program:
munmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1, 0x0, 0x2, 0x1)
open(&(0x7f0000000000)='./file0\x00', 0x80140, 0x0) (async)
r0 = open(&(0x7f0000000000)='./file0\x00', 0x80140, 0x0)
fcntl$setsig(r0, 0xa, 0x21) (async)
fcntl$setsig(r0, 0xa, 0x21)
fcntl$setlease(r0, 0x400, 0x1)
open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
creat(&(0x7f0000000280)='./file0\x00', 0x3e)
close_range(r0, 0xffffffffffffffff, 0x0) (async)
close_range(r0, 0xffffffffffffffff, 0x0)
syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000001540)='./file0\x00', 0x0, &(0x7f00000002c0), 0xff, 0x14d1, &(0x7f00000015c0)="$eJzs3AlwlcW2KOBe3f1DiBG3EZl79fphiwGaiIjIICIyiIiICIjMIiBiRERERISATCICIgIyRkSGEAGRIUDEMM/zPBg5iIiIyCSTQL/C47ncczy3uO+8cy+vKuur6kqv/Hut3Z1VyT9UZf/UdViNxjWrNiAi8a9Qf5vAX78kCyFihBADhRC3CSECIUTZ+LLx147nUpD8L70J+x/SMPVmr4DdTNz/7I37n71x/7M37n/2xv3P3rj/2Rv3P3vj/jOWraUVuJ1H9h38/D874/N/9sb9z964/9kb9z974/5nb9z/7I37n71x/7M37j9j2dr/B8+gedzEwRhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM/S+44K/TQoi/zW/2uhhjjDHGGGOMMfbv43Pe7BUwxhhjjDHGGGPsfx4IKZTQIhA5RE4RI3KJWHGLiBO3itziNhERt4t4cYfII+4UeUU+kV8UEAVFIVFYGIHCChKhKCKKiqi4SxQTd4sEUVyUECWFE6VEorhHlBb3ijLiPlFW3C/KiQdEeVFBVBSVxIOisnhIVBEPi6riEVFNVBc1RE3xqKglHhO1xeOijnhC1BVPinriKVFfPC0aiIaikXhGNBbPiiaiqWgmmosWoqVo9S/lvyV6iLdFT9FLJIveoo94R/QV/UR/MUAMFO+KQeI9MVi8L4aIoWKY+EAMFx+KEeIjMVKMEqPFx2KMGCvGifFigpgoUsQnYpL4VEwWn4kpYqqYJqaLVDFDpInPxUwxS8wWX4g54ksxV8wT88UCkS4WikViscgQX4kl4muRKZaKZWK5WCFWilVitVgj1op1Yr3YIDaKTWKz2CK2im1iu9ghdopdYrfYI/aKfWK/OCC+EVni2//L/PP/kN8NBAiQIEGDhhyQA2IgBmIhFuIgDnJDbohABOIhHvJAHsgLeSE/5IeCUBAKQ2FAQCAgKAJFIApRKAbFIAESoASUAAcOEiERSsO9UAbKQFkoC+WgHJSHClABKkElqAyVoQpUgapQFapBNagBNeBReBQeg9pQG+pAHagLdaEe1IP6UB8aQANoBI2gMTSGJtAEmkEzaAEtoBW0gtbQGtpAG2gH7aA9tIcO0AGSIAk6QkfoBJ2gM3SGLtAFukJX6AZvwpvwFrwFb8Pb0Auqyd7QB/pAX+gL/WEADIB3YRC8B+/B+zAEhsIw+AA+gA9hBJyDkTAKRsNoqCzHwjgYDyQnQgqkwCSYBJNhMkyBqTAVpkMqzIA0SIOZMAtmwRcwB76EL2EezIMFkA7psAgWQwZkwBI4D5mwFJbBclgBK2EFrIY1sBrWwXpYBxthI2yGzbAVtsJ22A47YSfsht2wF/bCftgPQyALsuAgHIRDcAgOw2E4AkfgKByFY3AMjsNxOAEn4CScgtNwCs7CWTgH5+ECXIBLcAkuw2W4Clev/fLLa7TUMofMIWNkjIyVsTJOxsncMreMyIiMl/Eyj8wj88q8Mr/MLwvKgrKwLCxRoiQZyiKyiIzKqCwmi8kEmSBLyBLSSScTZaIsLUvLMrKMLCvvl+XkA7K8rCDbukqykqws27kq8mFZVVaV1WR1WUPWlDVlLVlL1pa1ZR1ZR9aVdWU9+ZSsL3tDf2gor3WmsRwKTeQwaCabyxaypfwQnpOt5QhoI9vKdvIFOQpGQgfZ2iXJl2VHOQ46yVfleHhNdpEToat8Q3aTb8ru8i3ZQ7ZxPWUvOQV6yz5yOvSV/WR/OUDOhOryWsdqyPflEDlUDpMfyAXwoRwhP5Ij5Sg5Wn4sx8ixcpwcLyfIiTJFfiInyU/lZPmZnCKnymlyukyVM2Sa/FzOlLPkbPmFnCO/lHPlPDlfLpDpcqFcJBfLDPmVXCK/lplyqVwml8sVcqVcJVfLNXKtXCfXyw1yo9wkN8stcqvcJrfLHXKn3CV3yz1yr9wn98sD8huZJb+VB+Vf5CH5nTwsv5dH5A/yqPxRHpM/yePyZ3lC/iJPylPytDwjz8pf5Tl5Xl6QF+Ul+Zu8LK/Iq9JLoUBJpZRWgcqhcqoYlUvFqltUnLpV5Va3qYi6XcWrO1QedafKq/Kp/KqAKqgKqcLKKFRWkQpVEVVURdVdqpi6WyWo4qqEKqmcKqUS1T2qtLpXlVH3qbLqflVOPaDKqwqqoqqkHlSV1UOqinpYVVWPqGqquqqhaqpHVS31mKqtHld11BOqrnpS1VNPqfrqadVANVSN1DOqsXpWNVFNVTPVXLVQLVUr9ZxqrZ5XbVRb1U69oNqrF1UH9ZJKUi+rjuoV1Um9qjqr11QX9brqqt5Q3dSbqru6oq4qr3qqXipZ9VZ91Duqr+qn+qsBaqB6Vw1S76nB6n01RA1Vw9QHarj6UI1QH6mRapQarT5WY9RYNU6NVxPURJWiPlGT1KdqsvpMTVFT1TQ1XaWqGar/H5Vm/zfyP/0n+YN/f/fNaovaqrap7WqH2ql2qd1qj9qj9ql96oA6oLJUljqoDqpD6pA6rA6rI+qIOqqOqmPqmDqujqsT6oQ6qU6pi+qMOqt+VefUeXVeXVSX1CV1+Y+fgdCgpVZa60Dn0Dl1jM6lY/UtOk7fqnPr23RE367j9R06j75T59X5dH5dQBfUhXRhbTRqq0mHuoguqqP6Ll1M360TdHFdQpfUTpfSifqe/+f8G62vlW6lW+vWuo1uo9vpdrq9bq876A46SSfpjrqj7qQ76c66s+6iu+iuuqvuprvp7rq77qF76J66p07WybqPfkf31f10fz1AD9Tv6kF6kB6sB+sheogepofp4Xq4HqFH6JF6pB6tR+sxeowep8fpCXqCTtEpepKepCfryXqKnqKn6Wk6VafqNJ2mZ+qZeraerefoOXqunqvn6/k6XafrRXqRztAZeoleojP1Ur1UL9fL9Uq9Uq/Wq/VavVav1+v1Rr1RZ+oteoveprfpHXqH3qV36T16j96n9+kD+oDO0ln6oD6oD+lD+rA+rI/oI/qoPqqP6WP6uD6uT+gT+qQ+qU/r0/qsPqvP6XP6gr6gL+lL+rK+rK/qq9cu+wIZyEAHOsgR5AhigpggNogN4oK4IHeQO4gEkSA+iA/yBHcGeYN8Qf6gQFAwKBQUDkyAgQ0oCIMiQdEgGtwVFAvuDhKC4kGJoGTgglJBYnBPUDq4NygT3BeUDe4PygUPBOWDCkHFoFLwYFA5eCioEjwcVA0eCaoF1YMaQc3g0aBW8FhQO3g8qBM8EdQNngzqBU8F9YOngwZBw6BR8EzQOHg2aBI0DZoFzYMWQcug1b+1vvfn8j3veppeJtn0Nn3MO6av6Wf6mwFmoHnXDDLvmcHmfTPEDDXDzAdmuPnQjDAfmZFmlBltPjZjzFgzzow3E8xEk2I+MZPMp2ay+cxMMVPNNDPdpJoZJs18bmaaWWa2+cLMMV+auWaemW8WmHSz0Cwyi02G+cosMV+bTLPULDPLzQqz0qwyq80as9asM+vNBrPRbDKbzRaz1Wwz280Os9PsMrvNHrPX7DP7zQHzjcky35qD5i/mkPnOHDbfmyPmB3PU/GiOmZ/McfOzOWF+MSfNKXPanDFnza/mnDlvLpiL5pL5zVw2V8xV469d3F87vaNGjTkwB8ZgDMZiLMZhHObG3BjBCMZjPObBPJgX82J+zI8FsSAWxsJ4DSFhESyCUYxiMSyGCZiAJbAEOnSYiIlYGktjGSyDZbEslsNyWB7LY0WsiA/ig/gQPoQP48P4CD6C1bE61sSaWAtrYW2sjXWwDtbFulgP62F9rI8NsAE2wkbYGBtjE2yCzbAZtsAW2ApbYWtsjW2wDbbDdtge22MH7IBJmIQdsSN2wk7YGTtjF+yCXbErdsNu2B27Yw/sgT2xJyZjMvbBPtgX+2J/7I8DcSAOwkE4GAfjEByCw3AYDsfhOAJH4EgchaPxYxyDY3EcjscJOBFTMAUn4SScjJNxCk7BaTgNUzEV0zANZ+JMnI2zcQ7Owbk4F+fjfEzHdFyEizADM3AJLsFMzMRluAxX4ApchatwDa7BdbgON+AG3ISbcAtuwW24DXfgDtyFu3AP7sF9uA8P4AHMwiw8iAfxEB7Cw3gYj+ARPIpH8Rgew+N4HE/gCTyJJ/E0nsazeBbP4Tm8gBfwEv6Gl/EKXkWPMTaXjbW32Dh7q81tb7P/GOe3BWxBW8gWtsbmtfn+LkZrbYItbkvYktbZUjbR3vOnuLytYCvaSvZBW9k+ZKv8Ka5lH7O17eO2jn3C1rSP/l1c1z5p69lnbX3b1DawzW0j29I2ts/aJrapbWab2xa2pW1vX7Qd7Es2yb5sO9pX/hQvsovtGrvWrrPr7T67316wF+0x+5O9ZH+zPW0vO9C+awfZ9+xg+74dYof+KR5tP7Zj7Fg7zo63E+zEP8XT7HSbamfYNPu5nWln/SlOtwvtHJth59p5dr5d8Ht8bU0Z9iu7xH5tM+1Su8wutyvsSrvKrv6PtS63G+0mu9nusXvtNrvd7rA77S67+/f42j4O2G9slv3WHrU/2kP2O3vYHrdH7A+/x9f2d9z+bE/YX+xJe8qetmfsWfurPWfP/77/a3s/Y6/Yq9ZbQUCSFGkKKAflpBjKRbF0C8XRrZSbbqMI3U7xdAfloTspL+Wj/FSAClIhKkyGkCwRhVSEilKU7qJidDclUHEqQSXJUSlKpHuoNN1LZeg+Kkv3Uzl6gMpTBapIlehBqkwPURV6mKrSI1SNqlMNqkmPUi16jGrT41SHnqC69CTVo6eoPj1NDaghNaJnqDE9S02oKTWj5tSCWlIreo5a0/PUhtpSO3qB2tOL1IFeoiR6mTrSK9SJXqXO9Bp1odepK71B3ehN6k5vUQ96m3pSL0qm3tSH3qG+1I/60wAaSO/SIHqPBtP7NISG0jD6gIbThzSCPqKRNIpG08c0hsbSOBpPE2gipdAnNIk+pcn0GU2hqTSNplMqzaA0+pxm0iyaTV/QHPqS5tI8mk8LKJ0W0iJaTBn0FS2hrymTltIyWk4raCWtotW0htbSOlpPG2gjbaLNtIW20jbaTjtoJ+2i3bSH9tI+2k8H6BvKom/pIP2FDtF3dJi+pyP0Ax2lH+kY/UTH6Wc6Qb/QSTpFp+kMnaVf6Rydpwt0kS7Rb3SZrtBV8iRCCGWoQh0GYY4wZxgT5gpjw1vCuPDWMHd4WxgJbw/jwzvCPOGdYd4wX5g/LBAWDAuFhUMTYmhDCsOwSFg0jIZ3hcXCu8OEsHhYIiwZurBUmBjeE5YO7w3LhPeFZcP7w3LhA2H5sEJYMawUPhhWDh8Kq4QPh1XDR8JqYfWwRlgzfDSsFT4W1g4fD+uET4RlwifDeuFTYf3w6bBB2DBsFD4TNg6fDZuETcNmYfOwRdgybBU+F7YOnw/bhG3DduELYfvwxbBD+FKYFL4cdgxfueHx5LB32Cd8J3wn9P5xNT+6IJoeXRhdFF0czYh+FV0S/TqaGV0aXRZdHl0RXRldFV0dXRNdG10XXR/dEN0Y3RTdHPW+Zk7hwEmnnHaBy+FyuhiXy8W6W1ycu9Xldre5iLvdxbs7XB53p8vr8rn8roAr6Aq5ws44dNaRC10RV9RF3V2umLvbJbjiroQr6Zwr5RJdS9fKtXKt3fOujWvr2rkX3AvuRfeie8m95F52Hd0rrpN71XV2r7ku7nX3unvDdXNvuu7uLdfDve16ul4u2SW7Pq6P6+v6uv6uvxvoBrpBbpAb7Aa7IW6IG+aGueFuuBvhRriRbqQb7Ua7MW6MG+fGuQlugktxKW6Sm+Qmu8luipviprlpLtWlujSX5ma6mW62m+3muDlurpvr5rv5Lt2lu0VukctwGW6JW+IyXaZb5pa5FW6FW+VWuTVujVvn1rkNboPb5Da5LW6L2+a2uR1uh9vldrk9bo/b5/a5A+6Ay3JZ7qA76A65Q+6w+94dcT+4o+5Hd8z95I67n90J94s76U650+6MO+t+defceXfBXXSX3G/usrvirjrvUiKfRCZFPo1MjnwWmRKZGpkWmR5JjcyIpEU+j8yMzIrMjnwRmRP5MjI3Mi8yP7Igkh5ZGFkUWRzJiHwVWRL5OpIZWRpZFlkeWRFZGfG+0LbQF/FFfdTf5Yv5u32CL+5L+JLe+VI+0d/jS/t7fRl/ny/r7/fl/AO+vK/gK/qmvplv7lv4lr6Vf8639s/7Nr6tb+df8O39i76Df8kn+Zd9R/+K7+Rf9Z39a76Lf9139W/4bv5N392/5Xv4t31P38sn+96+j3/H9/X9fH8/wA/07/pB/j0/2L/vh/ihfpj/wA/3H/oR/iM/0o/yo/3Hfowf68f58X6Cn+hT/Cd+kv/UT/af+Sl+qp/mp/tUP8On+c/9TD/Lz/Zf+Dn+Sz/Xz/Pz/QKf7hf6RX6xz/Bf+SX+a5/pl/plfrlf4Vf6VX61X+PX+nV+vd/gN/pNfrPf4rf6bX673+F3+l1+t9/j9/p9fr8/4L/xWf5bf9D/xR/y3/nD/nt/xP/gj/of/TH/kz/uf/Yn/C/+pD/lT/sz/qz/1Z/z5/0Ff9Ff8r/5y/6Kv8r/s8YYY4wx9t+ibnC89z/5nvxjXNNHCHHr9gJH/rHmhrx/nfeT+zpGhBAv9+ra8G+jYcPk5OQ/XpupRFB0nhAicj0/h7geLxXtxIsiSbQVpf/p+vrJikA3qB+9X4jY/5QTI67H1+vf+1/Ub7rwhvXnCZFQ9HpOLnE9vl6/zH9Rf3f7G9TP9V2KEG3+U06cuB5fr58onheviKS/eyVjjDHGGGOMMfZX/eSlbje6v712f15QX8/JKa7HN7o/Z4wxxhhjjDHG2M332pvdX3ouKaltZ57whCc8+Y/Jzf7LxBhjjDHGGPt3u37Rf7NXwhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMZV//Gx8ndrP3yBhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjN1s/ycAAP//fMhn/w==")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write$binfmt_script(r1, &(0x7f0000000300)={'#! ', './file0'}, 0xb)
syz_80211_inject_frame(&(0x7f0000000300)=@device_b, &(0x7f0000000280)=ANY=[@ANYBLOB="d0187f00080211000001080211000000505050505050"], 0x2f) (async)
syz_80211_inject_frame(&(0x7f0000000300)=@device_b, &(0x7f0000000280)=ANY=[@ANYBLOB="d0187f00080211000001080211000000505050505050"], 0x2f)
r2 = syz_mount_image$bcachefs(&(0x7f00000058c0), &(0x7f0000005900)='./file0\x00', 0x10000, &(0x7f00000001c0)={[{@fsck}, {@inline_data}, {@nocow}, {@no_data_io}, {@str_hash={'str_hash', 0x3d, 'siphash'}}, {@norecovery}, {@discard}, {@reconstruct_alloc}, {@erasure_code}, {@acl}, {@str_hash={'str_hash', 0x3d, 'siphash'}}], [{@hash}, {@func={'func', 0x3d, 'PATH_CHECK'}}]}, 0xff, 0x5912, &(0x7f000000b240)="$eJzs3W2QXFWdMPBzu2cynZm8TAJIBJkMgSiCmglvhS+l0ce3AqRiYSnhicJAJhhNQioJAgEl+IAPFGChpaWoH9BCatFoUQWrRErkZRNUlGJ1qS2kVnbRD24hS0ogS1muszXT93R6bved29PTExL4/SqZ2+f07f8999zTt+//dM90AAAA4FVh97Vb9p51xPt++fmRF6/64E82XB36yuP1lbhCf7q87OVqIftTT9ei8WV2XLzhiu/9cfDC9/zizt7vvrRrzdFrf/feQy6891On77zlmw+8MPfuvz9dFDeOp+P3lZNnkxAqP93z1S/seuTwsbokhFBO+reHsCBZ+MCCJBNi6K8hhDVpYVHmzrtePGnt2PLqG3om1M/PrGe8v7pV0nG2be+lJ4Tfv3vVNb9e/MMfdO94Zvu+VZJK3XgKYd759Y/vDiHMTv+PiaMtjsc4aFeGEHrrHndaQbuOabH9y3LKR6bLWemyryBOvH9JplzKrJctR92ZZW/B9qYrrx3trldkTqacPRlNV147Y/2CdPnjdHn8FOOX4/8klJLQVWv++mTfGAl1xy0JyfixrNTKpdqxDen+Z8pJplzKlMvdmf26rLRvoJWTpFZf355Spj6ejrvS+qPrz9VNnJ1T/9p0WUmfqC/FcsjeqOpruFHbr3GxXXsmacv+UKo7BzWrrx349GD0pXV9ycKGx4w2Ee/bterGpeXVD+7uz2lHcmeSxk/air/tVwvmfOL711+SfV2vxT+/lMYvtRX/qTMefe7c67/zjdz4N8f45bbin3hf77NnPHTtktz+2RP7p6ut+MNPP3zT4kMv2JHb/ltj/Epb8VfsfLRn7t777s9t/1Dsn9ltxX/y7e//wx2P3/NMbvwQ4/e2FX/1zk1f7BnYe1xu/Ptj//S1N36e33HqEwMDfxrMi/9YjD+3rfi3b7/lbbfNv+H03OO7MvZPf1vxzzz23mvm7L3nqLxzZ3Jrp145AV6dDkmvsa5Ly+3mmdNVly98fbCres03J/0/t5MbyhjbzrwZjA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAq9NhJ/z8A//x0f5nu9JyT3rjyVJ1GetnhZDMDiFs2Tq8eeu6jRcNfuriSzZvHF4/OLx1cGTj1s2XD578psHNI5vWD18+du/Qm0+qPm5hSKrL5KiGbY+Ojo6W+ifWxe39n2N3/H7paf/55xCGDvvtQFdu+5fdsuG2Q5v8zEhWjL5rwyVn/faUb6f71Z+2qz+nXSGnXf91zt9u+/KePx4XwtBrJmvXw0++82cTGjResS9OqtQTqg3qSXqbtqPW6rQ9sb+61q5bPzJU3L/lnP34v1c889e1l33pb9X+reTuR4v9O3vF6PrS11ad+T9fu7JacaAe96L+jnsR2xf7r5L297x0v+bl7FdXzn5d++v7H//pEde/sD0MdT2/uHHbRfvVnQ6A7uS1LW03bqE3WTChvpKuH494fNyyrRs2Ldty+bY3r9swfNHIRSMb37r85OWnDp1y6inLxvd8WYf3P27/9S3u//4ZT/M/s/3H8Wdr46moXUX9Mdau4v6ob1He86/37C985a23PHRWtaJonMe1a+eTdNk7dpyXh7rx1thXzfarqB9CCIPN+uG5F04Ph//rumuKzkP1R6b+Z0ayYvSRJX/59mnfWvSOasV+Oc/XN6jN83yt1fvaM95flfR4HKj92xPK6X71NW3X8kce6r5x958/W2vfrFnhsuGtWzcvr/6ck7Z0TnJk03Zla+N+LR7/WQ5pt4TaMG0yXsd0h2r7sufPuHq2V/vS+/qShU33Kyvet2vVjUvLqx/cndfTyZ3VLc4Oc6vL5HU5a67PPLBca3Cz7R+s42PgA9+6+6N3/+jkhvFxYvVn0X4lOfv1w8dv/8p3v/T/f9S5/frAOx/t/8u/fXJpteJgOa/UWp22J6k/r5wYQtHzb3Fovh+5z79S8/0pev5lt7Nv/ebxBjPlvlBu6/l64n29z57x0LVLcp+ve1p9vl45oVQueL4eKOPn5Xt+TRgoyYrRX1x3yPYHrlp5RLWiaFzX1m42rk9qIf/I2a+fnfvEwMWD/+9fOnfe+N6b7jrvd8MrPletOFCOeyXt30pO/9ZaHfPO+v59y4UXr19TrT9wr3/TZUH+E08lWy7f9unh9etHNm9pbb9afT2N28n2cruvp/HstrBgv0oN+zVzN1rpr1afb7H9a9rur4nPt76QtPW6sO1XC+Z84vvXX9Lf8Kh0Q+eX0viltuI/dcajz517/Xe+kRv/5hi/q634w08/fNPiQy/YkRv/1iSNX2kr/oqdj/bM3Xvf/bnxh2L7Z7cV/8m3v/8Pdzx+zzNN4o8HTkKM39de/z+/49QnBgb+lNv+x6r9M/ZzTgjhrhdPWlstJ6E7fb7FdnTXP2782mVCOcmUS5lyuTuzc7PCvg2Uk2RifVwvrT+6ri3NfCynPl6FVRZVly/FcsjemLz+QFOqO/c3qy+6TgUAeKWL7//Ha9D4/v9IeqGUP9MA+0w3D1uUEzfmYfvmc2ZNuH9RGj8+Ps4DDrwlDI0trx6sXuhPdZ4zPh+y85xxO8cdMzFGu/OcRfPvSzLl2K7qfHlXXR6aasxrukIL8++N25l8/j2z+8Xz44PXNTRrsG7eKnv8utMZs2afd8i0d9NYhLzxUZsXS/cjfp5jYF5YOb69FsdH9nM08ThkP0cTj8cRmRNnu5+jme74iM2eZHyMN7n4/Y3G4xeazDvGftp3/JpHWzIh0OjoFI53ZWz9mX5/9uCfN5zZ98PMS+bET59gB/q8YayP+9HV4nziR3PqOzWfGE8XsV17JmnL/mA+EXilivl/fI0Yy//HLsD/O7Ne0XVo9qoxxsv9nFC5eXuK8o7Gz+n1tvU6vnrnpi/2DOw9Lvc65/5WP/ezaUKpt+BzP0X9uDRTLuzHnAmaonwvu52ifs9+LqMvzG2r32/ffsvbbpt/w+m5/b6y+kJa3O9fmVCaW9Dv8oWc+PKFAyJfmOn5s5ctH0k/+DRT+chHcuqnmo/0Ntyo7de4gy4f6d6/7QIADh4x/6+9f5bm//+eWa8obz0+U47xcvPWnOuTvLz1Q+nyssz6felvVEz1uvnMY++9Zs7ee47KzVtubTUP/YcJpf7CPHR6eXNuHrGyM58Xz80jannW9PLE3PbX8sTp5em58Wt5+vTy6Nz+qeXR05sHyI1fmwc42PPcmZ2ve8Xm0emvz85UHn12Tv1U8+i+hhu1/RonjwYAeHnF/D9exsX8/6HMetO9bk+v+xrSg05dt2f/Hkgt/mP7K6+c6bxvpvPWmc7rZ3pe4mDPi2d6Xmhm58nkxWk5ZG9UyYsBADgQxPx/dlrOz/+nl5/k5m+1/ER+3jT+KzE/P+LnLcc/cPLzjsx/Ncbfb/Nf8n/5fzH5PwDAK1vM/+OvPca///dPaTn7d+vl6TnxX4l5+hTiy9Pz48+dUp4+0/NsL9c8QPxDFeYBJt6o7dc48wAAAMyE7vFMqfH37D+eLrO/Z5/3e/nn5qzfqq7x37EP4YKtm0dGzrtk05rhrSPnbbx4zciW8y7dvG7r1pGN1fWmmzfm5i1p3tgdutL+aL5eNm+bn+Yz83P+HkJ2/Rj2yPEbjX8PIbvZ2QV/R2Df8WutvXnHrzTJ+s3GR97xzov/sZz1o9rxv/CTJ563dst56zau27pueP26bSMT1xvLWnsbvjcz/hHJxu/NjN0ype/NzPxoUJr693d2ph2lhnZ0p/2R9/3sSaYdC9KWLMj7/oOcdv/yn7/8mWNH/3ZHCEOHlV83rf5LVoz+4zkjH9q6+7ebxtpfmrT9tTXTdhV9X2l2/bg/Xesv3rL1hLUXX7Ix+42S7YnzGaVaeYbmM9KhXW5xfmJ1Tv1U5yfKDTcOTC3PTwAAMEF8/z9ez8b3D7+UXkDF+tbz9Om9f5ybpw+1lqdnv5esKE/Prh/3t9U8vTLNPD27/aI8vdn6zfL0vLw7L/5HctafqtbHyfQ+55E7Ts5vbZxkv8+gaJxk15/qOEmmOU6y2y8aJ83WbzZO8o57XvwP56yfp/XxML3P5eSOh5tbGw9vzJSLxkN2/amOh9I0x0N2+0Xjodn6zcZD3vHNi39Wzvqtmjg+xgbG+LgYOe/Sizd/um69mf7+i+m3b2a//6Ndrbd/Zj/3NfPtn9nPlc18+6f3+1+57X9sKjNhjWfR1ts/s9/v0q79Nl+bftis6PNnRfO4q3LqpzqPO6vhxoHJPC68fGL+H9/uifn/Demy028DHfzfk+Z7zJrG79D3mBVdx3g9n2RjBwCv5wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACt6elaNL7cfe2WvWcd8b5ffn7kxas++JMNV7/hiu/9cfDC9/zizt7vvrRrzdFrf/feQy6891On77zlmw+8MPfuvz9dGLi/ujg+LVZCSJ5NQqj8dM9Xv7DrkcPH6pIQQjnp3x7CgmThAwuSTIShv4YQ1tTaOfHOu148ae3Y8uobeibUz88Eye5X6CvH9kxoZ7iscI84CFXScbZt76UnhN+/e9U1v178wx9073hm+75VkkrdeAph3vn1j+8OIcxO/4+Jo21RfHC6XBlC6K173GkF7TqmxfYvyykfmS5npcu+gjjx/iWZcimzXrYcdWeWvQXbm668drS7XpE5mXL2ZDRdee2M9QvS5Y/T5fFTjF+O/5NQSkJXrfnrk31jJNQdtyQk48eyUiuXasc2pPufKSeZcilTLndn9mt8u+lAKyfJxPq4XqY+no670vqj68/VTZydU//adFlJn6gvxXLI3qjqa7hR269xsV17JmnL/lCqOwc1q68d+PRg9KV1fcnChseMNhHv27XqxqXl1Q/u7s9pR3JnksZP2oq/7VcL5nzi+9dfsigv/vmlNH6pWfzxjU4W/6kzHn3u3Ou/843c+DfH+OW22n/ifb3PnvHQtUty+2dP7J+utuIPP/3wTYsPvWBHbvtvjfErbcVfsfPRnrl777s/t/1DsX9mtxX/ybe//w93PH7PM7nx0zPfrDbH5+qdm77YM7D3uNz498f+6Wsr/lPP7zj1iYGBPw3mxX8sxp/bVvzbt9/yttvm33B67vFdGfu/v634Zx577zVz9t5zVN65M7m1U6+cAK9Oh6TXWNel5XbzzOmqyxe+PthVfU2dk/6f28kNZYxtZ94MxgcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4JXpN1ee/PFz3vXhVV1JCEnOOqNNxPvKs1asGGxju8NPP3zT4kMv2FFft6iNOAAAAECxmIeXajWVsChcmswORzZdP84RHBlLycT67BxCjJOdI2g3TqlDccoditPVoTjdHYozq0NxejoUp1IQpxJaizN70jilltvT26E4fR2KM6dDceZ2KM68DsWZ36E4/ZPGaX0cLuhQnIUdinNIh+Ic2qE4h3UozmvGf5anHefwDrUnO6c81XE4N13ziLw4Sbq/BXG6knLtjmbz6XE7R01zO30tbif39bjF7cxucTvHZB5XmuJ2Ki1u5/XT3E7S4nbeOM3tlAq2E8ftZdn2xe3EUovj//IOxdkWQji5A3Gu6FB7ruxQnM92KM7nOhTnqmnGAWhVzP/35Xv9oafrHaE3PeNkZwFivrt4/Gfj613eCSnGe12mflY2XjZMNlHPxFs81fZlJxAy8ZZk6rsnxOuq5SOTxKvUx1uaubNhf7Pty04oZNp3fKa+pyhedmIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGbQb648+ePnvOvDq0ISxv41NdpEvK88a8WKwTa2u2vVjUvLqx/cXV/X09VGIAAAAKBQzMO7azWV0NO1PPQksyasV0nnASppudxfXQ7MCyvHlslgabzcmyyY9HFd6eOWbd2wadmWy7e9ed2G4YtGLhrZ+NblJy8/deiUU09Ztnbd+pGh6s8QegrihRDGpx+2XL7t08Pr149s3lKtzLZ/Ufq4RWk5SR838JYwNLa8Om3/woLtlRq2N3M3io8eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8L/s2l2IXOX5APD3zMzOjKvR+ePXGMxmyIfk30qbpGuJrTgHChU0CVmEMmO7lVATKt2YoImkdqqBqk1oKSiBkJKblFSqld74UaXUDwIpNm2gm4ai0nrRXrRotUTJRYlMye6c2ZnZmcw6BDfG3+/ivGee93nf57xzsfCcHQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg4zVZGx2vlMeqw1EIUY+cehfJXDobx6UB6n7jxW0/yY2cWtEay2UG2AgAAADoK+nDh5qRfMhl0iEdrpn6tGQmNR/PxwMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADnjcna6HilPFa9OAoh6pFT7yKZS2fjuDRA3bfef/qLr4+M/LM1VhxgHwAAAKC/pA9PNSP5UAxLw1B0TVte8m5gYcf6zrxkn0VzzOt8d9Arb+kc866bY97/98lb3xh3BgAAAPjkS/r/TDNSCLnMgp79f7++Pslb3JGXboyzfyvQ61cHAAAAwLmS9P+5ZqQYcplis1+fa7+/pCMvWd/v//bJ+uU91vf7f/66xuj/9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwyTFZGx2vlMeq6SiEqEdOvYtkLp2N49IAdVe/NPzv2w4/sqQ1lsuEdy8dYC8AAADg7JI+PNOM5EMuMxyGwsVTff/ILQee/dqzz4+GEKbb/Gw27Ny4ffu9q6evSd6qo4eHfnzkne/Pyls1fZ23AwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOfMZG10vFIeq14UhRD1yKl3kcyls3FcGqDum1/+6t+fPPHC262x4gD7AAAAAP0lffhM758PxZAN2XDV1KfWXv+MVMf6Xu8MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAvHfd994DsbJyY23fvpvInPj8fofxOH8+Ix3Hxqbub7LxMAAHCuLQ5RqH9EV2+Y76cGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADOB5O10fFKeayaj0KIeuTUu0jm0tk4Lg1QN37xWG7BqZdeaY0VB9gHAAAA6C/pw2d6/3wohqEwFK6c+jTrnUC+MRY+vmcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzi+TtdHxSnmsuiAKIeqRU+8imUtn47g0QN0ndu3/0qHLfnRrayyXGWAjAAAAoK+kD882I/mQy3wm5MK1jc8T7QuidGPs/l5gZt22tmXDc15Xa1uXnvO63R0nyzROM70un+xXmB6b60qz15Va1hVDs3ypbV3Y27ZqQZ/nDAAAADCPkv4/14wUQi6Ta+lzf9GWX9DnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9TNZGxyvlsWoUhRD1yKl3kcyls3FcGqDuA3/4v0u++cs9O1pjxQH2AQAAAPpL+vCZ3j8fimFRuDQsmur7Q6E9P8l7t3L60OP/+ceKEFZedXwk03P/371588udlxBS7UmpEC5r1It61Pv9nx6/f1n99JMhrLwyfe1Hrde+ZVx/rrJp3fYjx7ed5YsBAACAC0jS/w81I4WQy9zTs/9POu+59//Z5Pay+3f9+oqkI+9YkSo06qV61PvKsqf/tnzNv9450/+frd7n9285dEWj1PR1OtIhiuvlLTvWH7/hYCo59XT9dEf95Hv5+vfe/u/mnY+dnq6fD/lGfGGmW/3Z1w4XxfWJ1L7q2g/31drrZ3qc/5E/vnLitwv3fHCm/vuLh5v1rzvL+c9ef/j2R/feuP/w+vb6IYRSt/rvfXBruPovdz/cef7hjo1bv/nWa4corh9dcvLgmgPFm9rrRx31k+//Vyee2Pvzx374fFI/+a3IiqVzrZ/qqP/a7st3vfrQhoXt9VM9zv/yHa+PbC394M+d579r4PM/df0zd76xMX6wcwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODCMlkbHa+Ux6qpKISoR069i2QunY3j0gB137rt2Ht37PnZT1tjxQH2AQAAAPpL+vCZ3j8fiiEbsmF4qu9/rrJp3fYjx7eFwvRs1BgzE1vv2/7ZzVt33HPXPD05AAAAMFdJ/59pRgohl1kWhhr9f3nLjvXHbziYSvr/VNL/b757YtPK0Mx7bfflu159aMPC5nuCEKZ+FpA/k/eFmbxbbj5WOPnXby/vmrd6Ju/okpMH1xwo3pTkhda8VaH5fuKp65+5842N8YPN52vN+9y3tk40Xk8k+w7f/ujeG/cfXt88R2Mcbuyb5E2k9lXXfrivluSlG2O+cW4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYLbJ2uh4pTxWDekQoh459S6SuXQ2jksD1F277DcPX3LqhUWtsVxmgI0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPgfO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdivvxCpqjgO4OfMzLbjzK7uatBWtK5WFPaQFETUS0VFaITQkyFhaT5EQRBR2ENraCRW9BJkvUhUUG0hFOQmiRZr9E966aGCAushEGmhHKSHjN09d5y57m3waoH0+cDlzDn33u/93XvO3p0BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4p/TXRmbbg9sebd110W1fPP3Asafu+OjhLVc8+fYvYxtu+Xx3443jUxuXbfr+1iUb9j64anLnqwf+GPzgr8M9g5+Ya1akbj2EeDSGUP94+qVnpr68YGYshhCqcWg8hOG4+MBwzCWs/DOEsLFdZ/fO949du2mm3bKjv2t8US4kf1+hWc3qmTPUXS/nlBP5RZNXT+tsc+vxq8KPN6/d+vXS997tmzgyfvKQWO9YTyEsXN95fl8IYUHaZmSrbSQ7ObVrQgiNjvOu71HXpb3uLLm6oH9xas9LbbNHTrZ/ea5fyR2X72f6cm2jx/XOVFEdZY/rZSDX77WuTldRndn4cGo/TO2K08yvZlsMlRhq7fIfiifXSOiYtxji7FzW2/1Ke25Duv9cP+b6lVy/2pe7r9nrpoVWjbFzvP02r3SPt1/HtTS+rPNdPY+7C8YvTG09/aEez/oh/2FO85QP7fualdU1/Q+1/BcqHe+g+cbbE58mo5nGmnHxKeecmEe2b2rtc5dX131ycKigjrg7pvxYKn/zV8MD976z/bGRovz1lZRfKZX/0+pDv92z/bVXCvNfzPKrpfKv2dc4uvrTbcsLn8909nxqpfLvO/zZ80vPv3+isP5dWX69VP5Nk4f6B1v79hfWvzJ7PgtK5f9w4+0/v/XtniOF+SHLb5TKXzf5yAv9o60rC/P3Z8+nWW79/D5x3Xejo7+OFeV/k+UPlsp/c3znDa8v2rGqcH7XZM9nqFT+nZft3TrQ2nNJ0bsz7jpb/zkB/p+WpO9Yz6Z+2d+ZZ6rj98LLY7W573wDaRs8mxfKmbnOwn8xHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4G924IAEAAAAQND/1+0IFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKcCAAD//68pLh8=")
fcntl$setstatus(r2, 0x4, 0x800)
[ 75.718047][ T5308] Bluetooth: hci0: command tx timeout
[ 75.852692][ T5325] loop0: detected capacity change from 0 to 256
[ 75.912177][ T5324] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 75.929794][ T5325] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 76.221512][ T5324] loop0: detected capacity change from 0 to 32768
[ 76.307433][ T1310] ieee802154 phy0 wpan0: encryption failed: -22
[ 76.310204][ T1310] ieee802154 phy1 wpan1: encryption failed: -22
[ 76.437236][ T5324] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,erasure_code,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,nocow,no_data_io
[ 76.445999][ T5324] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[ 76.449222][ T5324] bcachefs (loop0): Version upgrade required:
[ 76.449222][ T5324] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[ 76.449222][ T5324] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size
[ 76.449222][ T5324] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance
[ 76.478265][ T5324] bcachefs (loop0): dropping and reconstructing all alloc info
[ 76.491644][ T5324] bcachefs (loop0): error validating btree node on loop0 at btree xattrs level 0/0
[ 76.491667][ T5324] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 2285c34bed0abe32 written 16 min_key POS_MIN durability: 1 ptr: 0:31:0 gen 0
[ 76.491675][ T5324] node offset 0/16 bset u64s 60928: bset past end of btree node (offset 0 len 960 but written 16), exiting
[ 76.507082][ T5324] bcachefs (loop0): Unable to continue, halting
[ 76.510007][ T5324] bcachefs (loop0): flagging btree xattrs lost data
[ 76.513128][ T5324] bcachefs (loop0): running explicit recovery pass check_topology (2), currently at recovery_pass_empty (0)
[ 76.519919][ T5324] bcachefs (loop0): running explicit recovery pass scan_for_btree_nodes (1), currently at recovery_pass_empty (0)
[ 76.526679][ T5324] error reading btree root btree=xattrs level=0: btree_node_read_error, fixing
[ 76.532680][ T5324] invalid bkey in btree_node btree=subvolumes level=0: u64s 7 type subvolume 0:1:0 len 0 ver 0: root 4096 snapshot id 0
[ 76.532693][ T5324] invalid snapshot: delete?, fixing
[ 76.545697][ T5324] bcachefs (loop0): scan_for_btree_nodes...
[ 76.556874][ T5324] bcachefs (loop0): btree node scan found 7 nodes after overwrites
[ 76.562264][ T5324] done
[ 76.563347][ T5324] bcachefs (loop0): check_topology...
[ 76.563854][ T5324] bcachefs (loop0): btree root xattrs unreadable, must recover from scan
[ 76.570880][ T5324] bcachefs (loop0): bch2_get_scanned_nodes(): recovery btree=xattrs level=0 POS_MIN - SPOS_MAX
[ 76.576068][ T5324] bcachefs (loop0): bch2_get_scanned_nodes(): recovering u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 2285c34bed0abe32 written 960 min_key POS_MIN durability: 1 ptr: 0:31:0 gen 0
[ 76.585384][ T38] invalid bkey in btree_node btree=xattrs level=0: u64s 16 type deleted POS_MIN len 0 ver 0:
[ 76.585399][ T38] snapshot == 0: delete?, fixing
[ 76.591947][ T38] bcachefs (loop0): error validating btree node at btree xattrs level 0/0
[ 76.591960][ T38] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 2285c34bed0abe32 written 960 min_key POS_MIN durability: 1 ptr: 0:31:0 gen 0
[ 76.591970][ T38] node offset 0/960 bset u64s 60431 bset byte offset 240: bad k->u64s 0 (min 3 max 253), exiting
[ 76.608377][ T38] bcachefs (loop0): Unable to continue, halting
[ 76.619815][ T5324] empty interior btree node at btree=xattrs level=1
[ 76.619837][ T5324] u64s 5 type btree_ptr SPOS_MAX len 0 ver 0, fixing
[ 76.627920][ T5324] bcachefs (loop0): empty btree root xattrs
[ 76.630388][ T5324] done
[ 76.631511][ T5324] bcachefs (loop0): accounting_read... done
[ 76.635776][ T5324] bcachefs (loop0): alloc_read... done
[ 76.638175][ T5324] bcachefs (loop0): stripes_read... done
[ 76.640515][ T5324] bcachefs (loop0): snapshots_read... done
[ 76.643837][ T5324] bcachefs (loop0): done starting filesystem
[ 76.651360][ T5324] bcachefs (loop0): missing subvolume 1
[ 76.655411][ T5324] bcachefs (loop0): inconsistency detected - emergency read only at journal seq 10
[ 76.659353][ T5324] bcachefs (loop0): bch2_fs_get_tree(): error mounting: error getting root inode ENOENT_bkey_type_mismatch
[ 76.665334][ T5324] bcachefs (loop0): shutting down
[ 76.683565][ T5324] bcachefs (loop0): shutdown complete
[ 77.244999][ T5324] =============================================================================
[ 77.245042][ T5324]
[ 77.245047][ T5324] ======================================================
[ 77.245050][ T5324] WARNING: possible circular locking dependency detected
[ 77.245055][ T5324] 6.14.0-rc6-syzkaller-00003-g4d872d51bc9d #0 Not tainted
[ 77.245062][ T5324] ------------------------------------------------------
[ 77.245065][ T5324] syz.0.0/5324 is trying to acquire lock:
[ 77.245072][ T5324] ffffffff8ea15038 ((console_sem).lock){-...}-{2:2}, at: down_trylock+0x20/0xa0
[ 77.245187][ T5324]
[ 77.245187][ T5324] but task is already holding lock:
[ 77.245190][ T5324] ffff888040c9a6d8 (&n->list_lock){-.-.}-{3:3}, at: __kmem_cache_shutdown+0x9c/0x430
[ 77.245209][ T5324]
[ 77.245209][ T5324] which lock already depends on the new lock.
[ 77.245209][ T5324]
[ 77.245211][ T5324]
[ 77.245211][ T5324] the existing dependency chain (in reverse order) is:
[ 77.245213][ T5324]
[ 77.245213][ T5324] -> #4 (&n->list_lock){-.-.}-{3:3}:
[ 77.245222][ T5324] lock_acquire+0x1ed/0x550
[ 77.245232][ T5324] _raw_spin_lock_irqsave+0xd5/0x120
[ 77.245243][ T5324] get_partial_node+0x37/0x3f0
[ 77.245251][ T5324] ___slab_alloc+0xb75/0x14a0
[ 77.245264][ T5324] __slab_alloc+0x58/0xa0
[ 77.245276][ T5324] kmem_cache_alloc_noprof+0x268/0x380
[ 77.245288][ T5324] fill_pool+0x260/0x680
[ 77.245325][ T5324] debug_object_activate+0x493/0x580
[ 77.245338][ T5324] enqueue_hrtimer+0x30/0x3c0
[ 77.245349][ T5324] __hrtimer_run_queues+0x6cb/0xd30
[ 77.245358][ T5324] hrtimer_interrupt+0x403/0xa40
[ 77.245366][ T5324] __sysvec_apic_timer_interrupt+0x110/0x420
[ 77.245380][ T5324] sysvec_apic_timer_interrupt+0xa1/0xc0
[ 77.245393][ T5324] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 77.245406][ T5324] vma_interval_tree_remove+0x182/0xae0
[ 77.245419][ T5324] vma_prepare+0x43d/0x4c0
[ 77.245429][ T5324] __split_vma+0x95a/0xbf0
[ 77.245439][ T5324] vms_gather_munmap_vmas+0x4c1/0x1600
[ 77.245446][ T5324] mmap_region+0xa50/0x2fa0
[ 77.245453][ T5324] do_mmap+0xecc/0x13a0
[ 77.245462][ T5324] vm_mmap_pgoff+0x214/0x430
[ 77.245467][ T5324] ksys_mmap_pgoff+0x4eb/0x720
[ 77.245477][ T5324] do_syscall_64+0xf3/0x230
[ 77.245489][ T5324] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 77.245501][ T5324]
[ 77.245501][ T5324] -> #3 (hrtimer_bases.lock){-.-.}-{2:2}:
[ 77.245515][ T5324] lock_acquire+0x1ed/0x550
[ 77.245527][ T5324] _raw_spin_lock_irqsave+0xd5/0x120
[ 77.245538][ T5324] hrtimer_start_range_ns+0xf9/0xfa0
[ 77.245546][ T5324] start_dl_timer+0x36a/0x4e0
[ 77.245556][ T5324] enqueue_dl_entity+0x1056/0x1db0
[ 77.245565][ T5324] dl_server_start+0xe2/0x2a0
[ 77.245571][ T5324] enqueue_task_fair+0x9d7/0xd40
[ 77.245602][ T5324] enqueue_task+0x73/0x3d0
[ 77.245615][ T5324] wake_up_new_task+0x576/0xc70
[ 77.245623][ T5324] kernel_clone+0x4ee/0x8e0
[ 77.245633][ T5324] user_mode_thread+0x144/0x1c0
[ 77.245644][ T5324] rest_init+0x23/0x300
[ 77.245652][ T5324] start_kernel+0x484/0x510
[ 77.245663][ T5324] x86_64_start_reservations+0x2a/0x30
[ 77.245676][ T5324] x86_64_start_kernel+0x66/0x70
[ 77.245688][ T5324] common_startup_64+0x13e/0x147
[ 77.245698][ T5324]
[ 77.245698][ T5324] -> #2 (&rq->__lock){-.-.}-{2:2}:
[ 77.245712][ T5324] lock_acquire+0x1ed/0x550
[ 77.245724][ T5324] _raw_spin_lock_nested+0x31/0x40
[ 77.245736][ T5324] raw_spin_rq_lock_nested+0x2a/0x140
[ 77.245746][ T5324] task_rq_lock+0xc6/0x360
[ 77.245755][ T5324] cgroup_move_task+0x9b/0x5a0
[ 77.245764][ T5324] css_set_move_task+0x72e/0x950
[ 77.245776][ T5324] cgroup_post_fork+0x284/0x8b0
[ 77.245786][ T5324] copy_process+0x398a/0x3cf0
[ 77.245796][ T5324] kernel_clone+0x226/0x8e0
[ 77.245807][ T5324] user_mode_thread+0x144/0x1c0
[ 77.245818][ T5324] rest_init+0x23/0x300
[ 77.245825][ T5324] start_kernel+0x484/0x510
[ 77.245831][ T5324] x86_64_start_reservations+0x2a/0x30
[ 77.245840][ T5324] x86_64_start_kernel+0x66/0x70
[ 77.245847][ T5324] common_startup_64+0x13e/0x147
[ 77.245853][ T5324]
[ 77.245853][ T5324] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[ 77.245862][ T5324] lock_acquire+0x1ed/0x550
[ 77.245870][ T5324] _raw_spin_lock_irqsave+0xd5/0x120
[ 77.245878][ T5324] try_to_wake_up+0xc2/0x1470
[ 77.245890][ T5324] up+0x72/0x90
[ 77.245897][ T5324] __console_unlock+0x123/0x1f0
[ 77.245909][ T5324] console_unlock+0x18f/0x3b0
[ 77.245918][ T5324] vga_remove_vgacon+0xbe/0xd0
[ 77.245930][ T5324] virtio_gpu_probe+0x33f/0x3c0
[ 77.245941][ T5324] virtio_dev_probe+0x931/0xc80
[ 77.245954][ T5324] really_probe+0x2b9/0xad0
[ 77.245963][ T5324] __driver_probe_device+0x1a2/0x390
[ 77.245970][ T5324] driver_probe_device+0x50/0x430
[ 77.245979][ T5324] __driver_attach+0x45f/0x710
[ 77.245987][ T5324] bus_for_each_dev+0x239/0x2b0
[ 77.245997][ T5324] bus_add_driver+0x346/0x670
[ 77.246008][ T5324] driver_register+0x23a/0x320
[ 77.246018][ T5324] do_one_initcall+0x248/0x930
[ 77.246028][ T5324] do_initcall_level+0x157/0x210
[ 77.246044][ T5324] do_initcalls+0x71/0xd0
[ 77.246054][ T5324] kernel_init_freeable+0x435/0x5d0
[ 77.246065][ T5324] kernel_init+0x1d/0x2b0
[ 77.246074][ T5324] ret_from_fork+0x4b/0x80
[ 77.246086][ T5324] ret_from_fork_asm+0x1a/0x30
[ 77.246096][ T5324]
[ 77.246096][ T5324] -> #0 ((console_sem).lock){-...}-{2:2}:
[ 77.246106][ T5324] validate_chain+0x18ef/0x5920
[ 77.246112][ T5324] __lock_acquire+0x1397/0x2100
[ 77.246120][ T5324] lock_acquire+0x1ed/0x550
[ 77.246128][ T5324] _raw_spin_lock_irqsave+0xd5/0x120
[ 77.246135][ T5324] down_trylock+0x20/0xa0
[ 77.246140][ T5324] __down_trylock_console_sem+0x109/0x250
[ 77.246147][ T5324] vprintk_emit+0x3d7/0xa10
[ 77.246153][ T5324] _printk+0xd5/0x120
[ 77.246158][ T5324] slab_bug+0x6d/0xc0
[ 77.246164][ T5324] slab_err+0x130/0x190
[ 77.246169][ T5324] __kmem_cache_shutdown+0x134/0x430
[ 77.246177][ T5324] kmem_cache_destroy+0x76/0x160
[ 77.246186][ T5324] bioset_exit+0x54e/0x650
[ 77.246196][ T5324] bch2_fs_release+0x53a/0x7b0
[ 77.246210][ T5324] kobject_put+0x22f/0x480
[ 77.246217][ T5324] deactivate_locked_super+0xc4/0x130
[ 77.246231][ T5324] bch2_fs_get_tree+0xd42/0x17a0
[ 77.246241][ T5324] vfs_get_tree+0x90/0x2b0
[ 77.246252][ T5324] do_new_mount+0x2be/0xb40
[ 77.246264][ T5324] __se_sys_mount+0x2d6/0x3c0
[ 77.246276][ T5324] do_syscall_64+0xf3/0x230
[ 77.246288][ T5324] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 77.246299][ T5324]
[ 77.246299][ T5324] other info that might help us debug this:
[ 77.246299][ T5324]
[ 77.246302][ T5324] Chain exists of:
[ 77.246302][ T5324] (console_sem).lock --> hrtimer_bases.lock --> &n->list_lock
[ 77.246302][ T5324]
[ 77.246318][ T5324] Possible unsafe locking scenario:
[ 77.246318][ T5324]
[ 77.246321][ T5324] CPU0 CPU1
[ 77.246323][ T5324] ---- ----
[ 77.246326][ T5324] lock(&n->list_lock);
[ 77.246333][ T5324] lock(hrtimer_bases.lock);
[ 77.246341][ T5324] lock(&n->list_lock);
[ 77.246348][ T5324] lock((console_sem).lock);
[ 77.246355][ T5324]
[ 77.246355][ T5324] *** DEADLOCK ***
[ 77.246355][ T5324]
[ 77.246358][ T5324] 4 locks held by syz.0.0/5324:
[ 77.246364][ T5324] #0: ffffffff8f269c88 (bio_slab_lock){+.+.}-{4:4}, at: bioset_exit+0x42f/0x650
[ 77.246390][ T5324] #1: ffffffff8e9d5290 (cpu_hotplug_lock){++++}-{0:0}, at: kmem_cache_destroy+0x3e/0x160
[ 77.246413][ T5324] #2: ffffffff8ec23890 (slab_mutex){+.+.}-{4:4}, at: kmem_cache_destroy+0x4c/0x160
[ 77.246436][ T5324] #3: ffff888040c9a6d8 (&n->list_lock){-.-.}-{3:3}, at: __kmem_cache_shutdown+0x9c/0x430
[ 77.246463][ T5324]
[ 77.246463][ T5324] stack backtrace:
[ 77.246467][ T5324] CPU: 0 UID: 0 PID: 5324 Comm: syz.0.0 Not tainted 6.14.0-rc6-syzkaller-00003-g4d872d51bc9d #0
[ 77.246478][ T5324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 77.246484][ T5324] Call Trace:
[ 77.246489][ T5324]
[ 77.246492][ T5324] dump_stack_lvl+0x241/0x360
[ 77.246500][ T5324] ? __pfx_dump_stack_lvl+0x10/0x10
[ 77.246506][ T5324] ? __pfx__printk+0x10/0x10
[ 77.246513][ T5324] print_circular_bug+0x13a/0x1b0
[ 77.246521][ T5324] check_noncircular+0x36a/0x4a0
[ 77.246531][ T5324] ? __pfx_check_noncircular+0x10/0x10
[ 77.246541][ T5324] ? lockdep_lock+0x123/0x2b0
[ 77.246555][ T5324] ? validate_chain+0x11e/0x5920
[ 77.246565][ T5324] validate_chain+0x18ef/0x5920
[ 77.246579][ T5324] ? __pfx_validate_chain+0x10/0x10
[ 77.246589][ T5324] ? __pfx_prb_first_seq+0x10/0x10
[ 77.246602][ T5324] ? this_cpu_in_panic+0x4f/0x80
[ 77.246612][ T5324] ? _prb_read_valid+0xa4c/0xad0
[ 77.246622][ T5324] ? __pfx_data_alloc+0x10/0x10
[ 77.246634][ T5324] ? mark_lock+0x9a/0x360
[ 77.246643][ T5324] __lock_acquire+0x1397/0x2100
[ 77.246659][ T5324] lock_acquire+0x1ed/0x550
[ 77.246671][ T5324] ? down_trylock+0x20/0xa0
[ 77.246680][ T5324] ? __pfx_desc_update_last_finalized+0x10/0x10
[ 77.246692][ T5324] ? __pfx_lock_acquire+0x10/0x10
[ 77.246705][ T5324] ? rcu_is_watching+0x15/0xb0
[ 77.246717][ T5324] ? vprintk_store+0xd77/0x1240
[ 77.246726][ T5324] ? __lock_acquire+0x1397/0x2100
[ 77.246741][ T5324] _raw_spin_lock_irqsave+0xd5/0x120
[ 77.246750][ T5324] ? down_trylock+0x20/0xa0
[ 77.246757][ T5324] ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[ 77.246769][ T5324] ? mark_lock+0x9a/0x360
[ 77.246778][ T5324] down_trylock+0x20/0xa0
[ 77.246787][ T5324] __down_trylock_console_sem+0x109/0x250
[ 77.246800][ T5324] ? _printk+0xd5/0x120
[ 77.246808][ T5324] ? __pfx___down_trylock_console_sem+0x10/0x10
[ 77.246820][ T5324] ? lockdep_hardirqs_on+0x99/0x150
[ 77.246834][ T5324] ? is_printk_cpu_sync_owner+0x32/0x40
[ 77.246846][ T5324] vprintk_emit+0x3d7/0xa10
[ 77.246856][ T5324] ? __pfx_vprintk_emit+0x10/0x10
[ 77.246866][ T5324] ? mark_lock+0x9a/0x360
[ 77.246875][ T5324] ? __lock_acquire+0x1397/0x2100
[ 77.246889][ T5324] _printk+0xd5/0x120
[ 77.246898][ T5324] ? vsnprintf+0x1148/0x1220
[ 77.246909][ T5324] ? __pfx__printk+0x10/0x10
[ 77.246917][ T5324] ? vsnprintf+0x1152/0x1220
[ 77.246929][ T5324] slab_bug+0x6d/0xc0
[ 77.246938][ T5324] ? vsnprintf+0x1148/0x1220
[ 77.246950][ T5324] slab_err+0x130/0x190
[ 77.246962][ T5324] ? lockdep_hardirqs_on+0x99/0x150
[ 77.246975][ T5324] __kmem_cache_shutdown+0x134/0x430
[ 77.246990][ T5324] ? bioset_exit+0x54e/0x650
[ 77.247003][ T5324] kmem_cache_destroy+0x76/0x160
[ 77.247014][ T5324] bioset_exit+0x54e/0x650
[ 77.247028][ T5324] bch2_fs_release+0x53a/0x7b0
[ 77.247045][ T5324] kobject_put+0x22f/0x480
[ 77.247051][ T5324] deactivate_locked_super+0xc4/0x130
[ 77.247061][ T5324] bch2_fs_get_tree+0xd42/0x17a0
[ 77.247072][ T5324] ? __pfx_bch2_fs_get_tree+0x10/0x10
[ 77.247080][ T5324] ? vfs_parse_monolithic_sep+0x423/0x460
[ 77.247090][ T5324] ? __pfx_vfs_parse_comma_sep+0x10/0x10
[ 77.247099][ T5324] ? rcu_is_watching+0x15/0xb0
[ 77.247106][ T5324] ? apparmor_capable+0x13b/0x1b0
[ 77.247114][ T5324] vfs_get_tree+0x90/0x2b0
[ 77.247122][ T5324] do_new_mount+0x2be/0xb40
[ 77.247131][ T5324] ? __pfx_do_new_mount+0x10/0x10
[ 77.247140][ T5324] __se_sys_mount+0x2d6/0x3c0
[ 77.247149][ T5324] ? __pfx___se_sys_mount+0x10/0x10
[ 77.247158][ T5324] ? do_syscall_64+0x100/0x230
[ 77.247167][ T5324] ? __x64_sys_mount+0x20/0xc0
[ 77.247179][ T5324] do_syscall_64+0xf3/0x230
[ 77.247192][ T5324] ? clear_bhb_loop+0x35/0x90
[ 77.247206][ T5324] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 77.247219][ T5324] RIP: 0033:0x7fd328b8e90a
[ 77.247229][ T5324] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 77.247237][ T5324] RSP: 002b:00007fd329a8de68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 77.247247][ T5324] RAX: ffffffffffffffda RBX: 00007fd329a8def0 RCX: 00007fd328b8e90a
[ 77.247255][ T5324] RDX: 00004000000058c0 RSI: 0000400000005900 RDI: 00007fd329a8deb0
[ 77.247262][ T5324] RBP: 00004000000058c0 R08: 00007fd329a8def0 R09: 0000000000010000
[ 77.247268][ T5324] R10: 0000000000010000 R11: 0000000000000246 R12: 0000400000005900
[ 77.247274][ T5324] R13: 00007fd329a8deb0 R14: 0000000000005912 R15: 00004000000001c0
[ 77.247283][ T5324]
[ 77.735795][ T5324] BUG bio-464 (Not tainted): Objects remaining in bio-464 on __kmem_cache_shutdown()
[ 77.739652][ T5324] -----------------------------------------------------------------------------
[ 77.739652][ T5324]
[ 77.744055][ T5324] Slab 0xffffea00014a6d80 objects=12 used=5 fp=0xffff8880529b7680 flags=0x4fff00000000240(workingset|head|node=1|zone=1|lastcpupid=0x7ff)
[ 77.748530][ T5324] CPU: 0 UID: 0 PID: 5324 Comm: syz.0.0 Not tainted 6.14.0-rc6-syzkaller-00003-g4d872d51bc9d #0
[ 77.748541][ T5324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 77.748546][ T5324] Call Trace:
[ 77.748550][ T5324]
[ 77.748554][ T5324] dump_stack_lvl+0x241/0x360
[ 77.748565][ T5324] ? __pfx_dump_stack_lvl+0x10/0x10
[ 77.748572][ T5324] ? __pfx__printk+0x10/0x10
[ 77.748578][ T5324] ? slab_bug+0x99/0xc0
[ 77.748586][ T5324] slab_err+0x15a/0x190
[ 77.748594][ T5324] ? lockdep_hardirqs_on+0x99/0x150
[ 77.748604][ T5324] __kmem_cache_shutdown+0x134/0x430
[ 77.748620][ T5324] ? bioset_exit+0x54e/0x650
[ 77.748633][ T5324] kmem_cache_destroy+0x76/0x160
[ 77.748644][ T5324] bioset_exit+0x54e/0x650
[ 77.748654][ T5324] bch2_fs_release+0x53a/0x7b0
[ 77.748664][ T5324] kobject_put+0x22f/0x480
[ 77.748671][ T5324] deactivate_locked_super+0xc4/0x130
[ 77.748682][ T5324] bch2_fs_get_tree+0xd42/0x17a0
[ 77.748693][ T5324] ? __pfx_bch2_fs_get_tree+0x10/0x10
[ 77.748702][ T5324] ? vfs_parse_monolithic_sep+0x423/0x460
[ 77.748711][ T5324] ? __pfx_vfs_parse_comma_sep+0x10/0x10
[ 77.748720][ T5324] ? rcu_is_watching+0x15/0xb0
[ 77.748730][ T5324] ? apparmor_capable+0x13b/0x1b0
[ 77.748742][ T5324] vfs_get_tree+0x90/0x2b0
[ 77.748754][ T5324] do_new_mount+0x2be/0xb40
[ 77.748769][ T5324] ? __pfx_do_new_mount+0x10/0x10
[ 77.748780][ T5324] __se_sys_mount+0x2d6/0x3c0
[ 77.748789][ T5324] ? __pfx___se_sys_mount+0x10/0x10
[ 77.748798][ T5324] ? do_syscall_64+0x100/0x230
[ 77.748807][ T5324] ? __x64_sys_mount+0x20/0xc0
[ 77.748816][ T5324] do_syscall_64+0xf3/0x230
[ 77.748825][ T5324] ? clear_bhb_loop+0x35/0x90
[ 77.748834][ T5324] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 77.748843][ T5324] RIP: 0033:0x7fd328b8e90a
[ 77.748851][ T5324] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 77.748856][ T5324] RSP: 002b:00007fd329a8de68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 77.748865][ T5324] RAX: ffffffffffffffda RBX: 00007fd329a8def0 RCX: 00007fd328b8e90a
[ 77.748870][ T5324] RDX: 00004000000058c0 RSI: 0000400000005900 RDI: 00007fd329a8deb0
[ 77.748877][ T5324] RBP: 00004000000058c0 R08: 00007fd329a8def0 R09: 0000000000010000
[ 77.748883][ T5324] R10: 0000000000010000 R11: 0000000000000246 R12: 0000400000005900
[ 77.748889][ T5324] R13: 00007fd329a8deb0 R14: 0000000000005912 R15: 00004000000001c0
[ 77.748899][ T5324]
[ 77.748905][ T5324] Object 0xffff8880529b6a00 @offset=2560
[ 77.847861][ T5324] Object 0xffff8880529b6c80 @offset=3200
[ 77.850190][ T5324] Object 0xffff8880529b6f00 @offset=3840
[ 77.852560][ T5324] Object 0xffff8880529b7180 @offset=4480
[ 77.854716][ T5324] Object 0xffff8880529b7400 @offset=5120
[ 77.863535][ T5308] Bluetooth: hci0: command tx timeout
[ 77.889068][ T5324] ------------[ cut here ]------------
[ 77.891295][ T5324] kmem_cache_destroy bio-464: Slab cache still has objects when called from bioset_exit+0x54e/0x650
[ 77.891401][ T5324] WARNING: CPU: 0 PID: 5324 at mm/slab_common.c:533 kmem_cache_destroy+0x153/0x160
[ 77.899760][ T5324] Modules linked in:
[ 77.901386][ T5324] CPU: 0 UID: 0 PID: 5324 Comm: syz.0.0 Tainted: G B 6.14.0-rc6-syzkaller-00003-g4d872d51bc9d #0
[ 77.906274][ T5324] Tainted: [B]=BAD_PAGE
[ 77.908034][ T5324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 77.912398][ T5324] RIP: 0010:kmem_cache_destroy+0x153/0x160
[ 77.914925][ T5324] Code: 61 18 48 89 de 5b 41 5e 5d e9 39 58 14 00 90 48 8b 53 60 48 c7 c7 3b 76 2d 8e 48 c7 c6 74 76 2d 8e 48 89 e9 e8 de 26 78 ff 90 <0f> 0b 90 90 e9 25 ff ff ff 0f 1f 40 00 90 90 90 90 90 90 90 90 90
[ 77.922860][ T5324] RSP: 0018:ffffc9000d427840 EFLAGS: 00010246
[ 77.925463][ T5324] RAX: bc2a0d3987787100 RBX: ffff888040c95dc0 RCX: ffff888000642440
[ 77.928650][ T5324] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 77.931735][ T5324] RBP: ffffffff84d2a5fe R08: ffffffff81819e52 R09: 1ffff11003f8519a
[ 77.934886][ T5324] R10: dffffc0000000000 R11: ffffed1003f8519b R12: 00000000000001d0
[ 77.937772][ T5324] R13: 1ffff1100a660176 R14: 0000000000000001 R15: ffff8880406a5ec8
[ 77.940892][ T5324] FS: 00007fd329a8e6c0(0000) GS:ffff88801fc00000(0000) knlGS:0000000000000000
[ 77.944554][ T5324] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 77.947038][ T5324] CR2: 00005594788a0098 CR3: 000000004008e000 CR4: 0000000000352ef0
[ 77.950227][ T5324] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 77.953527][ T5324] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 77.956798][ T5324] Call Trace:
[ 77.958222][ T5324]
[ 77.959494][ T5324] ? __warn+0x165/0x4d0
[ 77.961214][ T5324] ? kmem_cache_destroy+0x153/0x160
[ 77.963327][ T5324] ? report_bug+0x2b3/0x500
[ 77.965264][ T5324] ? kmem_cache_destroy+0x153/0x160
[ 77.967210][ T5324] ? handle_bug+0x60/0x90
[ 77.968851][ T5324] ? exc_invalid_op+0x1a/0x50
[ 77.970644][ T5324] ? asm_exc_invalid_op+0x1a/0x20
[ 77.972729][ T5324] ? bioset_exit+0x54e/0x650
[ 77.974690][ T5324] ? __warn_printk+0x292/0x360
[ 77.976742][ T5324] ? kmem_cache_destroy+0x153/0x160
[ 77.978903][ T5324] bioset_exit+0x54e/0x650
[ 77.980708][ T5324] bch2_fs_release+0x53a/0x7b0
[ 77.982647][ T5324] kobject_put+0x22f/0x480
[ 77.984640][ T5324] deactivate_locked_super+0xc4/0x130
[ 77.986695][ T5324] bch2_fs_get_tree+0xd42/0x17a0
[ 77.988754][ T5324] ? __pfx_bch2_fs_get_tree+0x10/0x10
[ 77.990959][ T5324] ? vfs_parse_monolithic_sep+0x423/0x460
[ 77.993243][ T5324] ? __pfx_vfs_parse_comma_sep+0x10/0x10
[ 77.995638][ T5324] ? rcu_is_watching+0x15/0xb0
[ 77.997600][ T5324] ? apparmor_capable+0x13b/0x1b0
[ 77.999756][ T5324] vfs_get_tree+0x90/0x2b0
[ 78.001620][ T5324] do_new_mount+0x2be/0xb40
[ 78.003410][ T5324] ? __pfx_do_new_mount+0x10/0x10
[ 78.005538][ T5324] __se_sys_mount+0x2d6/0x3c0
[ 78.007529][ T5324] ? __pfx___se_sys_mount+0x10/0x10
[ 78.009757][ T5324] ? do_syscall_64+0x100/0x230
[ 78.011831][ T5324] ? __x64_sys_mount+0x20/0xc0
[ 78.013861][ T5324] do_syscall_64+0xf3/0x230
[ 78.015809][ T5324] ? clear_bhb_loop+0x35/0x90
[ 78.017794][ T5324] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 78.020097][ T5324] RIP: 0033:0x7fd328b8e90a
[ 78.021889][ T5324] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 78.029452][ T5324] RSP: 002b:00007fd329a8de68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 78.032910][ T5324] RAX: ffffffffffffffda RBX: 00007fd329a8def0 RCX: 00007fd328b8e90a
[ 78.036271][ T5324] RDX: 00004000000058c0 RSI: 0000400000005900 RDI: 00007fd329a8deb0
[ 78.039613][ T5324] RBP: 00004000000058c0 R08: 00007fd329a8def0 R09: 0000000000010000
[ 78.042777][ T5324] R10: 0000000000010000 R11: 0000000000000246 R12: 0000400000005900
[ 78.045989][ T5324] R13: 00007fd329a8deb0 R14: 0000000000005912 R15: 00004000000001c0
[ 78.049143][ T5324]
[ 78.050391][ T5324] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 78.053275][ T5324] CPU: 0 UID: 0 PID: 5324 Comm: syz.0.0 Tainted: G B 6.14.0-rc6-syzkaller-00003-g4d872d51bc9d #0
[ 78.057992][ T5324] Tainted: [B]=BAD_PAGE
[ 78.059708][ T5324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 78.064096][ T5324] Call Trace:
[ 78.065487][ T5324]
[ 78.066798][ T5324] dump_stack_lvl+0x241/0x360
[ 78.068744][ T5324] ? __pfx_dump_stack_lvl+0x10/0x10
[ 78.070868][ T5324] ? __pfx__printk+0x10/0x10
[ 78.072776][ T5324] ? _printk+0xd5/0x120
[ 78.074578][ T5324] ? __init_begin+0x41000/0x41000
[ 78.076758][ T5324] ? vscnprintf+0x5d/0x90
[ 78.078563][ T5324] panic+0x349/0x880
[ 78.080215][ T5324] ? __warn+0x174/0x4d0
[ 78.081872][ T5324] ? __pfx_panic+0x10/0x10
[ 78.083616][ T5324] __warn+0x344/0x4d0
[ 78.085189][ T5324] ? kmem_cache_destroy+0x153/0x160
[ 78.087242][ T5324] report_bug+0x2b3/0x500
[ 78.088959][ T5324] ? kmem_cache_destroy+0x153/0x160
[ 78.090872][ T5324] handle_bug+0x60/0x90
[ 78.092414][ T5324] exc_invalid_op+0x1a/0x50
[ 78.094028][ T5324] asm_exc_invalid_op+0x1a/0x20
[ 78.095750][ T5324] RIP: 0010:kmem_cache_destroy+0x153/0x160
[ 78.097849][ T5324] Code: 61 18 48 89 de 5b 41 5e 5d e9 39 58 14 00 90 48 8b 53 60 48 c7 c7 3b 76 2d 8e 48 c7 c6 74 76 2d 8e 48 89 e9 e8 de 26 78 ff 90 <0f> 0b 90 90 e9 25 ff ff ff 0f 1f 40 00 90 90 90 90 90 90 90 90 90
[ 78.104852][ T5324] RSP: 0018:ffffc9000d427840 EFLAGS: 00010246
[ 78.107345][ T5324] RAX: bc2a0d3987787100 RBX: ffff888040c95dc0 RCX: ffff888000642440
[ 78.110533][ T5324] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 78.113782][ T5324] RBP: ffffffff84d2a5fe R08: ffffffff81819e52 R09: 1ffff11003f8519a
[ 78.117084][ T5324] R10: dffffc0000000000 R11: ffffed1003f8519b R12: 00000000000001d0
[ 78.120405][ T5324] R13: 1ffff1100a660176 R14: 0000000000000001 R15: ffff8880406a5ec8
[ 78.123582][ T5324] ? bioset_exit+0x54e/0x650
[ 78.125454][ T5324] ? __warn_printk+0x292/0x360
[ 78.127435][ T5324] bioset_exit+0x54e/0x650
[ 78.129257][ T5324] bch2_fs_release+0x53a/0x7b0
[ 78.131260][ T5324] kobject_put+0x22f/0x480
[ 78.132996][ T5324] deactivate_locked_super+0xc4/0x130
[ 78.135099][ T5324] bch2_fs_get_tree+0xd42/0x17a0
[ 78.137124][ T5324] ? __pfx_bch2_fs_get_tree+0x10/0x10
[ 78.139373][ T5324] ? vfs_parse_monolithic_sep+0x423/0x460
[ 78.141696][ T5324] ? __pfx_vfs_parse_comma_sep+0x10/0x10
[ 78.143940][ T5324] ? rcu_is_watching+0x15/0xb0
[ 78.145781][ T5324] ? apparmor_capable+0x13b/0x1b0
[ 78.147747][ T5324] vfs_get_tree+0x90/0x2b0
[ 78.149490][ T5324] do_new_mount+0x2be/0xb40
[ 78.151274][ T5324] ? __pfx_do_new_mount+0x10/0x10
[ 78.153187][ T5324] __se_sys_mount+0x2d6/0x3c0
[ 78.154899][ T5324] ? __pfx___se_sys_mount+0x10/0x10
[ 78.156725][ T5324] ? do_syscall_64+0x100/0x230
[ 78.158506][ T5324] ? __x64_sys_mount+0x20/0xc0
[ 78.160472][ T5324] do_syscall_64+0xf3/0x230
[ 78.162441][ T5324] ? clear_bhb_loop+0x35/0x90
[ 78.164407][ T5324] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 78.166896][ T5324] RIP: 0033:0x7fd328b8e90a
[ 78.168719][ T5324] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 78.176564][ T5324] RSP: 002b:00007fd329a8de68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 78.180825][ T5324] RAX: ffffffffffffffda RBX: 00007fd329a8def0 RCX: 00007fd328b8e90a
[ 78.183946][ T5324] RDX: 00004000000058c0 RSI: 0000400000005900 RDI: 00007fd329a8deb0
[ 78.186819][ T5324] RBP: 00004000000058c0 R08: 00007fd329a8def0 R09: 0000000000010000
[ 78.189951][ T5324] R10: 0000000000010000 R11: 0000000000000246 R12: 0000400000005900
[ 78.193212][ T5324] R13: 00007fd329a8deb0 R14: 0000000000005912 R15: 00004000000001c0
[ 78.196507][ T5324]
[ 78.198223][ T5324] Kernel Offset: disabled
[ 78.200084][ T5324] Rebooting in 86400 seconds..