last executing test programs: 8m19.686220155s ago: executing program 4 (id=646): r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000140), 0x400, 0x0) ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000200)=0x7) r1 = syz_io_uring_setup(0xed0, &(0x7f0000000400)={0x0, 0x0, 0x10300}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r1, 0xa3d, 0x0, 0x0, 0x0, 0xff39) ioctl$SNDCTL_DSP_STEREO(r0, 0xc0045003, &(0x7f00000000c0)) 8m17.235999698s ago: executing program 4 (id=651): r0 = syz_usb_connect(0x0, 0x2d, &(0x7f00000003c0)=ANY=[@ANYBLOB="120100009ac0b620110f211066865578ac0109029c000100000400090400bf900b64ea00090587033b"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_disconnect(r0) syz_open_dev$char_usb(0xc, 0xb4, 0x0) syz_usb_disconnect(r0) 8m12.801485447s ago: executing program 4 (id=664): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c000000020000000000000002000004ffffffff0000000003000000000000000000000003000000e5000000000000000000000200000000000000000000000602"], 0x0, 0x56, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = dup(r2) ioctl$KVM_SET_MSRS(r3, 0x4048aecb, &(0x7f00000000c0)=ANY=[@ANYRES64=r0]) 8m11.891655326s ago: executing program 4 (id=667): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000040)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}, {@journal_dev={'journal_dev', 0x3d, 0x8000}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x200000}}, {@minixdf}, {@resgid}, {@grpquota}, {@usrjquota}]}, 0x7, 0x44a, &(0x7f0000000400)="$eJzs281vG0UbAPBn10n6vv1KKOWjpUCgQkR8JE1aoAcuIJA4FIEEh3IMTlpVdRvUBIlWFQ0IlQsSqgRnxBGJv4AbFwSckLjCHVWqoJcWTkG73m1t106b1rFD/ftJm8x4x555PDve2R07gIE1nv1JIrZGxG8RMVrPNhcYr/+7evls9e/LZ6tJrKy89WeSl7ty+Wy1LFo+b0uRmUgj0k+SopJmi6fPHJ+t1eZPFfmppRPvTS2ePvPssROzR+ePzp+cOXjwwP7pF56fea4rcWZxXdn94cKeXa+9c+H16uEL7/70bdbercX+xji6ZTwL/K+VXOu+J7pdWZ9ta0gnQ31sCGtSiYisu4bz8T8albjeeaPx6sd9bRywrrJz06bOu5dXgLtYEv1uAdAf5Yk+u/4ttx5NPTaESy/VL4CyuK8WW33PUKRFmeGW69tuGo+Iw8v/fJVtsU73IQAAGn1W/fJQPNNu/pfG/Q3lthdrKGMRcU9E7IiIeyNiZ0TcF5GXfSAiHlxj/a1LQzfOf9KLtxXYLcrmfy8Wa1vN879y9hdjlSK3LY9/ODlyrDa/r3hPJmJ4U5afXqWO71/59fNO+xrnf9mW1V/OBYt2XBxquUE3N7s0m09Ku+DSRxG7h9rFn1xbCUgiYldE7F7bS28vE8ee+mZPp0I3j38VXVhnWvk64sl6/y9HS/ylZPX1yan/RW1+31R5VNzo51/Ov9mp/juKvwuy/t/cfPy3FhlLGtdrF9dex/nfP+14TXO7x/9I8nbeLyPFYx/MLi2dmo4YSQ7l+abHZ64/t8yX5bP4J/a2H/87iudk9TwUEdlB/HBEPBIRjxZtfywiHo+IvavE/+PLnfdthP6fa/v5d+34b+n/tScqx3/4rlP9t9b/B/LURPFI/vl3E7fawDt57wAAAOC/Is2/A5+kk9fSaTo5Wf8O/87YnNYWFpeePrLw/sm5+nflx2I4Le90jTbcD51OlotXrOdninvF5f79xX3jLyr/z/OT1YXaXJ9jh0G3pcP4z/xR6XfrgHXXbh1tZqQPDQF6rnX8p83Zc2/0sjFAT/m9Ngyum4z/tFftAHrP+R8GV7vxf64lby0A7k7O/zC4jH8YXMY/DC7jHwbSnfyuX2KQE5FuiGZIrFOi359MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3fFvAAAA//+uEO7O") mount$overlay(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) chdir(&(0x7f0000000240)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) ioctl$EXT4_IOC_GET_ES_CACHE(r0, 0xc020660b, &(0x7f0000000000)={0x0, 0xffffffff004}) 8m10.448942896s ago: executing program 4 (id=674): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000a0db000000000000000000850000000e000000d50000002a00c50095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f00000000c0)='netlink_extack\x00', r0}, 0x11) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=@ipv4_newaddr={0x34, 0x14, 0x509, 0x0, 0x0, {0x2, 0x1, 0x0, 0xff, r3}, [@IFA_LOCAL={0x8, 0x2, @broadcast}, @IFA_LABEL={0x14, 0x3, 'bond0\x00'}]}, 0x34}}, 0x0) 8m9.671532553s ago: executing program 4 (id=677): r0 = io_uring_setup(0x30d3, &(0x7f00000000c0)={0x0, 0xed7, 0x2, 0x0, 0x8017}) r1 = socket$qrtr(0x2a, 0x2, 0x0) connect$qrtr(r1, &(0x7f0000000080), 0xc) read(r1, &(0x7f0000000180)=""/52, 0xfffffdef) setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000000200)=0x44be, 0x4) close_range(r0, 0xffffffffffffffff, 0x0) 8m9.057483446s ago: executing program 32 (id=677): r0 = io_uring_setup(0x30d3, &(0x7f00000000c0)={0x0, 0xed7, 0x2, 0x0, 0x8017}) r1 = socket$qrtr(0x2a, 0x2, 0x0) connect$qrtr(r1, &(0x7f0000000080), 0xc) read(r1, &(0x7f0000000180)=""/52, 0xfffffdef) setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000000200)=0x44be, 0x4) close_range(r0, 0xffffffffffffffff, 0x0) 7m6.358083896s ago: executing program 3 (id=954): syz_mount_image$bfs(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000140)={[], [{@seclabel}]}, 0x11, 0x8d, &(0x7f00000004c0)="$eJzszjEOAQEQBdBvG6LYCyjcwB0cRZR0KiJxIldxBDdQaCWyEhPNtooVeS+ZSf5M8y+P8yxt0p2Srme3P2xW29rhLzVJxslzkmTeVr4t6zeqmOv9uP7MwHUBAIAvNFn08/swHaoQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwI95BQAA///lFiRZ") bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0xa, 0x0, 0x0, &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={0x0, 0xa0}}, 0x0) r0 = socket(0x10, 0x3, 0x0) sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYRESDEC, @ANYRESDEC=r0, @ANYRESHEX=r0, @ANYRESHEX=r0, @ANYRES8=r0], 0x6c}, 0x1, 0x0, 0x0, 0x24000090}, 0x0) socket$inet_udp(0x2, 0x2, 0x0) socket(0x11, 0x3, 0x9) r1 = fsopen(&(0x7f0000000040)='fusectl\x00', 0x0) r2 = fsmount(r1, 0x0, 0x0) dup2(r1, r2) fsconfig$FSCONFIG_SET_FLAG(r2, 0x5, &(0x7f00000020c0)='ro\x00', 0x0, 0x0) chown(0x0, 0x0, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x4c, 0x2, 0x6, 0x201, 0x0, 0x0, {0x0, 0x0, 0x6}, [@IPSET_ATTR_REVISION={0x5, 0x4, 0x2}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000004}, 0x4000) 7m5.175875533s ago: executing program 3 (id=956): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r1, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x15, 0x17, 0xee, 0x40, 0xaf0, 0x7a05, 0x0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xff, 0x5, 0x49}}]}}]}}, 0x0) syz_usb_control_io$uac1(r3, 0x0, &(0x7f0000000cc0)={0x44, &(0x7f0000000ac0)={0x0, 0x0, 0x11, "0790fcc6c83ed711efba22764d06f291ef"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000002380)=ANY=[@ANYBLOB="48000000100001040400"/20, @ANYRES32, @ANYBLOB="0111000000000000200037800bf503006261740a00000000100002802141544d414e5f56050027000000000000000000"], 0x48}, 0x1, 0x0, 0x0, 0x804}, 0x800) r4 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103383) r5 = memfd_create(&(0x7f0000001e00)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xefE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xd1\xa7@\xa1_B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7<\x7f\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xb0\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcd\x90\x95\xdd\x8a\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x17\x94\xdfW\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1d0xffffffffffffffff, {0x6}}, './file0\x00'}) pipe(&(0x7f00000045c0)={0xffffffffffffffff}) r5 = socket$inet(0x2, 0x3, 0x7f) bind$inet(r5, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10) setsockopt$inet_int(r5, 0x0, 0x3, &(0x7f0000000080)=0x6, 0x4) connect$inet(r5, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10) splice(r4, 0x0, r5, 0x0, 0xe8, 0x0) pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r7, &(0x7f0000000500)=ANY=[@ANYBLOB="090000006bffff"], 0x15) r8 = dup(r7) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r8}}) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r9, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000002c0)=@bpf_tracing={0x1a, 0x7, &(0x7f0000000040)=@raw=[@map_fd={0x18, 0x0, 0x1, 0x0, r0}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, @initr0={0x18, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x101}, @jmp={0x5, 0x0, 0xa, 0x0, 0x0, 0xfffffffffffffffc}], &(0x7f0000000080)='syzkaller\x00', 0x6, 0x0, 0x0, 0x41000, 0x61, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, &(0x7f00000000c0)={0x3, 0x4}, 0x8, 0x10, &(0x7f0000000100)={0x1, 0x7, 0x0, 0x9}, 0x10, 0x2936d, r3, 0x9, &(0x7f00000001c0)=[r4, r8, r9], &(0x7f0000000200)=[{0x1, 0x3, 0x6, 0xb}, {0x4, 0x1, 0xc, 0xc}, {0x2, 0x2, 0xa, 0x1}, {0x2, 0x4, 0x7, 0xc}, {0x3, 0x1, 0x6, 0x5029c455d6adf968}, {0x3, 0x4, 0xb, 0x3}, {0x1, 0x2, 0x7, 0x9}, {0x5, 0x2, 0x4, 0x3}, {0x3, 0x4, 0x8, 0x4}], 0x10, 0x7, @void, @value}, 0x94) 34.249496123s ago: executing program 0 (id=2695): r0 = syz_open_dev$vim2m(&(0x7f00000002c0), 0x5, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x2, 0x0, 0x4}) 33.747870505s ago: executing program 0 (id=2696): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'syz_tun\x00', 0x0}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) read$FUSE(0xffffffffffffffff, &(0x7f0000000c80)={0x2020, 0x0, 0x0, 0x0}, 0x2020) quotactl_fd$Q_GETFMT(0xffffffffffffffff, 0xffffffff80000402, r1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000c40)="c10e020022003505d25a806f8c6394f90435fc60040011000a740100053582c137153e37024801", 0x27}], 0x1}, 0x0) syz_open_dev$MSR(&(0x7f0000000140), 0x401, 0x0) r3 = socket$kcm(0x10, 0x3, 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) fcntl$notify(r4, 0x402, 0x4) fcntl$notify(r4, 0x402, 0x60) setsockopt$inet_sctp_SCTP_AUTH_CHUNK(r4, 0x84, 0x15, &(0x7f0000000100)={0x1}, 0x1) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x92c0199, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003e000b05d25a806c8c6f94f90224fc60100005000a000200053582c137153e37000c0980fc0b10000300", 0x33fe0}], 0x1}, 0x0) syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f00000007c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000940)=ANY=[@ANYBLOB="6e6c733d69736f383835392d31352c6e6f626172726965722c63726561746f723dbd3c66f52c7569643d", @ANYRESHEX=0x0, @ANYBLOB=',force,umask=00000000000000000006745,decompose,barrier,force,gid=', @ANYRESHEX=0xee00, @ANYBLOB="00c9"], 0x3, 0x6a4, &(0x7f0000000100)="$eJzs3U9sHFcdB/DvbDbrbJBS918aEFKtRqqgEYmdVUmQkBoQQjlEKIJLr1biNFY2aeW4KK0Q2QAFiRMn1AOHIhQOPSGEkMoJUc5ISFw4+R6JG4ccAKOZnV2v7Y1jJ7HXbT8faTzv7Zv33m9+nT+7s402wGfW+ddzsJci509cuFXWV+52uit3O9cH5SRTSRpJs79K0U6Kj5Nz6S/5fPliPVzxoHlevfdR0Xz/w06/1qyXavvGVv02GbtlLzk0rBxIMtMv/mfbw24ar1qqcS6tjfeIimHcZcKODxIHk7a6SW+tsfHQ7ts/b4F963b/vrnJdHI4/btr+T4g9dXh4VeGydvy2tTbuzgAAABgt4z9LD/qqfu5n1s5sjfhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKdD0f/NwKJeGoPyTIrB7/+3Rn5TvzXhcB/Te1eq1XefmnQgAAAAAAAAAPBYXryf+7mVI4P6alF95/9SVXmu+vu5vJ2bWchSTuZW5rOc5SxlLsn0yECtW/PLy0tzm3v+MmXP1dXV23XP02N7nl4fV29joOP+T4NNGwEAAAAAAADAZ9aPcn7t+38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgPiuRAf1Utzw3K02k0kxxK0ipmhpu3JhrsE/DnSQcAAAAAu69dr48U/+sXVovqM//R6nP/obydG1nOYpbTzUIuV88C+p/6G3/vdbordzvXy2XzwN/4147iqEZM/9nD+Jlnqy2eH/Y4n2/nezmRmVzMUhbz/cxnOQuZybeq0nyKTNdPL6ZX7rYziHVzvOfW1S5ujO3FkXIZ37EqknauZLGK7WQutQahN+rtjo3M9sdWsmHGO2V2itdq28zR5Xpd7tEv6vX+MF3t+cFhRmbr3JfZeHo075tzv8PjZONMc2kMn0E9tzZLWd040yPl/HC9LnP9093N+Q4fpa3PRO/nZW1w9B3dOufJl//xl4tXGzeuXb1y88T+OYwe0cZjojOSiRe2lYlumYneY2Ti0OPE/+S06mz0r6I7u1q+VPU9ksV8J2/mchZyJrOZy9nM5ms5nU5Oj+T1+a3zWp1rjZ2da8e/VBfKe9LPRu5Ne2bqQQ1lXp8eyevolW66aht9ZS1Lz2wjS0Ur47P0z7GhNL9QF8o5fjxyx5m8jZmYG8nEs1tn4tf/XU1ys3vj2tLV+be2Od/L9bo8bd9bf23+zRPZoZ2rd7c8Xp4p/2Olf9sYPTrKtmcHbRvy1aq/cWnWg61ra6U6n/ttDztTy5GO3hk3Ur/thbGzdKq2YyNt697l5M10h+9CANjHDr9yuNW+1/5b+4P2T9pX2xcOfXPq7NQXWzn41+afDvyu8dvG14tX8kF+mCOTjhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4Nbr7z7rX5bndhaR8W0njCA94Z2zRIRf+V1v7Y909qYWqrI+r3Sbbo3ppEzO0k+yJ1ae7BXFMZ03Rh+Eo7aQzjSXJtn/zAHbAbTi1ff+vUzXfe/cri9fk3Ft5YuHH67JnXznS+Onf71JXF7sJs/++kowR2w9rbgElHAgAAAAAAAAAAAGzXXvzzhjHTFr0J7CsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwyXT+9Rzspcjc7MnZsr5yt9Mtl0F5bctmkkaS4gdJ8XFyLv0l0yPDFQ+a59V7H/3q5fc/7KyN1Rxs39jQ7w//Xl3d4V706iUzSQ7U64eb2tZ4l0bG6+0wsL5iuIdlwo4PEgeT9v8AAAD//x5LB84=") r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) getdents(r5, &(0x7f00000000c0)=""/43, 0x60) syz_usb_connect(0x3, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010003095a6c209911aa6870a40102030109021200017d03800309b058065dc5a9e4"], &(0x7f0000000c00)={0x0, 0x0, 0x0, 0x0}) 21.691964734s ago: executing program 2 (id=2714): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000ff4ae0086d04dd08f4ff0802030109021200"], 0x0) r1 = syz_io_uring_setup(0x4907, &(0x7f0000000700)={0x0, 0x1b55, 0x840, 0x2, 0xe7}, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r2, &(0x7f0000000340)={0xa, 0x14e24, 0xa, @rand_addr, 0x400}, 0x1c) recvmmsg(r2, &(0x7f0000000680)=[{{0x0, 0x0, &(0x7f0000000340), 0x0, &(0x7f0000000580)=""/226, 0xe2}, 0x9}], 0x1, 0x0, 0x0) connect$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e24, 0x0, @dev={0xfe, 0x80, '\x00', 0xa}}, 0x1c) sendmmsg(r2, &(0x7f00000092c0), 0x4ff, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000300)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x5a, &(0x7f0000000100)=0x400000bce) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x5) read$msr(r3, &(0x7f000004b680)=""/102392, 0x18ff8) io_pgetevents(0x0, 0x2, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000900)={0x0}) io_uring_enter(r1, 0x7a98, 0x0, 0x0, 0x0, 0x0) r4 = socket(0x2a, 0x2, 0x0) ioctl$AUTOFS_IOC_EXPIRE(r4, 0x810c9365, &(0x7f00000004c0)={{0x4, 0x3}, 0x100, './file0\x00'}) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4000040) symlinkat(0x0, 0xffffffffffffff9c, 0x0) pipe2(&(0x7f0000000380), 0x4800) bpf$TOKEN_CREATE(0x24, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000940)=ANY=[@ANYBLOB="1e0000000300000001000000020000", @ANYRES64=r0, @ANYRES32=0x0, @ANYRES32=r2, @ANYRES16=r2, @ANYBLOB="93d3b671e57ff039d2c2bfcbb4a60864c8d22d0852bbc38439ba1107665b13c77cc0c22667d4f40a5210a3ad95a3433c88cd8d15c07f59f929a436c1884edfc72973d41f2d65f82371940d14d5f456a43c7898c2a547e2cf011d764c1da8d6f76d60ea2f45d89ba726cabf905e1c8fd451e097e9a719995d4a7f97ddef09232bb8030f6f31b397f8bb7141597b7700f5867b1a693c8e94a69351c5b5c4799f5623871331546cd6ec5e00a9432ef77555ff32d583026fda5a2a86d887dff5d814f936f8b990b867a54c4f93264b3154c55ad08e5547"], 0x50) sendmsg$ETHTOOL_MSG_LINKINFO_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x6000) fcntl$setpipe(r2, 0x407, 0xfffffffffffffffd) socket$inet_sctp(0x2, 0x5, 0x84) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x400801, 0x102) 17.663860518s ago: executing program 35 (id=2696): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'syz_tun\x00', 0x0}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) read$FUSE(0xffffffffffffffff, &(0x7f0000000c80)={0x2020, 0x0, 0x0, 0x0}, 0x2020) quotactl_fd$Q_GETFMT(0xffffffffffffffff, 0xffffffff80000402, r1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000c40)="c10e020022003505d25a806f8c6394f90435fc60040011000a740100053582c137153e37024801", 0x27}], 0x1}, 0x0) syz_open_dev$MSR(&(0x7f0000000140), 0x401, 0x0) r3 = socket$kcm(0x10, 0x3, 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) fcntl$notify(r4, 0x402, 0x4) fcntl$notify(r4, 0x402, 0x60) setsockopt$inet_sctp_SCTP_AUTH_CHUNK(r4, 0x84, 0x15, &(0x7f0000000100)={0x1}, 0x1) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x92c0199, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003e000b05d25a806c8c6f94f90224fc60100005000a000200053582c137153e37000c0980fc0b10000300", 0x33fe0}], 0x1}, 0x0) syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f00000007c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000940)=ANY=[@ANYBLOB="6e6c733d69736f383835392d31352c6e6f626172726965722c63726561746f723dbd3c66f52c7569643d", @ANYRESHEX=0x0, @ANYBLOB=',force,umask=00000000000000000006745,decompose,barrier,force,gid=', @ANYRESHEX=0xee00, @ANYBLOB="00c9"], 0x3, 0x6a4, &(0x7f0000000100)="$eJzs3U9sHFcdB/DvbDbrbJBS918aEFKtRqqgEYmdVUmQkBoQQjlEKIJLr1biNFY2aeW4KK0Q2QAFiRMn1AOHIhQOPSGEkMoJUc5ISFw4+R6JG4ccAKOZnV2v7Y1jJ7HXbT8faTzv7Zv33m9+nT+7s402wGfW+ddzsJci509cuFXWV+52uit3O9cH5SRTSRpJs79K0U6Kj5Nz6S/5fPliPVzxoHlevfdR0Xz/w06/1qyXavvGVv02GbtlLzk0rBxIMtMv/mfbw24ar1qqcS6tjfeIimHcZcKODxIHk7a6SW+tsfHQ7ts/b4F963b/vrnJdHI4/btr+T4g9dXh4VeGydvy2tTbuzgAAABgt4z9LD/qqfu5n1s5sjfhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKdD0f/NwKJeGoPyTIrB7/+3Rn5TvzXhcB/Te1eq1XefmnQgAAAAAAAAAPBYXryf+7mVI4P6alF95/9SVXmu+vu5vJ2bWchSTuZW5rOc5SxlLsn0yECtW/PLy0tzm3v+MmXP1dXV23XP02N7nl4fV29joOP+T4NNGwEAAAAAAADAZ9aPcn7t+38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgPiuRAf1Utzw3K02k0kxxK0ipmhpu3JhrsE/DnSQcAAAAAu69dr48U/+sXVovqM//R6nP/obydG1nOYpbTzUIuV88C+p/6G3/vdbordzvXy2XzwN/4147iqEZM/9nD+Jlnqy2eH/Y4n2/nezmRmVzMUhbz/cxnOQuZybeq0nyKTNdPL6ZX7rYziHVzvOfW1S5ujO3FkXIZ37EqknauZLGK7WQutQahN+rtjo3M9sdWsmHGO2V2itdq28zR5Xpd7tEv6vX+MF3t+cFhRmbr3JfZeHo075tzv8PjZONMc2kMn0E9tzZLWd040yPl/HC9LnP9093N+Q4fpa3PRO/nZW1w9B3dOufJl//xl4tXGzeuXb1y88T+OYwe0cZjojOSiRe2lYlumYneY2Ti0OPE/+S06mz0r6I7u1q+VPU9ksV8J2/mchZyJrOZy9nM5ms5nU5Oj+T1+a3zWp1rjZ2da8e/VBfKe9LPRu5Ne2bqQQ1lXp8eyevolW66aht9ZS1Lz2wjS0Ur47P0z7GhNL9QF8o5fjxyx5m8jZmYG8nEs1tn4tf/XU1ys3vj2tLV+be2Od/L9bo8bd9bf23+zRPZoZ2rd7c8Xp4p/2Olf9sYPTrKtmcHbRvy1aq/cWnWg61ra6U6n/ttDztTy5GO3hk3Ur/thbGzdKq2YyNt697l5M10h+9CANjHDr9yuNW+1/5b+4P2T9pX2xcOfXPq7NQXWzn41+afDvyu8dvG14tX8kF+mCOTjhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4Nbr7z7rX5bndhaR8W0njCA94Z2zRIRf+V1v7Y909qYWqrI+r3Sbbo3ppEzO0k+yJ1ae7BXFMZ03Rh+Eo7aQzjSXJtn/zAHbAbTi1ff+vUzXfe/cri9fk3Ft5YuHH67JnXznS+Onf71JXF7sJs/++kowR2w9rbgElHAgAAAAAAAAAAAGzXXvzzhjHTFr0J7CsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwyXT+9Rzspcjc7MnZsr5yt9Mtl0F5bctmkkaS4gdJ8XFyLv0l0yPDFQ+a59V7H/3q5fc/7KyN1Rxs39jQ7w//Xl3d4V706iUzSQ7U64eb2tZ4l0bG6+0wsL5iuIdlwo4PEgeT9v8AAAD//x5LB84=") r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) getdents(r5, &(0x7f00000000c0)=""/43, 0x60) syz_usb_connect(0x3, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010003095a6c209911aa6870a40102030109021200017d03800309b058065dc5a9e4"], &(0x7f0000000c00)={0x0, 0x0, 0x0, 0x0}) 16.060461352s ago: executing program 2 (id=2719): socket$pppoe(0x18, 0x1, 0x0) socket$pppoe(0x18, 0x1, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000691226000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) socket$nl_xfrm(0x10, 0x3, 0x6) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) socket$kcm(0x10, 0x3, 0x10) socket$packet(0x11, 0x2, 0x300) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x200000100000011, 0x3, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f00000004c0)={0x0, 0x465f}, 0x8) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) bind$inet6(r1, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r1, 0x4) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000140)={0x0, 0x5}, 0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x4}, 0x8) sendmmsg$inet6(r0, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000000180)='i', 0x1}], 0x1}}], 0x1, 0x0) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000280)=ANY=[@ANYRES32, @ANYRES32=r1], 0xc) 15.568323358s ago: executing program 7 (id=2722): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000600), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_GET(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="030300000000000000003d"], 0x14}}, 0x0) 15.102423443s ago: executing program 5 (id=2723): madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000080)) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) mlock(&(0x7f0000191000/0x2000)=nil, 0x2000) ptrace(0x10, r0) ptrace$poke(0x5, r0, &(0x7f0000000080), 0x0) 14.928191619s ago: executing program 7 (id=2724): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x5, 0x9, &(0x7f0000000240)) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc4042, 0x1ff) fchown(r0, 0x0, 0x0) 14.823859964s ago: executing program 2 (id=2726): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x2a, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0x1, 0x40, 0x40, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000b40), &(0x7f0000000d00), 0x1013, r4}, 0x38) 14.698086176s ago: executing program 5 (id=2727): write$binfmt_script(0xffffffffffffffff, &(0x7f0000000300)={'#! ', './file0'}, 0xb) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6ea1893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf873e540be16b6ca20508011132153c528f7bca92980a3223c5b9cdddedb0a14adddf9a6e70a26b5c0fe0879c349814bee9d96d8bd23db4e801d49201ae84090455682794098afa42b34196b1d849020eeeb1ef48d003d71524683d7cdfa841bca708414fb8ff49742420d1ab7fa678aa4806d5247616e8bc0b02887f8efe9310ccf9bec1c9b7f6671c9d59ac6b09b4436cafdd1887c8e884c930d21ace088ccc99a94d4b33da2fc1b1310bb607a9"], 0x0, 0x5, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) socket$tipc(0x1e, 0x5, 0x0) r3 = socket$inet6(0xa, 0x1, 0x0) r4 = dup2(r3, r3) ioctl$sock_inet6_SIOCDELRT(r4, 0x890c, &(0x7f0000000100)={@remote, @private1, @dev={0xfe, 0x80, '\x00', 0x23}, 0xd929, 0x40, 0xfffd, 0x100, 0x9, 0x40003f00}) 11.457076748s ago: executing program 5 (id=2728): syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000140)='./file4\x00', 0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="6e6f696e6c696e655f78617474722c6163746976655f6c6f67733d342c646973636172642c6661756c745f696e6a656374696f6e3d30303030303030303030303030303034313136302c6661756c745f747970653d30303030303030303030303030303030303030362c757365725f78617474722c696e6c696e655f646174612c66617374626f6f742c6673796e635f6d6f64653d7374726963742c646973636172645f756e69743d73656374696f6e2c001edfd4f89ea0446aec529a4e00eb8a4196fbb35aa25765f6c7"], 0x21, 0x5548, &(0x7f00000058c0)="$eJzs3E1vG1UXAOBjp2nffrwlQizYdVCFlEi1Vacfgl2BVny2qgosWIFju5Zb2xPFrhu66oIlYsE/QSCxYslvYMGaHWIBYocE8txJoS2VKsWOSfM80vjMvXPnzL2jJNKZiRzAgbWS/f5rJU7G0YhYiogTEcV+pdwKl1J4MSJORUT1H1ul7H/QcTgijkXEyWnylLNSHvryzOT0hV/e+e27H44cOv7Vtz8ubtXAor0cEYPNtH93kGLeTfFW2d+c9Io4OD8pYzowuF228xTvdjaKDHebO+OaRTzXTePzzTujabzZb7amsdu7WfRvDtMFR5PuTp7ihFvNraLd7mwUsTfKi9i9l+a1fS/9bbs3Gqc87TLfp0X6GI93YurvbHfSejZvF7E1HJf9KW/e7mxP46SM5eWilffbxTw2dnOn/9Neeq83vLOdTTpbo14+zC7UG6/UGxdrja283Rl3zteag/bF89lqtz8dVht3moNL3Tzv9jv1Vj5Yy1a7rVat0chWL3c2es3h/Uajfq5+tnZhLUt7Z7I3r32Y9dvZ6jS+3hveGff6o+xmvpWlM9ay9fq5V9ey043s/avXs+s3rly5ev2Djy9/dO21q2+/UQ56bFrZ6vrZ9fVa42xtvbG2uxsw0/Vnc17/Z+WkZ7h+2JXKoicAsP+o/4FFmF/9v3Uj4vH6vzrj+j/U/zOxr+rfg17/z2H9sCvqfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA+un5a/fKnZWUvt42f//suv5sl2JiGpE/PkvluLwQzmXyjzLTxi//Mgcvq9EkWF6jSPldiwiLpXbH8/N+y4AAADAs+ub+6e+SNV6+lh5qrOOznlW7JH00KZ64pMZ5atExPLKzzPKVp1+vDCjZMXP96HYnlG24gHW/2aULD1yOzSrbE+l+HV/N4UHKylCJYXqo2fMbLUAAMDCLD0U9rYKAQAAYC99/sQjt/d0HuyxSuy8ytx5F1z85/3fL/uOprZXfwAAALB/VRY9AQAAAGDuivrf9/8BAADAsy19/x8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBf7NxNbtpAGAbgz8Yu9E9FVfe9SndwjB6hyy4rDtBLcAR6hV6AM5BdjhBBhMdBISIJxGNQoueR7MGWeT3mZzEz0gcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECfrurF9N+f73+75qw33eR5GgAAAOCQVb2YNi/G6fhje/5ze+pre1xERBkRh8bug3i3lzloc+pHrq8f9OF/RJOwvcew3T5ExI+0beJL358CAAAAvEnVdreczSdptJ5240v3is5O+A7TpE356WemWxcRUY+vM6WV27xvmcKa33cVvzOlNRNYo0xhacqtypV2lObvvpu1G91ritSUT78/27MDAABnNNhrzjsKAQAA4Jx+XboD9OH9s1cUcbeUuVsKHKZmtBdhsQ8AAABer+LSHQAAAAB614z/T6n/F8fU/6uy1/+LG/X/AAAA4MVS/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD6tKoX0+VsPumas950k+dpAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALhlf95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN787i//J6bGmWTutbH0PJKsnRpbp8beuXH0h/H1awAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAL/rdL/8npsaZZO60sXQ8kqxdNbauGnsPGkcPxtu/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmf7Q8U1yh4iouBBL3a7ra29iQclePBPEEK6rbFbf7Q52FKEXLxJzr2IHkUEJd76D3jqTWihl3rrYQ8VRPCyMrMz2UkTcGPIzJp8PvDmfXcymfd9MxDynTcJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURu9M4yTbdCZxXOy79/jWStbff6LP3Nl4sJi1LI7qTPr/4aXqh6jbXCIAAAAcHUlZ34cQHqabS1kfd/L6Py2PyWr+b5+ZxGU9/2TdX/Zl7Z+1X35+9MLWQJ3JONlJL60OB6d3ptI6uFnOt2f/9YhWfuXzZy9JfkPi99efH6X59Yy+vnv33XYeHqsjWwDgvzhV9kVQ/j6U9f0mEwPgyGhVCu+i/v8r6TScFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEANRuvhqTKOQgiLrWmcuf/41spu/Z2NB4tlO3/79kb1nNkp0hDCpdXh4HSNc5l312/cvLI8HA6u1R+8HEJoavS3i+lf+XCGg0No5PocVPD3eDze03cdbz7nfQVxcbNnOLg9Lzk3HzT4QwkAgEMpLVpW1z9MN5eyfdFCCOPvttf/r1XiMGP9/+ij8/eqY1Xr/35tM5x/vbWrn/Wu37j5xurV5cuDy4NP3jzTf6t/9sK5cxd6+bOSnicmAAAA7E+7aNX6P17Yuf5/shKHGev/z7/pfzkd6bd8q/7fabro13QmAAAAR9tzr/z5R7TL/qjdDl8sr61d60+2W5/PTLYNpLpnx4pWrf+ThaazAgAAAOowWo+2rf9frMRhxvX/p79/8cfqOZMQwoli/f/UyqfDi/VNZ67V8efETc8RAACAZp0oWnX9P83f/4+3XnmIQwivvzqJi38DOFP9n7z31Q/VsZLK+/9n65viXIq7k+uR990QWt1tX/61scQAAAA4lI4XLSv2f083lz7+6eQHbe//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANTtnwAAAP//gQBD5A==") r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004cc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x5a, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) fspick(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) 11.384468647s ago: executing program 7 (id=2729): r0 = syz_usb_connect(0x0, 0x34, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x92, 0xdf, 0x55, 0x10, 0x5ac, 0x9226, 0xb289, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x22, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0xe9, 0x0, 0x0, [], [{{0x9, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [@generic={0x7, 0x5, "d77b5d2898"}]}}]}}]}}]}}, 0x0) syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000540)={0x44, &(0x7f0000000340)={0x40, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 11.120564296s ago: executing program 6 (id=2730): madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d5000/0x2000)=nil) preadv(0xffffffffffffffff, &(0x7f00000001c0)=[{&(0x7f0000000040)=""/113, 0x71}], 0x1, 0x0, 0x0) 10.480949465s ago: executing program 6 (id=2731): r0 = accept4$alg(0xffffffffffffffff, 0x0, 0x0, 0x80800) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r5 = userfaultfd(0x1) ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) ioctl$UFFDIO_COPY(r5, 0xc028aa03, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000200)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000240)={@local, @multicast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x1}}}}}}, 0x0) close_range(r0, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x0, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00'}) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl(r6, 0x8b2a, &(0x7f0000000040)) 9.960327509s ago: executing program 2 (id=2732): r0 = socket$inet_sctp(0x2, 0x5, 0x84) sendto$inet(r0, &(0x7f0000000040)="e7", 0x1, 0x1, &(0x7f0000000080)={0x2, 0x4e23, @private=0xa010102}, 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="83", 0x1}], 0x1, &(0x7f0000000200)=[@sndinfo={0x20, 0x84, 0x2, {0x0, 0x41, 0x0, 0x2}}], 0x20, 0x40040}, 0x0) 7.641485126s ago: executing program 6 (id=2733): openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) syz_open_dev$loop(0x0, 0x6, 0x80) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r3 = socket$inet(0xa, 0x801, 0x84) connect$inet(r3, &(0x7f0000004cc0)={0x2, 0x4e20, @loopback}, 0x10) r4 = fsopen(0x0, 0x0) fsconfig$FSCONFIG_SET_STRING(r4, 0x6, 0x0, 0x0, 0x0) close(r4) openat$khugepaged_scan(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0) io_uring_register$IORING_UNREGISTER_EVENTFD(0xffffffffffffffff, 0x5, 0x0, 0x0) syz_open_dev$hidraw(0x0, 0x5, 0x400040) r5 = syz_init_net_socket$ax25(0x3, 0x5, 0xc4) connect$ax25(r5, &(0x7f0000000000)={{0x3, @bcast, 0x1}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48) 7.576186593s ago: executing program 7 (id=2734): syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f00000001c0)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c6572726f72733d72656d6f756e742d726f2c61636c2c00a9b504852143b698d2e379891a0dde7f9adfca8cbec85bf8e749e04e"], 0x11, 0x443f, &(0x7f00000088c0)="$eJzs3c1PHOcdAOB3BlyD6w9wfXClSl2pllq1FQKf2mKpGGNjsKkrt7aqXtYLrG3ahbVgqXqwFHKzlFOkHKIcrETKjZPFIVfnT8glR+dsKTnkEimSFaLdnYWdYVds0C7EzvMcmJ33e/c3H+8chjdOVB4ureWW1nKFlVx54f7axdz/yqX15WKID0nL/o8dXv90phfHyVEfez9lt65c+8fdiyF8uvj5y+3t7e1Q1R9aGmv6/M3Xjxeatw1xpk613datdcu/Qwjn9oyrqi+E8K9PQohCCJeTtMlkOxhCOBXqeXcfv3Mv16XRPHtRvJR/Nfdka/zC7ObTrfbfPQrhg9Iv//hg+cvf9I1/8fsudQ8AAAAAAAAAAAAAAAAAwGtu+vatO38fHQvPo9C/Ge19X3c62bZ7P3a7a37d+y8LAAAAAAAAAAAAAAAAAAAAP1K77//norMt3v+fSrYTbepv/7VNxvHujpPemPnbramro2PJ+u/Rnvw/JUlfXe4Lwy3Wfc+u/345U7/1+u97+zmoxvga/Q6FKB7ZfmsnfyjE8chICB8lC7+fj07EpfJa5Q/3y+sri10bxmsrHf/66v2p6CQL+nca/8lM+71f//8Xe46m6v697h1ib7R0/Pvalvv47aij+F/J1DuM+HNw6fj319IGmwtM1C8A1fi/279//Kcy7fcq/qdDCLmoOtZc6gpQncNU09vNV0hLx/9YLS116Ux+yHbn/7eZ+F/NtN8u/me69g1aX/83sjciWkrH/2e1tIFUid3zfzje//y/lmn/KO7/1fFvuP93JB3/5KGtP1Wk9kt2ev2fzrTfq/jfiZNxno5SR8BmVE9v9//qSEvHf2BP/u7zX9zR/O96pv5hPf81+q09/zU9h/wuqj//0Vo6/oNty3V6/s9k6vX6+j9Rm/9xUOn4n6ilpefOQ7W/ncZ/NtN+r+Jfm5UMNOK/ez357ng9/UPzv46k4//zemLcXGKj9rc2/4v2n//fyLR/FPO/6vg34t72+qZIx/9k23LV+H/Wwf3/ZqZe7+Mfwqi5/oGl43+qbbna+T+wf/znMvV6Hf/f9rJxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNfAZLIdClE8ktqP45GREK4k++fDiWi+sJifL5UX/rsWwlSSngtnowel8nyhlF9aKS8W84VSqbwQwtUk/1wYiNZK5Up+ufDo2k5bg9HDYmG1Ml8sVEII00n6r8KpRlvzS5XlwqMQwvWdvDNxefXRw8JKfnFp9S+jo6OjYWZnDMNR8f+V4kql3ns9N4TZnbpDUdPgatk3dsZyMvpPeX11pVCqpd9sqlMqLxRKTXXmkrz3wnBUWV1fWShUivlS+UGjv6M0kWynZm7/8/bNsT3596L6dvJwhwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAD/R8/M/vhxD663txCGGi8SFqVf7Zi+Kl/Ku5J1vjF2Y3n269bFcOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB7duBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrBLxygRA1EYgN+Mhdp5DKuQdLYJimhhRPAEegwPE4/iJbyDhYWthQhmBjTuQprd6vuaB/l5eT8kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACsc3k33t+2XUSKo6/DiJfH17ff+XWZ0zDPvNg/2FNPduPqZjy/aLvy3dO//Kw8eu/zT/r58fQQG2b1PPzdX/5Ps3rneGuvaVjXv/ard08i5SYi+pKfppybZt27AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPhmBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwLAAAAAAgzN86ir4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4FcAAAD//78SIGU=") openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x101242, 0x8) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x32600) 7.516144704s ago: executing program 5 (id=2735): syz_mount_image$nilfs2(&(0x7f0000000040), &(0x7f0000000300)='./file0\x00', 0x0, &(0x7f00000002c0)=ANY=[], 0x1, 0xaa6, &(0x7f0000001100)="$eJzs3U2MW0cBAOCxd73JJilxSkKXNLQJhbb8dNNslvATQVIlQiJqKsSlUsUlStMSEYJEkYCqEklO3GhVBYkTP+LUS1UQEr2gqCculWikCqmnwoEDURCVOEAgcRXvjNee2H22s+tnx98njcfz5j3PvOfn5/c7E4CpVW2+Li8vVEK4+PrLR//x4N/nbw451Bqj3nydbUvVQgiVmJ7NPu/dmZX4+nsvnOwWV8JS8zWlwxNXW9NuDiGcC7vDpVAPOy9efunNpcePnz92Yc9brxy8sj5zDwAA0+Xrlw4u7/jrn+/ddu3V+w6HDa3haf+8HtNb4n7/4bjjn/b/q6EzXWkL7eay8WZjqM53jjfTZbz2cmrZeLM9yp/Lyq/1GG9D+ODyZ9qGdZtvmGRpPa6HSnWxI12tLi6uHJOH5nH9XGXx7OkzzzxXUkWBNffv+0MIu9vCkQud6XELh8agDkOGxhjUYSLD4dGVda2xovR5HlFobC17CwSwIr9eeItz+ZmF29P6tNn+yr/6WLX79LAGRr3+D1T+XMnlB+X/5rwtDmvnTl2b0nyl39GWmM6vI+T3L/X+/eVXOjqH5tcjan3Ws9d1hEm5vtCrnjMjrsewetU/Xy/uVF+OcVoOX8ny238/+Xc6Kd8x0N1/8vP/giCMdwgd6drtfFaj5O0PML7y++Ya6fpolN/Xl+dvKMjfWJA/X5C/qSB/c0E+TLPfff+n4cXK6nF+fkw/6PnwdJ7trhh/aMD65OcjBy0/v+93ULdbfn4/MYyzP5x48tQXnn7q8sr9/5XW+n8jru/pcKMef1uX4gjpfGF+Xr1173+9s5xqj/HuzupzV5fxm++3d45X2b76OaFtO3NLPRY6p9vaa7xdnePVs/HmY9iY1TffP9mUTZf2P9J2NS2v2Wx+a9l8zGX1SNuVbTHO6wHDSOtjr/v/0/q5EGqVZ06fOfVoTKf19E8ztQ03h+8bcb2B29fv8z8LofP5ny2t4bVq+3Zh6+rwysp24bX4eZ3Dl1rldA7fH9Ppf+5bM/PN4Ysnv3vm6bWffZhqz/3o+W+fOHPm1Pe8GfrNV8ejGoO8SYct41Ifb8buTckbJmDd7f3xyk7AI6e/c+LZU8+eOrv/wIH9S0sHvrh/eW9zv35v+959u3Ml1BZYS6t/+mXXBAAAAAAAAAAAAOjXD44dvfz2G59/Z+X5/9Xn/9Lz/+nO3/T8/0+y5//z5+TTc/DpOcBtXfKb42QNrM5l49Vi+HBW3+1ZOTuy6T4S41Y/fvH5/1Rc3q5rqs892fBaj2TWnMAt7aXMZW2Q5P0FfjzGF2L86wAlqsx3Hxzjovat07qe2qdoa5eioX3gyZG+t7Q2pHZM0vPfXdt1avuyt42gjqy9UTxOWPY8At39c6ra//7X6oyXXhehd5gdbXk/n951otFzL73fHmwA1kbZ/X+m854pPvvHr228GdJoVx/r3F7m7ZfCIP7ydmd63PufXO/y8377Rl1+2fM/6v4/W/3f9b39y3rMqw9X7n9/ceWdtmLDzn7Lz+c/tQO9fbDyr8Xy09w8FPorv/GrrPz8glCf/peVv6nP8m+Z/13Dlf//WH5abA8/0G/5KzWuVDvrkZ83Ttf/8vPGyfVs/lPbnh9Q/jee7zb/Q3bUeCOWD9NsUvqZHVS2H9HaaR++/9/o3Nr2/9uqbLZZy+/D+FxMpw1xus8h7+9k0Pqn+yvS/8CO7PMrBf9v+v+dbF+KcdHvIfX/m9bHevzLb0s3l2VK17os2zt1WwOT6t2puv43EWHjGNRB6D80ZoaYrtVPXMn1bzQa63tCq0CphVP68i/7OKHs8ste/kXy/n/zffi8/988P+//N8/P+//N8+fjN9QrP+//N1+eef+/ef492efm/QMvFOR/tCB/Z/f81mH7vQXT7yrI/1hB/p5W/qGOMVL+fQXT31+Qf3dB/gMF+Z8oyP9kQf6DBfkPt+W39wGd8j9VMP2dLj2PMq3zD9Msfz7P7x+mR7r+0+v3v70gH5hcP3t135GnfvvN+srz/3Ot8yHpOt7hmK7F46cfxnR+3Tu0pW/mvRHTf8vyx/18B0yTvP2M/P/9oYJ8YHKl+7z8vmEKVTZ2Hxzjonareu3nM1k+HePPxPizMX4kxosx3hvjfTFeGlH9WB9HXvv9wRcrq8f7W7P8fu8nz58H6mgnKoSwv8/65OcHBr2fPW/Hb1C3W/6Qj4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACUptp8XV5eqIRw8fWXjz55/PTem0MOtcaoN19n21K11nQhPBrjmRj/Mr65/t4LJ9vjGzGuhKVQCZXW8PDE1VZJm0MI58LucCnUw86Ll196c+nx4+ePXdjz1isHr6zfEgAAAIA73/sBAAD//weuDxQ=") creat(&(0x7f0000001cc0)='./file2\x00', 0x0) 7.280574968s ago: executing program 2 (id=2736): syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000000), 0x1, 0x797, &(0x7f00000017c0)="$eJzs3c9rXNUeAPDvnSRNk/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAraI4EZQcSHopmt/1J1bf2z1v3AhLVXTYsWFRO78SKdmpp3EzEw0nw/czDn33Mk53zn3x7lzL3cC2Lcm0j+ZiCMR8U4SMVafn0TEUDU1GHGqttzd9bV8OiWxsfHyT0l1mTvra/loek/qUD3z/4j4+s2Io5mt9ZZXVudzxWJhqZ6fqixcnCqvrB67sJCbK8wVFk9Mz8wcP/nUyRO7F+sv360evvnuC49/duq3N/53/e1vkjgVh+tlzXHslomYqH8mQ+lHeJ/nd7uyPkv63QB2JN00B2pbeRyJsRioptoY6WXLAIBueT0iNgCAfSZx/AeAfabxPcCd9bV8Y+rvNxK9deu5iDhYi79xfbNWMli/Zneweh109E5y35WRJCLGd6H+iYj46ItXP0mnqPeDa2lAL1y5GhHnxie27v+TLfcsbNcTDyrcGK6+TPxp9n47/kA/fZmOf55uNf7LbI5/osX4Z7jFtrsTD9/+Mzd2oZq20vHfs033tt1tir9ufKCe+1d1zDeUnL9QLKT7tn9HxGQMDaf56eqirUduk7d/v92u/ubx38/vvfZxWn/6em+JzI3B4fvfM5ur5P5q3A23rkY8Mtgq/mSz/5M2498zHdbx4jNvfdiuLI0/jbcxbY2/uzauRTzWsv/v9WXywPsTp6qrw1RjpWjh8+8/GG1Xf3P/p1Naf+NcoBfS/h99cPzjSfP9muXt1/HttbGv2pU9PP7W6/+B5JVq+kB93uVcpbI0HXEgeWnr/OP33tvIN5ZP4598tPX2X6u29fqfnhOe6zD+wZs/frrz+LsrjX92W/2//cT1u/MD7ervrP9nqqnJ+pzO9n+dNXDnnxwAAAAAAAAAAAAAAAAAAAAAAAAAdC4TEYcjyWQ305lMNlv7De//xmimWCpXjp4vLS/ORvW3ssdjKNN41OVY0/NQpzefuFjLH68/H79R/mRE/Cci3h8eqeaz+VJxts+xAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDDoTa//5/6YbjfrQMAuuZgvxsAAPSc4z8A7D/bO/6PdK0dAEDvOP8HgP2n4+P/ue62AwDoHef/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdNmZ06fTaePX9bV8mp+9tLI8X7p0bLZQns8uLOez+dLSxexcqTRXLGTzpYW2/+hK7aVYKl2cicXly1OVQrkyVV5ZPbtQWl6snL2wkJsrnC0M9SwyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOhceWV1PlcsFpb2VCJTb91eaU+xMLI3mrFnEoOxJ5rxj04M9rX25r3ESH92TgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/A38EAAD//ywiJds=") r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x143042, 0x8d) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000000000000000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000240)='netlink_extack\x00', r1}, 0x10) r2 = socket$key(0xf, 0x3, 0x2) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x3a, 0x40, 0x0, 0x0) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r6 = socket$netlink(0x10, 0x3, 0x4) writev(r6, &(0x7f00000001c0)=[{0x0}, {&(0x7f00000003c0)="f38d1f8ae9d1061afd8ab46a0363a49448d9e53c19", 0x15}], 0x2) sendmsg$key(r2, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x2, 0x3, 0x0, 0x9, 0xe, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}}}, @sadb_sa={0x2}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @mcast1}}]}, 0x70}, 0x1, 0x7}, 0x0) pwritev2(r0, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfe}], 0x1, 0x5405, 0x0, 0x0) 3.995838849s ago: executing program 7 (id=2737): mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) syz_mount_image$iso9660(&(0x7f0000000200), &(0x7f0000000540)='./file0\x00', 0x204018, &(0x7f0000000580)=ANY=[@ANYRES64=0x0], 0xfc, 0x56d, &(0x7f00000009c0)="$eJzs3V1v01gawPHHJV2qrIR2F1ShqsCh7EpFKsFJICjiyuucpAcSO7Id1F6xFaSoIoUVZaVtL3aHG0YjzXwIbucTzNzMFxqh+QiM/JKSvqQG+oY6/180c06cY5/nmOCnpvaxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsdyGbZctaRuvt6TGcxuB3/n4Nlt7zwK5uaM4oF8RK/5Ppqbkcrro8qWPH0/H/5uT2fTdrEzFxZRs/Xn6L/cvFiaG6x8Q8InY2Nx6vjIY9F+ddiDH6Mr5/ZdPKKVa2jOhbzpOSysT+qpeq9m3F5uhapq2DpfDSHeUG2gn8gM1795U5Xq9qnRp2e95rYbT1sOF925VbLumHpS62glC37v9oBS6i6bdNl4raRN/HLe5F38RH5pIRdrpKLW6NuhX8wYQNyp/SqNKXqOKXamUy5VKuXa3fveebRf2LLB3kZEWHz7s/kuDP6KjOnQDhzaR5X9pixFPerIkat+XKw0JxJfOmM8zw/z/j9v6wH5H8/8wy1/++PGMJPn/avru6rj8PyaWk3ttyKZsyXNZkYEMpC+vTj2ik321RIsnRkLxxUhHnGSJypYoqUtNamLLY1mUpoSipClG2qIllGUJJRKdfKNcCUSLI5H4EoiSeXHlpigpS13qUhUlWkqyLL70xJOWNMRJtrIqa8l+r4qyxsW43ag8dhjF4feuL5UDRnu4/J+2GP7Qei7r8bSzEU7akR27gcP6MMz/AAAAAADgzLKSf32Pz/8n5UpSa5q2tk87LAAAAAAAcISS3/zPxsVkXLsiVv75/78KJxQcAAAAAAA4ElZyj50lIkW5ltZWxUpul+IiAAAAAAAAzojk9/9X4yKZA+WaWNvTpXD+DwAAAADAGfG/n7LK2Dn2w+5565ffJAgmrTfdpb9b607czlnPJjA9t3uLUXPGupBtJClqaVEouHrWmkobbU+C+T4rVvPm+rf2C+Cb3ADijWUBXCzI93I9bXP9aVo+HX6S9lJsmrYuuX77flkc58JEpJei/7xY+68kw//O61ywZHVt0C89eTl4msTyJt7Km/VsAsU98yiO2xkXC/I6mW8huedi3xFPJjdiZP0W037t0fFPpKtPfEafb2UubTOXzXhb3Dn+qbjPcmnc6LMoyocc+Vu5kba5MX8jLfaJopIXRWU0ii/aF58QRTUviuohowCA07Kak4WsvYn/C45yqzJrZXcafkZ2l8/58SI5os+nbeZnkgNrYWafI7qdd0S3D5ndftzzDKRxOTbu94ddWfVdvMK7sf2G7YoV78Jzr9f/LdMbm1u31tZXnvWf9V9UKtWafce271ZkMhlGVoxGep7cAwBI5T9jJ7eFdSfnrPpv25cUlOSJvJz+68+PZCG52yC54mDfrRZHLkNYyDlrLSZpMn3Cy8IBZ3V/Su5yGG63cmDbnTFUj/8PAgCAEzSX5OFfx+bhT8n/Cznn3Ttz+cFnx8WRp7UBAIDjoYP3VjH61goC031crtfLTrSoVeC7D1VgGi2tjBfpwF10vJZW3cCPfNdvx5VHpqFDFfa6XT+IVNMPVNcPzVLy5HeVPfo91B3Hi4wbdtvaCbVyfS9y3Eg1TOiqbu+fbRMu6iBZOexq1zSN60TG91To9wJXl5QKtd5ueElMQ3uRaRodKOOpbmA6TrCsHvntXkerhg7dwHQjP93gsC/jNf2gk2y2dNo7GwCAr8TG5tbzlcGg/+oYK6c9RgAAsNNolp7ae00fAAAAAAAAAAAAAAAAAAAAAAD4CpzE/X9UznhleNvI1xIPlSOo5B46/n/sBycAx+r3AAAA//+vzFCD") 3.651787037s ago: executing program 6 (id=2738): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TCSBRKP(r0, 0x5425, 0x0) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/partitions\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x20000023896) 3.427299399s ago: executing program 2 (id=2739): r0 = userfaultfd(0x80801) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() syz_mount_image$bcachefs(&(0x7f00000000c0), &(0x7f0000000180)='./file1\x00', 0x800000, &(0x7f0000000480)=ANY=[@ANYBLOB='acl,direct_io,norecovery,fsck,journal_flush_disabled,noreTovery,btree_node_mem_ptr_optimization,reconstruct_alloc,no_data_io,hash,\x00'], 0x1, 0x5903, &(0x7f0000010b40)="$eJzs3W2QXFXdIPBzu3synZm8TAJIBJkMgSiCmglvhS+l0fWtAKlYWErYKAxkgtEkpJJBIKAEF1wowEJLS1E/oIXUotGiClaJlMjLJqyiFKtLbSG1uot+8CnkISWQh7J8nKdm+p5Oz52+c3t6ekICv18lc/ucvv0/5957+vb9n+6ZDgAAALwm7Ll+275zjvrAr744/NI1H/7ZpmtDb3m8vhpX6EuXV7xSPeRA6q4sGV9mx8WbrvrBnwcuft8v7+75/su71x27/vfvP+zi+z9z5q7bvv3Qi/Pv/eczRXHjeDpxfzl5Lgmh+vO9X//S7seOHKtLQgjlpG9HCIuSxQ8tSjIhBv8eQliXFpZk7rznpVPWjy2vval7Qv3CzHrG+2tbNR1n2/ddflL4w3vXXPebpT/+UdfOZ3fsXyWpNoynEBZc2Pj4rhDC3PT/mDja4niMg3Z1CKGn4XFnFPTruBb7vyKnfHS6nJMuewvixPuXZcqlzHrZctSVWfYUtDdTef1od70i8zLl7MlopvL6GesXpcufpssTpxm/HP8noZSESr37G5P9YyQ0HLckJOPHslovl+rHNqTbnyknmXIpUy53ZbZrvN10oJWTZGJ9XC9TH0/HlbT+2MZzdRPn5tS/Pl1W0yfqy7EcsjdqeifdqG/XuNivvVP05UAoNZyDmtXXD3x6MHrTut5k8aTHjDYR79u95ubl5bUP7+nL6Udyd5LGT9qKv/3Xi+Z96oc3XpZ9Xa/Hv7CUxi+1Ff+PZz3+/Pk3fu9bufFvjfHLbcU/+YGe58565Ppluftnb9w/lbbiDz3z6C1LD79oZ27/b4/xq23FX7Xr8e75+x54MLf/g3H/zG0r/tPv/OCf7nryvmdz44cYv6et+Gt3bflyd/++E3LjPxj3T2974+eFnac/1d//l4G8+E/E+PPbin/njtveccfCm87MPb6r4/7payv+2cfff928ffcdk3fuTG7v1CsnwGvTYek11g1pud08c6Ya8oVvDlRq13zz0v/zO9lQ5uJzrJ0FnYwPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACGEI076nx/6/x/ve66SlrvTG0+XastYPyeEZG4IYdvI0NaRDZsvGfjMpZdt3Ty0cWBoZGB488jWKwdOfcvA1uEtG4euHLt38K2n1B63OCS1ZXLMpLa7R0dHS30T62J7/+n4nX9Yfsa//DWEwSN+11/J7f+K2zbdcXiTnxnJqtH3bLrsnN+d9t10u/rSfvU16dfo6OhoyOnXv573jzu+uvfPJ4Qw+Lqp+vXo0+/+xYQOjVfsj5MqdYdah7qTnqb9qPc67U/cX5X1GzYOD069f8ceX87Zjv981bN/X3/FV/5R27/V3O1ocf/OXTW6sfSNNWf/+zeurlUU9euVOu5F+ztuRexf3H/VdH8vSLdrQc52VXK26/rfPPjkz4+68cUdYbDywtLJbRdtV1c6ALqS17fUbmyhJ1k0ob6arh+PeHzcipFNW1Zsu3L7WzdsGrpk+JLhzW9feerK0wdPO/20FeNbvqLD2x/bf2OL239gxtPCz+34afzZ2ngq6lfR/hjrV/H+aOxR3vOv59wvfe3ttz1yTq2iaJzHtevnk3TZM3acV4aG8TZ5XzXbrqL9EEIYaLYfnn/xzHDk/9lwXdF5qPHINP7MSFaNPrbsb9894ztL3lWrOCDn+cYOtXmer/d6f3/G91c1PR6jB+n+7Q7ldLt6m/Zr5WOPdN2856+fr/dvzpxwxdDIyNaVtZ/z0p7OS45u2q9sbdyupeM/yyHdLaE+TJuM1zFdoda/7Pkzrp7dq73pfb3J4qbblRXv273m5uXltQ/vydvTyd21FueG+bVl8oacNTdmHliud7hZ+wfr869ofPR/6Dv3fvzen5w6aXycXPtZtF1Jznb9+Mk7v/b9r/zXn3Ruuz707sf7/vZ/P728VnGonFfqvU77kzSeV04Ooej5tzQ0347c51+p+fYUPf+y7exfv3m8gUy5N5Tber6e/EDPc2c9cv2y3Ofr3lafr1dPKJULnq8Hy/jJPr+SysR+zN7za8JASVaN/vKGw3Y8dM3qo2oVReO6vnazcX1KC/lHznb94vyn+i8d+C//u3PnjR+85Z4Lfj+06gu1ivaPe+xLZ457Nd2/1Zz9W+91zDsb9+/bLr5047pa/cF7/ZsuC/KfeCrZduX2zw5t3Di8dVtr29Xq62lsJ7uX2309jWe3xQXbVZq0XbN3o5X91erzLfZ/Xdv7a+LzrTckbb0ubP/1onmf+uGNl/VNelTa0IWlNH6prfh/POvx58+/8Xvfyo1/a4xfaSv+0DOP3rL08It25sa/PUnjV9uKv2rX493z9z3wYG78wdj/uW3Ff/qdH/zTXU/e92xu/BDj97a3/1/YefpT/f1/yY3/RJK2M3aNFMI9L52yvlZOQlf6fIv96JrQr5AtJ5lyKVMuN5ZLtbnWegPlJJlYH9dL649t6Eszn8ipj1dh1SW15cuxHLI3pq4/2JQazv3N6ouuUwEAXu3i+//xGjS+/z+cXijlzzTAfjPNw5bkxI152P75nDkT7l+Sxo+Pj/OA/W8Lg2PLawdqF/rTfR8hPh+y85yxnROOmxij3XnOovn3ZZly7FdtvrzSkIemJuc1ldDC/Pvkdqaef89sfvH8+MANk7o10DBvlT1+XemMWbPPO2T6WxmLkDc+svNi8fMc/QvC6vH2Whwf2c/RxOOQ/RxNbOeozImz3c/RzHR8xG5PMT7Gu1z8/sbk4xem2L/7j1/zaNnjN43jXR1bf7bfn+3AvGHTU9qBmzec3ffDzEvmxE+fYAf7vGGsj9tRaXE+8eM59Z2aT4yni9ivvVP05UAwnwi8WsX8P75GjOX/Yxfg/5ZZr+g6NHvVGOPlfk6o3Lw/RXnH5M/p9bT1Or5215Yvd/fvOyH3OufBVj/3s2VCqafgcz9F+3F5ply4H3MmaIryvWw7Rfs9+7mM3jC/rf1+547b3nHHwpvOzN3vq2svpMX7/WsTSvML9vshkC80jy9feE3kC7M9f/aK5SPpB59mKx/5WE79dPORnkk36ts17pDLR7oObL8AgENHzP/r75+l+f//iyuk1xFFeeuJmXKMl5u35lyf5OWtH0mXV2TW701/o2K6181nH3//dfP23XdMbt5ye6t56H+bUOorzENnljfn5hGrO/N58dw8op5nzSxPzO1/PU+cWZ6eG7+ep88sj87dP/U8embzALnx6/MAh3qeWzBfl2ksFludr3vV5tHpr8/OVh59bk79dPPo3kk36ts1Th4NAPDKivl/vIyL+f8jmfVm+j57bl7Qoev27N8Dqcd/4kDllbOd98123jrbef1sz0sc6nnxbM8Lze482Ws+L04blRcDAHAwi/n/3LScn//PLD9plr91TchP5OdN48vPD5L8/FCf/5L/e1+8mPwfAODVLeb/8dce49//+x9pOft36+XpOfHl6fL0qcZPy3l65+fZgs8BvLLzAHP3r28eAACAV0LXeKY0+ffsP5kus79nn/d7+efnrN+qSnp5fNHI1uHhCy7bsm5oZPiCzZeuG952weVbN4yMDG+urTfTvDE3b0nzxq5QSfdH8/WyedvC9O8hLMz5ewjZ9WPYo8dvTP57CNlm5xb8HYH9x6+1/uYdv9IU6zcbH3nHOy/+J3LWj+rH/+JPn3zB+m0XbNi8YWTD0MYN24cnrjeWtfZM43sz426Z1velZn5MUpr+93d2ph+lSf3oSvdH3vezJ5l+LEp7sijv+w9y+v2r//XVzx0/+o+7Qhg8ovyGGe2/ZNXofz9v+CMje363Zaz/pSn7X18z7VfR95Vm14/bU9l46baRk9Zfetnm7DdKtifOZ5Tq5Vmaz0if/uUW5yfW5tRP93MK5Uk3Dk4tz08AADBBfP8/Xs/G9w+/kl5AxfrW8/SZvX+cm6cPtpanZ7+XrChPz64ft7fVPL06wzw9235Rnt5s/WZ5el7enRf/YznrT1fr42Rmn/PIHScXtjZOst9nUDROsutPd5wkMxwn2faLxkmz9ZuNk7zjnhf/oznr52l9PMzsczm54+HW1sbDmzPlovGQXX+646E0w/GQbb9oPDRbv9l4yDu+efHPyVm/VRPHx9jAGB8XwxdcfunWzzasN9vffzHz/s3u93+0q/X+z+7nvma//7P7ubLZ7//MPleW2/8nZjYT1nr/Z/f7Xdp1wOZr0w+bFX3+rGged01O/XTncedMunFwMo8Lr5yY/8e3e2L+f1O67PTbQIf+96T5HrOm8Tv0PWZF1zFez6do7CDg9RwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgNd2VJePLPddv23fOUR/41ReHX7rmwz/bdO2brvrBnwcuft8v7+75/su71x27/vfvP+zi+z9z5q7bvv3Qi/Pv/eczhYH7xn9WTkyL1RCS55IQqj/f+/Uv7X7syLG6JIRQTvp2hLAoWfzQoiQTYfDvIYR19X5OvPOel05ZP7a89qbuCfULM0Gy2xV6y7E/jf0M4YrCLeIQVE3H2fZ9l58U/vDeNdf9ZumPf9S189kd+1dJqg3jKYQFFzY+viuEMDf9PyaOtiXxwelydQihp+FxZxT067gW+78ip3x0upyTLnsL4sT7l2XKpcx62XLUlVn2FLQ3U3n9aHe9IvMy5ezJaKby+hnrF6XLn6bLE6cZvxz/J6GUhEq9+xuT/WMkNBy3JCTjx7JaL5fqxzak258pJ5lyKVMud2W2a7zddKCVk2RifVwvUx9Px5W0/tjGc3UT5+bUvz5dVtMn6suxHLI3anon3ahv17jYr71T9OVAKDWcg5rV1w98ejB607reZPGkx4w2Ee/bvebm5eW1D+/py+lHcneSxk/air/914vmfeqHN162JC/+haU0fqmt+H886/Hnz7/xe9/KjX9rjF9uK/7JD/Q8d9Yj1y/L3T974/6ptBV/6JlHb1l6+EU7c/t/e4xfbSv+ql2Pd8/f98CDuf0fjPtnblvxn37nB/9015P3PZsbP8T4PW3FX7try5e7+/edkBv/wbh/etsbPy/sPP2p/v6/DOTFfyLGn99W/Dt33PaOOxbedGbu8V0d909fW/HPPv7+6+btu++YvHNncnunXjkBXpsOS6+xbkjL7eaZM9WQL3xzoFK75puX/p/fyYYyxtpZMIvxAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4dfrt1ad+8rz3fHRNJQkhyVlntIl4X3nOqlUDbbQ79Myjtyw9/KKdjXVL2ogDAAAAFIt5eKleUw1LwuXJ3HB00/XjHMHRsZRMrM/OIcQ42TmCduOUOhSn3KE4lQ7F6epQnDkditPdoTjVgjjV0FqcuVPEqYyNihb70zNlf1qP09uhOPM6FGd+h+Is6FCchR2K0zdlnNbH4aIOxVncoTiHdSjO4R2Kc0SH4ryuQ3GO7FCc7JzydMfh/HTNo/LijN8oF8apJOX6Hc3m049M2zlmhu30FrQzv+j1uMV25rbYznGZx5Wm2U61xXbeOMN2khbbefMM2ykVtBPH7RXZ/sV2YqnF8X9lh+Js71CcqzoU5+oOxfl8h+J8oUNxrplhHIBWxfx/f77XF7or7wo96RknOwsQ892l4z8nv97lnZBivDdk6ucUxcsm6pl4S6fbv+wEQibeskx914R4lXo+MkW8amO85Zk7C7c3O6GQ6d+JmfruonjZiQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmEW/vfrUT573no+uCUkY+9fUaBPxvvKcVasG2mh395qbl5fXPrynsa670kYgAAAAoFDMw7vqNdXQXVkZupM5E9arpvMA1bRc7qst+xeE1WPLZKA0Xu5JFk35uEr6uBUjm7as2Hbl9rdu2DR0yfAlw5vfvvLUlacPnnb6aSvWb9g4PFj7GUJ3QbwQwvj0w7Yrt392aOPG4a3bapXZ/i9JH7ckLSfp4/rfFgbHltem/V9c0F5pUnuzd6P46AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP/Brt2FyHnVfwA/z8zszHTb/LN/+jYNzWbIS4laNIlbSbV0HxAstEnIUpDZ6lqCTbC4aUKblFjHNmBbExShJRAiuTASi63Fm77YIvaFQKRGA24M0hbthV4orVbSkgtJGcnunNmZ2ZnMOpamjZ/PxTwz5/zO+T1nLha+zw4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDBmqqOTFRGx8YHkxCSLjW1DuJcNp+m5T76fvn57d8vDJ9e2TxWyPWxEQAAANBTzOEDjZFiKOSyIRuumv60NDRNhNncDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/O+Zqo5MVEbHxi9OQki61NQ6iHPZfJqW++j7xjtPfubV4eG/No+V+tgHAAAA6C3m8ExjpBhKYVkYSK5qqYvPBha1rW+vi/ssnmdd+7ODbnXL5ll3zTzrPtajbkP9uisAAADAR1/M/7nGyFAo5BZ0zf+9cn2sW9JWl61f+/mtAAAAAPDfifm/0BgphUKu1Mjr8837S9vq4vpe/7eP61d0Wd/r//nr61f/pwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAj46p6shEZXRsPJuEkHSpqXUQ57L5NC330XfNC4N/v+XIQ0ubxwq5PjYCAAAAeoo5fDZ6F0MhNxgGwsXTuX/4poNPf/HpZ0dCCDMxP58Puzbt2HH3mpnXWLf62JGB7x1961tz6lbPvJ63AwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO+bqerIRGV0bPyiJISkS02tgziXzadpuY++r3/uC39+/ORzbzaPlfrYBwAAAOgt5vDZ7F8MpZAP+XDF9KfmrH9Wpm19t2cGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwIXjnm/c9/VNk5Ob7/bGG2+8abw533+ZAACA99uSkITaf+jKjef7rgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgA+DqerIRGV0bLyYhJB0qal1EOey+TQt99E3ff54YcHpF15qHiv1sQ8AAADQW8zhs9m/GEphIAyEy6c/dXomMJ3/hz7AmwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+VKaqIxOV0bHxBUkISZeaWgdxLptP03IffR/bfeCzhxd+9+bmsUKuj40AAACAnmIOzzdGiqGQ+3gohKvrnydbFyTZ+rXzc4HZddtblg3Oe121ZV123uv2tJ0sVz/NzLpi3G9o5tpYV567rty0rhQa7cst68K+llULetxnAAAAgPMo5v9CY2QoFHKFppz7k5b6ITkXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOhiqjoyURkdG0+SEJIuNbUO4lw2n6blPvre95v/v+QrP927s3ms1Mc+AAAAQG8xh89m/2IohcXh/8Li6dwfhlrrY90/KmcOP/rPv6wMYdUVJ4Zz7dv+ML751es3vtj+EkKmtToTwsJ6v6RLv1//7tF7l9fOPB7CqsuzV8/pF87dr3XLtPZMZfP6HUdPbO/x5QAAAMAFIub/gcbIUCjk7uqa/2Py7pH/G6YD+MJ7d//8svprPZG3rcgM1ftluvT7/PIn/7Ri7d/eOpv/z9XvUwe2Hr6speHMSJskrY1u3bnhxHWHMvHUM/2zbf3j9/Klb775ry27Hjkz078YivXxRblO/ee+trkorU1m9o+ve29/tbV/rsv5H/rtSyd/uWjvu2f7v7NksNH/mnOc/9z9B299eN/1B45saO0fQih36v/2uzeHK/9w54Pt5x9s27j5m29+bZOktWNLTx1ae7B0Q2v/pK1//P5/dvKxfT9+5DvPxv7xtyIrl823f6at/yt7Lt398gMbF7X2z3Q5/4u3vTq8rfzt37ef/46WXXNd72Lu+Z+49qnbX9uU3t8+BQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcGGZqo5MVEbHxjNJCEmXmloHcS6bT9NyH33fuOX427ft/dEPmsdKfewDAAAA9BZz+Gz2L4ZSyId8GJzO/c9UNq/fcfTE9jA0M5vUr7nJbffs+MSWbTvvuuM83TkAAAAwXzH/5xojQ6GQWx4G6vl/dOvODSeuO5SJ+T8T8/+WOyc3rwqNulf2XLr75Qc2Lmo8Jwhh+mcBxbN1n56tu+nG40On/vi1FR3r1szWHVt66tDag6UbYl1orlsdGs8nnrj2qdtf25Te37i/5rpPfnXbZP3xRNx38NaH911/4MiGxjnq18H6vrFuMrN/fN17+6uxLlu/FuvnBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADmmqqOTFRGx8ZDNoSkS02tgziXzadpuY++65b/4sFLTj+3uHmskOtjIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf7MDBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWF/foJjaPs4wD+PLvJm202aZP2BaNimlZFqQeLgoheVFSkFSl4qhSptvYgCoKIUg+m0oqlKl4Eq5ciKqhRCgo2FkurpOK/4sWDCgrVg1CKAe1SPKhk95ntZrrj6qQK6ucDw5PnmZnv/GaeZ2ezAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/KMM9I0128M77m/ccs4NHz1614lHbnrn3m0XPfzqdxObrvtw7+BLJ2c2r9jy5fXLNu2/e8307ucP/TT81i9HewY/1GpWpW4thHg8hlB7d/aZx2Y+PmtuLIYQqnFkMoTRuPTQaMwlrP45hLC5Xef8nW+euHzLXLtt18C88SW5kPx9hXo1q6dlZH69/LvU0jrb2njwkvD1teu3f7r8jdf7p45Nnjok1jrWUwiLN3ae3x9CWJS2OdlqG8tOTu26EMJgx3lX9qjr/D9Y/6UF/XNT+7/U1nvkZPtX5vqV3HH5fqY/1w72uN5CFdVR9rhehnL9/MtooYrqzMZHU/t2alf9yfxqtsVQiaGvXf498dQaCR3zFkNszmWt3a+05zak+8/1Y65fyfWr/bn7al43LbRqjPPHs+Ny49nruC+Nr+h8V3dxa8H42amtpQ/qyawf8n+01E/7o31fTVlds79Ty9+h0vEO6jbenvg0GfU0Vo9LTzvn1y6yfTPrn7iwuuG9wyMFdcS9MeXHUvlbPxkduv21nQ+MFeVvrKT8Sqn8b9Ye+eG2nS88V5j/dJZfLZV/2YHB42vf37Gy8PnMZs+nr1T+HUc/eHL5/++c6jbXzfw9WX6tVP4100cGhhsHDhbWvzp7PotK5X919Y3fvvL5vmOF+SHLHyyVv2H6vqcGxhsXF+YfbH0U6s0VWmL9/Dh1xRfj499PFOV/lj3/4S75sWf+y5O7r3pxya41hetzXfZ8RkrVf/MF+7cPNfadV/TujHvO1DcnwH/TsvQ/1uOpX/Z35kJ1/F54dqKv9Q00lLbhM3mhnLnrLP4L8wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5jBw5IAAAAAAT9f92OQAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgqAAD//2BzKEU=") r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r1, &(0x7f0000001fc0)=""/184, 0xb8) read$msr(r1, &(0x7f0000000240)=""/91, 0x5b) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$udf(&(0x7f0000000180), &(0x7f0000000000)='./file0\x00', 0x410, &(0x7f0000000240)=ANY=[], 0x11, 0x489, &(0x7f0000000a40)="$eJzs29trHOUfx/HPd7K72Wz7+3XbpmmVgquCSsWaQ4/Gix5iqNCkOTQiRYWYbOLSnMimkhTR4o233ngjIgoKUkULIt54pb3zD1AQBL3wQgT3wgMIgszszM5ks2nS7iHd9v2CdifPfGfmOewzz7M7zwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEinnjrZ2WVbnQsAANBIg6Mjnd2M/wAA3FXO8/kfAADgbmJy9L1MfSMFG/D+Lkqezc1dWh7r6698WJt5R7Z48e6/ZFd3z6HDR44eC15vfHyt3aNzo+dPZk7Pzy4sZvP57GRmbC43MT+Z3fQZqj2+3AGvAjKzFy9NTk3lM90He1btXk7/0rqtI917tOOEE8SO9fX3j0ZiYvFbvvoa683wE3K0T6bfHvrUBiU5qr4uNnjv1FubV4gDXiHG+vq9gszkxueW3J1DQUU4fll9iaCOGtAWVWmX3HxZojaf2eJydEKmjp8Ldk5SS1APj3pfDK9/YKwml79lbj6fl/SAmqDNbmOtcvSjTLM7khra+mZFg8XkaFmmP3oLNuzdD9z+5N42zz6TeXpuaj4SO2R+j2r28aGRbvN7U1KOBr07fsFGtjozaDh3svSWTHs+ftmbV8ibl+7oPfrEcE90hrF3g/O4sQf9+eNmxuS4HztkQ2ZO7csFAAAAAAAAQGo1R9/JVPgqEyamTU7kkXFSxQdDma3JIoB6MUdvyzQ8UvC+ho+uS2mJrO8pafZnf/XNf1vy9PzCymJu+qWlivtTyZMv5pcWxycq71abe59tiaZstI6lSnFzlJDpuT8/stJ1i/d/fylAmJsPnwzXzCTLr++9b/5fXM8UPEM6fmFvdLtilm/i+ah7TTNHSzKd2rXPX6uS0po6UzHuc5l+f2+/H+ck3MwHp00XzziVm8l2urFfy/T+v0GstyxK2/zY3WFslxtrMr05sDp2ux/bHsZ2u7H9Ml1/oXLsnjC2x419XaaFXzNBbMqNvc+P7QhjD07Mz0xWqkrgZrn9/yeZ3m3PWNA3YsX339r+/0o4FlwpP9E6fb7a/p+OpF3x+/UFt///tc/ry17/dyr3/zdk+uSL/X5cse8l/P07vf/D/v+sTNPfro5N+bG7wtiuTVdsk3Dbf79MZ/ZcK9WN3/5+C4StFm3/e8vfHXVq/52RtLR/3dbaFB2S8iuXL47PzGQX2WCDDTZKG1t9Z0IjuOP/Z+4s6ssfSvMdf/z3P6aEM6u/Xw3H/97yE9Vp/N8VSev1ZyPxmJRcml2I75WS+ZXLj+Vmx6ez09m5Q51HOg8fOt51/Fg8EUzuwq2q6+pO5Lb/NzL9s+1q6fPu6vlf5fl/qvxEdWr/3ZG01Kr5StVFh9/+V2W6//q10vcSN5r/B9//PPJg8bXUP+vU/u2RtLR/3f/VpugAAAAAAAAAAAAAAAAA0NTi5ugDmc48HrPgt2abWf+35gdodVr/1RFJm2zQ7xWqrlQAaAKOHL0j08Mq2GtuwnZpIPqKO9p/AQAA//9HASOO") rename(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') openat$dlm_monitor(0xffffffffffffff9c, &(0x7f00000002c0), 0x10200, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8924, &(0x7f0000000040)={'veth0_macvtap\x00'}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x3}, 0x18) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x88c42, 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r5, &(0x7f0000000180)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r5, 0x0) ioctl$UFFDIO_CONTINUE(r0, 0xc020aa08, &(0x7f0000000240)={{&(0x7f0000c00000/0x400000)=nil, 0x400000}}) 3.320321228s ago: executing program 5 (id=2740): syz_mount_image$exfat(&(0x7f0000000300), &(0x7f0000000080)='./file1\x00', 0x1000000, &(0x7f0000000340)=ANY=[@ANYBLOB='umask=00000000000000000000001,discard,allow_utime=000000000000000253,iocharset=iso8859-6,fmask=00000000000000000000240,namecase=1,errors=continue,keep_last_dots,namecase=1,iocharset=cp852,\x00\x00\x00\x00\x00\x00'], 0x1, 0x1515, &(0x7f00000041c0)="$eJzs3Au8TtXWMPAx5pyLTdKT5D7HHIsnuUySJJeEXJIkSZLcEpIkSUJyyy0JScg95B6SW0ju9/s9SV5JkoSEJPP7qc7rnK/3fPW957yfc749/r/fYo69njGesZ6x937WWr+99zftBlaqU7l8LWaGfwj++l9XAEgBgD4AcB0ARABQLFOxTJf3p9PY9R97EvHP9fDUq92BuJpk/qmbzD91k/mnbjL/1E3mn7rJ/FM3mX/qJvMXIjXbOi379bKl3u3P3/93/+fdcv//35C8//9/6099pcn8UzeZf+om80/dZP6pm8w/dZP5p24y/9RN5i9Eava7e8IpcNXvSf+LbX95qa52H3+wRf+tvKv72SeEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQIrU4H64wAPCX9dXuSwghhBBCCCGEEP88Ie3V7kAIIYQQQgghhBD/8xDAaDAQQRpICymQDtLDNZABroWMcB0k4HrIBDdAZrgRskBWyAbZIQfkhFxggcABQwy5IQ8k4SbICzdDPsgPBaAgeCgEheEWKAK3QlG4DYrB7IUAd0AJKAmloDTcCWXgLigL5aA83A0VoCJUgspwD1SBe6Eq3AfV4H6oDg9ADXgQasJDUAsehtrwCNSBR6EuPAb1oD40gIbQ6L+V/xJ0gpehM3SBrtANusMr0AN6Qi/oDX3gVegLr0E/eB36wwAYCG/AIHgTBsNbMASGwjB4G4bDCBgJo2A0jIGx8A6Mg/EwAd6FiTAJJsMUmArTYDq8BzNgJsyC92E2fABzYC7Mg/mwAD6EhbAIFsNHsAQ+hqWwDJbDClgJq2A1rIG1sA7WwwbYCJtgM2yBrbANtsMO2Am7YDfsKbcXPoF98Cnsh8/gAHz+f5l/Dv42vz0CAipUaNBgGkyDKZiC6TE9ZsAMmBEzYgITmAkzYWbMjFkwC2bDbJgDc2AuzIWEhIyMuTE3JjGJeTEv5sN8WAALoEePhbEwFsFbsSgWxWJYDItjcSyBJbEklsbSWAbLYFksi+XvmAuAFbASVsJ78B68F6tiVayG1bA6VscaWANrYk2shbWwNtbGOlgH62JdrIf1sAE2wEbYCBtjY2yCTbAZNsPm2BxbYAtsiS2xFbbC1tga22AbbIttsR22w/bYATvgS/gSvowvYxesoLphd+yOPbAH9sLe2Btfxb74Gr6Gr2N/HIAD8Q18A9/EwXgWh+BQHIbDsIwagSNxFLIag2NxLI7DcTgBJ+BEnISTcApOxWk4HafjDJyJM/F9nI0f4Ac4F+fifFyAC3AhLsLFuBiX4DlcistwOa7AlbgKV+IaXItrcD1uwPW4CTfhFtyC23Ab7sAduAt34R7cg5/gJ/gpfor98QAewIN4EA/hITyMh/EIHsGjeHTbNQB4HI/jCTyBJ/EUnsZTeAbP4Fk8h+fxPF7AC3gRX8jxVe09+df1B3WZUUalUWlUikpR6VV6lUFlUBlVRpVQCZVJZVKZVWaVRWVR2VQ2lUPlULlULkWKFKtY5Va5VVIlVV6VV+VT+VQBVUB55VVhVVgVUUVUUVVUFVO3q+LqDlVClVRNfWlVWpVRzXxZVU6VV+VVBVVRVVKVVWVVRVVRVVVVVU1VU9VVdVVDPahqqm7YCx9WlydTRw3Aumog1lP1VQPVUL2Jj6vGajA2UU1VM/WkGopDsIVq7FuqZ1QrNRJbq+fUKHxetVVjsJ16UbVXHVRH9ZLqpJr4zqqLmojdVHc1BXuonqqX6q1mYEV1eWKV1OuqvxqgBqo31Hx8Uw1Wb6khaqgapt5Ww9UINVKNUqPVGDVWvaPGqfFqgnpXTVST1GQ1RU1V09R09Z6aoWaqWep9NVt9oOaouWqemq8WqA/VQrVILVYfqSXqY7VULVPL1Qq1Uq1Sq9UatVatU+vVBrVRbVKb1Ra1VW1T29UOtVPtUrvVHrVXfaL2qU/VfvWZOqA+VwfVf6hD6gt1WH2pjqiv1FH1tTqmvlHH1bfqhOqiTqpT6rT6Xp1RP6iz6pw6r35UF9RP6qL6WV1SQYFGrbTWRkc6jU6rU3Q6nV5fozPoa3VGfZ1O6Ot1Jn2Dzqxv1Fl0Vp1NZ9c5dE6dS1tN2mnWsc6t8+ikvknn1TfrfDq/LqALaq8L6cL6Fl1E36qL6tt0MX27Lq7v0CV0SV1Kl9Z36jL6Ll1Wl9Pl9d26gq6oK+nK+h5dRd+rq+r7dDV9v66uH9A19IO6pn5I19IP69r6EV1HP6rr6sd0PV1fN9ANdSP9uG6sn9BNdFPdTD+pm+undAv9tG6pn9Gt9LO6tX5Ot9HP67b6Bd1Ov6jb6w66o/5ZX9JBd9ZddFfdTXfXr+geuqfupXvrPvpV3Ve/pvvp13V/PUAP1G/oQfpNPVi/pYfooXqYflsP1yP0SD1Kj9Zj9Fj9jh6nx+sJ+l09UU/Sk/UUPVVP071+qzTrT+SP/y/y+/3y7Fv0Vr1Nb9c79E69S+/We/RevVfv0/v0fr1fH9AH9EF9UB/Sh/RhfVgf0Uf0UX1UH9PH9HF9XJ/QJ/RJfUr/qL/XZ/QP+qw+p8/pH/UFfUFf/O01AINGGW2MiUwak9akmHQmvbnGZDDXmozmOpMw15tM5gaT2dxospisJpvJbnKYnCaXsYaMM2xik9vkMUlzk8lrbjb5TH5TwBQ03hQyhc0t/3D+3+lvxeRfT15MI9PINDaNTRPTxDQzzUxz09y0MC1MS9PStDKtTGvT2rQxbUxb09a0M+1Me9PedDQdTSfTyXRGMF1NV9PdvGJ6mJ6ml+lt+phXTV/T1/Qz/Ux/098MNAPNIDPIDDaDzRAzxBgAGG6Gm5FmpBltRpuxZqwZZ8aZCWaCmWgmmslmsplqpprpZrqZYWaYWWaWmW1mmzlmjpln5pkFZoFZaBaaxWaxWWKWmKVmmVlmVpgVZpVZZdaYNWadWWc2mA1mk9lklpqtZqvZbrabnWan2W12m71mr9ln9pn9Zr85YA6Yg+agOWQOmcPmsDlijpij5qg5Zo6Z4+a4OWFOmJPmpDltTpsz5ow5a86a8+a8uWAumIvmorlkLl0+7YtUpCITmShNlCZKiVKi9FH6KEOUIcoYZYwSUSLKFGWKMkc3RlmirFG2KHuUI8oZ5YpsRJGLOIqj3FGeKBndFOWNbo7yRfmjAlHByEeFosLRLVGR6NaoaHRbVCy6PSoe3RGViEpGpaLS0Z1RmeiuqGxULiof3R1ViCpGlaLK0T1RlejeqGp0X1Qtuj+qHj0Q1YgejGpGD0W1ooej2tEjUZ3o0ahu9FhUL6ofNYgaRo3+qfVDOJv1Cd/ZdrFpoZvtbl+xPWxP28v2tn3sq7avfc32s6/b/naAHWjfsIPsm3awfcsOsUPtMPu2HW5H2JF2lB1tx9ix9h07zo63E+y7dqKdZCfbKXaqnWan2/fsDDvTzrLv29n2AzvHzrXz7Hy7wH5oF9pFdrH9yC6xH9uldpldblfYlXaVXW3X2LV2nV1vN9iNdpPdbLfYrXab3W532J12l91t99i99hO7z35q99vP7AH7uT1oU347v//SHrFf2aP2a3vMfmOP22/tCfudPWlP2dP2e3vG/mDP2nP2vP3RXrA/2Yv2Z3vJhssn95ff3smQoTSUhlIohdJTespAGSgjZaQEJSgTZaLMlJmyUBbKRtkoB+WgXJSLLmNiyk25KUlJykt5KR/lowJUgDx5KkyFqQgVoaJUlIpRMSpOxakElaBSVIrupDvpLrqLylE5upvupopUkSpTZapCVagqVaVqVI2qU3WqQTWoJtWkWlSLalNtqkN1qC7VpXpUjxpQA2pEjagxNaYm1ISaUTNqTs2pBbWgltSSWlErak2tqQ21obbUltpRO2pP7akjdaRO1Ik6U2fqSl2pO3WnHtSDelEv6kN9qC/1pX7Uj/pTfxpIA2kQDaLBNJiG0FAaRm/TcBpBI2kUjaYxNJbG0jgaRxNoAk2kiTSZJtNUmkrTaTrNoBk0i2bRbJpNc2gOzaN5tIAW0EJaSItpMS2hJbSUltJyWk4raSWtptW0ltbSelpPG2kjbabNtJW20nbaTjtpJ+2m3bSX9tI+2kf7aT8doAN0kA7SITpEh+kwHaEjdJSO0jE6RsfpOJ2gE3SSTtJpOk1n6AydpbN0ns7TBfqJLtLPdIkCpbh0Lr27xmVw17qM7jr3v8fZXHaXw+V0uZx1WVzWv4nJOZfP5XcFXEHnXSFX2N3yu7iEK+lKudLuTlfG3eXK/i6usnbnrz+I7u53ld09roq711V197lq7n5X3T3garhHXU33mKvl6rvarqGr4x51dd1jrp6r7xq4hq65e8q1cE+7lu4Z18o9+7t4oVvk1rp1br3b4Pa5T91596M75r5xF9xPrrPr4vq4V11f95rr5153/d2A38XD3NtuuBvhRrpRbrQb87t4spviprppbrp7z81wM38XL3AfutlusZvj5rp5bv4v8eWeFruP3BL3sVvqlrnlboVb6Va51W7Nf/a6wm1ym90Wt9d9cvmtyO10u9xut+dy/Mtx7HefuQPuc3fUfe0OuS/cYXfcHXFf/RJfPr7j7lt3wn3nTrpT7rT73p1xP7iz7twvx3/52L93P7tLLjhgZMWaDUechtNyCqfj9HwNZ+BrOSNfxwm+njPxDZyZb+QsnJWzcXbOwTk5F1smdswcc27Ow0m+ifPyzZyP83MBLsieC3FhvoWL8K1clG/jYnw7F+c7uASX5FJcmu/kMnwXl+VyXJ7v5gpckStxZb6Hq/C9XJXv42p8P1fnB7gGP8g1+SGuxQ9zbX6E6/CjXJcf43pcnxtwQ27Ej3NjfoKbcFNuxk9yc36KW/DT3JKf4Vb8LLfm57gNP89t+QVuxy9ye+7AHfkl7sQvc2fuwl25G3fnV7gH9+Re3Jv78Kvcl1/jfvw69+cBPJDf4EH8Jg/mt3gID+Vh/DYP5xE8kkfxaB7DY/kdHsfjeQK/yxN5Ek/mKTyVp/F0fo9n8Eyexe/zbP6A5/BcnsfzeQF/yAt5ES/mj3gJf8xLeRkv5xW8klfxal7Da3kdr+cNvJE38Wbewlt5G2/nHYy8i3fzHt7Ln/A+/pT382d8gD/ng/wffIi/4MP8JR/hr/gof83H+Bs+zt/yCf6OT/IpPs3f8xn+gc/yOT7PP/IF/okv8s98iQNDjLGKdWziKE4Tp41T4nRx+viaOEN8bZwxvi5OxNfHmeIb4szxjXGWOGucLc4e54hzxrliG1PsYo7jOHecJ07GN8V545vjfHH+uEBcMPZxobhwfEtcJL41LhrfFheLb4+Lx3fEJeKS8aP3l47vjMvEd8Vl43Jx+fjuuEJcMa4UV47viavE98ZV4/viavH9cdH4gbhG/GBcM34orhU/HNeOH4nrxI/GdePH4npx/bhB3DBuFD8eN46fiJvETeNm8ZNx8/ipuEX8dNwyfiZuFT/7h/u7xt3i7vEr8StxCPfpecn5yQXJD5MLk4uSi5MfJZckP04uTS5LLk+uSK5MrkquTq5Jrk2uS65PbkhuTG5Kbk5uSYZQOS149Mprb3zk0/i0PsWn8+n9NT6Dv9Zn9Nf5hL/eZ/I3+Mz+Rp/FZ/XZfHafw+f0ubz15J1nH/vcPo9P+pt8Xn+zz+fz+wK+oPe+kC/sG/pGvpFv7J/wTXxT38w/6Z/0T/mn/NP+af+Mb+Wf9a39c76Nf9639S/4F/yLvr3v4Dv6l3wn/7Lv7Lv4rr6r7+67+x6+h+/le/k+vo/v6/v6fr6f7+/7+4F+oB/kB/nBfrAf4of4YX6YH+6H+5F+pB/tR/uxfqwf58f5CX6Cn+gn+sl+sp/qp/rpfrqf4Wf4WX6Wn51vtp/j5/h5fp5f4Bf4hX6hX+wX+yV+iV/ql/rlfrlf6Vf61X61X+vX+vV+vd/oN/rNfrPf6rf67X673+l3+t1+t9/r9/p9fp/f7/f7A/6AP+gPng/+kD/sv/RH/Ff+qP/aH/Pf+OP+W3/Cf+dP+lP+tP/en/E/+LP+nD/vf/QX/E/+ov/ZX/LBj028kxiXGJ+YkHg3MTExKTE5MSUxNTEtMT3xXmJGYmZiVuL9xOzEB4k5ibmJeYn5iQWJDxMLE4sSixMfJZYkPk4sTSxLLE+sSKxMrEqEkHN7HHKHPCEZbgp5w80hX8gfCoSCwYdCoXC4JRQJt4ai4bZQLNweioc7QolQMpQKj4V6oX5oEBqGRuHx0Dg8EZqEpqFZeDI0D0+FFuHp0DI8E1qFZ0Pr8FxoE54PbcMLoV14MbQPHULH8FLoFF4OnYMOXUO30D28EnqEnqFX6B36hFdD3/Ba6BdeD/3DgDAwvBEGhTfD4PBWGBKGhmHh7TA8jAgjw6gwOowJY8M7YVwYHyaEd8PEMClMDlPC1DAtTA/vhRlhZpgV3g+zwwdhTpgb5oX5YUH4MCwMi8Li8FFYEj4OS8OysDysCJCyKqwOa8LasC6sDxvCxrApbA5bwtawLWwPO8LOsCvsDnvC3vBJ2Bc+DfvDZ+FA+DwcDP8RDoUvwuHwZTgSvgpHw9fhWPgmHA/fhhPhu3AynAqnw/fhTPghnA3nwvnwY7gQfgoXw8/h0p/5nbXof/ZOuhBCCCHEv4Pxf7C/299E6j//Vb99pDsAXLsj+5G/fpQGgI1Zfl33VDmaJwDgmS7tHv7LVqFC165df3vsUg1RnrkAkLiSnwauxMugGTwFLaEpFPkv++upOlzgP6ifvB0g/V/lpMCV+Er9W/9O/RGz/7D+XIB8ea7kpIMr8ZX6RX9XO/qlftbGf1A/3RdjAZr8VV4GuBJfqV8YnoBnoeXfPFIIIYQQQgghhPhVT1WqzR9d316+Ps9hruSkhSvxH12fCyGEEEIIIYQQ4up7vkPHpx9v2bJpm7+zKPf3d8kitSzS/Gu08W+/APiXaOPPLa72dyYhhBBCCCHEP9uVk/6r3YkQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCJF6/b/4c2JX+xiFEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEKIq+1/BQAA//+WZi++") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwrite64(r0, &(0x7f0000000140)='2', 0x1, 0x8000c61) 3.208558122s ago: executing program 7 (id=2741): syz_usb_connect(0x3, 0x34, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x1e, 0xf6, 0xbe, 0x10, 0x499, 0x1027, 0x6513, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x22, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x27, 0x0, 0x1, 0xc6, 0xe6, 0xad, 0x0, [], [{{0x9, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [@generic={0x7, 0x5, "d77b5d2898"}]}}]}}]}}]}}, 0x0) 1.752616524s ago: executing program 6 (id=2742): unshare(0x20020000) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0) setgroups(0x0, 0x0) getgroups(0x1, &(0x7f0000000100)=[0xee00]) setregid(0x0, r0) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901) fchdir(r1) close(r1) syz_clone(0x4060000, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = open(&(0x7f0000000000)='.\x00', 0x800, 0x0) unlinkat(r2, &(0x7f0000000140)='./file0\x00', 0x200) 76.48475ms ago: executing program 5 (id=2743): sched_setscheduler(0x0, 0x2, 0x0) openat$uinput(0xffffffffffffff9c, 0x0, 0x802, 0x0) ioperm(0x4, 0x1, 0x1) init_module(0x0, 0x0, 0x0) 0s ago: executing program 6 (id=2744): syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000600)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030332c726573765f6c6576656c3d30303030303030303030303030303030303030362c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c636f686572656e63793d66756c6c2c6e6f61636c2c004c98065b85e5b137d63b2211c62c402045083da9bddc3b0d88d44ecd24ba5288d428197284f332858b83349af2c7646f1e07e91120d7f23ce20389bbc031d81d654f1ca08f61c92d90e6ea478843c1ad942c7c257f9ff5348dd038e947775991ad90f8861dada21d5fa2de7042b5e2cbbcd1ada2b568e375812eb0bc448e68eda4c70cf1d5adf566142ed45924fe72a1eb1a914faf754b9d94bf0fdc1f98c708bd89940b5ef96e328240c39559b35bc83c15c15104f3b3fe1945f0278c34e2399dadcd9776ac659afcbb239569140ab408ad87f15b353941"], 0x1, 0x4421, &(0x7f0000008940)="$eJzs3c9PHGUfAPBnBt63UNsKtYeamLiJTTRqCPSk0kRKaSm0WFNtY7xsF9i26MI2sBgPPeCtiScTD8ZDo4k3Tg0Hr/VP8OKxnpvowYuJSSNmd2eBGXbDSliwzeeTlNl5fu9+d5595jB94kTl9txSbm4pV1jIlWduLp3OfVYuLc8XQ7xPDrp/2tOJOIn9wbly7sIH10+H8NPsL4/X19fXQ1V3aGpoy+s//7g7s/XYEGfqVNtt3tpe+TiEcGLbuKq6Qggf/RhCFEI4m6SNJsfeEMKxUM+7fvfLG7k9Gs2DR8Uz+SdT99aGT02u3l9r/d6jEL4tvfjmrfnfXuka/vX1PeoeAAAAAAAAAAAAAAAAAICn3PjVK9feHxwKD6PQvRptf153PDm2ej52fc+83Pk3CwAAAAAAAAAAAAAAAAAAAP9Rm8//56LjTZ7/H0uOIy3qr7/b+THSORPvXRk7PziU7P8ebct/K0n6/WxX6G+y73t2//ezmfrN93/f3s9uNcbX6LcvRPFA6jyOBwZC+D7Z+P1kdDgulZcqb9wsLy/M7tkwnlrp+Nd3709FJ9nQv934j2ba7/z+/y9s+zZVz2/s3VfsmZaOf1fLcj98EbUV/3OZevsRf3YvHf/uWlrv1gIj9QmgGv+vuneO/1im/U7F/1gIIRdVx5pLzQDVNUw1vdV6hbR0/P9XS0tNnckH2er6/ysT//OZ9g9q/l/J/hDRVDr+/6+l9aRKbF7//fHO1/+FTPsHEf/q+Ff8/rclHf9D9cTuVJHaJ9nu/D+eab9T8b8WJ+M8FqW+AatRPb3V/1dHWjr+PdvyN+//4rbWfxcz9ffr/q/Rb+P+rzH9vxbV7/9oLh3/3pbl2r3+JzL1Oj3/j9TWf+xWOv6Ha2nptXNf7W+78Z/MtN+p+NdWJT2N+G/OJ38fqqd/Z/3XlnT8n6snxltLrNT+1tZ/0c7r/0uZ9g9i/Vcd/0rc2V6fFen4H2lZrhr/n9v4/b+cqdf5+IcwaK2/a+n4H21Zrnb99+wc/6lMvU7H/9VONg4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwFBhNjn0higdS53E8MBDCueT8ZDgcTRdm89Ol8synSyGMJem5cDy6VSpPF0r5uYXybDFfKJXKMyGcT/JPhJ5oqVSu5OcLdy5stNUb3S4WFivTxUIlhDCepL8Ujjbamp6rzBfuhBAubuQ9H5cX79wuLORn5xbfGRwcHAwTG2Poj4qfV4oLlXrv9dwQJjfq9kVbBlfLvrQxliPRJ+XlxYVCqZZ+eUudUnmmUNpSZyrJ+zr0R5XF5YWZQqWYL5VvNfo7SCPJcWzi6odXLw9ty78R1Y+j+zssAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP6lh8NvfxNC6K6fxSGEXJS8iJJ/KQ8eFc/kn0zdWxs+Nbl6f+1xszIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/7ADBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFXfpHaSCI4gD8Ziy09BhWy25nu6KIFq4InkCP4WH0KF7CO1ikSJsiBJJZCPsHtkmq72sezI+Z92AeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyz2+de+vdROR4mp7GfH7+fd/nD+X+n03ff/iDDNyOk8v3f1D3ZR/T6P8thyt2rxPN+uvj5iovZ/Bngz36WDcZ2hu3+bm6/teR8pVRLQlv0k5V9WytwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAHTtwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgWMBAAAAAGH+1lH0bQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPArAAD//z8QH1I=") timer_settime(0x0, 0x1, 0x0, 0x0) r0 = open(&(0x7f0000000100)='./bus\x00', 0x143142, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0) write$FUSE_OPEN(r1, &(0x7f0000000080)={0x20}, 0x20) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r2 = openat$fb0(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000680)=ANY=[], 0x30}}, 0x0) sendmsg$nl_route(r3, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001140)={0x0}}, 0x0) ioctl$FBIOPUT_VSCREENINFO(r2, 0x4601, 0x0) r4 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000013c0)=[{0x0}], 0x1}, 0x0) recvmsg$kcm(r4, 0x0, 0x0) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r1, 0x0, 0x0) sched_setaffinity(0x0, 0xfffffffffffffddf, &(0x7f0000000040)=0x2) sched_setscheduler(0x0, 0x2, 0x0) openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x400, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r2, 0xd000943d, &(0x7f0000002000)={0x0, [], 0x8, "5bbd82c248d4d6"}) r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) sendfile(r1, r0, 0x0, 0x2c62) kernel console output (not intermixed with test programs): 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 745.549890][T12334] RSP: 002b:00007f1f0bb50038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 745.558599][T12334] RAX: ffffffffffffffda RBX: 00007f1f0af35f80 RCX: 00007f1f0ad7e719 [ 745.566806][T12334] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 745.574997][T12334] RBP: 00007f1f0bb50090 R08: 0000000000000000 R09: 0000000000000000 [ 745.583205][T12334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 745.591394][T12334] R13: 0000000000000000 R14: 00007f1f0af35f80 R15: 00007ffd9717ebd8 [ 745.599612][T12334] [ 745.602848][ C0] vkms_vblank_simulate: vblank timer overrun [ 746.224972][T12285] BTRFS error (device loop6): open_ctree failed [ 746.524588][T10576] usb 3-1: new high-speed USB device number 28 using dummy_hcd [ 746.622959][T12351] Unsupported ieee802154 address type: 0 [ 746.666217][T12353] loop5: detected capacity change from 0 to 8 [ 746.698846][T12353] squashfs: Unknown parameter '' [ 746.953515][T10576] usb 3-1: Using ep0 maxpacket: 16 [ 746.988056][T10576] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 746.996662][T10576] usb 3-1: config 0 has no interface number 0 [ 747.003100][T10576] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 747.015321][T10576] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 747.025506][T10576] usb 3-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00 [ 747.035071][T10576] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 747.064170][T10576] usb 3-1: config 0 descriptor?? [ 747.471417][T12363] loop5: detected capacity change from 0 to 128 [ 747.502915][T12363] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100) [ 747.511644][T12363] FAT-fs (loop5): Filesystem has been set read-only [ 747.520596][T12363] syz.5.2158: attempt to access beyond end of device [ 747.520596][T12363] loop5: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 747.535087][T12363] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100) [ 747.543565][T12363] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100) [ 747.574820][T12363] syz.5.2158: attempt to access beyond end of device [ 747.574820][T12363] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 747.592027][ T29] audit: type=1800 audit(2000000012.819:257): pid=12363 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.2158" name="file2" dev="loop5" ino=1048672 res=0 errno=0 [ 747.710302][T12367] ebt_among: src integrity fail: 30a [ 748.339912][T10576] usbhid 3-1:0.1: can't add hid device: -71 [ 748.346729][T10576] usbhid 3-1:0.1: probe with driver usbhid failed with error -71 [ 748.367788][T10576] usb 3-1: USB disconnect, device number 28 [ 748.378015][ T29] audit: type=1326 audit(2000000013.589:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12364 comm="syz.6.2159" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcb3657e719 code=0x0 [ 748.515640][T12375] xt_TPROXY: Can be used only with -p tcp or -p udp [ 748.537580][T12375] loop6: detected capacity change from 0 to 16 [ 748.554987][T12375] erofs: (device loop6): z_erofs_parse_cfgs: unidentified algorithms fff0, please upgrade kernel [ 748.617582][T12378] loop0: detected capacity change from 0 to 512 [ 748.980316][T12378] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 748.995045][T12378] ext4 filesystem being mounted at /436/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 749.148943][T12388] loop5: detected capacity change from 0 to 8 [ 749.171235][T12378] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 749.280465][T12378] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2162'. [ 749.331785][T12394] loop6: detected capacity change from 0 to 8 [ 749.341558][T12394] squashfs: Unknown parameter '' [ 749.611204][ T5791] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 750.021210][T12409] dccp_v6_rcv: dropped packet with invalid checksum [ 750.319591][T12414] netlink: 'syz.0.2176': attribute type 1 has an invalid length. [ 750.327733][T12414] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2176'. [ 750.391801][T12414] loop0: detected capacity change from 0 to 128 [ 750.403447][T12388] loop5: detected capacity change from 0 to 4096 [ 750.434372][T12414] VFS: Found a Xenix FS (block size = 1024) on device loop0 [ 750.639036][ T5791] sysv_free_block: flc_count > flc_size [ 750.645016][ T5791] sysv_free_block: flc_count > flc_size [ 750.650750][ T5791] sysv_free_block: flc_count > flc_size [ 750.657104][ T5791] sysv_free_block: flc_count > flc_size [ 750.662834][ T5791] sysv_free_block: flc_count > flc_size [ 750.669037][ T5791] sysv_free_block: flc_count > flc_size [ 750.680236][ T5791] sysv_free_block: flc_count > flc_size [ 750.683127][T12422] FAULT_INJECTION: forcing a failure. [ 750.683127][T12422] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 750.686165][ T5791] sysv_free_block: flc_count > flc_size [ 750.700259][T12422] CPU: 0 UID: 0 PID: 12422 Comm: syz.2.2179 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0 [ 750.705916][ T5791] sysv_free_block: flc_count > flc_size [ 750.716608][T12422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 750.716694][T12422] Call Trace: [ 750.716748][T12422] [ 750.724660][ T5791] sysv_free_block: flc_count > flc_size [ 750.732384][T12422] dump_stack_lvl+0x216/0x2d0 [ 750.736692][ T5791] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 750.738701][T12422] dump_stack+0x1e/0x30 [ 750.760713][T12422] should_fail_ex+0x748/0x7f0 [ 750.765733][T12422] should_fail+0x2a/0x40 [ 750.770291][T12422] should_fail_usercopy+0x2e/0x40 [ 750.775650][T12422] _copy_from_user+0x35/0x110 [ 750.780627][T12422] ucma_listen+0x5b/0x4e0 [ 750.785245][T12422] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 750.791308][T12422] ? __pfx_ucma_listen+0x10/0x10 [ 750.796539][T12422] ucma_write+0x4e3/0x5a0 [ 750.801159][T12422] ? __pfx_ucma_write+0x10/0x10 [ 750.806287][T12422] vfs_write+0x48a/0x1540 [ 750.810894][T12422] ? kmsan_get_metadata+0x13e/0x1c0 [ 750.816341][T12422] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 750.822973][T12422] ? kmsan_get_metadata+0x13e/0x1c0 [ 750.828427][T12422] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 750.834496][T12422] ksys_write+0x24f/0x4c0 [ 750.839105][T12422] __x64_sys_write+0x93/0xe0 [ 750.843972][T12422] x64_sys_call+0x306a/0x3ba0 [ 750.848939][T12422] do_syscall_64+0xcd/0x1e0 [ 750.853742][T12422] ? clear_bhb_loop+0x25/0x80 [ 750.858702][T12422] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 750.864879][T12422] RIP: 0033:0x7fc6bf17e719 [ 750.869515][T12422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 750.889487][T12422] RSP: 002b:00007fc6bff9f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 750.898214][T12422] RAX: ffffffffffffffda RBX: 00007fc6bf335f80 RCX: 00007fc6bf17e719 [ 750.906443][T12422] RDX: 0000000000000010 RSI: 0000000020002380 RDI: 0000000000000003 [ 750.914645][T12422] RBP: 00007fc6bff9f090 R08: 0000000000000000 R09: 0000000000000000 [ 750.922854][T12422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 750.931051][T12422] R13: 0000000000000000 R14: 00007fc6bf335f80 R15: 00007ffe6f5e0338 [ 750.939275][T12422] [ 751.081323][T12425] loop0: detected capacity change from 0 to 128 [ 751.186681][T12425] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 751.239167][T12431] loop6: detected capacity change from 0 to 8 [ 751.249010][T12425] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 751.265715][T12431] squashfs: Unknown parameter '' [ 751.276740][T12425] netlink: 'syz.0.2181': attribute type 8 has an invalid length. [ 751.285054][T12425] netlink: 163128 bytes leftover after parsing attributes in process `syz.0.2181'. [ 751.400210][T12425] Process accounting resumed [ 751.741304][T12442] loop6: detected capacity change from 0 to 512 [ 751.757079][T12442] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended [ 751.766872][T12442] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 751.802518][T12442] EXT4-fs (loop6): warning: checktime reached, running e2fsck is recommended [ 751.821293][T12442] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 751.831003][T12442] System zones: 0-2, 18-18, 34-34 [ 751.845631][T12442] EXT4-fs warning (device loop6): ext4_update_dynamic_rev:1138: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 751.864492][T12442] EXT4-fs (loop6): 1 truncate cleaned up [ 751.872199][T12442] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 751.928779][T12442] EXT4-fs (loop6): resizing filesystem from 64 to 1 blocks [ 751.938681][T12442] EXT4-fs warning (device loop6): ext4_resize_fs:2042: can't shrink FS - resize aborted [ 751.994706][ T5791] UDF-fs: warning (device loop0): udf_evict_inode: Inode 99 (mode 100755) has inode size 1114 different from extent length 1536. Filesystem need not be standards compliant. [ 752.188665][T12450] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 752.375598][T12456] FAULT_INJECTION: forcing a failure. [ 752.375598][T12456] name failslab, interval 1, probability 0, space 0, times 0 [ 752.388873][T12456] CPU: 1 UID: 0 PID: 12456 Comm: syz.7.2192 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0 [ 752.399957][T12456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 752.410263][T12456] Call Trace: [ 752.413835][T12456] [ 752.416960][T12456] dump_stack_lvl+0x216/0x2d0 [ 752.421975][T12456] dump_stack+0x1e/0x30 [ 752.426465][T12456] should_fail_ex+0x748/0x7f0 [ 752.431478][T12456] should_failslab+0x17f/0x210 [ 752.436538][T12456] kmem_cache_alloc_node_noprof+0xeb/0xb80 [ 752.442679][T12456] ? __alloc_skb+0x1e9/0x7b0 [ 752.447580][T12456] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 752.453689][T12456] __alloc_skb+0x1e9/0x7b0 [ 752.458428][T12456] netlink_ack+0x281/0xe80 [ 752.463172][T12456] ? kmsan_get_metadata+0x13e/0x1c0 [ 752.468658][T12456] netlink_rcv_skb+0x510/0x650 [ 752.473769][T12456] ? __pfx_genl_rcv_msg+0x10/0x10 [ 752.479120][T12456] ? __pfx_genl_rcv+0x10/0x10 [ 752.484099][T12456] genl_rcv+0x40/0x60 [ 752.488461][T12456] netlink_unicast+0xf52/0x1260 [ 752.493700][T12456] netlink_sendmsg+0x10da/0x11e0 [ 752.498946][T12456] ? __pfx_netlink_sendmsg+0x10/0x10 [ 752.504520][T12456] ? __pfx_netlink_sendmsg+0x10/0x10 [ 752.510099][T12456] __sock_sendmsg+0x30f/0x380 [ 752.515073][T12456] ____sys_sendmsg+0x877/0xb60 [ 752.520174][T12456] ___sys_sendmsg+0x28d/0x3c0 [ 752.525167][T12456] ? kmsan_get_metadata+0x13e/0x1c0 [ 752.530690][T12456] ? __rcu_read_unlock+0x7b/0xe0 [ 752.535949][T12456] ? __fget_files+0x4f5/0x5c0 [ 752.540938][T12456] ? kmsan_get_metadata+0x13e/0x1c0 [ 752.546423][T12456] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 752.552530][T12456] __x64_sys_sendmsg+0x300/0x4a0 [ 752.557809][T12456] ? perf_mmap+0x1420/0x28d0 [ 752.562723][T12456] x64_sys_call+0x2da0/0x3ba0 [ 752.567721][T12456] do_syscall_64+0xcd/0x1e0 [ 752.572538][T12456] ? clear_bhb_loop+0x25/0x80 [ 752.577529][T12456] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 752.583745][T12456] RIP: 0033:0x7f22e577e719 [ 752.588400][T12456] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 752.608312][T12456] RSP: 002b:00007f22e6531038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 752.617056][T12456] RAX: ffffffffffffffda RBX: 00007f22e5935f80 RCX: 00007f22e577e719 [ 752.624639][ T5912] usb 7-1: new high-speed USB device number 21 using dummy_hcd [ 752.625198][T12456] RDX: 0000000000000000 RSI: 0000000020000a00 RDI: 0000000000000003 [ 752.641077][T12456] RBP: 00007f22e6531090 R08: 0000000000000000 R09: 0000000000000000 [ 752.649298][T12456] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 752.657517][T12456] R13: 0000000000000000 R14: 00007f22e5935f80 R15: 00007fffbe0715f8 [ 752.665769][T12456] [ 752.681025][T12461] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 752.690711][T12461] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 752.709884][T12460] netlink: 'syz.5.2190': attribute type 10 has an invalid length. [ 752.763781][T12460] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 752.810016][ T5912] usb 7-1: Using ep0 maxpacket: 32 [ 752.832112][ T5912] usb 7-1: config index 0 descriptor too short (expected 35577, got 27) [ 752.841564][ T5912] usb 7-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 752.851459][ T5912] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 752.860960][ T5912] usb 7-1: config 1 has no interface number 0 [ 752.867438][ T5912] usb 7-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 752.878838][ T5912] usb 7-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 752.892218][ T5912] usb 7-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 752.901660][ T5912] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 752.911757][ T5419] usb 6-1: new high-speed USB device number 21 using dummy_hcd [ 753.017825][ T5912] snd_usb_pod 7-1:1.1: Line 6 Pocket POD found [ 753.066778][T12465] loop2: detected capacity change from 0 to 22 [ 753.201008][ T5419] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 753.211840][ T5419] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 753.248353][ T5419] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 753.258921][ T5419] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 753.267820][ T5419] usb 6-1: SerialNumber: syz [ 753.438291][T12474] loop0: detected capacity change from 0 to 256 [ 753.596053][T12474] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 753.726326][ T5419] usb 6-1: 0:2 : does not exist [ 753.731534][ T5419] usb 6-1: unit 5: unexpected type 0x09 [ 753.835343][ T5419] usb 6-1: USB disconnect, device number 21 [ 754.216480][T12484] loop2: detected capacity change from 0 to 2048 [ 754.236109][T12484] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 754.255731][T12484] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 754.663443][T10576] usb 3-1: new high-speed USB device number 29 using dummy_hcd [ 754.896736][T10576] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 754.908437][T10576] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 754.920254][T10576] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 754.935333][T10576] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 754.944800][T10576] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 755.025806][T10576] usb 3-1: config 0 descriptor?? [ 755.034729][T12484] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 755.043507][ T5912] snd_usb_pod 7-1:1.1: set_interface failed [ 755.049827][ T5912] snd_usb_pod 7-1:1.1: Line 6 Pocket POD now disconnected [ 755.058303][ T5912] snd_usb_pod 7-1:1.1: probe with driver snd_usb_pod failed with error -71 [ 755.070793][ T5912] usb 7-1: USB disconnect, device number 21 [ 755.327686][ T8868] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 755.579926][T10576] plantronics 0003:047F:FFFF.0013: unknown main item tag 0xd [ 755.722655][T10576] plantronics 0003:047F:FFFF.0013: No inputs registered, leaving [ 755.761337][T12500] netlink: 'syz.7.2209': attribute type 39 has an invalid length. [ 755.774004][T10576] plantronics 0003:047F:FFFF.0013: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 755.912087][T10576] usb 3-1: USB disconnect, device number 29 [ 756.249231][T12512] loop0: detected capacity change from 0 to 1024 [ 756.259232][T12512] EXT4-fs: Ignoring removed orlov option [ 756.265365][T12512] EXT4-fs: Ignoring removed nomblk_io_submit option [ 756.358112][T12512] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 756.385078][ T29] audit: type=1800 audit(2000000021.619:259): pid=12512 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2213" name="bus" dev="loop0" ino=18 res=0 errno=0 [ 756.693796][T12520] loop6: detected capacity change from 0 to 512 [ 756.710458][T12520] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended [ 756.720383][T12520] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 756.755830][ T5791] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 756.766131][T12520] EXT4-fs (loop6): warning: checktime reached, running e2fsck is recommended [ 756.833555][T12520] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 756.843359][T12520] System zones: 0-2, 18-18, 34-34 [ 756.851029][T12520] EXT4-fs warning (device loop6): ext4_update_dynamic_rev:1138: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 756.869887][T12520] EXT4-fs (loop6): 1 truncate cleaned up [ 756.877642][T12520] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 756.908060][T12520] EXT4-fs (loop6): resizing filesystem from 64 to 1 blocks [ 756.915761][T12520] EXT4-fs warning (device loop6): ext4_resize_fs:2042: can't shrink FS - resize aborted [ 757.178646][T12527] input: syz1 as /devices/virtual/input/input32 [ 757.433355][T10576] usb 7-1: new high-speed USB device number 22 using dummy_hcd [ 757.633342][T10576] usb 7-1: Using ep0 maxpacket: 32 [ 757.661040][T10576] usb 7-1: config index 0 descriptor too short (expected 35577, got 27) [ 757.670211][T10576] usb 7-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 757.679270][T10576] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 757.688627][T10576] usb 7-1: config 1 has no interface number 0 [ 757.695219][T10576] usb 7-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 757.706510][T10576] usb 7-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 757.719893][T10576] usb 7-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 757.729343][T10576] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 757.816571][T10576] snd_usb_pod 7-1:1.1: Line 6 Pocket POD found [ 758.015922][T10576] snd_usb_pod 7-1:1.1: Line 6 Pocket POD now attached [ 758.062382][T12544] loop2: detected capacity change from 0 to 8 [ 758.180069][ T5912] usb 7-1: USB disconnect, device number 22 [ 758.188018][ T5912] snd_usb_pod 7-1:1.1: Line 6 Pocket POD now disconnected [ 758.344987][T12549] loop0: detected capacity change from 0 to 8 [ 758.400993][T12549] netlink: 'syz.0.2225': attribute type 39 has an invalid length. [ 758.473346][T12551] loop5: detected capacity change from 0 to 8 [ 758.485552][T12551] squashfs: Unknown parameter '' [ 758.907704][ T8868] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 759.188887][T12544] loop2: detected capacity change from 0 to 4096 [ 759.237016][T12556] loop5: detected capacity change from 0 to 64 [ 760.817464][T12591] loop5: detected capacity change from 0 to 8 [ 760.888305][T12591] netlink: 'syz.5.2240': attribute type 39 has an invalid length. [ 761.679440][T12597] loop0: detected capacity change from 0 to 4096 [ 761.700379][T12610] loop6: detected capacity change from 0 to 8 [ 761.709151][T12610] squashfs: Unknown parameter '' [ 761.760991][T12612] loop2: detected capacity change from 0 to 8 [ 761.775835][T12612] squashfs: Unknown parameter '' [ 761.785085][T12597] ntfs3: Unknown parameter 'uie' [ 762.189196][T12618] loop0: detected capacity change from 0 to 8 [ 762.393600][T12624] loop6: detected capacity change from 0 to 8 [ 762.468549][T12624] cramfs: Error -3 while decompressing! [ 762.475731][T12624] cramfs: ffffffff9466f2b2(26)->ffff888124117000(4096) [ 762.482867][T12624] cramfs: Error -3 while decompressing! [ 762.488794][T12624] cramfs: ffffffff9466f2cc(16)->ffff88812ade0000(4096) [ 762.513943][T12624] cramfs: Error -3 while decompressing! [ 762.519931][T12624] cramfs: ffffffff9466f2b2(26)->ffff888124117000(4096) [ 762.544919][ T29] audit: type=1800 audit(2000000027.769:260): pid=12624 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.2253" name="file2" dev="loop6" ino=348 res=0 errno=0 [ 762.904200][T12635] FAULT_INJECTION: forcing a failure. [ 762.904200][T12635] name failslab, interval 1, probability 0, space 0, times 0 [ 762.917582][T12635] CPU: 1 UID: 0 PID: 12635 Comm: syz.6.2257 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0 [ 762.928659][T12635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 762.938958][T12635] Call Trace: [ 762.942435][T12635] [ 762.945556][T12635] dump_stack_lvl+0x216/0x2d0 [ 762.950554][T12635] dump_stack+0x1e/0x30 [ 762.955014][T12635] should_fail_ex+0x748/0x7f0 [ 762.960019][T12635] should_failslab+0x17f/0x210 [ 762.965060][T12635] __kmalloc_noprof+0x175/0xf30 [ 762.970232][T12635] ? sk_prot_alloc+0x143/0x440 [ 762.975315][T12635] ? kmsan_get_metadata+0x13e/0x1c0 [ 762.980804][T12635] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 762.986906][T12635] sk_prot_alloc+0x143/0x440 [ 762.991849][T12635] sk_alloc+0x55/0x850 [ 762.996224][T12635] netlink_create+0x69c/0xac0 [ 763.001191][T12635] ? __pfx_genl_bind+0x10/0x10 [ 763.006260][T12635] ? __pfx_genl_unbind+0x10/0x10 [ 763.011504][T12635] ? __pfx_genl_release+0x10/0x10 [ 763.016824][T12635] ? __pfx_netlink_create+0x10/0x10 [ 763.022308][T12635] __sock_create+0x772/0xdb0 [ 763.027210][T12635] __sys_socket+0x145/0x680 [ 763.031999][T12635] ? kmsan_get_metadata+0x13e/0x1c0 [ 763.037499][T12635] __x64_sys_socket+0x8e/0xe0 [ 763.042482][T12635] x64_sys_call+0x3a18/0x3ba0 [ 763.047480][T12635] do_syscall_64+0xcd/0x1e0 [ 763.052306][T12635] ? clear_bhb_loop+0x25/0x80 [ 763.057292][T12635] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 763.063496][T12635] RIP: 0033:0x7fcb36580637 [ 763.068136][T12635] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 763.088030][T12635] RSP: 002b:00007fcb373fdfa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 763.096738][T12635] RAX: ffffffffffffffda RBX: 00007fcb36735f80 RCX: 00007fcb36580637 [ 763.104948][T12635] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 763.113142][T12635] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 763.121340][T12635] R10: 0000000020001100 R11: 0000000000000286 R12: 0000000000000001 [ 763.129534][T12635] R13: 0000000000000000 R14: 00007fcb36735f80 R15: 00007ffc63911c18 [ 763.137753][T12635] [ 763.257213][T12638] loop2: detected capacity change from 0 to 8 [ 763.495358][T12638] netlink: 'syz.2.2258': attribute type 39 has an invalid length. [ 763.505020][T12618] loop0: detected capacity change from 0 to 4096 [ 764.804260][T12657] macvlan0: entered allmulticast mode [ 764.812875][T12657] mac80211_hwsim hwsim14 wlan0: entered promiscuous mode [ 764.820598][T12657] mac80211_hwsim hwsim14 wlan0: entered allmulticast mode [ 764.837990][T12657] bond0: (slave macvlan0): Enslaving as an active interface with an up link [ 764.950006][T12661] bond0: entered promiscuous mode [ 764.955550][T12661] bond_slave_0: entered promiscuous mode [ 764.962412][T12661] bond_slave_1: entered promiscuous mode [ 764.969571][T12661] macvlan0: entered promiscuous mode [ 765.288447][T12664] loop5: detected capacity change from 0 to 512 [ 765.472887][T12664] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended [ 765.482652][T12664] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 765.546384][T12664] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 765.563259][T12664] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 765.572002][T12664] System zones: 0-2, 18-18, 34-34 [ 765.589903][T12664] EXT4-fs warning (device loop5): ext4_update_dynamic_rev:1138: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 765.686519][T12664] EXT4-fs (loop5): 1 truncate cleaned up [ 765.694326][T12664] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 765.878538][T12664] EXT4-fs (loop5): resizing filesystem from 64 to 1 blocks [ 765.886743][T12664] EXT4-fs warning (device loop5): ext4_resize_fs:2042: can't shrink FS - resize aborted [ 766.172387][T12688] loop2: detected capacity change from 0 to 512 [ 766.353566][T12690] loop0: detected capacity change from 0 to 8 [ 766.738595][T12697] loop6: detected capacity change from 0 to 128 [ 766.763555][T12697] affs: Error parsing options [ 767.254303][ T5850] usb 6-1: new high-speed USB device number 22 using dummy_hcd [ 767.413898][ T5850] usb 6-1: Using ep0 maxpacket: 32 [ 767.447013][ T5850] usb 6-1: config index 0 descriptor too short (expected 35577, got 27) [ 767.456059][ T5850] usb 6-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 767.465084][ T5850] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 767.474431][ T5850] usb 6-1: config 1 has no interface number 0 [ 767.481149][ T5850] usb 6-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 767.493445][ T5850] usb 6-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 767.506939][ T5850] usb 6-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 767.516634][ T5850] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 767.591431][ T5850] snd_usb_pod 6-1:1.1: Line 6 Pocket POD found [ 767.634648][T12690] loop0: detected capacity change from 0 to 4096 [ 767.925016][ T5850] snd_usb_pod 6-1:1.1: Line 6 Pocket POD now attached [ 768.169117][ T5850] usb 6-1: USB disconnect, device number 22 [ 768.177363][ T5850] snd_usb_pod 6-1:1.1: Line 6 Pocket POD now disconnected [ 769.448310][ T7870] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 769.577764][ T5850] usb 3-1: new high-speed USB device number 30 using dummy_hcd [ 769.744760][ T5850] usb 3-1: Using ep0 maxpacket: 16 [ 769.780583][ T5850] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 769.792442][ T5850] usb 3-1: New USB device found, idVendor=056a, idProduct=0333, bcdDevice= 0.00 [ 769.801945][ T5850] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 769.832787][ T5850] usb 3-1: config 0 descriptor?? [ 769.845951][T12733] loop0: detected capacity change from 0 to 128 [ 769.886361][T12733] affs: Error parsing options [ 770.277136][ T5850] usbhid 3-1:0.0: can't add hid device: -71 [ 770.284319][ T5850] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 770.319769][ T5850] usb 3-1: USB disconnect, device number 30 [ 771.365202][T12754] loop2: detected capacity change from 0 to 512 [ 771.410374][T12754] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 771.420918][T12754] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 771.475048][T12754] EXT4-fs (loop2): warning: checktime reached, running e2fsck is recommended [ 771.493702][T12754] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 771.502388][T12754] System zones: 0-2, 18-18, 34-34 [ 771.539848][T12754] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1138: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 771.633448][T12754] EXT4-fs (loop2): 1 truncate cleaned up [ 771.640870][T12754] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 771.771527][T12754] EXT4-fs (loop2): resizing filesystem from 64 to 1 blocks [ 771.780016][T12754] EXT4-fs warning (device loop2): ext4_resize_fs:2042: can't shrink FS - resize aborted [ 771.867940][T12762] loop5: detected capacity change from 0 to 8 [ 771.869785][T12757] loop6: detected capacity change from 0 to 1764 [ 772.010937][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 772.017929][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 772.293374][ T8] usb 7-1: new high-speed USB device number 23 using dummy_hcd [ 772.447996][ T8] usb 7-1: device descriptor read/64, error -71 [ 772.491784][T12586] usb 3-1: new high-speed USB device number 31 using dummy_hcd [ 772.673450][T12586] usb 3-1: Using ep0 maxpacket: 32 [ 772.712633][ T8] usb 7-1: new high-speed USB device number 24 using dummy_hcd [ 772.734879][T12586] usb 3-1: config index 0 descriptor too short (expected 35577, got 27) [ 772.743963][T12586] usb 3-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 772.753466][T12586] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 772.762698][T12586] usb 3-1: config 1 has no interface number 0 [ 772.769730][T12586] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 772.781130][T12586] usb 3-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 772.794787][T12586] usb 3-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 772.804291][T12586] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 772.911235][T12586] snd_usb_pod 3-1:1.1: Line 6 Pocket POD found [ 772.993578][ T8] usb 7-1: device descriptor read/64, error -71 [ 773.105467][ T8] usb usb7-port1: attempt power cycle [ 773.398853][T12774] loop0: detected capacity change from 0 to 64 [ 773.461678][T12586] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now attached [ 773.482572][ T8] usb 7-1: new high-speed USB device number 25 using dummy_hcd [ 773.534117][T12774] syz.0.2311: attempt to access beyond end of device [ 773.534117][T12774] loop0: rw=0, sector=131070, nr_sectors = 2 limit=64 [ 773.548509][T12774] Buffer I/O error on dev loop0, logical block 65535, async page read [ 773.570823][ T8] usb 7-1: device descriptor read/8, error -71 [ 773.600760][T12774] syz.0.2311: attempt to access beyond end of device [ 773.600760][T12774] loop0: rw=0, sector=131070, nr_sectors = 2 limit=64 [ 773.617059][T12774] Buffer I/O error on dev loop0, logical block 65535, async page read [ 773.659395][T12776] syz.0.2311: attempt to access beyond end of device [ 773.659395][T12776] loop0: rw=0, sector=131070, nr_sectors = 2 limit=64 [ 773.674140][T12776] Buffer I/O error on dev loop0, logical block 65535, async page read [ 773.731259][ T5850] usb 3-1: USB disconnect, device number 31 [ 773.740074][ T5850] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now disconnected [ 773.776748][T12776] syz.0.2311: attempt to access beyond end of device [ 773.776748][T12776] loop0: rw=0, sector=131070, nr_sectors = 2 limit=64 [ 773.791812][T12776] Buffer I/O error on dev loop0, logical block 65535, async page read [ 773.826643][T12774] syz.0.2311: attempt to access beyond end of device [ 773.826643][T12774] loop0: rw=0, sector=131070, nr_sectors = 2 limit=64 [ 773.842953][T12774] Buffer I/O error on dev loop0, logical block 65535, async page read [ 773.852652][ T8] usb 7-1: new high-speed USB device number 26 using dummy_hcd [ 773.904907][ T8] usb 7-1: device descriptor read/8, error -71 [ 774.014800][ T8] usb usb7-port1: unable to enumerate USB device [ 774.114166][T12780] dvmrp8: entered allmulticast mode [ 774.125935][T12780] dvmrp8: left allmulticast mode [ 774.384727][T12762] loop5: detected capacity change from 0 to 4096 [ 774.404773][ T5802] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 775.082630][T12762] ntfs3(loop5): Failed to read $AttrDef (-4). [ 776.752101][T12817] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 776.759528][T12817] overlayfs: failed to set xattr on upper [ 776.766517][T12817] overlayfs: ...falling back to redirect_dir=nofollow. [ 776.774220][T12817] overlayfs: ...falling back to index=off. [ 776.780228][T12817] overlayfs: ...falling back to uuid=null. [ 777.486600][T12836] loop0: detected capacity change from 0 to 128 [ 777.500435][T12836] affs: Error parsing options [ 777.510403][T12834] loop6: detected capacity change from 0 to 8 [ 777.753660][T12839] 9pnet: p9_errstr2errno: server reported unknown error @ [ 778.644614][T12834] loop6: detected capacity change from 0 to 4096 [ 778.867045][T12850] loop0: detected capacity change from 0 to 256 [ 779.146936][T12850] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 779.203410][T12850] FAULT_INJECTION: forcing a failure. [ 779.203410][T12850] name failslab, interval 1, probability 0, space 0, times 0 [ 779.216618][T12850] CPU: 0 UID: 0 PID: 12850 Comm: syz.0.2342 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0 [ 779.227705][T12850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 779.238021][T12850] Call Trace: [ 779.241489][T12850] [ 779.244616][T12850] dump_stack_lvl+0x216/0x2d0 [ 779.249644][T12850] dump_stack+0x1e/0x30 [ 779.254123][T12850] should_fail_ex+0x748/0x7f0 [ 779.259117][T12850] should_failslab+0x17f/0x210 [ 779.264164][T12850] __kmalloc_noprof+0x175/0xf30 [ 779.269332][T12850] ? tomoyo_encode+0x5f8/0xa40 [ 779.274384][T12850] ? kmsan_get_metadata+0x13e/0x1c0 [ 779.279872][T12850] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 779.285970][T12850] tomoyo_encode+0x5f8/0xa40 [ 779.290901][T12850] tomoyo_realpath_from_path+0x9dd/0xaa0 [ 779.296874][T12850] tomoyo_path_perm+0x246/0xa50 [ 779.302071][T12850] ? kmsan_get_metadata+0x13e/0x1c0 [ 779.307580][T12850] tomoyo_inode_getattr+0x34/0x40 [ 779.312918][T12850] security_inode_getattr+0x175/0x5b0 [ 779.318602][T12850] vfs_getattr+0x75/0x530 [ 779.323236][T12850] ? fdget_raw+0x1d6/0x250 [ 779.327954][T12850] do_statx_fd+0x167/0x6c0 [ 779.332649][T12850] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 779.339330][T12850] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 779.345735][T12850] ? kmsan_get_metadata+0x13e/0x1c0 [ 779.351230][T12850] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 779.357339][T12850] __se_sys_statx+0x373/0x420 [ 779.362291][T12850] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 779.368680][T12850] ? fput+0x286/0x320 [ 779.372920][T12850] ? ksys_write+0x405/0x4c0 [ 779.377704][T12850] ? kmsan_get_metadata+0x13e/0x1c0 [ 779.383164][T12850] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 779.389265][T12850] __x64_sys_statx+0xe4/0x150 [ 779.394258][T12850] x64_sys_call+0x33dc/0x3ba0 [ 779.399243][T12850] do_syscall_64+0xcd/0x1e0 [ 779.404066][T12850] ? clear_bhb_loop+0x25/0x80 [ 779.409043][T12850] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 779.415224][T12850] RIP: 0033:0x7fe85f57e719 [ 779.419870][T12850] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 779.439784][T12850] RSP: 002b:00007fe860389038 EFLAGS: 00000246 ORIG_RAX: 000000000000014c [ 779.448524][T12850] RAX: ffffffffffffffda RBX: 00007fe85f735f80 RCX: 00007fe85f57e719 [ 779.456752][T12850] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 0000000000000004 [ 779.464956][T12850] RBP: 00007fe860389090 R08: 0000000020000500 R09: 0000000000000000 [ 779.473187][T12850] R10: 0000000000000800 R11: 0000000000000246 R12: 0000000000000001 [ 779.481400][T12850] R13: 0000000000000000 R14: 00007fe85f735f80 R15: 00007ffc0f25b738 [ 779.489646][T12850] [ 779.494709][T12850] ERROR: Out of memory at tomoyo_realpath_from_path. [ 780.138728][T12868] 9pnet: p9_errstr2errno: server reported unknown error @ [ 780.204459][T12865] loop5: detected capacity change from 0 to 512 [ 780.414140][T12865] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2240: inode #15: comm syz.5.2347: corrupted in-inode xattr: invalid ea_ino [ 780.540945][T12865] EXT4-fs error (device loop5): ext4_orphan_get:1393: comm syz.5.2347: couldn't read orphan inode 15 (err -117) [ 780.805502][T12865] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 781.673652][ T5850] usb 6-1: new high-speed USB device number 23 using dummy_hcd [ 781.894554][ T5850] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 782.155326][ T5850] usb 6-1: New USB device found, idVendor=05ac, idProduct=025b, bcdDevice= 0.40 [ 782.165241][ T5850] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 782.173695][ T5850] usb 6-1: Product: syz [ 782.178101][ T5850] usb 6-1: Manufacturer: syz [ 782.182936][ T5850] usb 6-1: SerialNumber: syz [ 782.441359][T12879] loop0: detected capacity change from 0 to 32768 [ 782.505714][ T5850] input: bcm5974 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/input/input33 [ 782.595519][T12879] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 782.687319][ T44] usb 7-1: new high-speed USB device number 27 using dummy_hcd [ 782.717562][T12883] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 782.726797][T12883] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 782.821257][T12902] loop2: detected capacity change from 0 to 64 [ 782.864434][ T44] usb 7-1: Using ep0 maxpacket: 16 [ 782.885582][ T44] usb 7-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 782.897160][ T44] usb 7-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 782.907528][ T44] usb 7-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 782.919046][ T44] usb 7-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 783.094346][ T44] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 783.113457][ T44] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 783.124214][ T44] usb 7-1: Product: syz [ 783.129019][ T44] usb 7-1: Manufacturer: syz [ 783.134141][ T44] usb 7-1: SerialNumber: syz [ 783.186202][T12905] FAULT_INJECTION: forcing a failure. [ 783.186202][T12905] name failslab, interval 1, probability 0, space 0, times 0 [ 783.200433][T12905] CPU: 0 UID: 0 PID: 12905 Comm: syz.7.2359 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0 [ 783.211526][T12905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 783.222091][T12905] Call Trace: [ 783.225557][T12905] [ 783.228678][T12905] dump_stack_lvl+0x216/0x2d0 [ 783.233696][T12905] dump_stack+0x1e/0x30 [ 783.238166][T12905] should_fail_ex+0x748/0x7f0 [ 783.243176][T12905] should_failslab+0x17f/0x210 [ 783.248227][T12905] kmem_cache_alloc_noprof+0xe2/0xb20 [ 783.253912][T12905] ? getname_flags+0x102/0xa30 [ 783.258951][T12905] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 783.265060][T12905] getname_flags+0x102/0xa30 [ 783.269924][T12905] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 783.276021][T12905] __x64_sys_unlinkat+0x131/0x220 [ 783.281363][T12905] x64_sys_call+0x2c7a/0x3ba0 [ 783.286349][T12905] do_syscall_64+0xcd/0x1e0 [ 783.291173][T12905] ? clear_bhb_loop+0x25/0x80 [ 783.296148][T12905] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 783.302344][T12905] RIP: 0033:0x7f22e577e719 [ 783.307109][T12905] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 783.327034][T12905] RSP: 002b:00007f22e6531038 EFLAGS: 00000246 ORIG_RAX: 0000000000000107 [ 783.335776][T12905] RAX: ffffffffffffffda RBX: 00007f22e5935f80 RCX: 00007f22e577e719 [ 783.344011][T12905] RDX: 0000000000000000 RSI: 0000000020000080 RDI: ffffffffffffff9c [ 783.352233][T12905] RBP: 00007f22e6531090 R08: 0000000000000000 R09: 0000000000000000 [ 783.360449][T12905] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 783.368662][T12905] R13: 0000000000000000 R14: 00007f22e5935f80 R15: 00007fffbe0715f8 [ 783.376905][T12905] [ 783.463831][ T5791] ocfs2: Unmounting device (7,0) on (node local) [ 783.534384][T12907] 9pnet: p9_errstr2errno: server reported unknown error @ [ 783.923864][ T44] usb 7-1: USB disconnect, device number 27 [ 784.073783][T12911] loop2: detected capacity change from 0 to 128 [ 784.103718][T12911] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 784.149978][T12911] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 784.268480][ T5132] bcm5974 6-1:1.0: could not read from device [ 784.285456][ T5850] usb 6-1: USB disconnect, device number 23 [ 784.292643][ T5132] bcm5974 6-1:1.0: could not read from device [ 784.467055][ T7870] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 785.507049][T12925] netlink: 'syz.2.2368': attribute type 11 has an invalid length. [ 785.884565][T12922] 9pnet: p9_errstr2errno: server reported unknown error @ [ 786.331206][T12936] loop5: detected capacity change from 0 to 128 [ 786.369105][T12936] EXT4-fs (loop5): Test dummy encryption mode enabled [ 786.517301][T12938] 9pnet: p9_errstr2errno: server reported unknown error @hQI [ 786.647548][T12942] FAULT_INJECTION: forcing a failure. [ 786.647548][T12942] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 786.661194][T12942] CPU: 0 UID: 0 PID: 12942 Comm: syz.0.2374 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0 [ 786.672358][T12942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 786.682674][T12942] Call Trace: [ 786.686160][T12942] [ 786.689278][T12942] dump_stack_lvl+0x216/0x2d0 [ 786.694298][T12942] dump_stack+0x1e/0x30 [ 786.698784][T12942] should_fail_ex+0x748/0x7f0 [ 786.703787][T12942] should_fail+0x2a/0x40 [ 786.708335][T12942] should_fail_usercopy+0x2e/0x40 [ 786.713789][T12942] _copy_to_user+0x34/0x120 [ 786.718830][T12942] bpf_verifier_vlog+0x669/0x1020 [ 786.724186][T12942] btf_verifier_log+0x1fc/0x230 [ 786.729659][T12942] ? kmsan_get_metadata+0x13e/0x1c0 [ 786.735152][T12942] btf_func_proto_log+0x8d/0xef0 [ 786.740395][T12942] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 786.746494][T12942] ? __pfx_btf_func_proto_log+0x10/0x10 [ 786.752336][T12942] __btf_verifier_log_type+0x644/0x890 [ 786.758160][T12942] ? btf_func_proto_check_meta+0x1bb/0x250 [ 786.764355][T12942] ? sort_r+0x214e/0x2e40 [ 786.768997][T12942] btf_func_proto_check_meta+0x1eb/0x250 [ 786.774936][T12942] ? __pfx_btf_func_proto_check_meta+0x10/0x10 [ 786.781423][T12942] btf_parse_type_sec+0x836/0x3e60 [ 786.786834][T12942] ? btf_check_sec_info+0x58c/0x5d0 [ 786.792364][T12942] btf_new_fd+0x129f/0x18f0 [ 786.797188][T12942] bpf_btf_load+0x345/0x3a0 [ 786.802012][T12942] __sys_bpf+0xab2/0xd90 [ 786.806597][T12942] ? ksys_write+0x416/0x4c0 [ 786.811393][T12942] __x64_sys_bpf+0xa0/0xe0 [ 786.816126][T12942] x64_sys_call+0x2cce/0x3ba0 [ 786.821120][T12942] do_syscall_64+0xcd/0x1e0 [ 786.825941][T12942] ? clear_bhb_loop+0x25/0x80 [ 786.831011][T12942] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 786.837215][T12942] RIP: 0033:0x7fe85f57e719 [ 786.841874][T12942] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 786.861817][T12942] RSP: 002b:00007fe860389038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 786.870581][T12942] RAX: ffffffffffffffda RBX: 00007fe85f735f80 RCX: 00007fe85f57e719 [ 786.878824][T12942] RDX: 0000000000000028 RSI: 0000000020000040 RDI: 0000000000000012 [ 786.887048][T12942] RBP: 00007fe860389090 R08: 0000000000000000 R09: 0000000000000000 [ 786.895268][T12942] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 786.903488][T12942] R13: 0000000000000000 R14: 00007fe85f735f80 R15: 00007ffc0f25b738 [ 786.911736][T12942] [ 786.944076][T12946] loop2: detected capacity change from 0 to 764 [ 786.975145][T12936] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 787.063644][T12936] ext4 filesystem being mounted at /327/w5T)`)YFnA@T<3ڂ$rcnHwC" -8 supports timestamps until 2038-01-19 (0x7fffffff) [ 787.396858][T12936] EXT4-fs error (device loop5): ext4_validate_block_bitmap:423: comm syz.5.2372: bg 0: bad block bitmap checksum [ 787.402416][T12959] loop0: detected capacity change from 0 to 8 [ 787.449140][T12959] squashfs: Unknown parameter '' [ 787.583709][T12962] FAULT_INJECTION: forcing a failure. [ 787.583709][T12962] name failslab, interval 1, probability 0, space 0, times 0 [ 787.596966][T12962] CPU: 1 UID: 0 PID: 12962 Comm: syz.2.2380 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0 [ 787.608042][T12962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 787.618362][T12962] Call Trace: [ 787.621837][T12962] [ 787.624974][T12962] dump_stack_lvl+0x216/0x2d0 [ 787.629988][T12962] dump_stack+0x1e/0x30 [ 787.634454][T12962] should_fail_ex+0x748/0x7f0 [ 787.639449][T12962] should_failslab+0x17f/0x210 [ 787.644492][T12962] kmem_cache_alloc_node_noprof+0xeb/0xb80 [ 787.650622][T12962] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 787.657281][T12962] ? __alloc_skb+0x1e9/0x7b0 [ 787.662163][T12962] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 787.668274][T12962] __alloc_skb+0x1e9/0x7b0 [ 787.672997][T12962] netlink_ack+0x281/0xe80 [ 787.677846][T12962] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 787.683947][T12962] ? kmsan_get_metadata+0x13e/0x1c0 [ 787.689444][T12962] nfnetlink_rcv+0x4ad8/0x5100 [ 787.694715][T12962] ? kmsan_get_metadata+0x13e/0x1c0 [ 787.700185][T12962] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 787.706292][T12962] ? kmsan_get_metadata+0x13e/0x1c0 [ 787.711766][T12962] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 787.717862][T12962] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 787.723736][T12962] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 787.729170][T12962] netlink_unicast+0xf52/0x1260 [ 787.734419][T12962] netlink_sendmsg+0x10da/0x11e0 [ 787.739656][T12962] ? __pfx_netlink_sendmsg+0x10/0x10 [ 787.745225][T12962] ? __pfx_netlink_sendmsg+0x10/0x10 [ 787.750779][T12962] __sock_sendmsg+0x30f/0x380 [ 787.755738][T12962] ____sys_sendmsg+0x877/0xb60 [ 787.760836][T12962] ___sys_sendmsg+0x28d/0x3c0 [ 787.765862][T12962] ? kmsan_get_metadata+0x13e/0x1c0 [ 787.771358][T12962] ? __rcu_read_unlock+0x7b/0xe0 [ 787.776676][T12962] ? __fget_files+0x4f5/0x5c0 [ 787.781681][T12962] ? kmsan_get_metadata+0x13e/0x1c0 [ 787.787248][T12962] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 787.793442][T12962] __x64_sys_sendmsg+0x300/0x4a0 [ 787.798715][T12962] ? perf_mmap+0x1420/0x28d0 [ 787.803650][T12962] x64_sys_call+0x2da0/0x3ba0 [ 787.808637][T12962] do_syscall_64+0xcd/0x1e0 [ 787.813462][T12962] ? clear_bhb_loop+0x25/0x80 [ 787.818437][T12962] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 787.824639][T12962] RIP: 0033:0x7fc6bf17e719 [ 787.829318][T12962] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 787.849499][T12962] RSP: 002b:00007fc6bff9f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 787.858249][T12962] RAX: ffffffffffffffda RBX: 00007fc6bf335f80 RCX: 00007fc6bf17e719 [ 787.866497][T12962] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 787.874734][T12962] RBP: 00007fc6bff9f090 R08: 0000000000000000 R09: 0000000000000000 [ 787.882989][T12962] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 787.891215][T12962] R13: 0000000000000000 R14: 00007fc6bf335f80 R15: 00007ffe6f5e0338 [ 787.899481][T12962] [ 788.208859][ T7870] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 788.436802][T12964] loop5: detected capacity change from 0 to 64 [ 788.794884][T12964] syz.5.2382: attempt to access beyond end of device [ 788.794884][T12964] loop5: rw=0, sector=268435468, nr_sectors = 2 limit=64 [ 788.809198][T12964] Buffer I/O error on dev loop5, logical block 134217734, async page read [ 788.829968][T12970] 9pnet: p9_errstr2errno: server reported unknown error @hQI [ 788.918033][T12964] syz.5.2382: attempt to access beyond end of device [ 788.918033][T12964] loop5: rw=0, sector=268435468, nr_sectors = 2 limit=64 [ 788.932078][T12964] Buffer I/O error on dev loop5, logical block 134217734, async page read [ 789.250430][T12974] syz.5.2382: attempt to access beyond end of device [ 789.250430][T12974] loop5: rw=0, sector=268435468, nr_sectors = 2 limit=64 [ 789.264814][T12974] Buffer I/O error on dev loop5, logical block 134217734, async page read [ 789.399943][T12984] netlink: 'syz.0.2389': attribute type 6 has an invalid length. [ 789.471917][T12974] syz.5.2382: attempt to access beyond end of device [ 789.471917][T12974] loop5: rw=0, sector=268435468, nr_sectors = 2 limit=64 [ 789.486483][T12974] Buffer I/O error on dev loop5, logical block 134217734, async page read [ 790.061458][T12976] syz.5.2382: attempt to access beyond end of device [ 790.061458][T12976] loop5: rw=0, sector=268435468, nr_sectors = 2 limit=64 [ 790.076882][T12976] Buffer I/O error on dev loop5, logical block 134217734, async page read [ 790.314721][T12968] loop2: detected capacity change from 0 to 4096 [ 790.367544][T12968] ntfs3: Unknown parameter ' ' [ 790.388006][T12978] syz.5.2382: attempt to access beyond end of device [ 790.388006][T12978] loop5: rw=0, sector=268435468, nr_sectors = 2 limit=64 [ 790.402523][T12978] Buffer I/O error on dev loop5, logical block 134217734, async page read [ 790.584498][T12964] syz.5.2382: attempt to access beyond end of device [ 790.584498][T12964] loop5: rw=0, sector=268435468, nr_sectors = 2 limit=64 [ 790.598731][T12964] Buffer I/O error on dev loop5, logical block 134217734, async page read [ 790.671064][T12968] netlink: 'syz.2.2384': attribute type 11 has an invalid length. [ 791.173376][T12980] loop6: detected capacity change from 0 to 32768 [ 791.287623][T12980] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode. [ 791.338851][ T29] audit: type=1800 audit(2000000056.109:261): pid=12980 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2388" name="bus" dev="loop6" ino=17058 res=0 errno=0 [ 792.133614][T12999] loop0: detected capacity change from 0 to 8 [ 792.176294][T12999] netlink: 'syz.0.2392': attribute type 39 has an invalid length. [ 792.675677][T13002] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2394'. [ 792.829711][T13003] loop5: detected capacity change from 0 to 512 [ 792.953695][ T8868] ocfs2: Unmounting device (7,6) on (node local) [ 792.985559][T13003] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended [ 792.995143][T13003] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 793.289285][T13003] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 793.310473][T13003] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 793.320060][T13003] System zones: 0-2, 18-18, 34-34 [ 793.334722][T13003] EXT4-fs warning (device loop5): ext4_update_dynamic_rev:1138: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 793.361707][T13003] EXT4-fs (loop5): 1 truncate cleaned up [ 793.369557][T13003] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 793.463542][T13012] loop6: detected capacity change from 0 to 64 [ 793.509254][T13013] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2397'. [ 793.564920][T13003] EXT4-fs (loop5): resizing filesystem from 64 to 1 blocks [ 793.572700][T13003] EXT4-fs warning (device loop5): ext4_resize_fs:2042: can't shrink FS - resize aborted [ 793.597036][T13012] Trying to free block not in datazone [ 793.603929][T13012] Trying to free block not in datazone [ 793.626172][T13015] 9pnet: p9_errstr2errno: server reported unknown error @hQI [ 793.949919][T13022] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2400'. [ 794.193828][ T8] usb 6-1: new high-speed USB device number 24 using dummy_hcd [ 794.216905][ T5850] usb 3-1: new high-speed USB device number 32 using dummy_hcd [ 794.364054][ T8] usb 6-1: Using ep0 maxpacket: 32 [ 794.412276][ T8] usb 6-1: config index 0 descriptor too short (expected 35577, got 27) [ 794.414981][ T5850] usb 3-1: Using ep0 maxpacket: 32 [ 794.421749][ T8] usb 6-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 794.436300][ T8] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 794.445683][ T8] usb 6-1: config 1 has no interface number 0 [ 794.450105][ T44] usb 1-1: new high-speed USB device number 24 using dummy_hcd [ 794.451938][ T8] usb 6-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 794.471225][ T8] usb 6-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 794.484821][ T8] usb 6-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 794.490703][ T5850] usb 3-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb [ 794.494283][ T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 794.503699][ T5850] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 794.520072][ T5850] usb 3-1: Product: syz [ 794.525613][ T5850] usb 3-1: Manufacturer: syz [ 794.530465][ T5850] usb 3-1: SerialNumber: syz [ 794.604215][ T5850] usb 3-1: config 0 descriptor?? [ 794.630997][ T5850] gspca_main: ov534_9-2.14.0 probing 05a9:1550 [ 794.642070][ T8] snd_usb_pod 6-1:1.1: Line 6 Pocket POD found [ 794.655041][ T44] usb 1-1: Using ep0 maxpacket: 32 [ 794.671145][ T44] usb 1-1: New USB device found, idVendor=0c70, idProduct=f003, bcdDevice= 0.00 [ 794.680957][ T44] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 794.719342][ T44] usb 1-1: config 0 descriptor?? [ 795.000431][ T44] aquacomputer_d5next 0003:0C70:F003.0014: hidraw0: USB HID v0.00 Device [HID 0c70:f003] on usb-dummy_hcd.0-1/input0 [ 795.158120][ T44] usb 1-1: USB disconnect, device number 24 [ 795.348491][ T8] snd_usb_pod 6-1:1.1: Line 6 Pocket POD now attached [ 795.533560][T13032] loop6: detected capacity change from 0 to 16 [ 795.556581][T13032] erofs: DAX unsupported by block device. Turning off DAX. [ 795.565986][T13032] erofs: (device loop6): mounted with root inode @ nid 36. [ 795.669945][ T8] usb 6-1: USB disconnect, device number 24 [ 795.677849][ T8] snd_usb_pod 6-1:1.1: Line 6 Pocket POD now disconnected [ 796.490682][ T5850] gspca_ov534_9: reg_w failed -71 [ 796.634734][ T29] audit: type=1800 audit(2000000061.409:262): pid=13032 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.6.2404" name="/" dev="sockfs" ino=40317 res=0 errno=0 [ 796.679992][ T7870] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 796.775415][ T5850] gspca_ov534_9: Unknown sensor 0000 [ 796.775752][ T5850] ov534_9 3-1:0.0: probe with driver ov534_9 failed with error -22 [ 796.907247][ T5850] usb 3-1: USB disconnect, device number 32 [ 797.147073][T13046] 9pnet: p9_errstr2errno: server reported unknown error @hQI [ 797.542741][T13053] loop5: detected capacity change from 0 to 512 [ 797.833879][ T5850] usb 1-1: new high-speed USB device number 25 using dummy_hcd [ 798.029613][ T5850] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 798.041698][ T5850] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 798.053069][ T5850] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 798.063239][ T5850] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 798.076714][ T5850] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 798.086198][ T5850] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 798.103236][ T5850] usb 1-1: config 0 descriptor?? [ 798.593825][ T5850] plantronics 0003:047F:FFFF.0015: No inputs registered, leaving [ 798.652166][ T5850] plantronics 0003:047F:FFFF.0015: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 798.716681][T13085] 9pnet: p9_errstr2errno: server reported unknown error @hQI [ 798.827790][T13088] 9pnet: p9_errstr2errno: server reported unknown error @hQI [ 798.863498][T13059] mac80211_hwsim hwsim7 syzkaller0: entered promiscuous mode [ 798.873589][T13059] mac80211_hwsim hwsim7 syzkaller0: entered allmulticast mode [ 798.941219][ T8] usb 1-1: USB disconnect, device number 25 [ 799.089901][T13090] loop2: detected capacity change from 0 to 8 [ 799.109418][T13090] netlink: 'syz.2.2429': attribute type 39 has an invalid length. [ 799.168002][T13095] netlink: 'syz.5.2430': attribute type 1 has an invalid length. [ 799.275207][T13096] loop5: detected capacity change from 0 to 128 [ 799.291743][T13096] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256 [ 799.335713][T13096] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 799.352673][T13096] UDF-fs: error (device loop5): udf_read_inode: (ino 87) failed !bh [ 799.361770][T13096] UDF-fs: error (device loop5): udf_fill_super: Error in udf_iget, block=3, partition=0 [ 799.674830][T13107] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 799.684107][T13107] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 799.816698][T13111] FAULT_INJECTION: forcing a failure. [ 799.816698][T13111] name failslab, interval 1, probability 0, space 0, times 0 [ 799.830661][T13111] CPU: 0 UID: 0 PID: 13111 Comm: syz.0.2437 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0 [ 799.841735][T13111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 799.852013][T13111] Call Trace: [ 799.855481][T13111] [ 799.858585][T13111] dump_stack_lvl+0x216/0x2d0 [ 799.863578][T13111] dump_stack+0x1e/0x30 [ 799.868031][T13111] should_fail_ex+0x748/0x7f0 [ 799.873028][T13111] should_failslab+0x17f/0x210 [ 799.878068][T13111] kmem_cache_alloc_noprof+0xe2/0xb20 [ 799.883738][T13111] ? create_new_namespaces+0x64/0xdb0 [ 799.889397][T13111] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 799.895472][T13111] create_new_namespaces+0x64/0xdb0 [ 799.900946][T13111] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 799.907032][T13111] ? ns_capable+0x122/0x1d0 [ 799.911821][T13111] unshare_nsproxy_namespaces+0x17c/0x2b0 [ 799.917848][T13111] ksys_unshare+0x939/0x1290 [ 799.922725][T13111] __x64_sys_unshare+0x48/0x70 [ 799.927747][T13111] x64_sys_call+0x3a03/0x3ba0 [ 799.932711][T13111] do_syscall_64+0xcd/0x1e0 [ 799.937521][T13111] ? clear_bhb_loop+0x25/0x80 [ 799.942480][T13111] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 799.948666][T13111] RIP: 0033:0x7fe85f57e719 [ 799.953315][T13111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 799.973206][T13111] RSP: 002b:00007fe860389038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 799.981912][T13111] RAX: ffffffffffffffda RBX: 00007fe85f735f80 RCX: 00007fe85f57e719 [ 799.990134][T13111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000062040200 [ 799.998337][T13111] RBP: 00007fe860389090 R08: 0000000000000000 R09: 0000000000000000 [ 800.006536][T13111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 800.014732][T13111] R13: 0000000000000001 R14: 00007fe85f735f80 R15: 00007ffc0f25b738 [ 800.022953][T13111] [ 800.151524][ T5850] usb 3-1: new high-speed USB device number 33 using dummy_hcd [ 800.252594][T13117] 9pnet: p9_errstr2errno: server reported unknown error @hQI [ 800.582203][T13122] loop5: detected capacity change from 0 to 8 [ 800.591241][T13122] squashfs: Unknown parameter '' [ 800.853487][ T8] usb 1-1: new full-speed USB device number 26 using dummy_hcd [ 801.198799][T13140] loop2: detected capacity change from 0 to 22 [ 801.499295][T13153] netlink: 15 bytes leftover after parsing attributes in process `syz.7.2450'. [ 801.635087][T13150] loop0: detected capacity change from 0 to 256 [ 801.729026][T13150] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 802.169475][ T29] audit: type=1326 audit(2000000066.939:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13159 comm="syz.6.2456" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcb3657e719 code=0x80000000 [ 803.591078][T13170] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2461'. [ 803.601786][T13156] loop2: detected capacity change from 0 to 32768 [ 803.611331][T13156] (syz.2.2455,13156,1):ocfs2_parse_options:1448 ERROR: Unrecognized mount option "resv_level=00000000000000000008" or missing value [ 803.625380][T13156] (syz.2.2455,13156,1):ocfs2_fill_super:1178 ERROR: status = -22 [ 803.717647][T13171] loop0: detected capacity change from 0 to 512 [ 803.849415][T13171] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 803.860191][T13171] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 804.090608][T13170] hsr_slave_1 (unregistering): left promiscuous mode [ 804.268331][T13171] EXT4-fs (loop0): warning: checktime reached, running e2fsck is recommended [ 804.354070][T13171] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 804.368255][T13175] loop5: detected capacity change from 0 to 64 [ 804.404326][T13171] System zones: 0-2, 18-18, 34-34 [ 804.459358][T13171] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1138: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 804.571171][T13171] EXT4-fs (loop0): 1 truncate cleaned up [ 804.578931][T13171] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 804.773564][T13171] EXT4-fs (loop0): resizing filesystem from 64 to 1 blocks [ 804.781307][T13171] EXT4-fs warning (device loop0): ext4_resize_fs:2042: can't shrink FS - resize aborted [ 805.914304][ T5850] usb 1-1: new high-speed USB device number 27 using dummy_hcd [ 806.157566][ T5850] usb 1-1: Using ep0 maxpacket: 32 [ 806.177518][ T5850] usb 1-1: config index 0 descriptor too short (expected 35577, got 27) [ 806.186613][ T5850] usb 1-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 806.196597][ T5850] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 806.206072][ T5850] usb 1-1: config 1 has no interface number 0 [ 806.212445][ T5850] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 806.223966][ T5850] usb 1-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 806.237481][ T5850] usb 1-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 806.247059][ T5850] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 806.499963][ T5850] snd_usb_pod 1-1:1.1: Line 6 Pocket POD found [ 806.548001][T13192] netlink: 156 bytes leftover after parsing attributes in process `syz.2.2467'. [ 806.847932][T13199] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2472'. [ 806.958728][ T5850] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now attached [ 807.189741][T13204] syz.5.2473: attempt to access beyond end of device [ 807.189741][T13204] loop5: rw=0, sector=2, nr_sectors = 2 limit=0 [ 807.203875][T13204] syz.5.2473: attempt to access beyond end of device [ 807.203875][T13204] loop5: rw=0, sector=16, nr_sectors = 2 limit=0 [ 807.229406][ T5848] usb 1-1: USB disconnect, device number 27 [ 807.237348][ T5848] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now disconnected [ 807.687162][T13210] loop5: detected capacity change from 0 to 8 [ 807.710578][T13209] loop6: detected capacity change from 0 to 764 [ 807.786873][T13210] netlink: 'syz.5.2474': attribute type 39 has an invalid length. [ 808.051293][ T5791] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 811.487145][T13217] tmpfs: Bad value for 'nr_blocks' [ 811.506953][T13217] binder: 13213:13217 ioctl 3312 d returned -22 [ 812.242114][T13233] loop0: detected capacity change from 0 to 8 [ 812.271929][T13233] squashfs: Unknown parameter '' [ 812.556876][T13224] loop5: detected capacity change from 0 to 4096 [ 812.587638][T13224] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512). [ 812.708462][T13224] ntfs3(loop5): Failed to load $BadClus (-22). [ 812.793553][T13244] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2489'. [ 812.899278][T13249] tipc: Enabling of bearer rejected, failed to enable media [ 812.970967][T13222] loop5: detected capacity change from 0 to 128 [ 813.093305][ T5850] usb 3-1: new high-speed USB device number 34 using dummy_hcd [ 813.263379][T13254] FAULT_INJECTION: forcing a failure. [ 813.263379][T13254] name failslab, interval 1, probability 0, space 0, times 0 [ 813.276711][T13254] CPU: 1 UID: 0 PID: 13254 Comm: syz.0.2494 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0 [ 813.287873][T13254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 813.298185][T13254] Call Trace: [ 813.301667][T13254] [ 813.304789][T13254] dump_stack_lvl+0x216/0x2d0 [ 813.309807][T13254] dump_stack+0x1e/0x30 [ 813.314276][T13254] should_fail_ex+0x748/0x7f0 [ 813.319275][T13254] should_failslab+0x17f/0x210 [ 813.324358][T13254] kmem_cache_alloc_node_noprof+0xeb/0xb80 [ 813.330496][T13254] ? __alloc_skb+0x1e9/0x7b0 [ 813.335393][T13254] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 813.341506][T13254] __alloc_skb+0x1e9/0x7b0 [ 813.346251][T13254] netlink_ack+0x281/0xe80 [ 813.351017][T13254] ? kmsan_get_metadata+0x13e/0x1c0 [ 813.356510][T13254] netlink_rcv_skb+0x510/0x650 [ 813.361631][T13254] ? __pfx_genl_rcv_msg+0x10/0x10 [ 813.366950][T13254] ? __pfx_genl_rcv+0x10/0x10 [ 813.371898][T13254] genl_rcv+0x40/0x60 [ 813.376141][T13254] netlink_unicast+0xf52/0x1260 [ 813.381302][T13254] netlink_sendmsg+0x10da/0x11e0 [ 813.386516][T13254] ? __pfx_netlink_sendmsg+0x10/0x10 [ 813.392062][T13254] ? __pfx_netlink_sendmsg+0x10/0x10 [ 813.397607][T13254] __sock_sendmsg+0x30f/0x380 [ 813.402558][T13254] ____sys_sendmsg+0x877/0xb60 [ 813.407644][T13254] ___sys_sendmsg+0x28d/0x3c0 [ 813.412612][T13254] ? kmsan_get_metadata+0x13e/0x1c0 [ 813.418079][T13254] ? __rcu_read_unlock+0x7b/0xe0 [ 813.423301][T13254] ? __fget_files+0x4f5/0x5c0 [ 813.428272][T13254] ? kmsan_get_metadata+0x13e/0x1c0 [ 813.433728][T13254] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 813.439807][T13254] __x64_sys_sendmsg+0x300/0x4a0 [ 813.445045][T13254] ? perf_mmap+0x1420/0x28d0 [ 813.449924][T13254] x64_sys_call+0x2da0/0x3ba0 [ 813.454892][T13254] do_syscall_64+0xcd/0x1e0 [ 813.459694][T13254] ? clear_bhb_loop+0x25/0x80 [ 813.464667][T13254] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 813.470939][T13254] RIP: 0033:0x7fe85f57e719 [ 813.475598][T13254] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 813.495540][T13254] RSP: 002b:00007fe860389038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 813.504257][T13254] RAX: ffffffffffffffda RBX: 00007fe85f735f80 RCX: 00007fe85f57e719 [ 813.513276][T13254] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003 [ 813.521501][T13254] RBP: 00007fe860389090 R08: 0000000000000000 R09: 0000000000000000 [ 813.529758][T13254] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 813.538537][T13254] R13: 0000000000000000 R14: 00007fe85f735f80 R15: 00007ffc0f25b738 [ 813.547131][T13254] [ 813.660126][T13259] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2495'. [ 813.743292][ T5850] usb 3-1: Using ep0 maxpacket: 32 [ 814.298310][ T5850] usb 3-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb [ 814.308005][ T5850] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 814.316622][ T5850] usb 3-1: Product: syz [ 814.321044][ T5850] usb 3-1: Manufacturer: syz [ 814.326065][ T5850] usb 3-1: SerialNumber: syz [ 814.364346][ T44] usb 6-1: new high-speed USB device number 25 using dummy_hcd [ 814.440168][ T5850] usb 3-1: config 0 descriptor?? [ 814.496261][ T5850] gspca_main: ov534_9-2.14.0 probing 05a9:1550 [ 814.546223][ T44] usb 6-1: device descriptor read/64, error -71 [ 814.798774][ T44] usb 6-1: new high-speed USB device number 26 using dummy_hcd [ 814.868573][T13267] netlink: 'syz.7.2498': attribute type 39 has an invalid length. [ 814.946929][ T44] usb 6-1: device descriptor read/64, error -71 [ 815.072525][ T44] usb usb6-port1: attempt power cycle [ 815.328819][T13271] loop0: detected capacity change from 0 to 8 [ 815.339803][T13271] squashfs: Unknown parameter '' [ 815.433471][ T44] usb 6-1: new high-speed USB device number 27 using dummy_hcd [ 815.475985][ T44] usb 6-1: device descriptor read/8, error -71 [ 815.679673][T13276] netlink: 'syz.6.2502': attribute type 7 has an invalid length. [ 815.755689][ T44] usb 6-1: new high-speed USB device number 28 using dummy_hcd [ 815.767617][T13277] netlink: 'syz.6.2502': attribute type 10 has an invalid length. [ 815.775990][T13277] netlink: 40 bytes leftover after parsing attributes in process `syz.6.2502'. [ 815.785789][T13277] team0: entered promiscuous mode [ 815.791244][T13277] team_slave_0: entered promiscuous mode [ 815.798782][T13277] team_slave_1: entered promiscuous mode [ 815.806332][T13277] team0: entered allmulticast mode [ 815.811875][T13277] team_slave_0: entered allmulticast mode [ 815.818154][T13277] team_slave_1: entered allmulticast mode [ 815.830454][T13277] bridge0: port 1(team0) entered blocking state [ 815.840882][T13277] bridge0: port 1(team0) entered disabled state [ 815.875570][ T44] usb 6-1: device descriptor read/8, error -71 [ 815.959975][T13282] FAULT_INJECTION: forcing a failure. [ 815.959975][T13282] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 815.974606][T13282] CPU: 1 UID: 0 PID: 13282 Comm: syz.0.2504 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0 [ 815.985810][T13282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 815.996130][T13282] Call Trace: [ 815.999622][T13282] [ 816.002771][T13282] dump_stack_lvl+0x216/0x2d0 [ 816.007800][T13282] dump_stack+0x1e/0x30 [ 816.012288][T13282] should_fail_ex+0x748/0x7f0 [ 816.017319][T13282] should_fail_alloc_page+0x235/0x2b0 [ 816.023365][T13282] __alloc_pages_noprof+0x343/0xe00 [ 816.028915][T13282] alloc_pages_mpol_noprof+0x299/0x990 [ 816.034695][T13282] ? kmsan_get_metadata+0x13e/0x1c0 [ 816.040200][T13282] vma_alloc_folio_noprof+0x454/0x7f0 [ 816.045897][T13282] handle_mm_fault+0xa3f1/0xdca0 [ 816.051179][T13282] ? kmsan_get_metadata+0x13e/0x1c0 [ 816.056743][T13282] exc_page_fault+0x41b/0x700 [ 816.061761][T13282] asm_exc_page_fault+0x2b/0x30 [ 816.066929][T13282] RIP: 0033:0x7fe85f441833 [ 816.071608][T13282] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c [ 816.091558][T13282] RSP: 002b:00007fe8603884a0 EFLAGS: 00010202 [ 816.097948][T13282] RAX: 000000000000a000 RBX: 00007fe860388540 RCX: 00007fe855400000 [ 816.106199][T13282] RDX: 00007fe8603886e0 RSI: 0000000000000007 RDI: 00007fe8603885e0 [ 816.114445][T13282] RBP: 0000000000000060 R08: 0000000000000006 R09: 000000000000001f [ 816.123639][T13282] R10: 0000000000000026 R11: 00007fe860388540 R12: 0000000000000001 [ 816.131873][T13282] R13: 00007fe85f605fc0 R14: 000000000000002f R15: 00007fe8603885e0 [ 816.140136][T13282] [ 816.145321][T13282] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 816.170480][ T44] usb usb6-port1: unable to enumerate USB device [ 816.224472][T13282] loop0: detected capacity change from 0 to 128 [ 817.233601][ T5850] gspca_ov534_9: reg_w failed -71 [ 817.493808][ T5850] gspca_ov534_9: Unknown sensor 0000 [ 817.494141][ T5850] ov534_9 3-1:0.0: probe with driver ov534_9 failed with error -22 [ 817.534994][ T5850] usb 3-1: USB disconnect, device number 34 [ 818.030313][T13286] loop0: detected capacity change from 0 to 4096 [ 818.059487][T13286] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 818.142951][T13286] ntfs3(loop0): Failed to load $BadClus (-22). [ 818.207479][T13311] loop2: detected capacity change from 0 to 8 [ 818.250124][T13311] squashfs: Unknown parameter '' [ 818.252562][T13310] loop5: detected capacity change from 0 to 128 [ 818.304907][T13310] EXT4-fs (loop5): Test dummy encryption mode enabled [ 818.329149][T13284] loop0: detected capacity change from 0 to 128 [ 818.346090][T13310] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 818.376349][T13310] ext4 filesystem being mounted at /350/w5T)`)YFnA@T<3ڂ$rcnHwC" -8 supports timestamps until 2038-01-19 (0x7fffffff) [ 818.449884][T13310] EXT4-fs error (device loop5): ext4_validate_block_bitmap:423: comm syz.5.2515: bg 0: bad block bitmap checksum [ 818.753253][T13318] 9pnet_fd: Insufficient options for proto=fd [ 818.759559][ T7870] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 818.843942][ T44] usb 1-1: new high-speed USB device number 28 using dummy_hcd [ 819.013607][ T44] usb 1-1: device descriptor read/64, error -71 [ 819.061323][T13322] loop2: detected capacity change from 0 to 1024 [ 819.106535][T13322] hfsplus: failed to load attributes file [ 819.190222][T13322] loop2: detected capacity change from 0 to 128 [ 819.207452][T13322] ufs: You didn't specify the type of your ufs filesystem [ 819.207452][T13322] [ 819.207452][T13322] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 819.207452][T13322] [ 819.207452][T13322] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 819.239673][T13322] ufs: ufstype=old is supported read-only [ 819.263782][ T44] usb 1-1: new high-speed USB device number 29 using dummy_hcd [ 819.281071][T13322] ufs: ufs_fill_super(): fragment size 3263967611 is not a power of 2 [ 819.406401][ T29] audit: type=1326 audit(2000000084.179:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13320 comm="syz.2.2519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6bf17e719 code=0x7ffc0000 [ 819.429974][ T29] audit: type=1326 audit(2000000084.189:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13320 comm="syz.2.2519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=195 compat=0 ip=0x7fc6bf17e719 code=0x7ffc0000 [ 819.452943][ T29] audit: type=1326 audit(2000000084.189:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13320 comm="syz.2.2519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6bf17e719 code=0x7ffc0000 [ 819.453719][ T44] usb 1-1: device descriptor read/64, error -71 [ 819.569395][ T29] audit: type=1326 audit(2000000084.239:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13320 comm="syz.2.2519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6bf17e719 code=0x7ffc0000 [ 819.592854][ T29] audit: type=1326 audit(2000000084.269:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13320 comm="syz.2.2519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fc6bf17e719 code=0x7ffc0000 [ 819.603318][ T44] usb usb1-port1: attempt power cycle [ 819.616868][ T29] audit: type=1326 audit(2000000084.269:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13320 comm="syz.2.2519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6bf17e719 code=0x7ffc0000 [ 820.074160][ T44] usb 1-1: new high-speed USB device number 30 using dummy_hcd [ 820.125631][ T44] usb 1-1: device descriptor read/8, error -71 [ 820.364516][ T44] usb 1-1: new high-speed USB device number 31 using dummy_hcd [ 820.416087][ T44] usb 1-1: device descriptor read/8, error -71 [ 820.524688][ T44] usb usb1-port1: unable to enumerate USB device [ 820.689437][T13347] FAULT_INJECTION: forcing a failure. [ 820.689437][T13347] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 820.703542][T13347] CPU: 1 UID: 0 PID: 13347 Comm: syz.7.2528 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0 [ 820.714628][T13347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 820.724927][T13347] Call Trace: [ 820.728396][T13347] [ 820.731511][T13347] dump_stack_lvl+0x216/0x2d0 [ 820.736526][T13347] dump_stack+0x1e/0x30 [ 820.741005][T13347] should_fail_ex+0x748/0x7f0 [ 820.746024][T13347] should_fail+0x2a/0x40 [ 820.750591][T13347] should_fail_usercopy+0x2e/0x40 [ 820.755938][T13347] _copy_to_user+0x34/0x120 [ 820.760782][T13347] simple_read_from_buffer+0x199/0x340 [ 820.766564][T13347] proc_fail_nth_read+0x1e5/0x2c0 [ 820.772117][T13347] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 820.778017][T13347] vfs_read+0x29d/0xf50 [ 820.782496][T13347] ? kmsan_get_metadata+0x13e/0x1c0 [ 820.788105][T13347] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 820.794972][T13347] ksys_read+0x24f/0x4c0 [ 820.799561][T13347] __x64_sys_read+0x93/0xe0 [ 820.804388][T13347] x64_sys_call+0x3055/0x3ba0 [ 820.809386][T13347] do_syscall_64+0xcd/0x1e0 [ 820.814228][T13347] ? clear_bhb_loop+0x25/0x80 [ 820.819215][T13347] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 820.825424][T13347] RIP: 0033:0x7f22e577d15c [ 820.830104][T13347] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 820.850068][T13347] RSP: 002b:00007f22e6531030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 820.858842][T13347] RAX: ffffffffffffffda RBX: 00007f22e5935f80 RCX: 00007f22e577d15c [ 820.867101][T13347] RDX: 000000000000000f RSI: 00007f22e65310a0 RDI: 0000000000000004 [ 820.875346][T13347] RBP: 00007f22e6531090 R08: 0000000000000000 R09: 0000000000000000 [ 820.883575][T13347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 820.891804][T13347] R13: 0000000000000000 R14: 00007f22e5935f80 R15: 00007fffbe0715f8 [ 820.900077][T13347] [ 821.331990][T13345] loop2: detected capacity change from 0 to 4096 [ 821.339229][T13352] loop5: detected capacity change from 0 to 8 [ 821.378550][T13352] squashfs: Unknown parameter '' [ 821.379813][T13345] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 821.422911][T13345] ntfs3(loop2): Failed to load $BadClus (-22). [ 821.486380][T13354] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2530'. [ 821.540221][T13344] loop2: detected capacity change from 0 to 128 [ 821.950141][T13364] loop0: detected capacity change from 0 to 64 [ 821.995442][T13358] loop6: detected capacity change from 0 to 1024 [ 822.078366][T13364] Trying to free block not in datazone [ 822.084791][T13364] Trying to free block not in datazone [ 822.115680][T13357] hfsplus: catalog name length corrupted [ 822.417793][T13375] loop5: detected capacity change from 0 to 512 [ 822.480620][T13375] loop5: detected capacity change from 0 to 1024 [ 822.489919][T13375] EXT4-fs: Ignoring removed nomblk_io_submit option [ 822.511565][T13375] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 822.531126][T13375] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e854e01c, mo2=0003] [ 822.540606][T13375] System zones: 0-1, 3-36 [ 822.561249][T13375] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 823.189050][ T7870] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 823.351297][T13386] FAULT_INJECTION: forcing a failure. [ 823.351297][T13386] name failslab, interval 1, probability 0, space 0, times 0 [ 823.364566][T13386] CPU: 1 UID: 0 PID: 13386 Comm: syz.6.2539 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0 [ 823.375661][T13386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 823.386404][T13386] Call Trace: [ 823.389879][T13386] [ 823.392994][T13386] dump_stack_lvl+0x216/0x2d0 [ 823.398010][T13386] dump_stack+0x1e/0x30 [ 823.402474][T13386] should_fail_ex+0x748/0x7f0 [ 823.407485][T13386] should_failslab+0x17f/0x210 [ 823.412537][T13386] kmem_cache_alloc_noprof+0xe2/0xb20 [ 823.418239][T13386] ? fsnotify_add_mark_locked+0x7ef/0x1810 [ 823.424387][T13386] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 823.430514][T13386] fsnotify_add_mark_locked+0x7ef/0x1810 [ 823.436980][T13386] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 823.443725][T13386] ? kmsan_get_metadata+0x13e/0x1c0 [ 823.443900][T13386] fanotify_add_mark+0x98b/0x1e50 [ 823.444106][T13386] do_fanotify_mark+0x155b/0x1800 [ 823.444278][T13386] ? advisor_target_scan_time_store+0x150/0x180 [ 823.444490][T13386] __x64_sys_fanotify_mark+0xe3/0x170 [ 823.444670][T13386] x64_sys_call+0x39c4/0x3ba0 [ 823.444850][T13386] do_syscall_64+0xcd/0x1e0 [ 823.445037][T13386] ? clear_bhb_loop+0x25/0x80 [ 823.445206][T13386] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 823.445375][T13386] RIP: 0033:0x7fcb3657e719 [ 823.445487][T13386] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 823.445618][T13386] RSP: 002b:00007fcb373ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000012d [ 823.445765][T13386] RAX: ffffffffffffffda RBX: 00007fcb36735f80 RCX: 00007fcb3657e719 [ 823.445888][T13386] RDX: 0000000000001018 RSI: 0000000000000401 RDI: 0000000000000003 [ 823.445984][T13386] RBP: 00007fcb373ff090 R08: 0000000000000000 R09: 0000000000000000 [ 823.446083][T13386] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000001 [ 823.446179][T13386] R13: 0000000000000000 R14: 00007fcb36735f80 R15: 00007ffc63911c18 [ 823.446304][T13386] [ 823.982284][T13396] bridge0: port 1(vlan2) entered blocking state [ 823.982788][T13396] bridge0: port 1(vlan2) entered disabled state [ 823.983533][T13396] vlan2: entered allmulticast mode [ 824.390879][T13390] loop5: detected capacity change from 0 to 64 [ 824.484526][T13396] vlan2: left allmulticast mode [ 824.503403][ T5848] usb 7-1: new high-speed USB device number 28 using dummy_hcd [ 824.544741][T13391] sit0: entered promiscuous mode [ 824.570024][T13391] netlink: 'syz.7.2537': attribute type 1 has an invalid length. [ 824.570119][T13391] netlink: 1 bytes leftover after parsing attributes in process `syz.7.2537'. [ 824.655103][ T5848] usb 7-1: device descriptor read/64, error -71 [ 824.778103][T13390] BFS-fs: bfs_fill_super(): Inode 0x00000002 corrupted on loop5 [ 824.903607][ T5848] usb 7-1: new high-speed USB device number 29 using dummy_hcd [ 825.053277][ T5848] usb 7-1: device descriptor read/64, error -71 [ 825.166617][ T5848] usb usb7-port1: attempt power cycle [ 825.227807][T13408] loop0: detected capacity change from 0 to 8 [ 825.315388][T13408] squashfs: Unknown parameter '' [ 825.448764][T13399] loop2: detected capacity change from 0 to 4096 [ 825.479013][T13399] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 825.503495][ T5848] usb 7-1: new high-speed USB device number 30 using dummy_hcd [ 825.535699][ T5848] usb 7-1: device descriptor read/8, error -71 [ 825.564949][T13399] ntfs3(loop2): Failed to load $BadClus (-22). [ 825.681722][T13399] loop2: detected capacity change from 0 to 128 [ 825.783805][ T5848] usb 7-1: new high-speed USB device number 31 using dummy_hcd [ 825.898745][T13416] loop0: detected capacity change from 0 to 64 [ 825.952196][T13416] Trying to free block not in datazone [ 825.959631][T13416] Trying to free block not in datazone [ 826.054365][ T5848] usb 7-1: device descriptor read/8, error -71 [ 826.056197][T13422] FAULT_INJECTION: forcing a failure. [ 826.056197][T13422] name failslab, interval 1, probability 0, space 0, times 0 [ 826.077024][T13422] CPU: 1 UID: 0 PID: 13422 Comm: syz.5.2552 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0 [ 826.088112][T13422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 826.098426][T13422] Call Trace: [ 826.101908][T13422] [ 826.105038][T13422] dump_stack_lvl+0x216/0x2d0 [ 826.110062][T13422] dump_stack+0x1e/0x30 [ 826.114540][T13422] should_fail_ex+0x748/0x7f0 [ 826.119549][T13422] should_failslab+0x17f/0x210 [ 826.124603][T13422] kmem_cache_alloc_noprof+0xe2/0xb20 [ 826.130313][T13422] ? copy_pid_ns+0x311/0xde0 [ 826.135237][T13422] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 826.141359][T13422] copy_pid_ns+0x311/0xde0 [ 826.146192][T13422] ? kmem_cache_alloc_noprof+0x701/0xb20 [ 826.152161][T13422] ? kmsan_get_metadata+0x13e/0x1c0 [ 826.157649][T13422] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 826.163765][T13422] create_new_namespaces+0x47a/0xdb0 [ 826.164857][ T5848] usb usb7-port1: unable to enumerate USB device [ 826.169289][T13422] unshare_nsproxy_namespaces+0x17c/0x2b0 [ 826.169475][T13422] ksys_unshare+0x939/0x1290 [ 826.169641][T13422] __x64_sys_unshare+0x48/0x70 [ 826.191596][T13422] x64_sys_call+0x3a03/0x3ba0 [ 826.196607][T13422] do_syscall_64+0xcd/0x1e0 [ 826.201459][T13422] ? clear_bhb_loop+0x25/0x80 [ 826.206449][T13422] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 826.212662][T13422] RIP: 0033:0x7f1f0ad7e719 [ 826.217515][T13422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 826.237444][T13422] RSP: 002b:00007f1f0bb50038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 826.246289][T13422] RAX: ffffffffffffffda RBX: 00007f1f0af35f80 RCX: 00007f1f0ad7e719 [ 826.254581][T13422] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000062040200 [ 826.262812][T13422] RBP: 00007f1f0bb50090 R08: 0000000000000000 R09: 0000000000000000 [ 826.271041][T13422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 826.279271][T13422] R13: 0000000000000001 R14: 00007f1f0af35f80 R15: 00007ffd9717ebd8 [ 826.287587][T13422] [ 826.366397][T13428] loop2: detected capacity change from 0 to 22 [ 826.438979][ T29] audit: type=1326 audit(2000000091.159:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13414 comm="syz.7.2549" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f22e577e719 code=0x0 [ 827.039347][T13431] xt_TPROXY: Can be used only with -p tcp or -p udp [ 827.436692][T13434] loop2: detected capacity change from 0 to 64 [ 827.635809][T13434] BFS-fs: bfs_fill_super(): Inode 0x00000002 corrupted on loop2 [ 828.415665][T13453] loop6: detected capacity change from 0 to 8 [ 828.421545][T13463] loop0: detected capacity change from 0 to 64 [ 828.452290][T13453] squashfs: Unknown parameter '' [ 828.480513][T13463] Trying to free block not in datazone [ 828.486568][T13463] Trying to free block not in datazone [ 829.508831][ T29] audit: type=1326 audit(2000000094.289:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13470 comm="syz.5.2569" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1f0ad7e719 code=0x0 [ 829.626086][ T5850] usb 3-1: new high-speed USB device number 35 using dummy_hcd [ 829.664616][T13480] xt_TPROXY: Can be used only with -p tcp or -p udp [ 830.145650][ T5850] usb 3-1: Using ep0 maxpacket: 8 [ 830.158453][ T5850] usb 3-1: config 135 has an invalid interface number: 230 but max is 0 [ 830.167552][ T5850] usb 3-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config [ 830.183145][ T5850] usb 3-1: config 135 has no interface number 0 [ 830.189722][ T5850] usb 3-1: config 135 interface 230 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 830.235163][ T5850] usb 3-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 830.251360][ T5850] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 830.260755][ T5850] usb 3-1: Product: syz [ 830.265315][ T5850] usb 3-1: Manufacturer: syz [ 830.270162][ T5850] usb 3-1: SerialNumber: syz [ 830.340993][ T5850] usb 3-1: Found UVC 0.00 device syz (18ec:3288) [ 830.347847][ T5850] usb 3-1: No valid video chain found. [ 830.353143][T13489] FAULT_INJECTION: forcing a failure. [ 830.353143][T13489] name failslab, interval 1, probability 0, space 0, times 0 [ 830.367379][T13489] CPU: 0 UID: 0 PID: 13489 Comm: syz.5.2576 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0 [ 830.378469][T13489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 830.389232][T13489] Call Trace: [ 830.392708][T13489] [ 830.395848][T13489] dump_stack_lvl+0x216/0x2d0 [ 830.400871][T13489] dump_stack+0x1e/0x30 [ 830.405333][T13489] should_fail_ex+0x748/0x7f0 [ 830.410321][T13489] should_failslab+0x17f/0x210 [ 830.415350][T13489] kmem_cache_alloc_noprof+0xe2/0xb20 [ 830.421101][T13489] ? skb_clone+0x303/0x550 [ 830.425817][T13489] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 830.431919][T13489] skb_clone+0x303/0x550 [ 830.436458][T13489] nfnetlink_rcv+0x7a1/0x5100 [ 830.441462][T13489] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 830.448024][T13489] ? ref_tracker_free+0x630/0xec0 [ 830.453340][T13489] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 830.459405][T13489] ? __dev_queue_xmit+0x355/0x56d0 [ 830.464810][T13489] ? kmsan_get_metadata+0x13e/0x1c0 [ 830.470267][T13489] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 830.476906][T13489] ? kmsan_get_metadata+0x13e/0x1c0 [ 830.482364][T13489] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 830.488463][T13489] ? __netlink_deliver_tap+0xc61/0xc90 [ 830.494296][T13489] ? kmsan_get_metadata+0x13e/0x1c0 [ 830.499768][T13489] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 830.505858][T13489] ? kmsan_get_metadata+0x13e/0x1c0 [ 830.511314][T13489] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 830.517381][T13489] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 830.522792][T13489] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 830.528207][T13489] netlink_unicast+0xf52/0x1260 [ 830.533377][T13489] netlink_sendmsg+0x10da/0x11e0 [ 830.538587][T13489] ? __pfx_netlink_sendmsg+0x10/0x10 [ 830.544163][T13489] ? __pfx_netlink_sendmsg+0x10/0x10 [ 830.549721][T13489] __sock_sendmsg+0x30f/0x380 [ 830.554681][T13489] ____sys_sendmsg+0x877/0xb60 [ 830.559776][T13489] ___sys_sendmsg+0x28d/0x3c0 [ 830.564748][T13489] ? kmsan_get_metadata+0x13e/0x1c0 [ 830.570236][T13489] ? __rcu_read_unlock+0x7b/0xe0 [ 830.575459][T13489] ? __fget_files+0x4f5/0x5c0 [ 830.580429][T13489] ? kmsan_get_metadata+0x13e/0x1c0 [ 830.585890][T13489] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 830.591960][T13489] __x64_sys_sendmsg+0x300/0x4a0 [ 830.597202][T13489] ? perf_mmap+0x1420/0x28d0 [ 830.602073][T13489] x64_sys_call+0x2da0/0x3ba0 [ 830.607037][T13489] do_syscall_64+0xcd/0x1e0 [ 830.611842][T13489] ? clear_bhb_loop+0x25/0x80 [ 830.616893][T13489] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 830.623078][T13489] RIP: 0033:0x7f1f0ad7e719 [ 830.627723][T13489] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 830.647625][T13489] RSP: 002b:00007f1f0bb50038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 830.656345][T13489] RAX: ffffffffffffffda RBX: 00007f1f0af35f80 RCX: 00007f1f0ad7e719 [ 830.664557][T13489] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 830.672757][T13489] RBP: 00007f1f0bb50090 R08: 0000000000000000 R09: 0000000000000000 [ 830.681008][T13489] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 830.689225][T13489] R13: 0000000000000000 R14: 00007f1f0af35f80 R15: 00007ffd9717ebd8 [ 830.697554][T13489] [ 831.276823][T13501] loop0: detected capacity change from 0 to 8 [ 831.325561][T13501] squashfs: Unknown parameter '' [ 831.495641][T13505] loop6: detected capacity change from 0 to 128 [ 831.511951][T13505] affs: Error parsing options [ 831.621576][ T5850] usb 3-1: USB disconnect, device number 35 [ 831.860193][T13507] FAULT_INJECTION: forcing a failure. [ 831.860193][T13507] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 831.874097][T13507] CPU: 0 UID: 0 PID: 13507 Comm: syz.6.2581 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0 [ 831.885170][T13507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 831.895445][T13507] Call Trace: [ 831.898903][T13507] [ 831.902027][T13507] dump_stack_lvl+0x216/0x2d0 [ 831.907027][T13507] dump_stack+0x1e/0x30 [ 831.911472][T13507] should_fail_ex+0x748/0x7f0 [ 831.916457][T13507] should_fail+0x2a/0x40 [ 831.920977][T13507] should_fail_usercopy+0x2e/0x40 [ 831.926309][T13507] _copy_to_user+0x34/0x120 [ 831.931112][T13507] environ_read+0x5b9/0xa20 [ 831.935912][T13507] ? __pfx_environ_read+0x10/0x10 [ 831.941205][T13507] vfs_read+0x29d/0xf50 [ 831.945634][T13507] ? kmsan_get_metadata+0x13e/0x1c0 [ 831.951094][T13507] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 831.957754][T13507] ksys_read+0x24f/0x4c0 [ 831.962273][T13507] __x64_sys_read+0x93/0xe0 [ 831.967060][T13507] x64_sys_call+0x3055/0x3ba0 [ 831.972031][T13507] do_syscall_64+0xcd/0x1e0 [ 831.976925][T13507] ? clear_bhb_loop+0x25/0x80 [ 831.981898][T13507] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 831.988087][T13507] RIP: 0033:0x7fcb3657e719 [ 831.992759][T13507] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 832.012654][T13507] RSP: 002b:00007fcb373de038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 832.021365][T13507] RAX: ffffffffffffffda RBX: 00007fcb36736058 RCX: 00007fcb3657e719 [ 832.029574][T13507] RDX: 0000000000002020 RSI: 0000000020000640 RDI: 0000000000000003 [ 832.037864][T13507] RBP: 00007fcb373de090 R08: 0000000000000000 R09: 0000000000000000 [ 832.046154][T13507] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 832.054350][T13507] R13: 0000000000000001 R14: 00007fcb36736058 R15: 00007ffc63911c18 [ 832.062593][T13507] [ 832.217184][T13511] loop5: detected capacity change from 0 to 64 [ 832.315339][T13511] Trying to free block not in datazone [ 832.321138][T13511] Trying to free block not in datazone [ 832.340620][T13509] loop0: detected capacity change from 0 to 2048 [ 832.388203][T13509] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 832.629951][T13509] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 833.088577][T13509] EXT4-fs: Ignoring removed orlov option [ 833.105390][T13509] EXT4-fs (loop0): can't enable nombcache during remount [ 833.451717][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 833.458670][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 833.520222][T13540] loop5: detected capacity change from 0 to 8 [ 833.561944][T13540] squashfs: Unknown parameter '' [ 833.625884][ T5791] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 834.092816][T13529] loop2: detected capacity change from 0 to 4096 [ 834.133340][T13529] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512). [ 834.409092][T13529] ntfs3(loop2): $Secure::$SII is corrupted. [ 834.415871][T13529] ntfs3(loop2): Failed to initialize $Secure (-22). [ 834.737548][T13557] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2589'. [ 834.859804][T13559] tipc: Enabling of bearer rejected, failed to enable media [ 835.676237][T13569] x_tables: ip_tables: .0 target: invalid size 8 (kernel) != (user) 0 [ 835.882703][T13567] loop6: detected capacity change from 0 to 2048 [ 836.122568][T13567] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 836.444262][T13567] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 836.746876][T13556] loop0: detected capacity change from 0 to 32768 [ 836.781282][ T5789] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 836.816241][T13556] [ 836.816241][T13556] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 836.816241][T13556] [ 836.836108][T13556] ERROR: (device loop0): dbAlloc: the hint is outside the map [ 836.836108][T13556] [ 836.851783][T13556] ERROR: (device loop0): remounting filesystem as read-only [ 837.214713][ T5850] usb 1-1: new high-speed USB device number 32 using dummy_hcd [ 837.383901][ T5850] usb 1-1: device descriptor read/64, error -71 [ 837.466394][T13574] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 837.635430][ T5850] usb 1-1: new high-speed USB device number 33 using dummy_hcd [ 837.823843][ T5850] usb 1-1: device descriptor read/64, error -71 [ 837.835353][T13567] EXT4-fs: Ignoring removed orlov option [ 837.862395][T13567] EXT4-fs (loop6): can't enable nombcache during remount [ 837.963576][ T5850] usb usb1-port1: attempt power cycle [ 838.358921][ T8868] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 838.375750][T13578] loop5: detected capacity change from 0 to 32768 [ 838.448417][T13578] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 838.503923][ T29] audit: type=1800 audit(2000000103.259:272): pid=13578 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2608" name="bus" dev="loop5" ino=17058 res=0 errno=0 [ 839.176354][T13598] FAULT_INJECTION: forcing a failure. [ 839.176354][T13598] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 839.190146][T13598] CPU: 0 UID: 0 PID: 13598 Comm: syz.6.2612 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0 [ 839.201229][T13598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 839.211540][T13598] Call Trace: [ 839.215033][T13598] [ 839.218164][T13598] dump_stack_lvl+0x216/0x2d0 [ 839.223190][T13598] dump_stack+0x1e/0x30 [ 839.227669][T13598] should_fail_ex+0x748/0x7f0 [ 839.232702][T13598] should_fail_alloc_page+0x235/0x2b0 [ 839.238380][T13598] __alloc_pages_noprof+0x343/0xe00 [ 839.243900][T13598] alloc_pages_mpol_noprof+0x299/0x990 [ 839.249670][T13598] ? kmsan_get_metadata+0x13e/0x1c0 [ 839.255157][T13598] vma_alloc_folio_noprof+0x454/0x7f0 [ 839.260845][T13598] do_wp_page+0x1864/0x7160 [ 839.265695][T13598] handle_mm_fault+0x5fcd/0xdca0 [ 839.270945][T13598] ? kmsan_get_metadata+0x13e/0x1c0 [ 839.276485][T13598] exc_page_fault+0x41b/0x700 [ 839.281488][T13598] asm_exc_page_fault+0x2b/0x30 [ 839.286640][T13598] RIP: 0033:0x7fcb36441833 [ 839.291308][T13598] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c [ 839.311233][T13598] RSP: 002b:00007fcb373fe4a0 EFLAGS: 00010202 [ 839.317595][T13598] RAX: 0000000000014800 RBX: 00007fcb373fe540 RCX: 00007fcb2c400000 [ 839.326099][T13598] RDX: 00007fcb373fe6e0 RSI: 0000000000000003 RDI: 00007fcb373fe5e0 [ 839.334319][T13598] RBP: 0000000000000008 R08: 0000000000000006 R09: 0000000000000024 [ 839.342526][T13598] R10: 0000000000000026 R11: 00007fcb373fe540 R12: 0000000000000001 [ 839.350734][T13598] R13: 00007fcb36605fc0 R14: 0000000000000073 R15: 00007fcb373fe5e0 [ 839.358963][T13598] [ 839.367302][T13598] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 839.411362][T13598] loop6: detected capacity change from 0 to 512 [ 839.545303][ T7870] ocfs2: Unmounting device (7,5) on (node local) [ 839.674814][T13605] netlink: 16186 bytes leftover after parsing attributes in process `syz.2.2619'. [ 839.716872][T13605] netlink: 52 bytes leftover after parsing attributes in process `syz.2.2619'. [ 840.125287][T13610] FAULT_INJECTION: forcing a failure. [ 840.125287][T13610] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 840.139078][T13610] CPU: 0 UID: 0 PID: 13610 Comm: syz.5.2617 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0 [ 840.140862][T13616] loop0: detected capacity change from 0 to 8 [ 840.150066][T13610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 840.150152][T13610] Call Trace: [ 840.150204][T13610] [ 840.150265][T13610] dump_stack_lvl+0x216/0x2d0 [ 840.150461][T13610] dump_stack+0x1e/0x30 [ 840.150638][T13610] should_fail_ex+0x748/0x7f0 [ 840.187410][T13610] should_fail+0x2a/0x40 [ 840.191977][T13610] should_fail_usercopy+0x2e/0x40 [ 840.197362][T13610] _copy_to_user+0x34/0x120 [ 840.198049][T13616] squashfs: Unknown parameter '' [ 840.202097][T13610] simple_read_from_buffer+0x199/0x340 [ 840.213261][T13610] proc_fail_nth_read+0x1e5/0x2c0 [ 840.219075][T13610] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 840.224961][T13610] vfs_read+0x29d/0xf50 [ 840.229422][T13610] ? kmsan_get_metadata+0x13e/0x1c0 [ 840.234895][T13610] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 840.241567][T13610] ksys_read+0x24f/0x4c0 [ 840.246116][T13610] __x64_sys_read+0x93/0xe0 [ 840.250920][T13610] x64_sys_call+0x3055/0x3ba0 [ 840.255892][T13610] do_syscall_64+0xcd/0x1e0 [ 840.260694][T13610] ? clear_bhb_loop+0x25/0x80 [ 840.265664][T13610] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 840.271850][T13610] RIP: 0033:0x7f1f0ad7d15c [ 840.276495][T13610] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 840.296829][T13610] RSP: 002b:00007f1f0bb50030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 840.305555][T13610] RAX: ffffffffffffffda RBX: 00007f1f0af35f80 RCX: 00007f1f0ad7d15c [ 840.313764][T13610] RDX: 000000000000000f RSI: 00007f1f0bb500a0 RDI: 0000000000000004 [ 840.322051][T13610] RBP: 00007f1f0bb50090 R08: 0000000000000000 R09: 0000000000000000 [ 840.330262][T13610] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 840.338465][T13610] R13: 0000000000000000 R14: 00007f1f0af35f80 R15: 00007ffd9717ebd8 [ 840.346781][T13610] [ 840.451286][T13615] loop2: detected capacity change from 0 to 8 [ 840.488339][T13615] squashfs: Unknown parameter '' [ 840.497659][T13620] loop6: detected capacity change from 0 to 64 [ 840.684504][ T29] audit: type=1800 audit(2000000105.459:273): pid=13620 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2624" name=4CA9F285779DFEE7715A403908146A74DE61B3853914C89F444C12E7A38BDD46C4ED36EB806EA598F44D1DEC9EFF9E2476F43802211F0762B66673B45D236B2391CE322E30FB9C69FE0D514DC1F8B6E3979C1205FD5224B07D18A44FEC4F6F1A6F65158BB6ADCC295BF2DD7DEA107F59D7E03C61FE5822292E45968956B931BDC4D6445FF1631E0B98E4B4448774DD4B9CD53A45896FDB3F03702778741AE2B45A25BF9A23FC02FB97A630F132BF9DEF6C6D4A7BAEB62972F1A814F6F2377BCFC78E2E86368C138510A04CEDF7175AF8C2033AAE7413E3ACE8C71AB9A0AF1CA7042011A6ED028E205648535DABF3B2F85196AE18D36B839E3CD54AE4933AD529888FDAC7BB8A70C72BC0FC81BA06506F2D5BC7686E219BBE5283959CBEF9950E071CB6D9F341FC624A5110341F26CEBD71 dev="loop6" ino=22 res=0 errno=0 [ 841.127871][T13634] macvlan0: entered promiscuous mode [ 841.136695][T13634] team_slave_0: entered promiscuous mode [ 841.142781][T13634] team_slave_1: entered promiscuous mode [ 841.148931][T13634] team0: entered promiscuous mode [ 841.158279][T13634] 8021q: adding VLAN 0 to HW filter on device macvlan0 [ 841.174255][T13634] bond0: (slave macvlan0): Enslaving as an active interface with an up link [ 841.243383][ T5848] usb 7-1: new full-speed USB device number 32 using dummy_hcd [ 841.403337][ T5848] usb 7-1: device descriptor read/64, error -71 [ 841.718898][T13643] bond0: (slave bond_slave_0): Releasing backup interface [ 841.721004][T13651] loop5: detected capacity change from 0 to 64 [ 841.739501][T13643] bond_slave_0: left promiscuous mode [ 841.786493][T13643] bond0: (slave bond_slave_1): Releasing backup interface [ 841.818363][T13643] bond_slave_1: left promiscuous mode [ 841.874399][ T5848] usb 7-1: new full-speed USB device number 33 using dummy_hcd [ 841.899833][T13643] team0: Port device team_slave_0 removed [ 842.046886][T13643] team0: Port device team_slave_1 removed [ 842.057630][T13643] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 842.065634][T13643] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 842.093295][ T5848] usb 7-1: device descriptor read/64, error -71 [ 842.184230][T13643] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 842.191998][T13643] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 842.208025][ T5848] usb usb7-port1: attempt power cycle [ 842.268044][T13659] xt_l2tp: invalid flags combination: c [ 842.703987][ T5848] usb 7-1: new full-speed USB device number 34 using dummy_hcd [ 842.768130][ T5848] usb 7-1: device descriptor read/8, error -71 [ 843.016247][ T5848] usb 7-1: new full-speed USB device number 35 using dummy_hcd [ 843.064801][ T5848] usb 7-1: device descriptor read/8, error -71 [ 843.175482][ T5848] usb usb7-port1: unable to enumerate USB device [ 843.537122][T13679] FAULT_INJECTION: forcing a failure. [ 843.537122][T13679] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 843.550801][T13679] CPU: 0 UID: 0 PID: 13679 Comm: syz.0.2647 Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0 [ 843.562059][T13679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 843.572376][T13679] Call Trace: [ 843.575854][T13679] [ 843.578984][T13679] dump_stack_lvl+0x216/0x2d0 [ 843.584000][T13679] dump_stack+0x1e/0x30 [ 843.588482][T13679] should_fail_ex+0x748/0x7f0 [ 843.593524][T13679] should_fail+0x2a/0x40 [ 843.598098][T13679] should_fail_usercopy+0x2e/0x40 [ 843.603444][T13679] _copy_from_user+0x35/0x110 [ 843.608441][T13679] netlink_setsockopt+0x16c/0xd80 [ 843.613746][T13679] do_sock_setsockopt+0x4bb/0x7d0 [ 843.619071][T13679] ? __pfx_netlink_setsockopt+0x10/0x10 [ 843.624878][T13679] __sys_setsockopt+0x327/0x4c0 [ 843.630026][T13679] __x64_sys_setsockopt+0xe8/0x170 [ 843.635435][T13679] x64_sys_call+0x2fc2/0x3ba0 [ 843.640414][T13679] do_syscall_64+0xcd/0x1e0 [ 843.645229][T13679] ? clear_bhb_loop+0x25/0x80 [ 843.650190][T13679] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 843.656392][T13679] RIP: 0033:0x7fe85f57e719 [ 843.661080][T13679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 843.681001][T13679] RSP: 002b:00007fe860389038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 843.689717][T13679] RAX: ffffffffffffffda RBX: 00007fe85f735f80 RCX: 00007fe85f57e719 [ 843.697932][T13679] RDX: 0000000000000007 RSI: 000000000000010e RDI: 0000000000000003 [ 843.706131][T13679] RBP: 00007fe860389090 R08: 0000000000000010 R09: 0000000000000000 [ 843.714341][T13679] R10: 0000000020000180 R11: 0000000000000246 R12: 0000000000000001 [ 843.722583][T13679] R13: 0000000000000000 R14: 00007fe85f735f80 R15: 00007ffc0f25b738 [ 843.730842][T13679] [ 843.982914][T13689] loop0: detected capacity change from 0 to 64 [ 844.008848][T13689] Trying to free block not in datazone [ 844.015572][T13689] Trying to free block not in datazone [ 844.112163][T13691] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2653'. [ 844.460630][T13701] tipc: Enabling of bearer rejected, failed to enable media [ 845.309431][T13720] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2665'. [ 846.053916][ T5850] usb 7-1: new high-speed USB device number 36 using dummy_hcd [ 846.063854][T13740] loop2: detected capacity change from 0 to 64 [ 846.094874][T13740] Trying to free block not in datazone [ 846.100756][T13740] Trying to free block not in datazone [ 846.139477][ T44] usb 6-1: new high-speed USB device number 29 using dummy_hcd [ 846.203440][ T5850] usb 7-1: device descriptor read/64, error -71 [ 846.315115][ T44] usb 6-1: config 0 has an invalid interface number: 179 but max is 0 [ 846.328338][ T44] usb 6-1: config 0 has no interface number 0 [ 846.356527][ T44] usb 6-1: New USB device found, idVendor=1de1, idProduct=c102, bcdDevice=7d.08 [ 846.366135][ T44] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 846.374564][ T44] usb 6-1: Product: syz [ 846.378986][ T44] usb 6-1: Manufacturer: syz [ 846.383961][ T44] usb 6-1: SerialNumber: syz [ 846.402218][ T44] usb 6-1: config 0 descriptor?? [ 846.414430][ T44] usb-storage 6-1:0.179: USB Mass Storage device detected [ 846.433389][ T44] usb-storage 6-1:0.179: device ignored [ 846.491922][ T5850] usb 7-1: new high-speed USB device number 37 using dummy_hcd [ 846.624919][T13735] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 846.634166][T13735] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 846.683730][ T5850] usb 7-1: device descriptor read/64, error -71 [ 846.699367][ T44] usb 6-1: USB disconnect, device number 29 [ 846.794615][ T5850] usb usb7-port1: attempt power cycle [ 846.943821][ T5848] usb 1-1: new high-speed USB device number 35 using dummy_hcd [ 847.136477][ T5848] usb 1-1: Using ep0 maxpacket: 8 [ 847.149255][ T5848] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 847.161739][ T5848] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 847.163402][ T5850] usb 7-1: new high-speed USB device number 38 using dummy_hcd [ 847.172064][ T5848] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 8 [ 847.172305][ T5848] usb 1-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00 [ 847.172467][ T5848] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 847.181689][ T5848] usb 1-1: config 0 descriptor?? [ 847.238784][ T5850] usb 7-1: device descriptor read/8, error -71 [ 847.460680][T13751] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 847.470831][T13751] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 847.518060][ T5850] usb 7-1: new high-speed USB device number 39 using dummy_hcd [ 847.539145][T13762] loop5: detected capacity change from 0 to 1024 [ 847.578378][ T5850] usb 7-1: device descriptor read/8, error -71 [ 847.698900][ T5850] usb usb7-port1: unable to enumerate USB device [ 847.747545][ T5848] sony 0003:054C:0268.0016: unknown main item tag 0x6 [ 847.755812][ T5848] sony 0003:054C:0268.0016: item fetching failed at offset 17/70 [ 847.789638][ T5848] sony 0003:054C:0268.0016: parse failed [ 847.797191][ T5848] sony 0003:054C:0268.0016: probe with driver sony failed with error -22 [ 847.950576][T13751] loop0: detected capacity change from 0 to 8 [ 848.020283][T13751] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 848.029654][T13751] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 848.081531][ T5848] usb 1-1: USB disconnect, device number 35 [ 849.073427][ T5848] usb 1-1: new high-speed USB device number 36 using dummy_hcd [ 849.083564][T12585] usb 6-1: new high-speed USB device number 30 using dummy_hcd [ 849.153476][ T3346] usb 7-1: new high-speed USB device number 40 using dummy_hcd [ 849.263338][T12585] usb 6-1: Using ep0 maxpacket: 32 [ 849.268945][ T5848] usb 1-1: Using ep0 maxpacket: 16 [ 849.280922][T12585] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 849.292669][T12585] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 849.302906][T12585] usb 6-1: New USB device found, idVendor=1e71, idProduct=200f, bcdDevice= 0.00 [ 849.312843][T12585] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 849.322649][ T5848] usb 1-1: config 0 has an invalid interface number: 180 but max is 0 [ 849.331236][ T5848] usb 1-1: config 0 has no interface number 0 [ 849.337748][ T5848] usb 1-1: config 0 interface 180 has no altsetting 0 [ 849.354399][T12585] usb 6-1: config 0 descriptor?? [ 849.379876][ T5848] usb 1-1: New USB device found, idVendor=2058, idProduct=1005, bcdDevice=e8.1f [ 849.389602][ T5848] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 849.398134][ T5848] usb 1-1: Product: syz [ 849.402646][ T5848] usb 1-1: Manufacturer: syz [ 849.408153][ T5848] usb 1-1: SerialNumber: syz [ 849.420759][ T5848] usb 1-1: config 0 descriptor?? [ 849.428030][ T3346] usb 7-1: config 0 has an invalid interface number: 179 but max is 0 [ 849.437325][ T3346] usb 7-1: config 0 has no interface number 0 [ 849.484259][ T3346] usb 7-1: New USB device found, idVendor=1de1, idProduct=c102, bcdDevice=7d.08 [ 849.494054][ T3346] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 849.502344][ T3346] usb 7-1: Product: syz [ 849.507116][ T3346] usb 7-1: Manufacturer: syz [ 849.511961][ T3346] usb 7-1: SerialNumber: syz [ 849.528597][ T3346] usb 7-1: config 0 descriptor?? [ 849.557837][ T3346] usb-storage 7-1:0.179: USB Mass Storage device detected [ 849.597775][ T3346] usb-storage 7-1:0.179: device ignored [ 849.767605][ T3346] usb 7-1: USB disconnect, device number 40 [ 849.851551][T12585] nzxt-smart2 0003:1E71:200F.0017: unknown main item tag 0x6 [ 849.860151][T12585] nzxt-smart2 0003:1E71:200F.0017: unknown main item tag 0x0 [ 849.868441][T12585] nzxt-smart2 0003:1E71:200F.0017: unknown main item tag 0x0 [ 849.910501][T12585] nzxt-smart2 0003:1E71:200F.0017: hidraw0: USB HID v0.00 Device [HID 1e71:200f] on usb-dummy_hcd.5-1/input0 [ 850.035087][ T5850] usb 6-1: USB disconnect, device number 30 [ 852.133721][ T5848] viperboard 1-1:0.180: version 0.00 found at bus 001 address 036 [ 852.208636][ T5848] viperboard-i2c viperboard-i2c.2.auto: failure setting i2c_bus_freq to 100 [ 852.217803][ T5848] viperboard-i2c viperboard-i2c.2.auto: probe with driver viperboard-i2c failed with error -5 [ 852.283683][ T5848] usb 1-1: USB disconnect, device number 36 [ 853.163681][T13813] loop0: detected capacity change from 0 to 1024 [ 853.534712][T13813] hfsplus: bad catalog entry type [ 853.903618][ T5848] usb 1-1: new high-speed USB device number 37 using dummy_hcd [ 853.986103][T12585] usb 3-1: new high-speed USB device number 36 using dummy_hcd [ 854.076059][ T5848] usb 1-1: Using ep0 maxpacket: 32 [ 854.138265][ T5848] usb 1-1: unable to get BOS descriptor or descriptor too short [ 854.157146][T12585] usb 3-1: Using ep0 maxpacket: 32 [ 854.216364][ T5848] usb 1-1: config 125 has 0 interfaces, different from the descriptor's value: 1 [ 854.233907][T12585] usb 3-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f [ 854.243495][T12585] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 854.251711][T12585] usb 3-1: Product: syz [ 854.256161][T12585] usb 3-1: Manufacturer: syz [ 854.260963][T12585] usb 3-1: SerialNumber: syz [ 854.317911][T12585] usb 3-1: config 0 descriptor?? [ 854.340943][ T5848] usb 1-1: New USB device found, idVendor=1199, idProduct=68aa, bcdDevice=a4.70 [ 854.351110][ T5848] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 854.359448][ T5848] usb 1-1: Product: syz [ 854.363946][ T5848] usb 1-1: Manufacturer: syz [ 854.368679][ T5848] usb 1-1: SerialNumber: syz [ 854.387388][T12585] gspca_main: stk1135-2.14.0 probing 174f:6a31 [ 854.584817][T12585] gspca_stk1135: reg_w 0x2 err -71 [ 854.591659][T12585] gspca_stk1135: serial bus timeout: status=0x00 [ 854.598695][T12585] gspca_stk1135: Sensor write failed [ 854.605241][T12585] gspca_stk1135: serial bus timeout: status=0x00 [ 854.611694][T12585] gspca_stk1135: Sensor write failed [ 854.617248][T12585] gspca_stk1135: serial bus timeout: status=0x00 [ 854.623850][T12585] gspca_stk1135: Sensor read failed [ 854.629268][T12585] gspca_stk1135: serial bus timeout: status=0x00 [ 854.636410][T12585] gspca_stk1135: Sensor read failed [ 854.641799][T12585] gspca_stk1135: Detected sensor type unknown (0x0) [ 854.648796][T12585] gspca_stk1135: serial bus timeout: status=0x00 [ 854.655346][T12585] gspca_stk1135: Sensor read failed [ 854.660866][T12585] gspca_stk1135: serial bus timeout: status=0x00 [ 854.667475][T12585] gspca_stk1135: Sensor read failed [ 854.672898][T12585] gspca_stk1135: serial bus timeout: status=0x00 [ 854.679662][T12585] gspca_stk1135: Sensor write failed [ 854.685323][T12585] gspca_stk1135: serial bus timeout: status=0x00 [ 854.691808][T12585] gspca_stk1135: Sensor write failed [ 854.697700][T12585] stk1135 3-1:0.0: probe with driver stk1135 failed with error -71 [ 854.934341][T12585] usb 3-1: USB disconnect, device number 36 [ 855.599116][T13828] loop5: detected capacity change from 0 to 256 [ 855.830755][T13828] FAT-fs (loop5): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1) [ 856.359150][ T3674] FAT-fs (loop5): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1) [ 858.352492][T13834] loop5: detected capacity change from 0 to 16 [ 859.207639][T13834] erofs: (device loop5): mounted with root inode @ nid 36. [ 859.640093][T13838] netlink: 16 bytes leftover after parsing attributes in process `syz.7.2707'. [ 862.169881][T13849] loop5: detected capacity change from 0 to 4096 [ 862.238662][T13849] NILFS (loop5): invalid segment: Checksum error in segment payload [ 862.247918][T13849] NILFS (loop5): trying rollback from an earlier position [ 864.628628][T13849] NILFS (loop5): recovery complete [ 864.685125][T13856] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 865.564873][ T5848] usb 3-1: new high-speed USB device number 37 using dummy_hcd [ 865.757237][ T5848] usb 3-1: Using ep0 maxpacket: 8 [ 865.792769][ T5848] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 865.803717][ T5848] usb 3-1: config 0 has no interfaces? [ 865.873348][ T5848] usb 3-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4 [ 865.883226][ T5848] usb 3-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3 [ 865.891514][ T5848] usb 3-1: Product: syz [ 865.896669][ T5848] usb 3-1: Manufacturer: syz [ 865.901603][ T5848] usb 3-1: SerialNumber: syz [ 866.045532][ T5848] usb 3-1: config 0 descriptor?? [ 867.615225][T11783] Bluetooth: hci2: unexpected event for opcode 0x080c [ 870.145386][ T5850] usb 3-1: USB disconnect, device number 37 [ 870.617168][ T5789] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 870.635480][ T5789] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 870.655751][ T5789] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 870.671762][ T5789] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 870.684149][ T5789] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 870.734637][ T5789] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 870.845051][T13879] loop5: detected capacity change from 0 to 1024 [ 870.973859][T13879] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 871.327787][ T7870] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 872.364513][T13875] chnl_net:caif_netlink_parms(): no params data found [ 873.763916][T11783] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 873.772681][T11783] Bluetooth: hci2: Injecting HCI hardware error event [ 873.781112][T11783] Bluetooth: hci5: command tx timeout [ 873.787920][T11783] Bluetooth: hci2: hardware error 0x00 [ 875.833654][ T5789] Bluetooth: hci5: command tx timeout [ 876.863316][T13875] bridge0: port 1(bridge_slave_0) entered blocking state [ 876.871044][T13875] bridge0: port 1(bridge_slave_0) entered disabled state [ 876.879310][T13875] bridge_slave_0: entered allmulticast mode [ 876.888565][T13875] bridge_slave_0: entered promiscuous mode [ 877.019953][T13875] bridge0: port 2(bridge_slave_1) entered blocking state [ 877.027744][T13875] bridge0: port 2(bridge_slave_1) entered disabled state [ 877.035618][T13875] bridge_slave_1: entered allmulticast mode [ 877.043841][T13875] bridge_slave_1: entered promiscuous mode [ 877.179114][T11783] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 878.011314][T11783] Bluetooth: hci5: command tx timeout [ 878.795580][T13875] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 878.923561][T13875] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 879.389007][T13875] team0: Port device team_slave_0 added [ 879.500179][T13875] team0: Port device team_slave_1 added [ 879.693665][T13927] ax25_connect(): syz.6.2733 uses autobind, please contact jreuter@yaina.de [ 882.014476][T11783] Bluetooth: hci5: command tx timeout [ 882.087768][T13925] loop2: detected capacity change from 0 to 2048 [ 882.095724][T13923] loop5: detected capacity change from 0 to 2048 [ 882.142410][T13928] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 882.213917][T13923] NILFS (loop5): DAT doesn't have a block to manage vblocknr = 8796093022222 [ 882.223279][T13923] NILFS error (device loop5): nilfs_bmap_truncate: broken bmap (inode number=16) [ 882.305569][T13925] EXT4-fs: error -4 creating inode table initialization thread [ 882.319050][T13875] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 882.326619][T13875] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 882.353534][T13875] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 882.391662][T13925] EXT4-fs (loop2): mount failed [ 882.420658][T13923] Remounting filesystem read-only [ 882.427163][T13923] NILFS (loop5): error -5 truncating bmap (ino=16) [ 882.588591][T13875] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 882.596188][T13875] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 882.622651][T13875] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 883.002076][ T7870] NILFS (loop5): disposed unprocessed dirty file(s) when detaching log writer [ 884.423307][T13938] loop2: detected capacity change from 0 to 32768 [ 884.452495][T13875] hsr_slave_0: entered promiscuous mode [ 884.465488][T13875] hsr_slave_1: entered promiscuous mode [ 884.480237][T13940] loop5: detected capacity change from 0 to 256 [ 884.483493][T13875] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 884.495812][T13875] Cannot create hsr debugfs directory [ 884.521761][T13940] exfat: Deprecated parameter 'namecase' [ 884.528257][T13940] exfat: Deprecated parameter 'namecase' [ 884.792312][T13938] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,no_data_io [ 884.814170][T13938] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 884.823228][T13938] bcachefs (loop2): Version upgrade required: [ 884.823228][T13938] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 884.823228][T13938] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.13: inode_has_child_snapshots [ 884.823228][T13938] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 884.919898][T13938] bcachefs (loop2): dropping and reconstructing all alloc info [ 885.000295][T13938] bcachefs (loop2): check_topology... done [ 885.006886][T13938] bcachefs (loop2): accounting_read... [ 885.037390][T13940] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d) [ 885.059791][T13938] done [ 885.062708][T13938] bcachefs (loop2): alloc_read... done [ 885.069904][T13938] bcachefs (loop2): stripes_read... done [ 885.075954][T13938] bcachefs (loop2): snapshots_read... done [ 885.082255][T13938] bcachefs (loop2): check_allocations... done [ 885.273684][T13938] bcachefs (loop2): going read-write [ 885.324757][T13875] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 885.342485][T13938] bcachefs (loop2): done starting filesystem [ 885.811235][ T4864] hfsplus: b-tree write err: -5, ino 4 [ 885.819122][T13875] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 886.141100][T13875] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 886.294425][T13875] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 886.332584][T13950] ===================================================== [ 886.340403][T13950] BUG: KMSAN: uninit-value in bch2_inode_v3_validate+0x481/0x5a0 [ 886.348654][T13950] bch2_inode_v3_validate+0x481/0x5a0 [ 886.354438][T13950] bch2_bkey_val_validate+0x2b5/0x440 [ 886.359999][T13950] validate_bset_keys+0x1531/0x2080 [ 886.365751][T13950] validate_bset_for_write+0x142/0x290 [ 886.371403][T13950] __bch2_btree_node_write+0x53df/0x6830 [ 886.377933][T13950] bch2_btree_node_write+0xa5/0x2e0 [ 886.383454][T13950] __btree_node_flush+0x606/0x680 [ 886.388685][T13950] bch2_btree_node_flush1+0x38/0x60 [ 886.394337][T13950] journal_flush_pins+0xce6/0x1780 [ 886.399659][T13950] __bch2_journal_reclaim+0xda8/0x1670 [ 886.405456][T13950] bch2_journal_reclaim_thread+0x18e/0x760 [ 886.411462][T13950] kthread+0x3e2/0x540 [ 886.415907][T13950] ret_from_fork+0x6d/0x90 [ 886.420519][T13950] ret_from_fork_asm+0x1a/0x30 [ 886.425814][T13950] [ 886.428237][T13950] Uninit was stored to memory at: [ 886.433677][T13950] bch2_sort_keys_keep_unwritten_whiteouts+0x1797/0x19d0 [ 886.440912][T13950] __bch2_btree_node_write+0x3ae8/0x6830 [ 886.446920][T13950] bch2_btree_node_write+0xa5/0x2e0 [ 886.452294][T13950] __btree_node_flush+0x606/0x680 [ 886.457727][T13950] bch2_btree_node_flush1+0x38/0x60 [ 886.463507][T13950] journal_flush_pins+0xce6/0x1780 [ 886.468822][T13950] __bch2_journal_reclaim+0xda8/0x1670 [ 886.474673][T13950] bch2_journal_reclaim_thread+0x18e/0x760 [ 886.481266][T13950] kthread+0x3e2/0x540 [ 886.485691][T13950] ret_from_fork+0x6d/0x90 [ 886.490278][T13950] ret_from_fork_asm+0x1a/0x30 [ 886.495340][T13950] [ 886.497758][T13950] Uninit was created at: [ 886.502253][T13950] ___kmalloc_large_node+0x22c/0x370 [ 886.507848][T13950] __kmalloc_large_node_noprof+0x3f/0x1e0 [ 886.513919][T13950] __kmalloc_node_noprof+0x9d6/0xf50 [ 886.519405][T13950] __kvmalloc_node_noprof+0xc0/0x2d0 [ 886.525170][T13950] btree_node_sort+0x78a/0x1d30 [ 886.530211][T13950] bch2_btree_post_write_cleanup+0x1b0/0xf20 [ 886.536538][T13950] bch2_btree_node_write+0x21c/0x2e0 [ 886.542112][T13950] __btree_node_flush+0x606/0x680 [ 886.547542][T13950] bch2_btree_node_flush0+0x35/0x60 [ 886.553118][T13950] journal_flush_pins+0xce6/0x1780 [ 886.558428][T13950] __bch2_journal_reclaim+0xda8/0x1670 [ 886.564223][T13950] bch2_journal_reclaim_thread+0x18e/0x760 [ 886.570231][T13950] kthread+0x3e2/0x540 [ 886.574667][T13950] ret_from_fork+0x6d/0x90 [ 886.579836][T13950] ret_from_fork_asm+0x1a/0x30 [ 886.584955][T13950] [ 886.587377][T13950] CPU: 0 UID: 0 PID: 13950 Comm: bch-reclaim/loo Not tainted 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0 [ 886.598915][T13950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 886.609322][T13950] ===================================================== [ 886.616561][T13950] Disabling lock debugging due to kernel taint [ 886.622847][T13950] Kernel panic - not syncing: kmsan.panic set ... [ 886.629408][T13950] CPU: 0 UID: 0 PID: 13950 Comm: bch-reclaim/loo Tainted: G B 6.12.0-rc7-syzkaller-00125-gcfaaa7d010d1 #0 [ 886.642394][T13950] Tainted: [B]=BAD_PAGE [ 886.646661][T13950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 886.656865][T13950] Call Trace: [ 886.660257][T13950] [ 886.663298][T13950] dump_stack_lvl+0x216/0x2d0 [ 886.668209][T13950] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 886.674210][T13950] dump_stack+0x1e/0x30 [ 886.678580][T13950] panic+0x4e2/0xcf0 [ 886.682696][T13950] ? kmsan_get_metadata+0xa1/0x1c0 [ 886.688004][T13950] kmsan_report+0x2c7/0x2d0 [ 886.692667][T13950] ? kmsan_get_metadata+0x13e/0x1c0 [ 886.698052][T13950] ? kmsan_get_metadata+0x13e/0x1c0 [ 886.703424][T13950] ? __msan_warning+0x95/0x120 [ 886.708394][T13950] ? bch2_inode_v3_validate+0x481/0x5a0 [ 886.714254][T13950] ? bch2_bkey_val_validate+0x2b5/0x440 [ 886.719980][T13950] ? validate_bset_keys+0x1531/0x2080 [ 886.725537][T13950] ? validate_bset_for_write+0x142/0x290 [ 886.731360][T13950] ? __bch2_btree_node_write+0x53df/0x6830 [ 886.737448][T13950] ? bch2_btree_node_write+0xa5/0x2e0 [ 886.742993][T13950] ? __btree_node_flush+0x606/0x680 [ 886.748401][T13950] ? bch2_btree_node_flush1+0x38/0x60 [ 886.753984][T13950] ? journal_flush_pins+0xce6/0x1780 [ 886.759470][T13950] ? __bch2_journal_reclaim+0xda8/0x1670 [ 886.765303][T13950] ? bch2_journal_reclaim_thread+0x18e/0x760 [ 886.771494][T13950] ? kthread+0x3e2/0x540 [ 886.775947][T13950] ? ret_from_fork+0x6d/0x90 [ 886.780714][T13950] ? ret_from_fork_asm+0x1a/0x30 [ 886.785871][T13950] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 886.791849][T13950] ? kmsan_get_metadata+0x13e/0x1c0 [ 886.797146][T13950] ? kmsan_get_metadata+0x13e/0x1c0 [ 886.802463][T13950] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 886.808364][T13950] ? kmsan_get_metadata+0x13e/0x1c0 [ 886.813653][T13950] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 886.819560][T13950] ? kmsan_get_metadata+0x13e/0x1c0 [ 886.824851][T13950] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 886.830755][T13950] ? kmsan_get_metadata+0x13e/0x1c0 [ 886.836041][T13950] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 886.841942][T13950] __msan_warning+0x95/0x120 [ 886.847078][T13950] bch2_inode_v3_validate+0x481/0x5a0 [ 886.852589][T13950] ? __pfx_bch2_inode_v3_validate+0x10/0x10 [ 886.858609][T13950] bch2_bkey_val_validate+0x2b5/0x440 [ 886.864089][T13950] validate_bset_keys+0x1531/0x2080 [ 886.869417][T13950] validate_bset_for_write+0x142/0x290 [ 886.874991][T13950] __bch2_btree_node_write+0x53df/0x6830 [ 886.880734][T13950] ? kmsan_get_metadata+0x13e/0x1c0 [ 886.886062][T13950] ? __update_load_avg_cfs_rq+0x121/0x10e0 [ 886.892088][T13950] bch2_btree_node_write+0xa5/0x2e0 [ 886.897389][T13950] __btree_node_flush+0x606/0x680 [ 886.902536][T13950] ? __btree_node_flush+0xd3/0x680 [ 886.908289][T13950] ? __pfx_bch2_btree_node_flush1+0x10/0x10 [ 886.914303][T13950] bch2_btree_node_flush1+0x38/0x60 [ 886.919618][T13950] journal_flush_pins+0xce6/0x1780 [ 886.924870][T13950] __bch2_journal_reclaim+0xda8/0x1670 [ 886.930448][T13950] ? _raw_spin_unlock_irqrestore+0x3f/0x60 [ 886.936395][T13950] bch2_journal_reclaim_thread+0x18e/0x760 [ 886.942337][T13950] kthread+0x3e2/0x540 [ 886.946526][T13950] ? __pfx_bch2_journal_reclaim_thread+0x10/0x10 [ 886.952995][T13950] ? __pfx_kthread+0x10/0x10 [ 886.957729][T13950] ret_from_fork+0x6d/0x90 [ 886.962238][T13950] ? __pfx_kthread+0x10/0x10 [ 886.966950][T13950] ret_from_fork_asm+0x1a/0x30 [ 886.971833][T13950] [ 886.975257][T13950] Kernel Offset: disabled [ 886.979844][T13950] Rebooting in 86400 seconds..