program: socket$nl_netfilter(0x10, 0x3, 0xc) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="050000000000000000002100000008000300", @ANYRES32=r3, @ANYBLOB="2bf9478cffede833c1dd5ff8242ac1a84a"], 0x1c}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000140)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000001c0)={&(0x7f0000000640)=ANY=[@ANYRESDEC=r4, @ANYRES16=r2, @ANYBLOB="00032dbd7000fddbdf25660000000800030047a0dbb03e40fcfa63f936c0b845c6684dd56a704b828f58e66dbc171ddf00", @ANYRES32=r4, @ANYBLOB="080022010d020000080026006c0900000800a1000100000008002700030000000800a10006000000050019010600000008002201cf000000"], 0x54}, 0x1, 0x0, 0x0, 0x800}, 0x4040000) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000003c000000090a01de00000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000213c0000000c0a09030000000000000000070000000900020073797a31000000000900010073797a3000000000100003800c000080080003400000000214000000110001"], 0xc0}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000090a010100000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000211400000180ffffffffffff00000000000084000a"], 0x64}}, 0x0) r5 = syz_open_dev$vim2m(&(0x7f00000002c0), 0x2000000f5, 0x2) r6 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) r7 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x0) syz_usb_disconnect(r7) r8 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000400)=ANY=[@ANYBLOB="12010000000018105e04da070000000000010902240001890000000904000009030000000921000000012222000905810308"], 0x0) syz_usb_ep_write(r8, 0x81, 0x41, &(0x7f0000000200)="00a1d415494fcd8cde5a007e4b5a055ffe376e11dc31f62bde07fecd3a8011fcb41fb7de903211e6006ea6b58f9f2b51aadb7f76eeef922acf23fb0dd22ef220c1") ioctl$EVIOCRMFF(r7, 0x4004550d, 0x0) r9 = socket$alg(0x26, 0x5, 0x0) bind$alg(r9, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-generic\x00'}, 0x58) r10 = socket(0x10, 0x3, 0x0) sendto$inet6(r10, &(0x7f0000000000)="7800000018002507b9409b14ffff00000202be04020506056403040c5c0009003f0020010a0000000d0085a168216b46d32345653600648d27000b000a00080049935ade4a460c89b6ec0cff3959547f509058ba86c902007a00004a32000402160008000800000000000000e218d1ddf66ed538f2523250", 0x78, 0x0, 0x0, 0x0) r11 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYBLOB="280064075fb41e3d2e17cfdbba0438007f10005f02b8567d820a4d391265be56621c03b9203063a1d5e6de5a87848923e29fa8abcbbf1230b12ce5fc770000000000", @ANYRES32=0x0, @ANYBLOB="80000200e180000008001b0000000000"], 0x28}}, 0x0) r12 = accept4(r9, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r9, 0x117, 0x1, &(0x7f0000000200)="ad56b6cc0400aeb995298992ea5400c2", 0x10) recvmmsg$unix(r12, &(0x7f00000044c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x10100, 0x0) ioctl$VIDIOC_S_INPUT(r6, 0xc0045627, &(0x7f0000000080)=0x3) ioctl$vim2m_VIDIOC_S_CTRL(r5, 0xc008561c, &(0x7f0000000400)={0xa00965, 0x2}) syz_mount_image$bcachefs(&(0x7f0000000080), &(0x7f0000000000)='./file1\x00', 0x200000, &(0x7f0000000180)=ANY=[@ANYRES16, @ANYRESOCT=0x0, @ANYRESOCT, @ANYRES8], 0x1, 0x5979, &(0x7f000000b4c0)="$eJzs3X+QHFW9KPDTM7PZyW5+bAJIBEmWQBRBzYZfhT9Ko89fBUjFwlLCi0IgG4yGkEqCQEAJPvBBARZYWor6B1pIPTRaVMFTIiXy4yU8RCmuXuoWUuq96B/ei1xSApGyuO6t3ekzme2d3p6dmQ0JfD6VbM850/Pt06fP9PT3zOxOAAAA4DVh1zWb95xx2Ad+8cXhF6/88E8vvCr0l8fqq3GFgXR56SvVQval3sqCsWV2XLzp8u//afD89z1yZ9/3Xtq55si1v33/Qeff+5lTd9zyrQdemH33P54uihvH07F7y8mzSQjVn+3+2pd2PnroaF0SQignA9tCmJfMf2Bekgkx9PcQwprQO1Z4c+bOu148Ye3o8qrre8fVz20sHPw74/01rpqOs617Ljku/P69K6/+1aIf/bBn+zPb9q6SVBvGUwhzzm18fE8IYWb6f1QcbQvig9PlihBCX8PjTilo11Ettn9pTvnwdDkjXfYXxIn3L86US5n1suWoJ7PsK9hep/La0e56RWZlytmTUafy2hnr56XLn6TLY6cYvxz/J6GUhEq9+euTvWMkNBy3JCRjx7JaL5fqxzak+58pJ5lyKVMu92T2a2y76UArJ8n4+rhepj6ejitp/ZGN5+omzsypf326rKZP1JdiOWRv1PRPuFHfrzGxXbsnacu+UGo4BzWrrx/49GD0p3X9yfwJjxlpIt63c+UNS8qrHtw1kNOO5M4kjZ+0FX/rL+fN+tQPrrt4QV78c0tp/FJb8f9w2mPPnX3dd7+ZG/+mGL/cVvzj7+t79rSHrlmc2z+7Y/9U2oq/+umHb1x08Hnbc9t/a4xfbSv+8h2P9c7ec9/9ue0fiv0zs634T73zg3+844l7nsmNH2L8vrbir9qx8cu9C/cckxv//tg//e2Nn+e3n/zkwoV/HsyL/3iMP7ut+Ldvu+Udt829/tTc47si9s9AW/FPP/req2ftueeIvHNncmu3XjkBXpsOSq+xrk3L7eaZnWrIF74xWKld881K/8/u5oYyF5+j25nTzfgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEEI45Lj//6F/+/jAs5W03JveeKpUW8b6GSEkM0MIm7es3rRl3YYLBj9z0cWbNqxeP7h6y+Dwhi2bLhs88S2Dm4Y3rl992ei9Q289ofa4+SGpLZMjJmy7d2RkpDQwvi5u738cvf33S07597+EMHTIbxZWctu/9JYLbzu4yc+MZPnIey68+IzfnPSddL8G0nYNNGnXyMjISMhp13+e9fJtX9n9p2NCGHrdZO16+Kl3/3xcg8Yq9sZJlXpDrUG9SV/TdtRbnbYn9ldl7br1w0OT9+/o48s5+/E/L3/m72svvfnlWv9Wc/ejxf6duXxkfenrK0//r69fUasoatcrddyL+jvuRWxf7L9q2t9z0v2ak7NflZz9uuZX9z/xs8Oue2FbGKo8v2jitov2qycdAD3J61vabtxCXzJvXH01XT8e8fi4pVsu3Lh087XfqJUuGN7w9mUnLjt56KSTT1o6tudLu7z/cftvbHH/9814mvu5bT+JP1sbT0XtKuqP0XYV90dji/Kef31nfumrb7/loTNqFUXjPK5dP5+ky77R47wsNIy3iX3VbL+K+iGEMNisH5574dRw6L+su7roPNR4ZBp/ZiTLRx5d/NfvnPLtBe+qVbR5nv+PKZ3nGxvU5nm+3uq97Rnrr2p6PEb20/7tDeV0v/qbtmvZow/13LDrL5+vt2/GjHDp6i1bNi2r/ZyVtnRWcnjTdmVr434tGvtZDmm3hPowbTJeR/WEWvuy58+4erZX+9P7+pP5TfcrK963c+UNS8qrHtyV19PJnbUtzgyza8vkDTlrrs88sFxvcLPtt/38Gw3bxfER29Pq+Fj4oW/f/fG7f3zihPFxfO1n0X4lOfv1oydu/+r3bv7fP+7euP/Qux8b+OvvPr2kVrFPrh9HmzLafR2cV+qtTtuTNJ5Xjg+h6Pm3KDTfj9znX6n5/hQ9/7Lb2bt+83iDmXJ/KLf1fD3+vr5nT3vomsW5z9fdrT5frxhXKhc8X/fZ+Cl4Xco+v5LK+HZM3/Nr3EBJlo88cu1B2x64csVhtYqicV1fu9m4PqGF/CNnv35+9pMLLxr8X//cvfPG999y1zm/Xb38C7WK9o97bEt3jns17d9qTv/WWx3zzsb+fdv5F61fU6vff69/02VB/hNPJZsv2/rZ1evXD2/a3Np+tXq9FbeT7eV2r7fi2W1+wX6VJuzX9N1opb9afb7F9q9pu7/GP9/6Q9LW68LWX86b9akfXHfxwIRHpRs6t5TGL7UV/w+nPfbc2dd995u58W+K8SttxV/99MM3Ljr4vO258W9N0vjVtuIv3/FY7+w9992fG38otn9mW/GfeucH/3jHE/c8kxs/xPj97fX/89tPfnLhwj/nxn88Sbczeo0Uwl0vnrC2Vk5CT/p8i+3oGdeukC0nmXIpUy43lku1udb6BspJMr4+rpfWH9nQlmY+kVMfr8KqC2rLl2I5ZG9MXr+/KTWc+5vVF12nAgC82sX3/+M1aHz/fzi9UMqfaYC9Os3DFuTETR5PBh4ZN58zY9z9C9L48fFJOObm9ObQ6I+rBmsX+lN8H2FmfD5k5znjdo45anyMduc5i+bfF2fKsV21+fJKQx6ampjXVEIL8+8TtzP5/Htm94vnxwevndCswYZ5q73Hr3YcetIZs2afd8i0tzIaIW98ZOfF4uc5Fs4JK8a21+L4yH6OJh6H7Odo4nYOy5w42/0cTafjIzZ7kvEx1uTi9zcmHr8wSf/uPX7No2WP3xSOd3V0/el+f7YL84ZNT2n7bt5wet8PO/DmJeNA3Dfzkvv7vGGsj/tRaXE+8eM59d2aT4xHKbZr9yRt2RfMJwKvVjH/j68Ro/n/6AX43zLrFV2HZq8aY7zczwmVm7enKO+Y+Dm9vrZex1ft2Pjl3oV7jsm9zrm/1c/9bBxX6iv43E9RPy7JlAv7MWeCpijfy26nqN+zn8voD7Pb6vfbt93yjtvmXn9qbr+vqL2QFvf7V8eVZhf0+wGQLzSPL1/wOYbJjm/x/Fm6nVcoH0k/+DRd+cjHcuqnmo/0TbhR368xB1w+0rNv2wUAHDhi/l9//yzN//81rpBeRxTlrcdmyjFebt6ac32Sl7d+JF1emlm/P/2NiqleN59+9L1Xz9pzzxG5ecutreah/2dcaaAwD+0sb87NI1Z05/PiuXlEPc/qLE/MbX89T+wsT8+NX8/TO8ujc/unnkd3Ng+QG78+D3Cg57kF83WZjcViq/N1TfLoGa20f7/Po9Nfn52uPPrMTDmuO9U8un/Cjfp+jZFHAwC8smL+Hy/jYv7/UGa9Tt9nz80L8q/bW4ofr9uzfw+kHv/xfZVXTnfeN91563Tn9dM9L3Gg58XTPS80vfNkr5W8OJqQF6cbPTDy4m2598iLAQBe3WL+PzMt5+f/neUnzfK3nnH5ify8aXz5+X6Snx/o81/y/2nN/2M5ZG/U7F/5fz75PwDAq1vM/+OvPca///f/0nL279bL03Piy9Pl6am/NRs/Lefp3Z9nCz4H8MrOA8zcu755AAAAXgk9Y5nSxN+z/2S6zP6efd7v5Z+ds36rKunl8XlbNg0Pn3PxxjWrtwyfs+GiNcObz7lk07otW4Y31NbrNG/MzVvSvLEnVNL+aL5eNm+bm/49hLk5fw8hu34Me/jYjYl/DyG72ZkFf0dg7/Frrb15x680yfoTx0dP7vHOi/+JnPWj+vE//9PHn7N28znrNqzbsm71+nVbh8evN5q19k3hezNjt0zp+1IzPyYoTfX7O5d3qR2lCe3oSfsj7/vZk0x/zEtbMi/v+w9y+u8X//SVzx098vIdIQwdUn5DR/2XLB/5v2cNf2TLrt9sHG1/adL219dM21X0faXZ9eP+VNZftHnLcWsvunhD9hsl2xPnM0r18jTNZ6RP/3KL8xOrcuqn+jmF8oQb+6eW5ycAABgnvv8fr2fj+4c3pxdQsb71PL2z949z8/Sh1vL07PeSFeXp2fXj/raap1c7zNOz2y/K05ut32weJy/vzov/sZz1p6r1cdLZ5zxyx8m5rY2T7PcZFI2T7PpTHSdJh+Mku/2icdJs/WbjJO+458X/aM76eVofD519Lid3PNzU2nh4c6ZcNB6y6091PJQ6HA/Z7ReNh2brNxsPecc3L/4ZOeu3avz4GB0YY+Ni+JxLLtr02Yb1pvv7LzpvX7vns5ErW/n+j3a13v7p/dzX9Ld/ej9XNv3t7+j3v3Knu+Lnyqa//dP7/S7t6vJ87Yxs/Pp8bXpP0efPiuZxV+bUT3Ued0Zui/cv5nHhlRPz//h2T8z/r0+X3X4b6MD/njTfY9Y0fpe+xyw3fv3vr++j91+9nrfF6zkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAa3orC8aWu67ZvOeMwz7wiy8Ov3jlh3964VVvuvz7fxo8/32P3Nn3vZd2rjly7W/ff9D5937m1B23fOuBF2bf/Y+nCwMPjP2sHJsWqyEkzyYhVH+2+2tf2vnooaN1SQihnAxsC2FeMv+BeUkmwtDfQwhr6u0cf+ddL56wdnR51fW94+rnZoJk9yv0l2N7GtsZwqWFe8QBqJqOs617Ljku/P69K6/+1aIf/bBn+zPb9q6SVBvGUwhzzm18fE8IYWb6f1QcbQvig9PlihBCX8PjTilo11Ettn9pTvnwdDkjXfYXxIn3L86US5n1suWoJ7PsK9hep/La0e56RWZlytmTUafy2hnr56XLn6TLY6cYvxz/J6GUhEq9+euTvWMkNBy3JCRjx7JaL5fqxzak+58pJ5lyKVMu92T2a2y76UArJ8n4+rhepj6ejitp/ZGN5+omzsypf326rKZP1JdiOWRv1PRPuFHfrzGxXbsnacu+UGo4BzWrrx/49GD0p3X9yfwJjxlpIt63c+UNS8qrHtw1kNOO5M4kjZ+0FX/rL+fN+tQPrrt4QV78c0tp/FJb8f9w2mPPnX3dd7+ZG/+mGL/cVvzj7+t79rSHrlmc2z+7Y/9UWon/cjb+6qcfvnHRwedtz23/rTF+ta32L9/xWO/sPffdn9v+odg/M9uK/9Q7P/jHO56455nc+CHG72sr/qodG7/cu3DPMbnx74/909/e+Hl++8lPLlz458G8+I/H+LPbin/7tlvecdvc60/NPb4rYv8MtBX/9KPvvXrWnnuOyDt3Jrd265UT4LXpoPQa69q03G6e2amGfOEbg5XaNd+s9P/sbm4oY3Q7c6YxPgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAr06/vuLET571no+urCQhJDnrjDQR7yvPWL58sI3trn764RsXHXze9sa6BW3EAQAAAIrFPLxUr6mGBeGSZGY4vOn6cY7g8FhKxtdn5xBinOwcQbtxSl2KU+5SnEqX4vR0Kc6MLsXpHR0IXYhTLWhPNbQWZ+YkcSqjo6LF9vRN2p7W4/R3Kc6sLsWZ3aU4c7oUZ26X4gxMGqf1cTivS3HmdynOQV2Kc3CX4hzSpTiv61KcQ7sUJzunPNVxODtd87C8OGM3yoVxKkm5fkez+fRD0+0c0eF2+gu2M7vo9bjF7cxscTtHZR5XmuJ2qi1u540dbidpcTtv7nA7pYLtxHF7abZ9Q+l24oNbHP+XZeOE9uJs7VKcy7sU54ouxfl8l+J8oUtxruwwDkCrYv7fW68ZCL2Vd4W+9IyTnQWI+e6isZ8TX+/yTkgx3hsy9TOK4mUT9Uy8RVNtX3YCIRNvcaa+Z1y8Sj0fmSRetTHeksydhfubnVDItO/YTH1vUbzsxAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATKNfX3HiJ896z0dXhiSM/mtqpIl4X3nG8uWDbWx358oblpRXPbirsa630kYgAAAAoFDMw3vqNdXQW1kWepMZ49arZuYBygO1+oVzworRZTJYGiv3JfOaPq6alivp45ZuuXDj0s2XbX3rugtXXzB8wfCGty87cdnJQyedfNLStevWDw/VfobQWxAvhDA2/bD5sq2fXb1+/fCmzbXKbPsXpI9bkJaT9HEL3xaGRpdX1dqfzC/YXmnC9qbvRouHEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgv9m1uxC5yvMB4O+ZmZ0ZV2P2j/p3DGYz5EPSVtokXUtsxT1QqKBJyCKUGduthJpQ6cYETSS1U12o2oSWghIIKbloSirVSm/8qFLqB4EUmzbQTUNRab1oLyzaWqKkUCJTsjtndmZ2TmY7lUTT3+/inDPP+7zvM++5WHjeWQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADhnpmoj45XRsepgFEKUklPvIhnL5uO43EfdLz+//fuF4VMrW2OFXB8LAQAAAD0lffhAM1IMhVw2ZMNV05+WhpaBMNv3AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/3umaiPjldGx6sVRCFFKTr2LZCybj+NyH3XfePfJz7w6PPxma6zUxzoAAABAb2f68EvD8JuZZqQYSmFZGIiuastLzgYWdczvzEvWWTzPvM6zg7S8ZfPMu2aeeR/rkbehcd8VAAAA4KMv+R0+14wMhUJuQWr/36uvT/KWdORlG/d+/lcAAAAA+O8k/X+hGSmFQq7U7Nfn2+8v7chL5vf63T6ZvyJlfq/f89c37n6nBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICPjqnayHhldKyajUKIUnLqXSRj2Xwcl/uou+aFwb/dcvihpa2xQq6PhQAAAICekj58tvUuhkJuMAyEi6f7/uGbDjz9xaefHQkhzLT5+XzYtWnHjrvXzFyTvNVHDw9878jb35qTt3rmet42CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfGCmaiPjldGx6kVRCFFKTr2LZCybj+NyH3Vf/9wX/vz4iefeao2V+lgHAAAA6C3pw2d7/2IohXzIh38OhEbv35qf6ZifdmYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXDju+cZ9X980MbH5bg8ePHhoPpzvv0wAAMAHbUmIQv0/dOXG8/2tAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAD4Op2sh4ZXSsWoxCiFJy6l0kY9l8HJf7qBs/f6yw4NQLL7XGSn2sAwAAAPSW9OGzvX8xlMJAGAhXTH/qdiYw3f8PncMvCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHyoTNVGxiujY9UFUQhRSk69i2Qsm4/jch91H5vc/9lDC797c2uskAshTE4/TvaxJAAAAJAi6cPzzUgxFHIfD4VwdePzRPuEKNu4dz8XmJ23vW3a4Lzn1drmZec5rxh2d+ws14jPzCsm6w3N3Jv1ynPnlVvmlUKzfLltXtjbNmtBj+8ZAAAA4DxK+v9CMzIUCrlCS5/7k7b8IX0uAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJBiqjYyXhkdq0ZRCFFKTr2LZCybj+NyH3Xv+83/XfKVn+7Z2Ror9bEOAAAA0FvSh8/2/sVQCovDpWHxdN8fhtrzk7y/V04fevQff1kZwqr/Pz6c61z2h8nDr16/8cXOSwiZ9uxMCAsb9aKUer/+3aP3Lq+ffjyEVVdkr55TL5y9XvuScf2Zyub1O44c397j5QAAAMAFIun/B5qRoVDI3ZXa/yedd4/+v2m6AV947+TPL29cGx15x4zMUKNeJqXe55c/+acVa//69pn+/2z1PrV/66HL2wrORDpEcX10684Nx687mEl2PVM/21E/eS9f+uZb/9qy65HTM/WLodiIL8p1qz/32uGiuD6R2Vdd9/6+Wnv9XMr+H/rtSyd+uWjPe2fqv7tksFn/mrPs/+z1B299eO/1+w9vaK8fQih3q//OezeHK/9w54Od+x/sWLj1zbdeO0Rx/ejSkwfXHijd0F4/6qifvP+fnXhs748f+c6zSf3kf0VWLutWP9v41Fo/01H/ld2XTb78wMZF7fUzKft/8bZXh7eVv/37zv3f0bZqLvUtzN3/E9c+dftrm+L7O4cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLFO1kfHK6Fg1E4UQpeTUu0jGsvk4LvdR941bjr1z254f/aA1VupjHQAAAKC3pA+f7f2LoRTyIR8Gp/v+Zyqb1+84cnx7GJoZjRqnBLmJbffs+MSWbTvvuiNl5UvPxdcHAAAA5iHp/3PNyFAo5JaHgUb/P7p154bj1x3MJP1/pnHPbblzYvOq0Mx7Zfdlky8/sHHR7DlBmP63gOKZvE/P5t1047Ghk3/82oqueWtm844uPXlw7YHSDUleaM1bHZrnE09c+9Ttr22K729+v9a8T35120TjeCJZd/DWh/dev//whuY+GvfBxrpJ3kRmX3Xd+/tqSV62cS829g0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzDVVGxmvjI5VQzaEKCWn3kUyls3HcbmPuuuW/+LBS049t7g1Vsj1sRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBvduBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrBfP6FxlH0cwJ9nN3mzzSZt0r5gVEzTqij1YFEQ0YuKirQiBU+VItXWHkRBEFHqwVRasVTFi2D1UkQFNUpBwcZiaZVU/Fe8eFBBoXoQSjGgXYoHlew+s91Md1ydVEH9fGB48jwz853fzPPsbBYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5RBvrGmu3hHfc3bjnnho8evevEIze9c++2ix5+9buJTdd9uHfwpZMzm1ds+fL6ZZv2371mevfzh34afuuXoz2DH2o1q1K3FkI8HkOovTv7zGMzH581NxZDCNU4MhnCaFx6aDTmElb/HELY3K5z/s43T1y+Za7dtmtg3viSXEj+vkK9mtXTMjK/Xv5dammdbW08eEn4+tr12z9d/sbr/VPHJk8dEmsd6ymExRs7z+8PISxK25xstY1lJ6d2XQhhsOO8K3vUdf4frP/Sgv65qf1faus9crL9K3P9Su64fD/Tn2sHe1xvoYrqKHtcL0O5fv5ltFBFdWbjo6l9O7Wr/mR+NdtiqMTQ1y7/nnhqjYSOeYshNuey1u5X2nMb0v3n+jHXr+T61f7cfTWvmxZaNcb549lxufHsddyXxld0vqu7uLVg/OzU1tIH9WTWD/k/Wuqn/dG+r6asrtnfqeXvUOl4B3Ubb098mox6GqvHpaed82sX2b6Z9U9cWN3w3uGRgjri3pjyY6n8rZ+MDt3+2s4HxoryN1ZSfqVU/jdrj/xw284XnivMfzrLr5bKv+zA4PG17+9YWfh8ZrPn01cq/46jHzy5/P93TnWb62b+niy/Vir/mukjA8ONAwcL61+dPZ9FpfK/uvrGb1/5fN+xwvyQ5Q+Wyt8wfd9TA+ONiwvzD7Y+CvXmCi2xfn6cuuKL8fHvJ4ryP8ue/3CX/Ngz/+XJ3Ve9uGTXmsL1uS57PiOl6r/5gv3bhxr7zit6d8Y9Z+qbE+C/aVn6H+vx1C/7O3OhOn4vPDvR1/oGGkrb8Jm8UM7cdRb/hfkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAb+zAAQkAAACAoP+v2xEoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8FQAA///7MTK7") unlink(&(0x7f0000000080)='./file0/file0\x00') [ 85.299808][ T4702] Bluetooth: hci0: command tx timeout [ 85.851179][ T5357] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 86.001821][ T5357] usb 5-1: Using ep0 maxpacket: 16 [ 86.007291][ T5357] usb 5-1: config 137 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 86.013618][ T5357] usb 5-1: config 137 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 86.019906][ T5357] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 86.025631][ T5357] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 86.641713][ T55] cfg80211: failed to load regulatory.db [ 87.035357][ T5361] loop0: detected capacity change from 0 to 32768 [ 87.352256][ T4702] Bluetooth: hci0: command tx timeout [ 87.379102][ T5361] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_reclaim_delay=458852,nojournal_transaction_names [ 87.379120][ T5361] allowing incompatible features above 0.0: (unknown version) [ 87.379127][ T5361] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 87.399526][ T5361] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0 [ 87.405092][ T5361] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 87.415513][ T5361] bcachefs (loop0): Version upgrade required: [ 87.415513][ T5361] Version upgrade from 0.41: (unknown version) to 1.7: mi_btree_bitmap incomplete [ 87.415513][ T5361] Doing incompatible version upgrade from 0.41: (unknown version) to 1.28: inode_has_case_insensitive [ 87.415513][ T5361] running recovery passes: check_allocations,check_extents_to_backpointers,check_snapshots,check_subvols,check_inodes,check_dirents,set_fs_needs_rebalance [ 87.554568][ T5361] bcachefs (loop0): btree node read error at btree freespace level 0/0 [ 87.554603][ T5361] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0 [ 87.554613][ T5361] loop0 node offset 8/32: btree node data missing: expected 32 sectors, found 8 [ 87.554620][ T5361] loop0 btree validate error [ 87.554626][ T5361] repair success (rewriting node) [ 87.579998][ T5361] bcachefs (loop0): accounting_read... done [ 87.584696][ T5361] bcachefs (loop0): alloc_read... done [ 87.588300][ T5361] bcachefs (loop0): snapshots_read... done [ 87.594180][ T5361] bcachefs (loop0): check_allocations... [ 87.599083][ T5361] bcachefs (loop0): bucket 0:26 data type btree ptr gen 0 missing in alloc btree [ 87.599182][ T5361] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0, fixing [ 87.615967][ T5361] bcachefs (loop0): bucket 0:34 data type user ptr gen in the future: 1 > 0 [ 87.615984][ T5361] while marking u64s 7 type extent 536870913:24:U32_MAX len 24 ver 0: durability: 1 crc: c_size 8 size 24 offset 0 nonce 0 csum none 0:0 compress lz4 ptr: 0:34:8 gen 1, fixing [ 87.629503][ T5361] bcachefs (loop0): bucket 0:34 gen 0 data type user: ptr gen 1 too stale [ 87.629517][ T5361] while marking u64s 7 type extent 536870913:24:U32_MAX len 24 ver 0: durability: 1 crc: c_size 8 size 24 offset 0 nonce 0 csum none 0:0 compress lz4 ptr: 0:34:8 gen 1, fixing [ 87.643300][ T5361] bcachefs (loop0): bucket 0:34 data type user ptr gen in the future: 1 > 0 [ 87.643327][ T5361] while marking u64s 7 type extent 536870913:24:U32_MAX len 24 ver 0: durability: 1 crc: c_size 8 size 24 offset 0 nonce 0 csum none 0:0 compress lz4 ptr: 0:34:8 gen 1, fixing [ 87.656768][ T5361] bcachefs (loop0): bucket 0:34 gen 0 data type user: ptr gen 1 too stale [ 87.656782][ T5361] while marking u64s 7 type extent 536870913:24:U32_MAX len 24 ver 0: durability: 1 crc: c_size 8 size 24 offset 0 nonce 0 csum none 0:0 compress lz4 ptr: 0:34:8 gen 1, fixing [ 87.669171][ T5361] bcachefs (loop0): bucket 0:34 data type user ptr gen in the future: 1 > 0 [ 87.669185][ T5361] while marking u64s 7 type extent 536870913:24:U32_MAX len 24 ver 0: durability: 1 crc: c_size 8 size 24 offset 0 nonce 0 csum none 0:0 compress lz4 ptr: 0:34:8 gen 1, fixing [ 87.682713][ T5361] bcachefs (loop0): bucket 0:34 gen 0 data type user: ptr gen 1 too stale [ 87.682729][ T5361] while marking u64s 7 type extent 536870913:24:U32_MAX len 24 ver 0: durability: 1 crc: c_size 8 size 24 offset 0 nonce 0 csum none 0:0 compress lz4 ptr: 0:34:8 gen 1, fixing [ 87.698571][ T5361] bcachefs (loop0): bucket 0:38 data type btree ptr gen 0 missing in alloc btree [ 87.698587][ T5361] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7589ab5e0c11cc7a written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing [ 87.712522][ T5361] bcachefs (loop0): bucket 0:41 data type btree ptr gen 0 missing in alloc btree [ 87.712537][ T5361] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing [ 87.725550][ T5361] bcachefs (loop0): bucket 0:35 data type btree ptr gen 0 missing in alloc btree [ 87.725566][ T5361] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c0bef60d07ceb940 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing [ 87.741442][ T5361] bcachefs (loop0): bucket 0:29 data type btree ptr gen 0 missing in alloc btree [ 87.741458][ T5361] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing [ 87.756750][ T5361] bcachefs (loop0): bucket 0:1 gen 0 has wrong data_type: got free, should be sb, fixing [ 87.761968][ T5361] bcachefs (loop0): bucket 0:1 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing [ 87.767788][ T5361] bcachefs (loop0): bucket 0:2 gen 0 has wrong data_type: got free, should be sb, fixing [ 87.773191][ T5361] bcachefs (loop0): bucket 0:2 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing [ 87.778609][ T5361] bcachefs (loop0): bucket 0:3 gen 0 has wrong data_type: got free, should be sb, fixing [ 87.783707][ T5361] bcachefs (loop0): bucket 0:3 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing [ 87.788720][ T5361] bcachefs (loop0): bucket 0:4 gen 0 has wrong data_type: got free, should be sb, fixing [ 87.794394][ T5361] bcachefs (loop0): bucket 0:4 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing [ 87.799461][ T5361] bcachefs (loop0): bucket 0:5 gen 0 has wrong data_type: got free, should be sb, fixing [ 87.804223][ T5361] bcachefs (loop0): bucket 0:5 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing [ 87.809871][ T5361] bcachefs (loop0): bucket 0:6 gen 0 has wrong data_type: got free, should be sb, fixing [ 87.815231][ T5361] bcachefs (loop0): bucket 0:6 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing [ 87.820671][ T5361] bcachefs (loop0): bucket 0:7 gen 0 has wrong data_type: got free, should be sb, fixing [ 87.825366][ T5361] bcachefs (loop0): bucket 0:7 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing [ 87.830521][ T5361] bcachefs (loop0): bucket 0:8 gen 0 has wrong data_type: got free, should be sb, fixing [ 87.836078][ T5361] bcachefs (loop0): bucket 0:8 gen 0 data type sb has wrong dirty_sectors: got 0, should be 8, fixing [ 87.843486][ T5361] bcachefs (loop0): bucket 0:9 gen 0 has wrong data_type: got free, should be journal, fixing [ 87.847837][ T5361] bcachefs (loop0): bucket 0:9 gen 0 data type journal has wrong dirty_sectors: got 0, should be 256, fixing [ 87.854599][ T5361] bcachefs (loop0): bucket 0:10 gen 0 has wrong data_type: got free, should be journal, fixing [ 87.859117][ T5361] bcachefs (loop0): bucket 0:10 gen 0 data type journal has wrong dirty_sectors: got 0, should be 256, fixing [ 87.864966][ T5361] bcachefs (loop0): bucket 0:11 gen 0 has wrong data_type: got free, should be journal, fixing [ 87.864979][ T5361] Ratelimiting new instances of previous error [ 87.873892][ T5361] bcachefs (loop0): bucket 0:11 gen 0 data type journal has wrong dirty_sectors: got 0, should be 256, fixing [ 87.873907][ T5361] Ratelimiting new instances of previous error [ 87.897809][ T5361] done [ 87.902912][ T5361] bcachefs (loop0): going read-write [ 87.920305][ T5361] bcachefs (loop0): journal_replay... [ 87.936531][ T3034] bcachefs (loop0): bucket incorrectly unset in freespace btree [ 87.936556][ T3034] u64s 5 type deleted 0:25:0 len 0 ver 0, , continuing [ 87.957278][ T3034] bcachefs (loop0): bucket incorrectly unset in freespace btree [ 87.957303][ T3034] u64s 5 type deleted 0:30:0 len 0 ver 0, , continuing [ 87.996160][ T12] bcachefs (loop0): bucket incorrectly unset in freespace btree [ 87.996175][ T12] u64s 5 type deleted 0:43:0 len 0 ver 0, , continuing [ 88.015817][ T5361] done [ 88.018012][ T5361] bcachefs (loop0): check_extents_to_backpointers... [ 88.020387][ T5361] bcachefs (loop0): scanning for missing backpointers in 4/128 buckets [ 88.027925][ T5361] done [ 88.030243][ T5361] bcachefs (loop0): check_snapshots... done [ 88.034108][ T5361] bcachefs (loop0): check_subvols... [ 88.034525][ T5361] bcachefs (loop0): running recovery pass reconstruct_snapshots (21), currently at check_subvols (24) - rewinding [ 88.042399][ T5361] bcachefs (loop0): bch2_check_subvols(): error restart_recovery [ 88.045452][ T5361] bcachefs (loop0): reconstruct_snapshots... [ 88.046371][ T5361] bcachefs (loop0): snapshot node 4294967295 from tree 4294967295 missing, recreating [ 88.089762][ T5361] ------------[ cut here ]------------ [ 88.092336][ T5361] WARNING: CPU: 0 PID: 5361 at fs/bcachefs/btree_iter.c:3194 __bch2_trans_kmalloc+0x50f/0x9d0 [ 88.097033][ T5361] Modules linked in: [ 88.099047][ T5361] CPU: 0 UID: 0 PID: 5361 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 88.103069][ T5361] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 88.107860][ T5361] RIP: 0010:__bch2_trans_kmalloc+0x50f/0x9d0 [ 88.110384][ T5361] Code: 00 28 00 00 e8 d2 5b 35 00 48 c7 c0 75 f7 ff ff 48 83 c4 48 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 42 a0 94 fd 90 <0f> 0b 90 e9 d3 fb ff ff e8 34 a0 94 fd 90 0f 0b 90 e9 dc fd ff ff [ 88.118878][ T5361] RSP: 0018:ffffc9000d336290 EFLAGS: 00010246 [ 88.121731][ T5361] RAX: ffffffff842b1cfe RBX: ffff88805443c000 RCX: 0000000000100000 [ 88.125081][ T5361] RDX: ffffc9000eaa3000 RSI: 00000000000fffff RDI: 0000000000100000 [ 88.128206][ T5361] RBP: 0000000000020000 R08: ffffc9000d336690 R09: 0000000000000001 [ 88.131295][ T5361] R10: ffffc9000d3365a0 R11: fffff52001a66c81 R12: dffffc0000000000 [ 88.134445][ T5361] R13: ffff88805443c030 R14: 1ffff1100a887800 R15: 0000000000000011 [ 88.137683][ T5361] FS: 00007f5e559c16c0(0000) GS:ffff88808d007000(0000) knlGS:0000000000000000 [ 88.141485][ T5361] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.144091][ T5361] CR2: 00007feca2f9c000 CR3: 000000003f4a8000 CR4: 0000000000352ef0 [ 88.147358][ T5361] Call Trace: [ 88.148830][ T5361] [ 88.150075][ T5361] ? trace_contention_end+0x39/0x120 [ 88.152336][ T5361] bch2_alloc_sectors_start_trans+0x1d59/0x1e80 [ 88.154885][ T5361] ? bch2_btree_reserve_get+0x4ef/0x1810 [ 88.157337][ T5361] ? bch2_alloc_sectors_start_trans+0x73/0x1e80 [ 88.160056][ T5361] ? __mutex_unlock_slowpath+0x1a1/0x740 [ 88.162566][ T5361] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 88.164813][ T5361] ? bch2_btree_node_mem_alloc+0xcdf/0x1820 [ 88.167096][ T5361] ? rcu_is_watching+0x15/0xb0 [ 88.169078][ T5361] bch2_btree_reserve_get+0x641/0x1810 [ 88.171615][ T5361] ? irqentry_exit+0x74/0x90 [ 88.173657][ T5361] ? __pfx_bch2_btree_reserve_get+0x10/0x10 [ 88.176243][ T5361] ? rcu_is_watching+0x15/0xb0 [ 88.178311][ T5361] ? six_unlock_ip+0x302/0x430 [ 88.180380][ T5361] ? bch2_trans_unlock+0x491/0x580 [ 88.182664][ T5361] bch2_btree_update_start+0x18ff/0x1de0 [ 88.185105][ T5361] ? bch2_btree_split_leaf+0x14b/0x8e0 [ 88.187553][ T5361] ? __pfx_bch2_btree_update_start+0x10/0x10 [ 88.190189][ T5361] ? __pfx_bch2_btree_path_peek_slot+0x10/0x10 [ 88.193069][ T5361] ? bch2_btree_path_peek_slot+0x8b6/0xfe0 [ 88.195610][ T5361] ? __asan_memcpy+0x40/0x70 [ 88.197563][ T5361] bch2_btree_split_leaf+0x14b/0x8e0 [ 88.199802][ T5361] bch2_trans_commit_error+0x1b7/0x1130 [ 88.202442][ T5361] ? bch2_btree_node_prep_for_write+0x318/0x650 [ 88.205090][ T5361] ? bch2_reconstruct_snapshots+0x1ae6/0x2170 [ 88.207748][ T5361] ? six_unlock_ip+0x302/0x430 [ 88.210020][ T5361] ? __pfx_bch2_trans_commit_error+0x10/0x10 [ 88.212677][ T5361] ? bch2_trans_unlock_updates_write+0xc22/0xd50 [ 88.215513][ T5361] __bch2_trans_commit+0x1bb5/0x8870 [ 88.217962][ T5361] ? bch2_reconstruct_snapshots+0x1ae6/0x2170 [ 88.220662][ T5361] ? bch2_trans_iter_exit+0x18e/0x2f0 [ 88.223064][ T5361] ? __pfx___bch2_trans_commit+0x10/0x10 [ 88.225446][ T5361] ? bch2_btree_insert_trans+0x1db/0x330 [ 88.227874][ T5361] ? __pfx_bch2_btree_insert_trans+0x10/0x10 [ 88.230430][ T5361] ? bch2_btree_insert_trans+0x18a/0x330 [ 88.232877][ T5361] bch2_reconstruct_snapshots+0x1ae6/0x2170 [ 88.235443][ T5361] ? bch2_reconstruct_snapshots+0xf61/0x2170 [ 88.238132][ T5361] ? __pfx_bch2_reconstruct_snapshots+0x10/0x10 [ 88.240896][ T5361] ? vprintk_emit+0x63e/0x7a0 [ 88.243079][ T5361] ? bch2_reconstruct_snapshots+0xf79/0x2170 [ 88.245626][ T5361] ? do_raw_spin_lock+0x121/0x290 [ 88.247812][ T5361] ? __bch2_print+0x176/0x220 [ 88.249888][ T5361] ? bch2_reconstruct_snapshots+0x1eb/0x2170 [ 88.252555][ T5361] ? lockdep_hardirqs_on+0x9c/0x150 [ 88.254807][ T5361] __bch2_run_recovery_passes+0x3ba/0x1060 [ 88.257342][ T5361] bch2_run_recovery_passes+0x184/0x210 [ 88.259827][ T5361] bch2_fs_recovery+0x2690/0x3a50 [ 88.262053][ T5361] ? __pfx_bch2_fs_recovery+0x10/0x10 [ 88.264333][ T5361] ? __mutex_trylock_common+0x84/0x260 [ 88.266504][ T5361] ? __mutex_trylock_common+0x153/0x260 [ 88.268953][ T5361] ? __lock_acquire+0xab9/0xd20 [ 88.271161][ T5361] ? __lock_acquire+0xab9/0xd20 [ 88.273453][ T5361] ? bch2_fs_start+0xa0f/0xda0 [ 88.276028][ T5361] ? up_write+0x1c4/0x420 [ 88.278397][ T5361] ? bch2_fs_start+0x5e7/0xda0 [ 88.281031][ T5361] bch2_fs_start+0xaaf/0xda0 [ 88.283501][ T5361] ? bch2_fs_start+0x5e7/0xda0 [ 88.286027][ T5361] ? __pfx_bch2_fs_start+0x10/0x10 [ 88.288941][ T5361] ? sget+0x267/0x620 [ 88.290696][ T5361] bch2_fs_get_tree+0xb39/0x1520 [ 88.292742][ T5361] ? __pfx_bch2_fs_get_tree+0x10/0x10 [ 88.295040][ T5361] ? lockdep_hardirqs_on+0x9c/0x150 [ 88.297279][ T5361] vfs_get_tree+0x92/0x2b0 [ 88.299240][ T5361] do_new_mount+0x2a2/0x9e0 [ 88.301436][ T5361] ? ns_capable+0x8a/0xf0 [ 88.303176][ T5361] ? __pfx_do_new_mount+0x10/0x10 [ 88.305452][ T5361] ? path_mount+0x61c/0xfe0 [ 88.307515][ T5361] ? user_path_at+0x44/0x60 [ 88.309603][ T5361] __se_sys_mount+0x317/0x410 [ 88.311719][ T5361] ? __pfx___se_sys_mount+0x10/0x10 [ 88.313879][ T5361] ? do_syscall_64+0xbe/0x3b0 [ 88.315940][ T5361] ? __x64_sys_mount+0x20/0xc0 [ 88.318046][ T5361] do_syscall_64+0xfa/0x3b0 [ 88.320491][ T5361] ? lockdep_hardirqs_on+0x9c/0x150 [ 88.322898][ T5361] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.325674][ T5361] ? clear_bhb_loop+0x60/0xb0 [ 88.327755][ T5361] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.330305][ T5361] RIP: 0033:0x7f5e54b9066a [ 88.332050][ T5361] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 88.340043][ T5361] RSP: 002b:00007f5e559c0e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 88.343634][ T5361] RAX: ffffffffffffffda RBX: 00007f5e559c0ef0 RCX: 00007f5e54b9066a [ 88.347153][ T5361] RDX: 0000200000000080 RSI: 0000200000000000 RDI: 00007f5e559c0eb0 [ 88.350658][ T5361] RBP: 0000200000000080 R08: 00007f5e559c0ef0 R09: 0000000000200000 [ 88.354229][ T5361] R10: 0000000000200000 R11: 0000000000000246 R12: 0000200000000000 [ 88.357721][ T5361] R13: 00007f5e559c0eb0 R14: 0000000000005979 R15: 0000200000000180 [ 88.361253][ T5361] [ 88.362743][ T5361] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 88.365904][ T5361] CPU: 0 UID: 0 PID: 5361 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 88.369703][ T5361] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 88.374047][ T5361] Call Trace: [ 88.375590][ T5361] [ 88.376746][ T5361] dump_stack_lvl+0x99/0x250 [ 88.379014][ T5361] ? __asan_memcpy+0x40/0x70 [ 88.381281][ T5361] ? __pfx_dump_stack_lvl+0x10/0x10 [ 88.383649][ T5361] ? __pfx__printk+0x10/0x10 [ 88.385620][ T5361] vpanic+0x281/0x750 [ 88.387250][ T5361] ? __pfx__printk+0x10/0x10 [ 88.389243][ T5361] ? __pfx_vpanic+0x10/0x10 [ 88.391036][ T5361] ? is_bpf_text_address+0x292/0x2b0 [ 88.393189][ T5361] panic+0xb9/0xc0 [ 88.394789][ T5361] ? __pfx_panic+0x10/0x10 [ 88.396735][ T5361] __warn+0x31b/0x4b0 [ 88.398531][ T5361] ? __bch2_trans_kmalloc+0x50f/0x9d0 [ 88.400728][ T5361] ? __bch2_trans_kmalloc+0x50f/0x9d0 [ 88.402964][ T5361] report_bug+0x2be/0x4f0 [ 88.404738][ T5361] ? __bch2_trans_kmalloc+0x50f/0x9d0 [ 88.407110][ T5361] ? __bch2_trans_kmalloc+0x50f/0x9d0 [ 88.409390][ T5361] ? __bch2_trans_kmalloc+0x511/0x9d0 [ 88.411404][ T5361] handle_bug+0x84/0x160 [ 88.412962][ T5361] exc_invalid_op+0x1a/0x50 [ 88.414748][ T5361] asm_exc_invalid_op+0x1a/0x20 [ 88.416740][ T5361] RIP: 0010:__bch2_trans_kmalloc+0x50f/0x9d0 [ 88.419278][ T5361] Code: 00 28 00 00 e8 d2 5b 35 00 48 c7 c0 75 f7 ff ff 48 83 c4 48 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 42 a0 94 fd 90 <0f> 0b 90 e9 d3 fb ff ff e8 34 a0 94 fd 90 0f 0b 90 e9 dc fd ff ff [ 88.426924][ T5361] RSP: 0018:ffffc9000d336290 EFLAGS: 00010246 [ 88.429376][ T5361] RAX: ffffffff842b1cfe RBX: ffff88805443c000 RCX: 0000000000100000 [ 88.432604][ T5361] RDX: ffffc9000eaa3000 RSI: 00000000000fffff RDI: 0000000000100000 [ 88.435739][ T5361] RBP: 0000000000020000 R08: ffffc9000d336690 R09: 0000000000000001 [ 88.439249][ T5361] R10: ffffc9000d3365a0 R11: fffff52001a66c81 R12: dffffc0000000000 [ 88.442528][ T5361] R13: ffff88805443c030 R14: 1ffff1100a887800 R15: 0000000000000011 [ 88.445654][ T5361] ? __bch2_trans_kmalloc+0x50e/0x9d0 [ 88.447861][ T5361] ? trace_contention_end+0x39/0x120 [ 88.449986][ T5361] bch2_alloc_sectors_start_trans+0x1d59/0x1e80 [ 88.452566][ T5361] ? bch2_btree_reserve_get+0x4ef/0x1810 [ 88.454757][ T5361] ? bch2_alloc_sectors_start_trans+0x73/0x1e80 [ 88.457178][ T5361] ? __mutex_unlock_slowpath+0x1a1/0x740 [ 88.459397][ T5361] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 88.461989][ T5361] ? bch2_btree_node_mem_alloc+0xcdf/0x1820 [ 88.464792][ T5361] ? rcu_is_watching+0x15/0xb0 [ 88.467060][ T5361] bch2_btree_reserve_get+0x641/0x1810 [ 88.469434][ T5361] ? irqentry_exit+0x74/0x90 [ 88.471359][ T5361] ? __pfx_bch2_btree_reserve_get+0x10/0x10 [ 88.473839][ T5361] ? rcu_is_watching+0x15/0xb0 [ 88.475742][ T5361] ? six_unlock_ip+0x302/0x430 [ 88.477697][ T5361] ? bch2_trans_unlock+0x491/0x580 [ 88.479844][ T5361] bch2_btree_update_start+0x18ff/0x1de0 [ 88.482172][ T5361] ? bch2_btree_split_leaf+0x14b/0x8e0 [ 88.484210][ T5361] ? __pfx_bch2_btree_update_start+0x10/0x10 [ 88.486701][ T5361] ? __pfx_bch2_btree_path_peek_slot+0x10/0x10 [ 88.489325][ T5361] ? bch2_btree_path_peek_slot+0x8b6/0xfe0 [ 88.491800][ T5361] ? __asan_memcpy+0x40/0x70 [ 88.493794][ T5361] bch2_btree_split_leaf+0x14b/0x8e0 [ 88.495946][ T5361] bch2_trans_commit_error+0x1b7/0x1130 [ 88.498342][ T5361] ? bch2_btree_node_prep_for_write+0x318/0x650 [ 88.500795][ T5361] ? bch2_reconstruct_snapshots+0x1ae6/0x2170 [ 88.503277][ T5361] ? six_unlock_ip+0x302/0x430 [ 88.505276][ T5361] ? __pfx_bch2_trans_commit_error+0x10/0x10 [ 88.507868][ T5361] ? bch2_trans_unlock_updates_write+0xc22/0xd50 [ 88.510527][ T5361] __bch2_trans_commit+0x1bb5/0x8870 [ 88.512725][ T5361] ? bch2_reconstruct_snapshots+0x1ae6/0x2170 [ 88.515435][ T5361] ? bch2_trans_iter_exit+0x18e/0x2f0 [ 88.517703][ T5361] ? __pfx___bch2_trans_commit+0x10/0x10 [ 88.520087][ T5361] ? bch2_btree_insert_trans+0x1db/0x330 [ 88.522368][ T5361] ? __pfx_bch2_btree_insert_trans+0x10/0x10 [ 88.524761][ T5361] ? bch2_btree_insert_trans+0x18a/0x330 [ 88.527114][ T5361] bch2_reconstruct_snapshots+0x1ae6/0x2170 [ 88.529510][ T5361] ? bch2_reconstruct_snapshots+0xf61/0x2170 [ 88.531956][ T5361] ? __pfx_bch2_reconstruct_snapshots+0x10/0x10 [ 88.534741][ T5361] ? vprintk_emit+0x63e/0x7a0 [ 88.536730][ T5361] ? bch2_reconstruct_snapshots+0xf79/0x2170 [ 88.539313][ T5361] ? do_raw_spin_lock+0x121/0x290 [ 88.541221][ T5361] ? __bch2_print+0x176/0x220 [ 88.543283][ T5361] ? bch2_reconstruct_snapshots+0x1eb/0x2170 [ 88.545807][ T5361] ? lockdep_hardirqs_on+0x9c/0x150 [ 88.547993][ T5361] __bch2_run_recovery_passes+0x3ba/0x1060 [ 88.550531][ T5361] bch2_run_recovery_passes+0x184/0x210 [ 88.552759][ T5361] bch2_fs_recovery+0x2690/0x3a50 [ 88.555017][ T5361] ? __pfx_bch2_fs_recovery+0x10/0x10 [ 88.557239][ T5361] ? __mutex_trylock_common+0x84/0x260 [ 88.559534][ T5361] ? __mutex_trylock_common+0x153/0x260 [ 88.561799][ T5361] ? __lock_acquire+0xab9/0xd20 [ 88.563941][ T5361] ? __lock_acquire+0xab9/0xd20 [ 88.566066][ T5361] ? bch2_fs_start+0xa0f/0xda0 [ 88.568125][ T5361] ? up_write+0x1c4/0x420 [ 88.570123][ T5361] ? bch2_fs_start+0x5e7/0xda0 [ 88.572119][ T5361] bch2_fs_start+0xaaf/0xda0 [ 88.574101][ T5361] ? bch2_fs_start+0x5e7/0xda0 [ 88.576108][ T5361] ? __pfx_bch2_fs_start+0x10/0x10 [ 88.578461][ T5361] ? sget+0x267/0x620 [ 88.580110][ T5361] bch2_fs_get_tree+0xb39/0x1520 [ 88.582297][ T5361] ? __pfx_bch2_fs_get_tree+0x10/0x10 [ 88.584410][ T5361] ? lockdep_hardirqs_on+0x9c/0x150 [ 88.586647][ T5361] vfs_get_tree+0x92/0x2b0 [ 88.588570][ T5361] do_new_mount+0x2a2/0x9e0 [ 88.590366][ T5361] ? ns_capable+0x8a/0xf0 [ 88.592234][ T5361] ? __pfx_do_new_mount+0x10/0x10 [ 88.594289][ T5361] ? path_mount+0x61c/0xfe0 [ 88.596097][ T5361] ? user_path_at+0x44/0x60 [ 88.597961][ T5361] __se_sys_mount+0x317/0x410 [ 88.599808][ T5361] ? __pfx___se_sys_mount+0x10/0x10 [ 88.602001][ T5361] ? do_syscall_64+0xbe/0x3b0 [ 88.603967][ T5361] ? __x64_sys_mount+0x20/0xc0 [ 88.605978][ T5361] do_syscall_64+0xfa/0x3b0 [ 88.607938][ T5361] ? lockdep_hardirqs_on+0x9c/0x150 [ 88.610227][ T5361] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.612791][ T5361] ? clear_bhb_loop+0x60/0xb0 [ 88.614880][ T5361] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.617391][ T5361] RIP: 0033:0x7f5e54b9066a [ 88.619324][ T5361] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 88.627377][ T5361] RSP: 002b:00007f5e559c0e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 88.630730][ T5361] RAX: ffffffffffffffda RBX: 00007f5e559c0ef0 RCX: 00007f5e54b9066a [ 88.633983][ T5361] RDX: 0000200000000080 RSI: 0000200000000000 RDI: 00007f5e559c0eb0 [ 88.637152][ T5361] RBP: 0000200000000080 R08: 00007f5e559c0ef0 R09: 0000000000200000 [ 88.640525][ T5361] R10: 0000000000200000 R11: 0000000000000246 R12: 0000200000000000 [ 88.643644][ T5361] R13: 00007f5e559c0eb0 R14: 0000000000005979 R15: 0000200000000180 [ 88.646857][ T5361] [ 88.648527][ T5361] Kernel Offset: disabled [ 88.650331][ T5361] Rebooting in 86400 seconds..