program:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x2e, &(0x7f00000001c0)=0xffffb1e0, 0x4) (async, rerun: 64)
syz_mount_image$bcachefs(&(0x7f00000000c0), &(0x7f0000000080)='./file1\x00', 0x818001, &(0x7f0000000300)=ANY=[@ANYBLOB="7265636f766572795f706073735f6c6173743d636865636b5f616c6c6f635f746f5f6c72755f726566732c6d756d3d6372633332632c6572726f72733d636f6e74696e75652c696e6c696e655f646174613c7374725f686173683d736970686163682c6e6f6368616e6765732c6e6f636f772c6e6f6578636c2c6e6f636f772c009de64b13c7fe6458bcd6d2d7793dd0d582fa215cdb447daefca877f332de059c1ce3af538bd2704deba5435b74a9d2603c05922ff0efdfdcde03b87b29fa1c67cc652304af76370c95a26cb157"], 0x1, 0x59cb, &(0x7f0000005dc0)="$eJzs3X+QHNV9IPDXM7Pa2V39WAkIMpjVIlBCILZW/CpsUrGSS+wUEEouUg7iZMOCVkT2SqgkEZAgQeSAgwJcOOVUAskf2IWpw1ZcVMHFKJQxP07ibGyKs4+6wtTZd9hX5SvMoTKgo3w+b2p3+s3O9k5vz87OCkl8PiVtT7/p+b7Xr9/09PfN7E4AAADgfeHA7TsOXXrSH33nr0feueWP/2XLraGvPFFejRv0p8sb36sWcjh1V5ZPLLPj4rdu+upPB6/5g28/2vuVd/dvPHXTD//wuGue/OxF++7/h2feXvT4r18rihvH05mT68kbSQjVbx782zv2v3DieFkSQign/XtCWJose2Zpkgkx9MsQwsZ0pVyZeudj75yzaXx5693dU8qXZILkjffBuIHxfkyrpuNs96Ebzgo/+v31t31vxdf/qWvv63smN0mqDeMphMVXNT6+K4TQ0zBe4iBdnllfF0LobXjcBQXtOq3F9q/OWT85XS5Il30FceL9KzPrpcx22fWoK7PsLahvrvLa0e52RRZm1rMno7nKa2csX5ouv5Euz5xl/HL8n4RSEir15o8mk2MkNBy3JCQTx7JaXy/Vj21I9z+znmTWS5n1cldmvybqTQdaOUmmlsftMuXxdFxJy09tvDZp4rKc8g+ky2r6RH03rofsjZq+aTfq+zUhtuvgDG05HMb7qXuG8vo4Sw9GX1rWlyyb9pixJuJ9+9ffs6q84dkD/TntSB5N0vjJRB/NNv7u7y5d+Jmv3XX98rz4V5XS+KW24v/44hffvOKuLz+QG/++GL/cVvyzn+p94+Lnbl+Z1z9xePWFSlvxh197/t4Vx1+9N7f9D8b+r7YVf+2+F7sXHXrq6dzjOxT7p6et+K9e+PGfPPLyE6/nxg8xfm9b8Tfs2/b57oFDZ+TGfzr2T1974+etvee/MjDws8G8+C/F+Ivaiv/wnvs/+tCSuy/KPb7rYv/0txX/ktOfvG3hoSdOyTt3Jg926pUT4P3puPQa6850faY8s3uGPHOuGvKFvx+s1K5bF6b/F3WyoszF53g9izsZHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABCCCec9Z8/8T8/1f9GJV3vTm+8WqotY/mCEJKeEMKOncPbd27eeu3gZ6+7fvvW4dHB4Z2DI6Ol7bsGz/2dwe0j20aHd43fO/Shc2qPWxaS2jI5ZVrd3WNjY6X+qWWxvn9z+t4frbrgf/88hKETfjBQyW3/6vu3PHR8k58Zydqxj225/tIfnPeldL/603b1N2nX2NjYWMhp1/+5/FcP/c3Bn54RwtBvzNSu51/9vW9NadBEwWScVKk71BrUnfQ2bUe91Wl7Yn9VNm0eHRmauX/HH1/O2Y9/e9Prv9x04xd+Vevfau5+tNi/PWvHRkt/t/6S//93N9cKitpV349Mu+b7uBf1d9yL2L7Yf9W0vxen+7U4Z78qOf19+/eefvmbJ9319p4wVHlrxfS6i/arKx0AXckHWqo31tCbLJ1SXk23j0c8Pm71zi3bVu/YtftDm7cMXzty7cjWj6w5d835Q+edf97qiT1f3eH9j/X/Zov73+p4ytY7u/G05C/2fCP+bG08FbWrqD/G21XcH40tynv+9V52xxc/cv9zl9YKisZ53Lr+PEyXvePHeU1oGG/T+6rZfhX1QwhhsFk/vPn2ReHE/7b5tqLzUOORafyZkawde2HlL750wT8u/91awWE5zzc2qM3zfL3Vk+2Z6K9qejzGjtD+7Q7ldL/6mrZrzQvPdd1z4Od/WW/fggXhxuGdO7evqf1cmLZ0YXJy03ZlS+N+rZj4WQ5pt4T6MG0yXsd1hVr7sufPuHm2V/vS+/qSZU33Kyvet3/9PavKG549kNfTyaO1GnvCotoy+WDOlqOZB5brDW5W/5H6/CsaHwOf+MfHP/X4P587bXycXftZtF9Jzn59/eWHv/iVL/z7f+7cfn3i917s/8V///NVtYLOnVeeu7tZuzp1Xqm3Om1P0nheOTuEouffitB8P3Kff6WmYQqff9l6JrdvHm8ws94XysXP12qY9nw9+6neNy5+7vaVuc/Xg60+X2+eslYueL4eKa9L2edXUpnajvl7fk0ZKMnasW/fedyeZ25Zd1KtoGhc17duNq7PaSH/yNmvb13xysB1g//uv3buvPHV33nsyh8Or/2rWkH7xz22pTPHvZr2bzWnf+utjnlnY/9++JrrRjfWyo/c6990WZD/xFPJjl27Pzc8OjqyfUdr+9Xq62msJ9vLrY6fVZnX03h2W5bdr9LU/SpN26/5u9FKf7X6fIvt39hmf2Wfb30haes6bvd3ly78zNfuur5/2qPSiq4qpfFLbcX/8cUvvnnFXV9+IDf+fTF+pa34w689f++K46/emxv/wRi/2lb8tfte7F506Kmnc+MPxfg9bcV/9cKP/+SRl594PTd+iPH72uv/t/ae/8rAwM9y47+UpPWMXyOF8Ng752yqrSehKz2PxHZ0TWlXyK4nmfVSZr3cuF6qzbXWKygnydTyuF1afmpDW5r5s5zyeBVWXV5bvhvXQ/bGzOVHmlLDub9ZedF1KgDAsS6+/x+vQeP7/yPphVL+TANMmmsetjwnbszDJudzFky5f3kaPz4+zgMOfDgMjS9vHaxd6M/2fYT4fMjOc8Z6zjhtaox25zmL5t9XZtZju2rz5ZWGPDQ1Pa+phBbm36fXM/P8e2b3i+fHB++c1qzBhvm47PHrSmfMmn3eIdPeyniEvPGRne+Ln+cYWBzWTdTX4vjIfo4mHofs52hiPSdlTpztfo5mruMjNnuG8THR5OL3N6YfvzBD/04ev+bRssdvFse7Or79fL8/24F5w6antMM3b9jC+2FN4rf6flh9XnLt9G1mil88LxnjH93zkkf6vGEsj/tRaXE+8VM55a3MJzbOy+XNJ8bTRWzXwRnacjiYTwSOVTH/j68R4/n/+AX4/81sV3Qdmr1qjPFyPydUbt6eorxj+uf0ett6Hd+wb9vnuwcOnZF7nfN0q5/72TZlrbfgcz9F/bgqs17YjzkTNEX5Xraeon7Pfi6jLyxqq98f3nP/Rx9acvdFuf2+rvZCWtzvX5yytqig34+CfKF5/GMtX+j45xiOjXxhvufP3rN8JP3g03zlI3+aUz7bzzf0TrtR368JR10+0nV42wUAHD1i/l9//yzN//9H3CC9jijKW8/MrMd4uXlrzvVJXt76J+nyxsz2felvVMz2uvmS05+8beGhJ07JzVsebDUP/Q9T1voL89C55c25ecS6znxePDePqOdZbeeJlfE8Mbf99Txxbnl6bvx6nj63PDq3f+p59NzmAXLjX3WsfF4/f75uooZMZXG11fm6YzaPTn99dr7y6MtyymebR/dNu1HfrwnyaACA91bM/+NlXMz/n8tsN9f32XPzgrletyd5f/Enjf/S4cor5zvvm++8dW7v/xbn9fM9L3G058XzPS80v/Nk7/u8OK1UXgwAwJEs5v896Xp+/j+3/KRZ/tY1JT+RnzeNLz8/QvLzI3T+K33fOvv3cOvx6/Nf8n/vixfL5P/d2XL5PwDA0S3m//HXHuPf//tP6Xr279a3kKd/qTGliPfJ0+XpQZ7eQp7e+Xm24HMA7+08QM/k9kfpPMC0cvMAAABHl66JTGn679l/Ol1mf88+7/fyr8jZvlWV9PL46p3bR0auvH7bxuGdI1duvW7jyI4rb9i+eefOka217eaaN+bmLWne2BUqaX803y6bty1J/x7Ckpy/h5DdPoY9eeLG9L+HkK22p+DvCEwev9bam3f8SjNs32x85B3vvPh/lrN9VD/+1/z52Vdu2nHl5q2bd24eHt28e2TqduNZa+8svjczdsusvi8182Oa0uy/v7Mz7ShNa0dX2h9538+eZNqxNG3J0rzvP8hp93f+y9/8xeljv3okhKETyh+cU/8la8f+4+Ujf7LzwA+2jbe/Z8b217dM21X0faXZ7eP+VEav27HzrE3XXb81+42S7YnzGaX6+jzNZ6RP/3KL8xMbcspn+zmF8rQbR6aW5ycAAJgivv8fr2fj+4dfSC+gYnnrefrc3j/OzdOHWsvTs99LVpSnZ7eP+9tqnl6dY56erb8oT2+2fbM8PS/vzov/pznbz1br42Run/PIHSdXtTZOst9nUDROstvPdpwkxeNkQc4uNa2/aJw0277ZOMk77nnxP5mzfZ7Wx8PcPpeTOx7ua208/HZmvWg8ZLef7XgozfG8ka2/aDw0277ZeMg7vnnxL83ZvlVTx8f4wJgYFyNX3nDd9s81bDff338x9/bN7/d/tKv19s/v577mv/3z+7my+W//3D5Xltv+l+Y2E9Z6++f3+13addjma9NX76LPnxXN467PKZ/tPO6CaTeOTOZx4b0T8//4dk/M/+9Ol51+G+jo/54032PWNH6Hvses6DrG6/kMlR0BOvN6foS/+QwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQAd2V5RPLA7fvOHTpSX/0nb8eeeeWP/6XLbf+1k1f/engNX/w7Ud7v/Lu/o2nbvrhHx53zZOfvWjf/f/wzNuLHv/1a4WB+yd+Vs5MV6shJG8kIVS/efBv79j/wonjZUkIoZz07wlhabLsmaVJJsLQL0MIG+vtnHrnY++cs2l8eevd3VPKl2SCZPcr9JVjexrbGcKNhXvEUaiajrPdh244K/zo99ff9r0VX/+nrr2v75ncJKk2jKcQFl/V+PiuEEJP+n9cHG3L44PT5boQQm/D4y4oaNdpLbZ/dc76yelyQbrsK4gT71+ZWS/Vt0gy61N1ZZa9BfXNVV472t2uyMLMevZkNFd57YzlS9PlN9LlmbOMX47/k1BKQqXe/NFkcoyEhuOWhGTiWFbr66X6sQ3p/mfWk8x6KbNeblj/f6U4NtOBVk4mx1dje0qZ8ng6rqTlpzaeq5u4LKf8A+mymj5R343rIXujpm/ajfp+TYjtOjhDWw6HUsM5qFl5/cCnB6MvLetLlk17zFgT8b796+9ZVd7w7IH+nHYkjyZp/KSt+Lu/u3ThZ7521/XL8+JfVUrjl9qK/+OLX3zziru+/EBu/Pti/HJb8c9+qveNi5+7fWVu/xyM/VNpK/7wa8/fu+L4q/fmtv/BGL/aVvy1+17sXnToqadz2z8U+6enrfivXvjxnzzy8hOv58YPMX5vW/E37Nv2+e6BQ2fkxn869k9fe+Pnrb3nvzIw8LPBvPgvxfiL2or/8J77P/rQkrsvyj2+62L/9LcV/5LTn7xt4aEnTsk7dyYPduqVE+D96bj0GuvOdL3dPHOuGvKFvx+s1K75Fqb/F3WyoozxehbPY3wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI5N37/53E9f/rFPrq8kISQ524w1Ee8rL1i7drCNeodfe/7eFcdfvbexbHkbcQAAAIBiMQ8v1UuqYXm4IekJJzfdPs4RnBzXJgq66+XZOYQYJztH0DxOKIxT6lCccofiVDoUp6tDcRZ0KE53h+JUC+JUQ2txemaIUxkfFS22p3fG9rQep69DcRZ2KM6iDsVZ3KE4SzoUp3/GOK2Pw6UdirOsQ3GO61Cc4zsU54QOxfmNDsU5sUNxsnPKsx2Hi9ItT8qLM3GjXBinkpTrdzSbTz8xreeUOdbTV1DPoqLX4xbr6WmxntMyjyvNsp5qi/X85hzrSVqs57fnWE+poJ44bm/Mti/WE9cm6+lpVk+Msys/zgOzeR7tbr09zeL8r3i9ddPc4tTbc3OH4vxlh+L8VYfi3DLHOACtivn/ZL7XH7orvxt60zNOdhYg5rsrQrgjafJ6l3dCivE+mClfMBmv6evntEQ9E29Ffvuax8tOIGTircyUd02JV6nnIzPEqzbGW5W5s3B/sxMKmfadmSnvLoqXnVgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHn0/ZvP/fTlH/vk+pCE8X9NjTUR7ysvWLt2sI1696+/Z1V5w7MHGsu6K20EAgAAAArFPLyrXlIN3ZU1oTtZMGW7ajoPUE3Xy/215cDisG58mQyWJtZ7k6UzPq6SPm71zi3bVu/YtftDm7cMXzty7cjWj6w5d835Q+edf97qTZtHR4ZqP0PoLogXQpiYftixa/fnhkdHR7bvqBWOt7+n4XHL08ctT9eT9HEDHw5D48tb0/YvK6ivNK2+Xa9cWLtrsqRDNwoPHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAv7JrdyFyneUDwN8zMzsz3Tb/7p9+TUOzHfJRohZN4lZSLd0DgoU2CVkKMlNdS7AJFjdNaJMS69hGbGuCIrQEQiQXRmKxtYjQD1vEfhCI1GjAjUHaor3QC6XVSlpyISkjOztnvjKTWceSTeLvd3E+nvd53+e852LhOTsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwlk1XxiZL4xPl4SiEqEdOtYtkLJ2N4+IAdb/44tbv5UZPLm+N5TIDLAQAAAD0lfThQ41IPuQy6ZAOV9fuFs8csvWB0Oz7AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/z3TlbHJ0vhE+eIohKhHTrWLZCydjePiAHXfeu/pT70+OvrX1lhhgHUAAACA/pI+PNWI5EMhLAlD0dVtecm3gYUd8zvzknUWzTGv89tBr7wlc8y7bo55H+mTt65+3hEAAADg/Jf0/5lGZCTkMgt69v/9+vok79qOvHT4Zu08yG8FAAAAgP9O0v/nGpFCyGUKIV2/m2u/v7gjL5nf7//2yfxlPeb3+3/+2vrZ/+kBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4PwxXRmbLI1PlNNRCFGPnGoXyVg6G8fFAequemn477cdemRxayyXGWAhAAAAoK+kD2+23vmQywyHoXBxre8fvWX/s59/9vmxEMJsm5/Nhh0btm27d9XsMclbeeTQ0HcPv/ONxjJJ3srZ47xsDgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+FBNV8YmS+MT5YuiEKIeOdUukrF0No6LA9R98zOf+/OTx194uzVWGGAdAAAAoL+kD2/2/vlQCNmQDVfW7lp7/Rmpjvm9vhkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF477vvbAVzdMTW2818V5fhGFEFoi2fl+Hhfn98V8/2UCAAA+bNeGKFT/Q1etn++nBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzgXTlbHJ0vhEOR+FEPXIqXaRjKWzcRwPUDd+8WhuwcmXXmmNFQZYBwAAAOgv6cObvX8+FMJQGApX1O66fROo9f8jZ/EhAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHPKdGVssjQ+UV4QhRD1yKl2kYyls3FcHKDuEzv3ffrgpd+5tTWWywywEAAAANBX0odnG5F8yGU+GnLhmvr9VPuEKF0/d/8u0Jy3tW3acPu8bOfk5rxK27z0nOvt6thZ82PCTF4+WW9k9tyYVzx9XrH2FmbnFUKjfLFtXtjTNmtBn+cMAAAAMI+S/j/XiIyEXCbX0uf+uC1/pGef+7NNZ/O5AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBzz3RlbLI0PlGOohCiHjnVLpKxdDaOiwPUfeA3/3/Jl36ye3trrDDAOgAAAEB/SR/e7P3zoRAWhf8Li2p9fxhpz0/y/lE6dfDxf/5leQgrrjw2mulc9gfJxa/evPnlzkMIqfbsVAiX1utFPer9+neP37+0eurJEFZckb7mtHrhzPXal4yrz5U2rt12+NjWPi8HAAAALgQzzXW9/x9qBEdCLnNPz/4/6bz79P8NtQb80vt3/vzy+rHekXfMSI3U66V61Pvs0qf/tGz1396Z6f/PVO8T+zYfvLyt4Gykc+dxdXzz9nXHbjiQSnY9Wz/dUT95L1/4+tv/2rTjsVOz9fMhX48vzHSrf/qxw0VxdSq1t7zmg72V9vqZHvt/5LevHP/lwt3vz9R/79rhRv3rzrD/M9cfvv3RPTfuO7SuvX4Iodit/rvv3xqu+sPdD3fuf7hj4dY333rsEMXVI4tPHFi9v3BTe/2oo37y/n96/Ik9P3rs288n9ZPfiixfMtf6qY76r+26bOerD61f2F4/1WP/L9/x+uiW4rd+37n/u9pWzfR8itP3/9T1z9z5xob4wc4hAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAC8t0ZWyyND5RTkUhRD1yql0kY+lsHBcHqPvWbUffvWP3D7/fGisMsA4AAADQX9KHN3v/fCiEbMiG4Vrf/1xp49pth49tDSOzo1H9nJnact+2j23asv2eu+bpyQEAAIC5Svr/TCMyEnKZpWGo3v+Pb96+7tgNB1JJ/59K+v9Nd09tXBEaea/tumznqw+tX9j4ThBC7WcB+Zm8Tzbzbrn56MiJP35lWde8Vc28I4tPHFi9v3BTkhda81aGxveJp65/5s43NsQPNp6vNe/jX94yVf88kaw7fPuje27cd2hdYx/183B93SRvKrW3vOaDvZUkL10/5+v7BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABON10ZmyyNT5RDOoSoR061i2QsnY3j4gB11yz9xcOXnHxhUWsslxlgIQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4N/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYb/+QqSq4jiAnzOz2447u7qrQVa0rlYU9pAURNRLRUVohNCTIWFpPkRBEFHYQ2toJFb0EmS9SFRQbSEU5CaJFmv0T3rpoYIC6yEQaaEcpIeMmTl3nL3ubequBdXnA3fPnHPv/d7fvffMvTsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPCvMtC3tNUe2v5g47bzbvrk8XuOP3bLe/dvveTR138Y33jDx3sGXzkxvWn55q9vXLJx372rp3a9ePCX4Xd+O9Iz+JF2szJ1ayHEYzGE2vszzz0x/ek5zbEYQqjGkYkQRuPig6Mxl7Dq1xDCpk6ds1e+ffzKzc12686BWeOLciH58wr1alZP28jsevlvqaV5tqXx8GXh2+vXbft82Vtv9k8enTi1Sax1zacQFm7o3r8/hLAgLU3ZbFua7ZzatSGEwa79ru5R14XNPycHetZ/eUH//NSeldp6j5xs/Ypcv5LbLt/P9OfawR7Hm6+iOspu18tQrp9/GM1XUZ3Z+Ghq303tyr+YX82WGCox9HXKvy+emiOh677FEFv3stbpVzr3NqTzz/Vjrl/J9av9ufNqHTdNtGqMs8ez7XLj2eO4L40v735Wz+H2gvFzU1tLX9QTWT/kP7TVT/vQOa+WrK6ZP6jln1DpegbNNd658elm1NNYPS4+bZ+Tc8jWTa976uLq+g8OjRTUEffElB9L5W/5bHTozjd2PLS0KH9DJeVXSuV/t+bwT3fseOmFwvxns/xqqfwr9g8eW/Ph9hWF12cmuz59pfLvOvLR08vOvnuy6A0Rd2f5ta782p/Ov27q8MBwY/+BwvpXZddnQan6v7n25u9f+3Lv0cL8kOUPlspfP/XAMwNjjUsL8w+0vwr11gwtMX9+nrzqq7GxH8eL8r/Irv/wHPmxZ/6rE7uueXnRztWF83Ntdn1GStV/60X7tg019l5Q9OyMu8/UmxPg/2lJ+h/rydQv+ztzvrp+Lzw/3td+Aw2lZfhMHiineZyFf2M+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8zg4ckAAAAAAI+v+6HYECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATwUAAP//i60U7g==") (rerun: 64)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000200)={'geneve0\x00', 0x1}) (async, rerun: 64)
r1 = add_key$keyring(&(0x7f0000000340), &(0x7f0000000180)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) (rerun: 64)
add_key(&(0x7f0000000240)='dns_resolver\x00', &(0x7f0000000080)={'syz', 0x1}, &(0x7f0000000280)="dee7030022cf5c6c7bc31bd2599759fafa9e5e1dbac27b0426fc0299c41fb9b9761a1b44dac894f365ae68edf335abf35ec53d6751467ebd2c187491bcab2c8d34fec505fc8a14622dba33ff9b054eb7e8a5bc4ab2719cb230328931deb95ef3fcafb1ce27743a93f4715976edec860ab49c3a4f51ab0124b50c3362201a307df03000", 0x83, r1) (async)
keyctl$search(0xa, r1, &(0x7f00000000c0)='dns_resolver\x00', &(0x7f0000000140)={'syz', 0x1, 0x2e}, 0xffffffffffffffff)
add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000100)="0f13899bf22cb83ddfa3b997dd3b56c63a6d7259db8b409871f6f55ddd4461c92423add7886af02a7811662e477b7af52f9b1bd0aa16ff73", 0x38, r1)
[ 85.007030][ T5319] Bluetooth: hci0: command tx timeout
[ 85.458885][ T5342] loop0: detected capacity change from 0 to 32768
[ 85.593065][ T5342] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nochanges,nojournal_transaction_names,noexcl,read_only,nocow
[ 85.593083][ T5342] allowing incompatible features above 0.0: (unknown version)
[ 85.593090][ T5342] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 85.613138][ T5342] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[ 85.618549][ T5342] bcachefs (loop0): invalid journal entry, version=1.7: mi_btree_bitmap type=clock in superblock: bad rw, fixing
[ 85.626420][ T5342] bcachefs (loop0): invalid bkey in superblock btree=xattrs level=1: u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 2285c34bed0abe32 written 16 min_key POS_MIN durability: 0 crc: c_size 1 size 1 offset 0 nonce 0 csum none 12010b:10004000b compress none
[ 85.626436][ T5342] has non ptr field, deleting
[ 85.641576][ T5342] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[ 85.645862][ T5342] bcachefs (loop0): Version upgrade from 1.3: rebalance_work to 1.7: mi_btree_bitmap incomplete
[ 85.645862][ T5342] Doing compatible version upgrade from 1.3: rebalance_work to 1.28: inode_has_case_insensitive
[ 85.645862][ T5342] running recovery passes: check_allocations,check_extents_to_backpointers,check_subvols,check_inodes,check_dirents
[ 85.717173][ T5342] bcachefs (loop0): btree node read error at btree inodes level 0/0
[ 85.717220][ T5342] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7589ab5e0c11cc7a written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0
[ 85.717229][ T5342] loop0 node offset 16/24: btree node data missing: expected 24 sectors, found 16
[ 85.717236][ T5342] repair success (rewriting node)
[ 85.740759][ T5342] bcachefs (loop0): btree node read error at btree subvolumes level 0/0
[ 85.740770][ T5342] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c0bef60d07ceb940 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0
[ 85.740775][ T5342] loop0 node offset 0/16 bset u64s 0: invalid bkey format: field 2 too large: 18446744073709551615 + 0 > 4294967295
[ 85.740780][ T5342] u64s 3 fields 64:0, 64:0, 64:0, 0:0, 0:0, 0:0
[ 85.740784][ T5342] flagging btree subvolumes lost data
[ 85.740787][ T5342] running recovery pass check_lrus (14), currently at recovery_pass_empty (0)
[ 85.740794][ T5342] running recovery pass check_backpointers_to_extents (16), currently at recovery_pass_empty (0)
[ 85.740800][ T5342] running recovery pass scan_for_btree_nodes (1), currently at recovery_pass_empty (0)
[ 85.740806][ T5342] ret btree_node_read_validate_error
[ 85.783665][ T5342] bcachefs (loop0): error reading btree root btree=subvolumes level=0: btree_node_read_error, fixing
[ 85.794175][ T5342] bcachefs (loop0): invalid bkey in btree_node btree=freespace level=0: u64s 5 type 129 0:32:0 len 0 ver 0
[ 85.794212][ T5342] size == 0, deleting
[ 85.803581][ T5342] bcachefs (loop0): error reading btree root btree=freespace level=0: btree_node_read_error, fixing
[ 85.812972][ T5342] bcachefs (loop0): check_topology...
[ 85.813166][ T5342] bcachefs (loop0): btree root subvolumes unreadable, must recover from scan
[ 85.822368][ T5342] bcachefs (loop0): running recovery pass scan_for_btree_nodes (1), currently at check_topology (2) - rewinding
[ 85.828534][ T5342] bcachefs (loop0): bch2_check_root(): error restart_recovery
[ 85.831897][ T5342] bcachefs (loop0): scan_for_btree_nodes...
[ 85.848531][ T5342] bcachefs (loop0): btree node scan found 6 nodes after overwrites
[ 85.857390][ T5342] done
[ 85.858794][ T5342] bcachefs (loop0): check_topology...
[ 85.859070][ T5342] bcachefs (loop0): btree root subvolumes unreadable, must recover from scan
[ 85.867708][ T5342] bcachefs (loop0): no nodes found for btree subvolumes, continuing
[ 85.872799][ T5342] done
[ 85.874171][ T5342] bcachefs (loop0): accounting_read... done
[ 85.879310][ T5342] bcachefs (loop0): alloc_read... done
[ 85.882091][ T5342] bcachefs (loop0): snapshots_read... done
[ 85.886248][ T5342] bcachefs (loop0): check_allocations...
[ 85.888685][ T5342] bcachefs (loop0): bucket 0:26 data type btree ptr gen 0 missing in alloc btree
[ 85.888713][ T5342] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0, fixing
[ 85.904964][ T5342] bcachefs (loop0): bucket 0:38 data type btree ptr gen 0 missing in alloc btree
[ 85.904978][ T5342] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7589ab5e0c11cc7a written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing
[ 85.919370][ T5342] bcachefs (loop0): bucket 0:41 data type btree ptr gen 0 missing in alloc btree
[ 85.919381][ T5342] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing
[ 85.932906][ T5342] bcachefs (loop0): bucket 0:32 gen 0 different types of data in same bucket: journal, btree
[ 85.932920][ T5342] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ebb8d5a9e3463bdb written 16 min_key POS_MIN durability: 1 ptr: 0:32:0 gen 0, fixing
[ 85.948218][ T5342] bcachefs (loop0): bucket 0:0 gen 0 data type sb has wrong dirty_sectors: got 256, should be 224, fixing
[ 85.955036][ T5342] bcachefs (loop0): bucket 0:0 gen 0 data type sb has wrong cached_sectors: got 458752, should be 0, fixing
[ 85.961464][ T5342] bcachefs (loop0): bucket 0:1 gen 0 has wrong data_type: got free, should be sb, fixing
[ 85.966071][ T5342] bcachefs (loop0): bucket 0:1 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 85.971268][ T5342] bcachefs (loop0): bucket 0:2 gen 0 has wrong data_type: got free, should be sb, fixing
[ 85.977009][ T5342] bcachefs (loop0): bucket 0:2 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 85.982258][ T5342] bcachefs (loop0): bucket 0:3 gen 0 has wrong data_type: got free, should be sb, fixing
[ 85.987520][ T5342] bcachefs (loop0): bucket 0:3 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 85.992858][ T5342] bcachefs (loop0): bucket 0:4 gen 0 has wrong data_type: got free, should be sb, fixing
[ 85.999918][ T5342] bcachefs (loop0): bucket 0:4 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 86.008181][ T5342] bcachefs (loop0): bucket 0:5 gen 0 has wrong data_type: got free, should be sb, fixing
[ 86.014231][ T5342] bcachefs (loop0): bucket 0:5 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 86.020699][ T5342] bcachefs (loop0): bucket 0:6 gen 0 has wrong data_type: got free, should be sb, fixing
[ 86.026344][ T5342] bcachefs (loop0): bucket 0:6 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 86.031903][ T5342] bcachefs (loop0): bucket 0:7 gen 0 has wrong data_type: got free, should be sb, fixing
[ 86.037763][ T5342] bcachefs (loop0): bucket 0:7 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 86.043380][ T5342] bcachefs (loop0): bucket 0:8 gen 0 has wrong data_type: got free, should be sb, fixing
[ 86.048580][ T5342] bcachefs (loop0): bucket 0:8 gen 0 data type sb has wrong dirty_sectors: got 0, should be 32, fixing
[ 86.056062][ T5342] bcachefs (loop0): bucket 0:16 gen 0 has wrong data_type: got free, should be sb, fixing
[ 86.060529][ T5342] bcachefs (loop0): bucket 0:16 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 86.066745][ T5342] bcachefs (loop0): bucket 0:17 gen 0 has wrong data_type: got free, should be sb, fixing
[ 86.071677][ T5342] bcachefs (loop0): bucket 0:17 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing
[ 86.071689][ T5342] Ratelimiting new instances of previous error
[ 86.082039][ T5342] bcachefs (loop0): bucket 0:18 gen 0 has wrong data_type: got free, should be sb, fixing
[ 86.082057][ T5342] Ratelimiting new instances of previous error
[ 86.121168][ T5342] done
[ 86.123015][ T5342] bcachefs (loop0): going read-write
[ 86.246489][ T5342] bcachefs (loop0): journal_replay...
[ 86.264935][ T1035] bcachefs (loop0): bucket incorrectly unset in freespace btree
[ 86.264968][ T1035] u64s 5 type deleted 0:9:0 len 0 ver 0, , continuing
[ 86.288489][ T1035] bcachefs (loop0): bucket incorrectly unset in freespace btree
[ 86.288516][ T1035] u64s 5 type deleted 0:10:0 len 0 ver 0, , continuing
[ 86.298001][ T1035] bcachefs (loop0): bucket incorrectly unset in freespace btree
[ 86.298020][ T1035] u64s 5 type deleted 0:12:0 len 0 ver 0, , continuing
[ 86.320534][ T1035] bcachefs (loop0): bucket incorrectly unset in freespace btree
[ 86.320551][ T1035] u64s 5 type deleted 0:25:0 len 0 ver 0, , continuing
[ 86.332677][ T5342] done
[ 86.334291][ T5342] bcachefs (loop0): check_alloc_info...
[ 86.336778][ T5342] bcachefs (loop0): hole in alloc btree missing in freespace btree
[ 86.336801][ T5342] device 0 buckets 11-12, fixing
[ 86.348418][ T5342] bcachefs (loop0): hole in alloc btree missing in freespace btree
[ 86.348427][ T5342] device 0 buckets 13-16, fixing
[ 86.356810][ T5342] bcachefs (loop0): bucket incorrectly unset in need_discard btree
[ 86.356819][ T5342] u64s 13 type alloc_v4 0:27:0 len 0 ver 0:
[ 86.356823][ T5342] gen 1 oldest_gen 0 data_type need_discard
[ 86.356827][ T5342] journal_seq_nonempty 4
[ 86.356832][ T5342] journal_seq_empty 0
[ 86.356837][ T5342] need_discard 1
[ 86.356842][ T5342] need_inc_gen 1
[ 86.356847][ T5342] dirty_sectors 0
[ 86.356852][ T5342] stripe_sectors 0
[ 86.356857][ T5342] cached_sectors 0
[ 86.356862][ T5342] stripe 0
[ 86.356868][ T5342] stripe_redundancy 0
[ 86.356873][ T5342] io_time[READ] 1
[ 86.356878][ T5342] io_time[WRITE] 256
[ 86.356883][ T5342] fragmentation 0
[ 86.356888][ T5342] bp_start 8
[ 86.356893][ T5342] , fixing
[ 86.405294][ T5342] bcachefs (loop0): incorrect gen in bucket_gens btree (got 0 should be 1)
[ 86.405315][ T5342] u64s 13 type alloc_v4 0:27:0 len 0 ver 0:
[ 86.405325][ T5342] gen 1 oldest_gen 0 data_type need_discard
[ 86.405331][ T5342] journal_seq_nonempty 4
[ 86.405337][ T5342] journal_seq_empty 0
[ 86.405342][ T5342] need_discard 1
[ 86.405348][ T5342] need_inc_gen 1
[ 86.405352][ T5342] dirty_sectors 0
[ 86.405357][ T5342] stripe_sectors 0
[ 86.405360][ T5342] cached_sectors 0
[ 86.405363][ T5342] stripe 0
[ 86.405367][ T5342] stripe_redundancy 0
[ 86.405370][ T5342] io_time[READ] 1
[ 86.405373][ T5342] io_time[WRITE] 256
[ 86.405377][ T5342] fragmentation 0
[ 86.405380][ T5342] bp_start 8
[ 86.405383][ T5342] , fixing
[ 86.462865][ T1035] bcachefs (loop0): bucket incorrectly unset in freespace btree
[ 86.462882][ T1035] u64s 5 type deleted 0:35:0 len 0 ver 0, , continuing
[ 86.480214][ T1035] bcachefs (loop0): bucket incorrectly unset in freespace btree
[ 86.480225][ T1035] u64s 5 type deleted 0:40:0 len 0 ver 0, , continuing
[ 86.488749][ T5342] bcachefs (loop0): hole in alloc btree missing in freespace btree
[ 86.488762][ T5342] device 0 buckets 29-31, fixing
[ 86.497095][ T5342] bcachefs (loop0): bucket incorrectly unset in need_discard btree
[ 86.497118][ T5342] u64s 13 type alloc_v4 0:31:0 len 0 ver 0:
[ 86.497122][ T5342] gen 0 oldest_gen 0 data_type need_discard
[ 86.497127][ T5342] journal_seq_nonempty 4
[ 86.497130][ T5342] journal_seq_empty 0
[ 86.497133][ T5342] need_discard 1
[ 86.497138][ T5342] need_inc_gen 1
[ 86.497143][ T5342] dirty_sectors 0
[ 86.497149][ T5342] stripe_sectors 0
[ 86.497154][ T5342] cached_sectors 0
[ 86.497174][ T5342] stripe 0
[ 86.497179][ T5342] stripe_redundancy 0
[ 86.497185][ T5342] io_time[READ] 1
[ 86.497190][ T5342] io_time[WRITE] 512
[ 86.497201][ T5342] fragmentation 0
[ 86.497207][ T5342] bp_start 8
[ 86.497212][ T5342] , fixing
[ 86.542020][ T5342] bcachefs (loop0): hole in alloc btree missing in freespace btree
[ 86.542036][ T5342] device 0 buckets 33-34, fixing
[ 86.550096][ T5342] bcachefs (loop0): bucket incorrectly unset in need_discard btree
[ 86.550108][ T5342] u64s 13 type alloc_v4 0:34:0 len 0 ver 0:
[ 86.550117][ T5342] gen 0 oldest_gen 0 data_type need_discard
[ 86.550123][ T5342] journal_seq_nonempty 5
[ 86.550129][ T5342] journal_seq_empty 134217728
[ 86.550135][ T5342] need_discard 1
[ 86.550141][ T5342] need_inc_gen 1
[ 86.550147][ T5342] dirty_sectors 0
[ 86.550153][ T5342] stripe_sectors 0
[ 86.550158][ T5342] cached_sectors 0
[ 86.550164][ T5342] stripe 0
[ 86.550170][ T5342] stripe_redundancy 0
[ 86.550176][ T5342] io_time[READ] 1
[ 86.550181][ T5342] io_time[WRITE] 512
[ 86.550187][ T5342] fragmentation 0
[ 86.550193][ T5342] bp_start 8
[ 86.550199][ T5342] , fixing
[ 86.597235][ T5342] bcachefs (loop0): hole in alloc btree missing in freespace btree
[ 86.597254][ T5342] device 0 buckets 36-37, fixing
[ 86.604003][ T5342] bcachefs (loop0): hole in alloc btree missing in freespace btree
[ 86.604019][ T5342] device 0 buckets 39-40, fixing
[ 86.611522][ T5342] bcachefs (loop0): hole in alloc btree missing in freespace btree
[ 86.611541][ T5342] device 0 buckets 43-120, fixing
[ 86.621858][ T5342] done
[ 86.624173][ T5342] bcachefs (loop0): check_lrus...
[ 86.626941][ T5342] bcachefs (loop0): incorrect lru entry: lru fragmentation time 134217728
[ 86.626955][ T5342] u64s 5 type set 18446462598867058688:6597069766690:0 len 0 ver 0
[ 86.626966][ T5342] for u64s 5 type deleted 0:6597069766690:0 len 0 ver 0, fixing
[ 86.649118][ T5342] done
[ 86.651192][ T5342] bcachefs (loop0): check_backpointers_to_extents... done
[ 86.658968][ T5342] bcachefs (loop0): check_extents_to_backpointers...
[ 86.660035][ T5342] bcachefs (loop0): scanning for missing backpointers in 3/128 buckets
[ 86.667608][ T5342] done
[ 86.670087][ T5342] bcachefs (loop0): check_subvols... done
[ 86.672916][ T5342] bcachefs (loop0): check_inodes...
[ 86.673091][ T5342] bcachefs (loop0): directory 4096:4294967295 with nonzero i_size -6917529027641081856, fixing
[ 86.685625][ T5342] bcachefs (loop0): reconstructing subvol 1 with root inode 4096
[ 86.689225][ T5342] bcachefs (loop0): reconstructing subvol 1 with root inode 4096
[ 86.693247][ T5342] bcachefs (loop0): reconstruct_subvol(): error getting snapshot tree 0 ENOENT_bkey_type_mismatch
[ 86.699298][ T5342] bcachefs (loop0): reconstructing subvol 1 with root inode 4096
[ 86.702716][ T5342] bcachefs (loop0): reconstruct_subvol(): error getting snapshot tree 0 ENOENT_bkey_type_mismatch
[ 86.710943][ T5342] bcachefs (loop0): reconstructing subvol 1 with root inode 4096
[ 86.714559][ T5342] bcachefs (loop0): reconstruct_subvol(): error getting snapshot tree 0 ENOENT_bkey_type_mismatch
[ 86.724317][ T5342] done
[ 86.732997][ T793] cfg80211: failed to load regulatory.db
[ 86.738446][ T5342] bcachefs (loop0): check_dirents...
[ 86.739321][ T5342] bcachefs (loop0): dirent points to missing inode:
[ 86.739332][ T5342] u64s 7 type dirent 4096:189491840996961599:U32_MAX len 0 ver 0: file0 -> 4098 type dir, fixing
[ 86.757412][ T5342] bcachefs (loop0): dirent points to missing inode:
[ 86.757429][ T5342] u64s 7 type dirent 4096:1896155912177158345:U32_MAX len 0 ver 0: file3 -> 536870913 type reg, fixing
[ 86.766643][ T5342] bcachefs (loop0): dirent points to missing inode:
[ 86.766657][ T5342] u64s 7 type dirent 4096:2695648408715017799:U32_MAX len 0 ver 0: file2 -> 536870913 type reg, fixing
[ 86.777055][ T5342] bcachefs (loop0): dirent points to missing inode:
[ 86.777067][ T5342] u64s 7 type dirent 4096:4330382808765833931:U32_MAX len 0 ver 0: file1 -> 536870912 type reg, fixing
[ 86.787741][ T5342] bcachefs (loop0): dirent points to missing inode:
[ 86.787754][ T5342] u64s 8 type dirent 4096:9097378837824744618:U32_MAX len 0 ver 0: file.cold -> 536870914 type reg, fixing
[ 87.046012][ T5319] Bluetooth: hci0: command tx timeout
[ 87.767823][ T5342] ==================================================================
[ 87.771650][ T5342] BUG: KASAN: use-after-free in bch2_check_dirents+0x1fac/0x33f0
[ 87.775340][ T5342] Read of size 1 at addr ffff888055180190 by task syz.0.0/5342
[ 87.779151][ T5342]
[ 87.780492][ T5342] CPU: 0 UID: 0 PID: 5342 Comm: syz.0.0 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full)
[ 87.780511][ T5342] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 87.780518][ T5342] Call Trace:
[ 87.780534][ T5342]
[ 87.780540][ T5342] dump_stack_lvl+0x189/0x250
[ 87.780557][ T5342] ? __virt_addr_valid+0x1c8/0x5c0
[ 87.780571][ T5342] ? rcu_is_watching+0x15/0xb0
[ 87.780584][ T5342] ? __kasan_check_byte+0x12/0x40
[ 87.780598][ T5342] ? __pfx_dump_stack_lvl+0x10/0x10
[ 87.780610][ T5342] ? rcu_is_watching+0x15/0xb0
[ 87.780622][ T5342] ? lock_release+0x4b/0x3e0
[ 87.780634][ T5342] ? __virt_addr_valid+0x1c8/0x5c0
[ 87.780647][ T5342] ? __virt_addr_valid+0x4a5/0x5c0
[ 87.780661][ T5342] print_report+0xd2/0x2b0
[ 87.780672][ T5342] ? bch2_check_dirents+0x1fac/0x33f0
[ 87.780684][ T5342] kasan_report+0x118/0x150
[ 87.780701][ T5342] ? bch2_check_dirents+0x1fac/0x33f0
[ 87.780715][ T5342] bch2_check_dirents+0x1fac/0x33f0
[ 87.780729][ T5342] ? bch2_check_dirents+0x2f1/0x33f0
[ 87.780741][ T5342] ? desc_read+0x1b8/0x3f0
[ 87.780755][ T5342] ? prb_first_seq+0xfd/0x1a0
[ 87.780767][ T5342] ? __pfx_bch2_check_dirents+0x10/0x10
[ 87.780778][ T5342] ? __pfx_prb_first_seq+0x10/0x10
[ 87.780791][ T5342] ? desc_read+0x1b8/0x3f0
[ 87.780804][ T5342] ? this_cpu_in_panic+0x4f/0x80
[ 87.780815][ T5342] ? _prb_read_valid+0xa07/0xa90
[ 87.780830][ T5342] ? console_flush_all+0x13a/0xc40
[ 87.780846][ T5342] ? up+0xde/0x150
[ 87.780909][ T5342] ? __console_unlock+0x14c/0x1a0
[ 87.780923][ T5342] ? __pfx___console_unlock+0x10/0x10
[ 87.780939][ T5342] ? prb_read_valid+0x3c/0x60
[ 87.780952][ T5342] ? console_unlock+0x21b/0x270
[ 87.780965][ T5342] ? __pfx_console_unlock+0x10/0x10
[ 87.780979][ T5342] ? vprintk_emit+0x63e/0x7a0
[ 87.780998][ T5342] ? __bch2_print+0x176/0x220
[ 87.781011][ T5342] ? bch2_check_dirents+0x2f1/0x33f0
[ 87.781024][ T5342] ? _raw_spin_unlock_irq+0x23/0x50
[ 87.781038][ T5342] ? lockdep_hardirqs_on+0x9c/0x150
[ 87.781055][ T5342] __bch2_run_recovery_passes+0x392/0x1010
[ 87.781074][ T5342] bch2_run_recovery_passes+0x184/0x210
[ 87.781088][ T5342] bch2_fs_recovery+0x2690/0x3a50
[ 87.781099][ T5342] ? check_noncircular+0xe0/0x160
[ 87.781117][ T5342] ? __pfx_bch2_fs_recovery+0x10/0x10
[ 87.781131][ T5342] ? __lock_acquire+0xab9/0xd20
[ 87.781145][ T5342] ? __lock_acquire+0xab9/0xd20
[ 87.781159][ T5342] ? __lock_acquire+0xab9/0xd20
[ 87.781176][ T5342] ? bch2_fs_start+0xa0f/0xda0
[ 87.781190][ T5342] ? up_write+0x1c4/0x420
[ 87.781204][ T5342] ? bch2_fs_start+0x5e7/0xda0
[ 87.781218][ T5342] bch2_fs_start+0xaaf/0xda0
[ 87.781232][ T5342] ? bch2_fs_start+0x5e7/0xda0
[ 87.781248][ T5342] ? __pfx_bch2_fs_start+0x10/0x10
[ 87.781269][ T5342] ? sget+0x267/0x620
[ 87.781284][ T5342] bch2_fs_get_tree+0xb39/0x1520
[ 87.781306][ T5342] ? __pfx_bch2_fs_get_tree+0x10/0x10
[ 87.781322][ T5342] ? aa_get_newest_label+0xf7/0x5d0
[ 87.781340][ T5342] ? vfs_parse_monolithic_sep+0x2df/0x310
[ 87.781356][ T5342] ? apparmor_capable+0x137/0x1b0
[ 87.781369][ T5342] vfs_get_tree+0x92/0x2b0
[ 87.781381][ T5342] do_new_mount+0x24a/0xa40
[ 87.781397][ T5342] __se_sys_mount+0x317/0x410
[ 87.781413][ T5342] ? __pfx___se_sys_mount+0x10/0x10
[ 87.781427][ T5342] ? do_syscall_64+0xbe/0x3b0
[ 87.781438][ T5342] ? __x64_sys_mount+0x20/0xc0
[ 87.781453][ T5342] do_syscall_64+0xfa/0x3b0
[ 87.781462][ T5342] ? lockdep_hardirqs_on+0x9c/0x150
[ 87.781477][ T5342] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.781488][ T5342] ? clear_bhb_loop+0x60/0xb0
[ 87.781499][ T5342] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.781513][ T5342] RIP: 0033:0x7fde9a3900ca
[ 87.781535][ T5342] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 87.781547][ T5342] RSP: 002b:00007fde9b243e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 87.781560][ T5342] RAX: ffffffffffffffda RBX: 00007fde9b243ef0 RCX: 00007fde9a3900ca
[ 87.781569][ T5342] RDX: 00002000000000c0 RSI: 0000200000000080 RDI: 00007fde9b243eb0
[ 87.781579][ T5342] RBP: 00002000000000c0 R08: 00007fde9b243ef0 R09: 0000000000818001
[ 87.781587][ T5342] R10: 0000000000818001 R11: 0000000000000246 R12: 0000200000000080
[ 87.781594][ T5342] R13: 00007fde9b243eb0 R14: 00000000000059cb R15: 0000200000000300
[ 87.781608][ T5342]
[ 87.781612][ T5342]
[ 87.995411][ T5342] The buggy address belongs to the physical page:
[ 87.998385][ T5342] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x55180
[ 88.002422][ T5342] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[ 88.006013][ T5342] page_type: f0(buddy)
[ 88.008257][ T5342] raw: 04fff00000000000 ffff88805ffd6f08 ffff88805ffd6f08 0000000000000000
[ 88.012848][ T5342] raw: 0000000000000000 0000000000000005 00000000f0000000 0000000000000000
[ 88.016935][ T5342] page dumped because: kasan: bad access detected
[ 88.019777][ T5342] page_owner tracks the page as freed
[ 88.022332][ T5342] page last allocated via order 5, migratetype Unmovable, gfp_mask 0x42800(GFP_NOWAIT|__GFP_COMP), pid 5342, tgid 5341 (syz.0.0), ts 85736744514, free_ts 86798721640
[ 88.029779][ T5342] post_alloc_hook+0x240/0x2a0
[ 88.031865][ T5342] get_page_from_freelist+0x21e4/0x22c0
[ 88.034327][ T5342] __alloc_frozen_pages_noprof+0x181/0x370
[ 88.036821][ T5342] __alloc_pages_noprof+0xa/0x30
[ 88.039155][ T5342] ___kmalloc_large_node+0x85/0x210
[ 88.041300][ T5342] __kmalloc_large_node_noprof+0x18/0x90
[ 88.044005][ T5342] __kvmalloc_node_noprof+0x6d/0x5f0
[ 88.046676][ T5342] bch2_btree_node_read_done+0x3305/0x5520
[ 88.049434][ T5342] btree_node_read_work+0x426/0xe30
[ 88.051745][ T5342] bch2_btree_node_read+0x887/0x2a00
[ 88.054624][ T5342] bch2_btree_root_read+0x5f0/0x760
[ 88.057407][ T5342] read_btree_roots+0x2c6/0x840
[ 88.059630][ T5342] bch2_fs_recovery+0x261f/0x3a50
[ 88.061879][ T5342] bch2_fs_start+0xaaf/0xda0
[ 88.064075][ T5342] bch2_fs_get_tree+0xb39/0x1520
[ 88.066463][ T5342] vfs_get_tree+0x92/0x2b0
[ 88.068386][ T5342] page last free pid 5342 tgid 5341 stack trace:
[ 88.072696][ T5342] __free_pages_ok+0xa44/0xc20
[ 88.074721][ T5342] __folio_put+0x21b/0x2c0
[ 88.076828][ T5342] free_large_kmalloc+0x145/0x200
[ 88.079099][ T5342] btree_node_sort+0x117f/0x1760
[ 88.081323][ T5342] bch2_btree_post_write_cleanup+0x11f/0xad0
[ 88.084175][ T5342] bch2_btree_node_prep_for_write+0x337/0x650
[ 88.087072][ T5342] bch2_trans_lock_write+0x669/0xba0
[ 88.089416][ T5342] __bch2_trans_commit+0x2773/0x8870
[ 88.092039][ T5342] bch2_check_dirents+0x1c5c/0x33f0
[ 88.094833][ T5342] __bch2_run_recovery_passes+0x392/0x1010
[ 88.098147][ T5342] bch2_run_recovery_passes+0x184/0x210
[ 88.101051][ T5342] bch2_fs_recovery+0x2690/0x3a50
[ 88.103590][ T5342] bch2_fs_start+0xaaf/0xda0
[ 88.106195][ T5342] bch2_fs_get_tree+0xb39/0x1520
[ 88.108805][ T5342] vfs_get_tree+0x92/0x2b0
[ 88.110934][ T5342] do_new_mount+0x24a/0xa40
[ 88.113372][ T5342]
[ 88.114680][ T5342] Memory state around the buggy address:
[ 88.117658][ T5342] ffff888055180080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 88.121240][ T5342] ffff888055180100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 88.124879][ T5342] >ffff888055180180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 88.128908][ T5342] ^
[ 88.131369][ T5342] ffff888055180200: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 88.135696][ T5342] ffff888055180280: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 88.139630][ T5342] ==================================================================
[ 88.158413][ T5342] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 88.162600][ T5342] CPU: 0 UID: 0 PID: 5342 Comm: syz.0.0 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full)
[ 88.168752][ T5342] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 88.174316][ T5342] Call Trace:
[ 88.176207][ T5342]
[ 88.177954][ T5342] dump_stack_lvl+0x99/0x250
[ 88.180720][ T5342] ? __asan_memcpy+0x40/0x70
[ 88.183023][ T5342] ? __pfx_dump_stack_lvl+0x10/0x10
[ 88.185719][ T5342] ? __pfx__printk+0x10/0x10
[ 88.188145][ T5342] panic+0x2db/0x790
[ 88.190297][ T5342] ? __pfx_panic+0x10/0x10
[ 88.192445][ T5342] ? _raw_spin_unlock_irqrestore+0xfd/0x110
[ 88.195392][ T5342] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 88.198486][ T5342] ? print_memory_metadata+0x314/0x400
[ 88.201225][ T5342] ? bch2_check_dirents+0x1fac/0x33f0
[ 88.203868][ T5342] check_panic_on_warn+0x89/0xb0
[ 88.206254][ T5342] ? bch2_check_dirents+0x1fac/0x33f0
[ 88.208655][ T5342] end_report+0x78/0x160
[ 88.210530][ T5342] kasan_report+0x129/0x150
[ 88.212779][ T5342] ? bch2_check_dirents+0x1fac/0x33f0
[ 88.215302][ T5342] bch2_check_dirents+0x1fac/0x33f0
[ 88.217803][ T5342] ? bch2_check_dirents+0x2f1/0x33f0
[ 88.220345][ T5342] ? desc_read+0x1b8/0x3f0
[ 88.222541][ T5342] ? prb_first_seq+0xfd/0x1a0
[ 88.224776][ T5342] ? __pfx_bch2_check_dirents+0x10/0x10
[ 88.227316][ T5342] ? __pfx_prb_first_seq+0x10/0x10
[ 88.229908][ T5342] ? desc_read+0x1b8/0x3f0
[ 88.232688][ T5342] ? this_cpu_in_panic+0x4f/0x80
[ 88.235173][ T5342] ? _prb_read_valid+0xa07/0xa90
[ 88.237612][ T5342] ? console_flush_all+0x13a/0xc40
[ 88.240542][ T5342] ? up+0xde/0x150
[ 88.242306][ T5342] ? __console_unlock+0x14c/0x1a0
[ 88.244939][ T5342] ? __pfx___console_unlock+0x10/0x10
[ 88.248164][ T5342] ? prb_read_valid+0x3c/0x60
[ 88.250590][ T5342] ? console_unlock+0x21b/0x270
[ 88.253007][ T5342] ? __pfx_console_unlock+0x10/0x10
[ 88.255235][ T5342] ? vprintk_emit+0x63e/0x7a0
[ 88.257522][ T5342] ? __bch2_print+0x176/0x220
[ 88.259873][ T5342] ? bch2_check_dirents+0x2f1/0x33f0
[ 88.262566][ T5342] ? _raw_spin_unlock_irq+0x23/0x50
[ 88.265333][ T5342] ? lockdep_hardirqs_on+0x9c/0x150
[ 88.267908][ T5342] __bch2_run_recovery_passes+0x392/0x1010
[ 88.270939][ T5342] bch2_run_recovery_passes+0x184/0x210
[ 88.273672][ T5342] bch2_fs_recovery+0x2690/0x3a50
[ 88.276318][ T5342] ? check_noncircular+0xe0/0x160
[ 88.278910][ T5342] ? __pfx_bch2_fs_recovery+0x10/0x10
[ 88.281412][ T5342] ? __lock_acquire+0xab9/0xd20
[ 88.283696][ T5342] ? __lock_acquire+0xab9/0xd20
[ 88.285762][ T5342] ? __lock_acquire+0xab9/0xd20
[ 88.288274][ T5342] ? bch2_fs_start+0xa0f/0xda0
[ 88.290803][ T5342] ? up_write+0x1c4/0x420
[ 88.292884][ T5342] ? bch2_fs_start+0x5e7/0xda0
[ 88.295306][ T5342] bch2_fs_start+0xaaf/0xda0
[ 88.297730][ T5342] ? bch2_fs_start+0x5e7/0xda0
[ 88.299983][ T5342] ? __pfx_bch2_fs_start+0x10/0x10
[ 88.302294][ T5342] ? sget+0x267/0x620
[ 88.304341][ T5342] bch2_fs_get_tree+0xb39/0x1520
[ 88.306654][ T5342] ? __pfx_bch2_fs_get_tree+0x10/0x10
[ 88.309441][ T5342] ? aa_get_newest_label+0xf7/0x5d0
[ 88.312155][ T5342] ? vfs_parse_monolithic_sep+0x2df/0x310
[ 88.315210][ T5342] ? apparmor_capable+0x137/0x1b0
[ 88.317664][ T5342] vfs_get_tree+0x92/0x2b0
[ 88.319878][ T5342] do_new_mount+0x24a/0xa40
[ 88.322275][ T5342] __se_sys_mount+0x317/0x410
[ 88.324726][ T5342] ? __pfx___se_sys_mount+0x10/0x10
[ 88.327328][ T5342] ? do_syscall_64+0xbe/0x3b0
[ 88.329949][ T5342] ? __x64_sys_mount+0x20/0xc0
[ 88.332767][ T5342] do_syscall_64+0xfa/0x3b0
[ 88.335540][ T5342] ? lockdep_hardirqs_on+0x9c/0x150
[ 88.338478][ T5342] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.342067][ T5342] ? clear_bhb_loop+0x60/0xb0
[ 88.344676][ T5342] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.347785][ T5342] RIP: 0033:0x7fde9a3900ca
[ 88.349963][ T5342] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 88.358569][ T5342] RSP: 002b:00007fde9b243e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 88.362194][ T5342] RAX: ffffffffffffffda RBX: 00007fde9b243ef0 RCX: 00007fde9a3900ca
[ 88.365891][ T5342] RDX: 00002000000000c0 RSI: 0000200000000080 RDI: 00007fde9b243eb0
[ 88.369846][ T5342] RBP: 00002000000000c0 R08: 00007fde9b243ef0 R09: 0000000000818001
[ 88.374092][ T5342] R10: 0000000000818001 R11: 0000000000000246 R12: 0000200000000080
[ 88.378237][ T5342] R13: 00007fde9b243eb0 R14: 00000000000059cb R15: 0000200000000300
[ 88.382312][ T5342]
[ 88.384331][ T5342] Kernel Offset: disabled
[ 88.386320][ T5342] Rebooting in 86400 seconds..