program:
syz_mount_image$bcachefs(&(0x7f00000058c0), &(0x7f0000000040)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x10000, &(0x7f0000000500), 0x1, 0x5915, &(0x7f0000010b00)="$eJzs3W2QXFWdMPBzu3synZm8TAJIBJkMgSiCmglvhS+l0UfFB5CKhaWEJwoDmWA0CakkCASU4AMuFGChpaWoH9BCatFoUQWrRErkZRNWUYrVpbaQWt1FP7iFLCmBLGW5ztZM39OZudN3bk93T0jg96tkbt/Tt//n3HNP3+7/6TvTAQAAgFeF3ddt2Xv2Ee/7+eeGX7z6Az/ecE3oLY+VV+MGfeny8perhexP3ZVFY8vsuHjDld/9w8BF7/nZXT3feWnXmqPX/ua9h1x03yfP2HnrNx58Ye49f3u6KG4cT8fvW0+eTUKo/mTPVz6/69HDR8uSEEI56dsewoJk4YMLkvjYkavH7n33X0IIa9KyRZn4d7940trR5TU3dk8on5/Zznh/daum42zb3stOCL9996prf7n4B9/v2vHM9n2bJNVx4ymEeReMf3xXCGF2+n9UHG1xPMZBuzKE0DPucacVtOuYJtu/LGf9yHQ5K132FsSJ9y/JrJcy22XXo67MsqegvnbltaPV7YrMyawnHYob5bUzli9Ilz9Kl8dPM345/k9CKQmVevPXJ/vGSBh33JKQjB3Lan29VD+2Id3/zHqSWS9l1stdmf0aqzcdaOUkmVget8uUx9NxJS0/evy5uoFzcspfmy6r6RP1pbgesjdqeifdqO/XmNiuPVO0ZX8Y7adKTnn3+HGbHoy4O73JwkmPGWkg3rdr1U1Ly6sf2t2X047kriSNn4zVOd34236xYM7Hv3fDpdnX9Xr8C0pp/FJL8X935mPPnXfDt7+eG/+WGL/cUvwT7+959syHr1uS2z97Yv9UWoo/9PQjNy8+9MIdue2/LcavthR/xc7Huufuvf+B3PYPxv6Z3Ur80VPR7+984t5ncuOHGL+npfav3rnpC939e4/Ljf9A7J/e1sbP8ztOfbK//48DefEfj/HnthT/ju23vu32+TeekXt8V8b+6Wsp/lnH3nftnL33HpV37kxu69QrJ8Cr0yHpe6zr0/VW88x2jcsXvjZQqb0PrKZ5zdxOVpQxWs+8GYwPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKvTYSf80+n/8ZG+Zyvpend646lSbRnLZ4WQzA4hbNk6tHnruo0XD3zykks3bxxaPzC0dWB449bNVwyc/KaBzcOb1g9dMXrv4JtPqj1uYUhqy+SoSXWPjIyMlPomlsX6/s+xO3679LT//FMIg4f9ur+S2/5lt264/dAGPzOSFSPv2nDp2b8+5VvpfvWl7erLaVfIadd/nfvX27+05w/HhTD4mqna9chT7/zphAaNFeyLkyp1h1qDupOehu2otzptT+yvytp164cHi/u3nLMf/+/KZ/6y9vIv/rXWv9Xc/Wiyf2evGFlf+uqqs/7nq1fVCg7U417U33EvYvti/1XT/p6X7te8nP2q5OzXdb984ImfHHHDC9vDYOX5xZPrLtqvrnQAdCWvbareWENPsmBCeTXdPh7x+LhlWzdsWrblim1vXrdh6OLhi4c3vnX5yctPHTzl1FOWje35sg7vf6z/9U3u//4ZT/M/vf1H8Wdz46moXUX9Mdqu4v4Y36K851/POZ//8ltvffjsWkHROI9b188n6bJn9DgvD+PG2+S+arRfRf0QQhho1A/PvXBGOPxf111bdB4af2TG/8xIVow8uuTP3zrtm4veUSvYL+f58Q2afJ5PmjnP11u9rz1j/VVNj8eB2r/doZzuV2/Ddi1/9OGum3b/6TP19s2aFS4f2rp18/LazzlpS+ckRzZsV7Y07tfisZ/lkHZLqA/TBuN1VFeotS97/oybZ3u1N72vN1nYcL+y4n27Vt20tLz6od15PZ3cVatxdphbWyavy9lyfeaB5XqDG9V/sI6P/tO/ec9H7vnhyZPGx4m1n0X7leTs1w+euOPL3/ni3/2wc/t1+jsf6/vzv31iaa2gifNKd6N2dfC8Epo5r9RbnZ5XkvHnlRNDKHr+Lc6sFz7/So33p+j5l61n3/aN4w1k1ntDuaXn64n39zx75sPXLcl9vu5p9vl61YS1csHz9QB4XRpVevmeXxMGSrJi5GfXH7L9watXHlErKBrX9a0bjeuTmsg/cvbrp+c92X/JwP//l86dN777prvP/83Qis/WCg6U415N+7ea07/1Vse8c3z/vuWiS9avqZUfuO9/02VB/hNPJVuu2PapofXrhzdvaW6/mn09jfVke7nV19N4dltYsF+lSfs1czea6a9mn2+x/Wta7q+Jz7fekLT0urDtFwvmfPx7N1zaN+lRaUUXlNL4pZbi/+7Mx54774Zvfz03/i0xfqWl+ENPP3Lz4kMv3JEb/7YkjV9tKf6KnY91z917/wO58Qdj+2e3FP+pt7//93c+ce8zufFDjN/bWv8/v+PUJ/v7/5gb//EkrWf0PVIId7940traehK60udbbEfXhHaF7HqSWS9l1svj10u1udZ6BeUkmVget0vLjx7XlkY+mlMe34VVF9WWL8X1kL0xdfmBpjTu3N+ovOh9KgDAK138/D++B42f/w+nb5Qmzhsc8+R+bh4HiXbzsEU5cWMetm8+Z9aE+xel8ePj4zxg/1vC4OjymoHaG/3pznPG50N2njPWc9wxE2O0Os9ZNP++JLMe21WbL6+My0NTk/OaSmhi/n1yPVPPv2d2v3h+fOD6Sc0aGDdvlT1+XemMWaPrHTLtrYxGyBsf2XmxeD1H/7ywcqy+JsdH9jqaeByy19HEeo7ITLi2eh1Nu+MjNnuK8THW5OLPNyYfvzBF/+47fo2jZY/fNI53dXT7mf589uCfN5zZz8NmcF5ywkf5B+u85IE+bxjL435UmpxP/EhOeafmE+PBj+3aM0Vb9gfzicArVcz/42vEaP4/+gb8vzPbFb0Pzb5rjPFyrxMqN25PUd4x+Tq9npZex1fv3PSF7v69x+W+z3mg2et+Nk1Y6ym47qeoH5dm1gv7MedSkKJ8L1tPUb9nr8voDXNb6vc7tt/6ttvn33hGbr+vrL2QFvf7lyeszS3od/lCTvwDMl84fW68z3UMnZk/e9nykfTCp5nKRz6cUz7dfKRn0o36fo056PKRrv3bLgDg4BHz//rnZ2n+/++Z7Yry1uMz6zFebt6a8/4kL2/9YLq8PLN9b/obFdN933zWsfddO2fvvUfl5i23NZuH/v2Etb7CPLS9vDk3j1jZmevFc/OIep7VXp6Y2/56nthenp4bv56nt5dH5/ZPPY9ubx4gN359HuBgz3Nndr7uFZtHp78+23oePXJ1zq6NOSenfLp5dO+kG/X9GiOPBgB4ecX8P76Ni/n/w5nt2n3fnpsXdOh9e/bvgdTjP76/8sqZzvtmOm+d6by+hXmJ/xtCmDwvMeEKhVfO578zPS80s/NkB29ePPXny23mxfUmy4sBADgQxPx/drqen/+3l5/k5p/1/ER+3jD+gZyfT+u6gYM9Pz/Y57/k/y9D/l8n/wcA4EAQ8//4a4/x7//9Y7qe/bv18vSc+PJ0efpU46fpPH2m59nMA5gHKGYeAADglaVrLFOa/Hv2H0uX2d+zz/u9/PNytm9WZex37EO4cOvm4eHzL920Zmjr8PkbL1kzvOX8yzav27p1eGNtu/byxlm57+1j3tgVKml/NN4um7fNT/8ewvycv4eQ3T6GPXLsxuS/h5CtdnbB3xHYd/yaa2/e8StNsX2j8ZF3vPPifzRn+6h+/C/6xInnr91y/rqN6yrrhtav2zY8cbvRrLVnGt+bGbtlWt+bmfkxSWn639/ZmXaUJrWjK+2PvO9nTzLtWJC2ZEHe9x/ktPvn//ylTx878tc7Qxg8rPy6tvovWTHyD+cOf3Dr7l9vGm1/acr217dM21X0faXZ7eP+VNZfsmXrCWsvuXRj9hslWxPnM0r19Rmaz0if/uUm5ydW55RPd36iPOnGganp+QkAACaIn//H97Px88Mvpm+gYnnzeXp7nx/n5umDzeXp2e8lK8rTs9vH/W02T6+2madn6y/K0xtt3yhPz8u78+J/OGf76Wp+nLR3nUfuOLmguXGS/T6DonGS3X664yRpc5xk6y8aJ422bzRO8o57XvwP5Wyfp/nx0N51Obnj4ZbmxsMbM+tF4yG7/XTHQ6nN8ZCtv2g8NNq+0XjIO7558c/O2b5ZE8fH6MAYGxfD5192yeZPjdtupr//ov32zez3f7Sq+fbP7HVfM9/+mb2ubObb3951Zbntf7y9mbDm2z9j3wfZVvv323xterFZ0fVnRfO4q3LKpzuPO2vSjQOTeVx4+cT8P37cE/P/G9Nlpz8GOvi/J21mX+cO/uvvZ/Z9jNfz3Kq2TNGM/cbrOQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBzuiuLxpa7r9uy9+wj3vfzzw2/ePUHfrzhmjdc+d0/DFz0np/d1fOdl3atOXrtb957yEX3ffKMnbd+48EX5t7zt6cLA/fVFsenq9UQkmeTEKo/2fOVz+969PDRsiSEUE76toewIFn44IIkE2HwLyGENfV2Trzz7hdPWju6vObG7gnl8zNBsvsVesuxPRPaGS4v3CMOQtV0nG3be9kJ4bfvXnXtLxf/4PtdO57Zvm+TpDpuPIUw74Lxj+8KIcxO/4+Ko21RfHC6XBlC6Bn3uNMK2nVMk+1flrN+ZLqclS57C+LE+5dk1kuZ7bLrUVdm2VNQX7vy2tHqdkXmZNazJ6N25bUzli9Ilz9Kl8dPM345/k9CKQmVevPXJ/vGSBh33JKQjB3Lan29VD+2Id3/zHqSWS9l1stdmf0aqzcdaOUkmVget8uUx9NxJS0/evy5uoFzcspfmy6r6RP1pbgesjdqeifdqO/XmNiuPVO0ZX8ojTsHNSqvH/j0YPSmZb3JwkmPGWkg3rdr1U1Ly6sf2t2X047kriSNn7QUf9svFsz5+PduuHRRXvwLSmn8Ukvxf3fmY8+dd8O3v54b/5YYv9xS/BPv73n2zIevW5LbP3ti/1Raij/09CM3Lz70wh257b8txq+2FH/Fzse65+69/4Hc9g/G/pndUvyn3v7+39/5xL3P5MYPMX5PS/FX79z0he7+vcflxn8g9k9va+Pn+R2nPtnf/8eBvPiPx/hzW4p/x/Zb33b7/BvPyD2+K2P/9LUU/6xj77t2zt57j8o7dya3deqVE+DV6ZD0Pdb16XqreWa7xuULXxuo1N7zzUn/z+1kRRmj9cybwfgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALwy/eqqkz927rs+tKqShJDkbDPSQLyvPGvFioEW6h16+pGbFx964Y7xZYtaiAMAAAAUi3l4qV5SDYvCZcnscGTD7eMcwZFxLZlYnp1DiHGycwStxil1KE65Q3EqHYrTNWWcUtNxZnWoPd0dilMtiFMNzcWZPWWc5vunp0NxejsUZ06H4sztUJx5HYozv0Nx+qaM0/w4XNChOAs7FOeQDsU5tENxDutQnNd0KM7hHYqTnVOe7jicm255RF6csRvlwjiVpFy/o9F8eqznqDbr6W2yntzX4ybrmd1kPcdkHleaZj3VJut5fZv1JE3W88Y26ykV1BPH7eXZ9sV64lqT4/+KDsXZ1qE4V3YozlUdivOZDsX5bIfiXN1mHIBmxfx/X77XF7or7wg96RknOwsQ893FYz8nv97lnZBivNeFiUnzrGy8bJhsop6Jt3i67ctOIGTiLcmUd02IV6nnI1PEq46PtzRz56T9zbYvO6GQad/xmfLuonjZiQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmEG/uurkj537rg+tCkkY/dfQSAPxvvKsFSsGWqh316qblpZXP7R7fFl3pYVAAAAAQKGYh3fVS6qhu7I8dCezJmxXTecBqul6ua+27J8XVo4uk4HS6M+kJ1kw5eMq6eOWbd2wadmWK7a9ed2GoYuHLx7e+NblJy8/dfCUU09Ztnbd+uHB2s8QugvihRDGph+2XLHtU0Pr1w9v3lIrzLZ/Ufq4Rel6kj6u/y1hcHR5zVj7Q1iY1rc0p77SpPpm7kazxxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/Zdf+Qt086ziAP2+Sk2Rnq43sX1bW09A/o+rQtp5Jp2N5QXCwtaWHgSTT4yiuxeHpWrZ21Bm3gttsUYSNQqn0plKHm8Ob/XFD3B8Kla1a8NQi29Bd6IWy6aQbvZCOSM/Jm5OkSXMaR0/tPp+LvMnz/J7n9z65OPB9TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOF8ma6PjlfJYdTgKIepRU+8imUtn47g0QN+vv7j1x7mRk8tbx3KZATYCAAAA+kpy+FBzJB9ymXRIh2umPi0OLRNhJvcDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfP5O10fFKeax6aRRC1KOm3kUyl87GcWmAvm+///QX3hgZ+XvrWHGAfQAAAID+khyeao7kQzEsCUPRNW11ybOBBR3rO+uSfRZO7dS/rvPZQa+6JbOsu26WdZ/qU7eucd0RAAAA4P9fkv8zzZFCyGXm9cz/CzvW96pb1FGXblwH+a0AAAAA8L9J8n+uOVIMuUyxmdfPzPuvt31O8v7ijrpkfb//2yfrl/VY3+//+Wsb1x0z/9oHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5wk7XR8Up5rJqOQoh61NS7SObS2TguDdB31UvD/7zt0COLW8dymQE2AgAAAPpKcvhM9M6HXGY4DIVLp3L/yC37n/3qs8+PhhCmY342G3Zs2Lbt3lXTr0ndyiOHhn50+N3vnVG3cvp1zg4IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8ZCZro+OV8lj1kiiEqEdNvYtkLp2N49IAfd/60lf++uTxF95pHSsOsA8AAADQX5LDZ7J/PhRDNmTDVVOfWrP+aamO9b2eGQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXj/u+88C3N0xMbLzXG2+88ab5Zq7/MgEAAB+1RSEK9XN09fq5vmsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBCMFkbHa+Ux6r5KISoR029i2QunY3j0gB94xeP5uadfOmV1rHiAPsAAAAA/SU5fCb750MxDIWhcOXUp27PBKbyf+E83iQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwQZmsjY5XymPVeVEIUY+aehfJXDobx6UB+j6xc98XD87/4a2tY7nMABsBAAAAfSU5PNscyYdc5tMhF65tfJ5oXxClG9fuzwVm1m1tWzY863W1tnXpWa/b1XGyTOM00+vyyX6F6WtzXenMdaWWdcXQbF9qWxf2tK2a1+c+AwAAAMyhJP/nmiOFkMvkWnLuz9vqC31ybup83jwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcEGZrI2OV8pj1SgKIepRU+8imUtn47g0QN8HfvfJy77xi93bW8eKA+wDAAAA9Jfk8Jnsnw/FsDB8Iiycyv2h0F6f1P2rcurg4//+2/IQVlx1bCTTc//fvnXzy50vIaTai1IhzG/0i3r0e/0Pj9+/tH7qyRBWXJm+9lz7tW8Z15+rbFy77fCxrWf5YgAAAOAikuT/oeZIIeQy9/TM/0nyPqf8P//+nb+6ovHaSOQdK1KFRr9Uj35fXvr0X5at/se7p/P/2fp9bt/mg1e0NZwe6RDF9fLm7euO3XAglZx6un+6o3/yvXztu+/8Z9OOx05N98+HfGN8QaZb/zNfO1wS1ydSe6trPtxba++f6XH+R37/yvHfLNj9wen+7y8abva/7iznP3v/4dsf3XPjvkPr2vuHEErd+r/3wa3h6j/d/XDn+Yc7Nm795ltfO0Rx/cjiEwdW7y/e1N4/6uiffP+/PP7Enp899oPnk/7Jb0WWL5lt/1RH/9d2Xb7z1YfWL2jvn+px/pfveGNkS+n7f+w8/10Dn/+p65+5880N8YOdUwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABeXydroeKU8Vk1FIUQ9aupdJHPpbByXBuj79m1H37tj909/0jpWHGAfAAAAoL8kh89k/3wohmzIhuGp3P9cZePabYePbQ2F6dmocc1MbLlv22c2bdl+z11zdOcAAADAbORb8n+mOVoIuczSMNTI/+XN29cdu+FAKsn/qST/b7p7YuOK0Kx7bdflO199aP2C5nOCEKZ+FpA/Xff5mbpbbj5aOPHnby3rWrdqpu7I4hMHVu8v3pTUhda6laH5fOKp65+5880N8YPN+2ut++w3t0w0Hk8k+w7f/uieG/cdWtc8R+M63Ng3qZtI7a2u+XBvLalLN675xrkBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDNN1kbHK+WxakiHEPWoqXeRzKWzcVwaoO+apb9++LKTLyxsHctlBtgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sgMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYX9+gmNo4rjAP7ebmK22aRNWsGqmKZVUerBoiCiFxUVaUUKnipFqq09iIIgotSDqbRiqYoXweqliApqlIKCjcXSKqn4r3jxoIJK9SCUYkAbigeVJO9tNtOMq9MqqJ8PDG/fm5nv/Gbey2QXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgX6Wna+l0e2j7/ZO3nHPDR4/edfyRm965d+tFD7/6/fDG6z7c0/vSifFNyzd/ef2SjfvuXj226/mDP/e/9euRjsEPzTQrU7cRQjwWQ2i8O/HMY+MfnzU1FkMI9TgwEsJgXHxwMBYSVv0SQtjUqnPuzjePX755qt26s2fO+KJCSPG+QrOe65kxMLde/lsaaZ1tmXzwkvD1teu2fbrsjde7R4+OzB4SG23rKYSFG9rP7w4hLEjblLzaluaTU7s2hNDbdt6VHeo6/0/Wf2lJ/9zUnpHaZoecvH9FoV8rHFfsZ92FdvZev+1w5WrK6qh6XCd9hX7xZXSqyurM44OpfTu1K/9ifj1vMdRi6GqVf0+cXSOhbd5iiNNz2Wj1a625Den+C/1Y6NcK/Xp34b6mr5sWWj3GueP5uMJ4fh13pfHl7e/qedxaMn52ahvpD/VE7ofihxnNkz607mtarmviD2r5J9Ta3kHzjbcmPk1GM4014+KTzvltHnnf+LonLqyvf+/QQEkdcU9M+bFS/pZPBvtuf23HA0vL8jfUUn6tUv43aw7/eNuOF54rzX8659cr5V+2v/fYmve3ryh9PhP5+XRVyr/jyAdPLjvzztHS+nfn/Eal/GvGDvf0T+4/UFr/qvx8FlTK/+rqG7975fO9R0vzQ87vrZS/fuy+p3qGJi8uzT+Qn0+z2vr5afSKL4aGfhguy/8s5/dXyn95ZNdVLy7aubp0ftfm5zNQKf/mC/Zt65vce17ZuzPuPl3/OQH+n5ak71iPp37V35mnqu33wrPDXTPf+frS1n86L1QwdZ2Ff2M+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwO/swAEJAAAAgKD/r9sRKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATwUAAP//1ig2aw==") (fail_nth: 40)
[ 74.873289][ T5298] Bluetooth: hci0: command tx timeout
[ 74.948053][ T5319] FAULT_INJECTION: forcing a failure.
[ 74.948053][ T5319] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[ 74.953647][ T5319] CPU: 0 UID: 0 PID: 5319 Comm: syz.0.0 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full)
[ 74.953664][ T5319] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 74.953670][ T5319] Call Trace:
[ 74.953676][ T5319]
[ 74.953682][ T5319] dump_stack_lvl+0x189/0x250
[ 74.953768][ T5319] ? __pfx____ratelimit+0x10/0x10
[ 74.953810][ T5319] ? __pfx_dump_stack_lvl+0x10/0x10
[ 74.953830][ T5319] ? __pfx__printk+0x10/0x10
[ 74.953842][ T5319] ? fs_reclaim_acquire+0x7d/0x100
[ 74.953905][ T5319] should_fail_ex+0x414/0x560
[ 74.953922][ T5319] prepare_alloc_pages+0x213/0x610
[ 74.953939][ T5319] __alloc_frozen_pages_noprof+0x123/0x370
[ 74.953955][ T5319] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 74.953972][ T5319] ? policy_nodemask+0x27c/0x720
[ 74.953986][ T5319] alloc_pages_mpol+0x232/0x4a0
[ 74.953999][ T5319] vma_alloc_folio_noprof+0xe4/0x200
[ 74.954016][ T5319] ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[ 74.954032][ T5319] folio_prealloc+0x30/0x180
[ 74.954043][ T5319] do_wp_page+0x1231/0x5800
[ 74.954071][ T5319] ? __pfx_do_wp_page+0x10/0x10
[ 74.954083][ T5319] ? do_raw_spin_lock+0x121/0x290
[ 74.954097][ T5319] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 74.954117][ T5319] __handle_mm_fault+0x1144/0x5620
[ 74.954131][ T5319] ? __lock_acquire+0xab9/0xd20
[ 74.954161][ T5319] ? __pfx___handle_mm_fault+0x10/0x10
[ 74.954175][ T5319] ? lock_vma_under_rcu+0xf8/0x710
[ 74.954190][ T5319] ? lock_vma_under_rcu+0xf8/0x710
[ 74.954199][ T5319] ? __pfx_lock_vma_under_rcu+0x10/0x10
[ 74.954213][ T5319] handle_mm_fault+0x40a/0x8e0
[ 74.954239][ T5319] do_user_addr_fault+0xa81/0x1390
[ 74.954258][ T5319] ? rcu_is_watching+0x15/0xb0
[ 74.954272][ T5319] ? trace_page_fault_user+0x84/0x1e0
[ 74.954285][ T5319] exc_page_fault+0x76/0xf0
[ 74.954301][ T5319] asm_exc_page_fault+0x26/0x30
[ 74.954312][ T5319] RIP: 0033:0x7f60b7050ca3
[ 74.954323][ T5319] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[ 74.954331][ T5319] RSP: 002b:00007f60b802e4a0 EFLAGS: 00010206
[ 74.954341][ T5319] RAX: 0000000000360010 RBX: 00007f60b802e540 RCX: 00007f60ab000000
[ 74.954347][ T5319] RDX: 00007f60b802e6e0 RSI: 0000000000000017 RDI: 00007f60b802e5e0
[ 74.954353][ T5319] RBP: 000000000000005b R08: 000000000000000b R09: 000000000000079f
[ 74.954359][ T5319] R10: 00000000000007ac R11: 00007f60b802e540 R12: 0000000000000001
[ 74.954365][ T5319] R13: 00007f60b722c200 R14: 00000000000000d2 R15: 00007f60b802e5e0
[ 74.954381][ T5319]
[ 74.954513][ T5319] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 75.352788][ T5319] loop0: detected capacity change from 0 to 32768
[ 75.482926][ T5319] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,metadata_target=invalid label 0,noinodes_use_key_cache,gc_reserve_bytes=4.00 PiB,journal_flush_delay=1001,nojournal_transaction_names
[ 75.482945][ T5319] allowing incompatible features above 0.0: (unknown version)
[ 75.482952][ T5319] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 75.507115][ T5319] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[ 75.511467][ T5319] bcachefs (loop0): invalid bkey in superblock btree=extents level=0: u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c6c25c03258c59c5 written 16 min_key POS_MIN durability: 1 ptr: 0:27:0 gen 0
[ 75.511505][ T5319] invalid key type for btree extents (btree_ptr_v2), deleting
[ 75.526557][ T5319] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[ 75.530776][ T5319] bcachefs (loop0): Version upgrade required:
[ 75.530776][ T5319] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[ 75.530776][ T5319] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive
[ 75.530776][ T5319] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance
[ 75.613633][ T5319] bcachefs (loop0): btree node read error at btree inodes level 0/0
[ 75.613670][ T5319] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7589ab5e0c11cc7a written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0
[ 75.613679][ T5319] loop0 node offset 0/24 bset u64s 0: first btree node bset has blacklisted journal seq (0)
[ 75.613685][ T5319] loop0 node offset 0/24 bset u64s 0: found blacklisted bset (journal seq 0) in btree node at offset 0-8/24
[ 75.613690][ T5319] repair success (rewriting node)
[ 75.642767][ T5319] bcachefs (loop0): btree node read error at btree dirents level 0/0
[ 75.642782][ T5319] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0
[ 75.642788][ T5319] loop0 node offset 0/24 bset u64s 0: first btree node bset has blacklisted journal seq (0)
[ 75.642794][ T5319] loop0 node offset 0/24 bset u64s 0: found blacklisted bset (journal seq 0) in btree node at offset 0-8/24
[ 75.642800][ T5319] loop0 node offset 16/24 bset u64s 36: checksum error, type none: got should be
[ 75.642805][ T5319] flagging btree dirents lost data
[ 75.642810][ T5319] running recovery pass check_topology (2), currently at recovery_pass_empty (0)
[ 75.642816][ T5319] running recovery pass check_topology (2), currently at recovery_pass_empty (0)
[ 75.642822][ T5319] running recovery pass scan_for_btree_nodes (1), currently at recovery_pass_empty (0)
[ 75.642828][ T5319] ret fsck_errors_not_fixed
[ 75.693753][ T5319] bcachefs (loop0): error reading btree root btree=dirents level=0: btree_node_read_error, fixing
[ 75.701872][ T5319] bcachefs (loop0): btree node read error at btree xattrs level 0/0
[ 75.701886][ T5319] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 2285c34bed0abe32 written 16 min_key POS_MIN durability: 1 ptr: 0:31:0 gen 0
[ 75.701894][ T5319] loop0 node offset 0/16 bset u64s 0: first btree node bset has blacklisted journal seq (0)
[ 75.701900][ T5319] loop0 node offset 0/16 bset u64s 0: found blacklisted bset (journal seq 0) in btree node at offset 0-8/16
[ 75.701907][ T5319] repair success (rewriting node)
[ 75.727813][ T5319] bcachefs (loop0): invalid bkey in btree_node btree=alloc level=0: u64s 12 type alloc_v4 0:4398046511132:0 len 0 ver 0:
[ 75.727832][ T5319] gen 0 oldest_gen 0 data_type btree
[ 75.727837][ T5319] journal_seq_nonempty 6
[ 75.727842][ T5319] journal_seq_empty 0
[ 75.727846][ T5319] need_discard 1
[ 75.727851][ T5319] need_inc_gen 1
[ 75.727855][ T5319] dirty_sectors 0
[ 75.727860][ T5319] stripe_sectors 0
[ 75.727864][ T5319] cached_sectors 0
[ 75.727868][ T5319] stripe 0
[ 75.727873][ T5319] stripe_redundancy 0
[ 75.727878][ T5319] io_time[READ] 1
[ 75.727883][ T5319] io_time[WRITE] 768
[ 75.727888][ T5319] fragmentation 0
[ 75.727892][ T5319] bp_start 7
[ 75.727897][ T5319]
[ 75.727902][ T5319] invalid data type (got 3 should be 9), deleting
[ 75.772248][ T5319] bcachefs (loop0): btree node read error at btree alloc level 0/0
[ 75.772262][ T5319] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0
[ 75.772269][ T5319] loop0 node offset 0/24 bset u64s 0: first btree node bset has blacklisted journal seq (0)
[ 75.772275][ T5319] loop0 node offset 0/24 bset u64s 0: found blacklisted bset (journal seq 0) in btree node at offset 0-8/24
[ 75.772281][ T5319] node offset 8/24 bset u64s 375 bset byte offset 184: keys out of order: u64s 11 type alloc_v4 0:32:0 len 0 ver 0 > u64s 11 type alloc_v4 0:2:0 len 0 ver 0
[ 75.772289][ T5319] node offset 16/24 bset u64s 60 bset byte offset 200: keys out of order: u64s 12 type alloc_v4 0:4398046511132:0 len 0 ver 0 > u64s 12 type alloc_v4 0:31:0 len 0 ver 0
[ 75.772297][ T5319] flagging btree alloc lost data
[ 75.772302][ T5319] ret fsck_delete_bkey
[ 75.809895][ T5319] bcachefs (loop0): error reading btree root btree=alloc level=0: btree_node_read_error, fixing
[ 75.816361][ T5319] bcachefs (loop0): btree node read error at btree subvolumes level 0/0
[ 75.816373][ T5319] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c0bef60d07ceb940 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0
[ 75.816380][ T5319] loop0 node offset 0/16 bset u64s 0: first btree node bset has blacklisted journal seq (0)
[ 75.816386][ T5319] loop0 node offset 0/16 bset u64s 0: found blacklisted bset (journal seq 0) in btree node at offset 0-8/16
[ 75.816391][ T5319] repair success (rewriting node)
[ 75.843627][ T5319] bcachefs (loop0): btree node read error at btree snapshots level 0/0
[ 75.843640][ T5319] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ebb8d5a9e3000000 written 16 min_key POS_MIN durability: 1 ptr: 0:32:0 gen 0
[ 75.843648][ T5319] loop0 node offset 0/16: got wrong btree node: got
[ 75.843653][ T5319] btree=snapshots level=0 seq ebb8d5a9e3463bdb 1
[ 75.843658][ T5319] min: POS_MIN
[ 75.843663][ T5319] max: SPOS_MAX
[ 75.843667][ T5319] flagging btree snapshots lost data
[ 75.843671][ T5319] running recovery pass reconstruct_snapshots (21), currently at recovery_pass_empty (0)
[ 75.843677][ T5319] ret btree_node_read_validate_error
[ 75.873001][ T5319] bcachefs (loop0): error reading btree root btree=snapshots level=0: btree_node_read_error, fixing
[ 75.879135][ T5319] bcachefs (loop0): btree node read error at btree lru level 0/0
[ 75.879147][ T5319] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 28f61e078e70b95c written 16 min_key POS_MIN durability: 1 ptr: 0:28:0 gen 0
[ 75.879155][ T5319] loop0 node offset 0/16 bset u64s 0: first btree node bset has blacklisted journal seq (0)
[ 75.879162][ T5319] loop0 node offset 0/16 bset u64s 0: found blacklisted bset (journal seq 0) in btree node at offset 0-8/16
[ 75.879169][ T5319] repair success (rewriting node)
[ 75.901942][ T5319] bcachefs (loop0): btree node read error at btree freespace level 0/0
[ 75.901955][ T5319] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0
[ 75.901963][ T5319] loop0 node offset 0/32 bset u64s 0: first btree node bset has blacklisted journal seq (0)
[ 75.901970][ T5319] loop0 node offset 0/32 bset u64s 0: found blacklisted bset (journal seq 0) in btree node at offset 0-8/32
[ 75.901977][ T5319] node offset 8/32 bset u64s 35 bset byte offset 120: keys out of order: u64s 5 type set 0:34359738397:0 len 2 ver 0 > u64s 5 type set 0:32:0 len 2 ver 0
[ 75.901984][ T5319] repair success (rewriting node)
[ 75.958490][ T5319] bcachefs (loop0): btree node read error at btree backpointers level 0/0
[ 75.958504][ T5319] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 4a8b0fa43a9980a6 written 24 min_key POS_MIN durability: 1 ptr: 0:37:0 gen 0
[ 75.958511][ T5319] loop0 node offset 0/24 bset u64s 0: first btree node bset has blacklisted journal seq (0)
[ 75.958517][ T5319] loop0 node offset 0/24 bset u64s 0: found blacklisted bset (journal seq 0) in btree node at offset 0-8/24
[ 75.958524][ T5319] repair success (rewriting node)
[ 75.985728][ T5319] bcachefs (loop0): btree node read error at btree deleted_inodes level 0/0
[ 75.985743][ T5319] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 1db8f60c84bb244c written 8 min_key POS_MIN durability: 1 ptr: 0:42:0 gen 0
[ 75.985751][ T5319] loop0 node offset 0/8 bset u64s 0: first btree node bset has blacklisted journal seq (0)
[ 75.985758][ T5319] loop0 node offset 0/8 bset u64s 0: found blacklisted bset (journal seq 0) in btree node at offset 0-8/8
[ 75.985765][ T5319] repair success (rewriting node)
[ 76.009802][ T5319] bcachefs (loop0): check_topology...
[ 76.010213][ T5319] bcachefs (loop0): btree root dirents unreadable, must recover from scan
[ 76.022086][ T5319] bcachefs (loop0): no nodes found for btree dirents, continuing
[ 76.026464][ T5319] bcachefs (loop0): btree root snapshots unreadable, must recover from scan
[ 76.030159][ T5319] bcachefs (loop0): no nodes found for btree snapshots, continuing
[ 76.034479][ T5319] done
[ 76.037384][ T5319] bcachefs (loop0): accounting_read... done
[ 76.041158][ T5319] bcachefs (loop0): alloc_read... done
[ 76.043995][ T5319] bcachefs (loop0): snapshots_read... done
[ 76.047753][ T5319] bcachefs (loop0): check_allocations...
[ 76.050812][ T5319] bcachefs (loop0): bucket 0:38 data type btree ptr gen 0 missing in alloc btree
[ 76.050835][ T5319] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7589ab5e0c11cc7a written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing
[ 76.067177][ T5319] bcachefs (loop0): bucket 0:31 data type btree ptr gen 0 missing in alloc btree
[ 76.067192][ T5319] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 2285c34bed0abe32 written 16 min_key POS_MIN durability: 1 ptr: 0:31:0 gen 0, fixing
[ 76.080738][ T5319] bcachefs (loop0): bucket 0:35 data type btree ptr gen 0 missing in alloc btree
[ 76.080752][ T5319] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c0bef60d07ceb940 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing
[ 76.093268][ T5319] bcachefs (loop0): bucket 0:28 data type btree ptr gen 0 missing in alloc btree
[ 76.093282][ T5319] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 28f61e078e70b95c written 16 min_key POS_MIN durability: 1 ptr: 0:28:0 gen 0, fixing
[ 76.132128][ T5319] bcachefs (loop0): bucket 0:29 data type btree ptr gen 0 missing in alloc btree
[ 76.132143][ T5319] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing
[ 76.145416][ T5319] bcachefs (loop0): bucket 0:37 data type btree ptr gen 0 missing in alloc btree
[ 76.145426][ T5319] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 4a8b0fa43a9980a6 written 24 min_key POS_MIN durability: 1 ptr: 0:37:0 gen 0, fixing
[ 76.158131][ T5319] bcachefs (loop0): bucket 0:42 data type btree ptr gen 0 missing in alloc btree
[ 76.158144][ T5319] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 1db8f60c84bb244c written 8 min_key POS_MIN durability: 1 ptr: 0:42:0 gen 0, fixing
[ 76.177424][ T5319] done
[ 76.179776][ T5319] bcachefs (loop0): going read-write
[ 76.301279][ T5319] bcachefs (loop0): journal_replay...
[ 76.322666][ T9] bcachefs (loop0): going read-only
[ 76.328935][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[ 76.331504][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[ 76.336983][ T31] bcachefs (loop0): entry in freespace btree for nonexistant dev:bucket 0:33554475, shutting down
[ 76.337000][ T31] error not marked as autofix and not in fsck
[ 76.337004][ T31] run fsck, and forward to devs so error can be marked for self-healing
[ 76.337008][ T31] emergency read only at seq 11
[ 76.352815][ T31] ==================================================================
[ 76.356339][ T31] BUG: KASAN: slab-use-after-free in bch2_bucket_alloc_trans+0x1aa0/0x2410
[ 76.360039][ T31] Read of size 8 at addr ffff88803388f720 by task kworker/u4:2/31
[ 76.363338][ T31]
[ 76.364366][ T31] CPU: 0 UID: 0 PID: 31 Comm: kworker/u4:2 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full)
[ 76.364380][ T31] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 76.364387][ T31] Workqueue: btree_update btree_interior_update_work
[ 76.364403][ T31] Call Trace:
[ 76.364411][ T31]
[ 76.364416][ T31] dump_stack_lvl+0x189/0x250
[ 76.364431][ T31] ? __virt_addr_valid+0x1c8/0x5c0
[ 76.364441][ T31] ? rcu_is_watching+0x15/0xb0
[ 76.364456][ T31] ? __kasan_check_byte+0x12/0x40
[ 76.364467][ T31] ? __pfx_dump_stack_lvl+0x10/0x10
[ 76.364479][ T31] ? rcu_is_watching+0x15/0xb0
[ 76.364493][ T31] ? lock_release+0x4b/0x3e0
[ 76.364507][ T31] ? __virt_addr_valid+0x1c8/0x5c0
[ 76.364517][ T31] ? __virt_addr_valid+0x4a5/0x5c0
[ 76.364526][ T31] print_report+0xd2/0x2b0
[ 76.364539][ T31] ? bch2_bucket_alloc_trans+0x1aa0/0x2410
[ 76.364551][ T31] kasan_report+0x118/0x150
[ 76.364561][ T31] ? bch2_bucket_alloc_trans+0x1aa0/0x2410
[ 76.364601][ T31] bch2_bucket_alloc_trans+0x1aa0/0x2410
[ 76.364618][ T31] ? bch2_bucket_alloc_trans+0xcb4/0x2410
[ 76.364634][ T31] ? __pfx_bch2_bucket_alloc_trans+0x10/0x10
[ 76.364647][ T31] ? bch2_bucket_alloc_trans+0xcb4/0x2410
[ 76.364660][ T31] ? bch2_bucket_alloc_set_trans+0x1eb/0xe70
[ 76.364673][ T31] bch2_bucket_alloc_set_trans+0x5a6/0xe70
[ 76.364686][ T31] ? bch2_bucket_alloc_set_trans+0x1eb/0xe70
[ 76.364700][ T31] ? __open_bucket_add_buckets+0x783/0x1e40
[ 76.364714][ T31] __open_bucket_add_buckets+0x1437/0x1e40
[ 76.364734][ T31] open_bucket_add_buckets+0x2ee/0x440
[ 76.364748][ T31] bch2_alloc_sectors_start_trans+0xe24/0x1e80
[ 76.364763][ T31] ? __mutex_unlock_slowpath+0x1cd/0x700
[ 76.364781][ T31] bch2_btree_reserve_get+0x641/0x1810
[ 76.364797][ T31] ? __pfx_rcu_read_lock_any_held+0x10/0x10
[ 76.364807][ T31] ? __pfx_bch2_btree_reserve_get+0x10/0x10
[ 76.364822][ T31] ? __pfx___bch2_disk_reservation_add+0x10/0x10
[ 76.364835][ T31] ? rcu_is_watching+0x15/0xb0
[ 76.364848][ T31] ? trace_sched_exit_tp+0x38/0x120
[ 76.364860][ T31] ? bch2_btree_update_start+0xadb/0x1dc0
[ 76.364875][ T31] bch2_btree_update_start+0x147e/0x1dc0
[ 76.364891][ T31] ? bch2_btree_split_leaf+0x14b/0x8e0
[ 76.364904][ T31] ? __pfx_bch2_btree_update_start+0x10/0x10
[ 76.364920][ T31] ? schedule+0x91/0x360
[ 76.364938][ T31] ? kthread_data+0x4f/0xc0
[ 76.364947][ T31] ? rcu_is_watching+0x15/0xb0
[ 76.364961][ T31] bch2_btree_split_leaf+0x14b/0x8e0
[ 76.364976][ T31] bch2_trans_commit_error+0x1b7/0x1130
[ 76.364988][ T31] ? btree_interior_update_work+0x1082/0x27d0
[ 76.365000][ T31] ? six_unlock_ip+0x302/0x430
[ 76.365008][ T31] ? __pfx_bch2_trans_commit_error+0x10/0x10
[ 76.365018][ T31] ? bch2_trans_unlock_updates_write+0xc22/0xd50
[ 76.365032][ T31] __bch2_trans_commit+0x1ce8/0x8880
[ 76.365051][ T31] ? btree_interior_update_work+0x1082/0x27d0
[ 76.365061][ T31] ? __pfx___bch2_trans_commit+0x10/0x10
[ 76.365078][ T31] ? btree_interior_update_work+0xe71/0x27d0
[ 76.365088][ T31] btree_interior_update_work+0x1082/0x27d0
[ 76.365103][ T31] ? __pfx_btree_interior_update_work+0x10/0x10
[ 76.365115][ T31] ? _raw_spin_unlock_irq+0x23/0x50
[ 76.365126][ T31] ? process_scheduled_works+0x9ef/0x17b0
[ 76.365140][ T31] ? process_scheduled_works+0x9ef/0x17b0
[ 76.365153][ T31] process_scheduled_works+0xae1/0x17b0
[ 76.365172][ T31] ? __pfx_process_scheduled_works+0x10/0x10
[ 76.365188][ T31] worker_thread+0x8a0/0xda0
[ 76.365207][ T31] kthread+0x70e/0x8a0
[ 76.365219][ T31] ? __pfx_worker_thread+0x10/0x10
[ 76.365232][ T31] ? __pfx_kthread+0x10/0x10
[ 76.365243][ T31] ? _raw_spin_unlock_irq+0x23/0x50
[ 76.365254][ T31] ? lockdep_hardirqs_on+0x9c/0x150
[ 76.365267][ T31] ? __pfx_kthread+0x10/0x10
[ 76.365277][ T31] ret_from_fork+0x3fc/0x770
[ 76.365290][ T31] ? __pfx_ret_from_fork+0x10/0x10
[ 76.365303][ T31] ? __pfx_kthread+0x10/0x10
[ 76.365312][ T31] ret_from_fork_asm+0x1a/0x30
[ 76.365327][ T31]
[ 76.365330][ T31]
[ 76.533258][ T31] Allocated by task 31:
[ 76.535019][ T31] kasan_save_track+0x3e/0x80
[ 76.536938][ T31] __kasan_kmalloc+0x93/0xb0
[ 76.538828][ T31] __kmalloc_node_track_caller_noprof+0x271/0x4e0
[ 76.541642][ T31] krealloc_noprof+0x124/0x340
[ 76.543655][ T31] __bch2_trans_kmalloc+0x26c/0xc80
[ 76.545835][ T31] __bch2_trans_subbuf_alloc+0x2da/0x460
[ 76.548074][ T31] bch2_disk_accounting_mod+0x9d5/0x1160
[ 76.550328][ T31] bch2_alloc_key_to_dev_counters+0x7fc/0x1060
[ 76.552810][ T31] bch2_trigger_alloc+0x1eb7/0x4090
[ 76.555037][ T31] __bch2_trans_commit+0xa69/0x8880
[ 76.557332][ T31] btree_interior_update_work+0x1082/0x27d0
[ 76.559876][ T31] process_scheduled_works+0xae1/0x17b0
[ 76.562317][ T31] worker_thread+0x8a0/0xda0
[ 76.564397][ T31] kthread+0x70e/0x8a0
[ 76.566309][ T31] ret_from_fork+0x3fc/0x770
[ 76.568523][ T31] ret_from_fork_asm+0x1a/0x30
[ 76.570639][ T31]
[ 76.571601][ T31] Freed by task 31:
[ 76.573167][ T31] kasan_save_track+0x3e/0x80
[ 76.575123][ T31] kasan_save_free_info+0x46/0x50
[ 76.577275][ T31] __kasan_slab_free+0x62/0x70
[ 76.579335][ T31] kfree+0x18e/0x440
[ 76.581092][ T31] krealloc_noprof+0x1cd/0x340
[ 76.583234][ T31] __bch2_trans_kmalloc+0x26c/0xc80
[ 76.585477][ T31] __bch2_trans_subbuf_alloc+0x2da/0x460
[ 76.587942][ T31] bch2_trans_log_str+0xd5/0x3c0
[ 76.590083][ T31] __bch2_fsck_err+0xc11/0xfb0
[ 76.592105][ T31] bch2_check_discard_freespace_key+0x569/0xce0
[ 76.594805][ T31] bch2_bucket_alloc_trans+0x1333/0x2410
[ 76.597074][ T31] bch2_bucket_alloc_set_trans+0x5a6/0xe70
[ 76.599380][ T31] __open_bucket_add_buckets+0x1437/0x1e40
[ 76.601841][ T31] open_bucket_add_buckets+0x2ee/0x440
[ 76.604005][ T31] bch2_alloc_sectors_start_trans+0xe24/0x1e80
[ 76.606558][ T31] bch2_btree_reserve_get+0x641/0x1810
[ 76.609006][ T31] bch2_btree_update_start+0x147e/0x1dc0
[ 76.611674][ T31] bch2_btree_split_leaf+0x14b/0x8e0
[ 76.614436][ T31] bch2_trans_commit_error+0x1b7/0x1130
[ 76.617240][ T31] __bch2_trans_commit+0x1ce8/0x8880
[ 76.619788][ T31] btree_interior_update_work+0x1082/0x27d0
[ 76.622466][ T31] process_scheduled_works+0xae1/0x17b0
[ 76.624847][ T31] worker_thread+0x8a0/0xda0
[ 76.626793][ T31] kthread+0x70e/0x8a0
[ 76.628439][ T31] ret_from_fork+0x3fc/0x770
[ 76.630450][ T31] ret_from_fork_asm+0x1a/0x30
[ 76.632523][ T31]
[ 76.633712][ T31] The buggy address belongs to the object at ffff88803388f000
[ 76.633712][ T31] which belongs to the cache kmalloc-2k of size 2048
[ 76.639135][ T31] The buggy address is located 1824 bytes inside of
[ 76.639135][ T31] freed 2048-byte region [ffff88803388f000, ffff88803388f800)
[ 76.645045][ T31]
[ 76.646155][ T31] The buggy address belongs to the physical page:
[ 76.648845][ T31] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x33888
[ 76.652615][ T31] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 76.656090][ T31] flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff)
[ 76.659349][ T31] page_type: f5(slab)
[ 76.661041][ T31] raw: 04fff00000000040 ffff88801a442000 dead000000000122 0000000000000000
[ 76.664478][ T31] raw: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000
[ 76.668001][ T31] head: 04fff00000000040 ffff88801a442000 dead000000000122 0000000000000000
[ 76.671544][ T31] head: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000
[ 76.674966][ T31] head: 04fff00000000003 ffffea0000ce2201 00000000ffffffff 00000000ffffffff
[ 76.678623][ T31] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[ 76.682306][ T31] page dumped because: kasan: bad access detected
[ 76.685025][ T31] page_owner tracks the page as allocated
[ 76.687324][ T31] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4706, tgid 4706 (klogd), ts 76157701456, free_ts 75088035744
[ 76.695415][ T31] post_alloc_hook+0x240/0x2a0
[ 76.697482][ T31] get_page_from_freelist+0x21e4/0x22c0
[ 76.699856][ T31] __alloc_frozen_pages_noprof+0x181/0x370
[ 76.702384][ T31] alloc_pages_mpol+0x232/0x4a0
[ 76.704455][ T31] allocate_slab+0x8a/0x3b0
[ 76.706461][ T31] ___slab_alloc+0xbfc/0x1480
[ 76.708505][ T31] __kmalloc_cache_noprof+0x296/0x3d0
[ 76.710925][ T31] syslog_print+0xd2/0x590
[ 76.712860][ T31] do_syslog+0x544/0x760
[ 76.714680][ T31] __x64_sys_syslog+0x7c/0x90
[ 76.716733][ T31] do_syscall_64+0xfa/0x3b0
[ 76.718736][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 76.721413][ T31] page last free pid 4706 tgid 4706 stack trace:
[ 76.724127][ T31] __free_frozen_pages+0xc71/0xe70
[ 76.726359][ T31] __slab_free+0x326/0x400
[ 76.728263][ T31] qlist_free_all+0x97/0x140
[ 76.730326][ T31] kasan_quarantine_reduce+0x148/0x160
[ 76.732727][ T31] __kasan_slab_alloc+0x22/0x80
[ 76.734875][ T31] kmem_cache_alloc_node_noprof+0x1bb/0x3c0
[ 76.737480][ T31] __alloc_skb+0x112/0x2d0
[ 76.739510][ T31] alloc_skb_with_frags+0xca/0x890
[ 76.741595][ T31] sock_alloc_send_pskb+0x857/0x990
[ 76.743633][ T31] unix_dgram_sendmsg+0x4f6/0x1870
[ 76.745763][ T31] __sock_sendmsg+0x219/0x270
[ 76.747741][ T31] __sys_sendto+0x3bd/0x520
[ 76.749679][ T31] __x64_sys_sendto+0xde/0x100
[ 76.751744][ T31] do_syscall_64+0xfa/0x3b0
[ 76.753723][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 76.756221][ T31]
[ 76.757269][ T31] Memory state around the buggy address:
[ 76.759682][ T31] ffff88803388f600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 76.763078][ T31] ffff88803388f680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 76.766376][ T31] >ffff88803388f700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 76.769851][ T31] ^
[ 76.772052][ T31] ffff88803388f780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 76.775370][ T31] ffff88803388f800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 76.778820][ T31] ==================================================================
[ 76.798370][ T31] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 76.801416][ T31] CPU: 0 UID: 0 PID: 31 Comm: kworker/u4:2 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full)
[ 76.806279][ T31] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 76.810663][ T31] Workqueue: btree_update btree_interior_update_work
[ 76.813565][ T31] Call Trace:
[ 76.815065][ T31]
[ 76.816356][ T31] dump_stack_lvl+0x99/0x250
[ 76.818351][ T31] ? __asan_memcpy+0x40/0x70
[ 76.820406][ T31] ? __pfx_dump_stack_lvl+0x10/0x10
[ 76.822550][ T31] ? __pfx__printk+0x10/0x10
[ 76.824492][ T31] panic+0x2db/0x790
[ 76.826261][ T31] ? __pfx_panic+0x10/0x10
[ 76.828112][ T31] ? _raw_spin_unlock_irqrestore+0xfd/0x110
[ 76.830726][ T31] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 76.833515][ T31] ? print_memory_metadata+0x314/0x400
[ 76.835880][ T31] ? bch2_bucket_alloc_trans+0x1aa0/0x2410
[ 76.838448][ T31] check_panic_on_warn+0x89/0xb0
[ 76.840619][ T31] ? bch2_bucket_alloc_trans+0x1aa0/0x2410
[ 76.843184][ T31] end_report+0x78/0x160
[ 76.845137][ T31] kasan_report+0x129/0x150
[ 76.847073][ T31] ? bch2_bucket_alloc_trans+0x1aa0/0x2410
[ 76.849322][ T31] bch2_bucket_alloc_trans+0x1aa0/0x2410
[ 76.851797][ T31] ? bch2_bucket_alloc_trans+0xcb4/0x2410
[ 76.854300][ T31] ? __pfx_bch2_bucket_alloc_trans+0x10/0x10
[ 76.856914][ T31] ? bch2_bucket_alloc_trans+0xcb4/0x2410
[ 76.859285][ T31] ? bch2_bucket_alloc_set_trans+0x1eb/0xe70
[ 76.861721][ T31] bch2_bucket_alloc_set_trans+0x5a6/0xe70
[ 76.864209][ T31] ? bch2_bucket_alloc_set_trans+0x1eb/0xe70
[ 76.866836][ T31] ? __open_bucket_add_buckets+0x783/0x1e40
[ 76.869331][ T31] __open_bucket_add_buckets+0x1437/0x1e40
[ 76.871794][ T31] open_bucket_add_buckets+0x2ee/0x440
[ 76.874120][ T31] bch2_alloc_sectors_start_trans+0xe24/0x1e80
[ 76.876811][ T31] ? __mutex_unlock_slowpath+0x1cd/0x700
[ 76.879307][ T31] bch2_btree_reserve_get+0x641/0x1810
[ 76.881684][ T31] ? __pfx_rcu_read_lock_any_held+0x10/0x10
[ 76.884435][ T31] ? __pfx_bch2_btree_reserve_get+0x10/0x10
[ 76.887403][ T31] ? __pfx___bch2_disk_reservation_add+0x10/0x10
[ 76.890260][ T31] ? rcu_is_watching+0x15/0xb0
[ 76.892411][ T31] ? trace_sched_exit_tp+0x38/0x120
[ 76.894707][ T31] ? bch2_btree_update_start+0xadb/0x1dc0
[ 76.896852][ T31] bch2_btree_update_start+0x147e/0x1dc0
[ 76.899138][ T31] ? bch2_btree_split_leaf+0x14b/0x8e0
[ 76.901564][ T31] ? __pfx_bch2_btree_update_start+0x10/0x10
[ 76.903990][ T31] ? schedule+0x91/0x360
[ 76.905902][ T31] ? kthread_data+0x4f/0xc0
[ 76.907964][ T31] ? rcu_is_watching+0x15/0xb0
[ 76.910046][ T31] bch2_btree_split_leaf+0x14b/0x8e0
[ 76.912366][ T31] bch2_trans_commit_error+0x1b7/0x1130
[ 76.914836][ T31] ? btree_interior_update_work+0x1082/0x27d0
[ 76.917455][ T31] ? six_unlock_ip+0x302/0x430
[ 76.919563][ T31] ? __pfx_bch2_trans_commit_error+0x10/0x10
[ 76.922238][ T31] ? bch2_trans_unlock_updates_write+0xc22/0xd50
[ 76.924986][ T31] __bch2_trans_commit+0x1ce8/0x8880
[ 76.927156][ T31] ? btree_interior_update_work+0x1082/0x27d0
[ 76.929627][ T31] ? __pfx___bch2_trans_commit+0x10/0x10
[ 76.932150][ T31] ? btree_interior_update_work+0xe71/0x27d0
[ 76.935131][ T31] btree_interior_update_work+0x1082/0x27d0
[ 76.937830][ T31] ? __pfx_btree_interior_update_work+0x10/0x10
[ 76.940467][ T31] ? _raw_spin_unlock_irq+0x23/0x50
[ 76.942641][ T31] ? process_scheduled_works+0x9ef/0x17b0
[ 76.945131][ T31] ? process_scheduled_works+0x9ef/0x17b0
[ 76.947546][ T31] process_scheduled_works+0xae1/0x17b0
[ 76.949839][ T31] ? __pfx_process_scheduled_works+0x10/0x10
[ 76.952381][ T31] worker_thread+0x8a0/0xda0
[ 76.954479][ T31] kthread+0x70e/0x8a0
[ 76.956210][ T31] ? __pfx_worker_thread+0x10/0x10
[ 76.958359][ T31] ? __pfx_kthread+0x10/0x10
[ 76.960557][ T31] ? _raw_spin_unlock_irq+0x23/0x50
[ 76.962913][ T31] ? lockdep_hardirqs_on+0x9c/0x150
[ 76.965172][ T31] ? __pfx_kthread+0x10/0x10
[ 76.967209][ T31] ret_from_fork+0x3fc/0x770
[ 76.969301][ T31] ? __pfx_ret_from_fork+0x10/0x10
[ 76.971551][ T31] ? __pfx_kthread+0x10/0x10
[ 76.973519][ T31] ret_from_fork_asm+0x1a/0x30
[ 76.975612][ T31]
[ 76.977387][ T31] Kernel Offset: disabled
[ 76.979354][ T31] Rebooting in 86400 seconds..