program:
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$sock_int(r0, 0x1, 0xb, 0x0, 0x0)
syz_mount_image$bcachefs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x1000001, &(0x7f0000000240)=ANY=[@ANYBLOB="6572726f72733d636f6e74696e75652c6572726f725f736166652c6a6f75726e616c5f7472616e73616374696f6e5f6e616d65736f6e5f757067726164653d6e6f6e652c736d61636b66736861743d2a2c6f626a5f747970653d28aa2900212c667521633d4b455845435f4b45564e454c5f434845434b2c657569643d00"/136, @ANYRESDEC, @ANYBLOB="2682fab62d334488a30d3daad82b581d753656417f0716bf0b94caecd22aa3640df45dfb55924926f951497544866d7f0fc51f8b8c90b9439f6bc5837bad0a83b176aa1553d0a8103012daf7fdb248a6a740e259f8bf2ae9b48f1ac6853bf265a26e28643c9b7eb248a776a9e7ef8ae6cb33f399f8d063866622209047d2cd3cf23a8c5c84545c7913470d5d112b297ff6a43f4684bb14bbcd9ef31ec7a953a76314c4f55eafde2cd3ded5f1c0611004585a5f49ffc3c474967b44d02c40800695de21f6aaa1dda1968ae9b4abc1685b78633731b0ec8c7d59058e52b699e9162d6d423e21b019fd3ba9a1", @ANYRES64, @ANYRESOCT=0x0], 0x0, 0x5968, &(0x7f0000005e40)="$eJzs3X+MXGXdKPDnzMzuTnf7Y1tACsh2KVQR1LaABH9Eq9dfASQ1GKXcKix0i9W2NG0RKCjFC14IYNBoFPUPJEguWA0JXKUSkB+35SpKuHrJGySvvi/6Jr5BXhqBhhhf+2Z3zjM7e3bOntnZWWjL55N2z5xnznyf5zznmTPn+8zsTgAAAOB1Yfe1W/aedeSHfvnl4Zev+ujPNlwd+sqj5dW4QX+6vOy1aiEzqZRZ76ksHF1mx8Wbr7jrT4MXfuAXd/f+4JVda45Z+7sPHnLh/Z87fect3334pTn3/uPZonrieDphbD15Pgmh+sCeb35l1+OHj5QlIYRy0r89hPnJgofnJ5kQy/4WQlhTb+f4O+95+eS1I8urb+gZVz4vE8R4f32rpuNs295LTwy/f/+qa3696Mc/6trx3PaxTZJqw3gKYe75jY/vCiHMSv+PiKNtYXxwulwZQuhteNxpBe06tsX2L81ZPypddqfLfeXJ4/Sly8WZ9ez5ILsedWWWvZNXFxq6qi157Wh3uyKzM+vZk9F05bUzls9Plz9NlydMMX45/k9CKQmVevPXJ2NjJDQctyQko8eyWl8vjdvnpOFYp+tJZr2UWS93ZfZrtN50oJWTZHx53C5THk/HlbT8mMZzdRNn55QfkS6r6RP1lbgesjdq+ibcqO/XqNiuPZO05dVQynlixfL6MRw5GA2vmX3JggmP2ddEvG/XqhuXlFc/srs/px3J3bWa+kZH0tTjb/vV/Nmf+eH1lyzMi39+KY1faiv+H8544oVzr7/tO7nxb47xy23FP+nB3ufPePTaxbn9syf2T6Wt+EPPPnbTokMv2JHb/ltj/Gpb8VfsfKJnzt4HH8pt/7LYP7Paiv/Muz/8xzufuu+5hvjjToFJiPF724q/euemr/YM7D0+t/0Pxf7pa2/8vLjj1KcHBv48mBf/yRh/Tlvx79h+y7tun3fD6bnHd2Xsn/624p953P3XzN5739F5587k1qm9cnZPaWuAg98h6SXjdel6u3nmdDXkC98erNSuA2NOM6eTFWWM1DN3BuMDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Pp02In/9yP/+sn+5yvpek9645lSbRnLu0NIZoUQtmwd2rx13caLBj938SWbNw6tHxzaOji8cevmywdPeevg5uFN64cuH7l32dtOrj1uQUhqy+ToCXXv27dvX6l/fFms778dt+P3S07797+EsOyw3w5Uctu/9JYNtx/a5GdGsmLf+zZcctZv3/H9dL/603b157Qr5LTrP875++1f3/On40NY9obJ2vXYM+/9+bgGjRaMxUmVekKtQT1Jb9N21Fudtif2V2XtuvXDy4r7t5yzH//9iuf+tvayr/291r/V3P1osX9nrdi3vvStVWf+57eurBUsCDHm/nXci/o77kVsX+y/atrfc9P+npvT35Wc/br21w899cCR17+0PSyrvLhoYt1F+9WVDoCu5IiW6o019Cbzx5VX0+3j0YmPW7p1w6alWy7f9rZ1G4YuGr5oeOM7l5+y/NR/uy2EpaN7vrTD+x/rf1OL+//qnEfmfWH7T+PP1sZTUbuK+mOkXcX90diivOdf79lf+cY7b3n0rFpB0TiPW9fPJ+myd+Q4Lw8N421iXzXbr6J+CCEMNuuHF146PRz+T+uuKToPNR6Zxp8ZyYp9jy/+6/dP+97C99QKXpXzfGOD2jzP11s91p7R/qqmx2N/7d+eUE73q69pu5Y//mjXjbv/8sV6+7q7w2VDW7duXl77OTtt6ezkqKbtypbG/Vo0+rMc0m4J9WHaZLyO6Aq19mXPn3HzbK/2pff1JQsy93SP7ldWvHfXqhuXlFc/sjuvp5O7azXOCnNqy+SNOVuuzzywXG9ws/qnMj6S7fvP+Bj4yPfu/eS9Pzkltq87hNr4OKn2M2+/ekK9O5qO+x8/dcc3fvC1//mTzu3XR977RP9f//mzS2oFB8p5pd7qtD1J43nlpBCKnn+LQvP9yH3+lZrvT9HzL1vP2PbN4w1m1vtCOef52vz5Eu876cHe58949NrFuc/XPa0+X68ct1YueL7uL+On6Lwxc8+vcQMlWbHvF9cdsv3hq1YeWSsoGtf1rZuN65NbyDtz9uvn5z49cPHg//j/nTtv3PXWe8773dCKL9UK9pfjXk37t5rTv/VWx7yzsX/ffuHF69fUyvff6990WZD/xFPJlsu3fX5o/frhzVta269Wr7diPdlebvf1NJ7dFhTsV2nCfnX+xoqRq5S0xzr1fIvtX9N2f41/vvWFpK3XhW2/mj/7Mz+8/pL+CY9KKzq/lMYvtRX/D2c88cK519/2ndz4N8f4lbbiDz372E2LDr1gR278W5M0frWt+Ct2PtEzZ++DD+XGXxbbP6ut+M+8+8N/vPOp+57LjR9i/L72+v/FHac+PTDw59z4TyZpPSPXSCHc8/LJa2vrSehKn2+xHV3j2hWy60lmvZRZLzeul9Jr4FhBOUnGl8ft0vJjGtrSzKdyyuNVWHVhbflKXA/ZG5OX729KDef+ZuVF16kAAAe7+P5/vAaN7/8PpxdK+TMNMKYoD2u83SwPW5gTN+ZhY/M53ePuX5jGjI+P84ADbw/LRpZXD9Yu9Kc6zxmfD9l5zljP8ceOj9HuPGfR/PvizHpsV22+vNKQh6Ym5jWV0ML8+8R6Jp9/z+x+8fz44HUTmjXYMG+VPX5d6YxZs887ZNpbGYmQNz6y82Lx8xwDc8PK0fpaHB/Zz9HE45D9HE2s58jK+DNnu5+jme74iM2eZHyMNrn4/Y2Jxy9M0r9jx695tOzxm8Lxro5sn//+7OTzPq2+P3vgzxvO7Pth5iVz4qdPsP193jCWx/2otDif+Mmc8k7NJ8bTRWzXnkna8mownwgcrGL+H18jeirNU/6i69DsVWOMl/s5oXLz9hTlHRM/p9fb1uv46p2bvtozsPf43Ouch1r93M+mcWu9BZ/7KerHJZn1wn7MmaApyvey9RT1e/ZzGX1hTuz3N38jc99k/X7H9lvedfu8G07P7feVtRfS4n4fX+ucgn6XL+TE34/zhcrrKF+Y7ucYiubPXrN8JP3g00zlI5/IKZ9iPjLWpMwHtQ7YfKTr1W0XAHDgiPl//f2zSu0NuH/JbFeUt56QWY/xRvPWq8bKi65P8vLWj6XLyzLb96W/UTHV6+Yzj7v/mtl77zs6N2+5tdU89H+NW+svzEPntNXemDfn5hErO/N58dw8op5nTS9PzG1/PU+cXp6eG7+ep08vj87tn3oePb15gNz49XmAKee5cYjvJ3nuzM7XHbR5dPrrszOVR5+dUz7V9/X6Jtyo79coeTQAwGsr5v/1JCHN/x/NbDfd6/bcvKBD1+3ZvwdSj//kq5VXznTeN9N560zn9TM9L3Ggv/870/NCMztPJi9O10P2Rs3+nRc/cFe8JS8GADi4xfx/Vrqen/9PLz/Jzd/q+cnrLj9PQtguPz9g8vMDff5rZvP/+Gsohfn/2Mdj5P/7Tf4/Rv4PAHBwi/l//LXH+Pf//k+6nv279a/DPH3UxDx9/FWyPF2ePun4aTlPn+l5Np8DMA9QzDwAAMDBpWs0U5r4e/afTpfZ37PP+738c3O2b1Vl9HfsQ7hg6+bh4fMu2bRmaOvweRsvXjO85bxLN6/bunV4Y2276eaNuXlLmjd2hUraH823y+Zt89J3POfl/D2E7PYx7FGjNyb+Hb9stbMK/o7A2PFrrb15x680yfbNxkfe8c6L/6mc7aP68b/wsyedt3bLees2rtu6bmj9um3D47cbyVp7p/C9mbFbpvS9mZkfE5Sm/v2dnWlHaUI7utL+yPt+9iTTjvlpS+bnff9BTrt/+f++/oXj9v39zhCWHVZ+47T6L1mx73+fM/yxrbt/u2mk/aVJ21/fMm1X0feVZreP+1NZf/GWrSeuvfiSjdlvlGxPnM8o1ddnaD4jffqXW5yfWJ1TPoX5iTND459lzfn7rPuLlucnAAAYJ77/H69n4/uHX0svoGJ563n69N4/bnqNWxp7/7goT89+L1lRnp7dPu5vq3l6dZp5erb+ojy92fbN8vS8vDsv/idytp+q1sfJ9D7nkTufc35r4yT7fQZF4yS7/VTHSTLNcZKtv2icNNu+2TjJO+558T+es32e1sfD9D6Xkzsebm5tPLwls140HrLbT3U8lKY5HrL1F42HZts3Gw95xzcv/lk524+ZlXtPmDA+RgbG6LgYPu/Sizd/vmG7mf7+i+m3b2a//6Ndrbd/Zj/3NfPtn9nPlc18+6f3ubLc9j85vZmw1ts/s98H2a5Xbb42/bBZ0efPiuZxV+WUT/VzZt0TbuyfzOPCayfm//Htnpj/35AuO/020IH/PWmTvc51Tft17sD//P3MXsd4PZ+ksv2A13MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA1vRUFo4ud1+7Ze9ZR37ol18efvmqj/5sw9VvvuKuPw1e+IFf3N37g1d2rTlm7e8+eMiF93/u9J23fPfhl+bc+49nCwP31xYnpKvVEJLnkxCqD+z55ld2PX74SFkSQign/dtDmJ8seHh+komw7G8hhDXpyhGV8Xfe8/LJa0eWV9/QM658XiZIdr9CXzm2Z1w7w2WFe8QBqJqOs217Lz0x/P79q6759aIf/6hrx3PbxzZJqg3jKYS55zc+viuEMCv9PyKOtoXxwelyZQiht+FxpxW069gW2780Z/2odNmdLvsK4sT7F2fWS5ntsutRV2bZW1DfdOW1o93tiszOrGdPRtOV185YPj9d/jRdnjDF+OX02JSTUEpCpd789cnYGAkNxy0Jyej21fp6qX5sQ7r/mfUks17KrJe7Mvs1Wm860MpJMr48bpcpj6fjSlp+TOO5uomzc8qPSJfV9In6SlwP2Rs1fRNu1PdrVGzXnkna0qC7tc2mrtRwDmpWXj/w6cHoS8v6kgUTHrOviXjfrlU3LimvfmR3f047kruTNH7SVvxtv5o/+zM/vP6ShXnxzy+l8Uttxf/DGU+8cO71t30nN/7NMX65rfgnPdj7/BmPXrs4t3/2xP6ptBV/6NnHblp06AU7ctt/a4xfbSv+ip1P9MzZ++BDue1fFvtnVlvxn3n3h/9451P3PZcbP8T4vW3FX71z01d7BvYenxv/odg/fe2Nnxd3nPr0wMCfB/PiPxnjz2kr/h3bb3nX7fNuOD33+K6M/dPfVvwzj7v/mtl77zs679yZ3NqpV06A16dD0mus69L1dvPM6WrIF749WKld881O/8+plReliG0ZqWfuTAQGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCg9psrT/n0Oe/7+KpKEkKSs82+JuJ95e4VK9qpd+jZx25adOgFOxrLFrYTCAAAACgU8/BSvaQaFoZLk1nhqKbbxzmCo+JaMr48O4cwa2zLjsQpdShOuUNxKh2K09WhON0ditPToTjVgjjV0FqcWZPGKbXcnt4OxenrUJzZHYozp0Nx5nYozrwOxemfNE7r43B+h+Is6FCcQzoU59AOxTmsQ3He0KE4h3coTnZOearjcE665ZF5cUZvlAvjVJJy/Y5m8+mxnqOnWU9fi/UMTrOeWS3Wc2zmcaUp1lNtsZ43TbOepMV63jLNekoF9cRxe1m2fbGeuNbi+L+8Q3G2dSjOFR2Kc2WH4nyxQ3G+1KE4V00zDkCrYv4/lu/1h57Ke0JvesbJzgLEfHfR6M+Jr3d5J6QY742Z8u6ieNlEPRNv0VTbl51AyMRbnCnvGhevUs9HJolXbYy3JHNn4f5mJxQy7TshU95TFC87sQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM+g3V57y6XPe9/FVIQkj/5ra10S8r9y9YsVgG/XuWnXjkvLqR3Y3lvVU2ggEAAAAFIp5eFe9pBp6KstDT9I9brtqOg9QTdfL/bXlwNywcmSZDJZG13uT+ZM+rpI+bunWDZuWbrl829vWbRi6aPii4Y3vXH7K8lOXvePUdyxdu2798LLazxB6xscbnSFojBdCGJ1+2HL5ts8PrV8/vHlLrTDb/oXp4xam60n6uIG3h2Ujy6vT9i8oaH9pQn0zd6P46AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/Be7dhvq1lkHAPw5SW6S3q0uY29ZWe9CX0bVoW29k07H7gHBwdaVXgaSTK+j2BaHt2vZ2lFn3C64zRZF2CiUSr9U6nBz+GVzboh7oVCZ1Yq3FtmG7oN+UDaddKMfpCPSm5zcJE2a21jWF3+/D+fk/J//8/zPcy4t/E8CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH63p6uhEeWy8MhyFEPXIqXWRjKWzcVwaoO5XXtryg9zI8WWtsVxmgIUAAACAvpI+fKgZyYdcJh3S4dqZq0WhZSDM9v0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD/gXntl9PV0Yny2HjlkiiEqMeUWhfJWDobx6UBbuPt95/97BsjI39vjRUHWAcAAADoL+nDU81IPhTD4jAUXduWl7wbWNAxvzMvWWfhHPM63x30yls8x7wb5pj38T55axrn7QEAAAAufEn/n2lGCiGXmd+z/+/X1yd513fkpRvnQX4rAAAAAPxvkv4/14wUQy5TbPbrc+33F3XkJfP7fW+fzF/aY36/7/PvbJx9Tw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF47p6uhEeWy8ko5CiHrk1LpIxtLZOC4NUHfly8P/vOPAY4taY7nMqXnR1ACLAwAAAG2SPny29c6HXGY4DIVLZvr+kdv2Pv+l518YDSHU2/xsNmxft3Xr/SvrxyRvxaEDQ98/+O63T8lbUT+esw0CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABnzXR1dKI8Nl6ZF4UQ9cipdZGMpbNxXBqg7luf/+Jfnz764jutseIA6wAAAAD9JX34bO+fD8WQDdlw9cxVa69/Uqpjfq93BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDF44FvPvSNdZOTG+734SL9cPnv63/p8+V+zuzDvI+yaNo/h9kP5/p/JgAA4Gy7PkShdoauWXuu7xoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgfTFdHJ8pj45V8FELUI6fWRTKWzsZxaYC68UuHc/OPv/xqa6w4wDoAAABAf0kfPtv750MxDIWhcNXMVbd3AjP9f2GuFYbOzo0CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA543p6uhEeWy8Mj8KIeqRU+siGUtn47g0QN2npvZ8bv9l37u9NZbLDLAQAAAA0FfSh2ebkXzIZT4RcuG6xvVk+4Qo3Th3fy8wO29L27ThOc+rts1Lz3nejo6dZRq7qc/LJ+sV6ufmvNKp80ot84qhWb7UNi/saps1v899BgAAADiHkv4/14wUQi6Ta+lzf9KWX9DnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9TFdHJ8pj45UoCqHW0JlT6yIZS2fjuDRA3Yd+e/mlX/3pzm2tseKgmwAAAABOK+nDo2YkH4phYfhYWDjT94dCPTrUGE3y/lU+sf/Jf/9tWQjLrz4ykum5/q/fuvWVzkMIqfakVAiXNepFhfahpN5v/vDkg0tqJ54OYflV6eu61ctP9a7XvmRcy4YQth48smUuTwgAAAAufEn/P9SMFEIuc98p/X8i6bzPqP+/7MGpX1zZODY68o4ZqUKjXqpHvS8sefYvS1f9492T/f/p6n16z6b9V7YVrEc6RHFtbNO2NUdu2pdKdl2vn+6onzyXL3/rnf9s3P7EiXr9fMg34gsy3eqfeuwwL65NpnZXVn+4u9peP9Nj/4/97tWjv1qw84OT9d+/frhZ/4bT7P/09YfvenzXzXsOrGmvH0Iodav/3ge3h2v+dO+jnfsf7li49cm3HjtEce3QomP7Vu0t3tJeP+qonzz/nx19atePn/juC0n95LciyxbPtX6qo/7rO66Yeu2RtQva66d67P+Vu98Y2Vz6zh87979+4P0/c+Nz97y5Ln64cwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODiMl0dnSiPjVdSUQhRj5xaF8lYOhvHpQHqvn3H4ffu3vmjH7bGigOsAwAAAPSX9OGzvX8+FEM2ZMPwTN//8/KGO7cePLIlFOqjUeOcmdz8wNZPbty87b71uXN06wAAAMAcJf1/phkphFxmSRhq9P9jm7atOXLTvlTS/6eS/n/jvZMblodm3us7rph67ZG1C5rvCUKY+VlA/mTeZ2bzbrv1cOHYn7++tGveytm8Q9Gxfav2Fm9J8kJr3orQfD/xzI3P3fPmuvjh5v215n3qa5sn19fjybrDdz2+6+Y9B9Y099E4DzfWTfImU7srqz/cXU3y0o1zvrHvvjYP9OcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAvadHV0ojw2XgnpEKIeObUukrF0No5LA9RdveSXj156/MWFrbFcZoCFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgv+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhv/5CpKriOICfOzPbjjO7uptBW9G6WlHYQ1IQUS8VFaERQk+GhKX5EAVBRGEPaWgkVvQSZL1IVFBtIRTkJokma/RPeumhggLrIRBpoRykh4rdOWecve5t8q4F1ecDw9lz7r3f+7v3nLk7FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+Ffpr43MtIe2PdS6/fybP3ni3uOP3/r+A1sufeyNH8bW3/jx7sarJyY3LN349U2L1++9b+XEzpcO/DL47m9HegY/2m6Wx249hOxYFkL9g6nnn5z89NzpsSyEUD0r7nBgOMslrPg1hLChU+fsje8cv2rjdLtlR/+s8UW5kPx1hWY11dM2NLte/lvqcZ1taj1yefj2hjVbP1/y9lt940c3n9wlq3etpxAWrus+vi+EsCB+pqXVNpIOju3qEEKj67hretR10V+s/4qC/gWxTV+fZo+ctH1Zrl/J7ZfvJ325ttHjfPNVVEfZ/XoZyPXzD6P5KqozjQ/H9r3YLj/N/Gr6ZKGShVqn/Puzk2skdM1bFrKZuax3+pXO3IZ4/bl+lutXcv1qX+66Zs4bF1o1y2aPp/1y4+lxXIvjS7uf1XO4o2D8vNjW4xf1ROqH/B9tzVP+6FzXjFTX1J/U8k+odD2D5hrvTHycjGYca2Znn3LM73NI2ybXPH1Jde2Hh4YK6sh2ZzE/K5W/6bPhgbve3P7wSFH+ukrMr5TK/27V4Z/u3P7yi4X5z6X8aqn8K/c1jq06uG1Z4f2ZSvenVir/7iMfPbPknHvGC+vflfLrpfKvnzjcP9jat7+w/hXp/iwolf/Ndbd8//qXe44W5oeU3yiVv3biwWf7R1uXFebvT/enWW79/Dx+9Vejoz+OFeV/kfIHS+W/tnnnta8s2rGycH5Xp/szVCr/tov3bh1o7bmw6NmZ7TpT/zkB/p8Wx99YT8V++z3zYDjd98z56npfeGGs1v7NNxA/g2fyRDnT51n4N+YDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAf7MABCQAAAICg/6/bESgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwVAAAAP//C8Is7A==")
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_GET(r1, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x50, r2, 0x2, 0x70bd26, 0x25dfdbfd, {}, [@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @pci={{0x8}, {0x11}}]}, 0x50}, 0x1, 0x0, 0x0, 0x40084}, 0x8000)
r3 = syz_open_dev$loop(&(0x7f0000000080), 0x7, 0x230a00)
ioctl$LOOP_SET_BLOCK_SIZE(r3, 0x4c09, 0x8001)
[ 78.103519][ T1313] ieee802154 phy0 wpan0: encryption failed: -22
[ 78.120243][ T49] Bluetooth: hci0: command tx timeout
[ 78.155619][ T1313] ieee802154 phy1 wpan1: encryption failed: -22
[ 78.830959][ T5328] loop0: detected capacity change from 0 to 32768
[ 78.895520][ T5328] bcachefs (/dev/loop0): error reading default superblock: checksum error, type none: got should be
[ 79.176089][ T5328] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names,read_only
[ 79.176089][ T5328] allowing incompatible features above 0.0: (unknown version)
[ 79.205509][ T5328] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[ 79.213619][ T5328] bcachefs (loop0): superblock requires following recovery passes to be run:
[ 79.213619][ T5328] check_inodes,check_extents,check_dirents
[ 79.230511][ T5328] bcachefs (loop0): invalid bkey in btree_node btree=extents level=0: u64s 7 type inline_data 536870912:8:U32_MAX len 0 ver 0: datalen 16: 73797a6b616c6c657273000000000000
[ 79.230534][ T5328] size == 0, deleting
[ 79.267793][ T5328] bcachefs (loop0): flagging btree extents lost data
[ 79.273540][ T5328] bcachefs (loop0): running explicit recovery pass check_topology (2), currently at recovery_pass_empty (0)
[ 79.280001][ T5328] bcachefs (loop0): running explicit recovery pass check_allocations (8), currently at recovery_pass_empty (0)
[ 79.296024][ T5328] bcachefs (loop0): running explicit recovery pass check_lrus (14), currently at recovery_pass_empty (0)
[ 79.303319][ T5328] bcachefs (loop0): running explicit recovery pass check_backpointers_to_extents (16), currently at recovery_pass_empty (0)
[ 79.321622][ T5328] bcachefs (loop0): running explicit recovery pass scan_for_btree_nodes (1), currently at recovery_pass_empty (0)
[ 79.340612][ T5328] bcachefs (loop0): error reading btree root btree=extents level=0: btree_node_read_error, fixing
[ 79.364758][ T5328] bcachefs (loop0): bcachefs (loop0): error validating btree node on loop0 at btree inodes level 0/0
[ 79.364780][ T5328] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7589ab5e0c11cc7a written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0
[ 79.364791][ T5328] node offset 0/24: incorrect min_key: got 0:0:U32_MAX should be POS_MIN, btree topology error:
[ 79.411828][ T5328] bcachefs (loop0): flagging btree inodes lost data
[ 79.420911][ T5328] bcachefs (loop0): error reading btree root btree=inodes level=0: btree_node_read_error, fixing
[ 79.450917][ T5328] bcachefs (loop0): bcachefs (loop0): error validating btree node on loop0 at btree freespace level 0/0
[ 79.450937][ T5328] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0
[ 79.450948][ T5328] node offset 0/32 bset u64s 0: checksum error, type none: got should be , fixing
[ 79.497821][ T5328] bcachefs (loop0): btree_node_read_work: rewriting btree node at due to error
[ 79.497821][ T5328] btree=freespace level=0 u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0
[ 79.526066][ T5328] bcachefs (loop0): scan_for_btree_nodes...
[ 79.528746][ T5338] bcachefs (loop0): invalid bkey in btree_node btree=extents level=0: u64s 7 type inline_data 536870912:8:U32_MAX len 0 ver 0: datalen 16: 73797a6b616c6c657273000000000000
[ 79.528767][ T5338] size == 0, deleting
[ 79.565718][ T5328] bcachefs (loop0): btree node scan found 2 nodes after overwrites
[ 79.577646][ T5328] done
[ 79.579728][ T5328] bcachefs (loop0): check_topology...
[ 79.582067][ T5328] bcachefs (loop0): btree root extents unreadable, must recover from scan
[ 79.600733][ T5328] bcachefs (loop0): no nodes found for btree extents, continuing
[ 79.627768][ T5328] bcachefs (loop0): btree root inodes unreadable, must recover from scan
[ 79.645088][ T5328] bcachefs (loop0): no nodes found for btree inodes, continuing
[ 79.648718][ T5328] done
[ 79.675119][ T5328] bcachefs (loop0): accounting_read... done
[ 79.678538][ T5328] bcachefs (loop0): alloc_read... done
[ 79.681918][ T5328] bcachefs (loop0): snapshots_read... done
[ 79.714439][ T5328] bcachefs (loop0): check_allocations...
[ 79.717144][ T5328] bcachefs (loop0): btree ptr not marked in member info btree allocated bitmap
[ 79.717177][ T5328] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0, fixing
[ 79.773565][ T5328] bcachefs (loop0): btree ptr not marked in member info btree allocated bitmap
[ 79.773584][ T5328] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing
[ 79.800304][ T5328] bcachefs (loop0): btree ptr not marked in member info btree allocated bitmap
[ 79.800321][ T5328] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c0bef60d07ceb940 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing
[ 79.839118][ T5328] bcachefs (loop0): btree ptr not marked in member info btree allocated bitmap
[ 79.839137][ T5328] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ebb8d5a9e3463bdb written 16 min_key POS_MIN durability: 1 ptr: 0:32:0 gen 0, fixing
[ 79.857115][ T5328] bcachefs (loop0): btree ptr not marked in member info btree allocated bitmap
[ 79.857134][ T5328] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing
[ 79.886293][ T5328] bcachefs (loop0): bucket 0:27 gen 0 has wrong data_type: got btree, should be need_discard, fixing
[ 79.891123][ T5328] bcachefs (loop0): bucket 0:27 gen 0 data type need_discard has wrong dirty_sectors: got 256, should be 0, fixing
[ 79.918333][ T5328] bcachefs (loop0): bucket 0:34 gen 0 has wrong data_type: got user, should be need_discard, fixing
[ 79.938313][ T5328] bcachefs (loop0): bucket 0:34 gen 0 data type need_discard has wrong dirty_sectors: got 16, should be 0, fixing
[ 79.948389][ T5328] bcachefs (loop0): bucket 0:38 gen 0 has wrong data_type: got btree, should be need_discard, fixing
[ 79.957811][ T5328] bcachefs (loop0): bucket 0:38 gen 0 data type need_discard has wrong dirty_sectors: got 256, should be 0, fixing
[ 79.967937][ T5328] done
[ 79.977182][ T5328] bcachefs (loop0): going read-write
[ 79.988932][ T5328] bcachefs (loop0): journal_replay... done
[ 80.091353][ T5328] bcachefs (loop0): check_lrus...
[ 80.106243][ T5328] bcachefs (loop0): incorrect lru entry: lru fragmentation time 134217728
[ 80.106265][ T5328] u64s 5 type set 18446462598867058688:34:0 len 0 ver 0
[ 80.106272][ T5328] for u64s 13 type alloc_v4 0:34:0 len 0 ver 0:
[ 80.106278][ T5328] gen 0 oldest_gen 0 data_type need_discard
[ 80.106284][ T5328] journal_seq_nonempty 5
[ 80.106289][ T5328] journal_seq_empty 134217728
[ 80.106295][ T5328] need_discard 1
[ 80.106301][ T5328] need_inc_gen 1
[ 80.106306][ T5328] dirty_sectors 0
[ 80.106311][ T5328] stripe_sectors 0
[ 80.106317][ T5328] cached_sectors 0
[ 80.106322][ T5328] stripe 0
[ 80.106327][ T5328] stripe_redundancy 0
[ 80.106332][ T5328] io_time[READ] 1
[ 80.106337][ T5328] io_time[WRITE] 512
[ 80.106342][ T5328] fragmentation 0
[ 80.106348][ T5328] bp_start 8
[ 80.106354][ T5328] , fixing
[ 80.196200][ T4675] Bluetooth: hci0: command tx timeout
[ 80.238693][ T5328] done
[ 80.241458][ T5328] bcachefs (loop0): check_backpointers_to_extents...
[ 80.242362][ T5328] bcachefs (loop0): backpointer doesn't match btree node it points to:
[ 80.242382][ T5328] u64s 9 type backpointer 0:7077888:0 len 0 ver 0: bucket=0:27:0 btree=extents level=1 data_type=btree suboffset=0 len=256 gen=0 pos=SPOS_MAX
[ 80.242392][ T5328] u64s 5 type btree_ptr SPOS_MAX len 0 ver 0, fixing
[ 80.317392][ T5328] bcachefs (loop0): backpointer doesn't match extent it points to:
[ 80.317407][ T5328] u64s 9 type backpointer 0:8912896:0 len 0 ver 0: bucket=0:34:0 btree=extents level=0 data_type=user suboffset=0 len=8 gen=0 pos=4099:8:U32_MAX
[ 80.317416][ T5328] u64s 5 type deleted 4099:8:U32_MAX len 0 ver 0, fixing
[ 80.370111][ T5328] bcachefs (loop0): backpointer doesn't match extent it points to:
[ 80.370126][ T5328] u64s 9 type backpointer 0:8921088:0 len 0 ver 0: bucket=0:34:8 btree=extents level=0 data_type=user suboffset=0 len=8 gen=0 pos=536870913:24:U32_MAX
[ 80.370135][ T5328] u64s 5 type deleted 536870913:24:U32_MAX len 0 ver 0, fixing
[ 80.399092][ T5328] done
[ 80.414888][ T5328] bcachefs (loop0): check_inodes... done
[ 80.417985][ T5328] bcachefs (loop0): check_extents... done
[ 80.424725][ T5328] bcachefs (loop0): check_dirents...
[ 80.445933][ T5328] bcachefs (loop0): hash table key at wrong offset: btree dirents inode 4096 offset 189491840996961599, hashed to 3322101332976750527
[ 80.445951][ T5328] u64s 7 type dirent 4096:189491840996961599:U32_MAX len 0 ver 0: file0 -> 4098 type dir, fixing
[ 80.505630][ T5328] bcachefs (loop0): hash table key at wrong offset: btree dirents inode 4096 offset 1896155912177158345, hashed to 9001446117456207670
[ 80.505649][ T5328] u64s 7 type dirent 4096:1896155912177158345:U32_MAX len 0 ver 0: file3 -> 536870913 type reg, fixing
[ 80.543414][ T5328] bcachefs (loop0): hash table key at wrong offset: btree dirents inode 4096 offset 2695648408715017799, hashed to 2650337612065911542
[ 80.543430][ T5328] u64s 7 type dirent 4096:2695648408715017799:U32_MAX len 0 ver 0: file2 -> 536870913 type reg, fixing
[ 80.577487][ T5328] bcachefs (loop0): dirent points to missing inode:
[ 80.577502][ T5328] u64s 7 type dirent 4096:3322101332976750527:U32_MAX len 0 ver 0: file0 -> 4098 type dir, fixing
[ 80.608451][ T5328] bcachefs (loop0): hash table key at wrong offset: btree dirents inode 4096 offset 4330382808765825483, hashed to 1074315510896038869
[ 80.608468][ T5328] u64s 7 type dirent 4096:4330382808765825483:U32_MAX len 0 ver 0: file1 -> 536870912 type reg, fixing
[ 80.646861][ T5328] bcachefs (loop0): hash table key at wrong offset: btree dirents inode 4096 offset 8130059955150870709, hashed to 5099834245146042359
[ 80.646878][ T5328] u64s 8 type dirent 4096:8130059955150870709:U32_MAX len 0 ver 0: lost+found� -> 4097 type dir, fixing
[ 80.694734][ T5328] bcachefs (loop0): dirent points to missing inode:
[ 80.694750][ T5328] u64s 7 type dirent 4096:9001446117456207670:U32_MAX len 0 ver 0: file3 -> 536870913 type reg, fixing
[ 80.708491][ T5328] bcachefs (loop0): hash table key at wrong offset: btree dirents inode 4096 offset 9097378837824744618, hashed to 5564653718717691911
[ 80.708508][ T5328] u64s 8 type dirent 4096:9097378837824744618:U32_MAX len 0 ver 0: file.cold -> 536870914 type reg, fixing
[ 80.751276][ T5328] bcachefs (loop0): hash table key at wrong offset: btree dirents inode 4098 offset 5675548428000973578, hashed to 1809674344710535942
[ 80.751292][ T5328] u64s 7 type dirent 4098:5675548428000973578:U32_MAX len 0 ver 0: file1 -> 4100 type lnk, fixing
[ 80.775154][ T5328] bcachefs (loop0): hash table key at wrong offset: btree dirents inode 4098 offset 8977922886548783724, hashed to 2431978315563461564
[ 80.775182][ T5328] u64s 7 type dirent 4098:8977922886548783724:U32_MAX len 0 ver 0: file0 -> 4099 type reg, fixing
[ 80.810565][ T5328] done
[ 80.818608][ T5328] bcachefs (loop0): resume_logged_ops... done
[ 80.848406][ T5328] bcachefs (loop0): delete_dead_inodes... done
[ 80.860982][ T5328] bcachefs (loop0): Fixed errors, running fsck a second time to verify fs is clean
[ 80.888150][ T5328] bcachefs (loop0): check_lrus... done
[ 80.906408][ T5328] bcachefs (loop0): check_backpointers_to_extents... done
[ 80.911786][ T5328] bcachefs (loop0): check_inodes... done
[ 80.916317][ T5328] bcachefs (loop0): check_extents... done
[ 80.925080][ T5328] bcachefs (loop0): check_dirents...
[ 80.925497][ T5328] bcachefs (loop0): dirent points to missing inode:
[ 80.925509][ T5328] u64s 7 type dirent 4096:1074315510896038869:U32_MAX len 0 ver 0: file1 -> 536870912 type reg, fixing
[ 80.952568][ T5328] bcachefs (loop0): dirent points to missing inode:
[ 80.952590][ T5328] u64s 7 type dirent 4096:2650337612065911542:U32_MAX len 0 ver 0: file2 -> 536870913 type reg, fixing
[ 80.961725][ T5328] bcachefs (loop0): dirent points to missing inode:
[ 80.961738][ T5328] u64s 8 type dirent 4096:5099834245146042359:U32_MAX len 0 ver 0: lost+found� -> 4097 type dir, fixing
[ 80.977265][ T5328] bcachefs (loop0): dirent points to missing inode:
[ 80.977279][ T5328] u64s 8 type dirent 4096:5564653718717691911:U32_MAX len 0 ver 0: file.cold -> 536870914 type reg, fixing
[ 81.015716][ T5328] bcachefs (loop0): fsck counted subdirectories wrong for inum 4096:4294967295: got 1 should be 0
[ 81.045346][ T5328] bcachefs (loop0): dirent points to missing inode:
[ 81.045360][ T5328] u64s 7 type dirent 4098:1809674344710535942:U32_MAX len 0 ver 0: file1 -> 4100 type lnk, fixing
[ 81.076689][ T5328] ==================================================================
[ 81.087779][ T5328] BUG: KASAN: use-after-free in bch2_check_dirents+0x2aac/0x3b90
[ 81.095860][ T5328] Read of size 1 at addr ffff888056820170 by task syz.0.0/5328
[ 81.099096][ T5328]
[ 81.100260][ T5328] CPU: 0 UID: 0 PID: 5328 Comm: syz.0.0 Not tainted 6.15.0-rc2-syzkaller-00404-g8560697b23dc #0 PREEMPT(full)
[ 81.100276][ T5328] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 81.100284][ T5328] Call Trace:
[ 81.100292][ T5328]
[ 81.100298][ T5328] dump_stack_lvl+0x241/0x360
[ 81.100320][ T5328] ? __pfx_dump_stack_lvl+0x10/0x10
[ 81.100335][ T5328] ? __virt_addr_valid+0x183/0x530
[ 81.100351][ T5328] ? rcu_is_watching+0x15/0xb0
[ 81.100362][ T5328] ? __virt_addr_valid+0x183/0x530
[ 81.100375][ T5328] ? lock_release+0x4e/0x3e0
[ 81.100390][ T5328] ? __virt_addr_valid+0x183/0x530
[ 81.100403][ T5328] ? __virt_addr_valid+0x183/0x530
[ 81.100416][ T5328] print_report+0x16e/0x5b0
[ 81.100426][ T5328] ? __virt_addr_valid+0x183/0x530
[ 81.100437][ T5328] ? __virt_addr_valid+0x183/0x530
[ 81.100449][ T5328] ? __virt_addr_valid+0x45f/0x530
[ 81.100463][ T5328] ? __phys_addr+0xba/0x170
[ 81.100475][ T5328] ? bch2_check_dirents+0x2aac/0x3b90
[ 81.100492][ T5328] kasan_report+0x143/0x180
[ 81.100502][ T5328] ? bch2_check_dirents+0x2aac/0x3b90
[ 81.100518][ T5328] bch2_check_dirents+0x2aac/0x3b90
[ 81.100544][ T5328] ? __pfx_bch2_check_dirents+0x10/0x10
[ 81.100559][ T5328] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 81.100635][ T5328] ? __pfx__prb_read_valid+0x10/0x10
[ 81.100646][ T5328] ? console_flush_all+0xda3/0xec0
[ 81.100658][ T5328] ? up+0x111/0x1c0
[ 81.100674][ T5328] ? __pfx___console_unlock+0x10/0x10
[ 81.100685][ T5328] ? __pfx_prb_read_valid+0x10/0x10
[ 81.100696][ T5328] ? is_printk_cpu_sync_owner+0x32/0x40
[ 81.100710][ T5328] ? console_unlock+0x2fe/0x3b0
[ 81.100721][ T5328] ? __lock_acquire+0xad5/0xd80
[ 81.100736][ T5328] ? irq_work_queue+0xd1/0x150
[ 81.100753][ T5328] ? __pfx_vprintk_emit+0x10/0x10
[ 81.100770][ T5328] ? bch2_check_dirents+0x2fd/0x3b90
[ 81.100786][ T5328] bch2_run_recovery_pass+0xf0/0x1e0
[ 81.100802][ T5328] bch2_run_recovery_passes+0x2ad/0xa90
[ 81.100819][ T5328] bch2_fs_recovery+0x2c65/0x3e20
[ 81.100834][ T5328] ? __pfx_bch2_fs_recovery+0x10/0x10
[ 81.100849][ T5328] ? __lock_acquire+0xad5/0xd80
[ 81.100870][ T5328] ? bch2_fs_start+0x279/0x620
[ 81.100884][ T5328] ? up_write+0x1ab/0x590
[ 81.100894][ T5328] ? bch2_get_next_online_dev+0x4ab/0x4e0
[ 81.100908][ T5328] ? bch2_get_next_online_dev+0x2e/0x4e0
[ 81.100920][ T5328] ? __pfx_up_write+0x10/0x10
[ 81.100931][ T5328] ? llist_reverse_order+0x72/0x90
[ 81.100949][ T5328] bch2_fs_start+0x310/0x620
[ 81.100962][ T5328] bch2_fs_get_tree+0x113e/0x18f0
[ 81.100984][ T5328] ? __pfx_bch2_fs_get_tree+0x10/0x10
[ 81.101003][ T5328] ? vfs_parse_monolithic_sep+0x427/0x460
[ 81.101014][ T5328] ? __pfx_vfs_parse_comma_sep+0x10/0x10
[ 81.101024][ T5328] ? rcu_is_watching+0x15/0xb0
[ 81.101035][ T5328] ? apparmor_capable+0x13b/0x1b0
[ 81.101048][ T5328] vfs_get_tree+0x90/0x2b0
[ 81.101062][ T5328] do_new_mount+0x2cf/0xb70
[ 81.101079][ T5328] ? __pfx_do_new_mount+0x10/0x10
[ 81.101096][ T5328] __se_sys_mount+0x38c/0x400
[ 81.101107][ T5328] ? __pfx___se_sys_mount+0x10/0x10
[ 81.101119][ T5328] ? __x64_sys_mount+0x20/0xc0
[ 81.101130][ T5328] do_syscall_64+0xf3/0x210
[ 81.101142][ T5328] ? clear_bhb_loop+0x45/0xa0
[ 81.101163][ T5328] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 81.101174][ T5328] RIP: 0033:0x7fd0ecd8f90a
[ 81.101187][ T5328] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 81.101196][ T5328] RSP: 002b:00007fd0edb2de68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 81.101208][ T5328] RAX: ffffffffffffffda RBX: 00007fd0edb2def0 RCX: 00007fd0ecd8f90a
[ 81.101217][ T5328] RDX: 0000200000000000 RSI: 0000200000000040 RDI: 00007fd0edb2deb0
[ 81.101224][ T5328] RBP: 0000200000000000 R08: 00007fd0edb2def0 R09: 0000000001000001
[ 81.101231][ T5328] R10: 0000000001000001 R11: 0000000000000246 R12: 0000200000000040
[ 81.101238][ T5328] R13: 00007fd0edb2deb0 R14: 0000000000005968 R15: 0000200000000240
[ 81.101249][ T5328]
[ 81.101253][ T5328]
[ 81.503036][ T5328] The buggy address belongs to the physical page:
[ 81.513132][ T5328] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x56820
[ 81.518234][ T5328] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 81.520909][ T5328] page_type: f0(buddy)
[ 81.522473][ T5328] raw: 04fff00000000000 ffff88805ffd6f08 ffff88805ffd6f08 0000000000000000
[ 81.535851][ T5328] raw: 0000000000000000 0000000000000005 00000000f0000000 0000000000000000
[ 81.542078][ T5328] page dumped because: kasan: bad access detected
[ 81.554883][ T5328] page_owner tracks the page as freed
[ 81.557421][ T5328] page last allocated via order 5, migratetype Unmovable, gfp_mask 0x52800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP), pid 5339, tgid 5339 (bch-reclaim/loo), ts 80834952970, free_ts 81076337625
[ 81.574534][ T5328] post_alloc_hook+0x1f4/0x240
[ 81.577225][ T5328] get_page_from_freelist+0x360a/0x37a0
[ 81.580182][ T5328] __alloc_frozen_pages_noprof+0x211/0x5b0
[ 81.593865][ T5328] __alloc_pages_noprof+0xa/0x30
[ 81.597929][ T5328] ___kmalloc_large_node+0x92/0x210
[ 81.602492][ T5328] __kmalloc_large_node_noprof+0x1a/0x80
[ 81.605883][ T5328] __kvmalloc_node_noprof+0x7c/0x5a0
[ 81.608503][ T5328] btree_node_sort+0x67c/0x1870
[ 81.614719][ T5328] bch2_btree_post_write_cleanup+0x11a/0xaa0
[ 81.623888][ T5328] bch2_btree_node_write_trans+0x18a/0x7a0
[ 81.626382][ T5328] __btree_node_flush+0x3a1/0x470
[ 81.633516][ T5328] bch2_btree_node_flush0+0x27/0x40
[ 81.635611][ T5328] journal_flush_pins+0x89b/0xe40
[ 81.638300][ T5328] __bch2_journal_reclaim+0x789/0xda0
[ 81.640487][ T5328] bch2_journal_reclaim_thread+0x16d/0x580
[ 81.657642][ T5328] kthread+0x7b7/0x940
[ 81.660623][ T5328] page last free pid 5328 tgid 5327 stack trace:
[ 81.663135][ T5328] __free_pages_ok+0xb1d/0xda0
[ 81.665450][ T5328] __folio_put+0x2b5/0x360
[ 81.667327][ T5328] free_large_kmalloc+0x143/0x1e0
[ 81.671661][ T5328] kfree+0x216/0x430
[ 81.673277][ T5328] btree_node_sort+0x1124/0x1870
[ 81.675223][ T5328] bch2_btree_post_write_cleanup+0x11a/0xaa0
[ 81.677643][ T5328] bch2_btree_node_prep_for_write+0x35a/0x670
[ 81.697181][ T5328] bch2_trans_lock_write+0x66f/0xb60
[ 81.699350][ T5328] __bch2_trans_commit+0x3252/0x9da0
[ 81.701590][ T5328] bch2_check_dirents+0x2801/0x3b90
[ 81.703936][ T5328] bch2_run_recovery_pass+0xf0/0x1e0
[ 81.706135][ T5328] bch2_run_recovery_passes+0x2ad/0xa90
[ 81.713642][ T5328] bch2_fs_recovery+0x2c65/0x3e20
[ 81.715762][ T5328] bch2_fs_start+0x310/0x620
[ 81.722872][ T5328] bch2_fs_get_tree+0x113e/0x18f0
[ 81.725153][ T5328] vfs_get_tree+0x90/0x2b0
[ 81.726965][ T5328]
[ 81.727984][ T5328] Memory state around the buggy address:
[ 81.735143][ T5328] ffff888056820000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 81.740742][ T5328] ffff888056820080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 81.754622][ T5328] >ffff888056820100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 81.758338][ T5328] ^
[ 81.761868][ T5328] ffff888056820180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 81.774393][ T5328] ffff888056820200: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 81.778110][ T5328] ==================================================================
[ 81.804506][ T5328] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 81.815015][ T5328] CPU: 0 UID: 0 PID: 5328 Comm: syz.0.0 Not tainted 6.15.0-rc2-syzkaller-00404-g8560697b23dc #0 PREEMPT(full)
[ 81.819376][ T5328] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 81.833663][ T5328] Call Trace:
[ 81.834990][ T5328]
[ 81.836339][ T5328] dump_stack_lvl+0x241/0x360
[ 81.838483][ T5328] ? __pfx_dump_stack_lvl+0x10/0x10
[ 81.842320][ T5328] ? __pfx__printk+0x10/0x10
[ 81.854913][ T5328] ? vscnprintf+0x5d/0x90
[ 81.857024][ T5328] panic+0x349/0x880
[ 81.859042][ T5328] ? check_panic_on_warn+0x21/0xb0
[ 81.861974][ T5328] ? __pfx_panic+0x10/0x10
[ 81.863863][ T5328] ? _raw_spin_unlock_irqrestore+0x134/0x140
[ 81.866788][ T5328] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 81.869329][ T5328] ? print_report+0x519/0x5b0
[ 81.871211][ T5328] check_panic_on_warn+0x86/0xb0
[ 81.889479][ T5328] ? bch2_check_dirents+0x2aac/0x3b90
[ 81.891745][ T5328] end_report+0x77/0x160
[ 81.893381][ T5328] kasan_report+0x154/0x180
[ 81.895226][ T5328] ? bch2_check_dirents+0x2aac/0x3b90
[ 81.897614][ T5328] bch2_check_dirents+0x2aac/0x3b90
[ 81.903363][ T5328] ? __pfx_bch2_check_dirents+0x10/0x10
[ 81.913522][ T5328] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 81.916294][ T5328] ? __pfx__prb_read_valid+0x10/0x10
[ 81.918626][ T5328] ? console_flush_all+0xda3/0xec0
[ 81.923143][ T5328] ? up+0x111/0x1c0
[ 81.924603][ T5328] ? __pfx___console_unlock+0x10/0x10
[ 81.926532][ T5328] ? __pfx_prb_read_valid+0x10/0x10
[ 81.933537][ T5328] ? is_printk_cpu_sync_owner+0x32/0x40
[ 81.944801][ T5328] ? console_unlock+0x2fe/0x3b0
[ 81.947297][ T5328] ? __lock_acquire+0xad5/0xd80
[ 81.952062][ T5328] ? irq_work_queue+0xd1/0x150
[ 81.954848][ T5328] ? __pfx_vprintk_emit+0x10/0x10
[ 81.963214][ T5328] ? bch2_check_dirents+0x2fd/0x3b90
[ 81.966019][ T5328] bch2_run_recovery_pass+0xf0/0x1e0
[ 81.976022][ T5328] bch2_run_recovery_passes+0x2ad/0xa90
[ 81.978965][ T5328] bch2_fs_recovery+0x2c65/0x3e20
[ 81.983395][ T5328] ? __pfx_bch2_fs_recovery+0x10/0x10
[ 81.992894][ T5328] ? __lock_acquire+0xad5/0xd80
[ 81.994945][ T5328] ? bch2_fs_start+0x279/0x620
[ 82.003934][ T5328] ? up_write+0x1ab/0x590
[ 82.006164][ T5328] ? bch2_get_next_online_dev+0x4ab/0x4e0
[ 82.009452][ T5328] ? bch2_get_next_online_dev+0x2e/0x4e0
[ 82.016444][ T5328] ? __pfx_up_write+0x10/0x10
[ 82.021349][ T5328] ? llist_reverse_order+0x72/0x90
[ 82.034761][ T5328] bch2_fs_start+0x310/0x620
[ 82.037003][ T5328] bch2_fs_get_tree+0x113e/0x18f0
[ 82.039751][ T5328] ? __pfx_bch2_fs_get_tree+0x10/0x10
[ 82.042057][ T5328] ? vfs_parse_monolithic_sep+0x427/0x460
[ 82.051224][ T5328] ? __pfx_vfs_parse_comma_sep+0x10/0x10
[ 82.054857][ T5328] ? rcu_is_watching+0x15/0xb0
[ 82.058779][ T5328] ? apparmor_capable+0x13b/0x1b0
[ 82.061754][ T5328] vfs_get_tree+0x90/0x2b0
[ 82.064863][ T5328] do_new_mount+0x2cf/0xb70
[ 82.069325][ T5328] ? __pfx_do_new_mount+0x10/0x10
[ 82.074959][ T5328] __se_sys_mount+0x38c/0x400
[ 82.078404][ T5328] ? __pfx___se_sys_mount+0x10/0x10
[ 82.080898][ T5328] ? __x64_sys_mount+0x20/0xc0
[ 82.083110][ T5328] do_syscall_64+0xf3/0x210
[ 82.085152][ T5328] ? clear_bhb_loop+0x45/0xa0
[ 82.086894][ T5328] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 82.089069][ T5328] RIP: 0033:0x7fd0ecd8f90a
[ 82.090653][ T5328] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 82.110817][ T5328] RSP: 002b:00007fd0edb2de68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 82.123358][ T5328] RAX: ffffffffffffffda RBX: 00007fd0edb2def0 RCX: 00007fd0ecd8f90a
[ 82.135989][ T5328] RDX: 0000200000000000 RSI: 0000200000000040 RDI: 00007fd0edb2deb0
[ 82.148012][ T5328] RBP: 0000200000000000 R08: 00007fd0edb2def0 R09: 0000000001000001
[ 82.157294][ T5328] R10: 0000000001000001 R11: 0000000000000246 R12: 0000200000000040
[ 82.166867][ T5328] R13: 00007fd0edb2deb0 R14: 0000000000005968 R15: 0000200000000240
[ 82.175131][ T5328]
[ 82.178191][ T5328] Kernel Offset: disabled
[ 82.180454][ T5328] Rebooting in 86400 seconds..