program:
r0 = syz_open_dev$vbi(&(0x7f00000001c0), 0x1, 0x2)
r1 = fcntl$dupfd(r0, 0x0, r0)
recvmmsg(r1, &(0x7f00000002c0)=[{{&(0x7f0000000040)=@pppoe={0x18, 0x0, {0x0, @dev}}, 0x80, &(0x7f0000000180)=[{&(0x7f0000000140)=""/13, 0xd}], 0x1, &(0x7f0000000200)=""/117, 0x75}, 0x800}], 0x1, 0x20, 0x0)
write$binfmt_script(r1, &(0x7f0000000100), 0xfffffd9d) (async)
write$binfmt_script(r1, &(0x7f0000000100), 0xfffffd9d)
syz_mount_image$bcachefs(&(0x7f00000000c0), &(0x7f0000000000)='./file2\x00', 0x810000, &(0x7f0000000280)=ANY=[@ANYRES8=r1], 0x1, 0x5991, &(0x7f000000b6c0)="$eJzs3X+QHNV9IPDXM7Pa0a5WWgkcZDCrRUYJgdha8auwnYqVX3YKCCWKlIM42bCgFZG9EipJBBAkiBz4oAAXTjmV4OQP4sLUYSsuquBiFMqEHycRG5vi4qOuMHX2HfYfviIcqgA6ysVlU7vTb3a2d3p7dmZWLPD5lLQ9703P9327+81Mvze9OwEAAID3hcO37Tl60Ym/+70/G3vz5t/7hx23hP7yVH01rjCYLq9/pzLkWOqtrJ5aZvvFr9z4jZ8NX/Vb332o7+tvHdp6yrYf/c5xVz32+fMP3vvXT74x8Mi/vVwUN/an06fLyatJCNXvHPmLLx569oTJuiSEUE4G94ewMln15MokE2LkFyGErWlhdebOh988a9vk8pY7e2fUr8isp7+/v1XTfrbv6HVnhB//5uZbf7DmW3/Xc+CV/dOrJNWG/hTC8isaH98TQlia/p8Ue1vsj7HTbgoh9DU87ryCvD7cYv7rc8onpcsl6bK/IE5/T225NrN+KbNethz1ZJZ9Be11Ki+PdtcrsixTzr4YdSovz1i/Ml1+O12ePs/45fg/CaUkVOrpjyfTfSQ0HLckJFPHslovl+rHNqTbnyknmXIpUy73ZLZrqt20o5WTZGZ9XC9TH1+OK2n9KY2v1U1cklP/wXRZTZ+ob8VyyN6o6Z91o75dU2JeR+bI5VgoNbwGNauvH/j0YPSndf3JqlmPmWgi3ndo813rylueOjyYk0fyUJLGT9qKv+/7K5d97pt3XJt9X6/Hv6KUxi+1Ff8nFzz32mV3fO2rufHvifHLbcU/8/G+Vy94+ra1ufvnSNw/lbbij778zN1rjr/yQG7+98X41bbibzz4XO/A0cefyM1/JO6fpW3Ff+kTn/rpgy88+kpu/BDj97UVf8vBXV/qHTp6Wm78J+L+6W+v/7x+4NwXh4Z+PpwX//kYf6Ct+A/sv/fj96+48/zc47sp7p/BtuJfeOpjty47+ujJea+dyX3deucEeH86Lj3Huj0ttzvO7FTDeOGvhiu1c75l6f+BbjaUOfmcbGd5N+MDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAjhA2f806f/92cGX62k5d70xkul2jLWLwkhWRpC2LN3dPfe7TuvHv78Ndfu3jk6Pjy6d3hs597dNwyf/WvDu8d2jY/eMHnvyEfOqj1uVUhqy+TkWW33TkxMlAZn1sX2fvvUAz9ed97/+ZcQRj7ww6FKbv7r791x//FNfmYkGyc+uePai354zt+m2zWY5jXYJK+JiYmJkJPX/7307fv//MjPTgth5JfmyuuZl37jH2ckNFUxHSdV6g21hHqTvqZ51LNO84n7q7Jt+/jYyNz7d/Lx5Zzt+A83vvKLbdd/+e3a/q3mbkeL+3fpxonx0l9uvvD//+VNtYqivN6p4160v+NWxPzi/qum+3t5SA5PlpfnbFclZ7tu+8ETL3znxDve2B9GKq+vmd120Xb1pB2gJ/lgS+3GFvqSlTPqq+n68YjHx63fu2PX+j037PvI9h2jV49dPbbzYxvO3nDuyDnnnrN+asvXT29/6Mb2p+2P/1OL239s+tOKP97/7fiztf5UlFfR/pjMq2F/hF+eI6+5n399l3zxKx+79+mLahVF/TyuXX89SZd9k8d5Q2job+mDynNvV9F+CCEMN9sPr71xfjjhf2y/teh1qPHINP7MSDZOPLv2X//2vL9Z/eu1imPyOt+YUJuv8/Wsp/OZ2l/V9HhMLNL925t2jN6kv2leG559uueuw//yJ/X8liwJ14/u3bt7Q+3nsjTTZclJTfPK1sbtWjP1sxzS3RIXDTdm6gm1/LKvn3H17F7tT+/rT1Y13a6seN+hzXetK2956nDenk4eqrW4NAzUlsmHctYczzywXE+4WfuL9flX1D+GPv03j3zmkb8/e1b/OLP2s2i7kpzt+tYLD3zl61/+T3/fve369G88N/iv//OP1tUq3i2vK/Ws03ySxteVM0Moev6tCc23I/f5V2q+PUXPv2w70+s3jzecKfeHclvP1zMf73v1gqdvW5v7fD3S6vP1phmlcsHzdbH0n+zzK6nMzGPhnl8zOkqyceK7tx+3/8mbN51Yqyjq1/W1m/Xrs1oYf+Rs1z9e9uLQNcP/8b9373XjG7/28OU/Gt34p7WK9o97zKU7x72a7t9qzv6tZx3HnY3796NXXTO+tVa/eM9/02XB+Ce+lOy5Yd8XRsfHx3bvaW27Wn0/je1k93K776fx1W1VwXaVZm3Xwt1oZX+1+nyL+W9te3/NfL71h6St94V931+57HPfvOPawVmPShu6opTGL7UV/ycXPPfaZXd87au58e+J8SttxR99+Zm71xx/5YHc+PclafxqW/E3Hnyud+Do40/kxh+J+S9tK/5Ln/jUTx984dFXcuOHGL+/vf3/+oFzXxwa+nlu/OeTtJ3Jc6QQHn7zrG21chJ60udbzKNnRl4hW04y5VKmXG4sl2pzrfUGykkysz6ul9af0pBLM3+YUx/Pwqqra8u3Yjlkb8xdv9iUGl77m9UXnacCALzXxc//4zlo/Px/LD1Ryp9pgGmdjsNW58SN47Dp+ZwlM+5fncaPj4/zgEMfDSOTy1uGayf68/0cIT4fsvOcsZ3TPjwzRrvznEXz72sz5ZhXbb680jAOTc0e11RCC/Pvs9uZe/49s/nF8+PDt89Ka7hh3ip7/HrSGbNm1ztk8q1MRsjrH9l5sXg9x9DysGmqvRb7R/Y6mngcstfRxHZOzLxwtnsdTaf9I6Y9R/+YSrn4843Zxy/MsX+nj1/zaNnjN4/jXZ1cf6E/n+3CvGHTl7RjN2+4sJ+HLZJ5yd5YjPctlnnJxT5vGOvjdlRanE/8TE59t+YT48tFzOvIHLkcC+YTgfeqOP6P7xGT4//JE/D/l1mv6Dw0e9YY4+VeJ1Runk/RuGP2dXp9bb2Pbzm460u9Q0dPyz3PeaLV6352zSj1FVz3U7Qf12XKhfsxZ4KmaLyXbadov2evy+gPA23t9wf23/vx+1fceX7uft9UeyMt3u9fmVEaKNjvmfFCtdV8F2y8MJDeuWiuM3hfjBdmxV8s44WFnj/r8nik2vJ4JL3waaHGI3+QUz/f8UjfrBv17ZryrhuP9BzbvACAd484/q9/fpaO//9XXCE9jygat56eKcd4uePWnPOTvHHr76fL6zPr96e/UTHf8+YLT33s1mVHHz05d9xyX6vj0P88ozRYOA7tbNycO47Y1J3rxXPHEfVxVmfjxNz86+PEzj7Xy41fH6d3No7O3T/1cXRnnxvmxq/PA7zbx7kF83WZxmKx1fm6d9k4uvXP9dJfn12ocfQlOfXzHUf3z7pR364pxtEAAO+sOP6Pp3Fx/P90Zr1OP2fPHRd06bw9+/dA6vGfP1bjyoUe9y30uHWhx/ULPS/xbh8XtzUvdPFv15YtzAst7DxZEgbf3+PitFHjYgAAFrM4/l+alvPH/519bt1s/NYzY3xifN40/vT4POc3JozPw2L43Don/uKZ/1ro8b/PxUM3x/95HWaBGf8DALy3xfF//LXH+Pf//mtazv7deuP0nPg+RzdOn6v/tDxO7/48Wzim1wGYBwjZeYCl0+u7DgAAgHdCz9RIafbv2X82XWZ/zz7v9/Ivy1m/VZX09PjKvbvHxi6/dtfW0b1jl++8ZuvYnsuv2719796xnbX1Oh03zjy3f7t+K44be0Il3R/N88yO21akfw9hRc7fQ8iuH8OeNHVj9t9DyDa7tODvCEwfv9byzTt+pTnWb9Y/8o53Xvw/zFk/qh//q/7ozMu37bl8+87te7ePjm/fNzZzvclRa988vjcz7pZ5fV9q5scspfl/f2d38ijNyqMn3R/Njv9kHkkmj5VpJivzvv8gJ+/v/bc//+NTJ95+MISRD5Q/1NH+SzZO/JdLx35/7+Ef7prMvzRn/vU107yKvq80u37cnsr4NXv2nrHtmmt3Zr9Rsj1xPqNULy/QfEb69C+3OD+xJad+vtcplGfdWJxanp8AAGCG+Pl/PJ+Nnx9+OT2BivWtj9M7+/w49/PFkdbG6dnvJSsap2fXj9vb6ji92uE4Pdt+0Ti92frNxul54+68+H+Qs/58td5POrvOI7efXNFaP8l+n0FRP8muP99+knTYT7LtF/WTZus36yd5xz0v/sU56+dpvT+0fl1OOcy+Lie3P9zTWn/41Uy5qD9k159vfyh12B+y7Rf1h2brN+sPecc3L/5FOeu3amb/mOwYU/1i7PLrrtn9hYb1Fvr7LzrPr+PvC2ye3xWdfbFY6/kv7HVfC5//wl5XtvD5d3ZdWW7+z3c2E9Z6/gv7/S7tOmbztenFZkXXnxXN427OqZ/vPO6SWTcWJ/O48M6J4//4cU8c/9+ZLrv9MdBCnyct/Pekdfg+l7NDu3D9fRLC/kVw/f3Cnsd4P5+jsUXA+zkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAa3orq6eWh2/bc/SiE3/3e3829ubNv/cPO275lRu/8bPhq37ruw/1ff2tQ1tP2faj3znuqsc+f/7Be//6yTcGHvm3lwsDD079rJyeFqshJK8mIVS/c+Qvvnjo2RMm65IQQjkZ3B/CymTVkyuTTISRX4QQttbznHnnw2+etW1yecudvTPqV2SCZLcr9JdjPo15hnB94RbxLlRN+9m+o9edEX78m5tv/cGab/1dz4FX9k+vklQb+lMIy69ofHxPCGFp+n9S7G2r44PT5aYQQl/D484ryOvDLea/Pqd8Urpcki77C+LE+9dmyqXMetly1JNZ9hW016m8PNpdr8iyTDn7YtSpvDxj/cp0+e10efo845fj/ySUklCppz+eTPeR0HDckpBMHctqvVyqH9uQbn+mnGTKpUy53JPZrql2045WTpKZ9XG9TH18Oa6k9ac0vlY3cUlO/QfTZTV9or4VyyF7o6Z/1o36dk2JeR2ZI5djodTwGtSsvn7g04PRn9b1J6tmPWaiiXjfoc13rStveerwYE4eyUNJGj9pK/6+769c9rlv3nHt6rz4V5TS+KW24v/kgudeu+yOr301N/49MX65rfhnPt736gVP37Y2d/8cifun0lb80ZefuXvN8VceyM3/vhi/2lb8jQef6x04+vgTufmPxP2ztK34L33iUz998IVHX8mNH2L8vrbibzm460u9Q0dPy43/RNw//e31n9cPnPvi0NDPh/PiPx/jD7QV/4H99378/hV3np97fDfF/TPYVvwLT33s1mVHHz0577Uzua9b75wA70/HpedYt6fldseZnWoYL/zVcKV2zrcs/T/QzYYyJttZvoDxAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4b/rnm87+7KWfvHhzJQkhyVlnool4X7nUXrujLz9z95rjrzzQWLe6vVAAAABAgTgOnx7GV8PqcF2yNJzUdP04R3BSLCUz69Plkrh+jDPcXpyQjZOdbmg3TrlLcSpditPTpThLuhSnt0txqrPj3NwYpxpai7N0jnwqk72ixXz65tyu1uP0dynOsi7FGehSnOVdirOiS3EG54zTej9c2U6c0uw4q7qUz3FdinN8l+J8oEtxfqlLcU7oUpzsnPJ8++FAuuaJeXGmbpQL41SScv2OZvPpJ6TtnNxhO/0F7QwUvR+32M7SFtv5cOZxpXm2U22xnV/usJ2kxXZ+tcN2SgXtxH57fTa/2E4stdj/b+hSnH1dinNjl+Lc1KU4f9KlOH/apTg3dxgHoFVx/D893hsMvZVfD33pK052FiCOd9dM/Zz9fpf3ghTjfShTv6QoXnagnom3Zr755VyvEOOtzdT3zIhXqY9H5ohXbYy3LnNn4fZmJxQy+Z2eqe8tipedWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACABfTPN5392Us/efHmkITJf01NNBHvKy/ZuHG4jXYPbb5rXXnLU4cb63orbQQCAAAACsVxeE+9php6KxtCb7JkxnrVdB6gmpbLg7Xl0PKwaXKZDJemyn3JyjkfV0kft37vjl3r99yw7yPbd4xePXb12M6PbTh7w7kj55x7zvpt28fHRmo/Q+gtiBdCmJp+2HPDvi+Mjo+P7d5Tq8zmvzp93Oq0nKSPG/poGJlc3pLmv6qgvdKs9hbuRvHRAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPh3du0uRs6qfAD4eWdmZ4aF/pl/+BoaukzKR1CJQl1MUcK+iYkk0DbdkJhZdCWNtJG4pQ20puIINQK20ZhAmjQ1vbCmEkXiTQEhRj7SpAarTdzaGCDKhV5oQDGF9MJAxnRnzuzMdKazDtBC/f0u3o/nPOc875mmmzzvDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcWrO18enqxOTUaBJC0ien3kMcy+bTtDJE3S8+s/H7hbFjV7XHCrkhFgIAAAAGin34SCtSDIVcNmTDxXN3S0PbQJjv+wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP89s7Xx6erE5NTZSQhJn5x6D3Esm0/TyhB1X33z8U+9NDb2t/ZYeYh1AAAAgMFiH55pRYqhHC4LI8nFHXnx3cDirvndeXGdJQvM63530C/vsgXmXbnAvI8MyFvVPG8JAAAA8OEX+/9cK1IKhdyivv3/oL4+5l3alZdtnof5rQAAAADw7sT+v9CKlEMhV2716wvt95d2RL/Vmj/oe/s4/4quvDh/0Pf5K5tn39MDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwIfHbG18ujoxOZVNQkj65NR7iGPZfJpWhqi77NnRf9yy/8Gl7bFCboiFAAAAgIFiHz7fehdDITcaRsLZc33/2E27n/j8E0+NhxAabX4+H7as2bTp7mWNY8y79uD+ke8deP2bJ+Rd2zietg0CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADvmdna+HR1YnLqrCSEpE9OvYc4ls2naWWIuq985nN/+emRp19rj5WHWAcAAAAYLPbh871/MZRDPuTDhXN37b3+cZnGqRTv+70zAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM4c93z93q+umZlZe7cLFy7el4ti8//au1mnsC+EU/vwp/kPEwAA8J67NCSh/l+6aPXpfmoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCDYLY2Pl2dmJwqJiEkfXLqPcSxbD5NK0PUTZ85VFh07Nnn22PlIdYBAAAABot9+HzvXwzlMBJGwgVzd73eCcz1/6VT+JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAB8psbXy6OjE5tajSP6feQxzL5tP0JFP7enTrrk/vPfe7N7fHCrkhFgIAAAAGin14vhUphkLuo6EQLmnez3ROSLLNc+/3AvPzNnZMG13wvFrHvOyC523r2lmuuZvGvGJcr9Q4F44vuDWEUDlxXqVtXjm0ylca82K9HR2zFg14zgAAAACnUez/C61IKRRyhbY+9ycd+SV9LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQx2xtfLo6MTmVJCEkfXLqPcSxbD5NK0PUvfe3/3/Ol362fXN7rDzEOgAAAMBgsQ+f7/2LoRyWhP8LS+b6/lDqzI95/6y+vfeRf/31qhCuufDwWK572R/Gi1+/cuNz3YcQMp3ZmRDObdZL+tT7ze8fqWcblxdkLzmhXjh5vc4l0/qT1bUrNx04vPFknwwAAACcOWL/P9KKlEIhd1ff/j923gP6/5a5Bvzcr239xfnNY7Mj75qRKTXrZfrU++zlj//5iuV/fz2Eay7oVy9Gz+8o+Ild6/ee352apPWJ9ZtXHb5uTybuulE/21U/fi5f+MZr/1635eG3G/WLodiML+56lEa1E49dzkrrM5mdUyve2VnrrJ/rs/8Hf/f8kV8t3v7W8fpvXjraGr8y9KrfvvN+9UdvfWjH9bv2r+qsH0Ko9Kr/xls3h4v+eOcD3fsf7Vq4/ZNvP3ZJ0vrBpUf3LN9dvqGzftJVP37+Pz/y6I4fP/ydp2L9+FuRqy5baP1MV/0Xt5239YX7Vy/urJ/ps//nbntpbEPl23/o3v8dHavm+j7Fift/7Op9t7+8Jr2vewgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODMMlsbn65OTE5lkhCSPjn1HuJYNp+mlSHqvnrLoTdu2/6jH7THykOsAwAAAAwW+/D53r8YyiEf8mF0ru9/srp25aYDhzeGUmM0aZ5zMxvu2fSxdRs233XHaXpyAAAAYKFi/59rRUqhkLs8jDT7/4n1m1cdvm5PJvb/mdj/r7tzZu01oZX34rbztr5w/+rFrfcEIcz9LKB4PO+T83k33XiodPRPX7miZ96y+byDS4/uWb67fEPMC+1514bW+4nHrt53+8tr0vtaz9ee9/Evb5hpvp6I647e+tCO63ftX9XaR/M82lw35s1kdk6teGdnLeZlm+fiuvflnwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzgiztfHp6sTkVMiGkPTJqfcQx7L5NK0MUXfF5b984JxjTy9pjxVyQywEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8hx04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirs11+IVGUfB/Dnmdl1x51d3dUX3q1oXa0o7CIpiKibiorQCKErQ8LSvIiCIKKwi9bQSKzoJsi6kaguaguhIDdJtFijf9JtBQXWRSDSQjlIFxU785xx9jinybMWRZ8PLM88z5zzfX7nPM+c2QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH+Vgb6xZntk50ON28+/+ZMn7j35+K3vPbD90sde/35i840f7xt89dTMlpVbv7pp+eYD962d3vPS4Z+H3/n1WM/gR1vN6tSthRBPxBBq788+/+TMp/+fG4shhGocmQxhNC47PBpzCWt+CSFsadc5/823T161da7dvntg3vjSXEj+ukK9mtXTMjK/Xv75Fp/FsbW0z7Y1Hrk8fHPDhh2fr3jrzf6p45OnD4m1jv0UwpJNnef3p/myObPdNpadnNr1IYTBjvOu6VHXRX+y/isK+hekdlFq6z1ysvdX5fqV3HH5fqY/1w72mG+hiuooe1wvQ7l+/mG0UEV1ZuOjqX03tavPMr+a/cVQiaGvXf798fQeCR3rFkNsrmWt3a+01zak68/1Y65fyfWr/bnras6bNlo1xvnj2XG58exx3JfGV3Y+q7u4o2D8vNTW0gf1VNYP+Rct9TNetK+rKatr9g9q+TtUOp5B3cbbC58Wo57G6nHZGef81kX23syGpy+pbvzgyEhBHXFfTPmxVP62z0aH7npj18NjRfmbKim/Uir/23VHf7xz18svFuY/l+VXS+VfeXDwxLoPd64qvD+z2f3pK5V/97GPnlnxv3umuq11M39vll8rlX/99NGB4cbBQ4X1r8nuz+JS+V9fd8t31bD/eGF+yPIHS+VvnH7w2YHxxmWF+YdaH4V6c4eW2D8/TV395fj4DxNF+V804xfVw3CX/Ngz/7XJPde+snT32sL9uT67PyOl6r/t4gM7hhr7Lyx6dsa95+qbE+C/aXn6H+up1C/7O3OhOn4vvDDR1/oGGkp/w+dyopy5eZb8hfkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwOztwQAIAAAAg6P/rdgQKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8FQAA///WQhZA")
truncate(&(0x7f0000000340)='./file2\x00', 0x2328)
syz_clone(0xc000080, &(0x7f0000000380)="86856b8446f44f3f88c6928fd37ce26e41cf898472edfbe8c20c719ba9af09ecce26ce802421df87c04bd58eca52fb900624433fa95dfd9ef4d091fca7ba0aac15bf09f78dac7d4d6e32be018c2f941055cfe3ea65507f5f935b0aef40e6dc54d462ce758c89ca3b278021e726961487877c4c812f56848b9cbf7fb8f11ae818da3b", 0x82, &(0x7f0000000300), &(0x7f0000000440), &(0x7f0000000480)="19765c2d6ac40816f778a563dbc3d930e571f48225e9dca90468bf8bec05a7d01991427011a6d68614ecbc05c25bfcc0675fda2307a2550faac2f09ab6b9762d1bb875c31c153280d8bc6fe11cadcc0308c33d4c64051abea15d97d7c28c52f7dda4001baea5dd217225905add10d4e08fbc42204e0717848544c2734c89bfce63bcf5b0f93bbd1d7d97612671a81fe65acd29b2b9bae01aaaf9413b05a34b9d84733e194ba844c5313b3633562ac35b8e92d87baef163623203902aafd631b16cdbdc2c4f3ddf906dd5c2b2239014f738d6aa6251e7a7f7fb5295a7849e47c391aff4") (async)
syz_clone(0xc000080, &(0x7f0000000380)="86856b8446f44f3f88c6928fd37ce26e41cf898472edfbe8c20c719ba9af09ecce26ce802421df87c04bd58eca52fb900624433fa95dfd9ef4d091fca7ba0aac15bf09f78dac7d4d6e32be018c2f941055cfe3ea65507f5f935b0aef40e6dc54d462ce758c89ca3b278021e726961487877c4c812f56848b9cbf7fb8f11ae818da3b", 0x82, &(0x7f0000000300), &(0x7f0000000440), &(0x7f0000000480)="19765c2d6ac40816f778a563dbc3d930e571f48225e9dca90468bf8bec05a7d01991427011a6d68614ecbc05c25bfcc0675fda2307a2550faac2f09ab6b9762d1bb875c31c153280d8bc6fe11cadcc0308c33d4c64051abea15d97d7c28c52f7dda4001baea5dd217225905add10d4e08fbc42204e0717848544c2734c89bfce63bcf5b0f93bbd1d7d97612671a81fe65acd29b2b9bae01aaaf9413b05a34b9d84733e194ba844c5313b3633562ac35b8e92d87baef163623203902aafd631b16cdbdc2c4f3ddf906dd5c2b2239014f738d6aa6251e7a7f7fb5295a7849e47c391aff4")
[ 144.445852][ T4673] Bluetooth: hci0: command tx timeout
[ 144.818316][ T5345] loop0: detected capacity change from 0 to 32768
[ 144.952718][ T5345] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names
[ 144.952734][ T5345] allowing incompatible features above 0.0: (unknown version)
[ 144.952740][ T5345] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 144.971770][ T5345] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[ 144.977791][ T5345] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[ 144.981419][ T5345] bcachefs (loop0): Version upgrade required:
[ 144.981419][ T5345] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[ 144.981419][ T5345] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive
[ 144.981419][ T5345] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance
[ 145.076720][ T5345] bcachefs (loop0): btree node read error at btree alloc level 0/0
[ 145.076751][ T5345] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0
[ 145.076759][ T5345] loop0 node offset 0/24 bset u64s 0: invalid bkey format: incorrect number of fields: got 2, should be 6
[ 145.076766][ T5345] u64s 3 fields 0:0, 0:0, 0:0, 0:0, 0:0, 0:0
[ 145.076772][ T5345] flagging btree alloc lost data
[ 145.076777][ T5345] ret btree_node_read_validate_error
[ 145.101670][ T5345] bcachefs (loop0): error reading btree root btree=alloc level=0: btree_node_read_error, fixing
[ 145.110076][ T5345] bcachefs (loop0): invalid bkey in btree_node btree=snapshots level=0: u64s 8 type snapshot 0:4294967295:0 len 0 ver 0: subvol parent 268435456 children 0 0 subvol 1 tree 0
[ 145.110103][ T5345] bad parent node (268435456 <= 4294967295), deleting
[ 145.123133][ T5345] bcachefs (loop0): error reading btree root btree=snapshots level=0: btree_node_read_error, fixing
[ 145.133562][ T5345] bcachefs (loop0): btree node read error at btree backpointers level 0/0
[ 145.133577][ T5345] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 4a8b0fa43a9980a6 written 24 min_key POS_MIN durability: 1 ptr: 0:37:0 gen 0
[ 145.133584][ T5345] loop0 node offset 0/24 bset u64s 0: incorrect btree id
[ 145.133590][ T5345] flagging btree backpointers lost data
[ 145.133595][ T5345] ret btree_node_read_validate_error
[ 145.153168][ T5345] bcachefs (loop0): error reading btree root btree=backpointers level=0: btree_node_read_error, fixing
[ 145.161222][ T5345] bcachefs (loop0): check_topology...
[ 145.161478][ T5345] bcachefs (loop0): btree root snapshots unreadable, must recover from scan
[ 145.168405][ T5345] bcachefs (loop0): no nodes found for btree snapshots, continuing
[ 145.172689][ T5345] done
[ 145.173989][ T5345] bcachefs (loop0): accounting_read... done
[ 145.178683][ T5345] bcachefs (loop0): alloc_read... done
[ 145.183500][ T5345] bcachefs (loop0): snapshots_read... done
[ 145.186815][ T5345] bcachefs (loop0): check_allocations...
[ 145.189470][ T5345] bcachefs (loop0): bucket 0:34 data type user ptr gen 0 missing in alloc btree
[ 145.189494][ T5345] while marking u64s 7 type extent 4099:8:U32_MAX len 8 ver 0: durability: 1 crc: c_size 8 size 8 offset 0 nonce 0 csum none 0:0 compress incompressible ptr: 0:34:0 gen 0, fixing
[ 145.206572][ T5345] bcachefs (loop0): bucket 0:27 data type btree ptr gen 0 missing in alloc btree
[ 145.206586][ T5345] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c6c25c03258c59c5 written 16 min_key POS_MIN durability: 1 ptr: 0:27:0 gen 0, fixing
[ 145.220177][ T5345] bcachefs (loop0): bucket 0:38 data type btree ptr gen 0 missing in alloc btree
[ 145.220186][ T5345] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7589ab5e0c11cc7a written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing
[ 145.232244][ T5345] bcachefs (loop0): bucket 0:41 data type btree ptr gen 0 missing in alloc btree
[ 145.232257][ T5345] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing
[ 145.244873][ T5345] bcachefs (loop0): bucket 0:31 data type btree ptr gen 0 missing in alloc btree
[ 145.244885][ T5345] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 2285c34bed0abe32 written 16 min_key POS_MIN durability: 1 ptr: 0:31:0 gen 0, fixing
[ 145.257164][ T5345] bcachefs (loop0): bucket 0:35 data type btree ptr gen 0 missing in alloc btree
[ 145.257177][ T5345] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c0bef60d07ceb940 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing
[ 145.269864][ T5345] bcachefs (loop0): bucket 0:28 data type btree ptr gen 0 missing in alloc btree
[ 145.269877][ T5345] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 28f61e078e70b95c written 16 min_key POS_MIN durability: 1 ptr: 0:28:0 gen 0, fixing
[ 145.284217][ T5345] bcachefs (loop0): bucket 0:29 data type btree ptr gen 0 missing in alloc btree
[ 145.284233][ T5345] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing
[ 145.297262][ T5345] bcachefs (loop0): bucket 0:42 data type btree ptr gen 0 missing in alloc btree
[ 145.297277][ T5345] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 1db8f60c84bb244c written 8 min_key POS_MIN durability: 1 ptr: 0:42:0 gen 0, fixing
[ 145.314936][ T5345] done
[ 145.318244][ T5345] bcachefs (loop0): going read-write
[ 145.440158][ T5345] bcachefs (loop0): journal_replay...
[ 145.444111][ T5345] bcachefs (loop0): u64s 13 type alloc_v4 0:42:0 len 0 ver 0:
[ 145.444136][ T5345] gen 0 oldest_gen 0 data_type btree
[ 145.444141][ T5345] journal_seq_nonempty 0
[ 145.444147][ T5345] journal_seq_empty 0
[ 145.444152][ T5345] need_discard 0
[ 145.444157][ T5345] need_inc_gen 0
[ 145.444162][ T5345] dirty_sectors 256
[ 145.444167][ T5345] stripe_sectors 0
[ 145.444172][ T5345] cached_sectors 0
[ 145.444178][ T5345] stripe 0
[ 145.444183][ T5345] stripe_redundancy 0
[ 145.444188][ T5345] io_time[READ] 0
[ 145.444193][ T5345] io_time[WRITE] 0
[ 145.444199][ T5345] fragmentation 0
[ 145.444203][ T5345] bp_start 8
[ 145.444208][ T5345]
[ 145.444213][ T5345] incorrectly set at freespace:0:42:0 (free 0, genbits 0 should be 0), fixing
[ 145.536563][ T5345] bcachefs (loop0): u64s 13 type alloc_v4 0:34:0 len 0 ver 0:
[ 145.536588][ T5345] gen 0 oldest_gen 0 data_type user
[ 145.536593][ T5345] journal_seq_nonempty 0
[ 145.536598][ T5345] journal_seq_empty 0
[ 145.536603][ T5345] need_discard 0
[ 145.536609][ T5345] need_inc_gen 0
[ 145.536614][ T5345] dirty_sectors 16
[ 145.536619][ T5345] stripe_sectors 0
[ 145.536625][ T5345] cached_sectors 0
[ 145.536629][ T5345] stripe 0
[ 145.536634][ T5345] stripe_redundancy 0
[ 145.536640][ T5345] io_time[READ] 0
[ 145.536644][ T5345] io_time[WRITE] 0
[ 145.536649][ T5345] fragmentation 134217728
[ 145.536655][ T5345] bp_start 8
[ 145.536660][ T5345]
[ 145.536664][ T5345] incorrectly set at freespace:0:34:0 (free 0, genbits 0 should be 0), fixing
[ 145.587646][ T5345] bcachefs (loop0): u64s 13 type alloc_v4 0:42:0 len 0 ver 0:
[ 145.587659][ T5345] gen 0 oldest_gen 0 data_type btree
[ 145.587664][ T5345] journal_seq_nonempty 0
[ 145.587670][ T5345] journal_seq_empty 0
[ 145.587675][ T5345] need_discard 0
[ 145.587680][ T5345] need_inc_gen 0
[ 145.587685][ T5345] dirty_sectors 256
[ 145.587691][ T5345] stripe_sectors 0
[ 145.587696][ T5345] cached_sectors 0
[ 145.587701][ T5345] stripe 0
[ 145.587708][ T5345] stripe_redundancy 0
[ 145.587714][ T5345] io_time[READ] 0
[ 145.587719][ T5345] io_time[WRITE] 0
[ 145.587723][ T5345] fragmentation 0
[ 145.587729][ T5345] bp_start 8
[ 145.587734][ T5345]
[ 145.587739][ T5345] incorrectly set at freespace:0:42:0 (free 0, genbits 0 should be 0), fixing
[ 145.634422][ T5345] ==================================================================
[ 145.637818][ T5345] BUG: KASAN: slab-use-after-free in __bch2_trans_commit+0x359e/0x8880
[ 145.641156][ T5345] Write of size 8 at addr ffff888054d90000 by task syz.0.0/5345
[ 145.644325][ T5345]
[ 145.645413][ T5345] CPU: 0 UID: 0 PID: 5345 Comm: syz.0.0 Not tainted 6.16.0-rc2-syzkaller-00162-g41687a5c6f8b #0 PREEMPT(full)
[ 145.645429][ T5345] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 145.645435][ T5345] Call Trace:
[ 145.645443][ T5345]
[ 145.645449][ T5345] dump_stack_lvl+0x189/0x250
[ 145.645472][ T5345] ? __virt_addr_valid+0x1c8/0x5c0
[ 145.645483][ T5345] ? rcu_is_watching+0x15/0xb0
[ 145.645498][ T5345] ? __kasan_check_byte+0x12/0x40
[ 145.645507][ T5345] ? __pfx_dump_stack_lvl+0x10/0x10
[ 145.645521][ T5345] ? rcu_is_watching+0x15/0xb0
[ 145.645535][ T5345] ? lock_release+0x4b/0x3e0
[ 145.645552][ T5345] ? __virt_addr_valid+0x1c8/0x5c0
[ 145.645562][ T5345] ? __virt_addr_valid+0x4a5/0x5c0
[ 145.645572][ T5345] print_report+0xd2/0x2b0
[ 145.645584][ T5345] ? __bch2_trans_commit+0x359e/0x8880
[ 145.645595][ T5345] kasan_report+0x118/0x150
[ 145.645604][ T5345] ? __bch2_trans_commit+0x359e/0x8880
[ 145.645617][ T5345] __bch2_trans_commit+0x359e/0x8880
[ 145.645635][ T5345] ? bch2_journal_replay+0x1789/0x2620
[ 145.645652][ T5345] ? __pfx___bch2_trans_commit+0x10/0x10
[ 145.645665][ T5345] ? __pfx_bch2_journal_replay_key+0x10/0x10
[ 145.645676][ T5345] ? bch2_journal_replay_key+0x1dc/0xb10
[ 145.645685][ T5345] ? __bch2_trans_get+0x9c2/0xd80
[ 145.645693][ T5345] bch2_journal_replay+0x1789/0x2620
[ 145.645704][ T5345] ? __pfx_console_unlock+0x10/0x10
[ 145.645711][ T5345] ? irq_work_queue+0xbc/0x140
[ 145.645721][ T5345] ? __wake_up_klogd+0xd9/0x110
[ 145.645729][ T5345] ? __pfx_vprintk_emit+0x10/0x10
[ 145.645735][ T5345] ? __pfx_bch2_journal_replay+0x10/0x10
[ 145.645747][ T5345] ? do_raw_spin_lock+0x121/0x290
[ 145.645759][ T5345] ? __bch2_print+0x176/0x220
[ 145.645775][ T5345] ? __pfx___bch2_print+0x10/0x10
[ 145.645790][ T5345] ? _raw_spin_unlock_irq+0x23/0x50
[ 145.645867][ T5345] ? lockdep_hardirqs_on+0x9c/0x150
[ 145.645883][ T5345] __bch2_run_recovery_passes+0x395/0x1010
[ 145.645899][ T5345] bch2_run_recovery_passes+0x184/0x210
[ 145.645910][ T5345] bch2_fs_recovery+0x25fd/0x3950
[ 145.645923][ T5345] ? check_noncircular+0xe0/0x160
[ 145.645934][ T5345] ? __pfx_bch2_fs_recovery+0x10/0x10
[ 145.645945][ T5345] ? __lock_acquire+0xab9/0xd20
[ 145.645955][ T5345] ? __lock_acquire+0xab9/0xd20
[ 145.645965][ T5345] ? __lock_acquire+0xab9/0xd20
[ 145.645976][ T5345] ? bch2_fs_start+0x9fe/0xd90
[ 145.645983][ T5345] ? up_write+0x1c4/0x420
[ 145.645990][ T5345] ? bch2_fs_start+0x5c4/0xd90
[ 145.645999][ T5345] bch2_fs_start+0xa99/0xd90
[ 145.646009][ T5345] ? bch2_fs_start+0x5c4/0xd90
[ 145.646018][ T5345] ? __pfx_bch2_fs_start+0x10/0x10
[ 145.646033][ T5345] ? sget+0x267/0x620
[ 145.646047][ T5345] bch2_fs_get_tree+0xb02/0x14f0
[ 145.646070][ T5345] ? __pfx_bch2_fs_get_tree+0x10/0x10
[ 145.646087][ T5345] ? aa_get_newest_label+0xf7/0x5d0
[ 145.646100][ T5345] ? vfs_parse_monolithic_sep+0x2df/0x310
[ 145.646114][ T5345] ? apparmor_capable+0x137/0x1b0
[ 145.646124][ T5345] vfs_get_tree+0x8f/0x2b0
[ 145.646134][ T5345] do_new_mount+0x24a/0xa40
[ 145.646147][ T5345] __se_sys_mount+0x317/0x410
[ 145.646159][ T5345] ? __pfx___se_sys_mount+0x10/0x10
[ 145.646172][ T5345] ? do_syscall_64+0xbe/0x3b0
[ 145.646180][ T5345] ? __x64_sys_mount+0x20/0xc0
[ 145.646191][ T5345] do_syscall_64+0xfa/0x3b0
[ 145.646201][ T5345] ? lockdep_hardirqs_on+0x9c/0x150
[ 145.646214][ T5345] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 145.646224][ T5345] ? clear_bhb_loop+0x60/0xb0
[ 145.646235][ T5345] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 145.646245][ T5345] RIP: 0033:0x7f947a3900ca
[ 145.646257][ T5345] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 145.646265][ T5345] RSP: 002b:00007f94767f4e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 145.646277][ T5345] RAX: ffffffffffffffda RBX: 00007f94767f4ef0 RCX: 00007f947a3900ca
[ 145.646285][ T5345] RDX: 00002000000000c0 RSI: 0000200000000000 RDI: 00007f94767f4eb0
[ 145.646292][ T5345] RBP: 00002000000000c0 R08: 00007f94767f4ef0 R09: 0000000000810000
[ 145.646299][ T5345] R10: 0000000000810000 R11: 0000000000000246 R12: 0000200000000000
[ 145.646305][ T5345] R13: 00007f94767f4eb0 R14: 0000000000005991 R15: 0000200000000280
[ 145.646315][ T5345]
[ 145.646319][ T5345]
[ 145.822821][ T5345] Allocated by task 38:
[ 145.824658][ T5345] kasan_save_track+0x3e/0x80
[ 145.826729][ T5345] __kasan_slab_alloc+0x6c/0x80
[ 145.828776][ T5345] kmem_cache_alloc_node_noprof+0x1bb/0x3c0
[ 145.831341][ T5345] kmalloc_reserve+0xbd/0x290
[ 145.833533][ T5345] __alloc_skb+0x142/0x2d0
[ 145.835546][ T5345] inet6_rt_notify+0x165/0x430
[ 145.837744][ T5345] fib6_add_rt2node+0x1876/0x33a0
[ 145.839979][ T5345] fib6_add+0x8da/0x18a0
[ 145.841887][ T5345] ip6_ins_rt+0xc8/0x120
[ 145.843803][ T5345] __ipv6_ifa_notify+0x63f/0xac0
[ 145.846096][ T5345] addrconf_dad_completed+0x180/0xd60
[ 145.848529][ T5345] addrconf_dad_work+0xc36/0x14b0
[ 145.850802][ T5345] process_scheduled_works+0xae1/0x17b0
[ 145.853317][ T5345] worker_thread+0x8a0/0xda0
[ 145.855452][ T5345] kthread+0x70e/0x8a0
[ 145.857330][ T5345] ret_from_fork+0x3f9/0x770
[ 145.859396][ T5345] ret_from_fork_asm+0x1a/0x30
[ 145.861642][ T5345]
[ 145.862755][ T5345] Freed by task 38:
[ 145.864514][ T5345] kasan_save_track+0x3e/0x80
[ 145.866566][ T5345] kasan_save_free_info+0x46/0x50
[ 145.868851][ T5345] __kasan_slab_free+0x62/0x70
[ 145.871032][ T5345] kmem_cache_free+0x18f/0x400
[ 145.873243][ T5345] skb_release_data+0x62d/0x7c0
[ 145.875354][ T5345] consume_skb+0x9e/0xf0
[ 145.877149][ T5345] netlink_broadcast_filtered+0x103c/0x1140
[ 145.879563][ T5345] nlmsg_notify+0xf0/0x1a0
[ 145.881455][ T5345] fib6_add_rt2node+0x1876/0x33a0
[ 145.883504][ T5345] fib6_add+0x8da/0x18a0
[ 145.885259][ T5345] ip6_ins_rt+0xc8/0x120
[ 145.886992][ T5345] __ipv6_ifa_notify+0x63f/0xac0
[ 145.889009][ T5345] addrconf_dad_completed+0x180/0xd60
[ 145.891358][ T5345] addrconf_dad_work+0xc36/0x14b0
[ 145.893645][ T5345] process_scheduled_works+0xae1/0x17b0
[ 145.896170][ T5345] worker_thread+0x8a0/0xda0
[ 145.898232][ T5345] kthread+0x70e/0x8a0
[ 145.900035][ T5345] ret_from_fork+0x3f9/0x770
[ 145.902211][ T5345] ret_from_fork_asm+0x1a/0x30
[ 145.904291][ T5345]
[ 145.905417][ T5345] The buggy address belongs to the object at ffff888054d90000
[ 145.905417][ T5345] which belongs to the cache skbuff_small_head of size 704
[ 145.911595][ T5345] The buggy address is located 0 bytes inside of
[ 145.911595][ T5345] freed 704-byte region [ffff888054d90000, ffff888054d902c0)
[ 145.917461][ T5345]
[ 145.918480][ T5345] The buggy address belongs to the physical page:
[ 145.921392][ T5345] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x54d90
[ 145.925240][ T5345] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 145.928710][ T5345] flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff)
[ 145.931899][ T5345] page_type: f5(slab)
[ 145.933597][ T5345] raw: 04fff00000000040 ffff88801c283dc0 dead000000000122 0000000000000000
[ 145.937095][ T5345] raw: 0000000000000000 0000000000130013 00000000f5000000 0000000000000000
[ 145.940588][ T5345] head: 04fff00000000040 ffff88801c283dc0 dead000000000122 0000000000000000
[ 145.944189][ T5345] head: 0000000000000000 0000000000130013 00000000f5000000 0000000000000000
[ 145.947749][ T5345] head: 04fff00000000002 ffffea0001536401 00000000ffffffff 00000000ffffffff
[ 145.951543][ T5345] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[ 145.955297][ T5345] page dumped because: kasan: bad access detected
[ 145.958141][ T5345] page_owner tracks the page as allocated
[ 145.960741][ T5345] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 38, tgid 38 (kworker/u4:3), ts 145478912315, free_ts 145443190565
[ 145.969550][ T5345] post_alloc_hook+0x240/0x2a0
[ 145.971718][ T5345] get_page_from_freelist+0x21e4/0x22c0
[ 145.974278][ T5345] __alloc_frozen_pages_noprof+0x181/0x370
[ 145.976837][ T5345] alloc_pages_mpol+0x232/0x4a0
[ 145.978932][ T5345] allocate_slab+0x8a/0x3b0
[ 145.980803][ T5345] ___slab_alloc+0xbfc/0x1480
[ 145.982809][ T5345] kmem_cache_alloc_node_noprof+0x280/0x3c0
[ 145.985300][ T5345] kmalloc_reserve+0xbd/0x290
[ 145.987207][ T5345] __alloc_skb+0x142/0x2d0
[ 145.988909][ T5345] inet6_rt_notify+0x165/0x430
[ 145.990846][ T5345] fib6_add_rt2node+0x1876/0x33a0
[ 145.992891][ T5345] fib6_add+0x8da/0x18a0
[ 145.994707][ T5345] ip6_ins_rt+0xc8/0x120
[ 145.996532][ T5345] __ipv6_ifa_notify+0x63f/0xac0
[ 145.998650][ T5345] addrconf_dad_completed+0x180/0xd60
[ 146.001016][ T5345] addrconf_dad_work+0xc36/0x14b0
[ 146.003437][ T5345] page last free pid 5345 tgid 5344 stack trace:
[ 146.006198][ T5345] __free_frozen_pages+0xc71/0xe70
[ 146.008405][ T5345] stack_depot_save_flags+0x445/0x900
[ 146.010720][ T5345] kasan_save_track+0x4f/0x80
[ 146.012845][ T5345] __kasan_slab_alloc+0x6c/0x80
[ 146.015012][ T5345] kmem_cache_alloc_noprof+0x1c1/0x3c0
[ 146.017490][ T5345] btree_key_cache_fill+0x45b/0x3010
[ 146.019883][ T5345] bch2_btree_path_traverse_cached+0xc5d/0x10d0
[ 146.022604][ T5345] bch2_btree_path_traverse_one+0x372/0x21d0
[ 146.025241][ T5345] bch2_btree_iter_peek_slot+0x74e/0x1fa0
[ 146.027748][ T5345] bch2_check_discard_freespace_key+0x20c/0xce0
[ 146.030525][ T5345] bch2_bucket_alloc_trans+0x1333/0x2410
[ 146.032974][ T5345] bch2_bucket_alloc_set_trans+0x5a6/0xe70
[ 146.035572][ T5345] __open_bucket_add_buckets+0x1437/0x1e40
[ 146.038051][ T5345] open_bucket_add_buckets+0x2ee/0x440
[ 146.040461][ T5345] bch2_alloc_sectors_start_trans+0xd26/0x1e80
[ 146.043143][ T5345] bch2_btree_reserve_get+0x641/0x1810
[ 146.045616][ T5345]
[ 146.046665][ T5345] Memory state around the buggy address:
[ 146.049223][ T5345] ffff888054d8ff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 146.052543][ T5345] ffff888054d8ff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 146.055818][ T5345] >ffff888054d90000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 146.059158][ T5345] ^
[ 146.060855][ T5345] ffff888054d90080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 146.064137][ T5345] ffff888054d90100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 146.067604][ T5345] ==================================================================
[ 146.092973][ T5345] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 146.096089][ T5345] CPU: 0 UID: 0 PID: 5345 Comm: syz.0.0 Not tainted 6.16.0-rc2-syzkaller-00162-g41687a5c6f8b #0 PREEMPT(full)
[ 146.101104][ T5345] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 146.105808][ T5345] Call Trace:
[ 146.107114][ T5345]
[ 146.108292][ T5345] dump_stack_lvl+0x99/0x250
[ 146.110532][ T5345] ? __asan_memcpy+0x40/0x70
[ 146.112694][ T5345] ? __pfx_dump_stack_lvl+0x10/0x10
[ 146.114992][ T5345] ? __pfx__printk+0x10/0x10
[ 146.117008][ T5345] panic+0x2db/0x790
[ 146.118787][ T5345] ? __pfx_panic+0x10/0x10
[ 146.120729][ T5345] ? _raw_spin_unlock_irqrestore+0xfd/0x110
[ 146.123249][ T5345] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 146.126127][ T5345] ? print_memory_metadata+0x314/0x400
[ 146.128596][ T5345] ? __bch2_trans_commit+0x359e/0x8880
[ 146.131070][ T5345] check_panic_on_warn+0x89/0xb0
[ 146.133240][ T5345] ? __bch2_trans_commit+0x359e/0x8880
[ 146.135639][ T5345] end_report+0x78/0x160
[ 146.137591][ T5345] kasan_report+0x129/0x150
[ 146.139635][ T5345] ? __bch2_trans_commit+0x359e/0x8880
[ 146.142076][ T5345] __bch2_trans_commit+0x359e/0x8880
[ 146.144486][ T5345] ? bch2_journal_replay+0x1789/0x2620
[ 146.146849][ T5345] ? __pfx___bch2_trans_commit+0x10/0x10
[ 146.149145][ T5345] ? __pfx_bch2_journal_replay_key+0x10/0x10
[ 146.151626][ T5345] ? bch2_journal_replay_key+0x1dc/0xb10
[ 146.153930][ T5345] ? __bch2_trans_get+0x9c2/0xd80
[ 146.156157][ T5345] bch2_journal_replay+0x1789/0x2620
[ 146.158413][ T5345] ? __pfx_console_unlock+0x10/0x10
[ 146.160749][ T5345] ? irq_work_queue+0xbc/0x140
[ 146.163306][ T5345] ? __wake_up_klogd+0xd9/0x110
[ 146.165485][ T5345] ? __pfx_vprintk_emit+0x10/0x10
[ 146.167658][ T5345] ? __pfx_bch2_journal_replay+0x10/0x10
[ 146.170073][ T5345] ? do_raw_spin_lock+0x121/0x290
[ 146.172259][ T5345] ? __bch2_print+0x176/0x220
[ 146.174280][ T5345] ? __pfx___bch2_print+0x10/0x10
[ 146.176470][ T5345] ? _raw_spin_unlock_irq+0x23/0x50
[ 146.178754][ T5345] ? lockdep_hardirqs_on+0x9c/0x150
[ 146.181074][ T5345] __bch2_run_recovery_passes+0x395/0x1010
[ 146.183684][ T5345] bch2_run_recovery_passes+0x184/0x210
[ 146.186181][ T5345] bch2_fs_recovery+0x25fd/0x3950
[ 146.188370][ T5345] ? check_noncircular+0xe0/0x160
[ 146.190591][ T5345] ? __pfx_bch2_fs_recovery+0x10/0x10
[ 146.193025][ T5345] ? __lock_acquire+0xab9/0xd20
[ 146.195223][ T5345] ? __lock_acquire+0xab9/0xd20
[ 146.197348][ T5345] ? __lock_acquire+0xab9/0xd20
[ 146.199462][ T5345] ? bch2_fs_start+0x9fe/0xd90
[ 146.201624][ T5345] ? up_write+0x1c4/0x420
[ 146.203531][ T5345] ? bch2_fs_start+0x5c4/0xd90
[ 146.205712][ T5345] bch2_fs_start+0xa99/0xd90
[ 146.207624][ T5345] ? bch2_fs_start+0x5c4/0xd90
[ 146.209813][ T5345] ? __pfx_bch2_fs_start+0x10/0x10
[ 146.212241][ T5345] ? sget+0x267/0x620
[ 146.214179][ T5345] bch2_fs_get_tree+0xb02/0x14f0
[ 146.216283][ T5345] ? __pfx_bch2_fs_get_tree+0x10/0x10
[ 146.218456][ T5345] ? aa_get_newest_label+0xf7/0x5d0
[ 146.220569][ T5345] ? vfs_parse_monolithic_sep+0x2df/0x310
[ 146.222999][ T5345] ? apparmor_capable+0x137/0x1b0
[ 146.225172][ T5345] vfs_get_tree+0x8f/0x2b0
[ 146.227034][ T5345] do_new_mount+0x24a/0xa40
[ 146.228922][ T5345] __se_sys_mount+0x317/0x410
[ 146.230904][ T5345] ? __pfx___se_sys_mount+0x10/0x10
[ 146.233167][ T5345] ? do_syscall_64+0xbe/0x3b0
[ 146.235099][ T5345] ? __x64_sys_mount+0x20/0xc0
[ 146.237105][ T5345] do_syscall_64+0xfa/0x3b0
[ 146.238964][ T5345] ? lockdep_hardirqs_on+0x9c/0x150
[ 146.241115][ T5345] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 146.243805][ T5345] ? clear_bhb_loop+0x60/0xb0
[ 146.245829][ T5345] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 146.248303][ T5345] RIP: 0033:0x7f947a3900ca
[ 146.250275][ T5345] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 146.258233][ T5345] RSP: 002b:00007f94767f4e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 146.261961][ T5345] RAX: ffffffffffffffda RBX: 00007f94767f4ef0 RCX: 00007f947a3900ca
[ 146.265253][ T5345] RDX: 00002000000000c0 RSI: 0000200000000000 RDI: 00007f94767f4eb0
[ 146.268449][ T5345] RBP: 00002000000000c0 R08: 00007f94767f4ef0 R09: 0000000000810000
[ 146.271739][ T5345] R10: 0000000000810000 R11: 0000000000000246 R12: 0000200000000000
[ 146.275159][ T5345] R13: 00007f94767f4eb0 R14: 0000000000005991 R15: 0000200000000280
[ 146.278650][ T5345]
[ 146.280333][ T5345] Kernel Offset: disabled
[ 146.282183][ T5345] Rebooting in 86400 seconds..