program:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000600)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x88}}, 0x0)
syz_emit_ethernet(0xba, &(0x7f0000000700)={@local, @empty, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "3000bb", 0x84, 0x2b, 0x0, @private2, @local, {[@dstopts={0x2c, 0x2, '\x00', [@calipso={0x7, 0x10, {0x0, 0x2, 0x2, 0x7, [0xc]}}, @enc_lim]}], {0x0, 0x0, 0x64, 0x0, @wg=@response={0x3a, 0x0, 0x0, "82f63de64f6ce2ee11028289aefdb3449391a823213e6336516748a7949bb108", "402fa83b1d661c18462075368a186092", {"9ddeb8f71aa23d391b8fa99e9816af2d", "040876a663a86d97f46b9665cc18492b"}}}}}}}}, 0x0)
syz_mount_image$bcachefs(&(0x7f00000000c0), &(0x7f0000000080)='./file1\x00', 0x818001, &(0x7f0000000240)={[{@inodes_32bit}, {@shared_inode_numbers}, {@errors_continue}, {@grpquota}, {@nocow_enabled}, {@nochanges}, {@prjquota}, {@acl}, {@acl}]}, 0x1, 0x5989, &(0x7f00000002c0)="$eJzs3X+QHNV9IPDXM7Pa2V39WAkIMpjVIlBCILZW/FBhk4o3ucROAaHkIuUgTjYsaEVkS0IliYAECSIHPijAhVNOJTj5g7gwddiKiyq4GIUy4ccJzsamuPioK0ydfYd9Vb7CHCoDOsrl817tTr/RbO/09uzMrH7A51PS9rw3Pd/37e43Pf3ezO4EAAAA3heeu2PnoctO+YPv/OX4O7f+4T9vvS0MlKfqq3GFwXR509HKkCOpt7J8apntF79x89d+Mnzt7337kf6vvntg4+mbfvD7J1z7xGcv3n//3z399qLHfvVaUdzYn84+XE7eSEKofuvgX3/+wAsnT9YlIYRyMrg3hKXJsqeXJpkQI78IIWxMC+XK9Dsffee8TZPL2+7unVa/JBNEf39/q6b9bM+hG88JP/zd9bd/b8U3/rFn3+t7D6+SVBv6UwiLr258fE/6vy8tx962PD44Xa4LIfQ3PO7CgrzOaDH/1TnlU9PlgnQ5UBAn3r8yUy5l1suWo57Msr+gvU7l5dHuekUWZsrZk1Gn8vKM9UvT5TfT5dlzjF+O/5NQSkKlnv6W5HAfCQ3HLQnJ1LGs1sul+rEN6fZnykmmXMqUyz2Z7ZpqN+1o5SSZXh/Xy9TH03ElrT+98VzdxOU59R9Il9X0ifpuLIfsjZqBGTfq2zUl5nVwllyOhFLDOahZfb2fpQdjIK0bSJbNeMxEE/G+A+vvWVXe8Mxzgzl5JI8kafxkah/NNf6e7y5d+Jmv33VD3rFNri6l8Uttxf/RJS++eeVdX/ny8rz498X45bbin/tk/xuXPHvHyrz9E7drIFTaij/22vP3rjjxmn25+T8Q93+1reM7uv/F3kWHnnwq9/iOxP3T11b+r1708R8//PLjr+fGDzF+f1vxN+zf/oXeoUNn5cZ/Ku6fgfb6z1v71r4yNPTT4bz4L8X4i9qK/9De+z/64JK7L849vuvi/hlsK/6lZz5x+8JDj5+W+/x6oFuvnADvTyek11h3puXZxpm9s4wzO9UwXvjb4UrtunVh+n9RNxvKXHxOtrO4m/EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIIRw0jn/+RP/81ODb1TScm9649VSbRnrF4SQ9IUQdu4a27Fr87brhj97/Q07to1tGR7bNTy+bdeO3cPn/9bwjvHtW8Z2T9478qHzao9bFpLaMjltRtu9ExMTpcHpdbG9f3Pmvh+uuvB//yyEkZO+P1TJzX/1/VsfPLHJz4xkdOJjW2+47PsX/EO6XYNpXoNN8pqYmJgIOXn9nyt++eBfHfzJWSGM/NpseT3/6u/8y7SEpioOx0mVekMtod6kv2ke9azTfOL+qmzavGV8ZPb9O/n4cs52/NubX//Fppu++Mva/q3mbkeL+7dvdGJL6W/WX/r//uaWWkVRXvXtyOQ138e9aH/HrYj5xf1XTff34nS7FudsVyVnf9/xvade/tYpd729N4xU3loxs+2i7epJO0BP8oGW2o0t9CdLp9VX0/XjEY+PW71r6/bVO3fv+dDmrWPXjV83vu0ja85fs3bkgrUXrJ7a8tVd3v7Y/q+3uP2t9qdsu3PrT0v+bO8348/W+lNRXkX7YzKv4v3RmFEmr0VTP/tGJ/ov//yXPnL/s5fVqov6eVy7/jxMl/2Tx3lNaOhvM/dVs+0q2g8hhOFm++HNty8OJ/+3zbcXnYcaj0zjz4xkdOKFlT//hwv/fvlv1yqOyHm+MaE2z/P1rA/nM7W/qunxmDhG929vKKfbNdA0rzUvPNtzz3M/+/N6fgsWhJvGdu3asab2c2Ga6cLk1KZ5ZWvjdq2Y+lkO6W4J9W7apL9O6gm1/LLnz7h6dq8OpPcNJMuabldWvO/A+ntWlTc881zenk4eqbXYF5+4yQdz1tySeWC5nnCz9o/V519R/xj6xN8/9qnH/un8Gf3j3NrPou1KcrbrGy8/9KWvfvHf/1P3tusTv/Pi4M//+5+uqlUcL+eVetZpPknjeeXcEIqefytC8+3Iff6Vmm9P0fMv287h9ZvHG86UB0K5+PlaDTOer+c+2f/GJc/esTL3+Xqw1efrLdNK5YLn67HSf7LPr6QyPY/5e35N6yjJ6MS37zxh79O3rjulVlHUr+trN+vX57Uw/sjZrn+58pWh64f/3X/t3nnja7/16FU/GBv9i1pF+8c95tKd415N9281Z//Ws47jzsb9++Frr9+ysVZ/1K9/a5pc/6bLgvFPPJXs3L3nc2Nbtozv2NnadrX6ehrbye7ldl9P49ltWcF2lWZs1/zdaGV/tfp8i/lvbHt/TX++DYSkreu4Pd9duvAzX7/rhsEZj0oburqUxi+1Ff9Hl7z45pV3feXLufHvi/ErbcUfe+35e1eceM2+3PgPJGn8alvxR/e/2Lvo0JNP5cYfifn3tRX/1Ys+/uOHX3789dz4IcYfaG//v7Vv7StDQz/Njf9SkrYzeY0UwqPvnLepVk5CT/p8i3n0TMsrZMtJplzKlMuN5VJtrrXeQDlJptfH9dL60xtyaeZPcurjVVh1eW35biyH7I3Z6481pYZzf7P6outUAID3uvj+f7wGje//j6cXSvkzDXBYp+Ow5Tlx4zjs8HzOgmn3L0/jx8fHecChD4eRyeVtw7UL/bm+jxCfD9l5ztjOWWdMjzGXec5SODzPWTT/vjJTjnnV5ssrDePQ1MxxTSW0MP8+s53Z598zm188Pz5854y0hhvmrbLHryedMWv2eYdMvpXJCHn9IzsvFj/PMbQ4rJtqr8X+kf0cTTwO2c/RxHZOyZw42/0cTaf9I6Y9S/+YSrn4/Y2Zxy/Msn8PH7/m0bLHbw7Huzq5/ny/P9uFecOmp7QjN2/YwvthTeK3+n5YfV5ydOY6s8V/v8xLHuvzhrE+bkelxfnET+XUtzKf2DgvlzefGE8XMa+Ds+RyJJhPBN6r4vg/vkZMjv8nL8D/b2a9ouvQ7FVjjJf7OaFy83yKxh0zP6fX39br+Ib927/QO3TorNzrnKda/dzP9mml/oLP/RTtx1WZcuF+zJmgKRrvZdsp2u/Zz2UMhEVt7feH9t7/0QeX3H1x7n5fV3shLd7vX5pWWlSw34+D8ULz+O+18YLPMUyP36XPMRTNnx218Uj6waf5Go/8cU79XD/f0D/jRn27phx345GeI5sXAHD86E3H//X3z9Lx//+IK6TXEUXj1rOzcdNl7rg15/okb9z6R+nypsz6A+lvVMz1uvnSM5+4feGhx0/LHbc80Oo49D9MKw0WjkM7GzfnjiPWdefz4rnjiPo4q7NxYm7+9XFiZ+P03Pj1cXpn4+jc/VMfR88+D9CTEz/OA+TGr88DHO/j3IL5ukxjsdjqfN17dhyd/vrsfI2jL8+pn+s4emDGjfp2TTGOBgA4uuL7//EyLo7/n82s1+n77Lnjgi5dt2f/Hkg9/ktHalzZ2fu/xeO++R63zve4fr7nJY73cfF8zwvN7zzZ+35cnDb6/hsX9x2x3AAA6Fwc/8eruPzxf2fjk2bjt55p4xPj86bxjc+PkfH58T7/dVTH/6Pv+fF/LIfsjZr37vgfAIDjSRz/x197jH//7z+l5ezfrTdOz4lvnG6cPlv/eWvf2ocHWxmnd3+eLfgcwNGdB2h4i9w8AAAAR0PP1Ehp5u/ZfzpdZn/PPu/38q/MWb9VlfTy+JpdO8bHr7ph+8axXeNXbbt+4/jOq27csXnXrvFttfU6HTfmjlvScWNPqKT7o/l62XHbkvTvISzJ+XsI2fVj2FOnbsz8ewjZZvsK/o7A4ePXWr55x680y/rN+kfe8c6L/yc560f143/tn5571aadV23etnnX5rEtm/eMT19vctTaP4fvzYy7ZU7fl5r5MUNp7t/f2Z08SjPy6En3R973syeZPJammSzN+/6DnLy/81/+6s/OnPjlwyGMnFT+YEf7Lxmd+I9XjP/Rrue+v30y/75Z86+vmeZV9H2l2fXj9lS2XL9z1zmbrr9hW/YbJdsT5zNK9fI8zWekT/9yi/MTG3Lq5/o5hfKMG8emlucnAACYJr7/H69n4/uHX0wvoGJ96+P0zt4/zh2nj0wfp+f91mn2e8mKxunZ9eP2tjpOr3Y4Ts+2XzROb7Z+s3F63rg7L/4f56w/V633k84+55HbT65ubT4n+30GRf0ku/5c+0nSYT/Jtl/UT5qt36yf5B33vPifzFk/T+v9obPP5eT2h/ta6w+/mSkX9Yfs+nPtD6UO+0O2/aL+ENcfb1i/WX/IO7558S/LWb9V0/vHZMeY6hfjV914/Y7PNaw3399/0Xl+8/v9H+1qPf/5/dzX/Oc/v58rm//8O/v9r9z8X+psJqz1/Of3+13adcTma9MPmxV9/qxoHnd9Tv1c53EXzLhxbDKPC0dPHP/Ht3vi+P/udNntt4GO/+9J8z1mTeN36XvMiq5jvJ7P0tgxwOs5AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQGt6K8unls/dsfPQZaf8wXf+cvydW//wn7fe9hs3f+0nw9f+3rcf6f/quwc2nr7pB79/wrVPfPbi/ff/3dNvL3rsV68VBh6c+lk5Oy1WQ0jeSEKofuvgX3/+wAsnT9YlIYRyMrg3hKXJsqeXJpkII78IIWys5zn9zkffOW/T5PK2u3un1S/JBMluVxgox3wa8wzhpsIt4jhUTfvZnkM3nhN++Lvrb//eim/8Y8++1/ceXiWpNvSnEBZf3fj4nhBCX/p/Uuxty+OD0+W6EEJ/w+MuLMjrjBbzX51TPjVdLkiXAwVx4v0rM+VSZr1sOerJLPsL2utUXh7trldkYaacPRl1Ki/PWL80XX4zXZ49x/jl+D8JpSRU6ulvSQ73kdBw3JKQTB3Lar1cqh/bkG5/ppxkyqVMudyT2a6pdtOOVk6S6fVxvUx9PB1X0vrTG8/VTVyeU/+BdFlNn6jvxnLI3qgZmHGjvl1TYl4HZ8nlSCg1nIOa1dcPfHowBtK6gWTZjMdMNBHvO7D+nlXlDc/05eWRPJKk8ZO24u/57tKFn/n6XTcsz4t/dSmNX2or/o8uefHNK+/6ypdz498X45fbin/uk/1vXPLsHSsH8+IfjPun0lb8sdeev3fFidfsy83/gRi/2lb80f0v9i469ORTufmPxP3T11b8Vy/6+I8ffvnx13Pjhxi/v634G/Zv/0Lv0KGzcuM/FffPQHv95619a18ZGvrpcF78l2L8RW3Ff2jv/R99cMndF+ce33Vx/wy2Ff/SM5+4feGhx0/LO3cmD3TrlRPg/emE9BrrzrTc7jizUw3jhb8drtSu+Ram/xd1s6GMyXYWz2N8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADem/71lvM/fcXHPrm+koSQ5Kwz0US8r7xgdHS4jXbHXnv+3hUnXrOvsW55G3EAAACAYnEcXqrXVMPycGPSF05tun6cIzg1lpLp9dk5hBgnO0fQbpxSl+KUuxSn0kKcvhbi9HQpnwVditPbpTjVgjjV0FqcvlniVCZ7RYv59M+aT+txBroUZ2GX4izqUpzFXYqzpEtxBmeN03o/XNqlOMu6FOeELsU5sUtxTupSnF+bW5zBvDgndymf7JzyXPvhonTNU/LiTN0oF8apJOX6Hc3m009O2zmtw3YGCtpZVPR63GI7fS22c0bmcaU5tlNtsZ1f77CdpMV2frPDdkoF7cR+e1M2v9hOLLXY/3d3Kc6ezuL8r3i9dXOX8rmlS3H+vEtx/qJLcW7tME62DJAnjv8Pj/cGQ2/lt0N/esbJzgLE8e6KqZ8zX+/yTkAx3gcz9QuK4mUH6pl4K+aaX3YCIRNvZaa+Z1q8Sn08Mku8amO8VZk7C7c3O6GQye/sTH1vUbzsxAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzKN/veX8T1/xsU+uD0mY/NfURBPxvvKC0dHhNto9sP6eVeUNzzzXWNdbaSMQAAAAUCiOw3vqNdXQW1kTepMF09arpvMA1bRcHqwthxaHdZPLZLg0Ve5Pls76uEr6uNW7tm5fvXP3ng9t3jp23fh149s+sub8NWtHLlh7wepNm7eMj9R+htBbEC+EMDX9sHP3ns+NbdkyvmNnrTKb//L0ccvTcpI+bujDYWRyeVua/7KC9koz2tv9ykW1uw7XdOlGwaEDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/j+7dhci51X/Afw8M7Mz023z7/7p2zQ02yEvJWrRJG4l1dJ9QLDQJiFLQWaqawk2weKmCW1SYh3bgG1NUISWQIjkwkgsthZv+mKL2BcCkRoNuDFIW7QXeqG0WklLLiRlJLtzZmcmM5l1LE0bP5+L55k553fOb85cLHyfHQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgAzddG5usjE9Uh5MQkh419S7iXDafpuUB+n75+a3fL4yeXN46VsgNsBEAAADQV8zhQ82RYijksiEbrpx5t/j0Jd+YCHO5HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+N8zXRubrIxPVC9MQkh61NS7iHPZfJqWB+j7xjtPfubV0dG/to6VBtgHAAAA6C/m8ExzpBhKYUkYSq5sq4vPBhZ2rO+si/ssmmdd57ODXnVL5ll3zTzrPtanbl3jviMAAADAR1/M/7nmyEgo5Bb0zP/9cn2su7qjLtu4D/JbAQAAAOC/E/N/oTlSCoVcqZnX55v3F3fUxfX9/m8f1y/rsb7f//PXNu7+Tw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHx3TtbHJyvhENZuEkPSoqXcR57L5NC0P0HfVC8N/v+XQQ4tbxwq5ATYCAAAA+oo5fC56F0MhNxyGwoUzuX/0pv1Pf/HpZ8dCCLMxP58POzZs23b3qtlrrFt55NDQ9w6/9a3mNrFu5ez1nBwOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4X03XxiYr4xPVC5IQkh419S7iXDafpuUB+r7+uS/8+fHjz73ZOlYaYB8AAACgv5jD57J/MZRCPuTD5TPvWrP+aZmO9b2eGQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADnj3u+cd/XN0xNbbzbCy+88KL54lz/ZQIAAN5vV4ck1P9DV6w/158aAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4MJiujU1WxieqxSSEpEdNvYs4l82naXmAvunzRwsLTr7wUgghE8dKA50AAAAA6Cfm8LnsXwylMBSGwmUz77o9E5jJ/yMf4IcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPlSma2OTlfGJ6oIkhKRHTb2LOJfNp2l5gL6P7dz32YMXf/fm1rFCboCNAAAAgL5iDs83R4qhkPt4KISrGu+n2hck2ca9+3OBuXVb25YNz3tdrW1ddt7rdnWcLNc4zey6YtxvZPbeXFc+c125ZV0pNNuX29aFPW2rFvT5nAEAAADOoZj/C82RkVDIFVpy7k/a6kfkXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgh+na2GRlfKKaJCEkPWrqXcS5bD5NywP0ve83/3/RV366e3vrWGmAfQAAAID+Yg6fy/7FUAqLwv+FRTO5P4y018e6f1ROHXz0n39ZHsKKy4+N5jq3/WF88avXb3yx8xJCpr06E8LFjX5Jj36//t2j9y6tn3o8hBWXZa86o184e7859Xo5SevPVDau3Xb42Nb+3w8AAACcD2L+H2qOjIRC7q6e+T8m7z75v2kmgF98786fX9q4NhJ5x4pMofE7g0yPfp9f+uSflq3+21un8//Z+n1q3+aDl7Y1nB3pkKT18c3b1x277kAmnnr2vNmO/vF7+dI33/zXph2PnJrtXwzFxvjCXLf+Z147XJDWpzJ7q2ve21tr75/rcf6HfvvS8V8u3P3u6f7vXD3c7H/NWc5/9v7Dtz685/p9h9a19w8hlLv1f/vdm8MVf7jzwc7zD3ds3PrNt147JGn9yOITB1bvL93Q3j/p6B+//58df2zPjx/5zrOxf/ytyPIl8+2f6ej/yq5Ldr78wPqF7f0zPc7/4m2vjm4pf/v3nee/o23XXM9Pceb5n7j2qdtf25De3zkFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwfpmujU1WxieqmSSEpEdNvYs4l82naXmAvm/ccvTt23b/6AetY6UB9gEAAAD6izl8LvsXQynkQz4Mz+T+Zyob1247fGxrGJmdTRr33NSWe7Z9YtOW7XfdcY4+OQAAADBfMf/nmiMjoZBbGoYa+X988/Z1x647kIn5PxPz/6Y7pzauCM26V3ZdsvPlB9YvbD4nCGHmZwHF03Wfnqu76cajIyf++LVlXetWzdUdWXziwOr9pRtiXWitWxmazyeeuPap21/bkN7f/HytdZ/86papxuOJuO/wrQ/vuX7foXXNczTuw419Y91UZm91zXt7a7Eu27gXG+cGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM40XRubrIxPVEM2hKRHTb2LOJfNp2l5gL5rlv7iwYtOPreodayQG2AjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+Dc7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2K+f0DjKPg7gz7ObvNlmkzZpXzAqpmlVlHqwKIjoRUVFWpGCp0qRamsPoiCIKPVgKq1YquJFsHopooIapaBgY7G0Sir+K148qKBQPQilGNAuxYNKdp/ZbqY7rk6qoH4+MDx5npn5zm/meXY2CwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8owz0jTXbwzvub9xyzg0fPXrXiUdueufebRc9/Op3E5uu+3Dv4EsnZzav2PLl9cs27b97zfTu5w/9NPzWL0d7Bj/Ualalbi2EeDyGUHt39pnHZj4+a24shhCqcWQyhNG49NBozCWs/jmEsLld5/ydb564fMtcu23XwLzxJbmQ/H2FejWrp2Vkfr38u9TSOtvaePCS8PW167d/uvyN1/unjk2eOiTWOtZTCIs3dp7fH0JYlLY52Woby05O7boQwmDHeVf2qOv8P1j/pQX9c1P7v9TWe+Rk+1fm+pXccfl+pj/XDva43kIV1VH2uF6Gcv38y2ihiurMxkdT+3ZqV/3J/Gq2xVCJoa9d/j3x1BoJHfMWQ2zOZa3dr7TnNqT7z/Vjrl/J9av9uftqXjcttGqM88ez43Lj2eu4L42v6HxXd3FrwfjZqa2lD+rJrB/yf7TUT/ujfV9NWV2zv1PL36HS8Q7qNt6e+DQZ9TRWj0tPO+fXLrJ9M+ufuLC64b3DIwV1xL0x5cdS+Vs/GR26/bWdD4wV5W+spPxKqfxv1h754badLzxXmP90ll8tlX/ZgcHja9/fsbLw+cxmz6evVP4dRz94cvn/75zqNtfN/D1Zfq1U/jXTRwaGGwcOFta/Ons+i0rlf3X1jd++8vm+Y4X5IcsfLJW/Yfq+pwbGGxcX5h9sfRTqzRVaYv38OHXFF+Pj308U5X+WPf/hLvmxZ/7Lk7uvenHJrjWF63Nd9nxGStV/8wX7tw819p1X9O6Me87UNyfAf9Oy9D/W46lf9nfmQnX8Xnh2oq/1DTSUtuEzeaGcuess/gvzAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOA3duCABAAAAEDQ/9ftCBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeCoAAP//iHIkBQ==")
[ 74.744345][ T5337] Bluetooth: hci0: command tx timeout
[ 75.411214][ T5358] loop0: detected capacity change from 0 to 32768
[ 75.719507][ T5358] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,grpquota,prjquota,nochanges,nojournal_transaction_names,read_only
[ 75.719528][ T5358] allowing incompatible features above 0.0: (unknown version)
[ 75.719536][ T5358] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 75.834525][ T5358] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[ 75.937608][ T5358] bcachefs (loop0): invalid journal entry, version=1.7: mi_btree_bitmap type=clock in superblock: bad rw, fixing
[ 75.945013][ T5358] bcachefs (loop0): invalid bkey in superblock btree=xattrs level=1: u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 2285c34bed0abe32 written 16 min_key POS_MIN durability: 0 crc: c_size 1 size 1 offset 0 nonce 0 csum none 12010b:10004000b compress none
[ 75.945034][ T5358] has non ptr field, deleting
[ 76.041472][ T5358] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[ 76.045214][ T5358] bcachefs (loop0): Version upgrade from 1.3: rebalance_work to 1.7: mi_btree_bitmap incomplete
[ 76.045214][ T5358] Doing compatible version upgrade from 1.3: rebalance_work to 1.28: inode_has_case_insensitive
[ 76.045214][ T5358] running recovery passes: check_allocations,check_extents_to_backpointers,check_subvols,check_inodes,check_dirents
[ 76.103342][ T5358] bcachefs (loop0): accounting_read... done
[ 76.109761][ T5358] bcachefs (loop0): alloc_read... done
[ 76.115177][ T5358] bcachefs (loop0): snapshots_read... done
[ 76.123480][ T5358] bcachefs (loop0): check_allocations...
[ 76.128101][ T5358] bcachefs (loop0): bucket 0:26 data type btree ptr gen 0 missing in alloc btree
[ 76.128129][ T5358] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0, fixing
[ 76.160126][ T5358] bcachefs (loop0): bucket 0:38 data type btree ptr gen 0 missing in alloc btree
[ 76.160143][ T5358] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7589ab5e0c11cc7a written 8 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing
[ 76.181650][ T5358] bcachefs (loop0): bucket 0:41 data type btree ptr gen 0 missing in alloc btree
[ 76.181667][ T5358] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing
[ 76.203135][ T5358] bcachefs (loop0): bucket 0:29 data type btree ptr gen 0 missing in alloc btree
[ 76.203154][ T5358] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing
[ 76.228733][ T5358] bcachefs (loop0): bucket 0:1 gen 0 has wrong data_type: got free, should be sb, fixing
[ 76.239857][ T5358] bcachefs (loop0): bucket 0:1 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 76.248284][ T5358] bcachefs (loop0): bucket 0:2 gen 0 has wrong data_type: got free, should be sb, fixing
[ 76.258667][ T5358] bcachefs (loop0): bucket 0:2 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 76.270236][ T5358] bcachefs (loop0): bucket 0:3 gen 0 has wrong data_type: got free, should be sb, fixing
[ 76.274217][ T5358] bcachefs (loop0): bucket 0:3 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 76.280904][ T5358] bcachefs (loop0): bucket 0:4 gen 0 has wrong data_type: got free, should be sb, fixing
[ 76.289760][ T5358] bcachefs (loop0): bucket 0:4 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 76.300937][ T5358] bcachefs (loop0): bucket 0:5 gen 0 has wrong data_type: got free, should be sb, fixing
[ 76.307612][ T5358] bcachefs (loop0): bucket 0:5 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 76.314117][ T5358] bcachefs (loop0): bucket 0:6 gen 0 has wrong data_type: got free, should be sb, fixing
[ 76.320877][ T5358] bcachefs (loop0): bucket 0:6 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 76.329650][ T5358] bcachefs (loop0): bucket 0:7 gen 0 has wrong data_type: got free, should be sb, fixing
[ 76.335140][ T5358] bcachefs (loop0): bucket 0:7 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 76.342091][ T5358] bcachefs (loop0): bucket 0:8 gen 0 has wrong data_type: got free, should be sb, fixing
[ 76.352045][ T5358] bcachefs (loop0): bucket 0:8 gen 0 data type sb has wrong dirty_sectors: got 0, should be 8, fixing
[ 76.382871][ T5358] bcachefs (loop0): bucket 0:16 gen 0 has wrong data_type: got free, should be sb, fixing
[ 76.389444][ T5358] bcachefs (loop0): bucket 0:16 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 76.400896][ T5358] bcachefs (loop0): bucket 0:17 gen 0 has wrong data_type: got free, should be sb, fixing
[ 76.424847][ T5358] bcachefs (loop0): bucket 0:17 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 76.445501][ T5358] bcachefs (loop0): bucket 0:18 gen 0 has wrong data_type: got free, should be sb, fixing
[ 76.445517][ T5358] Ratelimiting new instances of previous error
[ 76.465541][ T5358] bcachefs (loop0): bucket 0:18 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 76.465556][ T5358] Ratelimiting new instances of previous error
[ 76.499009][ T1316] ieee802154 phy0 wpan0: encryption failed: -22
[ 76.499080][ T1316] ieee802154 phy1 wpan1: encryption failed: -22
[ 76.518042][ T5358] done
[ 76.527033][ T5358] bcachefs (loop0): going read-write
[ 76.565646][ T5358] bcachefs (loop0): journal_replay... done
[ 76.624288][ T5358] bcachefs (loop0): check_extents_to_backpointers...
[ 76.641512][ T5358] bcachefs (loop0): scanning for missing backpointers in 4/128 buckets
[ 76.663607][ T5358] done
[ 76.665222][ T5358] bcachefs (loop0): check_subvols... done
[ 76.670621][ T5358] bcachefs (loop0): check_inodes... done
[ 76.681176][ T5358] bcachefs (loop0): check_dirents...
[ 76.682215][ T5358] bcachefs (loop0): key in missing inode, found keys:
[ 76.682237][ T5358] u64s 7 type dirent 4096:189491840996961599:U32_MAX len 0 ver 0: file0 -> 4098 type dir
[ 76.682245][ T5358] u64s 7 type dirent 4096:1896155912177158345:U32_MAX len 0 ver 0: file3 -> 536870913 type reg
[ 76.682252][ T5358] u64s 7 type dirent 4096:2695648408715017799:U32_MAX len 0 ver 0: file2 -> 536870913 type reg
[ 76.682267][ T5358] u64s 7 type dirent 4096:4330382808765833931:U32_MAX len 0 ver 0: file1 -> 536870912 type reg
[ 76.682274][ T5358] u64s 8 type dirent 4096:8130059955150870709:U32_MAX len 0 ver 0: lost+found -> 4097 type dir
[ 76.682283][ T5358] u64s 8 type dirent 4096:9097378837824744618:U32_MAX len 0 ver 0: file.cold -> 536870914 type reg
[ 76.682292][ T5358] , fixing
[ 76.765067][ T5358] bcachefs (loop0): hash table key at wrong offset: should be at 859131254421668778
[ 76.765083][ T5358] u64s 7 type dirent 4096:189491840996961599:U32_MAX len 0 ver 0: file0 -> 4098 type dir, fixing
[ 76.803945][ T5358] bcachefs (loop0): dirent points to missing inode:
[ 76.803973][ T5358] u64s 7 type dirent 4096:859131254421668778:U32_MAX len 0 ver 0: file0 -> 4098 type dir, fixing
[ 76.811150][ T4708] Bluetooth: hci0: command tx timeout
[ 76.872846][ T5358] bcachefs (loop0): hash table key at wrong offset: should be at 8360890221138827945
[ 76.872863][ T5358] u64s 7 type dirent 4096:1896155912177158345:U32_MAX len 0 ver 0: file3 -> 536870913 type reg, fixing
[ 76.912536][ T5358] bcachefs (loop0): hash table key at wrong offset: should be at 5545681479879838448
[ 76.912553][ T5358] u64s 7 type dirent 4096:2695648408715017799:U32_MAX len 0 ver 0: file2 -> 536870913 type reg, fixing
[ 76.981522][ T5358] bcachefs (loop0): hash table key at wrong offset: should be at 3351948357136490099
[ 76.981539][ T5358] u64s 7 type dirent 4096:4330382808765833931:U32_MAX len 0 ver 0: file1 -> 536870912 type reg, fixing
[ 77.004071][ T5358] bcachefs (loop0): dirent points to missing inode:
[ 77.004086][ T5358] u64s 7 type dirent 4096:5545681479879838448:U32_MAX len 0 ver 0: file2 -> 536870913 type reg, fixing
[ 77.034222][ T5358] bcachefs (loop0): hash table key at wrong offset: should be at 2106270609201032920
[ 77.034237][ T5358] u64s 8 type dirent 4096:8130059955150870709:U32_MAX len 0 ver 0: lost+found -> 4097 type dir, fixing
[ 77.061767][ T5358] bcachefs (loop0): dirent points to missing inode:
[ 77.061783][ T5358] u64s 7 type dirent 4096:8360890221138827945:U32_MAX len 0 ver 0: file3 -> 536870913 type reg, fixing
[ 77.080712][ T5358] bcachefs (loop0): hash table key at wrong offset: should be at 3598302015758723131
[ 77.080729][ T5358] u64s 8 type dirent 4096:9097378837824744618:U32_MAX len 0 ver 0: file.cold -> 536870914 type reg, fixing
[ 77.097721][ T5358] bcachefs (loop0): directory with wrong i_nlink: got 0, should be 1
[ 77.097735][ T5358] (disconnected), fixing
[ 77.105937][ T5358] bcachefs (loop0): key in missing inode, found keys:
[ 77.105951][ T5358] u64s 7 type dirent 4098:5675548428000973578:U32_MAX len 0 ver 0: file1 -> 4100 type lnk
[ 77.105959][ T5358] u64s 7 type dirent 4098:8977922886548783724:U32_MAX len 0 ver 0: file0 -> 4099 type reg
[ 77.107238][ T5358] , fixing
[ 77.163209][ T5358] bcachefs (loop0): key in missing inode, found keys:
[ 77.163225][ T5358] u64s 7 type dirent 4098:8977922886548783724:U32_MAX len 0 ver 0: file0 -> 4099 type reg
[ 77.163234][ T5358] , fixing
[ 77.180443][ T5358] bcachefs (loop0): check_dirents requires second pass
[ 77.189567][ T5358] bcachefs (loop0): dirent points to missing inode:
[ 77.189580][ T5358] u64s 8 type dirent 4096:2106270609201032920:U32_MAX len 0 ver 0: lost+found -> 4097 type dir, fixing
[ 77.244404][ T5358] ==================================================================
[ 77.259045][ T5358] BUG: KASAN: use-after-free in bch2_check_dirents+0x1fac/0x33f0
[ 77.262279][ T5358] Read of size 1 at addr ffff888055ae00c0 by task syz.0.0/5358
[ 77.265408][ T5358]
[ 77.266451][ T5358] CPU: 0 UID: 0 PID: 5358 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full)
[ 77.266469][ T5358] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 77.266477][ T5358] Call Trace:
[ 77.266486][ T5358]
[ 77.266492][ T5358] dump_stack_lvl+0x189/0x250
[ 77.266513][ T5358] ? __kasan_check_byte+0x12/0x40
[ 77.266531][ T5358] ? __pfx_dump_stack_lvl+0x10/0x10
[ 77.266545][ T5358] ? lock_release+0x4b/0x3e0
[ 77.266562][ T5358] ? __virt_addr_valid+0x4a5/0x5c0
[ 77.266586][ T5358] print_report+0xca/0x240
[ 77.266598][ T5358] ? bch2_check_dirents+0x1fac/0x33f0
[ 77.266608][ T5358] kasan_report+0x118/0x150
[ 77.266623][ T5358] ? bch2_check_dirents+0x1fac/0x33f0
[ 77.266637][ T5358] bch2_check_dirents+0x1fac/0x33f0
[ 77.266652][ T5358] ? bch2_check_dirents+0x2f1/0x33f0
[ 77.266663][ T5358] ? desc_read+0x1b8/0x3f0
[ 77.266676][ T5358] ? prb_first_seq+0xfd/0x1a0
[ 77.266684][ T5358] ? __pfx_bch2_check_dirents+0x10/0x10
[ 77.266695][ T5358] ? __pfx_prb_first_seq+0x10/0x10
[ 77.266707][ T5358] ? desc_read+0x1b8/0x3f0
[ 77.266718][ T5358] ? this_cpu_in_panic+0x4f/0x80
[ 77.266729][ T5358] ? _prb_read_valid+0xa07/0xa90
[ 77.266738][ T5358] ? console_flush_all+0x13a/0xc40
[ 77.266752][ T5358] ? up+0xde/0x150
[ 77.266818][ T5358] ? __console_unlock+0x14c/0x1a0
[ 77.266830][ T5358] ? __pfx___console_unlock+0x10/0x10
[ 77.266845][ T5358] ? prb_read_valid+0x3c/0x60
[ 77.266855][ T5358] ? console_unlock+0x21b/0x270
[ 77.266865][ T5358] ? __pfx_console_unlock+0x10/0x10
[ 77.266877][ T5358] ? vprintk_emit+0x63e/0x7a0
[ 77.266890][ T5358] ? __bch2_print+0x176/0x220
[ 77.266902][ T5358] ? bch2_check_dirents+0x2f1/0x33f0
[ 77.266913][ T5358] ? lockdep_hardirqs_on+0x9c/0x150
[ 77.266924][ T5358] __bch2_run_recovery_passes+0x3ba/0x1060
[ 77.266940][ T5358] bch2_run_recovery_passes+0x184/0x210
[ 77.266952][ T5358] bch2_fs_recovery+0x2690/0x3a50
[ 77.266965][ T5358] ? __pfx_bch2_fs_recovery+0x10/0x10
[ 77.266976][ T5358] ? __lock_acquire+0xab9/0xd20
[ 77.266991][ T5358] ? __mutex_trylock_common+0x153/0x260
[ 77.267003][ T5358] ? __lock_acquire+0xab9/0xd20
[ 77.267019][ T5358] ? __lock_acquire+0xab9/0xd20
[ 77.267038][ T5358] ? bch2_fs_start+0xa0f/0xda0
[ 77.267051][ T5358] ? up_write+0x1c4/0x420
[ 77.267061][ T5358] ? bch2_fs_start+0x5e7/0xda0
[ 77.267073][ T5358] bch2_fs_start+0xaaf/0xda0
[ 77.267085][ T5358] ? bch2_fs_start+0x5e7/0xda0
[ 77.267097][ T5358] ? __pfx_bch2_fs_start+0x10/0x10
[ 77.267114][ T5358] ? sget+0x267/0x620
[ 77.267127][ T5358] bch2_fs_get_tree+0xb39/0x1520
[ 77.267147][ T5358] ? __pfx_bch2_fs_get_tree+0x10/0x10
[ 77.267165][ T5358] ? __pfx_vfs_parse_comma_sep+0x10/0x10
[ 77.267183][ T5358] vfs_get_tree+0x92/0x2b0
[ 77.267198][ T5358] do_new_mount+0x2a2/0x9e0
[ 77.267215][ T5358] ? ns_capable+0x8a/0xf0
[ 77.267226][ T5358] ? __pfx_do_new_mount+0x10/0x10
[ 77.267238][ T5358] ? path_mount+0x61c/0xfe0
[ 77.267250][ T5358] ? user_path_at+0x44/0x60
[ 77.267261][ T5358] __se_sys_mount+0x317/0x410
[ 77.267274][ T5358] ? __pfx___se_sys_mount+0x10/0x10
[ 77.267289][ T5358] ? do_syscall_64+0xbe/0x3b0
[ 77.267300][ T5358] ? __x64_sys_mount+0x20/0xc0
[ 77.267314][ T5358] do_syscall_64+0xfa/0x3b0
[ 77.267324][ T5358] ? lockdep_hardirqs_on+0x9c/0x150
[ 77.267334][ T5358] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 77.267346][ T5358] ? clear_bhb_loop+0x60/0xb0
[ 77.267357][ T5358] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 77.267368][ T5358] RIP: 0033:0x7fee7879066a
[ 77.267380][ T5358] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 77.267390][ T5358] RSP: 002b:00007fee795c5e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 77.267403][ T5358] RAX: ffffffffffffffda RBX: 00007fee795c5ef0 RCX: 00007fee7879066a
[ 77.267411][ T5358] RDX: 00002000000000c0 RSI: 0000200000000080 RDI: 00007fee795c5eb0
[ 77.267419][ T5358] RBP: 00002000000000c0 R08: 00007fee795c5ef0 R09: 0000000000818001
[ 77.267427][ T5358] R10: 0000000000818001 R11: 0000000000000246 R12: 0000200000000080
[ 77.267434][ T5358] R13: 00007fee795c5eb0 R14: 0000000000005989 R15: 0000200000000240
[ 77.267446][ T5358]
[ 77.267450][ T5358]
[ 77.709652][ T5358] The buggy address belongs to the physical page:
[ 77.717464][ T5358] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x55ae0
[ 77.727143][ T5358] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 77.730473][ T5358] page_type: f0(buddy)
[ 77.738594][ T5358] raw: 04fff00000000000 ffffea000156c808 ffff88805ffd6f08 0000000000000000
[ 77.743287][ T5358] raw: 0000000000000000 0000000000000005 00000000f0000000 0000000000000000
[ 77.750028][ T5358] page dumped because: kasan: bad access detected
[ 77.752721][ T5358] page_owner tracks the page as freed
[ 77.754911][ T5358] page last allocated via order 5, migratetype Unmovable, gfp_mask 0x42800(GFP_NOWAIT|__GFP_COMP), pid 5358, tgid 5357 (syz.0.0), ts 77162302565, free_ts 77244317490
[ 77.771651][ T5358] post_alloc_hook+0x240/0x2a0
[ 77.773886][ T5358] get_page_from_freelist+0x21e4/0x22c0
[ 77.792092][ T5358] __alloc_frozen_pages_noprof+0x181/0x370
[ 77.795175][ T5358] alloc_pages_mpol+0x232/0x4a0
[ 77.797235][ T5358] ___kmalloc_large_node+0x5f/0x1b0
[ 77.799339][ T5358] __kmalloc_large_node_noprof+0x18/0x90
[ 77.801724][ T5358] __kvmalloc_node_noprof+0x6d/0x5f0
[ 77.803860][ T5358] btree_node_sort+0x666/0x1760
[ 77.805872][ T5358] bch2_btree_post_write_cleanup+0x11f/0xad0
[ 77.808768][ T5358] bch2_btree_node_prep_for_write+0x337/0x650
[ 77.812675][ T5358] bch2_trans_lock_write+0x669/0xba0
[ 77.814886][ T5358] __bch2_trans_commit+0x2773/0x8870
[ 77.817128][ T5358] bch2_check_dirents+0x811/0x33f0
[ 77.819335][ T5358] __bch2_run_recovery_passes+0x3ba/0x1060
[ 77.821737][ T5358] bch2_run_recovery_passes+0x184/0x210
[ 77.824431][ T5358] bch2_fs_recovery+0x2690/0x3a50
[ 77.826961][ T5358] page last free pid 5358 tgid 5357 stack trace:
[ 77.833952][ T5358] __free_pages_ok+0xa83/0xbe0
[ 77.835925][ T5358] free_large_kmalloc+0x13a/0x1f0
[ 77.838218][ T5358] btree_node_sort+0x117f/0x1760
[ 77.840285][ T5358] bch2_btree_post_write_cleanup+0x11f/0xad0
[ 77.842742][ T5358] bch2_btree_node_prep_for_write+0x337/0x650
[ 77.845316][ T5358] bch2_trans_lock_write+0x669/0xba0
[ 77.847972][ T5358] __bch2_trans_commit+0x2773/0x8870
[ 77.851833][ T5358] bch2_check_dirents+0x1c5c/0x33f0
[ 77.854982][ T5358] __bch2_run_recovery_passes+0x3ba/0x1060
[ 77.860192][ T5358] bch2_run_recovery_passes+0x184/0x210
[ 77.867398][ T5358] bch2_fs_recovery+0x2690/0x3a50
[ 77.869764][ T5358] bch2_fs_start+0xaaf/0xda0
[ 77.875262][ T5358] bch2_fs_get_tree+0xb39/0x1520
[ 77.878301][ T5358] vfs_get_tree+0x92/0x2b0
[ 77.880654][ T5358] do_new_mount+0x2a2/0x9e0
[ 77.883598][ T5358] __se_sys_mount+0x317/0x410
[ 77.887593][ T5358]
[ 77.888840][ T5358] Memory state around the buggy address:
[ 77.891051][ T5358] ffff888055adff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 77.894296][ T5358] ffff888055ae0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 77.899114][ T5358] >ffff888055ae0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 77.904222][ T5358] ^
[ 77.911192][ T5358] ffff888055ae0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 77.916226][ T5358] ffff888055ae0180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 77.927854][ T5358] ==================================================================
[ 77.957363][ T5358] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 77.961159][ T5358] CPU: 0 UID: 0 PID: 5358 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full)
[ 77.968329][ T5358] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 77.976194][ T5358] Call Trace:
[ 77.977726][ T5358]
[ 77.978963][ T5358] dump_stack_lvl+0x99/0x250
[ 77.980881][ T5358] ? __asan_memcpy+0x40/0x70
[ 77.982854][ T5358] ? __pfx_dump_stack_lvl+0x10/0x10
[ 77.985191][ T5358] ? __pfx__printk+0x10/0x10
[ 77.997510][ T5358] vpanic+0x281/0x750
[ 77.999412][ T5358] ? preempt_schedule+0xae/0xc0
[ 78.001758][ T5358] ? __pfx_vpanic+0x10/0x10
[ 78.003834][ T5358] ? preempt_schedule_common+0x83/0xd0
[ 78.008011][ T5358] ? preempt_schedule+0xae/0xc0
[ 78.018824][ T5358] ? __pfx_preempt_schedule+0x10/0x10
[ 78.021257][ T5358] panic+0xb9/0xc0
[ 78.022839][ T5358] ? __pfx_panic+0x10/0x10
[ 78.024685][ T5358] ? _raw_spin_unlock_irqrestore+0xfd/0x110
[ 78.035486][ T5358] ? bch2_check_dirents+0x1fac/0x33f0
[ 78.038109][ T5358] check_panic_on_warn+0x89/0xb0
[ 78.040474][ T5358] ? bch2_check_dirents+0x1fac/0x33f0
[ 78.043014][ T5358] end_report+0x78/0x160
[ 78.048585][ T5358] kasan_report+0x129/0x150
[ 78.050722][ T5358] ? bch2_check_dirents+0x1fac/0x33f0
[ 78.053084][ T5358] bch2_check_dirents+0x1fac/0x33f0
[ 78.071872][ T5358] ? bch2_check_dirents+0x2f1/0x33f0
[ 78.074461][ T5358] ? desc_read+0x1b8/0x3f0
[ 78.076487][ T5358] ? prb_first_seq+0xfd/0x1a0
[ 78.079067][ T5358] ? __pfx_bch2_check_dirents+0x10/0x10
[ 78.088400][ T5358] ? __pfx_prb_first_seq+0x10/0x10
[ 78.092624][ T5358] ? desc_read+0x1b8/0x3f0
[ 78.097943][ T5358] ? this_cpu_in_panic+0x4f/0x80
[ 78.108973][ T5358] ? _prb_read_valid+0xa07/0xa90
[ 78.112095][ T5358] ? console_flush_all+0x13a/0xc40
[ 78.115130][ T5358] ? up+0xde/0x150
[ 78.119714][ T5358] ? __console_unlock+0x14c/0x1a0
[ 78.138604][ T5358] ? __pfx___console_unlock+0x10/0x10
[ 78.140995][ T5358] ? prb_read_valid+0x3c/0x60
[ 78.143064][ T5358] ? console_unlock+0x21b/0x270
[ 78.145176][ T5358] ? __pfx_console_unlock+0x10/0x10
[ 78.147448][ T5358] ? vprintk_emit+0x63e/0x7a0
[ 78.149521][ T5358] ? __bch2_print+0x176/0x220
[ 78.151581][ T5358] ? bch2_check_dirents+0x2f1/0x33f0
[ 78.153819][ T5358] ? lockdep_hardirqs_on+0x9c/0x150
[ 78.156018][ T5358] __bch2_run_recovery_passes+0x3ba/0x1060
[ 78.179819][ T5358] bch2_run_recovery_passes+0x184/0x210
[ 78.182430][ T5358] bch2_fs_recovery+0x2690/0x3a50
[ 78.184866][ T5358] ? __pfx_bch2_fs_recovery+0x10/0x10
[ 78.187231][ T5358] ? __lock_acquire+0xab9/0xd20
[ 78.189454][ T5358] ? __mutex_trylock_common+0x153/0x260
[ 78.191936][ T5358] ? __lock_acquire+0xab9/0xd20
[ 78.194342][ T5358] ? __lock_acquire+0xab9/0xd20
[ 78.196577][ T5358] ? bch2_fs_start+0xa0f/0xda0
[ 78.211610][ T5358] ? up_write+0x1c4/0x420
[ 78.213418][ T5358] ? bch2_fs_start+0x5e7/0xda0
[ 78.215384][ T5358] bch2_fs_start+0xaaf/0xda0
[ 78.217368][ T5358] ? bch2_fs_start+0x5e7/0xda0
[ 78.219598][ T5358] ? __pfx_bch2_fs_start+0x10/0x10
[ 78.228965][ T5358] ? sget+0x267/0x620
[ 78.230789][ T5358] bch2_fs_get_tree+0xb39/0x1520
[ 78.232974][ T5358] ? __pfx_bch2_fs_get_tree+0x10/0x10
[ 78.238072][ T5358] ? __pfx_vfs_parse_comma_sep+0x10/0x10
[ 78.240908][ T5358] vfs_get_tree+0x92/0x2b0
[ 78.242953][ T5358] do_new_mount+0x2a2/0x9e0
[ 78.250583][ T5358] ? ns_capable+0x8a/0xf0
[ 78.257919][ T5358] ? __pfx_do_new_mount+0x10/0x10
[ 78.260249][ T5358] ? path_mount+0x61c/0xfe0
[ 78.267592][ T5358] ? user_path_at+0x44/0x60
[ 78.269503][ T5358] __se_sys_mount+0x317/0x410
[ 78.271700][ T5358] ? __pfx___se_sys_mount+0x10/0x10
[ 78.277763][ T5358] ? do_syscall_64+0xbe/0x3b0
[ 78.279683][ T5358] ? __x64_sys_mount+0x20/0xc0
[ 78.281543][ T5358] do_syscall_64+0xfa/0x3b0
[ 78.287874][ T5358] ? lockdep_hardirqs_on+0x9c/0x150
[ 78.296977][ T5358] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 78.303701][ T5358] ? clear_bhb_loop+0x60/0xb0
[ 78.309179][ T5358] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 78.317334][ T5358] RIP: 0033:0x7fee7879066a
[ 78.326583][ T5358] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 78.335756][ T5358] RSP: 002b:00007fee795c5e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 78.344101][ T5358] RAX: ffffffffffffffda RBX: 00007fee795c5ef0 RCX: 00007fee7879066a
[ 78.349287][ T5358] RDX: 00002000000000c0 RSI: 0000200000000080 RDI: 00007fee795c5eb0
[ 78.352814][ T5358] RBP: 00002000000000c0 R08: 00007fee795c5ef0 R09: 0000000000818001
[ 78.358534][ T5358] R10: 0000000000818001 R11: 0000000000000246 R12: 0000200000000080
[ 78.362499][ T5358] R13: 00007fee795c5eb0 R14: 0000000000005989 R15: 0000200000000240
[ 78.365738][ T5358]
[ 78.367529][ T5358] Kernel Offset: disabled
[ 78.369297][ T5358] Rebooting in 86400 seconds..