx_lock_release+0x10/0x10
[   79.725607][ T5321]  ? bch2_get_next_online_dev+0x2b/0x4f0
[   79.728087][ T5321]  ? __pfx_lock_release+0x10/0x10
[   79.730297][ T5321]  ? bch2_get_next_online_dev+0x2b/0x4f0
[   79.732691][ T5321]  ? bch2_get_next_online_dev+0x4b9/0x4f0
[   79.735014][ T5321]  ? bch2_get_next_online_dev+0x2b/0x4f0
[   79.737290][ T5321]  ? llist_reverse_order+0x72/0x90
[   79.739382][ T5321]  bch2_fs_start+0x37c/0x610
[   79.741877][ T5321]  bch2_fs_get_tree+0xdb7/0x17a0
[   79.743982][ T5321]  ? __pfx_bch2_fs_get_tree+0x10/0x10
[   79.746405][ T5321]  ? vfs_parse_monolithic_sep+0x423/0x460
[   79.748954][ T5321]  ? __pfx_vfs_parse_comma_sep+0x10/0x10
[   79.751586][ T5321]  ? rcu_is_watching+0x15/0xb0
[   79.753776][ T5321]  ? apparmor_capable+0x13b/0x1b0
[   79.756003][ T5321]  vfs_get_tree+0x90/0x2b0
[   79.757938][ T5321]  do_new_mount+0x2be/0xb40
[   79.759956][ T5321]  ? __pfx_do_new_mount+0x10/0x10
[   79.762159][ T5321]  __se_sys_mount+0x2d6/0x3c0
[   79.764260][ T5321]  ? __pfx___se_sys_mount+0x10/0x10
[   79.766482][ T5321]  ? exc_page_fault+0x590/0x8b0
[   79.768638][ T5321]  ? __x64_sys_mount+0x20/0xc0
[   79.770841][ T5321]  do_syscall_64+0xf3/0x230
[   79.772919][ T5321]  ? clear_bhb_loop+0x35/0x90
[   79.774771][ T5321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.777306][ T5321] RIP: 0033:0x7f9ea1b8e90a
[   79.779285][ T5321] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.787613][ T5321] RSP: 002b:00007f9ea2a4ae68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   79.791224][ T5321] RAX: ffffffffffffffda RBX: 00007f9ea2a4aef0 RCX: 00007f9ea1b8e90a
[   79.794690][ T5321] RDX: 0000400000000180 RSI: 0000400000000540 RDI: 00007f9ea2a4aeb0
[   79.798066][ T5321] RBP: 0000400000000180 R08: 00007f9ea2a4aef0 R09: 0000000000800000
[   79.801603][ T5321] R10: 0000000000800000 R11: 0000000000000246 R12: 0000400000000540
[   79.804773][ T5321] R13: 00007f9ea2a4aeb0 R14: 0000000000005971 R15: 00004000000001c0
[   79.807853][ T5321]  </TASK>
[   79.809389][ T5321] Kernel Offset: disabled
[   79.811170][ T5321] Rebooting in 86400 seconds..